Internet Security Router User’s Manual Revision 1.1 Oct. 30, 2003
x 11.7.1 Main Mode Remote Access...118 11.7.2 Aggressive Mode Remote Access...
Internet Security Router User’s Manual Chapter 10. Configuring VPN 85 10 Configuring VPN The chapter contains instructions for configuring VPN conne
Chapter 10. Configuring VPN Internet Security Router User’s Manual 86 Name Encryption Algorithm Authentication Algorithm Diffie-Hellman Group Key Man
Internet Security Router User’s Manual Chapter 10. Configuring VPN 87 Default lifetime Default lifetime for the pre-configured IKE proposals and IPSe
Chapter 10. Configuring VPN Internet Security Router User’s Manual 88 Options Description VPN Connection Type Site to site Click this radio button to
Internet Security Router User’s Manual Chapter 10. Configuring VPN 89 Options Description Xauth (aggressive mode only) Xauth is a user ID and passwo
Chapter 10. Configuring VPN Internet Security Router User’s Manual 90 Options Description Pre-shared Key Specific Options PFS Group PFS stands for pe
Internet Security Router User’s Manual Chapter 10. Configuring VPN 91 10.3.1 Add a Rule for VPN Connection Using Pre-shared Key VPN Tunnel Configurat
Chapter 10. Configuring VPN Internet Security Router User’s Manual 92 7. Assign a priority for this rule by selecting a number from the “Move to” drop
Internet Security Router User’s Manual Chapter 10. Configuring VPN 93 10.4 Establish VPN Connection Using Manual Keys This section describes the step
xi 17 Index...149 List of Figures Figure 2.1. Front Panel LEDs...
Chapter 10. Configuring VPN Internet Security Router User’s Manual 94 5. Click on “Enable” or “Disable” radio button to enable or disable this rule. 6
Internet Security Router User’s Manual Chapter 10. Configuring VPN 95 1. Log into Configuration Manager as admin, click the VPN menu, and then click
Chapter 10. Configuring VPN Internet Security Router User’s Manual 96 Figure 10.3 shows all the parameters available for VPN connections. To see an up
Internet Security Router User’s Manual Chapter 10. Configuring VPN 97 10.6.1.1 Configure Rules on Internet Security Router 1 (ISR1) This section desc
Chapter 10. Configuring VPN Internet Security Router User’s Manual 98 Figure 10.5. Intranet VPN Policy Configuration on ISR1 Step 1: Configure VPN con
Internet Security Router User’s Manual Chapter 10. Configuring VPN 99 Refer to the section 10.3 Establish VPN Connection Using Automatic Keying to co
Chapter 10. Configuring VPN Internet Security Router User’s Manual 100 Field Value Mask 255.255.255.0 NAT None Action Allow VPN Enable Note: The ou
Internet Security Router User’s Manual Chapter 10. Configuring VPN 101 Internet 192.168.1.10 ISR1ISR2ADSL/Cable ModemADSL/Cable Modem192.16
Chapter 10. Configuring VPN Internet Security Router User’s Manual 102 5. Save the configuration. 10.6.2.2 Configure VPN Rules on ISR1 Step 1: Configu
Internet Security Router User’s Manual Chapter 10. Configuring VPN 103 Figure 10.9. Extranet Example – Outgoing NAT Pool Configuration on ISR1 2. Co
xii Figure 9.4 NAPT – Map Any Internal PCs to a Single Global IP Address...48 Figure 9.5 Reve
Chapter 10. Configuring VPN Internet Security Router User’s Manual 104 Figure 10.11. Extranet Example – Outbound ACL Rule on ISR1 2. Configure inboun
Internet Security Router User’s Manual Chapter 10. Configuring VPN 105 Refer to the section 10.3 Establish VPN Connection Using Automatic Keying to c
Chapter 10. Configuring VPN Internet Security Router User’s Manual 106 2. Configure incoming static NAT pool (reverse-static-NAT) for translating addr
Internet Security Router User’s Manual Chapter 10. Configuring VPN 107 Figure 10.17. Extranet Example – Inbound ACL Rule on ISR2 10.6.2.4 Establish
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 109 11 Configuring Remote Access 11.1 Remote Access The Internet Securi
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 110 Field Description User Name Enter a unique User name for the user th
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 111 6. If you want to add a user to this newly created group, continue w
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 112 3. Click on the button to delete this user group. Note that a user
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 113 Field Description Outbound Select this if this rule is for outbound
xiii Figure 10.4. Typical Intranet Network Diagram...
