manualshive.com logo in svg

Modbus IOG700AM-0xCR1, Руководство пользователя

Пользовательский мануал для продукта Modbus IOG700AM-0xCR1 доступен для бесплатной загрузки на нашем сайте. Этот мануал содержит все необходимые инструкции по установке и использованию данного устройства. Пожалуйста, загрузите его с manualshive.com.

Поделиться
Скачать
background image

Modbus

 

Cellular

 

Gateway

 

 

Index

 

skipping

 

is

 

used

 

to

 

reserve

 

slots

 

for

 

new

 

function

 

insertion,

 

when

 

required.

 

215

 

 

"Full

 

Tunnel"

enabled

 

Site

 

to

 

Site

 

Tunnel

 

Scenario

 

In

 

"Site

 

to

 

Site"

 

tunnel

 

scenario,

 

the

 

client

 

hosts

 

of

 

remote

 

site

 

can

 

securely

 

access

 

the

 

enterprise

 

resources

 

in

 

the

 

Intranet

 

of

 

headquarters

 

gateway

 

via

 

an

 

established

 

VPN

 

tunnel,

 

as

 

described

 

above.

 

But

 

the

 

regular

 

Internet

 

accessing

 

at

 

remote

 

site

 

still

 

go

 

through

 

the

 

WAN

 

interface

 

of

 

remote

 

gateway,

 

not

 

the

 

VPN

 

tunnel.

 

If

 

you

 

want

 

all

 

packets

 

to

 

be

 

transferred

 

from

 

the

 

Network

B

 

at

 

branch

 

office

 

via

 

this

 

VPN

 

tunnel,

 

including

 

the

 

enterprise

 

resource

 

accessing

 

and

 

the

 

Internet

 

accessing,

 

you

 

can

 

refer

 

to

 

following

 

scenario

 

example.

 

When

 

Full

 

Tunnel

 

function

 

of

 

remote

 

Business

 

Security

 

Gateway

 

is

 

enabled,

 

all

 

data

 

traffic

 

from

 

remote

 

clients

 

behind

 

remote

 

Business

 

Security

 

Gateway

 

will

 

go

 

over

 

the

 

VPN

 

tunnel.

 

That

 

is,

 

if

 

a

 

user

 

is

 

operating

 

at

 

a

 

PC

 

that

 

is

 

in

 

the

 

Intranet

 

of

 

remote

 

Business

 

Security

 

Gateway,

 

all

 

application

 

packets

 

and

 

private

 

data

 

packets

 

from

 

the

 

PC

 

will

 

be

 

transmitted

 

securely

 

in

 

the

 

VPN

 

tunnel

 

to

 

access

 

the

 

resources

 

behind

 

HQ

 

Business

 

Security

 

Gateway,

 

including

 

surfing

 

the

 

Internet.

 

As

 

a

 

result,

 

every

 

time

 

the

 

user

 

surfs

 

the

 

web

 

for

 

shopping

 

or

 

searching

 

data

 

on

 

Internet,

 

checking

 

personal

 

emails,

 

or

 

accessing

 

HQ

 

servers,

 

all

 

are

 

done

 

on

 

a

 

secured

 

connection

 

through

 

HQ

 

Business

 

Security

 

Gateway.

 

Following

 

diagram

 

illustrates

 

this

 

application

 

scenario.

 

It

 

is

 

the

 

same

 

as

 

the

 

one

 

for

 

the

 

"Site

 

to

 

Site"

 

scenario

 

with

 

"Full

 

Tunnel"

 

disabled.

 

But

 

the

 

"Full

 

Tunnel"

 

parameter

 

in

 

this

 

scenario

 

is

 

enabled

 

now.

 

When

 

the

 

"Site

 

to

 

Site"

 

IPSec

 

VPN

 

tunnel

 

has

 

been

 

established

 

by

 

either

 

peer,

 

all

 

client

 

hosts

 

in

 

Network

B

 

at

 

branch

 

office

 

can

 

access

 

the

 

resources

 

in

 

HQ

 

and

 

the

 

Internet

 

by

 

using

 

the

 

tunnel

 

in

 

a

 

secure

 

link

 

since

 

the

 

"Full

 

Tunnel"

 

function

 

is

 

activated

 

in

 

Network

B

 

site.

 

 

 

 

Содержание IOG700AM-0xCR1

Страница 1: ...Modbus Cellular Gateway IOG700AM 0xCR1 User Manual...

Страница 2: ...Hardware Installation 13 1 6 1 Mount the Unit 13 1 6 2 Insert the SIM Card 13 1 6 3 Connecting Power 14 1 6 4 Connecting DI DO Devices 15 1 6 5 Connecting Serial Devices 16 1 6 6 Connecting to the Ne...

Страница 3: ...LG 112 3 9 7 DMZ Pass Through 119 3 b Routing 122 3 b 1 Static Routing 122 3 b 3 Dynamic Routing 127 3 b 5 Routing Information 139 3 d Client Server Proxy 140 3 d 1 DNS DDNS 140 3 d 3 DHCP Server 145...

Страница 4: ...Management 280 5 9 1 TR 069 280 5 9 3 SNMP 284 5 9 5 Telnet with CLI 295 5 9 7 UPnP 298 5 b Certificate 301 5 b 1 Configuration 301 5 b 3 My Certificates 303 5 b 5 Trusted Certificates 310 5 b 7 Issue...

Страница 5: ...ts for new function insertion when required 5 7 5 Captive Portal 370 7 5 1 Configuration 370 Chapter 9 System 376 9 1 System Related 376 9 1 1 System Related 376 9 1 3 Packet Analyzer 384 9 3 Scheduli...

Страница 6: ...t one to support new application in short time such as for NFC or GPS applications This IOG700AM series product is loaded with luxuriant security features including VPN firewall NAT port forwarding DH...

Страница 7: ...Package Contents Standard Package Items Description Contents Quantity 1 IOG700AM 0TCR1 Modbus Cellular Gateway 1pcs 2 Cellular Antenna 2pcs 3 Power Adapter DC 12V 1A 1 1pcs 4 RJ45 Cable 1pcs 5 Console...

Страница 8: ...ront View Reset Button The RESET button provides user with a quick and easy way to resort the default setting Press the RESET button continuously for 6 seconds and then release it The device will rest...

Страница 9: ...s Cellular Gateway Index skipping is used to reserve slots for new function insertion when required 9 Bottom View Left View SIM A Slot SIM B Slot 3G LTE Aux Antenna 3G LTE Main Antenna Power Terminal...

Страница 10: ...Modbus Cellular Gateway Index skipping is used to reserve slots for new function insertion when required 10 Right View Serial Port SD Card DI DO Terminal Block...

Страница 11: ...connection High Cellular Signal Green Steady ON The signal strength of Cellular is strong Low Cellular Signal Green Steady ON The signal strength of Cellular is weak LAN Green Steady ON Ethernet conn...

Страница 12: ...ing Windows Macintosh or Linux based operating system An installed Ethernet adapter Browser Requirements Internet Explorer 6 0 or higher Chrome 2 0 or higher Firefox 3 0 or higher Safari 3 0 or higher...

Страница 13: ...rst if necessary 1 6 2 Insert the SIM Card WARNNING BEFORE INSERTING OR CHANGING THE SIM CARD PLEASE MAKE SURE THAT POWER OF THE DEVICE IS SWITCHED OFF The SIM card slots are located at the bottom sid...

Страница 14: ...verter and a DC12V 1A power adapter5 in the package for you to easily connect DC power adapter to this terminal block WARNNING This commercial grade power adapter is mainly for ease of powering up the...

Страница 15: ...O ports together with power terminal block Please refer to following specification to connect DI and DO devices Mode Specification Digital Input Trigger Voltage high Logic level 1 5V 30V Normal Voltag...

Страница 16: ...Pin8 Pin9 RS 232 DCD RXD TXD DTR GND DSR RTS CTS RI RS 485 DATA DATA GND 1 6 6 Connecting to the Network or a Host The IOG700AM series provides one RJ45 port to connect 10 100Mbps Ethernet It can aut...

Страница 17: ...ord Go to Wizard Network Setup Wizard Step 2 Item Value setting Description Old Password 1 String format any text If you want to change password Enter the current password in this item New Password 1...

Страница 18: ...g Select the time zone for the system clock Detect Again NA Click the Detect Again button to detect the time zone from network Exit NA Click the Exit button to cancel Setup Wizard Back NA Click the Ba...

Страница 19: ...settings Go to Wizard Network Setup Wizard Step 4 WAN interface Step 4 WAN interface Setting Item Value setting Description Physical Interface A Must filled setting Here you specify the Physical Inte...

Страница 20: ...tional setting Enter the host name provided by your Service Provider ISP Registered MAC Address An Optional setting Enter the MAC address that you have registered with your service provider Or Click t...

Страница 21: ...ovider WAN Subnet Mask A Must filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider...

Страница 22: ...E Password A Must filled setting Enter the PPPoE password provided by your Service Provider Primary DNS A Must filled setting Enter the IP address of Primary DNS server Secondary DNS Optional setting...

Страница 23: ...given by your Service Provider WAN Subnet Mask A Must filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given b...

Страница 24: ...given by your Service Provider WAN Subnet Mask A Must filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given b...

Страница 25: ...et LAN Interface Item Value setting Description LAN IP Address A Must filled setting Assign an IP Address for LAN this IP address is a gateway IP Subnet Mask By default 255 255 255 0 24 is selected Se...

Страница 26: ...will step by step guide you through to complete VPN tunnel setup Step 1 Setup Steps In Step 1 the VPN Setup Step is a screen that displays the summary of steps for VPN setup Click Next button to begin...

Страница 27: ...to Step 3 PPTP in the following page When L2TP is selected go to Step 3 L2TP in the following page When GRE is selected go to Step 3 GRE in the following page Step 3 IPSec When IPSec is selected in St...

Страница 28: ...and either PPTP client or server is selected the client or server configuration window will appear PPTP Client When PPTP Client is selected in Step 2 for VPN Type PPTP configuration window will appea...

