QNO QVF8034 Скачать руководство пользователя страница 129

Страница: 129 / 209

2WAN 4LAN SMB Multi-WAN VPN QoS Router

123

Remote Group Setup

Remote

Security

client Type

：

This setting offers three operation modes, which are:

Domain Name (FQDN)

E-mail Address (USER FQDN)

Microsoft XP/2000 VPN Client

(1) Domain Name(FQDN)

If users select Domain Name type, please enter the domain

name to be authenticated. FQDN refers to the combination

of host name and domain name that are available on the

Internet (i.e. vpn.Server.com).The domain name must be

identical to the status setting of the client end to establish

successful connection.

(2) E-mail Addr. (USER FQDN)

If users select this option, only filling in the E-mail address

allows access to this tunnel.

(3) Microsoft XP/2000 VPN Client

If users select XP/2000 VPN Client end status, users don't

need to do extra settings.

Содержание QVF8034

Страница 1: ...English User s Manual 2WAN 4LAN SMB Multi WAN VPN QoS Router...

Страница 2: ...cted by copyright of our country clauses of international copyright and other regulations of intellectual property When the user copies the Manual this statement of intellectual property must also be...

Страница 3: ...and or distributors hereby declares that no liability will be born for any guarantee and condition of the corresponding information The guarantee and condition include tacit guarantee and condition a...

Страница 4: ...Status 12 5 1 2 Physical Port Status 13 5 1 3 System Information 14 5 1 4 Firewall Status 15 5 1 5 VPN Status 16 5 1 6 Log Setting Status 16 5 2 Change and Set Login Password and Time 16 5 2 1 Passwor...

Страница 5: ...splay All VPN Summary 93 10 1 2 Add a New VPN Tunnel 97 10 1 3 PPTP Setting 126 10 1 4 VPN Pass Through 128 10 2 QnoKey 130 10 2 1 QnoKey Summary 130 10 2 2 Qnokey Group Setup 131 10 2 3 Qnokey Accoun...

Страница 6: ...g Backup 166 13 4 SNMP 167 13 5 System Recover 169 XIV Log 171 14 1 System Log 171 14 2 System Statistic 177 14 3 Traffic Statistic 178 14 4 IP Port Statistic 181 XV Log out 184 Appendix I User Interf...

Страница 7: ...rnet connectability for the broadband market Router has the function of VPN virtual network connection It is equipped with a virtual private network hardware acceleration mode including IPSec DES 3DES...

Страница 8: ...nication between all offices and branches of an organization It helps to free enterprises from increasing hacker intrusion With an exclusive independent operation platform users are able to set up and...

Страница 9: ...ers the function of a standard PPTP server which is equipped with connection setting status Each WAN port can be set up with multiple DDNS at the same time It is also capable of establishing VPN conne...

Страница 10: ...management and maintenance making the user network settings be done at one time The main process is as below 1 Hardware installation 2 Login 3 Verify device specification and set up password and time...

Страница 11: ...nize the Router time with WAN 4 Set WAN connection Verify WAN connection setting bandwidth allocation and protocol binding Connect to WAN Configure bandwidth to optimize data transmission 5 Set LAN co...

Страница 12: ...Mode multiple WAN IP DDNS and MAC Clone DMZ Forwarding UpnP Routing Mode multiple WAN IP DDNS and MAC Clone 9 Management and maintenance settings Syslog SNMP and configuration backup Monitor Router w...

Страница 13: ...on Ethernet is running at 100Mbps Green LED off Ethernet is running at 10Mbps Connect Green Green LED on WAN is connected and gets the IP address Reset Action Description Press Reset Button For 5 Secs...

Страница 14: ...using damage or danger Each Router comes with a set of rack installation accessories including 2 L shaped brackets and 8 screws Users can rack mount the device onto the chassis Please refer to the fig...

Страница 15: ...router to connect to the Internet LAN Connection The LAN port can be connected to a Switching Hub or directly to a PC Users can use servers for monitoring or filtering through the port after Physical...

Страница 16: ...ter cmd to commend DOS and enter ipconfig for getting Default Gateway address as the graphic below 192 168 1 1 Make sure Default Gateway is also the default IP address of Router Attention When not get...

Страница 17: ...login password in the setting later Attention For security we strongly suggest that users must change password after login Please keep the password safe or you can not login to Router Press Reset but...

Страница 18: ...ted for users reference 5 1 1 WAN Status IP Address Indicates the current IP configuration for WAN port Default Gateway Indicates current WAN gateway IP address from ISP DNS Server Indicates the curre...

Страница 19: ...tion such as PPPoE or PPTP is selected Disconnect and Connect will appear DMZ IP Address Indicates the current DMZ IP address 5 1 2 Physical Port Status The status of all system ports including each c...

