Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/newdedyk/domains/bkmanuals.com/public_html/includes/pages/manual_inc.php on line 26
Billion Electric Company BiGuard 50G manuale d’uso - BKManuals

Billion Electric Company BiGuard 50G manuale d’uso

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223

Vai alla pagina of

Un buon manuale d’uso

Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso Billion Electric Company BiGuard 50G. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica Billion Electric Company BiGuard 50G o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.

Che cosa è il manuale d’uso?

La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso Billion Electric Company BiGuard 50G descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.

Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.

Quindi cosa dovrebbe contenere il manuale perfetto?

Innanzitutto, il manuale d’uso Billion Electric Company BiGuard 50G dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo Billion Electric Company BiGuard 50G
- nome del fabbricante e anno di fabbricazione Billion Electric Company BiGuard 50G
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature Billion Electric Company BiGuard 50G
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti

Perché non leggiamo i manuali d’uso?

Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio Billion Electric Company BiGuard 50G non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti Billion Electric Company BiGuard 50G e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio Billion Electric Company in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche Billion Electric Company BiGuard 50G, come nel caso della versione cartacea.

Perché leggere il manuale d’uso?

Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo Billion Electric Company BiGuard 50G, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.

Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso Billion Electric Company BiGuard 50G. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.

Sommario del manuale d’uso

  • Pagina 1

    BiGuard 50G 802.11g Dual WAN Security Gateway User’s Manual Version Release 1.03 (FW:1.xx)[...]

  • Pagina 2

    2 BiGuard 50G User’s Manual (Updated September, 2007) Copyright Information © 2007 Billion Electric Corporation, Ltd. The contents of this pu blication may n o t be reproduced in whole or in part, transcribed, stored, tra nslated, or transmi tted in any form or any means, without the prior written con sent of Billion Electric Corporation. Publis[...]

  • Pagina 3

    3 Safety Warnings Y our BiGuard 50G is built for reliab ility and long service life. For your safety , be sure to read and follo w the follo wing safety w arnings. • Read this installation guide thoroughly bef ore attempting to set up your BiGuard 50G. • Y o u r B i G u a r d 5 0 G i s a c o m p l e x e l e c t r o n i c d e v i c e . D O N O T[...]

  • Pagina 4

    4 Table of Contents Chapter 1: Introduction 1.1 Overview 1.2 Product Highlights 1.2.1 Increased Bandwidth, Scalability and Resilience 1.2.2 Virtual Private Network Support 1.2.3 Advanced Firewall Security 1.2.4 Intelligent Bandwidth Management 1.3 Package Contents 1.3.1 Front Panel 1.3.2 Rear Panel 1.3.3 Cabling Chapter 2: Router Applications 2.1 O[...]

  • Pagina 5

    5 2.6.2 VPN Planning - Fail Over 2.6.3 Concentrato r Chapter 3: Getting Started 3.1 Overview 3.2 Before You Begin 3.3 Connecting Your Router 3.4 Configuring PCs for TCP/IP Networking 3.4.1 Overview 3.4.2 Windows XP 3.4.2.1 Configuring 3.4.2.2 Verifying Settings 3.4.3 Windows 2000 3.4.3.1 Configuring 3.4.3.2 Verifying Settings 3.4.4 Windows 98 / ME [...]

  • Pagina 6

    6 4.2.3 Routing Table 4.2.4 Session Table 4.2.5 DHCP Table 4.2.6 IPSec Status 4.2.7 PPTP Status 4.2.8 Traffic Statistics 4.2.9 CPU Statistics 4.2.10 System Log 4.3 Quick Start 4.3.1 DHCP 4.3.2 Static IP 4.3.3 PPPoE 4.3.4 PPTP 4.3.5 Big Pond 4.4 Configuration 4.4.1 LAN 4.4.1.1 Ethernet 4.4.1.2 Wireless Security 4.4.1.3 WEP 4.4.1.4 DHCP Server 4.4.1.[...]

  • Pagina 7

    7 4.4.4.3 Firmware Upgrade 4.4.4.4 Backup / Restore 4.4.4.5 Restart 4.4.4.6 Password 4.4.5 Firewall 4.4.5.1 Packet Filter 4.4.5.2 URL Filter 4.4.5.3 Ethernet MAC Filter 4.4.5.4 Wireless MAC Filter 4.4.5.5 Block WAN Request 4.4.5.6 Intrusion Detection 4.4.6 VPN 4.4.6.1 IPSec 4.4.6.1.1 IPSec Wizard 4.4.6.1.2 IPSec Policy 4.4.6.2 PPTP 4.4.7 QoS 4.4.8 [...]

  • Pagina 8

    8 5.1.1 Router Won’t Turn O n 5.1.2 LEDs Never Turn Off 5.1.3 LAN or Internet Port Not On 5.1.4 Forgot My P assword 5.2 LAN Interface 5.2.1 Can’t Access Router from the LAN 5.2.2 Can’t Ping Any PC on the LAN 5.2.3 Can’t Access Web Configuration Interfa ce 5.2.3.1 Pop-up Windows 5.2.3.2 Javascripts 5.2.3.3 Java Perm issions 5.3 WAN Interface[...]

  • Pagina 9

    9 Appendix D: Network, Routing, and Firewall Basics D.1 Network Basi cs D.1.1 IP Addresses D.1.1.1 Netmask D.1.1.2 Subnet Addressing D.1.1.3 Private I P Addresses D.1.2 Network Address Translation (NAT) D.1.3 Dynamic Host Configuration P rotocol (DHC P) D.2 Router Basics D.2.1 Why use a Router? D.2.2 What is a Router? D.2.3 Routing Information Prot[...]

  • Pagina 10

    10 Appendix E: Virtual Private Networking E.1 What is a VPN? E.1.1 VPN Applications E.2 What is IPSec? E.2.1 IPSec Security Components E.2.1.1 Authentication Header (AH) E.2.1.2 Encapsulating Security Payload (ES P) E.2.1.3 Security Associations (SA )[...]

  • Pagina 11

    11 E.2.2 IPSec Mod E.2.3 Tunnel Mod e AH E.2.4 Tunnel Mod e ESP E.2.5 Internet Key Exchange (IKE) Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories F.2 IPSec Log Event Table Appendix G: Bandwidth Management with QoS G.1 Overview G.2 What is Quality of Service? G.3 How Does QoS Work? G.4 Who Needs QoS? G.4.1 Home Users G.4.2 Office Us[...]

  • Pagina 12

    12 Chapter 1: Introduction 1.1 Overview Congratulations on purchasing BiGu ard 50G Router from Billion. Combining a router w i t h a n E t h e r n e t n e t w o r k s w itch, BiGuard 50G is a stat e-of-t he-art device th at provides everything you need to get your network connected to the Internet o ver your Cable or DSL connection quickly and easi[...]

  • Pagina 13

    13 connections are possible on BiGuard 50G, with perfor manc e of up to 10Mbps. 1.2.3 Advanced Firewall Security Aside from intelligent broadband sharing, BiGuard 50G of fers integrated firewall protection with adv anced features to se cure your network from outside attacks. Stateful Pack et Inspection (S PI) determines if a data packet is permitte[...]

  • Pagina 14

    14 LED Function Power A solid light indicates a st eady connection to a power source. Status A blinking light indicates the device is writing to flash memory. LAN 1 – 4 Lit when connected to an Ethernet device. 10/100M : Lit green when connected at 100Mbps. Not lit when connected at 10Mbps. Link/ACT: Lit when device is connected. Blinking when da[...]

  • Pagina 15

    15 1.3.2 Rear Panel Port Function 1 Wireless Antenna One detachable 2.4GHz 5dbi SMA antenna 2 WAN2 WAN2 10/100M Ethernet port (with auto crossover support); connect xDSL/Cable modem here. 3 WAN1 WAN1 10/100M Ethernet port (with auto crossover support); connect xDSL/Cable modem here. 4 LAN 1 — 4 Connect a UTP Ethernet cable (Cat-5 or Cat-5e) to on[...]

  • Pagina 16

    16 1.3.4 Cabling Most Ethernet netw orks currently use unshielded twist ed pair (UTP) cabling. The UTP cable contains eigh t conductors, arr anged in four twisted pairs, and terminated with an RJ45 t ype connector . One of the most common causes of networking problems is bad cabling. Make sure that all connected devices are turned on. On the front [...]

  • Pagina 17

    17 Chapter 2: Router Applications 2.1 Overview Y our BiGuard 50G router is a versatile device t hat can be configured to not only protect your network from malicio us attackers, but also ensure optimal usage of available bandwidth with Quality of Service (QoS) and both Inbound and Outbo und Load Balancing. Altern atively , BiGu ard 50G can also be [...]

  • Pagina 18

    18 2.2.2 QoS Policies for Different Applications By setting differen t QoS policies according to the applicatio ns you are running, you can use BiGuard 50G to optimi ze the bandwidth tha t is being used on your network. As illustrated in the diagram above, applications such as V oiceover IP (V oIP) require low network laten cies to function properl[...]

  • Pagina 19

    19 applications such as an FTP server , users using VoIP will experience network lag and/or service interruption s during use. T o avoid this scenario, this network has assigned V oIP with a guaranteed bandwidt h and higher p riority to ensure smooth communications. The FTP serv er , on the other hand, has been give n a maximum bandwidth cap to mak[...]

  • Pagina 20

    20 manage your bandwidth, pro viding reliable Internet and network servi ce to your organization. 2.2.5 Priority Bandwidth Utilization Assigning priority to a certain service allows BiGuard 50G to give either a higher or lower priority to traffic from this particular servi ce. Assigning a higher priority to an application ensures that it is process[...]

  • Pagina 21

    21 2.2.6 Management by IP or MAC address BiGuard 50G can also be configured to appl y traffic policies based on a particular IP or MAC address. This allows you t o quickly assign different traffic policies to a specific computer on the network. DiffServ (DSCP Marking) DiffServ (a.k .a. DSCP Marking) allows you to classify t raffic based on IP DSCP [...]

  • Pagina 22

    22 Other interfaces can match tr affic based on the DSCP markings. DSCP marki ngs are u s e d t o d e c i d e h o w p a c k e t s s h o u l d b e t r e a t e d , a n d i s a u s e f u l t o o l t o g i v e precedence to varying t ypes of data. 2.2.8 DSCP (Matching) Just like the DSCP Marking, DSCP is used on traffics (Both inbound rules and outboun[...]

  • Pagina 23

    23 In the above example, PC 1 (IP_192.168. 2.2) and PC 2 (IP_192.168.2.3) ar e connected to the Internet via W AN1 (IP_230.100.100.1) on BiGuard 50G. Should WAN1 fai l, Outbound F ail Over tells BiGuard 50G to reroute outgoing tr affic to WAN2 (IP_213.10.10.2). Configuring your BiGuard 50G for Outbound F ail Over provides a more reliable connection[...]

  • Pagina 24

    24 connected to the Inter net via W AN1 (IP_230.100.100.1) and W AN2 (IP_213.10.10.2) on BiGuard 50G. Y ou can configure BiGuard 50G to balance the load of each WAN port with one of two mechanisms: 1. Session (by session/by traffic/weight of link capability) 2. IP Hash (by traffic/weight of link capability) The IP Hash mechanism will en sure that t[...]

  • Pagina 25

    25 2.4.1 Inbound Fail Over Configurin g BiGuard 50G for Inbound F ail Over allows you to ensure that incoming traffi c is uninterrupted by having B iGuar d 50G defaul t to W AN2 should WAN1 fail. In the above example, an FTP Server (IP_192.168.2.2) and an HT TP Server (IP_192.168.2.3) are connected to the I nte rnet via W AN1 (ftp .billion.dyndns.o[...]

  • Pagina 26

    26 2.4.2 Inbound Load Balancing Inbound Load Balancing allows BiGuard 50G to intelligently man age inbound traffic based on the amount of load of each W AN connection. In the above example, an FTP server (IP_192.168.2.2 ) and an HT TP server (IP_192.168.2.3) are connected to the Internet via W AN1 (www .billion2.dynd ns.org) and W AN2 (www.bi llion[...]

  • Pagina 27

    27 2.5 DNS Inbound Using DNS Inbound is a great way to int elligently direct ne twork traffic. DNS Inbound is a three step process. First, a DNS request is made to the router via a remote PC. BiGuard 50G, base d on settings specified by the user , will dir ect the requesting PC to the correct W AN port by r e p l y i n g t h e s e l e c t e d W A N[...]

  • Pagina 28

    28 2.5.1 DNS Inbound Fail Over BiGuard 50G can be configured to repl y the W AN2 IP address for the DNS domain name request should W AN1 fail. In the above example, an FTP Server (IP_192.168.2.2) and an HT TP Server (IP_192.168.2.3) are connected to the In ternet via W AN1 (IP_200.200.200.1) on BiGuard 50G. A remote computer is trying to access the[...]

  • Pagina 29

    29 2.5.2 DNS Inbound Load Balancing DNS Inbound Load Balancin g allows BiGuard 50G to intell igently manage inbound traffic based on the a mount of load of each W AN connection by assigning the IP address with the lowest t raffi c load to incoming requests. In the above example, an FTP server (IP_192.168.2.2 ) and an HT TP server (IP_192.168.2.3) a[...]

  • Pagina 30

    30 In the example above, the client is making a DNS reques t. The request is sent to the DNS server of BiGuard 50G th rough WAN2 (1). W AN2 will route this requ est to the embedded DNS server of BiGuard 50G (2). BiGuard 50G will an alyze the bandwidth of both WAN1 and WAN2 and decide wh ich WAN IP to reply to th e request (3). After the decision is[...]

  • Pagina 31

    31 2.6 Virtual Private Networking A Virtual Priv ate Network (V PN) enables y ou to send da ta between two computers across a shared or public network in a ma nner that emul ates the properties of a point-to-point private link. As such, it is perfect for connecting br anch offices to headquarters across the Intern et in a sec ure fashion. The follo[...]

  • Pagina 32

    32 VPN provides a flexible, cost-efficien t, and reliab le way for companies of all sizes to stay connected. One of the most important steps in setting up a VPN is proper planning. The followi ng sections demonstr ate the various wa ys of usi ng BiGuard 50G to setup your VPN. 2.6.2 VPN Planning - Fail Over Configur ing your VPN with F a il Over all[...]

  • Pagina 33

    33 gateway usi ng W AN1 through a s ecure VPN tunnel. Shoul d W AN1 fail, outbound traffic from BiGuard 50G will automatically be redirected to WAN2. This process is completely tr ansparent to the remote gatew ay , as BiGuard 50G will automatically update the domain name (biguard.billi on.com) with the WAN2 IP address. Configu ring a Gateway to Mul[...]

  • Pagina 34

    34 2.6.3 Concentrato r The VPN Concentrator pro vides an easy wa y for branc h offices to connect to headquarter through a VPN tunnel . All br anch office tr affic will be redirected to the VPN tunnel to headquarter with the ex ception of LAN-side tr affic. This way , all branch offices can co nnect to each other through headquarter via the headqua[...]

  • Pagina 35

    35 Chapter 3: Getting Started 3.1 Overview BiGuard 50G is designed to be a powerful and flexible network device that is also easy to use. With an intuitive web-based con figuration, BiGuard 50G allows you to administer your net work via vi rtually any Jav a-enabled web browser and is fully compatible with Linux, Mac OS, an d Windows 98/Me/NT/2000/X[...]

  • Pagina 36

    36 password for security reason. 4. Prepare to physically connect BiGuar d 50G to Cable or DSL m odems and a computer . Be sure to also review the Safety Warn ings located in the preface of this m anual before working with your BiGuard 50G. 3.3 Connecting Your Router Connecting BiGuard 50G is an easy three-step process: 1. Connect BiGuard 50G to yo[...]

  • Pagina 37

    37 3.4 Configuring PCs for TCP/IP Networking Now that y our BiGuard 50G is connected pr operly to y our network, it’ s time to configure your net worked PC s for T CP/IP networki ng. In order for your network ed PCs to communi cate with your router , they must have the following characteristics: 1. Have a properly installed and f unctioning Eth e[...]

  • Pagina 38

    38 - Windows 95/98/Me/NT/2000/XP - Mac OS 7 and later If you are using Windows 3.1, you mu st pu rchase a third-party TCP/IP application package. Any T CP/IP capable wo rkstation can be use d to communicate wit h or through BiGuard 50G. T o configure other types of workstations, please consult the manufacturer’ s documentation. 3.4.2 Windows XP 3[...]

  • Pagina 39

    39 3. Select Internet Protocol (TCP/IP) and click Properties . 4a. T o have your PC obtain an IP address automat ically , select th e Obtain an IP[...]

  • Pagina 40

    40 address automatically and Obtain DN S server address aut omatically rad io buttons. 4b. T o manually assign y our PC a fixed IP address, select the Use the following IP address r adio button a nd enter your desired IP ad dress, subnet mask, and default gateway in the blanks provided. R emember t h a t y o u r P C mu s t reside in the same subnet[...]

  • Pagina 41

    41 3.4.2.2 Verifying Settings T o verif y your setting s using a command prom pt: 1. Click Start > Programs > Accessories > Command Prompt . 2. In the Command Pro mpt window , type ipconfig and then press ENTER . If you are using BiGuard 50G’ s default settings, your PC sh ould have:[...]

  • Pagina 42

    42 - An IP address between 192.168.1.1 and 192 .168.1.253 - A subnet mask of 255.255.255.0 T o verif y your setting s using the Wi ndows XP GUI: 1. Click Start > Settings > Network Connections .[...]

  • Pagina 43

    43 2. Right click one of the network conn ections listed and select Status from the pop-up menu. 3. Click the Support tab .[...]

  • Pagina 44

    44 If you are usi ng BiGuard 50G’ s default settings, your PC s hould: - Have an IP address be tween 192.168.1.1 and 192.168.1.253 - Have a subnet mask of 255.255.255.0 3.4.3 Windows 2000 3.4.3.1 Configuring 1. Select Start > Settings > Cont rol Panel .[...]

  • Pagina 45

    45 2. In the Cont rol Panel window , double-click Network and Dial-up Connections . 3. In Network and Dial-up Connections, doubl e-click Local Area Connection .[...]

  • Pagina 46

    46 4. In the Local Area Connection window , click Properties . 5. Select Internet Protocol (TCP/IP) and cl ick Properties .[...]

