Wireless Networking Gateway System Manual SW Version 2.
錯誤! 所指定的樣式的文字不存在文件中。錯誤! 尚未定義樣式。 刪除: Error! No text of specified style in document.
Legal Rights Legal Rights © Copyright Alvarion Ltd. (“Alvarion”). All rights reserved. The material contained herein is proprietary, privileged, and confidential. No disclosure thereof shall be made to third parties without the express written permission of Alvarion. Alvarion reserves the right to alter the equipment specifications and descriptions in this publication without prior notice.
Legal Rights Disclaimer (a) UNITS OF PRODUCT (INCLUDING ALL THE SOFTWARE) DELIVERED TO PURCHASER HEREUNDER ARE NOT FAULTTOLERANT AND ARE NOT DESIGNED, MANUFACTURED OR INTENDED FOR USE OR RESALE IN APPLICATIONS WHERE THE FAILURE, MALFUNCTION OR INACCURACY OF PRODUCTS CARRIES A RISK OF DEATH OR BODILY INJURY OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE (“HIGH RISK ACTIVITIES”).
Legal Rights (c) ALVARION SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THAT THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY PURCHASER’S OR ANY THIRD PERSON'S MISUSE, NEGLIGENCE, IMPROPER INSTALLATION OR IMPROPER TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING OR OTHER HAZARD.
Legal Rights FCC Radio Frequency Interference Statement The Subscriber Unit equipment has been tested and found to comply with the limits for a class B digital device, pursuant to part 15 of the FCC rules and to EN 301 489-1 rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a residential environment notwithstanding use in commercial, business and industrial environments.
Important Notice Important Notice This user manual is delivered subject to the following conditions and restrictions: This manual contains proprietary information belonging to Alvarion. Such information is supplied solely for the purpose of assisting properly authorized users of the respective Alvarion products.
Important Notice This page is intentionally left blank.
About this Manual This manual contains the following chapters: Chapter 1 – Product Description: Describes the Wireless Networking Gateway and its components. Chapter 2 – Installation: Describes how to install the system and its components. Chapter 3 – Operation and Administration: Describes how to use the web-based management application for configuring parameters and managing the Wireless Networking Gateway. Appendix A – Print Server: Describes how to configure the printer server.
刪除: Contents About this Manual This page is intentionally left blank.
Contents Chapter 1 - Product Description..............................................................1-1 Introducing the Wireless Networking Gateway IDU .................................. 1-2 Functions and Features .......................................................................... 1-3 Router Basic Functions ................................................................................ 1-3 Wireless Functions .......................................................................................
刪除: Contents Contents Introduction ........................................................................................... 3-2 Control Buttons .................................................................. 錯誤! 尚未定義書籤。 Accessing the Web Configuration Server.................................................. 3-3 Log in and Log out .................................................................................. 3-4 The Menu List........................................................................
Contents Dynamic DNS............................................................................................. 3-48 SNMP Setting ............................................................................................. 3-49 Routing Table............................................................................................. 3-50 Schedule Rule ............................................................................................ 3-52 Toolbox ................................................
刪除: Contents Contents This page is intentionally left blank.
Figures Figure 2-1: Front Panel ...................................................................................... 2-3 Figure 2-2: Rear Panel (without antenna) ........................................................... 2-5 Figure 3: Log In Window .................................................................................... 3-4 Figure 4: Networking Gateway Main Window...................................................... 3-5 Figure 5: System Status.................................................
刪除: Figures Figures Figure 23: Advanced Wireless Setting ...............................................................3-25 Figure 24: Change Password ............................................................................3-29 Figure 25: Security Setting Window ..................................................................3-30 Figure 26: Packet Filter Initial Window .............................................................3-31 Figure 27: Inbound Packet Filter – Example 1 ....................
Figures Figure 52: Packet Filter - Schedule Rule#1....................................................... 3-55 Figure 53: Toolbox ........................................................................................... 3-56 Figure 54: View System Log ............................................................................. 3-57 Figure 55: Firmware Upgrade........................................................................... 3-57 Figure 56: Backup ................................................
刪除: Figures Figures This page is intentionally left blank.
Tables Table 1-1: Radio Specifications .......................................................................... 1-6 Table 1-2: Regulatory Standards Compliance ..................................................... 1-6 Table 1-3: Environmental Specifications ............................................................ 1-7 Table 1-4: Mechanical Specifications.................................................................. 1-7 Table 1-5: Electrical Specifications.............................................
刪除: Tables Tables This page is intentionally left blank.
