background image

Содержание Barricade SMCBR 18VPN

Страница 1: ...i...

Страница 2: ...erformance merchantability or fitness for a particular purpose Information in this User Guide is subject to change without notice and does not represent a commitment on the part of SMC SMC assumes no...

Страница 3: ...ed compliance for example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly approved by the party responsible for complian...

Страница 4: ...particular attention to cords at plugs convenience receptacles and the point where they exit from the product Situate the product away from heat sources such as radiators heat registers stoves and ot...

Страница 5: ...Verifying Your TCP IP Connection 7 7 CONFIGURING YOUR BROADBAND VPN ROUTER 8 7 1 Browser Configuration 8 7 2 Web Management 8 7 3 Setup Wizard 9 7 4 Advanced Setup SYSTEM 16 7 5 Advanced Setup WAN 19...

Страница 6: ...DDNS Dynamic DNS 43 7 15 UPnP Universal Plug and Play 44 7 16 Tools 44 7 17 Status 45 8 IPSEC SETTINGS GUIDE FOR REFERENCE EXAMPLE ONLY 47 8 1 Tunnel between two SMCBR14VPN 47 8 1 1 Settings for Rout...

Страница 7: ...Explorer 5 0 or above or Netscape Communicator 4 0 or above installed on one PC at your site for configuring the router 2 Equipment Checklist After unpacking the Barricade VPN Cable DSL Broadband Rout...

Страница 8: ...our LAN accessible to Internet users User Defined Application Sensing Tunnel Lets you define the attributes to support special applications that require multiple connections like Internet gaming video...

Страница 9: ...evice M1 System status indicator Orange Blinking M1 is flashing once every second to indicate that the system has power Steady The WAN port is connected WAN Wan port activity Green Blinking The WAN po...

Страница 10: ...nnect an Ethernet cable from your computer s Ethernet port to one of the LAN ports of the router 2 Step WAN Connection Insert one end of the Ethernet cable into the WAN port on the back panel of your...

Страница 11: ...ck Protocol 5 Choose Internet Protocol TCP IP Click the OK button to return to the Network window 6 The TCP IP protocol will be listed in the Network window Click OK to complete the installation proce...

Страница 12: ...alog box window opens click the Properties button 4 In the Local Area Connection Properties box verify the box next to Internet Protocol TCP IP is checked Then highlight the Internet Protocol TCP IP a...

Страница 13: ...ping procedure can be executed in an MS DOS window First execute the ping command ping 192 168 2 1 If a message similar to the following appears Pinging 192 168 2 1 with 32 bytes of data Reply from 1...

Страница 14: ...your web browser is disabled This is so that your web browser will be able to view the Router configuration pages The following steps are for Internet Explorer and for Netscape Determine which browser...

Страница 15: ...er interface changes to the administrator configuration mode as shown in the following figures 7 3 Setup Wizard Time Zone After logging into the web management click on SETUP WIZARD on the top left na...

Страница 16: ...your ISP used the MAC address of an Ethernet card as an identifier when first setting up your broadband account only connect the PC with the registered MAC address to the Router and click the Clone MA...

Страница 17: ...the Internet connection is maintained during inactivity If the connection is inactive for longer than the Maximum Idle Time it will be dropped Default 10 Configure the Connect mode option to the desir...

Страница 18: ...he desired settings Always On Line signifies that the broadband router will maintain your Internet connection consistently and automatically connect to the Internet after any disconnection Manual Conn...

Страница 19: ...address subnet mask default gateway IP address user ID and password and L2TP Gateway Configure the Connect mode option to the desired settings Always On Line signifies that the broadband router will...

Страница 20: ...ring setting is most commonly used to optimize the communication quality between the ISP and your analog dial up modem If you are using the dial up modem as a backup Enable the Auto Backup Failover op...

Страница 21: ...15...

Страница 22: ...ed for the time date parental rules you can configure with the Barricade s Advanced Firewall This information is also used for your network logging Once you set you time zone you can automatically upd...

Страница 23: ...The default password for this account is password Remote Management Use this section to configure the remote management feature of your Barricade Router so the web management can be accessed from the...

Страница 24: ...The broadband router is also able to send the log files to a specific email address Simply enter the IP address of your mail server in the SMTP Server box enter the email addresses of the recipients...

Страница 25: ...our ISP If your ISP used the MAC address of an Ethernet card as an identifier when first setting up your broadband account only connect the PC with the registered MAC address to the Router and click t...

