EnGenius EVR-100 User Manual
  1. Manuals
  2. Brands
  3. EnGenius Manuals
  4. Wireless Router
  5. EVR-100
  6. User manual

EnGenius EVR-100 User Manual

Wireless gigabit vpn router
Hide thumbs Also See for EVR-100:
Table of Contents

Advertisement

Quick Links

See also: Configuration Manual
Wireless Gigabit VPN Router
EVR100
Wireless Gigabit VPN Router
V1.0

Advertisement

Table of Contents
loading

Related Manuals for EnGenius EVR-100

Summary of Contents for EnGenius EVR-100

  • Page 1 Wireless Gigabit VPN Router EVR100 Wireless Gigabit VPN Router V1.0...

  • Page 2: Table Of Contents

    Introduction ...6 1.1. Package Contents ... 6 1.2. System Requirements ... 6 1.3. Introduction ... 7 1.4. LED Overview... 8 Before you Begin...9 2.1. Considerations for Wireless Installation ... 9 2.2. Computer Settings (Windows XP/Windows Vista/Windows 7) ...10 2.3. Hardware Installation ...14 Configuring your Router...
  • Page 3 Internet... 46 7.1. Status ...46 7.2. Dynamic IP Address ...47 7.3. Static IP Address...49 7.4. PPP over Ethernet ...50 7.5. Point-to-Point Tunneling Protocol (PPTP)...52 7.6. Layer-2 Tunneling Protocol (L2TP)...54 Wireless... 56 8.1. Basic ...56 8.2. Advanced ...59 8.3. Security ...61 8.4.
  • Page 4 9.5. MAC Filter ...79 9.6. IP Filter ...80 9.7. URL Filter ...82 Advanced ... 83 10.1. Network Address Translation (NAT) ...83 10.2. Port Mapping...84 10.3. Port Forwarding ...85 10.4. Port Trigger...86 10.5. Application Layer Gateway (ALG) ...87 10.6. Universal Plug and Play (UPnP) ...88 10.7.
  • Page 5 12.2. Time ... 125 12.3. Dynamic DNS (DDNS) ... 126 12.4. Power ... 127 12.5. Diagnosis ... 128 12.6. Firmware ... 129 12.7. Back-up ... 130 12.8. Reset... 131 Appendix A – FCC Interference Statement...132 Appendix B – IC Interference Statement...134...
  • Page 6 Revision History Version Date Notes 2011/01/11 First Release...

  • Page 7: Introduction

    1. Introduction 1.1. Package Contents • EnGenius WIRELESS GIGABIT VPN ROUTER • AC Adapter • RJ-45 Ethernet LAN Cable • CD-ROM with User Manual and Setup Wizard • Quick Guide 1.2. System Requirements • RJ-45 Ethernet Based Internet (ADSL or Cable Modem) •...

  • Page 8: Introduction

    1.3. Introduction EVR100 is a 2T2R Wireless 11N Gigabit VPN Router that delivers up to 6x faster speeds and 3x extended coverage than 802.11g devices. EVR100 supports home network with superior throughput and performance and unparalleled wireless range. With easy to use on the WPS function, it helps users to connect to wireless device with just one push button. There's also a built-in 4-port full-duplex 10/100/1000 Fast Switch to connect your wired-Ethernet devices together.

  • Page 9: Led Overview

    1.4. LED Overview LED Lights Icon Color – Blue Wireless LAN Lights when Wireless signal is activated. Blinks when Wireless data transfer. Color – Blue Internet Blinks when WPS handshake is initialized. Color – Blue Lights when wired network device is connected to RJ-45 port. Blinks when data transfer occurs on RJ-45 port.

  • Page 10: Before You Begin

    Here are some key guidelines to ensure that you have the optimal wireless range. 1. Keep the number of walls and ceilings between the EnGenius access point and other network devices to a minimum. Each wall or ceiling can reduce the signal strength, the degradation depends on the building’s material.