1 Chapter 1 - Product Description In this Chapter Introducing the Wireless Networking Gateway IDU, page 1-2 Functions and Features, page 1-3 Specifications, page 1-6
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Introducing the Wireless Networking Gateway IDU 刪除: Operation and Administration Alvarion's Wireless Networking Gateway Indoor Unit enables operators and service providers using Alvarion’s Broadband Wireless Access system to provide subscribers with a number of broadband services transparently. The Wireless Networking Gateway IDU together with the SU-ODU comprises a Subscriber Unit that provides data connections to the Base Station.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Functions and Features Router Basic Functions Auto-sensing Ethernet Switch Equipped with a 4-port auto-sensing Ethernet switch. Printer sharing Embedded print server to allow all of the networked computers to share one printer through the USB host port. WAN Types The router supports some WAN types, Static, Dynamic, PPPoE, PPTP, and Dynamic IP with Road Runner.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Wireless Functions High speed for wireless LAN connection Up to 54 Mbps data rate by incorporating Orthogonal Frequency Division Multiplexing (OFDM). IEEE 802.11b compatible (11M) Allowing inter-operation among multiple vendors. IEEE 802.11g compatible (54M) Allowing inter-operation among multiple vendors. Auto fallback 54M, 48M, 36M, 24M, 18M, 12M, 6M data rate with auto fallback in 802.11g mode. 22M, 11M, 5.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard DoS Attack Detection Support When this feature is enabled, the Wireless Networking Gateway detects and logs the DoS attack arriving from the Internet. Advanced Functions System Time Allows synchronizing system time with a network time server. E-mail Alert The Wireless Networking Gateway can be configured to send its info by mail. Dynamic DNS At present, the Wireless Networking Gateway supports 3 Dynamic DNSs:.dyndns, TZO.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Specifications Radio Specifications Table 錯誤! 尚未定義樣式。-1: Radio Specifications Item Description Frequency 2400-2483.5 MHz Wireless LAN Standards 刪除: 1 Compliant with IEEE 802.11b and IEEE 802.11g (WI-FI certified) Output Power 10, 12, 15, 17 dBm Data Rates IEEE 802.11g mode: 54M, 48M, 36M, 24M, 18M, 12M, 6M with auto fallback in. IEEE 802.11b mode: 11M, 5.5M, 2M, 1M with auto fallback in.
錯誤! 尚未定義樣式。 Environmental 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard 刪除: 1 Table 錯誤! 尚未定義樣式。-3: Environmental Specifications Item Details Operating 0 o C to 40 o C temperature Operating humidity 5%-95% non condensing Mechanical 刪除: 1 Table 錯誤! 尚未定義樣式。-4: Mechanical Specifications Item Details Dimensions (W x H x D) 190.5 x 26.2 x 111 mm Weight 0.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration This page is intentionally left blank.
2 Chapter 2 - Installation In this Chapter: Installation Requirements, page 2-2 Panels Layout and Components, page 2-3 Installation, page 2-6
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Installation Requirements Packing List Wireless Networking Gateway IDU Antenna Wall mounting kit Power Transformer Mains power cord Additional Installation Requirements Ethernet cable(s) for connecting to the end-user’s data equipment. Mains plug adapter or termination plug (if the power plug on the supplied AC power cord does not fit local power outlets).
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Panels Layout and Components Front Panel 刪除: 2 Figure 2-1: Front Panel Front Panel LEDs 刪除: 2 Table 2-1: Front Panel LEDs LED POWER Function Power Indication Status On WLAN Wireless LAN Blinking Activity USB USB Port Activity STATUS System Status Description Power is available. Sending or receiving data via wireless LAN On The USB port is linked. Blinking The USB port is sending or receiving data.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 LED LAN LINK/ACT 1~4 Function Status On LAN Status Blinking LAN SPEED 10/100 LAN Port 1~4 Data Rate ODU LINK/ACT ODU 10/100 ODU WLINK ODU Port Activity Description An active station is connected to the corresponding LAN port. The corresponding LAN port is sending or receiving data. On Data rate is 100 Mbps on the corresponding LAN port. Off Data rate is 10 Mbps on the corresponding LAN port. On The ODU port is connected to the ODU.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Rear Panel Components 刪除: 2 Figure 2-2: Rear Panel (without antenna) Rear Panel Connectors 刪除: 2 Table 2-2: Rear Panel Connectors Connector Description POWER DC Power Inlet from Power Transformer ODU Connection to ODU. Carries Ethernet, Power (55 VDC) and signaling. Port 1-4 LAN ports for networked computers and other devices. USB USB Host Port for a USB printer.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Installation The unit can be placed on a desktop or a shelf. Alternatively, it may be wall-mounted. The drilling template included with the unit can be used to simplify the wall installation process. For optimal performance, place the Wireless Networking Gateway in the center of your office (or your home), in a location that is away from any potential source of interference, such as a metal wall or microwave oven.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard 7. Connect the 10/100Base-T Ethernet connectors to the data equipment. The length of the Ethernet cables should not exceed 100m. 8. If a printer is to be used, connect it to the USB port using a standard USB cable. To configure the Print Server on your computer(s), refer to Appendix A - Print Server. 9. Configure the network settings of the computers for proper operation with the Wireless Networking Gateway.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration This page is intentionally left blank.
3 Chapter 3 - Operation and Administration In this Chapter Start-up and Log in on page 3-2 Status on page 3-7 Wizard on page 3-9 Basic Setting on page 3-11 Security Setting on page 3-30 NAT Setting on page 3-41 Advanced Settings on page 3-45 Toolbox on page 3-56
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Introduction The Wireless Networking Gateway IDU can be configured using the following methods: The Web Configuration Server An .cfg-file loaded into the unit from the web configuration server or TFTP. SNMP This document describes the configuration using the Web Configuration Server.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Accessing the Web Configuration Server Follow the steps below to access the Web Configuration Server: 1. Connect the unit to the AC mains. 2. If a DHCP server is being used, the unit may request an IP address during power up (depending on the .cfg file in the unit). 3. If fixed IP address should be used, proceed as follows: ¾ Unplug the power supply cable from the unit ¾ Press the Reset Router button on the front panel.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Log in and Log out After connection is established, the networking gateway web user interface appears. There are two entry levels: for general users and for system administrators. The menus and screens vary depending on entry level.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Figure 4: Networking Gateway Main Window The Menu List The Web Configuration Server view consists of a number of menu links (to the left). Clicking on each of them expands the menu node and displays the selected page with the applicable content (configurable parameters/options or status information) in the main area.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Clients List - TBD Reboot Virtual Computers - Enables to use the original NAT feature, and to set up the one-to-one mapping of multiple global IP address and local IP address. Figure 5: Virtual Computers ¾ Global IP - Enter the global IP address assigned by your ISP. ¾ Local IP - Enter the local IP address of your LAN PC corresponding to the global IP address.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Status The Status window appears in the main window upon successful log in. The window can be accessed at any time by clicking on the Status menu on the menu list. Figure 6: System Status The Status window provides information for observing the product's working status: Remaining Lease Time - A counter displaying the remaining time (in hh:mm:ss) in which the user will be allocated the specific IP address.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Peripheral Status: The USB Printer status: Not ready, when no 刪除: Operation and Administration printer is available. Ready, when a printer is connected and ready to print. Traffic Statistics- Enables to monitor inbound and outbound packets for WAN, LAN and wireless. In addition, the Status window includes the following control button: View Log – opens the log file for viewing. See View Log on page 3-56.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Wizard The Setup Wizard will guide you through the basic configuration procedure (recommended for most users). Figure 7: Setup Wizard 1. Click on Next. The Select WAN Type window appears. Figure 8: Setup Wizard - Select WAN Type 2. Follow the instructions on screen. Refer to Primary Setup – WAN Type on page 3-11 for details on each parameter. You can click Back at any time to return to previous screens and change your settings.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 When initial setting is complete, the following window appears: 刪除: Operation and Administration Figure 9: Setup Wizard - Configuration Completed 3. The configurations will be effective only after rebooting your computer. Click on Reboot to restart your computer. For more advance configurations, see details on the specific windows, below.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Basic Setting The Basic Setting window allows you to configure the settings for WAN, LAN, and Wireless and to change the password. Figure 10: Basic Setting WAN Setup Click on WAN Setup from the Basic Setting menu on the menu list. The Primary Setup window appears.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Figure 11: WAN Setup/Primary Setup From the WAN Setup window you can: Set the WAN type – allows you to select the WAN connection type of your ISP. Enter the Host Name (optional) Set WAN's MAC Address Enable/Disable Renew IP Forever NAT – Enable/Disable - When disabled, the gateway functions as a regular router as opposed to a NAT router. This option is available in the Primary Setup window for all WAN types.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard 1. Click Change. The Choose WAN Type window opens. Figure 12: Choose WAN Type 2. Select one of the following types: ¾ Static IP Address: The ISP provides you with a static IP address. ¾ Dynamic IP Address: Automatically obtain an IP address from the ISP. ¾ Dynamic IP Address with Road Runner Session Management. (e.g. Telstra BigPond) (default) ¾ PPP over Ethernet: Some ISPs require the use of PPPoE to connect to their services.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Static IP Address Figure 13: Primary Setup - Static IP Address Enter the settings provided by your ISP for WAN IP Address, Subnet Mask, Gateway, Primary and Secondary DNS.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Dynamic IP Address Figure 14: Primary Setup - Dynamic IP Address Host Name: optional. Required by some ISPs, for example, @Home. WAN's MAC Address – The gateway's pre-configured MAC Address. ¾ Clone MAC – Click to replace the Gateway's MAC Address with the PC's MAC Address. ¾ Restore MAC – When Clone MAC is activated, the button changes to Restore MAC, to enable to restore the unit's preconfigured MAC Address.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Dynamic IP Address with Road Runner Session Management 刪除: Operation and Administration Figure 15: Primary Setup - Dynamic IP Address with Road Runner Session Management Account – The account provided by your ISP. Password – The password provided by your ISP. If you do not want to change the password, leave empty. Login Server – The Login Server (optional). Leave empty if you want the default server.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard PPP over Ethernet Some ISPs require the use of PPPoE to connect to their services. If this is the case, click Change to select PPPoE as your WAN type. The Primary Setup window display changes to reflect the parameters for PPPoE. Figure 16: Primary Setup - PPPoE PPPoE Account – The account assigned to you by your ISP. PPPoE Password: the password assigned to you by your ISP. This field appears blank.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 ¾ Manually – The user manually performs the connection. 刪除: Operation and Administration Maximum Transmission Unit (MTU) - Most ISPs provide an MTU value to users. The most common MTU value is 1492 bytes. More >> - Click to display the following parameters: ¾ PPPoE Service Name (optional) - Directs to a PPPoE server. ¾ Assigned IP Address (optional) – Directs to a specific server.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard PPTP Some ISPs require the use of PPTP to connect to their services. Figure 17: Primary Setup - PPTP IP Mode – select one of the following options: ¾ Dynamic IP Address (this is the default setting) ¾ Static IP Address My IP Address – The private IP address assigned by your ISP. My Subnet Mask - The private subnet mask assigned by your ISP. WAN Gateway IP – The WAN Gateway IP address.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 ¾ Connect-on-demand – An IP address is automatically 刪除: Operation and Administration allocated whenever the user attempts to make a connection. ¾ Auto reconnect(Always-on) – The system automatically connects to the ISP after restart or after connection is dropped. ¾ Manually – The user manually performs the connection. LAN Setup Select Basic Setting > LAN Setup submenu on the menu list. The LAN Setup window opens. 刪除: Authentication for IP allocation.
錯誤! 尚未定義樣式。 ¾ Primary DNS – Specify the primary DNS for DHCP clients. ¾ Secondary DNS – Specify the secondary DNS for DHCP clients. ¾ Primary WINS – Specify the primary WINS address for DHCP clients. ¾ Secondary WINS – Specify the secondary WINS address for DHCP clients. ¾ Lease Time – The time set (in minutes) for IP allocation. DHCP Proxy – This parameter is available only when DHCP Server is disabled.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Figure 20: DHCP Clients List From the DHCP Clients List window you can: ¾ Wake up – TBD ¾ Delete – Delete the selected clients. ¾ Fixed Mapping – Opens the MAC Address Control window for assigning a specific IP address to the specified MAC address for DHCP clients (see MAC Address Control on page 3-25 for further details).
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Figure 21: MAC Address Control Wireless Setting Wireless settings allow you to set the wireless configuration items. CAUTION Changing any of the parameters may cause loss of wireless link connectivity to the unit if the settings do not match the settings on the User's PC. Figure 22: Wireless Setting Wireless – Enable/Disable – Check the Enable box to enable this service. The default setting is "Enable".
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Network ID (SSID): Network ID is used for identifying the Wireless 刪除: Operation and Administration LAN (WLAN). Client stations can roam freely over this product and other Access Points that have the same Network ID. (The factory setting is "default".) Channel: The radio channel number. The permissible channels depend on the Regulatory Domain.
錯誤! 尚未定義樣式。 ¾ WPA (Wi-Fi Protected Access) – improves data protection and 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard implements access control to Wireless LAN systems. Frames transmitted through a wireless module are encrypted using a Pre-share key (PSK) or a key received from the RADIUS server. RADIUS Server IP – The 802.1x server's IP address. 格式化: 項目符號及編號 RADIUS Port – The 802.1x server's service port.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 RTS Threshold – Specify the packet size above which a Request To 刪除: Operation and Administration Send will be performed (the range is 256~2432, the default is 2432). Fragmentation Threshold – Specify the packet size above which fragmentation will be performed (the range is 256~2346 even numbers only, the default is 2346). DTIM Interval – [TBD] Wireless Mode – The wireless mode supported: 802.11b, 802.11g, or both.
錯誤! 尚未定義樣式。 MAC Address Control – Check "Enable" to enable the MAC Address Control feature. Connection control – Check the "Connection control" check box to enable controlling which wired and wireless clients can connect to this device. If a client is denied the connection to this device, he will not be able to access the Internet either. Select allow/deny to allow or deny clients whose MAC addresses are not in the "Control table" (see below) to connect to this device. ("deny" is the default setting.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Control table - Each row in the control table indicates the MAC 刪除: Operation and Administration address and the mapped IP address of a single client. The table shows the following parameters: ¾ MAC Address – The MAC address of a specific client. ¾ IP Address – The expected IP address of the corresponding client. Leave empty if you do not want to specify an IP address for the corresponding client.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Figure 24: Change Password 2. Type in the old password in the Old Password box. 3. Type in the new password in the New Password box. 4. Re-type the new password in the Reconfirm box. 5. Click Save to save the new password(s). Follow this procedure for the Administrator Password level, for the User Password level, or for both password levels.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Security Setting Click on the Security Setting menu on the menu list to display the submenus and the Security Setting window.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Figure 26: Packet Filter Initial Window The Outbound filter applies on all outbound packets. The Inbound filter applies only on packets that are destined to Virtual Servers or DMZ host. You can select one of the following filtering policies: Allow all to pass except those match the specified rules Deny all to pass except those match the specified rules You can specify up to 8 rules for each direction, inbound and outbound.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 Enable – Check to enable the rule. Each rule can be enabled or 刪除: Operation and Administration disabled individually. Use Rule# - Packet Filter can work with Scheduling Rules. For details, please refer to Schedule Rule on page 3-52. Schedule rule – Facilitates the process of selecting a scheduling rule 格式化: 字型: 斜體 刪除: Schedule Rule for each ID. Click Save to save your Inbound/Outbound Packet Filter settings.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Example 2: Figure 28: Inbound Packet Filter - Example 2 In this example, IPs (1.2.3.100-1.2.3.119) are allowed to do everything except read net news (port 119) and transfer files via FTP (port 21). All other IPs are all allowed to perform all operations. Outbound Filter To enable Outbound Packet Filter, click on the Outbound Filter button and check the Enable box in the Outbound Packet Filter window.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration Example 1: Figure 29: Outbound Packet Filter - Example 1 In this example, IP (192.168.123.149) is restricted from sending mail (port 25), receiving mail (port 110), and browsing the Internet (port 80). It is allowed to perform all other operations. IP (192.168.123.20) is blocked from performing any operation. All other IPs are allowed to perform all operations.
錯誤! 尚未定義樣式。 In this example, IPs (192.168.123.100) and (192.168.123.119) can only 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard read net news (port 119) and send mail (port 25). They are blocked from performing any other operation. All other IPs are blocked from performing any operation. URL Blocking When enabled, this feature blocks LAN computers from connecting to pre-defined Web sites.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 刪除: Operation and Administration URL Blocking - Example Figure 32: URL Blocking Example In this example: 1. All URLs which include the string "msn" will be blocked, and the action will be recorded in the log file. 2. All URLs which include the string "sina" will be blocked, and the action will be recorded in the log file. 3. All URLs which include the string "cnnsi" will be blocked, and the action will be recorded in the log file. 4.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Figure 33: Domain Filter Up to 9 Domain Suffixes can be defined, and for each rule you can specify the desired action to be taken when a user attempts to access that domain. For each rule you can define the following: Domain Filter – Check to enable the Domain Filter feature to prevent users from accessing specific URLs. Log DNS Query – Check to enable logging users' attempts to enter the specified URLs.
Chapter 錯誤! 尚未定義樣式。 - 錯誤! 尚未定義樣式。 刪除: 3 刪除: 3 1. The URL "www.msn.com" will be blocked, and the action will be 刪除: Operation and Administration recorded in the log file. 2. The URL "www.sina.com" will not be blocked, but any attempt to enter the Web site will be recorded in the log file. 3. The URL "www.google.com" will be blocked, but the action will not be recorded in the log file. 4. IP address X.X.X.1~ X.X.X.20 can access network without restriction. Click Save to save your settings.
錯誤! 尚未定義樣式。 刪除: Set TCP/IP Protocol for Working with NAT Router 刪除: Wizard Click Save to save your settings. Miscellaneous Items Figure 35: Miscellaneous Items From the Miscellaneous Items window you can set the following: Remote Administrator Host/Port - Enables the user to perform administration tasks from a remote host. When enabled, only the specified IP address can perform remote administration. If the specified IP address is 0.0.0.
