Billion BiGuard S3000 Quick Start Guide

4
CONFIGURING SSL VPN
5
CONFIGURING IPSEC
Configuring SSL VPN
This section describes how to configure the BiGuard S3000 with basic settings so that the SSL VPN default group is accessible from outside your network. Before a user can access the SSL VPN, a Group user account must be set up for them.
Click Quick Start →SSL VPN in
A.
the Menu bar. The Quick Start SSL VPN screen appears.
B.
If you have created new Groups, you can select one from the drop­down menu. Otherwise, leave the default Group selected and click Next. The following screen appears (Note: You can choose to Add Applications to the Group now or add it later).
Type a user name for a user in the
C.
User Name field.
Type and confirm a password in
D.
the Password and Retype Password fields.
Click Add to add the account.
E.
Once the account is added, the newly added account will be displayed in the Account Table below (Note: Account Table displays all the accounts under the chosen Group)
Click Apply to confirm the settings
F.
and you will be directed to the Account Table page displaying all the created accounts.
A.
F.
Configuring IPSec
This section describes how to set up an BiGuard S3000 IPSec connection using the IPSec Wizard. Refer to the following to configure an IPSec connection:
Click Quick Start →IPSec in the
A.
Menu bar. The IPSec Wizard screen appears.
Type a connection name in the
B.
Connection Name field.
Select the WAN1 or WAN2
C.
interface to establish an IPSec VPN tunnel connection.
Enter a preshared key in the
D.
Preshared Key field. The
preshared key is used by the Internet Key Exchange protocol (IKE) to establish a shared security policy and authenticated keys. Each router must be able to identify its counterpart using the preshared key before any IPSec traffic can be passed.
E.
Select a connection type from the Connection Type buttons and click
Next.
F.
The following steps depend on the choice of connection made.
A.
LAN to LAN
LAN to LAN uses an IPSec VPN tunnel to securely establish a connection to a remote router.
Selecting LAN to LAN and clicking
A.
Next displays the Remote
Information screen:
B.
Type the IP address or Hostname of the remote VPN gateway in the
Remote Secure Gateway Address (or Hostname) field.
C.
Type the IP Address and Netmask of the Remote Network in the supplied fields.
D.
Click Back to return to the Connection Information screen or click Next to proceed to the Configuration Summary screen.
A.
B.
LAN to LAN (Mobile LAN)
LAN to LAN (Mobile LAN) uses an IPSec VPN tunnel to securely establish a connection to a remote router that is using Dynamic Internet IP.
A.
Selecting LAN to LAN (Mobile LAN) and clicking Next displays
the Remote Information screen:
Type the remote identifier of the
B.
remote gateway in the Remote Identifier field. Depending on the
input value, the ID type is autodefined as IP Address, FQDN(DNS) or FQUN(E-mail).
C.
Click Back to return to the Connection Information screen or click Next to proceed to the Configuration Summary screen.
A.
B.
LAN to Host
LAN to Host uses an IPSec VPN tunnel to securely establish a connection to a computer.
Selecting LAN to Host and
A.
clicking Next displays the Remote Information screen:
B.
Type the IP address or hostname of the remote VPN device in the
Remote Secure Gateway Address (or Hostname) field to
allow a VPN tunnel to be established.
C.
Click Back to return to the Connection Information screen or click Next to proceed to the Configuration Summary screen.
A.
B.
LAN to Host (Mobile Client)
LAN to Host (Mobile Client) uses an IPSec VPN tunnel to securely establish a connection to a computer that uses Dynamic Internet IP.
A.
Selecting LAN to Host (Mobile Client) and clicking Next displays
the Remote Information screen:
Type the remote identifier of the
B.
remote gateway in the Remote Identifier field. Depending on the
input value, the ID type is autodefined as IP Address, FQDN(DNS) or FQUN(E-mail).
C.
Click Back to return to the Connection Information screen or click Next to proceed to the Configuration Summary screen.
A.
B.
LAN to Host (for BiGuard VPN Client)
LAN to Host (for BiGuard VPN Client) uses an IPSec VPN tunnel to securely establish a connection to a computer that has BiGuard VPN Client installed.
A.
Selecting LAN to Host (for BiGuard VPN Client) and clicking Next displays the Remote
Information screen:
Type the VPN Client IP Address
B.
for the BiGuard VPN Client. This value is applied on both remote ID and Remote Network as a single address. (Note: Ensure that each client uses a different VPN Client Address).
Click Back to return to the
C.
Connection Information screen or click Next to proceed to the Configuration Summary screen.
A.
B.
The IPSec Configuration
Summary screen The Configuration Summary screen displays the data input on the selected Connection Type screens.
A.
Review the connection information on the screen. To make any necessary amendments, click Back to return to the Connection Type screen. To complete the IPSec Configuration, click Done.
A.
Support
For additional information, please refer to the User's Guide in the software CD. For technical support, please email to support@billion.com.
Billion Product Registration
Billion is committed to before and after sales customer services. You will get the most out of your Billion's products after registration. Please register online at http://www.biguard.com/register/ to receive valuable services and support from us.
C
Billion Electric Co., Ltd.
BiGuard S3000 v 1.10
S3000
Gigabit Dual-WAN SSL/IPSec VPN Security Gateway
7 8 9 10 11
1 2
Out of Box
Carefully unpack the BiGuard S3000 and check that the following items are included.
1. BiGuard S3000
2. Power cable x 1
3. Warranty card x 1
4. Mounting brackets x 2
5. Mounting screws x 4
6. User Manual CD x 1
7. Ethernet cable x 1
8. Quick Start Guide x 1
Front and Rear View
1. Power LED
2. Status LED
3. Alarm LED
4. Reset button
5. WAN1 and WAN2 RJ-45
6. LAN 1~8 100/1000M RJ-45
7. USB connector
8. Console connector
9. Modem connector
10. Power on switch
11. Power connector
NOTE:
Ensure that the BiGuard S3000 is turned off before beginning to setup.
CONNECTING THE BiGuard S3000The BiGuard S3000
connectors
connectors.
Ensure that your hardware is
A.
powered off, including the BiGuard S3000.
B.
Connect an RJ-45 Ethernet cable to the WAN1 port and/or WAN2 port on the BiGuard S3000, and connect the other end to an ADSL or cable modem or another router.
C.
Connect switches, hubs, and servers to the eight LAN ports on the BiGuard S3000.
D.
Connect the power cable to the connector on the BiGuard S3000 and connect the power adapter to an electrical outlet. Turn the power button to the On position.
NOTE:
Register Your BiGuard Gateway Once you have established an Internet connection, please register your BiGuard gateway at www.biguard.com for firmware updates, the latest information and technical support. It is crucial that you register as soon as possible to enjoy the benefits of possessing a BiGuard gateway.
C.
D.
B.
3
CONFIGURING THE WAN
Logging In
You configure and manage the BiGuard S3000 with the Web Manager. The Web Manager is a web-based interface that you can access from any web browser.
A.
In the Address field of your Web browser, type the default IP address:
192.168.1.254.
B.
A Security Alert screen appears. Click Yes to continue. The login screen appears.
C.
Type the default user name and password:
User Name: admin Password: admin
Then click Login. The Web Manager opens on the Status menu.
Configuring the WAN for PPPoE
To configure the WAN for PPPoE, you need the following information from your ISP provider:
User name Password DNS (if necessary) (contact your ISP for more information)
Click Quick Start in the Menu bar.
A.
NOTE:
Ensure that the BiGuard S6000
Click WAN1. The Quick Start
B.
is turned off before beginning
WAN1 screen opens.
setup.
C.
Select PPPoE from the Protocol drop-down menu.
B.
A.
B.
Type the user name in the
D.
Username field.
Type and confirm the password in
E.
the Password and Retype Password fields.
Select Always On or Connect on
F.
Demand from the Connection
drop-down menu. If you select
Connect on Demand, the following Idle Timeout field is available.
G.
Type the number (of minutes) in the Idle Timeout field. If your connection is Connect on Demand, you are disconnected after the idle timeout period.
Check Obtain DNS Automatically
H.
if your ISP provides this with the assigned IP. Otherwise, enter the Primary and Secondary DNS provided by your ISP provider.
I.
Click Apply to confirm the settings.
Configuring the WAN for Static IP
To configure the WAN for static IP, you will need the following information from your ISP provider:
IP address Subnet mask Gateway DNS
A.
Click Quick Start in the Menu bar.
B.
Click WAN1. The Quick Start WAN1 screen opens.
Type the primary/secondary DNS
Select Static IP from the Protocol
C.
drop-down menu.
D.
Type the IP address in the IP Address field.
Type the subnet mask in the Subnet
E.
Mask field.
F.
Type the gateway in the Gateway field.
G.
in the DNS fields.
H.
Click Apply to confirm the settings.
B.
Configuring the WAN for DHCP
Click Quick Start in the Menu bar.
A.
Click WAN1. The Quick Start
B.
WAN1 screen appears.
Select Obtain an IP Address
C.
Automatically from the Protocol
drop-down menu.
Check Obtain DNS Automatically
D.
if your ISP provides this with the assigned IP. Otherwise, enter the Primary and Secondary DNS provided by your ISP.
Click Apply to confirm the settings.
E.
Congratulations. You successfully
F.
finished the BiGuard S3000 router configuration.
B.
21 3
4
5
6
Loading...