background image

DSL-G804V Wireless ADSL Router User’s Guide

 

 

IPSec (IP Security Protocol) 
 

 

Figure 4-13. VPN – IPSec 

 

Parameter 

            Description 

Connection Name 

A user-defined name for the connection.  No digital number is allowed. 

Local Network 

Set the Single address, subnet or IP range of the local network. 

 

IP Address: 

The IP address of the local host.  

Netmask: 

The subnet of the local network. For example, IP: 192.168.0.0 with 

netmask 255.255.255.0 specifies one class C subnet starting from 192.168.0.1 
(i.e. 192.168.1.1 through to 192.168.1.254)

 

End IP:

 The IP address range of the local network. For example, IP: 

192.168.0.1, end IP: 192.168.0.10

 

Remote Secure 
Gateway IP 

The IP address or hostname of the remote VPN device that is connected and 
establishes a VPN tunnel. 

Remote Network 

Set the Single address, subnet or IP range of the remote network. 

 

IP Address:

 

The IP address of the remote host. 

Netmask:

 The subnet of the remote network. For example, IP: 192.168.1.0 

with netmask 255.255.255.0 specifies one class C subnet starting from 
192.168.1.1 (i.e. 192.168.1.1 through to 192.168.1.254). 

End IP:

 The IP address range of the remote network. For example, IP: 

192.168.1.1, end IP: 192.168.1.10. 

Proposal 

Select the IPSec security method. There are two methods of checking the 
authentication information, AH (authentication header) and ESP 
(Encapsulating Security Payload). Use ESP for greater security so that data 
will be encrypted and authenticated. Using AH data will be authenticated but 
not encrypted. 

 

 

51

Summary of Contents for DSL-G804V

Page 1: ...DSL G804V WirelessADSLRouter User sGuide March 2005 ...

Page 2: ...DSL G804V Wireless ADSL Router User s Guide ii ...

Page 3: ...gs on Your Computer 9 Access the Configuration Manager 15 Login to Home Page 15 Configure the Router 16 WAN 17 LAN Settings 26 Wireless Settings 29 DHCP Server 30 DNS Configuration 32 ADVANCED ROUTER MANAGEMENT 33 Virtual Server 33 Add Virtual Server 34 Firewall 37 VPN 47 DDNS Dynamic DNS 60 Routing Static Route 61 Wireless 62 ADSL 65 IP QoS 66 Time Schedule 70 Check Email 72 Device Management 73 ...

Page 4: ...g Table 84 IPSec Status 85 PPTP Status 86 L2TP Status 86 DHCP Status 87 Email Status 89 Event Log 89 Error Log 90 NAT Sessions 90 UPnP Portmap 91 Help 91 TECHNICAL SPECIFICATIONS 92 IP ADDRESS SETUP 94 IP CONCEPTS 96 MICROFILTERS AND SPLITTERS 99 ...

Page 5: ...ername and Password is required For others various parameters that control and define the Internet connection will be required You can print out the two pages below and use the tables to list this information This way you have a hard copy of all the information needed to setup the Router If it is necessary to reconfigure the device all the necessary information can be easily accessed Be sure to ke...

Page 6: ... another computer or gateway device not in the Router itself If your ADSL service is delivered through a PPPoE PPPoA or CLIP IPoA connection the information needed to establish and maintain the Internet connection can be stored in the Router In this case it is not necessary to install software on your computer It may however be necessary to change some settings in the device including account info...

Page 7: ... is the Virtual Path Identifier VPI It is used in conjunction with the Virtual Channel Identifier VCI below to identify the data path between your ADSL service provider s network and your computer VCI This is the Virtual Channel Identifier VCI It is used in conjunction with the VPI above to identify the data path between your ADSL service provider s network and your computer Information you will n...

Page 8: ...he default range of IP addresses the DSL G804V will assign are from 192 168 1 2 to 192 168 1 254 Your computer or computers needs to be configured to Obtain an IP address automatically that is they need to be configured as DHCP clients It is recommended that your collect and record this information here or in some other secure place in case you have to re configure your ADSL connection in the futu...

Page 9: ...ing needs to transmit sensitive data more securely With integrated 54Mbps 802 11g Access Point in this device the router brings up the productivity and mobility to office users The Router supports transparent bridging and can be used for IP packet routing over the Internet Cost saving features of the Router such as NAT Network Address Translator and DHCP Dynamic Host Configuration Protocol improve...

Page 10: ...m their ISP then surf the Internet immediately Universal Plug and Play UPnP and UPnP NAT Traversal This protocol is used to enable simple and robust connectivity among stand alone devices and PCs from many different vendors It makes network simple and affordable for users UPnP architecture leverages TCP IP and the Web to enable seamless proximity networking in addition to control and data transfer...

