Edimax AC-M3000/AC-M1000
User’s Manual
131
During the first-time login to Edimax AC-M3000, Internet Explorer will ask user to download the ActiveX
component of IPSec VPN. This ActiveX component once downloaded will be running paralleled with the “Login
Success Page” after the page being brought up successfully. The ActiveX component helps to setup the IPSec
VPN tunnel between client’s device and the NAC Edimax AC-M3000 controller, and to check the validity of the
IPSec VPN tunnel between them. If the connection is down, the ActiveX component will detect the broken link
and decompose the IPSec tunnel. Once the IPSec VPN tunnel was built, any packet sent will be encrypted.
Without connecting to the original IPSec VPN tunnel, user or client device has no alternative to gain network
connection beyond this. The design of Edimax AC-M3000’s IPSec VPN feature directly solves possible data
security leak problem between client and the controller via either wireless or wired connection without extra
hardware or client software installed.
The limitation of the client side due to ActiveX and Windows OS includes:
a. Internet Connection Firewall of Windows XP or Windows XP SP1 is not compatible with IPSec protocol. It
shall be turned off to allow IPSec packets to pass through.
b. Without patch, ICMP (Ping) and PORT command of FTP can not work in Windows XP SP2.
c. The Forced termination (through CTRL+ALT+DEL, Task Manager) of the Internet Explorer will stop the
running of ActiveX. It causes IPSec tunnel can’t be cleared properly at client’s device. A reboot of client’s
device is needed to clear the IPSec tunnel.
d. The crash of Windows Internet Explorer may cause the same result.
In Windows XP and Windows XP SP1, the Internet Connection Firewall is not compatible with IPSec. Internet
Connection Firewall will drop packets from tunneling of IPSec VPN.