Страница 29: ...complete the PPTP Server configuration click Next button a setup summary will display Confirm the setting then click the Apply button to complete the setting Step 3 L2TP When L2TP is selected in Step...

Страница 30: ...n a setup summary will display Confirm the setting then click the Apply button to complete the setting L2TP Server When L2TP Server is selected in Step 2 for VPN Type L2TP configuration window will ap...

Страница 31: ...ion insertion when required 31 Step 3 GRE When GRE is selected in Step 2 for VPN Type GRE configuration window will appear When complete the GRE configuration click Next button a setup summary will di...

Страница 32: ...on the model purchased it can be Static IP Dynamic IP PPPoE PPTP L2TP 3G 4G IP Addr N A It displays the public IP address obtained from your ISP for Internet connection Default value is 0 0 0 0 if lef...

Страница 33: ...y Refer to Edit button in Basic Network WAN Internet Setup and WAN connection status is connected WAN interface IPv6 Network Status WAN interface IPv6 Network Status screen shows status information fo...

Страница 34: ...ss assigned by your ISP for your Internet connection Action N A This area provides functional buttons Edit IPv4 Button when press web based utility will take you to the Ethernet LAN configuration page...

Страница 35: ...k N A It displays the current mask of the subnet IPv6 Link local Address N A It displays the current LAN IPv6 Link Local address This is also the IPv6 IP Address user use to access Router s Web based...

Страница 36: ...ce name will be 3G 4G 1 and 3G 4G 2 Card Information N A It displays the vendor s 3G 4G modem model name Link Status N A It displays the 3G 4G connection status The status can be Connecting Connected...

Страница 37: ...ription Interface N A It displays the type of WAN physical interface It can be 3G1 or 3G2 Note 3G2 is only for devices that support dual modules Module Name N A It displays the vendor s 3G 4G modem mo...

Страница 38: ...code to unlock It is probably due to the device had exceeded the allowed number of times to unlock Refer to PIN Code Remaining Times PIN Code Remaining Times N A This displays the remaining time of t...

Страница 39: ...an be GSM WCDMA or LTE Band N A It displays the band currently used RSSI N A It displays the RSSI Received Signal Strength Indicator in unit dBm of the signal CS Register Status N A It displays the Ci...

Страница 40: ...is router Go to Status LAN Client List LAN Client List Item Value setting Description LAN Interface N A Client record of LAN Interface String Format IP Address N A Client record of IP Address Type and...

Страница 41: ...ed to display log history Clicking the Edit button the screen will be switched to the configuration page From the menu on the left select Status Firewall Status Firewall Status Tab Packet Filter Statu...

Страница 42: ...s Note Ensure URL Blocking Log Alert is enabled Refer to Advanced Network Firewall URL Blocking tab Check Log Alert and save the setting Web Content Filter Status Web Content Filter Status Item Value...

Страница 43: ...Ensure MAC Control Log Alert is enabled Refer to Advanced Network Firewall MAC Control tab Check Log Alert and save the setting Plication Filters Status Application Filters Status Item Value setting D...

Страница 44: ...le or Disable setting status of Stealth Mode on Firewall Options String Format Disable or Enable SPI N A Enable or Disable setting status of SPI on Firewall Options String Format Disable or Enable Dis...

Страница 45: ...e setting Description Tunnel Name N A It displays the tunnel name you have entered to identify Tunnel Scenario N A It displays the Tunnel Scenario specified Local Subnets N A It displays the Local Sub...

Страница 46: ...server configuration page Advanced Network VPN PPTP tab PPTP Client Status Item Value setting Description Client Name N A It displays Name for the PPTP Client specified Interface N A It displays the...

Страница 47: ...configuration page Advanced Network VPN L2TP tab L2TP Client Status Item Value setting Description Client Name N A It displays Name for the L2TP Client specified Interface N A It displays the WAN inte...

Страница 48: ...SNMP Link Status screen shows the status of current active SNMP connections SNMP Link Status Item Value setting Description User Name N A It displays the user name for authentication This is only avai...

Страница 49: ...level Time N A It displays the timestamp of trap event Trap Event N A It displays the IP address of the trap sender and event type TR 069 Status The TR 069 Status window shows the current connection s...

Страница 50: ...AN Physical Interface WAN Internet Setup and WAN Load Balance for Intranet to access Internet For each WAN interface you must specify its physical interface first and then its Internet setup to connec...

Страница 51: ...ow shows all the available physical interfaces After clicking on the Edit button for the interface in Physical Interface List window the Interface Configuration window will appear to let you configure...

Страница 52: ...windows are just some examples They vary from model to model It depends on the model purchased Interface Name The logic name of WAN interfaces is identified by WAN 1 WAN 2 and so on Physical Interfac...

Страница 53: ...services You must specify it in the WAN physical interface Please note that only Ethernet and ADSL physical interfaces support the feature Interface Configuration The configuration of a WAN interface...

Страница 54: ...ay Cellular Network xDSL Modem Gateway ISP DSLAM ISP DSLAM Gateway Firewall or Ethernet WAN 3G 4G WAN USB 3G 4G WAN ADSL WAN Ethernet WAN The gateway has one or more RJ45 WAN ports that can be configu...

Страница 55: ...backup connection will be started up to substitute the primary connection In addition there is a Seamless option for Failover operation mode When seamless option is activated by checking on the Seaml...

Страница 56: ...ect Always on Data Encryption LLC VPI Number 0 VCI Number 33 Schedule Type UBR Configuration Path Internet Setup 3G 4G WAN Type Configuration Interface Name WAN 2 Dial up Profile Auto detection Connec...

Страница 57: ...ailover Failback Seamless Failover Scenario As another example all parameter configuration for WAN 1 and WAN 2 is same as above example except the Seamless box is checked as bellow in red color Config...

Страница 58: ...ut just Keep Alive Next Failover and Failback processes are shown in following diagram Their steps are S 1 When system discovers the primary WAN connection is failed S 2 System starts the failover pro...

Страница 59: ...here It is called as Dual SIM Failover In this Dual SIM Failover there are four kinds of SIM card usage scenarios including SIM A First SIM B First and SIM A Only and SIM B Only By default SIM A First...

Страница 60: ...with SIM A First scenario is shown in the following diagram The steps are Pre state System tries to connect to mobile system for an Internet connection by using connection profile in SIM A for SIM A F...

Страница 61: ...ance functions normally If you don t know accurate line speed of your subscribed Internet service following are some suggestions High Speed Ethernet WAN Upload 100Mbps Download 100Mbps Gigabit Etherne...

Страница 62: ...or these two WAN interfaces and their scenarios are shown in the following diagram Configuration Path Physical Interface Interface Configuration WAN n n 1 2 Interface Name WAN 1 WAN 2 Physical Interfa...

Страница 63: ...Configuration and related configuration windows for each WAN type For the Internet setup of each WAN interface you must specify its WAN type of physical interface first and then its related parameter...

Страница 64: ...nterface name the kinds of physical interface their operation mode and WAN connection type There is one Edit button for each WAN interface to let you configure its Internet connection Please see Inter...

Страница 65: ...u You will need to enter in the IP address subnet mask and gateway address provided to you by your ISP Dynamic IP Address WAN type You may choose this WAN type if you connects a cable modem or a fiber...

Страница 66: ...address and DNS to you to setup an ADSL Internet connection PPPoE ADSL WAN type Select this option if your ISP requires you to use a PPPoE connection for accessing Internet This option is typically u...

Страница 67: ...Time Service Name Assigned IP Address MTU MPPE NAT Network Monitoring IGMP and WAN IP Alias L2TP WAN Type Settings include IP Mode Server IP Name L2TP Account Password Connection Control Maximum Idle...

Страница 68: ...void keep alive feature work abnormally enable this option will stop sending keep alive packets when there are continuous incoming and outgoing data packets passing through WAN connection Check Interv...

Страница 69: ...t of fails Connection Control There are three ways for connection control Auto reconnect Always on Dial on demand and Manually Auto reconnect Always on This gateway will establish Internet connection...

Страница 70: ...ally Following 3 tables list the parameter configuration for these three WAN interfaces Configuration Path Physical Interface Interface Configuration WAN n n 1 2 3 Interface Name WAN 1 WAN 2 WAN 3 Phy...

Страница 71: ...S Secondary DNS DHCP Servers 10110110001100 01 Request Coming Start Connecting Disconnect when idle timeout Dial on demand Its steps are Pre state After system booting up the WAN connection is disconn...

Страница 72: ...eout Manually Its steps are Pre state After system booting up the WAN connection is disconnected S 1 When administrator click on the Connect button on the Network Status configuration window S 2 Syste...

Страница 73: ...ed with same VLAN ID in the device The ports of a VLAN form an independent traffic domain in which the traffic generated by the nodes remains within the VLAN However in Tag based VLAN all packets with...

Страница 74: ...NAT mechanism of business access gateway In bridge mode Intranet packet flow is delivered out WAN trunk port with VLAN tag to upper link for different services A port based VLAN is a group of ports o...

Страница 75: ...AN configuration Tag based VLAN Tagging for Location free Departments Tag based VLAN function can group Ethernet ports Port 1 Port 4 and WiFi Virtual Access Points VAP 1 VAP 8 together with different...

Страница 76: ...to different groups based on VLAN ID Following is an example In a SMB company administrator schemes out 3 segments Lab Meeting Rooms and Office In a Security VPN Gateway administrator can configure Of...

Страница 77: ...ther VLAN Group Internet Access Administrator can specify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 2 and 3 can access Internet...

Страница 78: ...nes of another VLAN group or not This is a communication pair and one VLAN group can join many communication pairs But communication pair doesn t have the transitive property That is A can communicate...

Страница 79: ...lots for new function insertion when required 79 LAN VLAN Setting The Ethernet LAN allows user to setup the LAN IP address for device Setting LAN IP address and subnet mask will affect the IP that LAN...

Страница 80: ...ory The VLAN function allows you to divide local network into different virtual LAN There are Port based and Tag based VLAN types Select one that applies For Port based VLAN Type Go to Basic Network L...

Страница 81: ...tion insertion when required 81 When Add button is applied Port based VLAN Configuration screen will appear which is including 3 sections Port based VLAN Configuration DHCP Server Configuration and IP...

