1. Manuals
  2. Brands
  3. Billion Manuals
  4. Network Router
  5. BiPAC 7402G
  6. User manual

Billion BIPAC 7402G User Manual

802.11g adsl vpn firewall router
Hide thumbs Also See for BIPAC 7402G:
Table of Contents

Advertisement

Quick Links

Download this manual
BIPAC 7402G
802.11g ADSL VPN Firewall Router
User's Manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the BIPAC 7402G and is the answer not in the manual?

Questions and answers

Related Manuals for Billion BIPAC 7402G

Summary of Contents for Billion BIPAC 7402G

  • Page 1 BIPAC 7402G 802.11g ADSL VPN Firewall Router User’s Manual...

  • Page 3: Table Of Contents

    CHAPTER 1: INTRODUCTION ......................1 BIPAC 7402G R ..................1 NTRODUCTION TO YOUR OUTER ..............................1 EATURES BIPAC 7402G ADSL R ................... 4 OUTER PPLICATION CHAPTER 2: INSTALLING THE ROUTER..................5 BIPAC 7402G ADSL R ............5 MPORTANT NOTE FOR USING THE OUTER ..........................
  • Page 4 System ..............................54 Time Zone............................54 Remote Access..........................55 Firmware Upgrade ........................56 Backup / Restore........................... 57 Restart Router..........................58 User Management......................... 59 Firewall and Access Control ......................60 General Settings..........................62 Packet Filter ..........................63 Intrusion Detection........................70 URL Filtering..........................72 Firewall Log ..........................

  • Page 5: Chapter 1: Introduction

    Chapter 1: Introduction Introduction to your BIPAC 7402G Router Welcome to the Billion BIPAC 7402G Router. The router is an “all-in-one” unit, combining an ADSL modem, IEEE 802.11g wireless access point, ADSL router with four-port 10/100M auto-crossover Switch, and Firewall, enabling you to maximize the potential of your existing resources. The 7402G can provide everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection.
  • Page 6 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Universal Plug and Play (UPnP) and UPnP NAT Traversal This protocol is used to enable simple and robust connectivity among stand-alone devices PCs from many different vendors. It makes network simple and affordable for users. UPnP architecture leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices.
  • Page 7 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Dynamic Host Configuration Protocol (DHCP) client and server In the WAN site, the DHCP client can get an IP address from the Internet Service Provider (ISP) automatically. In the LAN site, the DHCP server can allocate a range of client IP addresses and distribute them including IP address, subnet mask as well as DNS IP address to local computers.

  • Page 8: Bipac 7402G Adsl Router Application

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router BIPAC 7402G ADSL Router Application Figure 1.1 Application Diagram of BIPAC 7402G Thank you for your purchase, and welcome to the world of broadband Internet! Chapter 1: Introduction...

  • Page 9: Chapter 2: Installing The Router

    DO NOT use the same power source for the BIPAC 7402G as other equipment. DO NOT open or repair the case yourself. If the BIPAC 7402G is too Warning hot, turn off the power immediately and have it repaired at a qualified service center.

  • Page 10: The Front Leds

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router The Front LEDs WLAN PPP/MAIL ADSL Meaning Lit steady when there is a PPPoA / PPPoE connection. PPP / MAIL Lit and flashed periodically when there is email in the Inbox. When lit, it indicates that the ADSL (Line) port is connected to the ADSL DSLAM and working properly.

  • Page 11: The Rear Ports

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router The Rear Ports Port Meaning Power Switch Power ON/OFF switch Connect the supplied power adapter to this jack. After the device is powered on, press it to reset the device or restore to factory default settings.

  • Page 12: Cabling

    ADSL line LEDs are lit. If they are not, verify that you are using the proper cables. Ensure that all other devices connected to the same telephone line as your Billion router (e.g. telephones, fax machines, analogue modems) have a line filter connected between them and the wall socket (unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician), and ensure that all line filters are correctly installed and the right way around.

  • Page 13: Chapter 3: Basic Installation

    TCP/IP installed and configured to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as BIPAC 7402G. The default IP address of the router is 192.168.1.254 and the subnet mask is 255.255.255.0 (i.e. any attached PC must be in the same subnet, and have an IP address in the range of 192.168.1.1 to...
  • Page 14 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PC in Windows XP 1. Go to Start / Control Panel (in Classic View). In the Control Panel, double-click on Network Connections. Double-click Local Area Connection. (See Figure 3.1) Figure 3.1: LAN Area Connection 3.
  • Page 15 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router 4. Select Internet Protocol (TCP/IP) and click Properties. (See Figure 3.3) Figure 3.3: TCP / IP 5. Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons.

  • Page 16: Configuring Pc In Windows 2000

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PC in Windows 2000 Go to Start / Settings / Control Panel. In the Control Panel, double-click on Network and Dial-up Connections. Double-click Local Area Connection. (See Figure 3.5) Figure 3.5: LAN Area Connection In the Local Area Connection Status window, click Properties.
  • Page 17 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Select Internet Protocol (TCP/IP) and click Properties. (See Figure 3.7) Figure 3.7: TCP / IP Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons. (See Figure 3.8) Click OK to finish the configuration.

  • Page 18: Configuring Pc In Windows 95/98/Me

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PC in Windows 95/98/ME Go to Start / Settings / Control Panel. In the Control Panel, double- click on Network and choose the Configuration tab. Select TCP / IP -> NE2000...
  • Page 19 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Then select the DNS Configuration tab. (See Figure 3.11) Select the Disable DNS radio button and click OK to finish the configuration. Figure 3.11: DNS Configuration Chapter 3: Basic Installation...
  • Page 20 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PC in Windows NT4.0 Go to Start / Settings / Control Panel. In the Control Panel, double- click on Network and choose the Protocols tab. Select TCP/IP Protocol and click (See Figure 3.12) Properties.

  • Page 21: Factory Default Settings

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Factory Default Settings Before configuring your, you need to know the following default settings. Web Interface (Username and Password) Username: admin Password: admin The default username and password are “admin” and “admin” respectively.

  • Page 22: Information From Your Isp

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Information from your ISP Before configuring this device, you have to check with your ISP (Internet Service Provider) what kind of service is provided such as PPPoE, PPPoA, RFC1483, or IPoA. Gather the information as illustrated in the following table and keep it for reference...

  • Page 23: Configuring With Your Web Browser

    “Go”, a user name and password window prompt will appear. The default username and password are “admin” and “admin”. (See Figure 3.14) Figure 3.14: User name & Password Prompt Widonw Congratulation! You are now successfully logon to the BIPAC 7402G ADSL Router! Chapter 3: Basic Installation...

  • Page 24: Chapter 4: Configuration

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Chapter 4: Configuration At the configuration homepage, the left navigation pane where bookmarks are provided links you directly to the desired setup page, including: Status (ARP Table, Wireless Association Table, Routing Table, DHCP Table, PPTP Status,...

  • Page 25: Status

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Status ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Firewall –...

  • Page 26: Wireless Association Table

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Wireless Association Table IP Address: It is IP address of wireless client that joins this network. MAC: The MAC address of wireless client Chapter 4: Configuration...

  • Page 27: Routing Table

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Routing Table Routing Table Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use.

  • Page 28: Dhcp Table

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router DHCP Table Leased: The DHCP assigned IP addresses information. IP Address: A list of IP addresses of devices on your LAN (Local Area Network). Expired: The expired IP addresses information. Permanent: The fixed host mapping information Leased Table IP Address: The IP address that assigned to client.

  • Page 29: Pptp Status

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPTP Status This shows details of your configured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.

  • Page 30: Ipsec Status

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router IPSec Status This shows details of your configured IPSec VPN Connections. Name: The name you assigned to the particular VPN entry. Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected.

  • Page 31: L2Tp Status

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router L2TP Status This shows details of your configured L2TP VPN Connections. Name: The name you assigned to the particular L2TP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled.

  • Page 32: Event Log

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Event Log This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration –...

  • Page 33: Nat Sessions

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router NAT Sessions This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play). Please see the Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options.

  • Page 34: Quick Start

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Quick Start For detailed instructions on configuring your WAN settings, please see the WAN section of this manual. Usually, the only details you will need for the Quick Start wizard to get you online are your login (often in the form of username@ispname), your password and the encapsulation type.
  • Page 35 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Select the desired option from the list and click Apply to return to the Quick Start interface to continue configuring your ISP connection. Please note that the contents of this list will vary, depending on what is supported by your ISP.

  • Page 36: Configuration

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuration When you click this item, you get following sub-items to configure the ADSL router. LAN, WAN, System, Firewall, VPN, QoS, Virtual Server, Time Schedule and Advanced These functions are described below in the following sections.

  • Page 37: Ethernet Client Filter

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine(s) to access your LAN.
  • Page 38 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Active PC in LAN displays a list of individual Ethernet device’s IP Address & MAC Address which connecting to the router. You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table.

  • Page 39: Wireless

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Wireless Parameters WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.11g and 802.11b, device in your network, select Disable. Mode: The default setting is 802.11b+g (Mixed mode). If you do not know or have both 11g and 11b devices in your network, then keep the default in mixed mode.
  • Page 40 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Wireless Distribution System (WDS) It is a wireless access point mode that enables wireless link and communication with other access point. It is easy to be installed simply define peer’s MAC address of the connected AP.

  • Page 41: Wireless Security

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Wireless Security You can disable or enable with WPA or WEP for protecting wireless network. The default mode of wireless security is disabled. WPA Pre-Shared Key WPA Algorithms: TKIP (Temporal Key Integrity Protocol) utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers.
  • Page 42 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router WEP Encryption: To prevent unauthorized wireless stations from accessing data transmitted over the network, the router offers highly secure data encryption, known as WEP. If you require high security for transmissions, there are two alternatives to select from: WEP 64 and WEP 128. WEP 128 will offer increased security over WEP 64.

  • Page 43: Wireless Client (Mac Address) Filter

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Wireless Client (MAC Address) Filter The MAC Address supports up to 16 wireless network machines and helps you to manage your network control to accept traffic from specific authorized machines or to restrict unwanted machine(s) to access your LAN.
  • Page 44 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Associate Wireless Client displays a list of individual wireless device’s MAC Address that currently connects to the router. You can easily by checking the box next to the MAC address to be blocked or allowed. Then, Add to insert to the Wireless Client (MAC Address) Filter table.

  • Page 45: Dhcp Server

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router DHCP Server You can disable or enable the DHCP (Dynamic Host Configuration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically.

  • Page 46: Wan (Wide Area Network)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router WAN (Wide Area Network) WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the Internet. There are two items within the WAN section: ISP, DNS ADSL.
  • Page 47 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router RFC 1483 Routed Connections Description: Your description of this connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address.
  • Page 48 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router RFC 1483 Bridged Connections VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Encapsulation method: Select the encapsulation format, this is provided by your ISP.
  • Page 49 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
  • Page 50 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Connection: Always on: If you want the router to establish a PPPoA session when starting up and to automatically re-establish the PPPoA session when disconnected by the ISP. Connect to Demand: If you want to establish a PPPoA session only when there is a packet requesting access to the Internet (i.e.
  • Page 51 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Give DNSto DHCP Server: Similar to the above, but gives the DNS server address to the DHCP server. Discover Primary NBNS / Discover Secondary NBNS: This setting enables/disables whether the primary/secondary NBNS server address is requested from a remote PPP peer using IPCP.
  • Page 52 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router IPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
  • Page 53 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPPoE Connections Description: A user-definable name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single ISP account, sharing a single IP address.
  • Page 54 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Authentication Protocol: Default is Chap(Auto). Your ISP will advise you whether to use Chap or Pap. Connection: Always on: If you want the router to establish a PPPoE session when starting up and to automatically re-establish the PPPoE session when disconnected by the ISP.
  • Page 55 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router server IP address, it automatically gives the address to the local DNS client so that a connection can be established. Give DNS to DHCP Server: Similar to the above, but gives the DNS server address to the DHCP server.

  • Page 56: Dns

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. On the Internet, every host has a unique and user-friendly name (domain name) such as www.helloworld.com and an IP address. An IP address is a 32-bit number in the form of xxx.xxx.xxx.xxx, for example 192.168.1.254.

  • Page 57: Adsl

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router ADSL Connect Mode: The default setting is Multimode. This mode will automatically detect your ADSL line code, G.dmt, G.lite, and T1.413. But in some area, multimode cannot detect the ADSL line code well. If it is the case, please adjust the ADSL line code to G.dmt or T1.413 first. If it still fails, please try the other values such as ALCTL, ADI, etc.

  • Page 58: System

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router System There are six items within the System section: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart User Management. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network.

  • Page 59: Remote Access

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI.

  • Page 60: Firmware Upgrade

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Firmware Upgrade Your router’s “firmware” is the software that allows it to operate and provides all its functionality. Think of your router as a dedicated computer, and the firmware as the software it runs. Over time this software may be improved and modified, and your router allows you to upgrade the software it runs to take advantage of these changes.

  • Page 61: Backup / Restore

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Backup / Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes.

  • Page 62: Restart Router

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings.

  • Page 63: User Management

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router User Management In order to prevent unauthorized access to your router’s configuration interface, it requires all users to login with a password. You can set up multiple user accounts, each with their own password.

  • Page 64: Firewall And Access Control

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Firewall and Access Control Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. In addition to this, when using NAT (Network Address Translation.
  • Page 65 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router You can find six items under the Firewall section: General Settings, Packet Filter, Intrusion Detection, URL Filter Firewall Log. Chapter 4: Configuration...

  • Page 66: General Settings

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router General Settings You can choose not to enable Firewall, to add all filter rules by yourself, or enable the Firewall using preset filter rules and modify the port filter rules as required. The Packet Filter is used to filter packets based-on Applications (Port) or IP addresses.

  • Page 67: Packet Filter

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low). The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected.
  • Page 68 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Predefined Port Filters Rules The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1. (Note: Firewall – All Blocked/User-defined, you must define and create the port filter rules yourself.
  • Page 69 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Packet Filter – Add TCP/UDP Filter Rule Name: A user-defined name for identifying the application. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy. For setup and detail, refer to Time Schedule section Source IP Address(es) / Destination IP Address(es): This is the Address-Filter used to allow or block traffic to/from particular IP address(es).
  • Page 70 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Packet Filter – Add Raw IP Filter Rule Name: A user-defined name for identifying the rule. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy. For setup and detail, refer to Time Schedule section Protocol Number: Insert the port number, i.e.
  • Page 71 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring your firewall to allow for a publicly accessible web server on your LAN The predefined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to a high, medium or low security level.
  • Page 72 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring Packet Filter: Click Port Filters. You will then be presented with the predefined port filter rules screen (in this case for the low security level), shown below: Note: You may click the predefined rule instead of it.
  • Page 73 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router The new port filter rule for HTTP is shown below: 7. Configure your Virtual Server (“port forwarding”) settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server:...

  • Page 74: Intrusion Detection

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Intrusion Detection The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious.
  • Page 75 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not. Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING). For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log. It cannot protect against such attacks.

  • Page 76: Url Filtering

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router URL Filtering URL (Uniform Resource Locator – e.g. an address in the form of http://www.abcde.com http://www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements.
  • Page 77 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router For example, if the URL is http://www.abc.com/abcde.html, it will be dropped as the keyword “abcde” occurs in the URL. Domains Filtering: This function checks the domain name only, not the IP address, in URLs accessed against your list of domains to block or allow.
  • Page 78 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Restrict URL Features: This function enhances the restriction to your URL rules. Example: Andy wishes to disable all WEB traffic except for ones listed in the trusted domain, which would prevent Bobby from accessing other web sites.

  • Page 79: Firewall Log

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Firewall Log Firewall Log display log information of any unexpected action with your firewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling.

  • Page 80: Vpn (Virtual Private Networks)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router VPN (Virtual Private Networks) Virtual Private Networks is ways to establish secured communication tunnels to an organization’s network via the Internet. Your router supports three main types of VPN (Virtual Private Network),...
  • Page 81 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPTP Connection - Remote Access Connection Name: A user-defined name for the connection (e.g. “connection to office”). Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 82 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Idle Time: Auto-disconnect the VPN connection when there is no activity on the connection for a predetermined period of time. 0 means this connection is always on. Active as default route: Enables the default route.
  • Page 83 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPTP Connection - LAN to LAN Connection Name: A user-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 84 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Mode: You may select Stateful or Stateless mode. The key will be changed every 256 packets when you select Stateful mode. If you select Stateless mode, the key will be changed in each packet.

  • Page 85: Ipsec (Ip Security Protocol)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router IPSec (IP Security Protocol) Click Create to create a new IPSec VPN connection account. After you have created the IPSec connection, account information will be displayed. (See example above). Enable / Disable: This function activates or deactivates the IPSec connection. To wish interrupting the tunnel, check Disable radio button and click Apply button to deactivate the connection.
  • Page 86 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configure a new VPN Connection Connection Name: A user-defined name for the connection (e.g. “connection to office”). Local: Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host.
  • Page 87 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router MD5: A one-way hashing algorithm that produces a 128−bit hash. SHA1: A one-way hashing algorithm that produces a 160−bit hash. Encryption: Select the encryption method from the pull-down menu. There are several options, DES, 3DES, AES (128, 192 and 256) and NULL.
  • Page 88 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Advanced Option This function is only available after completed creating an IPSec account. Click Advanced Option to change the following settings: IKE (Internet key Exchange) Mode: Select IKE mode to Main mode or Aggressive mode. This IKE provides secured key generation and key management.
  • Page 89 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method. 3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption method. AES: Stands for Advanced Encryption Standards, you can use 128, 192 or 256 bits as encryption method.
  • Page 90 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Ping to the IP Internal (sec) Ping to the IP Action 0.0.0.0 0.0.0.0 2000 xxx.xxx.xxx.xxx (A valid IP Address) xxx.xxx.xxx.xxx(A valid IP Address) 2000 Yes, activate it in every 2000 second. Disconnection Time after no traffic: It is the NO Response time clock. When no traffic stage time is beyond the Disconnection time set, Router will automatically halt the tunnel connection and re-establish it base on the Reconnection Time set.

  • Page 91: L2Tp (Layer Two Tunneling Protocol)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router L2TP (Layer Two Tunneling Protocol) Two types of L2TP VPN are supported, Remote Access and LAN-to-LAN (please refer below for more information.). Click Create to create a new VPN connection account. After you have created L2TP connection, account status will be displayed. (See example above).
  • Page 92 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router L2TP Connection - Remote Access Connection Name: This allows you to identify this particular connection, e.g. “Connection to office”. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 93 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Authentication: Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit. There are three options, Message Digest 5 (MD5), Secure Hash Algorithm (SHA1) or NONE. SHA1 is more resistant to brute-force attacks than MD5, however it is slower.
  • Page 94 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router L2TP Connection - LAN to LAN Connection Name: A user-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 95 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Idle Time: Auto-disconnect the VPN connection when there is no activity on the connection for a predetermined period of time. 0 means this connection is always on. Click Apply after changing settings.
  • Page 96 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-in Connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows 2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
  • Page 97 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PPTP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure this IP is not used in the Office LAN. Item Function...
  • Page 98 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-out Connection A company’s office establishes a PPTP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
  • Page 99 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring the PPTP VPN in the Office You can either input the IP address (69.1.121.33 in this case) or hostname to reach the server. Item Function Description Connection Name VPN_PPTP Given name of PPTP connection...
  • Page 100 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a LAN-to-LAN PPTP VPN Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet.. The routers are installed in the head office and branch office accordingly.
  • Page 101 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PPTP VPN in the Head Office The IP address 192.168.1.201 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN.
  • Page 102 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring PPTP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router.
  • Page 103 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a IPSec LAN-to-LAN VPN Connection Table 3: Network Configuration and Security Plan Branch Office Head Office Local Network ID 192.168.0.0/24 192.168.1.0/24 Local Router IP 69.1.121.30 69.1.121.3 Remote Network ID 192.168.1.0/24 192.168.0.0/24...
  • Page 104 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring IPSec VPN in the Head Office Item Function Description Connection Name IPSec_HeadOffice Given a name of IPSec connection Subnet Check Subnet radio button IP Address 192.168.1.0 Head office network Netmask 255.255.255.0...
  • Page 105 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring IPSec VPN in the Branch Office Item Function Description IPSec_Branch Connection Name Given a name of IPSec connection Office Subnet Check Subnet radio button IP Address 192.168.0.0 Branch office network Netmask 255.255.255.0...
  • Page 106 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a IPSec Host-to-LAN VPN Connection Chapter 4: Configuration...
  • Page 107 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring IPSec VPN in the Office Item Function Description Connection Name IPSec Given a name of IPSec connection Subnet Check Subnet radio button IP Address 192.168.1.0 Head office network Netmask 255.255.255.0 IP address of the head office router (in Secure Gateway Address 69.121.1.30...
  • Page 108 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a L2TP VPN - Remote Access Dial-in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
  • Page 109 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring L2TP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure this IP is not used in the Office LAN. Item Function...
  • Page 110 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring a Remote Access L2TP VPN Dial-out Connection A company’s office establishes a L2TP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
  • Page 111 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring the L2TP VPN in the Office Item Function Description Connection Name VPN_L2TP Given name of L2TP connection Dial out Check Dial out Server IP Address (or 69.121.1.33 An Dialed server IP...
  • Page 112 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring your Router to Dial-in to the Server Currently, Microsoft Windows operation system does not support L2TP incoming service. Additional software may be required to set up your L2TP incoming service.
  • Page 113 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: Configuring LAN-to-LAN L2TP VPN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch office accordingly.
  • Page 114 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring L2TP VPN in the Head Office The IP address 192.168.1.200 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN.
  • Page 115 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuring L2TP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router.

  • Page 116: Qos (Quality Of Service)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router QoS (Quality of Service) QoS function helps you to control your network traffic for each application from LAN (Ethernet and/or Wireless) to WAN (Internet). It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream.

  • Page 117: Prioritization

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Prioritization There are three priority settings to be provided in the Router: High Normal (The default is normal priority for all of traffic without setting) And the balances of utilization for each priority are High (60%), Normal (30%) and Low (10%).
  • Page 118 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Table 4: DSCP Mapping Table DSCP Mapping Table (Wireless) ADSL Router Standard DSCP Disabled None Best Effort Best Effort (000000) Premium Express Forwarding (101110) Gold service (L) Class 1, Gold (001010) Gold service (M)

  • Page 119: Outbound Ip Throttling (Lan To Wan)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Outbound IP Throttling (LAN to WAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps.

  • Page 120: Inbound Ip Throttling (Wan To Lan)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Inbound IP Throttling (WAN to LAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps.
  • Page 121 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: QoS for your Network Connection Diagram VoIP Normal PCs Restricted Information and Settings Upstream: 928 kbps Downstream: 8 Mbps VoIP User : 192.168.1.1 Normal Users : 192.168.1.2~192.168.1.5 Restricted User: 192.168.1.100 Throughput...
  • Page 122 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Mission-critical application Mostly the VPN connection is mission-critical application for doing data exchange between head and branch office. The mission-critical application must be sent out smoothly without any dropping. Set priority as high level for preventing any other applications to saturate the bandwidth.
  • Page 123 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth; even the applications are located in the same level. Upstream: 928kbps (29*32kbps) Mission-critical Application: 192kbps (6*32kbps)

  • Page 124: Virtual Server ("Port Forwarding")

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Virtual Server (“Port Forwarding”) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre- assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”.

  • Page 125: Add Virtual Server

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Add Virtual Server Because NAT can act as a “natural” Internet firewall, your router protects your network from being accessed by outside users when using NAT, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network.
  • Page 126 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Internal IP Address: The private IP in the LAN network, which will be providing the virtual server application. List all existing PCs connecting to the network. You may assign a PC with IP address and MAC from this list.

  • Page 127: Edit Dmz Host

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Edit DMZ Host The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host, when a packet received does not use a port number used by any other Virtual Server entries.

  • Page 128: Edit One-To-One Nat (Network Address Translation)

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Edit One-to-One NAT (Network Address Translation) One-to-One NAT maps a specific private/local IP address to a global/public IP address. If you have multiple public/WAN IP addresses from you ISP, you are eligible for One-to-One NAT to utilize these IP addresses.
  • Page 129 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Time Schedule: A self-defined time period to enable your virtual server. You may specify a time schedule or Always on for the usage of this Virtual Server Entry. For setup and detail, refer to...
  • Page 130 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: List of some well-known and registered port numbers. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols. Port numbers range from 0 to 65535, but only ports numbers 0 to 1023 are reserved for privileged services and are designated as “well-known ports”...

  • Page 131: Time Schedule

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time profile, you may schedule specific day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications.

  • Page 132: Configuration Of Time Schedule

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Configuration of Time Schedule Edit a Time Slot Choose any Time Slot (ID 1 to ID 16) to edit, click Edit. Click Edit A detailed setting of this Time Slot will be shown.
  • Page 133 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Example: I need to reserve a specific time period for allocating bandwidth for my VPN-PPTP connection during weekdays except on Wednesday from 8:30AM to 1:45 PM (13:45 in 24hour clock) for business purpose.

  • Page 134: Advanced

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff.

  • Page 135: Dynamic Dns

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is...

  • Page 136: Check Emails

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Check Emails This function allows you to have the router check your POP3 mailbox for new Email messages. The Mail LED on your router will light when it detects new messages waiting for download. You may also view the status of this function using the Status –...

  • Page 137: Device Management

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Embedded Web Server HTTP Port: This is the port number the router’s embedded web server (for web-based configuration) will use.
  • Page 138 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Universal Plug and Play (UPnP) UPnP offers peer-to-peer network connectivity for PCs and other network devices, along with control and data transfer between devices. UPnP offers many advantages for users running NAT routers through UPnP NAT Traversal, and on supported systems makes tasks such as port forwarding much easier by letting the application control the required settings, removing the need for the user to control advanced configuration of their device.
  • Page 139 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router The following MIBs are supported: From RFC 1213 (MIB-II): System group Interfaces group Address Translation group IP group ICMP group TCP group UDP group EGP (not applicable) Transmission SNMP group From RFC1650 (EtherLike-MIB):...
  • Page 140 Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router PPP IP Group From RFC 1474 (PPP/Bridge MIB): PPP Bridge Group From RFC1573 (IfMIB): ifMIBObjects Group From RFC1695 (atmMIB): atmMIBObjects From RFC 1907 (SNMPv2): only snmpSetSerialNo OID Chapter 4: Configuration...

  • Page 141: Igmp

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router IGMP IGMP, known as Internet Group Management Protocol, is used to management hosts from multicast group. IGMP Forwarding: Accepting multicast packet. Default is set to Enable. IGMP Snooping: Allowing switched Ethernet to check and make correct forwarding decisions.

  • Page 142: Save Configuration To Flash

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Save Configuration to Flash After changing the router’s configuration settings, you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router. Click Save to write your new configuration to FLASH.

  • Page 143: Logout

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Logout To exit the router’s web interface, choose Logout. Please ensure that you have saved the configuration settings before you logout. Be aware that the router is restricted to only one PC accessing the configuration web pages at a time.

  • Page 144: Chapter 5: Troubleshooting

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Chapter 5: Troubleshooting If the router is not functioning properly, first check this chapter for simple troubleshooting before contacting your service provider or Billion’s support. Problems starting up the router Problem Corrective Action Check the connection between the adapter and the router.

  • Page 145: Problems With The Lan Interface

    Billion BIPAC 7402G 802.11g ADSL VPN Firewall Router Problems with the LAN Interface Problem Corrective Action Check the Ethernet LEDs on the front panel. The LED should be on for a Can’t ping any PCs on port that has a PC connected. If it is off, check the cables between your the LAN.

  • Page 146: Appendix A: Product Support And Contact Information

    Contact Billion AUSTRALIA http://www.billion.com.au/ ©2005 Billion Electric Co., Ltd. PC Range P/L. All Rights Reserved. WORLDWIDE http://www.billion.com/ Mac OS is a registered Trademark of Apple Computer, Inc. Windows 98, Windows NT, Windows 2000, Windows Me and Windows XP are registered Trademarks of Microsoft Corporation.

Table of Contents