Related Manuals for Planet SG-4800
Summary of Contents for Planet SG-4800
- Page 1 Gigabit SSL VPN Security Router User’s Manual User’s Manual SG-4800 Gigabit SSL VPN Security Router Security Router...
-
Page 2: Ce Mark Warning
Information in this User’s Manual is subject to change without notice and does not represent a commitment on the part of PLANET. PLANET assumes no responsibility for any inaccuracies that may be contained in this User’s Manual. PLANET makes no commitment to update or keep current the information in this User’s Manual, and reserves the right to make improvements to this User’s Manual and/or to the products described... -
Page 3: Fcc Caution
Any error messages that displayed when the problem occurred ♦ Any software running when the problem occurred ♦ Steps you took to resolve the problem on your own Revision User’s Manual for PLANET Gigabit SSL VPN Security Router Model: SG-4800 Rev: 1.0 (June, 2012) -
Page 4: Table Of Contents
Gigabit SSL VPN Security Router User’s Manual Table of Contents CHAPTER 1: INTRODUCTION ........................1 1.1 F EATURES ................................1 1.2 P ACKAGE ONTENTS .............................. 2 1.3 P HYSICAL PECIFICATION ............................2 1.4 S PECIFICATION ................................ 4 CHAPTER 2: INSTALLATION PROCEDURE ....................6 2.1 S YSTEMATIC ETTING... - Page 5 Gigabit SSL VPN Security Router User’s Manual 6.2 M - WAN S ULTI ETTING ............................39 6.2.1 Load Balance Mode ........................... 39 6.2.2 Network Detection Service........................46 6.2.3 Protocol Binding............................48 CHAPTER 7: PORT MANAGEMENT......................57 7.1 S ETUP ..................................57 7.2 P TATUS ................................
- Page 6 Gigabit SSL VPN Security Router User’s Manual 11.4 D OMAIN ANAGEMENT ............................. 132 11.5 U ANAGEMENT ............................133 11.6 S ERVICE ESOURCE ANAGEMENT ......................... 136 11.6.1 Resource Configuration ......................... 136 11.7 L INK TO ORTAL ..............................138 11.8 C ERTIFICATE ANAGEMENT ..........................
-
Page 7: Chapter 1: Introduction
As Internet becomes essential for your business, the only way to prevent your Internet connection from failure is to have more than one connection. PLANET’s Gigabit SSL VPN Security Router, SG-4800, reduces the risks of potential shutdown if one of the Internet connections fails. Moreover, it allows you to perform load-balancing by distributing the traffic through three or four WAN connections. -
Page 8: Package Contents
1.2 Package Contents The following items should be included: SG-4800 x 1 Power Cord x 1 Quick Installation Guide x 1 User’s Manual CD x 1... - Page 9 Gigabit SSL VPN Security Router User’s Manual LED definition Color Status Description Green Steady Power On Power Off Steady on System is crashed. Amber Blinking System is on self-test after power on the device. DIAG System is ready. Steady on Port has been connected &...
-
Page 10: Specification
Gigabit SSL VPN Security Router User’s Manual 1.4 Specification Product Gigabit SSL VPN Security Router Model SG-4800 Hardware 8x 10/100/1000 Mbps RJ-45 Ethernet 4 x 10/100/1000 Mbps RJ-45 1 x 10/100/1000 Mbps RJ-45 Reset 1 x Reset button for reset to factory default setting... - Page 11 Gigabit SSL VPN Security Router User’s Manual Firmware upgrade through Web browser PPTP VPNl 60 PPTP VPN Tunnels 200 IPSec VPN Tunnels IPSec H/W acceleration Friendly VPN Tunnel Management IKE: Pre-Shared keys IPSec Encryption DES/3DES/AES128/AES192/AES256 IPSec Authentication MD5/SHA1 IPSec VPN Support PMTU NAT Traversal Connect on Demand...
-
Page 12: Chapter 2: Installation Procedure
Gigabit SSL VPN Security Router User’s Manual Chapter 2: Installation Procedure In this chapter we are going to introduce hardware installation. Through the understanding of multi-WAN setting process, users can easily setup and manage the network, making VPN Router functioning and having best performance. -
Page 13: Setting Flow Chart
Gigabit SSL VPN Security Router User’s Manual 2.2 Setting Flow Chart Below is the description for each setting process, and the correspondent contents and purposes. Setting Content Purpose Hardware installation user’s demand. Install VPN Router hardware based on user physical requirements. Login Login the device with Login VPN Router web-based UI. - Page 14 Gigabit SSL VPN Security Router User’s Manual Network function setting e.g. PPTP. different application environment. Logout Close configuration Logout VPN Router web-based UI. window. We will follow the process flow to complete the network setting in the following chapters. - 8 -...
-
Page 15: Chapter 3: Hardware Installation
Gigabit SSL VPN Security Router User’s Manual Chapter 3: Hardware Installation In this chapter we are going to introduce hardware interface as well as physical installation. 3.1 Installing the Device on a Standard 19” Rack We suggest to either place the device on a desk or install it in a rack with attached brackets. Do not place other heavy objects together with the device on a rack. -
Page 16: Vpn Router Network Connection
Gigabit SSL VPN Security Router User’s Manual 3.2 VPN Router Network Connection The device has 4 WAN ports and a hardware DMZ port, therefore, users can connect the device to the Internet, and configure a connection to a Public IP server at the same time. WAN Connection: AN port can be connected with xDSL Modem, Fiber Modem, Switching Hub, or through an external router to connect to the Internet. -
Page 17: Chapter 4: Login Vpn Security Router
Gigabit SSL VPN Security Router User’s Manual Chapter 4: Login VPN Security Router This chapter is mainly introducing Web-based UI after connecting VPN Router. First, check up VPN Router IP address by connecting to DOS through the LAN PC under VPN Security Router. - Page 18 Gigabit SSL VPN Security Router User’s Manual VPN Router default username and password are both “admin”. Users can change the login password in the setting later. For security, we strongly suggest that users must change password after login. Please keep the password safe, or you can not login to VPN Router.
-
Page 19: Chapter 5: System Status
Gigabit SSL VPN Security Router User’s Manual Chapter 5: System Status This chapter introduces the device specification and status after login as well as change password and system time settings for security. 5.1 Home Page In the Home page, all VPN Security Router parameters and status are listed for users’ reference. 5.1.1 WAN Status Item Description... - Page 20 Gigabit SSL VPN Security Router User’s Manual “Off”. Indicates how many QoS rules are set. Quality of Service When “Obtain an IP automatically” is selected, two buttons (Release and Manual Connect Renew) will appear. If a WAN connection, such as PPPoE or PPTP, is selected, “Disconnect”...
