background image

 

Add SBM Rules

 

Click on [Add] tab. You will see the following screen. 

 

Configure [Add SBM] Settings following the instructions below. 

Sequence Number 

This defines the sequence of the SBM rules. If a packet fits the conditions set 

by the SBM rules, the packet will then be sorted according to the first SBM rule 

from the top of the list. 

Rule Name 

Name of the SBM rule. 

Rule Enable 

Enable/Disable this SBM rule 

Internal IP 

Set up the internal IP for this SBM rule. 

Protocol 

Set up the protocol (TCP or UDP) for the ACL to be enabled. 

External Interface 

Please select which External Interface (WAN1 or WAN2) you want a packet to 

go through, IF the packet fits the condition of this SBM rule. 

Service Port Range 

Set up the Service Port Range (e.g., HTTP is TCP/80) for the SBM to be 

enabled. 

Bandwidth Allocation 

By Ratio or By Bandwidth 

Ratio 

The ratio of the whole bandwidth according to the External Interface. 

Download 

Enter the reserved download bandwidth. 

Upload 

Enter the reserved upload bandwidth. 

Utilize Bandwidth More 

than Guaranteed 

Check this box if you wish to allow the traffic confirming this SBM rule to be 

able to utilize the whole bandwidth when the bandwidth is idle. 

 

 

45

Содержание VRT-402N

Страница 1: ...802 11n VPN Broadband Router VRT 402N User s Manual ...

Страница 2: ...ial installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be deter...

Страница 3: ...and telecommunication terminal Equipment and the mutual recognition of their conformity R TTE The R TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Terminal Equipment and Satellite Earth Station Equipment As of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to...

Страница 4: ...ty mode WEP 24 4 2 3 Wireless security mode WPA PSK WPA2 PSK 25 4 2 4 Wireless security mode WPA Radius WPA2 Radius 25 4 2 5 Advance 26 4 2 6 WDS 28 4 2 7 Universal Repeater 28 CHAPTER 5 SECURITY 30 5 1 FIREWALL 30 5 2 ACCESS CONTROL 31 5 3 MAC ACCESS CONTROL 33 5 4 OPENDNS 35 5 5 WEB FILTER 35 5 6 VPN PPTP 38 5 7 VPN IPSEC 39 5 8 IDBM 43 CHAPTER 6 APPLICATION SETTINGS 49 6 1 APPLICATION SETTINGS ...

Страница 5: ...8 4 LOG 63 CHAPTER 9 TROUBLESHOOTING 65 ...

Страница 6: ...for easily configuration z Remote Management allows configuration and upgrades from a remote site z Supported Internet types Dynamic Static IP PPPoE PPTP L2TP z Supports UPnP function Firewall Security Features z MAC IP filter access control URL blocking SPI firewall DoS prevention protection z Built in NAT firewall z Predefined User defined service database z Enable disable VPN pass through VPN F...

Страница 7: ... 54Mbps OFDM 10 PER 72 2dBm 11Mbps CCK 8 PER 88 2dBm Software Router Feature Access Private LAN Servers from the Public Network Equipped with four LAN ports 10 100Mbps and one WAN port 10 100Mbps Supported Internet types Dynamic Static IP PPPoE PPTP L2TP 802 1D Spanning Tree Protocol DHCP Server Client UPnP and DDNS DMZ and Virtual Server SNTP Static Routing Wireless Feature IEEE 802 11n wireless ...

Страница 8: ...tatus monitoring includes Active DHCP Client Security Log and Device Connection Status Web based GUI for and Wizard setup for easily configuration Remote Management allows configuration and upgrades from a remote site N Data Rate Table 1 HT20 HT40 MCS Index Data rate Mbps 400ns GI 0 7 2 15 0 1 14 4 30 0 2 21 7 45 0 3 28 9 60 0 4 43 3 90 0 5 57 8 120 0 6 65 0 135 0 7 72 2 150 0 ...

Страница 9: ...n VRT 402N and your computers 2 1 Outlook Front Panel WLAN ON OFF WPS Button Active Time WLAN On Off Press for less than 3 seconds for disable wireless configuration WPS button Press for less than 3 seconds for WPS configuration Reset Default Press the WPS and WLAN buttons for longer than 3 seconds to the factory default setting ...

