Billion BiPAC 7404V, BiPAC 7404VGO User Manual

Download

BiPAC 7404V series

VoIP/(802.11g) ADSL2+

(VPN) Firewall Router

User’s Manual

Version Release 2.06e

TTaabbllee ooff CCoonntteennttss

CHAPTER 1: INTRODUCTION............................................................................................................. 3

INTRODUCTION TO YOUR ROUTER ............................................................................................................. 3

FEATURES.................................................................................................................................................. 3

CHAPTER 2: INSTALLING THE ROUTER......................................................................................... 6

IMPORTANT NOTE FOR USING THIS ROUTER ............................................................................................... 6

PACKAGE CONTENTS................................................................................................................................. 6

THE FRONT LEDS...................................................................................................................................... 7

THE REAR PORTS....................................................................................................................................... 8

CABLING.................................................................................................................................................... 9

CHAPTER 3: BASIC INSTALLATION ............................................................................................... 10

CONNECTING YOUR ROUTER.................................................................................................................... 11

FACTORY DEFAULT SETTINGS................................................................................................................. 16

Web Interface (Username and Password)......................................................................................................................... 16

LAN Device IP Settings ..................................................................................................................................................... 16

ISP setting in WAN site...................................................................................................................................................... 16

DHCP server..................................................................................................................................................................... 16

LAN and WAN Port Addresses.......................................................................................................................................... 16

INFORMATION FROM YOUR ISP................................................................................................................ 16

CONFIGURING WITH YOUR WEB BROWSER.............................................................................................. 18

CHAPTER 4: CONFIGURATION ........................................................................................................ 19

STATUS.................................................................................................................................................... 20

ARP Table.......................................................................................................................................................................... 20

Wireless Association Table (Wireless Router only)........................................................................................................... 20

DHCP Table...................................................................................................................................................................... 22

PPTP Status (Only the 7404VGO has VPN features)........................................................................................................ 22

IPSec Status (Only the 7404VGO has VPN features)........................................................................................................ 23

L2TP Status (Only the 7404VGO has VPN features) ........................................................................................................ 24

Email Status....................................................................................................................................................................... 24

VoIP Status........................................................................................................................................................................ 25

Event Log........................................................................................................................................................................... 25

Error Log........................................................................................................................................................................... 25

NAT Sessions..................................................................................................................................................................... 25

Diagnostic ......................................................................................................................................................................... 26

UPnP Portmap.................................................................................................................................................................. 26

QUICK START .......................................................................................................................................... 28

CONFIGURATION...................................................................................................................................... 30

LAN (Local Area Network)................................................................................................................................................ 30

Bridge Interface.............................................................................................................................. 30

Ethernet........................................................................................................................................... 31

IP Alias........................................................................................................................................... 31

Ethernet Client Filter...................................................................................................................... 32

Wireless (Wireless Router only) .................................................................................................... 34

Wireless Security (Wireless Router only)...................................................................................... 36

Wireless Client (MAC Address) Filter (Wireless Router only) ........................................................... 38

Port Setting..................................................................................................................................... 39

DHCP Server.................................................................................................................................. 40

WAN (Wide Area Network)................................................................................................................................................ 41

ISP .................................................................................................................................................. 41

DNS................................................................................................................................................ 54

ADSL.............................................................................................................................................. 55

Table of Contents i

System................................................................................................................................................................................ 57

Time Zone ...................................................................................................................................... 57

Remote Access ............................................................................................................................... 58

Firmware Upgrade.......................................................................................................................... 59

Backup / Restore............................................................................................................................. 59

Restart Router................................................................................................................................. 61

User Management........................................................................................................................... 62

Firewall and Access Control............................................................................................................................................. 63

General Settings.............................................................................................................................. 64

Packet Filter.................................................................................................................................... 65

Intrusion Detection......................................................................................................................... 71

URL Filter ...................................................................................................................................... 74

Firewall Log ................................................................................................................................... 77

VPN (Virtual Private Networks) (Only the 7404VGO has VPN features)......................................................................... 78

PPTP (Point-to-Point Tunneling Protocol)..................................................................................... 78

IPSec (IP Security Protocol)........................................................................................................... 83

L2TP (Layer Two Tunneling Protocol).......................................................................................... 89

VoIP (Voice over Internet Protocol).................................................................................................................................114

Wizard .......................................................................................................................................... 115

General Settings............................................................................................................................ 117

Phone Port .................................................................................................................................... 120

PSTN Dial Plan (Router with LINE port only)............................................................................ 122

VoIP Dial Plan.............................................................................................................................. 126

Ring & Tone................................................................................................................................. 131

Special dial codes......................................................................................................................... 132

QoS (Quality of Service)...................................................................................................................................................133

Prioritization................................................................................................................................. 134

Outbound IP Throttling (LAN to WAN)...................................................................................... 136

Inbound IP Throttling (WAN to LAN) ........................................................................................ 137

Virtual Server (“Port Forwarding”)................................................................................................................................140

Add Virtual Server ....................................................................................................................... 141

Edit DMZ Host............................................................................................................................. 143

Edit DMZ Host............................................................................................................................. 144

Edit One-to-One NAT (Network Address Translation)............................................................... 145

Time Schedule...................................................................................................................................................................148

Configuration of Time Schedule .................................................................................................. 149

Advanced..........................................................................................................................................................................150

Static Route .................................................................................................................................. 150

Dynamic DNS .............................................................................................................................. 151

Check Email ................................................................................................................................. 152

Device Management..................................................................................................................... 153

IGMP............................................................................................................................................ 157

VLAN Bridge............................................................................................................................... 157

SAVE CONFIGURATION TO FLASH.......................................................................................................... 161

LOGOUT................................................................................................................................................. 161

CHAPTER 5: TROUBLESHOOTING................................................................................................ 162

PROBLEMS STARTING UP THE ROUTER ................................................................................................... 162

PROBLEMS WITH THE WAN INTERFACE................................................................................................ 162

PROBLEMS WITH THE LAN INTERFACE ................................................................................................. 163

APPENDIX A: PRODUCT SUPPORT AND CONTACT INFORMATION .................................. 164

Table of Contents iii

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Chapter 1: Introduction

Introduction to your Router

Welcome to the VoIP/(802.11g) ADSL2+ (VPN) Firewall Router. The router is an “all-in-one” VoIP ADSL router, combining an ADSL modem, ADSL router, Ethernet network switch and 2 ports for Voice over IP functionalities, providing everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection. With features such as an ADSL Quick-Start wizard and DHCP Server, you can be online in no time at all and with a minimum of fuss and configuration, catering for first-time users to the guru requiring advanced features and control over their Internet connection and network.