-
Page 21: Physical Port Status
Gigabit SSL VPN Security Router User’s Manual 5.1.2 Physical Port Status The status of all system ports, including each connected and enabled port, will be shown on this Home page (see above table). Click the respective status button and a separate window will appeare to show detailed data (including setting status summary and statisitcs) of the selected port. -
Page 22: System Information
Gigabit SSL VPN Security Router User’s Manual 5.1.3 System Information Item Description Identifies the current device IP address and subnet mask. The default is LAN IP Address/ Subnet 192.168.1.1 and 255.255.255.0 Mask Indicates the current working mode. Can be Gateway or Router mode. The Working Mode default is “Gateway”... -
Page 23: Vpn Status
Gigabit SSL VPN Security Router User’s Manual configuration is “On”. Indicates that preventing Arp virus attack is acitvated. The default configuration Prevent ARP Virus is “Off”. Attack Indicates if remote management is activated (on or off). Click the hyperlink to Remote Management enter and manage the configuration. -
Page 24: Network Time
Description The default is “admin”. User Name Input the original password.(The default is “admin”.) Password Input the new user name. e.x. Planet New User Name Input the new password. New Password Input the new password again for verification. Confirm New Password Click “Apply”... - Page 25 Gigabit SSL VPN Security Router User’s Manual Item Description Select your location from the pull-down time zone list to show correct local time. Time Zone If there is Daylight Saving Time in your area, input the date range. The device Daylight Saving will adjust the time for the Daylight Saving period automatically.
-
Page 26: Chapter 6: Network
Gigabit SSL VPN Security Router User’s Manual Chapter 6: Network This Network page contains the basic settings. For most users, completing this general setting is enough for connecting with the Internet. However, some users need advanced information from their ISP. Please refer to the following descriptions for specific configurations. -
Page 27: Ipv4 Only
Gigabit SSL VPN Security Router User’s Manual 6.1.3.1 IPv4 Only This is configuration information for SG-4800 current LAN IP address. The default configuration is 192.168.1.1 and the default Subnet Mask is 255.255.255.0. It can be changed according to the actual network structure. -
Page 28: Dual-Stack Ip (Ipv4 And Ipv6)
Gigabit SSL VPN Security Router User’s Manual This function enables users to input IP segments that differ from the router network segment to the multi-net segment configuration; the Internet will then be directly accessible. In other words, if there are already different IP segment groups in the Intranet, the Internet is still accessible without making any changes to internal PCs. - Page 29 Gigabit SSL VPN Security Router User’s Manual Click “Unified IP Management” to enter the configuration page, as shown in the following figure. Input the respective IP addresses and subnet masks. To configure global IPv6 prefixes for your LAN devices, go to the WAN Setting, click the IPv6 tab, and click Edit for the WAN interface.
-
Page 30: Wan & Dmz Settings
Gigabit SSL VPN Security Router User’s Manual 6.1.4 WAN & DMZ Settings 6.1.4.1 IPv4 Only WAN Setting Item Description An indication of which port is connected. Interface Obtain an IP automatically, Static IP connection, PPPoE (Point-to-Point Connection Type Protocol over Ethernet), PPTP (Point-to-Point Tunneling Protocol) or Transparent Bridge. - Page 31 Gigabit SSL VPN Security Router User’s Manual Item Description Select a user-defined DNS server IP address. Use the following DNS Server Addresses: Input the DNS IP address set by ISP. At least one IP group should be input. DNS Server: The maximum acceptable groups is two IP groups.
- Page 32 Gigabit SSL VPN Security Router User’s Manual Item Description Input the available static IP address issued by ISP. WAN IP address Input the subnet mask of the static IP address issued by ISP, such as: Subnet Mask Issued eight static IP addresses: 255.255.255.248 Issued 16 static IP addresses: 255.255.255.240 Input the default gateway issued by ISP.
- Page 33 Gigabit SSL VPN Security Router User’s Manual Input the time rule for the disconnection of this WAN service. Line-Dropped Period Input how long the WAN service may be disconnected before the newly added Line-Dropped connections should go through another WAN to connect with the Internet. Scheduling Select another WAN port as link backup when port binding is configured.
- Page 34 Gigabit SSL VPN Security Router User’s Manual Item Description Input the user name issued by ISP. User Name Input the password issued by ISP. Password This function enables the auto-dialing function to be used in a PPPoE dial Connect on Demand connection.
- Page 35 Gigabit SSL VPN Security Router User’s Manual After the changes are completed, click “Apply” to save the configuration, or click “Cancel" to leave without making any change. PPTP This option is for the PPTP time counting system. Input the user’s connection name and password issued by ISP, and use the built-in PPTP software to connect with the Internet.
- Page 36 Gigabit SSL VPN Security Router User’s Manual Input the password issued by ISP. Password This function enables the auto-dialing function to be used for a PPTP dial Connect on Demand connection. When the client port attempts to connect with the Internet, the device will automatically connect with the default ISP auto dial connection;...
- Page 37 Gigabit SSL VPN Security Router User’s Manual Transparent Bridge If all Intranet IP addresses are applied as Internet IP addresses, and users don’t want to substitute private network IP addresses for all Intranet IP addresses (ex. 192.168.1.X), this function will enable users to integrate existing networks without changing the original structure.
- Page 38 Gigabit SSL VPN Security Router User’s Manual Input the DNS IP address set by ISP. At least one IP group should be input. DNS Server The maximum acceptable is two IP groups. Input the available IP range issued by ISP. If ISP issued two discontinuous IP Internal LAN IP Range address ranges, users can input them into Internal LAN IP Range 1 and Internal LAN IP Range 2 respectively.
- Page 39 Gigabit SSL VPN Security Router User’s Manual Router Plus NAT Mode: When you apply a public IP address as your default gateway, you can setup this public IP address into a LAN PC, and this PC can use this public IP address to reach the Internet. Others PCs can use NAT mode to reach the Internet.
- Page 40 Gigabit SSL VPN Security Router User’s Manual Enter the WAN default gateway, which provided by your ISP. WAN default gateway Enter the DNS server IP address, you must have to enter a DNS server IP DNS Servers address, maximum two DNS servers IP addresses available.. Enter one of IP addresses that provide by the ISP as your default gateway.
-
Page 41: Dual-Stack Ip (Ipv4 And Ipv6)
Gigabit SSL VPN Security Router User’s Manual 6.1.4.2 Dual-Stack IP (IPv4 and IPv6) rs have to enable Dual-Stack IP in the IP mode section in advance to configure the WAN with IPv6 addressing. Obtain an Automatic IP automatically: s mode is often used in the connection mode to obtain an automatic DHCP IP. This is the device system default connection mode. - Page 42 Gigabit SSL VPN Security Router User’s Manual Static IP: If an ISP issues a static IP (such as one IP or eight IP addresses, etc.), please select this connection mode and follow the steps below to input the IP numbers issued by an ISP into the relevant boxes. Item Description Input the available static IP address issued by ISP.
- Page 43 Gigabit SSL VPN Security Router User’s Manual DMZ Setting For some network environments, an independent Configurable DMZ port may be required to set up externally connected servers such as WEB and Mail servers. Therefore, the device supports a set of independent Configurable DMZ ports for users to set up connections for servers with real IP addresses.
- Page 44 Gigabit SSL VPN Security Router User’s Manual Range DMZ and WAN are within same Subnet Item Description Select a WAN Port witch is the same subnet with DMZ Interface Input the IP range located at the DMZ port. IP Range for DMZ port After the changes are completed, click “Apply”...
-
Page 45: Multi- Wan Setting
Gigabit SSL VPN Security Router User’s Manual 6.2 Multi- WAN Setting 6.2.1 Load Balance Mode Auto Load Balance Mode When Auto Load Balance mode is selected, the device will use sessions or IP and the WAN bandwidth automatically allocate connections to achieve load balancing for external connections. The network bandwidth is set by what users input for it. - Page 46 Gigabit SSL VPN Security Router User’s Manual Please refer to the explanations in 6.2.3 Configuring Protocol Binding for setting up Protocol Binding and for examples of collocating router modes with Protocol Binding. Unbinding WAN Balance Mode This mode enables users to assign specific intranet IP addresses, destination application service ports or destination IP addresses to go through an assigned WAN for external connection.
- Page 47 Gigabit SSL VPN Security Router User’s Manual for Netcom and Telecom can be divided. Set WAN Grouping If more than one WAN is connected with Netcom, to apply a similar division of traffic policy to these WANs, a combination for the WANs must be made. Click “Set WAN Grouping”; an interactive window as shown in the figure below will be displayed.
- Page 48 Gigabit SSL VPN Security Router User’s Manual Import Strategy A division of traffic policy can be defined by users too. In the “Import Strategy” window, select the WAN or WAN group (ex. WAN 1) to be assigned and click the “Import IP Range” button; the dialogue box for document importation will be displayed accordingly.
- Page 49 Gigabit SSL VPN Security Router User’s Manual China Netcom strategy and self-defined strategy can coexist. However, if a destination IP is assigned by both China Netcom strategy and self-defined strategy, China Netcom strategy will take priority. In other words, traffic to that destination IP will be transmitted through the WAN (or Note WAN group) under China Netcom strategy.
- Page 50 Gigabit SSL VPN Security Router User’s Manual Item Description Indicates that the session will be connected with the same WAN IP when the Destination Auto Binding destination IP is in the same Class B range. For example, there are WAN1-1 200.10.10.1 and WAN2- 200.10.10.2, and two intranet IP addresses. When 192.168.1.100 visits Internet 61.222.81.100 for the first time, the connection is through WAN1- 200.10.10.1.
- Page 51 Gigabit SSL VPN Security Router User’s Manual Not all intranet IP will visit the same Class B range with the same WAN IP. It depends on which WAN the first connection goes to. If the destination IP is in the same Class B range, the Note connection will go through with the same WAN IP based on the first time learning.
-
Page 52: Network Detection Service
Gigabit SSL VPN Security Router User’s Manual When any intranet IP connects with TCP443 port or any destination (0.0.0.0 to 0 represents any destination), it will go through the same WAN IP. As for which WAN will be selected, this follows the first- chosen WAN IP distributed by the original session balance mechanism. - Page 53 Gigabit SSL VPN Security Router User’s Manual This option is suitable under the condition that one of the WAN connections has failed; the traffic going through this WAN to the destination IP cannot shift to another WAN to reach the destination. For example, if users want the traffic to 10.0.0.1 ~ 10.254.254.254 to go only through WAN1, while WAN2 is not to support these destinations, users should select this option.
-
Page 54: Protocol Binding
Gigabit SSL VPN Security Router User’s Manual In the load balance mode for Assigned Routing, the first WAN port (WAN1) will be saved for the traffic of the IP addresses or the application service ports that are not assigned to other WANs (WAN2, WAN3, and WAN4). - Page 55 Gigabit SSL VPN Security Router User’s Manual Protocol Binding Users can define specific IP addresses or specific application service ports to go through a user-assigned WAN for external connections. For any other unassigned IP addresses and services, WAN load balancing will still be carried out.
- Page 56 Gigabit SSL VPN Security Router User’s Manual Item Description This is to select the Binding Service Port to be activated. The default (such as Service ALL-TCP&UDP 0~65535, WWW 80~80, FTP 21 to 21, etc.) can be selected from the pull-down option list. The default Service is All 0~65535. Option List for Service Management: Click the button to enter the Service Port configuration page to add or remove default Service Ports on the option list.
- Page 57 Gigabit SSL VPN Security Router User’s Manual Show Table Click the “Show Table” button. A dialogue box as shown in the following figure will be displayed. Users can choose to sort the list by priorities or by interface. Click “Refresh” and the page will be refreshed; click “Close” and the dialogue box will be closed.
- Page 58 Gigabit SSL VPN Security Router User’s Manual up to 100 services into the list. To remove the selected activated Services. Delete selected service Click the “Apply” button to save the modification. Apply Click the “Cancel” button to cancel the modification. This only works before Cancel “Apply”...
- Page 59 Gigabit SSL VPN Security Router User’s Manual Example 2:How do I set up Auto Load Balance Mode to keep Intranet IP 192.168.1.150 ~ 200 from going through WAN2 when the destination port is Port 80? As in the figure below, select “HTTP [TCP/80~80]” from the pull-down option list “Service”, and then in the boxes for “Source IP”...
- Page 60 Gigabit SSL VPN Security Router User’s Manual include all Internet IP addresses). Select WAN1 from the pull-down option list “Interface”, and then click “Enable”. Finally, click “Add New” and the rule will be added to the mode. The device will transmit packets that are not going to Port 80 to the Internet through WAN1.
- Page 61 Gigabit SSL VPN Security Router User’s Manual Select WAN2 from the pull-down option list “Interface”, and then click “Enable”. Finally, click “Add New” and the rule will be added to the mode. After the rule is set up, only packets that go to Port 80 will be transmitted through WAN2, while other traffics will be transmitted through WAN1.
- Page 62 Gigabit SSL VPN Security Router User’s Manual - 56 -...
-
Page 63: Chapter 7: Port Management
Gigabit SSL VPN Security Router User’s Manual Chapter 7: Port Management This chapter introduces how to configure ports and understand how to configure intranet IP addresses. 7.1 Setup Through the device, users can easily manage the setup for WAN ports, LAN ports and the DMZ port by choosing the number of ports, speed, priority, duplex and enable/disable the auto-negotiation feature for connection setting of each port. - Page 64 Gigabit SSL VPN Security Router User’s Manual gather the connection speed and duplex mode. Therefore, if Enabled Auto-Neg. selected, the ports setup will be done without any manual setting by administrators. This feature allows administrators to set the LAN port to be one or more VLAN disconnected network sessions.
-
Page 65: Port Status
Gigabit SSL VPN Security Router User’s Manual 7.2 Port Status - 59 -... -
Page 66: Ip/ Dhcp
Gigabit SSL VPN Security Router User’s Manual Summary There are Network Connection Type, Interface, Link Status (Up/Down), Port Activity (Port Enabled), Priority Setting (High or Normal), Speed Status (10Mbps, 100Mbps or 1000Mbps), Duplex Status (half duplex or full duplex), Auto Neg. (Enabled/Disabled), and VLAN. Statistics The packet data of this specific port will be displayed. - Page 67 Gigabit SSL VPN Security Router User’s Manual DHCP Dynamic IP Item Description Check the option to activate the DHCP server automatic IP lease function. If the Enable DHCP Server function is activated, all PCs will be able to acquire IP automatically. Otherwise, users should configure static virtual IP for each PC individually.
-
Page 68: Dhcp Status
Gigabit SSL VPN Security Router User’s Manual 7.4 DHCP Status This is an indication list of the current status and setup record of the DHCP server. The indications are for the administrator’s reference when a network modification is needed. Item Description This is the current DHCP IP. -
Page 69: Ip & Mac Binding
Gigabit SSL VPN Security Router User’s Manual 7.5 IP & MAC Binding Administrators can apply IP & MAC Binding function to make sure that users can not add extra PCs for Internet access or change private IP addresses. There are two methods for setting up this function: Block MAC address on the list with wrong IP address: This method only allows MAC addresses on the list to receive IP addresses from DHCP and have Internet access. - Page 70 Gigabit SSL VPN Security Router User’s Manual IP & MAC Binding - 64 -...
- Page 71 Gigabit SSL VPN Security Router User’s Manual Item Description There are two ways to input static IP: Static IP: 1. If users want to set up a MAC address to acquire IP from DHCP, but the IP need not be a specific assigned IP, input 0.0.0.0 in the boxes. The boxes cannot be left empty.
-
Page 72: Ip Grouping
Gigabit SSL VPN Security Router User’s Manual 7.6 IP Grouping IP Group function can combine several IP addresses or IP address ranges into several groups. When you manage user internet access privileges by IP address, you can set up every management functions for users who have same internet access privileges in the same IP group in order to decrease the effort of setting rules for each IP address. - Page 73 Gigabit SSL VPN Security Router User’s Manual You can choose from the IP list on the left side to set up a local IP group. Local Group Set Choose IP Group that you would like to modify. If you would like to add new IP Group groups, please push “Add new group”...
- Page 74 Gigabit SSL VPN Security Router User’s Manual Remote IP Group Management: Basically, Remote IP Group setups are exactly the same as Local IP Group setups. However, remote IP group does not have automatically learning functions. Instead, you need to define addresses, ranges and groups manually.
-
Page 75: Port Group Management
Gigabit SSL VPN Security Router User’s Manual 7.7 Port Group Management Service ports can be grouping as IP grouping. It is convenient to set QoS, firewall access rules, and other functions. Item Description Input the name, protocol, and port range for the specific service port. User edit port Name the Port in order to identify its property. -
Page 76: Chapter 8: Qos (Quality Of Service)
Gigabit SSL VPN Security Router User’s Manual Chapter 8: QoS (Quality of Service) QoS is an abbreviation for Quality of Service. The main function is to restrict bandwidth usage for some services and IP addresses to save bandwidth or provide priority to specific applications or services, and also to enable other users to share bandwidth, as well as to ensure stable and reliable network transmission. -
Page 77: The Maximum Bandwidth Provided By Isp
Gigabit SSL VPN Security Router User’s Manual 8.1.1 The Maximum Bandwidth provided by ISP In the boxes for WAN1 and WAN2 bandwidth, input the upstream and downstream bandwidth which users applied for from bandwidth supplier. The bandwidth QoS will make calculations according to the data users input. -
Page 78: Qos
Gigabit SSL VPN Security Router User’s Manual The rules configured in Protocol Binding will be executed by the device according to their priorities too. The higher up on the list, the higher the priority of execution. The unit of calculation in this example is Kbit. Some software indicates the downstream/upstream speed Attention with the unit KB. - Page 79 Gigabit SSL VPN Security Router User’s Manual Item Description Select on which WAN the QoS rule should be executed. It can be a single Interface selection or multiple selections. Select what bandwidth control is to be configured in the QoS rule. If the Service Port bandwidth for all services of each IP is to be controlled, select “All (TCP&UDP) 1~65535”.
- Page 80 Gigabit SSL VPN Security Router User’s Manual example, If the rule is set for the IP of each PC, the IP of each PC will have the same bandwidth. If “Share-Bandwidth” is selected, be aware of the actual usage conditions and avoid an improper configuration that might cause a malfunction of the network when the bandwidth is too small.
-
Page 81: Smart Qos
Gigabit SSL VPN Security Router User’s Manual 8.1.3 Smart QoS Item Description Choose to apply QoS function. Enabled QoS Input the required rate value into the column. The default is 60%. When the usage of any WAN’s bandwidth is over___%, Enable Smart Input the max. - Page 82 Gigabit SSL VPN Security Router User’s Manual Item Description When the usage of certain WAN’s bandwidth is under __%, will When the usage of certain WAN's stop to punish the IP which is over the limit. While the bandwidth bandwidth is under__%, then stop to is over the certain percentage, penalty mechanism will be add new punished IP actived.
-
Page 83: Exception Ip Address
Gigabit SSL VPN Security Router User’s Manual 8.1.4 Exception IP address If some users are allowed to avoid traffic management control, you can use this function to fulfill the requirement. Item Description Select WAN ports. Enter the exempted IP range, or select the exempted IP group. Source IP Select do not control upload, download, or both of them. -
Page 84: Session Control
Gigabit SSL VPN Security Router User’s Manual 8.2 Session control Session management controls the acceptable maximum simultaneous sessions of Intranet PCs. This function is very useful for managing connection quantity when P2P software such as BT, Thunder, or emule is used in the Intranet causing large numbers of sessions. - Page 85 Gigabit SSL VPN Security Router User’s Manual lines that this user is connected with will be removed, and the user will not be abl to connect with the Internet for five minutes. New connections cannot be made until the delay time ends. If “Always”...
-
Page 86: Chapter 9 : Firewall
Gigabit SSL VPN Security Router User’s Manual Chapter 9 : Firewall This chapter introduces firewall general policy, access rule, and content filter settings to ensure network security. 9.1 General Policy The firewall is enabled by default. If the firewall is set as disabled, features such as SPI, DoS, and outbound packet responses will be turned off automatically. - Page 87 Gigabit SSL VPN Security Router User’s Manual may allow the client end to receive this type of packet message format. This Through feature is off by default. This feature is designed to prevent the intranet from being attacked by ARP Prevent ARP Virus spoofing, causing the connection failure of the PC.
- Page 88 Gigabit SSL VPN Security Router User’s Manual Item Description This device provides three types of data packet transmission: TCP-SYN-Flood, Packet Type UDP-Flood and ICMP-Flood. When all packet values from external attack or from single external IP attack WAN Threshold reach the maximum amount (the default is 15000 packets/Sec and 2000 packets/Sec respectively), if these conditions above occurs, the IP will be blocked for 5 minutes ( the default is 5 minutes OBJ 176 ).
-
Page 89: Access Rule
Gigabit SSL VPN Security Router User’s Manual 9.2 Access Rule Users may turn on/off the setting to permit or forbid any packet to access internet. Users may select to set different network access rules: from internal to external or from external to internal. Users may set different packets for IP address and communication port numbers to filter Internet access rules. -
Page 90: Add New Access Rule
Gigabit SSL VPN Security Router User’s Manual Item Description Define the network access rule item Edit: Remove the item. Delete: Create a new network access rule Add New Rule: Restore all settings to the default values and delete all the self-defined settings. Return to Default Rule: 9.2.2 Add New Access Rule Item... - Page 91 Gigabit SSL VPN Security Router User’s Manual WAN2 or Any). Select from the drop-down menu. Select the source IP range (for example: Any, Single, Range, or preset IP group name). Source IP If Single or Range is selected, please enter a single IP address or an IP address within a session.
-
Page 92: Url Filter
Gigabit SSL VPN Security Router User’s Manual 9.3 URL Filter The device supports two webpage restriction modes: one is to block certain forbidden domains, and the other is to give access to certain web pages. Only one of these two modes can be selected. Block Forbidden Domain Fill in the complete website such as www.sex.com to have it blocked. - Page 93 Gigabit SSL VPN Security Router User’s Manual Item Description Click to enable the forbidden domains function. Default is Disabled. Forbidden Domains Enabled Input the website to be controlled. For example, www.playboy.com Input the IP or IP ranges not to be controlled. Exception IP Address Click ”Add to list”...
- Page 94 Gigabit SSL VPN Security Router User’s Manual Click “Apply” to save the modified parameters. Apply Click “Cancel” to cancel all the changes made to the parameters. Cancel Accept Allowed Domains In some companies or schools, employees and students are only allowed to access some specific websites. This is the purpose of the function.
- Page 95 Gigabit SSL VPN Security Router User’s Manual Item Description Enter the exempted IP addresses or IP group. Exception IP address/Group Click this button to add exempted IP addresses or IP group. Add to list Click this button to delete selected exempted IP address or IP group. Delete selected range Content Filter Scheduling Select “Always”...
- Page 96 Gigabit SSL VPN Security Router User’s Manual Item Description Select “Always” to apply the rule on a round-the-clock basis. Select “from”, and Always: the operation will run according to the defined time. Select "Always" to apply the rule on a round-the-clock basis. …to…: If “From”...
-
Page 97: Chapter 10 : Vpn (Virtual Private Network)
Gigabit SSL VPN Security Router User’s Manual Chapter 10 : VPN (Virtual Private Network) 10.1. Display All VPN Summary This VPN Summary displays the real-time data with regard to VPN status. These data include: all tunnel numbers, setting parameters and Group VPN and so forth. Detail: Push this button to display the following information with regard to all current VPN configurations to facilitate VPN connection management. - Page 98 Gigabit SSL VPN Security Router User’s Manual VPN Tunnel Status: The following describes VPN Tunnel Status, the current status of VPN tunnel in detail: Item Description Click Previous page or Next page to view the desired VPN tunnel page. Or users Previous Page/Next can select the page number directly to view all VPN tunnel statuses, such as 3, 5, Page, Jump to __/__...
- Page 99 Gigabit SSL VPN Security Router User’s Manual with a valid IP address or domain name. Click “Connect” to verify the tunnel status. The test result will be updated. To Control disconnect, click “Disconnect” to stop the VPN connection. Setting items include Edit and Delete icon. Config Click on Edit to enter the setting items and users may change the settings.
-
Page 100: Add A New Vpn Tunnel
Gigabit SSL VPN Security Router User’s Manual 10.1.1. Add a New VPN Tunnel The device supports Gateway to Gateway tunnel or Client to Gateway tunnel. The VPN tunnel connections are done by 2 VPN devices via the Internet. When a new tunnel is added, the setting page for Gateway to Gateway or Client to Gateway will be displayed. - Page 101 Gigabit SSL VPN Security Router User’s Manual Item Description Set the embedded VPN feature, please select the Tunnel number. Tunnel No. Displays the current VPN tunnel connection name, such as XXX Office. Users are Tunnel Name well-advised to give them different names to avoid confusion. If this tunnel is to be connected to the other VPN device, some device requires that the tunnel name is identical to the name of the host end Note...
- Page 102 Gigabit SSL VPN Security Router User’s Manual further settings. FQDN refers to the combination of host name and domain name and can be retrieved from the Internet, i.e. vpn.server.com. This IP address and domain name must be identical to those of the VPN secure gateway setting type to establish successful connection.
- Page 103 Gigabit SSL VPN Security Router User’s Manual 2. Subnet This option allows local computers in this subnet can be connected to the VPN tunnel. Reference: When this VPN tunnel is connected, only computers with the session of 192.168.1.0 and with subnet mask as 255.255.255.0 can connect with remote VPN. - 97 -...
- Page 104 Gigabit SSL VPN Security Router User’s Manual Remote Group Setup This remote gateway authentication type (Remote Security Gateway Type) must be identical to the remotely-connected local security gateway authentication type (Local Security Gateway Type). Item Description This remote gateway authentication type comes with five operation modes, which are: Remote Security IP only-Authentication by use of IP only IP + Domain Name (FQDN) Authentication, Gateway Type...
- Page 105 Gigabit SSL VPN Security Router User’s Manual If the remote IP address is unknown, choose IP by DNS Resolved, allowing DNS to translate the IP address. This domain name must be available on the Internet. When users finish the setting, the corresponding IP address will be displayed under the remote gateway of Summary.
-
Page 106: Ipsec Setup
Gigabit SSL VPN Security Router User’s Manual offers a few items for remote settings. Please select and set appropriate parameters: Group Type (1) IP address This option allows the only IP address which is entered to build the VPN tunnel. Reference: When this VPN tunnel is connected, computers with the IP address of 192.168.2.1 can establish connection. - Page 107 Gigabit SSL VPN Security Router User’s Manual Use IKE Protocol Click the shared key generated by IKE to encrypt and authenticate the remote user. If PFS (Perfect Forward Secrecy) is enabled, the Phase 2 shared key generated during the IKE coordination will conduct further encryption and authentication.
- Page 108 Gigabit SSL VPN Security Router User’s Manual VPN connection so as to guarantee security. For the Auto (IKE) option, enter a password of any digit or characters in the text of Preshared Key “Pre-shared Key” (the example here is set as test), and the system will automatically translate what users entered as exchange password and authentication mechanism during the VPN tunnel connection.
- Page 109 Gigabit SSL VPN Security Router User’s Manual system will determine the VPN tunnel is disconnected. If you create a VPN tunnel for the active side, the system will automatically rebuild the VPN tunnel again; and if you are a passive one, the system will wait for the other re-establish the VPN tunnel. Remote Host:Remote network nodes to detect the location, the server address is best to be fast and stable response (proposal can fill in the VPN remote Sever LAN IP, please do not enter the server address which can not respond to ICMP).
-
Page 110: Client To Gateway Setting (Future Feature)
Gigabit SSL VPN Security Router User’s Manual 10.1.1.2 Client to Gateway Setting (future feature) The following describes how an administrator builds a VPN tunnel between devices. Users can set this VPN tunnel to be used by one client. Only one tunnel will be set and used by a group of clients, which allows easy setting. - Page 111 Gigabit SSL VPN Security Router User’s Manual this tunnel. The WAN IP address will be automatically filled into this space. Users don't need to do further settings. (2) IP + Domain Name(FQDN) Authentication: If users select IP + domain name type, please ente r the domain name and IP address.
