Page 2
All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope.
HUAWEI EGW2100 Web Configuration Guide About This Document About This Document Purpose This document provides the methods for configuring the functions of the EGW2100. Product Version The following table lists the product versions related to this document. Product Name Version...
As shown in Figure 1-1, the PC is connected to Ethernet1/0/0 of the EGW2100. You can control and manage the EGW2100 by accessing its IP address 192.168.0.1 through the Web browser on the PC. Figure 1-1 Networking diagram for logging in...
Networking Requirements As shown in Figure 2-1, the EGW2100 connects to a LAN through WLAN and LAN users access the Internet through the ADSL and 3G. The ADSL is the master link, otherwise, the 3G is the backup link. Figure 2-1 Networking diagram for the web-manager function...
The locations and number of terminals in the network change frequently, so you need to use the Dynamic Host Configuration Protocol (DHCP) to allocate dynamic IP addresses to the terminals. The EGW2100 can serve as a DHCP server to offer IP addresses to the DHCP client. 4.4 Configuration Example of RIP Routing Information Protocol (RIP) is a type of protocol based on the distance-vector (D-V) algorithm.
4 Configuration Example of the Internetworking Web Configuration Guide 4.1 Configuration Example of ADSL by Using PPPoE Networking Requirements The EGW2100 connects to a LAN through Ethernet 0/0/0 and LAN users access the Internet through the ADSL interface (ATM 2/0/0). Networking Diagram Figure 4-1 shows the networking of the ADSL configuration example.
----End 4.2 Configuration Example of SHDSL Networking Requirements The EGW2100 connects to a LAN through Ethernet 0/0/0 and LAN users access the Internet through the SHDSL interface (ATM 2/0/0). Networking Diagram Figure 4-15 shows the networking of the SHDSL configuration example.
Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration. Completing the operations on the EGW2100 takes a while (about 10 seconds). Wait with patience. The progress bar at the bottom of the Web page shows the progress.
The locations and number of terminals in the network change frequently, so you need to use the Dynamic Host Configuration Protocol (DHCP) to allocate dynamic IP addresses to the terminals. The EGW2100 can serve as a DHCP server to offer IP addresses to the DHCP client. Networking Requirements A DHCP server dynamically assigns the IP addresses to a client in the same network segment.
Ethernet interfaces of Router B and Router C through Ethernet interfaces. The EGW2100 (192.1.1.1) receives RIP packets broadcasted by Router B (192.1.1.2) and Router C (192.1.1.3). The EGW2100 sends RIP broadcast packets to Router B and Router C at the same time. Networking Diagram Figure 4-31 shows the networking of the RIP configuration example.
RouterC RouterB 192.1.4.0/24 192.1.3.0/24 Procedure Step 1 Configure the EGW2100. Set the IP address of the interface, and then add the interface to the specified zone. For the configuration procedure, see 3 Configuration Example of the Basic Operation. Configure the Packet-Filter.
AS. Networking Requirements Start OSPF process 100 on the Ethernet0/0/0 interface of the EGW2100 and the interface is in area 0. Start OSPF process 100 on the Vlanif 5 interface and the interface is in area 1.
Web Configuration Guide 4 Configuration Example of the Internetworking Respectively set up the neighbor relationship between Router A and the EGW2100 and between Router B and the EGW2100. Start OSPF process 100 on the Ethernet1/0/0 interface of Router A and the interface is in area...
4.6 Configuration Example of the 3G Interface for Dial-on- Demand Networking Requirements The EGW2100 connects to the enterprise intranet through Ethernet 0/0/0 and to the Internet through USB WCDMA 3G card. The networking requirements are as follows: The intranet of the enterprise is in network segment 192.168.1.0/24.
4.7 Configuration Example of the 3G Interface for Automatic Dialup Networking Requirements The EGW2100 connects to the enterprise intranet through Ethernet 0/0/0 and to the Internet through USB 3G card. The networking requirements are as follows: The intranet of the enterprise is in network segment 192.168.1.0/24.
4.8 Configuration Example of a WLAN (Crypto Service Class) Networking Requirements The EGW2100 (AP) is connected to the Router through Ethernet 0/0/0 (already added to the Untrust zone). The fixed IP address of Ethernet 0/0/0 is 202.169.10.1/24 and the IP address of Ethernet 1/0/0 on the Router is 202.169.10.2/24.
Eth1/0/0 Eth0/0/0 Station Procedure Step 1 Set the IP address of Ethernet 0/0/0 of the EGW2100, and add the interface to the Untrust zone. For the configuration procedure, see 3 Configuration Example of the Basic Operation. Step 2 Create VLAN 2. Set the IP address of interface Vlanif 2 to 192.168.1.1/24, and add the interface to the Trust zone.
Eth1/0/0 Eth0/0/0 Station Procedure Step 1 Set the IP address of Ethernet 0/0/0 of the EGW2100, and add the interface to the Untrust zone. For the configuration procedure, see 3 Configuration Example of the Basic Operation. Step 2 Create VLAN 2. Set the IP address of interface Vlanif 2 to 192.168.1.1/24, and add the interface to the Trust zone.
Choose NetWork > Wlan > Service Class. The Service Class page is displayed. NOTE By default, the number of the plain service class of the EGW2100 is 0. Click DISABLE corresponding to service class number 0. Click OK in the Are you sure...
4.10 Configuration Example of a WLAN (802.1X) Networking Requirements The EGW2100 (AP) is connected to the Router through Ethernet 0/0/0 (already added to the Untrust zone). The fixed IP address of Ethernet 0/0/0 is 202.169.10.1/24 and the IP address of Ethernet 1/0/0 on the Router is 202.169.10.2/24.
Select WPA, WPA2 or WPA-WPA2 for the authentication mode when configuring 802.1X. Procedure Step 1 Set the IP address of Ethernet 0/0/0 of the EGW2100, and add the interface to the Untrust zone. For the configuration procedure, see 3 Configuration Example of the Basic Operation.
Networking Requirements A EGW2100 is deployed at the network egress of the company. The Ethernet1/0/0 interface is connected to the internal network of the company. The Ethernet0/0/0 interface is connected to the Internet.
202.38.10.2/24 202.38.10.6/24 Procedure Step 1 Configure the IP addresses of interfaces of the EGW2100 and add the interfaces to related security zones. Choose NetWork > VLAN. The VLAN page is displayed. Click New to enter the VLAN Config interface. Enter 5 in VLAN ID.
Networking Requirements The company networks with different service are in the EGW2100 security zones with different security levels. The mappings are described as follows: The WWW server and the FTP server are in the DMZ security zone, and the network segment is 10.100.20.0/24.
Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration. Step 4 Configure the function of filtering application layer-based FTP packets on the EGW2100. Choose Security > ASPF and then click InterZone ASPF. The ASPF Config page is displayed.
Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration. Step 5 Configure the address mapping function of the EGW2100. Choose Service > NAT > Address-Map. The Address-Map page is displayed.
Configuration Example of the Dual-System Hot Backup in Routing Mode As a security device, the EGW2100 is deployed between a protected network and other networks. In order to maintain the stability of devices, two EGW2100s are used in master/backup mode.
Vlanif5:10.100.10.3/24 10.100.20.1/24 Backup EGW B Procedure Step 1 Configure the IP addresses of interfaces of the EGW2100 A and add the interfaces to related security zones. For the configuration procedure, see 3 Configuration Example of the Basic Operation. Step 2 Configure the Packet-Filtering between the Trust security zone, DMZ security zone, and Untrust security zone of the EGW2100 A.
Page 91
Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration. Step 4 Enable the HRP function of the EGW2100 A. Choose Reliability > HRP. The HRP page is displayed.
Step 5 Configure EGW2100 B. The procedure for configuring the EGW2100 B is the same as that for configuring the EGW2100 A. The following parameters, however, are different: The interface IP addresses of EGW2100 B are different from those of the EGW2100 A.
EGW B GRE tunnel Procedure Step 1 Configure the EGW2100 A. Configure the VLANs that Vlanif interfaces belong to, set the IP addresses of the Vlanif interfaces, and add the Vlanif interfaces to the specified zones. For the configuration procedure, see 3 Configuration Example of the Basic Operation.
Therefore, it is recommended to apply the ACL rule between security zones. 15. Click Save on the upper right of the page to save the configuration. Step 2 Configure the IP addresses of interfaces of the EGW2100 B and add the interfaces to related security zones.
PC of the employees on business trip; the employee sends a connection request to the EGW2100 and an L2TP+IPSec VPN tunnel is then established, through which the employee can communicate with other internal users of the company.