BiPAC 7404V(G)OX BiPAC 7404V(G)PX VoIP/(802.11g) ADSL2+ (VPN) Firewall Router User Manual Version release 5.53.s5.
Table of Contents Chapter 1: Introduction ..................................................................... 1 Introduction to your Router ..................................................................1 Features ............................................................................................1 Chapter 2: Installing the Router ....................................................... 5 Important note for using this router ....................................................
Error Log ...........................................................................................30 Diagnostic .........................................................................................30 Quick Start ............................................................................................31 &RQ¿JXUDWLRQ ........................................................................................35 LAN - Local Area Network.................................................................
Firewall Log .....................................................................................85 VPN - Virtual Private Networks (Only available for BiPAC 7404V(G)OX) 86 PPTP (Point-to-Point Tunneling Protocol) ..............................................86 IPSec (IP Security Protocol) ................................................................95 L2TP (Layer Two Tunneling Protocol) .................................................104 VoIP - Voice over Internet Protocol ..........................
Appendix: Product Support & Contact ........................................
Chapter 1: Introduction Introduction to your Router :HOFRPH WR WKH 9R,3 J $'6/ 931 )LUHZDOO 5RXWHU 7KH URXWHU LV DQ ³DOO LQ RQH´ ADSL router, combining an ADSL modem, ADSL router and Ethernet network switch functionalities, providing everything you need to get the machines on your network connected to the Internet over \RXU $'6/ EURDGEDQG FRQQHFWLRQ :LWK IHDWXUHV VXFK DV DQ $'6/ 4XLFN 6WDUW ZL]DUG DQG '+&3 6HUYHU \RX FDQ EH RQOLQH LQ QR WLPH DW DOO DQG ZLWK D PLQLPXP RI IXVV DQG FR
Multi-Protocol to Establish a Connection It sXSSRUWV 333R$ 5)& 333 RYHU $70 $GDSWDWLRQ /D\HU 5)& HQFDSVXODWLRn RYHU$70 EULGJHG RU URXWHG 333 RYHU (WKHUQHW 5)& and IPoA (RFC1577) to establish a connection with the ISP. The product also supports VC-based and LLC-based multiplexing. Quick Installation Wizard It sXSSRUWV D :(% *8, SDJH WR LQVWDOO WKLV GHYLFH TXLFNO\ :LWK WKLV ZL]DUG HQG XVHUV FDQ HQWHU WKH information easily which they get from their ISP, then surf the Internet i
Quality of Service (QoS) 4R6 JLYHV \RX IXOO FRQWURO RYHU ZKLFK W\SHV RI RXWJRLQJ GDWD WUDI¿F VKRXOG EH JLYHQ SULRULW\ E\ the router, ensuring important data like gaming packets, customer information, or management information move through the router ay lightning speed, even under heavy load. The QoS features DUH FRQ¿JXUDEOH E\ VRXUFH ,3 DGGUHVV GHVWLQDWLRQ ,3 DGGUHVV SURWRFRO DQG SRUW
Firmware Upgradeable 'HYLFH FDQ EH XSJUDGHG WR WKH ODWHVW ¿UPZDUH WKURXJK WKH :(% EDVHG *8, Rich Management Interfaces It sXSSRUWV ÀH[LEOH PDQDJHPHQW LQWHUIDFHV ZLWK ORFDO FRQVROH SRUW /$1 SRUW DQG :$1 SRUW 8VHUV FDQ XVH WHUPLQDO DSSOLFDWLRQV WKURXJK WKH FRQVROH SRUW WR FRQ¿JXUH DQG PDQDJH WKH GHYLFH RU 7HOQHW :(% *8, DQG 6103 WKURXJK /$1 RU :$1 SRUWV WR FRQ¿JXUH DQG PDQDJH WKH GHYLFH Virtual Private Network (VPN) (BiPAC 7404V(G)OX only) It allows user to make a tunnel with a remote site directl
Chapter 2: Installing the Router Important note for using this router Package Contents CD-ROM containing the online manual RJ-11 ADSL/telephone Cable Ethernet (CAT-5) Cable Console kit Power adapter A detachable antenna Quick Start Guide 5
The Front LEDs. LED Meaning Lit when power is ON. Lit red means system failure. Restart the device RU FRQWDFW %LOOLRQ IRU VXSSRUW 1 Power 2 Lit when one of LAN ports is connected to an Ethernet device.
The Rear Ports Port 1 Antenna :LUHOHVV 5RXWHU RQO\ 2 DSL 3 4 5 Line (Router with LINE port only) Phone 1X-2X (RJ-11 connector) USB Meaning Connect the detachable antenna to this port. Connect this port to the $'6/ WHOHSKRQH QHWZRUN ZLWK WKH 5- 11 cable (telephone) provided. Connect this port to the telephone jack on the wall with RJ-11 cable. Connect this port to an analog phone set with RJ-11 cable.
