TRENDnet VPN Firewall Router User Manual
Size:
2.73 Mb
Download

TW100-BRV204

VPN Firewall Router

Cable/DSL Internet Access

4-PortSwitching Hub

User's Guide

Table of Contents

CHAPTER 1 INTRODUCTION .............................................................................................

1

TW100-BRV204Features.................................................................................................

1

Package Contents ..............................................................................................................

3

Physical Details..................................................................................................................

4

CHAPTER 2 INSTALLATION...............................................................................................

6

Requirements.....................................................................................................................

6

Procedure ...........................................................................................................................

6

CHAPTER 3 SETUP ................................................................................................................

8

Overview ............................................................................................................................

8

Configuration Program ....................................................................................................

9

Setup Wizard ...................................................................................................................

11

WAN Port Configuration Screen...................................................................................

14

LAN Screen......................................................................................................................

17

CHAPTER 4 PC CONFIGURATION ..................................................................................

19

Overview ..........................................................................................................................

19

Windows Clients..............................................................................................................

19

Macintosh Clients............................................................................................................

31

Linux Clients....................................................................................................................

31

Other Unix Systems.........................................................................................................

31

CHAPTER 5 OPERATION AND STATUS.........................................................................

32

Operation .........................................................................................................................

32

Status Screen....................................................................................................................

32

Connection Status - PPPoE ............................................................................................

34

Connection Status - PPTP ..............................................................................................

36

Connection Status - Telstra Big Pond............................................................................

37

Connection Details - SingTel RAS .................................................................................

38

Connection Details - Fixed/Dynamic IP Address .........................................................

40

CHAPTER 6 INTERNET FEATURES ................................................................................

42

Overview ..........................................................................................................................

42

Advanced Internet Screen ..............................................................................................

42

Dynamic DNS (Domain Name Server) ..........................................................................

47

Virtual Servers.................................................................................................................

49

Options .............................................................................................................................

51

CHAPTER 7 SECURITY CONFIGURATION...................................................................

52

Overview ..........................................................................................................................

52

Admin Login ....................................................................................................................

52

Access Control .................................................................................................................

54

Firewall Rules ..................................................................................................................

57

Logs...................................................................................................................................

61

Security Options ..............................................................................................................

63

Scheduling........................................................................................................................

65

Services.............................................................................................................................

66

CHAPTER 8 VPN ...................................................................................................................

68

Overview ..........................................................................................................................

68

Common VPN Situations................................................................................................

70

VPN Configuration .........................................................................................................

72

 

i

Examples ..........................................................................................................................

81

Using Certificates ............................................................................................................

99

CHAPTER 9 OTHER FEATURES AND SETTINGS ......................................................

104

Overview ........................................................................................................................

104

Config File......................................................................................................................

105

PC Database...................................................................................................................

106

Remote Administration.................................................................................................

110

Routing ...........................................................................................................................

111

Upgrade Firmware........................................................................................................

115

UPNP ..............................................................................................................................

116

APPENDIX A TROUBLESHOOTING ..............................................................................

117

Overview ........................................................................................................................

117

General Problems..........................................................................................................

117

Internet Access...............................................................................................................

117

APPENDIX B SPECIFICATIONS......................................................................................

119

TW100-BRV204 ............................................................................................................

119

FCC Statement ..............................................................................................................

119

CE Marking Warning...................................................................................................

120

P/N: 9560KZ0101

Copyright 2003. All Rights Reserved.

Document Version: 1.0

All trademarks and trade names are the properties of their respective owners.

ii

Chapter 1

1

 

Introduction

 

This Chapter provides an overview of the TW100-BRV204'sfeatures and capabilities.

Congratulations on the purchase of your new TW100-BRV204.TheTW100-BRV204is amulti-functiondevice providing the following services:

Shared Broadband Internet Access for all LAN users.

4-Port Switching Hub for 10BaseT or 100BaseT connections.

TW100-BRV204

Figure 1: TW100-BRV204

TW100-BRV204Features

The TW100-BRV204incorporates many advanced features, carefully designed to provide sophisticated functions while being easy to use.

Internet Access Features

Shared Internet Access. All users on the LAN or WLAN can access the Internet through theTW100-BRV204,using only a single external IP Address. The local (invalid) IP Addresses are hidden from external sources. This process is called NAT (Network Address Translation).

DSL & Cable Modem Support. TheTW100-BRV204has a 10/100BaseT Ethernet port for connecting a DSL or Cable Modem. All popular DSL and Cable Modems are supported. SingTel RAS and Big Pond (Australia) login support is also included.

PPPoE, PPTP, SingTel RAS and Telstra Big Pond Support. The Internet (WAN port) connection supports PPPoE (PPP over Ethernet), PPTP(Peer-to-PeerTunneling Protocol), SingTel RAS and Telstra Big Pond (Australia), as well as "Direct Connection" type services.

Fixed or Dynamic IP Address. On the Internet (WAN port) connection, the TW100BRV204 supports both Dynamic IP Address (IP Address is allocated on connection) and Fixed IP Address.

1

TW100-BRV204User Guide

Advanced Internet Functions

Communication Applications. Support for Internet communication applications, such as interactive Games, Telephony, and Conferencing applications, which are often difficult to use when behind a Firewall, is included.

Special Internet Applications. Applications which usenon-standardconnections or port numbers are normally blocked by the Firewall. The ability to define and allow such applications is provided, to enable such applications to be used normally.

Virtual Servers. This feature allows Internet users to access Internet servers on your LAN. The required setup is quick and easy.

DMZ. One (1) PC on your local LAN can be configured to allow unrestricted2-waycommunication with Servers or individual users on the Internet. This provides the ability to run programs which are incompatible with Firewalls.

URL Filter. Use the URL Filter to block access to undesirable Web sites by LAN users.

Internet Access Log. See which Internet connections have been made.

VPN Pass through Support. PCs with VPN (Virtual Private Networking) software using PPTP, L2TP and IPSec are transparently supported - no configuration is required.

LAN Features

4-Port Switching Hub. TheTW100-BRV204incorporates a4-port10/100BaseT switching hub, making it easy to create or extend your LAN.

DHCP Server Support. DynamicHostConfigurationProtocol provides a dynamic IP address to PCs and other devices upon request. TheTW100-BRV204can act as aDHCP Server for devices on your local LAN and WLAN.

Multi Segment LAN Support. LANs containing one or more segments are supported, via theTW100-BRV204's RIP (Routing Information Protocol) support andbuilt-instatic routing table.

Configuration & Management

Easy Setup. Use your WEB browser from anywhere on the LAN or WLAN for configuration.

Remote Management. TheTW100-BRV204can be managed from any PC on your LAN. And, if the Internet connection exists, it can also (optionally) be configured via the Internet.

UPnP Support. UPnP (Universal Plug and Play) allows automatic discovery and configuration of theTW100-BRV204.UPnP is by supported by Windows ME, XP, or later.

Security Features

Password - protected Configuration. Optional password protection is provided to prevent unauthorized users from modifying the configuration data and settings.

NAT Protection. An intrinsic side effect of NAT (Network Address Translation) technology is that by allowing all LAN users to share a single IP address, the location and even the existence of each PC is hidden. From the external viewpoint, there is no network, only a single device - theTW100-BRV204.

Stateful Inspection Firewall. All incoming data packets are monitored and all incoming server requests are filtered, thus protecting your network from malicious attacks from external sources.

2

Introduction

Protection against DoS attacks. DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. The TW100BRV204 incorporates protection against DoS attacks.

Rule-based Policy Firewall. To provide additional protection against malicious packets, you can define your own firewall rules. This can also be used to control the Internet services available to LAN users.

VPN Gateway Features

IPSec.. Support for IPSec standards, including IKE and certificates.

5 Tunnels. Up to 5 VPN tunnels can be created.

High performance. High performance encryption engine maintains high throughput even when using 3DES.

Package Contents

The following items should be included:

The TW100-BRV204Unit

Power Adapter

Quick Installation Guide

CD-ROMcontaining theon-linemanual.

If any of the above items are damaged or missing, please contact your dealer immediately.

3

TW100-BRV204User Guide

Physical Details

Front-mountedLEDs

Power (Green)

Status (Red)

Figure 2: Front Panel

On - Power on.

Off - No power.

On - Error condition.

Off - Normal operation.

Blinking - This LED blinks during start up.

LAN

For each port, there are 2 LEDs

 

Link/Act (Green)

 

 

On - Corresponding LAN (hub) port is active.

 

 

Off - No active connection on the corresponding LAN (hub) port.

 

 

Flashing - Data is being transmitted or received via the corre-

 

 

sponding LAN (hub) port.

 

100 (Yellow)

 

 

On - Corresponding LAN (hub) port is using 100BaseT.

 

 

Off - Corresponding LAN (hub) port connection is using

 

 

10BaseT, or no active connection.

WAN

On - Connection to the modem attached to the WAN (Internet) port is

(Green)

established.

Flashing - Data is being transmitted or received via the WAN port.

4

Introduction

Rear Panel

 

Figure 3: Rear Panel

Reset Button

This button has two (2) functions:

 

Reboot. When pressed and released, theTW100-BRV204will

 

reboot (restart).

 

Clear All Data. This button can also be used to clear ALL data

 

and restore ALL settings to the factory default values.

 

To Clear All Data and restore the factory default values:

 

1. Power Off.

 

2. Hold the Reset Button down while you Power On.

 

3. Keep holding the Reset Button down for five (5) seconds, until

 

the Red Status LED has flashed TWICE.

 

4. Release the Reset Button. The TW100-BRV204is now using the

 

factory default values.

WAN port

Connect the DSL or Cable Modem here. If your modem came with a

(10/100BaseT)

cable, use the supplied cable. Otherwise, use a standard LAN cable.

10/100BaseT

Use standard LAN cables (RJ45 connectors) to connect your PCs to

LAN connections

these ports.

 

Note:

 

Any LAN port on the TW100-BRV204will automatically function

 

as an "Uplink" port when required. Just connect any port to a normal

 

port on the other hub, using a standard LAN cable.

Power port

Connect the supplied power adapter here.

5