Page 11: ...HCP client can get an IP address from the Internet Service Provider ISP automatically In the LAN site the DHCP server can allocate a range of client IP addresses and distribute them including IP address subnet mask as well as DNS IP address to local computers It provides an easy way to manage the local IP network Static and RIP1 2 Routing Supports an easy static routing table or RIP1 2 routing pro...

Page 12: ...the device should be rebooted ADSL Link Act Steady green light indicates a valid ADSL connection This will light after the ADSL negotiation process has been settled A blinking green light indicates activity on the WAN ADSL interface WLAN Lit green when the wireless connection is established A blinking green when sending receiving data LAN 1 4 Link Act Green The router has a successful 100Mb Ethern...

Page 13: ... Connect the power adapter here to power on the Router Use the Reset button to restore the settings to the factory default values ADSL port connect ADSL cable here Antenna Ensure good wireless reception Factory Reset button Console port connect PS2 RS 232 here Power cord connects here Ethernet ports connect Ethernet cable here 5 ...

Page 14: ...r into a suitable nearby power source 2 You should see the Power LED indicator light up and remain lit The Status LED should light solid green and begin to blink after a few seconds 3 If the Ethernet port is connected to a working device check the Ethernet Link Act LED indicators to make sure the connection is valid The Router will attempt to establish the ADSL connection if the ADSL line is conne...

Page 15: ...a switch or hub must operate at a speed of 10 100 Mbps only When connecting the Router to any Ethernet device that is capable of operating at speeds higher than 10Mbps be sure that the device has auto negotiation NWay enabled for the connecting port Use standard twisted pair cable with RJ 45 connectors The RJ 45 port on the Router is a crossed port MDI X Follow standard Ethernet guidelines when de...

Page 16: ...k after a few seconds 3 If you have the Router connected to your network you can look at the Ethernet Link Act LED indicators to make sure they have valid connections The Router will attempt to establish the ADSL connection if the ADSL line is connected and the connection is properly configured this should light up after several seconds Factory Reset Button The Router may be reset to the original ...

Page 17: ...SL connection and connect to the service provider s network There are different methods used to establish the connection to the service provider s network and ultimately to the Internet You should know what Encapsulation and connection type you are required to use for your ADSL service It is also possible that you must change the PVC settings used for the ADSL connection Your service provider shou...

Page 18: ...Use the following steps to configure a computer running Windows XP to be a DHCP client 1 From the Start menu on your desktop go to Settings then click on Network Connections 2 In the Network Connections window right click on LAN Local Area Connection then click Properties 10 ...

Page 19: ... Local Area Connection Properties menu highlight Internet Protocol TCP IP under This connection uses the following items by clicking on it once Click on the Properties button 4 Select Obtain an IP address automatically by clicking once in the circle Click the OK button 11 ...

Page 20: ...stall 6 In the Select Network Component Type dialog box select Protocol and then click Add 7 Select Internet Protocol TCP IP in the Network Protocols list and then click OK 8 You may be prompted to install files from your Windows 2000 installation CD or other media Follow the instructions to install the files 9 If prompted click OK to restart your computer with the new settings Configure Windows 2...

Page 21: ... In the Network and Dial up Connections window right click the Network icon and then select Properties 3 In the Network Properties dialog box select TCP IP and then click Properties 4 In the TCP IP Settings dialog box click the Obtain and IP address automatically option 5 Double click OK twice to confirm and save your changes and then close the Control Panel Your computer is now ready to use the R...

Page 22: ...the Protocols tab 4 The Protocols tab displays a list of currently installed network protocols If the list includes TCP IP then the protocol has already been enabled Skip to Configure IP Information 5 If TCP IP does not display as an installed component click Add 6 In the Select Network Protocol dialog box select TCP IP and then click OK You may be prompted to install files from your Windows NT in...

Page 23: ...rnet Options menu using the Tools pull down menu in Internet Explorer To use the web based management software launch a suitable web browser and direct it to the IP address of the Router Type in http followed by the default IP address 192 168 1 1 in the address bar of the browser The URL in the address bar should read http 192 168 1 1 Login to Home Page A new window will appear and you will be pro...

Page 24: ...e Status Information window When the Router is used to provide Internet access it actually must first access your service provider s network that is it must communicate with computers and other routers owned by your service provider These computers and routers then provide access to the Internet The Router must be configured to communicate with the systems that give it access to the larger network...

Page 25: ...needed Figure 3 4 WAN Setup window PPPoE ATM VC Setting VC known as Virtual Circuit or Virtual Channel is a virtual path in which a communication session is established Check with your ISP for information WAN Setting Please select the appropriate option to connect to your ISP There are five options PPPoA RFC 2864 PPP over AAL5 PPPoE RFC2516 PPP over Ethernet MPoA RFC 1483 RFC 2684 Multiprotocol En...

Page 26: ...nection Always on or Connect on Demand Always on If you want the router to establish a PPPoE session when starting up and to automatically re establish the PPPoE session when disconnected by the ISP Connect to Demand If you want to establish a PPPoE session only when there is a packet requesting access to the Internet i e when a program on your computer attempts to access the Internet Idle Timeout...

Page 27: ... MRU Maximum Receive Unit This is negotiated during the LCP protocol stage Discover Primary Secondary DNS This setting enables disables whether the primary secondary DNS server address is requested from a remote PPP peer using IPCP The default setting for this command is enabled Give DNS to Relay Controls whether the PPP Internet Protocol Control Protocol IPCP can request the DNS server IP address...

Page 28: ...04V Wireless ADSL Router User s Guide PPPoA RFC2864 PPP over AAL5 Select this option if your ISP requires you to use the PPPoA Point to Point Protocol over ATM connection Figure 3 5 WAN Setup window PPPoA 20 ...

Page 29: ... to establish a PPPoA session when starting up and to automatically re establish the PPPoE session when disconnected by the ISP Connect to Demand If you want to establish a PPPoA session only when there is a packet requesting access to the Internet i e when a program on your computer attempts to access the Internet Idle Timeout Auto disconnect the PPPoA connection when there is no activity on the ...

Page 30: ... MRU Maximum Receive Unit This is negotiated during the LCP protocol stage Discover Primary Secondary DNS This setting enables disables whether the primary secondary DNS server address is requested from a remote PPP peer using IPCP The default setting for this command is enabled Give DNS to Relay Controls whether the PPP Internet Protocol Control Protocol IPCP can request the DNS server IP address...

Page 31: ...Gateway manually The setting of this item is specified by your ISP RIP Routing Information Protocol It is an interior routing protocol for router to exchange routing information MTU Maximum Transmission Unit This is the size of largest datagram excluding media specific headers that IP will attempt to send through the interface The default setting is 1500 NAT Network Address Translation This allows...

Page 32: ...fied by your ISP RIP Routing Information Protocol It is an interior routing protocol for router to exchange routing information MTU Maximum Transmission Unit This is the size of largest datagram excluding media specific headers that IP will attempt to send through the interface The default setting is 1500 NAT Network Address Translation This allows multiple users to access the Internet through a s...

Page 33: ...ulation Method Select the encapsulation format this is provided by your ISP Ether Filter Type Specify the type of Ethernet filtering performed by the named bridge interface Spanning Bridge Interface Select Enable Disable radio button to choose spanning tree function of modem ATM Class The Quality of Service for ATM layer 25 ...

Page 34: ...ou may configure your LAN by given a LAN IP address to your network LAN Settings LAN IP Configuration Figure 3 9 Home LAN Settings LAN IP Configuration Parameter Description IP Address Default setting is 192 168 1 1 Subnet Mask Default setting is 255 255 255 0 RIP Routing Information Protocol It is an interior routing protocol for router to exchange routing information 26 ...

Page 35: ...ctivates the Ethernet Client Filter function Allowed White list This authorizes specific device accessing your LAN by insert the MAC Address in the space provided Make sure you PC s MAC is listed Blocked Blacklist Check to prevent unwanted device accessing your LAN by insert the MAC Address in the space provided Make sure your PC s MAC is NOT listed Candidates Active PC in LAN displays a list of i...

Page 36: ...e different types to solve compatibility issues The default is Auto which users should keep unless there are specific problems with PCs not being able to access your LAN IPv4 TOS priority Control Advanced users TOS Type of Services is the 2nd octet of an IP packet Bits 6 7 of this octet are reserved and bit 0 2 are used to specify the priority precedence of the packet and bits 3 5 are specified th...

Page 37: ... characters Make sure your wireless clients have exactly the ESSID as the device in order to get connected to your network Client stations can roam freely over this product and other Access Points that have the same Network ID ESSID Broadcast It is function in which transmits its ESSID to the air so that when wireless client searches for a network router can then be discovered and recognized Defau...

Page 38: ...ddress of the router DHCP Server You can configure parameters of the DHCP Server including the IP pool starting IP address and ending IP address to be allocated to PCs on your network lease time for each assigned IP address the period of time the IP address assigned will be valid DNS IP address and the gateway IP address These details are sent to the DHCP client i e your PC when it requests an IP ...

Page 39: ...me referencing the static IP assignment IP Address The IP address for the specific node in LAN MAC Address The MAC address of the specific node in LAN Maximum Lease Time The maximum time interval you allow the specific MAC user to obtain this IP address DHCP Relay You can enter the IP address of the DHCP server that will assign an IP address back to the DHCP client in the LAN Use this function onl...

