Epson IWE3200-H manual Network Security

Page 9

„NAT server. Client computers can share a public IP address provided by an ISP (Internet Service Provider) by NAT (Network Address Translation). And our NAT server function- ality supports the following:

‹Virtual server. Exposing servers on the intranet to the Internet.

‹PPTP, IPSec, and L2TP passthrough. Passing VPN (Virtual Private Network) packets through the intranet-Internet boundary. PPTP means Point-to-Point Tunneling Protocol, IPSec means IP Security, and L2TP means Layer 2 Tunneling Protocol.

‹DMZ (DeMilitarized Zone). All unrecognized IP packets from the Internet can be forwarded to a specific computer on the intranet.

‹Multiple public IP addresses support. An ISP may provide several public IP addresses to a customer. The IWE3200-Hcan map each of the public IP addresses to a host with a private IP address on the intranet.

‹H.323 passthrough. Passing H.323 packets through the intranet-Internet boundary so that users on the intranet can use VoIP (Voice over IP) applications.

‹MSN Messenger support. Supporting Microsoft MSN Messenger for chat, file transfer, and real-time communication applications.

‹Session monitoring. Latest 50 incoming sessions and 50 outgoing sessions are shown for monitoring user traffic.

zDSL/Cable Modem Support. Supporting dynamic IP address assignment by PPPoE (Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.

„Multiple DSL/Cable connections support. Supporting up to 4 DSL/cable-based Internet connections. All outgoing traffic load from the internal network is shared among the multiple Internet connections, so that total outgoing throughput is increased.

zNetwork Security

„Packet address and port filtering. Filtering outgoing packets based on IP address and port number. (Incoming packet filtering is performed by NAT.)

„URL filtering. Preventing client users from accessing unwelcome Web sites. The HTTP (HeperText Transfer Protocol) traffic to the specified Web sites identified by URLs (Uni- versal Resource Locators) is blocked.

„WAN ICMP requests blocking. Some DoS (Denial of Service) attacks are based on ICMP requests with large payloads. Such kind of attacks can be blocked.

„Stateful Packet Inspection (SPI). Analyzing incoming and outgoing packets based on a set of criteria for abnormal content. Therefore, SPI can detect hacker attacks, and can summarily reject an attack if the packet fits a suspicious profile.

4

Image 9
Contents User’s Guide Federal Communication Commission Interference Statement TTE Compliance Statement Table of Contents Page Overview IntroductionFeatures User Authentication, Authorization, and AccountingIeee 802.11b/g Compliant „ Wireless Operation Internet Connection Sharing Network Security Management Firmware ToolsPage LED Definition Feature ComparisonSelecting a Power Supply Method First-Time Installation and ConfigurationMounting the IWE3200-H on a wall Mounting the IWE3200-H on a WallConnecting the Managing Computer and the IWE3200-H Preparing for ConfigurationConfiguring the IWE3200-H Changing the TCP/IP Settings of the Managing ComputerEntering the User Name and Password Home Setup Wizard Selecting an Operational ModeSetup Wizard Configuring TCP/IP Settings Router with a PPPoE-Based DSL/Cable Connec- tionRouter with a DHCP-Based DSL/Cable Connec- tion Router with a Multiple DSL/Cable Connections Router with a Static-IP DSL/Cable ConnectionSetup Wizard Configure Ieee 802.11 Set- tings Setup Wizard Dhcp Server SettingsWeb Redirection Configuring User Authentication SettingsTo setup the Local Authentication method Local Authentication SeverPage How to Setup the mini-POS Ticket Printer To setup the mini-POS Ticket PrinterUsage of control keypad Ieee Configuring Radius SettingsDeploying the IWE3200-H Setting up Client Computers Configuring Ieee 802.11-Related SettingsTo establish a wireless link to an AP Configuring TCP/IP-Related Settings Authentication success Menu Structure Using Web-Based Network ManagementAAA. Authentication, Authorization, and Accounting settings Save, Save & Restart, and Cancel Commands Home and Refresh CommandsIWE3200-H Associated Wireless Clients Authenticated UsersSeeing Status Session List Account TableSpecifying Operational Mode SystemManaged LAN Devices Page Backing up and Restoring Configuration Set- tings by Http Changing PasswordTo upgrade firmware of the access Router by Http Managing FirmwareTo back up configuration of the access Router by Http To restore configuration of the access Router by HttpUpgrading Firmware by Tftp TIP To upgrade firmware of the access Router by TftpBacking up and Restoring Configuration Set- tings by Tftp To back up configuration of the access Router by TftpTo restore configuration of the IWE3200-H by Tftp Setting Time Zone Configuring TCP/IP Related SettingsResetting Configuration to Factory Defaults AddressRouter with a PPPoE-Based DSL/Cable Con- nection Router with a Static-IP DSL/Cable Connection DNS Router with Multiple DSL/Cable ConnectionsDNS Proxy Static DNS Mappings NATBasic To give an internal server a domain nameDhcp Server To expose preset internal serversVirtual Server Mappings FunctionalityStatic Dhcp Mappings Load Balancing Load Balancing Policy SettingsConfiguring Wireless Settings Zero Client ReconfigurationCommunication Wireless Distribution System To enable a WDS link Wireless Distribution System settingsSecurity Page Set the Access control type to exclusive MAC-Address-Based Access ControlTo delete an entry in the access control table Web-redirection mechanism Web RedirectionWeb redirection enabled with authentication Unrestricted Clients Default authentication failure warningWalled Garden To specify a uncontrolled computer by MAC addressTo add a link to the walled garden Radius Robustness Authentication Page Customization Authentication Session ControlTo specify an advertisement link Authentication success page customization settingsDdns Advertisement links settingsFilters and Firewall Configuring Advanced SettingsPacket Filters To set a rule for packet filteringVlan FirewallURL Filters Management UPnPTo block Http traffic to an unwelcome Web site System Log LAN Device Management SnmpTo specify a trap target To specify a LAN device to manage Example for LAN device managementDefault Settings LED Definitions AuthenticationRear Panel DNS ProxyTCP/IP Settings Problems Appendix B TroubleshootingIWE3200-H does not respond to ping from the client computer Cannot access the Internet Wireless Settings ProblemsWireless Gateway/AP Browse Other ProblemsIWE3200-H Power Supply Configuration and ManagementDimensions without antenna WeightIWE500-INJ Power Injector IWE810-POS mini-POS Ticket Printer