Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Billion Manuals
  4. Network Router
  5. BiPAC 8500
  6. User manual

Billion BIPAC 8500 User Manual

Shdsl vpn firewall bridge / router
Hide thumbs Also See for BIPAC 8500:

Advertisement

Quick Links

BIPAC-8500/8520
SHDSL VPN Firewall Bridge / Router
User's Manual
Version Release 1.54c

Advertisement

loading
Need help?

Need help?

Do you have a question about the BIPAC 8500 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Billion BIPAC 8500

Summary of Contents for Billion BIPAC 8500

  • Page 1 BIPAC-8500/8520 SHDSL VPN Firewall Bridge / Router User’s Manual Version Release 1.54c...

  • Page 2: Table Of Contents

    NTRODUCTION TO YOUR ... 1 EATURES BIPAC-8500 / 8520 SHDSL R MPORTANT NOTE FOR USING THE ACKAGE ONTENTS RONT S OF RONT S OF ... 8 ORTS ... 9 ABLING ONNECTING YOUR ROUTER ONFIGURING S IN For Windows XP... 11 For Windows 2000 ...
  • Page 3 Permanent Table...21 PPTP Status... 22 IPSec Status ... 23 L2TP Status ... 24 Email Status ... 24 Event Log ... 25 Error Logging ... 25 NAT Sessions ... 26 UPnP Portmap ... 26 ... 27 UICK TART ... 29 ONFIGURATION LAN (Local Area Network)...
  • Page 4 IP Throttling...100 Virtual Server (“Port Forwarding”) ...101 Advanced ...104 Static Routing...104 Dynamic DNS...105 Check Emails ...106 Device Management ...107 ONFIGURATION TO ... 112 OGOUT ROBLEMS STARTING UP THE ROUTER ROBLEMS WITH THE ROBLEMS WITH THE Table of Contents ... 111 LASH ...

  • Page 5: Chapter 1: Introduction

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Chapter 1: Introduction Introduction to your BIPAC-8500/8520 Router Welcome to the Billion BIPAC-8500/8520 Router. Your Billion router is an “all-in-one” unit, combining an SHDSL modem, SHDSL router and Ethernet network switch, providing everything you need to get the machines on your network connected to the Internet over your SHDSL broadband connection.
  • Page 6 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Network Address Translation (NAT) Allows multi-users to access outside resources such as the Internet simultaneously with one IP address/one Internet access account. Many application layer gateway (ALG) are supported such as web browser, ICQ, FTP, Telnet, E-mail, News, Net2phone, Ping, NetMeeting, IP phone and others.
  • Page 7 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Simple Network Management Protocol (SNMP) It is an easy way to remotely manage the router via SNMP. Web based GUI Supports web based GUI for configuration and management. It is user-friendly and comes with on-line help.

  • Page 8: Bipac-8500 / 8520 Shdsl Router Application

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router BIPAC-8500 / 8520 SHDSL Router Application 8500 / 8520 Figure 1.1 Application Diagram of 8500 / 8520 Thank you for your purchase, and welcome to the world of broadband Internet! Chapter 1: Introduction...

  • Page 9: Chapter 2: Installing The Router

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Chapter 2: Installing the Router Important note for using the BIPAC-8500 / 8520 SHDSL Router DO NOT use the BIPAC-8500/8520 in high humidity or high temperatures. DO NOT use the same power source for the BIPAC-8500/8520 as other equipment.

  • Page 10: The Front Leds Of Bipac-8500

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router The Front LEDs of BIPAC-8500 LINE LAN Port — (RJ-45 connector) Chapter 2: Installing the Router Lit when successfully connected to SHDSL line and it is synchronized. Lit when connected to an Ethernet device. Green for 100Mbps;...

  • Page 11: The Front Leds Of Bipac-8520

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router The Front LEDs of BIPAC-8520 LINE 1 & 2 LAN Port — (RJ-45 connector) Chapter 2: Installing the Router Lit when successfully connected to SHDSL line and it is synchronized. Lit when connected to an Ethernet device.

  • Page 12: The Rear Ports

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router The Rear Ports * Only the BIPAC-8520 has two Line jack ports. BIPAC-8500 has one. Port Power Switch RESET — (RJ-45 connector) CONSOLE LINE — (RJ-11 connector Chapter 2: Installing the Router Meaning Power ON/OFF switch Connect the supplied power adapter to this jack.

  • Page 13: Cabling

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Cabling One of the most common causes of problems is bad cabling or SHDSL line(s). Make sure that all connected devices are turned on. On the front of the product is a bank of LEDs. Verify that the LAN Link and SHDSL line LEDs are lit.

  • Page 14: Chapter 3: Basic Installation

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Chapter 3: Basic Installation The router can be configured with your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me, etc.

  • Page 15: Configuring Pcs In Windows

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring PCs in Windows For Windows XP 1. Go to Start / Control Panel (in Classic View). In the Control Panel, double-click Network Connections. 2. Double-click Local Area Connection. (See Figure 3.1) 3.

  • Page 16: For Windows 2000

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router For Windows 2000 1. Go to Start / Settings / Control Panel. In the Control Panel, double-click Connections. 2. Double-click Local Area (“LAN”) Connection. (See Figure 3.5) 3. In the LAN Area Connection Status window, click Properties.

  • Page 17: For Windows 98 / Me

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router For Windows 98 / ME 1. Go to Start / Settings / Control Panel. In the Control Panel, double-click Configuration tab. 2. Select TCP / IP -> NE2000 Compatible, or the name of any Network Interface Card (NIC) in your PC.

  • Page 18: For Windows Nt4.0

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router For Windows NT4.0 1. Go to Start / Settings / Control Panel. In the Control Panel, double-click Network and choose the Protocols tab. 2. Select TCP/IP Protocol and click Properties. (See Figure 3.12) 3.

  • Page 19: Factory Default Settings

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Factory Default Settings Before configuring your, you need to know the following default settings. Web Interface: Username: admin Password: admin LAN Device IP Settings: IP Address: 192.168.1.254 Subnet Mask: 255.255.255.0 ISP setting in WAN site: PPPoE DHCP server:...

  • Page 20: Information From Your Isp

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Information from your ISP Before configuring this device, you have to check with your ISP (Internet Service Provider) what kind of service is provided such as PPPoE, PPPoA, RFC1483, or IPoA. Gather the information as illustrated in the following table and keep it for reference.

  • Page 21: Configuring With Your Web Browser

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring with your Web Browser Open your web browser, enter the IP address of your router, which by default is 192.168.1.254, and click “Go”, a user name and password window prompt will appear. The default username and password are “admin”...

  • Page 22: Chapter 4: Configuration

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Chapter 4: Configuration At the configuration homepage, the left navigation pane where bookmarks are provided links you directly to the desired setup page, including: Status (ARP Table, Routing Table, DHCP Table, PPTP Status, IPSec Status, L2TP Status, Email Status, Event Log, Error Log, NAT Sessions and UPnP Portmap) Quick Start Configuration (LAN, WAN, System, Firewall, VPN, QoS, Virtual Server and Advanced)

  • Page 23: Status

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Status ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Firewall –...

  • Page 24: Routing Table

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Routing Table Routing Table: Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use. Cost: The number of hops counted as the cost of the route.

  • Page 25: Dhcp Table

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router DHCP Table Leased: The DHCP assigned IP addresses information. IP Address: A list of IP addresses of devices on your LAN (Local Area Network). Expired: The expired IP addresses information. Permanent: The fixed host mapping information Leased Table IP Address: The IP address that assigned to client.

  • Page 26: Pptp Status

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router PPTP Status This shows details of your configured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.

  • Page 27: Ipsec Status

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router IPSec Status This shows details of your configured IPSec VPN Connections. Name: The name you assigned to the particular VPN entry. Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected. Statistics: Statistics for this VPN Connection.

  • Page 28: L2Tp Status

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router L2TP Status This shows details of your configured L2TP VPN Connections. Name: The name you assigned to the particular L2TP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.

  • Page 29: Event Log

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Event Log This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s SHDSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration –...

  • Page 30: Nat Sessions

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router NAT Sessions This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play). Please see the Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options.

  • Page 31: Quick Start

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Quick Start For detailed instructions on configuring your WAN settings, please see the WAN section of this manual. Usually, the only details you will need for the Quick Start wizard to get you online are your login (often in the form of username@ispname), your password and the encapsulation type.
  • Page 32 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Select the desired option from the list and click Apply to return to the Quick Start interface to continue configuring your ISP connection. Please note that the contents of this list will vary, depending on what is supported by your ISP.

  • Page 33: Configuration

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuration When you click this item, you get following sub-items to configure the SHDSL router. LAN, WAN, System, Firewall, VPN, QoS, Virtual Server and Advanced These functions are described below in the following sections. LAN (Local Area Network) There are four items within the LAN section: Ethernet, Port Setting and DHCP Server.

  • Page 34: Port Setting

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Port Setting This section allows you to configure the settings for the router’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network.

  • Page 35: Dhcp Server

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router DHCP Server You can disable or enable the DHCP (Dynamic Host Configuration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically.
  • Page 36 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router If you check DHCP Relay Agent and click Next, then you will have to enter the IP address of the DHCP server which will assign an IP address back to the DHCP client in the LAN. Use this function only if advised to do so by your network administrator or ISP.

  • Page 37: Wan (Wide Area Network)

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router WAN (Wide Area Network) WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the Internet. There are two items within the WAN section: ISP, DNS and SHDSL. The factory default is PPPoE.
  • Page 38 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router RFC 1483 Routed Connections Description: Your description of this connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address.
  • Page 39 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router PPPoE Connections Description: A user-definable name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single ISP account, sharing a single IP address.
  • Page 40 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router DHCP client function, and specify the IP address manually. The setting of this item is specified by your ISP. Authentication Protocol: Default is Chap(Auto). Your ISP will advise you whether to use Chap or Pap.
  • Page 41 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Give DNSto Relay: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can request the DNS server IP address for a remote PPP peer. Once IPCP has discovered the DNS server IP address, it automatically gives the address to the local DNS relay so that a connection can be established.
  • Page 42 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router RFC 1483 Bridged Connections VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Encapsulation method: Select the encapsulation format, this is provided by your ISP. Ether Filter Type: Specify the type of ethernet filtering performed by the named bridge interface.
  • Page 43 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router PPPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
  • Page 44 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Connection: Always on: If you want the router to establish a PPPoA session when starting up and to automatically re-establish the PPPoA session when disconnected by the ISP. Connect to Demand: If you want to establish a PPPoA session only when there is a packet requesting access to the Internet (i.e.
  • Page 45 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Give DNSto Client: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can request a DNS server IP address for a remote PPP peer. Once IPCP has discovered the DNS server IP address, it automatically gives the address to the local DNS client so that a connection can be established.
  • Page 46 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router IPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.

  • Page 47: Dns

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. On the Internet, every host has a unique and user-friendly name (domain name) such as www.billion.com and an IP address. An IP address is a 32-bit number in the form of xxx.xxx.xxx.xxx, for example 192.168.1.254.

  • Page 48: Shdsl

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router SHDSL Mode: The default is CPE (Customer Premises Equipment) mode. If you want to do back to back connection with another BIPAC-8500, you must set to CO (Central Office) mode on another unit.

  • Page 49: System

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router System There are six items within the System section: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart and User Management. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network.

  • Page 50: Remote Access

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI.

  • Page 51: Firmware Upgrade

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Firmware Upgrade Your router’s “firmware” is the software that allows it to operate and provides all its functionality. Think of your router as a dedicated computer, and the firmware as the software it runs.

  • Page 52: Backup/Restore

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Backup/Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes.

  • Page 53: Restart Router

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings.

  • Page 54: User Management

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router User Management In order to prevent unauthorized access to your router’s configuration interface, it requires all users to login with a password. You can set up multiple user accounts, each with their own password.

  • Page 55: Firewall And Access Control

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Firewall and Access Control Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. In addition to this, when using NAT (Network Address Translation.
  • Page 56 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router URL Filter: To block PCs on your local network from unwanted websites. You can find six items under the Firewall section: General Settings, Packet Filter, Intrusion Detection, MAC Address Filter, URL Filter and Firewall Log. Chapter 4: Configuration...

  • Page 57: General Settings

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router General Settings You can choose not to enable Firewall, to add all filter rules by yourself, or enable the Firewall using preset filter rules and modify the port filter rules as required. The Packet Filter is divided into two sections: Port Filters and Address Filters, used to filter packets based-on Applications (Port) or IP addresses.

  • Page 58: Packet Filter

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Packet Filter Chapter 4: Configuration...
  • Page 59 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Port Filters The pre-defined port filter rules for High, Medium and Low security levels are listed. See Table 1. Port Number Application Protocol Start HTTP(80) TCP(6) DNS (53) UDP(17) DNS (53) TCP(6) FTP(21) TCP(6)
  • Page 60 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Address Filters Address Filters are used to block traffic to/from particular IP addresses. They can be used to block IP addresses either on the Internet or on your local network. There are no pre- defined address filter rules;...
  • Page 61 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring your firewall to allow for a publicly accessible web server on your LAN The pre-defined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to a high, medium or low security level.
  • Page 62 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Click Port Filters. You will then be presented with the pre-defined port filter rules screen (in this case for the low security level), shown below: Click Delete to delete the existing HTTP rule. Click Add TCP Filter.
  • Page 63 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router The new port filter rule for HTTP is shown below: HTTP inbound & outbound application Configure your Virtual Server (“port forwarding”) settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server: To enable the HTTP service in Virtual Server settings, input the web server PC’s IP address.

  • Page 64: Intrusion Detection

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Intrusion Detection The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious.
  • Page 65 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring or not. Default value is 15 ICMP Echo Requests (PING) per second. Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not. Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

  • Page 66: Mac Address Filter

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router MAC Address Filter A MAC (Media Access Control) address is the unique network hardware identifier for each PC on your network’s interface (i.e. its Network Interface Card or Ethernet card). Using your router’s MAC Address Filter function, you can configure the switch to only accept traffic from specified machines, or else to block specific machines from accessing your LAN.

  • Page 67: Url Filter

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router URL Filter URL (Uniform Resource Locator – e.g. an address in the form of http://www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements.
  • Page 68 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Domains Filtering: This function checks the domain name in URLs accessed against your list of domains to block or allow. If it is matched, the URL request will be sent (Trusted) or dropped (Forbidden).

  • Page 69: Firewall Log

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Firewall Log Firewall Log display log information of any unexpected action with your firewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling. Chapter 4: Configuration...

  • Page 70: Vpn (Virtual Private Networks)

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router VPN (Virtual Private Networks) Your router support three main types of VPN (Virtual Private Network), PPTP, IPSec and L2TP, and these are the two major section choices from the menu on the left. PPTP There are two types of PPTP VPN supported, Remote Access and LAN-to-LAN (please refer below for more information.).
  • Page 71 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Remote Access PPTP Connection Connection Name: This allows you to identify this particular connection, e.g. “Connection to office”. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 72 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Mode: You may select Stateful or Stateless mode. The key will be changed every 256 packets when you select Stateful mode. If you select Stateless mode, the key will be changed in each packet.
  • Page 73 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router LAN to LAN PPTP Connection Connection Name: A user-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 74 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Key Length: The data can be encrypted by MPPE algorithm with 40 bits or 128 bits. Default is Auto, it is negotiated when establishing a connection. 128 bit keys provide stronger encryption than 40 bit keys.

  • Page 75: Ipsec

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router IPSec Click Create to configure a new IPSec VPN connection. Chapter 4: Configuration...
  • Page 76 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configure a new VPN Connection Connection Name: A user-defined name for the connection (e.g. “connection to office”). Local: Local Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host.
  • Page 77 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Authentication: Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit. There are three options, Message Digest 5 (MD5), Secure Hash Algorithm (SHA-1) or NONE. SHA-1 is more resistant to brute-force attacks than MD5, however it is slower.

  • Page 78: Advanced Option

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Advanced Option Click Advanced Option to change the following settings: IKE Mode: Select IKE mode to Main mode or Aggressive mode. Local ID: Type: Specify local ID type. Content: Input ID’s information, like domain name www.ipsectest.com. Remote ID: Type: Specify Remote ID type.

  • Page 79: L2Tp

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router L2TP There are two types of L2TP VPN supported, Remote Access and LAN-to-LAN (please refer below for more information.). Click Create to configure a new VPN connection. Chapter 4: Configuration...
  • Page 80 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Remote Access L2TP Connection Connection Name: This allows you to identify this particular connection, e.g. “Connection to office”. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 81 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router IPSec: Enable for enhancing your LT2P VPN security. Authentication: Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit. There are three options, Message Digest 5 (MD5), Secure Hash Algorithm (SHA-1) or NONE.
  • Page 82 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router LAN to LAN L2TP Connection Connection Name: A user-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 83 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Idle Time: Auto-disconnect the VPN connection when there is no activity on the connection for a predetermined period of time. 0 means this connection is always on. Click Apply after changing settings. IPSec: Enable for enhancing your LT2P VPN security.
  • Page 84 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a Remote Access PPTP VPN Dial-in Connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows 2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
  • Page 85 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Private IP Address Assigned 192.168.1.200 to Dialing User Username username Password 123456 Auth.Type Chap(Auto) Data Encryption Auto Key Length Auto Mode stateful Idle Time Chapter 4: Configuration An assigned IP address for the remote worker Input username &...
  • Page 86 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a Remote Access PPTP VPN Dial-out Connection A company’s office establishes a PPTP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers. Configuring the PPTP VPN in the Office You can either input the IP address (69.1.121.33 in this case) or hostname to reach the server.
  • Page 87 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Auth.Type Data Encryption Key Length Mode Idle Time Chapter 4: Configuration Chap(Auto) Keep as default value in most of the cases, Auto PPTP server & client will determine the value Auto automatically.
  • Page 88 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a LAN-to-LAN PPTP VPN Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet.. The routers are installed in the head office and branch office accordingly.
  • Page 89 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring PPTP VPN in the Head Office The IP address 192.168.1.201 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. Item Function Connection Name...
  • Page 90 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring PPTP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router.
  • Page 91 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a IPSec LAN-to-LAN VPN Connection Table 3: Network Configuration and Security Plan Local Network ID Local Router IP Remote Network ID Remote Router IP IKE Pre-shared Key VPN Connection Type Security Algorithm Both office LAN networks MUST in different subnet with LAN to LAN application.
  • Page 92 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring IPSec VPN in the Head Office Item Function Connection Name Subnet IP Address Netmask Secure Gateway Address (or Hostname) Subnet IP Address Netmask Authentication Encryption Prefer Forward Security Pre-shared Key Encryption Prefer Forward Security Pre-shared Key...
  • Page 93 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring IPSec VPN in the Branch Office Item Function Connection Name Subnet IP Address Netmask Secure Gateway Address (or Hostname) Subnet IP Address Netmask Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration IPSec_Branch Given a name of IPSec connection...
  • Page 94 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a Remote Access L2TP VPN Dial-in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
  • Page 95 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring L2TP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure this IP is not used in the Office LAN. Item Function Connection Name...
  • Page 96 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring a Remote Access L2TP VPN Dial-out Connection A company’s office establishes a L2TP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers. Dial-out Chapter 4: Configuration...
  • Page 97 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring the L2TP VPN in the Office Item Function Connection Name Dial out Server IP Address (or Hostname) Username Password Auth.Type Idle Timeout IPSec Authentication Encryption Perfect Forward Secrecy Pre-shared Key Chapter 4: Configuration VPN_L2TP Given name of L2TP connection...
  • Page 98 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring your Router to Dial-in to the Server Currently, Microsoft Windows operation system does not support L2TP incoming service. Additional software may be required to set up your L2TP incoming service. Chapter 4: Configuration...
  • Page 99 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Example: Configuring LAN-to-LAN L2TP VPN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch office accordingly.
  • Page 100 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring L2TP VPN in the Head Office The IP address 192.168.1.200 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. Item Function Connection Name...
  • Page 101 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Configuring L2TP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router.

  • Page 102: Qos (Quality Of Service)

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router QoS (Quality of Service) QoS function helps you to control your network traffic for each application from LAN (Ethernet and/or Wireless) to WAN (Internet). It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream.

  • Page 103: Prioritization

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Prioritization There are three priority settings to be provided in the modem: High Normal (The default is normal priority for all of traffic without setting). The trigger of check can base on IP protocol, port number and address. And the balance of utilization of each priorities are High(60%), Normal(30%) and Low(10%).

  • Page 104: Ip Throttling

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router IP Throttling IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps. The trigger of check can base on IP protocol, port number and address as well.

  • Page 105: Virtual Server ("Port Forwarding")

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Virtual Server (“Port Forwarding”) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”.
  • Page 106 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router TCP & UDP 1503 1720 4000 7070 Because NAT can act as a “natural” Internet firewall, your router protects your network from being accessed by outside users when using NAT, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network.
  • Page 107 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router For example, if you set the port number 80 (Web/HTTP) to be mapped to the IP Address 192.168.1.2, then all incoming HTTP requests from outside users will be forwarded to the local server (PC) with the IP address of 192.168.1.2.

  • Page 108: Advanced

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff.

  • Page 109: Dynamic Dns

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via your SHDSL connection, so that anyone wishing to connect to you may use your domain name, rather than having to use your dynamic IP address, which changes from time to time.

  • Page 110: Check Emails

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Check Emails This function allows you to have the router check your POP3 mailbox for new Email messages. The Mail LED on your router will light when it detects new messages waiting for download.

  • Page 111: Device Management

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Embedded Web Server: HTTP Port: This is the port number the router’s embedded web server (for web-based configuration) will use.
  • Page 112 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router http://192.168.1.254:100 automatically logout User A. Universal Plug and Play (UPnP): UPnP offers peer-to-peer network connectivity for PCs and other network devices, along with control and data transfer between devices. UPnP offers many advantages for users running NAT routers through UPnP NAT Traversal, and on supported systems makes tasks such as port forwarding much easier by letting the application control the required settings, removing the need for the user to control advanced configuration of their device.
  • Page 113 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router SNMP Version: SNMPv2c and SNMPv3 SNMPv2c is the combination of the enhanced protocol features of SNMPv2 without the SNMPv2 security. The "c" comes from the fact that SNMPv2c uses the SNMPv1 community string paradigm for "security", but is widely accepted as the SNMPv2 standard.
  • Page 114 Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router pppLink group pppLqr group From RFC 1472 (PPP/Security MIB): PPP Security Group) From RFC 1473 (PPP/IP MIB): PPP IP Group From RFC 1474 (PPP/Bridge MIB): PPP Bridge Group From RFC1573 (IfMIB): ifMIBObjects Group From RFC1695 (atmMIB): atmMIBObjects...

  • Page 115: Save Configuration To Flash

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Save Configuration to Flash After changing the router’s configuration settings, you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router. Click Save to write your new configuration to FLASH.

  • Page 116: Logout

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Logout To exit the router’s web interface, choose Logout. Please ensure that you have saved the configuration settings before you logout. Be aware that the router is restricted to only one PC accessing the configuration web pages at a time.

  • Page 117: Chapter 5: Troubleshooting

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Chapter 5: Troubleshooting If the router is not functioning properly, first check this chapter for simple troubleshooting before contacting your service provider or Billion support. Problems starting up the router Problem Corrective Action Check the connection between the adapter and the router.

  • Page 118: Problems With The Lan Interface

    Billion BIPAC-8500 / 8520 SHDSL VPN Firewall Bridge / Router Ensure that all other devices connected to the same telephone line as your Frequent loss of Billion router (e.g. telephones, fax machines, analogue modems) have a SHDSL linesync line filter connected between them and the wall socket (unless you are (disconnections).

  • Page 119: Appendix A: Product Support And Contact Information

    APPENDIX A: Product Support and Contact Information Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve the problem with the Troubleshooting chapter, please contact the dealer where you purchased this product. Contact Billion WORLDWIDE http://www.billion.com/...

This manual is also suitable for:

Bipac 8520Bipac-8500Bipac-8520
Save PDF