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 114 Figure 11.4. Login Console After a successful login, the screen appe
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 115 11.5 Configure Firewall for Remote Access Remote Access is usually u
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 116 2. Create an inbound group ACL rule (see Figure 11.8) to allow remote
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 117 5. An IP address (in the IP Address field) is automatically assigned
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 118 11.7 Configure VPN for Remote Access Remote Access VPN is used primar
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 119 Figure 11.12. Main Mode Remote Access Example – Configure the Virtu
Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 120 11.7.2 Aggressive Mode Remote Access Aggressive Mode remote access w
Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 121 3. Create a VPN policy for Richard and Gloria. The settings for this
Internet Security Router User’s Manual Chapter 12. System Management 123 12 System Management This chapter describes the following administrative ta
xiv Figure 12.5. Default Setting Configuration Page...1
Chapter 12. System Management Internet Security Router User’s Manual 124 12.2 Change the Login Password The first time you log into the Configuration
Internet Security Router User’s Manual Chapter 12. System Management 125 Figure 12.3. System Information Configuration Page 12.4 Setup Date and Time
Chapter 12. System Management Internet Security Router User’s Manual 126 address of time servers and the desired update interval. Select your time zon
Internet Security Router User’s Manual Chapter 12. System Management 127 12.5.2 Backup System Configuration Follow the steps below to backup system c
Chapter 12. System Management Internet Security Router User’s Manual 128 Figure 12.7. Restore System Configuration Page 2. Enter the path and name of
Internet Security Router User’s Manual Chapter 12. System Management 129 1. Log into Configuration Manager, click the System Management menu and then
Chapter 12. System Management Internet Security Router User’s Manual 130 12.8 Logout Configuration Manager To logout of Configuration Manager, click o
Internet Security Router User’s Manual Chapter 13. ALG Configuration 131 13 ALG Configuration Table 13.1 lists all the supported ALGs (Application L
Chapter 13. ALG Configuration Internet Security Router User’s Manual 132 ALG/Application Name Protocol and Port Predefined Service Name Tested Softwa
Internet Security Router User’s Manual Chapter 13. ALG Configuration 133 ALG/Application Name Protocol and Port Predefined Service Name Tested Softw
xv Table 9.10. Time Range Configuration Parameters...80 T
Internet Security Router User’s Manual Chapter 14. IP Addresses, Network Masks, and Subnets 135 14 IP Addresses, Network Masks, and Subnets 14.1 IP
Chapter 14. IP Addresses, Network Masks, and Subnets Internet Security Router User’s Manual 136 Class A networks are the Internet's largest netwo
Internet Security Router User’s Manual Chapter 14. IP Addresses, Network Masks, and Subnets 137 Class C: 255.255.255.0 These are called default becau
Internet Security Router User’s Manual Appendix 15. Troubleshooting 139 15 Troubleshooting This appendix suggests solutions for problems you may enc
Appendix 15. Troubleshooting Internet Security Router User’s Manual 140 Problem Troubleshooting Suggestion addresses within a predefined pool PCs ca
Internet Security Router User’s Manual Appendix 15. Troubleshooting 141 Figure 15.1. Using the ping Utility If the target computer cannot be located
Appendix 15. Troubleshooting Internet Security Router User’s Manual 142 Figure 15.2. Using the nslookup Utility There may be several addresses associ
Internet Security Router User’s Manual Appendix 16. Glossary 143 16 Glossary 10BASE-T A designation for the type of wiring used by Ethernet network
Appendix 16. Glossary Internet Security Router User’s Manual 144 element of URLs, which identify a specific file at a web site, e.g., http://www.asus.
Internet Security Router User’s Manual Appendix 16. Glossary 145 from 0 to 255, separated by periods, e.g., 209.191.4.240. An IP address consists of
Appendix 16. Glossary Internet Security Router User’s Manual 146 between your ISP and your computer. The WAN interface on the Internet Security Router
Internet Security Router User’s Manual Appendix 16. Glossary 147 twisted pair The ordinary copper telephone wiring long used by telephone companies.
Internet Security Router User’s Manual Appendix 16. Glossary 149 17 Index 100BASE-T, 143 10BASE-T, 143 ADSL, 143 authenticate, 143 Binary numbers,
Appendix 17. Index Internet Security Router User’s Manual 150 Inbound ACL Configuration page, 49 Internet, 144 troubleshooting access to, 139 Intranet
Internet Security Router User’s Manual Appendix 17. Index 151 Routing Configuration, 37 Setup Wizard, 15, 23 User Password Configuration, 124 WAN Sta
Internet Security Router User’s Manual Chapter 1. Introduction 1 Introduction Congratulations on becoming the owner of the Internet Security Router.
Chapter 1. Introduction Internet Security Router User’s Manual 2 Note Provides clarification or non-essential information on the current topic. Def
Internet Security Router User’s Manual Chapter 2. Getting to Know the Internet Security Router 3 2 Getting to Know the Internet Security Router 2.1
ii Copyright Information No part of this manual, including the products and software described in it, may be reproduced, transmitted, transcribed, st
Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 4 Table 2.2. Rear Panel Labels and LEDs Label Function
Internet Security Router User’s Manual Chapter 2 Getting to Know the Internet Security Router 5 „ Reverse Static – This is inbound mapping that maps
Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 6 Flooder Port Scans TCP XMAS Scan, TCP Null Scan TCP S
Internet Security Router User’s Manual Chapter 2 Getting to Know the Internet Security Router 7 „ Alerts sent to the administrator via e-mail. „ Mai
Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 8 „ Remote Access VPN – Corporations use VPN to establi
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 9 3 Quick Start Guide This Quick Start Guide provides basic instructions for con
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 10 3.1.4 Step 4. Turn on the Internet Security Router, the ADSL or cable modem and
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 11 If the LEDs illuminate as expected, the Internet Security Router hardware is
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 12 You may be prompted to install files from your Windows 2000 installation CD or
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 13 1. In the Windows NT task bar, click the <Start> button, point to Settin
iii Table of Contents 1 Introduction...1 1.1 Features...
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 14 3.3 Part 3 — Quick Configuration of the Internet Security Router In Part 3, you
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 15 3. Enter your user name and password, and then click to enter the Configurat
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 16 5. Now we are at the System Information setup page; enter the requested informa
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 17 Figure 3.7. Setup Wizard – LAN IP Configuration Page Figure 3.8. Setup Wizar
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 18 Figure 3.9. Setup Wizard – WAN PPPoE Configuration Page Figure 3.10. Setup
Internet Security Router User’s Manual Chapter 3. Quick Start Guide 19 • Host name is optional. You may leave it empty if your ISP did not provide s
Chapter 3. Quick Start Guide Internet Security Router User’s Manual 20 • Enter at lease the primary DNS IP address provided by your ISP. Secondary DN
Internet Security Router User’s Manual Chapter 4. Getting Started with the Configuration Manager 21 4 Getting Started with the Configuration Manager
Chapter 4. Getting Started with the Configuration Manager Internet Security Router User’s Manual 22 Note You can change the password at any time (see
Internet Security Router User’s Manual Chapter 4. Getting Started with the Configuration Manager 23 Button/Icon Function Adds the existing configura
iv 3.1.4 Step 4. Turn on the Internet Security Router, the ADSL or cable modem and power up your computers...
Chapter 4. Getting Started with the Configuration Manager Internet Security Router User’s Manual 24 Figure 4.4. System Information Page
Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 25 5 Configuring LAN Settings This chapter describes how to configure LAN
Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 26 Figure 5.1. LAN IP Address Configuration Page 2. Enter a LAN IP address
Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 27 On a DHCP-enabled network, the IP information is assigned dynamically r
Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 28 enter the LAN IP or your ISP’s DNS IP in the primary DNS Server IP Addre
Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 29 5.3 DNS 5.3.1 About DNS Domain Name System (DNS) servers map the user-
Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 30 2. Configure the LAN PCs to use the IP addresses assigned by the DHCP se
Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 31 6 Configuring WAN Settings This chapter describes how to configure WAN
Chapter 6. Configuring WAN Settings Internet Security Router User’s Manual 32 Table 6.1. WAN PPPoE Configuration Parameters Setting Description Host
Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 33 Field Description Host Name Host name is optional but may be required
v 5.3.2 Assigning DNS Addresses...29 5.3.3 Configuring DNS Relay...
Chapter 6. Configuring WAN Settings Internet Security Router User’s Manual 34 6.4 Static IP 6.4.1 WAN Static IP Configuration Parameters Table 6.3 des
Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 35 5. Enter the IP address of the primary DNS server. This information sho
Internet Security Router User’s Manual Chapter 7. Configuring Routes 37 7 Configuring Routes You can use Configuration Manager to define specific ro
Chapter 7. Configuring Routes Internet Security Router User’s Manual 38 7.2 Dynamic Routing using RIP (Routing Information Protocol) RIP enables routi
Internet Security Router User’s Manual Chapter 7. Configuring Routes 39 2. Click to delete the selected route. WARNING Do not remove the route for
Internet Security Router User’s Manual Chapter 8. Configuring DDNS 41 8 Configuring DDNS Dynamic DNS is a service that allows computers to use the s
Chapter 8. Configuring DDNS Internet Security Router User’s Manual 42 Internet ISRHTTP DDNS Server(DynDNS, TokyoDNS)DynDNSsl1000.homeunix.comTokyo
Internet Security Router User’s Manual Chapter 8. Configuring DDNS 43 Field Description HTTP DDNS Specific Settings DDNS Service [For HTTP DDNS only
vi 9 Configuring Firewall/NAT Settings...45 9.1 Firewall Overview...
Chapter 8. Configuring DDNS Internet Security Router User’s Manual 44 4. In the DDNS Configuration page, select “Enable” for the DDNS State and “RFC-2
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 45 9 Configuring Firewall/NAT Settings The Internet Security Rou
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 46 9.1.3.2 Tracking Connection State The stateful inspection engin
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 47 Figure 9.1 Static NAT – Mapping Four Private IP Addresses to
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 48 9.2.3 NAPT (Network Address and Port Translation) or PAT (Port
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 49 9.2.4 Reverse Static NAT Reverse static NAT maps a globally va
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 50 Field Description ID Add New Click on this option to add a new
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 51 Field Description IP Address, Subnet, Range and IP Pool Selec
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 52 Field Description associate with an inbound ACL rule. Time Ran
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 53 4. Make changes to any or all of the following fields: source/
vii 9.5.5 Delete an URL Filter Rule...59 9.5.6 View Configured URL Filter Rul
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 54 Figure 9.9. Outbound ACL Configuration Page 9.4.1 Outbound AC
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 55 Field Description network. IP Address This option allows you
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 56 Field Description Single, Range Select any of these and enter
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 57 9.4.3 Add an Outbound ACL Rule To add an outbound ACL rule, fo
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 58 4. Click on the button to modify this ACL rule. The new setti
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 59 Figure 9.11. URL Filter Configuration Page 9.5.3 Add an URL F
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 60 proxy web server is used. If you don’t use a proxy server for y
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 61 Figure 9.13. Self Access Rule Configuration Page 9.6.1.1 Self
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 62 2. Select “Add New” from the Self Access rule drop-down list. 3
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 63 Figure 9.14. Service List Configuration Page 9.6.2.1 Service
viii 9.7.2.2 Access IP Pool Configuration Page – (Firewall è Policy List è IP Pool)...
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 64 5. Click on the button to create the new service. The new ser
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 65 Field Description to get into a "stuck state" where
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 66 Field Description Minimum IP Fragment Size Enter the Minimum s
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 67 „ NAT Pools – This option allows you to configure NAT Pools th
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 68 Field Description CWD Allow or deny of change directory. LIST
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 69 Figure 9.16. Application Filter Configuration Page 9.7.1.3 Ad
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 70 Figure 9.18. FTP Filter Example – Configuring FTP Filter Rule
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 71 Figure 9.21. FTP Filter Example – Associate FTP Filter Rule t
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 72 7. Check the web application files to block – in this example,
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 73 Figure 9.24. Modify an Application Filter 9.7.1.5 Delete an A
ix 10.4.4 Display VPN Rules...94 10.5 VPN Statistics...
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 74 Field Description IP Address Enter the IP Address. 9.7.2.2 Acc
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 75 2. Click on the icon of the IP pool to be modified in the IP
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 76 Figure 9.27. IP Pool Example – Add Two IP Pools – MISgroup1 an
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 77 Field Description Static Select this type of NAT to set a one
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 78 9.7.3.3 Add a NAT Pool To add a NAT Pool, follow the instructio
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 79 10.64.2.0/24 ISRStatic NAT PoolLAN Port192.168.1.1WAN Port
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 80 Figure 9.32. NAT Pool Example – Associate a NAT Pool to an ACL
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 81 9.7.4.2 Access Time Range Configuration Page – (Firewall è Pol
Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 82 5. Click on the button to save the new settings. 9.7.4.5 Del
Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 83 9.8 Firewall Statistics – Firewall è Statistics The Firewall S
Comments to this Manuals