Page 1 BiPAC 7402R2 ADSL2+ VPN Firewall Router User’s Manual...
Page 3: Table Of Contents
CHAPTER 1: INTRODUCTION ... 1 PAC 7402R2 R NTRODUCTION TO YOUR ... 1 EATURES PAC 7402R2 ADSL2+ R OUTER CHAPTER 2: INSTALLING THE ROUTER ... 5 MPORTANT NOTE FOR USING THE ... 5 ACKAGE ONTENTS ... 6 RONT ... 7 ORTS ...
Page 4 Time Zone... 49 Remote Access ... 50 Firmware Upgrade ... 51 Backup / Restore... 52 Restart Router... 53 User Management... 54 Firewall and Access Control ... 55 General Settings... 56 Packet Filter ... 57 Intrusion Detection... 64 URL Filtering ... 66 Firewall Log ...
Page 5: Chapter 1: Introduction
Introduction to your BiPAC 7402R2 Router Welcome to the BiPAC 7402R2 Router. The router is an “all-in-one” unit, combining an ADSL modem, ADSL router with four-port 10/100M auto-crossover Switch, and Firewall, enabling you to maximize the potential of your existing resources. The router can provide everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection.
Page 6 In the LAN site, the DHCP server can allocate a range of client IP addresses and distribute them including IP address, subnet mask as well as DNS IP address to local computers. It provides an easy way to manage the local IP network. Chapter 1: Introduction BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 7 BiPAC 7402R2 ADSL2+ VPN Firewall Router Static and RIP1/2 Routing Supports an easy static routing table or RIP1/2 routing protocol to support routing capability. Simple Network Management Protocol (SNMP) It is an easy way to remotely manage the router via SNMP.
Page 8: Bipac 7402R2 Adsl2+ Router Application
BiPAC 7402R2 ADSL2+ VPN Firewall Router BiPAC 7402R2 ADSL2+ Router Application Figure 1.1 Application Diagram of BiAPC 7402R2 Thank you for your purchase, and welcome to the world of Internet! Chapter 1: Introduction...
Page 9: Chapter 2: Installing The Router
Important note for using the BiPAC 7402R2 ADSL Router Do not use this router in high humidity or high temperatures. Do not use the same power source for this router as other equipment. Do not open or repair the case yourself. If this router is too...
Page 10: The Front Leds
— (RJ-45 connector) Chapter 2: Installing the Router BiPAC 7402R2 ADSL2+ VPN Firewall Router Lit steady when there is a PPPoA / PPPoE connection. Lit and flashed periodically when there is email in the Inbox. When lit, it indicates that the ADSL (Line) port is connected to the DSLAM and working properly.
Page 11: The Rear Ports
(RJ-45 connector) CONSOLE LINE Chapter 2: Installing the Router BiPAC 7402R2 ADSL2+ VPN Firewall Router Power ON/OFF switch Connect the supplied power adapter to this jack. After the device is powered on, press it to reset the device or restore to factory default settings.
Page 12: Cabling
BiPAC 7402R2 ADSL2+ VPN Firewall Router Cabling The most common problem associated with Ethernet is bad cabling or ADSL line(s). Make sure that all connected devices are turned on. On the front of the product is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit.
Page 13: Chapter 3: Basic Installation
BiPAC 7402R2 ADSL2+ VPN Firewall Router Chapter 3: Basic Installation BiPAC 7402R2 can be configured with your web browser. The web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me, etc. The product provides a very easy and user-friendly interface for configuration.
Page 14: Configuring Pc In Windows Xp
Double-click Local Area Connection. (See Figure 3.1) 3. In the Local Area Connection Status window, click Properties. (See Figure 3.2) Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.1: LAN Area Connection Figure 3.2: LAN Connection Status...
Page 15 Obtain DNS server address automatically radio buttons. (See Figure 3.4) Click OK to finish the configuration. Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.3: TCP / IP Figure 3.4: IP Address & DNS Configuration...
Page 16: Configuring Pc In Windows 2000
Dial-up Connections. Double-click Local Area Connection. (See Figure 3.5) In the Local Area Connection Status window, click Properties. (See Figure 3.6) Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.5: LAN Area Connection Figure 3.6: LAN Connection Status...
Page 17 Obtain DNS server address automatically radio buttons. (See Figure 3.8) Click OK to finish the configuration. Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.7: TCP / IP Figure 3.8: IP Address & DNS Configuration...
Page 18: Configuring Pc In Windows 95/98/Me
Click Properties. Select the IP Address tab. In this page, click the Obtain an IP address automatically radio button. (See Figure 3.10) Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.9: TCP / IP Figure 3.10: IP Address...
Page 19 Then select the DNS Configuration tab. (See Figure 3.11) Select the Disable DNS radio button and click OK to finish the configuration. Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.11: DNS Configuration...
Page 20 (See Figure 3.12) Select the Obtain an IP address from a DHCP server radio button and click OK. (See Figure 3.13) Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router Figure 3.12: TCP / IP Figure 3.13: IP Address...
Page 21: Factory Default Settings
The parameters of LAN and WAN ports are pre-set in the factory. The default values are shown below. IP address Subnet Mask DHCP server function IP addresses for distribution to PCs Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router LAN Port 192.168.1.254 255.255.255.0 Enabled 100 IP addresses continuing from 192.168.1.100 through 192.168.1.199...
Page 22: Information From Your Isp
Gateway address, and Domain Name System (DNS) IP address (it is fixed IP RFC1483 Routed address). VPI/VCI, VC-based/LLC-based multiplexing, IP address, Subnet mask, Gateway address, and Domain Name System (DNS) IP address (it is fixed IP IPoA address). Chapter 3: Basic Installation BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 23: Configuring With Your Web Browser
“Go”, a user name and password window prompt will appear. The default username and password are “admin” and “admin”. (See Figure 3.14) Figure 3.14: User name & Password Prompt Widonw Congratulation! You are now successfully logon to the BiPAC 7402R2 ADSL2+ Router! Chapter 3: Basic Installation...
Page 24: Chapter 4: Configuration
Language (provides user interface in English and Deutsch languages) Please see the relevant sections of this manual for detailed instructions on how to configure BiPAC 7402R2 ADSL2+ VPN Firewall Router. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Chapter 4: Configuration...
Page 25: Status
Interface: The interface name (on the router) that this IP Address connects to. Static: Static status of the ARP table entry: “no” for dynamically-generated ARP table entries “yes” for static ARP table entries added by the user Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 26: Routing Table
BiPAC 7402R2 ADSL2+ VPN Firewall Router Routing Table Routing Table Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use.
Page 27: Dhcp Table
BiPAC 7402R2 ADSL2+ VPN Firewall Router DHCP Table Leased: The DHCP assigned IP addresses information. IP Address: A list of IP addresses of devices on your LAN (Local Area Network). Expired: The expired IP addresses information. Permanent: The fixed host mapping information Leased Table IP Address: The IP address that assigned to client.
Page 28: Pptp Status
BiPAC 7402R2 ADSL2+ VPN Firewall Router PPTP Status This shows details of your configured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.
Page 29: Ipsec Status
BiPAC 7402R2 ADSL2+ VPN Firewall Router IPSec Status This shows details of your configured IPSec VPN Connections. Name: The name you assigned to the particular VPN entry. Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected.
Page 30: L2Tp Status
BiPAC 7402R2 ADSL2+ VPN Firewall Router L2TP Status This shows details of your configured L2TP VPN Connections. Name: The name you assigned to the particular L2TP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.
Page 31: Event Log
BiPAC 7402R2 ADSL2+ VPN Firewall Router Event Log This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration –...
Page 32: Nat Sessions
BiPAC 7402R2 ADSL2+ VPN Firewall Router NAT Sessions This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). Diagnostic It tests the connection to computer(s) which is connected to LAN ports and also the WAN Internet connection.
Page 33: Upnp Portmap
BiPAC 7402R2 ADSL2+ VPN Firewall Router UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play). Please see the Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options. Chapter 4: Configuration...
Page 34: Quick Start
BiPAC 7402R2 ADSL2+ VPN Firewall Router Quick Start For detailed instructions on configuring your WAN settings, please see the WAN section of this manual. Usually, the only details you will need for the Quick Start wizard to get you online are your login (often in the form of username@ispname), your password and the encapsulation type.
Page 35 BiPAC 7402R2 ADSL2+ VPN Firewall Router Select the desired option from the list and click Apply to return to the Quick Start interface to continue configuring your ISP connection. Please note that the contents of this list will vary, depending on what is supported by your ISP.
Page 36: Configuration
Note: NAT/NAPT can be applied to management interface only. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Bridge Interface, Ethernet, Ethernet Client Filter, Port VLAN Port (Always starts with) P1 / P2 / P3 / P4...
Page 37: Ethernet
BiPAC 7402R2 ADSL2+ VPN Firewall Router Ethernet Primary IP Address IP Address: The default IP on this router. SubNetmask: The default subnet mask on this router. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.
Page 38: Ethernet Client Filter
Candidates: automatically detects devices connected to the router through the Ethernet. . → Active PC in LAN Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router . Make sure your PC’s MAC is listed. . Make sure your PC’s MAC is not listed.
Page 39: Port Setting
BiPAC 7402R2 ADSL2+ VPN Firewall Router Active PC in LAN displays a list of individual Ethernet device’s IP Address & MAC Address which connecting to the router. You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table.
Page 40: Dhcp Server
BiPAC 7402R2 ADSL2+ VPN Firewall Router DHCP Server You can disable or enable the DHCP (Dynamic Host Configuration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically.
Page 41: Wan (Wide Area Network)
BiPAC 7402R2 ADSL2+ VPN Firewall Router WAN (Wide Area Network) WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the Internet. There are two items within the WAN section: ISP, DNS ADSL. The factory default is PPPoE. If your ISP uses this access protocol, click Edit to input other parameters as below.
Page 42 BiPAC 7402R2 ADSL2+ VPN Firewall Router RFC 1483 Routed Connections Description: Your description of this connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address.
Page 43 PVID for Untagged Frames: PVID is known as Port VLAN Identifier. When an untagged packet is received by input port(s), this packet will be tagged with specified PVID. The valid value range for PVID is 1~4094. Chapter 4:Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 44 BiPAC 7402R2 ADSL2+ VPN Firewall Router PPPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
Page 45 BiPAC 7402R2 ADSL2+ VPN Firewall Router Connection: Always on: If you want the router to establish a PPPoA session when starting up and to automatically re-establish the PPPoA session when disconnected by the ISP. Connect to Demand: If you want to establish a PPPoA session only when there is a packet requesting access to the Internet (i.e.
Page 46 BiPAC 7402R2 ADSL2+ VPN Firewall Router Give DNSto DHCP Server: Similar to the above, but gives the DNS server address to the DHCP server. Discover Primary NBNS / Discover Secondary NBNS: This setting enables/disables whether the primary/secondary NBNS server address is requested from a remote PPP peer using IPCP. The default setting for this command is disabled.
Page 47 BiPAC 7402R2 ADSL2+ VPN Firewall Router IPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
Page 48 BiPAC 7402R2 ADSL2+ VPN Firewall Router PPPoE Connections Description: A user-definable name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single ISP account, sharing a single IP address.
Page 49 BiPAC 7402R2 ADSL2+ VPN Firewall Router Connection: Always on: If you want the router to establish a PPPoE session when starting up and to automatically re-establish the PPPoE session when disconnected by the ISP. Connect to Demand: If you want to establish a PPPoE session only when there is a packet requesting access to the Internet (i.e.
Page 50 BiPAC 7402R2 ADSL2+ VPN Firewall Router automatically gives the address to the local DNS client so that a connection can be established. Give DNS to DHCP Server: Similar to the above, but gives the DNS server address to the DHCP server.
Page 51: Dns
BiPAC 7402R2 ADSL2+ VPN Firewall Router A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. On the Internet, every host has a unique and user-friendly name (domain name) such as www.helloworld.com and an IP address. An IP address is a 32-bit number in the form of xxx.xxx.xxx.xxx, for example 192.168.1.254.
Page 52: Adsl
BiPAC 7402R2 ADSL2+ VPN Firewall Router ADSL Connect Mode: The default setting is Multimode. This mode will automatically detect your ADSL line code, G.dmt, G.lite, and T1.413. But in some area, multimode cannot detect the ADSL line code well. If it is the case, please adjust the ADSL line code to G.dmt or T1.413 first.
Page 53: System
BiPAC 7402R2 ADSL2+ VPN Firewall Router System There are six items within the System section: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart User Management. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network.
Page 54: Remote Access
BiPAC 7402R2 ADSL2+ VPN Firewall Router Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI.
Page 55: Firmware Upgrade
PC. Once the correct file is selected, click Upgrade to update the firmware in your router. DO NOT power down the router or interrupt the firmware upgrading while it is still in process. Improper operation could damage the router. Warning Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 56: Backup / Restore
BiPAC 7402R2 ADSL2+ VPN Firewall Router Backup / Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes.
Page 57: Restart Router
BiPAC 7402R2 ADSL2+ VPN Firewall Router Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings.
Page 58: User Management
BiPAC 7402R2 ADSL2+ VPN Firewall Router User Management In order to prevent unauthorized access to your router’s configuration interface, it requires all users to login with a password. You can set up multiple user accounts, each with their own password.
Page 59: Firewall And Access Control
Firewall Security and Policy (General Settings): Outbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing the Internet. URL Filter: To block PCs on your local network from unwanted websites. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router ecified are...
Page 60: General Settings
Any remote user who is attempting to perform this action may result in blocking all the accesses to configure and manage of the device from the Internet. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router General Settings, Packet Filter, Intrusion Detection,...
Page 61: Packet Filter
BiPAC 7402R2 ADSL2+ VPN Firewall Router Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low). The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected.
Page 62 HTTPS(443) TCP(6) ICQ (5190) TCP(6) 5190 Inbound: Internet to LAN Outbound: LAN to Internet. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Table 1: Predefined Port Filter Firewall - High Inbound Outbound Inbound Outbound Inbound Outbound 7070 1720 1503...
Page 63 BiPAC 7402R2 ADSL2+ VPN Firewall Router Packet Filter – Add TCP/UDP Filter Rule Name: Users-define description to identify this entry or click to select existing predefined rules. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy.
Page 64 BiPAC 7402R2 ADSL2+ VPN Firewall Router Rule Name: Users-define description to identify this entry or click to select existing predefined rules. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy. For setup and detail, refer to Time Schedule section Protocol Number: Insert the port number, i.e.
Page 65 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring your firewall to allow for a publicly accessible web server on your LAN The predefined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to a high, medium or low security level.
Page 66 (I allow all ports to connect with the application)) Redirect Port: 80-80 (This is Port defined for HTTP) Inbound / Outbound: Allow Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router (I do not wish to active the address-filter, instead I Click Delete...
Page 67 BiPAC 7402R2 ADSL2+ VPN Firewall Router The new port filter rule for HTTP is shown below: 7. Configure your Virtual Server (“port forwarding”) settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server: Note: For how to configure the HTTP in Virtual Server, go to Add Virtual Server in Virtual Server section for more details.
Page 68: Intrusion Detection
Default value is 100 TCP SYN per seconds. Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring or not. Default value is 15 ICMP Echo Requests (PING) per second. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 69 Src IP Echo(7) Src IP Src IP Src IP TCP, Src IP SrcIP SrcIP Src Port: Source Port Dst IP: Destination IP BiPAC 7402R2 ADSL2+ VPN Firewall Router Drop Packet Victim Scan Scan Scan Scan Scan Scan Scan Show Log...
Page 70: Url Filtering
BiPAC 7402R2 ADSL2+ VPN Firewall Router URL Filtering URL (Uniform Resource Locator – e.g. an address in the form of http://www.abcde.com http://www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements.
Page 71 URL request for is in the forbidden list. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router both check-boxes must be will be sent to the remote web server because it is listed in the www.sex www.sex.com...
Page 72 HTTP protocol. Block surfing by IP address: Preventing someone who uses the IP address as URL for skipping Domains Filtering function. Activates only and if Domain Filtering enabled. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 73: Firewall Log
BiPAC 7402R2 ADSL2+ VPN Firewall Router Firewall Log Firewall Log display log information of any unexpected action with your firewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling.
Page 74: Vpn (Virtual Private Networks)
BiPAC 7402R2 ADSL2+ VPN Firewall Router VPN (Virtual Private Networks) Virtual Private Networks is ways to establish secured communication tunnels to an organization’s network via the Internet. Your router supports three main types of VPN (Virtual Private Network), PPTP, IPSec L2TP.
Page 75 Stateful mode. If you select Stateless mode, the key will be changed in each packet. Idle Time: Auto-disconnect the VPN connection when there is no activity on the connection for a predetermined period of time. 0 means this connection is always on. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 76 Key Length: The data can be encrypted by MPPE algorithm with 40 bits or 128 bits. Default is Auto, it is negotiated when establishing a connection. 128 bit keys provide stronger encryption than 40 bit keys. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 77: Ipsec (Ip Security Protocol)
BiPAC 7402R2 ADSL2+ VPN Firewall Router Mode: You may select Stateful or Stateless mode. The key will be changed every 256 packets when you select Stateful mode. If you select Stateless mode, the key will be changed in each packet.
Page 78 BiPAC 7402R2 ADSL2+ VPN Firewall Router Configure a new VPN Connection Connection Name: A user-defined name for the connection (e.g. “connection to office”). Local: Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host.
Page 79 This can be done by manually entering the pre-shared key into both sides (router or hosts). Select the Apply button to apply your changes. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 80 3DES and AES (128, 192 and 256). 3DES and AES are more powerful but increase latency. DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method. 3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption method. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 81 Ping to the IP 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx (A valid IP Address) xxx.xxx.xxx.xxx(A valid IP Address) Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Internal (sec) Ping to the IP Action 2000 2000 Yes, activate it in every 2000 second.
Page 82: L2Tp (Layer Two Tunneling Protocol)
BiPAC 7402R2 ADSL2+ VPN Firewall Router Disconnection Time after no traffic: It is the NO Response time clock. When no traffic stage time is beyond the Disconnection time set, Router will automatically halt the tunnel connection and re-establish it base on the Reconnection Time set. Default setting is 1200 seconds; 180 seconds is minimum time interval for this function.
Page 83 BiPAC 7402R2 ADSL2+ VPN Firewall Router L2TP Connection - Remote Access Connection Name: This allows you to identify this particular connection, e.g. “Connection to office”. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
Page 84 Tunnel Authentication: This enables router to authenticate both the L2TP remote and L2TP host. This is only valid when L2TP remote supports this feature. Secret: The secure password length should be 16 characters which may include numbers and characters. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 85 Idle Time: Auto-disconnect the VPN connection when there is no activity on the connection for a predetermined period of time. 0 means this connection is always on. Click Apply after changing settings. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 86 Tunnel Authentication: This enables router to authenticate both the L2TP remote and L2TP host. This is only valid when L2TP remote supports this feature. Secret: The secure password length should be 16 characters which may include numbers and characters. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 87 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-in Connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows 2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
Page 88 Password Auth.Type Data Encryption Key Length Mode Idle Time Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router VPN_PPTP Given a name of PPTP connection Check Dial in 192.168.1.200 An assigned IP address for the remote worker username Input username & password to authenticate...
Page 89 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-out Connection A company’s office establishes a PPTP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
Page 90 Username Password Auth.Type Data Encryption Key Length Mode Idle Time Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router VPN_PPTP Given name of PPTP connection Check Dial out 69.121.1.33 An Dialed server IP username A given username & password 123456...
Page 91 The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet.. The routers are installed in the head office and branch office accordingly. Both office LAN networks MUST in different subnet with LAN to LAN application. Attention Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 92 Key Length Auto Mode stateful Idle Time Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Description Given a name of PPTP connection Check Dial in IP address assigned to branch office network Branch office network Input username & password to authenticate branch...
Page 93 Key Length Auto Mode stateful Idle Time Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Description Given a name of PPTP connection Check Dial out IP address of the head office router (in WAN side) Head office network Input username & password to authenticate branch...
Page 94 Both office LAN networks MUST in different subnet with LAN to LAN application. Functions of Pre-shared Key, VPN Connection Type and Security Algorithm MUST BE identically set up on both sides. Attention Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Branch Office 192.168.0.0/24 69.1.121.30 192.168.1.0/24 69.1.121.3...
Page 95 IP Address Netmask Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router IPSec_HeadOffice Given a name of IPSec connection Check Subnet radio button 192.168.1.0 Head office network 255.255.255.0 IP address of the head office router (in 69.121.1.30...
Page 96 Subnet IP Address Netmask Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router IPSec_Branch Given a name of IPSec connection Office Check Subnet radio button 192.168.0.0 Branch office network 255.255.255.0 IP address of the head office router (in 69.121.1.3...
Page 97 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring a IPSec Host-to-LAN VPN Connection Chapter 4: Configuration...
Page 98 Single Address IP Address Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router IPSec Given a name of IPSec connection Check Subnet radio button 192.168.1.0 Head office network 255.255.255.0 IP address of the head office router (in 69.121.1.30...
Page 99 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring a L2TP VPN - Remote Access Dial-in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
Page 100 Authentication Encryption Perfect Forward Secrecy Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router VPN_L2TP Given a name of L2TP connection Check Dial in 192.168.1.200 An assigned IP address for the remote worker username Input username & password to authenticate...
Page 101 BiPAC 7402R2 ADSL2+ VPN Firewall Router Example: Configuring a Remote Access L2TP VPN Dial-out Connection A company’s office establishes a L2TP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
Page 102 Idle Timeout IPSec Authentication Encryption Perfect Forward Secrecy Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router VPN_L2TP Given name of L2TP connection Check Dial out 69.121.1.33 An Dialed server IP username A given username & password 123456 Chap(Auto) Keep as default value in most of the cases.
Page 103 Both office LAN networks MUST in different subnet with LAN to LAN application. Functions of Pre-shared Key, VPN Connection Type and Security Algorithm MUST BE identically set up on both sides. Attention Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 104 IPSec Authentication Encryption Perfect Forward Secrecy Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router HeadOffice Given a name of L2TP connection Check Dial in 192.168.1.200 IP address assigned to branch office network 192.168.0.0 Branch office network 255.255.255.0 username Input username &...
Page 105 Idle Timeout IPSec Authentication Encryption Perfect Forward Secrecy Pre-shared Key Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router BranchOffice Given a name of L2TP connection Check Dial out 69.121.1.33 IP address of the head office router (in WAN side) 192.168.1.0 Head office network 255.255.255.0...
Page 106: Qos (Quality Of Service)
Protocol: The name of supported protocol. Source Port: The source port of packets to be monitored. Destination Port: The destination port of packets to be monitored. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Prioritization Outbound / Inbound IP Throttling...
Page 107: Dscp Mapping Table
Class 1, Gold (001010) Class 1, Silver (001100) Class 1, Bronze (001110) Class 2, Gold (010010) Class 2, Silver (010100) Class 2, Bronze (010110) Class 3, Gold (011010) Class 3, Silver (011100) Class 3, Bronze (011110) BiPAC 7402R2 ADSL2+ VPN Firewall Router None...
Page 108: Outbound Ip Throttling (Lan To Wan)
BiPAC 7402R2 ADSL2+ VPN Firewall Router Outbound IP Throttling (LAN to WAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps.
Page 109: Inbound Ip Throttling (Wan To Lan)
BiPAC 7402R2 ADSL2+ VPN Firewall Router Inbound IP Throttling (WAN to LAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps.
Page 110 Information and Settings Upstream: 928 kbps Downstream: 8 Mbps VoIP User : 192.168.1.1 Normal Users : 192.168.1.2~192.168.1.5 Restricted User: 192.168.1.100 kbps VoIP/VPN HIGH Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Throughput Others Restricted NORMAL VoIP/VPN HIGH Others NORMAL Restricted...
Page 111 BiPAC 7402R2 ADSL2+ VPN Firewall Router Mission-critical application Mostly the VPN connection is mission-critical application for doing data exchange between head and branch office. The mission-critical application must be sent out smoothly without any dropping. Set priority as high level for preventing any other applications to saturate the bandwidth.
Page 112 BiPAC 7402R2 ADSL2+ VPN Firewall Router Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth; even the applications are located in the same level. Upstream: 928kbps (29*32kbps) Mission-critical Application: 192kbps (6*32kbps) Voice Application: 128kbps (4*32kbps)
Page 113: Virtual Server ("Port Forwarding")
BiPAC 7402R2 ADSL2+ VPN Firewall Router Virtual Server (“Port Forwarding”) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre- assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”.
Page 114: Add Virtual Server
BiPAC 7402R2 ADSL2+ VPN Firewall Router Add Virtual Server Because NAT can act as a “natural” Internet firewall, your router protects your network from being accessed by outside users when using NAT, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network.
Page 115: Edit Dmz Host
PC, with an address that does not fall into the range of IP addresses that are to be issued by the DHCP server. You can configure the virtual server IP address manually, but it must still be in the same subnet as the router. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 116: Edit Dmz Host
Be aware that this IP will be exposed to the WAN/Internet. Listed all existing PCs connecting to the network. You may assign a PC with IP address and MAC from this list. Select the Apply button to apply your changes. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 117: Edit One-To-One Nat (Network Address Translation)
IP Range: The IP address range of your public/WAN IP addresses. For example, IP: 192.168.1.1, end IP: 192.168.1.10 Select the Apply button to apply your changes. Check to create a new One-to-One NAT rule: Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 118 BiPAC 7402R2 ADSL2+ VPN Firewall Router Time Schedule: A self-defined time period to enable your virtual server. You may specify a time schedule or Always on for the usage of this Virtual Server Entry. For setup and detail, refer to Time...
Page 119 SMTP (Simple Mail Transfer Protocol) DNS (Domain Name Server) TFTP (Trivial File Transfer Protocol) World Wide Web HTTP POP3 (Post Office Protocol Version 3) NEWS (Network News Transfer Protocol) NTP (Network Time Protocol) SNMP HTTPS T.120 H.323 RealAudio BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 120: Time Schedule
BiPAC 7402R2 ADSL2+ VPN Firewall Router Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time profile, you may schedule specific day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications.
Page 121: Configuration Of Time Schedule
BiPAC 7402R2 ADSL2+ VPN Firewall Router Configuration of Time Schedule Edit a Time Slot 1. Choose any Time Slot (ID 1 to ID 16) to edit, click Edit. Click Edit 2. A detailed setting of this Time Slot will be shown.
Page 122 8. Make sure your Local Time is displayed correctly on the router’s homepage, Refer to Time Zone for more information. Make sure your QoS is set up correctly. See QoS for more information. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 123: Advanced
BiPAC 7402R2 ADSL2+ VPN Firewall Router Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff.
Page 124: Dynamic Dns
BiPAC 7402R2 ADSL2+ VPN Firewall Router Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via your ADSL connection, so that anyone wishing to connect to you may use your domain name, rather than having to use your dynamic IP address, which changes from time to time.
Page 125: Check Email
BiPAC 7402R2 ADSL2+ VPN Firewall Router Check Email This function allows you to have the router check your POP3 mailbox for new Email messages. The Mail LED on your router will light when it detects new messages waiting for download. You may also view the status of this function using the Status –...
Page 126: Device Management
BiPAC 7402R2 ADSL2+ VPN Firewall Router Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Embedded Web Server HTTP Port: This is the port number the router’s embedded web server (for web-based configuration) will use.
Page 127 The "c" comes from the fact that SNMPv2c uses the SNMPv1 community string paradigm for "security", but is widely accepted as the SNMPv2 standard. SNMPv3 is a strong authentication mechanism, authorization with fine granularity for remote monitoring. Traps supported: Cold Start, Authentication Failure. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 128 (if configured as spanning tree) From RFC 1471 (PPP/LCP MIB): pppLink group pppLqr group From RFC 1472 (PPP/Security MIB): PPP Security Group) From RFC 1473 (PPP/IP MIB): PPP IP Group Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 129: Igmp
Enable VLAN Bridge This section allows you to create VLAN group and specify the member. Edit: Edit your member ports in selected VLAN group. Create VLAN: To create another VLAN group. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 130 Click Create to setup up additional WAN interface for video applications. Total of 8 VLAN is support; therefore, only 8 WAN interfaces can be created in the table. Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router Bridge Interface. VLAN Port (Always starts with)
Page 131 Filter Type: Specify the type of ethernet filtering performed by the named bridge interface. Allows all types of ethernet packets through the port. Allows only IP/ARP types of ethernet packets through the port. Allows only PPPoE types of ethernet packets through the port. Pppoe Chapter 4: Configuration BiPAC 7402R2 ADSL2+ VPN Firewall Router...
Page 132 BiPAC 7402R2 ADSL2+ VPN Firewall Router PVID for Untagged Frames: PVID is known as Port VLAN Identifier. When an untagged packet is received by input port(s), this packet will be tagged with specified PVID. From the example, VPI and VCI only section need to be filled-in and just leave the rest as is. Repeat the...
Page 133 BiPAC 7402R2 ADSL2+ VPN Firewall Router Mapping the VLAN Bridge with Bridge Interface created in Step1, you will see the conformable relationship in these two screenshots. Step 4: IGMP Snooping Enable Go Configuration Advanced IGMP. IGMP Snooping must be enabled in order to allow video stream forwarding correctly.
Page 134: Save Configuration To Flash
BiPAC 7402R2 ADSL2+ VPN Firewall Router Save Configuration to Flash After changing the router’s configuration settings, you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router. Click Save to write your new configuration to FLASH.
Page 135: Chapter 5: Troubleshooting
PC. Make sure you have uninstalled any software firewall for troubleshooting. Verify that the IP address and the subnet mask are consistent between the router and the workstations. BiPAC 7402R2 ADSL2+ VPN Firewall Router Chapter 5: Troubleshooting...
Page 136: Appendix A: Product Support And Contact Information
BiPAC 7402R2 ADSL2+ VPN Firewall Router APPENDIX A: Product Support and Contact Information Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve the problem with the Troubleshooting chapter, please contact the dealer where you purchased this product.

Billion BiPAC 7402R2 User Manual

Chapter 1: Introduction

Chapter 2: Installing the Router

Chapter 3: Basic Installation

Chapter 4: Configuration

Chapter 5: Troubleshooting

APPENDIX A: Product Support and Contact Information

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Billion BiPAC 7402R2

Summary of Contents for Billion BiPAC 7402R2

Table of Contents