TRENDnet TEW-659BRN Скачать руководство пользователя страница 89

Страница: 89 / 97

TRENDnet User’s Guide

TEW-659BRV

user accounts. Your router supports an internal user account database for

XAUTH authentication in the IPsec main configuration page. For XAUTH

configuration between VPN endpoints, one endpoint must be configured as the

XAUTH Server and the other configured as the XAUTH client.

Note:

Your router

does not support external authentication to external servers such as a RADIUS

server.

•

Server –

Configures your VPN tunnel as the XAUTH Server.

•

Client –

Configures your VPN tunnel as the XAUTH Client. Enter your

Username

and

Password

for authentication.

If your VPN tunnel is configured as the XAUTH server, to configure the user account in

the internal authentication database, click on

Configuration

at the top of the page,

click

Security Setting

, then click on

VPN-IPsec

, and click on

XAUTH

at the bottom of the

page.

You can enter the user account information (Username, Password) for XAUTH.

For the IKE and IPsec proposals, you can select different

Encryption

and

Authentication

methods. You are also able to create a second IKE and IPsec proposal in case the first

proposal cannot be negotiated with the VPN endpoint, it will use the second proposal

defined.

•

Encryption –

Select the encryption method. You can choose between

DES

3DES

AES-128

AES-192

, or

AES-256.

DES (Data Encryption Standard)

– Weaker encryption strength. It uses

a symmetric key algorithm with 56-bit key size.

3DES (Triple DES, TDEA Triple Data Encryption Algorithm)

–Applies

DES three times to each data block resulting in 168-bit key size. Better

encryption strength than DES but lower performance than AES.

AES-128/192/256 (Advanced Encryption Standard 128/192/256-bit

key sizes) –

(Recommended) Provides the strongest encryption

strength and best performance. You can choose 128, 192, or 256-bit

key size. As the bit and key size increase, the security strength also

increases.

Null

– IPsec only. Weaker encryption strength. And offers better

performance.

•

Authentication

– Select the authentication method. You can choose between

SHA1

MD5

SHA1 (Secure Hash Algorithm) –

(Recommended) Stronger than MD5

as it produces a longer hash key but slightly lower performance.

MD5 (Message Digest 5)

- Weaker than SHA1 as the hash key is

slightly shorter than SHA1 and provides higher performance.

•

DH (Diffie-Hellman) Group

- As the DH group numbers increase, the security

also increases. You can choose between

Group 1

Group 2

, or

Group 5

. This is

to configure the IKE proposal only. To configure the DH Group for the IPsec

proposal, configure PFS (Perfect Forward Secrecy)

Group 1 –

DH group 1 (768-bit)

Group 2 –

DH group 2 (1024-bit)

Group 5 –

DH group 5 (1536-bit)

Содержание TEW-659BRN

Страница 1: ...TRENDnet User s Guide Cover Page...

Страница 2: ...ocol Security 27 Site to Site VPN 27 Client Server VPN Server Mode 31 PPTP Point to Point Tunneling Protocol 33 Client Server VPN Server Mode 33 Client Server VPN Client Mode 35 L2TP Layer 2 Tunneling...

Страница 3: ...66 Enable dynamic routing on your router 67 Enable route mode on your router 68 Using WoL Wake on LAN on your router 68 Router Maintenance Monitoring 69 Reset your router to factory defaults 69 Route...

Страница 4: ...f Service QoS controls Domain filtering packet filtering and more High speed wireless data rates up to 300Mbps using an IEEE 802 11n connection 4 x 10 100 Mbps Auto MDIX LAN ports 1 x 10 100 Mbps WAN...

Страница 5: ...ical specifications Actual data throughput and coverage will vary depending on interference network traffic building materials and other conditions Product Hardware Features Rear Panel View LAN Ports...

Страница 6: ...onnected to your router This LED indicator will also be blinking green rapidly when WPS is activated WAN Link Activity This LED indicator is solid green when your router WAN port is physically connect...

Страница 7: ...f the router using an Ethernet cable also called network cable and a laptop is connected wirelessly using its integrated wireless adapter to connect to the router allowing these computers to access th...

Страница 8: ...a home network 1 For a network that includes Internet access you ll need Computers devices with an Ethernet port also called network port or wireless networking capabilities A modem and Internet serv...

Страница 9: ...S Server Address 1 _____ _____ _____ _____ DNS Server Address 2 _____ _____ _____ _____ 3 PPPoE to obtain IP automatically User Name _________ Password ________________ 4 PPPoE with a fixed IP address...

Страница 10: ...twork cable to your router WAN port Connect the other end of the network cable to your Cable modem network port 5 Connect one end of a network cable to one of your router LAN ports 1 4 Connect the oth...

Страница 11: ...option is selected and then click Enter Note If the Setup Wizard does not automatically appear click Wizard at the top of the page 4 Click Next 5 Enter the Old Password Default admin enter a New Passw...

Страница 12: ...ick Next 8 Configure the settings based on information provided by your Internet Service Provider ISP Follow the wizard instructions to complete your configuration Note Each Internet connection type m...

Страница 13: ...commended to enable wireless encryption 2 The example below is for WPA PSK WP2 PSK AES security If you select WPA PSK or WPA2 PSK make sure your wireless adapters support WPA or WPA2 If you wireless a...

Страница 14: ...ying the settings 12 Please wait until the router applies the changes and reboots Note If you checked the option to run network testing Internet connection test you will see the status message below 1...

Страница 15: ...N ports labeled 1 2 3 4 on your router Check the status of the LED indicators 1 2 3 or 4 on the front panel of your router to ensure the physical cable connection from your computer or device Note If...

Страница 16: ...WEP Legacy encryption method supported by most 802 11b g hardware Older hardware may only support up to WEP encryption WPA Legacy encryption method supported in most 802 11g hardware WPA2 Currently th...

Страница 17: ...mmended Shared or Auto in the Authentication drop down list Note It is recommended to use Open System because it is known to be more secure than Shared Key Selecting Auto will automatically determine...

Страница 18: ...drop down list Note It is recommended to use WEP using a HEX or ASCII key because it is easier to setup and simply requires you to create a key compared to 802 1x which requires you to connect an ext...

Страница 19: ...ecific encryption type instead of choosing TKIP AES Preshared Key Enter the passphrase Note 8 63 alphanumeric characters a b C 1 2 etc Click Save to save the changes Note If you would like to discard...

Страница 20: ...12 RADIUS Shared Key Enter the shared secret used to authorize your router with your RADIUS server Click Save to save the changes Note If you would like to discard the changes click Undo before you cl...

Страница 21: ...hat the WPS setup process has been activated on your router See the Product Hardware Features section for the details on LEDs For connecting additional WPS supported devices repeat this process for ea...

Страница 22: ...o initiate the WPS PIN on your wireless device first when using this method Refer to your wireless device documentation for details on the operation of WPS Basic wireless settings Configuration Basic...

Страница 23: ...ess devices to connect to your wireless network at only 802 11b and 802 11g o N only This mode allows wireless devices to connect to your wireless network at only 802 11n Note Please check the specifi...

Страница 24: ...baby monitors 6 Any device operating on the 2 4GHz frequency will cause interference Devices such as 2 4GHz cordless phones or other wireless remotes operating on the 2 4GHz frequency can potentially...

Страница 25: ...u can use the multiple SSID feature to setup guest wireless accounts with a different security type to keep your primary wireless network security information private 1 Log into your router management...

Страница 26: ...s scheduling feature allows you to control when the wireless functionality of your router is enabled and disabled using a predefined time schedule This can be a useful security tool to prevent unautho...

Страница 27: ...pported wireless device used for bridging ex 192 168 10 1 192 168 10 2 192 168 10 3 to avoid IP address conflict See page 53 for changing the LAN IP address 2 If you are using more than one WDS suppor...

Страница 28: ...of the other WDS supported wireless device you are bridging e g 00 11 22 AA BB CC 10 Click Save to save the changes Note If you would like to discard the changes click Undo before you click Save You...

Страница 29: ...only however both server mode and client mode are supported on your router Most computer operating systems already include a pre installed PPTP VPN client software that can be easily configured which...

Страница 30: ...e sure the LAN IP network on each VPN router is different Note Changing the LAN IP address of your router will change the LAN IP network of your router See page 53 for changing the LAN IP address Exam...

