Instruction/ maintenance manual of the product NetCon FBR-1409TX LevelOne
Go to page of 88
1 LevelOne FBR -1409TX Broadband R outer w/VPN/Printer Server User`s Manual.
2 Copyright The contents of this publi cation may not be repro duced in any pa rt or as a whole, stored, t ranscribed in an information retrieval system, translated into an y language, or tran smitted.
3 T able of Contents Chapter 1 Introduction .............................................................................. 1 Functions and Features ........................................................................ 1 Packing List ...............
4 4.7.6 Schedule Rule ........................................................................... 56 4.8 T oolbox ........................................................................................ 60 4.8.1 System Log ............................
1 Chapter 1 Introduction Congratulations on your purchase of this outstanding Lev elOne FBR-1409TX Broadband Router . This product is spec ifically desi gned for Sm all Of fice and Hom e Office nee ds.
2 product can sen s e the application typ e and open multi-port tunnel fo r it. z DMZ Host suppor ted Lets a networked computer be fully ex posed to the Intern et; this function is u sed when special application sens ing tunnel feature is insufficient to allow an application to function correctly .
3 Packing List z Broadband router unit z Installation CD-ROM z Power adapter.
4 Chapter 2 Hardware Inst allation 2.1 Panel Layout 2.1.1. Fr ont Panel Figure 2-1 Front Pa nel LED: LED Function Color S tatus Description POWER Power indicati on Green On Power is being applied to this product. ST A TUS System status indicators Orange Bli nking ST A TUS is flashed once per second to indicate system is alive.
5 Port: RESET T o reset system settings to factor y defaults, please follow the steps: 1. Power off the device, 2. Press the reset button a n d hol d, 3. Power on the device, 4. Keep the button pressed about 5 seconds, 5. Release the button, 6. W atch the ST A TUS LED, it will flash 2 times and then flash once per seco nd.
6 2.1.2. Rear Panel Figure 2-2 Re ar Panel Ports: Port Description 5VDC Power inlet: DC 5V , 1.5A (minimum) W AN the port where you will conn ect your cable (or DSL) modem or Ethernet router . Port 1-4 the ports where you will connect network ed computers and other devices.
7 Chapter 3 Network Settings and Sof t ware Installation T o use LevelOne FBR-1409TX correctly , you h a ve to properly configure the network setting s of your computers and i nstall the attach ed setup program into your MS W indows platform (Windows 95/98/NT/2000).
8 3.2 Install the Softwar e into Y our Computers Skip this section i f you do not want to use the print server f unction of FBR-1409TX. S tep 1: Insert the installation CD-ROM into the CD-ROM drive. The following window will be shown automatically . If it isn’t, please run “install.
9 Step 2: Click on the INST ALL button . W ait until th e following We l c o m e dialog to appear , an d click on the Next butto n. Step 3: Select the destination folder and click on the Next button. Then, the setup program will begin to install the programs into the destination folder .
10 Step 4: When the following wind ow is di spl a yed, click on the Finish button. Step 5: Select t he item to restart the com puter and then click the OK butto n to reboot your com puter . Step 6: A fter rebooting your computer, the software installation procedure is fin ished.
11 Chapter 4 Configuring NA T Router LevelOne FBR-1409TX provid es W eb based con figuration scheme, that is, conf iguring by your W eb browser , such as Netscape Comm unicator or Inte rnet Explorer . This approac h can be ado pted in any MS W indows, Macintosh or UNIX based platforms.
12 4.2 S tatus This option pr ovi des the functi on fo r ob ser v i ng t hi s pr od uc t’ s working sta t us: A. W AN Port Status. If the W AN port is assigned a dynam ic IP , there may appear a “ Renew ” or “ Release ” button on the Side note column.
13 4.3 Wiz ard Setup W izard will guide you through a basic configuration procedure step by step. Press ”Next >”.
14 Setup W izard - Select W AN T ype : For detail settings, please ref er to 4.4.1 primary setup..
15 4.4 Basic Setting.
16 4.4.1 Primary Setup – W AN T ype, V irtual Computers Press “Change”.
17 This option is primary to enab le this product to work properly . The settin g items and the web appearance de pend on the W AN type. Choose correct W AN type befo re you start . 1. LAN IP Addr ess : the local IP address of this device. The computers on your network must use the LAN IP address of your product as th eir Defa ult Gateway .
18 the lease time is expiring-- even whe n the system is idle. 4.4.1.3 Dynam i c IP Address with Road Runner Session Management.(e.g. T elstra BigPond) LAN IP Addr ess is the IP address of t his product. It must be the default gate way of your computers.
19.
20 4.4.1.7 V irtual Computers V irtual Computer enables you to use the original NA T feature, and allows you to setup the one-to-on e mapping of multiple global IP address and local IP add ress. • Global IP : E nter the gl obal IP address assigned by your ISP .
21 4.4.2 DHCP Server Press “More>>”.
22 The settings of a TCP/IP environm ent include host IP , Subnet Mask, Gateway , and DNS configurations. It is not easy to manually configure all th e computers and devices in your network. Fortunately , DHCP Server provide s a rather simple appr oach to handle al l these settings.
23 4.4.3 Change Password Y ou can change Password here. W e strongly recommend you to change the system password for security reason..
24 4.5 Forwarding Rules.
25 4.5.1 V irtual Server This product’ s NA T firewall filters out unrecognized packets to protect your Intranet, so all h osts behind this pr oduct are invi sible to the outsi de world. If yo u wish, you ca n make som e of them accessible by enabling the V irtual Server Mapping .
26 4.5.2 Special AP Some applications require multiple connection s, like Internet games, V ideo co nferencing, Internet telephony , etc. Because of the firewall function, thes e applications cannot work with a pure NA T router . The Special Applications feature allows some of these app lications to work with this product.
27 4.5.3 Miscellaneous Items IP Address of DMZ Host DMZ (DeMilitarized Zone) Host is a host without the pr otection of firewall. It a llows a computer to be exposed to unrest ri ct ed 2- way comm unication for Internet games, V ideo conferencing, Inte rnet telephony a nd othe r special appl ications.
28 4.6 Security Settings.
29 4.6.1 Packet Filter Packet Filter enables you to con trol what packets are allowed to pass the router . Outbound filter applies on all outbound packets. However, Inbound filter applies on packets that destined to V irtual Serv ers or DMZ host only .
30 For source or destination port, you can define a single port (8 0) or a range of ports (1000 -1 999). Add prefix "T" or "U" to spec ify TCP or UDP prot ocol. For ex ample, T80, U53, U20 00-2999. N o prefix indicates bot h TCP and UDP are defined.
31 Example 2: (1.2.3.100-1.2.3.1 19) They can do everything exce pt read net news (port 1 19) and transfer files via FTP (port 21) Others are all allowed. After Inbound Packet Filter setting is configured, click the save button. Outbound Filter: To enable Outbound Packet Filter click the check box next to Enable in the Outbound Packet Filter field.
32 Example 1: (192.168.123.100-192.168.123.149) They are allowed to send mail (port 25), receive mail (port 1 10), and browse Internet (port 80 ); port 53 (DNS) is necessary to resolve the domain name. (192.168.123.10-192.168.123.20) They can do everything (block nothing) Others are all blocked.
33 (192.168.123.100-192.168.123.1 19) They can do ever ything except read net news (port 1 19) and transfer files via FTP (port 21) Others are allowed After Outbound Packet Filter setting is configured, click the save button.
34 4.6.2 Domain Filter Domain Filter let you prevent users under this device from accessing specific URLs. Domain Filter Enable Checke if you want to enable Domain Filter . Log DNS Query Checke if you want to log the action when someone access es the specific URLs.
35 In this example: 1. URL include “sex.co m” will be blocked, an d the action will be record in log-file. 2. URL include “girl.co m” will not be blocked, but th e action will be record in log-file. 3. URL include “erotica.co m” will be b lock ed, but the action will not be record in log-file.
36 4.6.3 URL Blocking URL Blocking will block LAN computers to connect to pre-defined W ebsites. The major difference between “Domain filter” and “URL Blocking ” is Domain filter require user to input suf fix (like .com or .or g, etc), while URL Blocking requi re user to input a keywor d only .
37 In this example: 1.URL include “sex” will be blocked, and the action will be record in log-file. 2.URL include “erotica” will be blocked, but the action will be rec ord in log-file 3.URL include “girl” will not be blocked, but the action will be record in log -file.
38 4.6.4 MAC Address Contr ol MAC Address Cont rol allows y ou to assign dif feren t access right for different users and to assign a specific IP address to a certain MAC address. MAC Address Co ntrol Check “Enable” to enable the “M AC Address Control”.
39 Control table "Control table" is the table at the botto m of the "MAC Address Control" page. Each ro w of this table indicat es the MAC address and the expected IP address mapping of a client. There are four columns in this table: MAC Address MAC address indicates a spec ific client.
40 4.6.5 VPN s etting VPN Settings are settings that are used to create vi rtual private tunnels to remote VPN gateways. The tunnel technology sup ports data confid entiality , data origin authenticatio n and data integrity of network information by utilizing encap sulation protocols, encryption algorith ms, and hashing algorithms.
41 Function of Buttons More : T o setup detailer confi guration for manual key or IKE ap proaches by cl icking the "More" button. • VPN Settings - IKE There are three pa rts that are necessary to se tup the configuration of IKE for the dedicated tunnel: basic setup, IKE proposal setup, and IPSec proposal setup.
42 Local netmask combined with local subnet to form a subnet domain. Remote subnet The subnet of LAN site of remote VPN gateway , it can be a host, a partial subnet , and the w hole subnet of LAN site of remote gateway . Remote netmask Remote netmask combined with remote subnet to form a subnet domain of remote end.
43 • VPN Settings - Set IKE Proposal IKE Pro pos al inde x A list of selected proposal indexes from the IKE proposal pool listed below . The selecting activity is performed by selecting a proposal ID a nd clicking "a dd to" butto n in the b ottom of the page.
44 • VPN Settings -Set IPSec Pr oposal IPSec Proposal index A list of select ed proposal i ndexes from the IPSec proposal pool li sted bel ow. The selecti ng activity is performed by selecting a proposal ID a nd clicking "a dd to" butto n in the b ottom of the page.
45 IPSec proposal. Life time The unit of life time is based on the value of Life T ime Unit. If the value of unit is second, the value of life time represents the life time of dedicated VPN tunnel between both e nd gateways. Its value ran ges from 300 seconds to 172,8 00 seconds.
46 4.6.6 Miscellaneous Items Remote Administrator Host/Port In general, only Intranet user can browse the built-in web pages to perform admin istratio n task. This feature enables you to perf orm admini stration task f rom rem ote host. If this feature is enabled, only the specified IP address can per form rem ote administrat ion.
47 4.7 Advanced Setting.
48 4.7.1 System T ime Get Date and T ime by NTP Protocol Selected if you want to Get Date and T i me by NTP Protocol. Time Server Select a NTP time server to consult UTC time Time Z one Select a time zone where this device locates. Set Date and T ime manually Selected if you want to Set Date and T ime manually .
49 4.7.2 System Log This page support two methods to export syst em logs to specific destination by means of syslog(UDP) and SMTP(TCP). The ite ms you have to setup including: IP Address for Syslog Host IP of destination where syslogs will be sent to.
50 E-mail Subject The subject of email alert. This setting is optional. 4.7.3 Dynamic DNS To host your s erver on a c hanging IP a ddress, you ha ve to use dynamic dom ain name servi ce (DDNS). So that anyone wishing to reach your host only needs to know the name of it.
51 Host Name Username/E-mail Password/Key You will get this information whe n you regi ster an account on a Dynamic DNS serve r. Example: After Dynamic DNS setting is configured, click the save button.
52 4.7.4 SNMP Setting In brief, S NMP, the Sim ple Network Managem ent Protoc ol, is a prot ocol designed to give a use r the capability to remotely manage a co mputer n etwork by polling and setting terminal values and monitoring network e vents. Enable SNMP Y ou must check either Local or Remote or both to enab le SNMP function.
53 1. This device will response to SNMP client which’ s get commun ity is set as “public” 2. This device will response to SNMP client which’ s set co mmunity is set as “private” 3.
54 4.7.5 Routing T able Routing T ables allow you to determine which physical int e rface address to use for outgoing IP data grams. If you have more than one routers and subnets, you will need to enable routing table to allow packets to fin d proper rout ing path a nd allow di ffere nt subnet s to comm unicate with each other .
55 So if, for example, the host wanted to send an IP data gram to 192.168.3.88 , it would use the above table to determine that it had to go via 192.16 8.1.33 (a gateway), And if it sends Packets to 192.168.5.77 will go via 192 .168.1.55 Each rule can be enabled or disabl ed i ndi vidually .
56 4.7.6 Schedule Rule Y ou can set the schedule time to decide which service will be turned on or off. Select the “enable” item. Press “Add New Rule” Y ou can write a rule name and set which day and what time to schedule from “Start T ime” to “End T i me”.
57 After c onfigur e Rule 1 Æ.
58 Schedule Enable Selected if you want to Enable the Schedu ler . Edit T o ed it the schedule rule. Delete T o delete the sch edule rule, an d the rule# o f th e rules behind the de leted one will decrease one automatically .
59 Exanple2: Packet Filter – Apply Rule#1 (ftp time: everyday 14:10 to 16:20)..
60 4.8 T oolbox.
61 4.8.1 System Log Y ou can V iew system log by clicking the Vi e w L o g button.
62 4.8.2 Firmware Upgrade Y ou can upgrade fi rmware by cl icking Firmwar e Upgrade butto n..
63 4.8.3 Backup Setting Y ou can backup your settings by clicking the Backup Setting button and save it as a bin file. Once you want to rest ore these settings, please click Firmwar e Upgrade button and use the bin file you saved. 4.8.4 Reset to default Y ou can also reset this product to factory default by click ing the Reset to default bu tton.
64 4.8.6 Miscellaneous Items MAC Address for W ake-on-LAN W ake-on- LAN is a technology that enables you to pow er up a networ ked device remotely . In order to enjoy this feat ure, the ta rget device must be W ake-on-LAN enable d and y ou have to k now the MAC address of this device, say 00-11- 22-33-44-55.
65 Chapter 5 Print Server LevelOne FBR-1409 TX provides the f unction of n etwork print server for MS Windows 95/98/NT/2000 and Unix base d platforms. (I f the product you purcha sed doesn’ t have pri n ter port, pl ease skip this chapter .
66 1. Find out the corresp onding icon of your s erver printer , for example, the HP LaserJet 6L . Click the mouse’ s right button on that icon, an d then select the Properties item: 2.
67 3. Choose the “PR Tmate: (All-in-1)” from the list attached at th e Print T o item. Be sure that the Printer Driver item is configured to th e correct driver of your server printer . 4. Cli ck on the b utton of Port Settings : T ype in the IP address of this product and then click the OK button.
68 5.2 Configuring on W indows NT Platforms The configuration p roce dure for a W indows NT pl atfo rm is similar to that of W indows 95/98 except the screen of printer Pr operties : Compared to the pro cedure in last section, the selection of Det ails is equivalent to the selection of Ports , and Port Settings is equi valent to Configure Port .
69 5.3 Configuring on W indows 2000 and XP Platforms W indows 2000 and XP have built-in LPR client, users could utilize this featu r e to Print. Y ou have to insta ll your Printer Driver on LPT1 or other ports be fore you pr oceed the following sequence.
70 2. Select “Ports” page, Click “Add Port…”.
71 3. Select “Standa rd TCP/IP Port”, and then click “New Port…” 4. Click Ne xt and then provide t he followi ng inform ation: T ype address of server providing LPD that is our NA T device:19 2.
72 5. Select Custom, then click “Settings…”.
73 6. Select “LPR”, type ” lp “ lowercase letter in “Queue Nam e:” And enable “L PR Byte Counting Enabled”. 7. Apply your settings.
74.
75 5.4 Configuring on Unix based Platforms Please follow the traditional configuration pro cedure on Unix platforms to setup the print server of this product.
76 Appendix A TCP/IP Configuration for Windows 95/98 This section introduces you ho w to install TCP/IP protocol into your per sonal computer . And sup pose you have been success fully installed one network ca rd on your personal com puter . If not, please refer to your network card manual.
77 5. Select Microsoft item in the manufactures list. And choose TCP/IP in the Network Pr otocols . Click OK button to return to Network window . 6. The TCP/IP pro tocol shall be listed in the Netwo rk window . Click OK to complete the install procedure and restart your PC to enable t he TC P/IP protocol.
78 A.2 Set TCP/IP Protocol for W orking with NA T Router 1. Click Sta r t button and choose Settings , then click Control Panel . 2. Double click Network icon. Select the TCP/IP line that has been associated to your network card in the Configuration tab of the Netwo rk window .
79 a. Select Obtain an IP addr ess automatically in the IP Addr ess tab..
80 b. Don’ t input a ny value i n the Gateway tab..
81 c. Choose Disable DNS in the DNS Configuration tab..
82 B. Configure I P manually a. Select Specify an IP address in the IP Addr ess tab. The default IP address of this product is 192.168.12 3.254. So please use 192.168.123 .xxx (xxx is between 1 and 253) for IP Ad dr ess field and 255.25 5.255.0 for Subn et Mask field.
83 b. In the Gateway tab, add the IP address of this product (default IP is 192.168.123.254) in the New gateway field and click Add button..
84 c. In the DNS Configuration tab, add the DNS values which are provided by the ISP into DNS Server Sear ch Or der field and cl ick Add button..
An important point after buying a device LevelOne NetCon FBR-1409TX (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought LevelOne NetCon FBR-1409TX yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data LevelOne NetCon FBR-1409TX - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, LevelOne NetCon FBR-1409TX you will learn all the available features of the product, as well as information on its operation. The information that you get LevelOne NetCon FBR-1409TX will certainly help you make a decision on the purchase.
If you already are a holder of LevelOne NetCon FBR-1409TX, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime LevelOne NetCon FBR-1409TX.
However, one of the most important roles played by the user manual is to help in solving problems with LevelOne NetCon FBR-1409TX. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device LevelOne NetCon FBR-1409TX along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center