4
CONFIGURING SSL VPN
5
CONFIGURING IPSEC
Configuring SSL VPN
This section describes how to configure the BiGuard S3000 with basic settings so that
the SSL VPN default group is accessible from outside your network. Before a user
can access the SSL VPN, a Group user account must be set up for them.
Click Quick Start →SSL VPN in
A.
the Menu bar. The Quick Start SSL
VPN screen appears.
B.
If you have created new Groups,
you can select one from the dropdown menu. Otherwise, leave the
default Group selected and click
Next. The following screen
appears (Note: You can choose to
Add Applications to the Group
now or add it later).
Type a user name for a user in the
C.
User Name field.
Type and confirm a password in
D.
the Password and Retype
Password fields.
Click Add to add the account.
E.
Once the account is added, the
newly added account will be
displayed in the Account Table
below (Note: Account Table
displays all the accounts under the
chosen Group)
Click Apply to confirm the settings
F.
and you will be directed to the
Account Table page displaying all
the created accounts.
A.
F.
Configuring IPSec
This section describes how to set up an BiGuard S3000 IPSec connection using the
IPSec Wizard. Refer to the following to configure an IPSec connection:
Click Quick Start →IPSec in the
A.
Menu bar. The IPSec Wizard
screen appears.
Type a connection name in the
B.
Connection Name field.
Select the WAN1 or WAN2
C.
interface to establish an IPSec
VPN tunnel connection.
Enter a preshared key in the
D.
Preshared Key field. The
preshared key is used by the
Internet Key Exchange protocol
(IKE) to establish a shared
security policy and authenticated
keys. Each router must be able to
identify its counterpart using the
preshared key before any IPSec
traffic can be passed.
E.
Select a connection type from the
Connection Type buttons and click
Next.
F.
The following steps depend on the
choice of connection made.
A.
LAN to LAN
LAN to LAN uses an IPSec VPN tunnel to securely establish a connection to a remote
router.
Selecting LAN to LAN and clicking
A.
Next displays the Remote
Information screen:
B.
Type the IP address or Hostname
of the remote VPN gateway in the
Remote Secure Gateway
Address (or Hostname) field.
C.
Type the IP Address and Netmask
of the Remote Network in the
supplied fields.
D.
Click Back to return to the
Connection Information screen or
click Next to proceed to the
Configuration Summary screen.
A.
B.
LAN to LAN (Mobile LAN)
LAN to LAN (Mobile LAN) uses an IPSec VPN tunnel to securely establish a connection
to a remote router that is using Dynamic Internet IP.
A.
Selecting LAN to LAN (Mobile
LAN) and clicking Next displays
the Remote Information screen:
Type the remote identifier of the
B.
remote gateway in the Remote
Identifier field. Depending on the
input value, the ID type is
autodefined as IP Address,
FQDN(DNS) or FQUN(E-mail).
C.
Click Back to return to the
Connection Information screen or
click Next to proceed to the
Configuration Summary screen.
A.
B.
LAN to Host
LAN to Host uses an IPSec VPN tunnel to securely establish a connection to a computer.
Selecting LAN to Host and
A.
clicking Next displays the Remote
Information screen:
B.
Type the IP address or hostname
of the remote VPN device in the
Remote Secure Gateway
Address (or Hostname) field to
allow a VPN tunnel to be
established.
C.
Click Back to return to the
Connection Information screen or
click Next to proceed to the
Configuration Summary screen.
A.
B.
LAN to Host (Mobile Client)
LAN to Host (Mobile Client) uses an IPSec VPN tunnel to securely establish a connection
to a computer that uses Dynamic Internet IP.
A.
Selecting LAN to Host (Mobile
Client) and clicking Next displays
the Remote Information screen:
Type the remote identifier of the
B.
remote gateway in the Remote
Identifier field. Depending on the
input value, the ID type is
autodefined as IP Address,
FQDN(DNS) or FQUN(E-mail).
C.
Click Back to return to the
Connection Information screen or
click Next to proceed to the
Configuration Summary screen.
A.
B.
LAN to Host (for BiGuard VPN Client)
LAN to Host (for BiGuard VPN Client) uses an IPSec VPN tunnel to securely establish
a connection to a computer that has BiGuard VPN Client installed.
A.
Selecting LAN to Host (for
BiGuard VPN Client) and clicking
Next displays the Remote
Information screen:
Type the VPN Client IP Address
B.
for the BiGuard VPN Client. This
value is applied on both remote ID
and Remote Network as a single
address. (Note: Ensure that each
client uses a different VPN Client
Address).
Click Back to return to the
C.
Connection Information screen or
click Next to proceed to the
Configuration Summary screen.
A.
B.
The IPSec Configuration
Summary screen The Configuration Summary screen displays the data input on the
selected Connection Type screens.
A.
Review the connection information
on the screen. To make any
necessary amendments, click Back
to return to the Connection Type
screen. To complete the IPSec
Configuration, click Done.
A.
Support
For additional information, please
refer to the User's Guide in the
software CD. For technical support,
please email to support@billion.com.
Billion Product Registration
Billion is committed to before and after sales customer services.
You will get the most out of your Billion's products after registration.
Please register online at http://www.biguard.com/register/ to receive
valuable services and support from us.
C
Billion Electric Co., Ltd.
BiGuard S3000 v 1.10
S3000
Gigabit Dual-WAN SSL/IPSec VPN Security Gateway
7 8 9 10 11
1 2
Out of Box
Carefully unpack the BiGuard
S3000 and check that the following
items are included.
1. BiGuard S3000
2. Power cable x 1
3. Warranty card x 1
4. Mounting brackets x 2
5. Mounting screws x 4
6. User Manual CD x 1
7. Ethernet cable x 1
8. Quick Start Guide x 1
Front and Rear View
1. Power LED
2. Status LED
3. Alarm LED
4. Reset button
5. WAN1 and WAN2 RJ-45
6. LAN 1~8 100/1000M RJ-45
7. USB connector
8. Console connector
9. Modem connector
10. Power on switch
11. Power connector
NOTE:
Ensure that the BiGuard S3000
is turned off before beginning to
setup.
CONNECTING THE BiGuard S3000The BiGuard S3000
connectors
connectors.
Ensure that your hardware is
A.
powered off, including the BiGuard
S3000.
B.
Connect an RJ-45 Ethernet cable
to the WAN1 port and/or WAN2
port on the BiGuard S3000, and
connect the other end to an ADSL
or cable modem or another router.
C.
Connect switches, hubs, and
servers to the eight LAN ports on
the BiGuard S3000.
D.
Connect the power cable to the
connector on the BiGuard S3000
and connect the power adapter to
an electrical outlet. Turn the power
button to the On position.
NOTE:
Register Your BiGuard Gateway
Once you have established an
Internet connection, please
register your BiGuard gateway
at www.biguard.com for
firmware updates, the latest
information and technical
support. It is crucial that you
register as soon as possible to
enjoy the benefits of possessing
a BiGuard gateway.
C.
D.
B.
3
CONFIGURING THE WAN
Logging In
You configure and manage the BiGuard S3000 with the Web Manager. The Web
Manager is a web-based interface that you can access from any web browser.
A.
In the Address field of your Web
browser, type the default IP address:
192.168.1.254.
B.
A Security Alert screen appears.
Click Yes to continue. The login
screen appears.
C.
Type the default user name and
password:
User Name: admin
Password: admin
Then click Login. The Web Manager
opens on the Status menu.
Configuring the WAN for PPPoE
To configure the WAN for PPPoE, you need the following information from your ISP
provider:
User name
Password
DNS (if necessary)
(contact your ISP for more information)
Click Quick Start in the Menu bar.
A.
NOTE:
Ensure that the BiGuard S6000
Click WAN1. The Quick Start
B.
is turned off before beginning
WAN1 screen opens.
setup.
C.
Select PPPoE from the Protocol
drop-down menu.
B.
A.
B.
Type the user name in the
D.
Username field.
Type and confirm the password in
E.
the Password and Retype
Password fields.
Select Always On or Connect on
F.
Demand from the Connection
drop-down menu. If you select
Connect on Demand, the following
Idle Timeout field is available.
G.
Type the number (of minutes) in the
Idle Timeout field. If your
connection is Connect on Demand,
you are disconnected after the idle
timeout period.
Check Obtain DNS Automatically
H.
if your ISP provides this with the
assigned IP. Otherwise, enter the
Primary and Secondary DNS
provided by your ISP provider.
I.
Click Apply to confirm the settings.
Configuring the WAN for Static IP
To configure the WAN for static IP, you will need the following information from your
ISP provider:
IP address
Subnet mask
Gateway
DNS
A.
Click Quick Start in the Menu bar.
B.
Click WAN1. The Quick Start
WAN1 screen opens.
Type the primary/secondary DNS
Select Static IP from the Protocol
C.
drop-down menu.
D.
Type the IP address in the IP
Address field.
Type the subnet mask in the Subnet
E.
Mask field.
F.
Type the gateway in the Gateway
field.
G.
in the DNS fields.
H.
Click Apply to confirm the settings.
B.
Configuring the WAN for DHCP
Click Quick Start in the Menu bar.
A.
Click WAN1. The Quick Start
B.
WAN1 screen appears.
Select Obtain an IP Address
C.
Automatically from the Protocol
drop-down menu.
Check Obtain DNS Automatically
D.
if your ISP provides this with the
assigned IP. Otherwise, enter the
Primary and Secondary DNS
provided by your ISP.
Click Apply to confirm the settings.
E.
Congratulations. You successfully
F.
finished the BiGuard S3000 router
configuration.
B.
21 3
4
5
6