  • Page 11: Computer Settings (Windows Xp/Windows Vista/Windows 7)

    2.2. Computer Settings (Windows XP/Windows Vista/Windows 7) Click Start button and open Control Panel. Windows XP Windows Vista Windows 7...
  • Page 12 Windows XP, click [Network Connection] Windows Vista, click [View Network Status and Tasks] then [Manage Network Connections] Windows 7, click [View Network Status and Tasks] then [Change adapter settings]...
  • Page 13 Right click on [Local Area Connection] and select [Properties]. Check “Client for Microsoft Networks”, “File and Printer Sharing for Microsoft Networks”, and “Internet Protocol (TCP/IP) is ticked. If not, please install them.
  • Page 14 Select “Internet Protocol (TCP/IP)” and click [Properties] Select “Obtain an IP Address automatically” and “Obtain DNS server address automatically” then click [OK].

  • Page 15: Hardware Installation

    2.3. Hardware Installation 1. Place the unit in an appropriate location after conducting a site survey. 2. Plug one end of the Ethernet cable into the LAN port of the device and another end into your PC/Notebook. 3. Plug one end of another Ethernet cable to WAN port of the device and the other end into you cable/DSL modem (Internet) 4.

  • Page 16: Configuring Your Router

    3. Configuring your Router This section will show you how to configure the device using the web-based configuration interface. Please use your wireless network adapter to connect the WIRELESS ROUTER. IP Address Username / Password Wireless Mode Wireless SSID Wireless Security Note: xxxxxx represented in the wireless SSID above is the last 6 characters of your device MAC Address.

  • Page 17: Setup Wizard

    1. Open a web browser (Internet Explorer/Firefox/Safari) and enter the IP Address http://192.168.0.1 Note: If you have changed the default LAN IP Address of the WIRELESS ROUTER, ensure you enter the correct IP Address 2. The default username and password are admin. Once you have entered the correct username and password, click...
  • Page 18 3. You will see the following webpage if login successfully.
  • Page 19 4. Click Wizard to enter the Setup Wizard. Then click Next to begin the wizard.
  • Page 20 5. Select the Operation Mode. Please ensure you have the proper cables connected as described in the Hardware Installation section.
  • Page 21 AP Router Mode a) The device will search for the correct Internet settings automatically. b) The most appropriate WAN type will be determined and selected automatically. If it is incorrect, please select Others to set up the WAN settings manually.
  • Page 22 c) There are many WAN service types available. Please obtain the correct settings from your Internet Service Provider (ISP). Static IP Address If your ISP Provider has assigned you a fixed IP address, enter the assigned IP address, Subnet mask, Default Gateway IP address, and Primary DNS and Secondary DNS (if available) of your ISP provider.
  • Page 23 Dynamic IP Address The IP Address is allocated automatically. However some ISP’s will also recognize the MAC address and will reject connections if the MAC address does not match. If your ISP has recorded the MAC address of your computer’s Ethernet LAN card, please connect only the computer with the authorized MAC address, and click the Clone MAC Address button.
  • Page 24 PPP over Ethernet ISP requires an account username and password. PPP over Ethernet Username Username assigned to you by the ISP Password Password for this username. Service You can assign a name for this service. (Optional) The maximum size of packets. Do not change unless mentioned by the ISP.
  • Page 25 Point-to-Point Tunneling Protocol (PPTP) PPTP is used by some ISPs.
  • Page 26 PPTP WAN Interface Settings WAN Interface Type Select whether the ISP is set to Static IP or Dynamic IP address. Hostname This is optional. Only required if specified by ISP MAC address The MAC address that is used to connect to the ISP. PPTP Settings Login Username assigned to you by the ISP...
  • Page 27 Layer-2 Tunneling Protocol (L2TP) L2TP is used by some ISPs.
  • Page 28 L2TP WAN Interface Settings WAN Interface Type Select whether the ISP is set to Static IP or Dynamic IP address. Hostname This is optional. Only required if specified by ISP MAC address The MAC address that is used to connect to the ISP. L2TP Settings Login Username assigned to you by the ISP...
  • Page 29 Setup the level of wireless security to be used. EnGenius recommends the Highest level of security to be used. Note: 802.11n wireless speeds may not be achievable if the security level is setting the Lowest or Low. SSID Enter the name of your wireless network.
  • Page 30 e) Check the settings are correct, and then click Reboot to apply the settings.

  • Page 31: Vpn Wizard

    5. VPN Wizard Using VPN Wizard, you can establish VPN connection easily. Please refer to 11.3.

  • Page 32: System

    6. System 6.1. Status This page will display status of the device. Status Model Description of this device. Mode The device is currently in which mode. Uptime The duration about the device has been operating without powering down or reboot. Current Date/Time The device’s system time.
  • Page 33 WAN Settings Attain IP Protocol Method used to connect to the Internet IP address The WAN IP Address of the device. Subnet Mask The WAN Subnet Mask of the device. MAC address The MAC address of the device’s WAN Interface. Primary and Secondary Primary and Secondary DNS servers assigned to the WAN connection.
  • Page 34 LAN Settings IP address The LAN IP Address of the device. Subnet Mask The LAN Subnet Mask of the device. DHCP Server Whether the DHCP server is Enabled or Disabled. MAC address The MAC address of the device’s LAN Interface.
  • Page 35 WLAN Settings Channel The wireless channel in use. ESSID The SSID (Network Name) of the wireless network. (up to 4 SSIDs are supported) Security Wireless encryption is enabled for this SSID. BSSID The MAC address of this SSID. Associated Clients The number of wireless clients connected to this SSID.

  • Page 36: Lan

    6.2. LAN This page allows you to modify the device’s LAN settings.
  • Page 37 LAN IP IP address The LAN IP Address of this device. IP Subnet Mask The LAN Subnet Mask of this device. 802.1d Spanning Tree When Enabled, the Spanning Tree protocol will prevent network loops in your LAN network.
  • Page 38 DHCP Server DHCP Server The DHCP Server automatically allocates IP addresses to your LAN device. Lease Time The duration of the DHCP server allocates each IP address to a LAN device. Start / End IP The range of IP addresses of the DHCP server will allocate to LAN device. Domain name The domain name for this LAN network.
  • Page 39 Two DNS servers can be assigned for use by your LAN device. There are four modes available. DNS Servers From ISP The DNS server IP address is assigned from your ISP. User-Defined The DNS server IP address is assigned manually. DNS Relay LAN clients are assigned the device’s IP address as the DNS server.

  • Page 40: Dhcp

    6.3. DHCP This page shows the status of the DHCP server and also allows you to control how the IP addresses are allocated.
  • Page 41 The DHCP Client Table shows the LAN clients that have been allocated an IP address from the DHCP Server DHCP Client Table IP address The LAN IP address of the client. MAC address The MAC address of the client’s LAN interface. Expiration Time The time that the allocated IP address will expire.
  • Page 42 You can also manually specify the IP address that will be allocated to a LAN client by associating the IP address with its MAC address. Type the IP address you would like to manually assign to a specific MAC address and click Add to add the condition to the Static DHCP Table.

  • Page 43: Schedule

    6.4. Schedule This page allows you to setup the schedule times that the Firewall and Power Saving features will be activated / deactivated. Click Add to create a Schedule entry.
  • Page 44 Schedule Schedule Description Assign a name to the schedule. Service The service provides for the schedule. Days Define the Days to activate or deactivate the schedule. Time of day Define the Time of day to activate or deactivated the schedule. Please use 24-hour clock format.

  • Page 45: Log

    6.5. Log This page displays the system log of the device. When powered down or rebooted, the log will be cleared. Save Save the log to a file. Clear Clear the log. Refresh Update the log.

  • Page 46: Language

    6.6. Language This page allows you to change the Language of the User Interface.

  • Page 47: Internet

    7. Internet The Internet section allows you to manually set the WAN type connection and its related settings. 7.1. Status This page shows the current status of the device’s WAN connection.

  • Page 48: Dynamic Ip Address

    7.2. Dynamic IP Address The IP Address is allocated automatically. However some ISP’s will also recognize the MAC address and will reject connections if the MAC address does not match. If your ISP has recorded the MAC address of your computer’s Ethernet LAN card, please connect only the computer with the authorized MAC address, and click the Clone MAC button.
  • Page 49 Dynamic IP Address Hostname This is optional. Only required if specified by ISP MAC address The MAC Address that is used to connect to the ISP. DNS Servers Two DNS servers can be assigned for use by your LAN devices. There are two modes available.

