Edimax AC-M3000/AC-M1000

User’s Manual

During the first-time login to Edimax AC-M3000, Internet Explorer will ask user to download the ActiveX component of IPSec VPN. This ActiveX component once downloaded will be running paralleled with the “Login Success Page” after the page being brought up successfully. The ActiveX component helps to setup the IPSec VPN tunnel between client’s device and the NAC Edimax AC-M3000 controller, and to check the validity of the IPSec VPN tunnel between them. If the connection is down, the ActiveX component will detect the broken link and decompose the IPSec tunnel. Once the IPSec VPN tunnel was built, any packet sent will be encrypted. Without connecting to the original IPSec VPN tunnel, user or client device has no alternative to gain network connection beyond this. The design of Edimax AC-M3000’s IPSec VPN feature directly solves possible data security leak problem between client and the controller via either wireless or wired connection without extra hardware or client software installed.

2.Limitations

The limitation of the client side due to ActiveX and Windows OS includes:

a.Internet Connection Firewall of Windows XP or Windows XP SP1 is not compatible with IPSec protocol. It shall be turned off to allow IPSec packets to pass through.

b.Without patch, ICMP (Ping) and PORT command of FTP can not work in Windows XP SP2.

c.The Forced termination (through CTRL+ALT+DEL, Task Manager) of the Internet Explorer will stop the running of ActiveX. It causes IPSec tunnel can’t be cleared properly at client’s device. A reboot of client’s device is needed to clear the IPSec tunnel.

d.The crash of Windows Internet Explorer may cause the same result.

3.Internet Connection Firewall

In Windows XP and Windows XP SP1, the Internet Connection Firewall is not compatible with IPSec. Internet Connection Firewall will drop packets from tunneling of IPSec VPN.

131

Page 133
Image 133
Edimax Technology AC-M1000, AC-M3000 user manual Limitations