Features

Voice over IP compliance with SIP standard

The router supports cost-effective, toll-quality voice calls over the Internet. It complies with the most popular industrial standard, SIP protocol, to ensure the interoperability with SIP devices and major VoIP Gateways. The VoIP ADSL router supports call waiting, silence suppression, voice activity detection (VAD), comfort noise generation (CNG), line echo cancellation, caller ID (Bell 202, V3) and so on.

Fixed-line Support (Router with LINE port only)

The router integrates RJ-11 FXO port for inbound and outbound calls transmitted through PSTN. Users can receive phone calls from PSTN while enjoying VoIP call service at the same time. In addition, the device automatically fallbacks to lifeline POTS to enable making normal phone calls when there is power outage, or when the Internet connection is down.

Express Internet Access

The router complies with ADSL worldwide standards. It supports downstream rate up to 12/24

Mbps with ADSL2/2+, 8Mbps with ADSL. Users enjoy not only high-speed ADSL services but also

broadband multimedia applications such as interactive gaming, video streaming and real-time audio much easier and faster than ever. It is compliant with Multi-Mode standard (ANSI T1.413,

Issue 2; G.dmt (ITU G.992.1); G.lite (ITU G.992.2); G.hs (ITU G994.1); G.dmt.bis (ITU G.992.3); G.dmt.bisplus (ITU G.992.5)).

Virtual Private Network (VPN) (Only the 7404VGO has VPN features)

It allows user to make a tunnel with a remote site directly to secure the data transmission among the connection. User can use embedded PPTP and L2TP client/server, IKE and IPSec which are supported by this router to make a VPN connection or users can run the PPTP client in PC and the router already provides IPSec and PPTP pass through function to establish a VPN connection if the user likes to run the PPTP client in his local computer.

802.11g Wireless AP with WPA Support (Wireless Router only)

With integrated 802.11g Wireless Access Point in the router, the device offers a quick and easy access among wired network, wireless network and broadband connection (ADSL) with single device simplicity, and as a result, mobility to the users. In addition to 54 Mbps 802.11g data rate, it also interoperates backward with existing 802.11b equipment. The Wireless Protected Access (WPA) and Wireless Encryption Protocol (WEP) supported features enhance the security level of data protection and access control via Wireless LAN.

Fast Ethernet Switch

A 4-port 10/100Mbps fast Ethernet switch is built in with automatic switching between MDI and MDI-X for 10Base-T and 100Base-TX ports. An Ethernet straight or crossover cable can be used directly for auto detection.

Chapter 1: Introduction

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Multi-Protocol to Establish A Connection

It supports PPPoA (RFC 2364 - PPP over ATM Adaptation Layer 5), RFC 1483 encapsulation over ATM (bridged or routed), PPP over Ethernet (RFC 2516), and IPoA (RFC1577) to establish a connection with the ISP. The product also supports VC-based and LLC-based multiplexing.

Quick Installation Wizard

It supports a WEB GUI page to install this device quickly. With this wizard, end users can enter the information easily which they get from their ISP, then surf the Internet immediately.

Universal Plug and Play (UPnP) and UPnP NAT Traversal

This protocol is used to enable simple and robust connectivity among stand-alone devices and PCs from many different vendors. It makes network simple and affordable for users. UPnP architecture leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices. With this feature enabled, users can now connect to Net meeting or MSN Messenger seamlessly.

Network Address Translation (NAT)

Allows multi-users to access outside resources such as the Internet simultaneously with one IP address/one Internet access account. Many application layer gateway (ALG) are supported such as web browser, ICQ, FTP, Telnet, E-mail, News, Net2phone, Ping, NetMeeting, IP phone and others.

SOHO Firewall Security with DoS and SPI

Along with the built-in NAT natural firewall feature, the router also provides advanced hacker pattern-filtering protection. It can automatically detect and block Denial of Service (DoS) attacks. The router is built with Stateful Packet Inspection (SPI) to determine if a data packet is allowed through the firewall to the private LAN.

Domain Name System (DNS) relay

It provides an easy way to map the domain name (a friendly name for users such as www.yahoo.com) and IP address. When a local machine sets its DNS server with this router’s IP address, every DNS conversion request packet from the PC to this router will be forwarded to the real DNS in the outside network.

Dynamic Domain Name System (DDNS)

The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname. This dynamic IP address is the WAN IP address. For example, to use the service, you must first apply for an account from a DDNS service like http://www.dyndns.org/. More than 5 DDNS servers are supported.

Quality of Service (QoS)

QoS gives you full control over which types of outgoing data traffic should be given priority by the router, ensuring important data like gaming packets, customer information, or management information move through the router ay lightning speed, even under heavy load. The QoS features are configurable by source IP address, destination IP address, protocol, and port. You can throttle the speed at which different types of outgoing data pass through the router, to ensure P2P users don’t saturate upload bandwidth, or office browsing doesn’t bring client web serving to a halt. In addition, or alternatively, you can simply change the priority of different types of upload data and let the router sort out the actual speeds.

Virtual Server (“port forwarding”)

Users can specify some services to be visible from outside users. The router can detect incoming service requests and forward either a single port or a range of ports to the specific local computer to handle it. For example, a user can assign a PC in the LAN acting as a WEB server inside and expose it to the outside network. Outside users can browse inside web servers directly while it is protected by NAT. A DMZ host setting is also provided to a local computer exposed to the outside network, Internet.

Chapter 1: Introduction

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

ing

Rich Packet Filter

Not only filters the packet based on IP address, but also based on Port numbers. It will filter packets from and to the

Dynamic Host Configuration Protocol (DHCP) client and server

Internet, and also provides a higher level of security control.

In the WAN site, the DHCP client can get an IP address from the Internet Service Provider (ISP) automatically. In the LAN site, the DHCP server can allocate a ran

ge of client IP addresses and distribute them including IP address, subnet mask as well as DNS IP address to local computers. It provides an easy way to manage the local IP network.

Static and RIP1/2 Routing

It has routing capability and supports easy static routing table or RIP1/2 routing protocol.

Simple Network Management Protocol (SNMP)

It is an easy way to remotely manage the router via SNMP.

Web based GUI

It supports web based GUI for configuration and management. It is user-friendly and comes with

so supports remote management capability for remote users to configure and on-line help. It al

manage this product.

Firmware Upgradeab

Device can be upgraded to the latest firmware through the WEB based GUI.

Rich management interfaces

It supports flexible management interfaces with local console port, LAN port, and WAN port. Users can use terminal applications th

rough the console port to configure and manage the device, or

Telnet, WEB GUI, and SNMP through LAN or WAN ports to configure and manage the device.

Chapter 1: Introduction

Chapter 2: Installing the Router

Important note for using this router

Warning

ttention

Package Contents

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

 Do not use this router in high humidity or high temperatures.  Do not use the same power source for this router as othe

equipment.

 Do not open or repair the case yourself. If this router is too hot,

turn off the power immediately and have it repaired at a qualified service center.

 Avoid using this product and all accessories outdoors.

 Place this router on a stable surface.

 Only use the power adapter that comes with the package. Using

a different voltage rating power adaptor may damage this router.

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

CD-ROM containing the online manual RJ-11 ADSL/telephone Cable

Ethernet (CAT-5 LAN) Cable

Console tool

AC-DC power adapter (12VDC, 1.2A)

A detachable antenna Quick Start Guide

Chapter 2: Installing the router

The Front LEDs

LED Meaning

1 PWR Lit when power is ON.

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

2 SYS Lit when the system is ready.

Lit when connected to an Ethernet device.

Green for 100Mbps; Orange for 10Mbps. Blinking when data is Transmitted / Received.

Lit green when the wireless connection is established. Flashes when sending/receiving data.

3 – 6

LAN Port 1X — 4X

(RJ-45 connector)

WLAN

(Wireless Router only)

Phone

8 – 9

1X — 2X

(RJ-11 connector)

LINE

(Router with LINE port only)

VoIP Port 1X — 2X

(RJ-11 connector)

Lit green when the phone is off-hook.

Lit when the inbound and outbound calls transmitted through PSTN.

Lit when the SIP Registration is OK. Green for Phone 1; Orange for Phone 2.

Lit Green when successfully connected to an ADSL DSLAM

13 ADSL/PPP

(“linesync”).

Lit Orange when there is a PPPoA / PPPoE connection.

Chapter 2: Installing the router

The Rear Ports

The Ethernet Port # 4 can be connected to the computer and console. You need a special console tool which is included in this package to connect the LAN cable of Port 4 when connecting to a PC’s RS-232 port (9-pin serial port).

Port Meaning

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Power Switch

PWR

3 RESET

LAN 1X — 4X

(RJ-45 connector)

Phone

1X ─ 2X (RJ-11 connector)

Power ON/OFF switch

Connect the supplied power adapter to this jack.

After the device is powered on, press it to reset the device or restore to factory default settings. 1-3 seconds: reset the device 6 seconds above, and power off, power on the device: restore to factory default settings (this is used when you can not login to the router, e.g. forgot the password)

Connect a UTP Ethernet cable (Cat-5 or Cat-5e) to one of the four LAN ports when connecting to a PC or an office/home network of 10Mbps or 100Mbps.

Connect RJ-11 cable to this port when connecting to an analog phone set.

LINE

(Router with LINE port only)

ADSL

Antenna

(Wireless Router only)

Chapter 2: Installing the router

Connect RJ-11 cable to this port when connecting to the telephone wall jack.

Connect the supplied RJ-11 (“telephone”) cable to this port when connecting to the ADSL/telephone network.

Connect the detachable antenna to this port.

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Cabling

One of the most common causes of problems is bad cabling or ADSL line(s). Make sure that all connected devices are turned on. On the front of the product is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit. If they are not, verify that you are using the proper cables.

Ensure that all other devices connected to the same telephone line as your router (e.g. telephones, fax machines, analogue modems) have a line filter connected between them and the wall socket (unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician), and ensure that all line filters are correctly installed and the right way around. Missing line filters or line filters installed the wrong way around can cause problems with your ADSL connection, including causing frequent disconnections.

Chapter 2: Installing the router

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Chapter 3: Basic Installation

The router can be configured with your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me, etc. The product provides a very easy and user-friendly interface for configuration.

PCs must have an Ethernet interface installed properly and be connected to the router either directly or through an external repeater hub, and have TCP/IP installed and configured to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router. The default

IP address of the router is 192.168.1.254 and the subnet mask is 255.255.255.0 (i.e. any attached PC

must be in the same subnet, and have an IP address in the range of 192.168.1.1 to 192.168.1.253). The best and easiest way is to configure the PC to get an IP address automatically from the router using DHCP. If you encounter any problems accessing the router’s web interface it may also be advisable to

uninstall any kind of software firewall on your PCs, as they can cause problems accessing the

192.168.1.254 IP address of the router. Users should make their own decisions on how to best protect their network.

Please follow the steps below for your PC’s network environment installation. First of all, please check your PC’s network components. The TCP/IP protocol stack and Ethernet network adapter must be installed. If not, please refer to your Windows-related or other operating system

Any TCP/IP capable workstation can be used to communicate with or through

the router. To configure other types of workstations, please consult the

manufacturer’s documentation.

manuals.

Chapter 3: Basic Installation

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Connecting your router

1. Connect this router to a LAN (Local Area Network) and the ADSL/telephone (ADSL) network.

2. Power on the device.

3. Make sure the PWR and SYS LEDs are lit steadily and that the LAN LED is lit.

4. Connect an RJ11 cable to VoIP port when connecting to an analog phone set.

5. Connect RJ-11 cable to LINE Port when connecting to the telephone wall jack.

Switching/

HUB

ADSL Phone

ADSL

Splitter

Line

Analog Phone

Connect more

computers

Chapter 3: Basic Installation

Configuring PCs in Windows in Window XP

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

1. Go to Start / Control Panel (in Classic View). In the Control Panel, double-click Network Connections.

2. Double-click Local Area Connection. (See Figure 3.1)

3. In the LAN Area Connection Status window, click Properties. (See Figure 3.2)

4. Select Internet Protocol (TCP/IP) and click Properties. (See Figure 3.3)

5. Select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons. (See Figure 3.4)

6. Click OK to finish the configuration.

Figure 3.1: LAN Area Connection

Figure 3.2: LAN Connection Status

Figure 3.3: TCP / IP

Figure 3.4: IP Address & DNS

Configuration

Chapter 3: Basic Installation

Configuring PCs in Windows 2000

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

1. Go to Start / Settings / Control Panel. In the Control Panel,

double-click Network and Dial-up Connections.

2. Double-click Local Area (“LAN”) Connection. (See Figure

3.5)

3. In the LAN Area Connection Status window, click

Properties. (See Figure 3.6)

4. Select Internet Protocol (TCP/IP) and click Properties.

(See Figure 3.7)

5. Select the Obtain an IP address automatically and Obtain

DNS server address automatically radio buttons. (See Figure 3.8)

6. Click OK to finish the configuration.

Figure 3.5: LAN Area Connection

Figure 3.6: LAN Connection Status

Figure 3.7: TCP / IP

Figure 3.8: IP Address & DNS

Configuration

Chapter 3: Basic Installation

Configuring PC in Windows 95/98/ME

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

1. Go to Start / Settings / Control Panel. In the Control Panel, double-click Network and choose the Configuration tab.

2. Select TCP / IP -> NE2000 Compatible, or the name of any Network Interface Card (NIC) in your PC. (See Figure 3.9)

3. Click Properties.

4. Select the IP Address tab. In this page, click the Obtain an IP address automatically radio button. (See Figure 3.10)

5. Then select the DNS Configuration tab. (See Figure 3.11)

6. Select the Disable DNS radio button and click OK to finish

the configuration.

Figure 3.9: TCP / IP

Figure 3.10: IP Address

Figure 3.11: DNS Configuration

Chapter 3: Basic Installation

Configuring PC in Windows NT4.0

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

1. Go to Start / Settings / Control Panel. In the Control

Panel, double-click Network and choose the Protocols tab.

2. Select TCP/IP Protocol and click Properties. (See Figure

3.12)

3. Select the Obtain an IP address from a DHCP server radio

button and click OK. (See Figure 3.13)

Figure 3.12: TCP / IP

Figure 3.13: IP Address

Chapter 3: Basic Installation

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Factory Default Settings

Before configuring your, you need to know the following default settings.

Web Interface (Username and Password)

Username: admin Password: admin

The default username and password are “admin” and “admin” respectively.

ttention

LAN Device IP Settings

IP Address: 192.168.1.254

Subnet Mask: 255.255.255.0

If you ever forget the password to log in, you may press the RESET button up to 6 seconds to restore the factory default settings.

ISP setting in WAN site

PPPoE

DHCP server

DHCP server is enabled. Start IP Address: 192.168.1.100

IP pool counts: 100

LAN and WAN Port Addresses

The parameters of LAN and WAN ports are pre-set in the factory. The default values are shown below.

LAN Port WAN Port

IP address

192.168.1.254

The PPPoE function is enabled

Subnet Mask DHCP server function IP addresses for

distribution to PCs

255.255.255.0

Enabled

100 IP addresses continuing from

192.168.1.100 through 192.168.1.199

to automatically get the WAN port configuration from the ISP, but you have to set the username and password first.

Information from your ISP

Before configuring this device, you have to check with your ISP (Internet Service Provider) what kind of service is provided such as PPPoE, PPPoA, RFC1483, or IPoA.

Chapter 3: Basic Installation

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Gather the information as illustrated in the following table and keep it for reference.

PPPoE / PPPoE with Pass-through

VPI/VCI, VC-based/LLC-based multiplexing, Username, Password, Service

Name, and Domain Name System (DNS) IP address (it can be automatically

assigned by your ISP when you connect or be set manually).

PPPoA VPI/VCI, VC-based/LLC-based multiplexing, Username, Password, and

Domain Name System (DNS) IP address (it can be automatically assigned by

your ISP when you connect or be set manually).

RFC1483 Bridged VPI/VCI, VC-based/LLC-based multiplexing to use Bridged Mode.

RFC1483 Routed VPI/VCI, VC-based/LLC-based multiplexing, IP address, Subnet mask,

Gateway address, and Domain Name System (DNS) IP address (it is fixed IP

address).

IPoA VPI/VCI, VC-based/LLC-based multiplexing, IP address, Subnet mask,

Gateway address, and Domain Name System (DNS) IP address (it is fixed IP

address).

Chapter 3: Basic Installation

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Configuring with your Web Browser

Open your web browser, enter the IP address of your router, which by default is 192.168.1.254, and click “Go”, a user name and password window prompt will appear. The default username and password

are “admin” and “admin”. (See Figure 3.14)

Figure 3.14: User name & Password Prompt Widonw

Congratulation! You are now successfully logon to the VoIP ADSL Router!

Chapter 3: Basic Installation

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Chapter 4: Configuration

At the configuration homepage, the left navigation pane where bookmarks are provided links you directly to the desired setup page, including:

Status (ARP Table, Wireless Association (Wireless Router only), Routing Table, DHCP Table,

PPTP Status, IPSec Status, L2TP Status Status, Event Log, Error Log, NAT SessioTPns, Diagnostic and UPnP Portmap)

Quick Start Configuration

(Only the 7404VGO has VPN features), Email Status, VoIP

(LAN, WAN, System, Firewall, VPN Server, Time Schedule and Advanced)

Save Config to FLASH Language (provides user interface in English and French languages)

Please see the relevant sections of this manual for detailed instructions on how to configure the VoIP ADSL Router.

(Only the 7404VGO has VPN features), VoIP, QoS, Virtual

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Status

ARP Table

This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the

MAC address of the network interface of your PCs to use with the router’s Firewall – MAC Address

Filter function. See the Firewall section of this manual for more information on this feature.

IP Address: A list of IP addresses of devices on your LAN (Local Area Network). MAC Address: The MAC (Media Access Control) addresses for each device on your LAN. Interface: The interface name (on the router) that this IP Address connects to. Static: Static status of the ARP table entry:

 “no” for dynamically-generated ARP table entries

 “yes” for static ARP table entries added by the user

Wireless Association Table (Wireless Router only)

IP Address: It is IP address of wireless client that joins this network. MAC: The MAC address of wireless client.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Routing Table

Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use. Cost: The number of hops counted as the cost of the route.

RIP Routing Table

Destination: The IP address of the destination network. Netmask: The destination netmask address. Gateway: The IP address of the gateway that this route will use. Cost: The number of hops counted as the cost of the route.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

DHCP Table

Leased: The DHCP assigned IP addresses information. IP Address: A list of IP addresses of devices on your LAN (Local Area Network). Expired: The expired IP addresses information. Permanent: The fixed host mapping information

Leased Table

IP Address: The IP address that assigned to client. MAC Address: The MAC address of client. Client Host Name: The Host Name (Computer Name) of client. Expiry: The current lease time of client.

Expired Table

Please refer the Leased Table.

Permanent Table

Name: The name you assigned to the Permanent configuration. IP Address: The fixed IP address for the specify client. MAC Address: The MAC Address that you want to assign the fixed IP address Maximum Lease Time: The maximum lease time interval you allow to clients

PPTP Status (Only the 7404VGO has VPN features)

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

This shows details of your configured PPTP VPN Connections.

Name: The name you assigned to the particular PPTP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled. Active: Whether the connection is currently active. Tunnel Connected: Whether the VPN Tunnel is currently connected. Call Connected: If the Call for this VPN entry is currently connected. Encryption: The encryption type used for this VPN connection.

IPSec Status (Only the 7404VGO has VPN features)

This shows details of your configured IPSec VPN Connections.

Name: The name you assigned to the particular VPN entry. Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected. Statistics: Statistics for this VPN Connection. Local Subnet: The local IP Address or Subnet used. Remote Subnet: The Subnet of the remote site. Remote Gateway: The Remote Gateway IP address. SA: The Security Association for this VPN entry.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

L2TP Status (Only the 7404VGO has VPN features)

This shows details of your configured L2TP VPN Connections.

Name: The name you assigned to the particular L2TP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled. Active: Whether the connection is currently active. Tunnel Connected: Whether the VPN Tunnel is currently connected. Call Connected: If the Call for this VPN entry is currently connected.

Encryption: The encryption type used for this VPN connection.

Email Status

Details and status for the Email Account you have configured the router to check. Please see the

Advanced section of this manual for details on this function.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

VoIP Status

Here you can check details and status of VoIP Account you have configured. Please see the VoIP Configuration section for more details.

Event Log

This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled

Intrusion or Blocking Logging in the Configuration – Firewall section of the interface. Please see the

Firewall section of this manual for more details on how to enable Firewall logging.

Error Log

Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window.

NAT Sessions

This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN).

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Diagnostic

It tests the connection to computer(s) which is connected to LAN ports and also the WAN Internet connection. If

PING

www.google.com is shown FAIL and the rest is PASS, you ought to check your PC’s DNS settings is set

correctly.

UPnP Portmap

The section lists all port-mapping established using UPnP (Universal Plug and Play). Please see the

Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Chapter 4: Configuration

Quick Start

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

For detailed instructions on configuring your WAN settings, please see the WAN section of this manual.

Usually, the only details you will need for the Quick Start wizard to get you online are your login (often in

the form of username@ispname), your password and the encapsulation type. In additional, you have the option to provide specific DNS as your desire, or check the Enable box to get the DNS automatically

from your ISP.

Your ISP will be able to supply all the details you need, alternatively, if you have deleted the current

WAN Connection in the WAN – ISP section of the interface, you can use the router’s PVC Scan feature

to attempt to determine the Encapsulation types offered by your ISP.

Click Start to begin scanning for encapsulation types offered by your ISP. If the scan is successful you

will then be presented with a list of supported options:

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Select the desired option from the list and click Apply to return to the Quick Start interface to continue

configuring your ISP connection. Please note that the contents of this list will vary, depending on what is supported by your ISP.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Configuration

When you click this item, you get following sub-items to configure the ADSL router.

LAN, WAN, System, Firewall, VPN

Server, Time Schedule and Advanced

These functions are described below in the following sections.

LAN (Local Area Network)

There are seven items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client

Filter, Wireless, Wireless Security, Wireless Client Filter, Port Setting and DHCP Server.

Bridge Interface

(Only the 7404VGO has VPN features), VoIP, QoS, Virtual

You can setup member ports for each VLAN group under Bridge Interface section. From the example, two VLAN groups need to be created.

Ethernet: P1 (Port 1)

Ethernet1: P2, P3 and P4 (Port 2, 3, 4) Please uncheck P2, P3, P4 from Ethernet VLAN port first.

Note: You should setup each VLAN group with caution. Each Bridge Interface is arranged in this order.

Bridge Interface VLAN Port (Always starts with)

Ethernet P1 / P2 / P3 / P4 Ethernet1 P2 / P3 / P4 Ethernet2 P3 / P4 Ethernet3 P4

Management Interface: To specify which VLAN group has possibility to do device

management, like doing web management.

Note: NAT/NAPT can be applied to management interface only.

Chapter 4: Configuration

Ethernet

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Primary IP Address IP Address: The default IP on this router. SubNetmask: The default subnet mask on this router. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

IP Alias

This function supports to create multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote node. In this case, an internal router is not required.

IP Address: Specify an IP address on this virtual interface.

SubNetmask: Specify a subnet mask on this virtual interface. Security Interface: Specify the firewall setting on this virtual interface.

Internal: The network is behind NAT. All traffic will do network address translation when sending

out to Internet if NAT is enabled.

External: There is no NAT on this IP interface and connected to the Internet directly. Mostly it will

be used when providing multiple public IP addresses by ISP. In this case, you can use public IP address in local network which gateway IP address point to the IP address on this interface.

DMZ: Specify this network to DMZ area. There is no NAT on this interface.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Ethernet Client Filter

The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine(s) to access your LAN.

There are no pre-define Ethernet MAC address filter rules; you can add the filter rules to meet your requirements.

Ethernet Client Filter: Default setting is set to Disable.

 Allowed: check to authorize specific device accessing your LAN by insert the MAC Address

in the space provided or click

. Make sure your PC’s MAC is listed.

 Blocked: check to prevent unwanted device accessing your LAN by insert the MAC Address

in the space provided or click

. Make sure your PC’s MAC is not listed.