Page 40: ...DNS will allow you to find the telephone number for any particular domain name As an IP Address is hard to remember the DNS converts the friendly name into its equivalent IP Address Figure 3 16 Home DNS Configuration You can obtain a Domain Name System DNS IP address automatically if your ISP has provided it when you logon check the Enable box Usually when you choose PPPoE or PPPoA as your WAN ISP...

Page 41: ...ld be delivered from an incoming connections should be delivered to Some ports have numbers that are pre assigned to them by the IANA the Internet Assigned Numbers Authority and these are referred to as well known ports Servers follow the well known port assignments so clients can locate them Note If you have disabled the NAT option in the WAN ISP section the Virtual Server function will hence be ...

Page 42: ...il refer to Time Schedule section Name Users defined description to identify this entry or click Helper to select existing predefined rules Helper 20 predefined rules are available Click the Radio button to select the rule Application Protocol and External Redirect Ports will be filled after the selection Protocol Type It is the supported protocol for the virtual server In addition to specifying t...

Page 43: ...Host is a local computer exposed to the Internet When setting a particular internal IP address as the DMZ Host all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host when a packet received does not use a port number used by any other Virtual Server entries Note This Local computer exposing to the Internet may face varies of security risks Figure 4 2 Vir...

Page 44: ...P 192 168 1 10 Add Entry Virtual Server Entry You can create a new One to One NAT rule Schedule A self defined time period to enable your virtual server You may specify a time schedule or Always on for the usage of this Virtual Server Entry For setup and detail refer to Time Schedule section Name Users defined description to identify this entry or click Helper to select existing predefined rules P...

Page 45: ...ice from the Internet Parameter Description Security Disable or activate the Firewall function Policy There are four options when you enable the Firewall they are All blocked User defined no pre defined port or address filter rules by default meaning that all inbound Internet to LAN and outbound LAN to Internet packets will be blocked Users have to add their own filter rules for further access to ...

Page 46: ...en the Firewall is enabled and one of these four security levels is chosen All blocked High Medium and Low The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall which is selected See Table1 Predefined Port Filter for more detailed information 38 ...

Page 47: ...lter rules for High Medium and Low security levels are listed See Table 1 Note Firewall All Blocked User defined you must define and create the port filter rules yourself No predefined rule is set Table 1 Predefined Port Filter Application Protocol Port Number Firewall High Firewall Medium Firewall Low 39 ...

Page 48: ...P 6 25 25 NO YES NO YES NO YES POP3 110 TCP 6 110 110 NO YES NO YES NO YES NEWS 119 TCP 6 119 119 NO NO NO YES NO YES RealAudio 7070 UDP 17 7070 7070 NO NO YES YES YES YES PING ICMP 1 N A N A NO YES NO YES NO YES H 323 1720 TCP 6 1720 1720 NO NO NO YES YES YES T 120 1503 TCP 6 1503 1503 NO NO NO YES YES YES SSH 22 TCP 6 22 22 NO NO NO YES YES YES NTP 123 UDP 17 123 123 NO YES NO YES NO YES HTTPS 4...

Page 49: ...ge you wish to allow block the traffic to or form set IP address and Subnet Mask to 0 0 0 0 to inactive the Address Filter rule Note To block access to from a single IP address enter that IP address as the Host IP Address and use a Host Subnet Mask of 255 255 255 255 Source port Destination port This is the Address Filter used to allow or block traffic to from particular IP address es Selecting th...

Page 50: ...he rule Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol Number Insert the port number i e GRE 47 Inbound Outbound Select Allow or Block the access to the Internet Outbound or from the Internet Inbound Configuring Packet Filter 42 ...

Page 51: ...rity level shown below Note You may click Edit the predefined rule instead of Delete it This is an example to show to how you add a filter on your own Click Delete 2 Click Delete to delete the existing HTTP rule 3 Click Add TCP UDP Filter Input the Rule Name Time Schedule Source Destination IP Type Source Destination Port Inbound and Outbound Intrusion Detection 43 ...

Page 52: ...attack types include X mas scan IMAP SYN FIN scan and similar attempts DOS Attack Block Duration seconds This is the duration for blocking hosts that attempt a possible Denial of Service DoS attack Possible DoS attacks this attempts to block include Ascend Kill and WinNuke Maximum TCP Open Handshaking Count per second This is a threshold value to decide whether a SYN Flood attempt is occurring or ...

Page 53: ...URL rather than having to specify a complete URL e g to block any image called advertisement gif When enabled your specified keywords list will be checked to see if any keywords are present in URLs accessed to determine if the connection attempt should be blocked Domain Filtering This function checks the domain name only not the IP address in URLs accessed against your list of domains to block or ...