  • Page 50: Static Ip Address

    7.3. Static IP Address If your ISP Provider has assigned you a fixed IP address, enter the assigned IP address, Subnet mask, Default Gateway IP address, and Primary DNS and Secondary DNS (if available) of your ISP provider. Static IP Address IP address Assign an IP address Manually.

  • Page 51: Ppp Over Ethernet

    7.4. PPP over Ethernet ISP requires an account username and password.
  • Page 52 PPP over Ethernet (PPPoE) Username Username assigned to you by the ISP Password Password for this username. Service You can assign a name for this service. (Optional) The maximum size of packets. Do not change unless mentioned by the ISP. Authentication type Select whether the ISP uses PAP or CHAP methods for authentication.

  • Page 53: Point-To-Point Tunneling Protocol (Pptp)

    7.5. Point-to-Point Tunneling Protocol (PPTP) PPTP is used by some ISPs.
  • Page 54 Point-to-Point Tunneling Protocol (PPTP) WAN Interface Type Select whether the ISP is set to Static IP or will allocate Dynamic IP address. Hostname This is optional. Only required if specified by ISP MAC address The MAC Address that is used to connect to the ISP. Username Username assigned to you by the ISP Password...

  • Page 55: Layer-2 Tunneling Protocol (L2Tp)

    7.6. Layer-2 Tunneling Protocol (L2TP) L2TP is used by some ISPs.
  • Page 56 Layer-2 Tunneling Protocol (L2TP) WAN Interface Type Select whether the ISP is set to Static IP or will allocate Dynamic IP address. Hostname This is optional. Only required if specified by ISP MAC address The MAC Address that is used to connect to the ISP. Username Username assigned to you by the ISP Password...

  • Page 57: Wireless

    8. Wireless The Wireless section allows you to configure the Wireless settings. 8.1. Basic This page shows the current status of the device’s Wireless settings.
  • Page 58 Basic Radio Enable or Disable the device’s wireless signal. Mode Select between Access Point or Wireless Distribution System (WDS) modes. Band Select the types of wireless clients that the device will accept. eg: 2.4 GHz (B+G+N) Only 802.11b and 11g clients will be allowed. Enable SSID# Select the number of SSID’s (Wireless Network names) you would like.
  • Page 59 Wireless Distribution System (WDS) Using WDS to connect Access Point wirelessly, and in doing so extend a wired infrastructure to locations where cabling is not possible or inefficient to implement. Note that compatibility between different brands and models is not guaranteed.

  • Page 60: Advanced

    8.2. Advanced This page allows you to configure wireless advance settings. It is recommended the default settings are used unless the user has experience with these functions.
  • Page 61 Advanced Fragment Threshold Specifies the size of the packet per fragment. This function can reduce the chance of packet collision. However when this value is set too low, there will be increased overheads resulting in poor performance. RTS Threshold When the packet size is smaller than the RTS Threshold, then the packet will be sent without RTS/CTS handshake which may result in incorrect transmission.

  • Page 62: Security

    8.3. Security This page allows you to set the wireless security settings. Security SSID Selection Select the SSID that the security settings will apply to. Broadcast SSID If Disabled, then the device will not be broadcasting the SSID. Therefore it will be invisible to wireless clients.
  • Page 63 Encryption The encryption method to be applied. You can choose from WEP, WPA pre-shared key or WPA RADIUS. Disabled - no data encryption is used. • WEP - data is encrypted using the WEP standard. • WPA-PSK - data is encrypted using the WPA-PSK standard. This is a later standard than WEP, •...
  • Page 64 802.1x Authentication RADIUS Server IP The IP Address of the RADIUS Server Address RADIUS Server port The port number of the RADIUS Server. RADIUS Server The RADIUS Server’s password. password...
  • Page 65 WEP Encryption: WEP Encryption Authentication Type Please ensure that your wireless clients use the same authentication type. Key type ASCII: regular text (recommended) HEX: for advanced users Key Length Select the desired option, and ensure the wireless clients use the same setting. 64 Bit - data is encrypted, using the default key, before being transmitted.
  • Page 66 WPA Pre-Shared Key Encryption: WPA Pre-Shared Key Encryption Authentication Type Please ensure that your wireless clients use the same authentication type. WPA type Select the WPA encryption you would like. Please ensure that your wireless clients use the same settings. Pre-shared Key Type Select whether you would like to enter the Key in HEX or Passphrase format.
  • Page 67 WPA RADIUS Encryption: WPA RADIUS Encryption WPA type Select the WPA encryption you would like. Please ensure that your wireless clients use the same settings. RADIUS Server IP Enter the IP address of the RADIUS Server address RADIUS Server Port Enter the port number used for connections to the RADIUS server.

