English dropdown-ico

Planet ADSL VPN/Firewall Router ADW-4200 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Planet ADSL VPN/Firewall Router ADW-4200, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Planet ADSL VPN/Firewall Router ADW-4200 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Planet ADSL VPN/Firewall Router ADW-4200. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Planet ADSL VPN/Firewall Router ADW-4200 should contain:
- informations concerning technical data of Planet ADSL VPN/Firewall Router ADW-4200
- name of the manufacturer and a year of construction of the Planet ADSL VPN/Firewall Router ADW-4200 item
- rules of operation, control and maintenance of the Planet ADSL VPN/Firewall Router ADW-4200 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Planet ADSL VPN/Firewall Router ADW-4200 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Planet ADSL VPN/Firewall Router ADW-4200, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Planet service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Planet ADSL VPN/Firewall Router ADW-4200.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Planet ADSL VPN/Firewall Router ADW-4200 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    ADE-4200 / AD W - 4200 ADS L VPN/Firewall Router User ’ s Manual[...]

  • Page 2

    ii Co p y right Co p y r ig h t (C) 2 0 03 P L ANET T echnolo g y Cor p . All ri g hts reserved. T he produc t s an d progra m s describe d i n t h is User ’ s M anu a l ar e licensed pro d uc t s o f PLANET T echnolo g y , T his User ’ s Man u al c o n t ains pr o prie t a r y in f or m ation protec t ed b y co p y right, an d t h is U ser ’[...]

  • Page 3

    T able of Conten ts C H A P T ER 1 . IN T RODUCTIO N ............................................................................................................................. .1 1.1 A N O VE R VI E W O F THE ADE-42 0 0/A D W -420 0 ................................................................................................ .1 1.2 P ACKAGE C[...]

  • Page 4

    i v 3.6.3 . 5.1 PPT P ................................................................................................................................................... . 48 3.6.3 . 5.1 . 1 PPT P for Remote Acces s ............................................................................................................. . 48 3.6.3 . 5.1 . 2 PPT[...]

  • Page 5

    1 Chap t er 1. Introduction 1.1 An Overview of t h e ADE-4200/AD W -4200 T he ADE-4200 ADS L VPN/Fire w all Router and A D W - 4200 ADS L W i re l ess VPN/Fire w all Router pro v ide o f f ice and residential u s ers the ideal solution f or sharing a high-speed ADS L broadband Inte r net c onnection on an 1 1Mbps w ireless net w ork or a 10/100Mbp [...]

  • Page 6

    P L A NET A D E -4200 / A D W -4200 A DS L VPN/Fire w all Router 2 802. 1 1b access point for e x tending the communication med i a to W L AN. Fast Ethernet S w itc h : A 4-port 10/100Mb p s fast Ethernet s w itch is supported in the LAN site and automat i c s w itching bet w een MDI and MDI-X f o r 10Base- T and 100Base- T X po r ts is s upported.[...]

  • Page 7

    Chapter 1 Introducti o n 3 PP P o v er Ethernet (PPPoE): Pro v ide embedded PPPoE client function to e s tablish a connection. Users c an get greater acces s speed w ithout c hanging the operation concept, s haring the s ame IS P ac c ount and pa y ing for one acces s account. N o PPPoE client s oft w are is r equired for the l ocal c ompute r . T [...]

  • Page 8

    P L A NET A D E -4200 / A D W -4200 A DS L VPN/Fire w all Router 4 T he ADE-4200 and A D W -4200 VPN conne c ti v i t y support client-to - VPN gate w a y and VP N LAN-to-LA N connect i ons. Using the s e c onnection c apabilities, mob i le w orkers ma y at t ach to and access LAN re s ources f rom the public Internet w hile the y are w orki n g at[...]

  • Page 9

    5 Chap t er 2. Using the Router 2.1 Cautions for usi n g the ADE-4200/AD W -4200 Do not pla c e the ADE - 4200/A D W-4200 unde r high hu m idity and high te m perature. Do not use the sa m e power source for ADE-4200/A D W-4200 with other equip m ent. Do not open or repair the ca s e yourself. If the ADE-4200/A D W - 4200 is too hot, turn o f f the[...]