Cabling One of the most common causes of problem is bad cabling or ADSL line(s) 0DNH VXUH WKDW DOO connected devices are turned on. On the front panel of your router is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit. If they are not, verify if you are using the proper cables. 0DNH VXUH WKDW DOO GHYLFHV (e.g. telephones, fax machines, analogue modems) connected to the same telephone line as your router KDYH D OLQH ¿OWHU FRQQHFWHG EHWZHHQ WKHP DQG WKH ZDOO RXWOHW XQOHVV \RX DUH XV
Chapter 3: Basic Installation 7KH URXWHU FDQ EH FRQ¿JXUHG WKURXJK \RXU Zeb browser. A web browser is included as a standard DSSOLFDWLRQ LQ WKH IROORZLQJ RSHUDWLQJ V\VWHPV /LQX[ 0DF 26 :LQGRZV 17 ;3 0H 9LVWD etc. The product provides an HDV\ DQG XVHU IULHQGO\ LQWHUIDFH IRU FRQ¿JXUDWLRQ POHDVH FKHFN \RXU 3& QHWZRUN FRPSRQHQWV 7KH 7&3 ,3 SURWRFRO VWDFN DQG (WKHUQHW QHWZRUN DGDSWHU PXVW EH LQVWDOOHG ,I QRW SOHDVH UHIHU WR \RXU :LQGRZV UHODWHG RU RWKHU RSHUDWLQJ V\VWHP manuals.
Connecting Your Router 1. Connect this router to a LAN /RFDO $UHD 1HWZRUN DQG WKH $'6/ WHOHSKRQH ADSL) net work. 2. Power on the device. 3. 0DNH VXUH WKH Power LED lit steadily and that the LAN LED is lit. 4. Connect your router to the telephone jack on the wall with RJ-11 cable. 5.
1HWZRUN &RQ¿JXUDWLRQ &RQ¿JXULQJ 3& LQ :LQGRZV 9LVWD 1. Go to Start. Click on Network. 2. Then click on Network and Sharing Center at the top bar. 3. :KHQ WKH 1HWZRUN DQG 6KDULQJ Center window pops up, select and FOLFN RQ 0DQDJH QHWZRUN FRQQHFtions on the left window column. 4. Select the Local Area Connection, and right click the icon to select Properties.
5. Select Internet Protocol Version 4 7&3 ,3Y WKHQ FOLFN 3URSHUWLHV 6. ,Q WKH 7&3 ,3Y SURSHUWLHV ZLQGRZ select the Obtain an IP address automatically and Obtain DNS Server address automatically radio butWRQV 7KHQ FOLFN 2. WR H[LW WKH VHWting. 7. &OLFN 2. DJDLQ LQ WKH /RFDO $UHD Connection Properties window to DSSO\ WKH QHZ FRQ¿JXUDWLRQ 12
&RQ¿JXULQJ 3& LQ :LQGRZV ;3 1. Go to Start > Control Panel (in Classic View). In the Control Panel, double-click on Network Connections 2. Double-click Local Area Connection. 3. In the Local Area Connection Status window, click Properties. 4. 6HOHFW ,QWHUQHW 3URWRFRO 7&3 ,3 DQG click Properties. 5. Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons. 6. &OLFN 2.
&RQ¿JXULQJ 3& LQ :LQGRZV 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on Network and Dial-up Connections. 2. Double-click Local Area Connection. 3. In the Local Area Connection Status window click Properties. 4. 6HOHFW ,QWHUQHW 3URWRFRO 7&3 ,3 DQG click Properties. 5. Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons. 6. &OLFN 2.
&RQ¿JXULQJ 3& LQ :LQGRZV 0H 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on 1HWZRUN DQG FKRRVH WKH &RQ¿JXUDWLRQ tab. 2. 6HOHFW 7&3 ,3 ! 1( &RPSDWLEOH or the name of your Network Interface Card (NIC) in your PC. 3. Select the Obtain an IP address automatically radio button. 4. 7KHQ VHOHFW WKH '16 &RQ¿JXUDWLRQWDE 5. Select the Disable DNS radio button DQG FOLFN 2.
&RQ¿JXULQJ 3& LQ :LQGRZV 17 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on Network and choose the Protocols tab. 2. 6HOHFW 7&3 ,3 3URWRFRO DQG FOLFN 3URSerties. 3. Select the Obtain an IP address from a DHCP server radio button and click 2.
Factory Default Settings %HIRUH FRQ¿JXULQJ \RXU router, you need to know the following default settings. Web Interface (Username and Password) Username: admin Password: admin 7KH GHIDXOW XVHUQDPH DQG SDVVZRUG DUH ³admin´ DQG ³admin´ UHVSHFWLYHO\ Device LAN IP settings IP Address: 192.168.1.254 6XEQHW 0DVN ISP setting in WAN site PPPoE DHCP server DHCP server is enabled. Start IP Address: 192.168.1.
Information from your ISP %HIRUH FRQ¿JXULQJ WKLV GHYLFH \RX KDYH WR FKHFN ZLWK \RXU ,63 ,QWHUQHW 6HUYLFH 3URYLGHU WR ¿QG out what kind of service is provided such as DHCP (Obtain an IP Address Automatically, Static IP (Fixed IP Address) or PPPoE. Gather the information as illustrated in the following table and keep it for reference.
&RQ¿JXULQJ ZLWK \RXU :HE %URZVHU Open your web browser, enter the IP address of your router, which by default is 192.168.1.254, DQG FOLFN ³*R´ D XVHU QDPH DQG SDVVZRUG ZLQGRZ SURPSW ZLOO DSSHDU 7KH GHIDXOW XVHUQDPH DQG SDVVZRUG DUH ³DGPLQ´ DQG ³DGPLQ´ UHVSHFWLYHO\ 6HH )LJXUH )LJXUH 8VHU QDPH 3DVVZRUG 3URPSW :LQGRZ Congratulations! You are now successfully logon to the 3G/VoIP/(802.
&KDSWHU &RQ¿JXUDWLRQ $W WKH FRQ¿JXUDWLRQ KRPHSDJH WKH OHIW QDYLJDWLRQ FROXPQ SURYLGHV \RX WKH OLQN WR HDFK FRQ¿JXUDWLRQ SDJH 7KH FDWHJRU\ RI HDFK FRQ¿JXUDWLRQ SDJH LV OLVWHG DV EHORZ Status ADSL Table ARP Table DHCP Table Routing Table NAT Sessions UpnP Portmap PPTP Status IPSec Status L2TP Status Email Status VoIP Status VoIP Call Log Event Log Error Log Diagnostic Quick Start &RQ¿JXUDWLRQ LAN :$1 System Firewall VPN VoIP QoS Virtual Server Time Schedule Advanced Language (provides user interfa
Status ADSL Status This section displays the ADSL overall status, which shows a number of helpful information such DV '63 ¿UPZDUH YHUVLRQ Status: The current status of the 3G card. Signal Strength: The signal strength bar indicates current 3G signal strength. Network Name: The network name that the device is connected to.
ARP Table 7KLV VHFWLRQ GLVSOD\V WKH URXWHU¶V $53 $GGUHVV 5HVROXWLRQ 3URWRFRO 7DEOH ZKLFK VKRZV WKH PDSSLQJ RI ,QWHUQHW ,3 DGGUHVVHV WR (WKHUQHW 0$& DGGUHVVHV 7KLV LV XVHIXO DV D TXLFN ZD\ RI GHWHUPLQLQJ WKH 0$& DGGUHVV RI WKH QHWZRUN LQWHUIDFH RI \RXU 3&V WR XVH ZLWK WKH URXWHU¶V )LUHZDOO ± 0$& $GGUHVV )LOWHU IXQFWLRQ 6HH WKH )LUHZDOO VHFWLRQ RI WKLV PDQXDO IRU PRUH LQIRUPDWLRQ RQ WKLV feature. IP Address: A list of IP addresses of devices on your LAN (Local Area Network).
Leased Table IP Address: The IP address that assigned to client. MAC Address: 7KH 0$& DGGUHVV RI FOLHQW Client Host Name: The Host Name (Computer Name) of client. Expiry: The current lease time of client.
Routing Table Routing Table Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination Netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use. Cost: The number of hops counted as the cost of the route. RIP Routing Table Destination: The IP address of the destination network. Netmask: The destination Netmask address.
NAT Sessions 7KLV VHFWLRQ OLVWV DOO FXUUHQW 1$7 VHVVLRQV EHWZHHQ LQWHUIDFH RI W\SHV H[WHUQDO :$1 DQG LQWHUQDO (LAN). UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play.
PPTP Status 7KLV VKRZV GHWDLOV RI \RXU FRQ¿JXUHG 3373 931 &RQQHFWLRQV Name: 7KH QDPH \RX DVVLJQHG WR WKH SDUWLFXODU 3373 FRQQHFWLRQ LQ \RXU 931 FRQ¿JXUDWLRQ Type: The type of connection (dial-LQ GLDO-out). Enable: :KHWKHU WKe connection is currently enabled. Active: :KHWKHU WKH FRQQHFWLRQ LV FXUUHQWO\ DFWLYH Tunnel Connected: :KHWKHU WKH 931 Tunnel is currently connected. Call Connected: If the Call for this VPN entry is currently connected. Encryption: The encryption type used for this VPN connection.
IPSec Status 7KLV VKRZV GHWDLOV RI \RXU FRQ¿JXUHG ,36HF 931 &RQQHFWLRQV Name: The name you assigned to the particular VPN entry. Active: :KHWKHU WKH 931 &RQQHFWLRQ LV FXUUHQWO\ $FWLYH Connection State: :KHWKHU WKH 931 LV &RQQHFWHG RU 'LVFRQQHFWHG Statistics: Statistics for this VPN Connection. Local Subnet: The local IP Address or Subnet used. Remote Subnet: The Subnet of the remote site. Remote Gateway: The Remote Gateway IP address. SA: The Security Association for this VPN entry.
Email Status 'HWDLOV DQG VWDWXV IRU WKH (PDLO $FFRXQW \RX KDYH FRQ¿JXUHG WKH URXWHU WR FKHFN 3OHDVH VHH WKH Advanced section of this manual for details on this function.
Event Log 7KLV SDJH GLVSOD\V WKH URXWHU¶V (YHQW /RJ HQWULHV 0DMRU HYHQWV DUH ORJJHG WR WKLV ZLQGRZ VXFK DV ZKHQ WKH URXWHU¶V $'6/ FRQQHFWLRQ LV GLVFRQQHFWHG DV ZHOO DV )LUHZDOO HYHQWV ZKHQ \RX KDYH HQDEOHG ,QWUXVLRQ RU %ORFNLQJ /RJJLQJ LQ WKH &RQ¿JXUDWLRQ ± )LUHZDOO VHFWLRQ RI WKH LQWHUIDFH Please see the Firewall section of this manual for more details on how to enable Firewall logging.
Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window. Diagnostic It tests the connection to computer(s) which is connected to the /$1 SRUWV DQG DOVR WKH :$1 ,QWHUQHW connection. If PING www.google.
Quick Start 1. Click Quick Start. Select the connect mode you want. There are 2 options to choose from: ADSL or 3G. Select ADSL mode from the drop down menu and click Continue. 2. If your ADSL line is not ready, you need to check your ADSL line has been set or not. 3. If your ADSL line is ready, the screen appears ADSL Line is Ready. Choose Auto radio button DQG FOLFN $SSO\ ,W ZLOO DXWRPDWLFDOO\ VFDQ WKH UHFRPPHQGHG PRGH IRU \RX 0DQXDOO\ PRGH PDNHV \RX WR VHW WKH $'6/ OLQH E\ PDQXDO ,I \RX FKRRVH 0
5. 3OHDVH HQWHU ³8VHUQDPH´ DQG ³3DVVZRUG´ DV VXSSOLHG E\ \RXU ,63 ,QWHUQHW 6HUYLFH 3URYLGHU and click Apply to continue. 3UR¿ OH 3RUW Select the connection mode. There is ADSL. Protocol: Select the protocol mode. The default mode is PPPoE. VPI/VCI: Enter the VPI and VCI information provided by your ISP. Username: Enter the username provided by your ISP. Password: Enter the password provided by your ISP. Service Name 7KLV LWHP LV IRU LGHQWL¿ FDWLRQ SXUSRVHV ,I LW LV UHTXLUHG \RXU ,63 SURYLGHV \RX WKH
6. &RQ¿JXUH WKH :LUHOHVV /$1 VHWWLQJ WLAN Service: Default setting is set to Enable. If you want to use wireless, both 802.11g and 802.11b device in your network, you can select Enable. ESSID: The ESSID is the XQLTXH QDPH RI D ZLUHOHVV DFFHVV SRLQW $3 WR EH distinguished from another. For security SURSRVH FKDQJH WR D XQLTXH ,' QDPH WR WKH $3 which is already built-in to the URXWHU¶V ZLUHOHVV LQWHUIDFH. It is case sensitive and must not excess 32 characters.
SIP: To use VoIP SIP as VoIP call signaling protocol. Default is set to Disable. Region: This selection is a drop-down box, which allows user to select the country for which the 9R,3 GHYLFH PXVW ZRUN :KHQ D FRXQWU\ LV VHOHFWHG WKH FRXQWU\ SDUDPHWHUV DUH DXWRPDWLFDOO\ loaded. SIP Service Provider: 7KLV VHFWLRQ DOORZV \RX WR VHOHFW WKH VHUYLFH SURYLGHU :KHQ WKH VHOHFWLRQ is done, respective parameters below are automatically displayed.
&RQ¿JXUDWLRQ :KHQ \RX FOLFN WKLV LWHP WKH FROXPQ ZLOO H[SDQG WR GLVSOD\ WKH VXE LWHPV WKDW ZLOO DOORZ \RX WR IXUWKHU FRQ¿JXUH \RXU $'6/ URXWHU LAN, WAN, System, Firewall, VoIP, QoS, Virtual Server, Time Schedule and Advanced 7KH IXQFWLRQ RI HDFK FRQ¿JXUDWLRQ VXE LWHP LV GHVFULEHG LQ WKH IROORZLQJ VHFWLRQV 35
LAN - Local Area Network Here are the items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client Filter, Wireless, Wireless Security, Wireless Client Filter, WPS, Port Setting and DHCP Server. Bridge Interface
Ethernet Primary IP Address IP Address: The default IP on this router. Subnet Mask: The default subnet mask on this router. RIP: 5,3 Y 5,3 Y DQG 5,3 Y 0XOWLFDVW &KHFN WR HQDEOH 5,3 IXQFWLRQ IP Alias This function creates multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote nRGH ,Q WKLV FDVH DQ LQWHUQDO URXWHU LV QRW UHTXLUHG IP Address: Specify an IP address on this virtual interface.
Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage \RXU QHWZRUN FRQWURO WR DFFHSW WUDI¿F IURP VSHFL¿F DXWKRUL]HG PDFKLQHV RU FDQ UHVWULFW XQZDQWHG machine(s) to access your LAN. 7KHUH DUH QR SUH GH¿QH (WKHUQHW 0$& DGGUHVV ¿OWHU UXOHV \RX FDQ DGG WKH ¿OWHU UXOHV WR PHHW \RXU UHTXLUHPHQWV Ethernet Client Filter: Default setting is set Disable. Allowed: FKHFN WR DXWKRUL]H VSHFL¿F GHYLFH DFFHVVLQJ \RXU /$1 E\ LQVHUW WKH 0$& $GGUHVV LQ WK
0$& $GGUHVV ZKLFK FRQQHFWLQJ WR WKH URXWHU You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table. The maximum Ethernet client is 16.
Wireless Parameters WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.11g and 802.11b, device in your network, select Disable. Mode: 7KH GHIDXOW VHWWLQJ LV E J 0L[HG PRGH ,I \RX GR QRW NQRZ RU KDYH ERWK J DQG 11b devices in your network, then keep the default in mixed mode. From the drop-down manual, you can select 802.11g if you have only 11g card. If you have only 11b card, then select 802.11b.
Note: Wireless performance may degrade if select ID channel is already being occupied by other AP(s). TX PowerLevel: It is a function that enhances the wireless transmitting signal strength. User may adjust this power level from minimum 1 up to maximum 127. Note: The Power Level maybe different in each access network user premises environment and choose the most suitable level for your network. Connected: Representing in true or false.
Wireless Security
WPA-PSK / WPA2-PSK Security Mode:
Passphrase: This is XVHG WR JHQHUDWH :(3 NH\V DXWRPDWLFDOO\ EDVHG XSRQ WKH LQSXW VWULQJ DQG D SUH GH¿QHG DOJRULWKP LQ :(3 RU :(3 Default Used WEP Key: Select the encryption key ID; please refer to Key (1~4) below. Key (1-4): (QWHU WKH NH\ WR HQFU\SW ZLUHOHVV GDWD 7R DOORZ HQFU\SWHG GDWD WUDQVPLVVLRQ WKH :(3 (QFU\SWLRQ .H\ YDOXHV RQ DOO ZLUHOHVV VWDWLRQV PXVW EH the same as the router. There are four keys IRU \RXU VHOHFWLRQ 7KH LQSXW IRUPDW LV LQ +(; VW\OH DQG +(; FRGHV DUH UHTXLUHG IRU :(
Wireless Client / MAC Address Filter 7KH 0$& $GGUHVV VXSSRUWV XS WR ZLUHOHVV QHWZRUN PDFKLQHV DQG KHOSV \RX PDQDJH \RXU QHWZRUN control to accept WUDI¿F IURP VSHFL¿F DXWKRUL]HG PDFKLQHV RU to restrict unwanted machine(s) to access your LAN. 7KHUH DUH QR SUH GH¿QH 0$& $GGUHVV ¿OWHU UXOHV \RX FDQ DGG WKH ¿OWHU rules to meet your UHTXLUHPHQWV Wireless Client Filter: Default setting is set to Disable. Allowed: 7R DXWKRUL]H VSHFL¿F GHYLFH DFFHVVLQJ \RXU /$1 E\ LQVHUW WKH 0$& $GGUHVV LQ
connects to the router.
Port Setting This section DOORZV \RX WR FRQ¿JXUH the VHWWLQJV IRU WKH URXWHU¶V (WKHUQHW ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network.
DHCP Server
WAN - Wide Area Network :$1 UHIHUV WR \RXU :LGH $UHD 1HWZRUN FRQQHFWLRQ L H \RXU URXWHU¶V FRQQHFWLRQ WR \RXU ,63 DQG the Internet. Here are the items within the :$1 VHFWLRQ :$1 ,QWHUIDFH :$1 3UR¿OH and ADSL Mode. WAN Interface WAN Connection-ADSL Mode 7KH GHIDXOW VHWWLQJ IRU &RQQHFWLRQ 0RGH LV $'6/ DQG IRU 3URWRFRO LV 333R( Main Port: User can select either ADSL or 3G mode. Failover / Failback: 6HW (QDEOH WR WULJJHU $'/6 * IDLORYHU IDLOEDFN IXQFWLRQ UHDG\ Backup Port: ,W OLQNV WR EDFNXS SRUW F
Rule 1. ADSL Down Rule 2. Ping Fail No Ping: It will not send any ping packet to determine the connection. It means to disable the ping fail detection. Ping Gateway: It will send ping packet to gateway and wait response from gateway in every ³3UREH &\FOH´ Ping Host: ,W ZLOO VHQG SLQJ SDFNHW WR VSHFL¿F KRVW DQG ZDLW UHVSRQVH LQ HYHU\ ³3UREH &\FOH´ The host must be an IP address.
:$1 3UR¿OH PPPoE Connection PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP. 3UR¿OH 3RUW 6HOHFW WKH SUR¿OH SRUW DV $'6/ Protocol: 7KH $70 SURWRFRO ZLOO EH XVHG LQ WKH GHYLFH Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: 7KH 4XDOLW\ RI 6HUYLFH IRU $70 OD\HU Username: Enter the username provided by your ISP.
Auth. Protocol: Default is Auto. Your ISP should advise you on whether to use Chap or Pap. Connection: Always on: If you want the router to establish a PPPoA session when starting up and to automatically re-establish the PPPoA session when disconnected by the ISP. Connect on Demand: If you want to establish a PPPoA session only when there is a packet UHTXHVWLQJ DFFHVV WR WKH ,QWHUQHW L H ZKHQ D SURJUDP RQ \RXU FRPSXWHU DWWHPSWV WR DFFHVV the Internet).
PPPoA Connection 3UR¿OH 3RUW 6HOHFW WKH SUR¿OH SRUW DV $'6/ Protocol: 7KH $70 SURWRFRO ZLOO EH XVHG LQ WKH GHYLFH Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: 7KH 4XDOLW\ RI 6HUYLFH IRU $70 OD\HU Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric FKDUDFWHUV FDVH VHQVLWLYH 7KLV LV LQ WKH IRUPDW RI ³XVHUQDPH#LVSQDPH´ LQVWHDG RI VLPSO\ ³XVHUQDPH´ Password: Enter the password provided by your ISP.
Detail:
MPoA Connection 3UR¿OH 3RUW 6HOHFW WKH SUR¿OH SRUW DV $'6/ Protocol: 7KH $70 SURWRFRO ZLOO EH XVHG LQ WKH GHYLFH Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: 7KH 4XDOLW\ RI 6HUYLFH IRU $70 OD\HU NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
0$& 6SRR¿QJ 6RPH VHUYLFH SURYLGHUV UHTXLUH WKH FRQ¿JXULQJ RI WKLV RSWLRQ
IPoA Routed Connection 3UR¿OH 3RUW 6HOHFW WKH SUR¿OH SRUW DV $'6/ Protocol: 7KH $70 SURWRFRO ZLOO EH XVHG LQ WKH GHYLFH Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: 7KH 4XDOLW\ RI 6HUYLFH IRU $70 OD\HU NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
Pure Bridge 3UR¿OH 3RUW 6HOHFW WKH SUR¿OH SRUW DV $'6/ Protocol: 7KH $70 SURWRFRO ZLOO EH XVHG LQ WKH GHYLFH Description: A given name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: 7KH 4XDOLW\ RI 6HUYLFH IRU $70 OD\HU Encap. mode: Choose whether you want the SDFNHWV LQ :$1 LQWHUIDFH as bridged packet or routed packet. Acceptable Frame Type: 6SHFLI\ ZKLFK NLQG RI WUDI¿F JRHV WKURXJK WKLV FRQQHFWLRQ DOO WUDI¿F RU only VLAN tagged. Filter Type: 6SHFLI\ WKH W\SH RI
3G TEL No.: 7KH GLDO VWULQJ WR PDNH D *356 * XVHU LQWHUQHWZRUNLQJ FDOO ,W PD\ SURYLGH E\ \RXU mobile service provider. APN: $Q $31 LV VLPLODU WR D 85/ RQ WKH ::: LW LV ZKDW WKH XQLW PDNHV D *356 8076 FDOO 7KH VHUYLFH SURYLGHU LV DEOH WR DWWDFK DQ\WKLQJ WR DQ $31 WR FUHDWH D GDWD FRQQHFWLRQ UHTXLUHPHQWV IRU $31¶V WR EH DVVLJQHG YDULHV EHWZHHQ GLIIHUHQW VHUYLFH SURYLGHUV 0RVW VHUYLFH SURYLGHUV KDYH DQ internet portal which they connect a DHCP Server to, giving you access to the internet i.e.
Connection: Always On: 7KH URXWHU ZLOO PDNH 8076 *356 FDOO ZKHQ VWDUWLQJ XS (QDEOLQJ $OZD\V 2Q ZLOO JLYH \RX DQ RSWLRQ RI .HHS $OLYH Keep Alive: Set Enable to allow the router automatically reconnects the connection when ISP disconnects it. Connect to Demand: ,I \RX ZDQW WR PDNH 8076 *356 FDOO RQO\ ZKHQ WKHUH LV D SDFNHW UHTXHVWLQJ DFFHVV WR WKH ,QWHUQHW L H ZKHQ D SURJUDP RQ \RXU FRPSXWHU DWWHPSWV WR DFFHVV WKH Internet). In this mode, you must set Idle Timeout value at same time.
ADSL Mode Connect Mode: 7KLV PRGH ZLOO DXWRPDWLFDOO\ GHWHFW \RXU $'6/ OLQH FRGH $'6/ $'6/ $QQH[0 DQG $QQH[0 $'6/ $OO 3OHDVH NHHS WKH IDFWRU\ VHWWLQJ XQOHVV $'6/ LV GHWHFWHG DV the symptom of synchronization problem. Modulation: It will automatically detect capability of your ADSL line mode. Please keep the factory setting unless ADSL is detected as the symptom of synchronization problem. 3UR¿OH 7\SH Please keep the factory settings unless ADSL is detected as the symptom of low link UDWH RU
System Here are the items within the System section: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart and User Management. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network. Choose your local time zone, click Enable and click the Apply button.
Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time SHULRG WKH URXWHU ZLOO SHUPLW UHPRWH DFFHVV IRU DQG FOLFN (QDEOH
Backup / Restore 7KHVH IXQFWLRQV DOORZ \RX WR VDYH DQG EDFNXS \RXU URXWHU¶V FXUUHQW VHWWLQJV WR D ¿OH RQ \RXU 3& RU to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes. It is advisable to backup your URXWHU¶V VHWWLQJV EHIRUH PDNLQJ DQ\ VLJQL¿FDQW FKDQJHV WR \RXU URXWHU¶V FRQ¿JXUDWLRQ 3UHVV %DFNXS WR VHOHFW ZKHUH RQ \RXU ORFDO 3& WR VDYH WKH VHWWLQJV ¿OH
Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved FRQ¿JXUDWLRQ ,I \RX ZLVK WR UHVWDUW WKH URXWHU XVLQJ WKH IDFWRU\ GHIDXOW VHWWLQJV IRU H[DPSOH DIWHU D ¿UPZDUH XSJUDGH RU LI \RX KDYH VDYHG DQ LQFRUUHFW FRQ¿JXUDWLRQ VHOHFW )DFWRU\ 'HIDXOW 6HWWLQJV WR UHVHW WR factory default settings. You may also reset your router to factory settings by holding the small Reset pinhole button more than 6 seconds on the back of your router.
User Management ,Q RUGHU WR SUHYHQW XQDXWKRUL]HG DFFHVV WR \RXU URXWHU¶V FRQ¿JXUDWLRQ LQWHUIDFH LW UHTXLUHV DOO XVHUV to login with a password. You can set up multiple user accounts, each with their own password. You are able to Edit existing users and Add QHZ XVHUV ZKR DUH DEOH WR DFFHVV WKH GHYLFH¶V FRQ¿JXUDWLRQ interface.
:KHQ \RX create a user account FKHFN 9DOLG ER[ DQG ¿OO LQ WKH UHVSHFWLYH LQIRUPDWLRQ IRU 8VHU &RPPHQW 3DVVZRUG DQG &RQ¿UP 3DVVZRUG LQ WKH EODQNV SURYLGHG 7KHQ FOLFN WKH $GG EXWWRQ WR add your new user account. To delete a user account, click on the Delete radio button on the right column of the account you ZLVK WR GHOHWH DQG WKHQ FOLFN WKH (GLW 'HOHWH EXWWRQ RQ WKH WRS WR FRQ¿UP \RXU GHOHWLRQ 67
Firewall and Access Control
Listed are the items under the Firewall section: General Settings, Packet Filter, Intrusion Detection, URL Filter, IM/P2P Blocking and Firewall Log. General Settings You can FKRRVH QRW WR HQDEOH )LUHZDOO DQG VWLOO DEOH WR DFFHVV WR 85/ )LOWHU DQG ,0 3 3 %ORFNLQJ or HQDEOH WKH )LUHZDOO XVLQJ SUHVHW ¿OWHU UXOHV DQG PRGLI\ WKH SRUW ¿OWHU UXOHV DV UHTXLUHG 7KH 3DFNHW )LOWHU LV XVHG WR ¿OWHU SDFNHWV EDVHG RQ $SSOLFDWLRQV 3RUW RU ,3 DGGUHVVHV There are four options when you enable the Firewall, they are: $
GLVDEOH 0RVWO\ LW LV IRU SUHYHQWLQJ DQ\ VFDQ WRROV IURP :$1 VLWH E\ KDFNHU Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is FKRVHQ $OO EORFNHG +LJK 0HGLXP DQG /RZ 7KH preset SRUW ¿OWHU UXOHV LQ WKH 3DFNHW )LOWHU PXVW PRGLI\ DFFRUGLQJO\ WR WKH OHYHO RI )LUHZDOO ZKLFK LV VHOHFWHG 6HH 7DEOH 3UHGH¿QHG 3RUW )LOWHU IRU more detail information.
Example: 3UHGH¿QHG 3RUW )LOWHUV 5XOHV 7KH SUHGH¿QHG SRUW ¿OWHU UXOHV IRU +LJK 0HGLXP DQG /RZ VHFXULW\ OHYHOV DUH OLVWHG 6HH 7DEOH 1RWH )LUHZDOO ± $OO %ORFNHG 8VHU GH¿QHG \RX PXVW GH¿QH DQG FUHDWH WKH SRUW ¿OWHU UXOHV \RXUVHOI 1R SUHGH¿QHG UXOH LV EHLQJ SUHFRQ¿JXUHG Table 1: Port Firewall - Low Firewall - Medium Firewall – High 3UHGH¿QHG Number Protocol Port Filter Start End Inbound Outbound Inbound Outbound Inbound Outbound Application HTTP(80) TCP(6) 80 80 NO YES NO YES NO YES DNS (5
Inbound: Internet to LAN Outbound: LAN to Internet YES: Allowed NO: %ORFNHG N/A: Not Applicable Packet Filter – Add TCP/UDP Filter Rule Name Helper: 8VHUV GH¿QH GHVFULSWLRQ WR LGHQWLI\ WKLV HQWU\ RU FOLFN ³Select´ drop-down menu WR VHOHFW H[LVWLQJ SUHGH¿QHG UXOHV 7KH PD[LPXP QDPH OHQJWK LV FKDUDFWHUV Time Schedule: ,W LV VHOI GH¿QHG WLPH SHULRG
Packet Filter – Add Raw IP Filter Go to ³Type´ drop-down menu, select ³Use Protocol Number´. Rule Name Helper: 8VHUV GH¿QH GHVFULSWLRQ WR LGHQWLI\ WKLV HQWU\ RU choosing ³Select´ drop-down menu WR VHOHFW H[LVWLQJ SUHGH¿QHG UXOHV Time Schedule: ,W LV VHOI GH¿QHG WLPH SHULRG
$V \RX FDQ VHH IURP WKH GLDJUDP EHORZ ZKHQ WKH ¿UHZDOO LV HQDEOHG ZLWK RQH RI WKH WKUHH SUHVHWV /RZ 0HGLXP +LJK LQERXQG +773 DFFHVV LV QRW DOORZHG ZKLFK PHDQV UHPRWH DFFHVV WKURXJK HTTP to your router is not allowed. Note: Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet.
&RQ¿JXULQJ 3DFNHW )LOWHU 1. &OLFN 3DFNHW )LOWHUV
Example: Application: Cindy_HTTP Time Schedule: Always On 6RXUFH 'HVWLQDWLRQ ,3 $GGUHVV HV , GR QRW ZLVK WR DFWLYH WKH DGGUHVV ¿OWHU LQVWHDG , XVH WKH SRUW ¿OWHU 7\SH 7&3 3OHDVH UHIHU WR 7DEOH 3UHGH¿QHG 3RUW )LOWHU Source Port: 0-65535 (I allow all ports to connect with the application)) 5HGLUHFW 3RUW 7KLV LV 3RUW GH¿QHG IRU +773 ,QERXQG 2XWERXQG $OORZ 1. 7KH QHZ SRUW ¿OWHU UXOH IRU +773 LV VKRZQ EHORZ 2. &RQ¿JXUH \RXU 9LUWXDO 6HUYHU ³SRUW IRUZDUGLQJ´ VHWWLQJV VR WKDW LQF
77
Intrusion Detection 7KH URXWHU¶V ,QWUXVLRQ 'HWHFWLRQ 6\VWHP ,'6 LV XVHG WR GHWHFW KDFNHU DWWDFNV DQG LQWUXVLRQ DWWHPSWV IURP WKH ,QWHUQHW ,I WKH ,'6 IXQFWLRQ RI WKH ¿UHZDOO LV HQDEOHG LQERXQG SDFNHWV DUH ¿OWHUHG DQG EORFNHG GHSHQGLQJ RQ ZKHWKHU WKH\ DUH GHWHFWHG DV SRVVLEOH KDFNHU DWWDFNV LQWUXVLRQ attempts or other connections that the router determines to be suspicious. Blacklist: If the router detects a possible attack, the source IP or destination IP address will be DGGHG WR WKH %ODFNOLVW $Q\
cannot protect against such attacks. Table 2: Hacker attack types recognized by the IDS Intrusion Name Ascend Kill WinNuke Smurf Type of Block Duration Drop Packet Show Log Src IP DoS Yes Yes Src IP DoS Yes Yes Dst IP Victim Protection Yes Yes Detect Parameter Blacklist $VFHQG .LOO GDWD TCP Port 135, 137~139, Flag: URG ,&03 W\SH Des IP is broadcast Land attack SrcIP = DstIP Yes Yes Echo/CharGen Scan UDP Echo Port and CharGen Port Yes Yes Echo Scan CharGen Scan X’mas Tree Scan U
ICMP Flood ICMP Echo 0D[ ,&03 &RXQW 'HIDXOW F sec) 0D[ 3,1* &RXQW 'HIDXOW F VHF Yes Yes Src IP: Source IP Src Port: Source Port Dst Port: Destination Port Dst IP: Destination IP 80
