Manuals
/
TRENDnet
/
Computer Equipment
/
Network Router
TRENDnet
BRV204 manual Password Dialog, Security Configuration
Models:
BRV204
1
57
146
146
Download
146 pages
58.45 Kb
54
55
56
57
58
59
60
61
<
>
Troubleshooting
Specification
Install
Warranty
Configuration & Management
Other Modems e.g. Broadband Wireless
Issuer Name
Reset Button
Diagnostics
Setup
Page 57
Image 57
Security Configuration
Figure 35: Password Dialog
Enter the "User Name" and "Password" you set on the
Admin Login
screen above.
53
Page 56
Page 58
Page 57
Image 57
Page 56
Page 58
Contents
Page
Page
TW100-BRV204 Features
Table of Contents
Package Contents
CHAPTER 2 INSTALLATION
Server Setup
VPN Configuration
Windows Client Setup
CHAPTER 10 OTHER FEATURES & SETTINGS
Internet Access Features
TW100-BRV204 Features
Introduction
Chapter
LAN Features
Configuration & Management
Advanced Internet Functions
Security Features
Package Contents
IPSec VPN Gateway Features
Microsoft VPN Gateway Support
Front-mounted LEDs
Physical Details
Power
Figure 2 Front Panel
Rear Panel
Using the DMZ Port
Reset Button
To Clear All Data and restore the factory default values
Advantages of the DMZ Port
Procedure
Installation
Requirements
This Chapter covers the physical installation of the TW100-BRV204
4. Power Up
3. Connect WAN Cable
5. Check the LEDs
Overview
Setup
This Chapter provides Setup details of the TW100-BRV204
Chapter
Preparation
Configuration Program
Using your Web Browser
Figure 5 Password Dialog
If you cant connect
TW100-BRV204 User’s Guide
Common Connection Types
Setup Wizard
Type
Details
Big Pond Cable Australia
Other Modems e.g. Broadband Wireless
SingTel RAS
Type
Home Screen
Navigation & Data Input
Figure 6 Home Screen
Save Cancel
LAN Screen
Figure 7 LAN Screen
TCP/IP
Using the TW100-BRV204 s DHCP Server
DHCP
Using another DHCP Server
To Configure your PCs to use DHCP
TCP/IP Settings - Overview
PC Configuration
Windows Clients
Chapter
Using DHCP
Checking TCP/IP Settings - Windows 9x/ME
Using Specify an IP Address
Figure 8 Network Configuration
Figure 10 Gateway Tab Win 95/98
Figure 11 DNS Tab Win 95/98
TW100-BRV204 User Guide
PC Configuration
Checking TCP/IP Settings - Windows NT4.0
Figure 12 Windows NT4.0 - TCP/IP
Figure 13 Windows NT4.0 - IP Address
Obtain an IP address from a DHCP Server
Specify an IP Address
Figure 14 - Windows NT4.0 - Add Gateway
Figure 15 Windows NT4.0 - DNS
PC Configuration
Figure 16 Network Configuration Win
Checking TCP/IP Settings - Windows
1. Select Control Panel - Network and Dial-up Connection
Figure 17 TCP/IP Properties Win
Using a fixed IP Address Use the following IP Address
Using DHCP
Checking TCP/IP Settings - Windows XP
Figure 18 Network Configuration Windows XP
1. Select Control Panel - Network Connection
Using DHCP
Using a fixed IP Address Use the following IP Address
Figure 19 TCP/IP Properties Windows XP
Accessing AOL
Internet Access
1. Select Start Menu - Settings - Control Panel - Internet Options
2. Select Set up or change your Internet Connection
Linux Clients
Macintosh Clients
Other Unix Systems
Ensure you are logged in as root before attempting any changes
Operation
Operation and Status
Status Screen
Chapter
Connection Method
Internet
Broadband Modem
Internet Connection
Figure 21 PPPoE Status Screen
Connection Status - PPPoE
Connection
Physical Address
Connect
Buttons
Disconnect
Clear Log
Figure 22 PPTP Status Screen
Connection Status - PPTP
Connection
Physical Address
Clear Log
Connection Status - Telstra Big Pond
Refresh
Figure 23 Telstra Big Pond Status Screen
Default Gateway
Connection Details - SingTel RAS
Connection Log
Connection Log
DNS IP Address DHCP Client
Buttons
Release/Renew Button will display EITHER Release OR Renew Refresh
Physical Address IP Address Network Mask Default Gateway
Connection Details - Fixed/Dynamic IP Address
Figure 25 Connection Details - Fixed/Dynamic IP Address
Internet
Update the data shown on screen
Refresh
Operation and Status
The following advanced features are provided WAN Port Configuration
Internet Features
Chapter
Overview
Figure 26 WAN Port Configuration Screen
WAN Port Configuration
Identification
Hostname
Disable NAT
Enable NAT
Disabling NAT will disable Internet access, unless all PCs have
Login
Communication Applications
Advanced Internet
Figure 27 Internet Screen
Communication Applications
Use this to Enable or Disable this Special Application as required
Special Applications
Figure 28 Special Applications Screen
Checkbox
Using a Special Application
Multi-DMZ
Incoming Ports
Outgoing Ports
URL Filter Screen
URL Filter
Figure 29 URL Filter Screen
Filter Strings
Dynamic DNS Screen
Dynamic DNS Domain Name Server
The Service works as follows
DDNS Service
DDNS Data
DDNS Service User Name Password/Key Domain Name DDNS Status
Virtual Servers
IP Address seen by Internet Users
Figure 31 Virtual Servers
Virtual Servers Screen
Connecting to the Virtual Servers
Defining your own Virtual Servers
Enable
Backup DNS
Options
Figure 33 Options Screen
IP Address
Admin Login
Security Configuration
Figure 34 Admin Login Screen
Chapter
Security Configuration
Figure 35 Password Dialog
Access Control Screen
Access Control
If required, you can also define your own Services
Figure 36 Access Control Screen
Services
Internet Access
Cancel
Members Button
Group Members Screen
Access Control Log
PCs not assigned to any group will be in the Default group
PCs deleted from any other Group will be added to the Default group
Firewall Rules Screen
Firewall Rules
This feature is for advanced administrators only
Figure 38 Firewall Rules Screen
Data Add Edit Move Delete View Log System Rules
Figure 39 Define Firewall Rule
Define Firewall Rule
Name
Type
Services
Dest IP
Action
Enable Logs
Logs
Data - Logs Screen
Figure 40 Logs Screen
System Log
Enable Syslog
Router operations start up, get time etc - This option will log
Connections to the Web - based interface of this Router - This
Figure 41 E-Mail Screen
E-mail
E-Mail Alerts
Send E-Mail alert
Subject
default value is
Enter the text string to be shown in the Subject field for the E
mail
Enable DoS Firewall Threshold
Security Options
Data - Security Options Screen
Figure 42 Security Options Screen
Respond to ICMP ping Allow VPN pass- through
Options
Drop fragmented IP packets Block TCP Flood Block UDP Flood
Block non- standard packets
Define Schedule Screen
Scheduling
Enter the start using a 24 hr clock
Enter the finish time using a 24 hr clock
Figure 44 Services Screen
Services
Available Services
Available Services
IPSec
VPN IPSec
The TW100-BRV204 does NOT support Transport Mode
The TW100-BRV204 always uses Tunnel Mode
Policies
VPN Configuration
VPN Endpoint
address
VPN Pass-through
Common VPN Situations
Client PC to VPN Gateway
Figure 45 VPN Pass-through
Figure 47 Connecting 2 VPN Gateways
Connecting 2 LANs via VPN
VPN Policies Screen
VPN Configuration
Enable
Figure 48 VPN Policies Screen
Enable/Disable
Adding a New Policy
Move
Copy
Policy Name Enable Policy Allow NetBIOS traffic Remote VPN Endpoint
General Settings
Figure 50 VPN Wizard - General Screen
Keys
Figure 51 VPN Wizard - Traffic Selector Screen
Local IP addresses
Type
Type
Remote IP addresses
Figure 52 VPN Wizard - Manual Key Exchange Screen
Manually assigned Keys
tion is enabled
ESP Authentication
ESP Encryption
Encryption Algorithm
IKE Phase
Figure 53 VPN Wizard - IKE Phase 1 Screen
IKE Phase 1 IKE SA
Authentication
Authentication
Algorithm
Encryption
IKE Phase 2 IPsec SA
Figure 54 VPN Wizard - IKE Phase 2 Screen
AH Authentication
ESP Authentication
Click Next to view the final screen
For IKE, configuration is now complete
Figure 55 VPN Wizard - Final Screen
TW100-BRV204 User Guide
VPN Examples
Example 1 Connecting 2 TW100-BRV204 s
Figure 56 Connecting 2 TW100-BRV204 s
Setting
IPSec SA Parameters
Setting
Example 2 Windows 2000/XP Client to LAN
Figure 57 Windows 2000/XP Client to TW100-BRV204
Value
Figure 58 Windows 2000/XP - Local Security Settings
Windows Client Configuration
Deselect Activate the default response rule. Click Next
IPSec SA Parameters
Figure 60 IP Filter List
Figure 59 Windows 2000/XP - Policy Properties
Figure 61 Filter Properties Addressing
8. Enter the Source IP address and the Destination IP address
Figure 62 New Rule Properties IP Filter List
Figure 64 Require Security Properties
Figure 63 New Rule Properties Filter Action
12. Select Negotiate security this selects IKE, then click Add
Microsoft VPN
Windows Setting
VPN Setting
Figure 65 Modify Security Method
Figure 66 Require Security Properties
Figure 68 Authentication Method
Figure 67 Tunnel Setting
Figure 70 Windows 2000/XP Client to TW100-BRV204
Figure 69 Windows 2000/XP Client to TW100-BRV204
22. Click OK to save your changes, then Close
Figure 71 Filter Properties Addressing
Figure 72 Filter List
Microsoft VPN
Figure 74 Security Methods
Figure 73 Filter Action
Figure 75 Modify Security Method
Figure 76 Tunnel Setting
Figure 78 DUT to Win2K Properties
Figure 77 Authentication Method
31. Select the General tab
TW100-BRV204 User Guide
Figure 79 Properties - General Tab
Figure 80 Key Exchange Settings
32. Click the Advanced button to see the screen below
33. Click the Methods button to see the screen below
Figure 81 Key Exchange Security Methods
Configuration is now complete
Figure 82 IKE Security Algorithms
Figure 83 Windows 2000/XP Client to TW100-BRV204
Setting
Example 3 Windows 2000 Server to VPN Gateway
Figure 84 TW100-BRV204 to Windows 2000 Server
Single Client
Figure 85 Windows 2000 Server - Addressing
Windows 2000 Server Configuration
Trusted Certificates
Certificates
Requesting a Trusted Certificate
Issuer Name
Issuer Name
Self Certificates
Figure 87 Add Trusted Certificate
Figure 88 Self Certificates Screen
Delete button
Requesting a Self Certificate
Self Certificate Requests
Request List
Subject Name
Name
Hash Algorithm
Signature Algorithm
CRLs
To add a New CRL
Figure 91 Upload Self Certificate
Figure 92 Certificate Revocation Lists
Status
Figure 93 Upload CRL
Figure 94 VPN Status Screen
Policy Name
VPN Status
SA Type
VPN Endpoint
Microsoft VPN
Server Setup
Chapter
Overview
Enable
Client Database
Authentication
PPTP Server
Login Password
Login Name
Verify Password
Update Selected
Status Screen
This indicates whether or not the PPTP VPN Server is enabled
Figure 97 Microsoft VPN Status Screen
Server Status
Windows 98/ME
Windows Client Setup
1. Click Start - Settings - Dial-up Networking
2. Select Make New Connection
2. Select Start - Settings - Dial-up Networking
To establish a connection
Windows ME VPN Dialing Properties
Windows
Figure 100 Windows 2000 Network Connection
Figure 101 Windows 2000 Public Network
Click Next to continue
Figure 102 Windows 2000 VPN Host
Figure 103 Windows 2000 Connection Availability
Microsoft VPN
Figure 104 Windows 2000 Finish Wizard
Windows XP
Figure 105 Windows XP Network Connection Type
Figure 106 Windows XP Network Connection
4. Enter a suitable name for this connection. Click Next to continue
Figure 107 Windows XP Connection Name
Figure 108 Windows XP Public Network
Figure 109 Windows XP VPN Server
Changing the connection settings
To establish a connection
Figure 110 Windows XP Connection Availability
Config File
Other Features & Settings
Diagnostics
Remote Admin
Config File
Data - Config File Screen
Figure 111 Config File Screen
Figure 112 Network Diagnostics Screen
Network Diagnostics
Ping
IP Address
PC Database
PC Database Screen
Figure 113 PC Database
Known PCs
Administration
Name
IP Address
Figure 114 PC Database Admin
PC Database Admin
Known PCs
PC Properties
Buttons
Update Selected
Add as New
Entry
Figure 115 Remote Administration Screen
Remote Administration
Settings
Enable
To connect from a remote PC via the Internet
Access
Port Number
Allow Remote
Overview
Routing
Routing Screen
Open Routing and Remote Access
Data - Routing Screen
Enable RIP
Figure 116 Routing Screen
Static Routing
Save Add Update Delete Clear Form Generate Report
Configuring Other Routers on your LAN
Properties
Buttons
Other Routers on the Local LAN
Static Routing - Example
For the TW100-BRV204 s Routing Table
Figure 117 Routing Example
For Router As Default Route
For Router Bs Default Route
Other Features and Settings
Figure 118 Upgrade Firmware Screen
Upgrade Firmware
Upgrade Firmware
Password
Enable UPnP Services Allow Configu ration
UPnP
Allow Internet access to be disabled
Figure 119 UPnP Screen
General Problems
Troubleshooting
Internet Access
Appendix A
It is a security risk, since the firewall is disabled
Appendix B Specifications
TW100-BRV204
FCC Statement
FCC Radiation Exposure Statement
CE Marking Warning
TW100-BRV204 - 5 Years Warranty
Limited Warranty
Technical Support
TRENDware Technical Support Tel +1-310-891-1100 Fax +1-310-8911111
E-mail support@trendware.com
TW100-BRV204 User Guide