  • Page 10

    P L A NET A D E -4200 / A D W -4200 A DS L VPN/Fire w all Router 6 P W R S Y S 12 3 4 W LA N MA I L PP P ADSL ADSL W ireless VPN / Fire w all Router AD W -4200 LAN A D W - 4200 LED Meaning PWR Lit w hen po w er ON SYS Lit w hen s y stem is read y L A N p ort 1 ~ 4 Lit w hen conne c ted to Ethernet de v ice Green for 100Mbp s ; Orange f or 10Mbps Bl[...]

  • Page 11

    Chapter 2 Using A D E -4200 / A D W -4200 7 A DSL Conne c t the supplied RJ- 1 1 cable to this port w hen connecting to the ADSL/telephone net w ork. Console Conne c t a PS2 or DB9 RS-232 c able to this port w hen connecting to a PC ’ s RS-232 port (9-p i n serial port). Please note that conso l e cable is not pro v ided on s t andard p ackage. L[...]

  • Page 12

    8 Chap t er 3. Conf i gu r ation T he ADE-4200/A D W - 4200 can be con f igured w ith y our W eb bro w se r . T he w eb bro w ser is included as a standard application in the follo w ing operation s y stems, UNIX, Linu x , Mac OS, W i ndo w s 98/N T /2000/Me, etc. The product pro v ides a v er y eas y and u s er- f riendl y inte r f ace f or con f [...]

  • Page 13

    Chapter 3 Configuration 9 2. Select TC P / I P -> NE2000 Com p atible , or the name o f an y Net w ork Inte r face Ca r d (NIC) in y our PC. 3. Click Properties . 4. Select the I P A ddress tab. In this page, click the Ob t ain an I P address automaticall y radio button.[...]

  • Page 14

    P L A NET A D S L VPN / Fire w all Router 10 5. T hen s elect the DNS Configuration tab. 6. Select the Disable D NS radio button and cli c k “ OK ” to f i nish the c on f iguration.[...]

  • Page 15

    Chapter 3 Configuration 1 1 3.3.2 For W indows N T4.0 1. Go to S t art / Settings / Control Panel . In the Control Panel, doub l e-click on Ne t w ork and choo s e the Protocols tab. 2. Select TCP/I P Protocol and click Properties . 3. Select the Ob t ain an I P address from a DHC P ser v er radio button and click OK .[...]

  • Page 16

    P L A NET A D S L VPN / Fire w all Router 12 3.3.3 For W indows 2000 1. Go to S t art / Settings / Control Panel . In the Control Panel, doub l e-click on Ne t w ork and Dial-up Connections . 2. Double-click L A N A r e a Connection . 3. In the L A N A rea Connection S t atus w indo w , click Properties .[...]

  • Page 17

    Chapter 3 Configuration 13 4. Select Internet Protocol (TCP/IP) and click Properties . 5. Select the Obtain an I P add r ess automati c all y and the Obta i n DNS ser v er address automaticall y radio buttons. 6. Click OK to f ini s h the c on f iguration.[...]

  • Page 18

    P L A NET A D S L VPN / Fire w all Router 14 3.3.4 For W indows XP 1. Go to S t art / Control Panel (in Classic Vi e w ). In the Control Panel, double-click on Net w ork Connections. 2. Double-click Lo c al Area Connection 3. In the L A N A rea Connection S t atus w indo w , click Properties .[...]

  • Page 19

    Chapter 3 Configuration 15 4. Select Inte r net Proto c ol ( T CP/IP) and click Properties. 5. Select the Obtain an I P add r ess automati c all y and the Obta i n DNS ser v er address automaticall y radio buttons[...]

  • Page 20

    P L A NET A D S L VPN / Fire w all Router 16 6. Click OK to f ini s h the c on f iguration. 3.4 Factory Defa u lt Settings Be f ore con f igurat i ng this ADE-4200/A D W - 4200, y ou need to k no w the f ollo w ing de f ault settings. 1. W eb Configurator Username: admin Pass w ord : admin 2. De v ice I P Ne t w o r k settings in L A N site I P Add[...]

