Ir a la página of
manuales de instrucciones parecidos
-
Network Card
Billion BIPAC 3012G
5 páginas 2.75 mb -
Network Card
Billion BIPAC-2060
2 páginas 2.77 mb -
Network card
Billion BIPAC P104
29 páginas -
Network Card
Billion BIPAC 7500
12 páginas 5.82 mb -
Network Card
Billion USB ISDN TA BIPAC-221
13 páginas 2.18 mb -
Network Card
Billion BiGuard 30
209 páginas 5.88 mb -
Network Card
Billion BIPAC 3013G
36 páginas 21.62 mb -
Network Card
Billion BiGuard 50G
223 páginas 3.88 mb
Buen manual de instrucciones
Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Billion BiGuard 30. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Billion BiGuard 30 o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.
¿Qué es un manual de instrucciones?
El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Billion BiGuard 30 se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.
Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Billion BiGuard 30, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.
Entonces, ¿qué debe contener el manual de instrucciones perfecto?
Sobre todo, un manual de instrucciones Billion BiGuard 30 debe contener:
- información acerca de las especificaciones técnicas del dispositivo Billion BiGuard 30
- nombre de fabricante y año de fabricación del dispositivo Billion BiGuard 30
- condiciones de uso, configuración y mantenimiento del dispositivo Billion BiGuard 30
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas
¿Por qué no leemos los manuales de instrucciones?
Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Billion BiGuard 30 no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Billion BiGuard 30 y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Billion en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Billion BiGuard 30, como se suele hacer teniendo una versión en papel.
¿Por qué vale la pena leer los manuales de instrucciones?
Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Billion BiGuard 30, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.
Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Billion BiGuard 30. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.
Índice de manuales de instrucciones
-
Página 1
BiGuard 30 iBusiness Security Gateway SMB User ’ s Manual V ersion Release 7.01 (FW:1.06p)[...]
-
Página 2
2 BiGuard 30 User’s Manual (Updated March 28, 2007) Copyright Information © 2007 Billion Electric Corporation, Ltd. The contents of this publication may n o t be reproduced in whole or in part, transcribed, stored, tr anslated, or transmi tted in any form or any means, witho ut the prior written con sent of Billion Electric Corporation. Publishe[...]
-
Página 3
3 Safety Warnings Y our BiGuard 30 is built for reliability and long service life. For your safety , be sure to read and follow the foll owing safety wa rnings. • Read this installation guide thoroughly bef ore attempting to set up your BiGuard 30. • Y our BiGuard 30 is a complex electronic device. DO NO T open or attempt to repair it yourself [...]
-
Página 4
4 Table of Contents Chapter 1: Introduction 1.1 Overview 1.2 Product Highlights 1.2.1 Increased Bandwidth, Scalability and Resilience 1.2.2 Virtual Private Network Support 1.2.3 Advanced Firewall Security 1.2.4 Intelligent Bandwidth Management 1.3 Package Contents 1.3.1 Front Panel 1.3.2 Rear Panel 1.3.3 Rack Mounting 1.3.4 Cabling Chapter 2: Route[...]
-
Página 5
5 2.6.1 General VPN Setup 2.6.2 VPN Planning - Fail Over 2.6.3 Concentrato r Chapter 3: Getting Started 3.1 Overview 3.2 Before You Begin 3.3 Connecting Your Router 3.4 Configuring PCs for TCP/IP Networking 3.4.1 Overview 3.4.2 Windows XP 3.4.2.1 Configuring 3.4.2.2 Verifying Settings 3.4.3 Windows 2000 3.4.3.1 Configuring 3.4.3.2 Verifying Setting[...]
-
Página 6
6 4.2.5 IPSec Status 4.2.6 PPTP Status 4.2.7 Traffic Statistics 4.2.8 System Log 4.2.9 IPSec Log 4.3 Quick Start 4.3.1 DHCP 4.3.2 Static IP 4.3.3 PPPoE 4.3.4 PPTP 4.3.5 Big Pond 4.4 Configuration 4.4.1 LAN 4.4.1.1 Ethernet 4.4.1.2 DHCP Server 4.4.1.3 LAN Address Mapping 4.4.2 WAN 4.4.2.1 ISP Settings 4.4.2.1.1 DHCP 4.4.2.1.2 Static IP 4.4.2.1.3 PPP[...]
-
Página 7
7 4.4.4.8 Email Alert 4.4.5 Firewall 4.4.5.1 Packet Filter 4.4.5.2 URL Filter 4.4.5.3 LAN MAC Filter 4.4.5.4 Block WAN Request 4.4.5.5 Intrusion Detection 4.4.6 VPN 4.4.6.1 IPSec 4.4.6.1.1 IPSec Wizard 4.4.6.1.2 IPSec Policy 4.4.6.2 PPTP 4.4.7 QoS 4.4.8 Virtual Server 4.4.8.1 DMZ 4.4.8.2 Port Forwarding Table 4.4.9 Advanced 4.4.9.1 Static Route 4.4[...]
-
Página 8
8 5.2.3.3 Java Permissions 5.3 WAN Interface 5.3.1 Can’t Get WAN IP Address from the ISP 5.4 ISP Connection 5.5 Problems with Date and Time 5.6 Restoring Factory Defaults Appendix A: Product Specifications Appendix B: Customer Support Appendix C: FCC Interference Statement Appendix D: Network, Routing, and Firewall Basics D.1 Network Basics D.1.1[...]
-
Página 9
9 E.2 What is IPSec? E.2.1 IPSec Security Components E.2.1.1 Authentication Header (AH) E.2.1.2 Encapsulating Security Payload (ESP) E.2.1.3 Security Associations (SA) E.2.2 IPSec Modes[...]
-
Página 10
10 E.2.3 Tunnel Mod e AH E.2.4 Tunnel Mod e ESP E.2.5 Internet Key Exchange (IKE) Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories F.2 IPSec Log Event Table Appendix G: Bandwidth Management with QoS G.1 Overview G.2 What is Quality of Service? G.3 How Does QoS Work? G.4 Who Needs QoS? G.4.1 Home Users G.4.2 Office Users Appendix H: [...]
-
Página 11
11 Chapter 1: Introduction 1.1 Overview Congratul ations on purchasing Bi Guard 30 Rout er from Billion. Combining a router with an Ethe rnet network switch, BiGuard 30 is a stat e-o f-the- art device that provides everything yo u need to get your network co nnected to the Internet o ver your Cable or DSL connection quickly and easil y . The Quick [...]
-
Página 12
12 connections are possible on BiGuard 30, with performance of up to 10Mbps. 1.2.3 Advanced Firewall Security Aside from intelligent broadban d sharing, BiGuard 30 offers in tegrated firewall protection with adv anced fe atures to secure your network from ou tside attacks. Stateful P acket Inspection (SPI) determines if a data packet is permitted t[...]
-
Página 13
13 LED Function Power A solid light indicates a steady connection to a power source. Status A blinking light indicates the device is writing to flash memory. LAN 1 – 8 Lit when connected to an Ethernet device. 10/100M : Lit green when connected at 100Mbps. Not lit when connected at 10Mbps. Link/ACT: Lit when device is connected. Blinking when dat[...]
-
Página 14
14 Port Function 1 RESET To reset the device and restor e factory default settings, after the device is fully booted, press and hold RESET until the Status LED begins to blink. 2 WAN2 WAN2 10/100M Ethernet port (w ith auto crossover support); connect xDSL/Cable modem here. 3 WAN1 WAN1 10/100M Ethernet port (w ith auto crossover support); connect xD[...]
-
Página 15
15 1.3.4 Cabling Most Ethernet networks curren tly use unshielded twist ed pair (UTP) cabling. The UTP cable contains eigh t conductors, arr anged in four twisted pairs, and terminat ed with an RJ45 t ype connector . One of the most common causes of networking problems is bad cabling. Make sure that all connected devices are turned on. On the front[...]
-
Página 16
16 Chapter 2: Router Applications 2.1 Overview Y our BiGuard 30 router is a versatile device th at can be configured to not on ly protect your network from malicious attack ers, but also ensure optimal usage of available bandwidth with Quality of Service (QoS) and both Inbound and Outbound Load Balancing. Altern atively , BiGuard 30 can also be set[...]
-
Página 17
17 2.2.2 QoS Policies for Different Applications By setting differen t QoS policies according to the application s you are running, you can use BiGuard 30 to optimize the bandwidt h that is being used on your network. As illustrated in the diagram above, applications such as V oiceover IP (V oIP) require Restricted PC Normal PCs Vo I P[...]
-
Página 18
18 low network laten cies to function properly . If bandwidth is bein g used by other applications such as an F TP server , users using V oIP will experience network lag and/or service interruption s during use. T o avoid this scenario, this network has assigned V oIP with a guaranteed bandwidt h and higher priority to ensure smooth communications.[...]
-
Página 19
19 policies for different PCs on the network. Policy based traffic shaping lets you better manage your bandwidth, providing reliable In ternet and network service to your organization. 2.2.5 Priority Bandwidth Utilization Assigning priority to a certain service al lo ws BiGuard 30 to give either a higher or lower priority to traffic from this parti[...]
-
Página 20
20 2.2.6 Management by IP or MAC address BiGuard 30 can also be configured to apply tr affic policies based on a particular IP or MAC address. This allows you to quickly assign differen t traffic policies to a specific computer on the network. 2.2.7 DiffServ (DSCP Mark ing)[...]
-
Página 21
21 DiffServ (a.k. a. DSCP Marking) allows you to classify t raffic based on IP DSCP v alues. Other interfaces can match tr affic based on the DSCP markings. DSCP markings are used to decide how packets sho uld be tr eated, and is a useful tool to give precedence to varying types of data. 2.2.8 DSCP (Matching) Just like the DSCP M arking, DSCP is us[...]
-
Página 22
22 In the above example, PC 1 (I P_192. 168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via W AN1 (I P_230.1 00.100.1) on BiGuard 30. Should WAN1 fai l, Outbound F ail Over tells BiGuard 30 to reroute outgoing tr affic to WAN2 (IP_213.10.10.2). Configuring your BiGuar d 30 for Outbound F ail Over provides a more reliable connection[...]
-
Página 23
23 In the above example, PC 1 (I P_192. 168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via W AN1 (IP_230.100.100.1) a nd WAN2 (IP_213.10.10.2) on BiGuard 30. Y ou can co nfigure BiGuard 30 to balance the load of each WA N port with one of two mechanisms: 1. Session (by session/by traffic/weight of link capability) 2. IP Hash (by t[...]
-
Página 24
24 In the above example, an FTP Server (IP_192.168.2.2) and an HT TP Server (IP_192.168.2.3) are connected to the I nternet via W AN1 (ftp .billion.dyndns.org) on BiGuard 30. A remote computer is trying to access these servers via the Internet. Under normal circumstances, the remote comput er will gain access t o the network via WAN1. Should WAN1 f[...]
-
Página 25
25 In the above example, an FTP server (IP_192.168.2.2) and an HT TP server (IP_192.168.2.3) are connected to the I nternet via WAN1 (www.billion2.dyndns.org) and WAN2 (www.billion3.dyndns.org) on BiGuard 30. Remote PCs are attempting to access the serve rs via the Internet. Using Inbound Load Balancing, BiGuard 30 can direct inco ming requests to [...]
-
Página 26
26 DNS Inbound is a three step process. First, a DNS request is made to the router via a remote PC. BiGuard 30, based on settin gs specified by the user , will direct the requesting PC to the correct W AN port by replying the selected W AN IP address through the buil t-in DN S server . The remote PC then accesses the network via the specified WAN p[...]
-
Página 27
27 In the above example, an FTP Server (IP_192.168.2.2) and an HT TP Server (IP_192.168.2.3) are connected to the I n ternet via W AN1 (IP_200.200.200.1) on BiGuard 30. A remote computer is trying to access these servers via the Internet, and makes a DNS request. T he DNS request ( www .mydo main.com ) will be sent through WAN1 (200.200.200.1) to t[...]
-
Página 28
28 In the above example, an FTP server (IP_192.168.2.2) and an HT TP server (IP_192.168.2.3) are connected to the In ternet via WAN1 (IP_200.200.200.1) and WAN2 (IP_1 00.100.100.1) on BiGuard 30. R e mote PCs are attempting to access the servers via the Internet by making a DNS request, entering a URL (www.m ydomain.com). Using a load balanc ing al[...]
-
Página 29
29 In the example above, the client is making a DNS reques t. The request is sent to the DNS server of BiGuard 30 through WAN2 (1). WAN2 will route this request to the embedded DNS server of BiGu ard 30 (2). BiGuard 30 will analyze the bandwidth of both WAN1 and W AN2 and decide which WAN IP to repl y to the request (3). After the decision is made,[...]
-
Página 30
30 The following section discusses Virtual Private Networking with BiGuard 30. 2.6.1 General VPN Setup There are typically thr ee different VPN scenarios. The first is a Gateway to Gateway setup, where two remote gateways communicate over the Internet via a secure tunnel. The next type of VPN setup is the Gateway t o Multiple Gateway setup, where o[...]
-
Página 31
31 planning. The follo wing sections demonstr ate the v arious w ays of using Bi Guard 30 to setup your VP N. 2.6.2 VPN Planning - Fail Over Configurin g your VPN with F ail Over allow s BiGuard 30 to automatically def ault to WA N2 should W AN1 fail. Because the dynamic domain name biguard.bi llion.com is configured for both WAN 1 and WAN2, the ac[...]
-
Página 32
32 Configuring BiGuard 30 f or F ail Over prov ides added reliability to you r VPN. 2.6.3 Concentrato r The VPN Concentr ator provides an easy w ay for br anch offices to connect to headquarter through a VPN tunnel . All branch offi ce traffic will be redirected to the VPN tunnel to headquarter with the exceptio n of LAN-side tr affic. This w ay , [...]
-
Página 33
33 Chapter 3: Getting Started 3.1 Overview BiGuard 30 is designed to be a powerful and flexible network device that is also easy to use. With an intu itive web-based configu ration, BiGuard 30 allows you to administer your network via virtu ally any Java-enabled web browser and is fully compatible with Linux, Mac OS, an d Windows 98/Me/NT/2000/XP o[...]
-
Página 34
34 password for security reason. 4. Prepare to physically connect BiGuard 30 to Cable or DSL modems and a computer . Be sure to also review the Safety Warn ings located in the preface of this m anual before working with your BiGuard 30. 3.3 Connecting Your Router Connecting BiGuard 30 is an easy three-step process: 1. Connect BiGuard 30 to y our LA[...]
-
Página 35
35 3.4 Configuring PCs for TCP/IP Networking Now that your BiGuard 30 is connected properly t o your network, it’s time to configure your net worked PCs for TCP/IP networking. In order for your network ed PCs to communi cate with your router , they must have the following characteristics: 1. Have a properly installed and f unctioning Eth ernet Ne[...]
-
Página 36
36 - Mac OS 7 and later If you are using Windows 3.1, you must pu rchase a third-party TCP/IP application package. Any T CP/IP capable workstation can be used to communicate with or th rough BiGuard 30. T o configure other types of workstations, please consult the manufacturer’ s documentation. 3.4.2 Windows XP 3.4.2.1 Configuring 1. Select Start[...]
-
Página 37
37 3. Select Internet Protocol (TCP /IP) and click Properties . 4a. T o have your PC obtain an IP address aut omatically , select th e Obtain an IP[...]
-
Página 38
38 address automaticall y and Obtain DNS server address automatically radi o buttons. 4b. T o manually assign your PC a fixed IP address, select the Us e the following IP address r adio button and enter your desired IP address, subnet mask, and defaul t gateway in the blanks provided. R emember that your PC must reside in the same subnet mask as th[...]
-
Página 39
39 3.4.2.2 Verifying Settings T o verify your setting s using a command prompt: 1. Click Start > Programs > Accessories > Command Prompt . 2. In the Command Pro mpt window , type ipconfig and then press ENTER . If you are using BiGuard 30’s defa ult settings, you r PC should have:[...]
-
Página 40
40 - An IP address between 192.168.1.1 and 192 .168.1.253 - A subnet mask of 255.255.255.0 T o verify your setting s using the Windows XP GUI: 1. Click Start > Settings > Network Connections .[...]
-
Página 41
41 2. Right click one of th e networ k connections listed and select Status from the pop-up menu. 3. Click the Support tab.[...]
-
Página 42
42 If you are usi ng BiGuard 30’ s default settings, your PC should: - Have an IP address be tween 192.168.1.1 and 192.168.1.253 - Have a subnet mask of 255.255.255.0 3.4.3 Windows 2000 3.4.3.1 Configuring 1. Select Start > Settings > Cont rol Panel .[...]
-
Página 43
43 2. In the Control Panel window, double-click Network and Dial-up Connections . 3. In Network and Dial-up Connections, double-cli ck Local Area Connection .[...]
-
Página 44
44 4. In the Local Area Connection window , click Properties . 5. Select Internet Protocol (TCP/IP) and cl ick Properties .[...]
-
Página 45
45 6a. T o have your PC obtain an IP address aut omatically , select th e Obtain an IP address automaticall y and Obtain DNS server address automatically radi o buttons. 6b. T o manually assign your PC a fixed IP address, select the Use the followin g IP address r adio button and enter your desired IP address, subnet mask, and defaul t gateway in t[...]
-
Página 46
46 7. Click OK to finish the configurati on. 3.4.3.2 Verifying Settings 1. Click Start > Programs > Accessories > Command Prompt .[...]
-
Página 47
47 2. In the Command Pro mpt window , type ipconfig and then press ENTER . If you are using BiGuard 30’s defa ult settings, you r PC should have: - An IP address between 192.168.1.1 and 192 .168.1.253 - A subnet mask of 255.255.255.0[...]
-
Página 48
48 3.4.4 Windows 98 / Me 3.4.4.1 Installing Components T o prepare Windows 98/Me PCs for T CP/IP networking, yo u may need to manually install TCP/IP on each PC. T o do this, follow the steps below. Be sure to have your Windows CD handy , as you may need to in sert it during the installat ion process. 1. On the Windows task bar , select Start > [...]
-
Página 49
49 Y ou must have the follow ing installed:[...]
-
Página 50
50 - An Ethernet adapter - TCP/IP pr otocol - Client for Microsoft Networks If you need to in stall a new E thern et adapter , follow these steps: a. Click Add . b. Select Adapter , then Add . c. Select the manufactu rer and model of your Ethernet adapt er , then click OK .[...]
-
Página 51
51 If you need TCP/IP: a. Click Add . b. Select Protocol , then click Add .[...]
-
Página 52
52 c. Select Microsoft . Æ TCP/IP , then OK . If you need Client for Microsoft Networks: a. Click Add .[...]
-
Página 53
53 b. Select Client , then click Add . c. Select Microsoft . Æ Client for Microsoft Networks , and then click OK . 3. Restart your PC to apply yo ur changes. 3.4.4.2 Configuring 1. Select Start > Settings > Cont rol Panel .[...]
-
Página 54
54 2. In the Cont rol Panel, double-click Network and choose the Confi guratio n tab.[...]
-
Página 55
55 3. Select TCP / IP > ASUSTek or the name of any Network Interface Card (N IC) in your PC and click Properties . 4. Select the IP Address tab and click the Obtain an IP address au tomatic all y radio butto n.[...]
-
Página 56
56 5. Select the DNS Conf igura tion tab and select the Disable DN S radio button. 6. Click OK to apply the configurati on.[...]
-
Página 57
57 3.4.4.3 Verifying Settings T o ch eck the TCP/IP configuration, use the winipcfg.exe utility: 1. Select Start > Run . 2. T ype winipcfg , and then click OK. 3. From the drop-down bo x, se lect your Ethernet adapter .[...]
-
Página 58
58 The window is updated to show your settings. Using the default BiGuard 30 settings , your PC should h ave: - An IP address between 192.168.1.1 and 192 .168.1.253 - A subnet mask of 255.255.255.0 - A default gatewa y of 192.168.1.254 3.5 Factory Default Sett ings Before configuring your BiGuard 30, you need to know the foll owing default settings[...]
-
Página 59
59 ISP setting in W AN site: Obtain an IP Address au tomatically ( DHCP Clie nt) DHCP server: DHCP server is enabled. Start IP Address: 192.168.1.100 End IP Address: 192.168.1.199 3.5.1 User Name and Password The default user name and password are "a dmin" and "admin" respectively . If you ever forget your user name and/or passw[...]
-
Página 60
60 Before configuring th is device, you have to check with your ISP (Internet Service P r o v i d e r ) t o f i n d o u t w h a t k i n d o f s e r v i c e is provided such as DHCP , St atic IP , PPP oE, or PPTP . The following table out lines each of these protocols: DHCP Configure this WAN interface to use DHCP client protocol to get an IP addres[...]
-
Página 61
61 If an ISP technician co nfigured your computer or i f you configured i t using instructions provided by your ISP , you n eed to copy the configuration information from your PC’ s Network T CP/IP Properti es window before r econfiguring your computer for use with B iGuard 30. The following secti ons describe how yo u can obtain this inf ormatio[...]
-
Página 62
62 3. In the Network Connections window , right-click Local Area Connection and select Properties . 4. Select Internet Protocol (TCP /IP) and click Properties .[...]
-
Página 63
63 5. If an IP address , subnet mask and a Default gateway are shown, write down the information. If no address is present, your account’s I P address is dynamically assigned. Click the Obtain an IP address automatically r adio button. 6. If any DNS ser ver addresses are shown, write them down. Click the Obtain DNS[...]
-
Página 64
64 server address automa ti cally radi o button. 7. Click OK to save your changes.[...]
-
Página 65
65 3.7 Web Configuration Interface BiGuard 30 includes a W eb Configur ation Interface for ea sy administration via virtually any browser on your network. T o access this in terface, open your web browser , enter the IP address of your ro uter , which by default is 192.168.1.254, and click Go . A user name and password wind ow prompt will appear . [...]
-
Página 66
66 Chapter 4: Router Configuration 4.1 Overview The W eb Configuration Interface makes it ea sy for you to manage your network via any PC connected to it. On the W eb Configur ation homepage, y ou will see the navigation pane l ocated on the left hand si de. F rom it, you will be able to select various opti ons used to configure y our router . 1. C[...]
-
Página 67
67 access the page after a user-defined period (5 minutes by default). The following sectio ns will show yo u how to confi gure your router usi ng the W eb Configurati on Interface. 4.2 Status The Status menu displays the v arious option s that have been se lected and a number of statistics about your BiGuard 30. In th is menu, you wil l find the f[...]
-
Página 68
68 No.: Numbe r of the list. IP Address: A list of IP addresses of devices on your LA N. MAC Address: The Media Access Co ntrol (MAC) addresses for each device on your LAN. Interface: The interface name (on the router) that this IP address connects to. Static: Static status of the ARP table entry . NO indicates dynami cally-gener ated ARP table ent[...]
-
Página 69
69 4.2.3 Session Table The NA T Session T able displays a list of current sessions for both incoming and outgoing traffic with pr otoc ol type, source IP , source port, destination IP and destination port, each page shows 10 sessions. No.: Numbe r of the list. Protocol: Protocol type of the Session. From IP: Source IP of the session. From port: sou[...]
-
Página 70
70 your network via D ynamic Host Configur ation Protocol (DHCP). No.: Numbe r of the list. IP Address: A list of IP addresses of devices on your LA N. Device Name: The host name (c omputer name) of the client. MAC Address: The MAC address of cl ient. 4.2.5 IPSec Status The IPSec Status window displa ys the status of the IPSec T unnels that are cur[...]
-
Página 71
71 4.2.6 PPTP Status The PPTP Status wi ndow displays the status of the PPTP T unnels that are currently configured on your BiGuard 30. Name: The name yo u assigned to the particul ar PPTP entry . Enable: Whether t he PPTP connection is curren tly Enable or Disable. Status: Whether the P PTP is Active, Inacti ve or Disabl e. T ype: Whether the Conn[...]
-
Página 72
72 WAN1: T ransmitted (Tx) and Received (Rx) bytes and packets for WAN1. WAN2: T ransmitted (Tx) and Received (Rx) bytes and packets for WAN2. Display: Allows you to change the uni ts of measurement for the tr affic graph. 4.2.8 System Log This window displays BiGuard 30’ s System Log entries. Major events are logged on this window . Refresh: R e[...]
-
Página 73
73 Refresh: Refresh the IPSec Log. Clear Log: Clear the IPSec Log. Send Log: Send IPSec Log to your email account. Y ou can set the email address in Configuration > System > Email Alert . See the Email Alert section for more details. Please refer to Appendix F: IPSec Log Events for more information on log events. 4.3 Quick Start The Quick Sta[...]
-
Página 74
74 4.3.2 Static IP IP assigned by your ISP: Enter the assigned IP address from your I P . IP Subnet Mask: Enter your IP sub net mask. ISP Gateway Address: Enter your ISP gatew ay address. Primary DNS: Enter your primary DN S. Secondary DNS: Enter your secondary DNS. Click Apply to save y our changes. T o reset to defaults, cli ck Reset . 4.3.3 PPPo[...]
-
Página 75
75 4.3.4 PPTP Username: Enter your user name. Password : Enter your password. Retype P assword: Rety pe your password. PPTP Clie nt IP: Enter the PPTP Cl ient IP provided by your ISP . PPTP Client IP Netmask: Enter th e PPTP Client IP N etmask provided by your ISP . PPTP Client IP Gateway: Ent er the PPTP Client IP Gateway provided by your ISP . PP[...]
-
Página 76
76 Username: Enter your user name. Password : Enter your password. Retype P assword: Rety pe your password. Login Server: Enter the IP of the Lo gin server provided by your ISP . Click Apply to save y our changes. T o reset to defaults, cli ck Reset . For detailed instructions on configurin g WAN settings, please refer to the WAN section of this ch[...]
-
Página 77
77 4.4.1 LAN There are three items wi thin this section: Ethernet , DHCP Server and LAN Address Mapping. 4.4.1.1 Ethernet IP Address: Enter the internal LAN IP address for BiGuard 30 (192.168.1.254 by default). Subnet Mask: Enter the subnet ma sk (255.255.255.0 by d efault). RIP: RIP v2 Broadcast and RIP v2 Multicast. Check to enable RIP .[...]
-
Página 78
78 4.4.1.2 DHCP Server In this menu, yo u can disable or enable the Dynamic Host Configur ation Protocol (DHCP) server . The DHCP protocol allows your BiGuard 30 to dy namically assign IP addresses to PCs on your network if th ey are configured to aut omatically obtain IP addresses. T o disable the router ’ s DHCP Server , select the Disable radi[...]
-
Página 79
79 Name: Enter the name you want to give for the IP+Mac Address Fixed Host account. Active: Select whether you want to Enable or Disable this particular Fixed Host account. IP Address: Enter the IP address that you wa nt to reserve for the above MAC address. MAC Address: Enter the MAC address of the PC or server you wish to be assigned a reserved I[...]
-
Página 80
80 Please click Create to create a LAN Address Mapping rule. Name: Please input the name of the rule. IP Address: Please input the LAN Gate way IP A ddress you would li ke to use. Netmask: Please input the Netmask you would like to us e. WAN IP Add ress: Please click Candidates to select the W AN IP address you would like to use from WAN Alias list[...]
-
Página 81
81 The W AN menu contains two items: ISP Settings , Bandwidth Settings and WAN IP Alias . 4.4.2.1 ISP Settings This W AN Service T able displ ays the different WAN connections that are configured on BiGuard 30. T o edit any of these connections, click Edit . Y ou will be t aken to the following menu.[...]
-
Página 82
82 Connection Method: Select how your router will connect t o the Internet. Selection s include Obtain an IP Address Automatically , Static IP Settings , PPPoE Settings , PPTP Settings , and Big Pond Settings . F or each WAN port, the factory default is DHCP . If your ISP does not use DHCP , select the correct connection method and configure the co[...]
-
Página 83
83 and enter your primary and secondary DNS . RIP: T o activate RIP , select Send , Recei ve , or Both from the drop do wn menu. T o disable RIP , select Disable from th e drop down menu. MTU: Enter the Max imum T ransmission Unit (MTU) fo r your network. Network Address T ranslation: Enables or Di sables the NA T function. T o apply this interface[...]
-
Página 84
84 would like to use router mode, you have to input the packet filter rules you wou ld like to forward in Configuration -> Firewall -> Packet filter Click Apply to save y our changes. T o reset to defaults, cli ck Reset . 4.4.2.1.3 PPPoE Username: Enter your user name. Password : Enter your password. Retype P assword: Rety pe your password. C[...]
-
Página 85
85 MAC Address: If your ISP requires you to input a WAN Eth ern et MAC, check the checkbox and enter your MA C address in the blanks below . Candidates: Y ou can also select the MAC address f rom the list in the Candidat es. DNS: If your ISP requires you to manu ally setup DNS settings, check the checkbox and enter your primary and secondary DNS . [...]
-
Página 86
86 PPTP Client IP Gateway: Ent er the PPTP Client IP Gateway provided by your ISP . PPTP Server IP: Enter t he PPTP Serv er IP pro vided by your ISP . Connection: Select wh ethe r the connection should Always Conn ect or Trigger on Demand . If yo u want th e router to establish a PPTP session when starting up a nd to automatically re-establish the [...]
-
Página 87
87 Username: Enter your user name. Password : Enter your password. Retype P assword: Rety pe your password. Login Server: Enter the IP of the Lo gin server provided by your ISP . MAC Address: If your ISP requires you to input a WAN Eth ern et MAC, check the checkbox and enter your MA C address in the blanks below . Candidates: Y ou can also select [...]
-
Página 88
88 bandwidth for each WA N port. WAN1: Enter your ISP inbound and outbo und bandwidth fo r WAN1. WAN2: Enter your ISP inbound and outbo und bandwidth fo r WAN2. NOTE: These v alues entered here are refe renced b y both QoS and Load Balancing functions. 4.4.2.3 WAN IP Alias WAN IP Alias allows you to input additional WAN IP addresses. WAN IP Alias c[...]
-
Página 89
89 Name: Please input the name of the rule. IP Address: Please input the additional W AN IP address you would lik e to use. Interface: Please select th e W AN Interface that you would like to add the additional WAN I P t o. Click the Apply button to add the configur ation into the W AN IP Alias. 4.4.3 Dual WAN In this section, you can setup the fai[...]
-
Página 90
90 Mode: Y ou can select L oad Balance or F ail Over . Service Detection: En ables or disables the service detection feature. For fail over , the service detection fun ction is enabled. For load balance, user is able to enable or disable it. Connectivity Decisi on: Establishes the num ber of times probing the c onnection has to fail before the conn[...]
-
Página 91
91 Outbound Load Balancing on BiGuard 30 can be based on one of two methods: 1. By session mechanism 2. By IP address hash mechanism Choose one by clicking the corresponding ra dio button. Based on Session Mechanism: The source IP address and destination IP address might go through WAN1 or W AN2 according to policy settings in this mechan ism. Y ou[...]
-
Página 92
92 authenticate the source IP addres s. Balance by weight of link capacity: Uses an IP hash to balance tr affic based on weight of link band width capacity . Balance by weight: Uses an I P hash to balance tr affic based on a ratio . Enter the desired rati o into the blanks provided. Click Apply to save your changes. 4.4.3.3 Inbound Load Balance Fun[...]
-
Página 93
93 SOA: Domain Name: The domain name of DNS Server 1. It is the name that you register on DNS organizat ion. Y ou have to fill-out the Fu lly Qualified Domain Name (FQDN) with an ending character (a dot) for this text field.(ex:abc.com.).W hen you enter the follow ing domain name, you can only inpu t different chars with out an ending dot, its name[...]
-
Página 94
94 T o edit t he Host Mapping URL list, click Edit . This will ope n the Host Mapping URL table, which lists the c urrent Host Mapping URLs. T o add a host mapping URL to the list, click Create . Domain Name: The domain name of the local host. Host URL: The URL to be mapped. Private IP Address: The IP address of the local host. Helper: Y ou could a[...]
-
Página 95
95 Port R ange: The port r ange of all incomi ng packets are accepted and processed by a local host with the specified pr ivate IP address. Candidates: Y ou can also select the Candidat es which are referred from th e ARP table for automatic input. Name1: The Alias Host URL Name2: The Alias Host URL Click Apply to save your changes. 4.4.3.4 Protoco[...]
-
Página 96
96 Interface: Choose which W AN port to use: W AN1, W AN2 Pack et T y pe: The particular protocol of Internet traffic for the specified policy . Choose from TCP , UDP , or Any . Source IP R ange: All Source IP: Click it to specify all source IPs. Specified Source IP: Click to specify a sp ecific source IP address and source IP netmask. Source IP Ad[...]
-
Página 97
97 4.4.4 System The System menu allows you to adjust a variety of basic router settings, upgrade firmware, set up remote access, an d more. In this menu are the follow ing sections: Time Zone , Remote Access , Firmware Upgrade , Backup /Res tore , Restart , Password , System Log and E-mail Alert . 4.4.4.1 Time Zone BiGuard does not use an onboard r[...]
-
Página 98
98 Time Z one: Select Enabl e or Disable this function. Local Time Z one(+-GMT Time): Pl ease select the time zone that belongs to your area. NTP Server Address: Please input the NTP serv er address you would like to use. Daylight Sa ving: T o have Bi Guard 30 automatically adjust for Da ylight Savi ngs Time, please check the Automatic checkbo x. R[...]
-
Página 99
99 Allow Re mote Access By: Everyone: Please check if you allow any IP addresses for the remote user to access. Only the PC: Please specify the IP Address that is allowed to access. PC from the subnet: Please specify th e subnet that is allow ed to access. 4.4.4.3 Firmware Upgrade Upgrading y our BiGuard 30’ s firmware is a quick and easy wa y to[...]
-
Página 100
100 functionality , better reliability , and ensure trouble-f ree operation. T o upgrade your firmware, simpl y visit Billion’ s website ( http://w ww .billion.com ) and download t he latest firmware image file for BiGu ard 30. Next, click Browse and select the newly downloaded firmw are file. Click Upgrade to complete the update. NOTE: DO NO T p[...]
-
Página 101
101 T o restore a prev iously saved backup file, click Browse . Y ou will be prompted to select a file from your P C to restore. Be su re to only restore setting file s that have been generated by the Backup function, an d that were created when using the sam e firmware version. Settings files saved t o your PC should not be manually edited in any [...]
-
Página 102
102 In order to prevent unauth orized access to your router ’ s configuration interface, it requires the administr ator to login with a password. Y ou can change y our password by entering your new password in both fields. Click Apply to sa ve your changes. Click Reset to reset to the default administr ation password (admin). 4.4.4.7 System Log S[...]
-
Página 103
103 activity . T o enable this functi on, select the En able radio butto n and enter your Syslog server IP addres s in the Log Server IP Address field. Click Apply to save your changes. T o disable this featur e, simply select the Disable r adio button and click A pply . 4.4.4.8 E-mail Alert The Email Alert function allow s a log of se curity-relat[...]
-
Página 104
104 the five options: Immediately: The router will send an alert immediat ely . Hourly: The router will send an alert once ev ery hour . Daily: T h e r o u t e r w i l l s e n d a n a l e r t o n c e a day . The exact time can be specified using the pu ll down menu. Weekly: The router will send an alert once a week. When log is full: The router wil[...]
-
Página 105
105 The Pack et Filter function is used to limit user access to certain sites on the Internet or LAN. The Filter T able displays all current filter ru les. If there is an ent ry in the Filter T ab le, you can click Edit to modify the setting of th is entry , click Delete to remove this entry , or click Move to change this entry’ s priority . When[...]
-
Página 106
106 applications accessing your local ne twork from the In ternet. Outgoing Pack et Filter rules prevent unauthorized computers or a pplications accessing the Internet. Select if the new filter rule is i ncoming or outgoing . Source IP: Select An y , Subnet , IP Range or Single Address . Starting IP Address: Enter the source IP or starting source I[...]
-
Página 107
107 The URL Filter is a powerful t ool that can be used to limit access to certain URLs on the Internet. Y ou can block we b sites based on k eywords or even block out an entire domain. Certain web features ca n also be blocked to grant added security to your network. URL Filtering: Y ou can choose to Enable or Disable this feature. K eyword Filter[...]
-
Página 108
108 Domains Filtering: Click the top checkbox to enable this f eature. Y ou can also choose to disable all web tr affic except for trust ed sites by clicki ng the bottom checkbox. T o edit t he list of filtered domain s, click Details. Enter a domain and select whether this domain is trusted or forbidden w ith the pull-down menu. Next, click Apply [...]
-
Página 109
109 Enter a name for the IP Address and then enter the IP address i tself . Click Apply to save your changes. The IP address will be ent ered into the Exception List, an d excluded from the URL f iltering rules in effect. 4.4.5.3 LAN MAC Filter LAN Mac Filter can decide that BiGuard will serve those devices at LAN side or not by MAC Address. Defaul[...]
-
Página 110
11 0 Create: Y ou can also input a specified MAC Add ress to be dropped or F orward without depending on the default rule. Rule: Enable or disable this entry . Action When Matched: Select to Drop or For ward the packet specified in this filt er entry . MAC Address: The MAC Address you would like to apply . Candidates: Y ou can also select the Candi[...]
-
Página 111
111 Blocking W AN requests is one wa y to prevent DDOS a ttacks by preve nting ping requests from the Internet . Use t his menu to enable or disabl e function. 4.4.5.5 Intrusion Detection Intrusion Detection can prevent most common DoS atta cks from the Internet or from LAN users. Intrusion Detection : Enable or disable this function. Intrusion Log[...]
-
Página 112
11 2 Limit Maximum sessions per IP to (with reject an d dr op opti ons ): Jus t like the previous option, this option expands on wh at to do with additional sessions above the maximum limit. Y ou can either rej e ct the additional se ssions for a period of time or just drop all packets from those sessions for a period of time. 4.4.6 VPN VPN is a wa[...]
-
Página 113
11 3 Connection Name: A user-defin ed name for the connection. Interface: Select th e interface the IPSec tu nnel will apply to. WAN1: Select interface WAN1 WAN2: Select interface WAN2 Auto: The device wi ll automatically apply the tunnel to WA N1 or WA N2 depending on which WAN interface is active when the IPSec tunn el is being established. Note.[...]
-
Página 114
11 4 Secure Gateway Address (or Domain Name ): The IP address or hostname of the remote VPN gatewa y . Remote Network: The subnet of the remote network. Allows you to e nter an IP address and netmask. Back: Back to the Previous page. Next: Go to the next page. (2)LAN to Mobile LAN: BiGuard would like to establish an IPSec VPN tunnel with remote rou[...]
-
Página 115
11 5 Re mote Identifier: The Identifier of the remote gateway . According to the input value, the ID type will be auto-defi ned as IP Address, FQDN(DNS) or FQUN(E-mai l). Remote Network: The subnet of the remote network. Allows you to e nter an IP address and netmask. Back: Back to the Previous page. Next: Go to the next page. (3)LAN to Host: BiGua[...]
-
Página 116
11 6 remote VPN device that is connected and establishes a VPN tunnel. Back: Back to the Previous page. Next: Go to the next page. (4)LAN to Mobile Host: BiGuard would like to establ ish an IPSec VPN tunnel wi th remote client software using Dynamic In ternet IP by using aggressiv e mode. Re mote Identifier: The Identifier of the remote gateway . A[...]
-
Página 117
11 7 VPN Client IP Address: The VPN C lient Address for BiGuard VPN Client, t his value will be applied on both remote ID and Remote Network as single address. Back: Back to the Previous page. Next: Go to the next page. After your confi guration i s done, you wi ll see a Configuration Summary . Back: Back to the Previous page. Done: Click Done to a[...]
-
Página 118
11 8 4.4.6.1.2 IPSec Policy Click Create to create a new IPSec VPN connection account. Configuring a New VPN Connection[...]
-
Página 119
11 9 Connection Name: A user-defin ed name for the connection. T unnel: Select Enable to activate this tunnel. Sel ect Disable to deactiv ate this tunnel. Interface: Select th e interface the IPSec tu nnel will apply to. WAN1: Select interface WAN1 WAN2: Select interface WAN2 Auto: The device wi ll automatically apply the tunnel to WA N1 or WA N2 d[...]
-
Página 120
120 interface if Aut o is selected. Local: This section configures th e local host. ID: This is the ident ity type of th e local router or host. Choose from the following four options: WAN IP Add ress: Automatically use the current WAN Address as ID . IP Address: Use an IP address format. FQDN DNS(Fully Qualified Domain Name) : Consists of a hostna[...]
-
Página 121
121 Any Local Address: Will enable any local address on the network . Subnet: The subnet of the remote network. Selectin g this option allows you to enter an IP address and netmask. IP Range: The IP Rang e of the remote network. Single Address: The IP address of the remote host. Gateway Address: The gatewa y address of the remote host. Proposal: Se[...]
-
Página 122
122 negotiation time. Diff ie-Hellman is a public-key cryptography protocol that allows two parties to establish a shar ed secret over the Internet. Pre-shared K ey: This is for the Intern et K ey Exchange (IKE) protocol. IKE is used to establish a shar ed security policy and authe nticated keys for s ervices (such as IPSec) that require a key . Be[...]
-
Página 123
123 Local Subnet: Displays IP address a nd subnet of the local network. Remote Sub net: Displays IP address and subnet of the remote n etwork. Remote Gatew ay: This is the IP add ress or Domain Name of the remote VPN device that is connected and has an es tablished IPSec tunnel. IPSec Proposal: This is the se lected IPSec security method. 4.4.6.2 P[...]
-
Página 124
124 Connection Name: A user-defin ed name for the connection. T unnel: Select Enable to activate this tunnel. Sel ect Disable to deactiv ate this tunnel. Username: Please input the userna me for this account. Password : Please input the password for this account. Retype P assword: Please repeat the same password as previous field. Connection T ype:[...]
-
Página 125
125 The first menu screen gives you an overview of wh ich WAN ports currently have QoS active, and the bandwidth settings for each. WAN1 Ou tbound: QoS Function: QoS status for W AN1 outbound. Select Enable to activate QoS for WAN1’ s outgoing tr affic. Select Disable to deactiv ate. Max ISP Bandwidth: The maximum bandwidth afforded b y the ISP f[...]
-
Página 126
126 Creating a New QoS Rule T o get st arted using QoS, you will need t o establish QoS rules. These rules tell BiGuard 30 how to handle both incoming and outgoing tr affic. The following example shows you how to configure WAN1 Outbound QoS. Configuring th e other traffic types follows the same process. T o make a new rule, click Rule T able. T his[...]
-
Página 127
127 Interface: The current tr affic type. This can be W AN1 (outbound, inbound) and WA N2 (outbound, inbou nd). Application: User defined applicati on name for the current rule. Packet Type: The type of packet this ru le applies to . Choose from Any , TCP , UDP , or ICMP . Guarantee d: The guaranteed amount of bandwidth for this rule as a percentag[...]
-
Página 128
128 Helper: Y ou could also select the application type you would like to apply for automatic input. Click Apply to save your changes. For MAC Address: Source MAC Addre ss: The source MAC Address of the device this rule applies to. Candidates: Y ou can also select the Candidates which are referred from the ARP table for automatic input. Source Port[...]
-
Página 129
129 ports to the PC on your netw ork running th e application. Y ou will also need to us e port forwarding if you want to host an onlin e game server . The reason for this is t hat when using NA T , your publicly accessible IP address will be used by and point to your router , which then needs to deliver all traffic to the private IP addresses used[...]
-
Página 130
130 table for automatic input. Select the Apply button to apply your changes. 4.4.8.2 Port Forwarding Table Because NA T can act as a "natural" Internet firewall, your router prot ects your network from being accessed by outside user s, as all incoming connecti on attempts will point to your router un less you specifically create Virtual [...]
-
Página 131
131 Application: User defined applicati on name for the current rule. Helper: Y ou could also select the application type you would like to apply for automatic input. Protocol type: please select protocol type External Port: Enter the port number of the service that will be sent to the Internal IP address. Redirect Port: Enter a new port number for[...]
-
Página 132
132 advantage of the more adv anced featur es of BiGuard 30. Users who do not understand the features should not attempt to reconfi gure their router , unless advised to do so by support staff . There are five items within the Adv anced section: Static Rout e , Dynamic DNS , Device Management , IGMP and VLAN Bridg e . 4.4.9.1 Static Route The stati[...]
-
Página 133
133 Rule: Sele ct Enable to activ ate this rule, Disable to deacti vate thi s rule. Destination: This is the destination subnet IP address. Netmask: This is the subnet mask of the destination IP addresses based on abo ve destination subnet IP . Gateway: This is the gatewa y IP address to which packets are to be forwarded. Interface: Select the inte[...]
-
Página 134
134 Y ou will first need t o register and establish an account with the Dyn amic DNS provider using their website, Example: DYNDNS http://www .dyndns.org/ (BiGuard 30 supports severa l Dynamic DNS providers , such as www .dyndns.org , www .orgdns.org , www .dhs.org , www.dyns.cx , www .3domain.hk , www .dyndns.org , www .3322.org ) Dynamic DNS: Dis[...]
-
Página 135
135 4.4.9.3 Device Management The Device Management Advan ced Configur ation settin gs allow you to control you r router’s security options and device monitoring features. Device Name Name: Enter a name for this device. Web Server Settings HTTP Port: This is the port number the ro uter’ s embedded web server (for web-based configuration) will u[...]
-
Página 136
136 SNMP Function: Select Enable to activa te this function, Disable to deacti vate this function. SNMP V1 and V2 Read Community: In put the string for R ead community to match your SN MP software. Write Community: Input the string for W rite community to matc h your SNMP software. Trap Community: Input the string for T rap community to match yo ur[...]
-
Página 137
137 Click Apply to apply this f uncti on, and please note that the setting wi ll become effective after y ou save to flash and restart the router . 4.4.9.5 VLAN Bridge This section allows you to create VLAN group and specify the member. VLAN Mode: Select Disable to disable VLAN mode, select Bridge Mode to use VLAN Bridge function and sele ct Taggin[...]
-
Página 138
138 Tagged Member port( s): Please check the interface th at yo u would like to use i n this VLAN ID group. Untagged Member port(s): Please check the interface that you would like to use in this VLAN ID grou p. Click Apply to add this rule. 4.5 Save Configuration To Flash After changing th e router’s configuration settings, you must save all of t[...]
-
Página 139
139 Chapter 5: Troubleshooting 5.1 Basic Functionality This section deals with issues regarding your BiGuard 30’ s basic functions. 5.1.1 Router Won’t Turn On If the Po wer and other LEDs fail to l igh t when your BiGuard 30 is turne d on: - Make sure that the po wer cord is properly connected to your firewall and that the power supply adapter [...]
-
Página 140
140 or workstation. - Make sure that power is turned o n to the connected hub or workstation. - Be sure you are using the correct cable. When connecting the firewall’ s Internet port to a cable or DSL modem, use the cabl e that w as supplied with the cable or DSL modem. This cable could be a standard str aight-throug h Ethernet cable or an Ethern[...]
-
Página 141
141 - Check the 10/100 LAN LEDs on BiGuard 30’ s front panel. One of these LEDs should be on. If they are both off , check the ca bles between BiGuard 30 and the hub or PC. - Check the corresponding LAN LEDs on your PC’ s Ethernet device are on. - Make sure that driver softw are for your PC’ s Ethernet adapter and TCP/IP softw are is correctl[...]
-
Página 142
142 3. Make sur e that the Delete All Offli ne Content checkbox is checked, and click OK . 4. Click OK under Internet Options to close the dialogue. - In Windows, type ar p –d at the command prompt to clear you com puter’s ARP table.[...]
-
Página 143
143 5.2.3.1 Pop-up Windows T o use the W eb Configuration Inte rface, you need to disabl e pop-up blocking. Y ou can either disable pop-up blocking, whic h is enabled by default in Windows XP Service Pack 2, or create an ex cept ion for your BiGuard 30’ s IP address. Disabling All Pop-ups In Internet Explorer , select Tools > Pop-up Blocker an[...]
-
Página 144
144 3. Under Scripting , check to see if Active scripting is set to Enable . 4. Ensure that Scripting of J ava applets is s et to Enabled . 5. Click OK to close the dialogue. 5.2.3.3 Java Permissions The following Java P ermissions should also be given for the W eb Configuration Interface to display properl y: 1. In Internet Explorer , click Tools [...]
-
Página 145
145 4. Click OK to close the dialogue. NOTE: If Jav a from Sun Microsystems is installed, scroll down to Java (Sun) and ensure that the check box is filled. 5.3 WAN Interface If you are ha ving problems with th e WAN I nterface, refer to the tips b elow . 5.3.1 Can’t Get WAN IP Address from the ISP If the W AN IP address cannot be obtai ned from [...]
-
Página 146
146 4. Check to see that the W AN port is properly connected to the ISP . If a Connected by (x) where (x) is yo ur connection method is not sho wn, your route r has not successfully obtained an IP address from your ISP . If an IP address cannot be obtained: 1. T u rn off the power to yo ur cable or DSL modem. 2. T u rn off the power to your BiGuard[...]
-
Página 147
147 If an IP address can be obtained, but yo ur PC cannot load an y web pages from the Internet: - Y our PC may not recognize DNS se rver addresses. Configure yo ur PC manually with DNS addresses. - Y our PC may not have the ro uter correctly configured as its TCP/I P gateway . 5.5 Problems with Date and Time If the date and time is not being displ[...]
-
Página 148
148 Appendix A: Product Specifications Availability and Resilience - Dual- WAN ports - Load balancing for increased bandwi dth o f inbound and outbound tr affic - Automatic failo ver to redirect the pa ck et when one broadband co nnection is broken. It will keep yo ur Internet connection al ways online whene ver one connection should fail. Virtual [...]
-
Página 149
149 Firewall - Stateful P acket Inspe ction (SPI) and Denial of Service (DoS) preve ntion - Pack et filter un-permitted inbou nd (WA N)/Inbound (LAN) Internet access by IP addre ss, port number and packet type - Email alert and logs of attack - MAC Address Filterin g - Intrusion detecti on Content Filtering - URL Filter settings prevent user acce s[...]
-
Página 150
150 Physical Interface Ethernet W AN 2 ports (10/100 Base- T), support Auto- Crossover (MDI/MDIX) Ethernet LAN 8 ports (10/100 Base- T) swit ch support Auto- Crossover (MDI/MDIX) Physical Specifications Dimensions: 18.98" x 6.54" x 1 .77" (482mm x 166 mm x 45mm, with Br acket) 9.84" x 6.54" x 1.3 8" (250mm x 166 mm x 3[...]
-
Página 151
151 Appendix B: Customer Support Most problems can be solved by referring to the T roubleshooting sect ion in the User’s Manual. If you cannot resolve the problem w ith the T roubleshootin g chapter , please contact the dealer wher e yo u purchased this product. Contact Billion Wo r l d w i d e http://www.billion.com/[...]
-
Página 152
152 Appendix C: FCC Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the followin g two condition s: - This device may not c ause harmful interference. - This device must accept any interference received, includ ing interference t hat may cause undesired operations. This equipment has been tested and fo[...]
-
Página 153
153 Appendix D: Network, Routing, and Firewall Basics D.1 Network Basics D.1.1 IP Addresses With the number of T CP/IP networks interconnected across the globe, ensuring that transmitted data reaches the corre ct dest ination requires each computer on the Internet has a unique identif ier . T his iden tifier is known as the IP address. The Internet[...]
-
Página 154
154 back slash (/). F or example, a typica l Class C address could be written as 192.168.234.245/24, which means th at the net mask is 24 ones followed by 8 zeros. (11111111 11111111 11111111 00000000). D.1.1.2 Subnet Addressing Subnet addressing enables th e split of one IP network address into mu ltiple physical networks. These smaller networks a[...]
-
Página 155
155 from these ra nges. D.1.2 Network Address Translation (NAT) T raditionally , mult iple PCs that needed simult aneous Intern et access also required a range of IP addresses from the Internet Se rvice Provider (ISP). Not only was this method very costly , but t he number of available IP addresses for PCs is limited. Instead, BiGuard 30 uses a typ[...]
-
Página 156
156 D.2 Router Basics D.2.1 What is a Router? A router is a device that forw ards data pack ets along networks. A route r is connected to at least two net works. Usua lly , this is a LAN and a WAN that is connected to an ISP network. R outers ar e located at gateways, the places where two or more networks connect. R outers use headers and forwardin[...]
-
Página 157
157 D.3 Firewall Basics D.3.1 What is a Firewall? Firewalls prevent un authoriz ed Internet users from accessing private networks connected to the Internet. All messages entering or leaving the int ranet pass through the fi rewall, which exami nes each message and blocks those that do not meet the specified security criteria. With the functionality[...]
-
Página 158
158 D.3.2 Why Use a Firewall? With a LAN connected to the Internet throug h a router , there is a chance for hackers to access or disrupt your network. A simp le NA T router provides a basic level of protection by shield ing your network from the out side Internet . Still, there are ways for more dedicated hackers to ei ther obtain information abou[...]
-
Página 159
159 Appendix E: Virtual Private Networking E.1 What is a VPN? A Virtual Private Network (VPN ) is a shared network where private data is segmented from other tr affic so that only the intended recipi ent has access. It allows organizations to securely tr ansm it data o ver a public medium lik e the Internet. VPNs utilize tunnels , which allow data [...]
-
Página 160
160 data authentication, integri ty , and confidentiality as data is trans ferred across IP networks. IPSec provides data security at the IP packet level, and protects again st possible security risks by pr otecting data. IPSec i s widely used to establi sh VPNs. There are three major functions of IPSec: - Confidentiali ty: Conceal s data through e[...]
-
Página 161
161 E.2.1.2 Encapsulating Security Payload (ESP) Encapsulating Security P ayload (ESP) provid es priv acy for data through encryption. An encryption algorithm combi nes the data with a k ey to encrypt it. I t then repackages the data using a specia l format, and transmi ts it to the destination. T he receiver then decrypts the data usi ng the same [...]
-
Página 162
162 E.2.1.3 Security Associations (SA) Security Associations are a one-way relationsh ips between sender and receiver th at specify IPSec-related parameters. They provide data protection by using the defined IPSec protocols, and allow organizati ons to control according to the security policy in effect, which resou r ces may communicate securely . [...]
-
Página 163
163 T ransport Mode - This mode is used to provide data se cu rity between tw o networks. It prov ides protection for the entire IP packet and is sent by adding an outer IP header corresponding to the two tunnel end-points. Since tunnel mode hides the original IP header , it provides security of the ne tworks with private I P address space. E.2.3 T[...]
-
Página 164
164 E.2.4 Tunnel Mod e ESP Here is an example of a packet with ESP applied: E.2.5 Internet Key Exchange (IKE) Before either AH or ESP can be used, it is nece ssary for the two communication devices to exchange a secret key that the security prot ocols themselves will use. T o do this, IPSec uses Internet K ey Exchange (I KE) as a primary support pr[...]
-
Página 165
165 encryption, and is more vulnerable to Denial of Service attacks. Phase II, known as Quick M ode, establishes symmetrical IPSec Security Associations for both AH and ESP . It do es this by negotiating IPSec par ameters, exchange nonces to derive session k eys from the IKE shar ed secret, exchange DH values to generate a new key , and identify wh[...]
-
Página 166
166 Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories There are three major categories of IPSe c Log Events for y our BiGuard 30. These include: 1. IKE Negotiate P acket Messages 2. Rejected IKE Messages 3. IKE Negotiated Status Messages The table in the followi ng section lists th e different events of each category , and provides a[...]
-
Página 167
167 Send Main mode second response message of ISAKMP Sending the main mode second response message. Done to exchange key values. Received Main mode second response message of ISAKMP Received the main mode second response message. Done to exchange key values. Send Main mode third message of ISAKMP Sending the third message of main mode. Done for aut[...]
-
Página 168
168 Received Quick mode first response message Received the first response message of quick mode (Phase II). Done to exchange proposal and key values (IPSec). Send Quick mode second message Sending the second message of quick mode (Phase II). Received Quick mode second message Received the second message of quick mode (Phase II). ISAKMP IKE Packet [...]
-
Página 169
169 Received Delete SA payload: Deleting ISAKMP State ( integer ) (Main/Aggressive) mode peer ID is (identifier string) ISAKMP SA Established IPsec SA Established[...]
-
Página 170
170 Appendix G: Bandwidth Management with QoS G.1 Overview In a home or office environment, users cons tantly ha ve to tr ansmit data to and from the Internet. When too many are accessing the Internet at the same time, service can slow to a crawl, causing service interruption s and general frustration. Quality of Service (QoS) is one of the wa ys B[...]
-
Página 171
171 -Prioritizat ion: Assigns diff erent priority levels for diff erent applications, prioritizing traffic. Hi gh, Normal an d Low priority settings. -Outbound and Inbound IP Throttling: Cont rols network traffic and allows you to limit the speed of each application. -DiffServ T echnology: Manages priority queues and DSCP tagging through the Intern[...]
-
Página 172
172 Application Data Ratio (%) Priority On-line games 30% High Skype 5% High Email 10% High FTP 20% Upload (High), Download (Normal) Other 35% G.4.2 Office Users QoS is also ideal for small businesses u sin g an office server as a web server . With QoS control, web pages served to y our customers can be given top pr iority and delivered first so th[...]
-
Página 173
173 Appendix H: Router Setup Examples H.1 Outbound F ail Over Step 1: Go to Configur ation > WAN > ISP Settings . Select WAN1 and WAN2 and click Edit . Step 2: Configure WAN1 and WAN2 according to the information given by your ISP .[...]
-
Página 174
174 Step 3: Go to Configur ation > Dual W AN > General Settings. Select the Fail Over radio butto n. Under Connectivity Decision , i nput the number of times Bi Guard 30 should probe the WAN before deciding that the ISP is in service or not (3 by default). Next, input the dur ation of the prob e cycle (30 sec. by defa ult) and choose the way [...]
-
Página 175
175 Please ensure the W AN ports are functioning by performing a ping oper ation on each before proceeding. Finally , choose whethe r or not BiGuard 30 should fail back to WAN 1 . Step 4: Click Save Config to save all changes to flash memory . H.2 Outbound L oad Balancing With Outbound Load Balanci ng, you can impro ve upload performance by optimiz[...]
-
Página 176
176 Step 2: Configure your WAN2 ISP settings and click Apply . Step 3: Go to Configuration > Dual WAN > General Settings . Select the Load Balance radio button.[...]
-
Página 177
177 Step 4: Go to Configur ation > Dual WAN > Outbound Load Balance . Choose the Load Balance mechanism you want and click Apply . Step 5: Complete. T o check tr affic statistics, g o to Status > Traffic Statistics . Step 6: Click Save Config to save all changes to flash memory .[...]
-
Página 178
178 H.3 Inbound Fail Over Configuring your BiGu ard 30 for Inbound Fail Over is a great way to ensure a more reliable connection for i ncoming requ ests. T o do so, follow these steps: NOTE: Befo re you begin, ensure that both W AN1 and W AN2 have been properly configured. See Chapter 4: Router Configuration for more details. Step 1: From the W eb [...]
-
Página 179
179 Step 2: Configure F ail Over options if necessary . Step 3: Go to Configuration > Adva nced > Dynamic DNS . Set the WAN1 DDNS settings.[...]
-
Página 180
180 Step 4: From the same menu, set the W AN2 DDNS settings. Step 5: Click Save Config to save all changes to flash memory .[...]
-
Página 181
181 H.4 DNS Inbound Fail Over NOTE: Befo re proceeding, please ensure that both W AN1 and WAN2 are properly configured according to the settings prov ided by your ISP . If not, please refer to Chapter 4.2.2. 1 ISP Settings for details on how t o configure your WAN ports. Step 1: Go to Configur ation > Dual WAN > General Settings . Select the [...]
-
Página 182
182 Enable radio button an d configure DNS Server 1 by clicking Edit . Step 3: Input DNS Server 1 se ttings and click Appl y . Step 4: Configure your Host URL Ma pping for DNS Server 1 by clicking Edit to ente r the Host URL Mappings List. Click Create and input the settings for Host URL Mappings and click New .[...]
-
Página 183
183 Step 5: Click Save Config to save all changes to flash memory . H.5 DNS Inbound Load Balancing Step 1: Go to Configuration > Dual WAN > General Settings . Select the Load Built-in DNS 192.168.2.2 192.168.2.3 FTP HTTP 200.200.200.1 www .m ydomain.com 200.200.200.1 Authoritative Domain Name Server 100.100.100.1 100.100.100.1 DNS Request DNS[...]
-
Página 184
184 Balance radio button. Step 2: Go to Configur ation > Dual WAN > Inbound Load Balance > Server Settings and configur e DNS Server 1. Step 3: Go to Configuration > Dual WAN > Inbound Load Balance > Host URL[...]
-
Página 185
185 Mapping and configur e your FTP mapping. Step 4: Next configure your HTTP mapping. Step 5: Click Save Config to save all changes to flash memory .[...]
-
Página 186
186 H.6 Dynamic DNS Inbound Load Balancing Step 1: Go to Configuration > WAN > Bandwidth Settings. Configure your WA N inbound and outbound bandwidth. www.billion2.dyndns.org Remote Access from Internet www.billion3.dyndns.org www.billion3.dyndns.org www.billion2.dyndns.org 192.168.2.2 192.168.2.3 FTP HTTP[...]
-
Página 187
187 Step 2: Go to Configuration > Dual WAN > Gener al Settings and enable Load Balance mode. Y ou may then decide whether to enable Service Detection or not. Step 3: Go to Configur ation > Dual WA N > Outbound Load Balance . Choose your load balance policy and click Apply to apply your changes. If you selected Based on session mechanism[...]
-
Página 188
188 Step 4: Go to Configuration > Ad vanced > Dynamic DNS and input the dynami c DNS settings for W AN1 and WAN2. WAN 1 :[...]
-
Página 189
189 WAN 2: Step 5: Go to Configuration > Virtual Se rver and set up a virtual server for both FTP a nd HT TP .[...]
-
Página 190
190 Step 6: Click Save Config to save all changes to flash memory . H.7 VPN Configuration This section outlines some concrete examples on how you can confi gure BiGuard 30 for your VPN. H.7.1 LAN to LAN [[...]
-
Página 191
191 Branch Office Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 192.168.0.0 192.168.1.0 Netmask 255.255.255.0 255.255.255.0 Remote Secure Gateway Address(or Hostname) 69.121.1.3 69.121.1.30 ID IP Address IP Address Data 69.121.1.3 69.121.1.30 Network Subnet Subnet IP Ad[...]
-
Página 192
192 H.7.2 Host to LAN Single client Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 0.0.0.0 192.168.1.0 Netmask 0.0.0.0 255.255.255.0 Remote Secure Gateway Address(or Hostname) 69.121.1.3 69.121.1.30 ID IP Address IP Address Data 69.121.1.3 69.121.1.30[...]
-
Página 193
193 Network Subnet Single Address IP Address 192.168.1.0 69.121.1.30 Netmask 255.255.255.0 255.255.255.255 Proposal IKE Pre-shared Key 12345678 12345678 Security Algorithm Main Mode; ESP: MD5 3DES PFS Main ESP MD5 3DES PFS H.8 IP Sec Fail Over (Gateway to Gateway) Before Fail Over After Fail Over 192.168.2.x 192.168.2.x 200.200.200.1 200.200.200.1 [...]
-
Página 194
194 Step 1: Go to Configuration > Dual WAN > Gener al Settings . Enable Fail Over by selecting the Fail Over radio button. Then, configure your F ail Over policy . Step 2: Go to Configur ation > Advanced > Dy namic DNS and configure your dynamic DNS settings ( Both WA N1 and W AN2).[...]
-
Página 195
195 Step 3: Go to Configur ation > VPN > IPSec > IPSec Policy . Click Create to configure VPN settings. Step 4: Click Save Config to save all changes to flash memory . T o configure BiGuard 10 gateway , refer to the screenshot below.[...]
-
Página 196
196 H.9 VPN Concentrator Step 1: Go to Configur ation > VPN > IPSec > IPSec Policy and configure t he link from BiGuard 30 to BiGuard 10 Branch A. 100.100.100. 1 200.200.200. 1 192.168.2.x 192.168.3.x 201.201.201. 1 192.168.4.x Local ID T ype: Subnet Local subnet: 0.0. 0.0 Local mask: 0. 0.0.0 Remote ID T ype: Subn et Remote subnet: 1 92.1[...]
-
Página 197
197 Step 2: Go to Configur ation > VPN > IPSec > IPSec Policy and configure t he link from BiGuard 30 to BiGuard 10 Branch B . Step 3: Go to Configur ation > VPN > IPSec > IPSec Policy and configure t he connection from BiGuard 10 Branch A to BiGuard 30.[...]
-
Página 198
198 Step 4: Go to Configur ation > VPN > IPSec > IPSec Policy and configure t he connection from BiGuard 10 Branch B to BiGuard 30. Step 5: Click Save Config to save all changes to flash memory . H.10 Protocol Binding Step 1: Go to Configuration > Dual WAN > General Settings. Select the Load Balancing radio button.[...]
-
Página 199
199 Step 2: Go to Configur ation > Dual WA N > Protocol Binding and configure settings for WAN1. Step 3: Go to Configur ation > Dual WA N > Protocol Binding and configure settings for WAN2. Step 4: Click Save Config to save all changes to flash memory .[...]
-
Página 200
200 H.11 Intrusion Detection Intrusion Detection on Internet Internet Detected! Dropped BiGuard Safe!! Server Safe!! Hacker DoS Attack DoS Attack Hacker Hacker DoS Attack DoS Attack Step 1: Go to Configur ation > Firewall > Intrusion Detection and Enable th e settings. Step 2: Click Apply and then Save Config to sa ve all changes to flash mem[...]
-
Página 201
201 Step1: Go to Configuration > VP N > PPTP and Enable the PPTP function, C lick Apply . Step2: Click Create to create a PPTP Account. Step3: Click Apply , you can see the account is successfully created.[...]
-
Página 202
202 Step4: Click Save Config to save all changes to flash me mory . Step5: In Windows XP , go Start > Settings > Network Connections .[...]
-
Página 203
203 Step6: In Netwo rk Ta sks , Click Create a new connection , and press Next. Step7: Select Connect to the net work at my workplace and press Next .[...]
-
Página 204
204 Step8: Select Virtual Private Network connection and press Next . Step9: Input the user-defined na m e for this connection and press Next .[...]
-
Página 205
205 Step10: Input PPTP Server Address and press Next . Step11: Please press Finish .[...]
-
Página 206
206 Step12: Double cl ick the connection, a nd input Usern ame and Password that defined in BiGuard PPTP Account Settings . PS. Y ou can also refer the Properties > Security page as below , by default.[...]
-
Página 207
207 H.13 PPTP Remote Access by BiGuard Internet Internet Internet Internet 100. 100. 10 0.1 Headquarter BiGuard &PPTP S erver PPTP Tunnel Branch Office 200.200.200.1 BiGuard &PPTP Client Local subne t: 192.168.30.0 Local mask : 255.255.255.0 Step1: Go to Configuration > VP N > PPTP and Enable the PPTP function, Disable the Encryption [...]
-
Página 208
208 Step2: Click Create to create a PPTP Account. Step3: Click Apply , you can see the account is successfully created. Step4: Click Save Config to save all changes to flash me mory .[...]
-
Página 209
209 Step5: In another BiGuard as Client, Go to Configura tion > WAN > ISP Settings . Step6: Click Apply , and Save CONFIG .[...]