The maximum client is 16. The MAC addresses are 6 bytes long; they are presented only in

hexadecimal characters. The number 0 - 9 and letters a - f are acceptable.

(Note: Follow the MAC Address Format xx:xx:xx:xx:xx:xx. Semicolon ( : ) must be included)

Candidates: automatically detects devices connected to the router through the Ethernet. .

→ Active PC in LAN

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Active PC in LAN displays a list of individual Ethernet device’s IP Address & MAC Address which connecting to the router.

You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to

insert to the Ethernet Client Filter table. The maximum Ethernet client is 16.

Chapter 4: Configuration

Wireless (Wireless Router only)

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Parameters

WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.11g and

802.11b, device in your network, select Disable. Mode: The default setting is 802.11b+g (Mixed mode). If you do not know or have both 11g and

11b devices in your network, then keep the default in mixed mode. From the drop-down manual, you can select 802.11g if you have only 11g card. If you have only 11b card, then select 802.11b.

ESSID: The ESSID is the unique name of a wireless access point (AP) to be distinguished from another. For security propose, change the default wlan-ap to a unique ID name to the AP which is

already built-in to the router’s wireless interface. It is case sensitive and must not excess 32 characters. Make sure your wireless clients have exactly the ESSID as the device, in order to get

connected to your network. (Note: It is case sensitive and must not excess 32 characters.) ESSID Broadcast: It is function in which transmits its ESSID to the air so that when wireless client

searches for a network, router can then be discovered and recognized. Default setting is Enable.

 Disable: If you do not want broadcast your ESSID. Any client uses “any” wireless setting

cannot discover the Access Point (AP) of your router.

 Enable: Any client that using the “any” setting can discover the Access Point (AP) in

Regulation Domain: There are seven Regulation Domains for you to choose from, including North America (N.America), Europe, France, etc. The Channel ID will be different based on this setting.

Channel ID: Select the ID channel that you would like to use.

Scan Channel Usage:

Connected: Representing in true or false. That it is the connection status between the system and

the build-in wireless card.

AP MAC Address: It is a unique hardware address of the Access Point.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

AP Firmware Version: The Access Point firmware version.

Wireless Distribution System (WDS)

It is a wireless access point mode that enables wireless link and communication with other access point. It is easy to be installed simply define peer’s MAC address of the connected AP. WDS takes advantages of cost saving and flexibility which no extra wireless client device is required to bridge between two access points and extending an existing wired or wireless infrastructure network to create a larger network.

In addition, WDS enhances its link connection security in WEP mode, WEP key encryption must be the same for both access points.

WDS Service: The default setting is Disable. Check Enable radio button to activate this function. Peer WDS MAC Address: It is the associated AP’s MAC Address. It is important that your peer’s

AP must include your MAC address in order to acknowledge and communicate with each other.

(Note: For MAC Address, Semicolon ( : ) must be included)

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Wireless Security (Wireless Router only)

You can disable or enable with WPA or WEP for protecting wireless network.

The default mode of wireless security is disabled.

WPA1 / WPA2 Pre-Shared Key

WPA Algorithms: TKIP (Temporal Key Integrity Protocol) utilizes a stronger encryption method

and incorporates Message Integrity Code (MIC) to provide protection against hackers.

WPA Shared Key: The key for network authentication. The input format is in character style and

key size should be in the range between 8 and 63 characters.

Group Key Renewal: The period of renewal time for changing the security key automatically between wireless client and Access Point (AP). Default value is 600 seconds.

Idle Timeout: The default idle timeout is 3600 seconds. A Timeout value base on the case of no

data traffic is send or received. If Router detects no traffic in the wireless, it will start timing the clock and drop the session as it reaches to the defined timeout value. New session will be re-established after the old session.

Chapter 4: Configuration

WEP

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

WEP Encryption: To prevent unauthorized wireless stations from accessing data transmitted over

the network, the router offers highly secure data encryption, known as WEP. If you require high

security for transmissions, there are two alternatives to select from: WEP 64 and WEP 128. WEP

128 will offer increased security over WEP 64.

Passphrase: This is used to generate WEP keys automatically based upon the input string and a

pre-defined algorithm in WEP64 or WEP128. You can input the same string in both the AP and

Client card settings to generate the same WEP keys. Please note that you do not have to enter Key

(0-3) as below when the Passphrase is enabled. Default Used WEP Key: Select the encryption key ID; please refer to Key (0-3) below. Key (0-3): Enter the key to encrypt wireless data. To allow encrypted data transmission, the WEP

Encryption Key values on all wireless stations must be the same as the router. There are four keys for your selection. The input format is in HEX style, 5 and 13 HEX codes are required for WEP64 and WEP128 respectively, the separator is “-“. For example, using WEP64, 11-22-33-44-55 is a valid key, whilst 1122334455 is invalid.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Wireless Client (MAC Address) Filter (Wireless Router only)

The MAC Address supports up to 16 wireless network machines and helps you to manage your network control to accept traffic from specific authorized machines or to restrict unwanted machine(s) to access your LAN.

There are no pre-define MAC Address filter rules; you can add the filter rules to meet your requirements.

Ethernet Client Filter: Default setting is set to Disable.

 Allowed: check to authorize specific device accessing your LAN by insert the MAC Address

in the space provided or click . Make sure your PC’s MAC is listed.

 Blocked: check to prevent unwanted device accessing the LAN by insert the MAC Address

in the space provided or click . Make sure your PC’s MAC is not listed.

The maximum client is 16. The MAC addresses are 6 bytes long; they are presented only in

hexadecimal characters. The number 0 - 9 and letters a - f are acceptable.

The maximum client is 16. The MAC addresses are 6 bytes long; they are presented only in

hexadecimal characters. The number 0 - 9 and letters a - f are acceptable.

(Note: Follow the MAC Address Format xx:xx:xx:xx:xx:xx. Semicolon ( : ) must be included)

Candidates: it automatically detects devices connected to the router through the Ethernet. .

→Associated Wireless Clients

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Associate Wireless Client displays a list of individual wireless device’s MAC Address that currently connects to the router.

You can easily by checking the box next to the MAC address to be blocked or allowed. Then, Add

to insert to the Wireless Client (MAC Address) Filter table. The maximum Ethernet client is 16.

Port Setting

This section allows you to configure the settings for the router’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network.

Port # Connection Type: Five options to choose from: Auto, 10M half-duplex, 10M full-duplex,

100M half-duplex or 100M full-duplex. Sometimes, there are Ethernet compatibility problems with legacy Ethernet devices, and you can configure different types to solve compatibility issues. The

default is Auto, which users should keep unless there are specific problems with PCs not being

able to access your LAN.

IPv4 TOS priority Control (Advanced users): TOS, Type of Services, is the 2

octet of an IP

packet. Bits 6-7 of this octet are reserved and bit 0-5 are used to specify the priority of the packet.

This feature uses bits 0-5 to classify the packet’s priority. If the packet is high priority, it will flow first and will not be constrained by the Rate Limit. Therefore, when this feature is enabled, the router’s Ethernet switch will check the 2

octet of each IP packet. If the value in the TOS field matches the

checked values in the table (0 to 63), this packet will be treated as high priority.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

DHCP Server

You can disable or enable the DHCP (Dynamic Host Configuration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically.

To disable the router’s DHCP Server, check Disabled and click Next, then click Apply. When the

DHCP Server is disabled you will need to manually assign a fixed IP address to each PCs on your network, and set the default gateway for each PCs to the IP address of the router (by default this is

192.168.1.254).

To configure the router’s DHCP Server, check DHCP Server and click Next. You can then

configure parameters of the DHCP Server including the IP pool (starting IP address and ending IP address to be allocated to PCs on your network), lease time for each assigned IP address (the period of time the IP address assigned will be valid), DNS IP address and the gateway IP address. These details are sent to the DHCP client (i.e. your PC) when it requests an IP address from the

DHCP server. Click Apply to enable this function. If you check “Use Router as a DNS Server”, the

ADSL Router will perform the domain name lookup, find the IP address from the outside network automatically and forward it back to the requesting PC in the LAN (your Local Area Network).

If you check DHCP Relay Agent and click Next, then you will have to enter the IP address of the

DHCP server which will assign an IP address back to the DHCP client in the LAN. Use this function only if advised to do so by your network administrator or ISP.

Click Apply to enable this function.

Chapter 4: Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

WAN (Wide Area Network)

WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the

Internet. There are two items within the WAN section: ISP, DNS and ADSL.

ISP

The factory default is PPPoE. If your ISP uses this access protocol, click Edit to input other

parameters as below. If your ISP does not use PPPoE, you can change the default WAN

connection entry by clicking Change.

Some of ISP may provide more service via different WAN connection. In case, you can create more

connections by clicking Create. The device can support maximum up to 8 WAN connections.

Note: The application of multiple WAN connections is depend on your Service Provider.

A simpler alternative is to select Quick Start from the main menu on the left. Please see the Quick

Start section of the manual for more information.

Chapter 4:Configuration

RFC 1483 Routed Connections

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Description: Your description of this connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet

through a single IP account, sharing the single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

Encapsulation method: Selects the encapsulation format, the default is LLC Bridged. Select the

one provided by your ISP.

DHCP client: Enable or disable the DHCP client, specify if the Router can get an IP address from the Internet Service Provider (ISP) automatically or not. Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to

disable the DHCP client function, and specify the IP address manually. Your ISP specifies the setting of this item.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific

headers) that IP will attempt to send through the interface.

TCP MSS Clamp: It is enabled by default. All TCP traffic routed through the interface will be

examined. If a TCP SYN (synchronize/start) segment is sent with a maximum segment size larger than the interface MTU (Maximum Transmission Unit), the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation.

Chapter 4:Configuration

RFC 1483 Bridged Connections

VPI and VCI: Enter the information provided by your ISP.

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

ATM Class: The Quality of Service for ATM layer. Encapsulation method: Select the encapsulation format, this is provided by your ISP. Acceptable Frame Type: Specify what kind of traffic can through this connection, all traffic or only

VLAN tagged.

Filter Type: Specify the type of ethernet filtering performed by the named bridge interface.

All Ip Pppoe

Allows all types of ethernet packets through the port. Allows only IP/ARP types of ethernet packets through the port. Allows only PPPoE types of ethernet packets through the port.

PVID for Untagged Frames: PVID is known as Port VLAN Identifier. When an untagged packet is

received by input port(s), this packet will be tagged with specified PVID. The valid value range for

PVID is 1~4094.

Chapter 4:Configuration

PPPoA Routed Connections

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet

through a single IP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive). This will usually be in the format of “username@ispname” instead of simply “username”.

Password: Enter the password provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive).

IP Address: Specify an IP address allowed to logon and access the router’s web server.. Note: IP

0.0.0.0 indicates all users who are connected to this router are allowed to logon the device and

modify data.

Authentication Protocol Type: Default is Chap (Auto). Your ISP will advise you whether to use Chap or Pap.

Chapter 4:Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Connection:

 Always on: If you want the router to establish a PPPoA session when starting up and to

automatically re-establish the PPPoA session when disconnected by the ISP.

 Connect to Demand: If you want to establish a PPPoA session only when there is a packet

requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet).

Idle Timeout: Auto-disconnect the broadband firewall gateway when there is no activity on the

line for a predetermined period of time.

 Detail: You can define the destination port and packet type (TCP/UDP) without checking by

timer. It allows you to set which outgoing traffic will not trigger and reset the idle timer.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific

headers) that IP will attempt to send through the interface.

TCP MSS Clamp: It is enabled by default. All TCP traffic routed through the interface will be

Advanced Options (PPPoA) LLC Header: Selects encapsulation mode, true for using LLC or false for using VC-Mux. Create Route: This setting specifies whether a route is added to the system after IPCP (Internet

Protocol Control Protocol) negotiation is completed. If set to enabled, a route will be created which directs packets to the remote end of the PPP link.

Specific Route: Specifies whether the route created when a PPP link comes up is a specific or default route. If set to enabled, the route created will only apply to packets for the subnet at the

remote end of the PPP link. The address of this subnet is obtained during IPCP negotiation.

Subnet Mask: sets the subnet mask used for the local IP interface connected to the PPP transport. If the value 0.0.0.0 is supplied, the netmask will be calculated from the class of the IP address

obtained during IPCP negotiation.

Route Mask: Sets the subnet mask used by the route that is created when a PPP link comes up. If it is set to 0.0.0.0, the subnet mask is determined by the IP address of the remote end of the link.

The class of the IP address is obtained during IPCP (Internet Protocol Control Protocol) negotiation.

MRU: Maximum Receive Unit. This is negotiated during the LCP protocol stage. Discover Primary / Secondary DNS: This setting enables/disables whether the primary/secondary

DNS server address is requested from a remote PPP peer using IPCP. The default setting for this

command is enabled. Give DNSto Relay: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can

request the DNS server IP address for a remote PPP peer. Once IPCP has discovered the DNS server IP address, it automatically gives the address to the local DNS relay so that a connection can be established.

Give DNSto Client: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can

request a DNS server IP address for a remote PPP peer. Once IPCP has discovered the DNS

Chapter 4:Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

server IP address, it automatically gives the address to the local DNS client so that a connection can be established.

Give DNSto DHCP Server: Similar to the above, but gives the DNS server address to the DHCP

server.

Discover Primary NBNS / Discover Secondary NBNS: This setting enables/disables whether the

primary/secondary NBNS server address is requested from a remote PPP peer using IPCP. The default setting for this command is disabled.

Discover Subnet Mask: Specifies if the subnet mask given by IPCP negotiation process is to be used.

Give Subnet Mask To DHCP Server: Enable to change your DHCP Server settings by using the

given information in IPCP negotiation process.

Chapter 4:Configuration

IPoA Routed Connections

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

through a single IP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

DHCP client: Enable or disable the DHCP client, specifying if the router can obtain an IP address from the Internet Service Provider (ISP) automatically or not. Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address

to disable the DHCP client function, and specify the IP address manually. Your ISP specifies the setting of this item.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific

headers) that IP will attempt to send through the interface.

TCP MSS Clamp: It is enabled by default. All TCP traffic routed through the interface will be

Chapter 4:Configuration

PPPoE Connections

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Description: A user-definable name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet

through a single ISP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive). This will usually be in the format of “username@ispname” instead of simply “username”.

Password: Enter the password provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive).

Service Name: This item is for identification purposes. If it is required, your ISP will provide you the information. Maximum input is 20 alphanumeric characters.

IP Address: specify if the Router can get an IP address from the Internet Server Provider (ISP)

automatically or not. Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to disable the DHCP client function, and specify

Chapter 4:Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

the IP address manually. The setting of this item is specified by your ISP.

Authentication Protocol: Default is Chap(Auto). Your ISP will advise you whether to use Chap or Pap.

Connection:

 Always on: If you want the router to establish a PPPoE session when starting up and to

automatically re-establish the PPPoE session when disconnected by the ISP.

 Connect to Demand: If you want to establish a PPPoE session only when there is a packet

requesting access to the Internet (i.e. when a program on your computer attempts to access the

Internet).

Idle Timeout: Auto-disconnect the broadband firewall gateway when there is no activity on the line

for a predetermined period of time.

 Detail: You can define the destination port and packet type (TCP/UDP) without checking by

timer. It allows you to set which outgoing traffic will not trigger and reset the idle timer.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific

headers) that IP will attempt to send through the interface.

TCP MSS Clamp: It is enabled by default. All TCP traffic routed through the interface will be

MAC Address Spoofing: Some ISP (Internet Access Provider) validates the ADSL connection by

checking the MAC address of given router or your PC Ethernet adapter. If you replace a new router or PC or PC Ethernet adapter, your ISP may drop the ADSL connection because of false MAC address. You can spoof the MAC address in order to get the ADSL connection.

Advanced Options (PPPoE) LLC Header: Selects encapsulation mode, true for using LLC or false for using VC-Mux. Create Route: This setting specifies whether a route is added to the system after IPCP (Internet

Protocol Control Protocol) negotiation is completed. If set to enabled, a route will be created which directs packets to the remote end of the PPP link.

Specific Route: Specifies whether the route created when a PPP link comes up is a specific or default route. If set to enabled, the route created will only apply to packets for the subnet at the

remote end of the PPP link. The address of this subnet is obtained during IPCP negotiation.

Subnet Mask: sets the subnet mask used for the local IP interface connected to the PPP transport. If the value 0.0.0.0 is supplied, the netmask will be calculated from the class of the IP address

obtained during IPCP negotiation.

Route Mask: Sets the subnet mask used by the route that is created when a PPP link comes up. If it is set to 0.0.0.0, the subnet mask is determined by the IP address of the remote end of the link.

The class of the IP address is obtained during IPCP (Internet Protocol Control Protocol) negotiation.

MRU: Maximum Receive Unit. This is negotiated during the LCP protocol stage.

Chapter 4:Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

Discover Primary / Secondary DNS: This setting enables/disables whether the primary/secondary

DNS server address is requested from a remote PPP peer using IPCP. The default setting for this

command is enabled. Give DNS to Relay: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can

Give DNS to Client: Controls whether the PPP Internet Protocol Control Protocol (IPCP) can

request a DNS server IP address for a remote PPP peer. Once IPCP has discovered the DNS server IP address, it automatically gives the address to the local DNS client so that a connection can be established.

Give DNS to DHCP Server: Similar to the above, but gives the DNS server address to the DHCP

server.

Discover Primary NBNS / Discover Secondary NBNS: This setting enables/disables whether the

primary/secondary NBNS server address is requested from a remote PPP peer using IPCP. The default setting for this command is disabled.

Discover Subnet Mask: Specifies if the subnet mask given by IPCP negotiation process is to be used.

Give Subnet Mask To DHCP Server: Enable to change your DHCP Server settings by using the

given information in IPCP negotiation process.

Chapter 4:Configuration

VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

PPPoE with Pass-through Connections

PPPoE with pass-through adapts the following method: PPPoE Routed mode + 1483 Bridge Mode. With pure PPPoE connection, the router can get one WAN address to the router. With the PPPoE with pass-through, it allows user to have the WAN address assigned to the router but also able to get another WAN IP from ISP using PPPoE dialer (e.g WinPoETor Windows XP PPPoE Dialer) at the same time.

through a single ISP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive). This will usually be in the format of “username@ispname” instead of simply “username”.

Password: Enter the password provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive).

Service Name: This item is for identification purposes. If it is required, your ISP will provide you the information. Maximum input is 20 alphanumeric characters.

Chapter 4:Configuration