Страница 10: ...er adapter 2 2 Hardware Installation 1 Locate an optimum location for the VRT 402N The best place for your VRT 402N is usually at the center of your wireless network with line of sight to all of your mobile stations 2 Adjust the antennas of VRT 402N Try to adjust them to a position that can best cover your wireless network The antenna s position will enhance the receiving sensitivity 10 ...

Страница 11: ... all LEDs on the front panel Status LED should be steadily on WAN and LAN LEDs should be on if the computer network device connected to the respective port of the router is powered on and correctly connected If PWD LED is not on or any LED you expected is not on please recheck the cabling or jump to Troubleshooting for possible reasons and solution Note 1 ONLY use the power adapter supplied with t...

Страница 12: ...gs should be set to obtain an IP address from a DHCP server VRT 402N automatically To verify your IP address please follow the steps below 1 Click on Start Run 2 In the run box type cmd and click OK Windows Vista users type cmd in the Start Search box At the prompt 12 ...

Страница 13: ...tions Windows 2000 From the desktop right click My Network Places Properties 2 Right click on the Local Area Connection which represents your network adapter and select Properties 3 Highlight Internet Protocol TCP IP and click Properties 4 Click Use the following IP address and enter an IP address that is on the same subnet as your network or the LAN IP address on your router Example If LAN IP add...

Страница 14: ...nd configure via web browser e g MS Internet Explorer or Netscape 1 Open your web browser 2 Enter the IP address of your VRT 402N in the address field default IP address is http 192 168 0 1 3 Please enter your User Name and Password in the dialog box Default User Name and Password are both admin Click OK 4 Then you will see the VRT 402N HOME screen as below 14 ...

Страница 15: ...15 ...

Страница 16: ...Configuration button or select the option on the left window for configuration If Dynamic IP is selected your ISP will automatically give you an IP address Some ISP s may also require that you fill in additional information such as Host Name Domain Name and MAC address If Static IP is selected your ISP should provide all the information required in this screen If your ISP requires PPPoE protocol t...

Страница 17: ...Select PPTP if your ISP requires the PPTP protocol to connect to the Internet Your ISP should provide all the information required in this section 17 ...

Страница 18: ... Wifi Wan1 WISP mode the wireless client will connect to ISP access point The NAT is enabled and PCs in Ethernet ports share the same IP to ISP through wireless LAN You must set the WAN port to WISP mode first and connect to the ISP AP in Site Survey page The connection type can be setup in WAN page by using PPPOE DHCP client PPTP client or static IP 18 ...

Страница 19: ...Please the Click Next button to proceed to the next step 4 1 2 LAN The LAN Port screen below allows you to specify a private IP address for your router s LAN interface 19 ...

Страница 20: ... Protocol If it is enabled this router will use the spanning tree protocol to prevent from network loop happened in the LAN ports MTU MPLANETum Transmission Unit 4 1 3 DHCP Server Parameters Description DHCP Server Enable or disable the DHCP Server DHCP Start IP Address The DHCP starting IP addresses offered by the DHCP Server Max DHCP Clients The mPLANETum number of the IP addresses supported by ...

Страница 21: ...re saving successfully You may press Confirm for configure other settings or Save Settings to restart VRT 402N with new configuration 4 1 4 DDNS DDNS allows you to map the static domain name to a dynamic IP address You must get an account password and your static domain name from the DDNS service providers This router supports DynDNS and TZO 21 ...

Страница 22: ...of this router DDNS Type Select a DDNS service provider The default setting is DynDNS User name Your static domain name that use DDNS Password The password you set for the DDNS service account above Host Name The account that your DDNS service provider assigned to you 22 ...

Страница 23: ...urity mode and key settings to be set by users for both convenience and increased protection Users are able to configure their network devices to access the first SSID with the WPA2 PSK Pre Shared Key and secret key whilst share the second SSID with WEP and the periodically changed key for visitors In addition users are able to isolate these SSIDs to avoid malicious attacks and prevent certain acc...

Страница 24: ... 128 bit WEP key you have to enter WEP keys to encrypt data You can generate the key by yourself You can enter four WEP keys and select one of them as default key Then the access point will just allow the clients that with the same encryption keys connected 24 ...