  • Page 68: Filter

    8.4. Filter This page allows you to create filters to control which wireless clients can connect to this device by only allowing the MAC addresses entered into the Filtering Table.
  • Page 69 Wireless Filter Enable Wireless Access Tick the box to Enable Wireless Access Control. Control When Enabled, only wireless clients on the Filtering Table will be allowed. Description Enter a name or description for this entry. MAC address Enter the MAC address of the wireless client that you wish to allow connection. Click this button to add the entry.

  • Page 70: Wi-Fi Protected Setup (Wps)

    8.5. Wi-Fi Protected Setup (WPS) WPS feature is following the Wi-Fi Alliance WPS standard and it eases the set up of security-enabled Wi-Fi networks in the home and small office environment. It reduces the user steps required to configure a network and supports two methods that are familiar to most consumers to configure a network and enable security.
  • Page 71 Wi-Fi Protected Setup (WPS) Tick to Enable the WPS feature. WPS Button Tick to Enable the WPS push button. Wi-Fi Protected Setup Information WPS Current Status Shows whether the WPS function is Configured or Un-configured. Configured means that WPS has been used to authorize connection between the device and wireless clients.
  • Page 72 There are two methods to initialize the WPS feature: Push Button and Pin code methods. 1. WPS Push Button Method Push the WPS button on the WIRELESS ROUTER device. The Wireless LED light will start to flash to indicate that the WPS process is ready.
  • Page 73 2. Pin Code Method Note the Pin code of your WIRELESS ROUTER device. Please use this Pin code to initialize the WPS process from the wireless client configuration utility. This process will be different for each brand or model. Please consult the user manual of the wireless client for more...

  • Page 74: Client List

    8.6. Client List This page shows the wireless clients that are connected to the WIRELESS ROUTER device.

  • Page 75: Policy

    8.7. Policy This page allows you to configure the access policies for each SSID (wireless network). Policy WAN Connection Allow wireless clients on this SSID to access the WAN port which typically is an Internet connection. Communication between Wireless Whether each wireless client can communicate with each other in this SSID. When clients Disabled, the wireless clients will be isolated from each other.

  • Page 76: Firewall

    9. Firewall The Firewall section allows you to set the access control and Firewall settings. 9.1. Enable This page allows you to Enable / Disable the Firewall features. If Enabled Firewall service, the Denial of Service (DoS) and SPI (Stateful Packet Inspection) features will also be enabled.

  • Page 77: Advanced

    9.2. Advanced You can choose whether to allow VPN (Virtual Private Network) packets to pass through the Firewall.

  • Page 78: Dmz

    9.3. DMZ If enabled this feature, allows the DMZ computer on your LAN to be exposed to all users on the Internet. • This allows almost any application to be used on the server. • The “DMZ PC” will receive all Unknown connections and data. •...

  • Page 79: Denial Of Service (Dos)

    9.4. Denial of Service (DoS) Denial of Service (Denial of Service) is a type of Internet attack that sends a high amount of data to you with the intent to overload your Internet connection. Enable the DoS firewall feature to automatically detect and block these DoS attacks.

  • Page 80: Mac Filter

    9.5. MAC Filter You can choose whether to Deny or only Allow those computers listed in the MAC Filtering table to access the Internet. MAC Filter Enable MAC filtering Tick this box to Enable the MAC filtering feature. Deny all clients with MAC addresses When selected, the computers listed in the MAC Filtering table will be Denied listed below to access the network access to the Internet.

  • Page 81: Ip Filter

    9.6. IP Filter You can choose whether to Deny or only Allow, computer with those IP Addresses from accessing certain Ports. This can be used to control which Internet applications the computers can access. You may need to have certain knowledge of what Internet ports the applications use.
  • Page 82 IP Filter Enable IP filtering Tick this box to Enable the IP filtering feature. Deny all clients with IP addresses When selected, the computers with IP addresses specified will be Denied access to listed below to access the network the indicated Internet ports. Allow all clients with IP addresses When selected, the computers with IP addresses specified will be Allowed access listed below to access the network...

  • Page 83: Url Filter

    9.7. URL Filter You can deny access to certain websites by blocking keywords in the URL web address. For example, “gamer” has been added to the URL Blocking Table. Any web address that includes “gamer” will be blocked.

  • Page 84: Advanced

    10. Advanced The Advanced section allows you to configure the Advanced settings of the router. 10.1. Network Address Translation (NAT) This page allows you to Enable / Disable the Network Address Translation (NAT) and Network Turbine features. The NAT is required to share one Internet account with multiple LAN users.

  • Page 85: Port Mapping

    10.2. Port Mapping Port Mapping allows you to redirect a particular range of ports to a computer on your LAN network. This helps you host servers behind the NAT and Firewall. In the example below, there is a Mail Server that requires ports 25.

  • Page 86: Port Forwarding

    10.3. Port Forwarding Port Forwarding allows you to redirect a particular public port to a computer on your LAN network. This helps you host servers behind the NAT and Firewall. In the example below, there is a WEB Server running on port 80 on the LAN.

  • Page 87: Port Trigger

    If you use Internet applications which use non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the Wireless Router's firewall. Port Trigger will be required for these applications to work. Port Trigger Enable Port Forwarding Tick this box to Enable the Port Trigger feature.

  • Page 88: Application Layer Gateway (Alg)

    10.5. Application Layer Gateway (ALG) Certain applications may require the use of ALG feature to function correctly. If you use any of the applications listed, please tick and select it to enable this feature.

  • Page 89: Universal Plug And Play (Upnp)

    10.6. Universal Plug and Play (UPnP) The UPnP function allows automatic discovery and configuration of UPnP enabled devices on your network. It also provides automatic port forwarding for supported applications to seamlessly bypass the Firewall. Universal Plug and Play (UPnP) Enable the UPnP Feature Tick this box to Enable the UPnP feature to allow supported devices to be visible on the network.

  • Page 90: Quality Of Service (Qos)

    10.7. Quality of Service (QoS) QoS allows you to control the priority that the data is transmitted over the Internet, or to reserve a specific amount of Internet bandwidth. This is to ensure that applications get enough Internet bandwidth for a pleasant user experience.
  • Page 91 Priority Queue Method Bandwidth priority is set to either High or Low. The transmissions in the High queue will be processed first. Unlimited Priority Queue Local IP Address The computer with this IP Address will not be bound by the QoS rules. High / Low Priority Queue Protocol The type of network protocol.
  • Page 92 Bandwidth Allocation Method You can set the maximum amount of bandwidth a certain protocol will use at one time. Or you can set a minimum amount of bandwidth that will be guaranteed to a certain protocol. Bandwidth Allocation Type Set whether the QoS rules apply to transmission that are Download, Upload or Both directions. Local IP range Enter the IP address range of the computers that you would like the QoS rules to apply to.

  • Page 93: Routing

    10.8. Routing If your WIRELESS ROUTER device is connected a network with different subnets, then this feature will allow the different subnets to communicate with each other. Static Routing Enable Static Routing Tick this box to Enable the Static Router feature.
  • Page 94 Destination Subnet Mask 192.168.11.0 255.255.255.0 192.168.10.0 255.255.255.0 So if, for example, Client3 wants to send an IP data packet to 192.168.10.2 (Client 2), it would use the above table to determine that it had to go via 192.168.0.103 (Router 2) And if it sends Packets to 192.168.11.11 (Client 1) will go via 192.168.0.216 (Router 1).

  • Page 95: Vpn

    11. VPN A Virtual Private Network (VPN) provides a secure connection between two or more computers or protected networks over the public Internet. It provides authentication to ensure that the information is going to and from the correct parties. It provides security to protect the information from viewing or tampering en route. EVR100 supports IPSec (Site to Site, Remote to Site) and L2TP over IPSec methods to establish VPN connections and the maximum VPN session number is up to 5.

  • Page 96: Profile Setting

    11.2. Profile Setting This page allows you to Enable, Add, Edit and Delete VPN profiles. Profile Setting Enable Tick the box to Enable the VPN profile. Click this button to add the entry. Edit Select one profile and click this button to edit the entry. Delete Selected Delete the selected entries.

  • Page 97: Ipsec

    10.1.1. IPSec IPSec (Internet Protocol Security) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPSec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
  • Page 98 General Name Enter a name for your VPN policy. Connection Type Supports IPSec and L2TP over IPSec methods to establish VPN connection. Authentication Type Supports pre-shared key method for authentication. Shared Key Enter the Shared Key in box. Confirm Enter your Shared Key again for verification. Local ID Type Supports IP Address, Domain Name, Email Address methods for Local ID Type.
  • Page 99 SA (Security Association) A Security Association (SA) is the establishment of shared security attributes between two network entities to support secure communication. An SA may include attributes such as: cryptographic algorithm and mode; traffic encryption key; and parameters for the network data to be passed over the connection.
  • Page 100 Encryption EVR100 supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through the VPN. Authentication EVR100 supports SHA1, MD5 methods for authentication. Life Time Enter the number of seconds for the IKE Lifetime. The period of time to pass before establishing a new IKE security association (SA) with the remote endpoint.
  • Page 101 Network This page allows you to configure the VPN server and local/remote subnet. Network Security Gateway Type Security Gateway Type supports IP Address and Domain Name. Select one of them. Security Gateway The IP address or domain name of the VPN server. Local Network Enter the local (LAN) subnet and mask.
  • Page 102 Advanced This page allows you to configure advanced VPN settings. Advanced NAT Traversal Enabling NAT Traversal allow IPSec traffic from this endpoint to traverse through the translation process during NAT. The remote VPN endpoint must also support this feature and it must be enabled to function properly over the VPN.

  • Page 103: L2Tp Over Ipsec

    10.1.2. L2TP over IPSec L2TP over IPSec VPNs enable a business to transport data over the Internet, while still maintaining a high level of security to protect data. You can use this type of secure connection for small or remote office clients that need access to the corporate network.
  • Page 104 L2TP L2TP Setting Authentication Select the desired authentication protocol (PAP, CHAP, Auto). Select Auto by default. User Name Enter the username for authentication. Password Enter the password for authentication.
  • Page 105 Network Network Server IP Enter the VPN Server IP address. Remote IP Range Assign a range of IP addresses. The assigned IP range should be on the same IP network but not the in the same range as your DHCP IP range.