  • Page 21

    Chapter 3 Configuration 17 3.4.2 LAN and W AN Port Addresses T he parameters of LAN and WAN port s are pre-set in the f a c tor y . The default v alue s are sho w n belo w . L A N Port W A N Port I P address 192.168.1.254 Subnet Mask 255.255.255.0 DHCP ser v er functio n Enab l ed I P addresses for distribution to PCs 100 I P addres s es cont i nui[...]

  • Page 22

    P L A NET A D S L VPN / Fire w all Router 18 Y ou w ill get a s t atus r eport w eb p age w hen login succes s f ull y . At the con f iguration homepage, the left na v igation p ane w here boo k marks are pro v ided links y ou directl y to the desired s etup page, i ncluding: n S t atus (AR P T able, PP T P S t atu s , IPSec S tatus, Email S t atus[...]

  • Page 23

    Chapter 3 Configuration 19 n Sa v e Config to F L A SH n Logout n Language (pro v ides user inte r f a c e in English language) Click on the desired item to e x pand the p age in the main na v igation pane. 3.6.1 S TA TUS T he S t atus section p r o v ides and c ontain s man y item s includ i ng de v ice H / W and S / W information, LAN, WA N, Port[...]

  • Page 24

    P L A NET A D S L VPN / Fire w all Router 20 3.6.2 Quick S tart I f y ou u s e this de v ice to access the Internet through the IS P , this w eb page is enough for y ou to con f igure th i s router and access the Internet w ithout a problem. Please c he ck Chapter 3.5 Infor m ation fro m the ISP , then enter the prope r v alue s into this w eb p ag[...]

  • Page 25

    Chapter 3 Configuration 21 It support s t w o Ethernet I P add r esse s in the LAN. W i th thi s f unct i on, the ADS L route r can support t w o d if f erent LAN subnets to ac c ess the Inte r net at the same time. Usuall y , there is onl y one subnet in LAN, there is no need to c on f igure a Secondar y I P addres s . T he 192.168.1.254 i s the d[...]

  • Page 26

    P L A NET A D S L VPN / Fire w all Router 22 ESSI D : Ente r the unique I D gi v en to the Ac c ess Po i nt (AP), w hich i s alread y built-in to the w ireless broadband f ire w all gat e w a y . T o connect to this de v ice, y our w ireless clients must ha v e the same ESSID as the de v ice. Regulation Domai n : There are f i v e Regulation Domain[...]

  • Page 27

    Chapter 3 Configuration 23 Port # Connection T y pe: Fi v e options to c hoose f rom: auto, 10M ha l f -duple x , 10M f ull- duple x , 100M ha l f -duple x or 100M full-duple x . Somet i mes, there are Ethern e t compat i bilit y problem s w ith legac y Ethernet de v ices. Y ou can con f igure di f ferent t y pe s to sol v e the compatibil i t y is[...]

  • Page 28

    P L A NET A D S L VPN / Fire w all Router 24 3.6.3.1.4 DHC P Se r ver W hen y ou click DHC P Ser v er , y ou get the follo w ing f igure. Y ou can di s able o r enabl e the DHC P ser v er or enable the DHC P rela y f unctions. I f y ou c heck Disable d and click Next, then click A p p l y . T he DHC P ser v er f un c tion is disabled. Ea c h PC in [...]

  • Page 29

    Chapter 3 Configuration 25 T he factor y default i s rfc 1483-0 . If y our IS P use s the same ac c ess protocol, please click Edit to input other p arameter s a s belo w . If y our IS P doe s not use r f c 1483-0, y ou can delete it b y clicking Delete . T hen y ou ma y click Create to create a connection t o y our IS P to s u r f the Internet. Th[...]

