Asus SL6000 User Manual
  1. Manuals
  2. Brands
  3. Asus Manuals
  4. Network Router
  5. SL6000
  6. User manual
Asus SL6000 User Manual

Asus SL6000 User Manual

Vpn adsl router
Hide thumbs Also See for SL6000:
Table of Contents

Advertisement

Quick Links

Download this manual

Advertisement

Table of Contents
loading

Related Manuals for Asus SL6000

Summary of Contents for Asus SL6000

  • Page 2 ® VPN ADSL Router SL6000/SL6300 User’s Manual...
  • Page 3 Product warranty or service will not be extended if: (1) the product is repaired, modified or altered, unless such repair, modification of alteration is authorized in writing by ASUS; or (2) the serial number of the product is defaced or missing.
  • Page 4 Technical Support Support Fax: +1-502-933-8713 General Support: +1-502-995-0883 Notebook Support: +1-510-739-3777 x5110 Support Email: tsd@asus.com ASUS COMPUTER GmbH (Germany and Austria) Address: Harkortstr. 25, 40880 Ratingen, BRD, Germany General Email: sales@asuscom.de (for marketing requests only) General Fax: +49-2102-9599-31 Web Site: www.asuscom.de...

  • Page 5: Table Of Contents

    3.1.1 Connect the ADSL line ............13 3.1.2 Connect the computers or a LAN .......... 14 3.1.3 Attach the power adapter ............14 3.1.4 Turn on the SL6000/SL6300 and your computers ....14 3.2 Configuring Your Computers ............15 3.2.1 Before you begin ..............15 3.2.2 Windows®...
  • Page 6 8.3 Static Routing ................49 8.3.1 Static Route Configuration Parameters ......... 49 8.3.2 Adding Static Routes ............. 50 8.3.3 Modifying Static Routes ............50 8.3.4 Deleting Static Routes ............51 8.3.5 Viewing the Static Routing Table ........... 51 ASUS VPN ADSL Router...
  • Page 7 9.7.5 View Configured Services ............. 75 9.8 DoS (Denial of Service) ..............76 9.8.1 SYN Flooding Attack Check ..........76 9.8.2 Winnuke Attack Check ............76 9.8.3 MIME Flood Attack Check ............. 76 9.8.4 Maximum IP Fragment Count ..........77 ASUS VPN ADSL Router...
  • Page 8 12.4.1 Change/View the System Time Zone ........ 110 12.5 System Configuration Management ..........111 12.5.1 Reset System Configuration to Default ....... 111 12.5.2 Backup System Configuration ..........111 12.5.3 Restore System Configuration .......... 112 12.6 Upgrade Firmware ..............113 ASUS VPN ADSL Router...
  • Page 9 A.2 Subnet masks ................118 B. Troubleshooting ..............119 B.1 Recall default configuration by “RESET” button ......122 B.2 Diagnosing Problem using IP Utilities .......... 125 B.2.1 ping ..................125 B.2.2 nslookup ................126 C. Glossary ................127 ASUS VPN ADSL Router...

  • Page 10: Introduction

    Router. Your LAN (local area network) will now be able to access the Internet via SL6000/SL6300’s ADSL connection. This User Manual will show you how to set up the SL6000/SL6300 VPN ADSL Router, and how to customize its configuration to get the most out of this product.

  • Page 11: Using This Document

    Acronyms are defined the first time they appear in text and in the glos- sary (Appendix C). • For brevity, the SL6000/SL6300 is referred to as “the router.” • The terms LAN and network are used interchangeably to refer to a group of Ethernet-connected computers at one site.

  • Page 12: Getting To Know Sl6000/Sl6300

    Chapter 2 2. Getting to Know SL6000/SL6300 2.1 Parts List In addition to this document, your SL6000/SL6300 should come with the following: • SL6000/SL6300 VPN ADSL Router • Power adapter • Ethernet cable (RJ-45) “straight-through” type) • Phone cable (RJ-11) 2.2 Front Panel...

  • Page 13: Rear Panel

    RJ-45 port for advanced console management. An additional RS232 to RJ45 cable is required. 4. Reset Resets the device. 5. Power Connects to the supplied power adapter. 6. On/Off Power switch to turn the unit ON and OFF. ASUS VPN ADSL Router...

  • Page 14: Quick Start Guide

    Part 2 describes how to configure Internet properties on your computer(s). • Part 3 shows you how to configure basic settings on the SL6000/SL6300 to get your LAN connected to the Internet. After setting up and configuring the device, you can follow the instructions to verify that it is working properly.

  • Page 15: Connect The Computers Or A Lan

    3.1.4 Turn on the SL6000/SL6300 and your computers Press the Power switch on the rear panel of SL6000/SL6300 to the ON position. Turn on and boot up your computer(s) and any LAN devices such as hubs or switches.

  • Page 16: Configuring Your Computers

    SL6000/SL6300 to do so. See “Assigning static Internet informa- tion to your PCs” for instructions. If you have connected your PC of LAN via Ethernet to the SL6000 / SL6300, follow the instructions that correspond to the operating system installed on your PC.

  • Page 17: Windows® 2000 Pcs

    CD or other media. Follow the instructions to install the files. 7. If prompted, click OK to restart your computer with the new settings. Next, configure the PCs to accept IP information assigned by the SL6000 / SL6300: 8. In the Control Panel, double-click the Network and Dial-up Connec- tions icon.

  • Page 18: Windows® Me Pcs

    CD or other media. Follow the instructions to install the files. 8. If prompted, click OK to restart your computer with the new settings. Next, configure the PCs to accept IP information assigned by the SL6000 / SL6300: 9. In the Control Panel, double-click the Network and Dial-up Connec- tions icon.

  • Page 19: Windows® 95, 98 Pcs

    CD. Follow the instructions to install the files. 7. Click [OK] to restart the PC and complete the TCP/IP installation. Next, configure the PCs to accept IP information assigned by the SL6000 / SL6300: 8. Open the Control Panel window, and then click the Network icon.

  • Page 20: Windows® Nt 4.0 Workstations

    6. Click [Yes] to continue, and then click [OK] if prompted to restart your computer. Next, configure the PCs to accept IP information assigned by the SL6000 / SL6300: 7. Open the Control Panel window, and then double-click the Network icon.

  • Page 21: Assigning Static Internet Information To Your Pcs

    • The IP address of the default gateway for your LAN. In most cases, this is the address assigned to the LAN port on the SL6000/SL6300. By default, the LAN port is assigned this IP address: 192.168.1.1. (You can change this number, or another number can be assigned by your ISP.

  • Page 22: Buttons Used In Setup Wizard

    3.3.2 Setting Up the SL6000/SL6300 Follow these instructions to setup SL6000/SL6300: 1. At any PC connected to one of the four LAN ports on the SL6000/ SL6300, open your Web browser, and type the following URL in the address/location box, and press <Enter>: http://192.168.1.1 This is the predefined IP address for the LAN port on the SL6000/ SL6300.
  • Page 23 If you have problem connecting to SL6000/SL6300, you may want to check if your PC is configured to accept IP address assignment from SL6000/SL6300. Another method is to set the IP address of your PC to any IP address in the 192.168.1.0 network, such as 192.168.1.2 but ex- cluding 192.168.1.1 and 192.168.1.255.
  • Page 24 [Apply] button to save the changes. You might get online help from the Setup Wizard by click the [Help] button and get Figure 3.5. Figure 3.4 Setup Wizard Password Configuration Page Figure 3.5 Setup Wizard Password Help Page ASUS VPN ADSL Router...
  • Page 25 [Next] button. Figure 3.6 Setup Wizard System Identity Configuration Page 5. Set the time zone for SL6000/SL6300 by selecting your time zone from the Time Zone drop-down list (shown in Figure 3.7 Time Zone Con- figuration). Click [Apply] to save the settings and then click on the [Next] button to go to the next configuration page.
  • Page 26 Chapter 3 There is no real time clock inside SL6000/SL6300. The system date and time are maintained by external network time server via SNTP (Simple Network Time Protocol). There are five predefined SNTP servers, so you don’t need to set the date and time here.
  • Page 27 Internet connection is working. Click on the [Next] but- ton to proceed to the next configuration page. Figure 3.10 Setup Wizard DHCP Server Configuration Page ASUS VPN ADSL Router...
  • Page 28 Chapter 3 8. Now we are at the last page of the Setup Wizard, which is to configure the WAN settings for SL6000/SL6300. Depending on the connection mode required from your ISP, you may select from the following con- nection modes from the Connection Mode drop-down list (see Figure 3.12): MPoA Bridged, PPPoE Relay, MPoA Routed, IPoA Routed,...
  • Page 29 Service interface is to have its IP address configured statically. * IP Address: Enter the MPoA Routed service interface’s IP Address. Contact your ISP for details * Subnet Mask: Enter the MPoA Routed service interface’s Subnet Mask. Contact your ISP for details c) IPoA Routed ASUS VPN ADSL Router...
  • Page 30 • The Bridge IP Settings are the same for all Interfaces that are in bridge mode or that have bridge services running over them • RIP Rx is always enabled as RIP is enabled ASUS VPN ADSL Router...

  • Page 31: Testing Your Setup

    LAN Port IP Address Default: Static IP address: 192.168.1.1 Subnet mask: 255.255.255.0 This is the IP address of the LAN port on SL6000/SL6300. The LAN port connects the device to your Ethernet network. Typically, you will not need to change this address. See section 6.1 LAN IP Address for instructions.

  • Page 32: Default Router Settings

    Manager, which provides an interface to the software installed on the device. It enables you to configure the device settings to meet the needs of your network. You access it through your web browser from any PC connected to the SL6000/ SL6300 via the LAN ports.

  • Page 33: Functional Layout

    Configuration Frame Setup Menu Frame Figure 4.2 Typical Configuration Manager Page A separate page displays in the right-hand-side frame for each menu. For example, the configuration page displayed in Figure 4.2 is intended for DHCP configuration. ASUS VPN ADSL Router...

  • Page 34: Commonly Used Buttons And Icons

    Launches the online help for the current topic in a separate browser window. Help is available from any main topic page. [Refresh] Re-displays the current page with updated statistics or settings. Selects the item for editing. Deletes the selected item. ASUS VPN ADSL Router...

  • Page 35: The Home Page Of Configuration Manager

    Chapter 4 4.3 The Home Page of Configuration Manager The Setup Wizard page displays when you first access the Configuration Manager. Figure 4.3 Setup Wizard Page ASUS VPN ADSL Router...

  • Page 36: System Information

    Chapter 5 5. System Information This chapter describes your SL6000/SL6300 system information and configuration summary when you click the “System Info” in the left column. You may get all information as shown in Figure 5.1. Figure 5.1. LAN IP Address Configuration Page...

  • Page 37: Configuring Lan Settings

    6.1 LAN IP Address If you are using the SL6000/SL6300 with multiple PCs on your LAN, you must connect the LAN via the Ethernet ports on the built-in Ethernet switch. You must assign a unique IP address to each device residing on your LAN. The LAN IP address identifies the SL6000/SL6300 as a node on your network;...

  • Page 38: Lan Ip Configuration Parameters

    Table 6.1 LAN IP Configuration Parameters IP Address The LAN IP address of SL6000/SL6300. This IP is used by your computers to identify SL6000/SL6300’s LAN port. Note that the public IP address assigned to you by your ISP is not your LAN IP address. The public IP address identifies the WAN port on SL6000/SL6300 to the Internet.

  • Page 39: Dhcp (Dynamic Host Configuration Protocol)

    IP information to computers on a network. When you enable DHCP on a network, you allow a device - such as the SL6000/ SL6300 - to assign temporary IP addresses to your computers whenever they connect to your network.

  • Page 40: Why Use Dhcp

    6.2.3 Configuring DHCP Server Note: By default, SL6000/SL6300 is configured as a DHCP server on the LAN side, with a predefined IP address pool of 192.168.1.10 through 192.168.1.108 (subnet mask 255.255.255.0). To change this range of addresses, follow the procedures described in this section.

  • Page 41: Dns

    Internet names that you type into your web browser into their equivalent numeric IP addresses. Typically, the server(s) are located with your ISP. However, you may enter LAN IP address here as SL6000/SL6300 will serve as DNS proxy for the LAN computers and forward the DNS request from the LAN to DNS servers and relay the results back to the LAN computers.

  • Page 42: Viewing Current Dhcp Address Assignments

    Chapter 6 6.2.4 Viewing Current DHCP Address Assignments When the SL6000/SL6300 functions as a DHCP server for your LAN, it keeps a record of any addresses it has leased to your computers. To view a table of all current IP address assignments, just go to the DHCP Server Configuration page.

  • Page 43: Assigning Dns Addresses

    Statically: If your ISP provides you with their DNS server addresses, you can assign them to each PC by modifying the PCs’ IP properties. Dynamically from a DHCP pool: You can configure the DHCP Server SL6000/ SL6300 and create an address pool that specify the DNS addresses to be distributed to the PCs.

  • Page 44: Viewing Lan Statistics

    6.4 Viewing LAN Statistics You can view statistics of your LAN traffic on SL6000/SL6300. You will not typically need to view this data, but you may find it helpful when working with your ISP to diagnose network and Internet data transmission problems.

  • Page 45: Configuring Wan/Adsl Settings

    There are several ADSL line configurations available on SL6000 and SL6300, for Annex A and Annex B, respectively. Figure 7.1 shows the available modes of SL6000: Multi, G.DMT, G.Lite and ANSI. You may click [Connect] to create the ADSL connection and click [Disconnect] to end down your ADSL connection.

  • Page 46: Wan Configuration

    7.2 WAN Configuration For WAN port configuration, there are several different protocols supported by SL6000/SL6300 to match your ISP’s requirement, including MPoA Bridged, PPPoE Relay, MPoA Routed, IPoA Routed, PPPoA Routed and PPPoE Routed. 7.2.1 MPoA Bridged and PPPoE Relay: No further configuration parameters need to be specified for MpoA Bridged and PPPoE Relay services.

  • Page 47: Pppoa Routed And Pppoe Routed

    * Password: The password for setting up the PPPoA/PPPoE Service. Con- tact your ISP for the specific password to be used for initial setup. * DoD : Dial on Demand. The SL6000/SL6300 attempts to connect to your ISP when an outgoing traffic is detected.

  • Page 48: Viewing Wan/Adsl Statistics

    Internet data transmission problems. To view WAN/ADSL statistics, click Statistics on the WAN submenu. Figure 7.3 shows the WAN/ADSL Statistics page. Figure 7.3 WAN Statistics Page To see the updated statistics since you opened the page, simply click [Refresh]. ASUS VPN ADSL Router...

  • Page 49: Configuring Routes

    The essential challenge of a router is: when it receives data intended for a particular destination, which next device should it send that data to? When you define IP routes, you provide the rules that SL6000/SL6300 uses to make these decisions.

  • Page 50: Dns Relay Configuration

    8.2 DNS Relay Configuration You may input your ISP’s Primary/Secondary DNS server address here if your PC’s DNS server address is directed to SL6000/SL6300, instead of automatically getting DNS server address from the ISP. Click [Apply] after typing your ISP’s Primary/Secondary DNS server address.

  • Page 51: Adding Static Routes

    1. In the Static Routes Configuration page (as shown in Figure 8.2.), se- lect the route from the service drop-down list or click on the icon of the route to be modified in the Static Routing Table. 2. Click [Modify] to modify the selected route. ASUS VPN ADSL Router...

  • Page 52: Deleting Static Routes

    IP address of the first hop the data should take. This table is known as the device’s routing table. To view the SL6000/SL6300’s routing table, click the Routing sub menu under Networking. The Static Routing Table displays in the lower half of the Static Routing Configuration page, as shown in Figure 8.2:...

  • Page 53: Configuring Firewall/Nat Settings

    Service) protection and stateful packet inspection as the first line security for your network. No configuration is required for this protection on your network as long as firewall is enabled for SL6000/SL6300. By default, the firewall is enabled at the factory. Please refer to section 12.1 Global Setting Configuration to enable or disable firewall service on SL6000/SL6300.

  • Page 54: Default Acl Rules

    Group Access Rules: for controlling users and user group information on your LAN. • Self Access Rules: for controlling access privilege to SL6000/SL6300 itself. Default Inbound Access Rules No default inbound access rule is configured. That is, all traffic from external hosts to the internal hosts is denied.
  • Page 55 Chapter 9 Figure 9.1 Inbound ACL Configuration Page ASUS VPN ADSL Router...
  • Page 56 Move to This option allows you to set a priority for this rule. The SL6000/SL6300 Firewall acts on packets based on the priority of the rules. Set a priority by specifying a number for its position in the list of rules: 1 (First) This number marks the highest priority.
  • Page 57 This option allows you to include a pool of IP addresses for applying this rule. The following fields become available for entry when this option is selected. IP Pool: You can associate a pre-configured IP pool (see section 9.9.3) that you had added to the rule. ASUS VPN ADSL Router...
  • Page 58 This option allows you to include a pool of IP addresses for applying this rule. The following fields become available for entry when this option is selected: IP Pool: You can associate a pre-configured IP pool (see section 9.9.3) that you had added to the rule. ASUS VPN ADSL Router...
  • Page 59 RTSP7070, RTSP554, QUAKE, N2P, PPTP, MSG2, MSG1, IRC, IKE, H323, IMAP4, HTTPS, DNS, SNMP, NNTP, POP3, SMTP, HTTP, FTP, TELNET. Note: service is a combination of protocol and port number. They appear here after you add them in the “Firewall Service” configuration page. ASUS VPN ADSL Router...
  • Page 60 SMTP: Only “None” available for the time being. Select “Enable” radio button to enable logging for this ACL rule; otherwise, select “Disable”. This option allows you to select the check box if this policy corresponds to VPN policy. ASUS VPN ADSL Router...

  • Page 61: Add Inbound Acl Rules

    Figure 9.2 illustrates how to create a rule to allow inbound HTTP (i.e. web server) service. This rule allows inbound HTTP traffic to be directed to the host with IP address 192.168.1.28. Figure 9.2 Inbound ACL configuration example ASUS VPN ADSL Router...

  • Page 62: Modify Inbound Acl Rules

    1. Log into Configuration Manager as admin, click the Firewall menu, and then click Inbound ACL submenu. 2. The inbound ACL rule table located at the lower half of the Inbound ACL Configuration page shows all the configured inbound ACL rules. ASUS VPN ADSL Router...

  • Page 63: Configuring Outbound Acl Rules

    Options in this configuration page allow you to: • Add a rule, and set parameters for it • Modify an existing rule • Delete an existing rule • View configured ACL rules Figure 9.3 Outbound ACL Configuration Page ASUS VPN ADSL Router...
  • Page 64 Move to This option allows you to set a priority for this rule. The SL6000/SL6300 Firewall acts on packets based on the priority of the rules. Set a priority by specifying a number for its position in the list of rules: 1 (First) This number marks the highest priority.
  • Page 65 This option allows you to include a pool of IP addresses for applying this rule. The following fields become available for entry when this option is selected: IP Pool: You can associate a pre-configured IP pool (see section 9.9.3) that you had added to the rule. ASUS VPN ADSL Router...
  • Page 66 Select this option if you want this rule to apply to applications with this port range. The following fields become available for entry when this option is selected. Begin Port: Enter the starting port number of the range End Port: Enter the ending port number of the range ASUS VPN ADSL Router...
  • Page 67 RTSP7070, RTSP554, QUAKE, N2P, PPTP, MSG2, MSG1, IRC, IKE, H323, IMAP4, HTTPS, DNS, SNMP, NNTP, POP3, SMTP, HTTP, FTP, TELNET. Note: service is a combination of protocol and port number. They appear here after you add them in the “Firewall Service” configuration page. ASUS VPN ADSL Router...
  • Page 68 SMTP: Only “None” available for the time being. Select “Enable” radio button to enable logging for this ACL rule; otherwise, select “Disable”. This option allows you to select the check box if this policy corresponds to VPN policy. ASUS VPN ADSL Router...

  • Page 69: Add An Outbound Acl Rule

    Figure 9.4 illustrates how to create a rule to allow outbound HTTP traffic. This rule allows outbound HTTP traffic to be directed to any host on the external network for a host in your LAN w/ IP address 192.168.1.15. Figure 9.4 Outbound ACL configuration example. (No predefined ACL rule.) ASUS VPN ADSL Router...

  • Page 70: Modify Outbound Acl Rules

    1. Log into Configuration Manager as admin, click the Firewall menu, and then click Outbound ACL submenu. 2. The outbound ACL rule table located at the lower half of the Outbound ACL Configuration page shows all the configured outbound ACL rules. ASUS VPN ADSL Router...

  • Page 71: Configuring Group Acl Rules

    10. You can associate any Application Filter by selecting the filters from the drop down list. 11. You can enable log and VPN for this Rule. 12. You can set the priority of the rule by making the rule first or second depending on your wish. ASUS VPN ADSL Router...
  • Page 72 [De- lete] the button. The detail inbound/outbound ACL rule configurations are also described in 9.3 Configuring Inbound ACL Rules and 9.4 Configuring Outbound ACL Rules. Figure 9.5 Group Access Control Configuration Page ASUS VPN ADSL Router...

  • Page 73: Configuring Self Access Rules

    9.6.2 View Self Access Summary You can see the list of all the self access rules that are currently configured for your SL6000/SL6300 with all their attributes. 9.6.3 Delete Self Access Rule To delete an existing self access rule, choose the rule in the drop down list and click on the Delete button.

  • Page 74: Configuring Service List

    • Delete an existing service • View configured services Figure 9.7 shows the Firewall Service Configuration page. The configured services are listed at the lower half of the same page. Figure 9.7 Firewall Service Configuration Page ASUS VPN ADSL Router...

  • Page 75: Options In Service Configuration Page

    Service Configuration page. 9.7.3 Modify a Service To modify a service, follow the instructions below: 1. Log into Configuration Manager as admin, click the Firewall menu, and then click Service submenu. ASUS VPN ADSL Router...

  • Page 76: Delete A Service

    1. Log into Configuration Manager as admin, click the Firewall menu, and then click Service submenu. 2. The service list table located at the lower half of the Service Configura- tion page shows all the configured services. ASUS VPN ADSL Router...

  • Page 77: Dos (Denial Of Service)

    LAN are not updated with recent versions/patches, you are advised to enable this protection by checking the check box. 9.8.3 MIME Flood Attack Check You can select this box to protect the mail server in your network against MIME flooding. ASUS VPN ADSL Router...

  • Page 78: Maximum Ip Fragment Count

    9.8.4 Maximum IP Fragment Count This data is used during transmission or reception of IP fragments. When large sized packets are sent via SL6000/SL6300, SL6000/SL6300 fragments the large sized packets (depending on the Maximum Transmission Unit). By default, it’s set to 45. If the Maximum Transmission Unit (MTU) of the interface is 1500 (default for Ethernet) then there can be a maximum of 45 fragments per IP packet.

  • Page 79: Policy List

    5. Choose the action as Allow or Deny depending on whether you’d like to allow or deny the commands. You can also chose to log mes- sages whenever SL6000/SL6300 drops or allows a packet based on the filter you’ve selected.
  • Page 80 * HTTP: You can filter certain file extensions such *.java, *.ocx etc. * SMTP: You can filter any or all of SMTP commands such as VRFY * RPC: You can filter the specified RPC program numbers Figure 9.9 Application Filter Configuration ASUS VPN ADSL Router...

  • Page 81: Nat Pool

    NAT and directed to one of the available Internet IP address. If no Internet IP address is free, the packet will be dropped. As an IP address is assigned to a single computer at any instant of time, there is no need for port translation. ASUS VPN ADSL Router...
  • Page 82 IP address which is a private network address. The destination IP address of the packet should fall into the set of LAN IP addresses. Figure 9.10 NAT Pool Configuration Page ASUS VPN ADSL Router...

  • Page 83: Ip Pool

    4. To view the existing or the configured IP pools, choose the IP pool name in the drop down list. 5. To delete an existing IP pool, choose the IP pool name in the drop down list and click on the [Delete] button. ASUS VPN ADSL Router...
  • Page 84 IP Address: IP address in the respective Subnet Subnet Mask: Subnet mask of the corresponding network • If you select IP Address, you have to specify IP Address: Single IP Address Figure 9.11 IP Pool Configuration Page ASUS VPN ADSL Router...

  • Page 85: Firewall User

    * Replacing the source IP address in the rule with IP address of the ma- chine from which the user logged in. SL6000/SL6300 stores them in a dynamic rule list and uses them for every connection from the user. It deletes this list after the user logs out of the GoC System’s firewall.
  • Page 86 Type the User’s password again to confirm. Inactivity Timeout Type the timeout period, which is used to delete the User related associations whenever there is no traffic across this connection. Figure 9.12 Firewall User Configuration Page ASUS VPN ADSL Router...

  • Page 87: Time Range

    4. To view the existing or the configured time ranges, choose the Time- range name in the drop down list. 5. To delete an existing Time-range or Schedule, choose the Time-range name or the Schedule in the drop down list and click on the [Delete] button. ASUS VPN ADSL Router...
  • Page 88 * In the right-side list - You can select the ending day of the range Time Type the time during which you’d like to allow the traffic in hh:mm format. Figure 9.13 Time Range Configuration Page ASUS VPN ADSL Router...

  • Page 89: Firewall Statistics

    9.10 Firewall Statistics The Firewall Statistics page displays details regarding the active connections. Figure 9.14 shows a sample firewall statistics for active connections. To see an updated statistics, click on [Refresh] button. Figure 9.14 Firewall active connections statistics ASUS VPN ADSL Router...
  • Page 90 10.1 Default Parameters The SL6000/SL6300 is pre-configured with a default set of proposals/ connections. They cover the most commonly used sets of parameters, required for typical deployment scenarios. It is recommended that you use these pre- configured proposals/connections to simplify VPN connection setup.
  • Page 91 This chapter includes the procedure to configure the Access List through GUI: • Basic Access List Configuration * Access List using IKE * Access List using Manual Keys • Advanced Access List Configuration * Access List using IKE * Access List using Manual Keys ASUS VPN ADSL Router...

  • Page 92: Establish Vpn Connection Using Automatic Keying

    Delete an existing Access List 10.2.1 VPN Tunnel Configuration Parameters for Automatic Keying Table 10.4 describes the VPN tunnel configuration parameters using preshared key as key management mode. Table 10.4 VPN tunnel configuration parameters using preshared key for key management ASUS VPN ADSL Router...
  • Page 93 This option allows you to set a priority for this rule. The VPN service in SL6000/SL6300 acts on packets based on the priority of the rule, with 1 being the highest priority. Set a priority by specifying a number for its position in the list of rules: 1: This number marks the highest priority.
  • Page 94 IKE to au- tomatically select one (among the set of IKE proposals) to commu- nicate with its peer. However, if a specific proposal is required, then it can be chosen from the list. ASUS VPN ADSL Router...
  • Page 95 However, enabling this option slows down the data transfer. Life Times Enter the life time of IPSec security association in seconds, minutes, hours or days and kilo bytes. Default value is 3600 seconds and 75000 kilo bytes. ASUS VPN ADSL Router...

  • Page 96: Add A Rule For Vpn Connection Using Preshared Key

    10.2.2 Add a Rule for VPN Connection Using Preshared Key VPN Tunnel Configuration Page, as illustrated in the Figure 10.1, is used to configure a rule for VPN connection using preshared key. Figure 10.1 VPN Tunnel Configuration Page - Preshared Key Mode ASUS VPN ADSL Router...

  • Page 97: Modify Vpn Rules

    2. Prior to modifying a VPN rule, make sure that the VPN service is en- abled in System Service Configuration page. 3. Select the rule number from the “ID” drop-down list or click on the icon of the rule to be modified in the VPN Connection Status table. ASUS VPN ADSL Router...

  • Page 98: Delete Vpn Rules

    IKE implementations on the gateways. However, this is a weak security option as all packets use the same keys unless you - as the network administrator, use different key for authentication. ASUS VPN ADSL Router...

  • Page 99: Vpn Tunnel Configuration Parameters - Manual Key

    This option allows you to set a priority for this rule. The VPN service in SL6000/SL6300 acts on packets based on the priority of the rule, with 1 being the highest priority. Set a priority by specifying a number for its position in the list of rules: 1: This number marks the highest priority.
  • Page 100 Local Secure Group above. Remote Secure Gateway Enter the appropriate IP address for the remote secure gateway. Key Management Two modes are supported: preshared key and manual key. Manual Key Select Manual Key from the Key Management drop-down list. ASUS VPN ADSL Router...
  • Page 101 Enter the encryption key to be used. To enter in hex start with 0x. Authentication Key Enter the authentication key to be used. To enter in hex start with 0x. Inbound SPI Enter the inbound security parameter index. Outbound SPI Enter the outbound security parameter index. ASUS VPN ADSL Router...

  • Page 102: Add A Rule For Vpn Connection Using Manual Key

    Figure 10.2. 2. Prior to adding a VPN rule, make sure that the VPN service is enabled in System Service Configuration page (see section 12.1 Global Setting Configuration). 3. Select “Add New” from the “ID” drop-down list. ASUS VPN ADSL Router...

  • Page 103: Modify Vpn Rules

    6. Click on the [Modify] button to modify this VPN rule. The new set- tings for this VPN rule will then be displayed in the VPN Connection Status table at the lower half of the VPN Tunnel Configuration page. ASUS VPN ADSL Router...

  • Page 104: Delete Vpn Rules

    Global, IKE SAs and IPSec SAs. Table 10.6 gives description for the VPN statistics parameters. Table 10.6 VPN Statistics Global IPSEC SA Overall packet statistics AH Packets Number of AH packets ESP Packets Number of ESP packets Triggers Number of triggers ASUS VPN ADSL Router...
  • Page 105 Number of ESP statistics Active Inbound ESP SAs Number of active inbound ESP SA’s Active Outbound ESP SAs Number of active outbound ESP SA’s Total Inbound ESP SAs Number of inbound ESP SA’s since the system has started ASUS VPN ADSL Router...
  • Page 106 Total Outbound AH SAs Number of outbound AH SA’s since the system has started Figure 10.3 shows all the parameters available for VPN connections. To see an updated statistics, click on the [Refresh] button. Figure 10.3 VPN Statistics Page ASUS VPN ADSL Router...

  • Page 107: System Log

    This chapter shows the System Log Configuration page, which you might enable/ disable the log files for Access, System, Firewall & VPN. On the other hand, you might also enable the log file backup via Email function here (Figure 11.1) Figure 11.1 System Log Configuration Page ASUS VPN ADSL Router...

  • Page 108: System Management

    12.1 Global Setting Configuration As shown in Figure 12.1, you can use the Global Setting page to enable or disable services supported by SL6000/SL6300, including firewall, VPN, DNS Relay, DHCP RIP and SNTP. To disable or enable individual service, follow the steps below: 1.

  • Page 109: User Account Management

    The password can be up to 16 characters long. When logging in, you must type the new password in the same upper and lower case characters that you use here. 4. Click on button to save the new password. ASUS VPN ADSL Router...

  • Page 110: Modify System Information

    [Apply] button to save the changes. Figure 12.3 System Identity Page 12.4 Setup Time Zone SL6000/SL6300 keeps a record of the current date and time, which it uses to calculate and report various performance data. Note: Changing the SL6000/SL6300 date and time does not affect the date and time on your PCs.

  • Page 111: Change/View The System Time Zone

    1. Log into Configuration Manager as admin, click the System Management menu, and then click Time Zone submenu. Since there is no real time clock inside SL6000/SL6300, the system date and time are maintained by exter- nal network time server. Time Zone configuration parameters:...

  • Page 112: System Configuration Management

    Setting submenu. The Default Setting Configuration page displays, as shown in Figure 12.5. 2. Click on [Apply] button to set the system configuration back to factory default. Note that SL6000/SL6300 will reboot to make the factory de- fault configuration in effect. Figure 12.5 Default Setting Configuration Page 12.5.2 Backup System Configuration...

  • Page 113: Restore System Configuration

    [Browse] button to search for the system configuration file on your hard drive. 3. Click on [Apply] button to restore the system configuration. Note that SL6000/ SL6300 will reboot to make the new system configuration in effect.

  • Page 114: Upgrade Firmware

    Chapter 12 12.6 Upgrade Firmware ASUS may from time to time provide you with an update to the firmware running on the SL6000/SL6300. All system software is contained in a single file, called an image. Configuration Manager provides an easy way to upgrade the new firmware image.

  • Page 115: System Reset

    Chapter 13 13. System Reset To reset your SL6000/SL6300, log into Configuration Manager, click the System Management menu and then click Reset submenu. Click on the [Apply] button to reset the modem/router. Figure 13.1 System Reset Page ASUS VPN ADSL Router...

  • Page 116: Logout Configuration Manager

    Chapter 14 14. Logout Configuration Manager To logout of Configuration Manager, click Logout then click on the [Apply] button in the Configuration Manager Logout. Figure 14.1 Configuration Manager Logout ASUS VPN ADSL Router...

  • Page 117: Ip Addresses, Network Masks, & Subnets

    The first part of every IP address contains the network ID, and the rest of the address contains the host ID. The length of the network ID depends on the network’s class (see following section). Table A.1 shows the structure of an IP address. ASUS VPN ADSL Router...

  • Page 118: Network Classes

    (field1 values not shown are reserved for special uses) • A host ID can have any value except all fields set to 0 or all fields set to 255, as those values are reserved for special uses. ASUS VPN ADSL Router...

  • Page 119: Subnet Masks

    These masks are: [Class A: 255.0.0.0] [Class B: 255.255.0.0] [Class C: 255.255.255.0]. These are called default be- cause they are used when a network is initially configured, at which time it has no subnets. ASUS VPN ADSL Router...

  • Page 120: Troubleshooting

    Verify that an Ethernet cable like the one provided is securely connected to the Ethernet port of your ADSL or cable modem and the WAN port of SL6000 / SL6300. Make sure that your ADSL or cable modem is powered on. Wait 30 seconds to allow SL6000/SL6300 to negotiate a connection with your broadband modem.
  • Page 121 PC cannot access Internet Use the ping utility, discussed in the following section, to check whether your PC can communicate with the SL6000 / SL6300’s LAN IP address (by default 192.168.1.1). If it cannot, check the Ethernet cabling. If you statically assigned a private IP address to the computer, (not a registered...
  • Page 122 If you have not changed the password from the default, try using “admin” as both the user ID and password. Otherwise, you can reset the device to the default configuration by pressing the Reset button on the rear panel of SL6000/ SL6300 three times. WARNING: Resetting the device removes any custom settings and returns all settings to their default values.

  • Page 123: Recall Default Configuration By "Reset" Button

    *. In Windows operating system, click “START” use other telnet software. | “Program” | “Accessories” | “Communica- tions” | “HyperTerminal” 2. Setup the telnet connection to the SL6000/SL6300 as follows: * Enter any name for this New Connection. ASUS VPN ADSL Router...
  • Page 124 OK. Parity: None, Stop bits: 1, Flow Control: NONE and click OK. 3. Press the RESET button on the back of the SL6000/SL6300. * Hyper Terminal will show below message, press and release the “RESET” button one time now.
  • Page 125 Appendix 4. Press the RESET button on the back of the SL6000/SL6300 a second time. * If you see “Loading CPU 1 ...”, it would be * When you see Loading CPU 0 ... while the too too late to press the RESET button a sec- dots are increasing (about 5 sec after push- ond time.

  • Page 126: Diagnosing Problem Using Ip Utilities

    If the target computer cannot be located, you will receive the message “Request timed out.” Using the ping command, you can test whether the path to the SL6000/SL6300 is working (using the preconfigured default LAN IP address 192.168.1.1) or another address you assigned.

  • Page 127: Nslookup

    There may be several addresses associated with an Internet name. This is common for web sites that receive heavy traffic; they use multiple, redundant servers to carry the same information. To exit from the nslookup utility, type exit and press <Enter> at the command prompt. ASUS VPN ADSL Router...

  • Page 128: Glossary

    IP address 209.191.4.240 is 11010001.10111111.00000100.11110000 in binary. See also bit, IP address, network mask. Short for “binary digit,” a bit is a number that can have two values, 0 or 1. See also binary. bits per second ASUS VPN ADSL Router...
  • Page 129 A DHCP relay is a computer that forwards DHCP data between computers that request IP addresses and the DHCP server that assigns the addresses. Each of the SL6000 / SL6300’s interfaces can be configured as a DHCP relay. See DHCP.
  • Page 130 When you send data through the Internet, it is sent first from your computer to a router, and then from one router to another until it finally reaches a router that is directly connected to the recipient. Each individual “leg” of the data’s journey is called a hop. ASUS VPN ADSL Router...
  • Page 131 0 to 255, separated by periods, e.g., 209.191.4.240. An IP address consists of a network ID that identifies the particular network the host belongs to, and a host ID uniquely identifying the host itself on that network. A network ASUS VPN ADSL Router...
  • Page 132 LED (Light Emitting Diode) An electronic light-emitting device. The indicator lights on the front of the SL6000/SL6300 are LEDs. MAC address (Media Access Control address) The permanent hardware address of a device, assigned by its manufacturer. MAC addresses are expressed as six pairs of characters.
  • Page 133 A protocol for serial data transmission that is used to carry IP (and other protocol) data between your ISP and your computer. The WAN interface on the SL6000/ SL6300 uses two forms of PPP called PPPoA and PPPoE. See also PPPoA, PPPoE.
  • Page 134 Rule (See filtering rule, NAT rule.) SDNS (Secondary Domain Name System (server)) A DNS server that can be used if the primary DSN server is not available. See DNS. SNMP (Simple Network Management Protocol) The TCP/IP protocol used for network management. ASUS VPN ADSL Router...
  • Page 135 The ordinary copper telephone wiring long used by telephone companies. It contains one or more wire pairs twisted together to reduce inductance and noise. Each telephone line uses one pair. In homes, it is most often installed ASUS VPN ADSL Router...
  • Page 136 WAN (Wide Area Network) Any network spread over a large geographical area, such as a country or continent. With respect to the SL6000 / SL6300, WAN refers to the Internet. Web browser A software program that uses Hyper-Text Transfer Protocol (HTTP) to download information from (and upload to) web sites, and displays the information, which may consist of text, graphic images, audio, or video, to the user.
  • Page 137 Appendix ASUS VPN ADSL Router...

This manual is also suitable for:

Sl6300

Table of Contents