Страница 20: ...X iniferface WAN LAN DMZ link status Up Down physical port status Port Enabled Port Disabled priority high or normal speed status 10Mbps or 100Mbps duplex status Half Full auto negotiation Enabled or...

Страница 21: ...resent time Please note To have the correct time users must synchronize the device with the remote NTP server first 5 1 4 Firewall Status SPI Stateful Packet Inspection Indicates whether SPI Stateful...

Страница 22: ...Network PPTP Server Indicates if PPTP server is enabled 5 1 6 Log Setting Status Syslog Server Indicates if Syslog Server is Enabled or Disabled E mail Alert Indicates if Email Alert is Enabled or Di...

Страница 23: ...New Password Input the new password again for verification Apply Click Apply to save the configuration Cancel Click Cancel to leave without making any change This action will be effective before Apply...

Страница 24: ...me Daylight Saving If there is Daylight Saving Time in your area input the date range The device will adjust the time for the Daylight Saving period automatically External NTP Server If you have your...

Страница 25: ...Multi WAN VPN QoS Router 19 After the changes are completed click Apply to save the configuration Click Cancel to leave without making any change This action will be effective before Apply to save the...

Страница 26: ...contains the basic settings For most users completing this general setting is enough for connecting with the Internet However some users need advanced information from their ISP Please refer to the fo...

Страница 27: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 21 6 1 1 Host Name and Domain Name...

Страница 28: ...uire it 6 1 2 LAN Setting This is configuration information for the device current LAN IP address The default configuration is 192 168 1 1 and the default Subnet Mask is 255 255 255 0 It can be change...

Страница 29: ...Intranet the Internet is still accessible without making any changes to internal PCs Users can make changes according to their actual network structure 6 1 3 WAN DMZ Settings WAN Setting Interface An...

Страница 30: ...an IP address automatically If having a different connection mode please refer to the following introduction for selection of appropriate configurations Users can also set up their own DNS IP address...

Страница 31: ...ule for disconnection of this WAN service Line Dropped Scheduling Input how long the WAN service may be disconnected before the newly added connections should go through another WAN to connect with th...

Страница 32: ...55 255 248 Issued 16 static IP addresses 255 255 255 240 Default Gateway Input the default gateway issued by ISP For ADSL users it is usually an ATU R IP address As for optical fiber users please inpu...

Страница 33: ...ction can be minimized Line Dropped Period Input the time rule for the disconnection of this WAN service Line Dropped Scheduling Input how long the WAN service may be disconnected before the newly add...

Страница 34: ...th the Internet the device will automatically make a dial connection If the line has been idle for a period of time the system will break the connection automatically The default time for automatic br...

Страница 35: ...n be minimized Line Dropped Period Input the time rule for the disconnection of this WAN service Line Dropped Scheduling Input how long the WAN service may be disconnected before the newly added conne...

Страница 36: ...ovided by the ISP when the PC is installed Contact ISP for relevant information Subnet Mask Input the subnet mask of the static IP address issued by ISP such as Issued eight static IP addresses 255 25...

Страница 37: ...on for WAN connection service For example the optical fiber service will be disconnected from 0 00 am to 6 00 am Although there is a standby system in the device at the moment of WAN disconnection all...

Страница 38: ...without making any changes Transparent Bridge If all Intranet IP addresses are applied as Internet IP addresses and users don t want to substitute private network IP addresses for all Intranet IP addr...

Страница 39: ...255 240 Default Gateway Address Input the default gateway of the static IP address issued by ISP For ADSL users it is usually an ATU R IP address DNS Server Input the DNS IP address set by ISP At leas...

Страница 40: ...be minimized Line Dropped Period Input the time rule for the disconnection of this WAN service Line Dropped Scheduling Input how long the WAN service may be disconnected before the newly added connec...

Страница 41: ...dvanced configuration modification Click Edit to enter the advanced configuration page The DMZ configuration can be classified by Subnet and Range Subnet The DMZ and WAN located in different Subnets F...

Страница 42: ...ections to achieve load balancing for external connections The network bandwidth is set by what users input for it For example if the upload bandwidth of both WANs is 512Kbit sec the automatic load ra...

Страница 43: ...ddresses or servers that are configured in the connection rule will follow the rule for external connections those which are not configured in the rule will still follow the device Auto Load Balance s...

Страница 44: ...document importation has been selected click Import and then at the bottom of the configuration window click Apply The device will then dispatch the traffic to the assigned destination IP through the...

Страница 45: ...other words traffic to that destination IP will be transmitted through the WAN or WAN group under China Netcom strategy 6 2 2 Network Detection Service This is a detection system for network external...

Страница 46: ...tart When Fail 1 Generate the Error Condition in the System Log If an ISP connection failure is detected an error message will be recorded in the System Log This line will not be removed therefore the...

Страница 47: ...The local default communication gateway location such as the IP address of an ADSL router will be input automatically by the device Therefore users just need to check the option if this function is ne...

