TRENDnet TW100-BRV324 manual Multi-DMZ

Page 71
Figure 41: Multi-DMZ

Security Configuration

DMZ

This feature, if enabled, allows the DMZ computer or computers on your LAN to be exposed to all users on the Internet.

This allows almost any application to be used on the "DMZ PC".

The "DMZ PC" will receive all "Unknown" connections and data.

If the DMZ feature is enabled, you must select the PC to be used as the "DMZ PC".

Figure 41: Multi-DMZ

To use this feature:

Enable this DMZ.

The WAN IP address field displays the IP address allocated to you by your ISP.

Enter the Corresponding IP to be the DMZ PC for traffic sent to this IP address.

If you have multiple Internet IP addresses, you can assign one DMZ PC for each Internet IP address.

If you only have 1 WAN IP address, only "DMZ 1" can be used, and only one (1) PC can be the DMZ PC. The current WAN IP address is displayed. If this address is assigned upon connection, and no connection currently exists, then this address will be blank or 0.0.0.0.

The "DMZ PC" is effectively outside the Firewall, mak- ing it more vulnerable to attacks. For this reason, you should only enable the DMZ feature when required.

67

Page 70 Page 72
Image 71
Page 70 Page 72
Contents Page Page Table of Contents Document Version1.0 P/N 956YH10001 Copyright 2007. All Rights ReservedChapter Broadband VPN Gateway FeaturesInternet Access Features IntroductionConfiguration & Management LAN FeaturesMicrosoft VPN Gateway Support Package ContentsSecurity Features IPSec VPN Gateway FeaturesFront-mounted LEDs Physical DetailsRear Panel Requirements InstallationProcedure The WAN1 or WAN2 LED should be ON The Power LED should be ONInstallation 5. Check the LEDsTo Do this SetupOverview This Chapter provides Setup details of the Broadband VPN GatewayPreparation Configuration ProgramIf you cant connect Figure 5 Password DialogNavigation & Data Input Home ScreenData - WAN Port Screen WAN Port ConfigurationWAN Port Settings Static IP SettingsButtons PPPoE Dial-upAlso called Network Adapter Address or Physical Address. This is a Port Options ScreenData - Port Options Screen Port OptionsAutomatic Dial-up Bind ServiceMTU Size PPPoE ConnectionData - LAN Port Screen LAN Port ScreenTo Configure your PCs to use DHCP DHCPUsing the Broadband VPN Gateway s DHCP Server Using another DHCP ServerEquilibrium Type has 2 options Load/Backup ScreenData - Load/Backup Screen AdministrationSetup Windows Clients PC ConfigurationTCP/IP Settings - Overview Using Specify an IP Address Checking TCP/IP Settings - Windows 9x/MEUsing DHCP Figure 14 DNS Tab Win 95/98 Figure 13 Gateway Tab Win 95/98Figure 16 Windows NT4.0 - IP Address Checking TCP/IP Settings - Windows NT4.0Figure 15 Windows NT4.0 - TCP/IP Figure 17 - Windows NT4.0 - Add Gateway Obtain an IP address from a DHCP ServerSpecify an IP Address Figure 18 Windows NT4.0 - DNS Figure 20 TCP/IP Properties Win Checking TCP/IP Settings - WindowsFigure 19 Network Configuration Win 1. Select Control Panel - Network and Dial-up ConnectionUsing a fixed IP Address Use the following IP Address 1. Select Control Panel - Network Connection Checking TCP/IP Settings - Windows XPFigure 21 Network Configuration Windows XP Figure 22 TCP/IP Properties Windows XP Checking TCP/IP Settings - Windows Vista PC Configuration 2. Select Set up or change your Internet Connection Internet AccessAccessing AOL 1. Select Start Menu - Settings - Control Panel - Internet OptionsFixed IP Address Macintosh ClientsLinux Clients Other Unix SystemsStatus Screen Operation and StatusOperation Operation and Status Figure 23 General Status ScreenSystem WAN1/2Firewall KernelPort Status Port StatusData - Port Status Screen Event Log Event LogData - Event Log Screen Internet URL LogData - URL Log System Log System LogData - System Log Screen URL Filter Dynamic DNS Static Routing QoS Internet FeaturesThe following advanced features are provided Address List PC Database Address List Address ListData - Address List Screen PC Database Screen PC Databasedress, IP Address and Certify Data - PC Database ScreenFilter Strings URL FilterData - URL Filter Screen To add an entry to the list, enter it here, and click the Add button Dynamic DNS Screen Dynamic DNSWeb Site Button Data - Dynamic DNS ScreenOpen Routing and Remote Access Static RoutingOverview Static Routing ScreenStatic Routing Data - Static Routing ScreenOther Routers on the Local LAN Configuring Other Routers on your LANLocal Router For the Broadband VPN Gateway s Routing Table Static Routing - ExampleFor Router As Default Route For Router Bs Default Routelocal router 192.168.1.80 Broadband VPN Gateway sData - QoS Screen Based on QoS rules set below Rules Screen Security ConfigurationRules Outbound/Inbound Connection Data - Rules ScreenData - Define Firewall Rule Screen Define Firewall Rule Inbound/OutboundPort Transfer To Log SettingDest IP Advanced RuleSchedules Screen SchedulesTime Zone Firewall -- LogData - Log Screen Second Server Add New Service ServicesData - Services Screen Available Servicesif not required MAX 3D Engine Options SecurityData - Security Screen Maximum Con Figure 41 Multi-DMZ E-Mail Log E-MailData - E-Mail Screen E-Mail AlertSelect the desired option for sending the log by E-mail Policies VPN IPSecIPSec Traffic Selector VPN ConfigurationVPN Endpoint addressClient PC to VPN Gateway Common VPN SituationsVPN Pass-through Figure 45 Connecting 2 VPN Gateways Connecting 2 LANs via VPNOperations VPN ConfigurationPolicies Screen VPN ListCheck Log Enable/DisableCopy Adding a New Policy Figure 47 VPN Wizard - Start Screen Authentication and Encryption General SettingsEnable Policy Allow NetBIOSManual Key Encryption Authentication AlgorithmESP Authentication ESP EncryptionIKE Internet Key Exchange tion is enabledESP SPI This is required if either ESP Encryption or ESP AuthenticaIKE SA Aggressive AuthenticationEncryption Exchange ModeLAN A Gate Example 1 Connecting 2 Broadband VPN GatewaysVPN Examples SettingIPSec SA Parameters Value Example 2 Windows 2000/XP Client to LANBroadband VPN Gateway Configuration Deselect Activate the default response rule. Click Next Windows Client ConfigurationFigure 50 Windows 2000/XP - Local Security Settings Figure 52 IP Filter List Figure 51 Windows 2000/XP - Policy PropertiesFigure 54 New Rule Properties IP Filter List Figure 53 Filter Properties Addressing8. Enter the Source IP address and the Destination IP address 12. Select Negotiate security this selects IKE, then click Add Figure 55 New Rule Properties Filter ActionFigure 56 Require Security Properties Figure 58 Require Security Properties VPN SettingWindows Setting Figure 57 Modify Security MethodFigure 60 Authentication Method Figure 59 Tunnel SettingFigure 62 Windows 2000/XP Client to Broadband VPN Gateway Figure 61 Windows 2000/XP Client to Broadband VPN GatewayFigure 64 Filter List Figure 63 Filter Properties Addressing22. Click OK to save your changes, then Close Figure 66 Security Methods Figure 65 Filter ActionFigure 67 Modify Security Method Figure 68 Tunnel SettingFigure 70 DUT to Win2K Properties Figure 69 Authentication Method33. Click the Methods button to see the screen below Figure 72 Key Exchange SettingsFigure 71 Properties - General Tab 32. Click the Advanced button to see the screen belowFigure 76 Broadband VPN Gateway to Windows 2000 Server Example 3 Windows 2000 Server to VPN GatewayFigure 74 IKE Security Algorithms Figure 75 Windows 2000/XP Client to Broadband VPN GatewaySubnet address 11.5.0.0 Address range used on the remote LAN Remote IP addressesFor a single client, this is the same as the Gateway address Figure 77 Windows 2000 Server - Addressing Windows 2000 Server ConfigurationTrusted Certificates CertificatesTrusted Certificates Requesting a Trusted CertificatePrivate Certificate Requests Private CertificateData - Private Certificate Screen Private CertificateButton Requesting a Private CertificateUpload Button New RequestSelect the desired option. RSA is recommended To add a New CRL VPN Status VPN StatusData - VPN Status Screen Microsoft VPN Server SetupData - VPN Adapter Screen UserPPTP Service Button Data - User ScreenExisting Users PropertiesStatus Log Status Log ScreenService Log Data - Status Log Screen2. Select Make New Connection Windows Client SetupWindows 98/ME 1. Click Start - Settings - Dial-up NetworkingWindows ME VPN Dialing Properties 2. Select Start - Settings - Dial-up NetworkingTo establish a connection Figure 93 Windows 2000 Public Network WindowsFigure 92 Windows 2000 Network Connection Figure 95 Windows 2000 Connection Availability Figure 94 Windows 2000 VPN HostFigure 96 Windows 2000 Finish Wizard Figure 98 Windows XP Network Connection Windows XPFigure 97 Windows XP Network Connection Type Figure 101 Windows XP VPN Server Figure 99 Windows XP Connection NameFigure 100 Windows XP Public Network Figure 102 Windows XP Connection Availability Other Features & Settings DNS Lookup DiagnosticsData - Diagnostics Screen PingSearch Button Data - Account Management Screen Password ScreenPassword Data - Web Management Screen Web ManagementSettings HTTPS//123.123.123.1238080 To connect from a remote PC via the InternetFirmware Upgrade Firmware UpgradeData - Firmware Upgrade Screen To perform the Firmware UpgradeData - Backup/Restore Screen Backup/RestoreThis will delete ALL of the existing settings Default Configu- rationAppendix A TroubleshootingGeneral Problems Internet AccessIt is a security risk, since the firewall is disabled FCC Radiation Exposure Statement Appendix B SpecificationsBroadband VPN Gateway FCC StatementCE Standards CE Marking WarningAppendix B - Specifications Broadband VPN Gateway User Guide
Related manuals
Manual 8 pages 5.73 Kb

TW100-BRV324 specifications

The TRENDnet TW100-BRV324 is a versatile broadband router designed to provide small to medium-sized businesses with reliable networking capabilities. One of its key features is its built-in firewall security, which ensures robust protection against unauthorized access and threats from the internet. This appliance uses Stateful Packet Inspection (SPI), providing a comprehensive barrier against a variety of cyber threats.

Equipped with a DHCP server, the TW100-BRV324 simplifies IP address assignment, allowing administrators to manage network resources efficiently. The device supports both DHCP and static IP configurations, making it flexible for various network setups. Additionally, it offers VPN pass-through capabilities, allowing secure remote access for users needing to connect to the corporate network from outside.

The TW100-BRV324 is noted for its impressive NAT (Network Address Translation) capabilities, which enable multiple devices on a local network to access the internet through a single public IP address. This feature is particularly beneficial in saving costs related to IP addresses while enhancing network management. Furthermore, it boasts an integrated 4-port switch, facilitating wired connections for several devices in a local area network (LAN).

In terms of connectivity, the router supports 10/100 Mbps Ethernet, providing sufficient bandwidth for most small business applications. The device is also easy to set up, thanks to its user-friendly web-based interface, which guides users through the configuration process. This simplicity makes it suitable for individuals with varying levels of networking expertise.

The TW100-BRV324 supports multiple connection types, including DSL and cable internet, ensuring compatibility with various ISPs. Additionally, it embeds Quality of Service (QoS) features, allowing network administrators to prioritize traffic. This is crucial for ensuring that bandwidth-intensive applications, such as video conferencing and VoIP, receive the necessary resources for optimal performance.

In summary, the TRENDnet TW100-BRV324 is a robust and feature-rich router well-suited for small to medium-sized businesses. With its combination of security features, flexible configurations, and user-friendly management tools, it offers a powerful solution for those seeking reliable network performance without the need for extensive technical knowledge.
Top Page Image Contents