- Page 112 Gigabit SSL VPN Security Router User’s Manual 1. IP address This option allows the only IP address which is entered to build the VPN tunnel. Reference: When this VPN tunnel is connected, computers with the IP address of 192.168.1.0 can establish connection. Reference: When this VPN tunnel is connected, computers with the IP address of 192.168.1.0 can establish connection.
- Page 113 Gigabit SSL VPN Security Router User’s Manual Remote VPN Group Setting This remote gateway authentication type (Remote Security Gateway Type) must be identical to the remotely-connected local security gateway authentication type (Local Security Gateway Type). Item Description This local gateway authentication type comes with five operation modes, which are: IP Remote Security Gateway Type: only IP + Domain Name (FQDN) Authentication IP + E-mail Addr.
- Page 114 Gigabit SSL VPN Security Router User’s Manual connection, this device will start authentication and respond to this VPN tunnel connection; if users select this option to link to VPN, please enter the domain name. (5) Dynamic IP + E-mail Addr. (USER FQDN) Authentication. If users use dynamic IP address to connect to the device, users may select this option to connect to VPN without entering IP address.
- Page 115 Gigabit SSL VPN Security Router User’s Manual IKE Protocol Click the shared key generated by IKE to encrypt and authenticate the remote user. If PFS (Perfect Forward Secrecy) is enabled, the Phase 2 shared key generated during the IKE coordination will conduct further encryption and authentication.
-
Page 116: Pptp Server
Gigabit SSL VPN Security Router User’s Manual Item Description Aggressive Mode: This mode is mostly adopted by remote devices. The IP connection is designed to enhance the security control if dynamic IP is used for connection. NAT Traversal This option allowed the VPN connection can penetrate the NAT which in front of the router. -
Page 117: Vpn Pass Through
Gigabit SSL VPN Security Router User’s Manual Item Description When this option is selected, the point-to-point tunnel protocol PPTP server can be Enabled PPTP Server enabled. Please enter PPTP IP address range so as to provide the remote users with an PPTP IP Address entrance IP into the local network. - Page 118 Gigabit SSL VPN Security Router User’s Manual order to connect with external VPN device. Through After modification, push “Apply” button to save the network setting or push “Cancel” to keep the settings unchanged. - 112 -...
-
Page 119: Chapter 11: Ssl Vpn
Gigabit SSL VPN Security Router User’s Manual Chapter 11: SSL VPN SSL VPN, client only need a web browser to access to Central servers. Passing the ID, and you get the portal to the company’s internal resources, such as Internet services, Microsoft terminal services, remote desktop services, online neighborhood networks, and secure tunnel functions. - Page 120 Gigabit SSL VPN Security Router User’s Manual Item Description Display the group’s name. SSL VPN has 4 built-in groups by default (All Users, Group Supervisor, Mobile User, & Branch Staff). If one group needs to be edited, click on its name to access the group management page.
-
Page 121: Group Management
Gigabit SSL VPN Security Router User’s Manual Click the recycle bin icon to delete a group. Delete Display whether the group configuration is Enabled or Disabled. Defaults for the All Status Users group are Enabled and for others are Disabled. Click the "Add New Group"... - Page 122 Gigabit SSL VPN Security Router User’s Manual - 116 -...
- Page 123 Gigabit SSL VPN Security Router User’s Manual Group Name Item Description Display all group names in the drop down list. There are four group for default: All Group Name Users, Supervisor, Mobile User, Branch Staff. Click it to create a new group. Add Group Add New Group : Item...
- Page 124 Gigabit SSL VPN Security Router User’s Manual Item Description All authentication servers with defined settings will be displayed on Domain Assign Management list. You are required to choose one authentication server to be assigned to this group. Each group can only be assigned to one type of authentication server.
- Page 125 Gigabit SSL VPN Security Router User’s Manual Click on the recycle bin icon to delete authentication server settings. Delete Adding New Authentication Service : SSL VPN, in addition to Local Database, supports another 7 kinds of authentication server types: Radius-PAP / CHAP/MSCHAP / MSCHSPV2, NT-Domain, Active Directory, and LDAP. 1.
- Page 126 Gigabit SSL VPN Security Router User’s Manual Item Description Select the authentication server type from the drop down menu. Authentication Type Name the selected authentication server. Domain Names Enter authentication server address. RADIUS Srv Enter the password for RADIUS. Radius Password Click on the "Apply"...
- Page 127 Gigabit SSL VPN Security Router User’s Manual Name the selected authentication server. Domain Name Enter authentication server address. RADIUS Srv Enter the password for RADIUS. Radius Password Click on the " Apply" tab to save changes Apply Click "Cancel" to clear any recent changes to the settings. Cancel 4.
- Page 128 Gigabit SSL VPN Security Router User’s Manual Item Description Select the authentication server type from the drop down menu. Authentication Type Name the selected authentication server. Domain Names Enter authentication server address. RADIUS Srv Enter the password for RADIUS. Radius Password Click on the "...
- Page 129 Name the selected authentication server. Domain Name Enter Active Directory authentication server address. AD_Srv_Add Enter Active Directory authentication server’s domain name. For example, planet.com AD Domain Click on the "Apply" tab to save changes Apply Click "Cancel" to clear any recent changes to the settings.
- Page 130 Gigabit SSL VPN Security Router User’s Manual Item Description Select the authentication service type you wish to use from the drop down menu. Authentication Type Name the selected authentication server. Domain Names Enter authentication server address. LDAP Address Enter LDAP authentication server’s authentication domain name (LDAP BaseDN*). LDAP Base DN Click on the "Apply"...
- Page 131 Gigabit SSL VPN Security Router User’s Manual Step 2: User Management User Management determines who belong to this group and have the right to use the resources. Newly added users will appear on the user list; click on "Assign to this Group" column to designate a user to this group. If "Domain Management"...
- Page 132 Gigabit SSL VPN Security Router User’s Manual Add New User Click on “Add new user” and the window below will pop up. Please note: In addition to Local Database, user names and passwords must correspond to the selected authentication server’s user names. Item Description Display the authentication server name used by this group.
- Page 133 Gigabit SSL VPN Security Router User’s Manual management UI. Even though a user has logged in via the web portal, he/she will be forced to logout Inactivity (timeout) due to inactivity after 10 minutes. If a user logs into the web portal to access timeout enterprise resources using a SSL in an unsafe environment, a shorter timeout time is recommended to mitigate risk if the user is logged in but inactive.
- Page 134 Gigabit SSL VPN Security Router User’s Manual Default values for each built-in user groups are shown in the following table. Group name All Users Supervisor Mobile User Branch Staff Resource name Internet Services Telnet Microsoft Terminal Services Word Excel Power Point Access Outlook FrontPage...
- Page 135 Gigabit SSL VPN Security Router User’s Manual Virtual Passage Configure Bookmark for this Group Serv ices (Telnet, SSH, FTP) and remote desktop services (RDP5, VNC) can use group established bookmarks. Users are not required to remember or set a server name or IP address. inistrators can see all configured bookmarks here, which will display on a user web portal.
- Page 136 Gigabit SSL VPN Security Router User’s Manual Item Description Enter the service resource name; this name will appear on the user's web portal as the Bookmark Name service name. Enter the service name or IP address. Name address Select a service from the drop down menu below, for example: Telnet/SSH/FTP. Service After completing the previous steps, click on the “Add to List”...
- Page 137 Gigabit SSL VPN Security Router User’s Manual Item Description Enter the service resource name; this name will appear on the user's web portal as the Bookmark Name service name. Enter the service name or IP address. Name address Select remote desktop service RDP5/VNC from the drop down menu. Service Configure user remote desktop screen display dimensions: 680x480, 800x600, Screen Size...
-
Page 138: Domain Management
Gigabit SSL VPN Security Router User’s Manual 11.4 Domain Management In addition to selecting 8.3 “Group Management”, SSL VPN can also provide authentication to display Domain Management. All authentication services will be shown in the Domain Management list. Groups using authentication services will be displayed according to the authentication server name. -
Page 139: User Management
Gigabit SSL VPN Security Router User’s Manual Authentication service types are displayed by authentication server name, including: Authentication Local Database, Radius- PAP/ CHAP/ MSCHAP/ MSCHAPV2, NT-Domain, Active Type Directory and LDAP. Display configured external authentication server IP addresses. Authentication Server IP Display authentication server group names. - Page 140 Gigabit SSL VPN Security Router User’s Manual Database. Type Displays authentication server’s self-defined user names. User Name Displays which group the user belongs to; from here you can modify user groups. Group User passwords (if Local Database), expiration dates, user classifications, and inactive Edit timeouts can be edited or modified, but user authentication servers and user names cannot.
- Page 141 Gigabit SSL VPN Security Router User’s Manual Item Description Displays the authentication server name. Domain Name Enter authentication server’s user names. User Name For Local Database, enter user passwords. Passwords do not need to be entered if Password Local Database is not used. Enter users' permitted time limit.
-
Page 142: Service Resource Management
Gigabit SSL VPN Security Router User’s Manual 11.6 Service Resource Management 11.6.1 Resource Configuration SSL VPN supports common Microsoft terminal services (including Word, Excel, PowerPoint, Access, Outlook, IE, FrontPage, and ERP). Administrators can also click on the “Add New Terminal Service” tab to add additional terminal services. - Page 143 Gigabit SSL VPN Security Router User’s Manual addresses, and application program image editing. SSL VPN supports built-in application program paths c: \program files\Microsoft office\office\windword.exe. If you have installed Microsoft terminal services that have a different server path, modification will be required. Microsoft terminal service is “Disabled” by default. Once Microsoft terminal service server is set up and configured, activate it to avoid limited services for group users.
-
Page 144: Link To Portal
Gigabit SSL VPN Security Router User’s Manual 11.7 Link to Portal If user management settings have the user type set to “Administrator”, the user will login on the router management UI. For login to the web portal, click “Link to Portal”. 11.8 Certificate Management In s hort, SSL Certificate is an authentication between web browser and host. - Page 145 Gigabit SSL VPN Security Router User’s Manual - 139 -...
- Page 146 Gigabit SSL VPN Security Router User’s Manual The browser older than IE8.0 may display as below figure. Please note that these warning messages won't influence the operation and usage of the SSL VPN. But if you want to apply an integrity SSL certificate from a third party organization, you need contact these third party organizations(for example: VeriSign) and follow their procedures to apply a integrity SSL certificate for your business.
- Page 147 Planet System. Users only need to copy all the letters (including the “Begin” and “End”) into the notepad file and save to .PEM file. Then, users can import this .PEM file into Planet System. Press the “Add” tab to import certificate.
-
Page 148: Advanced Settings
Gigabit SSL VPN Security Router User’s Manual Users can export the SSL certificate from PC (excluding private-key) and import to other PCs. The exported file format is .PEM file. Please click to export. To add CA certificate into trusted list: Users can also add CA certificate from trusted issuer. -
Page 149: Assign Ip Range For Virtual Passage
Gigabit SSL VPN Security Router User’s Manual 11.9.1 Assign IP Range for Virtual Passage A virtu al passage is a type of point-to-point SSL client connection. When remote u sers use a secure tunnel to connect, SSL VPN will establish a virtual web interface. For this reason, you will need to set SSL VPN's secure tunnel client address range so it does not conflict with you r company's Internet DHCP IP. -
Page 150: Change Ssl Vpn Service Port
Gigabit SSL VPN Security Router User’s Manual 11.9.2 Change SSL VPN service port The SSL default port is 443. If port 443 is being used by another internal application, you can use the SSL VPN’s service port drop down menu to select a different one (10443, 20443). Remind: If you change a port other than the default 443, when a client connects to the SSL VPN, the port number will have to be entered after the address. -
Page 151: Chapter 12: Advanced Function
Gigabit SSL VPN Security Router User’s Manual Chapter 12: Advanced Function This chapter will introduce to you the advance router settings In the advance settings, you can: 1. S etup DMZ servers forwarding to WAN, for example, the Web or FTP servers. 2. -
Page 152: Port Range Forwarding
Gigabit SSL VPN Security Router User’s Manual 12.1.2 Port Range Forwarding Setting up a Port Forwarding Virtual Host: If the server function (which means the server for an external service such as WWW, FTP, Mail, etc) is contained in the network, we recommend that users use the firewall function to set up the host as a virtual host, and then convert the actual IP addresses (the Internet IP addresses) with Port 80 (the service port of WWW is Port 80) to access the internal server directly. -
Page 153: Service Port Management
Gigabit SSL VPN Security Router User’s Manual Item Description To select from this option the default list of service ports of the virtual host that users Service want to activate. Such as: All (TCP&UDP) 0~65535, 80 (80~80) for WWW, and 21~21 for FTP. Please refer to the list of default service ports. -
Page 154: Upnp
Gigabit SSL VPN Security Router User’s Manual activate. Add the service to the service list. Add to list To remove the selected services. Delete selected item Click the “Apply” button to save the modification. Apply Click the “Cancel” button to cancel the modification. This only works before “Apply” is Cancel clicked. -
Page 155: Routing
Gigabit SSL VPN Security Router User’s Manual Add to active service content. Add to List Remove selected services. Delete Selected Item This is a list which displays the current active UPnP functions. Show Table Click “Apply” to save the network configuration modification. Apply 12.3 Routing In this chapter we introduce the Dynamic Routing Information Protocol and Static Routing Information... -
Page 156: Static Routing
Gigabit SSL VPN Security Router User’s Manual Static Routing will be used. RIP is used when there is more than one router in a network, and if an administrator doesn’t want to assign a path list one by one to all of the routers, RIP can help refresh the paths. RIP is a very simple routing protocol, in which Distance Vector is used. - Page 157 Gigabit SSL VPN Security Router User’s Manual Item Description Input the remote network IP locations and subnet that is to be routed. For example, the Dest. IP IP/subnet is 192.168.2.0/255.255.255.0. Subnet Mask The default gateway location of the network node which is to be routed. Gateway This is the router layer count for the IP.
-
Page 158: One To One Nat
Gigabit SSL VPN Security Router User’s Manual 12.4 One to One NAT As both the device and ATU-R need only one actual IP, if ISP issued more than one actual IP (such as eight ADSL static IP addresses or more), users can map the remaining real IP addresses to the intranet PC virtual IP addresses. - Page 159 Gigabit SSL VPN Security Router User’s Manual Item Description To activate or close the One-to-One NAT function. (Check to activate the function). Enabled One to One NAT Input the Private IP address for the Intranet One-to-One NAT function. Private IP Range Begin Input the Public IP address for the Internet One-to-One NAT function.
- Page 160 Gigabit SSL VPN Security Router User’s Manual One-to-One NAT mode will change the firewall working mode. If this function has been set up, the Internet IP server or PC which is mapped with a LAN port will be exposed on the Internet. Attentio To prevent Internet users from actively connecting with the One-on-One NAT server or PC, please set up a proper denial rule for access, as described Firewall.
-
Page 161: Ddns- Dynamic Domain Name Service
Gigabit SSL VPN Security Router User’s Manual range Click “Apply” to save the network configuration modification. Apply Click “Cancel" to leave without making any changes. Cancel 12.5 DDNS- Dynamic Domain Name Service DDNS supports the dynamic web address transfer for 3322.org、DynDNS.org and DtDNS.com. This is for VPN connections to a website that is built with dynamic IP addresses, and for dynamic IP remote control. - Page 162 Gigabit SSL VPN Security Router User’s Manual Item Description This is an indication of the WAN port the user has selected. Interface Check either of the boxes before DynDNS.org, 3322.org and DtDNS.com to select one DDNS of the four DDNS website address transfer functions. The name which is set up for DDNS.
-
Page 163: Mac Clone
Gigabit SSL VPN Security Router User’s Manual 12.6 MAC Clone Some ISP will request for a fixed MAC address (network card physical address) for distributing IP address, which is mostly suitable for cable mode users. Users can input the network card physical address (MAC address: 00-xx-xx-xx-xx-xx) here. -
Page 164: Chapter 13: System Tool
Gigabit SSL VPN Security Router User’s Manual Chapter 13: System Tool System Tool This chapter introduces the management tool for controlling the device and testing network connection. For security consideration, we strongly suggest to change the password. Password and Time setting is in Chapter 5.2. -
Page 165: Firmware Upgrade
Gigabit SSL VPN Security Router User’s Manual 13.2 Firmware Upgrade Users may directly upgrade the device firmware on the Firmware Upgrade page. Please confirm all information about the software version in advance. Select and browse the software file, click "Firmware Upgrade Right Now"... - Page 166 Gigabit SSL VPN Security Router User’s Manual This feature allows users to backup all parameter settings. Click "Export" and select the location to save the "config.exp" file. - 160 -...
-
Page 167: Snmp
Item Description Activate SNMP feature. The default is activated. Enabled Set the name of the device such as Planet. System Name Set the name of the person who manages the device (i.e. John). System Contact Define the location of the device (i.e. Taipei). -
Page 168: System Recover
Gigabit SSL VPN Security Router User’s Manual 13.5 System Recover Users can restart the device with System Recover button. Restart As the figure below, if clicking “Restart Router” button, the dialog block will pop out, confirming if users would like to restart the device. Return to Factory Default Setting If clicking “Return to Factory Default Setting, the dialog block will pop out, if the device will return to factory default. - Page 169 Gigabit SSL VPN Security Router User’s Manual Besides general HA, Planet also provides advanced HA function that enables two devices to operate simultaneously. It brings full cost efficiency without making another device idle. It does not have to be the same model.
- Page 170 Gigabit SSL VPN Security Router User’s Manual Following is the description of the two different modes. Item Description Indicates the master device will operate for all outbound links. When the master Operation-Master Mode device fails transmitting, the backup device will take over. “Status- Normal”...
- Page 171 Gigabit SSL VPN Security Router User’s Manual device can keep DHCP functioning and there will be no LAN disconnection. Input LAN IP of Master mode, which is backed up. LAN IP of the backup device Input Master device MAC address, which is backed up. MAC Address of the backup device “Status- Normal”...
- Page 172 Gigabit SSL VPN Security Router User’s Manual device. backup device “Status-Normal” means both two devices operate normally. “Status-Backup” Status indicates Slave mode has problems, and the device enables backup to take over Item Description Although working with master device, Backup device’s DHCP server is disabled. Operation-Slave Mode LAN users need to transmit traffic through the WAN on Slave device.
-
Page 173: Chapter 14. Log
Gigabit SSL VPN Security Router User’s Manual Chapter 14. Log From the log management and look up, we can see the relevant operation status, which is convenient for us to facilitate the setup and operation. 14.1 System Log Its system log offers three options: system log, E-mail alert, and log setting. System Log - 167 -... -
Page 174: Alert Log
Gigabit SSL VPN Security Router User’s Manual Item Description If this option is selected, the System Log feature will be enabled. Enabled The device provides external system log servers with log collection feature. Syslog Server System log is an industrial standard communications protocol. It is designed to dynamically capture related system message from the network. - Page 175 Gigabit SSL VPN Security Router User’s Manual General Log The device provides the following warning message. Click to activate the feature. System error message, blocked regulations, regulation of passage permission, system configuration change and registration verification. Item Description If remote users fail to enter the system because of the access rules; for instance, Deny Policies message will be recorded in the system log.
- Page 176 Gigabit SSL VPN Security Router User’s Manual Incoming Packet Log View system packet log of those entering the firewall. The log includes information about the external source IP addresses, destination IP addresses, and service ports. It is illustrated as below. Clear Log Now This feature clears all the current information on the log.
-
Page 177: System Statistic
Gigabit SSL VPN Security Router User’s Manual 14.2 System Statistic The device has the real-time surveillance management feature that provides system current operation information such as port location, device name, current WAN link status, IP address, MAC address, subnet mask, default gateway, DNS, number of received/ sent/ total packets , number of received/ sent/ total Bytes, Received and Sent Bytes/Sec., total number of error packets received, total number of the packets dropped, number of session, number of the new Session/Sec., and upstream as well as downstream broadband usage (%). -
Page 178: Traffic Statistic
14.3 Traffic Statistic Six messages will be displayed on the Traffic Statistic page to provide better traffic management and control. By Inbound IP Address The figure displays the source IP address, bytes per second, and percentage. By outbound IP Address The figure displays the source IP address, bytes per second, and percentage. - Page 179 Gigabit SSL VPN Security Router User’s Manual By Inbound Service The figure displays the network protocol type, destination IP address, bytes per second, and percentage. By Outbound Session The figure displays the source IP address, network protocol type, source port, destination IP address, destination port, bytes per second and percentage.
- Page 180 Gigabit SSL VPN Security Router User’s Manual destination port, bytes per second and percentage. - 174 -...
-
Page 181: Ip/ Port Statistic
Gigabit SSL VPN Security Router User’s Manual 14.4 IP/ Port Statistic The device allows administrators to inquire a specific IP (or from a specific port) about the addresses that this IP had visited, or the users (source IP) who used this service port. This facilitates the identification of websites that needs authentication but allows a single WAN port rather than Multi-WANs. - Page 182 Gigabit SSL VPN Security Router User’s Manual Specific Port Status Enter the service port number in the field and IP that are currently used by this port will be displayed. - 176 -...