Страница 26: ...it will be dropped Default 10 Configure the Connect mode option to the desired settings Always On Line signifies that the broadband router will maintain your Internet connection consistently and auto...

Страница 27: ...tently and automatically connect to the Internet after any disconnection Manual Connect signifies that the broadband router will establish an Internet connection only when the administrator logs into...

Страница 28: ...password and L2TP Gateway Configure the Connect mode option to the desired settings Always On Line signifies that the broadband router will maintain your Internet connection consistently and automatic...

Страница 29: ...ation quality between the ISP and your analog dial up modem If you are using the dial up modem as a backup Enable the Auto Backup Failover option Configure the Connect mode option to the desired setti...

Страница 30: ...Hours Half Day One Day Two Days and Forever Forever signifies that there is no time limit on the IP address lease For the IP address pool a dynamic IP address range may be specified Default 192 168 2...

Страница 31: ...er s DHCP server to give out specific Primary and Secondary DNS Primary and Secondary WINS and an alternate Gateway in the event that the router is not the Internet gateway Clicking on the Client List...

Страница 32: ...invisible to the outside world However some of the hosts can be made accessible by enabling the Virtual Server mapping A virtual server is defined as a Service Port All requests to this port will be...

Страница 33: ...are connection oriented you will most likely need to select TCP For example FTP and HTTP are connection oriented services while DNS and many streaming radio servers are connectionless 7 7 2 Special Ap...

Страница 34: ...ne to one mapping of multiple global IP address and local IP address 7 8 Advanced Setup FIREWALL 7 8 1 Network Filters The VPN Broadband Router firewall includes comprehensive Outbound and Inbound Net...

Страница 35: ...by adding the prefix T or U Not adding a prefix implies all ports Each rule can be enabled or disabled 7 8 2 URL Blocking URL Blocking blocks LAN computers from accessing pre defined Websites The dif...

Страница 36: ...ked MAC Address This is the unique address of a specific client IP Address Expected IP address of the corresponding client You can keep this text field blank if you do not know the address The DHCP pu...

Страница 37: ...of services is enabled Use this section to configure up to 10 Schedule Rules to limit network access based on time and day To create a schedule rule click the Add Schedule Rule link below Enter a rul...

Страница 38: ...Discard Ping from WAN and PPTP and IPSec VPN Passthrough types When Discard Ping From WAN is enabled computers on the Internet will not get a reply back from the VPN Broadband Router when it is being...

Страница 39: ...Internet access by defining a Virtual DMZ Host 7 9 Advanced Setup VPN 7 9 1 IPSec Tunnel VPN settings are used to create virtual private tunnels to remote VPN gateways The tunnel technology supports d...

Страница 40: ...re button Click the More button to setup detailed configuration for Manual key or IKE methods There are three settings that must be configured to enable IKE for a dedicated tunnel Basic setup IKE prop...

Страница 41: ...lection of the IPSec proposals 7 9 2 IKE Proposal IKE Proposal index A list of selected proposal indexes from the IKE proposal pool The selected activity is performed when you select a proposal ID and...

Страница 42: ...IKE proposal can be selected for adding a corresponding proposal to the dedicated tunnel A total of ten proposals can be set in the proposal pool A maximum of four proposals from the pool can be appli...

Страница 43: ...seconds the value of life time represents the life time of the dedicated VPN tunnel between both end gateways Its value can range from 300 to 172 800 seconds If the value of the unit is KB the value o...

Страница 44: ...IP Setting the router functions as a Dynamic VPN server The Dynamic VPN server does not check the VPN client IP information this means that you can build a VPN tunnel with a VPN gateway from any remo...

Страница 45: ...int to Point Encryption MPPE are generated This does not occur when using PAP or CHAP PAP is a simple authentication protocol where the username and password data are both handled in a cleartext or un...

Страница 46: ...ts Enable SNMP You can check Local Remote or both options to enable the SNMP function o If Local is checked the router responds only to requests from the LAN o If Remote is checked the router responds...

Страница 47: ...nd dynamic routing functions RIPv1 is a protocol where the IP address is routed through the Internet RIPv2 is an enhanced version of RIP v1 with added features such as Authentication Routing Domain Ne...

Страница 48: ...d router remotely To use this feature the target network adapter must be Wake on LAN enabled and you have to know the MAC address of the adapter The address should look similar to this 00 11 22 33 44...

Страница 49: ...amic DNS Dynamic DNS provides users on the Internet a method to tie their domain name s to computers or servers DDNS allows your domain name to follow your IP address automatically by having your DNS...

Страница 50: ...appliances and wireless devices UPnP enables seamless proximity networking in addition to control and data transfer among networked devices in the home office and everywhere in between 7 16 Tools The...

Страница 51: ...creen to see the connection status for Barricade s WAN LAN interfaces firmware and hardware version numbers any illegal attempts to access your network as well as information on all DHCP client PCs cu...

Страница 52: ...46...

Страница 53: ...l Name select IKE or MANUAL for the method and click More Step 4 Local subnet value is the LAN SUBNET Step 5 Local netmask value is the LAN SUBNET MASK Step 6 Remote subnet value is the LAN SUBNET of...

Страница 54: ...Set the VPN settings as follows VPN Enable Max number of tunnels 2 ID 1 Tunnel Name 1 Method IKE When finished click More VPN Settings Tunnel 1 IKE 48...

Страница 55: ...l Netmask 255 255 255 0 Remote Subnet 192 168 1 0 Remote Netmask 255 255 255 0 Remote Gateway ip2 smc com Preshare Key mypresharedkey When finished save your settings 8 1 2 Settings for router 2 VPN R...

Страница 56: ...Set the VPN settings as follows VPN Enable Max number of tunnels 2 ID 1 Tunnel Name 1 Method IKE When finished click More VPN Settings Tunnel 1 IKE 50...

Страница 57: ...ings as follows Tunnel 1 1 Local Subnet 192 168 2 0 Local Netmask 255 255 255 0 Remote Subnet 192 168 1 0 Remote Netmask 255 255 255 0 Remote Gateway ip1 smc com Preshare Key mypresharedkey When finis...

Страница 58: ...i VPN Settings Tunnel 1 Set IKE Proposal Set the Tunnel 1 IKE Proposal settings as follows ID 1 Proposal Name 1 DH Group Group2 Encypt algorithm 3DES Auth algorithm SHA1 Life Time 10000 Life Time Unit...

Страница 59: ...C1 with IP 192 168 1 100 has access to PC2 with IP 192 168 2 100 8 2 Tunnel between a SMCBR14VPN and standalone client Alternatively a tunnel can be established between a PC and SMCBR14VPN The easiest...

Страница 60: ...remote VPN client to connect to the WAN IP of the router L2TP Microsoft uses an embedded L2TP IPSEC VPN implementation In order to use the Microsoft standard VPN client one has to disable the IPSEC o...

Страница 61: ...55 55...

Страница 62: ...e previous section and type ipconfig renew If you are still unable to get an IP Address from the Router reinstall your network adapter Please refer to your adapter manual for information on how to do...

Страница 63: ...PN or one of each it is imperative that you a Use the same pre shared key between two endpoints b Configuring matching IKE and IPSec proposals between two endpoints To successfully create IPSec or IKE...

Страница 64: ...S then click FIRMWARE UPGRADE and browse to the new firmware file Then click the BEGIN UPGRADE button to upload the firmware to the SMC Router Once this is completed be sure to reset the router to fac...

Страница 65: ...ls and L2TP tunnels can be created with the built in Windows VPN tools Although it is possible to use the built in IPSEC of Windows it is much easier to use IPSEC client programs There are advantages...

Страница 66: ...mitted LAN 4 port 4x Amber LED for 10Mbps connection 4x Green LED for 100Mbps connection Blinking LED when data is transmitted LAN 8 port 8x Amber LED for 10Mbps connection 8x Green LED for 100Mbps co...

Страница 67: ...Dynamic IP L2TP PPTP BigPond Static IP Input Power 5V 2A Operating Temperature 0 40o C Humidity 10 90 non condensing Compliances FCC CE VCCI UL 61...

Страница 68: ...bps and half full duplex and to detect the operational mode of the adjacent node Backbone The core infrastructure of a network The portion of the network that transports information from one central l...

Страница 69: ...one BSS is configured to become an Extended Service Set LAN mobile users can roam between different BSSs in an ESS ESS ID SSID Fast Ethernet NIC Network interface card that is in compliance with the...

Страница 70: ...such as TCP IP and NetBEUI The physical transmission of data is performed by the access method Ethernet Token Ring etc which is implemented in the network adapters that are plugged into the machines...

Страница 71: ...f secure data transmission originally created for dial up connections PPPoE is for Ethernet connections PPTP PPTP stands for Point to Point Tunneling Protocol It provides a means for tunneling IP traf...

Страница 72: ...and video traffic where lost packets are simply ignored because there is no time to retransmit If UDP is used and a reliable delivery is required packet sequence checking and error notification must b...

Страница 73: ...67...

Отзывы: