Asus SL1000 User Manual

Internet Security Router User’s Manual Revision 1.1 Oct. 30, 2003

x 11.7.1 Main Mode Remote Access...118 11.7.2 Aggressive Mode Remote Access...

Internet Security Router User’s Manual Chapter 10. Configuring VPN 85 10 Configuring VPN The chapter contains instructions for configuring VPN conne

Chapter 10. Configuring VPN Internet Security Router User’s Manual 86 Name Encryption Algorithm Authentication Algorithm Diffie-Hellman Group Key Man

Internet Security Router User’s Manual Chapter 10. Configuring VPN 87 Default lifetime Default lifetime for the pre-configured IKE proposals and IPSe

Chapter 10. Configuring VPN Internet Security Router User’s Manual 88 Options Description VPN Connection Type Site to site Click this radio button to

Internet Security Router User’s Manual Chapter 10. Configuring VPN 89 Options Description Xauth (aggressive mode only) Xauth is a user ID and passwo

Chapter 10. Configuring VPN Internet Security Router User’s Manual 90 Options Description Pre-shared Key Specific Options PFS Group PFS stands for pe

Internet Security Router User’s Manual Chapter 10. Configuring VPN 91 10.3.1 Add a Rule for VPN Connection Using Pre-shared Key VPN Tunnel Configurat

Chapter 10. Configuring VPN Internet Security Router User’s Manual 92 7. Assign a priority for this rule by selecting a number from the “Move to” drop

Internet Security Router User’s Manual Chapter 10. Configuring VPN 93 10.4 Establish VPN Connection Using Manual Keys This section describes the step

xi 17 Index...149 List of Figures Figure 2.1. Front Panel LEDs...

Chapter 10. Configuring VPN Internet Security Router User’s Manual 94 5. Click on “Enable” or “Disable” radio button to enable or disable this rule. 6

Internet Security Router User’s Manual Chapter 10. Configuring VPN 95 1. Log into Configuration Manager as admin, click the VPN menu, and then click

Chapter 10. Configuring VPN Internet Security Router User’s Manual 96 Figure 10.3 shows all the parameters available for VPN connections. To see an up

Internet Security Router User’s Manual Chapter 10. Configuring VPN 97 10.6.1.1 Configure Rules on Internet Security Router 1 (ISR1) This section desc

Chapter 10. Configuring VPN Internet Security Router User’s Manual 98 Figure 10.5. Intranet VPN Policy Configuration on ISR1 Step 1: Configure VPN con

Internet Security Router User’s Manual Chapter 10. Configuring VPN 99 Refer to the section 10.3 Establish VPN Connection Using Automatic Keying to co

Chapter 10. Configuring VPN Internet Security Router User’s Manual 100 Field Value Mask 255.255.255.0 NAT None Action Allow VPN Enable Note: The ou

Internet Security Router User’s Manual Chapter 10. Configuring VPN 101 Internet 192.168.1.10 ISR1ISR2ADSL/Cable ModemADSL/Cable Modem192.16

Chapter 10. Configuring VPN Internet Security Router User’s Manual 102 5. Save the configuration. 10.6.2.2 Configure VPN Rules on ISR1 Step 1: Configu

Internet Security Router User’s Manual Chapter 10. Configuring VPN 103 Figure 10.9. Extranet Example – Outgoing NAT Pool Configuration on ISR1 2. Co

xii Figure 9.4 NAPT – Map Any Internal PCs to a Single Global IP Address...48 Figure 9.5 Reve

Chapter 10. Configuring VPN Internet Security Router User’s Manual 104 Figure 10.11. Extranet Example – Outbound ACL Rule on ISR1 2. Configure inboun

Internet Security Router User’s Manual Chapter 10. Configuring VPN 105 Refer to the section 10.3 Establish VPN Connection Using Automatic Keying to c

Chapter 10. Configuring VPN Internet Security Router User’s Manual 106 2. Configure incoming static NAT pool (reverse-static-NAT) for translating addr

Internet Security Router User’s Manual Chapter 10. Configuring VPN 107 Figure 10.17. Extranet Example – Inbound ACL Rule on ISR2 10.6.2.4 Establish

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 109 11 Configuring Remote Access 11.1 Remote Access The Internet Securi

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 110 Field Description User Name Enter a unique User name for the user th

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 111 6. If you want to add a user to this newly created group, continue w

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 112 3. Click on the button to delete this user group. Note that a user

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 113 Field Description Outbound Select this if this rule is for outbound

xiii Figure 10.4. Typical Intranet Network Diagram...