Страница 25: ...IP or CCMP AES or Mixed mode TKIP AES to change the encryption key frequently So the encryption key is not easy to be broken by hackers This can improve security very much 4 2 4 Wireless security mode WPA Radius WPA2 Radius You can use a RADIUS server to authenticate wireless stations and provide the session key to encrypt data during communication It uses TKIP or CCMP AES to change the encryption...

Страница 26: ...4 2 5 Advance 26 ...

Страница 27: ...the transmission efficiency Please make sure you Wireless card has this function supported HT Control Field Choose Enable Disable It is useful when you need to debug the wireless network Reverse Direction Grant Choose Enable Disable The response time can be shorter when enable this function Link Adapt Choose Enable Disable The function is use to dynamically change the modulation and encode mechani...

Страница 28: ...ow WDS to work effectively 1 WDS bridged devices must use the same radio channel 2 WDS bridged devices must use the same encryption mode and encryption keys Please Note If one of the above fails WDS devices cannot communication with each other 4 2 7 Universal Repeater Universal Repeater enables the wireless bridging amongst several wireless devices The bridged devices are identified by the Target ...

Страница 29: ...function of this router Target SSID In Universal Repeater mode this device can act as a station to connect to a Root AP You should enter the SSID of the Root AP here Target BSSID MAC Please assign the root AP MAC address Security Mode Please choose the WEP WPA PSK or WPA2 PSK mode option 29 ...

Страница 30: ...CP SYN DoS Protection TCP SYN DoS attack sends a flood of TCP SYN packets Each of these packets are like a connection request causing the server to consume computing resources e g memory CPU to reply and to continuously wait for the incoming packets Without TCP SYN Dos Protection the resources in the server will be easily consumed completely This will then consequently result in the dysfunction of...

Страница 31: ...nding to ICMP broadcasting echo packets in order to avoid a potential ICMP broadcasting DoS attack ICMP Redirect Protection Check to enable ICMP Redirect Protection Uncheck to disable ICMP Redirect Protection An ICMP redirect message is a way to change the existing routing path Generally ICMP redirect packets should not be sent and so when there is the occurrence that ICMP redirect packets are sen...

Страница 32: ...see the following screen Please do not change the parameters unless you wish to customize it by yourself Example Filter and block MSN usage For example a company does not wish to allow employees to use MSN The system administrator can 32 ...

Страница 33: ...1 207 46 110 1 254 IP address range for MSN server Protocol TCP Service Port Range Keep it blank All complies Action DENY 5 3 MAC Access Control The Time Zone allows VRT 402N to allocate its time on the settings configured here it will affect log display functions such as Security Log and Firewall settings 1 Click on Security Access Control tab You will see the following screen 2 Configure ACL Set...

Страница 34: ...C Set up the MAC Address to which you would like to enable the MAC ACL action Action Choose ALLOW DENY to ALLOW DENY ACL Enable Enable Disable this MAC access rule Static ARP Enable Enable Disable this Static ARP rule Static DHCP Enable Enable Disable this Static DHCP rule IP The IP address corresponds to static ARP or static DHCP 3 Click on Add tab You will see the following screen 4 Example Bind...

Страница 35: ... Disable to enable disable OpenDNS OpenDNS Username Enter OpenDNS user name OpenDNS Password Enter OpenDNS password DNS Query Redirection to OpenDNS DNS Servers Choose Enable Disable to enable disable the data flow redirect to the OpenDNS Server Users can get advanced content filtering function through the setting OpenDNS Label Enter the OpenDNS Label 5 5 WEB Filter 35 ...

Страница 36: ...tructions below Web Filtering Choose Enable Disable to enable disable Web Filtering ActiveX Filtering Choose Enable Disable to enable disable ActiveX Filtering Java JavaScript Filtering Choose Enable Disable to enable disable Java JavaScript Filtering Proxy Filtering Choose Enable Disable to enable disable Proxy Filtering 36 ...

Страница 37: ...uence Number This defines the sequence priority of all the Web Filtering rules Rule Enable Choose Enable Disable to enable disable Web Filtering rule Filter Keyword Enter the Keyword Filter Type Choose URL or Sever Action Select ALLOW DENY 5 Example Block a URL with Keyword If one need to block sex related web page can follow the settings as below 37 ...