Страница 31: ...20 Note If the remote router is using dynamic DNS you can enter domain for the remote gateway instead of the WAN IP address Based on the example the network settings will be the following 7 Next to P...

Страница 32: ...IPsec VPN configuration page VPN Router A Tunnel Status VPN Router B Configuration 1 Log into your router management page see Access your router management page on page 50 Note If you changed router...

Страница 33: ...the network settings will be the following 7 Next to Preshare Key enter the preshared key for your IPsec tunnel Note The preshared key entered must be the same as the preshared key configured in VPN...

Страница 34: ...client computer If the single client computer is connecting to the Internet through a router with NAT enabled make sure the LAN IP network of the router NAT enabled is different from the LAN IP netwo...

Страница 35: ...ust be the same as the preshared key configured in VPN Router A Note The preshared key can consist of alphanumeric characters a b C 1 2 etc 9 Click the PFS Group drop down list and select Same as Phas...

Страница 36: ...VPN PPTP Server To configure your router to allow PPTP VPN connections from remote VPN client computers or devices Typically the single client computer is connecting to the Internet through a router...

Страница 37: ...ange e g 192 168 10 100 6 Next to Authentication Protocol check MS_CHAP and MS_CHAPv2 7 Next to MPPE Encryption Mode check the Enable option 8 Next to Encryption Length to ensure highest compatibility...

Страница 38: ...he Status page See page 73 for checking the status page Example VPN Router A WAN Internet IP Address 10 10 10 10 VPN Router B WAN Internet IP Address 10 10 10 20 Make sure the LAN IP network on each V...

Страница 39: ...ter the User Name and Password used by PPTP VPN clients to authenticate Note The same account can be used by multiple PPTP VPN clients 10 Click Save at the bottom of the page to save the changes Note...

Страница 40: ...255 255 0 subnet mask Connect The mode which the VPN tunnel should be connected o On demand Recommended This mode will connect only when the traffic is sent through VPN tunnel and disconnect automatic...

Страница 41: ...68 100 1 255 255 255 0 Ensure that your router is connected to the Internet and computers and devices are able to access the Internet through your router and make note of the WAN Internet IP assigned...

Страница 42: ...Status You can click Disconnect to disconnect the L2TP VPN client Client Server VPN Client Mode Configuration Security Setting VPN L2TP Client Your router can be configured as a L2TP VPN client to co...

Страница 43: ...nged your LAN IP settings or DHCP server range then you can leave hese settings at default Router default DHCP server range 192 168 10 101 192 168 10 199 IP Pool Start Address Changes the starting add...

Страница 44: ...Enable option to enable the L2TP client 4 Review the settings below Name Enter a name for the tunnel e g Tunnel 1 Peer IP Domain The remote WAN Internet IP address of your remote VPN router e g 10 10...

Страница 45: ...us click Connect to connect the L2TP VPN client You can also click Disconnect to disconnect the L2TP VPN client GRE Generic Routing Encapsulation Tunneling Site to Site GRE Tunnel Configuration Securi...

Страница 46: ...ll also need to be entered when configuring Router B The preshared key can consist of up to five alphanumeric characters a b C 1 2 etc TTL Enter the Time to Live value Range 1 255 Recommended 100 Subn...

Страница 47: ...ly recommended to enter your own key Write down the key you enter as it will also need to be entered when configuring Router B The preshared key can consist of up to five alphanumeric characters a b C...

Страница 48: ...ne which MAC addresses you do not want to allow access To simplify configuration click the DHCP clients drop down list to select and computer or device that is currently connected to your router Once...

Страница 49: ...block access Drop Checking the option will drop or block access to the specific URL or domain Log Checking the option will log the access requests to the specific URL or domain in the router log Note...

Страница 50: ...to allow deny sources or Internet IP addresses to your network from the Internet or from computers or devices on your network to the Internet Firewall rules may allow for more granular control of spec...

Страница 51: ...onfigured correct and you have defined a schedule See page 51 to configure Time Settings and see page 65 to create a schedule To save changes click Save at the bottom of the page Note If you would lik...

Страница 52: ...an select Both to choose both protocol types Enable Check the option to enable the filter Use rule Click the drop down list to select a pre defined schedule The filter will only be active during the t...