  • Page 30

    P L A NET A D S L VPN / Fire w all Router 26 3.6.3.2.1.1 RFC 1483 r outed Descriptio n : Gi v e a name f or this conne c tion. VPI and VCI : Enter the in f ormation pro v ided b y y our IS P . N A T: T he N A T f eature allo w s multiple u s ers to ac c ess the Internet through a single I P account, sharing the single I P address. I f u s ers in th[...]

  • Page 31

    Chapter 3 Configuration 27 Descriptio n : Gi v e a name f or this conne c tion. VPI and VCI : Enter the in f ormation pro v ided b y y our IS P . Enca p sulation meth od : Select the protocol format, the de f ault is L l cBridged. Se l ect the one pro v ided b y y our IS P . 3.6.3.2.1.4 PPPo A routed Descriptio n : Gi v e a name f or this conne c t[...]

  • Page 32

    P L A NET A D S L VPN / Fire w all Router 28 also automati c all y re-establish the PPPo A session w hen dis c onnected b y the IS P . ¤ Connect to Dema n d: i f y ou w ant to es t ab l ish a PPPo A sess i on onl y w hen ther e is a p acket requesting access to the Internet. User Idle T i m eout (in minutes) : Auto-disconnect the broadband f i re [...]

  • Page 33

    Chapter 3 Configuration 29 3.6.3.2.1.5 PPPoE routed Descriptio n : Gi v e a name f or this conne c tion. VPI/VCI: Enter the in f ormation pro v ided b y y o ur IS P . N A T: T he N A T f eature allo w s multiple u s ers to ac c ess the Internet through a single I P account, sharing the single I P address. I f u s ers in the LAN site ha v e public I[...]

  • Page 34

    P L A NET A D S L VPN / Fire w all Router 30 3.6.3.2.2 DNS T he WAN-DNS is sho w n as belo w . A Domain Name S y stem (DNS) conta i ns a mapping t able for domain name and I P addres s es. In the Internet, e v er y host has a unique and f riendl y name su c h a s ww w . y ahoo.com and an I P address. As the I P Address i s hard to r emembe r , the [...]

  • Page 35

    Chapter 3 Configuration 31 T he router does not ha v e a real time clo c k on board; instead, it uses the Simple Net w ork T ime Protocol (SN T P ) to get the current t i me f rom the S N T P ser v er f r om the outs i de net w ork. Plea s e choo s e y our local time z one, click Enable and click the A pp ly button. Y ou w ill get the correct time [...]

  • Page 36

    P L A NET A D S L VPN / Fire w all Router 32 3.6.3.3.3 Firmware Upgrade W hen y ou click Fi rm w are Upgrade , it allo w s y ou to input the l ocation of f irm w are stored on y our PC and click the Upgrade button to upgrade to the ne w f irm w are. 3.6.3.3.4 Backup/Restore W hen y ou click Backup/Restore, it allo w s y ou to sa v e y our current s[...]

  • Page 37

    Chapter 3 Configuration 33 facto r y default setti n gs . 3.6.3.3.6 User Mana g ement W hen y ou click User Management , y ou a r e ab l e to edit e x isting user ’ s databa s e or to create other user accessing this de v ice. 3.6.3.4 Fir e w all T his product al s o ser v es as an Internet f ire w all, not onl y does it pro v ide a natural f ire[...]

  • Page 38

    P L A NET A D S L VPN / Fire w all Router 34 users f rom ac c essing the Internet. T he funct i ons include: 1. Fire w all: pre v ent access f rom an outside net w ork, the router pro v ides three le v els of securit y support. l N A T natural f ire w all: it masks LAN u s ers ’ I P addres s es w hich are in v isible to outs i de user s on the In[...]

  • Page 39

    Chapter 3 Configuration 35 Fire w all Secu r ity : W hen y ou enable the Fire w all securit y f unct i on, y ou can s elect one o f the f ire w all securit y policies. B y default the f ire w all is set to disab l ed. Fire w all P o licy : Select either All blocked/ U ser-de f ined, High, Medium or Lo w securit y le v el to enable the Fire w all. T[...]