Page 54: ...irewall Log Firewall Log displays log information of any unexpected action with your firewall settings Check the Enable box to activate the logs Log information can be seen in the Status Event Log after enabling Figure 4 9 Firewall Firewall Log 46 ...

Page 55: ...work via the Internet Each type of VPN has its form of encryption In the router which supports three main types of VPN Virtual Private Network PPTP IPSec and L2TP PPTP Point to Point Tunneling Protocol There are two types of PPTP VPN supported Remote Access and LAN to LAN Figure 4 10 VPN PPTP PPTP Remote Access Figure 4 11 VPN PPTP Remote Access 47 ...

Page 56: ...hentication Protocol if you know which type the server is using when acting as a client or else the authentication type you want clients connecting to you to use when acting as a server When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that t he client has not been replaced by an intruder I...

Page 57: ...DSL G804V Wireless ADSL Router User s Guide PPTP LAN to LAN Figure 4 12 VPN PPTP LAN to LAN 49 ...

Page 58: ...else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using when acting as a client or else the authentication type you want clients connecting to you to use when acting as a server When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challen...

Page 59: ...eway IP The IP address or hostname of the remote VPN device that is connected and establishes a VPN tunnel Remote Network Set the Single address subnet or IP range of the remote network IP Address The IP address of the remote host Netmask The subnet of the remote network For example IP 192 168 1 0 with netmask 255 255 255 0 specifies one class C subnet starting from 192 168 1 1 i e 192 168 1 1 thr...

Page 60: ...yption keys during the second phase of VPN negotiation This function will provide better security but extends the VPN negotiation time Diffie Hellman is a public key cryptography protocol that allows two parties to establish a shared secret over an unsecured communication channel i e over the Internet There are three modes MODP 768 bit MODP 1024 bit and MODP 1536 bit MODP stands for Modular Expone...

Page 61: ...ithm which coverts any length of a message into a unique set of bits It is widely used MD5 Message Digest and SHA 1 Secure Hash Algorithm algorithms Encryption Select the encryption method from the pull down menu There are several options DES 3DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency Diffie Hellman Group It is a public key cryptography protocol that allows tw...

Page 62: ...mote PC with the specified IP address and alert when the connection fails Once alter message is received Router will drop this tunnel connection Re establish of this connection is required 0 0 0 0 which disables the function Interval This sets the time interval between Pings to the IP function to monitor the connection status Time interval can be set from 0 to 3600 second 0 second disables the fun...

Page 63: ...DSL G804V Wireless ADSL Router User s Guide L2TP Layer2 Tunneling Protocol There are two types of L2TP VPN supported Remote Access and LAN to LAN Figure 4 15 VPN L2TP 55 ...

Page 64: ...by assigning IP addr ess to dial in user IP Address If uses Dial Out as a client to the remote server enter Server IP Address of the remote server IP address If uses Dial In as a server enter a Private IP Address Assigned to the Dial in user Account Configuration Username If you are a Dial Out user client enter the username provided by your Host If you are a Dial In user server enter your own user...

Page 65: ...DES and AES are more powerful but increase latency Perfect Forward Secrecy Choose whether to enable PFS using Diffie Hellman public key cryptography to change encryption keys during the second phase of VPN negotiation This function will provide better security but extends the VPN negotiation time Diffie Hellman is a public key cryptography protocol that allows two parties to establish a shared sec...

Page 66: ...uses Dial Out as a client to the remote server enter Server IP Address of the remote server IP address Peer Network Enter Peer network IP address Net Mask Enter the subnet mask of peer network based on the Peer Network IP setting If uses Dial In as a server enter a Private IP Address Assigned to the Dial in user Account Configuration Username If you are a Dial Out user client enter the username pr...

Page 67: ...ful but increase latency Perfect Forward Secrecy Choose whether to enable PFS using Diffie Hellman public key cryptography to change encryption keys during the second phase of VPN negotiation This function will provide better security but extends the VPN negotiation time Diffie Hellman is a public key cryptography protocol that allows two parties to establish a shared secret over an unsecured comm...

Page 68: ... DDNS Parameter Description Dynamic DNS Disable or activate this feature Dynamic DNS Server Select the DDNS service you have established an account with Wildcard When wildcard is enabled a multiple matching to the Host Name will be point to the same IP Example You have a host abce no ip com When the wildcard enabled xxxxx abce no ip com would point to the same IP address as your abce no ip com Hos...

Page 69: ...tion Destination This is the destination subnet IP address Netmask Subnet mask of the destination IP addresses based on above destination subnet IP Gateway This is the gateway IP address to which packets are to be forwarded Interface Select the interface through which packets are to be forwarded Cost This is the same meaning as Hop This should usually be left at 1 61 ...

Page 70: ...0 Wireless Security WPA Pre Shared Key Parameter Description WPA Shared Key The key for network authentication The input format is in character style and key size should be in the range between 8 and 63 characters Group Key Renewal in seconds The period of renewal time for changing the security key automatically between wireless client and Access Point AP Idle Timeout in seconds A Timeout value ba...

Page 71: ...re Key Both With this setting both open and share key are employed Wireless client may have selected open or share key setting and still can get access to the Access point only if correct WEP Key is presented WEP Encryption To prevent unauthorized wireless stations from accessing data transmitted over the network the router offers highly secure data encryption known as WEP If you require high secu...

Page 72: ...reless Client Filter function Allowed White List This authorizes specific device accessing your wireless by insert the wireless AP MAC Address in the space provided Make sure you wireless AP MAC is listed Blocked Blacklist check to prevent unwanted device accessing your wireless by insert the wireless AP MAC Address in the space provided Make sure your wireless AP MAC is NOT listed Candidates Asso...

Page 73: ...still fails please try the other values such as ALCTL ADI etc For ADSL2 connection this mode automatically detects your line code to G DMT Bis Activate Line Aborting false your ADSL line and making it active true again for taking effect with setting of Connect Mode Coding Gain Configure the ADSL coding gain from 0 dB to 7dB or automatic Tx Attenuation Setting ADSL transmission attenuation DSP Firm...

Page 74: ...tilized 30 of the total bandwidth Low utilized 10 of the total bandwidth Figure 4 24 IP QoS Packet Prioritization Parameter Description Name A user defined description to identify this new policy application Schedule Check Disable radio button to inactivate the URL Filtering function or keep the URL Filtering as Always on You may also specify a time schedule for your prioritization policy For setu...

Page 75: ...classify traffic based on DSCP value and send packets to next Router DSCP Mapping Table DSCP Mapping Table Wireless ADSL Router Standard DSCP Disabled None Best Effort Best Effort 000000 Premium Express Forwarding 101110 Gold service L Class 1 Gold 001010 Gold service M Class 1 Silver 001100 Gold service H Class 1 Bronze 001110 Silver service L Class 2 Gold 010010 Silver service M Class 2 Silver 0...

Page 76: ...Check Disable radio button to inactivate the URL Filtering function or keep the URL Filtering as Always on You may also specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Add...

Page 77: ...heck Disable radio button to inactivate the URL Filtering function or keep the URL Filtering as Always on You may also specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Addr...

Page 78: ...ly with router s time since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Refer to Time Zone for details You router time should correspond with your local time If the time is not set correctly your Time Schedule will not function properly Figure 4 27 Time Schedule 70 ...

Page 79: ...folio Day The default is set from Monday through Friday You may specify the days for the schedule to be applied Start Time The default is set at 8 00 AM You may specify the start time of the schedule End Time The default is set at 18 00 6 00PM You may specify the end time of the schedule Delete a Time Slot Click Clear to delete the existing Time profile i e erase the Day and back to default settin...

Page 80: ...isable or activate the Email Checking function Account Name Enter the name login of the POP3 account you wish to check Normally it is the text in your email address before the symbol If you have trouble with it please contact your ISP Internet Service Provider Password Enter the account s password POP3 Mail Server Enter your POP mail server name Your ISP or network administrator will be able to su...

Page 81: ... within their LAN Important This setting will become effective after you Save to flash and restart the router Management IP Address You may specify an IP address allowed to logon and access the router s web server Setting the IP address to 0 0 0 0 will disable IP address restrictions allowing users to login from any IP address Expire to auto logout Specify a time frame for the system to auto logou...

Page 82: ...Network Management Protocol Version 1 and Version 2 Parameter Description Read Community Specify a name to be identified as the Read Community and an IP address This community string will be checked against the string entered in the configuration file Once the string name is matched user obtains this IP address will be able to view the data Write Community Specify a name to be identified as the Wr...

Page 83: ...ent Protocol is used to management hosts from multicast group Figure 4 32 IGMP Para meter Description IGMP Forwarding Accepting multicast packet Default is set to Enable IGMP Snooping Allowing switched Ethernet to check and make correct forwarding decisions Default is set to Disable 75 ...

Page 84: ...n change the user s password whether their account is active and Valid as well as add a comment to each user account These options are the same when creating a user account with the exception that once created you cannot change the username You cannot delete the default admin account however you can delete any other created accounts by clicking Delete when editing the user Figure 5 1 Admin Current...

Page 85: ...ime from the SNTP server you have specified Figure 5 2 Date Time Resync Period in minutes is the periodic interval the router will wait before it re synchronizes the router s time with that of the specified SNTP server In order to avoid unnecessarily increasing the load on your specified SNTP server you should keep the poll interval as high as possible at the absolute minimum every few hours or ev...

