1. Manuals
  2. Brands
  3. XiNCOM Manuals
  4. Gateway
  5. Twin WAN XC-DPG503
  6. User manual

XiNCOM Twin WAN XC-DPG503 User Manual

Twin wan vpn gateway
Hide thumbs Also See for Twin WAN XC-DPG503:
Table of Contents

Advertisement

Quick Links

Download this manual
Twin WAN VPN Gateway
� � � � � � � � � �
CUTTING EDGE INNOVATIONS.
� � � �� ���� ��� � � �

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Twin WAN XC-DPG503 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for XiNCOM Twin WAN XC-DPG503

Summary of Contents for XiNCOM Twin WAN XC-DPG503

  • Page 1 Twin WAN VPN Gateway � � � � � � � � � � CUTTING EDGE INNOVATIONS. � � � �� ���� ��� � � �...

  • Page 2: Table Of Contents

    XC-DPG503 Twin WAN VPN Gateway Table of Contents Introduction Features Physical Details Basic Setup Configuring your LAN Connecting Broadband Modems Configuring for Interent Access Configuring your LAN PCs Advanced Port Port Options Load Balance Advanced PPPoE Advanced PPTP Advanced Setup Host IP Setup Virtual Server Custom Virtual Server...
  • Page 3 Table of Contents QoS Configuration VPN Configuration IPSec Global Setting Policy Setup Management Assistant SNMP Email Alert Syslog Upgrade Firmware Operation & Status System Status Restore Factory Defaults WAN Status LAN Status Advanced LAN Configuration Existing DHCP Server Static Routing Appendices Appendix A Appendix B...

  • Page 4: Chapter 1 - Introduction

    • Physical Details Chapter 1 - Introduction XiNCOM XC-DPG503 is a VPN capable Dual WAN Gateway with the industry standard IPsec encryption. It provides extremely secure LAN-to-LAN connectivity over the Internet. The 503 supports VPN by encryption, encapsulation, and authentication using the following methods: DES/3DES/AES, MD5, SHA-1 and SHA-2; up to 50 IPsec tunnels are permitted.

  • Page 5: Features

    Features Figure 1. How it works Solid VPN Security Full VPN Endpoint with support for up to 50 VPN tunnels using the IPSec encryption protocol. Figure 2. Load Balancing Load Balance two concurrent broadband connections in any combination to expand a network’s bandwidth to the Internet.

  • Page 6: Other Features

    Features Other Features: DHCP Server Support Dynamic Host Configuration Protocol provides a dynamic IP address to PCs and other devices upon request. The XC-DPG503 can act as a DHCP Server for devices on your local LAN. Multi Segment LAN Support LANs containing one or more segments are supported via the XC-DPG503’s built-in static routing table.

  • Page 7: Physical Details

    Physical Details Front Panel: Twin WAN VPN Gateway XC-DPG503 Operation of the Front Panel LEDs is as follows: System: Power OFF - No Power. ON - Normal Operation Status OFF - Normal Operation ON - Firmware not loaded or Hardware Error Blinking - Data in/out WAN: LINK/ACT...

  • Page 8: Default Settings

    Physical Details Front Panel Status and Error conditions LED Action WAN1 LINK/ACT & 10M/100M LEDs flash alternatively. WAN1 LINK/ACT & 10M/100M LEDs flash concurrently. WAN1 LINK/ACT & 10M/100M LEDs solid On WAN2 LINK/ACT & 10M/100M LEDs solid On LAN1 LINK/ACT & 10M/100M LEDs solid On Rear Panel: DC 5V WAN2...

  • Page 9: Xc-Dpg503

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Overview • Procedure 1. Configuring your LAN 2. Connecting Broadband Modems 3. Configuring for Internet Access 4. Configuring your LAN PCs Chapter 2 - Basic Setup Overview Basic setup of your XC-DPG503 wil involve the following steps: 1.

  • Page 10: Configuring Your Lan

    Configuring the XC-DPG503 for your LAN Procedure Use a standard LAN cable to connect your PC to any LAN port on the XC-DPG503. Connect the power adapter and power up the XC-DPG503. Only use the power adapter provided with the product; using a different one may cause hardware damage. Start your PC or restart your PC if it is already running.
  • Page 11 Configuring the XC-DPG503 for your LAN Figure 3. LAN & DHCP Ensure these settings are suitable for your LAN: • The default settings are suitable for many situations. • See the following table for details of each setting.
  • Page 12 Connecting two broadband modems Procedure Ensure the XC-DPG503 and the DSL/Cable modem are powered OFF. Leave the modem or modems connected to their data line. Connect the Broadband modem(s) to the XC-DPG503. If using only one (1) Broadband modem, connect it to the “WAN 1” port. Use standard LAN cables to connect PCs to the LAN ports on the XC-DPG503.

  • Page 13: Configuring For Internet Access

    Configuring for Internet Access Select Primary Setup from the menu. Configure WAN 1 and/or WAN 2 as required. For any of the following situations, refer to Chapter 3: Advanced Port Setup for any further configuration which may be required such as: •...

  • Page 14: Internet Access

    Configure PCs on your LAN Overview For each PC, the following may need to be configured: TCP/IP network settings Internet Access configuration TCP/IP Settings When using Windows 95/98/ME/2000/XP and the XC-DPG503’s TCP/IP default settings, no changes need to be made. Just start or reboot your PC. By default, the XC-DPG503 will act as a DHCP Server, automatically providing a suitable IP Address (and related information) to each PC when the PC boots up.
  • Page 15 Configure PCs on your LAN For Apple Clients Open the TCP/IP Control Panel. Select Ethernet from the Connect via pop-up menu. Select Using DHCP Server from the Configure pop-up menu. The DHCP Client ID field can be left blank. Close the TCP/IP panel, saving your settings. Note: If using manually assigned IP addresses instead of DHCP, the required changes are: •...

  • Page 16: Chapter 3 - Advanced Port

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Overview • Port Options • Load Balance • Advanced PPPoE • Advanced PPTP Chapter 3 - Advanced Port Overview Port Options contains some options which can be set on either or both WAN ports. For most situations, the default values are satisfactory.Virtual Server Load Balance screen is only functional if you are using both WAN ports.

  • Page 17: Port Options

    Port Options Figure 6. Port Options Connection Validation Health Check Use this field to select the type of connection validation to perform. When set to ICMP, the XC-DPG503 sends out ICMP echo requests. When set to HTTP, the XC- DPG503 requests web pages. Alive Indicator This is the IP address used to check if the WAN connection is operational.

  • Page 18: Load Balance

    Load Balance Configuring Load Balancing The Twin WAN line of products uses a session based Load Balancing algorithm by allowing you to manage sessions using several different options: By monitoring real time speed of both WAN connections, the XC-DPG503 will Bytes rx+tx establish new sessions on the WAN port with the lower speed.

  • Page 19: Advanced Pppoe

    Advanced PPPoE The screen is required in order to use multiple PPPoE sessions on the same WAN port. It can also be used to manually connect or disconnect a PPPoE session. Settings - Advanced PPPoE Select the desired Port and Session, then click the “Select” button. The data for the selected Port/Session will then be displayed in the WAN Port PPPoE Session WAN IP Account section.

  • Page 20: Advanced Pptp

    Advanced PPTP Figure 9. Advanced PPTP Settings - Advanced PPTP Select the desired Port and click the “Select” button. The data for the selected Port will then be displayed in the WAN IP Account section. WAN Port WAN IP Account •...

  • Page 21: Chapter 4 - Advanced Setup

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Host IP Setup • Virtual Server • Custom Virtual Server • Special Applications • Dynamic DNS • Multi DMZ • Advanced Features • UPnP Chapter 4 - Advanced Setup Overview The following advanced features are provided. Host IP Setup Virtual Server Custom Virtual Server...

  • Page 22: Host Ip Setup

    Host IP Host IP This feature is used in the following situations: When you have Multi-Session PPPoE and wish to bind each session to a particular PC on your LAN. When you wish to use the Access Filter feature. This requires that each PC be identified by using the Host IP Setup screen. When you wish to have different Block URL settings for different PCs.

  • Page 23: Virtual Server

    Virtual Servers Virtual Servers This feature allows you to make Servers on your LAN accessible to Internet users. Normally, Internet users would not be able to access a server on your LAN because: Your Server’s IP address is only valid on your LAN, not on the Internet. Attempts to connect to devices on your LAN are blocked by the firewall in the XC-DPG503.

  • Page 24: Custom Virtual Server

    Custom Virtual Servers Custom Virtual Servers This screen allows you to define your own Server types. This is for situations when the desired Server type is not listed on the Virtual Servers screen. Settings - Custom Virtual Servers Select Custom Server Name Server List If creating a new entry, ignore this list.

  • Page 25: Special Applications

    Special Applications Special Application If you use Internet applications which have non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the XC-DPG503 firewall. In this case, you can define the application as a “Special Application” in order to make it work. Note that the terms “Incoming”...

  • Page 26: Dynamic Dns

    Dynamic DNS Dynamic DNS Dynamic DNS is very useful when combined with the Virtual Server feature. It allows Internet users to connect to your Virtual Servers using a URL, rather than an IP Address. This also solves the problem of having a dynamic IP address. With a dynamic IP address, your IP address may change whenever you connect to your ISP.

  • Page 27: Multi Dmz

    Multi DMZ & UPnP Dynamic DNS This feature allows each WAN port IP address to be associated with one (1) computer on your LAN. All outgoing traffic from that PC will be associated with that WAN port IP address. Any traffic sent to that IP address will be forwarded to the specified PC. This allows unrestricted 2-way communication between the “DMZ PC”...

  • Page 28: Advanced Features

    Advanced Features Advanced Features NAT – NAT (Network Address Translation) is the technology which allows a number of LAN PCs to share one (1) Internet IP address. Remote Access Configuration – This feature allows you to manage the XC-DPG503 via the Internet. You can restrict access to a specified IP address or address range. External Filters Configuration –...
  • Page 29 Advanced Features (continued) Using Remote Web-based Setup To connect to the XC-DPG503 from a remote PC via the Internet: 1. Ensure that both your PC and the XC-DPG503 are connected to the Internet. 2. Start your Web Browser. 3. In the Address bar enter: HTTP:// (Internet IP Address of the XC-DPG503) The Port number is also required.

  • Page 30: Chapter 5 - Security Management

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Block URL • Access Filter • Session Limit • Firewall Exception Chapter 5 - Security Management Overview Block URL - This feature blocks specific web sites by IP address, URL, or keywords. Access Filter - Block all Internet access, well-known ports, or block user define ports by groups.

  • Page 31: Block Url

    Block URL Block URL This feature allows you to block access to undesirable Web sites. You can block by URL, IP address, or Keyword. You can also have different blocking settings for different groups of PCs. Every URL is searched to see if it matches or contains any of the URL or keywords entered here. After a DNS lookup determines the IP address of the requested site, the site’s IP address is checked against IP address entries on this screen.

  • Page 32: Session Limit

    Session Limit & Firewall Exception Session Limit This new feature allows to drop the new sessions from both WAN and LAN side. If the new sessions number are exceed the maximum sessions in a sampling time. Settings - Session Limit Firewall Exception System Firewall Exception Rules: The rules with which any received packets is complied, the packets will not processed by Firewall or NAT module, but to be processed directly by system protocol stack.

  • Page 33: Chapter 6 - Qos Configuration

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Overview • QoS Setup • Policy Configuration Chapter 6 - QoS Configuration Overview The XC-DPG503 provides QoS, which supports the high quality of network service. Classifying outgoing packets based on some policies defined by users provides real-time applications to get better response or performance. Settings - QoS Setup QoS Feature •...

  • Page 34: Chapter 7 - Vpn Configuration

    DES/3DES/AES, MD5, SHA-1 and SHA-2; up to 50 IPsec tunnels are permitted. The VPN configuration menu allows you to configure the behavior of the XiNCOM XC-DPG503. Before creating a configuration, please review your requirement for VPN: •...

  • Page 35: Ipsec Global Setting

    IPSec Global Settings IPSec Global Setting IP Global Setting Enable Enabling either WAN 1, WAN 2, or both will start the VPN global setting. ISAkmp Port Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify, and delete security associations and their attributes. In particular, it was assigned UDP port 500 by the IANA.

  • Page 36: Policy Setup

    Policy Setup VPN Policy Setup IPSec Traffic Binding VPN Tunnel List It shows the tunnels that you have entered. The router can setup up to 50 tunnels Tunnel Name This distinguishes different “tunnels” by name. Tunnel The tunnel can only be connected when the Enable check box is selected. WAN port You can choose WAN1, WAN2 or Any to make the VPN connection.
  • Page 37 Policy Setup VPN Policy Setup (continued) Key Management Key - Key Type: There are two key types (manual key and auto key) available for the key exchange management. Manual Key: If manual key is selected, no key negotiation is needed. Encryption Key - This field specifies a key to encrypt and decrypt IP traffic.

  • Page 38: Snmp

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • SNMP • Email Alert • Syslog • Upgrade Firmware Chapter 8 - Management Assistant SNMP - Simple Network Management Protocol This section is to compliment any SNMP (Simple Network Management Protocol) software installed on your PC. If you have SNMP software, you can use a standard MIB II file with the XC-DPG503.

  • Page 39: Syslog

    Management Assistant Email Alert (continued) This field sets the email sever’s address for the warning email will be sent to. (Email Alert must be Email (SMTP) Server enabled) Address For example: mail.domain.com This field sets the email address for the warning email will be sent to. This is usually the system Email Recipient Address administrator email address.

  • Page 40: Admin Password Screen

    Updating the Firmware To update the firmware on your XC-DPG503 you must first download the firmware from the XiNCOM Support web page (http://www.xincom.com/support) You will need an unzipping utility such as WinZip (www.winzip.com) or WinRAR (www.rarlab.com) to extract the contents of the file. Included will be a README file (usually README.txt), TFTP (tftp.exe) utility and the firmware file ({name}.

  • Page 41: Uploading The Firmware

    Management Assistant Example of how to configure to save file. Uploading the Firmware Using the TFTP utility you are able to update the firmware on the XC-DPG503, this is useful when you also need to recover the router from a crash. To upload the firmware to the router: 1.

  • Page 42: Chapter 9 - Operation & Status

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • System Status • Restore Factory Defaults • WAN Status • LAN Status Chapter 9 - Operation & Status Operation & Status Overview Once both the XC-DPG503 and the PCs are configured, operation is automatic. However, there are some situations where additional Internet configuration may be required (Refer to Chapter 4 - Advanced Features for further details) System Status...

  • Page 43: Restore Factory Defaults

    Operation & Status Restore Factory Defaults When the “Restore Factory Defaults” button on the Status screen above is clicked, the following screen is displayed. If the “Restore Default Value” button on this screen is clicked: • ALL of your settings will be erased. •...

  • Page 44: Chapter 10 - Advanced Lan Configuration

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Overview • Existing DHCP Server • Static Routing Chapter 10 - Advanced LAN Configuration Overview These settings are provided to deal with non-standard situations or to provide additional options for advanced users. Existing DHCP Server If your LAN already has a DHCP Server, and you wish to continue using it, the following configuration is required.

  • Page 45: Static Routing

    Advanced LAN Configuration Static Routing This section is only relevant if your LAN has other Routers or Gateways. If you do not have other Routers or Gateways on your LAN, skip the Static Routing page. If your LAN has other Gateways and Routers, you must configure the Static Routing screen as described below. You also need to configure the other Routers. Note: If there is an entry or entries in the Routing table with an Index of zero ( 0 ), these are System entries.
  • Page 46 Advanced LAN Configuration Configuring other Routers on you LAN All traffic for devices not on the local LAN must be forwarded to the XC-DPG503 so that they can be forwarded to the Internet. This is done by configuring other Routers to use the XC-DPG503 as the Default Route or Default Gateway, as illustrated by the example below: Configuration settings for the LAN shown with 2 routers and 3 LAN segments, the XC-DPG503...

  • Page 47: Appendix A

    XC-DPG503 Twin WAN VPN Gateway Chapter Contents • Appendix A - Specifications • Appendix B - Windows TCP/IP Setup • Appendix C - Troubleshooting Appendices Appendix A Specifications XC-DPG503 Model 245mm (W) x 137mm (D) x 30mm (H) Dimensions 0° C to 40° C Operating Temperature -10°...

  • Page 48: Appendix B

    Appendices Appendix B Windows TCP/IP Setup TCP/IP Settings If using the default XC-DPG503 settings, and the default Windows 95/98/ ME/2000 TCP/IP settings, no changes need to be made. By default, the XC-DPG503 will act as a DHCP Server and automatically provide a suitable IP Address (and related information) to each PC when the PC boots.

  • Page 49: Checking Tcp/Ip Settings - Windows 2000

    Appendices On the DNS Configuration tab, ensure Enable DNS is selected. If the DNS Server Search Order list is empty, enter the DNS address provided by your ISP in the fields beside the Add button, then click Add. Figure D. DNS Tab (Windows 95/98) Checking TCP/IP Settings - Windows 2000: 1.

  • Page 50: Checking Tcp/Ip Settings - Windows Xp

    Appendices Appendices Checking TCP/IP Settings - Windows XP: 1. Select Control Panel - Network Connection. 2. Right click the Local Area Connection and choose Properties. You should see a screen like the following: Figure G. Network Configuration (Windows XP) 3. Select the TCP/IP protocol for your network card. 4.

  • Page 51: Appendix C

    This chapter covers some common problems that may be encountered while using the XC-DPG503 and some possible solutions to them. If you follow the suggested steps and the XC-DPG503 still does not function properly, contact XiNCOM for further advice. General Problems Problem: I can’t connect to the XC-DPG503 to configure it.

Table of Contents