Страница 38: ...5 6 VPN PPTP VPN PPTP Settings 1 Click on Security VPN PPTP tab You will see the following screen 38 ...

Страница 39: ...able MSCHAP2 for VPN authentication MPP128 Enable Choose Enable Disable to enable disable MPP128 encryption Proxy ARP Enable Choose Enable Disable to enable disable Proxy ARP NAT Enable Choose Enable Disable to enable disable NAT Add VPN PPTP Rule Click on Add tab You will see the following screen Configure Add PPTP Settings following the instructions below Sequence Number This defines the sequenc...

Страница 40: ...After add the option you will see the following settings After enable the Advance option you will see the following settings 40 ...

Страница 41: ...Click on Security VPN IPsec tab You will see the following screen Configure IPsec Settings following the instructions below IPsec Select Enable Disable to enable disable IPsec 41 ...

Страница 42: ...ateway to initiate the connection This option is needed in Net to Net mode IKE Key Mode PSK Preshared Key Enter the preshared key The key should be at least 8 digit ASCII string L2TP Enable Check the local VPN gateway to enable L2TP This option is needed in Road Warrior mode Advanced Options Check it if you need to configure the advanced options Phase 1 Mode Main Phase 1 ID Enter the phase 1 ID Ph...

Страница 43: ...er or a particular application while DBM intellectually manages the rest of the bandwidth while all the time satisfying the complicated bandwidth requirements settings of SBM iDBM Settings The essential configuration needed by iDBM is to specify accurately the bandwidth you have iDBM would then dispatch bandwidth according to this information Please Note Improper bandwidth assignment may cause iDB...

Страница 44: ...Upload Bandwidth Enter the value to customize upload bandwidth Reserved Buffering Bandwidth Enter the value to provide bandwidth buffer 5 Advanced Setting Example A user subscribed 10M 2Mbps bandwidth from ISP After performing some speed test the user found that the actual bandwidth is about 1135KByte sec downloading and 200KByte s uploading We change the dimension in Kbps as follows Download Spee...

Страница 45: ... TCP or UDP for the ACL to be enabled External Interface Please select which External Interface WAN1 or WAN2 you want a packet to go through IF the packet fits the condition of this SBM rule Service Port Range Set up the Service Port Range e g HTTP is TCP 80 for the SBM to be enabled Bandwidth Allocation By Ratio or By Bandwidth Ratio The ratio of the whole bandwidth according to the External Inte...

Страница 46: ...rule for both TCP and UDP protocols External Interface Choose the WAN interface you want to use Service Port Range Enter the service port number that used by VoIP Bandwidth Allocation Allocating the bandwidth by fixed value assignment or ratio Download Enter the reserved download rate to 25 Kbps Upload Enter the reserved upload rate to 25 Kbps Utilize Bandwidth More Than Guaranteed Uncheck this bo...

Страница 47: ...is rule Internal IP Address Enter the IP address this rule to be applied to Protocol Applied to both TCP and UDP External Interface Select the external WAN Interface to be applied to Service Port Range Applied to all port range if left this field blank Bandwidth Allocation Allocating the bandwidth by fixed value assignment or ratio Download Enter the download guaranteed value to 100 Kbps Upload En...

Страница 48: ...ng the instructions below Sequence Number This defines the sequence of the DBM rules Rule Name Name of the DBM rule Rule Enable Enable Disable this DBM rule Internal IP Range Set up the internal IP range for this DBM rule DBMSetting Example The maximum DBM IPs is 16 in the VRT 402N The user may set the DHCP releasing range from 192 168 2 30 to 192 168 1 45 and set those IP as DBM IP accordingly In...

Страница 49: ... associated in a port range forwarding rule When VRT 402N receives an external request to access any one of the configured external ports it will redirect the request to the corresponding internal server and change its destination port to one of the internal ports specified Therefore if users do not wish for destination port to be changed for a request the internal port range should be left empty ...

Страница 50: ...e DMZ function Select Disable to disable DMZ function DMZ IP Address Enter the IP address of a particular host in your LAN which will receive all the packets originally going to the WAN port Public IP address above Configure Port Range Forwarding Settings following the instructions below Port Forwarding Select Enable Disable to enable disable Port Forwarding 50 ...

Страница 51: ... according to the 1st rule from the top of the list Rule Name Enter the name of the port forwarding rule Action Check Uncheck to enable disable this port forwarding rule External Interface Choose WAN1 or WAN2 as the External port forwarding interface Protocol Choose TCP UDP or TCP UDP for the rule to be applied External Port Range Set up the External Port Range for the rule to be applied Internal ...

Страница 52: ...w the following information Sequence Number Please key the number Rule Name Please key the Name Rule Enable Enable Disable the Rule External IP Address Please key the WAN Port IP address Mapped LAN IP Address Please key the LAN Port IP address 6 3 Stream VPN 52 ...

Страница 53: ...nstructions below RTSP Select Enable Disable to enable disable RTSP MMS Select Enable Disable to enable disable MMS Configure Video Conference Settings following the instructions below H 323 Select Enable Disable to enable disable H 323 Configure VPN Settings following the instructions below IPSec Pass through Select Enable Disable to enable disable IPSec Pass through PPTP Pass through Select Enab...

Страница 54: ...You will see the following screen Configure UPnP Settings following the instructions below UPnP Select Enable Disable to enable disable UPnP NAT PMP Select Enable Disable to enable disable NAT PMP UPnP Port Enter the number for UPnP port 54 ...

Страница 55: ...Chapter 7 Administrator 7 1 Management Click on Admin Management tab You will see the following screen 55 ...

Страница 56: ...ote Management Select Enable to enable Remote Management Select Disable to disable Remote Management Management Port HTTP port which users can connect to default port is 8080 Configure Configuration Settings based on the instructions listed below Configuration Export Click Export to save your current configuration settings in a file Default Configuration Restore Click Restore to recover the defaul...

Страница 57: ...57 ...

Страница 58: ...use to ARPing to ie LAN WAN Target Host Enter the MAC address to ARPing to Number of Packets Specify the number of the ARP request packets to send out ARPing Press the tab to start the ARPing actions Using the Trace Route tool based on the instructions listed below Interface Select the interface that use to ARPing to ie WAN1 WAN2 Target Host Enter the destination IP address domain name to trace Ho...

Страница 59: ...on You can choose from Automatic Asia Europe North America South America or Africa Time Zone Select Time Zone according to your location Daylight Saving Time has been calculated and included in the selection Periodic Synchronization Select Enable Disable to enable disable Periodic Synchronization Synchronization interval Select from Every Hour Every 6 Hours Every 12 Hours Every Day and Every Week ...

Страница 60: ...Router Click on Status Router tab You will see the following screen Router Information Model Name Product model name is shown Firmware Version The firmware version this device is running Current Time Current system time 60 ...

Страница 61: ...ssed which can be assigned to PCs connecting to the network Wireless Network Wireless Mode Access Point Wireless SSID SSID of this Wi Fi station Wireless Channel Wireless Channel in use default is 6 MAC Address MAC Address WAN MAC Address MAC Address Connection Type The current connection type PPPoE Static IP and DHCP IP Address WAN IP Address Subnet Mask Number of subnet mask Gateway IP address o...

Страница 62: ...ddress IP address which is assigned to this client MAC Address MAC address of this client Expiration Time The remaining time of the IP assignment 8 3 User Current Click on Status Current tab You will see the following screen 62 ...

Страница 63: ...IP Address IP address assigned by Static ARP matching MAC Address MAC address in the Static ARP matching ARP Type Static or dynamic 8 4 Log Click on Status Log tab You will see the following screen 63 ...

Страница 64: ...64 ...

Страница 65: ... your computer can get an IP address 6 If you did a firmware upgrade and this happens contact your dealer of purchase for help z Why I can t get connected to Internet 1 Call your Internet service provide and check if there s something wrong with their service 2 If you just can t connect to one or more website but you can still use other internet services please check URL Keyword filter 3 Try to re...

Страница 66: ...ess of the router 2 Password is case sensitive Make sure the Caps Lock light is not illuminated 3 If you really forget the password do a hard reset z Router become hot 1 This is not a malfunction if you can keep your hand on the router s case 2 If you smell something wrong or see the smoke coming out from router or A C power adapter please disconnect the router and A C power adapter from utility p...

Отзывы: