Billion-electric-company BiGuard 50G User Manual

BiGuard 50G 802.11g Dual WAN Security Gateway User’s Manual Version Release 1.03 (FW:1.xx)

10Appendix E: Virtual Private Networking E.1 What is a VPN? E.1.1 VPN Applications E.2 What is IPSec? E.2.1 IPSec Security Components E.2.1.1 A

100 WAN IP Alias WAN IP Alias allows you to input additional WAN IP addresses. WAN IP Alias can be used for Multiple NAT settings, including LAN Ad

101specific WAN port. In this menu are the following sections: General Settings, Outbound Load Balance, Inbound Load Balance, and Protocol Binding.

1024.4.3.2 Outbound Load Balance Outbound Load Balancing on BiGuard 50G can be based on one of two methods: 1. By session mechanism 2. By IP ad

103to authenticate the source IP address. Balance by weight of link capacity: Uses an IP hash to balance traffic based on weight of link bandwidth

104 SOA: Domain Name: The domain name of DNS Server 1. It is the name that you register on DNS organization. You have to fill-out the Fully Qualif

105MX Record Mail Exchanger: The name of the mail server. IP Address: The mail server IP address. Click Apply to save your changes. To edit the Ho

106Name1: The Alias Host URL Name2: The Alias Host URL Click Apply to save your changes. 4.4.3.4 Protocol Binding Protocol Binding lets you direc

107Source IP Range: All Source IP: Click it to specify all source IPs. Specified Source IP: Click to specify a specific source IP address and source

108 Time Zone BiGuard does not use an onboard real time clock; instead, it uses the Network Time Protocol (NTP) to acquire the current time from an

109NOTE: When enabling remote access, please make sure to change the default administration password for security reason. Action: Select Enable or

11E.2.2 IPSec ModE.2.3 Tunnel Mode AH E.2.4 Tunnel Mode ESP E.2.5 Internet Key Exchange (IKE) Appendix F: IPSec Logs and Events F.1 IPSec Log

110 Upgrading your BiGuard 50G’s firmware is a quick and easy way to enjoy increased functionality, better reliability, and ensure trouble-free ope

111backup file. You may also change the name of the file when saving if you wish to keep multiple backups. Click OK to save the file. To restore a

1124.4.4.6 Password In order to prevent unauthorized access to your router’s configuration interface, it requires the administrator to login wit

113 4.4.5.1 Packet Filter The Packet Filter function is used to limit user access to certain sites on the Internet or LAN. The Filter Table dis

114 ID: This is an identify that allows you to move the rule by before or after an ID. Rule: Enable or Disable this entry. Action When Matched: Sel

115Destination Port Range: Enter the destination port number range. If you only want to specify one service port, then enter the same port number in

116URL Filtering: You can choose to Enable or Disable this feature. Keyword Filtering: Click the checkbox to enable this feature. To edit the list o

117 Enter a domain and select whether this domain is trusted or forbidden with the pull-down menu. Next, click Apply. Your new domain will be added

1184.4.5.3 Ethernet MAC Filter Ethernet Mac Filter can decide if BiGuard will filter those devices at LAN side by MAC Address and determine if t

1194.4.5.4 Wireless MAC Filter Prevents unauthorized computers access from using the Internet through the router. Wireless MAC Filter can Defau

12 Chapter 1: Introduction 1.1 Overview Congratulations on purchasing BiGuard 50G Router from Billion. Combining a router with an Ethernet networ

1204.4.5.5 Block WAN Request Blocking WAN requests is one way to prevent DDOS attacks by preventing ping requests from the Internet. Use this menu

121connections on per-user basis. This is useful when controlling users who will use the applications which create a large number of connections (su

1224.4.6.1 IPSec IPSec is a set of protocols that enable Virtual Private Networks (VPN). You can find two items under the IPSec section: IPSec Wiz

123pre-shared key into both sides (router or hosts). Connection Type: There are 5 connection types: (1)LAN to LAN: BiGuard would like to establish

124 (3)LAN to Host: BiGuard would like to establish an IPSec VPN tunnel with remote client software using Fixed Internet IP or domain name by using

125Remote Identifier: The Identifier of the remote gateway. According to the input value, the ID type will be auto-defined as IP Address, FQDN(DNS)

