Manuals / Brands / Computer Equipment / Network Router / Planet Technology / Computer Equipment / Network Router

Planet Technology ADE-4300A/B, ADW-4300A/B VPN Pass-through, Client PC to VPN Gateway, Figure 78: VPN Pass-through, Figure 79: Client PC to VPN Server

1 132

Download 132 pages, 2.16 Mb

Appendix C - VPNs

Common VPN Situations

VPN Pass-throughFigure 78: VPN Pass-through

Here, a PC on the LAN behind the Router/Gateway is using VPN software, but the Router/Gateway is NOT acting as a VPN endpoint. It is only allowing the VPN connec- tion.

∙The PC software can use any VPN protocol supported by the remote VPN.

∙The remote VPN Server must support client PCs which are behind a NAT router, and so have an IP address which is not valid on the Internet.

∙The Router/Gateway requires no VPN configuration, since it is not acting as a VPN endpoint.

Client PC to VPN GatewayFigure 79: Client PC to VPN Server

In this situation, the PC must run appropriate VPN client software in order to connect, via the Internet, to the ADE-4300/ADW-4300 or other VPN Gateway. Once connected, the client PC has the same access to LAN resources as PCs on the local LAN (unless restricted by the network administrator).

∙IPsec is not the only protocol which can be used in this situation, but the ADE- 4300/ADW-4300 supports IPsec ONLY.

∙Windows 2000 and Windows XP include an IPsec VPN client program. However, configuration of this client program for use with the ADE-4300/ADW-4300 is very complex and beyond the scope of this document.

119

Contents

Page Copyright Federal Communication Commission Interference Statement FCC Caution: Federal Communication Commission (FCC) Radiation Exposure Statement R&TTE Compliance Statement Safety Revision Model: ADE-4300A/B, ADW-4300A/B Rev: 1.0 (Jan. 2005) Page Page Management Connections Wireless Access (ADW-4300only) Wireless LAN Configuration Introduction ∙ADSL 2/2+ Modem ∙Shared Broadband Internet Access for all LAN users Wireless Access Point VPN Gateway IPoA, PPPoE, PPPoA, Direct Connection Support Auto-detection of Internet Connection Method Fixed or Dynamic IP Address Application Level Gateways (ALGs) Standards Compliant Supports both 802.11b and 802.11g Wireless Stations Speeds to 54Mbps WEP support WPA-PSK Protection against DoS attacks Page Front-mountedLEDs of ADE-4300 Figure 2-1:Front Panel of ADE-4300 Front-mountedLEDs of ADW-4300 PWR LED STATUS LED Rear Panel Figure 4-1:Rear Panel of ADE-4300 RESET Button (Reset to De- faults) POWER port 10/100BaseT LAN connections Installation 2. Connect LAN Cables 3. Connect ADSL Cable 4. Power Up 5. Check the LEDs Setup Your Browser must support JavaScript Preparation Using your Web Browser HTTP://192.168.0.1 If you can't connect ping Common Connection Types Type Details ISP Data required Figure 7: Home Screen Main Menu Log Out Restart Navigation & Data Input Figure 8: LAN Screen Data - LAN Screen TCP/IP Subnet Mask ∙ The Start IP Address and Finish IP Address fields set the DHCP server client Using the ADE-4300/ADW-4300'sDHCP Server LAN Using another DHCP Server Wireless Figure 9: Wireless Screen Data - Wireless Screen Identification Region Options Mode 802.11G-plus (TI) 802.11g & 802.11b Allow access by … All Wireless Stations ∙ Trusted Wireless stations only - Only wireless stations you Set Stations Disabled WEP WPA-PSK WEP Wireless Security Figure 10: WEP Passphrase WPA-PSKWireless Security Figure 11: WPA-PSK Data - WPA-PSKScreen System Figure 12: Trusted Wireless Stations Data - Trusted Wireless Stations Trusted Wireless Stations Other Wireless Edit Add (Update) Clear Figure 13: Password Screen Old Password New password Verify pass word Figure 15: Mode Screen Router Modem Notes: PC Configuration Checking TCP/IP Settings - Windows 9x/ME: Figure 16: Network Configuration Figure 17: IP Address (Win 95) Using DHCP Using this is recommended Figure 18: Gateway Tab (Win 95/98) Figure 19: DNS Tab (Win 95/98) Checking TCP/IP Settings - Windows NT4.0 Figure 20: Windows NT4.0 - TCP/IP Figure 21: Windows NT4.0 - IP Address Obtain an IP address from a DHCP Server Specify an IP Address Figure 22 - Windows NT4.0 - Add Gateway Figure 23: Windows NT4.0 - DNS Checking TCP/IP Settings - Windows 2000: Figure 24: Network Configuration (Win 2000) Figure 25: TCP/IP Properties (Win 2000) Using a fixed IP Address ("Use the following IP Address") Checking TCP/IP Settings - Windows XP Figure 26: Network Configuration (Windows XP) Figure 27: TCP/IP Properties (Windows XP) Internet Access For Windows 9x/ME/2000 unchecked For Windows XP Accessing AOL Ensure you are logged in as "root" before attempting any changes Fixed IP Address To act as a DHCP Client (recommended) Infrastructure SSID (ESSID) Wireless Note! The SSID is case sensitive Wireless Figure 29 Wireless Networks (Windows XP) If Wireless Security is Disabled Figure 30 Insecure Wireless Network (Windows XP) To connect: If using WEP Data Encryption Figure 31: WEP (Windows XP) To connect: Disable Figure 32: Advanced - Wireless Networks Figure 33: Wireless Network Properties - WEP Configure this screen as follows: default key value default key index Figure 34: Preferred Networks If using WPA-PSKData Encryption Figure 35: Wireless Networks (Windows XP) Figure 36: Advanced - Wireless Networks Figure 37: Wireless Network Properties- WPA-PSK TKIP Figure 38: Preferred Networks If the SSID is not listed Figure 39: Wireless Networks (Windows XP) Figure 40: Unlisted Wireless Network Figure 41: Add Wireless Network Figure 42: Preferred Networks Operation and Status Figure 43: Status Screen Data - Status Screen Device Name Firmware Version ADSL Internet (VC1) Connection Method Connection Status Active Idle Attached Devices VPN Status Chapter 6 - Advanced Features Refresh Screen Figure 44: PPPoE Status Screen Data - PPPoE/PPPoA Screen Connection Time PPPoE Link Status Negotiation Figure 45: Connection Details - Fixed/Dynamic IP Address Data - Dynamic IP address Internet Default Gateway DNS Server Figure 464: Connection Details - Fixed/Dynamic IP Address Data - Fixed IP address Screen Advanced Features Figure 475: Access Control Screen Data - Access Control Screen Internet Access Access control Block all Internet access Figure 48: Trusted PCs Data - Trusted PCs Other PCs Save Figure 47: Internet Screen DMZ Special Applications Special Applications Figure 48: Special Applications Screen Data - Special Applications Screen Checkbox Incoming Ports Using a Special Application URL Filter Block By Schedule Block Always Allow Trusted PCs to Visit Blocked Sites Figure 49: URL Filter Screen Data - URL Filter Screen Current Filter Strings Current Filter Strings DDNS Services work as follows: Dynamic DNS Screen Figure 50: DDNS Screen Data - Dynamic DNS Screen DDNS Service DDNS Data Host Name User Name Password Domain Name Firewall Rules Block Allow Firewall Rules Screen Figure 51 Firewall Screen Log Outgoing Rules LAN Users WAN Servers Incoming Rules (Inbound Services) Figure 52: Inbound Services Screen Data - Incoming Rules Screen Inbound Services Service Always Never Match Not Match Outgoing Rules (Outbound Services) Single PC Figure 54: Add Services Screen Data - Firewall Services Services Existing Ser vices Add/Edit Service Services Figure 55 : Add/Edit Service Data - Add/Edit Service Start Port Options Figure 56: Options Screen Data - Options Screen Respond to Ping Figure 57: Schedule Screen Data - Schedule Screen Day Session Start Time Use this NTP Current Time Figure 58: Virtual Servers IP Address seen by Internet Users Virtual Servers Screen Figure 59: Virtual Servers Screen Data - Virtual Servers Screen Servers Properties PC (Server) Page Appendix C - About VPNs VPN Policies Manual Auto VPN Policies Screen VPN Advanced Figure 60: VPN Policies Screen Data - VPN Policies Screen VPN Auto Policy Screen VPN Policies Figure 61: VPN-AutoPolicy Screen Data - VPN-AutoPolicy Screen General Policy Name Remote VPN NetBIOS Enable IKE Direction Exchange Mode Diffie-Hellman (DH) Group IPSec PFS (Per- fect Forward Secrecy) VPN- Manual Policy Screen Figure 62: VPN-ManualPolicy Screen Data - VPN-ManualPolicy Screen NETBIOS Enable ESP Configuration SPI Page VPN Status Screen Figure 63: VPN-StatusScreen Data - VPN Status Screen Tunnel Table Remote Endpoint Figure 64: SNMP Screen Data - SNMP Screen SNMP Service Enable SNMP support Advanced Administration PC Database Screen PC Database Figure 65: PC Database Data - PC Database Screen Known PCs Refresh Generate Re port PC Database - Advanced Figure 66: PC Database (Admin) Data - Advanced PC Database PC Properties Automatic Automatic discovery MAC address is Add as New Entry Update Se Config File Figure 67: Config File Screen Data - Config File Screen Backup Config Restore Config E-mail Figure 68: Logging Screen Data - Logging Screen Logs Log Data Include (Check boxes) ∙ Attempted access to blocked sites - If checked ∙ Connections to the Web-basedinterface of this Router operation Figure 69: E-mailScreen Data - E-mailScreen E-MailNotification Turn E-mail Notification on E-mailAlerts Send E-mail alerts immedi ately E-mailLogs Network Diagnostics Figure 70: Network Diagnostics Screen Data - Network Diagnostics Screen Ping this Ping Button Figure 71: Remote Administration Screen Data - Remote Administration Screen Remote Administration Enable Remote Management To connect from a remote PC via the Internet HTTP://123.123.123.123:8080 Overview Routing Screen Using this Screen Static Routing Table Figure 72: Routing Screen Data - Routing Screen RIP RIP Direction RIP Version Destination IP Address Gateway IP Address Metric Other Routers on the Local LAN Static Routing - Example Entry 2 (Segment 2) For Router A's Default Route For Router B's Default Route Figure 74: Router Upgrade Screen To perform the Firmware Upgrade: Modem Mode Figure 75: Home Screen - Modem Mode (ADW-4300 only) Status Figure 76: Mode Screen Data - Mode Screen Device Bridge Mode Figure 77: Status Screen - Bridge Mode Data - Status Screen (Bridge Mode) Associated Devices Associated Devices Troubleshooting Problem 2: Solution 2: Problem 1: My PC can't locate the Wireless Access Point Problem 2: Wireless connection speed is very slow Page About Wireless LANs(ADW-4300only) B Key WEP Authentication WPA PSK (Pre-sharedKey) WEP: WPA-PSK: Ad-hoc networks About VPNs Policies Policies VPN Configuration VPN Endpoint address Local & Remote LAN definition IKE parameters VPN Pass-through Figure 78: VPN Pass-through Client PC to VPN Gateway Figure 79: Client PC to VPN Server Connecting 2 LANs via VPN Figure 80: Connecting 2 VPN Gateways Figure 81: Connecting 2 ADE-4300/ADW-4300s Note Configuration Settings - Gateway A Figure 82: Gateway A Configuration Configuration Settings - Gateway B Figure 83: Gateway B Configuration Settings Setting LAN A Gateway Page Specifications Page FCC Statement FCC Radiation Exposure Statement CE Approval CE Standards CE Marking Warning