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 114 Figure 11.4. Login Console After a successful login, the screen appe

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 115 11.5 Configure Firewall for Remote Access Remote Access is usually u

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 116 2. Create an inbound group ACL rule (see Figure 11.8) to allow remote

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 117 5. An IP address (in the IP Address field) is automatically assigned

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 118 11.7 Configure VPN for Remote Access Remote Access VPN is used primar

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 119 Figure 11.12. Main Mode Remote Access Example – Configure the Virtu

Chapter 11. Configuring Remote Access Internet Security Router User’s Manual 120 11.7.2 Aggressive Mode Remote Access Aggressive Mode remote access w

Internet Security Router User’s Manual Chapter 11. Configuring Remote Access 121 3. Create a VPN policy for Richard and Gloria. The settings for this

Internet Security Router User’s Manual Chapter 12. System Management 123 12 System Management This chapter describes the following administrative ta

xiv Figure 12.5. Default Setting Configuration Page...1

Chapter 12. System Management Internet Security Router User’s Manual 124 12.2 Change the Login Password The first time you log into the Configuration

Internet Security Router User’s Manual Chapter 12. System Management 125 Figure 12.3. System Information Configuration Page 12.4 Setup Date and Time

Chapter 12. System Management Internet Security Router User’s Manual 126 address of time servers and the desired update interval. Select your time zon

Internet Security Router User’s Manual Chapter 12. System Management 127 12.5.2 Backup System Configuration Follow the steps below to backup system c

Chapter 12. System Management Internet Security Router User’s Manual 128 Figure 12.7. Restore System Configuration Page 2. Enter the path and name of

Internet Security Router User’s Manual Chapter 12. System Management 129 1. Log into Configuration Manager, click the System Management menu and then

Chapter 12. System Management Internet Security Router User’s Manual 130 12.8 Logout Configuration Manager To logout of Configuration Manager, click o

Internet Security Router User’s Manual Chapter 13. ALG Configuration 131 13 ALG Configuration Table 13.1 lists all the supported ALGs (Application L

Chapter 13. ALG Configuration Internet Security Router User’s Manual 132 ALG/Application Name Protocol and Port Predefined Service Name Tested Softwa

Internet Security Router User’s Manual Chapter 13. ALG Configuration 133 ALG/Application Name Protocol and Port Predefined Service Name Tested Softw

xv Table 9.10. Time Range Configuration Parameters...80 T

Internet Security Router User’s Manual Chapter 14. IP Addresses, Network Masks, and Subnets 135 14 IP Addresses, Network Masks, and Subnets 14.1 IP

Chapter 14. IP Addresses, Network Masks, and Subnets Internet Security Router User’s Manual 136 Class A networks are the Internet's largest netwo

Internet Security Router User’s Manual Chapter 14. IP Addresses, Network Masks, and Subnets 137 Class C: 255.255.255.0 These are called default becau

Internet Security Router User’s Manual Appendix 15. Troubleshooting 139 15 Troubleshooting This appendix suggests solutions for problems you may enc

Appendix 15. Troubleshooting Internet Security Router User’s Manual 140 Problem Troubleshooting Suggestion addresses within a predefined pool PCs ca

Internet Security Router User’s Manual Appendix 15. Troubleshooting 141 Figure 15.1. Using the ping Utility If the target computer cannot be located

Appendix 15. Troubleshooting Internet Security Router User’s Manual 142 Figure 15.2. Using the nslookup Utility There may be several addresses associ

Internet Security Router User’s Manual Appendix 16. Glossary 143 16 Glossary 10BASE-T A designation for the type of wiring used by Ethernet network

Appendix 16. Glossary Internet Security Router User’s Manual 144 element of URLs, which identify a specific file at a web site, e.g., http://www.asus.

Internet Security Router User’s Manual Appendix 16. Glossary 145 from 0 to 255, separated by periods, e.g., 209.191.4.240. An IP address consists of

Appendix 16. Glossary Internet Security Router User’s Manual 146 between your ISP and your computer. The WAN interface on the Internet Security Router

Internet Security Router User’s Manual Appendix 16. Glossary 147 twisted pair The ordinary copper telephone wiring long used by telephone companies.

Internet Security Router User’s Manual Appendix 16. Glossary 149 17 Index 100BASE-T, 143 10BASE-T, 143 ADSL, 143 authenticate, 143 Binary numbers,

Appendix 17. Index Internet Security Router User’s Manual 150 Inbound ACL Configuration page, 49 Internet, 144 troubleshooting access to, 139 Intranet

Internet Security Router User’s Manual Appendix 17. Index 151 Routing Configuration, 37 Setup Wizard, 15, 23 User Password Configuration, 124 WAN Sta

Internet Security Router User’s Manual Chapter 1. Introduction 1 Introduction Congratulations on becoming the owner of the Internet Security Router.

Chapter 1. Introduction Internet Security Router User’s Manual 2 Note Provides clarification or non-essential information on the current topic. Def

Internet Security Router User’s Manual Chapter 2. Getting to Know the Internet Security Router 3 2 Getting to Know the Internet Security Router 2.1

ii Copyright Information No part of this manual, including the products and software described in it, may be reproduced, transmitted, transcribed, st

Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 4 Table 2.2. Rear Panel Labels and LEDs Label Function

Internet Security Router User’s Manual Chapter 2 Getting to Know the Internet Security Router 5 „ Reverse Static – This is inbound mapping that maps

Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 6 Flooder Port Scans TCP XMAS Scan, TCP Null Scan TCP S

Internet Security Router User’s Manual Chapter 2 Getting to Know the Internet Security Router 7 „ Alerts sent to the administrator via e-mail. „ Mai

Chapter 2. Getting to Know the Internet Security Router Internet Security Router User’s Manual 8 „ Remote Access VPN – Corporations use VPN to establi

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 9 3 Quick Start Guide This Quick Start Guide provides basic instructions for con

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 10 3.1.4 Step 4. Turn on the Internet Security Router, the ADSL or cable modem and

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 11 If the LEDs illuminate as expected, the Internet Security Router hardware is

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 12 You may be prompted to install files from your Windows 2000 installation CD or

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 13 1. In the Windows NT task bar, click the <Start> button, point to Settin

iii Table of Contents 1 Introduction...1 1.1 Features...

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 14 3.3 Part 3 — Quick Configuration of the Internet Security Router In Part 3, you

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 15 3. Enter your user name and password, and then click to enter the Configurat

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 16 5. Now we are at the System Information setup page; enter the requested informa

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 17 Figure 3.7. Setup Wizard – LAN IP Configuration Page Figure 3.8. Setup Wizar

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 18 Figure 3.9. Setup Wizard – WAN PPPoE Configuration Page Figure 3.10. Setup

Internet Security Router User’s Manual Chapter 3. Quick Start Guide 19 • Host name is optional. You may leave it empty if your ISP did not provide s

Chapter 3. Quick Start Guide Internet Security Router User’s Manual 20 • Enter at lease the primary DNS IP address provided by your ISP. Secondary DN

Internet Security Router User’s Manual Chapter 4. Getting Started with the Configuration Manager 21 4 Getting Started with the Configuration Manager

Chapter 4. Getting Started with the Configuration Manager Internet Security Router User’s Manual 22 Note You can change the password at any time (see

Internet Security Router User’s Manual Chapter 4. Getting Started with the Configuration Manager 23 Button/Icon Function Adds the existing configura

iv 3.1.4 Step 4. Turn on the Internet Security Router, the ADSL or cable modem and power up your computers...

Chapter 4. Getting Started with the Configuration Manager Internet Security Router User’s Manual 24 Figure 4.4. System Information Page

Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 25 5 Configuring LAN Settings This chapter describes how to configure LAN

Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 26 Figure 5.1. LAN IP Address Configuration Page 2. Enter a LAN IP address

Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 27 On a DHCP-enabled network, the IP information is assigned dynamically r

Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 28 enter the LAN IP or your ISP’s DNS IP in the primary DNS Server IP Addre

Internet Security Router User’s Manual Chapter 5. Configuring LAN Settings 29 5.3 DNS 5.3.1 About DNS Domain Name System (DNS) servers map the user-

Chapter 5. Configuring LAN Settings Internet Security Router User’s Manual 30 2. Configure the LAN PCs to use the IP addresses assigned by the DHCP se

Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 31 6 Configuring WAN Settings This chapter describes how to configure WAN

Chapter 6. Configuring WAN Settings Internet Security Router User’s Manual 32 Table 6.1. WAN PPPoE Configuration Parameters Setting Description Host

Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 33 Field Description Host Name Host name is optional but may be required

v 5.3.2 Assigning DNS Addresses...29 5.3.3 Configuring DNS Relay...

Chapter 6. Configuring WAN Settings Internet Security Router User’s Manual 34 6.4 Static IP 6.4.1 WAN Static IP Configuration Parameters Table 6.3 des

Internet Security Router User’s Manual Chapter 6. Configuring WAN Settings 35 5. Enter the IP address of the primary DNS server. This information sho

Internet Security Router User’s Manual Chapter 7. Configuring Routes 37 7 Configuring Routes You can use Configuration Manager to define specific ro

Chapter 7. Configuring Routes Internet Security Router User’s Manual 38 7.2 Dynamic Routing using RIP (Routing Information Protocol) RIP enables routi

Internet Security Router User’s Manual Chapter 7. Configuring Routes 39 2. Click to delete the selected route. WARNING Do not remove the route for

Internet Security Router User’s Manual Chapter 8. Configuring DDNS 41 8 Configuring DDNS Dynamic DNS is a service that allows computers to use the s

Chapter 8. Configuring DDNS Internet Security Router User’s Manual 42 Internet ISRHTTP DDNS Server(DynDNS, TokyoDNS)DynDNSsl1000.homeunix.comTokyo

Internet Security Router User’s Manual Chapter 8. Configuring DDNS 43 Field Description HTTP DDNS Specific Settings DDNS Service [For HTTP DDNS only

vi 9 Configuring Firewall/NAT Settings...45 9.1 Firewall Overview...

Chapter 8. Configuring DDNS Internet Security Router User’s Manual 44 4. In the DDNS Configuration page, select “Enable” for the DDNS State and “RFC-2

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 45 9 Configuring Firewall/NAT Settings The Internet Security Rou

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 46 9.1.3.2 Tracking Connection State The stateful inspection engin

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 47 Figure 9.1 Static NAT – Mapping Four Private IP Addresses to

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 48 9.2.3 NAPT (Network Address and Port Translation) or PAT (Port

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 49 9.2.4 Reverse Static NAT Reverse static NAT maps a globally va

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 50 Field Description ID Add New Click on this option to add a new

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 51 Field Description IP Address, Subnet, Range and IP Pool Selec

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 52 Field Description associate with an inbound ACL rule. Time Ran

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 53 4. Make changes to any or all of the following fields: source/

vii 9.5.5 Delete an URL Filter Rule...59 9.5.6 View Configured URL Filter Rul

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 54 Figure 9.9. Outbound ACL Configuration Page 9.4.1 Outbound AC

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 55 Field Description network. IP Address This option allows you

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 56 Field Description Single, Range Select any of these and enter

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 57 9.4.3 Add an Outbound ACL Rule To add an outbound ACL rule, fo

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 58 4. Click on the button to modify this ACL rule. The new setti

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 59 Figure 9.11. URL Filter Configuration Page 9.5.3 Add an URL F

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 60 proxy web server is used. If you don’t use a proxy server for y

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 61 Figure 9.13. Self Access Rule Configuration Page 9.6.1.1 Self

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 62 2. Select “Add New” from the Self Access rule drop-down list. 3

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 63 Figure 9.14. Service List Configuration Page 9.6.2.1 Service

viii 9.7.2.2 Access IP Pool Configuration Page – (Firewall è Policy List è IP Pool)...

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 64 5. Click on the button to create the new service. The new ser

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 65 Field Description to get into a "stuck state" where

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 66 Field Description Minimum IP Fragment Size Enter the Minimum s

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 67 „ NAT Pools – This option allows you to configure NAT Pools th

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 68 Field Description CWD Allow or deny of change directory. LIST

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 69 Figure 9.16. Application Filter Configuration Page 9.7.1.3 Ad

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 70 Figure 9.18. FTP Filter Example – Configuring FTP Filter Rule

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 71 Figure 9.21. FTP Filter Example – Associate FTP Filter Rule t

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 72 7. Check the web application files to block – in this example,

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 73 Figure 9.24. Modify an Application Filter 9.7.1.5 Delete an A

ix 10.4.4 Display VPN Rules...94 10.5 VPN Statistics...

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 74 Field Description IP Address Enter the IP Address. 9.7.2.2 Acc

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 75 2. Click on the icon of the IP pool to be modified in the IP

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 76 Figure 9.27. IP Pool Example – Add Two IP Pools – MISgroup1 an

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 77 Field Description Static Select this type of NAT to set a one

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 78 9.7.3.3 Add a NAT Pool To add a NAT Pool, follow the instructio

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 79 10.64.2.0/24 ISRStatic NAT PoolLAN Port192.168.1.1WAN Port

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 80 Figure 9.32. NAT Pool Example – Associate a NAT Pool to an ACL

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 81 9.7.4.2 Access Time Range Configuration Page – (Firewall è Pol

Chapter 9. Configuring Firewall/NAT Settings Internet Security Router User’s Manual 82 5. Click on the button to save the new settings. 9.7.4.5 Del

Internet Security Router User’s Manual Chapter 9. Configuring Firewall/NAT Settings 83 9.8 Firewall Statistics – Firewall è Statistics The Firewall S