1. Manuals
  2. Brands
  3. Comet Labs Manuals
  4. Network Router
  5. RF30
  6. User manual

Comet Labs RF30 User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Model : RF30

User Manual

V5.0
User Manual v5.0
1 / 203

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the RF30 and is the answer not in the manual?

Questions and answers

Related Manuals for Comet Labs RF30

Summary of Contents for Comet Labs RF30

  • Page 1: User Manual

    Model : RF30 User Manual V5.0 User Manual v5.0 1 / 203...
  • Page 2 RF30 User’s Manual (Updated December 14, 2005) Copyright Information © 2005 Cometlabs Electric Corporation, Ltd. The contents of this publication may not be reproduced in whole or in part, transcribed, stored, translated, or transmitted in any form or any means, without the prior written consent of Cometlabs Electric Corporation.
  • Page 3 DO NOT use the same power source for the RF30 as other equipment. DO NOT use your RF30 and any accessories outdoors. If you wall mount your RF30, make sure that no electrical, water or gas pipes will be damaged during installation.

  • Page 4: Table Of Contents

    CHAPTER 1: INTRODUCTION................10 1.1 O .......................10 VERVIEW 1.2 P ...................10 RODUCT IGHLIGHTS 1.2.1 I ......10 NCREASED ANDWIDTH CALABILITY AND ESILIENCE 1.2.2 V ............10 IRTUAL RIVATE ETWORK UPPORT 1.2.3 A ............... 11 DVANCED IREWALL ECURITY 1.2.4 I ..........11 NTELLIGENT ANDWIDTH ANAGEMENT 1.3 P ..................12...
  • Page 5 2.6.1 G VPN S ................30 ENERAL ETUP 2.6.2 VPN P ..............32 LANNING 2.6.3 C ..................33 ONCENTRATOR 3.1 O .......................34 VERVIEW 3.2 B ..................34 EFORE EGIN 3.3 C ................35 ONNECTING OUTER 3.4 C TCP/IP N ..........36 ONFIGURING S FOR ETWORKING 3.4.1 O ....................37 VERVIEW 3.4.2 W...
  • Page 6 4.2.8 IPS ....................75 4.3 Q ....................76 UICK TART 4.3.1 DCHP ......................76 4.3.2 S IP....................77 TATIC 4.3.3 PPP E.......................78 4.3.4 PPTP ......................79 4.3.5 B ....................80 4.4 C ....................81 ONFIGURATION 4.4.1 LAN......................82 4.4.1.1 Ethernet.....................82 4.4.1.2 DHCP Server ..................83 4.4.2 WAN ......................85 4.4.2.1 ISP Settings..................85 4.4.2.1.1 DHCP ..................87 4.4.2.1.2 Static IP ..................88 4.4.2.1.3 PPPoE..................89...
  • Page 7 ................139 EVER 5.1.3 LAN ............140 NTERNET 5.1.4 F ................140 ORGOT ASSWORD 5.2 LAN I ....................141 NTERFACE 5.2.1 C ’ RF30 LAN.............141 CCESS FROM THE 5.2.2 C ’ LAN............141 ON THE 5.2.3 C ’ ........141 CCESS ONFIGURATION NTERFACE 5.2.3.1 Pop-up Windows................143 5.2.3.2 Javascripts..................144...
  • Page 8 APPENDIX A: PRODUCT SPECIFICATIONS ..........150 APPENDIX B: CUSTOMER SUPPORT ..............152 APPENDIX C: FCC INTERFERENCE STATEMENT ........153 APPENDIX D: NETWORK, ROUTING, AND FIREWALL BASICS....154 D.1 N ..................154 ETWORK ASICS D.1.1 IP A ..................154 DDRESSES D.1.1.1 Net mask ..................154 D.1.1.2 Subnet Addressing .................155 D.1.1.3 P IP A ...............155...
  • Page 9 APPENDIX F: IPSEC LOGS AND EVENTS............169 F.1 IPS ..............169 VENT ATEGORIES F.2 IPS ................169 VENT ABLE APPENDIX G: BANDWIDTH MANAGEMENT WITH QOS ......171 G.1 O .....................171 VERVIEW G.2 W ?..............171 HAT IS UALITY OF ERVICE G.3 H ?................172 G.4 Who Needs QoS? .................172 G.4.1 H ...................172 SERS...

  • Page 10: Chapter 1: Introduction

    Quality of Service (QoS) and Load Balancing features grant advanced users total control over their network and Internet connection. This manual illustrates the many features and functions of the RF30, and even takes you through the various ways you can apply this versatile device to your home or office.

  • Page 11: Advanced Firewall Security

    1.2.4 Intelligent Bandwidth Management The RF30 utilizes Quality of Service (QoS) to give you full control over the priority of both incoming and outgoing data, ensuring that critical data such as customer information moves through your network, even while under a heavy load.

  • Page 12: Package Contents

    1.3 Package Contents RF30 iBusiness Security Gateway SMB Bracket x 2 (for rack-mounting) Screw x 4 (for rack-mounting) Getting Started CD-ROM Quick Start Guide AC-DC Power Adapter (12VDC, 1A) 1.3.1 Front Panel Function Power A solid light indicates a steady connection to a power source.

  • Page 13: Rack Mounting

    DC12V Connect DC Power Adapter here. (12VDC) 1.3.3 Rack Mounting To rack mount the RF30, carefully secure the device to your rack on both sides using the included brackets and screws. See the diagram below for a more detailed explanation.

  • Page 14: Cabling

    One of the most common causes of networking problems is bad cabling. Make sure that all connected devices are turned on. On the front panel of the RF30, verify that the LAN link and WAN line LEDs are lit. If they are not, check to see that you are using the proper cabling.

  • Page 15: Chapter 2: Router Applications

    2.1 Overview Your RF30 Router is a versatile device that can be configured to not only protect your network from malicious attackers, but also ensure optimal usage of available bandwidth with Quality of Service (QoS) and both Inbound and Outbound Load Balancing.

  • Page 16: Qos Policies For Different Applications

    2.2.2 QoS Policies for Different Applications By setting different QoS policies according to the applications you are running, you can use the RF30 to optimize the bandwidth that is being used on your network. User Manual v5.0 16 / 203...
  • Page 17 VoIP Normal PCs Restricted PC As illustrated in the diagram above, applications such as Voiceover IP (VoIP) require low network latencies to function properly. If bandwidth is being used by other applications such as an FTP server, users using VoIP will experience network lag and/or service interruptions during use.

  • Page 18: Guaranteed / Maximum Bandwidth

    2.2.3 Guaranteed / Maximum Bandwidth Setting a Guaranteed Bandwidth ensures that a particular service receives a minimum percentage of bandwidth. For example, you can configure the RF30 to reserve 10% of the available bandwidth for a particular computer on the network to transfer files.

  • Page 19: Policy Based Traffic Shaping

    2.2.4 Policy Based Traffic Shaping Policy Based Traffic Shaping allows you to apply specific traffic policies across a range of IP addresses or ports. This is particularly useful for assigning different policies for different PCs on the network. Policy based traffic shaping lets you better manage your bandwidth, providing reliable Internet and network service to your organization.

  • Page 20: Priority Bandwidth Utilization

    2.2.5 Priority Bandwidth Utilization Assigning priority to a certain service allows the RF30 to give either a higher or lower priority to traffic from this particular service. Assigning a higher priority to an application ensures that it is processed ahead of applications with a lower priority and vice versa.

  • Page 21: Diffserv (Dscp Marking)

    2.2.7 DiffServ (DSCP Marking) DiffServ (a.k.a. DSCP Marking) allows you to classify traffic based on IP DSCP values. These markings can be used to identify traffic within the network, and other interfaces can match traffic based on the DSCP markings. DSCP markings are used to decide how packets should be treated, and is a useful tool to give precedence to varying types of data.

  • Page 22: Outbound Traffic

    2.3 Outbound Traffic This section outlines some of the ways you can use the RF30 to manage outbound traffic. 2.3.1 Outbound Fail Over Configuring the RF30 for Outbound Fail Over allows you to ensure that outgoing traffic is uninterrupted by having the RF30 default to WAN2 should WAN1 fail.

  • Page 23: Outbound Load Balancing

    In the above example, PC 1 (IP_192.168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_230.100.100.1) and WAN2 (IP_213.10.10.2) on the RF30. You can configure the RF30 to balance the load of each WAN port with one of two mechanisms: 1.

  • Page 24: Inbound Traffic

    In the above example, an FTP Server (IP_192.168.2.2) and an HTTP Server (IP_192.168.2.3) are connected to the Internet via WAN1 (ftp.Cometlabs.dyndns.org) on the RF30. A remote computer is trying to access these servers via the Internet. Under normal circumstances, the remote computer will gain access to the network via WAN1.

  • Page 25: Inbound Load Balancing

    WAN1 (www.Cometlabs2.dyndns.org) and WAN2 (www.Cometlabs3.dyndns.org) on the RF30. Remote PCs are attempting to access the servers via the Internet. Using Inbound Load Balancing, the RF30 can direct incoming requests to the correct WAN port based on group assignment. For example, a sales force can be directed to www.Cometlabs2.dyndns.org,...

  • Page 26: Dns Inbound

    WAN port. How the RF30 directs this traffic through the built-in DNS server depends on whether it is configured for Fail Over or Load Balancing. Learn how to make DNS Inbound on the RF30 work for you in the following section. User Manual v5.0...

  • Page 27: Dns Inbound Fail Over

    2.5.1 DNS Inbound Fail Over The RF30 can be configured to reply the WAN2 IP address for the DNS domain name request should WAN1 fail. In the above example, an FTP Server (IP_192.168.2.2) and an HTTP Server (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_200.200.200.1) on the RF30.

  • Page 28: Dns Inbound Load Balancing

    WAN port based on the amount of load each WAN port is currently experiencing. If WAN2 is experiencing a heavy load, the RF30 responds to incoming DNS requests with WAN1. By balancing the load between WAN1 and...
  • Page 29 WAN1 and WAN2 and decide which WAN IP to reply to the request (3). After the decision is made, the RF30 will route the DNS reply to the user through WAN2 (4). The user will receive the DNS reply with the IP address of WAN1 (5). The browser will initiate an HTTP request to the WAN1 IP address (6).

  • Page 30: Virtual Private Networking

    As such, it is perfect for connecting branch offices to headquarters across the Internet in a secure fashion. The following section discusses Virtual Private Networking with the RF30. 2.6.1 General VPN Setup There are typically three different VPN scenarios. The first is a Gateway to Gateway setup, where two remote gateways communicate over the Internet via a secure tunnel.
  • Page 31 VPN provide a flexible, cost-efficient, and reliable way for companies of all sizes to stay connected. One of the most important steps in setting up a VPN is proper planning. The following sections demonstrate the various ways of using the RF30 to setup your VPN.

  • Page 32: Vpn Planning - Fail Over

    2.6.2 VPN Planning - Fail Over Configuring your VPN with Fail Over allows the RF30 to automatically default to WAN2 should WAN1 fail. Because the dynamic domain name RF30.cometlabs.com is configured for both WAN1 and WAN2, the active WAN port will announce the domain name through the WAN IP address.

  • Page 33: Concentrator

    VPN tunnel to headquarters with the exception of LAN-side traffic. This way, all branch offices can connect to each other through headquarters via the headquarters’ firewall management. You can also configure the RF30 to function as a VPN Concentrator: Please refer to appendix H for example settings.

  • Page 34: Overview

    Linux, Mac OS, and Windows 98/Me/NT/2000/XP operating systems. The following chapter takes you through the very first steps to configuring your network for the RF30. Take a look and see how easy it is to get your network up and running.

  • Page 35: Connecting Your Router

    Connecting the RF30 is an easy three-step process: 1. Connect the RF30 to your LAN by connecting Ethernet cables from your networked PCs to the LAN ports on the router. Connect the RF30 to your broadband Internet connection via router’s WAN port.

  • Page 36: Configuring Pcs For Tcp/Ip Networking

    1. Have a properly installed and functioning Ethernet Network Interface Card (NIC). 2. Be connected to the RF30, either directly or through an external repeater hub via an Ethernet cable. 3. Have TCP/IP installed and configured with an IP address.

  • Page 37: Overview

    If you are using Windows 3.1, you must purchase a third-party TCP/IP application package. Any TCP/IP capable workstation can be used to communicate with or through the RF30. To configure other types of workstations, please consult the manufacturer’s documentation. User Manual v5.0...

  • Page 38: Windows Xp

    3.4.2 Windows XP 3.4.2.1 Configuring 1. Select Start > Settings > Network Connections. 2. In the Network Connections window, right-click Local Area Connection and select Properties. User Manual v5.0 38 / 203...
  • Page 39 3. Select Internet Protocol (TCP/IP) and click Properties. 4a. To have your PC obtain an IP address automatically, select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons. User Manual v5.0 39 / 203...
  • Page 40 4b. To manually assign your PC a fixed IP address, select the Use the following IP address radio button and enter your desired IP address, subnet mask, and default gateway in the blanks provided. Remember that your PC must reside in the same subnet mask as the router.

  • Page 41: Verifying Settings

    3.4.2.2 Verifying Settings To verify your settings using a command prompt: 1. Click Start > Programs > Accessories > Command Prompt. 2. In the Command Prompt window, type ipconfig and then press ENTER. User Manual v5.0 41 / 203...
  • Page 42 If you are using the RF30’s default settings, your PC should have: - An IP address between 192.168.1.1 and 192.168.1.253 - A subnet mask of 255.255.255.0 To verify your settings using the Windows XP GUI: 1. Click Start > Settings > Network Connections.
  • Page 43 2. Right click one of the network connections listed and select Status from the pop-up menu. 3. Click the Support tab. User Manual v5.0 43 / 203...
  • Page 44 If you are using the RF30’s default settings, your PC should: - Have an IP address between 192.168.1.1 and 192.168.1.253 - Have a subnet mask of 255.255.255.0 User Manual v5.0 44 / 203...

  • Page 45: Windows 2000

    3.4.3 Windows 2000 3.4.3.1 Configuring 1. Select Start > Settings > Control Panel. 2. In the Control Panel window, double-click Network and Dial-up Connections. User Manual v5.0 45 / 203...
  • Page 46 3. In Network and Dial-up Connections, double-click Local Area Connection. 4. In the Local Area Connection window, click Properties. User Manual v5.0 46 / 203...
  • Page 47 5. Select Internet Protocol (TCP/IP) and click Properties. 6a. To have your PC obtain an IP address automatically, select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons. User Manual v5.0 47 / 203...
  • Page 48 6b. To manually assign your PC a fixed IP address, select the Use the following IP address radio button and enter your desired IP address, subnet mask, and default gateway in the blanks provided. Remember that your PC must reside in the same subnet mask as the router.

  • Page 49: Verifying Settings

    1. Click Start > Programs > Accessories > Command Prompt. 2. In the Command Prompt window, type ipconfig and then press ENTER. If you are using the RF30’s default settings, your PC should have: - An IP address between 192.168.1.1 and 192.168.1.253 - A subnet mask of 255.255.255.0...

  • Page 50: Windows 98 / Me

    3.4.4 Windows 98 / Me 3.4.4.1 Installing Components To prepare Windows 98/Me PCs for TCP/IP networking, you may need to manually install TCP/IP on each PC. To do this, follow the steps below. Be sure to have your Windows CD handy, as you may need to insert it during the installation process. 1.
  • Page 51 You must have the following installed: - An Ethernet adapter - TCP/IP protocol - Client for Microsoft Networks User Manual v5.0 51 / 203...
  • Page 52 If you need to install a new Ethernet adapter, follow these steps: a. Click Add. b. Select Adapter, then Add. c. Select the manufacturer and model of your Ethernet adapter, then click OK. User Manual v5.0 52 / 203...
  • Page 53 If you need TCP/IP: a. Click Add. b. Select Protocol, then click Add. c. Select Microsoft. TCP/IP, then OK. User Manual v5.0 53 / 203...
  • Page 54 If you need Client for Microsoft Networks: a. Click Add. b. Select Client, then click Add. c. Select Microsoft. Client for Microsoft Networks, and then click OK. 3. Restart your PC to apply your changes. User Manual v5.0 54 / 203...

  • Page 55: Configuring

    3.4.4.2 Configuring 1. Select Start > Settings > Control Panel. 2. In the Control Panel, double-click Network and choose the Configuration tab. User Manual v5.0 55 / 203...
  • Page 56 3. Select TCP / IP > ASUSTek or the name of any Network Interface Card (NIC) in your PC and click Properties. User Manual v5.0 56 / 203...
  • Page 57 4. Select the IP Address tab and click the Obtain an IP address automatically radio button. 5. Select the DNS Configuration tab and select the Disable DNS radio button. User Manual v5.0 57 / 203...
  • Page 58 6. Click OK to apply the configuration. User Manual v5.0 58 / 203...

  • Page 59: Verifying Settings

    3.4.4.3 Verifying Settings To check the TCP/IP configuration, use the winipcfg.exe utility: 1. Select Start > Run. 2. Type winipcfg, and then click OK. 3. From the drop-down box, select your Ethernet adapter. User Manual v5.0 59 / 203...
  • Page 60 The window is updated to show your settings. Using the default RF30 settings, your PC should have: - An IP address between 192.168.1.1 and 192.168.1.253 - A subnet mask of 255.255.255.0 - A default gateway of 192.168.1.254 User Manual v5.0...

  • Page 61: Factory Default Settings

    The default user name and password are "admin" and "admin" respectively. If you ever forget your user name and/or password, you can restore your RF30 to its factory settings by holding the Reset button on the back of your router until the Status LED begins to blink.

  • Page 62: Lan And Wan Port Addresses

    3.5.2 LAN and WAN Port Addresses The default values for LAN and WAN ports are shown below: LAN Port WAN Port IP address 192.168.1.254 The DHCP Client is enabled to automatically get the WAN port Subnet Mask 255.255.255.0 configuration from the ISP. DHCP server Enabled function...

  • Page 63: Information From Your Isp

    If your account uses PPP over Ethernet (PPPoE), you will need to enter your login name and password when configuring your RF30. After the network and firewall are configured, the RF30 will login automatically, and you will no longer need to run the login program from your PC.

  • Page 64: Configuration Information

    ISP, you need to copy the configuration information from your PC’s Network TCP/IP Properties window before reconfiguring your computer for use with the RF30. The following sections describe how you can obtain this information. 3.6.2.1 Windows This section uses illustrations from Windows XP.
  • Page 65 2. Double-click the Network icon. 3. In the Network Connections window, right-click Local Area Connection and select Properties. User Manual v5.0 65 / 203...
  • Page 66 4. Select Internet Protocol (TCP/IP) and click Properties. 5. If an IP address, subnet mask and a Default gateway are shown, write down the information. If no address is present, your account’s IP address is dynamically assigned. Click the Obtain an IP address automatically radio button. User Manual v5.0 66 / 203...
  • Page 67 6. If any DNS server addresses are shown, write them down. Click the Obtain DNS server address automatically radio button. 7. Click OK to save your changes. User Manual v5.0 67 / 203...

  • Page 68: Web Configuration Interface

    Web Configuration Interface. If the Web Configuration Interface appears, congratulations! You are now ready to configure your RF30. If you are having trouble accessing the interface, please refer to Chapter 5: Troubleshooting for possible resolutions. User Manual v5.0...

  • Page 69: Chapter 4: Router Configuration

    4.1 Overview The Web Configuration Interface makes it easy for you to manage your network via any PC connected to it. On the Web Configuration homepage, you will see the navigation pane located on the left hand side. From it, you will be able to select various options used to configure your router.

  • Page 70: Status

    Configuration Interface. 4.2 Status The Status menu displays the various options that have been selected and a number of statistics about your RF30. In this menu, you will find the following sections: - ARP Table - Routing Table - DHCP Table...

  • Page 71: Arp Table

    4.2.1 ARP Table The Address Resolution Protocol (ARP) Table shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is a quick way to determine the MAC address of your PC’s network interface to use with the router’s Firewall – MAC Address Filter function.

  • Page 72: Routing Table

    4.2.2 Routing Table The Routing Table displays the current path for transmitted packets. Both static and dynamic routes are displayed. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use.

  • Page 73: Ipsec Status

    4.2.4 IPSec Status The IPSec Status window displays the status of the IPSec Tunnels that are currently configured on your RF30. * % + # & * % + # & * % + ! * % + ' # * % + 4.2.5 PPTP Status...

  • Page 74: Traffic Statistics

    WAN2: Transmitted (Tx) and Received (Rx) bytes and packets for WAN2. Display: Allows you to change the units of measurement for the traffic graph. 4.2.7 System Log This window displays the RF30’s System Log entries. Major events are logged on this window. User Manual v5.0...

  • Page 75: Ipsec Log

    Refresh: Refresh the System Log. Clear Log: Clear the System Log. Send Log: Send the System Log to your email account. You can set the email address in Configuration > System > Email Alert. See the Email Alert section for more details.

  • Page 76: Quick Start

    4.3 Quick Start The Quick Start menu allows you to quickly configure your network for Internet access using the most basic settings. Connection Method: Select your router’s connection to the Internet. Selections include Obtain an IP Address Automatically, Static IP Settings, PPPoE Settings, PPTP Settings, and Big Pond Settings.

  • Page 77: Static Ip

    4.3.2 Static IP IP assigned by your ISP: Enter the assigned IP address from your IP. IP Subnet Mask: Enter your IP subnet mask. ISP Gateway Address: Enter your ISP gateway address. Primary DNS: Enter your primary DNS. Secondary DNS: Enter your secondary DNS. Click Apply to save your changes.

  • Page 78: Pppoe

    4.3.3 PPPoE Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. Connection: Select whether the connection should Always Connect or Trigger on Demand. If you want the router to establish a PPPoE session when starting up and to automatically re-establish the PPPoE session when disconnected by the ISP, select Always Connect.

  • Page 79: Pptp

    4.3.4 PPTP Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. PPTP Client IP: Enter the PPTP Client IP provided by your ISP. PPTP Client IP Netmask: Enter the PPTP Client IP Netmask provided by your ISP. PPTP Client IP Gateway: Enter the PPTP Client IP Gateway provided by your ISP.

  • Page 80: Big Pond

    4.3.5 Big Pond Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. Login Server: Enter the IP of the Login server provided by your ISP. Click Apply to save your changes. To reset to defaults, click Reset. For detailed instructions on configuring WAN settings, please refer to the WAN section of this chapter.

  • Page 81: Configuration

    4.4 Configuration The Configuration menu allows you to set many of the operating parameters of the RF30. In this menu, you will find the following sections: - LAN - WAN - Dual WAN - System - Firewall - IPSec - QoS...

  • Page 82: Lan

    4.4.1 LAN There are two items within this section: Ethernet and DHCP Server. 4.4.1.1 Ethernet IP Address: Enter the internal LAN IP address for the RF30 (192.168.1.254 by default). Subnet Mask: Enter the subnet mask (255.255.255.0 by default). RIP: RIP v2 Broadcast and RIP v2 Multicast. Check to enable RIP.

  • Page 83: Dhcp Server

    4.4.1.2 DHCP Server In this menu, you can disable or enable the Dynamic Host Configuration Protocol (DHCP) server. The DHCP protocol allows your RF30 to dynamically assign IP addresses to PCs on your network if they are configured to automatically obtain IP addresses.
  • Page 84 Fixed Host allows specific computer/network clients to have a reserved IP address. IP Address: Enter the IP address that you want to reserve for the above MAC address. MAC Address: Enter the MAC address of the PC or server you wish to be assigned a reserved IP.

  • Page 85: Wan

    4.4.2 WAN WAN refers to your Wide Area Network connection. In most cases, this means your router’s connection to the Internet through your ISP. The RF30 features Dual WAN capability. The WAN menu contains two items: ISP Settings and Bandwidth Settings.
  • Page 86 To edit any of these connections, click Edit. You will be taken to the following menu. Connection Method: Select how your router will connect to the Internet. Selections include Obtain an IP Address Automatically, Static IP Settings, PPPoE Settings, PPTP Settings, and Big Pond Settings. For each WAN port, the factory default is DHCP.

  • Page 87: Dhcp

    4.4.2.1.1 DHCP Host Name: Some ISPs authenticate logins using this field. MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MAC address in the blanks below. DNS: If your ISP requires you to manually setup DNS settings, check the checkbox and enter your primary and secondary DNS.

  • Page 88: Static Ip

    4.4.2.1.2 Static IP IP assigned by your ISP: Enter the static IP assigned by your ISP. IP Subnet Mask: Enter the IP subnet mask provided by your ISP. ISP Gateway Address: Enter the ISP gateway address provided by your ISP. MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MAC address in the blanks below.

  • Page 89: Pppoe

    4.4.2.1.3 PPPoE Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. Connection: Select whether the connection should Always Connect or Trigger on Demand. If you want the router to establish a PPPoE session when starting up and to automatically re-establish the PPPoE session when disconnected by the ISP, select Always Connect.

  • Page 90: Pptp Settings

    4.4.2.1.4 PPTP Settings Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. PPTP Client IP: Enter the PPTP Client IP provided by your ISP. PPTP Client IP Netmask: Enter the PPTP Client IP Netmask provided by your ISP. PPTP Client IP Gateway: Enter the PPTP Client IP Gateway provided by your ISP.

  • Page 91: Big Pond Settings

    MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MAC address in the blanks below. DNS: If your ISP requires you to manually setup DNS settings, check the checkbox and enter your primary and secondary DNS. RIP: To activate RIP, select Send, Receive, or Both from the drop down menu.

  • Page 92: Bandwidth Settings

    4.4.2.2 Bandwidth Settings Under Bandwidth Settings, you can easily configure both inbound and outbound bandwidth for each WAN port. WAN1: Enter your ISP inbound and outbound bandwidth for WAN1. WAN2: Enter your ISP inbound and outbound bandwidth for WAN2. NOTE: These values entered here are referenced by both QoS and Load Balancing functions.

  • Page 93: Dual Wan

    4.4.3 Dual WAN In this section, you can setup the fail over or load balance function, outbound load balance or inbound load balance function, or setup specific protocol to bind with specific WAN port. In this menu are the following sections: General Settings, Outbound Load Balance, Inbound Load Balance, and Protocol Binding.

  • Page 94: Outbound Load Balance

    4.4.3.2 Outbound Load Balance Outbound Load Balancing on the RF30 can be based on one of two methods: 1. By session mechanism 2. By IP address hash mechanism Choose one by clicking the corresponding radio button. Based on Session Mechanism: The source IP address and destination IP address might go through WAN1 or WAN2 according to policy settings in this mechanism.
  • Page 95 Balance by Traffic weight: Balances traffic based on a traffic weight ratio. Enter the desired ratio into the blanks provided. Based on IP hash mechanism: The source IP address and destination IP address will go through specific WAN port (WAN1 or WAN2) according to policy settings in this mechanism.

  • Page 96: Inbound Load Balance

    4.4.3.3 Inbound Load Balance Function: Used to enable or disable inbound load balancing. DNS Server 1: DNS Server 1 settings including Host URL mappings. DNS Server 2: DNS Server 2 settings including Host URL mappings. To edit server settings, click Edit. The following example illustrates DNS Server 1 settings.
  • Page 97 SOA: Domain Name: The domain name of DNS Server 1. It is the name that you register on DNS organization. You have to fill-out the Fully Qualified Domain Name (FQDN) with an ending character (a dot) for this text field.(ex:abc.com.).When you enter the following domain name, you can only input different chars without an ending dot, its name is then added with domain name, and it becomes FQDN.
  • Page 98 To edit the Host Mapping URL list, click Edit. This will open the Host Mapping URL table, which lists the current Host Mapping URLs. To add a host mapping URL to the list, click Create. User Manual v5.0 98 / 203...

  • Page 99: Protocol Binding

    Domain Name: The domain name of the local host. Host URL: The URL to be mapped. Private IP Address: The IP address of the local host. Port Range: The port range of all incoming packets are accepted and processed by a local host with the specified private IP address.
  • Page 100 " Interface: Choose which WAN port to use: WAN1, WAN2 Packet Type: The particular protocol of Internet traffic for the specified policy. Choose from TCP, UDP, or Any. Source IP Range: All Source IP: Click it to specify all source IPs. Specified Source IP: Click to specify a specific source IP address and source IP netmask.

  • Page 101: System

    4.4.4 System The System menu allows you to adjust a variety of basic router settings, upgrade firmware, set up remote access, and more. In this menu are the following sections: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart, Password, System Log and Email Alert. 4.4.4.1 Time Zone User Manual v5.0 101 / 203...

  • Page 102: Remote Access

    The RF30 does not use an onboard real time clock; instead, it uses the Network Time Protocol (NTP) to acquire the current time from an NTP server outside your network. Simply choose your local time zone, enter NTP Server IP Address, and click Apply.

  • Page 103: Firmware Upgrade

    To upgrade your firmware, simply visit Cometlabs’s website (http://www.Cometlabs.com) and download the latest firmware image file for the RF30. Next, click Browse and select the newly downloaded firmware file. Click Upgrade to complete the update.

  • Page 104: Backup / Restore

    4.4.4.4 Backup / Restore This feature allows you to save and backup your router’s current settings, or restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy. It is advisable to backup your router’s settings before making any significant changes to your router’s configuration.

  • Page 105: Restart Router

    Default Settings and click Restart to reboot the RF30 with factory default settings. You may also reset your router to factory default settings by holding the Reset button on the router until the Status LED begins to blink. Once the RF30 completes the boot sequence, the Status LED will stop blinking.

  • Page 106: Password

    4.4.4.6 Password In order to prevent unauthorized access to your router’s configuration interface, it requires the administrator to login with a password. You can change your password by entering your new password in both fields. Click Apply to save your changes. Click Reset to reset to the default administration password (admin).

  • Page 107: System Log Server

    4.4.4.7 System Log Server This function allows the RF30 to send system logs to an external Syslog Server. Syslog is an industry-standard protocol used to capture information about network activity. To enable this function, select the Enable radio button and enter your Syslog server IP address in the Log Server IP Address field.

  • Page 108: Email Alert

    4.4.4.8 Email Alert The Email Alert function allows a log of security-related events (such as System Log and IPSec Log) to be sent to a specified email address. Email Alert: You may enable or disable this function by selecting the appropriate radio button.

  • Page 109: Firewall

    4.4.5 Firewall The RF30 includes a full Stateful Packet Inspection (SPI) firewall for controlling Internet access from your LAN, and preventing attacks from hackers. Your router also acts as a "natural" Internet firewall when using Network Address Translation (NAT), as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet.

  • Page 110: Packet Filter

    4.4.5.1 Packet Filter The Packet Filter function is used to limit user access to certain sites on the Internet or LAN. The Filter Table displays all current filter rules. If there is an entry in the Filter Table, you can click Edit to modify the setting of this entry, or click Delete to remove this entry.

  • Page 111: Url Filter

    4.4.5.2 URL Filter The URL Filter is a powerful tool that can be used to limit access to certain URLs on the Internet. You can block web sites based on keywords or even block out an entire domain. Certain web features can also be blocked to grant added security to your network.
  • Page 112 Enter a keyword to be filtered and click Apply. Your new keyword will be added to the filtered keyword listing. Domains Filtering: Click the top checkbox to enable this feature. You can also choose to disable all web traffic except for trusted sites by clicking the bottom checkbox. To edit the list of filtered domains, click Details.

  • Page 113: Lan Mac Filter

    Enter a name for the IP Address and then enter the IP address itself. Click Apply to save your changes. The IP address will be entered into the Exception List, and excluded from the URL filtering rules in effect. 4.4.5.3 LAN MAC Filter 2 ' ( 5 2 ' ( 5' 1 '...

  • Page 114: Block Wan Request

    4.4.5.4 Block WAN Request Blocking WAN requests is one way to prevent DDOS attacks by preventing ping requests from the Internet. Use this menu to enable or disable function. 4.4.5.5 Intrusion Detection 2 ' ( User Manual v5.0 114 / 203...

  • Page 115: Vpn

    4.4.6 VPN 4.4.6.1 IPSec IPSec is a set of protocols that enable Virtual Private Networks (VPN). VPN is a way to establish secured communication tunnels to an organization’s network via the Internet. 4.4.6.1.1 IPSec Wizard * % + &' ( $ &' ( , Auto: The device will automatically apply the tunnel to WAN1 or WAN2 depending on which WAN interface is active when the IPSec tunnel is being established.
  • Page 116 * % + / ! * % + " " # * % + 9 % ( & & " 9 % ( ) ( # 3 * # 4 User Manual v5.0 116 / 203...
  • Page 117 " # * % + 9 % ( * % ! & " * % ' " : ( . ( + / : ; ( . 0 ) ( # 3 * # 4 " - # * % + 9 % ( 9 % ( 9 % (...
  • Page 118 (4)LAN to Mobile Host: RF would like to establish an IPSec VPN tunnel withremote client software using Dynamic Internet IP by using aggressive mode. " * % ' " : ( . ( + / : ; ( . 0 7 "...

  • Page 119: Ipsec Policy

    4.4.6.1.2 IPSec Policy IPSec is a set of protocols that enable Virtual Private Networks (VPN). VPN is a way to establish secured communication tunnels to an organization’s network via the Internet. Click Create to create a new IPSec VPN connection account. User Manual v5.0 119 / 203...
  • Page 120 Configuring a New VPN Connection ' # ' * % + &' ( $ &' ( , &' ( $ &' ( , &' ( * % + < " = * 2 " ' &' ( $ 1 & & &' ( ' User Manual v5.0 120 / 203...
  • Page 121 1 & & " / & ' # 1 " &&& 9 % ( 1 < 5 : ( &&& " 9 % ( 1 < 5 & " / 34 2 5+ " / & 4 ' # # 1 "...
  • Page 122 & & " # # + ' + ' " + & # ; 8 ! 0 . * 8 0 / 6 + & # ; 8 ! 0 . * 8 0 / & # " ' - 0 + % .
  • Page 123 ! ' # ' * 8 0 " , A A ! ' # ' & * % + " * % + " * % + ! * % ! * % 9 % ( * % + * % + For examples on how to apply IPSec to your network, see Appendix F: IPSec Logs and Events.

  • Page 124: Pptp

    4.4.6.2 PPTP % % % . 9 % ( / 9 % ( % % % % % % + % % % ! " 1 8 1 1 8 8 ! 2 " 9 , & * % ' # $ B , $ C A $ # <...
  • Page 125 ! # + " + * % # % % % % " User Manual v5.0 125 / 203...

  • Page 126: Qos

    4.4.7 QoS The RF30 can optimize your bandwidth by assigning priority to both inbound and outbound data with QoS. This menu allows you to configure QoS for both inbound and outbound traffic. The first menu screen gives you an overview of which WAN ports currently have QoS active, and the bandwidth settings for each.
  • Page 127 To get started using QoS, you will need to establish QoS rules. These rules tell the RF30 how to handle both incoming and outgoing traffic. The following example shows you how to configure WAN1 Outbound QoS. Configuring the other traffic types follows the same process.
  • Page 128 Interface: The current traffic type. This can be WAN1 (outbound, inbound) and WAN2 (outbound, inbound). Application: User defined application name for the current rule. Packet Type: The type of packet this rule applies to. Choose from Any, TCP, UDP, or ICMP. Guaranteed: The guaranteed amount of bandwidth for this rule as a percentage.

  • Page 129: Virtual Server

    PCs. Please see the WAN Configuration section of this manual for more information on NAT. The RF30 can also be configured as a virtual server so that remote users accessing services such as Web or FTP services via the public (WAN) IP address can be automatically redirected to local servers in the LAN network.

  • Page 130: Dmz

    4.4.8.1 DMZ The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host, when a packet received does not use a port number used by any other Virtual Server entries.

  • Page 131: Port Forwarding Table

    4.4.8.2 Port Forwarding Table Because NAT can act as a "natural" Internet firewall, your router protects your network from being accessed by outside users, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network.

  • Page 132: Port Range Mapping

    4.4.8.2.1 Port Range Mapping This function allows any incoming data addressed to a range of service port numbers (from the Internet/WAN Port) to be re-directed to a particular LAN private/internal IP address. This option gives you the ability to handle applications that use more than one port such as games and audio/video conferencing.

  • Page 133: Port Redirection

    4.4.8.2.2 Port Redirection This function allows any incoming data addressed to a specific service port number (from the Internet/WAN Port) to be redirected to an internal IP address. Forwarding Mode: Click the Port Redirection radio button to change to Port Redirection mode.

  • Page 134: Advanced

    Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the RF30. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff.

  • Page 135: Dynamic Dns

    Destination: This is the destination subnet IP address. Netmask: This is the subnet mask of the destination IP addresses based on above destination subnet IP. Gateway: This is the gateway IP address to which packets are to be forwarded. Interface: Select the interface through which packets are to be forwarded. Cost: This is the same meaning as Hop.
  • Page 136 You will first need to register and establish an account with the Dynamic DNS provider using their website, Example: DYNDNS http://www.dyndns.org/ (RF30 supports several Dynamic DNS providers , such as www.dyndns.org www.orgdns.org , www.dhs.org, www.dyns.cx, www.3domain.hk, www.dyndns.org , www.3322.org ) Dynamic DNS: Disable: Check to disable the Dynamic DNS function.

  • Page 137: Device Management

    4.4.9.3 Device Management The Device Management Advanced Configuration settings allow you to control your router’s security options and device monitoring features. Device Name Name: Enter a name for this device. Web Server Settings HTTP Port: This is the port number the router’s embedded web server (for web-based configuration) will use.

  • Page 138: Save Configuration To Flash

    4.5 Save Configuration To Flash After changing the router’s configuration settings, you must save all of the configuration parameters to flash memory to avoid them being lost after turning off or resetting your router. Click Apply to write your new configuration to flash memory. 4.6 Logout To exit the router’s web interface, click Logout.

  • Page 139: Chapter 5: Troubleshooting

    5.1.2 LEDs Never Turn Off When your RF30 is turned on, the LEDs turn on for about 10 seconds and then turn off. If all the LEDs stay on, there may be a hardware problem. If all LEDs are still on one minute after powering up: - Cycle the power to see if the router recovers.

  • Page 140: Lan Or Internet Port Not On

    Please note that both the User Name and Password are case-sensitive. If this fails, you can restore your RF30 to its factory default settings by holding the Reset button on the back of your router until the Status LED begins to blink. Then enter the default User Name and Password to access your router.

  • Page 141: Lan Interface

    - Check the 10/100 LAN LEDs on the RF30’s front panel. One of these LEDs should be on. If they are both off, check the cables between the RF30 and the hub or PC. - Check the corresponding LAN LEDs on your PC’s Ethernet device are on.
  • Page 142 - Check to see if your browser had Java, JavaScript, or ActiveX enabled. If you are using Internet Explorer, click Refresh to ensure that the Java applet is loaded. - Try closing the browser and re-launching it. - Make sure you are using the correct User Name and Password. User Names and Passwords are case-sensitive, so make sure that CAPS LOCK is not on when entering this information.

  • Page 143: Pop-Up Windows

    To use the Web Configuration Interface, you need to disable pop-up blocking. You can either disable pop-up blocking, which is enabled by default in Windows XP Service Pack 2, or create an exception for your RF30’s IP address. Disabling All Pop-ups In Internet Explorer, select Tools >...

  • Page 144: Javascripts

    5.2.3.2 Javascripts If the Web Configuration Interface is not displaying properly in your browser, check to make sure that JavaScripts are allowed. 1. In Internet Explorer, click Tools > Internet Options. 2. Under the Security tab, click Custom Level. 3. Under Scripting, check to see if Active scripting is set to Enable. 4.

  • Page 145: Java Permissions

    5.2.3.3 Java Permissions The following Java Permissions should also be given for the Web Configuration Interface to display properly: 1. In Internet Explorer, click Tools > Internet Options. 2. Under the Security tab, click Custom Level. 3. Under Microsoft VM*, make sure that a safety level for Java permissions is selected.

  • Page 146: Wan Interface

    Password. Note that user names and passwords are case-sensitive. - If your ISP requires MAC address authentication, clone the MAC address from your PC on the LAN as the RF30’s WAN MAC address. - If your ISP requires host name authentication, configure your PC’s name as the RF30’s system name.

  • Page 147: Isp Connection

    Unless you have been assigned a static IP address by your ISP, your RF30 will need to request an IP address from the ISP in order to access the Internet. If your RF30 is unable to access the Internet, first determine if your router is able to obtain a WAN IP address from the ISP.
  • Page 148 If an IP address cannot be obtained: 1. Turn off the power to your cable or DSL modem. 2. Turn off the power to your RF30. 3. Wait five minutes and power on your cable or DSL modem. 4. When the modem has finished synchronizing with the ISP (generally shown by LEDs on the modem), turn on the power to your router.

  • Page 149: Problems With Date And Time

    5.5 Problems with Date and Time If the date and time is not being displayed correctly, be sure to set it for your RF30 via the Web Configuration Interface. Both date and time can be found under Configuration > System > Time Zone.

  • Page 150: Appendix A: Product Specifications

    Availability and Resilience - Dual-WAN ports - Load balancing for increased bandwidth of inbound and outbound traffic - Automatic failover to redirect the packet when one broadband connection is broken. It will keep your Internet connection always online whenever one connection should fail.
  • Page 151 - Supports DiffServ approach - Traffic prioritization and bandwidth management based-on IP protocol, port number and IP or MAC address Web-Based Management - Easy-to-use WEB interface - Firmware upgradeable via WEB interface - Local and remote management via HTTP & HTTPS Network Protocols and Features - Web Diagnostics - System Logs...

  • Page 152: Appendix B: Customer Support

    Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve the problem with the Troubleshooting chapter, please contact the dealer where you purchased this product. Worldwide http://www.Cometlabs.com/ User Manual v5.0 152 / 203...

  • Page 153: Appendix C: Fcc Interference Statement

    This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: - This device may not cause harmful interference. - This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.

  • Page 154: Appendix D: Network, Routing, And Firewall Basics

    D.1 Network Basics D.1.1 IP Addresses With the number of TCP/IP networks interconnected across the globe, ensuring that transmitted data reaches the correct destination requires each computer on the Internet has a unique identifier. This identifier is known as the IP address. The Internet Protocol (IP) uses a 32-bit address structure, and the address is usually written in dot notation.

  • Page 155: Subnet Addressing

    Instead of dotted-decimal notation, the net mask can also be written in terms of the number of ones from the left. This number is added to the IP address, following a backward slash (/). For example, a typical Class C address could be written as 192.168.234.245/24, which means that the net mask is 24 ones followed by 8 zeros.
  • Page 156 When assigning IP addresses to your private network, be sure to use IP addresses from these ranges. User Manual v5.0 156 / 203...

  • Page 157: Network Address Translation (Nat)

    In addition, other information such as gateway and DNS address can also be assigned with a DHCP server. When connecting to the ISP, the RF30 also functions as a DHCP client. The RF30 can automatically obtain an IP address, subnet mask, gateway address, and DNS server addresses if the ISP assigns this information via DHCP.

  • Page 158: Router Basics

    Routers can vary in performance and scale, the types of physical WAN connection they support, and the number of routing protocols supported. The RF30 offers a convenient and powerful way for small-to-medium businesses to connect their networks.

  • Page 159: Firewall Basics

    User-level applications such as Web browsers and FTP can make complex network traffic patterns, which the RF30 analyzes by looking at groups of connection states. All state information is stored in a central cache. Traffic passing through the firewall is analyzed against these states, and then is either allowed to pass through or rejected.

  • Page 160: Why Use A Firewall

    Internet. Still, there are ways for more dedicated hackers to either obtain information about your network or disrupt your network’s Internet access. Your RF30 provides an extra level of protection from such attacks with its built-in firewall.

  • Page 161: Appendix E: Virtual Private Networking

    E.1 What is a VPN? A Virtual Private Network (VPN) is a shared network where private data is segmented from other traffic so that only the intended recipient has access. It allows organizations to securely transmit data over a public medium like the Internet. VPNs utilize tunnels, which allow data to be safely delivered to the intended recipient.

  • Page 162: What Is Ipsec

    E.2 What is IPSec? Internet Protocol Security (IPSec) is a set of protocols and algorithms that provide data authentication, integrity, and confidentiality as data is transferred across IP networks. IPSec provides data security at the IP packet level, and protects against possible security risks by protecting data.

  • Page 163: Encapsulating Security Payload (Esp)

    A typical AH packet looks like this: Next Payload Reserved Header Length Sequence Number Authentication Data E.2.1.2 Encapsulating Security Payload (ESP) Encapsulating Security Payload (ESP) provides privacy for data through encryption. An encryption algorithm combines the data with a key to encrypt it. It then repackages the data using a special format, and transmits it to the destination.

  • Page 164: Security Associations (Sa)

    A typical ESP packet looks like this: Sequence Number Data Next Lengt Heade Authentication Data E.2.1.3 Security Associations (SA) Security Associations are a one-way relationships between sender and receiver that specify IPSec-related parameters. They provide data protection by using the defined IPSec protocols, and allow organizations to control according to the security policy in effect, which resources may communicate securely.

  • Page 165: Ipsec Modes

    E.2.2 IPSec Modes To exchange data between different types of VPNs, IPSec provides two major modes: - Tunnel Mode This mode is used for host-to-host security. Protection extends to the payload of IP data, and the IP addresses of the hosts must be public IP addresses. Transport Mode - This mode is used to provide data security between two networks.

  • Page 166: Tunnel Mode Ah

    E.2.3 Tunnel Mode AH AH is typically applied to a data packet in the following manner: < Data * % + Org IP Data New IP E.2.4 Tunnel Mode ESP Here is an example of a packet with ESP applied: <...

  • Page 167: Internet Key Exchange (Ike)

    E.2.5 Internet Key Exchange (IKE) Before either AH or ESP can be used, it is necessary for the two communication devices to exchange a secret key that the security protocols themselves will use. To do this, IPSec uses Internet Key Exchange (IKE) as a primary support protocol. IKE facilitates and automates the SA setup, and exchanges keys between parties transferring data.
  • Page 168 The following is an illustration on how data is handled with IKE: Aggressive Mode Main Mode * + ' 8 5% + ' * % + Quick Mode Quick Mode Without PFS With PFS 0 + % User Manual v5.0 168 / 203...

  • Page 169: Appendix F: Ipsec Logs And Events

    F.1 IPSec Log Event Categories There are three major categories of IPSec Log Events for your RF30. These include: 1. IKE Negotiate Packet Messages 2. Rejected IKE Messages 3. IKE Negotiated Status Messages The table in the following section lists the different events of each category, and provides a detailed explanation of each.
  • Page 170 response message of ISAKMP authentication. Received Aggressive mode Received the first message of aggressive mode. initial ISAKMP Message Send Aggressive mode first Sending the first response message of aggressive mode. Done to response message of ISAKMP exchange proposal and key values. Received Aggressive mode first Received the first response message of aggressive mode.

  • Page 171: Appendix G: Bandwidth Management With Qos

    Internet. When too many are accessing the Internet at the same time, service can slow to a crawl, causing service interruptions and general frustration. Quality of Service (QoS) is one of the ways the RF30 can optimize the use of bandwidth, ensuring a smooth and responsive Internet connection for all users.

  • Page 172: How Does Qos Work

    groups of users at home or in the office. QoS keeps your Internet connection smooth and responsive. G.3 How Does QoS Work? QoS employs three different methods for optimizing bandwidth: -Prioritization: Assigns different priority levels for different applications, prioritizing traffic. High, Normal and Low priority settings. -Outbound and Inbound IP Throttling: Controls network traffic and allows you to limit the speed of each application.

  • Page 173: Office Users

    Internet connection. QoS is designed for managing traffic flow and bandwidth to solve this problem. You can first classify different applications (online games, FTP, Skype, email) as shown in the table below. Then, you can manage and prioritize the flow of bandwidth at different levels (e.g. 30% for games, 20% for downloads, 10% for email, 20% for FTP, and 35% for others).

  • Page 174: Appendix H: Router Setup Examples

    H.1 Outbound Fail Over Step 1: Go to Configuration > WAN > ISP Settings. Select WAN1 and WAN2 and click Edit. Step 2: Configure WAN1 and WAN2 according to the information given by your ISP. User Manual v5.0 174 / 203...
  • Page 175 WAN ports are probed. Please ensure the WAN ports are functioning by performing a ping operation on each before proceeding. Finally, choose whether or not the RF30 should fail back to WAN1. Step 4: Click Save Config to save all changes to flash memory.

  • Page 176: Outbound Load Balancing

    H.2 Outbound Load Balancing With Outbound Load Balancing, you can improve upload performance by optimizing your connection via Dual WAN. To do this, follow these steps: Step 1: Go to Configuration > WAN > ISP Settings. Configure your WAN1 ISP settings and click Apply.
  • Page 177 Step 2: Configure your WAN2 ISP settings and click Apply. & ) User Manual v5.0 177 / 203...
  • Page 178 Step 4: Go to Configuration > Dual WAN > Outbound Load Balance. Choose the Load Balance mechanism you want and click Apply. Step 5: Complete. To check traffic statistics, go to Status > Traffic Statistics. Step 6: Click Save Config to save all changes to flash memory. User Manual v5.0 178 / 203...

  • Page 179: Inbound Fail Over

    H.3 Inbound Fail Over Configuring your RF30 for Inbound Fail Over is a great way to ensure a more reliable connection for incoming requests. To do so, follow these steps: NOTE: Before you begin, ensure that both WAN1 and WAN2 have been properly configured.
  • Page 180 Step 3: Go to Configuration > Advanced > Dynamic DNS. Set the WAN1 DDNS settings. Step 4: From the same menu, set the WAN2 DDNS settings. Step 5: Click Save Config to save all changes to flash memory. User Manual v5.0 180 / 203...

  • Page 181: Dns Inbound Fail Over

    H.4 DNS Inbound Fail Over NOTE: Before proceeding, please ensure that both WAN1 and WAN2 are properly configured according to the settings provided by your ISP. If not, please refer to Chapter 4.2.2.1 ISP Settings for details on how to configure your WAN ports. Step 1: Go to Configuration >...
  • Page 182 Step 2: Go to Configuration > Dual WAN > Inbound Load Balance. Select the Enable radio button and configure DNS Server 1 by clicking Edit. Step 3: Input DNS Server 1 settings and click Apply. User Manual v5.0 182 / 203...
  • Page 183 Step 4: Configure your Host URL Mapping for DNS Server 1 by clicking Edit to enter the Host URL Mappings List. Click Create and input the settings for Host URL Mappings and click New. Step 5: Click Save Config to save all changes to flash memory. User Manual v5.0 183 / 203...

  • Page 184: Dns Inbound Load Balancing

    H.5 DNS Inbound Load Balancing Step 1: Go to Configuration > Dual WAN > General Settings. Select the Load Balance radio button. User Manual v5.0 184 / 203...
  • Page 185 Step 2: Go to Configuration > Dual WAN > Inbound Load Balance > Server Settings and configure DNS Server 1. Step 3: Go to Configuration > Dual WAN > Inbound Load Balance > Host URL Mapping and configure your FTP mapping. User Manual v5.0 185 / 203...
  • Page 186 Step 4: Next configure your HTTP mapping. Step 5: Click Save Config to save all changes to flash memory. User Manual v5.0 186 / 203...

  • Page 187: Dynamic Dns Inbound Load Balancing

    H.6 Dynamic DNS Inbound Load Balancing Step 1: Go to Configuration > WAN > Bandwidth Settings. Configure your WAN inbound and outbound bandwidth. User Manual v5.0 187 / 203...
  • Page 188 Step 2: Go to Configuration > Dual WAN > General Settings and enable Load Balance mode. You may then decide whether to enable Service Detection or not. Step 3: Go to Configuration > Dual WAN > Outbound Load Balance. Choose your load balance policy and click Apply to apply your changes.
  • Page 189 Step 4: Go to Configuration > Advanced > Dynamic DNS and input the dynamic DNS settings for WAN1 and WAN2. WAN1: User Manual v5.0 189 / 203...
  • Page 190 WAN 2: Step 5: Go to Configuration > Virtual Server and set up a virtual server for both FTP and HTTP. User Manual v5.0 190 / 203...
  • Page 191 Step 6: Click Save Config to save all changes to flash memory. User Manual v5.0 191 / 203...

  • Page 192: Vpn Configuration

    H.7 VPN Configuration This section outlines some concrete examples on how you can configure the RF30 for your VPN. H.7.1 LAN to LAN Branch Office Head Office Local IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 192.168.0.0...
  • Page 193 IKE Pre-shared Key 12345678 12345678 Security Algorithm Main Mode; Main ESP: 3DES 3DES User Manual v5.0 193 / 203...

  • Page 194: Host To Lan

    H.7.2 Host to LAN Single client Head Office Local IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 0.0.0.0 192.168.1.0 Netmask 0.0.0.0 255.255.255.0 Remote Secure Gateway Address(or 69.121.1.3 69.121.1.30 Hostname) IP Address IP Address Data 69.121.1.3 69.121.1.30...
  • Page 195 Security Algorithm Main Mode; Main ESP: 3DES 3DES User Manual v5.0 195 / 203...

  • Page 196: Ip Sec Fail Over (Gateway To Gateway)

    H.8 IP Sec Fail Over (Gateway to Gateway) Step 1: Go to Configuration > Dual WAN > General Settings. Enable Fail Over by selecting the Fail Over radio button. Then, configure your Fail Over policy. User Manual v5.0 196 / 203...
  • Page 197 Step 2: Go to Configuration > Advanced > Dynamic DNS and configure your dynamic DNS settings (Both WAN1 and WAN2). Step 3: K 0 1 K 1 9 % ( User Manual v5.0 197 / 203...
  • Page 198 Step 4: Click Save Config to save all changes to flash memory. To configure the RF30 10 gateway, refer to the screenshot below. User Manual v5.0 198 / 203...

  • Page 199: Vpn Concentrator

    H.9 VPN Concentrator Step 1: K 0 1 K 1 User Manual v5.0 199 / 203...
  • Page 200 Step 2: K 0 1 K 1 Step 3: K 0 1 K 1 User Manual v5.0 200 / 203...
  • Page 201 Step 4: K 0 1 K 1 Step 5: Click Save Config to save all changes to flash memory. User Manual v5.0 201 / 203...

  • Page 202: Protocol Binding

    H.10 Protocol Binding Step 1: Go to Configuration > Dual WAN > General Settings. Select the Load Balancing radio button. Step 2: Go to Configuration > Dual WAN > Protocol Binding ‡and configure settings for WAN1. User Manual v5.0 202 / 203...
  • Page 203 Step 3: Go to Configuration > Dual WAN > Protocol Binding ‡and configure settings for WAN2. Step 4: Click Save Config to save all changes to flash memory. User Manual v5.0 203 / 203...

Table of Contents