TRENDnet TW100-BRV324 manual Adding a New Policy, Broadband VPN Gateway User Guide

Page 80

Broadband VPN Gateway User Guide

Adding a New Policy

To create a new VPN Policy, click the Add New Policy button on the Policies screen.

Image 80

Contents Page Page Table of Contents P/N 956YH10001 Copyright 2007. All Rights Reserved Document Version1.0Broadband VPN Gateway Features Internet Access FeaturesIntroduction ChapterLAN Features Configuration & ManagementPackage Contents Security FeaturesIPSec VPN Gateway Features Microsoft VPN Gateway SupportPhysical Details Front-mounted LEDsRear Panel Requirements InstallationProcedure The Power LED should be ON Installation5. Check the LEDs The WAN1 or WAN2 LED should be ONSetup OverviewThis Chapter provides Setup details of the Broadband VPN Gateway To Do thisConfiguration Program PreparationFigure 5 Password Dialog If you cant connectHome Screen Navigation & Data InputWAN Port Configuration WAN Port SettingsStatic IP Settings Data - WAN Port ScreenPPPoE Dial-up ButtonsPort Options Screen Data - Port Options ScreenPort Options Also called Network Adapter Address or Physical Address. This is aBind Service MTU SizePPPoE Connection Automatic Dial-upLAN Port Screen Data - LAN Port ScreenDHCP Using the Broadband VPN Gateway s DHCP ServerUsing another DHCP Server To Configure your PCs to use DHCPLoad/Backup Screen Data - Load/Backup ScreenAdministration Equilibrium Type has 2 optionsSetup Windows Clients PC ConfigurationTCP/IP Settings - Overview Using Specify an IP Address Checking TCP/IP Settings - Windows 9x/MEUsing DHCP Figure 13 Gateway Tab Win 95/98 Figure 14 DNS Tab Win 95/98Figure 16 Windows NT4.0 - IP Address Checking TCP/IP Settings - Windows NT4.0Figure 15 Windows NT4.0 - TCP/IP Figure 17 - Windows NT4.0 - Add Gateway Obtain an IP address from a DHCP ServerSpecify an IP Address Figure 18 Windows NT4.0 - DNS Checking TCP/IP Settings - Windows Figure 19 Network Configuration Win1. Select Control Panel - Network and Dial-up Connection Figure 20 TCP/IP Properties WinUsing a fixed IP Address Use the following IP Address 1. Select Control Panel - Network Connection Checking TCP/IP Settings - Windows XPFigure 21 Network Configuration Windows XP Figure 22 TCP/IP Properties Windows XP Checking TCP/IP Settings - Windows Vista PC Configuration Internet Access Accessing AOL1. Select Start Menu - Settings - Control Panel - Internet Options 2. Select Set up or change your Internet ConnectionMacintosh Clients Linux ClientsOther Unix Systems Fixed IP AddressStatus Screen Operation and StatusOperation Figure 23 General Status Screen Operation and StatusWAN1/2 FirewallKernel SystemPort Status Port StatusData - Port Status Screen Event Log Event LogData - Event Log Screen Internet URL LogData - URL Log System Log System LogData - System Log Screen URL Filter Dynamic DNS Static Routing QoS Internet FeaturesThe following advanced features are provided Address List PC Database Address List Address ListData - Address List Screen PC Database PC Database ScreenData - PC Database Screen dress, IP Address and CertifyFilter Strings URL FilterData - URL Filter Screen To add an entry to the list, enter it here, and click the Add button Dynamic DNS Dynamic DNS ScreenData - Dynamic DNS Screen Web Site ButtonStatic Routing OverviewStatic Routing Screen Open Routing and Remote AccessData - Static Routing Screen Static RoutingOther Routers on the Local LAN Configuring Other Routers on your LANLocal Router Static Routing - Example For Router As Default RouteFor Router Bs Default Route For the Broadband VPN Gateway s Routing Table192.168.1.80 Broadband VPN Gateway s local routerData - QoS Screen Based on QoS rules set below Rules Screen Security ConfigurationRules Data - Rules Screen Outbound/Inbound ConnectionDefine Firewall Rule Inbound/Outbound Data - Define Firewall Rule ScreenLog Setting Dest IPAdvanced Rule Port Transfer ToSchedules Schedules ScreenTime Zone Firewall -- LogData - Log Screen Second Server Services Data - Services ScreenAvailable Services Add New Serviceif not required MAX 3D Engine Options SecurityData - Security Screen Maximum Con Figure 41 Multi-DMZ E-Mail Data - E-Mail ScreenE-Mail Alert E-Mail LogSelect the desired option for sending the log by E-mail Policies VPN IPSecIPSec VPN Configuration VPN Endpointaddress Traffic SelectorClient PC to VPN Gateway Common VPN SituationsVPN Pass-through Connecting 2 LANs via VPN Figure 45 Connecting 2 VPN GatewaysVPN Configuration Policies ScreenVPN List OperationsCheck Log Enable/DisableCopy Adding a New Policy Figure 47 VPN Wizard - Start Screen General Settings Enable PolicyAllow NetBIOS Authentication and EncryptionAuthentication Algorithm ESP AuthenticationESP Encryption Manual Key Encryptiontion is enabled ESP SPIThis is required if either ESP Encryption or ESP Authentica IKE Internet Key ExchangeAuthentication EncryptionExchange Mode IKE SA AggressiveExample 1 Connecting 2 Broadband VPN Gateways VPN ExamplesSetting LAN A GateIPSec SA Parameters Value Example 2 Windows 2000/XP Client to LANBroadband VPN Gateway Configuration Deselect Activate the default response rule. Click Next Windows Client ConfigurationFigure 50 Windows 2000/XP - Local Security Settings Figure 51 Windows 2000/XP - Policy Properties Figure 52 IP Filter ListFigure 54 New Rule Properties IP Filter List Figure 53 Filter Properties Addressing8. Enter the Source IP address and the Destination IP address 12. Select Negotiate security this selects IKE, then click Add Figure 55 New Rule Properties Filter ActionFigure 56 Require Security Properties VPN Setting Windows SettingFigure 57 Modify Security Method Figure 58 Require Security PropertiesFigure 59 Tunnel Setting Figure 60 Authentication MethodFigure 61 Windows 2000/XP Client to Broadband VPN Gateway Figure 62 Windows 2000/XP Client to Broadband VPN GatewayFigure 64 Filter List Figure 63 Filter Properties Addressing22. Click OK to save your changes, then Close Figure 65 Filter Action Figure 66 Security MethodsFigure 68 Tunnel Setting Figure 67 Modify Security MethodFigure 69 Authentication Method Figure 70 DUT to Win2K PropertiesFigure 72 Key Exchange Settings Figure 71 Properties - General Tab32. Click the Advanced button to see the screen below 33. Click the Methods button to see the screen belowExample 3 Windows 2000 Server to VPN Gateway Figure 74 IKE Security AlgorithmsFigure 75 Windows 2000/XP Client to Broadband VPN Gateway Figure 76 Broadband VPN Gateway to Windows 2000 ServerSubnet address 11.5.0.0 Address range used on the remote LAN Remote IP addressesFor a single client, this is the same as the Gateway address Windows 2000 Server Configuration Figure 77 Windows 2000 Server - AddressingCertificates Trusted CertificatesRequesting a Trusted Certificate Trusted CertificatesPrivate Certificate Data - Private Certificate ScreenPrivate Certificate Private Certificate RequestsRequesting a Private Certificate Upload ButtonNew Request ButtonSelect the desired option. RSA is recommended To add a New CRL VPN Status VPN StatusData - VPN Status Screen Server Setup Microsoft VPNData - VPN Adapter Screen UserPPTP Service Data - User Screen Existing UsersProperties ButtonStatus Log Screen Service LogData - Status Log Screen Status LogWindows Client Setup Windows 98/ME1. Click Start - Settings - Dial-up Networking 2. Select Make New ConnectionWindows ME VPN Dialing Properties 2. Select Start - Settings - Dial-up NetworkingTo establish a connection Figure 93 Windows 2000 Public Network WindowsFigure 92 Windows 2000 Network Connection Figure 94 Windows 2000 VPN Host Figure 95 Windows 2000 Connection AvailabilityFigure 96 Windows 2000 Finish Wizard Figure 98 Windows XP Network Connection Windows XPFigure 97 Windows XP Network Connection Type Figure 101 Windows XP VPN Server Figure 99 Windows XP Connection NameFigure 100 Windows XP Public Network Figure 102 Windows XP Connection Availability Other Features & Settings Diagnostics Data - Diagnostics ScreenPing DNS LookupSearch Button Data - Account Management Screen Password ScreenPassword Data - Web Management Screen Web ManagementSettings To connect from a remote PC via the Internet HTTPS//123.123.123.1238080Firmware Upgrade Data - Firmware Upgrade ScreenTo perform the Firmware Upgrade Firmware UpgradeBackup/Restore Data - Backup/Restore ScreenDefault Configu- ration This will delete ALL of the existing settingsTroubleshooting General ProblemsInternet Access Appendix AIt is a security risk, since the firewall is disabled Appendix B Specifications Broadband VPN GatewayFCC Statement FCC Radiation Exposure StatementCE Marking Warning CE StandardsAppendix B - Specifications Broadband VPN Gateway User Guide

Related manuals

Manual 8 pages 5.73 Kb

TW100-BRV324 specifications

The TRENDnet TW100-BRV324 is a versatile broadband router designed to provide small to medium-sized businesses with reliable networking capabilities. One of its key features is its built-in firewall security, which ensures robust protection against unauthorized access and threats from the internet. This appliance uses Stateful Packet Inspection (SPI), providing a comprehensive barrier against a variety of cyber threats.

Equipped with a DHCP server, the TW100-BRV324 simplifies IP address assignment, allowing administrators to manage network resources efficiently. The device supports both DHCP and static IP configurations, making it flexible for various network setups. Additionally, it offers VPN pass-through capabilities, allowing secure remote access for users needing to connect to the corporate network from outside.

The TW100-BRV324 is noted for its impressive NAT (Network Address Translation) capabilities, which enable multiple devices on a local network to access the internet through a single public IP address. This feature is particularly beneficial in saving costs related to IP addresses while enhancing network management. Furthermore, it boasts an integrated 4-port switch, facilitating wired connections for several devices in a local area network (LAN).

In terms of connectivity, the router supports 10/100 Mbps Ethernet, providing sufficient bandwidth for most small business applications. The device is also easy to set up, thanks to its user-friendly web-based interface, which guides users through the configuration process. This simplicity makes it suitable for individuals with varying levels of networking expertise.

The TW100-BRV324 supports multiple connection types, including DSL and cable internet, ensuring compatibility with various ISPs. Additionally, it embeds Quality of Service (QoS) features, allowing network administrators to prioritize traffic. This is crucial for ensuring that bandwidth-intensive applications, such as video conferencing and VoIP, receive the necessary resources for optimal performance.

In summary, the TRENDnet TW100-BRV324 is a robust and feature-rich router well-suited for small to medium-sized businesses. With its combination of security features, flexible configurations, and user-friendly management tools, it offers a powerful solution for those seeking reliable network performance without the need for extensive technical knowledge.