  • Pagina 47

    47 6a. T o have your PC obtain an IP address automatically , select the Obta in an IP address automatically and Obtain DNS serve r address autom atically radi o buttons. 6b. T o manually assign y our PC a fix ed IP address, select the Us e the following IP address r adio button a nd enter your desired IP ad dress, subnet mask, and default gateway i[...]

  • Pagina 48

    48 7. Click OK to finish the configurati on.[...]

  • Pagina 49

    49 3.4.3.2 Verifying Settings 1. Click Start > Programs > Accessories > Command Prompt . 2. In the Command Pro mpt window , type ipconfig and then press ENTER . If you are using BiGuard 50G’ s default settings, your PC sh ould have: - An IP address between 192.168.1.1 and 192 .168.1.253[...]

  • Pagina 50

    50 - A subnet mask of 255.255.255.0 3.4.4 Windows 98 / Me 3.4.4.1 Installing Components T o prepare Windows 98/Me PCs for T CP/IP networking, you may need to manuall y install TCP/IP on each PC. T o do this, follow the steps below. Be sure to ha ve your Windows CD handy , as you may need to insert it during the inst allation process. 1. On the Wind[...]

  • Pagina 51

    51 Y ou must have t he followin g installed:[...]

  • Pagina 52

    52 - An Ethernet adapter - TCP/IP pr otocol - Client for Microsoft Networks If you need to in stall a new Ethern et adapter , follow these steps: a. Click Add . b. Select Adapter , then Add . c. Select the manufactu rer and model of your Ethernet adapt er , then click OK .[...]

  • Pagina 53

    53 If you need TCP/IP: a. Click Add .[...]

  • Pagina 54

    54 b. Select Protocol , then click Add . c. Select Microsoft . Æ TCP/IP , then OK . If you need Client for Microsoft Networks: a. Click Add .[...]

  • Pagina 55

    55 b. Select Client , then click Add . c. Select Microsoft . Æ Client for Microsoft Networks , and then click OK . 3. Re start your PC to a pply your changes. 3.4.4.2 Configuring 1. Select Start > Settings > Cont rol Panel .[...]

  • Pagina 56

    56 2. In the Con trol Panel, double-click Network and choose the Confi guratio n tab.[...]

  • Pagina 57

    57 3. Select TCP / IP > ASUSTek or the name of any Network Interface Card (N IC) in your PC and click Properties . 4. Select the IP Address tab and click the Obtain an IP address au tomatic all y radio butto n.[...]

  • Pagina 58

    58 5. Select the DNS Conf igura tion tab and select the Disable DN S r adio button. 6. Click OK to apply the configurati on.[...]

  • Pagina 59

    59 3.4.4.3 Verifying Settings T o check the TCP/IP configuration, use the winipcfg.exe utility: 1. Select Start > Run . 2. T ype winipcfg, and then click OK. 3. From the drop-down bo x, se lect your Ethernet adapter .[...]

  • Pagina 60

    60 The window is updated to show y our settings. Usi ng the defaul t BiGuard 50G settings, your PC should have: - An IP address between 192.168.1.1 and 192 .168.1.253 - A subnet mask of 255.255.255.0 - A default gatewa y of 192.168.1.254 3.5 Factory Defau lt Setting s Before configuring your BiGuard 50G, you need to kno w the following default sett[...]

  • Pagina 61

    61 ISP setting in W AN site: Obtain an IP Address automatically ( DHCP Clie nt) DHCP server: DHCP server is enabled. Start IP Address: 192.168.1.100 End IP Address: 192.16 8.1.199 3.5.1 User Name and Password The default user name and passw ord are "admin" and "admin" respectively . If you ever forget your user name and/or passw[...]

  • Pagina 62

    62 3.6 Information From Your ISP 3.6.1 Protocols Before configuring th is device, you have to check with your ISP (Internet Service P r o v i d e r ) t o f i n d o u t w h a t k i n d o f s e r v i c e is provided such as D HCP , Stat ic IP , PPPoE, or PPTP . The following table out lines each of these protocols: DHCP Configure this WAN interf ace [...]

  • Pagina 63

    63 3.6.2 Configuration Information If your ISP does not dynamically assi gn configur ation informati on but instead use s fixed configurations, you will need the follow ing basic information fr om your ISP: - An IP address and subnet mask - A gateway IP address - One or more domain name server (DNS) IP addresses Depending on your IS P , a host name[...]

  • Pagina 64

    64 2. Double-click t he Network icon. 3. In the Network Connections window , righ t-click Local Area Connecti on and select Properties .[...]

  • Pagina 65

    65 4. Select Internet Protocol (TCP/IP) and click Properties . 5. If an IP address , subnet mask and a Default gateway are shown, write down the informat ion. If no addre ss is present, your account’ s IP address is dynamically[...]

  • Pagina 66

    66 assigned. Click the Obtain an IP address automatically radio button. 6. If any DNS ser ver addresses are shown, write them down. C lick the Obtain DNS server address automa ti cally r adio button. 7. Click OK to save your changes.[...]

  • Pagina 67

    67 3.7 Web Config uration Interface BiGuard 50G includes a W eb Configuration Interface for easy administr ation via virtually any browser on your network. T o access this interface, open your web browser , enter the IP address of your ro uter , which by default is 192.168 .1.254, and click Go . A user name and passw ord window prompt will appear .[...]

  • Pagina 68

    68 If the W eb Configuration Interface appears, congr atulations! Y ou are now ready to configure your BiGuard 50G. If y ou are having trouble accessi ng the interface, please refer to Chapter 5: Troubleshooting for possible resolutions.[...]

  • Pagina 69

    69 Chapter 4: Router Configuration 4.1 Overview The W eb Configurati on Interface makes i t ea sy for you to manage yo ur network via any PC connected to it. On the W eb Co nfigur ation homepage, you will see the navigation pane l ocated on the left hand si de. From it, you will be able to select various opti ons used to configure y our router . 1.[...]

  • Pagina 70

    70 restricted to only one PC accessing the web configur ation interface at a time. Once a PC has logged into the web interf ace, other PCs cannot gain access until the current PC has logged out. If the previ ous PC forgets to logout, the second PC can access the page after a user-defined period (5 minutes by defaul t). The following sectio ns will [...]

  • Pagina 71

    71 Device Informati on Device Name: Displays the device name. System Up Time: System uptime enabl es a user to determine how long has the system being online or th e time that an unexpected restart or fault occurred. The system up-time is restar ted when there is a power failure or upon software or hardware reset. Registration: Click on the Registe[...]

  • Pagina 72

    72 In this menu, y ou will find the foll owing sections: - ARP Table - Wireless Association - Routing Table - Session Table - DHCP Table - IPSec Status - PPTP Status - Traffic Statistics - CPU Status - System Log[...]

  • Pagina 73

    73 4.2.1 ARP Table The Address Resolution Protocol (ARP) T a ble shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is a quick way to determine the MAC address of your PC’ s network interface to use wi th the router’ s Firewall – MAC Address Filter function. See the Firewall section of this chapter for more informa[...]

  • Pagina 74

    74 4.2.3 Routing Table The Routing T able d isplays th e current path for transmitted packets. Both sta tic and dynamic routes are displayed. No.: Number of the list. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: T he IP address of the ga teway or existing interface t hat this r[...]

  • Pagina 75

    75 Sessions: Filter: when the presented field is fill ed, please click Filter button. From IP: please input the sou rce IP you would like to filter . From Port: please input the source port you would like to f ilter . To IP: please input the destin ation IP you would like to filter . To Port: please input the destin ation port you would like to fil[...]

  • Pagina 76

    76 Name: The name you assigned to the particular IPSec entry . Enable: Whether the IPSec connection is currently Enable or Disable. Status: Whether the IPSec is Activ e, Inactive or Disable. Local Subnet : The local IP addres s or subnet used. Remote Su bnet: The subnet of the remote site. Remote Gateway: The remote gateway IP address. SA: The Secu[...]

  • Pagina 77

    77 WAN1: T ra nsmitted (Tx) and R eceived (Rx) b ytes and packets for W AN1. WAN2: T ra nsmitted (Tx) and R eceived (Rx) b ytes and packets for W AN2. Display: Allows you to change the units of measurement for the tr affic gr aph. 4.2.9 CPU Statistics This page displays the rout er’s system information. Processor: The router’ s processor type a[...]

  • Pagina 78

    78 MemFree: The router’ s current free memory size. CPU status: The CPU’ s usage shown in percentage each minute. When the CPU percentage in u se is higher than 80% the lin e will turn red. When the CPU percentage in u se is lower than 80% the line w ill turn blue. 4.2.10 System Log This window displays BiGuar d 50G’s S ystem Log entries. Maj[...]

  • Pagina 79

    79 First directs the page number for the table to the 1 st page, previous directs the page number for the table to the one page before, the dropdown menu allows the user to specifically select the page number to view, next directs the page number for the table to the one page after current pa ge, and last directs the page number for the table to th[...]

  • Pagina 80

    80 4.3.2 Static IP IP assigned by your ISP: Enter the assigned IP address from your IP . IP Subnet Mask: Enter y our IP subnet mask. ISP Gateway Address: Enter your ISP gate way addres s. Primary DNS: Enter yo ur primary DNS. Secondary DNS: Enter yo ur secondary DNS . Click Apply to save y our changes. T o reset to defaults, click Reset . 4.3.3 PPP[...]

  • Pagina 81

    81 is a packet requesting a ccess to the Intern et (i.e. when a program on yo ur computer attempts to access the Internet), sel ect Trigger on Demand . Idle Time: Auto-di sconnect the router whe n ther e is no activity on the line for a predetermined period of time. Select the id l e t i m e f r o m t h e d r o p d o w n m e n u . A c t i v e if Tr[...]

  • Pagina 82

    82 predetermined period of time. Select the id l e t i m e f r o m t h e d r o p d o w n m e n u . A c t i v e if Trigger on Demand is selected. Click Apply to save y our changes. T o reset to defaults, click Reset . 4.3.5 Big Pond Username: Enter your user name. Password: Enter your password. Retype Password: R etype your password. Login Server: E[...]

  • Pagina 83

    83 - QoS - Virtual Server - Advanced These items are described below in the f ollowing sections. 4.4.1 LAN There are three items within this section: Ethernet , Wireless, Wireless Securti y, DHCP Server and LAN Ad dress Mapping. 4.4.1.1 Ethernet[...]

  • Pagina 84

    84 IP Address: Enter the i nternal LAN IP addre ss for BiGuard 50G (192.168.1.254 b y default). Subnet Mask: Enter the subnet mask ( 255.255.255.0 by default). RIP: RIP v2 Broadcast and RIP v2 Multicast. Check to enable RIP . Wireless WLAN Service: Default setting i s set to Disable . If you have any wireless, both 802.11g and 802.11b , device in y[...]

  • Pagina 85

    85 Hide ESSID: It is function in which transmits its ESSID to the air so that when wireless client searches for a network, rout er can the n be discovered and recognized. Default setting i s Disable. Enable: Select Enable if you do not want broadcast your ESSID . When select Enable, no one will be able to loca te the Access Point (AP) of your route[...]

  • Pagina 86

    86 of the connected A P . WDS takes adv antages of cost s aving and flexibility which no extra wireless client device is required to bridge between two access points and extending an ex isting wired or wireless in frastructure network to cr eate a larger network. In addition, WDS enhances it s link connect ion security in WEP mode, WEP key encrypti[...]

  • Pagina 87

    87 Encryption Standard) utilizes a st ronger encryption method and incorporates Message Integrity Code (MIC) to pr ovide protection against hackers. WPA Shared Key: The key for network authentication. T he input format is in character st yle and key size should be in the r ange between 8 and 63 characters. Group Key Renewal: The period of renewal t[...]

  • Pagina 88

    88 4.4.1.3 WEP WEP Encryption: T o prev ent unauthoriz ed wireless stations from acc essing data transmitted o ver the network, th e router offers highly secure data encryption, known as WEP . If you require hi gh secu rity for transmissions, there are two alternatives to select from: WEP 64 and WEP 128 . WEP 128 will offer increased security over [...]

  • Pagina 89

    89 T o disable the router’ s DHCP Server , select the Disable radio button, and then click Apply . When the DHCP Server is disabled, yo u will need to manually assign a fi xed IP ad dr es s t o e ac h P C o n yo ur ne tw or k, and set the default gatew ay for each PC to the IP address of the router (192.168.1.254 by default). T o configure the ro[...]

  • Pagina 90

    90 Name: Enter the name you w ant to giv e for the IP+Mac Address Fix ed Host account. Active: Select whether you wan t to Enable or Disable this part icular Fixed Host account. IP Address: Enter the IP address that you want to reserve for the above MAC address. MAC Address: Enter the MAC address of the PC or server you wish to be assigned a reserv[...]

  • Pagina 91

    91 4.4.1.5 LAN Address Mapping LAN Address Mapping is a function that can support multiple subnet and also multiple NA T , you can specify a subnet and LAN Gatew ay IP Address and select associated WAN I P Address specified in W AN IP Alias in Configuration -> WAN -> WAN IP Alias. Please click Create to create a LAN Address Mapping rule. Name[...]

  • Pagina 92

    92 4.4.2 WAN W AN refers to your W ide Area Network conne ction. In most cases, this means your router ’ s connection to the Internet thr ough your ISP . BiGuard30 features Dual W AN capability . There are th re e items within this sectio n: The W AN menu contains two items: ISP Settings , Bandwidth Settings and WAN IP Alias . 4.4.2.1 ISP Setting[...]

  • Pagina 93

    93 Connection Meth od: Select how your router will connect t o the Internet. Selection s include Obtain an IP Address Automatically , Static IP Settings , PPPoE Settings , PPTP Settings , and Big Pond Settings . F or each WAN port, the factory default is DHCP . If your ISP does not use DHCP , select the correct connecti on method and configure th e[...]

  • Pagina 94

    94 MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MA C address in the blanks below . Candidates: Y ou can also select the MAC addre ss f rom the list in the Ca ndidates. DNS: If your ISP requires you to manua lly setup DNS settings, check the checkbox and enter your primary and secondary DNS . R[...]

  • Pagina 95

    95 Primary DNS: Enter the primary DNS provided by yo ur ISP . Secondary DNS: Enter the secondary DNS pr ovided by your ISP . RIP: T o activ ate RIP , select Send , Receive , or Both from the drop down menu. T o disable RIP , select Disable from th e drop down menu. MTU: Enter the Maximum T ransmission Unit (MTU) for your netw ork. Network Address T[...]

  • Pagina 96

    96 select Always Connect . If you want to establish a PPPoE session only wh en there is a packet requesting a ccess to the Intern et (i.e. when a program on yo ur computer attempts to access the Internet), sel ect Trigger on Demand . Idle Time: Auto-disconnect the router when there is no activity on the line for a predetermined period of time. Sele[...]

  • Pagina 97

    97 4.4.2.1.4 PPTP Settings Username: Enter your user name. Password: Enter your password. Retype Password: R etype your password. PPTP Client IP: Enter the PPTP Cl ient IP provided by your ISP . PPTP Client IP Netmask: Enter the PPTP Client IP Netmask provided by your ISP . PPTP Client IP Gateway: Enter the PPTP Clien t IP Gateway provided by your [...]

  • Pagina 98

    98 button. This will ta ke you to another page for inputting the IP address information. MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MA C address in the blanks below . Candidates: Y ou can also select the MAC addre ss f rom the list in the Ca ndidates. DNS: If your ISP requires you to manua l[...]

  • Pagina 99

    99 MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MA C address in the blanks below . Candidates: Y ou can also select the MAC addre ss f rom the list in the Ca ndidates. DNS: If your ISP requires you to manua lly setup DNS settings, check the checkbox and enter your primary and secondary DNS . R[...]

  • Pagina 100

    100 WAN IP Alias WAN IP Alias allows you to input addition al WAN IP addresses. W AN IP Alias can be used for Multip le NA T setting s, includin g LAN Address Mapping settings and Virtual Server settings. Please click Create to create a LAN Address Mapping rule. Name: Please input the name of the rule. IP Address: Please input the additional W AN I[...]

  • Pagina 101

    101 specific WAN port. In this menu are the followin g sections: General Settings, Outbound Load Balance, Inbo und Load Bala nce, and Protocol Bindi ng. 4.4.3.1 General Settings Mode: Y ou can select Load Balance or F ail Over . Service Detection: Enables or disables the service detection feature. F or fail over , the service detection fun ction is[...]

  • Pagina 102

    102 4.4.3.2 Outbound Load Balance Outbound Load Balancing on BiGuard 50G can be based on one of two methods: 1. By session mechanism 2. By IP address hash mechanism Choose one by clicking the corresponding r adio button. Based on Session Mec hanism: The source IP address and destination IP a ddress can go through W AN1 or W AN2 depending to policie[...]

  • Pagina 103

    103 to authenticate the sour ce IP address. Balance by weight of link c apacity: U s e s a n I P h a s h t o b a l a n c e t r a f f i c b a s e d on weight of l ink bandwidth capaci ty . Balance by weight: Uses an IP has h to balance tr affic based on a ratio . Enter the desired ra tio into the blanks pro vided. Click Apply to save your c hanges. [...]

  • Pagina 104

    104 SOA: Domain Name: The domain name of DNS Serv er 1. It is the name that you register on DNS organization . Y ou have to fill-out the Fu lly Qualified Domain N a m e ( F Q D N ) w i t h a n e n d i n g c h a r a c t e r ( a d o t ) f o r t h i s t e x t field.(ex:abc. com.).When you ent er the following domain name, you can only in put different[...]

  • Pagina 105

    105 MX Re cord Mail Exchanger: The name of the mail s erver . IP Address: The mail server IP address. Click Apply to save your c hanges. T o edit the Host Mapping URL list, click Edit . This will open the Host Mapping URL table, which lists the c urrent Host Mapping UR Ls. T o add a host mapping URL to the list, click Create . Domain Name: Th e dom[...]

  • Pagina 106

    106 Name1: The Alias Host URL Name2: The Alias Host URL Click Apply to save your c hanges. 4.4.3.4 Protocol Binding Protocol Binding let s you direct specific tr affic to go out from a speci fic W AN port. Click the Create button to create a new policy entr y . Po licies entered would tell specific types of Internet traffic fro m a part icular r an[...]

  • Pagina 107

    107 Source IP Range: All Source IP: Click it to specify all source IPs. Specified Source IP: Click to spe cify a specific source IP address and source IP netmask. Source IP Ad dress: If Specified Source IP was chos en, here’ s where the IP can be entered. Source IP Netmask: If Specified Source IP w as chosen, here’ s where the subnet mask can b[...]

  • Pagina 108

    108 Time Zone BiGuard does not use an onboard real time clock; instead, it uses the Network Time Protocol (NTP) to acquire the current time from an NTP serv er outside your network. Simply choose your local time zone, enter N TP Server IP Address, and click Apply . After connecting to the Internet, B iGuard 50G will retrieve the correct local ti me[...]

  • Pagina 109

    109 NOTE: When enabling remote access, please mak e sure to change the defa ult administration pass word for security reason. Action: Select Enable or Disabl e remote access function. HTTPS Port: Please input the re mote access HT TPS port you would like to use.(default is 443) Click Apply to apply your setti ngs. Click Creat e to add a R emote Acc[...]

  • Pagina 110

    11 0 Upgrading y our BiGuard 50G’ s firmware is a quick and easy w ay to enjo y increased functionality , better reliability , and ensu re trouble-free operation. T o upgr ade your firmwa re, simply visit Billi on’ s website ( http://www .billion.com ) and download the latest firmware image file for BiGu ard 50G. Next, click Browse and select t[...]

  • Pagina 111

    111 backup file. Y ou may also ch ange the name of the file wh en saving if you wish to keep multiple backups. Click OK to save the file . T o restore a previously saved backup file, clic k Browse . Y ou will be prompted to select a file from your PC to restore. Be sure to only rest ore setting files that have been genera ted by the Backup function[...]

  • Pagina 112

    11 2 4.4.4.6 Password In order to prevent unauthorized access t o your router’s configuration interface, it requires the admini strator to l ogin with a password. Y ou can change your pass word by entering your new passw ord in both fields. Click Apply to sa ve your changes. Click Reset to reset to the defaul t administr ation password (admin). 4[...]

  • Pagina 113

    11 3 4.4.5.1 Packet Filter The Pack et Filter function is used to limit user access to ce rtain sites on the Internet or LAN. The Filt er T ab le displays all cu rrent filter rules. If there is an ent ry in the Filter T able, you can clic k Edit to modify the setting of this entry , click Delete to remove this entry , or click Move to change this e[...]

  • Pagina 114

    11 4 ID: This is an identify that allow s you to move the rule by before or after an ID. Rule: Enable or Disable this entry . Action When Matched: Select to Dr op or Forward the packet specified in this filter entry . Direction: Incoming P acket Filter rules pr event unauthorized computers or applications accessing your local n etwork from the In t[...]

  • Pagina 115

    11 5 Destination Port Range: Enter the destination port number range. If you only want to specify one service port, then en ter the same port number in both bo xes . Helper: Y ou could also select the applicat ion t ype you would like to apply for automatic input. Schedule: Allows you select a time for this QoS policy to be applied to. This option [...]

  • Pagina 116

    11 6 URL Filtering: Y ou can choose to Enable or Disable this feature. Keyword Filtering: Click the check box to enable this fe ature. T o edit the list of filtered keywords, click Details. Domain Filtering: Click the "enable" ch eckbox to enable filtering by Domain N ame. Click the "Disable al l WEB traffic except for trusted domain[...]

  • Pagina 117

    11 7 Enter a domain and select whether this domain is t rusted or forbidden w ith the pull-down menu. Next, click Apply . Y our ne w domain will be added to either the T rusted Domain or Forbidden Domain listing, depending on which you selected previously . Y ou may also designate which IP addresses ar e to be ex cluded from these filters by adding[...]

  • Pagina 118

    11 8 4.4.5.3 Ethernet MAC Filter Ethernet M ac Filter can decide if BiGuard w ill filter those dev ices at LAN side by MAC Address and determine if they can connect to the internet or not. Default Rul e: F orward or Drop al l LA N request. (F orward by default) Create: Y ou can also input a specified MAC Address to be dropped or F orward without de[...]

  • Pagina 119

    11 9 4.4.5.4 Wireless MAC Filter Prevents unauthorized computers access from using the Internet through the router . Wireless MAC Filter can Default Rule: Forward or Drop all wireless re quest. (Forward by default) Click on Create to create a new rule. You can in put a specified MAC Address to be dropped or Forward. This new rule will be prioritize[...]

  • Pagina 120

    120 4.4.5.5 Block WAN Request Blocking WAN requests is one w ay to pr eve nt DDOS attacks by preventing ping requests from the Internet . Use t his menu to enable or disable function. 4.4.5.6 Intrusion Detection Intrusion Detecti on can prevent most co mmon DoS attacks from the Internet or from LAN users. Intrusion Detection : Enable or disable thi[...]

  • Pagina 121

    121 connections on per-us er basis. This is useful when controlling users who w ill use the applications which create a large n umber of connections (such as P2P soft ware). No Limit: No restrictions o n the amount of sessions allowe d to connect to BiGuard30. Limit Maximum sessions per IP to: R estricts an upper limit of sessions allowed to connec[...]

  • Pagina 122

    122 4.4.6.1 IPSec IPSec is a set of protocols that enab le Virtual Private Networks (VPN). Y ou can find two items under the IPSec section: IPSec Wizard and IPSec Policy . 4.4.6.1.1 IPSec Wizard Connection Name: A user -defined name for the co nnection. Interface: Select the interface the IP Sec tunnel wi ll apply to. WAN1: Select interface WAN1 WA[...]

  • Pagina 123

    123 pre-shared key into both sides (router or hosts). Connection Type : There are 5 connection types: (1)LAN to LAN: BiGuard would lik e to establish an IPSec VPN tunnel wi th remote router using Fixe d Internet IP or do main name by using main mode. Secure Gateway Address (or Domain Nam e): The IP address o r hostname of the remote VPN gatewa y . [...]

  • Pagina 124

    124 (3)LAN to Host: BiGuard would lik e to establish an IPSec VPN tunnel with remote client softw are using Fixed Interne t IP or domain name by using main mode. Secure Gateway A ddress (or Domain Name): The IP address or hostname of the remote VPN device that is connected and establishes a VPN tunnel . Back: Back to the Previous page. Next: Go to [...]

  • Pagina 125

    125 Re mote Identifier: The Identifier of the remote gatewa y . According to the input value, the ID type will be auto-defi ned as IP Address, FQDN(DNS) or FQ UN(E-mail). Back: Back to the Previous page. Next: Go to the next page. (5)LAN to Host (for BiGuard VPN Clien t only): BiGuard would like to establish an IPSec VPN tunnel w ith BiGuard VPN Cl[...]

  • Pagina 126

    126 After your confi gurati on is done, yo u will see a Configuration Summary . Back: Back to the Previous page. Done: Click Done to apply the rule. 4.4.6.1.2 IPSec Policy Click Create to create a new IPSec VPN connection account. Configuring a New VPN Connection[...]

  • Pagina 127

    127 Connection Name: A user-defin ed name for the connection. T unnel: Select Enable to activate thi s tunnel. Select Disable to d eactiv ate this tunnel. Interface: Select t he interface the IP Sec tunnel will apply to. WAN1: Select interface WAN1 WAN2: Select interface WAN2 Auto: The device wi ll automatically appl y the tunnel to W AN1 or W AN2 [...]

  • Pagina 128

    128 interface if Aut o is selected. Local: This section configures t he local host. ID: Th is is the identity type of the local router or h ost. Choose from the following four options: W AN IP Address: Auto matically use the current W AN Address as ID. IP Address: Use an IP address form at. FQDN DNS(Fully Quali fied Domain Name): Consists of a host[...]

  • Pagina 129

    129 Any Local Address: Will enable any local address on the netw ork. Subnet: The subnet of the remote ne twork. Selecting this option allows you to enter an IP address and netmask. IP Range: The IP R ang e of the remote network. Single Address: The IP address of the remote host. Gateway Address: The gatewa y address of the remote host. Proposal: S[...]

  • Pagina 130

    130 negotiation time. Dif fie-Hellman is a public-key cryptography protocol that allows two parties to establish a shar ed secret ov er the Internet. Pre-shared K ey: This is for the In ternet Key Ex change (IKE) protocol. IKE is used to establi sh a shared security pol icy and authenticated k eys for servi ces (such as IPSec) that require a key . [...]

  • Pagina 131

    131 Local Subnet: Displays I P address and subnet of the local network. Re mote Subnet: Displays IP address and subnet of the remote netw ork. Re mote Gateway: This i s the IP address or Domain Name of the remote VPN device that is connected and has an es tablished IPSec tunnel . IPSec Proposal: This is the se lected IPSec security method. 4.4.6.2 [...]

  • Pagina 132

    132 Connection Name: A user-defin ed name for the connection. T unnel: Select Enable to activate thi s tunnel. Select Disable to d eactiv ate this tunnel. Username: Please input the userna me for this account. Password : Please input the password for this account. Re type Pas sword: Please repeat the same password as pr evious field. Connection T y[...]

  • Pagina 133

    133 The first menu screen gives you an overview of which WAN ports currently have QoS active, and the bandwidth settings for each. WAN1 Outbound: QoS Function: QoS status for W AN1 outbound. Sel ect Enabl e to activ ate QoS for W AN1’ s outgoi ng traffi c. Select Disable to deactiva te. Max ISP Bandwidth: The maximum bandwi dth afforded by the IS[...]

  • Pagina 134

    134 Creating a New QoS Rule T o get started using QoS, you will need t o establish QoS rules. These rules tell BiGuard 50G how to handl e both incoming and outgoing tr affic. The following example shows you how to co nfigure W AN1 Outbound QoS. Confi guring the oth er traffic types follows the same process. T o make a new rule, click Rule T able. T[...]

  • Pagina 135

    135 Interface: The current tr affic type. This can be WAN1 (outbound, i nbound) and W AN2 (outbound, inbound). Application: User defined appli cation name for the current rul e. Guarantee d: The guar anteed amount of bandwidth for this rule as a percentage. Maximum: The ma ximum amount of ba ndwidth for thi s rule as a percentage. Priority: The pri[...]

  • Pagina 136

    136 For MAC Address: Source MAC Addre ss: The source MAC Address of the de vice this rule applies to. Candidates: Y ou can also select the Candidates which are referred from the ARP table for automatic input. Source Port Range: The r ange of source ports this rule applies to. Destination Port Ran ge: The range of destination ports this rule applies[...]

  • Pagina 137

    137 configure your rou ter to forward th ese incoming connection a ttempts using speci fic ports to the PC on your network run ning the applicati on. Y ou will a lso need to use port forwarding if you want to host an onlin e game server . The reason for this is t hat when using NA T , your publicly accessible IP address w ill be used by and point t[...]

  • Pagina 138

    138 Candidates: Y ou can also select the Candidates which are referred from the ARP table for automatic input. Select the Apply button to ap ply your chang es. 4.4.8.2 Port Forwarding Table Because NA T can act as a "natur al" Internet firewall, yo ur router protects your network from being accessed by outside user s, as all incoming conn[...]

  • Pagina 139

    139 Application: User defined appli cation name for the current rul e. Helper: Y ou could also select the application type you would like to apply for automatic input. Protocol type: please select protocol type External Port: Enter the port number of the service that will be sent to the Internal IP address. Redirect Port: Enter a new port number fo[...]

  • Pagina 140

    140 4.4.9 Advanced Configurati on options wi thin the Adv anced section are for users who wish to tak e advantage of the more adv anced features of BiGuard 50G. Users who do not understand the featur es should not attemp t to reconfigure their router , unless advised to do so by support sta ff . There are five items within the Advanced section: Sta[...]

  • Pagina 141

    141 Rule: Select Enable to activ ate this rule, Disabl e to deactiv ate this rule. Destination: This is the destination subnet IP address. Netmask: This is the subnet mask of the destination IP addresses base d on above destination subn et IP . Gateway: This is the gatewa y IP address to which pack ets are to be forwarded. Interface: Select the int[...]

  • Pagina 142

    142 please fill it in t he blank space below. Dynamic DNS: Disable: Check to disable the D ynamic DNS functi on. Enable: Check to enable the Dynamic DNS function. The followi ng fields will be activated and required: Dynamic DNS Server: Select the DDNS service you have established an accoun t with. Wildcard: Select this check box to enable th e DYN[...]

  • Pagina 143

    143 Device Name Name: Enter a name for this device. Web Server Settings HTTP Port: This is the port number the router’ s embedded web server (for web-based configuration) will use. The def ault value is the standard HT TP port, 80. Users may specify an a lternative if , for example, they are running a web server on a PC within their LAN. Manageme[...]

  • Pagina 144

    144 SNMP Function: Select Enable to activ ate this functi on, Di sable to deactiv ate this function. SNMP V1 and V2 Read Community: Input the stri ng for R ead communit y to match your SNMP software. Write Community: Input the s tring for W rite community to match your SNMP software. Trap Community: Input the string for T r ap community to match y [...]

  • Pagina 145

    145 Click Create to create a new schedule. Name: A user-define descripti on to identify thi s time portfolio. Day: The default is set from Monday through Friday . Y ou may specify the da ys for the schedule to be appl ied. Start Time: The defaul t is set at 8:00 A M. Y ou may spe cify the start time of the schedule. End Time: The default is set a t[...]

  • Pagina 146

    146 Select System Log to capture to a log. Select Syslog Server to capture a nd send to a specified external server . Select Email Alert to send information log to a pre-specified E-mail accou nt. 5.2 System Log Server T h i s f u n c t i o n a l l o w s B i G u a r d 5 0 G t o s e n d s y s t e m l o g s t o a n e x t e r n a l Sy s l o g S e r v [...]

  • Pagina 147

    147 5.3 E-mail Alert The Email Alert function allows a log of se curity-related events (suc h as System Log and IPSec Log) to be se nt to a specified email address. Email Alert: Y ou may enable or disable this f unction by selecting the appropriate radio butto n. Recipient’s Email Address: Enter the email address where you wish the alert logs to [...]

  • Pagina 148

    148 Weekly: The router will send an alert once a week. When log is full: The router will send an alert only wh en the log is full. 6 Language Language provides 3 di fferent type of l a nguage to be displayed on the interface (currently support ing English, Simplified C hinese and T raditional Chinese) . Note : If you accidentally mistakenly clicked[...]

  • Pagina 149

    149 6.2 Simplified Chinese Clicking on t he Simplified Chin ese link will chan ge all the text in to Simplified Chinese. 6.3 Traditional Chinese Clicking on th e T raditional Chinese lin k will chan ge all the text into T raditional Chinese. 7 Save Configuration To Flash After changing the router’ s configuration s ettings, yo u must sa ve all of[...]

  • Pagina 150

    150 8 Logout T o exit the router’ s web interface, click Logout . Please ensure that you have sa ved your config urati on settings before y ou logout. Be aware that the router is restricted to only one PC accessing the web configur ation interface at a time. Once a PC has logged into the web interfac e, other PCs cannot gain access until the curr[...]

  • Pagina 151

    151 Chapter 5: Troubleshooting 5.1 Basic Functio nality This section deals with issues regardin g your BiGuard 50G’ s basic functions. 5.1.1 Router Won’t Turn O n If the Po wer and other LEDs fai l to ligh t when your BiGuard 50G is turned on: - Make sure that the power cord is properly connected to your firew all and that the power supply adap[...]

  • Pagina 152

    152 or workstation. - Make sure that power is tur ned on to the connected hub or workstation. - Be sure you are using the correct cable. When connecting the firew all’ s Internet port to a cable or DSL modem, use the cabl e that w as supplied with the cable or DSL modem. This cable could be a standard s tra ight-t hrough Ethernet cable or an Ethe[...]

  • Pagina 153

    153 5.2.2 Can’t Ping Any PC on the LAN If PCs connected to the LAN cannot be pinged: - Check the 10/100 LAN LEDs on BiGuard 50 G’ s front panel. One of these LEDs sh oul d be on . I f th ey a re b ot h o ff , c h eck the cables between BiGuard 50G and the hub or PC. - Check the correspondi ng LAN LEDs on y our PC’ s Ethernet device are on. - [...]

  • Pagina 154

    154 3. Make sur e that the Delete All Offline Content checkbox is checked, and click OK . 4. Click OK under Internet Options to close the dialogue. - In Windows, type arp – d at the command prompt to clear you co mputer’ s ARP table.[...]

  • Pagina 155

    155 5.2.3.1 Pop-up Windows T o use the W eb Configur ation Inte rface, yo u need to disable po p-up blocking. Y ou can either disable pop-up blocking, which is enabled by default in Windows XP Service Pack 2, or create an ex ceptio n for your BiGuard 50G’ s IP address. Disabling All Pop-ups In Internet Explorer , select Tools > Pop-up Blocker [...]

  • Pagina 156

    156 3. Under Scripting , check to see if Active scripting is set to Enable . 4. Ensure that Scripting o f J ava applets i s set to En abled . 5. Click OK to close the dialogue. 5.2.3.3 Java Perm issions The following Java P ermissions should also be given for the W eb Configuration Interface to display properl y: 1. In Internet Explorer , click Too[...]

  • Pagina 157

    157 4. Click OK to close the dialogue. NOTE: If Jav a from Sun Microsystems is installed, scroll down t o Java (Sun) and ensure that the ch eckbox is filled. 5.3 WAN Interface If you are ha ving problems with the W AN Interface, refer to the tips b elow . 5.3.1 Can’t Get WAN IP Ad dress from the ISP If the W AN IP address cannot be o btained from[...]

  • Pagina 158

    158 4. Check to see that the W AN port is properly connected to the ISP . If a Connected by (x) where (x) is your con nection method is not shown, your r outer has not successfully obtained an IP address from your ISP . If an IP address cannot be obtained: 1. T urn off the power to yo ur cable or DSL modem. 2. T urn off the power to your BiGuard 50[...]

  • Pagina 159

    159 If an IP address can be obtained, but yo ur PC cannot load any web pages from the Internet: - Y our PC may not re cognize DNS server addresses. Co nfigure your PC man ually with DNS addresses. - Y our PC ma y not ha ve the router correctly configured as i ts TCP/I P gatewa y . 5.5 Problems with Date and Time If the date and time is not being di[...]

  • Pagina 160

    160 Appendix A: Product Specifications Availability and Resilience - Dual- W AN ports - Load balancing for increased bandwi dth o f inbound and outbound tr affic - Automatic failo ver to redirect t he pa ck et when one broadband connection i s broken. It will keep your Int ernet connection always online whenever one connection should fail. Virtual [...]

  • Pagina 161

    161 - Netbios ov er VPN Firewall - Stateful P acket Inspection (SPI) and Deni al of Service (DoS) prev ention - Pack et filter un- permitted inbound (W AN)/Inbound (LAN) Internet access by IP addre ss, port number and packet type - Email alert and logs of attack - MAC Address Filterin g - Intrusion detecti on Content Filtering - URL Filter settings[...]

  • Pagina 162

    162 Physical Interface Ethernet W AN 2 ports (10/100 Base- T), support Auto- Crossover (MDI/MDIX) Ethernet LAN 8 ports (10/100 Base- T) swit ch support Auto- Crossover (MDI/MDIX) Physical Specifications Dimensions: 18.98" x 6.54" x 1 .77" (482mm x 166 mm x 45mm, with Br acket) 9.84" x 6.54" x 1.38" (250mm x 166 mm x 35[...]

  • Pagina 163

    163 Appendix B: Customer Support Most problems can be solved by referring to the T roubleshooting section in the User’s Manual. If you cannot resolve the problem w ith the T roubleshootin g chapter , please contact the dealer wher e yo u purchased this prod uct. Contact Billion Wo r l d w i d e http://www.billion.com/[...]

  • Pagina 164

    164 Appendix C: FCC Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the follow ing two condition s: - This device may not c ause harmful interference. - This device must accept any interference received, includin g interference that may cause undesired oper ations. This equipment has been test ed and f[...]

  • Pagina 165

    165 Appendix D: Network, Routing, and Firewall Basics D.1 Network Basi cs D.1.1 IP Addresses With the number of T CP/IP networks interconne cted across the globe, ensuring that transmitted data reaches the correct dest ination requires each computer on the Internet has a unique identifier . This identifie r is known as the IP address. The Internet [...]

  • Pagina 166

    166 back slash (/). F or example, a typical Class C address could be written as 192.168.234.245/24, which means th at the net mask is 24 ones followed by 8 zeros. (11111111 11111111 11111111 00000000). D.1.1.2 Subnet Addressing Subnet addressing enables t he split of one IP network address into mu ltiple physical networks. These smaller networks ar[...]

  • Pagina 167

    167 from these r anges. D.1.2 Network Address Translation (NAT) T raditionally , mult iple PCs that needed simu ltaneous Intern et access also required a range of IP addresses from the Internet Service Prov ider (ISP). Not only was th is method very costly , but the number of available IP addresses for PCs is limited. Instead, BiGuard 50G uses a ty[...]

  • Pagina 168

    168 D.2 Router Basics D.2.1 What is a Router? A router is a device that forwards da ta packets along networks. A router i s connected to at least t wo networks. U sua lly , this is a LAN and a WAN that is connected to an ISP network. R outers ar e located at gate ways, the places where two or more networks connect. R outers use headers and forwardi[...]

  • Pagina 169

    169 D.3 Firewall Basi cs D.3.1 What is a Firewall? Firewalls prevent unaut horiz ed Internet users from accessing private networks connected to the Internet. All messages en tering or leaving the in tranet pass through the f irewall, which examines each message and blocks those that do not meet the specified security criteria. With the functionali [...]

  • Pagina 170

    170 D.3.2 Why Use a Firewall? With a LAN connected to the Internet throug h a router , there is a chance for hackers to access or disrupt your network. A simp le NA T router provides a basic level of protection by sh ielding your network from the out side Internet . Still, there are ways for more dedicated hackers to either ob tain information abou[...]

  • Pagina 171

    171 Appendix E: Virtual Private Networking E.1 What is a VPN? A Virtual Private Network (VPN) is a shared network where private data is segmented from other traffic so that only the intended recipient has access. It allows organization s to securely transmit data over a public medium like the Internet. VPN s utilize tunnels, which allow data to be [...]

  • Pagina 172

    172 data authentication, in tegrity , and confiden tiality as data is transferred across I P networks. IPSec provides data security at the IP packet level, and protects against possible security risks by pr otecting data. IPSec is widely used to esta blish VPNs. There are three major functions of IPSec: - Confidentiali ty: Conce als data through e [...]

  • Pagina 173

    173 E.2.1.2 Encapsulating Security Payload (ES P) Encapsulating Security P ayload (ESP) pro vid es privacy for data through encryption. An encryption algorithm combi nes the data with a k ey to encrypt i t. It then repackages the data using a speci al format, and tr ansmits it to the destination. The receiver then decrypts the data usi ng the same [...]

  • Pagina 174

    174 E.2.1.3 Security Associations (SA ) Security Associations are a on e-way relationships between sender and receiver th at specify IPSec-related parameters. They provide data protection by using the defined IPSec protocols, and allow organizati ons to control according to the security policy in effect, wh ich resour ces may communicate securely .[...]

  • Pagina 175

    175 T ransport Mode - This mode is used to provide dat a se curity between two networks. It provides p r o t e c t i o n f o r t h e e n t i r e I P p a c k e t a n d i s s e n t b y a d d i n g a n o u t e r I P h e a d e r corresponding to the two tu nnel end-points. Since tunnel mode hides the original IP header , it provides security of the ne [...]

  • Pagina 176

    176 E.2.4 Tunnel Mod e ESP Here is an example of a packet with ESP applied: E.2.5 Internet Key Exchange (IKE) Before either AH or ESP can be used, it is necessary for the two communication devices to exchange a secret key that the security prot ocols themselves will use. T o do this, IPSec uses Internet K ey Exchange (IKE) as a primary support prot[...]

  • Pagina 177

    177 addresses. Aggressive mode reduces this process to three messages, but par ameter negotiation is limited, identity protection is lacking except when using public key encryption, and is more vulnerable to Denial of Service attack s. Phase II, known as Quick Mode, est ablishes symmetrical IPSec Security Associations for both AH and ESP . It do es[...]

  • Pagina 178

    178 Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories There are three major categories of IPSe c Log Events for your BiGuard 50G. These include: 1. IKE Negotiate P acket Messages 2. Rejected IKE Messages 3. IKE Negotiated Status Messages The table in th e following section lists th e different events of each category , and provides a[...]

  • Pagina 179

    179 Received Main mode second message of ISAKMP Received the second message of main mode. Done to exchange key values. Send Main mode second response message of ISAKMP Sending the main mode second response message. Done to exchange key val ues. Received Main mode second response message of ISAKMP Received the main mode second response message. Done[...]

  • Pagina 180

    180 Received Aggressive mode second ISAKP Message Received the second message of aggressive mode. Done to exchange proposal and key values. Send Quick mode in itial message Sending the first message of quick mode (Phase II). Done to exchange proposal and ke y values (IPSec). Received Quick mode initial mess age Received the first message of quick m[...]

  • Pagina 181

    181 NO P R OP O SA L C H OS E N: I n it i a l M a i n Mo d e me s s ag e re c e iv e d on [ I P :P o rt # ] bu t n o connection has been authorized INVALID ID: Require peer to have ID [I D], but peer declares [ID] INVALID ID INFORMATION: Initial Aggressive Mode packet claiming to be from [ID] on [IP] but no connecti on has been authorized INVALID I[...]

  • Pagina 182

    182 Appendix G: Bandwidth Management with QoS G.1 Overview In a home or office envi ronment, users cons tantly ha ve to transmi t data to and from the Internet. When too many are accessing the Internet at the same time, service can slow to a crawl, causing service interruption s and general frustration. Quality of Service (QoS) is one of the wa ys [...]

  • Pagina 183

    183 -Prioritizat ion: Assigns diff erent priority levels for diff erent applications, prioritizing traffic. Hi gh, Normal an d Low priority setting s. -Outbound and Inbou nd IP Throttli ng: Controls network t raffi c and allows y ou to limit the speed of each application. -DiffServ T echnology: Manages priority queu es and DSCP tagging through the [...]

  • Pagina 184

    184 Application Data Ratio (%) Priority On-line games 30% High Skype 5% High Email 10% High FTP 20% Upload (High), D ownload (Normal) Other 35% G.4.2 Office Users QoS is also ideal for small businesses u sin g an office server as a web server . With QoS control, web pages served to your custo mers can be given top priority and delivered first so th[...]

  • Pagina 185

    185 Appendix H: Router Setup Examples H.1 Outbound Fail Over Step 1: Go to Configuration > WAN > ISP Settings . Select WAN1 and WAN2 and click Edit . Step 2: Configure WAN1 and WAN2 according to the information given by your ISP .[...]

  • Pagina 186

    186 Step 3: Go to Configur ation > Dual W AN > General Setti ngs. Select the Fail Over radio button. Under Connecti vity De cision, input the num ber of times BiGuard 50G should probe the WAN before deciding that the ISP is in service or not (3 by default). Next, input the dur ation of the probe cycle (30 sec. by default) and cho ose the wa y[...]

  • Pagina 187

    187 WAN 1 . Step 4: Click Save Config to save all changes to flash memory . H.2 Outbound Load Balancing With Outbound Load Balanci ng, you can impro ve upload p erformance by optimizing your connection via Dual WAN. T o do this, follow these st eps: Step 1: Go to Configur atio n > WAN > ISP Settings . Configure y our W AN1 ISP settings and cl[...]

  • Pagina 188

    188 Step 3: Go to Configuration > Dual WAN > Gener al Settings . Select the Load Balance radio button. Step 4: Go to Configur ation > Dual WAN > Outbound Load Balance . Choose the Load Balance mechanism you want and click Apply .[...]