Страница 82: ...rt Members configuration when Disable is selected NAT Bridge By default NAT is selected Select NAT mode or Bridge mode for the rule Port Members These box is unchecked by default Select which LAN port...

Страница 83: ...me for an IP Address that the DHCP Server leases to a new device By default the lease time is 86400 seconds When your lease expires you must stop using the IP address Domain Name NA It s optional fiel...

Страница 84: ...nfiguration Item Value setting Description MAC Address A Must filled setting Define the MAC Address target that the DHCP Server wants to filter IP Address A Must filled setting Define the IP Address t...

Страница 85: ...red 85 Inter VLAN Group Routing Click on VLAN Group Routing button the VLAN Group Internet Access Definition and Inter VLAN Group Routing screen will appear The screen in the figure shows the default...

Страница 86: ...N ID of LAN rule VLAN ID 2 is available only when VLAN ID 2 is enabled The same applies to other VLAN IDs i e VLAN ID 3 Inter VLAN Group Routing The box is unchecked by default By default members in d...

Страница 87: ...VLAN allows you to custom each LAN port according to VLAN ID There is a default rule shows the configuration of all LAN ports and All VAPs Also If your device has a DMZ port you will see DMZ configur...

Страница 88: ...nchecked by default Define which LAN port is part of the VLAN ID VAP The box is unchecked by default Define which VAP is part of the VLAN ID Notice that a VAP is only belong to a VLAN ID Disappear VAP...

Страница 89: ...This gateway supports various types of IPv6 connection Static IPv6 DHCPv6 PPPoEv6 6to4 6in4 Please contact your ISP the type of IPv6 is supported before you proceed with IPv6 setup Static IPv6 Static...

Страница 90: ...IPv6 default gateway address and IPv6 DNS to client host s automatically PPPoEv6 PPPoEv6 in IPv6 does the same function as PPPoE in IPv4 The PPPoEv6 server provides configuration parameters based on P...

Страница 91: ...by a host it must have a global IPv4 address connected and the host is responsible for encapsulation of outgoing IPv6 packets and decapsulation of incoming 6to4 packets If the host is configured to fo...

Страница 92: ...rve slots for new function insertion when required 92 In above diagram the 6in4 usually needs to register to a 6in4 tunnel service known as Tunnel Broker in order to use It also need end point global...

Страница 93: ...em Value setting Description WAN Connection Type 1 Only can be selected when IPv6 Enable 2 A Must filled setting Define the selected IPv6 WAN Connection Type to establish the IPv6 connectivity Select...

Страница 94: ...ress Primary DNS An optional setting Enter the WAN primary DNS Server Secondary DNS An optional setting Enter the WAN secondary DNS Server MLD Snooping The box is unchecked by default Enable Disable t...

Страница 95: ...N primary DNS Server Secondary DNS Can not modified by default Enter the WAN secondary DNS Server MLD The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Con...

Страница 96: ...nection If you want more information please contact your ISP Connection Control Fixed value The value is Auto reconnect Always on MTU A Must filled setting Enter the MTU for setting up PPPoEv6 connect...

Страница 97: ...onal setting Enter the WAN secondary DNS Server MLD The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global A...

Страница 98: ...Pv4 address of this router Local IPv6 Address A Must filled setting Filled Client IPv6 Address gotten from tunnelbroker in this field Primary DNS An optional setting Enter the WAN primary DNS Server S...

Страница 99: ...ivity Select Stateless to manage the Local Area Network to be SLAAC RDNSS Router Advertisement Lifetime A Must filled setting Enter the Router Advertisement Lifetime in seconds 200 is setted by defaul...

Страница 100: ...nfiguration page Normally with global IP address or FQDN of WAN interface in the gateway employees who travel outside the office can access various servers behind the office gateway You can set up tho...

Страница 101: ...ork It is useful when you run a server inside your network For example if you set a mail server at LAN side your local devices can access this mail server through gateway s global IP address when enab...

Страница 102: ...Path Configuration NAT Loopback NAT Loopback Enable Configuration Path Virtual Server Virtual Computer Virtual Server List ID 1 2 Public Port 25 SMTP 110 POP3 Server IP 10 0 75 101 10 0 75 101 Private...

Страница 103: ...WAN IP address from inside your local network Enable NAT Loopback Go to Basic Network NAT Bridging Configuration tab Configuration Item Value setting Description NAT Loopback The box is checked by de...

Страница 104: ...ur gateway This device s NAT firewall filters out unrecognized packets to protect your Intranet so all hosts behind this device gateway are invisible to the outside world If you wish you can make some...

Страница 105: ...the LAN side with IP address 10 0 75 101 a remote user can access the gateway for E mail service if you defined a virtual E mail server for the gateway by using the real E mail server on the LAN side...

Страница 106: ...IP address 10 0 75 101 in the Intranet of Network A including SMTP service port 25 and POP3 service port 110 So the remote user can access the E mail server in the gateway that has the global IP 118 1...

Страница 107: ...he gateway to implement the application scenario Scenario Description A LAN host is assigned with a global IP address to be visible to outside world The host has an embedded FTP file server and is pro...

Страница 108: ...ng to the FTP file server by server s global IP address and it acts as a media between the LAN host and the outside world by using its Virtual Computer feature So remote users can request for file ser...

Страница 109: ...box when WAN x enabled Server IP A Must filled setting This field is to specify the IP address of the interface selected in the WAN Interface setting above Protocol A Must filled setting When ICMPv4 i...

Страница 110: ...Single Port number Public Port is selected Port Range and specify a port range and Private Port can be selected Single Port or Port Range Apply Time Schedule to this rule otherwise leave it as Always...

Страница 111: ...Computer The router allows you to custom your Virtual Computer rules The router supports up to a maximum of 20 rule based Virtual Computer sets When Add button is applied Virtual Computer Rule Config...

Страница 112: ...vel gateway ALG allows customized NAT traversal filters to be plugged into the gateway to support address and port translation for certain application layer control data protocols such as FTP BitTorre...

Страница 113: ...e activated ports are pb and pc once the pa port is toggled at LAN interface of gateway Scenario Application Timing When local user wants to run an application to access the server in the Internet and...

Страница 114: ...0 6999 and activate the rule So the local user at host with IP address 10 0 75 100 can enjoy the music by using Quick Time 4 application The media server is in the Internet ALG Configuration This gate...

Страница 115: ...lists the parameter configuration for the NAT gateway in above diagram Configuration Path Special AP ALG Configuration ALG SIP ALG Enable Scenario Operation Procedure In above diagram the NAT Gateway...

Страница 116: ...P ALG Setting The Special AP setting allows some applications require multiple connections The ALG setting allows user to Support some SIP ALG like STUN Enable Special AP and Virtual Computer Go to Ba...

Страница 117: ...faces It can be selected WAN x box when WAN x enabled Trigger Port A Must filled setting When Popular Applications is selected User defined Port is set a port number and Incoming Ports can be set a po...

Страница 118: ...Schedule to this rule otherwise leave it as Always refer to Scheduling setting under System Then check Rule box to enable this rule When Popular Applications is selected PC to Phone Port is the same...

Страница 119: ...cify the IP address in the Intranet to be DMZ host so that the host under DMZ function can run applications freely that would otherwise blocked by NAT mechanism of the gateway with DMZ feature disable...

Страница 120: ...way and receives all normal and active packets from the Internet Remote user can access the DMZ host by using the IP address of the gateway and the gateway will skip the NAT checking on the DMZ host D...

Страница 121: ...work NAT Bridging DMZ tab Configuration Item Value setting Description DMZ 1 A Must filled setting 2 Default is ALL Check the Enable box to activate this NAT function Define the selected interface to...

Страница 122: ...g tables record the obtained routing paths from neighbor routers by using some protocols such as RIP OSPF and BGP It is dynamic routing These both routing approaches will be illustrated one after one...

Страница 123: ...g feature Static Routing Rule List The Static Routing Rule List shows the setup parameters of all static routing rule enteries There also be one Add button at the Static Routing Rule List caption that...

Страница 124: ...tatic Routing Configuration Static Routing Enable Configuration Path Static Routing Static Routing Rule List ID 1 2 Destination IP 173 194 72 94 188 125 73 108 Subnet Mask 255 255 255 255 255 255 255...

Страница 125: ...their office setting Go to Basic Network Routing Static Routing Tab Static Routing Tab Item Value setting Description Enable Static Routing function The box is unchecked by default Check the Enable b...

Страница 126: ...le Interface Auto is set by default The Interface of this static routing rule Metric 1 Numberic String Format 2 A Must filled setting The Metric of this static routing rule Enabling the rule The box i...

Страница 127: ...ure In the Dynamic Routing page there are seven configuration windows for dynamic routing feature They are the RIP Configuration window OSPF Configuration window OSPF Area List OSPF Area Configuration...

Страница 128: ...outing protocols are described as follows RIP Scenario The Routing Information Protocol RIP is one of the oldest distance vector routing protocols which employs the hop count as a routing metric RIP p...

Страница 129: ...g Internet Protocol IP packets solely within a single routing domain such as an autonomous system It gathers link state information from available routers and constructs a topology map of the network...

Страница 130: ...rs including the area subnet the area ID and area activation by an Enable box Following diagram is an example for the scenario Scenario Application Timing When the administrator of the gateway wants t...

Страница 131: ...and area 2 with area code is 10 0 76 254 and area subnet is 10 0 76 0 24 By operating with OSPF protocol the OSPF gateway can gather the routing information from other OSPF gateways in the enterprise...

Страница 132: ...re also be one Add button at the BGP Neighbor List caption that can let you add and create one new BGP neighbor The Edit button at the end of each BGP neighbor definition can let you modify it BGP Nei...

Страница 133: ...lowing tables list the parameter configuration as an example for the BGP gateway in above diagram Use default value for those parameters that are not mentioned in the tables Configuration Path Dynamic...

Страница 134: ...k Routing Dynamic Routing Tab Item Value setting Description Enable Dynamic Routing function The box is unchecked by default Check the Enable box to activate this function The RIP configuration settin...