Страница 48: ...Balance mode is selected the device will select sessions or IP and the WAN bandwidth will automatically allocate connections to achieve load balancing for external connections The network bandwidth is...

Страница 49: ...other words the first WAN WAN1 cannot be configured with the Protocol Binding rule This is to avoid a condition where all WANs are assigned to specific Intranet IP or Service Ports and destination IP...

Страница 50: ...be restricted to WAN1 the external static IP address 210 1 1 1 210 1 1 1 should be input If a range of destinations is to be assigned input the range such as 210 11 1 1 210 11 255 254 This means the...

Страница 51: ...ollowing figure will be displayed Users can choose to sort the list by priorities or by interface Click Refresh and the page will be refreshed click Close and the dialogue box will be closed Add or Re...

Страница 52: ...ket format such as TCP or UDP for the Service Ports users want to activate Port range In the boxes input the range of Service Ports users want to add Add To List Click the button to add the configurat...

Страница 53: ...rts or assign specific destination IP addresses to a WAN user choose for external connections Example 1 How do I set up Auto Load Balance Mode to assign the Intranet IP 192 168 1 100 to WAN2 for the I...

Страница 54: ...n the figure below select HTTP TCP 80 80 from the pull down option list Service and then in the boxes for Source IP input 192 168 1 150 to 200 Retain the original numbers 0 0 0 0 in the boxes of Desti...

Страница 55: ...etain the original numbers 0 0 0 0 in the boxes of Destination IP Which means to include all Internet IP addresses Select WAN2 from the pull down option list Interface and then click Enable Finally cl...

Страница 56: ...s or to specific destination Service Ports and to specific destination IP addresses through an assigned WAN to the Internet After being assigned the specific WAN will only support those assigned Intra...

Страница 57: ...ace and then click Enable Finally click Add New and the rule will be added to the mode After the rule is set up only packets that go to Port 80 will be transmitted through WAN2 while other traffics wi...

Страница 58: ...d New and the rule will be added to the mode The second rule Select All Port TCP UDP 1 65535 from the pull down option list Service and then in the boxes of Source IP input 192 168 1 0 0 which means t...

Страница 59: ...by choosing the number of ports speed priority and duplex and enable disable the auto negotiation feature for connection setting of each port Mirror Port Users can configure LAN 1 as mirror port by c...

Страница 60: ...nd 100Mbps Duplex Status This feature allows users to select the network hardware connection speed working mode for the Ethernet The options are full duplex and half duplex Auto Neg The Auto Negotiati...

Страница 61: ...for the intranet so that all VLAN group can visit this server Set one of the network ports as VLAN All Connect the server to VLAN All so that computers of different VLAN groups can be connected to thi...

Страница 62: ...ps Duplex Status half duplex or full duplex Auto Neg Enabled Disabled and VLAN Statistics The packet data of this specific port will be displayed Data include receive transmit packet count receive tra...

Страница 63: ...DHCP service in NT servers It benefits users by freeing them from the inconvenience of recording and configuring IP addresses for each PC respectively When a computer is turned on it will acquire an...

Страница 64: ...he lease from this IP The default initial IP is 192 168 1 100 DNS Domain Name Service This is for checking the DNS from which an IP address has been leased to a PC port Input the IP address of this se...

Страница 65: ...Available The amount of IP still available in the DHCP server Total IP The total IP which the DHCP server is configured to lease Host Name The name of the current computer IP Address The IP address ac...

Страница 66: ...Binding function to make sure that users can not add extra PCs for Internet access or change private IP addresses There are two methods for setting up this function Block MAC address not on the list...

Страница 67: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 61 Internet access When this method is applied please fill out Static IP with 0 0 0 0 as the figure below IP MAC Binding...

Страница 68: ...0 in the boxes The boxes cannot be left empty 2 If users want DHCP to assign a static IP for a PC every single time users should input the IP address users want to assign to this computer in the boxe...

Страница 69: ...how New IP user This function can reduce administrator s effort on checking MAC addresses one by one for the binding Furthermore it is easy to make mistakes to fill out MAC addresses on the list manua...

Страница 70: ...d of configuring each IP respectively which takes more time and is more prone to error IP Group Select a group to which the modification is to be made Add Group Click Add Group to crate a new IP group...

Страница 71: ...to specific applications or services and also to enable other users to share bandwidth as well as to ensure stable and reliable network transmission To maximize the bandwidth efficiency network admin...

Страница 72: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 66 8 1 1 The Maximum Bandwidth provided by ISP...

Страница 73: ...upstream bandwidth for each IP would be 1024Kbit 50 20Kbit Sec Thus 20Kbit Sec can be input for Mini Rate Downstream bandwidth can be calculated in the same way Attention The unit of calculation in t...

Страница 74: ...lection or multiple selections Service Port Select what bandwidth control is to be configured in the QoS rule If the bandwidth for all services of each IP is to be controlled select All TCP UDP 1 6553...

Страница 75: ...rver for external connection has been built in the device this option is to control the bandwidth for the traffic coming from outside to this Server Server in LAN Downstream If there are web sites bui...

Страница 76: ...ccupy too much bandwidth users can select the Share Bandwidth Mode so that no matter how much users use FTPs to download information the total occupied bandwidth is fixed Enable Activate the rule Add...

Страница 77: ...th as 60 the highest and 10 the lowest If you set the service port 80 as High priority the router will give 60 bandwidth to the port 80 In the other hand if you give the port 21 as Low priority the de...

Страница 78: ...y Internet caf s This rule can be used to control the bandwidth for connections from outside to the game server of a caf to update data In this way game players inside the caf will not be affected Pri...

Страница 79: ...Control function Single IP cannot exceed __ session This option enables the restriction of maximum external sessions to each Intranet PC When the number of external sessions reaches the limit to allow...

Страница 80: ...this user is connected with will be removed and the user will not be able to connect with the Internet for five minutes New connections cannot be made until the delay time ends Scheduling If Always is...

Страница 81: ...rule Add to list Add this rule to the list Delete selected item Remove the rules selected from the Service List Apply Click Apply to save the configuration Cancel Click Cancel to leave without making...

Страница 82: ...ed maximum threshold Each IP s downstream bandwidth threshold for all WAN Input the allowed maximum threshold If any IP s bandwidth is over maximum threshold its maximum bandwidth will remain WAN1 __k...

Страница 83: ...AN 4LAN SMB Multi WAN VPN QoS Router 77 Applied Time If Always is selected the rule will be executed around the clock If From is selected the rule will be executed according to the configured time ran...

Страница 84: ...settings to ensure network security 9 1 General Policy The firewall is enabled by default If the firewall is set as disabled features such as SPI DoS and outbound packet responses will be turned off a...

Страница 85: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 79 Firewall This feature allows users to turn on off the firewall...

Страница 86: ...value is set as activated in order to decline the outbound responses Remote Management To enter the device web based UI by connecting to the remote Internet this feature must be activated In the fiel...

Страница 87: ...shold value and the blocking duration to effectively deal with external attack The threshold value should be adjusted from high to low LAN Threshold When all packet values from internal attack or from...

Страница 88: ...ress into the trust domain and it will not block items such as Java ActiveX Cookies contained in the web pages from the trust domains Apply Click Apply to save the configuration Cancel Click Cancel to...

Страница 89: ...LAN SMB Multi WAN VPN QoS Router 83 In addition if Blocked QQ is activated users can set the exempted QQ number list Press Exempted QQ Number button and enter the QQ number into the exempted QQ number...

Страница 90: ...te selected item Delete the selected rule in the list 9 3 Access Rule Users may turn on off the setting to permit or forbid any packet to access internet Users may select to set different network acce...

Страница 91: ...affic from the WAN to the LAN is denied by default All traffic from the LAN to the DMZ is allowed by default All traffic from the DMZ to the LAN is denied by default All traffic from the WAN to the DM...

Страница 92: ...ority of each network access rule The device will follow the rule priorities one by one so please make sure the priority for all the rules can suit the setting rules Edit Define the network access rul...

Страница 93: ...rvice Port Management If the service that users wish to manage does not exist in the drop down menu press Service Management to add the new service From the pop up window enter a service name and comm...

Страница 94: ...ned time Apply this rule Select Always to apply the rule on a round the clock basis If From is selected the activation time is introduced as below to This control rule has time limitation The setting...

Страница 95: ...bsite such as www sex com to have it blocked Domain Name Enter the websites to be controlled such as www playboy com Add to list Click Add to list to create a new website to be controlled Delete selec...

Страница 96: ...for English keyword Enter keywords Add to List Add this new service item content to the list Delete selected item Delete the service item content from the list Apply Click Apply to save the modified...

Страница 97: ...to list Delete selected item Users can select one or more rules and click to delete Content Filter Scheduling Select Always to apply the rule on a round the clock basis Select from and the operation w...

Страница 98: ...t from and the operation will run according to the defined time to Select Always to apply the rule on a round the clock basis If From is selected the activation time is introduced as below Day Control...

Страница 99: ...93 X VPN Virtual Private Network 10 1 VPN 10 1 1 Display All VPN Summary This VPN Summary displays the real time data with regard to VPN status These data include all tunnel numbers PPTP IPSec QnoKey...

Страница 100: ...Through Advanced setting users may adjust the tunnel number of IPSec and QnoKey This shows how many VPN tunnels are in use or available Detail Push this button to display the following information wit...

Страница 101: ...tunnel page Or users can select the page number directly to view all VPN tunnel statuses such as 3 5 10 20 or All Tunnel No To set the embedded VPN feature please select the tunnel number It supports...

Страница 102: ...h Gro up Displays settings such as encryption DES 3DES authentication MD5 SHA1 and Group 1 2 5 If users select Manual setting for IPSec Phase 2 DH group will not display Local Group Displays the setti...

Страница 103: ...this group for remote VPN Connection secure group setting Remote Client Status Click on Detail List and more information such as Group Name IP address and the connection time will be displayed Contro...

Страница 104: ...SMB Multi WAN VPN QoS Router 98 Gateway to Gateway Click Add to enter the setting page of Gateway to Gateway Client to Gateway Click Add to enter the setting page of Client to Gateway Gateway to Gatew...

Страница 105: ...tunnel can thus be successfully enabled Interface From the pull down menu users can select the Interface for this VPN tunnel Enabled Click to activate the VPN tunnel This option is set to activate by...

Страница 106: ...DN refers to the combination of host name and domain name and can be retrieved from the Internet i e vpn server com This IP address and domain name must be identical to those of the VPN secure gateway...

Страница 107: ...or VPN connection the device will start authentication and respond to VPN tunnel connection If users select this option to link to VPN enter E Mail address to the empty field for E Mail authentication...

Страница 108: ...his VPN tunnel is connected computers with the IP address of 192 168 1 0 254 can establish connection Remote Group Setup This remote gateway authentication type Remote Security Gateway Type must be id...

Страница 109: ...P address will be displayed under the remote gateway of Summary Or users can choose IP by Multiple DNS Resolved and IP address can be translated through DNS When users finish the setting the correspon...

Страница 110: ...layed under the remote gateway of Summary Or users can choose IP by Multiple DNS Resolved and IP address can be translated through DNS When users finish the setting the corresponding IP address will b...

Страница 111: ...ish the setting the corresponding IP address will be displayed under the remote gateway of Summary 4 Dynamic IP Domain Name FQDN Authentication If users use dynamic IP address to connect with the devi...

Страница 112: ...his VPN tunnel is connected computers with the IP address of 192 168 2 1 can establish connection 2 Subnet This option allows local computers in this subnet can be connected to the VPN tunnel Referenc...

Страница 113: ...ides the following two encrypted Key Managements They are Manual and IKE automatic encryption mode IKE with Preshared Key automatic By using the drop down menu select the desired encryption mode as il...

Страница 114: ...to activate the PFS function of the VPN device and the VPN Client as well Phase 1 Phase 2 DH Group This option allows users to select Diffie Hellman groups Group 1 Group 2 Group 5 Phase 1 Phase 2 Encr...

Страница 115: ...of Pre shared Key the example here is set as test and the system will automatically translate what users entered as exchange password and authentication mechanism during the VPN tunnel connection This...

Страница 116: ...d to enhance the security control if dynamic IP is used for connection Use IP Header Compression Protocol If this option is selected in the connected VPN tunnel the device supports IP Payload Compress...

Страница 117: ...y a group of clients the individual setting for remote clients can be reduced Only one tunnel will be set and used by a group of clients which allows easy setting 1 Situation in Tunnel Tunnel No Set t...

Страница 118: ...Addr USER FQDN Authentication Dynamic IP address Email address name 1 IP only If users decide to use IP only entering the IP address is the only way to gain access to this tunnel The WAN IP address w...

Страница 119: ...PN If the remote VPN gateway requires connection to the device for VPN connection this device will start authentication and respond to this VPN tunnel connection if users select this option to link to...

Страница 120: ...nnected computers with the IP address of 192 168 1 0 can establish connection 5 Subnet This option allows local computers in this subnet to be connected to the VPN tunnel Reference When this VPN tunne...

Страница 121: ...ay authentication type comes with five operation modes which are IP only IP Domain Name FQDN Authentication IP E mail Addr USER FQDN Authentication Dynamic IP Domain Name FQDN Authentication Dynamic I...

Страница 122: ...ntication If users select IP address and E mail enter the IP address and E mail address to gain access to this tunnel and the WAN IP address will be automatically filled into this space Users don t ne...

Страница 123: ...Mail authentication IPSec Setup If there is any encryption mechanism the encryption mechanism of these two VPN tunnels must be identical in order to create connection And the transmission data must b...

Страница 124: ...hen PFS is enabled hackers using brute force to capture the key will not be able to get the Phase 2 key in such a short period of time Perfect Forward Secrecy When users check the PFS option don t for...

Страница 125: ...valid time of the VPN connection so as to guarantee security Preshared Key For the Auto IKE option enter a password of any digit or characters in the text of Pre shared Key the example here is set as...

Страница 126: ...eration mode The connection is the same to most of the VPN devices Aggressive Mode This mode is mostly adopted by remote devices The IP connection is designed to enhance the security control if dynami...

Страница 127: ...nsmission time for each DPD message packet and the default value is 10 seconds Situation in Group VPN Group No Two Group VPN settings at most Group Name Displays the current VPN tunnel connection name...

Страница 128: ...el is connected computers with the IP address of 192 168 1 0 can establish connection 8 Subnet This option allows local computers in this subnet can be connected to the VPN tunnel Reference When this...

Страница 129: ...main name to be authenticated FQDN refers to the combination of host name and domain name that are available on the Internet i e vpn Server com The domain name must be identical to the status setting...

Страница 130: ...types of encryption management modes Manual and IKE automatic encryption mode IKE with Preshared Key automatic If the Group VPN is selected or the dynamic IP address of the Remote Security Gateway Ty...

Страница 131: ...Phase1 SA Life Time The life time for this exchange code is 28800 seconds or 8 hours by default This allows the automatic generation of other exchange passwords within the valid time of the VPN connec...

Страница 132: ...c IP address AH Hash Calculation For AH Authentication Header users may select MD5 DSHA 1 NetBIOS Broadcast If this option is selected the connected VPN tunnel allows the passage of NetBIOS broadcast...

Страница 133: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 127 Enabled PPTP Server When this option is selected the point to point tunnel protocol PPTP server can be enabled...

Страница 134: ...t field Enter Range End Enter the value into the last field Username Please enter the name of the remote user Password Confirm Password Enter the password and confirm again by entering the new passwor...

Страница 135: ...ource port the second connection needs to change source port from UDP 500 to the other random port If choosing Fixed Source Port the second connection will still keep the connection with UDP 500 PPTP...

Страница 136: ...splay the page that summarizes the current status information of QnoKey as illustrated below QnoKey Tunnel Number Displays how many tunnels are applied and the total tunnel number of QnoKey tunnel Thr...

Страница 137: ...using QnoKey Show Table Displays the list of all QnoKey users Delete Deletes one user name group setting rule Go to page Goes to the page where summarized information is needed Entries per page Each s...

Страница 138: ...rt to make connection facilitating management If WAN1 is selected QnoKey group users can connect through only WAN1 If both WAN 1and WAN 2 are selected QnoKey group users are allowed to make connection...

Страница 139: ...Key and Lock Key Setting this feature on QnoKey can enhance VPN security Select Do Nothing to do no change after the Key is lost Select Clear Key to clean up the QnoKey settings when the VPN connecti...

Страница 140: ...Account List Click Show List to show the Account List page applying this rule Group Account ID Displays the group ID to which the user belongs to Enabled Click this option to activate QnoKey user QnoK...

Страница 141: ...s device provides three major convenient functions 1 Smart Link IPSec VPN Easy VPN setup replaces the conventional complicated VPN setup process by entering Server IP User Name and Password 2 Central...

Страница 142: ...her English or Chinese Password Confirm Password Must be identical to that of the remote client end Please enter the password and confirm again IP Address Subnet Mask Refers to the specific network IP...

Страница 143: ...ave the network setting or push Cancel to keep the settings unchanged 10 3 2 QVM Status Account Displays the remote client user Green means connection blue waiting for connection and red for QVM disco...

Страница 144: ...on Disconnect and Disable this feature Enable this QVM to enter the status of waiting for connection Config Click Edit to enter the setting items to be changed 10 3 3 QVM Client Settings Select QVM fe...

Страница 145: ...at most 3 backup IP addresses or domain names for backup Once the connection is dropped the function will be automatically enabled to backup the VPN connection and ensure data transition security Adv...

Страница 146: ...dual broadband connection As the result the linking problem between different ISP networks will be solved As the figure showed above Caf A has only one ISP service Because of narrow bandwidth between...

Страница 147: ...Caf A want to access to another ISP network the link speed won t be restricted 11 1 Virtual Route Server PPTP Server The Chapter introduces how to configure a Virtue Route server Virtue Route builds P...

Страница 148: ...P Range Please enter PPTP IP address range so as to provide the remote users with an entrance IP into the local network Enter Range Start Enter the value into the last field Enter Range End Enter the...

Страница 149: ...nd PPTP address 11 2 Virtual Route Client Enabled To activate the function Binding Interface To select which WAN port is bound WAN1 WAN2 Binding Network To select the binding network Netcome or Self D...

Страница 150: ...dows system Follow the text format in the figure below to key in the destination IPs users want to assign For example if the destination IP address range users want to designate is 140 115 1 1 140 115...

Страница 151: ...Notepad which is included with Windows system For example if the destination port users want to designate is TCP 3724 3724 key in TCP 3724 3724 in Notepad The next destination port should be keyed in...

Страница 152: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 146...

Страница 153: ...device actual WAN IP addresses directly to the Intranet virtual IP addresses as follows If the DMZ Host function is selected to cancel this function users must input 0 in the following DMZ Private IP...

Страница 154: ...et up in the configuration this web page will be accessible from the Internet by keying in the device actual IP address such as http 211 243 220 43 At this moment the device actual IP will be converte...

Страница 155: ...nt Service Port Management The services in the list mentioned above are frequently used services If the service users want to activate is not in the list we recommend that users use Service Port Manag...

Страница 156: ...elected item To remove the selected services Apply Click the Apply button to save the modification Cancel Click the Cancel button to cancel the modification This only works before Apply is clicked Clo...

Страница 157: ...o the device Such as 2004 2005 Add to list Add the service to the active service list Delete selected item Remove selected services Show Table Click to show all the setting in the list Apply Click the...

Страница 158: ...or name that maps with UPnP such as 192 168 1 100 Enabled Activate this function Service Port Management Add or remove service ports from the management list Add to List Add to active service content...

Страница 159: ...tion of Routing Information Protocol is RIP There are two kinds of RIP in the IP environment RIP I and RIP II Since there is usually only one router in a network ordinarily just Static Routing will be...

Страница 160: ...function Receive RIP versions Use Up Down button to select one of None RIPv1 RIPv2 Both RIPv1 and v2 as the TX function for transmitting dynamic RIP Transmit RIP versions Use Up Down button to select...

Страница 161: ...count for the IP If there are two routers under the device users should input 2 for the router layer the default is 1 Max is 15 Interface This is to select WAN port or LAN port for network connection...

Страница 162: ...resses For example if there are more than 2 web servers requiring public IP addresses administrators can map several public IP addresses directly to internal private IP addresses Example Users have fi...

Страница 163: ...Internet One to One NAT function Range Length The numbers of final IP addresses of actual Internet IP addresses Please do not include IP addresses in use by WANs Add to List Add this configuration to...

Страница 164: ...ddresses and for dynamic IP remote control For example the actual IP address of an ADSL PPPoE time based system or the actual IP of a cable modem will be changed from time to time To overcome this pro...

Страница 165: ...address such as abc qnoddns org cn as a user name for QnoDDNS Password The password which is set up for DDNS Dynamic Domain Name Input the website address which has been applied from DDNS Examples are...

Страница 166: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 160 Register for Qno DDNS 1 Please go to Qno website and register the product at http www qno cn en register...

Страница 167: ...re to input an available e mail address so that the password sent from the system to activate QnoDDNS service can be received after the domain name registration 3 Rules for Applying a Domain Name The...

Страница 168: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 162...

Страница 169: ...ut the network card physical address MAC address 00 xx xx xx xx xx here The device will adopt this MAC address when requesting IP address from ISP Select the WAN port to which the configuration is to...

Страница 170: ...is in Chapter 5 2 13 1 Diagnostic The device provides a simple online network diagnostic tool to help users troubleshoot network related problems This tool includes DNS Name Lookup Domain Name Inquir...

Страница 171: ...to start the test The result will be displayed on this screen 13 2 Firmware Upgrade Users may directly upgrade the device firmware on the Firmware Upgrade page Please confirm all information about the...

Страница 172: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 166 13 3 Setting Backup...

Страница 173: ...ackup all parameter settings Click Export and select the location to save the config exp file 13 4 SNMP Simple Network Management Protocol SNMP refers to network management communications protocol and...

Страница 174: ...ystem Location Define the location of the device i e Taipei Get Community Name Set the name of the group or community that can view the device SNMP data The default setting is Public Set Community Nam...

Страница 175: ...t computer Apply Press Apply to save the settings Cancel Press Cancel to keep the settings unchanged 13 5 System Recover Users can restart the device with System Recover button Restart As the figure b...

Страница 176: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 170 Return to Factory Default Setting If clicking Return to Factory Default Setting the dialog block will pop out if the device will return to factory default...

Страница 177: ...XIV Log From the log management and look up we can see the relevant operation status which is convenient for us to facilitate the setup and operation 14 1 System Log Its system log offers three optio...

Страница 178: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 172 System Log Enabled If this option is selected the System Log feature will be enabled...

Страница 179: ...nd type To apply this feature enter the system log server name or the IP address into the empty system log server field E mail Alert Enabled If this option is selected E mail Warning will be enabled M...

Страница 180: ...ssing this button Log Setting Alert Log The device provides the following warning message Click to activate these features Syn Flooding IP Spoofing Win Nuke Ping of Death Unauthorized Login Attempt Sy...

Страница 181: ...oE and so on Deny Policies If remote users fail to enter the system because of the access rules for instance message will be recorded in the system log Allow Policies If remote users enter the system...

Страница 182: ...o the Internet This log includes LAN IP destination IP and service port that is applied It is illustrated as below Incoming Packet Log View system packet log of those entering the firewall The log inc...

Страница 183: ...current operation information such as port location device name current WAN link status IP address MAC address subnet mask default gateway DNS number of received sent total packets number of received...

Страница 184: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 178 14 3 Traffic Statistic Six messages will be displayed on the Traffic Statistic page to provide better traffic management and control...