  • Pagina 189

    189 Step 5: Complete. T o check traffi c statistics, g o to Status > Traffic Stati stics . Step 6: Click Save Config to save all changes to flash memory .[...]

  • Pagina 190

    190 H.3 Inbound Fail Over Configurin g your BiGuard 50G for Inbound F ail Over is a great way to ensure a more reliable connection for i ncoming requ ests. T o do so, follow these steps: NO TE: Before you begin, ensure that both W AN1 and WAN2 have been properly configured. See Chapter 4: Router Configuration for more details. Step 1: From the W eb[...]

  • Pagina 191

    191 Step 3: Go to Configuration > Adva nced > Dynamic DNS . Set the WAN1 DDNS settings. Step 4: From the same menu, set the WAN2 DDNS settings. Step 5: Click Save Config to save all changes to flash memory .[...]

  • Pagina 192

    192 H.4 DNS Inbound Fail Over NO TE: Before proceeding, please ensure th at b o th WA N 1 an d WA N2 a re p r o p er l y configured according to the settings provided by your ISP . If not, please refer to Chapter 4.2.2. 1 ISP Settings for details on h ow to configure your WAN ports. Step 1: Go to Configura tion > Dua l WAN > General Settings [...]

  • Pagina 193

    193 Step 2: Go to Configuration > Du al W AN > Inbound Load Balanc e . Select t he Enable radio button an d configure DNS Server 1 by clicking Edit . Step 3: Input DNS Server 1 se ttings and click Apply .[...]

  • Pagina 194

    194 Step 4: Configure your Host URL Ma pping for DNS Server 1 by clicking Edit to enter the Host URL Mappings List. Click Create and i nput the settings for Host URL Mappings and click New . Step 5: Click Save Config to save all changes to flash memory . H.5 DNS Inbound Load Balancing[...]

  • Pagina 195

    195 Step 1: Go to Configuration > Dual WAN > General Settings . Select the Load Balance radio button. Step 2: Go to Configur ation > Dual WAN > Inbound Load Balance > Server Settings and configur e DNS Server 1.[...]

  • Pagina 196

    196 Step 3: Go to Configuration > Dual WAN > Inbound Load Balance > Host URL Mapping and configur e your FTP mappi ng. Step 4: Next configure your HTTP mapping.[...]

  • Pagina 197

    197 Step 5: Click Save Config to save all changes to flash memory . H.6 Dynamic DNS Inbound Load Balancing Step 1: Go to Configuration > WAN > Bandwidth Settings. Configure your WA N inbound and outbound bandwidth.[...]

  • Pagina 198

    198 Step 2: Go to Configuration > Dual WAN > General Settings and enable Load Balance mode. Y ou ma y then decide whether to enable Serv ice Detection or not. Step 3: Go to Configur ation > Dual WAN > Outbound Load Balance . Choose your load balance policy and click Apply to apply yo ur changes. If you selected Based on session mechanis[...]

  • Pagina 199

    199 Step 4: Go to Configuration > Ad vanced > Dynamic DN S and input the dynamic DNS settings for W AN1 and WA N2. WAN 1 : WAN 2:[...]

  • Pagina 200

    200 Step 5: Go to Configuration > Virtual Se rver and set up a virtual server for both FTP a n d H T TP . Step 6: Click Save Config to save all changes to flash memory . H.7 VPN Configuration This section outlines some concrete ex amples on how yo u can configure BiGuard 50G for your VPN. H.7.1 LAN to LAN[...]

  • Pagina 201

    201 [ Branch Office Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 192.168.0.0 192.168.1.0 Netmask 255.255.255.0 255.255.255.0 Remote Secure Gateway Address(or Hostna me) 69.121.1.3 69.121.1.30 ID IP Address IP Address Data 69.121.1.3 69.121.1.30 Network Subnet Subnet IP[...]

  • Pagina 202

    202 Proposal IKE Pre-shared Key 12345678 12345678 Securi ty Algo rithm Main Mode; ESP: MD5 3DES PFS Main ESP MD5 3DES PFS H.7.2 Host to LAN Single client Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address[...]

  • Pagina 203

    203 IP Address 0.0.0.0 192.168.1.0 Netmask 0.0.0.0 255.255.255.0 Remote Secure Gateway Address(or Hostna me) 69.121.1.3 69.121.1.30 ID IP Address IP Address Data 69.121.1.3 69.121.1.30 Network Subnet Single Address IP Address 192.168.1.0 69.121.1.30 Netmask 255.255.255.0 255.255.255.255 Proposal IKE Pre-shared Key 12345678 12345678 Securi ty Algo r[...]

  • Pagina 204

    204 Step 1: Go to Configuration > Dual WAN > General Settings . Enable F ail Over by selecting the Fail Over radio button. Then, configure your F ail Over policy . Step 2: Go to Configur ation > Advanced > Dynami c DNS and configure your dynamic DNS settings (Both W AN1 and W AN2).[...]

  • Pagina 205

    205 Step 3: Go to Configur ation > VPN > IPSec > IPSec Policy . Click Crea te to configure VPN settings. Step 4: Click Save Config to save all changes to flash memory . T o configure BiGuard 10 gatew ay , refer to the screenshot below .[...]

  • Pagina 206

    206 H.9 VPN Concentrator[...]

  • Pagina 207

    207 Step 1: Go to Configur ation > VPN > IPSec > IPSec Policy and configure the link from BiGuard 50G to BiGuard 10 Branch A. 100.100.10 0.1 200.200.200. 1 192.168.2.x 192.168.3.x 201.201.201. 1 192.168.4.x Local ID T ype: Subnet Local subnet: 0. 0. 0.0 Local mask: 0. 0.0.0 Remote ID T ype: Subnet Remote subnet : 192.168.3.0 Remote mask: 2[...]

  • Pagina 208

    208 Step 2: Go to Configur ation > VPN > IPSec > IPSec Policy and configure the link from BiGuard 50G to BiGuard 10 Branch B .[...]

  • Pagina 209

    209 Step 3: Go to Configur ation > VPN > IPSec > IPSec Policy and configure the connection from BiGuard 10 Branch A to BiGuard 50G.[...]

  • Pagina 210

    210 Step 4: Go to Configur ation > VPN > IPSec > IPSec Policy and configure the connection from BiGuard 10 Branch B to BiGuard 50G.[...]

  • Pagina 211

    21 1 Step 5: Click Save Config to save all changes to flash memory . H.10 Protocol Binding Step 1: Go to Configuration > Dual WAN > General Settings. Select the Load Balancing radio butto n.[...]

  • Pagina 212

    212 Step 2: Go to Configuration > Dual WAN > Protocol Binding and configure settings for WA N1. Step 3: Go to Configuration > Dual WAN > Protocol Binding and configure settings for WA N2.[...]

  • Pagina 213

    213 Step 4: Click Save Config to save all changes to flash memory . H.11 Intrusion Detection Intru sion Det ecti on on Internet Internet Detected! Dropped BiGuard Safe!! Server Safe!! Hacker DoS Attack DoS Att ack Hacker Hacker DoS Attack DoS Attack Step 1: Go to Configura tion > Firewall > Intrusion Detection and Enable the settings. Step 2:[...]

  • Pagina 214

    214 H.12 PPTP Remote Access by Windows XP Internet Internet Windows XP PPTP Clien t Internet Internet 100. 100.10 0.1 Headquart er BiGuard &PPTP Server Busin ess Trip PPTP Tunnel Publ ic IP Local subnet: 192.168.30.0 Local mask: 255.255.255.0 Step1: Go to Configuration > VPN > PPTP and Enable the PPTP func tion, Click Apply . Step2: Click[...]

  • Pagina 215

    215 Step3: Click Apply , you can see the account is successfully created. Step4: Click Save Config to save all changes to flash me mory . Step5: In Windows XP , go Start > Settings > Network Connections .[...]

  • Pagina 216

    216 Step6: In Netwo rk T asks , Click Create a new connection , and press Next.[...]

  • Pagina 217

    217 Step7: Select Connect to the net work at my workplac e and press Next . Step8: Select Virtual Private Netw ork connection and press Next .[...]

  • Pagina 218

    218 Step9: Input the user-defined na m e for this connection and press Next . Step10: Input PPTP Server Address and press Next .[...]

  • Pagina 219

    219 Step11: Please press Finish . Step12: Double click the conn ection, and input Userna me and Password that defined in BiGuard PPTP Account Settings .[...]

  • Pagina 220

    220 PS. Y ou can also refer the Properties > Security page as below , by default.[...]

  • Pagina 221

    221 H.13 PPTP Remote Access by BiGuard Internet Internet Internet Internet 100.100.100.1 Headquarter BiGuard &PPTP Server PPTP Tunnel Branch Office 200.200.200.1 BiGuard &PPTP Client Local s ubnet: 192.168.30.0 Local mask : 255.255.255.0 Step1: Go to Configuration > VP N > PPTP and Enable the PPTP function, Dis able the Encryption , t[...]

  • Pagina 222

    222 Step3: Click Apply , you can see the account is successfully created. Step4: Click Save Config to save all changes to flash me mory . Step5: In another BiGuard as Client, Go to Configur ation > WAN > ISP Settings .[...]

  • Pagina 223

    223 Step6: Click Apply , and Save CONFIG .[...]