Страница 135: ...lled setting The Router ID of this router on OSPF protocol Authentication None is set by default The Authentication method of this router on OSPF protocol Select None will disable Authentication on OS...

Страница 136: ...F Area Rule Configuration screen will appear Item Value setting Description Area Subnet 1 Classless Inter Domain Routing CIDR Subnet Mask Notation Ex 192 168 1 0 24 2 A Must filled setting The Area Su...

Страница 137: ...outer ID 1 IPv4 Format 2 A Must filled setting The Router ID of this router on BGP protocol Create Edit BGP Network Rules The router allows you to custom your BGP Network rules It supports up to a max...

Страница 138: ...on is applied BGP Neighbor Rule Configuration screen will appear Item Value setting Description Neighbor IP 1 IPv4 Format 2 A Must filled setting The Neighbor IP of this router on BGP Neighbor List Re...

Страница 139: ...cription Destination IP N A Routing record of Destination IP IPv4 Format Subnet Mask N A Routing record of Subnet Mask IPv4 Format Gateway IP N A Routing record of Gateway IP IPv4 Format Metric N A Ro...

Страница 140: ...ou can refer to Wikipedia website10 11 To host your server on a changing IP address you have to use dynamic domain name service DDNS Therefore anyone wishing to reach your host only needs to know the...

Страница 141: ...n the gateway has changed the dynamic DNS agent in the gateway will inform the DDNS server with the new IP address The server automatically re maps your domain name with the changed IP address So othe...

Страница 142: ...required parameters for DDNS function by referring to above setup example When the gateway has booted up and has gotten a dynamic IP address for the WAN interface the DDNS agent in the gateway tries t...

Страница 143: ...hen Add button is applied Pre defined Domain Name Configuration screen will appear Pre defined Domain Name Configuration Item Value setting Description Domain Name 1 String format can be any text 2 A...

Страница 144: ...is set by default Selected the WAN Interface IP Address of the router Provider DynDNS org Dynamic is set by default Your DDNS provider of Dynamic DNS Host Name 1 String format can be any text 2 A Must...

Страница 145: ...for whose LAN IP Address is the same one of gateway LAN interface with its default Subnet Mask setting as 255 255 255 0 and its default IP Pool ranges is from 100 to 200 as shown at the DHCP Server Li...

Страница 146: ...formation like the LAN Interface IP Address Host Name MAC Address and the Remaining Lease Time Fixed Mapping User can assign fixed IP address to map the specific client MAC address by select them then...

Страница 147: ...reate and customize DHCP Server policies to assign IP Addresses to the devices on the local area network LAN Go to Basic Network Client Server Proxy DHCP Server Tab Create Edit DHCP Server Policy The...

Страница 148: ...filled setting The Lease Time of this DHCP Server Domain Name String format can be any text The Domain Name of this DHCP Server Primary DNS IPv4 format The Primary DNS of this DHCP Server Secondary DN...

Страница 149: ...filled setting The IP Address of this mapping rule Enabling the Rule The box is unchecked by default Click Enable box to activate this rule Save N A Click the Save button to save the configuration Und...

Страница 150: ...le Firewall check box will activate all firewall functions The firewall configuration allows user to enable or disable all functions including Packet Filters URL Blocking Web Content Filters MAC Contr...

Страница 151: ...ntry In addition log alerting can be enabled through an Enable checkbox to log events Second the Packet Filter Rule List window lists all your defined packet filtering rule entry At last the Packet Fi...

Страница 152: ...lowing sub sections for more reference Packet Filter Rule Configuration When you want to add a new packet filtering rule or edit one already existed the Packet Filter Rule Configuration window shows u...

Страница 153: ...mentioned in the tables Configuration Path Packet Filters Configuration Packet Filters Enable Black List White List Deny all to pass except those match the following rules Configuration Path Packet Fi...

Страница 154: ...ault Check the Enable box to activate Packet Filter function Black List White List Filter Method Selection Deny those match the following rules is set by default When Deny those match the following ru...

Страница 155: ...nterface to be the packet entering interface of the router If the packets to be filtered are coming from LAN to WAN then select LAN for this field Or VLAN 1 to WAN then select VLAN 1 for this field Ot...

Страница 156: ...in the Host grouping setting screen Source MAC A Must filled setting This field is to specify the Source MAC address Select Any to filter packets coming from any MAC addresses Select Specific MAC Addr...

Страница 157: ...ith specified port number Then enter a pot number in Protocol Number box Time Schedule A Must filled setting Apply Time Schedule to this rule otherwise leave it as Always If the dropdown list is empty...

Страница 158: ...or in the exclusion of the white list In URL Blocking page there are three configuration windows They are the Configuration window URL Blocking Rule List window and URL Blocking Rule Configuration wi...

Страница 159: ...the requests matches to one rule Other Web requests will be blocked URL Blocking Rule List The URL Blocking Rule List shows the setup parameters of all URL blocking rules There also be one Add button...

Страница 160: ...URL Blocking enabling Use default value for those parameters that are not mentioned in the tables Configuration Path URL Blocking Configuration URL Blocking Enable Black List White List Allow all to...

Страница 161: ...fault When Deny those match the following rules is selected as the name suggest packets specified in the rules will be blocked black listed In contrast with Allow those match the following rules you c...

Страница 162: ...gh the Add Rule button will also appear in the Host grouping setting screen Source MAC A Must filled setting This field is to specify the Source MAC address Select Any to filter packets coming from an...

Страница 163: ...m Scheduling setting Enabling the rule The box is unchecked by default Click Enable box to activate this rule Save N A Click the Save button to save the configuration Undo N A Click the Undo button to...

Страница 164: ...ation window can let you activate the Web content filtering function Some popular script types like Java Applet Java Scripts cookies and Active X are in the window and you can check their boxes to ena...

Страница 165: ...Web content filtering rule or edit one existed rule the Web Content Filter Configuration window will appear when you click on the Add or Edit button to configure The parameters in a rule include the...

Страница 166: ...com Rule Enable Scenario Operation Procedure In above diagram the Gateway is the gateway of Network A and the subnet of its Intranet is 10 0 75 0 24 The gateway has the IP address of 10 0 75 2 for LA...

Страница 167: ...his filter function as the name suggests this pattern matching rule define as the packet with the keyword js class jar jsp java jse jcm jtk or jad Check the ActiveX box to activate this filter functio...

Страница 168: ...filter packets coming from a MAC address entered in this field Select MAC Address based Group to filter packets coming from a pre defined group selected Note group must be pre defined before this sele...

Страница 169: ...ckbox to log events Another Known MAC from LAN PC List is a tool that you can use to do quick copy the known MAC address of client hosts in the Intranet to facilitate creating rules Use the Copy to bu...

Страница 170: ...MAC Control Rule List shows the setup parameters of all MAC control rules There also be one Add button at the MAC Control Rule List caption that can let you add and create one new MAC control rule The...

Страница 171: ...y Parameter Setup Example Following tables list the parameter configuration as an example for the gateway in above diagram with MAC Control enabling Use default value for those parameters that are not...

Страница 172: ...box is unchecked by default Check the Enable box to activate the MAC filter function Black List White List Filter Method Selection Deny MAC Address Below is set by default When Deny MAC Address Below...

Страница 173: ...MAC Control rule name Enter a name that is easy for you to remember MAC Address Ues to Compose 1 MAC Address string Format 2 A Must fill setting Specify the Source MAC Address to filter rule Time Sche...

Страница 174: ...nction can categorize Internet Protocol packets based on their application layer data and allow or deny their passing of gateway It supports the application filters for various Internet chat software...

Страница 175: ...ilter Enable Log Alert Enable Configuration Path Application Filters Application Filter List Rule Name Rule 1 Source IP IP Range 192 168 123 200 192 168 123 250 P2P Software BT BitTorrent BitSpirit Bi...

Страница 176: ...he box is unchecked by default Check the Enable box to activate this filter function Log Alert The box is unchecked by default Check the Enable box to activate Event Log Create Edit Filter Rules The r...

Страница 177: ...re defined group selected Note group must be pre defined before this selection become available Refer to System Grouping Host grouping You may also access to create a group by the Add Rule shortcut bu...

Страница 178: ...t it You can enable the IPS function and check the listed intrusion activities when needed There are some intrusion prevention items need a further Threshold parameter to work properly for intrusion d...

Страница 179: ...rio Description The gateway serves as an E mail server Web Server and open TCP Port 8080 allowing user to access web based utility of Gateway so remote users or unknown users can request those service...

Страница 180: ...em will block lots of packets in seconds IPS Setting The Intrusion Prevention System IPS setting allows user to customize intrusion prevention rules to prevent malicious packets Enabling IPS Firewall...

Страница 181: ...ble box to activate this intrusion prevention rule and enter the traffic threshold in this field UDP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic thr...

Страница 182: ...aceroute Block Fraggle Attack ARP Spoofing Defence 1 A Must filled setting 2 The box is unchecked by default 3 traffic threshold is set to 300 by default 4 The value range can be from 10 to 10000 Clic...

Страница 183: ...scard Ping from WAN makes any host on the WAN side can t ping this product It means this device won t reply any ICMP packet from Internet Remote Administrator Hosts enables only the LAN users to brows...

Страница 184: ...tables list the parameter configuration as an example for the gateway in above diagram with SPI enabling Configuration Path Options Firewall Options SPI Enable Scenario Operation Procedure In above di...

Страница 185: ...local users surf the internet Following tables list the parameter configuration as an example for the gateway in above diagram Configuration Path Options Firewall Options Discard Ping from WAN Enable...

Страница 186: ...Control Enabling Firewall Options Go to Advanced Network Firewall Options Tab Enabling Firewall Options Item Value setting Description Enable Stealth mode function The box is unchecked by default Chec...

Страница 187: ...ccess IP A Must filled setting This field is to specify the remote host to assign access right for remote access Select Any IP to allow any remote hosts Select Specific IP to allow the remote host com...

Страница 188: ...to incoming packets QoS determines which queue the packets enter based on priority This is useful when there are certain types of data you want to give higher priority to such as voice packets given...

Страница 189: ...sponding WAN Interface Resource window The system resource information provides important parameters for the QoS BWM function Incorrect information will result in poor bandwidth utilization System Res...

Страница 190: ...t is related to configure of each rule based QoS if select Priority Queues of Resource It is also related to default banwidth of WANs WAN Interface By default WAN 1 is selected Select WAN 1 and then t...

Страница 191: ...List window and QoS Rule Configuration window The Configuration window can let you activate the Rule based QoS function In addition you can also enable the Flexible Bandwidth Management FBM feature f...

Страница 192: ...tion When you want to add a new QoS rule or edit one already existed the QoS Rule Configuration window shows up for you to configure The parameters in a rule include the applied WAN interfaces the ded...

Страница 193: ...ID User defined Services and Well known Services Well known services include FTP 21 SSH TCP 22 Telnet 23 SMTP 25 DNS 53 TFTP UDP 69 HTTP TCP 80 POP3 110 Auth 113 SFTP TCP 115 SNMP Traps UDP 161 162 L...

Страница 194: ...ce 4 CS4 to AF Class2 High Drop for incoming packets from some client hosts in the Intranet Parameter Setup Example Following tables list the parameter configuration as an example for the gateway in a...

Страница 195: ...or of the gateway wants to limit the connection sessions from some client hosts IP 10 0 75 16 31 to 20000 sessions totally for accessing the Internet he can use the Rule based QoS function to carry ou...

Страница 196: ...16 31 can access the Internet via WAN 1 interface under the limitation of the maximum 20000 connection sessions totally at any time The Rule Based QoS allows user to configure QoS and bandwidth to se...

Страница 197: ...hen WAN 1 interface is enabled The same applies to other WAN interfaces i e WAN 2 Group A Must filled setting This field is to specify the Group of the interface selected in the Interface setting abov...

Страница 198: ...when Set MINR MAXR is selected It means the option Control Function of rule based QoS Rule is set MINR MAXR You can assign min rate max rate and rate unit for this rule QoS Direction A Must filled se...

Страница 199: ...option is a source group When Inbound is selected It means the option QoS Direction of rule based QoS Rule is inbound Inbound means the Group option is a destination group When Both is selected It mea...

Страница 200: ...group When Both is selected It means the option QoS Direction of rule based QoS Rule is both Sharing Method A Must filled setting When Individual Control is selected It means the option Sharing Method...

Страница 201: ...lected It means the option QoS Direction of rule based QoS Rule is outbound Outbound means the Group option is a source group When Inbound is selected It means the option QoS Direction of rule based Q...

Страница 202: ...d It means the option QoS Direction of rule based QoS Rule is inbound Inbound means the Group option is a destination group When Both is selected It means the option QoS Direction of rule based QoS Ru...

Страница 203: ...is selected It means the option QoS Direction of rule based QoS Rule is inbound Inbound means the Group option is a destination group When Both is selected It means the option QoS Direction of rule b...

Страница 204: ...e slots for new function insertion when required 204 Apply Time Schedule to this rule otherwise leave it as Always refer to Scheduling setting under System Enabling the rule Click Enable box to activa...

Страница 205: ...ne by establishing a virtual point to point connection through the use of dedicated connections encryption or a combination of the two The tunnel technology supports data confidentiality data origin a...

Страница 206: ...ns The VPN configuration allows user to enable or disable all the VPN functions of the gateway device The VPN enables check box must be checked to enable to allow IPSec PPTP L2TP and GRE to function V...

Страница 207: ...peers and negotiates IKE SAs Security Association to set up a secure channel for negotiating IPSec SAs in phase 2 At IPSec phase IKE negotiates IPSec SA parameters and sets up matching IPSec SAs in th...

Страница 208: ...ation window shows the maximum number of concurrent IPSec VPN tunnels that are running in system Tunnel List Status The Tunnel List shows the setup parameters of all IPSec VPN tunnels and their connec...

Страница 209: ...ity gateways have their own subnet and the Site to Site tunnel scenario is used Site means a subnet of client hosts Scenario Description Both Initiator and Responder of IPSec tunnel must have a Static...

Страница 210: ...figuration Path IPSec IKE Phase Negotiation Mode Main Mode X Auth None For Network B at Branch Office Following 5 tables list the parameter configuration for above example diagram of IPSec VPN tunnel...

Страница 211: ...se Negotiation Mode Main Mode X Auth None Scenario Operation Procedure In above diagram Network A is in the headquarters and the subnet of its Intranet is 10 0 76 0 24 The security gateway for Network...

Страница 212: ...office resources from outside the Dynamic VPN connection can be setup up to meet the requirement These mobile employees are carrying with their notebooks or security supporting gateways outsides and...

Страница 213: ...cal Subnet 10 0 76 0 Local Netmask 255 255 255 0 Configuration Path IPSec Authentication Key Management IKE Pre shared Key 12345678 Local ID User Name Network B Configuration Path IPSec IKE Phase Nego...

Страница 214: ...ode X Auth None Scenario Operation Procedure In above diagram Network A is in the headquarters and the subnet of its Intranet is 10 0 76 0 24 The security gateway for Network A has the IP address of 1...

Страница 215: ...Security Gateway will go over the VPN tunnel That is if a user is operating at a PC that is in the Intranet of remote Business Security Gateway all application packets and private data packets from th...

Страница 216: ...c tunnel must have a Static IP or a FQDN for Site to Site scenario Any peer gateway can be worked as an Initiator or a Responder of the IPSec VPN tunnel Two phases IKE and IPSec to negotiate for estab...

Страница 217: ...both peers must match each other to complete the authentication process successfully and it is just for an example here In addition Negotiation Mode and X Auth in IKE Phase configuration window shoul...

Страница 218: ...erface and 118 18 81 33 for WAN interface Establish an IPSec VPN tunnel with Site to Site scenario by starting from either site So both Intranets of 10 0 75 0 24 and 10 0 76 0 24 can securely communic...

Страница 219: ...ed by default Click the Enable box to enable NAT Traversal function Max Concurrent IPSec Tunnels 32 is set by default The Value specified will limit the maximum number of simultaneous IPSec tunnel con...

Страница 220: ...s selected by default Select an IPSec tunneling scenario from the dropdown box for your application Select Site to Site Site to Host Host to Site Host to Host or Dynamic VPN With Site to Site or Site...

Страница 221: ...ation Protocol from the dropdown box for this IPSec tunnel Available encapsulations are ESP and AH Keep alive 1 Unchecked by default 2 30s is set by default Check the Enable box to enable Keep alive f...

Страница 222: ...rname The username may include but can t be all numbers Select FQDN for Local ID and enter the FQDN Select User FQDN for Remote ID and enter the User FQDN Select Key ID for Remote ID and enter the Key...

Страница 223: ...Group18 Check Enable box to enable this setting IPSec Phase Window Item Value setting Description Phase2 Key Life Time 1 A Must fill setting 2 28800s is set by default 3 Max 86400s Specify the Phase2...

Страница 224: ...y Management section under Authentication configuration window in the previous pages When Manually option is selected for Key Management described in Authentication Configuration Window a series of co...

Страница 225: ...On Failover Load Balance Define whether the IPSec tunnel is a failover tunnel function or an always on tunneling Note If this IPSec is a failover tunneling you will need to select the primary IPSec t...

Страница 226: ...alphabet or number Remote ID An optional setting Specify the Remote ID for this IPSec tunnel to authenticate Select Key ID for Remote ID and enter the Key ID English alphabet or number Manual Proposa...

Страница 227: ...ty levels and remote access levels comparable with typical VPN products Deploy a security gateway for local office and establish a virtual private network with the remote gateway of another office by...

Страница 228: ...n window is to enable the PPTP VPN function by checking the Enable box In the Client Server field of the Configuration window choose either Server or Client Choose Server to define the gateway as the...

Страница 229: ...the used user name remote IP address the obtained virtual IP address and call ID of all PPTP clients User Account List User Account List lists your defined user accounts that can be accepted by the PP...

Страница 230: ...nd requesting the PPTP tunnel connection with its account password PPTP protocol is used for establishing a PPTP VPN tunnel Parameter Setup Example For Network A at HQ Following 3 tables list the para...

Страница 231: ...ow shows your defined PPTP clients and their tunnel connection status Only some important information for all tunnels are shown in the list as following diagram Configuration for A PPTP Client Configu...

Страница 232: ...PTP tunnel Usually these hosts at PPTP client peer access the Internet directly via the WAN interface of Security Gateway 2 Only the packets whose destination is in the dedicated subnet to Network A w...

Страница 233: ...teway Remote Subnet Default Gateway Authentication Protocol MS CHAP MPPE Encryption Enable Tunnel Enable Scenario Operation Procedure In above diagram Network A is in the headquarters and the subnet o...

Страница 234: ...you proceed ensure that the VPN is enabled and saved To enable VPN go to Advanced Network VPN Configuration tab Enabling PPTP Go to Advanced Network VPN PPTP tab Enable PPTP Window Item Value setting...

Страница 235: ...his is the PPTP server s Virtual IP DHCP server User can specify the first IP address for the subnet from which the PPTP client s IP address will be assigned IP Pool Ending Address 1 A Must fill setti...

Страница 236: ...ounts for remote clients to establish PPTP VPN connection to the gateway device Click Add button to add user account Enter User name and password Then check the enable box to enable the user Click Sav...

Страница 237: ...er tunneling you will need to select a primary IPSec tunnel from which to failover to Load Balance Define whether the PPTP tunnel connection will take part in load balance function of the gateway You...

Страница 238: ...l setting Specify whether PPTP server supports MPPE Protocol Click the Enable box to enable MPPE Note when MPPE Encryption is enabled the Authentication Protocol PAP CHAP options will not be available...

Страница 239: ...ng L2TP tunneling So all client hosts behind local security gateway can make data communication with others behind remote gateway Or when you are a mobile user with your notebook or carrying along a s...

Страница 240: ...ent Choose Server to define the gateway as the L2TP VPN server for remote clients to initiate the connection to establish VPN tunnels Or choose Client to create multiple L2TP VPN clients to establish...

Страница 241: ...ncluding the used user name remote IP address the obtained virtual IP address and call ID of all L2TP clients User Account List User Account List lists your defined user accounts that can be accepted...

Страница 242: ...maintain a Client list account password The Client may be a mobile user or mobile site and requesting the L2TP tunnel connection with its account password L2TP protocol is used for establishing an L2T...

Страница 243: ...Client option in the L2TP Configuration window And make its related configuration in following sections L2TP Client Configuration L2TP Client Configuration window can let you enable the L2TP client f...

Страница 244: ...tunnel is established by the L2TP client making the tunnel connection request initiation and the Security Gateway 1 in Network A of headquarters serves as the L2TP VPN server responding to the reques...

Страница 245: ...etermines how the Internet traffic from L2TP client site is handled The L2TP over IPSec is usually used for BYOD devices to establish a secure VPN tunnel between mobile employees and company office Pa...

Страница 246: ...User 1 user account to dial in the L2TP server at HQ for establishing a L2TP VPN tunnel So both Intranets of 10 0 75 0 24 and 10 0 76 0 24 can securely communicate each other Finally the client hosts...

Страница 247: ...It will enable L2TP over IPSec and need to fill in the Pre shared Key Server Virtual IP A Must filled setting Specify the L2TP server Virtual IP It will set as this L2TP server local virtual IP IP Po...

Страница 248: ...Undo N A Click the Undo button to recovery the configuration L2TP Server Status Item Value setting Description L2TP Server Status N A Show the L2TP client information which connect to this L2TP serve...

Страница 249: ...Server a series L2TP Client Configuration will appear L2TP Client Configuration Item Setting Value setting Description L2TP Client The box is unchecked by default When click the Enable box It will ac...

Страница 250: ...Must filled setting Specify the Remote LNS IP FQDN for this L2TP tunnel Fill in the IP address or FQDN Remote LNS Port A Must filled setting Specify the Remote LNS Port for this L2TP tunnel Fill in t...

Страница 251: ...nable box It will enable NAT for this L2TP tunnel LCP Echo Type A Must filled setting Specify the LCP Echo Type for this L2TP tunnel Select Auto Auto setting the Interval and Max Failure Time Selected...

Страница 252: ...rters supports the GRE tunneling function Then local security gateway can establish a GRE VPN tunnel with remote gateway in headquarters Client hosts in these both Intranets of branch office and headq...

Страница 253: ...rs and the one in branch office as an example fo following description GRE Tunnel at HQ Peer Scenario Application Timing Above diagram illustrates the security gateway in headquarters playing the GRE...

Страница 254: ...nel IP 203 95 80 22 Remote IP 118 18 81 33 Key 1234 TTL 255 Default Gateway Remote Subnet Remote Subnet 10 0 75 0 24 Tunnel Enable Scenario Operation Procedure In above diagram Network A is in the hea...

Страница 255: ...o all packets are delivered via the GRE tunnel as shown in the diagram by configuring the GRE tunnel is the default gateway at GRE client peer the Internet accessing packets will be also sent to the S...

Страница 256: ...or Network A has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN interface It serves as a GRE server However Network B is in the branch office and the subnet of its Intranet is...

Страница 257: ...PN go to Advanced Network VPN Configuration tab Enabling GRE Go to Advanced Network VPN GRE tab Enable GRE Window Item Value setting Description GRE Unchecked by default Click the Enable box to enable...

Страница 258: ...Always On Failover Load Balance Failover Always Define whether the GRE tunnel is a failover tunnel function or an Always on tunnel Note If this GRE is a failover tunneling you will need to select a pr...

Страница 259: ...0 0 2 24 DMVPN Spoke Unchecked by default Specify whether the gateway will support DMVPN Spoke for this GRE tunnel Check Enable box to enable DMVPN Spoke GRE Pre shared Key 1 Unchecked by default 2 P...

Страница 260: ...te for every client using signature and Certificate authority It uses the OpenSSL encryption library extensively as well as the SSLv3 TLSv1 protocol and contains many security and control features Dep...

Страница 261: ...Modbus Cellular Gateway Index skipping is used to reserve slots for new function insertion when required 261...

Страница 262: ...another role Above diagram is the server role configuration and following diagram shows the client role configuration To configure OpenVPN Server or Client role for the security gateway as follows Con...

Страница 263: ...ble the OpenVPN server function specify the virtual IP address of OpenVPN server define the pool of virtual IP addresses that will assign to remote OpenVPN clients dialing in the security gateway and...

Страница 264: ...nel Parameter Setup Example For Network A at HQ Following below tables list the parameter configuration for above example diagram of OpenVPN server in Network A Use default value for those parameters...

Страница 265: ...arting from the OpenVPN client site So hosts in Network B can access hosts or servers in Network A But can t access from Network A to Network B To communicate each other securely between Intranets of...

Страница 266: ...266 Configuration for An OpenVPN Client Configuration for An OpenVPN Client window let you specify the required parameters for an OpenVPN VPN client such as OpenVPN Client Name Interface Protocol Por...

Страница 267: ...also controlled by the Security Gateway 1 the OpenVPN VPN server Scenario Description OpenVPN Tunneling is a Client and Server based tunneling technology The OpenVPN Server must have a Static IP or a...

Страница 268: ...n access hosts or servers in Network A But can t access from Network A to Network B However if the Default Gateway Remote Subnet parameter in the Security Gateway 2 is configured to Default Gateway th...

Страница 269: ...A Must filled setting By default 443 is set Specify the Port for the OpenVPN Server to use Tunnel Device A Must filled setting By default TUN is selected Specify the Tunnel Device for the OpenVPN Ser...

Страница 270: ...ailable only when TAP is be chose in Tunnel Device IP Pool A Must filled setting Specify the OpenVPN server virtual IP pool Starting Address It will set as the starting IP which assign to OpenVPN clie...

Страница 271: ...vailable only when TLS is be chose in Authorization Mode Redirect Default Gateway The box is checked by default Specify the OpenVPN server Redirect Default Gateway Client to Client The box is checked...

Страница 272: ...ntify it in the tunnel list Interface A Must filled setting Define the selected interface to be the used for this OpenVPN Client tunnel Select WAN 1 for this OpenVPN Client tunnel by default Protocol...

Страница 273: ...ificate Refer to Advanced Network Certificate My Certificates Local Endpoint IP Address A Must filled setting Specify the Local Endpoint IP Address Note_1 Local Endpoint IP Address will be available o...

Страница 274: ...y Optional String format any text Specify the OpenVPN client TLS Auth Key Note_1 TLS Auth Key will be available only when TLS is be chose in Authorization Mode User Name Optional String format any tex...

Страница 275: ...ox is unchecked by default Specify the OpenVPN client Tunnel UDP MSS Fix Note_1 Tunnel UDP MSS Fix will be available only when UDP is be chose in Protocol nsCertType Verification The box is unchecked...

Страница 276: ...er or switch fails This increases the availability and reliability of routing paths via automatic default gateway selections on an IP network The protocol achieves this by creation of virtual routers...

Страница 277: ...le connection to the Internet administrator can setup a group of VRRP redundant gateways as the enterprise entry gateway Each member gateway connects to different ISP for a redundant connection to the...

Страница 278: ...erver IP Address 10 0 75 200 Scenario Operation Procedure In above diagram the Master Gateway and the Backup Gateway are the redundant gateway group of Network A and the subnet of its Intranet is 10 0...

Страница 279: ...ring Format 2 A Must filled setting Define the Virtual Server ID on VRRP of the router The value range is from 1 to 255 Priority of Virtual Server 1 Numberic String Format 2 A Must filled setting Defi...

Страница 280: ...his gateway device As a bidirectional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configuration Servers ACS The Security Gateway is such CPE...

Страница 281: ...erver to manage remote gateways geographically distributed elsewhere in the world the gateways in all branch offices must have an embedded TR 069 agent to communicate with the ACS server So that the A...

Страница 282: ...nternet The Gateway 1 is one of them and has 118 18 81 33 IP address for its WAN 1 interface When all remote gateways have booted up they will try to connect to the ACS server Once the connections are...

Страница 283: ...CS manager provide ACS password and manually set ConnectionRequest Port A Must filled setting You can ask ACS manager provide ACS ConnectionRequest Port and manually set ConnectionRequest Username A M...

Страница 284: ...modifying and applying a new configuration through remote modification of these variables The variables accessible via SNMP are organized in hierarchies These hierarchies and other metadata such as ty...

Страница 285: ...window provides 5 records of user privacy definition for user authentication and data hashing and encryption In SNMPv3 SNMP protocol supports user privacy feature additionally By referring to above se...

Страница 286: ...faces are connected together by using a switch or a router with UDP forwarding If you want to manage some devices and they all have supported SNMP protocol use either one application scenario especial...

Страница 287: ...rver can manage multiple devices in the Intranet or a UDP reachable network The Gateway 1 is one of the managed devices and it has the IP address of 10 0 75 2 for LAN interface and 118 18 81 33 for WA...

Страница 288: ...Versions 1 The v1 box is checked by default 2 The v2c box is checked by default Select the version for the SNMP When Check the v1 box It means you can access SNMP by version 1 When Check the v2c box...

Страница 289: ...2 A Must filled setting 3 String format any text Specify this version 1 or version v2c user s community that will be allowed Read Only GET and GETNEXT or Read Write GET GETNEXT and SET access respect...

Страница 290: ...ur Privacy Mode is authNoPriv or authPriv you must specify the Password for this version 3 user The minimum length of the password is 8 The maximum length of the password is 64 Authentication 1 None i...

Страница 291: ...stricts access for this version 3 user to the subtree rooted at the given OID The range of the each OID number is 1 2080768 Enable 1 The box is checked by default Click Enable to enable this version 3...

Страница 292: ...alue setting Description Server IP 1 A Must filled setting 2 String format any Ipv4 address Specify the trap Server IP The DUT will send trap to the server IP Server Port 1 String format any port numb...

Страница 293: ...types and encryption protocols Selected the authNoPriv You must specify the Authentication and Password Selected the authPriv You must specify the Authentication Password Encryption and Privacy Key Au...

Страница 294: ...23 AMIT Enterprise Number 2 A Must filled setting 3 String format any number Specify the Enterprise Number for the particular private mib The range of the enterprise number is 1 2080768 Enterprise OID...

Страница 295: ...es are generally easier to automate via scripting The device supports both Telnet and SSH CLI with default service port 2300 and 22 respectively And it also accepts commands from both LAN and WAN side...

Страница 296: ...using Telnet or SSH utility with privileged user name and password The data packets between the Local Admin and the Gateway or between the Remote Admin and the Gateway can be plain texts or encrypted...

Страница 297: ...ternet uses SSH utility with privileged account Usually root and the same password as the one to login Web UI to login the Gateway The administrator of the gateway can control the device as like he is...

Страница 298: ...o peer networks multiplayer gaming and remote assistance programs need a way to communicate through home and business gateways Without IGD one has to manually configure the gateway to allow traffic th...

Страница 299: ...th UPnP Configuration UPnP Enable Scenario Operation Procedure In above diagram the NAT Gateway is the gateway of Network A and the subnet of its Intranet is 10 0 75 0 24 It has the IP address of 10 0...

Страница 300: ...for networked devices to discover each other s presence and establish functional network services Go to Advanced Network System Management UPnP UPnP Configuration Item Name Value Setting Description...

Страница 301: ...rges customers to issue certificates for them In a web of trust scheme the signer is either the key s owner a self signed certificate or other users endorsements whom the person examining the certific...

Страница 302: ...ry where your organization is located State ST is the state where your organization is located Location L is the location where your organization is located Organization O is the name of your organiza...

Страница 303: ...My Certificates function The Root CA window can let you generate or delete the certificate of root CA Root CA Configuration window can let you fill required information necessary for generating the ro...

Страница 304: ...Scenario Scenario Application Timing When the enterprise gateway owns the root CA and VPN tunneling function it can generate its own local certificates by being signed by itself or import any local c...

Страница 305: ...ers that are not mentioned in the tables Configuration Path My Certificates Root CA Certificate Configuration Name HQRootCA Key Key Type RSA Key Length 1024 bits Subject Name Country C TW State ST Tai...

Страница 306: ...llowing two sections to complete the whole user scenario Use default value for those parameters that are not mentioned in the tables Configuration Path My Certificates Local Certificate Configuration...

Страница 307: ...cal certificate HQCRT that is signed by itself Import the certificates of the root CA and HQCRT into the Trusted CA Certificate List and Trusted Client Certificate List of Gateway 2 Gateway 2 generate...

Страница 308: ...is located Location L is the location where your organization is located Organization O is the name of your organization Organization Unit OU is the name of your organization unit Common Name CN is th...

Страница 309: ...certificates When Import button is applied Import screen will appear Import Item Value setting Description Import A Must filled setting It could select a certificate file from user s computer for imp...

Страница 310: ...e Trusted CA Certificate Import from a PEM window that can let you copy the contents of dedicated CA certificate and paste them in the window to be a trusted one for the gateway Similarly the Trusted...

Страница 311: ...s a trusted one In addition you can delete used ones by checking the Select box of those certificates and clicking on the Delete button The View button allows you to view the contents of the dedicated...

Страница 312: ...be the BranchCRT certificate Import the certificate into the Gateway 2 as a local certificate In addition also imports the certificates of the root CA of Gateway 1 into the Gateway 2 as the trusted o...

Страница 313: ...Network A in headquarters and the subnet of its Intranet is 10 0 76 0 24 It has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN 1 interface The Gateway 2 is the gateway of Netwo...

Страница 314: ...em encoded to DUT Apply N A Click the Apply button to import certificate Cancel N A When the Cancel button is clicked the screen will return to the Trusted Certificates page When Get CA button is appl...

Страница 315: ...ted Certificates When Import button is applied Trusted Client import screen will appear Trusted Client Certificate List Item Value setting Description Import A Must filled setting It could select a ce...

Страница 316: ...ll generates the certificate based on the dedicated CSR by clicking on the Sign button in the window Certainly only the gateway be the root CA and it can sign the requests to certify Another approach...

Страница 317: ...rom a PEM Copy the contents of one CSR in PEM format to this window and use Sign button to generate corresponding certificate based on the pasted CSR contents The Signed Certificate View window will d...

Страница 318: ...root CA of Gateway 1 Gateway 2 creates a CSR BranchCSR to let the root CA of the Gateway 1 sign it to be the BranchCRT certificate Import the certificate into the Gateway 2 as a local certificate In...

Страница 319: ...NAT security gateways Gateway 1 generates the root CA and a local certificate HQCRT that is signed by itself Import the certificates of the root CA and HQCRT into the Trusted CA Certificate List and...

Страница 320: ...alue setting Description Certificate Signing Request CSR Import from a File A Must filled setting It could select a certificate signing request file from user s computer for importing to DUT Certifica...

Страница 321: ...irst In Port Configuration page there is only one configuration window for the serial port settings The Configuration window can let you specify serial port parameters including the operation mode bei...

Страница 322: ...IP based network Baud Rate 19200 is set by default Select the appropriate baud rate for serial device communication RS 232 9600 19200 38400 57600 115200 RS 485 9600 19200 38400 57600 115200 230400 460...

Страница 323: ...there are three more configuration parameters need to specify They are the connection control the connection idle timeout and the alive check timeout In the TCP Client mode there is another Legal IP...

Страница 324: ...rusted IP Definition window can let you define four hosts as TCP clients to connect to the gateway by using their IP addresses if the trust type is Specific IP These operation modes are illustrated as...

Страница 325: ...erial device and the gateway has a 3G LTE WAN interface to connect to the Internet A remote Internet host computer whose IP address is 140 116 82 98 has a management system in it to process the serial...

Страница 326: ...ue for those parameters that are not mentioned in the tables Configuration Path Virtual COM Configuration Operation Mode TCP Server Listen Port 4001 WAN Interface All WANs Trust Type Specific IP Max C...

Страница 327: ...omputers to connect to the serial device via the gateway Scenario Description Internet Host Computer is the trusted one in the IOG Gateway for communicating UDP data with the serial device Parameter S...

Страница 328: ...irtual COM Setting Virtual COM setting screen enables user to connect a Virtual COM port based device to the Internet It allows user to access serial data remotely There are TCP Client TCP Server UDP...

Страница 329: ...ed in the Connection Control field Alive Check Timeout 0 is set by default Input the time period of alive check timeout The TCP connection will be terminated if it doesn t receive response of alive ch...

Страница 330: ...en Port 4001 is set by default Indicate the listening port of TCP connection Trust Type Allow All is set by default Choose Allow All to allow any TCP clients to connect Otherwise choose Specific IP to...

Страница 331: ...31 Specify TCP Clients for TCP Server Access Specify TCP Clients Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed TCP clients Enable The box is un...

Страница 332: ...ssage display applications Enable UDP Mode Window Item Value setting Description Operation Mode A Must filled setting Select UDP mode Listen Port 4001 is set by default Indicate the listening port of...

Страница 333: ...ning port of RFC 2217 connection Trust Type Allow All is set by default Choose Allow All to allow any clients to connect Otherwise choose Specific IP to limit certain clients Connection Idle Timeout 0...

Страница 334: ...riginal serial based protocols In order to integrate Modbus networks the IoT Gateway including a serial port that support RS 232 and RS 485 communication interface can automatically and intelligently...

Страница 335: ...me parameters including the Slave ID the Ethernet or Serial type of interface and the serial protocol if Serial interface is chosen The third window Modbus TCP Configuration can let you specify relate...

Страница 336: ...hat attached to the IoT Gateway the Modbus gateway And IoT Gateway executes corresponding processes and replies the Modbus TCP Master with the results Scenario Description The IoT Gateway serves as th...

Страница 337: ...n ID 1 Source IP 203 95 80 22 203 95 80 29 Enable Configuration Path Modbus Modbus Priority Priority 1 2 Settings IP Address 203 95 80 22 IP Address 203 95 80 23 Enable Enable Enable Scenario Operatio...

Страница 338: ...ants to configure the gateway to be a Modbus TCP Slave for receiving requests from remote Modbus TCP Master executing some actions and making responses then the scenario is adequate for the applicatio...

Страница 339: ...T Gateway for delivering Modbus commands and responses During normal operating the Modbus TCP Master sends requests to the IoT Gateway for obtaining information from or controlling to it via the gener...

Страница 340: ...egacy Modbus Slave Device Mode the AMIT gateway would act as a standalone Modbus slave role in a Modbus network Gateway information can be requested by the existed SCADA network for Modbus device Mana...

Страница 341: ...in ms is set by default This sets the response timeout of the slave after master request sent If the slave does not response within the specified time data would be discarded This applies to the seria...

Страница 342: ...uld insert a Tx delay between Master requests The delay gives sufficient time for the slave devices to turn their transmitters off and their receivers back on Save N A Click the Save button to save th...

Страница 343: ...E g SPort 1 Serial Mode Slave is set by default Select Master Serial Protocol RTU is set by default Select RTU or ASCII Then Click Save to save the setting Enable N A It displays whether it is enable...

Страница 344: ...able ensure that you have Master option selected in the Modbus Serial Definition sub screen and save the setting Remote Slave Unchecked by default Check Enable box to enable this rule Save N A Click S...

Страница 345: ...server listening port number to receive TCP client s Modbus Server side session connection request and other required parameters The TCP Connection Configuration screen also allows user to specify aut...

Страница 346: ...ble this rule Save N A Click the Save button to save the settings Legacy Modbus Slave Device Mode Single Mode This setting sets up the AMIT Gateway as a standalone Modbus Slave Device As a Modbus slav...

Страница 347: ...the Modbus device operator to set up the AMIT gateway of the attached Modbus Slave to listen for the server request that is coming from the TCP Client s connection request on the specified TCP port B...

Страница 348: ...Description Source IP A Must fill setting Select Specific IP Address to only allow an IP address of the allowed Master to access the attached Slave s Select IP Range to only allow a set range of IP a...

Страница 349: ...ponse to Modbus master device s data acquisition The data logging function can save all communicate data into several CSV format files automatically and user can define how to split and storage those...

Страница 350: ...ction insertion when required 350 Data Logging Files Download All the data acquired from local modbus device can be downloaded through FTP and WEB UI admin user can get the resulting data over the int...

Страница 351: ...messaging service component of phone Web or mobile communication systems It uses standardized communications protocols to allow fixed line or mobile phone devices to exchange short text messages 13 S...

Страница 352: ...shows all your defined altering rules for SMS messages like auto forwarding messages to another mobile phone set message forwarding by email and message forwarding by syslog By using the third window...

Страница 353: ...k Save to save the settings SMS Summary Show Unread SMS Received SMS Remaining SMS and edit SMS context to send read SMS from SIM card SMS Summary Item Value setting Description Unread SMS N A If SIM...

Страница 354: ...t will show Send Failed Send N A Click Send button SMS will send SMS Inbox List User can read or delete SMS reply SMS or forward SMS from this screen SMS Inbox List Item Value setting Description ID N...

Страница 355: ...SSD messages create a real time connection during an USSD session The connection remains open allowing a two way exchange of a sequence of data This makes USSD more responsive than services that use S...

Страница 356: ...ith the USSD server by sending USSD commands and getting USSD responses via the voice gateway An USSD Session Scenario Scenario Application Timing When the administrator wants to uses the Voice Gatewa...

Страница 357: ...setting with command 135 for further use In the USSD Request window from the USSD Profile dropdown box select the roaming setting profile and the USSD Command field shows 135 Click on the Send button...

Страница 358: ...ey in USSD Command N A The USSD command that user can key in Comments N A The Comments is this profile comment USSD Request When send the USSD command the USSD Response screen will appear When click t...

Страница 359: ...ng normal operation In Network Scan page there are two windows for the Network Scan function The Configuration window can let you select which 3G 4G module physical interface is used to perform Networ...

Страница 360: ...by default The Band List s options depend on module and user need to select option at least one for all network type Scan Approach The box is Auto by default When Auto selected cellular module registe...

Страница 361: ...with the gateway via the SMS system Only these phones can SMS control the gateway Furthermore the SMS messages can be removed after being processed by the system to clear up the memory to receive mor...

Страница 362: ...y the SMS messaging access control From which phone number the gateway will receive the management SMS messages or to which phone the gateway can issue the notification SMS messages A SMS based Remote...

Страница 363: ...Enable Configuration Path Remote Management Specific Phone Number Definition ID 1 Phone Number 8869116xxxxx Granted Functions Management Notification Enable Scenario Operation Procedure In above diagr...

Страница 364: ...Configuration Item Value setting Description SMS Remote Management The box is unchecked by default Check the Enable box to activate SMS Remote Management function Managing Events The box is unchecked...

Страница 365: ...event SMS after it has been processed Delete All Received SMS N A Press the Active button to delete all the received SMS Security Key The box is unchecked by default Click the Enable box to enable th...

Страница 366: ...t SMS Account Definition Item Value setting Description Phone Number 1 Mobile telephone numbers format 2 A Must filled setting Specify the phone number that will issuing the SMS as the account identif...

Страница 367: ...dbus Definition to specify Modbus Event Handlers All box is unchecked by default Specify the related Handlers for the managing event Select Power Checkbox and select the handlers you want to specify P...

Страница 368: ...lect DO and select profile from Digital Output DO Profile List to specify the DO Response Select SMS to specify the SMS Response Select SNMP Trap to specify the SNMP Trap Response Select Modbus and se...

Страница 369: ...nt condition to specify WiFi Event Select Client Server Proxy and select the event condition to specify Client Server Proxy Event Select System Related and the event condition to specify System Relate...

Страница 370: ...of web hosts some gateways can whitelist TCP ports The MAC address of attached clients can also be set to bypass the login process This technique has occasionally been referred to as UAM Universal Acc...

Страница 371: ...Server from the pre defined external server object list Internal Captive Portal Before enabling internal Captive Portal function please go to System External Servers to define some external server ob...

Страница 372: ...as an example for Internal Captive Portal function as shown in above diagram Use default value for those parameters that are not mentioned in the tables Configuration Path DHCP Server DHCP Server Con...

Страница 373: ...wser The gateway checks out that the Internet surfing request comes from the Guest group and the client host in the Guest group hasn t been authenticated by the gateway So the gateway redirects the re...

Страница 374: ...ed to specify Authentication Server and login page can be edited in Customize login page Customize login page N A The Download Default CSS and Logo button can download the default CSS file and Logo of...

Страница 375: ...o specify and enable uam server The uam server can be added by pressing AddObject button directly or added in System External Servers External Servers tab Note UAM Server is available when External in...

Страница 376: ...firmware upgrades Email alert and system log Go to System System Related tab Change Password Change password screen allows network administrator to change the web based utility login password to acces...

Страница 377: ...onnection is currently being used The display also shows the current System time It is particularly useful when firmware has been upgraded and system configuration file has been loaded Go to System Sy...

Страница 378: ...ve slots for new function insertion when required 378 System Status System Status screen contains various event log tools facilitating network administrator to perform local event logging and remote r...

Страница 379: ...r analysis View Email Log History Item Value setting Description View button N A Click on the View button to view Log History in Web Log List Window Email Now button N A Click on the Email Now button...

Страница 380: ...trator to select the type of event to log and be displayed in the Web Log List Window as described in the previous section Click on the View button to view Log History in the Web Log List window Web L...

Страница 381: ...er the recipient s Email account Separate Email accounts with comma or semicolon Enter the Email account in the format of myemail domain com Subject String any text Enter an Email subject that is easy...

Страница 382: ...enu Select one syslog server from the Server dropdown box to sent event log to If none has been available press Add Object button to create a syslog server Log type category Default unchecked Select t...

Страница 383: ...t Device Internal is selected by default Select internal or external storage Log file name Default unchecked Set file name to save logs in storage Split file Enable Default unchecked Check to enable s...

Страница 384: ...iven the file name by default is Interface _ Date _ index Define the output filename If left blank the device automatically assigns a name in the format of File Name _ index pcap Split Files 1 Optiona...

Страница 385: ...ting but a retrieve of what was saved in the memory Capture Filters Capture Filters let user can setup rules to filter packets That means Packet Analyzer will only capture packets which match rules Ca...

Страница 386: ...en match one of the rules Destination MACs Optional setting Define the filter rule with Destination MACs which means the destination MAC address of packets Packets which match rules will be captured M...

Страница 387: ...hedule rules which can be applied to other functionality Go to System Scheduling Schedule Settings Button description Item Value setting Description Add N A Click the Add button to configure time sche...

Страница 388: ...tivate activate the function been applied to in the time period below Time Period Definition Item Value Setting Description Week Day Select from menu Select everyday or one of weekday Start Time Time...

Страница 389: ...ration screen will appear Host Group Configuration Item Value setting Description Group Name 1 String format can be any text 2 A Must filled setting Enter a group rule name Enter a name that is easy f...

Страница 390: ...Configuration screen will appear File Extension Group Configuration Item Value setting Description Group Name 1 String format can be any text 2 A Must filled setting Enter a group rule name Enter a na...

Страница 391: ...ames about compression can be added Include ace ari bzip2 bz2 cab gz gzip rar sit and zip When Execution is selected there are total eight file extension names about execution can be added Include bas...

Страница 392: ...Aliww When P2P is selected there are total seven P2P application can be added Include BT eDonkey eMule Shareaza HTTP Multiple Thread Download Thunder Baofeng When Proxy is selected there are three pr...

Страница 393: ...format any text Then check Enable box to add this server Syslog Server A Must filled setting When Syslog Server is selected it means the option External Servers is set Syslog Server Server Port will...

Страница 394: ...et String format any text N AS Gateway ID String format any text Location ID String format any text Location Name String format any text Then check Enable box to add this server TACACS Server A Must f...

Страница 395: ...as elapsed The setting allows administrator to enable automatic logout and set the logout idle time When the Time out is disabled the system will not logout the administrator automatically Go to Syste...

Отзывы:

Нет отзывов

Похожие инструкции для IOG700AM-0xCR1

Karel GT20 Technical Reference And User'S Manual preview
GT20
Бренд: Karel Страницы: 17
IFM Electronic AC1376 Operating Instructions Manual preview
AC1376
Бренд: IFM Electronic Страницы: 9
ADTRAN Atlas 830 Quick Start Manual preview
Atlas 830
Бренд: ADTRAN Страницы: 2
WAGO 758-918 Manual preview
758-918
Бренд: WAGO Страницы: 76
Mellanox Technologies BridgeX BX5020 GT Series User Manual preview
BridgeX BX5020 GT Series
Бренд: Mellanox Technologies Страницы: 64
Yeastar Technology NeoGate TG100 Installation Manual preview
NeoGate TG100
Бренд: Yeastar Technology Страницы: 14
Advantech ADAM-4570 User Manual preview
ADAM-4570
Бренд: Advantech Страницы: 74
B+B KNX OPUS Documentation preview
KNX OPUS
Бренд: B+B Страницы: 25
Bogen MultiVOIP MVP130BG Specifications preview
MultiVOIP MVP130BG
Бренд: Bogen Страницы: 2
ABB Terra Gateway Pro Installation Manual preview
Terra Gateway Pro
Бренд: ABB Страницы: 31
WRC 1782-JDO User Manual preview
1782-JDO
Бренд: WRC Страницы: 27
VOGO VOKKERO ELITE User Manual preview
VOKKERO ELITE
Бренд: VOGO Страницы: 24
APconnections NETEQUALIZER NE 3000 User Manual preview
NETEQUALIZER NE 3000
Бренд: APconnections Страницы: 120
UNION Market TRP-C37M User Manual preview
TRP-C37M
Бренд: UNION Market Страницы: 36
National Instruments MON-10496 User Manual preview
MON-10496
Бренд: National Instruments Страницы: 18
Broadxent BritePort 8120 User Manual preview
BritePort 8120
Бренд: Broadxent Страницы: 104
IAI ERC3 Instruction Manual preview
ERC3
Бренд: IAI Страницы: 188
Ocean KTA-282 Manual preview
KTA-282
Бренд: Ocean Страницы: 25

Бренды по названию

Популярные бренды

Загрузить еще бренды