Страница 185: ...i WAN VPN QoS Router 179 By Inbound IP Address The figure displays the source IP address bytes per second and percentage By outbound IP Address The figure displays the source IP address bytes per seco...

Страница 186: ...180 By Outbound Port The figure displays the network protocol type destination IP address bytes per second and percentage By Inbound Port The figure displays the network protocol type destination IP a...

Страница 187: ...ministrators to inquire a specific IP or from a specific port about the addresses that this IP had visited or the users source IP who used this service port This facilitates the identification of webs...

Страница 188: ...address that users want to inquire and then the entire destination IP connected to remote devices as well as the number of ports will be displayed Specific Port Status Enter the service port number i...

Страница 189: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 183...

Страница 190: ...Router 184 XV Log out On the top right corner of the web based UI there is a Logout button Click on it to log out of the web based UI To enter next time open the Web browser and enter the IP address u...

Страница 191: ...an find how to setup quickly and understand the Router capability at the same time Router overall interface is as below Category Sub category Chapter Home V Device Spec Verification Status Display and...

Страница 192: ...ced Function XI Advanced Setting DMZ Forwarding 11 1 DMZ Host Port Range Forwarding UPnP 11 2 UPnP Universal Plug and Play Routing 11 3 Routing One to One NAT 11 4 One to One NAT DDNS 11 5 DDNS MAC Cl...

Страница 193: ...PTP Setup PPTP Status 10 1 3 PPTP Status VPN Pass Through 10 1 4 VPN Pass Through QnoKey 10 2 QnoKey Summary 10 2 1 10 2 3 QnoKey Group and Client QVM VPN 10 3 QVM VPN QVM Setup 10 3 1 QVM VPN Server...

Страница 194: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 188 Appendix II Troubleshooting...

Страница 195: ...Router 189 1 Block BT Download To block BT and prevent downloading by users go to the Firewall Content Filter and select Enable Website Block by Keywords followed by the input of torrent This will pre...

Страница 196: ...es recently the internet transmission speed was brought down and the Session bulky increase result in the massive processing load of the device The following guides users to block this virus correspon...

Страница 197: ...2WAN 4LAN SMB Multi WAN VPN QoS Router 191 Use the same method to add UDP UDP135 139 and TCP 445 445 Ports c Enhance the priority level of these three to the highest...

Страница 198: ...tes to Qno products and provides users with solutions by introducing users how to set up the device a Log into the device web based UI and enter Firewall Access Rule b Click Add New Rule under Access...

Страница 199: ...essary specific time setting may be undertaken Click Apply to move to the next step c Input the following IP address in Dest IP with repeat operation 121 14 75 115 60 28 234 117 60 28 235 119 222 28 1...

Страница 200: ...ayers within the local network can be obtained Their account and information are stolen The following describes how to prevent such virus attack First let us get down to the definition of ARP Address...

Страница 201: ...in the shop experience temporal disconnection or failure of going online It can be resolved by restarting the device however the problem repeats shortly after Cafe Administrators can use arp a command...

Страница 202: ...Enter the ping 192 168 1 1 Gateway IP address as illustrated If there are cases of packet loss of the ping LAN IP and lf later there is connection it is possible that the system is attacked by ARP To...

Страница 203: ...s on the device end On every PC start or operate cmd to enter the dos operation Enter arp s 192 168 1 1 0a 0f d4 9e fb 0b so as to finish the binding of pc01 as illustrated For other host devices with...

Страница 204: ...o make a two way binding of the IP address and MAC address from both of the PC and device ends in order to carry out the prevention work However this is more complicated because the search for the IP...

Страница 205: ...not recommended because the inquiry of IP MAC addresses of all hosts creates heavy workload Another method to bind IP and MAC is more recommended because of easy operation reducing workload and time e...

Страница 206: ...MAC address corresponding to the PC are displayed Enter the Name of the computer and click on Enabled with the display of the icon and push the option on the top right corner of the screen to confirm...

Страница 207: ...ARP This can better shelter the network from being attacked 2 Cyber caf administrators should check the LAN virus install anti virus software Ginshan Virus Reixin must update the virus codes and condu...

Страница 208: ...es such management sharing as C and D Single device user can directly close Server service 7 Do not open QQ or the link messages sent by MSN online chatting tools in a causal manner Do not open or exe...

Страница 209: ...s bandwidth forum refer to the examples of the FTP server or contact the technical department of Qno s dealers as well as the Qno s Mainland technical center Qno Official Website http www Qno com tw...

Результаты поиска

Содержание QVF8034

Отзывы:

Похожие инструкции для QVF8034

Бренды по названию

Популярные бренды

QNO QVF8034, Руководство пользователя

Результаты поиска

Содержание QVF8034

Отзывы:

Похожие инструкции для QVF8034

Бренды по названию

Популярные бренды