Page 86: ...king any significant changes to your router s configuration Figure 5 3 System Settings Press Backup Setting to select where on your local PC to save the settings file You may also change the name of the file when saving if you wish to keep multiple backups Load Setting From Local Hard Drive Press Browse to select a file from your PC to restore You should only restore settings files that have been ...

Page 87: ...rowse will allow you to select the new firmware image file you have downloaded to your PC Note DO NOT power off the router or interrupt the firmware upgrading while it is still in process Improper operation could damage the router Remote Access To temporarily permit remote administration of the router i e from outside your LAN select a time period the router will permit remote access You may chang...

Page 88: ...t to factory default settings You may also reset your router to factory settings by holding the small Reset pinhole button on the back of your router in for 10 12 seconds whilst the router is turned on Save Config to FLASH After changing the router s configuration settings you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router...

Page 89: ... a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If the previous PC forgets to logout the second PC can access the page after a user defined period by default 3 minutes You can modify this value using the Advanced Device section of the web interface 81 ...

Page 90: ...gure Device Info ARP Wireless Routing IPSec Status PPTP Status L2TP Status DHCP Email Event Log NAT Sessions UPnP Portmap Device Information Device Information detailed displays the current setting of your router such as LAN WAN Wireless Port Status and Traffic Statistic Figure 6 1 Device Information 82 ...

Page 91: ...dynamically generated Yes means the ARP table entry is added by the users Figure 6 2 ARP Table Para meter Description IP Address A list of IP addresses of devices on your LAN Local Area Network MAC Address The MAC Media Access Control addresses for each device on your LAN Interface The interface name on the router that this IP Address connects to Static Static status of the ARP table entry no for ...

Page 92: ... the AP client that is connect to the router Figure 6 3 Connect Wireless Client List Para meter Description IP Address It is IP address of wireless client that joins this network MAC The MAC address of wireless client Routing Table Two routing tables are displayed Routing Table and RIP Routing Table Figure 6 4 Routing Table 84 ...

Page 93: ... netmask address Gateway The IP address of the gateway that this route will use Cost The number of hops counted as the cost of the route IPSec Status IPSec Status shows details of your configured IPSec VPN connections Figure 6 5 IPSec Status Para meter Description Name The name you assigned to the particular VPN entry Active Whether the VPN Connection is currently Active Connection State Whether t...

Page 94: ... VPN configuration Type The type of connection dial in dial out Enable Whether the connection is currently enabled Active Whether the connection is currently active Tunnel Connected Whether the VPN Tunnel is currently connected Call Connected If the Call for this VPN entry is currently connected Encryption The encryption type used for this VPN connection L2TP Status L2TP Status shows details of yo...

Page 95: ...n dial out Enable Whether the connection is currently enabled Active Whether the connection is currently active Tunnel Connected Whether the VPN Tunnel is currently connected Call Connected If the Call for this VPN entry is currently connected Encryption The encryption type used for this VPN connection DHCP Status DHCP Status table displays DHCP Server assigned IP address information and Subnet De...

Page 96: ...ion of your DHCP Server IP subnet information Maximum Lease Time The maximum lease time interval you allow For more information check DHCP under Home section Default Lease Time The default lease time interval you allow For more information check DHCP under Home section Use local host address as DNS Server It shows in true or false Use local host address as default gateway It shows in true or false...

Page 97: ...Log detailed displays router s event entries Major events are logged to this window such as when the router s ADSL connection is disconnected as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Advanced Firewall section of the interface Please see the Firewall section of this manual for more details on how to enable Firewall logging Figure 6 10 Event Log 89 ...

Page 98: ...isplays any errors encountered by the router e g invalid names given to entries are logged to this window Figure 6 11 Error Log NAT Sessions NAT Sessions list all current NAT session between interface of types external WAN and internal LAN Figure 6 12 NAT Sessions 90 ...

Page 99: ...r s Guide UPnP Portmap UPnP Portmap list all port mapping established using UPnP Universal Plug and Play Figure 6 13 UPnP Portmap Help Help menu links provide more information for configuring various Router functions Figure 6 14 Help 91 ...

Page 100: ...C 1994 CHAP RFC 1334 PAP RFC 2364 PPP over ATM RFC 1631 NAT RFC 1877 Automatic IP assignment RFC 2516 PPP over Ethernet Supports RFC 2131 and RFC 2132 DHCP Compatible with all T1 413 issue 2 full rate DMT over analog POTS and CO DSLAM equipment Supports ATM Forum UNI V3 1 PVC Protocols TCP IP UDP RIP 1 RIP 2 IGMP DHCP BOOTP ARP AAL5 Data Transfer Rate G dmt full rate Downstream up to 8 Mbps Upstre...