Страница 53: ...stem Password admin Change your router login password Configuration Basic Setting Password 1 Log into your router management page see Access your router management page on page 50 2 Click on Configura...

Страница 54: ...rver You can choose Auto to set the router to automatically select a predefined time server or Manual to manually enter a time server e g pool ntp org that is not listed Note If you do not choose Manu...

Страница 55: ...ess of a new MAC address with your ISP then you can clone the address assign the registered MAC address of your previous device to your new router If you want to use the MAC address from the previous...

Страница 56: ...enter the router IP address settings IP Address Enter the new router IP address e g 192 168 100 1 Subnet Mask Enter the new router subnet mask e g 255 255 255 0 Note The DHCP address range will change...

Страница 57: ...or devices e g trendnet com Note The DHCP lease time is the amount of time a computer or device can keep an IP address assigned by the DHCP server When the lease time expires the computer or device wi...

Страница 58: ...ted DHCP client device to be allowed under the MAC Address Control configuration page Deny Enables the MAC Address Control feature and adds the selected DHCP client device to be denied under the MAC A...

Страница 59: ...to save the changes Note If you would like to discard the changes click Undo before you click Save If you click Back this will return you to the main DHCP Server page Enable disable UPnP on your route...

Страница 60: ...PN protocol to turn on the VPN pass through feature Note It is recommended to leave these settings enabled 4 To save changes click Save at the bottom of the page Note If you would like to discard the...

Страница 61: ...before you click Save Allow deny ping requests to your router from the Internet Configuration Security Setting Management To provide additional security you may want to disable your router from respon...

Страница 62: ...ur router management page see Access your router management page on page 50 3 Click on Configuration at the top of the page click on Advanced Setting and click on Dynamic DNS 4 Next to DDNS click Enab...

Страница 63: ...notation Enter the subnet mask in CIDR Classless Inter Domain Routing notation for IP address or IP network you would like to allow For example if you are specifying a single IP address use 32 which...

Страница 64: ...uration Basic Setting Network Settings Virtual Computers If you have multiple static WAN Internet IP addresses assigned by your ISP Internet Service Provider you can map these WAN Internet IP addresse...

Страница 65: ...can choose to manually add a new virtual server 3 Review the virtual server settings Server IP Enter the IP address of the device to forward the port e g 192 168 10 101 Note You should assign a static...

Страница 66: ...ial applications also called port triggering is typically used for online gaming applications or communication applications that require a range of ports or several ports to be dynamically opened on r...

Страница 67: ...om of the page Note If you would like to discard the changes click Undo before you click Save Prioritize traffic using QoS Quality of Service Configuration Advanced Setting QoS You may want to priorit...

Страница 68: ...tion To save changes click Save at the bottom of the page Note If you would like to discard the changes click Undo before you click Save Create schedules Configuration Advanced Setting Scheduling For...

Страница 69: ...activated during the time period specified in the schedule and deactivated during the time period not specified Add static routes to your router Configuration Advanced Setting Routing You may want set...

Страница 70: ...rs If other routers support dynamic routing such as RIP Routing Information Protocol you can enable this feature on your router to automatically learn the required routes to reach those networks It is...

Страница 71: ...and select one of the following Dynamic IP Address Static IP Address or PPP over Ethernet 4 Next to NAT Disable check the Enable option 5 To save changes click Save at the bottom of the page Note If y...

Страница 72: ...accessing your router management page Push and hold this button for 20 seconds and release to reset your router to its factory defaults The LEDs will blink rapidly when the reset process is activated...

Страница 73: ...b browser settings you may be prompted to save a file specify the location or the file may be downloaded automatically to the web browser settings default download folder Default Filename config bin 4...

Страница 74: ...ade process Do not turn off the device or press the Reset button during the upgrade If you are upgrade the firmware using a laptop computer ensure that the laptop is connected to a power source or ens...

Страница 75: ...router management page on page 50 2 Click on Configuration at the top of the page click on Toolbox and click on Reboot 3 You will be prompted to reboot your router Click Yes or OK Check connectivity u...

Страница 76: ...e using a dynamic IP address Internet connection type this will display the time remaining of your IP address leave from the ISP until your router will request for a new IP address IP Address The curr...

Страница 77: ...or interface configuration IP Address Displays your router s current IP address Subnet Mask Displays your router s current subnet mask DHCP Server Display your router s DHCP server status enabled or...

Страница 78: ...irst page of the session log Last Page Displays the last page of the session log Previous Page Display the session log page previous to the current The Page 1 1 will display the current page Next Page...

Страница 79: ...splay the log page previous to the current The Page 1 1 will display the current page Next Page Displays the log page next to the current The Page 1 1 will display the current page Refresh Refreshes t...

Страница 80: ...age click on Advanced Setting and click on System Log 3 Review the e mail log settings SMTP Server port Enter the IP address e g 10 10 10 10 or domain name e g mail trendnet com of your e mail server...

Страница 81: ...rnet interface Get Community Enter the community name to match the settings with the external SNMP server This community will have SNMP read access only Set Community Enter the community name to match...

Страница 82: ...ial Application o DMZ Security o Setting Overview o Packet Filters o URL Filters o Keyword Blocking o MAC Control o GRE Tunneling o VPN IPsec o VPN L2TP Client o VPN L2TP Server o VPN PPTP Client o VP...

Страница 83: ...uting Static and Dynamic RIP v1 2 Quality of Service Service Based IP TCP UDP port with 3 priority queues High Normal Low and WMM Management Monitoring Local remote configuration upgrade firmware Back...

Страница 84: ...utton on the front panel for 20 seconds the release Q I am not sure what type of Internet Account Type I have for my Cable DSL connection How do I find out Answer Contact your Internet Service Provide...

Страница 85: ...port tab Click on Details for more IP address information MAC OS 10 6 10 5 1 From the Apple menu select System Preferences 2 In System Preferences from the View menu select Network 3 In the Network pr...

Страница 86: ...stem Preferences Network 2 From the Show menu select Built in Ethernet 3 On the Ethernet tab the Ethernet ID is your MAC Address How to connect to a wireless network using the built in Windows utility...

Страница 87: ...h never the same and assign a longer time value to Phase 1 than Phase 2 Assigning the same value may cause VPN connectivity problems between the VPN endpoints Encapsulation Protocol You can choose bet...

Страница 88: ...main configuration page Remote Local ID This provides an additional layer of identification or authentication on the VPN tunnel You can choose Username FQDN User FQDN or Key ID These settings must ma...

Страница 89: ...ryption Select the encryption method You can choose between DES 3DES AES 128 AES 192 or AES 256 o DES Data Encryption Standard Weaker encryption strength It uses a symmetric key algorithm with 56 bit...

Страница 90: ...on allows computer and network devices to communicate using NetBIOS computer or host names instead of IP addresses over the GRE tunnel Additional PPTP L2TP options Authentication Protocol o PAP Passwo...

Страница 91: ...nternet address enter the remote router WAN Internet IP address and then click Next 7 Enter the user name and password account information you configured in your router and check Show characters to ve...

Страница 92: ...configured in your router and check Show characters to verify and Remember this password to save the credentials Click Connect 8 Your computer will attempt to connect to the PPTP VPN server router 9 I...

Страница 93: ...tion Wizard window click Finish 10 Enter the user name and password account information you configured in your router and check Save this user name and password for the following users Me only to save...

Страница 94: ...or transmitter The availability of some specific channels and or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination The fir...

Страница 95: ...hiara che questo TEW 659BRV Italian conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Latviski Latvian Ar o TRENDnet deklar ka TEW 659BRV atbil...

Страница 96: ...tax and other fees WARRANTIES EXCLUSIVE IF THE TRENDNET PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE THE CUSTOMER S SOLE REMEDY SHALL BE AT TRENDNET S OPTION REPAIR OR REPLACE THE FOREGOING WARRANTIES...

Страница 97: ......

Результаты поиска

Содержание TEW-659BRN

Отзывы:

Похожие инструкции для TEW-659BRN

Бренды по названию

Популярные бренды

TRENDnet TEW-659BRN, Руководство пользователя

Результаты поиска

Содержание TEW-659BRN

Отзывы:

Похожие инструкции для TEW-659BRN

Бренды по названию

Популярные бренды