126 After your configuration is done, you will see a Configuration Summary. Back: Back to the Previous page. Done: Click Done to apply the rule. 4

127 Connection Name: A user-defined name for the connection. Tunnel: Select Enable to activate this tunnel. Select Disable to deactivate this tunne

128interface if Auto is selected. Local: This section configures the local host. ID: This is the identity type of the local router or host. Choose

129Any Local Address: Will enable any local address on the network. Subnet: The subnet of the remote network. Selecting this option allows you t

13connections are possible on BiGuard 50G, with performance of up to 10Mbps. 1.2.3 Advanced Firewall Security Aside from intelligent broadband sh

130negotiation time. Diffie-Hellman is a public-key cryptography protocol that allows two parties to establish a shared secret over the Internet.

131Local Subnet: Displays IP address and subnet of the local network. Remote Subnet: Displays IP address and subnet of the remote network. Remote Ga

132 Connection Name: A user-defined name for the connection. Tunnel: Select Enable to activate this tunnel. Select Disable to deactivate this tunne

133 The first menu screen gives you an overview of which WAN ports currently have QoS active, and the bandwidth settings for each. WAN1 Outbound:

134 Creating a New QoS Rule To get started using QoS, you will need to establish QoS rules. These rules tell BiGuard 50G how to handle both incomin

135 Interface: The current traffic type. This can be WAN1 (outbound, inbound) and WAN2 (outbound, inbound). Application: User defined application na

136For MAC Address: Source MAC Address: The source MAC Address of the device this rule applies to. Candidates: You can also select the Candidates

137configure your router to forward these incoming connection attempts using specific ports to the PC on your network running the application. You w

138Candidates: You can also select the Candidates which are referred from the ARP table for automatic input. Select the Apply button to apply your

139 Application: User defined application name for the current rule. Helper: You could also select the application type you would like to apply for

14 LED Function Power A solid light indicates a steady connection to a power source. Status A blinking light indicates the device is writing to f

1404.4.9 Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of BiGu

141Rule: Select Enable to activate this rule, Disable to deactivate this rule. Destination: This is the destination subnet IP address. Netmask: This

142please fill it in the blank space below. Dynamic DNS: Disable: Check to disable the Dynamic DNS function. Enable: Check to enable the Dynamic DN

143 Device Name Name: Enter a name for this device. Web Server Settings HTTP Port: This is the port number the router’s embedded web server (for w

144SNMP Function: Select Enable to activate this function, Disable to deactivate this function. SNMP V1 and V2 Read Community: Input the string for

145 Click Create to create a new schedule. Name: A user-define description to identify this time portfolio. Day: The default is set from Monday thr

146 Select System Log to capture to a log. Select Syslog Server to capture and send to a specified external server. Select Email Alert to send inf

1475.3 E-mail Alert The Email Alert function allows a log of security-related events (such as System Log and IPSec Log) to be sent to a specifie

148Weekly: The router will send an alert once a week. When log is full: The router will send an alert only when the log is full. 6 Language Langu

1496.2 Simplified Chinese Clicking on the Simplified Chinese link will change all the text into Simplified Chinese. 6.3 Traditional Chinese Clicki

151.3.2 Rear Panel Port Function 1 Wireless Antenna One detachable 2.4GHz 5dbi SMA antenna 2 WAN2 WAN2 10/100M Ethernet port (with auto crosso

1508 Logout To exit the router’s web interface, click Logout. Please ensure that you have saved your configuration settings before you logout.

151Chapter 5: Troubleshooting 5.1 Basic Functionality This section deals with issues regarding your BiGuard 50G’s basic functions. 5.1.1 Router

152or workstation. - Make sure that power is turned on to the connected hub or workstation. - Be sure you are using the correct cable. When connecti

1535.2.2 Can’t Ping Any PC on the LAN If PCs connected to the LAN cannot be pinged: - Check the 10/100 LAN LEDs on BiGuard 50G’s front panel. One

154 3. Make sure that the Delete All Offline Content checkbox is checked, and click OK. 4. Click OK under Internet Options to close the dialogue.

1555.2.3.1 Pop-up Windows To use the Web Configuration Interface, you need to disable pop-up blocking. You can either disable pop-up blocking, whi

156 3. Under Scripting, check to see if Active scripting is set to Enable. 4. Ensure that Scripting of Java applets is set to Enabled. 5. Click OK

1574. Click OK to close the dialogue. NOTE: If Java from Sun Microsystems is installed, scroll down to Java (Sun) and ensure that the checkbox is f

158 4. Check to see that the WAN port is properly connected to the ISP. If a Connected by (x) where (x) is your connection method is not shown, your

159 If an IP address can be obtained, but your PC cannot load any web pages from the Internet: - Your PC may not recognize DNS server addresses. Co

16 1.3.4 Cabling Most Ethernet networks currently use unshielded twisted pair (UTP) cabling. The UTP cable contains eight conductors, arranged in

160Appendix A: Product Specifications Availability and Resilience - Dual-WAN ports - Load balancing for increased bandwidth of inbound and outboun

161- Netbios over VPN Firewall - Stateful Packet Inspection (SPI) and Denial of Service (DoS) prevention - Packet filter un-permitted inbound (WAN)

162Physical Interface Ethernet WAN 2 ports (10/100 Base-T), support Auto- Crossover (MDI/MDIX) Ethernet LAN 8 ports (10/100 Base-T) switch support A

163Appendix B: Customer Support Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve

164Appendix C: FCC Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: -

165Appendix D: Network, Routing, and Firewall Basics D.1 Network Basics D.1.1 IP Addresses With the number of TCP/IP networks interconnected ac

166back slash (/). For example, a typical Class C address could be written as 192.168.234.245/24, which means that the net mask is 24 ones followed

167from these ranges. D.1.2 Network Address Translation (NAT) Traditionally, multiple PCs that needed simultaneous Internet access also required

168D.2 Router Basics D.2.1 What is a Router? A router is a device that forwards data packets along networks. A router is connected to at least t

169D.3 Firewall Basics D.3.1 What is a Firewall? Firewalls prevent unauthorized Internet users from accessing private networks connected to the

17Chapter 2: Router Applications 2.1 Overview Your BiGuard 50G router is a versatile device that can be configured to not only protect your netwo

170D.3.2 Why Use a Firewall? With a LAN connected to the Internet through a router, there is a chance for hackers to access or disrupt your networ

171Appendix E: Virtual Private Networking E.1 What is a VPN? A Virtual Private Network (VPN) is a shared network where private data is segmented

172data authentication, integrity, and confidentiality as data is transferred across IP networks. IPSec provides data security at the IP packet leve

173 E.2.1.2 Encapsulating Security Payload (ESP) Encapsulating Security Payload (ESP) provides privacy for data through encryption. An encryption

174 E.2.1.3 Security Associations (SA) Security Associations are a one-way relationships between sender and receiver that specify IPSec-related p

175 Transport Mode - This mode is used to provide data security between two networks. It provides protection for the entire IP packet and is sent

176 E.2.4 Tunnel Mode ESP Here is an example of a packet with ESP applied: E.2.5 Internet Key Exchange (IKE) Before either AH or ESP can be u

177addresses. Aggressive mode reduces this process to three messages, but parameter negotiation is limited, identity protection is lacking except wh

178Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories There are three major categories of IPSec Log Events for your BiGuard 50G. Th

179Received Main mode second message of ISAKMP Received the second message of main mode. Done to exchange key values. Send Main mode second response

18 2.2.2 QoS Policies for Different Applications By setting different QoS policies according to the applications you are running, you can use B

180Received Aggressive mode second ISAKP Message Received the second message of aggressive mode. Done to exchange proposal and key values. Send Quic

181NO PROPOSAL CHOSEN: Initial Main Mode message received on [IP:Port #] but no connection has been authorized INVALID ID: Require peer to have ID [

182Appendix G: Bandwidth Management with QoS G.1 Overview In a home or office environment, users constantly have to transmit data to and from the

183-Prioritization: Assigns different priority levels for different applications, prioritizing traffic. High, Normal and Low priority settings. -Out

184Application Data Ratio (%) Priority On-line games 30% High Skype 5% High Email 10% High FTP 20% Upload (High), Download (Normal) Other 35%

185Appendix H: Router Setup Examples H.1 Outbound Fail Over Step 1: Go to Configuration > WAN > ISP Settings. Select WAN1 and WAN2 and clic