  • Page 106: Wizard

    11.3. Wizard You can use Wizard to create a VPN profile easily. Click Next button to begin the wizard. Enter the VPN policy name then click Next button to next page.
  • Page 107 You can select [IPSec] or [L2TP over IPSec] in this page then click Next button to next page. If you select [IPSec] then go to step 3.1. If you select [L2TP over IPSec] then go to step 3.2. 3.1 IPSec You can select [Client to Site] or [Site to Site] in this page then click Next button to next page.
  • Page 108 Enter the Security Gateway and remote network. Then click Next button to next page.
  • Page 109 3.2 L2TP over IPSec Enter the username, password and VPN server IP setting. Then click Next button to next page.
  • Page 110 Enter the shared key for the VPN connection. Setup successfully, enable this policy immediately. If you don’t want enable this policy, you can un-tick the box. Then click Apply button to apply the settings.
  • Page 111 How to establish a L2TP over IPSec VPN connection on Windows XP Click Start button and open Control Panel. Click [Network Connections], double click [New Connection Wizard] then click Next button.
  • Page 112 Select [Connect to the network at my workplace] then click Next button. Select [Virtual Private Network connection] then click Next button.
  • Page 113 Enter the [Company Name] then click Next button. Select [Do not dial the initial connection] then click Next button.
  • Page 114 Enter the VPN server IP address then click Next button. Select [Do not use my smart card] then click Next button.
  • Page 115 Click Finish button to complete the wizard. 10. Click Properities button.
  • Page 116 11. In Security, select [Advanced (custom settings)] then click Settings button. 12. Check [Unencrypted password (PAP)] and [Challenge Handshake Authentication Protocol (CHAP)] then click OK button.
  • Page 117 13. Click [IPSec Settings] then tick [Use pre-shared key for authentication], Enter the Key then click OK button. 14. In Networking, select [L2TP IPSec VPN] then click OK button.
  • Page 118 15. Click Connect button to connect VPN connection. 16. You can see the VPN Connection has been established.
  • Page 119 How to establish a L2TP over IPSec VPN connection in Windows 7 Click Start button and open Control Panel. Click [View Network Status and Tasks] then [Set up a new connection or network]...
  • Page 120 Click [Connect to a workplace] then [Use my Internet connection (VPN)] Enter the VPN server IP address: [Internet address], [Destination name] and tick [Don’t connect now; just set it up so I can connect later], then click the Next button.
  • Page 121 Enter the correct User name and Password then click the Create button. Click the Close button to close the VPN connection setting.
  • Page 122 Click [Change adapter settings] in Step 2, then select VPN Connection and click [Change settings of this connection] Change Type of VPN to [Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)] and check [Unencrypted password (PAP)] in Security.
  • Page 123 Click the Advanced settings button and select [Use preshared key for authentication] and enter the correct key. Then click OK button.
  • Page 124 10. Double click the VPN Connection then click the Connect button. 11. You can see the VPN Connection has been established.

  • Page 125: Tools

    12. Tools This section allows you to configure some device system settings. 12.1. Admin This page allows you to change the system password and to configure remote management. Change Password Old Password: Enter the current password. New Password: Enter your new password. Repeat New Password: Enter your new password again for verification.

  • Page 126: Time

    12.2. Time This page allows you to set the system time. Time Time Setup: Select the method you want to set the time. Time Zone: Select the time zone for your current location. NTP Time Server: Enter the address of the Network Time Protocol (NTP) Server to automatically synchronize with a server on the Internet.

  • Page 127: Dynamic Dns (Ddns)

    2. After registration, use the Service provider's normal procedure to obtain your desired Domain name. 3. Enter your DDNS data on the EVR100’s DDNS screen, and enable the DDNS feature. 4. The Wireless Router will then automatically ensure that your current IP Address is recorded at the DDNS service provider's Domain Name Server.

  • Page 128: Power

    12.4. Power This page allows you to Enable or Disable the wireless LAN power saving features.

  • Page 129: Diagnosis

    12.5. Diagnosis This page allows you determine if the WIRELESS ROUTER device has an active Internet connection. Diagnosis Address to Ping: Enter the IP address you like to see if a successful connection can be made. Ping Result: The results of the Ping test.

  • Page 130: Firmware

    2. Select the upgrade file. Its name will appear in the Upgrade File field. 3. Click the Apply button to commence the firmware upgrade. Note: The Wireless Router is unavailable during the upgrade process, and must restart when the upgrade is completed. Any connections to or through the Wireless Router will be lost.

  • Page 131: Back-Up

    12.7. Back-up Back-up Restore to factory Restores the device to factory default settings. default: Backup Settings: Save the current configuration settings to a file. Restore Settings: Restores a previously saved configuration file. Click Browse to select the file. Then Upload to load the settings.

  • Page 132: Reset

    12.8. Reset In some circumstances it may be required to force the device to reboot.

  • Page 133: Appendix A - Fcc Interference Statement

    Appendix A – FCC Interference Statement Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
  • Page 134 IMPORTANT NOTE: FCC Radiation Exposure Statement: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. We declare that the product is limited in CH1~CH11 by specified firmware controlled in the USA. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.

  • Page 135: Appendix B - Ic Interference Statement

    Appendix B – IC Interference Statement Industry Canada statement: This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

Table of Contents