TRENDnet TW100-BRV204 Manually assigned Keys, ESP Encryption, ESP Authentication, Tion is enabled

Page 80

VPN

These settings must match the remote VPN. Note that you cannot use both AH and ESP.

Manually assigned Keys

AH Authentication AH (Authentication Header) specifies the authentication protocol for the VPN header, if used. (AH is often NOT used)

If AH is not enabled, the following settings can be ignored.

Keys

• The "in" key here must match the "out" key on the remote VPN, and the "out" key here must match the "in" key on the remote VPN.

• Keys can be in ASCII or Hex (0..9 A..F)

• For MD5, the keys should be 32 hex/16 ASCII characters.

• For SHA-1, the keys should be 40 hex/20 ASCII characters.

 

SPI

 

• Each SPI (Security Parameter Index) must be unique.

 

• The "in" SPI here must match the "out" SPI on the remote

 

VPN, and the "out" SPI here must match the "in" SPI on the

 

remote VPN.

 

• Each SPI should be at least 3 characters.

 

 

ESP Encryption

ESP (Encapsulating Security Payload) provides security for the

 

payload (data) sent through the VPN tunnel. Generally, you will

 

want to enable both Encryption and Authentication.

 

• The "3DES" algorithm provides greater security than "DES",

 

but is slower.

 

• The "in" key here must match the "out" key on the remote

 

VPN, and the "out" key here must match the "in" key on the

 

remote VPN.

 

 

ESP Authentication

Generally, you should enable ESP Authentication. There is little

 

difference between the available algorithms. Just ensure each

 

endpoint use the same setting.

 

• The "in" key here must match the "out" key on the remote

 

VPN, and the "out" key here must match the "in" key on the

 

remote VPN.

 

• Keys can be in ASCII or Hex (0..9 A..F)

 

• For MD5, the keys should be 32 hex/16 ASCII characters.

 

• For SHA-1, the keys should be 40 hex/20 ASCII characters.

ESP SPI

This is required if either ESP Encryption or ESP Authentica-

 

tion is enabled.

 

• Each SPI (Security Parameter Index) must be unique.

 

• The "in" SPI here must match the "out" SPI on the remote

 

VPN, and the "out" SPI here must match the "in" SPI on the

 

remote VPN.

 

• Each SPI should be at least 3 characters.

For Manual Key Exchange, configuration is now complete.

Click "Next" to view the final screen.

On the final screen, click "Finish" to save your settings, then "Close" to exit the Wizard.

77

Page 79 Page 81
Image 80
Page 79 Page 81
Contents Cable/DSL Internet Access Port Switching Hub Users GuideTable of Contents Examples Using Certificates Config FileRemote Administration Upgrade FirmwareTW100-BRV204 Features Internet Access FeaturesLAN Features Configuration & ManagementSecurity Features Advanced Internet FunctionsPackage Contents Physical Details Front-mounted LEDsRear Panel Procedure Choose an Installation SiteRequirements Connect LAN CablesCheck the LEDs Power UpConnect WAN Cable Overview To Do this Refer toPreparation Configuration ProgramUsing UPnP Using your Web Browser If you cant connectSetup Wizard Common Connection TypesCable Modems DSL ModemsSingTel RAS Other Modems e.g. Broadband WirelessBig Pond Cable Australia Home Screen Navigation & Data InputWAN Port Configuration Screen Data WAN Port ScreenIdentification IP AddressLogin MAC Address MAC AddressButtons LAN ScreenData LAN Screen Using the TW100-BRV204 s Dhcp Server Using another Dhcp ServerTo Configure your PCs to use Dhcp What Dhcp DoesTCP/IP Settings Overview Windows ClientsUsing Specify an IP Address Checking TCP/IP Settings Windows 9x/MEUsing Dhcp Gateway Tab Win 95/98 Checking TCP/IP Settings Windows NT4.0 Windows NT4.0 TCP/IPObtain an IP address from a Dhcp Server Specify an IP AddressWindows NT4.0 Add Gateway Windows NT4.0 DNS Checking TCP/IP Settings Windows Network Configuration WinUsing a fixed IP Address Use the following IP Address TCP/IP Properties WinChecking TCP/IP Settings Windows XP Network Configuration Windows XPTCP/IP Properties Windows XP Internet Access Accessing AOLFor Windows 9x/ME/2000 For Windows XPMacintosh Clients Linux ClientsOther Unix Systems Fixed IP AddressOperation Status ScreenSystem Data Status ScreenInternet Connection Status PPPoE Data PPPoE ScreenConnection Connection LogConnection Log Messages Clear LogRefresh Message DescriptionPptp Status Connection Status PptpData Pptp Screen Connection Status Connection Status Telstra Big PondData Telstra Big Pond Screen Connection Details SingTel RAS Data SingTel RAS ScreenDefault Gateway Dhcp ClientRelease/Renew Button will displayConnection Details Fixed/Dynamic IP Address Data Fixed/Dynamic IP address ScreenRenew Advanced Internet Screen Internet ScreenCommunication Applications Special ApplicationsSpecial Applications Screen Communication ApplicationsUsing a Special Application Data Special Applications ScreenDMZ URL FilterFilter Strings URL Filter ScreenData URL Filter Screen Ddns Service Dynamic DNS Domain Name ServerDynamic DNS Screen Data Dynamic DNS ScreenPassword Domain Name Ddns DataUser Name Ddns StatusVirtual Servers IP Address seen by Internet UsersConnecting to the Virtual Servers Virtual Servers ScreenDefining your own Virtual Servers Data Virtual Servers ScreenBackup DNS OptionsData Options Screen MTU sizeAdmin Login Admin Login ScreenSecurity Configuration Access Control Access Control ScreenTo use this feature Data Access Control ScreenInternet Access Access Control Log Group Members ScreenDate/Time Source IP addressThis feature is for advanced administrators only Firewall RulesFirewall Rules Screen Data Firewall Rules ScreenData EditMove DeleteDefine Firewall Rule Data Define Firewall Rule ScreenType Source IPLog Dest IPAction Enable Logs LogsData Logs Screen DoS AttacksSyslog Server TimezoneMail Logs SPI Firewall Security OptionsData Security Options Screen Options Data Define Schedule Screen SchedulingDefine Schedule Screen Services Data Services ScreenAvailable Services Add New ServiceDelete the selected service from the list IPSec TW100-BRV204 does not support Transport ModeTW100-BRV204 always uses Tunnel Mode VPN Configuration PoliciesClient PC to VPN Gateway Common VPN SituationsVPN Pass-through Connecting 2 LANs via VPN Connecting 2 VPN GatewaysVPN Configuration VPN Policies ScreenData VPN Policies Screen VPN ListCopy Enable/DisableAdding a New Policy General Settings Enable PolicyEndpoint KeysVPN Wizard Traffic Selector Local IP addressesRemote IP addresses Manual Key ExchangeESP Authentication Tion is enabledManually assigned Keys ESP EncryptionIKE Phase IKE Phase 1 IKE SAIKE Phase 2 IPsec SA TW100-BRV204 User Guide Example 1 Connecting 2 TW100-BRV204s Configuration SettingsSetting LAN a Gate LAN B Gate Way ExamplesDES IPSec SA ParametersExample 2 Windows 2000/XP Client to LAN TW100-BRV204 ConfigurationSetting Value Windows Client Configuration Windows 2000/XP Local Security SettingsWindows 2000/XP Policy Properties Filter Properties Addressing New Rule Properties Filter Action VPN Setting Windows Setting Modify Security MethodTunnel Setting Windows 2000/XP Client to Broadband VPN Gateway Filter List Filter Action Modify Security Method DUT to Win2K Properties Properties General Tab Key Exchange Security Methods IKE Security AlgorithmsSetting Single Client Server/Gateway Example 3 Windows 2000 Server to VPN GatewayWindows 2000 Server Configuration Windows 2000 Server AddressingSelf Certificates Using CertificatesTrusted Certificates Adding a Trusted Certificate Adding a Self CertificateSignature Key Length Hash AlgorithmSignature Algorithm CRLs To add a New CRLUpload CRL Administration Routing UpgradeRemote FirmwareConfig File Data Config File ScreenBackup Config Restore ConfigPC Database PC Database ScreenAdministration Data PC Database ScreenKnown PCs Generate ReportPC Properties PC Database AdminData PC Database Admin Screen Update Selected Add as NewEntry Clear FormRemote Administration Data Remote Administration ScreenRemote Administration To connect from a remote PC via the InternetUsing this Screen RoutingOverview Routing ScreenData Routing Screen Static RoutingOther Routers on the Local LAN Configuring Other Routers on your LANLocal Router For Router As Default Route For Router Bs Default RouteStatic Routing Example For the TW100-BRV204 s Routing TableUpgrade Firmware To perform the Firmware UpgradeData Upnp Screen UPnPProblem 1 Cant connect to the TW100-BRV204 to configure it General ProblemsInternet Access TW100-BRV204 User Guide TW100-BRV204 FCC StatementCE Marking Warning FCC Radiation Exposure Statement
Related manuals
Manual 2 pages 3.46 Kb

VPN Firewall Router, TW100-BRV204 specifications

The TRENDnet TW100-BRV204 is a versatile broadband router that caters to small office and home office environments. This device is designed to streamline connectivity and enhance network performance, making it an excellent choice for users looking to optimize their internet experience.

One of the primary features of the TW100-BRV204 is its integrated four-port 10/100 Mbps Ethernet switch, allowing users to connect multiple devices directly via Ethernet cables. This ensures fast and reliable wired connections for computers, printers, and other networked devices, reducing latency and improving overall performance.

Additionally, the router boasts a built-in firewall that provides crucial security features. The NAT (Network Address Translation) and SPI (Stateful Packet Inspection) firewalls help protect the network from external threats while allowing seamless communication between devices on the local network. This level of security is essential for small business owners who need to safeguard sensitive data.

The TW100-BRV204 also supports advanced QoS (Quality of Service) technology, which prioritizes bandwidth allocation. This ensures that critical applications, such as VoIP (Voice over Internet Protocol) and video conferencing, receive the necessary bandwidth for optimal performance. By minimizing lag and interruptions, users can maintain a smooth online experience.

Another notable characteristic of the TRENDnet TW100-BRV204 is its support for PPPoE (Point-to-Point Protocol over Ethernet) and static IP connections. This versatility makes it compatible with various types of internet service providers, ensuring that users can easily configure their network settings without hassle.

For wireless connectivity, the TW100-BRV204 is equipped with robust wireless capabilities, adhering to the 802.11g standard, allowing for wireless communication with compatible devices. Though not as speedy as the newer 802.11n or 802.11ac standards, it still offers good performance for basic browsing and streaming tasks within its range.

In summary, the TRENDnet TW100-BRV204 is an excellent choice for those seeking a reliable and secure broadband router for small office applications. With its built-in Ethernet switch, strong firewall, QoS support, and compatibility with various ISP configurations, it stands out as a dependable solution for enhancing connectivity and productivity in a compact design. Whether for business or personal use, this router offers the essential features needed to facilitate a robust network environment.
Top Page Image Contents