186 Step 3: Go to Configuration > Dual WAN > General Settings. Select the Fail Over radio button. Under Connectivity Decision, input the numb

187WAN1. Step 4: Click Save Config to save all changes to flash memory. H.2 Outbound Load Balancing With Outbound Load Balancing, you can imp

188 Step 3: Go to Configuration > Dual WAN > General Settings. Select the Load Balance radio button. Step 4: Go to Configuration > Dual W

189 Step 5: Complete. To check traffic statistics, go to Status > Traffic Statistics. Step 6: Click Save Config to save all changes to flash m

19applications such as an FTP server, users using VoIP will experience network lag and/or service interruptions during use. To avoid this scenario,

190H.3 Inbound Fail Over Configuring your BiGuard 50G for Inbound Fail Over is a great way to ensure a more reliable connection for incoming requ

191 Step 3: Go to Configuration > Advanced > Dynamic DNS. Set the WAN1 DDNS settings. Step 4: From the same menu, set the WAN2 DDNS settin

192 H.4 DNS Inbound Fail Over NOTE: Before proceeding, please ensure that both WAN1 and WAN2 are properly configured according to the settings

193 Step 2: Go to Configuration > Dual WAN > Inbound Load Balance. Select the Enable radio button and configure DNS Server 1 by clicking Edit

194 Step 4: Configure your Host URL Mapping for DNS Server 1 by clicking Edit to enter the Host URL Mappings List. Click Create and input the setti

195 Step 1: Go to Configuration > Dual WAN > General Settings. Select the Load Balance radio button. Step 2: Go to Configuration > Dual

196 Step 3: Go to Configuration > Dual WAN > Inbound Load Balance > Host URL Mapping and configure your FTP mapping. Step 4: Next confi

197 Step 5: Click Save Config to save all changes to flash memory. H.6 Dynamic DNS Inbound Load Balancing Step 1: Go to Configuration > WAN

198 Step 2: Go to Configuration > Dual WAN > General Settings and enable Load Balance mode. You may then decide whether to enable Service Dete

199 Step 4: Go to Configuration > Advanced > Dynamic DNS and input the dynamic DNS settings for WAN1 and WAN2. WAN1: WAN 2:

2BiGuard 50G User’s Manual (Updated September, 2007) Copyright Information © 2007 Billion Electric Corporation, Ltd. The contents of this publicati

20manage your bandwidth, providing reliable Internet and network service to your organization. 2.2.5 Priority Bandwidth Utilization Assigning

200 Step 5: Go to Configuration > Virtual Server and set up a virtual server for both FTP and HTTP. Step 6: Click Save Config to save all cha

201 [ Branch Office Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Add

202Proposal IKE Pre-shared Key 12345678 12345678 Security Algorithm Main Mode; ESP: MD5 3DES PFS Main ESP MD5 3DES PFS H.7.2 Host to LAN Sin

203IP Address 0.0.0.0 192.168.1.0 Netmask 0.0.0.0 255.255.255.0 Remote Secure Gateway Address(or Hostname) 69.121.1.3 69.121.1.30 ID IP Address

204 Step 1: Go to Configuration > Dual WAN > General Settings. Enable Fail Over by selecting the Fail Over radio button. Then, configure your

205 Step 3: Go to Configuration > VPN > IPSec > IPSec Policy. Click Create to configure VPN settings. Step 4: Click Save Config to save a

206 H.9 VPN Concentrator

207 Step 1: Go to Configuration > VPN > IPSec > IPSec Policy and configure the link from BiGuard 50G to BiGuard 10 Branch A. 100.100.100.1

208 Step 2: Go to Configuration > VPN > IPSec > IPSec Policy and configure the link from BiGuard 50G to BiGuard 10 Branch B.

209 Step 3: Go to Configuration > VPN > IPSec > IPSec Policy and configure the connection from BiGuard 10 Branch A to BiGuard 50G.

21 2.2.6 Management by IP or MAC address BiGuard 50G can also be configured to apply traffic policies based on a particular IP or MAC address. Th

210 Step 4: Go to Configuration > VPN > IPSec > IPSec Policy and configure the connection from BiGuard 10 Branch B to BiGuard 50G.

211 Step 5: Click Save Config to save all changes to flash memory. H.10 Protocol Binding Step 1: Go to Configuration > Dual WAN > General

212 Step 2: Go to Configuration > Dual WAN > Protocol Binding and configure settings for WAN1. Step 3: Go to Configuration > Dual WAN >

213 Step 4: Click Save Config to save all changes to flash memory. H.11 Intrusion Detection Intrusion Detection onInternetInternetDetected!Dropped

214 H.12 PPTP Remote Access by Windows XP InternetInternetWindows XP PPTP ClientInternetInternet100.100.100.1HeadquarterBiGuard &PPTP ServerBus

215 Step3: Click Apply, you can see the account is successfully created. Step4: Click Save Config to save all changes to flash memory. Step5: In

216 Step6: In Network Tasks, Click Create a new connection, and press Next.

217 Step7: Select Connect to the network at my workplace and press Next. Step8: Select Virtual Private Network connection and press Next.

218 Step9: Input the user-defined name for this connection and press Next. Step10: Input PPTP Server Address and press Next.

219 Step11: Please press Finish. Step12: Double click the connection, and input Username and Password that defined in BiGuard PPTP Account Settings

22Other interfaces can match traffic based on the DSCP markings. DSCP markings are used to decide how packets should be treated, and is a useful too

220 PS. You can also refer the Properties > Security page as below, by default.

221H.13 PPTP Remote Access by BiGuard InternetInternetInternetInternet100.100.100.1HeadquarterBiGuard &PPTP ServerPPTP TunnelBranch Office200.2

222 Step3: Click Apply, you can see the account is successfully created. Step4: Click Save Config to save all changes to flash memory. Step5: In

223 Step6: Click Apply, and Save CONFIG.

23 In the above example, PC 1 (IP_192.168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_230.100.100.1) on BiGuard 50G.

24connected to the Internet via WAN1 (IP_230.100.100.1) and WAN2 (IP_213.10.10.2) on BiGuard 50G. You can configure BiGuard 50G to balance the load

252.4.1 Inbound Fail Over Configuring BiGuard 50G for Inbound Fail Over allows you to ensure that incoming traffic is uninterrupted by having BiGu

262.4.2 Inbound Load Balancing Inbound Load Balancing allows BiGuard 50G to intelligently manage inbound traffic based on the amount of load of ea

272.5 DNS Inbound Using DNS Inbound is a great way to intelligently direct network traffic. DNS Inbound is a three step process. First, a DNS r

282.5.1 DNS Inbound Fail Over BiGuard 50G can be configured to reply the WAN2 IP address for the DNS domain name request should WAN1 fail. In t

292.5.2 DNS Inbound Load Balancing DNS Inbound Load Balancing allows BiGuard 50G to intelligently manage inbound traffic based on the amount of lo

3Safety Warnings Your BiGuard 50G is built for reliability and long service life. For your safety, be sure to read and follow the following safety

30 In the example above, the client is making a DNS request. The request is sent to the DNS server of BiGuard 50G through WAN2 (1). WAN2 will rout

312.6 Virtual Private Networking A Virtual Private Network (VPN) enables you to send data between two computers across a shared or public network

32 VPN provides a flexible, cost-efficient, and reliable way for companies of all sizes to stay connected. One of the most important steps in sett

33gateway using WAN1 through a secure VPN tunnel. Should WAN1 fail, outbound traffic from BiGuard 50G will automatically be redirected to WAN2. This

342.6.3 Concentrator The VPN Concentrator provides an easy way for branch offices to connect to headquarter through a VPN tunnel. All branch offic

35Chapter 3: Getting Started 3.1 Overview BiGuard 50G is designed to be a powerful and flexible network device that is also easy to use. With an

36password for security reason. 4. Prepare to physically connect BiGuard 50G to Cable or DSL modems and a computer. Be sure to also review the Saf

37 3.4 Configuring PCs for TCP/IP Networking Now that your BiGuard 50G is connected properly to your network, it’s time to configure your networke

38- Windows 95/98/Me/NT/2000/XP - Mac OS 7 and later If you are using Windows 3.1, you must purchase a third-party TCP/IP application package. Any

39 3. Select Internet Protocol (TCP/IP) and click Properties. 4a. To have your PC obtain an IP address automatically, select the Obtain an IP

4 Table of Contents Chapter 1: Introduction 1.1 Overview 1.2 Product Highlights 1.2.1 Increased Bandwidth, Scalability and Resilience 1.2.2 Vir

40address automatically and Obtain DNS server address automatically radio buttons. 4b. To manually assign your PC a fixed IP address, select the U

41 3.4.2.2 Verifying Settings To verify your settings using a command prompt: 1. Click Start > Programs > Accessories > Command Prompt.

42 - An IP address between 192.168.1.1 and 192.168.1.253 - A subnet mask of 255.255.255.0 To verify your settings using the Windows XP GUI: 1. Cl

432. Right click one of the network connections listed and select Status from the pop-up menu. 3. Click the Support tab.

44If you are using BiGuard 50G’s default settings, your PC should: - Have an IP address between 192.168.1.1 and 192.168.1.253 - Have a subnet mask o

452. In the Control Panel window, double-click Network and Dial-up Connections. 3. In Network and Dial-up Connections, double-click Local Area Con

464. In the Local Area Connection window, click Properties. 5. Select Internet Protocol (TCP/IP) and click Properties.

476a. To have your PC obtain an IP address automatically, select the Obtain an IP address automatically and Obtain DNS server address automatically

48 7. Click OK to finish the configuration.

493.4.3.2 Verifying Settings 1. Click Start > Programs > Accessories > Command Prompt. 2. In the Command Prompt window, type ipconfig

52.6.2 VPN Planning - Fail Over 2.6.3 Concentrator Chapter 3: Getting Started 3.1 Overview 3.2 Before You Begin 3.3 Connecting Your Router 3.4

50- A subnet mask of 255.255.255.0 3.4.4 Windows 98 / Me 3.4.4.1 Installing Components To prepare Windows 98/Me PCs for TCP/IP networking, you

51 You must have the following installed:

52 - An Ethernet adapter - TCP/IP protocol - Client for Microsoft Networks If you need to install a new Ethernet adapter, follow these steps: a. C

53 If you need TCP/IP: a. Click Add.

54b. Select Protocol, then click Add. c. Select Microsoft. Æ TCP/IP, then OK. If you need Client for Microsoft Networks: a. Click Add.

55b. Select Client, then click Add. c. Select Microsoft. Æ Client for Microsoft Networks, and then click OK. 3. Restart your PC to apply your cha

562. In the Control Panel, double-click Network and choose the Configuration tab.

573. Select TCP / IP > ASUSTek or the name of any Network Interface Card (NIC) in your PC and click Properties. 4. Select the IP Address tab an

585. Select the DNS Configuration tab and select the Disable DNS radio button. 6. Click OK to apply the configuration.

593.4.4.3 Verifying Settings To check the TCP/IP configuration, use the winipcfg.exe utility: 1. Select Start > Run. 2. Type winipcfg, and t

64.2.3 Routing Table 4.2.4 Session Table 4.2.5 DHCP Table 4.2.6 IPSec Status 4.2.7 PPTP Status 4.2.8 Traffic Statistics 4.2.9 CPU Statistics

60 The window is updated to show your settings. Using the default BiGuard 50G settings, your PC should have: - An IP address between 192.168.1.1 and

61 ISP setting in WAN site: Obtain an IP Address automatically (DHCP Client) DHCP server: DHCP server is enabled. Start IP Address: 192.168.1.100 E

623.6 Information From Your ISP 3.6.1 Protocols Before configuring this device, you have to check with your ISP (Internet Service Provider) to f

633.6.2 Configuration Information If your ISP does not dynamically assign configuration information but instead uses fixed configurations, you wil

64 2. Double-click the Network icon. 3. In the Network Connections window, right-click Local Area Connection and select Properties.

65 4. Select Internet Protocol (TCP/IP) and click Properties. 5. If an IP address, subnet mask and a Default gateway are shown, write down the in

66assigned. Click the Obtain an IP address automatically radio button. 6. If any DNS server addresses are shown, write them down. Click the Obtai

67 3.7 Web Configuration Interface BiGuard 50G includes a Web Configuration Interface for easy administration via virtually any browser on your n

68 If the Web Configuration Interface appears, congratulations! You are now ready to configure your BiGuard 50G. If you are having trouble accessin

69 Chapter 4: Router Configuration 4.1 Overview The Web Configuration Interface makes it easy for you to manage your network via any PC connected

74.4.4.3 Firmware Upgrade 4.4.4.4 Backup / Restore 4.4.4.5 Restart 4.4.4.6 Password 4.4.5 Firewall 4.4.5.1 Packet Filter 4.4.5.2 URL Filter 4

70restricted to only one PC accessing the web configuration interface at a time. Once a PC has logged into the web interface, other PCs cannot gain

71Device Information Device Name: Displays the device name. System Up Time: System uptime enables a user to determine how long has the system being

72In this menu, you will find the following sections: - ARP Table - Wireless Association - Routing Table - Session Table - DHCP Table - IPSec Statu

734.2.1 ARP Table The Address Resolution Protocol (ARP) Table shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is a

744.2.3 Routing Table The Routing Table displays the current path for transmitted packets. Both static and dynamic routes are displayed. No.: Num

75Sessions: Filter: when the presented field is filled, please click Filter button. From IP: please input the source IP you would like to filter. Fr

76Name: The name you assigned to the particular IPSec entry. Enable: Whether the IPSec connection is currently Enable or Disable. Status: Whether th

77 WAN1: Transmitted (Tx) and Received (Rx) bytes and packets for WAN1. WAN2: Transmitted (Tx) and Received (Rx) bytes and packets for WAN2. Display

78MemFree: The router’s current free memory size. CPU status: The CPU’s usage shown in percentage each minute. When the CPU percentage in use is hig

79First directs the page number for the table to the 1st page, previous directs the page number for the table to the one page before, the dropdown m

85.1.1 Router Won’t Turn On 5.1.2 LEDs Never Turn Off 5.1.3 LAN or Internet Port Not On 5.1.4 Forgot My Password 5.2 LAN Interface 5.2.1 Can’t

804.3.2 Static IP IP assigned by your ISP: Enter the assigned IP address from your IP. IP Subnet Mask: Enter your IP subnet mask. ISP Gateway Add

81is a packet requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet), select Trigger on Demand. Id

82predetermined period of time. Select the idle time from the drop down menu. Active if Trigger on Demand is selected. Click Apply to save your cha

83- QoS - Virtual Server - Advanced These items are described below in the following sections. 4.4.1 LAN There are three items within this sect

84 IP Address: Enter the internal LAN IP address for BiGuard 50G (192.168.1.254 by default). Subnet Mask: Enter the subnet mask (255.255.255.0 by de

85Hide ESSID: It is function in which transmits its ESSID to the air so that when wireless client searches for a network, router can then be discove

86of the connected AP. WDS takes advantages of cost saving and flexibility which no extra wireless client device is required to bridge between two a

87Encryption Standard) utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers. WP

884.4.1.3 WEP WEP Encryption: To prevent unauthorized wireless stations from accessing data transmitted over the network, the router offers highly

89 To disable the router’s DHCP Server, select the Disable radio button, and then click Apply. When the DHCP Server is disabled, you will need to

9Appendix D: Network, Routing, and Firewall Basics D.1 Network Basics D.1.1 IP Addresses D.1.1.1 Netmask D.1.1.2 Subnet Addressing D.1.1.3 Priv

90 Name: Enter the name you want to give for the IP+Mac Address Fixed Host account. Active: Select whether you want to Enable or Disable this parti

914.4.1.5 LAN Address Mapping LAN Address Mapping is a function that can support multiple subnet and also multiple NAT, you can specify a subnet and

924.4.2 WAN WAN refers to your Wide Area Network connection. In most cases, this means your router’s connection to the Internet through your ISP. B

93 Connection Method: Select how your router will connect to the Internet. Selections include Obtain an IP Address Automatically, Static IP Settin

94MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MAC address in the blanks below. Candidates:

95Primary DNS: Enter the primary DNS provided by your ISP. Secondary DNS: Enter the secondary DNS provided by your ISP. RIP: To activate RIP, select

96select Always Connect. If you want to establish a PPPoE session only when there is a packet requesting access to the Internet (i.e. when a program

974.4.2.1.4 PPTP Settings Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. PPTP Client IP: E

98button. This will take you to another page for inputting the IP address information. MAC Address: If your ISP requires you to input a WAN Ethernet

99MAC Address: If your ISP requires you to input a WAN Ethernet MAC, check the checkbox and enter your MAC address in the blanks below. Candidates: