Related Manuals for XiNCOM XC-DPG603
Summary of Contents for XiNCOM XC-DPG603
- Page 1 Twin WAN DNS IP VPN Gateway � � � � � � � � � � CUTTING EDGE INNOVATIONS. � ������� �� �� �� �...
-
Page 2: Table Of Contents
XC-DPG603 → Twin WAN DNS VPN Gateway Table of Contents Introduction Features Physical Details Basic Setup Configuring your LAN Connecting Broadband Modems Configuring for Interent Access Configuring your LAN PCs Advanced Port Port Options Load Balance Advanced PPPoE Advanced PPTP... - Page 3 Table of Contents QoS Configuration VPN Configuration IPSec Global Setting Policy Setup DNS Configuration Domain Name Server Configuration Map Host URL Management Assistant SNMP Email Alert Syslog Upgrade Firmware Operation & Status System Status Restore Factory Defaults WAN Status LAN Status Advanced LAN Configuration Existing DHCP Server Static Routing...
-
Page 4: Introduction
• Physical Details Chapter 1 - Introduction The XiNCOM XC-DPG603 is a revolutionary DNS to IP VPN Gateway that provides advanced networking services most commonly found in enterprise class infrastructures at a fraction of the cost. XiNCOM tailors these services with innovative features such as inbound/outbound load balancing, auto-failover, and a built-in VPN endpoint. -
Page 5: Features
Full VPN Endpoint with support for up to 50 VPN tunnels using the IPsec encryption protocol. Authoritative DNS to IP Gateway The XC-DPG603 is an authoritative DNS to IP gateway that resolves a domain name to its respective IP addresses. This new capability allows for inbound failover and load balancing for servers located behind the gateway. -
Page 6: Other Features
The web management feature allows you to use HTTP to upgrade new firmware and backup system configuration from local or remote locations. Email Alert The XC-DPG603 will send an alert via email to the system administrator in the event a single or both WAN connections go down. Syslog Generates real time system information on the web page or sends to a particular computer. -
Page 7: Physical Details
Physical Details Front Panel: Twin WAN DNS IP VPN Gateway XC-DPG603 Operation of the Front Panel LEDs is as follows: System: Power OFF - No Power. ON - Normal Operation Status OFF - Normal Operation ON - Firmware not loaded or Hardware Error... -
Page 8: Rear Panel
WAN 2. Default Settings When the XC-DPG603 has finished booting, all configuration settings will be set to the factory defaults, including: • The IP Address is set to its default value of 192.168.1.1 with a Network Mask of 255.255.255.0 •... -
Page 9: Basic Setup
Overview Basic setup of your XC-DPG603 wil involve the following steps: 1. Connect the XC-DPG603 to one (1) PC and configure it to your existing LAN. 2. Connecting one or two Broadband Modems to your XC-DPG603. 3. Configuring the XC-DPG603 for Interent Access. -
Page 10: Configuring Your Lan
Configuring the XC-DPG603 for your LAN Procedure Use a standard LAN cable to connect your PC to any LAN port on the XC-DPG603. Connect the power adapter and power up the XC-DPG603. Only use the power adapter provided with the product; using a different one may cause hardware damage. - Page 11 • See the following table for details of each setting. This is the IP address for the XC-DPG603 when seen from the local LAN. Use the defualt value unless the address is already in use or your LAN is using a different IP addres range.
- Page 12 Connect the Broadband modem(s) to the XC-DPG603. If using only one (1) Broadband modem, connect it to the “WAN 1” port. Use standard LAN cables to connect PCs to the LAN ports on the XC-DPG603. Both 10BaseT and 100BaseT connections can be used simultaneously.
- Page 13 • MAC address – Some ISP’s record your MAC address (also called “Physical address” or “Network Adapter address”). Setup of the XC-DPG603 is now complete. PCs on your LAN must now be configured. See the following section for details. Figure 5. Primary Setup Screen...
-
Page 14: Configuring Your Lan Pcs
DHCP client. In Windows, this is called Obtain an IP address automatically. Just start (or restart) your PC, and it will obtain an IP address from the XC-DPG603. If using fixed IP addresses on your LAN, or you wish to check your TCP/IP settings, refer to Appendix B –... - Page 15 • Ensure your DNS settings are correct. For Linux Clients To access the Internet via the XC-DPG603, it is only necessary to set the XC-DPG603 as the “Gateway” and ensure your Name Server settings are correct. Make sure you are logged in as “root”...
-
Page 16: Advanced Port
XC-DPG603 → Twin WAN DNS VPN Gateway Chapter Contents • Overview • Port Options • Load Balance • Advanced PPPoE • Advanced PPTP Chapter 3 - Advanced Port Overview Port Options contains some options which can be set on either or both WAN ports. For most situations, the default values are satisfactory. -
Page 17: Port Options
Figure 6. Port Options Connection Validation Health Check Use this field to select the type of connection validation to perform. When set to ICMP, the XC-DPG603 sends out ICMP echo requests. When set to HTTP, the XC- DPG603 requests web pages. Alive Indicator This is the IP address used to check if the WAN connection is operational. -
Page 18: Load Balance
Same as above but in this case, the XC-DPG603 monitors the packet flow and tries Packets rx+tx to maintain an even number of packets. Use this if transmitting a lot of small packets, such as web browsing and Usenet. -
Page 19: Advanced Pppoe
Advanced PPPoE The screen is required in order to use multiple PPPoE sessions on the same WAN port. It can also be used to manually connect or disconnect a PPPoE session. Settings - Advanced PPPoE Select the desired Port and Session, then click the “Select” button. The data for the selected Port/Session will then be displayed in the WAN Port PPPoE Session WAN IP Account section. -
Page 20: Advanced Pptp
Advanced PPTP Figure 9. Advanced PPTP Settings - Advanced PPTP Select the desired Port and click the “Select” button. The data for the selected Port will then be displayed in the WAN IP Account section. WAN Port WAN IP Account •... -
Page 21: Advanced Setup
XC-DPG603 → Twin WAN DNS VPN Gateway Chapter Contents • Host IP Setup • Virtual Server • Custom Virtual Server • Special Applications • Dynamic DNS • Multi DMZ • Advanced Features • UPnP Chapter 4 - Advanced Setup Overview The following advanced features are provided. -
Page 22: Host Ip Setup
• Delete – Click this to delete the selected entry. • Update – Use this to update the selected entry, after making the desired changes. • Reset – Reverse any changes you have made since loading the data from the XC-DPG603. This table shows the current bindings. -
Page 23: Virtual Server
Your Server’s IP address is only valid on your LAN, not on the Internet. Attempts to connect to devices on your LAN are blocked by the firewall in the XC-DPG603. The “Virtual Server” feature solves these problems and allows Internet users to connect to your servers, as illustrated in Figure 10. -
Page 24: Custom Virtual Server
Custom Virtual Servers Custom Virtual Servers This screen allows you to define your own Server types. This is for situations when the desired Server type is not listed on the Virtual Servers screen. Settings - Custom Virtual Servers Select Custom Server Name Server List If creating a new entry, ignore this list. -
Page 25: Special Applications
If you use Internet applications which have non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the XC-DPG603 firewall. In this case, you can define the application as a “Special Application” in order to make it work. -
Page 26: Dynamic Dns
IP Address. This also solves the problem of having a dynamic IP address. With a dynamic IP address, your IP address may change whenever you connect to your ISP. You must register for the Dynamic DNS service. The XC-DPG603 supports 2 types of service providers: Standard client, available at http://www.dyndns.org. -
Page 27: Multi Dmz
Multi DMZ & UPnP Dynamic DNS This feature allows each WAN port IP address to be associated with one (1) computer on your LAN. All outgoing traffic from that PC will be associated with that WAN port IP address. Any traffic sent to that IP address will be forwarded to the specified PC. This allows unrestricted 2-way communication between the “DMZ PC”... -
Page 28: Advanced Features
NAT Configuration - If you disable NAT, Internet access is only possible if all PCs are configured with valid Internet IP addresses. (The XC-DPG603 needs 2 addresses: 1 for the LAN port and 1 for the WAN port.) - NAT is disabled only when you wish to use the XC-DPG603 as a Static Router. - Page 29 Using Remote Web-based Setup To connect to the XC-DPG603 from a remote PC via the Internet: 1. Ensure that both your PC and the XC-DPG603 are connected to the Internet. 2. Start your Web Browser. 3. In the Address bar enter: HTTP:// (Internet IP Address of the XC-DPG603) The Port number is also required.
-
Page 30: Security Management
XC-DPG603 → Twin WAN DNS VPN Gateway Chapter Contents • Block URL • Access Filter • Session Limit • Firewall Exception Chapter 5 - Security Management Overview Block URL - This feature blocks specific web sites by IP address, URL, or keywords. -
Page 31: Block Url
Block URL Block URL This feature allows you to block access to undesirable Web sites. You can block by URL, IP address, or Keyword. You can also have different blocking settings for different groups of PCs. Every URL is searched to see if it matches or contains any of the URL or keywords entered here. After a DNS lookup determines the IP address of the requested site, the site’s IP address is checked against IP address entries on this screen. -
Page 32: Session Limit
Session Limit & Firewall Exception Session Limit This new feature allows to drop the new sessions from both WAN and LAN side. If the new sessions number are exceed the maximum sessions in a sampling time. Settings - Session Limit Firewall Exception System Firewall Exception Rules: The rules with which any received packets is complied, the packets will not processed by Firewall or NAT module, but to be processed directly by system protocol stack. -
Page 33: Qos Configuration
Chapter 6 - QoS Configuration Overview The XC-DPG603 provides QoS, which supports the high quality of network service. Classifying outgoing packets based on some policies defined by users provides real-time applications to get better response or performance. Settings - QoS Setup QoS Feature •... -
Page 34: Vpn Configuration
VPN products are not interoperable. Although the XiNCOM XC-DPG603 VPN Gateway can interoperate with many other VPN products, it is not possible for XiNCOM to provide specific technical support for each and every other product. -
Page 35: Ipsec Global Setting
IPSec Global Settings IPSec Global Setting IP Global Setting Enable Enabling either WAN 1, WAN 2, or both will start the VPN global setting. ISAkmp Port Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify, and delete security associations and their attributes. In particular, it was assigned UDP port 500 by the IANA. -
Page 36: Policy Setup
Policy Setup VPN Policy Setup IPSec Traffic Binding VPN Tunnel List It shows the tunnels that you have entered. The router can setup up to 50 tunnels Tunnel Name This distinguishes different “tunnels” by name. Tunnel The tunnel can only be connected when the Enable check box is selected. WAN port You can choose WAN1, WAN2 or Any to make the VPN connection. - Page 37 Policy Setup VPN Policy Setup (continued) Key Management Key - Key Type: There are two key types (manual key and auto key) available for the key exchange management. Manual Key: If manual key is selected, no key negotiation is needed. Encryption Key - This field specifies a key to encrypt and decrypt IP traffic.
-
Page 38: Dns Configuration
When a request comes in to your domain name, the XC-DPG603 looks at these factors to determine which WAN port should be used to access the server. When the traffi c load is higher on WAN 1, the XC-DPG603 will reply with the IP address of WAN2, in which case the user will connect to WAN 2 allowing for the best latency and speed. - Page 39 How it works XC-DPG602 & 603 as an Authoritative DNS: An example of the Inbound Load Balancing function for the XC-DPG602 & 603 Gateways: DNS Request Information Request WAN 1 WAN Port Monitoring Module Authoritative Domain Name Server Module Web or FTP Server Note: This example uses WAN 1 as the initial recipient for the request of a domain name.
-
Page 40: Domain Name Server Configuration
Domain Name management console and locate the domain name settings for NS1 and NS2 (some Registrar services use up to NS3 and NS4). Input the IP address from your XC-DPG603 WAN 1 and WAN 2 to your domain name’s NS1 and NS2 settings. - Page 41 Domain Name Configuration NS Record Primary/Secondary Name Server This holds the settings for the domain. This setting is usually obtained locally rather than a remote source. Public WAN (1 & 2) IP Address This sets the public IP address for the domain name on the specified WAN Port. MX Record Mail Exchange This sets the mail route for the domain name.
-
Page 42: Map Host Url
Map Host URL Select Map Host URL from the main menu. Enter all the information for your domains. Submit the changes. A Record CNAME Record Host URL List Host URL List Contains a list of domains that are already configured. DNS Server List List of DNS servers. -
Page 43: Management Assistant
SNMP - Simple Network Management Protocol This section is to compliment any SNMP (Simple Network Management Protocol) software installed on your PC. If you have SNMP software, you can use a standard MIB II file with the XC-DPG603. Settings - SNMP System Information •... -
Page 44: Syslog
Message Status Messages send only keep when “keep send message” checked. The XC-DPG603 keeps last 100 messages in the RAM. These messages will clear when reboot or powered off. Syslog Configuration Syslog Global Enable –... -
Page 45: Upgrade Firmware
Enter the desired password. Re-enter the password in the Verify Password field and then save it. When you connect to the XC-DPG603 with your Browser, you will be prompted for the password when you connect, as shown below. Enter “Admin” for the User Name. - Page 46 Example of how to configure to save file. Uploading the Firmware Using the TFTP utility you are able to update the firmware on the XC-DPG603, this is useful when you also need to recover the Gateway from a crash. To upload the firmware to the Gateway: 1.
-
Page 47: Operation & Status
“Renew” transaction with the ISP’s DHCP server. This will extend the period for which the current WAN IP address is allocated to you. IP Address – The IP address of the XC-DPG603 when seen from the Internet. This IP Address is allocated by the ISP (Internet Service Provider). -
Page 48: Restore Factory Defaults
• The DCHP server function will be enabled. These changes may mean that the current connection is invalid and you will have to re-connect to the XC-DPG603 using its default IP address (192.168.1.1). WAN Status This section displays data for each WAN port. -
Page 49: Advanced Lan Configuration
If your LAN already has a DHCP Server, and you wish to continue using it, the following configuration is required. The DHCP Server function in the XC-DPG603 must be disabled. This setting is on the LAN & DHCP screen. Your DHCP Server must be configured to provide the XC-DPG603’s LAN IP address as the “Default Gateway”. -
Page 50: Static Routing
The Network Mask for the remote LAN segment. For class “C” networks, the default mask is 255.255.255.0 Netmask The IP Address of the Gateway or Router which the XC-DPG603 must use to communicate with the destination above. (NOT the router attached to the remote segment.) Gateway Select the correct interface (usually LAN). - Page 51 Configuring other Routers on you LAN All traffic for devices not on the local LAN must be forwarded to the XC-DPG603 so that they can be forwarded to the Internet. This is done by configuring other Routers to use the XC-DPG603 as the Default Route or Default Gateway, as illustrated by the example below: Configuration settings for the LAN shown with 2...
-
Page 52: Appendices
XC-DPG603 → Twin WAN DNS VPN Gateway Chapter Contents • Appendix A - Specifications • Appendix B - Windows TCP/IP Setup • Appendix C - Troubleshooting Appendices Appendix A Specifications XC-DPG603 Model 245mm (W) x 137mm (D) x 30mm (H) Dimensions 0°... -
Page 53: Appendix B
DNS address or addresses provided by your ISP, then click OK. On the Gateway tab, enter the IP address of the XC-DPG603 in the New Gateway field and click Add, as shown below. (Your LAN administrator can advise you of the IP Address they assigned to the XC-DPG603) Figure C. - Page 54 If your PC is already configured, check with your network administrator before making the following changes: Enter the IP address of the XC-DPG603 in the Default gateway field and click OK. (Your LAN administrator can advise you of the IP Address they assigned to the XC-DPG603) If the DNS Server fields are empty, select Use the following DNS server addresses.
- Page 55 If your PC is already configured, check with your network administrator before making the following changes. Enter the IP address of the XC-DPG603 in the Default gateway field and click OK. (Your LAN administrator can advise you of the IP Address they assigned to the XC-DPG603) If the DNS Server fields are empty, select Use the following DNS server addresses.
-
Page 56: Appendix C
Overview This chapter covers some common problems that may be encountered while using the XC-DPG603 and some possible solutions to them. If you follow the suggested steps and the XC-DPG603 still does not function properly, contact XiNCOM for further advice.