  • Page 40

    P L A NET A D S L VPN / Fire w all Router 36 3.6.3.4.2 Packet Filte r W hen y ou click Packet Filter , y ou get the fol l o w ing f igure. Y ou ma y con f igure to filter inbound (incomin g ) and outbound (outgoing) packets ba s ed on port or I P address. If it is ba s ed on port, c l ick Port Filters for mo r e option s . Y ou ma y f ilter the pac[...]

  • Page 41

    Chapter 3 Configuration 37 N E W S( 1 19) T CP(6) 1 19 1 19 NO NO NO YES NO YES RealA u dio (7070) UDP(17) 7070 7070 NO NO YES YES YES YES PING ICMP(1) N/A N/A NO YES NO YES NO YES H.323( 1 720) T CP(6) 1720 1720 NO NO NO YES YES YES T .120(1503) T CP(6) 1503 1503 NO NO NO YES YES YES SSH( 2 2) T CP(6) 22 22 NO NO NO YES YES YES N T P(123) UDP(17) [...]

  • Page 42

    P L A NET A D S L VPN / Fire w all Router 38 1. Click Packet Filte r , y ou w ill get the follo w ing f igure. 2. Click Port Filters, the pre-de f ined port f ilter ru l es screen o f l o w securit y le v el is sho w n as belo w .[...]

  • Page 43

    Chapter 3 Configuration 39 3. Click Delete to de l ete the H T T P rule. 4. Click Add T C P Filte r .[...]

  • Page 44

    P L A NET A D S L VPN / Fire w all Router 40 5. Input the port number and set the inbound & outbound as Allo w . 6. T he port f ilter rule o f HT T P is sho w n as belo w .[...]

  • Page 45

    Chapter 3 Configuration 41 7. Con f igure the V irtual Ser v er to enable the H T T P s er v ice in the v irtual ser v er setting and input the W EB ser v er ’ s I P address. I f y ou tr y to setup a remote management of router permanentl y , y ou ma y enter router ’ s I P instead. 3.6.3.4.3 Intrusion D etection[...]

  • Page 46

    P L A NET A D S L VPN / Fire w all Router 42 T he Intrusion D etect i on allo w s y ou to pre v ent y our local area net w ork (LAN) f r o m malicious at t acks, f or e x ample, port scan and Denial-o f -Ser v ice (DoS). The purpo s e of such attack s is eithe r to c onsume the computing resource s of y our route r , or e v en to bring do w n the r[...]

  • Page 47

    Chapter 3 Configuration 43 handshak i ng session per s econd i s rea c hed, the router w ill consider the SYN f lood at t ack oc c urs. Maximum Ping Count: set the ma x imum number o f PING p acke t s pe r se c ond. Once the ma x imum numbe r o f PING per s econd i s reached, the router w ill assume that an Echo storm attack has occurred Maximum IC[...]

  • Page 48

    P L A NET A D S L VPN / Fire w all Router 44 200.68.76.177 to port 137 (a netbio s _ns port). 3.6.3.4.4 MAC Address Filter W hen y ou click the M A C A ddress Filter , y ou get the follo w ing f igure. T he MAC f iltering f unction enab l es y ou to con f igure y our router to b l ock internal u s ers ( M A C address ) f rom Internet ac c ess. Enab[...]

  • Page 49

    Chapter 3 Configuration 45 M A C A ddress: There are 10 entries to enter the MAC addres s es y ou w ant manage. If y ou select Blocked , the packet w ith the MAC address in the table w ill be dropped and others w ill be for w arded. If y ou se l ect A llo w ed , the packet w ith the MAC addres s in th e tab l e w ill be f or w arded and others w il[...]

  • Page 50

    P L A NET A D S L VPN / Fire w all Router 46 Disable A ll WEB traffic except for T rusted Domain: It allo w s internal users to access onl y the spe c i f ied/trusted domain. Please refer to the D oma i n Filtering section f irst, before c hecking this option. Enable Bl o ckin g Log : Check this button to log the corre s ponding logs into the E v e[...]

  • Page 51

    Chapter 3 Configuration 47 I f the router is con f i g ured to allo w internal users to ac c ess on ly certain spec i f ie d domains, c heck add the domain name into the T rusted Domain list. I f the router i s con f igured to allo w internal users to acce s s all w ebsites e x cept for some forbidden domains, add the fo r bidden domain name into t[...]

  • Page 52

    P L A NET A D S L VPN / Fire w all Router 48 transmitting da t a o v er a secure VPN tunne l . LAN-to-LAN VPN is an alternati v e WA N in f ra s tructure that is used to connect o f f i c es and home o f f ice s to share net w or k resources w ith ea c h other o v er a se c ure VPN tunnel. T his router s upports t w o kinds o f VPN s tandards, Po i[...]

  • Page 53

    Chapter 3 Configuration 49 Username: I f y ou are a Dial-Out user (client), enter the u s ername pro v ided b y y ou r Host. I f y ou are a Dial-In user (ser v er), enter y our o w n username. Pas s w ord: If y ou are a Dial-Out u s er (client ) , enter the pass w ord pro v ided b y y our Host. If y ou are a Dial-In user (ser v er), enter y our o w[...]

  • Page 54

    P L A NET A D S L VPN / Fire w all Router 50 Netmask: Enter the s ubnet mas k of pee r net w ork based on abo v e Peer Net w ork I P setting. Username: I f y ou are a Dial-Out user (client), enter the u s ername pro v ided b y y ou r Host. I f y ou are a Dial-In user (ser v er), enter y our o w n username. Pas s w ord: If y ou are a Dial-Out u s er[...]

  • Page 55

    Chapter 3 Configuration 51 Configuring PPT P VPN in the Office T he input I P addres s 192.168.1.200 w ill be assigned to the remote w ork e r , plea s e ma k e sure this I P is not u s ed in the O f f ice LAN. Configuring PPT P VPN in Remote Si d e Y ou can con f igure VPN client w ith commercial VPN client s oft w are p ackage (e.g. SSH ) or the [...]

  • Page 56

    P L A NET A D S L VPN / Fire w all Router 52 2. Follo w the step and se l ect “ Connect to a pri v ate net w ork through the Internet ” 3. Enter the I P address of the ADS L Router located in the o f f ice[...]

  • Page 57

    Chapter 3 Configuration 53 4. Follo w the step, the follo w ing screen appears. T he setup is c ompleted. 5. T o make the conne c tion, click the V irtua l Pri v ate Connection icon in Dial-up Net w orking Group, and input the username & p ass w ord set in ADS L Route r .[...]

  • Page 58

    P L A NET A D S L VPN / Fire w all Router 54 3.6.3.5.1.4 An E x a m ple of C onfiguring a Re m ote Access PPT P VPN Dial-out Connection Background of the Example Corporate e s tablishes a PP T P VP N connect i on w ith the f ile ser v er located in the remote side. T he router is ins t alled in the o f f ice, connected w ith a couple o f PCs and Se[...]

  • Page 59

    Chapter 3 Configuration 55 Configuring PPT P VPN in the Office Y ou can either input the I P add r ess (69.1.121.33 in this ca s e) or ho s tname to reach the Ser v e r. Refer also to PPT P VPN – remote access ( d ial-in) f or the other p arameters. PPT P S t atus[...]

  • Page 60

    P L A NET A D S L VPN / Fire w all Router 56 3.6.3.5.1.5 An E x a m ple of C onfiguring a LAN-to-LAN PPT P VPN Connect i on Background of the Example T he bran c h o f f i c e es t ablishes a PPT P VPN tunnel w ith the head o f f ice to conne c t t w o pri v ate net w orks by le v eragi n g the Internet in f rastructure. T he routers are installed [...]

  • Page 61

    Chapter 3 Configuration 57 Configuring PPT P VPN in the Branch Office T he input I P address 69.1.121.3 is the Public IP addres s of the r outer l ocated i n the head o f f i c e. If y ou ha v e a domain name assigned to this I P address - either y ou registered the DDNS ( please r e f er to the D D NS section), or y ou ha v e a static I P w ith a [...]

  • Page 62

    P L A NET A D S L VPN / Fire w all Router 58 3.6.3.5.2 IPSec T he router s upport s IPSe c VPN to es t ab l ish secure, end-to-end pri v ate net w ork connection s o v er a public net w orking in f ra s tructure. The s pec i f icat i on is a s be l o w : w . Encap s ulation: tunne l mode w . Support IKE authent i cation method: pre-shared ke y w . [...]

  • Page 63

    Chapter 3 Configuration 59 Connection Name: G iv e a name for this c onnection. Local Ne t w ork: Set the I P addres s , subnet or address range of the local net w ork. ¤ Single A ddress: The I P addres s o f the lo c al host. ¤ Subnet: The s ubnet of the lo c al net w ork. For e x ample, IP: 192.168.1.0 w it h netmask 255.255.255.0 spec i f i es[...]

  • Page 64

    P L A NET A D S L VPN / Fire w all Router 60 ¤ DES: S tands for Da t a Encr y ption S tandard, it uses 56 bits as an encr y ption method. ¤ 3DES: S t and s f o r T riple Data Encr y ption S t andard, it u s es 168 (56 * 3) b i ts as an encr y ption method. ¤ A ES: S t ands for Ad v anced Encr y ption S t andards, it u s es 128 bits as an encr y [...]

  • Page 65

    Chapter 3 Configuration 61 temporaril y disconne c ted. 3.6.3.5.2.2 An E x a m ple of C onfiguring a LAN-to-LAN IPSec VPN Connection Background of the Example T he b r anch o f f i c e e s tablishes an IPSec VPN tunnel w ith the head o f f i c e to c onnect t w o pri v ate net w orks by le v eragi n g the Internet in f rastructure. T he routers are[...]

  • Page 66

    P L A NET A D S L VPN / Fire w all Router 62 Configuring IPSec VPN in the Head Office T he local subnet (head o f f ice) is set as 192.168.1.0/24 ( w ith netmask 255.255.255.0), w hile the remote subnet (bran c h o f f i c e ) is set as 192.168.0.0 ( w ith netmas k 255.255.255.0). T he I P address 69.1.121.30 in “ Secure Gate w ay Address ” f i[...]

  • Page 67

    Chapter 3 Configuration 63 3.6.3.6 V irtual Ser v er In T CP/I P and UD P net w orks, a port is a 16-bit numbe r , used b y the host-to-hos t protoco l to ident i f y to w hich application p r ogram it must deli v er incom i ng messages. Some po r ts ha v e numbers that are pre-ass i gned to them b y the IANA, and these ar e kno w n as w ell-kno w [...]

  • Page 68

    P L A NET A D S L VPN / Fire w all Router 64 53 T C P & UDP DNS (Domain N ame Ser v er) 69 UDP T F T P ( T ri v ial File T ransfer Proto c ol) 80 T CP Wor l d W i de W eb HTTP 1 10 T CP POP3 (Post O f f i c e Protocol V ersion 3) 1 19 T CP N E W S (Net w ork Ne w s T ran s fer Protocol) 123 UDP N T P (Net w ork T ime P r otocol) 161 T CP SNMP 4[...]

  • Page 69

    Chapter 3 Configuration 65 se v eral pre-de f ined popular application and their port numbe r . Protocol: Select the properl y protocol for the application. Port: Input the port number for the applicat i on. I P A ddress: Input the I P address that y ou w ant to allo w accessing f rom outside users. DMZ: T he DMZ Host is a local compute r e x posed[...]

  • Page 70

    P L A NET A D S L VPN / Fire w all Router 66 3.6.3.6.2 An example of configuring the W eb Se r ver & the Router to be accessible remotely Background of the Example Setup the Web s er v er in the o f f i c e that can be v isible to the out s ide net w ork. In the meant i me, s et the router to be ac c essible remotel y through HT T P . Since the[...]

  • Page 71

    Chapter 3 Configuration 67 Example 2: Configuring a V irtual Ser v er 1. Set Web s er v er I P address to a f i x ed I P = 192.168.1.100 2. Set Remote Acces s a s Enable. User c an ac c ess the router remotely through port 80. 3. Since the port numbe r 80 is u s ed b y the r oute r , the Web s er v er port number need s to be changed.[...]

  • Page 72

    P L A NET A D S L VPN / Fire w all Router 68 3.6.3.7 A d v anced T here are f our item s under the A d v anced section: Routing T able, D y namic DNS , Checking E m ail and De v ice Management. 3.6.3.7.1 Routing T able Click on the Routing T able and then choo s e Create Router to get the belo w f igure to add a routing table. Destination: Enter th[...]

  • Page 73

    Chapter 3 Configuration 69 Interface: Enter the i nterface w hich the pac k et is f or w arded to. Cost: T his is the s ame meaning as H op. U s uall y , lea v e it as 1. 3.6.3.7.2 Dynamic D N S Click D y namic DNS to get the be l o w f igure then check the “ Enab le ” button to ac c ess the D y namic DNS ser v ice. T he D y namic DNS ser v ice[...]

  • Page 74

    P L A NET A D S L VPN / Fire w all Router 70 Configuring DDNS 1. Set the W eb ser v er and F T P ser v er I P address as described i n section V irtual Ser v er . 2. Appl y an ac c ount f rom this f ree W eb ser v er http:// w w w .d y ndns.org/ . T here are more than 5 DDNS s er v ices supported b y this route r . 3. Con f igure DDNS as the f ollo[...]

  • Page 75

    Chapter 3 Configuration 71 A c c ount Name: Enter the name o f the ac c ount to w hich y ou ha v e the PO P ac c ess. Normall y , it is the te x t in y our email address be f ore the "@" s y mbo l . I f y ou ha v e troub l e w ith it, please c ontact y our IS P . Pas s w ord: Enter the p ass w ord of the ac c ount POP3 Mail Ser v er: Ente[...]

  • Page 76

    P L A NET A D S L VPN / Fire w all Router 72 router are allo w ed to logon the de v ice and modi f y data. ] Expire to auto-logout: S pec i f y a time f rame for the s y stem to auto- l ogout the de v ice. For Example: User A changes HT T P port number to 100 , s pe c i f ied it ’ s o w n IP addres s to be 192.168.1.55 , and set the logout t i me[...]

  • Page 77

    Chapter 3 Configuration 73 3.6.5 Logout T o e x it the w ebsite, choose Logout to e x it completel y . Please ensure that y ou ha v e sa v ed the con f igurat i on sett i ngs before logout. Be a w are that the router is restricted to onl y one l ocal PC accessing the con f iguration Web p ages. Once a c urrent PC has logged onto the Web pages, othe[...]

  • Page 78

    74 Chap t er 4. T roubleshoot i ng If the ADE-4200/A D W - 4200 W i r eless ADS L Router is not f unction i ng properl y , y ou can r e f e r f irst to thi s chapter for simple troubleshooting be f o r e c ontactin g y our ser v ice pro v ide r . Thi s could s a v e y ou time and e f fort but i f the s y mptoms persist, then con s ult y our ser v i[...]

  • Page 79

    75 Appendix A. S pecification Product ADS L VPN/ F ir e w a ll Rou t e r ADS L W ireless VPN/Fir ew all Ro u ter Mod e l ADE- 4 20 0 A / A D E-42 0 0B A D W -4200 A / A D W -4200B Hard w are S t a n dard ANSI T 1.413 Issue 2 I T U G .992.1 ( G .d m t) inclu d ing - A n nex A ( ADS L o ver POTS f or A D E-3 1 0 0 A/-4 1 00A ) - A n nex B (A D S L o [...]

  • Page 80

    76 Appendix B. Product Suppo r t Most problems c an be sol v ed b y using the T roubleshoot i ng i n C hapter 4. If y ou cannot resol v e the problem with the T rouble s hooting Chapte r , please contact the dealer w here y ou purcha s ed this produ c t. For an y other questions, plea s e con t act PLANET directl y at the follo w ing email addre s [...]