Page 101: ... 100V 240V AC 50 60Hz Output 12V DC 1A Power Consumption 12 Watts max Operating Temperature 0 to 40 C 32 104 F Humidity 5 to 95 non condensing Dimensions 180 x 141 x 30 mm Weight 332 g EMI CE Class B FCC Class B Part 15 Safety CSA International Reliability Mean Time Between Failure MTBF min 4 years 93 ...

Page 102: ...Address Assignment Manually configuring IP settings for the LAN means you must manually set an IP address subnet mask and IP address of the default gateway the Router s IP address on each networked computer The example listed below describes IP configuration for computers running Windows 95 or Windows 98 Regardless of what operating system is used on each workstation the three network IP settings ...

Page 103: ...y rules that govern IP assignment It may be more convenient or easier to remember an IP scheme that use a different address for the Router Or you may be installing the Router on a network that has already established the IP settings Changing the IP address is a simple matter and can be done using the web manager see LAN IP Address in Chapter 5 If you are incorporating the Router into a LAN with an...

Page 104: ...n be assigned to each of the millions of networks and each of the computers on those networks Such a number is called an IP address To make IP addresses easy to understand the originators of IP adopted a system of representation called dotted decimal or dotted quad notation Below are examples of IP addresses written in this format 201 202 203 204 189 21 241 56 125 87 0 1 Each of the four values in...

Page 105: ...5 is the full range of integer values that can be expressed with eight bits The network portion must be the same for all the IP devices on a discrete physical network a single Ethernet LAN for example or a WAN link The host portion must be different for each IP device or to be more precise each IP capable port or interface connected directly to that network The network portion of an IP address wil...

Page 106: ...Class Subnet Mask Class A 255 0 0 0 Class B 255 255 0 0 Class C 255 255 255 0 Subnet mask settings other than those listed above add significance to the interpretation of bits in the IP address The bits of the subnet mask correspond directly to the bits of the IP address Any bit an a subnet mask that is to correspond to a net ID bit in the IP address must be set to 1 98 ...

Page 107: ...t need to use any type of filter device Follow the instructions given to you by your ADSL service provider about where and how you should connect the Modem to the ADSL line Microfilters Unless you are instructed to use a line splitter see below it will be necessary to install a microfilter low pass filter device for each telephone or telephone device answering machines Faxes etc that share the lin...

Page 108: ...nectors The splitter has three RJ 11 ports used to connect to the wall jack the Modem and if desired a telephone or telephone device The connection ports are typically labeled as follows Line This port connects to the wall jack ADSL This port connects to the Modem Phone This port connects to a telephone or other telephone device The diagram below illustrates the proper use of the splitter Line Spl...

Page 109: ...qiao Road Haidan District 100081 Beijing China TEL 86 10 68467106 FAX 86 10 68467110 URL www dlink com cn E MAIL liweii digitalchina com cn Denmark D Link Denmark Naverland Denmark Naverland 2 DK 2600 Glostrup Copenhagen Denmark TEL 45 43 969040 FAX 45 43 424347 URL www dlink dk E MAIL info dlink dk Egypt D Link Middle East 7 Assem Ebn Sabet Street Heliopolis Cairo Egypt TEL 202 245 6176 FAX 202 2...

Page 110: ...492 FAX 7 095 737 3390 URL www dlink ru E MAIL vl dlink ru Singapore D Link International 1 International Business Park 03 12 The Synergy Singapore 609917 TEL 6 6774 6233 FAX 6 6774 6322 E MAIL info dlink com sg URL www dlink intl com South Africa D Link South Africa Unit 2 Parkside 86 Oak Avenue Highveld Technopark Centurion Gauteng South Africa TEL 27 12 665 2165 FAX 27 12 665 2186 URL www d lin...

Page 111: ...0 8731 5555 SALES 44 020 8731 5550 FAX 44 020 8731 5511 SALES 44 020 8731 5551 BBS 44 0 181 235 5511 URL www dlink co uk E MAIL info dlink co uk U S A D Link U S A 17575 Mt Herrmann Fountain Valley CA 92708 TEL 1 714 885 6000 FAX 1 866 743 4905 INFO 1 800 326 1688 URL www dlink com E MAIL tech dlink com support dlink com ...

Page 112: ...99 1000 or more 3 What network protocol s does your organization use XNS IPX TCP IP DECnet Others_______________________________________________________ 4 What network operating system s does your organization use D Link LANsmart Novell NetWare NetWare Lite SCO Unix Xenix PC NFS 3Com 3 Open Banyan Vines DECnet Pathwork Windows NT Windows NTAS Windows 95 Others______________________________________...

Page 113: ......

Reviews: