User Manual
Unified Services Router
D-Link Corporation
Copyright © 2014
http://www.dlink.com
Unified Services Router User Manual
1
User Manual
DSR-150 / 150N /250 / 250N / DSR-500 / 500N / 1000 / 1000N
D-Link Services Router
Version 1.09b
Co py ri gh t © 2 01 4
Copy righ t No tice
Th is pu bl ic a ti on , i nc lu di ng al l p ho t og ra ph s, il lu st ra ti on s a n d s of tw ar e, is p ro te ct ed un de r
in te rn at io na l co p yr ig ht la ws , wi th al l ri gh ts r e se rv ed . N ei th er t hi s m an ua l, no r an y o f t he
ma te ri al co nt ai ne d he re in , ma y b e re pr od uc ed wit h ou t wr it te n co n se nt o f th e au th or .
Dis claim er
Th e i nf or ma t io n i n t hi s d oc u me nt is su bj ec t t o c ha n ge wi th ou t n ot ic e. T he ma nu fa ct ur er ma ke s
no re pr e se nt at io ns or w ar ra nt ie s w it h res pe ct to t he c o nte n ts h e re of a n d s pe ci fi ca ll y d is c la im
an y im pl ie d wa rr a nt ie s of mer ch an ta bi l it y or fit ne ss for any par ti c ul ar pur po se . T he
ma nu fa ct ur er r e ser v es t he r ig ht to r ev is e th is p ub li ca ti on a nd t o mak e ch a ng es fr om t im e t o
ti me i n t he c on te nt h er eo f wi th o ut ob li ga t io n o f th e ma n uf ac tu re r t o no t if y a n y p er so n of s uc h
re vi si o n o r c ha ng es .
Limi tati ons of L iabil ity
UN DE R NO C IR CU MS T AN CE S S H AL L D - LI NK O R I T S S UP PL IE RS B E L I AB LE FO R
DA MA GE S O F A NY C H AR AC TE R ( E. G. D AM AG E S FO R L OS S O F PRO FI T , S OF TW AR E
RE ST O RAT I ON , WO RK ST OP PA GE , L OS S OF SA VE D DA TA OR A NY OT HE R
CO MM ER CI A L D A MA GE S OR L OS SE S) R ES UL T IN G F RO M T HE AP P LI CA TI ON O R
IM PR OP E R US E O F T HE D - LI NK P RO DU C T O R FA IL UR E O F T HE P RO DU CT , E VE N IF
D- LI NK I S I NF OR ME D OF T HE PO SS IB IL IT Y OF SU CH DA MA GE S . F UR TH ER M OR E, D -
LI NK W IL L N OT B E LIA BL E FOR T HI RD - PA RT Y CLA IM S AG AI NS T CUS TO ME R FOR
LO SS ES O R D AM AG ES . D -L IN K WI L L I N N O E V EN T BE L IA BL E FO R A NY D AM AG ES
IN EX C ES S O F T H E A MO UN T D -LI N K R EC EI V ED FR OM T HE EN D -U SE R FO R TH E
PR OD UC T .
Unified Services Router User Manual
2
Table of Contents
Chapter 1. Introduction ........................................................................................................................... 11
1.1 About this User Manual .......................................................................................... 12
1.2 Typographical Conventions ................................................................................... 12
Chapter 2. Configuring Your Network: LAN Setup ............................................................................. 13
2.1 LAN Configuration................................................................................................... 13
2.1.1 LAN D HCP Reserved IPs ...................................................................................... 16
2.1.2 LAN D HCP Leased Clients.................................................................................... 18
2.1.3 LAN C onfiguration in an IPv6 Network ................................................................ 18
2.1.4 Conf iguring IPv6 Router Advertisements ............................................................ 21
2.2 VLAN Configuration ................................................................................................ 24
2.2.1 Ass ociating VLANs to ports ................................................................................... 25
2.2.2 Multip le VLAN Subnets .......................................................................................... 27
2.2.3 VL AN configuration ................................................................................................. 28
2.3 Configurable Port: DMZ Setup .............................................................................. 29
2.4 Universal Plug and Play (UPnP) ........................................................................... 30
2.5 Captive Portal .......................................................................................................... 32
2.5.1 Capt ive Portal Setup ............................................................................................... 32
2.5.2 Capt ive Portals on a VLAN .................................................................................... 35
Chapter 3. Connecting to the Internet: WAN Setup ........................................................................... 36
3.1 Internet Setup Wizard ............................................................................................. 36
3.2 WAN Configuration ................................................................................................. 37
3.2.1 W AN Port IP address ............................................................................................. 37
3.2.2 W AN DNS Servers ................................................................................................ . 38
3.2.3 DHCP W AN ............................................................................................................. 38
3.2.4 PPPo E ...................................................................................................................... 38
3.2.5 Rus sia L2TP and PPTP WAN ............................................................................... 41
3.2.6 Rus sia Dual Access PPPoE .................................................................................. 42
3.2.7 W AN Configuration in an IPv6 Network ............................................................... 43
3.2.8 Check ing WAN Status ............................................................................................ 45
3.3 Bandwidth Controls................................................................................................. 46
3.3.1 Band width Controls in Bridge Mode ..................................................................... 49
3.4 Features with Multiple WAN Links ........................................................................ 50
3.4.1 Auto Fai lover ............................................................................................................ 51
3.4.2 Load Ba lancing ........................................................................................................ 51
3.4.3 Protoco l Bindings .................................................................................................... 53
3.4.4 IP Al iasing ................................................................................................................ 54
3.5 Routing Configuration ............................................................................................. 56
3.5.1 Rout ing Mode .......................................................................................................... 56
3.5.2 D ynamic Routing (RIP) .......................................................................................... 58
3.5.3 Static Rou ting .......................................................................................................... 59
3.5.4 O SPFv2 .................................................................................................................... 60
3.5.5 O SPFv3 .................................................................................................................... 62
3.5.6 6to4 T unneling ......................................................................................................... 64
3.5.7 ISAT AP Tunnels ...................................................................................................... 65
3.6 Configurable Port - WAN Option .......................................................................... 65
3.7 WAN 3 (3G) Configuration ..................................................................................... 66
Unified Services Router User Manual
3
3.8 WAN Port Settings .................................................................................................. 68
Chapter 4. Wireless Access Point Setup ............................................................................................. 70
4.1 Wireless Settings Wizard ....................................................................................... 70
4.1.1 W ireless Network Setup Wizard ........................................................................... 71
4.1.2 Add W ireless Device with WPS ............................................................................ 71
4.1.3 Manu al Wireless Network Setup........................................................................... 72
4.2 Wireless Profiles ..................................................................................................... 72
4.2.1 W EP Security .......................................................................................................... 73
4.2.2 W PA or WPA2 with PSK ........................................................................................ 74
4.3 Creating and Using Access Points ....................................................................... 74
4.3.1 Prim ary benefits of Virtual APs: ............................................................................ 76
4.4 Tuning Radio Specific Settings ............................................................................. 77
4.5 WMM ......................................................................................................................... 77
4.6 Wireless distribution system (WDS) ..................................................................... 78
4.7 Advanced Wireless Settings.................................................................................. 80
4.8 Wi-Fi Protected Setup (WPS) ............................................................................... 81
Chapter 5. Securing the Private Network ............................................................................................ 83
5.1 Firewall Rules .......................................................................................................... 83
5.2 Defining Rule Schedules........................................................................................ 84
5.3 Configuring Firewall Rules ..................................................................................... 85
5.4 Configuring IPv6 Firewall Rules ............................................................................ 90
5.4.1 Fire wall Rule Configuration Examples ................................................................. 91
5.5 Security on Custom Services ................................................................................ 95
5.6 ALG support ............................................................................................................. 98
5.7 VPN Passthrough for Firewall ............................................................................... 99
5.8 Bridge Mode Firewall ............................................................................................ 100
5.9 Application Rules .................................................................................................. 102
5.10 Web Content Filtering ........................................................................................... 103
5.10.1 Content Filtering ................................................................................................ .... 103
5.10.2 Approved URLs ..................................................................................................... 104
5.10.3 Blocked Keywords ................................................................................................ 105
5.10.4 Export Web Filter .................................................................................................. 106
5.11 IP/MAC Binding ..................................................................................................... 107
5.12 Intrusion Prevention (IPS).................................................................................... 108
5.13 Protecting from Internet Attacks ......................................................................... 109
5.14 IGMP Proxy to manage multicast traffic ............................................................ 111
Chapter 6. IPsec / PPTP / L2TP VPN ................................................................................................ 113
6.1 VPN Wizard ........................................................................................................... 115
6.2 Configuring IPsec Policies ................................................................................... 117
6.2.1 Extend ed Authentication (XAUTH) ..................................................................... 121
6.2.2 Interne t over IPsec tunnel .................................................................................... 122
6.3 Configuring VPN clients ....................................................................................... 122
6.4 PPTP / L2TP Tunnels ........................................................................................... 122
6.4.1 PPT P Tunnel Support .......................................................................................... 122
Unified Services Router User Manual
4
6.4.2 L2T P Tunnel Support ........................................................................................... 124
6.5 GRE Tunnel Support ............................................................................................ 127
6.6 OpenVPN Support ................................................................................................ 128
6.6.1 O penVPN Remote Network ................................................................................ 130
6.6.2 O penVPN Authentication ..................................................................................... 131
Chapter 7. SSL VPN ............................................................................................................................. 133
7.1 Groups and Users ................................................................................................. 135
7.1.1 Us ers and Passwords .......................................................................................... 141
7.1.2 Adding many users to the Local User Database .............................................. 142
7.2 Using SSL VPN Policies ...................................................................................... 143
7.2.1 Us ing Network Resources ................................................................................... 146
7.3 Application Port Forwarding ................................................................................ 147
7.4 SSL VPN Client Configuration ............................................................................ 149
7.5 User Portal ............................................................................................................. 152
7.5.1 Cr eating Portal Layouts ....................................................................................... 152
Chapter 8. Advanced Configuration Tools ......................................................................................... 155
8.1 USB Device Setup ................................................................................................ 155
8.2 USB share port ...................................................................................................... 156
8.3 SMS service ........................................................................................................... 158
8.4 External Authentication ........................................................................................ 159
8.4.1 POP3 Server .......................................................................................................... 159
8.4.2 NT Domain Server ................................................................................................ 161
8.4.3 RADIU S Server ..................................................................................................... 162
8.4.4 Acti ve Directory Server ........................................................................................ 165
8.4.5 LDA P Server .......................................................................................................... 166
8.5 Authentication Certificates ................................................................................... 167
8.6 Advanced Switch Configuration .......................................................................... 169
8.7 Package Manager ................................................................................................. 169
Chapter 9. Administration & Management ......................................................................................... 173
9.1 Configuration Access Control .............................................................................. 173
9.1.1 Adm in Settings ...................................................................................................... 173
9.1.2 Rem ote Management ........................................................................................... 174
9.1.3 CLI Acces s ............................................................................................................. 175
9.2 SNMP Configuration ............................................................................................. 175
9.3 Configuring Time Zone and NTP ........................................................................ 177
9.4 Log Configuration .................................................................................................. 178
9.4.1 Def ining What to Log ............................................................................................ 178
9.4.2 Sendin g Logs to E-mail or Syslog ...................................................................... 183
9.4.3 Event Log Viewer in GUI...................................................................................... 185
9.5 Backing up and Restoring Configuration Settings ........................................... 186
9.6 Generating DBGLOGs ......................................................................................... 188
9.7 Upgrading Router Firmware ................................................................................ 188
9.8 Upgrading Router Firmware via USB................................................................. 189
9.9 Dynamic DNS Setup ............................................................................................. 190
9.10 Using Diagnostic Tools ........................................................................................ 191
Unified Services Router User Manual
5
9.10.1 Ping ......................................................................................................................... 192
9.10.2 Trace Route ........................................................................................................... 192
9.10.3 DNS Lookup .......................................................................................................... 193
9.10.4 Router Options ...................................................................................................... 193
9.11 Localization ............................................................................................................ 194
Chapter 10. Router Status and Statistic s ............................................................................................. 195
10.1 System Overview .................................................................................................. 195
10.1.1 Device Status ........................................................................................................ 195
10.1.2 Resource Utilization .............................................................................................. 197
10.2 Traffic Statistics ..................................................................................................... 200
10.2.1 Wired Port Statistics ............................................................................................. 200
10.2.2 Wireless Statistics ................................................................................................. 201
10.3 Active Connections ............................................................................................... 202
10.3.1 Sessions through the Router ............................................................................... 202
10.3.2 Wireless Clients..................................................................................................... 204
10.3.3 LAN Clients ............................................................................................................ 204
10.3.4 Active VPN Tunnels .............................................................................................. 205
Chapter 11. Trouble Shooting ................................................................................................................ 207
11.1 Internet connection ............................................................................................... 207
11.2 Date and time ........................................................................................................ 209
11.3 Pinging to Test LAN Connectivity ....................................................................... 209
11.3.1 Testing the LAN path from your PC to your router .......................................... 209
11.3.2 Testing the LAN path from your PC to a remote device ................................ . 210
11.4 Restoring factory-default configuration settings ............................................... 211
Chapter 12. Credits ................................................................................................................................ . 213
Appendix A. Glossary .............................................................................................................................. 214
Appendix B. Factory Default Settin gs ................................................................................................... 217
Appendix C. Standard Services Available for Port Forwarding & Firewall Configuration .............. 218
Appendix D. Log Output Reference ....................................................................................................... 219
Appendix E. RJ -45 Pin-outs .................................................................................................................... 273
Appendix F. Product Statement ............................................................................................................. 274
Unified Services Router User Manual
6
List of Figures
Figure 1: Setup page for LAN TCP/IP settings ...................................................................................... 16
Figure 2: LAN DHCP Reserved IPs ......................................................................................................... 17
Figure 3: LAN DHCP Leased Clients ...................................................................................................... 18
Figure 4: IPv6 LAN and DHCPv6 configuration ..................................................................................... 20
Figure 5: Configuring the Router Advertisement Daem on ................................................................... 23
Figure 6: IPv6 Advertisement Prefix settings ......................................................................................... 24
Figure 7: Adding VLAN memberships to the LAN ................................................................................. 25
Figure 8: Port VLAN list ............................................................................................................................. 26
Figure 9: Configuring VLAN membership for a port .............................................................................. 27
Figure 10: Multiple VLAN Subnets ........................................................................................................... 28
Figure 11: VLAN Configuration ................................................................................................ ................. 29
Figure 12: DMZ configuration ................................................................................................................... 30
Figure 13: UPnP Configuration ................................................................................................ ................. 31
Figure 14: Active Runtime sessions ........................................................................................................ 32
Figure 15: Captive Portal Profile List ....................................................................................................... 33
Figure 16: Customized Captive Portal Setup ......................................................................................... 34
Figure 17: Blocking specific clients by their MAC addre ss ................................................................... 35
Figure 18: VLAN based configuration of Captive Porta ls ..................................................................... 35
Figure 19: Internet Connection Setup Wizard ........................................................................................ 36
Figure 20: Manual WAN configuration................................ ................................................................ ..... 38
Figure 21: PPPoE configuration for standard ISPs ............................................................................... 39
Figure 22: WAN configuration for Japanese Multiple PPPoE (part 1) ................................................ 40
Figure 23: WAN configuration for Japanese Multiple PPPoE (part 2) ................................................ 41
Figure 24: Russia L2TP ISP configuration .............................................................................................. 42
Figure 25: Russia Dual access PPPoE configuratio n ........................................................................... 43
Figure 27: IPv6 WAN Setup page ............................................................................................................ 44
Figure 28: Connection Status information for both W AN ports ............................................................ 46
Figure 29: List of Configured Bandwidth Profiles ................................................................................... 47
Figure 30: Bandwidth Profile Configuration ............................................................................................ 48
Figure 31: Traffic Selector Configuration ................................................................................................ 49
Figure 32: Bridge Bandwidth Profile Configuration ................................................................................ 50
Figure 33: Bridge Traffic Selector Configuration .................................................................................... 50
Figure 34: Load Balancing is available when multiple W AN ports are configured and Protocol
Bindings have been defined ................................................................................................... 53
Unified Services Router User Manual
7
Figure 35: Protocol binding setup to associate a ser vice and/or LAN source to a WAN and/or
destination network .................................................................................................................. 54
Figure 36: Configuring the IP Alias .......................................................................................................... 55
Figure 37: IP Alias Configuration................................ ................................................................ .............. 55
Figure 38: Routing Mode to determine traff ic routing between WAN and LAN ................................. 57
Figure 39: Static route configuration fields ............................................................................................. 60
Figure 40: OSPFv2 configured parameters ............................................................................................ 61
Figure 41: OSPFv2 configuration ............................................................................................................. 62
Figure 42: OSPFv3 configured parameters ............................................................................................ 63
Figure 43: OSPFv3 configuration ............................................................................................................. 64
Figure 44: 6 to 4 tunneling ......................................................................................................................... 64
Figure 45: ISATAP Tunnels Configuration .............................................................................................. 65
Figure 46: WAN3 configuration for 3G internet ...................................................................................... 67
Figure 47: Physical WAN port settings .................................................................................................... 69
Figure 48: Wireless Network Setup W izards ................................ ................................ .......................... 71
Figure 49: List of Available Profiles shows the options ava ilable to secure the wireless link ......... 73
Figure 50: Profile configuration to set network sec urity ........................................................................ 74
Figure 51: Virtual AP configuration .......................................................................................................... 75
Figure 52: List of configured access points (Virtual A Ps) shows one enabled access point on the
radio, broadcasting its SSID ................................................................................................... 76
Figure 53: Radio card configuration options ........................................................................................... 77
Figure 54: Wi-Fi Multimedia ...................................................................................................................... 78
Figure 55: Wireless Distribution System ................................................................................................ . 79
Figure 56: Advanced Wireless communication setting s ....................................................................... 81
Figure 57: WPS configuration for an AP with W PA/WPA2 profile ....................................................... 82
Figure 58: List of Available Firewall Rules .............................................................................................. 84
Figure 59: List of Available Schedules to bind to a fire wall rule .......................................................... 85
Figure 60: Example where an outbound SNAT rule is used to map an external IP address
(209.156.200.225) to a private DMZ IP addres s (10.30.30.30) ........................................ 88
Figure 61: The firewall rule configuration page allows you to define the To/From zone, service,
action, schedules, and specify source/destination IP addresses as needed. ................. 89
Figure 62: The IPv6 firewall rule configuration page allo ws you to define the To/From zone,
service, action, schedules, and specify source/destinat ion IP addresses as needed. .. 90
Figure 63: List of Available IPv6 Firewall Rules ..................................................................................... 91
Figure 64: Schedule configuration for the above exam ple. .................................................................. 94
Figure 65: List of user defined services. ................................................................................................ . 97
Figure 66: Custom Services configuration .............................................................................................. 97
Unified Services Router User Manual
8
Figure 67: Available ALG support on the router..................................................................................... 99
Figure 68: Passthrough options for VPN tu nnels ................................................................................. 100
Figure 69: List of Available Application Rules showing 4 unique rules ............................................ 103
Figure 70: Content Filtering used to block access to proxy servers and prevent ActiveX controls
from being downloaded ......................................................................................................... 104
Figure 71: Two trusted domains added to the Appro ved URLs List ................................................. 105
Figure 72: One keyword added to the block list ................................................................................... 106
Figure 73: Export Approved URL list ..................................................................................................... 107
Figure 74: The following example binds a LAN host’s MAC Address to an IP address served by
DSR. If there is an IP/MAC Binding violation, the viola ting packet will be dropped and
logs will be captured .............................................................................................................. 108
Figure 75: Intrusion Prevention features on the router ....................................................................... 109
Figure 76: Protecting the router and LAN from internet attacks ........................................................ 110
Figure 77: Enabling IGMP Proxy for the LAN ....................................................................................... 112
Figure 78: Example of Gateway-to -Gate way IPsec VPN tunnel using two DSR routers connected
to the Internet .......................................................................................................................... 113
Figure 79: Example of three IPsec client connections t o the internal network through the DSR
IPsec gateway ........................................................................................................................ 114
Figure 80: VPN Wizard launch screen .................................................................................................. 115
Figure 81: IPsec policy configuration ..................................................................................................... 118
Figure 82: IPsec policy configuration continued (Auto polic y via IKE) .............................................. 119
Figure 83: IPsec policy configuration continued (Auto / Manual Phase 2)....................................... 121
Figure 84: PPTP tunnel configuration – P PTP Client .......................................................................... 123
Figure 85: PPTP VPN connection status .............................................................................................. 123
Figure 86: PPTP tunnel configuration – P PTP Server ........................................................................ 124
Figure 87: L2TP tunnel configuration – L2T P Server .......................................................................... 126
Figure 88: L2TP tunnel configuration – L2T P Client ........................................................................... 127
Figure 89: GRE Tunnel configuration .................................................................................................... 128
Figure 90: OpenVPN configuration ........................................................................................................ 130
Figure 91: OpenVPN Remote Network ................................................................................................. 131
Figure 92: OpenVPN Authentication ...................................................................................................... 132
Figure 93: Example of clientless SSL VPN c onnections to the DSR ................................................ 134
Figure 94: List of groups .......................................................................................................................... 135
Figure 95: User group configuration ...................................................................................................... 136
Figure 96: SSLVPN Settings ................................................................................................................... 137
Figure 97: Group login policies options ................................................................................................ . 138
Figure 98: Browser policies options ....................................................................................................... 139
Unified Services Router User Manual
9
Figure 99: IP policies options .................................................................................................................. 140
Figure 100: Available Users with login status and asso ciated Group ............................................... 141
Figure 101: User configuration options ................................................................................................ . 142
Figure 102: Import a CSV file with multiple users to the User Database ......................................... 142
Figure 103: List of SSL VPN polices (Global filter) .............................................................................. 144
Figure 104: SSL VPN policy configuration ............................................................................................ 145
Figure 105: List of configured resources, which are a vailable to assign to SSL VPN policies ..... 147
Figure 106: List of Available Applications for S SL Port Forwarding.................................................. 149
Figure 107: SSL VPN client adapter and access config uration ......................................................... 150
Figure 108: Configured client routes only apply in split tunn el mode ............................................... 151
Figure 109: List of configured SSL VPN portals. T he configured portal can then be associated
with an authentication domain .............................................................................................. 152
Figure 110: SSL VPN Portal configuration ........................................................................................... 154
Figure 111: USB Device Detection ........................................................................................................ 156
Figure 112: USB SharePort .................................................................................................................... 157
Figure 113: SMS Service – Send SMS ................................................................................................. 158
Figure 114: SMS Service – Receive SM S ............................................................................................ 159
Figure 115: POP3 Authentication Server configurat ion ...................................................................... 160
Figure 116: POP3 CA file upload ........................................................................................................... 161
Figure 117: NT Domain Authentication Server conf iguration ............................................................. 162
Figure 118: RADIUS Server configuration ............................................................................................ 164
Figure 119: Active Directory Authentication Server con figuration ..................................................... 165
Figure 120: LDAP Authentication Server configurat ion ...................................................................... 166
Figure 121: Certificate summary for IPsec and HT TPS management ............................................. 168
Figure 122: Advanced Switch Settings .................................................................................................. 169
Figure 123: Device Drivers ...................................................................................................................... 170
Figure 124: Installation of driver/language pack .................................................................................. 171
Figure 125: Selection of Installed Language ........................................................................................ 172
Figure 126: User Login policy configuration ......................................................................................... 173
Figure 127: Admin Settings ..................................................................................................................... 174
Figure 128: Remote Management from the WAN ............................................................................... 175
Figure 129: SNMP Users, Traps, and Access Control ........................................................................ 176
Figure 130: SNMP system information for this router ......................................................................... 177
Figure 131: Date, Time, and NTP server setup ................................................................................... 178
Figure 132: Facility settings for Logging ............................................................................................... 180
Figure 133: Log configuration options for traff ic through router ......................................................... 182
Unified Services Router User Manual
10
Figure 134: IPv6 Log configuration options for traf fic through router ................................................ 183
Figure 135: E-mail configuration as a Rem ote Logging option .......................................................... 184
Figure 136: Syslog server configuration for Rem ote Logging (continued) ................................ ....... 185
Figure 137: VPN logs displayed in GUI event vie wer ......................................................................... 186
Figure 138: Restoring configuration from a saved file will result in the current configuration being
overwritten and a reboot ....................................................................................................... 187
Figure 139: Firmware version information and upgra de option ......................................................... 189
Figure 140: Firmware upgrade and configuration res tore/backup via USB ..................................... 190
Figure 141: Dynamic DNS configuration ............................................................................................... 191
Figure 142: Router diagnostics tools available in the G UI ................................................................ . 192
Figure 143: Sample trace route output .................................................................................................. 193
Figure 144: Localization........................................................................................................................... 194
Figure 145: Device Status display .......................................................................................................... 196
Figure 146: Device Status display (continued) ..................................................................................... 197
Figure 147: Resource Utilization statistics ............................................................................................ 198
Figure 148: Resource Utilization data (continued) .............................................................................. 199
Figure 149: Resource Utilization data (conti nued) .............................................................................. 200
Figure 150: Physical port statistics ........................................................................................................ 201
Figure 151: AP specific statistics ............................................................................................................ 202
Figure 152: List of current Active Firewal l Sessions ............................................................................ 203
Figure 153: List of connected 802.11 clients per AP ........................................................................... 204
Figure 154: List of LAN hosts ................................................................................................................. 205
Figure 155: List of current Active VPN Sessions ................................................................................. 206
Unified Services Router User Manual
11
Ch ap te r 1 . In tr od uc ti on
D- Li nk Se r vi ce s R ou te r s o ff er a s ec ur e, hi gh pe r fo rm an ce ne t wor k in g s ol ut io n t o
ad dr es s t he g ro wi ng n ee ds of s ma ll a nd med i um b us in es s es. In te gr at ed hi gh -s pe ed I EE E
80 2. 1 1n an d 3 G wi re le s s te ch no lo gi e s of fe r c om pa ra bl e p er fo rm an ce t o t ra di ti on al
wi re d n e tw or ks , b ut wi t h f ew er li mi ta ti o ns . Op ti ma l n et wo r k s ec ur it y i s p r ov id ed vi a
fe at ur es s uc h a s v ir tu al p ri va te n e tw or k ( VP N) tu n ne ls , I P S ec ur it y ( I Ps ec ), Po in t -to -
Po in t T un ne li ng Pr o to co l (P PT P ), La ye r 2 T unn el i ng Pr o to co l ( L2 T P) , an d Se cu re
So ck et s L ay er ( SS L) . E mp ow er y ou r ro ad w ar r io rs wi th c li en t le ss r em ot e ac ce s s
an yw he re a nd an yt im e us in g S SL V PN t un ne ls .
Wi th t h e D- Li nk S er v ice s R ou te r y ou a re a bl e to ex pe ri en c e a di ve rs e se t o f be ne fi ts :
Co mp re he n si ve M an ag e me nt C ap ab il it ie s
Th e D S R- 50 0, DS R -5 00 N, DS R -1000 a nd D SR - 10 00 N i nc lu de d ua l- W AN
Gi ga bi t Et h er ne t wh ic h pr o vid e s p ol ic y -b a se d se rv ic e m an ag em en t en su r in g
ma xi mu m pr od u ct iv it y f o r y ou r bu si ne s s o pe ra ti o ns . T h e f ai lo ve r fe a tur e
ma in ta in s d at a t ra ff ic wi th o ut d is co n nec t in g w he n a l an dl i ne c o nn ec ti on is l o st .
Th e O ut bo un d Lo ad Ba la n ci ng fe at ur e ad j us ts o ut go i ng t ra ff ic ac ro ss t wo WA N
in te rf ac e s a nd o pt i mi ze s t he s ys te m p er fo rm an ce r es ul ti n g i n hi g h a v ai la bi li ty .
Th e s ol ut io n s up po rt s c on fi gu ri n g a p or t a s a d ed ic at e d DM Z po r t al lo wi n g yo u
to i so la te s e rv er s fr om you r L AN .
D SR -1 50 /1 5 0N /250 / 25 0N pr o du cst h av e a s i ngl e W A N i nt er fa ce , a nd th us i t d oe s
no t su pp or t A ut o Fa il ov er an d Lo ad B al an ci n g sc en ar io s.
Su pe ri or Wi re le ss P er fo r ma nc e
De si gn ed t o de li ve r su pe ri or w ir el es s pe rf or ma nc e , the D SR -5 00 N a nd D SR -
10 00 N in cl ud e 8 0 2. 11 a/ b/ g/ n s up po rt , al lo wi n g f or o pe ra ti on o n e it he r th e 2. 4
GH z or 5 GH z ra d io ba n ds . M ul t ip le In M ul ti pl e Ou t ( MI MO ) t e ch no lo gy
al lo ws t he DS R -5 00 N a nd D SR -1 00 0N to p ro vi de hi g h d at a r at es wi t h m in im al
“d ea d sp o ts” th ro ug ho ut t h e wi re le ss c ov er ag e a re a.
D SR -1 50 N, DSR - 25 0N a nd D SR - 50 0N s up po r t th e 2. 4 GH z ra di o ba nd o nl y.
Fl ex ib le De pl oy me nt O pt io ns
Th e DS R -1000 / 10 0 0N su pp or t s T hi rd G en er at io n (3 G ) N et wo rk s v ia a n
ex te nd ab l e USB 3G d on gl e. Thi s 3G net wo r k cap a bi li ty o ff er s an add it io n al
se cu re d at a co nn ec ti on f or n e tw or ks t ha t pr ov id e cr iti ca l se r vi ce s. T he D SR -
10 00 N ca n be co nf ig ur ed t o a uto m at ic al ly s wi tc h to a 3G n et wo r k w he ne v er a
ph ys ic al l i nk i s lo st .
Ro bu st VP N fe at ur es
A f ul ly fe at u re d v ir tu al pr iv a te n et wo r k ( VP N) pr ov id e s yo u r m ob il e wor ke rs
an d br a nc h of fi ce s wi t h a se cu re lin k t o yo ur net w or k. Th e DS R -
15 0/ 15 0 N/250/ 25 0N , DS R-500 /500N an d DS R -1 00 0 /1 00 0 N a re c ap ab le o f
si mu lt an eo u sl y ma na g in g 5, 5 , 1 0, 20 Se cu re So ck et s La y er ( S SL ) VP N t un ne l s
re sp ec ti ve l y, e mp ow er in g yo ur mo b il e use rs b y pro v id in g re mo te ac ce ss t o a
ce nt ra l c or po ra te da ta b as e. Si te -to -s it e V PN tu nn el s u se IP Se cu ri t y ( IP se c)
Pr ot o co l, P o int -to -P oi n t T un ne li ng P ro to co l ( PP T P) , or La ye r 2 T un ne l in g
Unified Services Router User Manual
12
Pr ot o co l ( L2 TP ) to f ac il it at e b r anc h o f fi ce co nn e ct iv it y t hr ou g h e nc ry pt ed
vi rt ua l li n ks . T he D S R- 15 0/ 15 0N , D S R- 25 0/ 25 0N , DS R -5 00 /5 00 N a nd D S R-
10 00 /1 0 00 N s up po rt 1 0, 25 , 3 5 a nd 75 si mu l ta ne ou s I P se c V P N t un ne ls
re sp ec ti ve l y.
Ef fi ci e nt D -L in k Gr ee n T ec hn ol og y
As a co nc er ne d m em be r o f t he g lo b al c o mm un it y, D - Li n k is d e vo te d to
pr ov id i ng e co - fr ie nd ly p r od uc ts . D -L in k G re en Wi -Fi a nd D -L in k G re en
Et he rn et s a ve po we r and p r eve n t was te . The D -L in k Gr ee n W L AN s ch ed ul er
re du ce s wir e le ss po we r au to ma t ica l ly d uri n g o ff - pe a k h ou rs . Lik e wi se th e D-
Li nk G re en E th er ne t pr o gr am ad j us ts p ow er u sa ge b as ed o n th e d et e ct ed c ab l e
le ng th an d l in k s ta t us. I n a dd it io n, c o mp li an ce w it h R oH S ( Re st ri ct io n o f
Ha za rd ou s S ub st an ce s) an d W EE E (W as te El ec tr ic al a n d El ec tr on ic Eq ui pm en t)
di re ct iv e s ma ke D - Li nk G re en c er ti fi ed d e vi ce s th e en vi ro n me nt al ly r es po n si bl e
ch oi ce .
S up po rt f or t he 3G wir e le ss W AN U SB d o ng le i s o n ly a va il ab le f or D SR - 10 00 a nd
DS R -1000N .
1. 1 Ab ou t th is U se r Ma nu al
Th is d oc u me nt i s a h ig h l ev el m an ua l t o al lo w n ew D -L i nk S er vi ce s R ou te r u se rs t o
co nf ig ur e c on ne ct iv it y, s e tup V P N tu nn el s, e s tab l is h fi re wa l l ru le s a nd p er fo rm
ge ne ra l a dm in is tr at i ve t as ks . T yp ic a l de pl o ym en t an d u se c a se s ce na ri os ar e de s cr ib ed
in e ac h s ec ti on . F or m or e d et ai le d s et up i ns tr u ct io ns a nd e xp la na t io ns o f e ac h
co nf ig ur at io n pa ra me te r, r ef er to th e o nl i ne he lp th at ca n b e ac ce ss ed fr om e ac h p ag e
in t he r o ut er G UI .
1. 2 Ty po gr ap hi ca l Co nve nt io ns
Th e f ol lo wi n g is a l is t o f t he va ri ou s t er ms , fo llo w ed by an ex am pl e o f h ow th at te rm
is r ep re s en te d in t hi s do c um en t:
Pr o duc t N am e – D -L in k Se rv ic es R ou t er .
o Mo de l nu mb e rs D SR -500/ 5 0 0N /1 00 0/ 10 0 0N /2 50 /2 50 N /1 50 /1 50 N
GU I Me n u Pa th /G UI N av i gat i on – Mo ni to ri ng > R ou te r St at us
Im po rt a nt n ot e –
Ch ap te r 2 . Co nf ig ur in g Y ou r Ne tw o rk : LA N Se tu p
It i s a ss um ed t h at t he u se r h as a mac h in e fo r ma n ag em en t co n ne ct ed to th e L AN t o th e r ou te r. Th e LA N
co nn ec ti o n ma y be th ro ug h t he w ir ed E th er ne t p or t s a va il ab le on t he r o ut er , o r on ce th e i ni ti al se tu p i s
co mp le te , t he D SR m ay a ls o be m a na ge d t h ro ug h it s wi re le s s i nt er fa ce a s it i s b ri dg ed wi t h th e LA N .
Ac ce ss t he ro ut er ’ s g ra p hi ca l u se r i nt er fa ce ( GU I) fo r ma na ge me nt b y us in g an y we b b ro ws e r, s uc h a s
Mi cr os o ft I nt er ne t E xp lo re r or M o zi lla Fi re fo x :
Go t o ht t p: // 19 2. 16 8 .1 0.1 (d ef au lt I P a dd re ss ) to d i sp la y th e ro u te r’ s m an ag em en t lo gi n s cr ee n.
De fa ul t lo g in c re de nt ia ls fo r th e ma na ge me n t GU I:
Us er na me : a dmi n
Pa ss wo rd : ad m in
If th e ro u te r’ s L AN I P ad d re ss w as c ha n ge d, u se th at I P ad dr es s i n th e na vi g at io n ba r o f th e br ow se r t o
ac ce ss t he ro ut er’s ma na ge me nt U I .
2. 1 LA N Co nfi g ur ati on
Se tu p > Ne tw or k Se tt in gs > L AN C onf i gu ra ti on
B y d e fa ul t, t he r o ut er f un ct io ns as a D y na mi c Ho st Co nf ig ur at io n P ro to co l (D H CP ) se rv er t o t he h os t s
on t he W LA N o r L AN n et wo rk . W it h DH C P, P Cs a nd o th er L AN d ev ic e s ca n b e as si g ne d I P
ad dr es se s a s w el l a s ad dr e ss es f or DN S s er ve rs , W in do w s In te rn et Na me Se rv ic e ( WI NS ) s er ve rs , a nd
th e de fa ul t gat e wa y. W it h th e DHC P se r ve r ena b le d the ro ut er ’s IP add re ss ser v es as th e gat ew ay
ad dr es s f or L AN an d W LA N c li en ts . T he P Cs i n t he L AN a re as si g ned IP a d dr es se s fr o m a p oo l o f
ad dr es se s s pe c if ie d i n t hi s p ro ce du re . E ac h p oo l a d dr es s i s t es te d b ef or e i t i s a ss ig ne d t o a vo id
du pl ic at e ad d re ss es o n t he L AN .
Fo r mo st ap pl ic at io ns th e d ef a ul t D HC P a nd TC P/ IP se tt in gs ar e sa ti sf ac to r y. If yo u wa nt an ot he r P C
on yo ur ne tw or k to be th e D HC P s er ve r o r if yo u a re ma nu al ly co nf ig ur in g t he ne tw or k s et ti ng s o f al l
of y ou r P C s, s et t he D H CP mo de t o ‘ no ne ’ . D H CP r el ay ca n be u se d t o fo rw ar d D HC P le as e
in fo rm at io n f ro m a noth er LA N dev ic e tha t i s the n et wo r k’ s DHC P ser ve r; t hi s i s par ti cu la rl y u se fu l
fo r wi re le s s cl ie nt s.
In st ea d o f usi ng a D NS se r ve r, y ou ca n u se a W i nd ow s I nt er ne t N am i ng Ser v ic e ( WI NS ) s er ve r. A
WI NS s er ve r i s t he eq ui va l en t o f a D NS s er ve r b u t u se s th e N e tB IO S p ro to c ol to r es ol ve h os tn am es .
Th e r o ute r i nc l ud es t he W IN S s er ve r IP a d dr es s i n t he DH CP co n fi gu ra ti on wh en ac k no wl ed gi ng a
DH CP r eq u es t fr om a D HC P c li en t.
Yo u c a n a ls o e na bl e DN S pr ox y fo r th e L AN . Wh en t hi s i s en ab le d th e r o ute r th en as a pr ox y fo r al l
DN S re q ue st s an d c om mu ni ca te s w it h th e I SP ’s D NS se rv er s. W h en d is ab le d a ll D HC P c li en ts r ec ei v e
th e DN S I P ad dr es se s o f t h e IS P.
To co nfi g ur e LA N Co n ne ct iv it y, p le as e fo ll o w th e st ep s b el ow :
1. In the LAN Setup page, enter the following information for your ro uter:
IP a d dr es s (f ac to ry d e fa ult : 1 92 .1 68 .1 0 . 1) .
Unified Services Router User Manual
14
I f yo u ch a ng e th e IP ad dr es s a nd c li ck Sa ve S et ti ng s, th e GUI wi ll n o t re sp on d. Op en a n e w c o nn ec ti on
to th e n ew IP ad dr es s a nd lo g i n a ga in . B e s ure th e L AN ho st (t he ma ch i ne u se d to ma na ge t he r ou te r)
ha s ob ta in ed I P a dd re ss f ro m ne wl y as si gn ed poo l (or ha s a sta t ic I P a dd re ss in th e ro u te r’ s L AN
su bn et ) b ef or e ac ce ss in g t he r ou te r vi a ch an ge d I P ad dr es s.
Su bn et ma sk ( fa ct or y d ef au lt : 25 5. 25 5 .2 55 .0 ).
2. In the DH CP section, select the DHCP mode:
No ne : t he r ou te r’ s DH CP se rv er i s di sa bl ed fo r th e LA N
DH CP S er ve r. W it h th is o pt io n th e ro ut er a ss ig ns a n IP a dd re ss w it hi n t he s pe c if ie d r an ge
pl us a dd it io na l sp ec if i ed in fo rm at io n to a ny L AN de vi ce t ha t re qu es t s D HC P se rv ed
ad dr es se s .
DH CP Re la y: W it h t hi s o pt io n e na bl ed , D HC P cl ie nt s o n t he L AN c an r ec ei v e IP a d dr es s
le as es a nd c o rr es po nd in g i nf or m ati o n f ro m a DH CP s er ve r o n a di f fer e nt su bn et . S pe ci f y
th e R el ay Ga te wa y, a nd wh en LA N c li en ts ma ke a D HC P r eq ue st it wi ll be pa ss ed al on g t o
th e se r ver ac ce ss ib le vi a th e Re la y Ga te w ay I P ad dr es s .
If D HC P i s be in g en ab le d, en ter th e fo ll ow in g D HC P se rv er p ar a me te rs :
Star ti n g a nd En di ng I P A dd re ss es : E n te r t he fi rs t a nd la st c on ti n uo us ad dr es s es i n t he IP
ad dr es s po ol . A ny n e w DH CP c li e nt j oi ni n g the LA N is as si gn ed an I P ad dr es s i n th is
ra ng e. T h e de fa u lt s ta rt i ng a dd re ss is 1 92 .1 6 8. 10 . 2. T he de fa ul t e nd in g a dd re ss i s
19 2. 1 68 .1 0. 10 0. T he se ad dr es se s sh ou ld be in the sa me IP ad dr es s su bn et as the ro ut er ’s
LA N I P ad dr es s. Y ou ma y wi sh to sa v e p ar t o f th e s ub ne t r an ge f or de vi ce s wi th s ta ti ca ll y
as si gn ed IP a dd re ss es i n t he L AN.
Pr i mar y a nd Se co n da ry D NS se rv er s: If co nf ig ur e d d om ai n n am e s ys te m ( D NS ) s er ve rs a r e
av ai la bl e o n th e LA N en te r th eir IP a dd re ss es her e.
De fa ul t G at e wa y: B y d ef au lt t hi s s et ti ng h as the r ou te r’ s L AN I P a dd re ss . I t ca n b e
cu st om iz ed to a ny va li d I P w it hi n t he LA N s ub ne t , i n t he e v en t t ha t t he ne tw or k ’s gat e wa y
is n ot t hi s ro u te r. I n th is c as e th e DH C P se rv er w il l g iv e th e co n fi gu re d IP a dd r ess a s t he
De fa ul t G at ew ay t o it s DH C P cl ie nt s.
Do ma in N a me : Th is i s th e n et wo rk d om ai n na m e us ed f or i de nt i fi ca ti on .
WI NS S er ve r ( op ti o na l) : Ent er t he IP a dd re ss fo r the W IN S s er ve r o r , i f p re se n t i n y ou r
ne tw or k, th e Wi nd ow s N et BI OS s er v er .
Le as e T im e: E nt er t he t im e , in h o ur s, f or w hi ch I P a dd r ess e s ar e le as ed t o cl ie n ts .
Re la y Ga te wa y : E nt er t he g a te wa y a dd re ss . T hi s i s th e o nl y c on fi gu ra ti o n p ar am et er
re qu ir ed i n t hi s se ct io n wh e n DH CP R el ay is s el ec te d as i ts D H CP m od e
3. In the DN S Host Name Mapping section :
Unified Services Router User Manual
15
Ho st N a me : Pr ov id e a va li d h os t na m e
IP a d dr es s: P ro vi de t he I P a dd re ss o f th e ho s t na me ,
4. In the LAN proxy section:
En ab le D NS Pr o xy: T o en ab le t he ro u te r t o ac t as a p ro xy fo r al l D NS r eq ue st s an d
co mm un ic a te w it h th e IS P ’s D NS s er ve rs , cl ic k t he c he ck bo x.
5. Clic k Save Settings to apply all changes.
Unified Services Router User Manual
16
F i g u r e 1: S e t u p p a g e f o r L A N T C P / I P s e t t i n g s
2.1.1 LA N DH CP R es e rv ed I Ps
Se tu p > Ne tw or k Se tt in gs > L AN D HC P Re se rv ed I Ps
The r ou te r’s D H CP s er ve r c an as si gn T CP /I P c on fi gu ra ti on s t o c om pu te rs in th e L AN ex pl i ci tl y b y
ad di ng c li en t' s ne tw or k in te rf ac e ha rd wa re a dd re ss a nd th e I P ad dr es s to be a ss ig ne d to t ha t c li en t in
DH CP s er ve r' s da ta ba se . Wh e ne ve r D HC P se rv er r ec ei ve s a r e qu es t f ro m c l ie nt , ha rd wa re a dd re s s o f
Unified Services Router User Manual
17
th at c li e nt is c om pa re d w it h the h ar d wa re a dd re ss l is t p re se nt i n the d a ta ba se , if a n IP ad dr es s is
al re ad y a s si gn ed to th at co m pu te r o r d ev ic e in th e d at ab as e , t he cu st om iz ed IP a dd re ss is co n fi gu re d
ot he rw is e a n IP ad dr es s i s a ss i gn ed t o t he cl ie nt a u to ma ti ca ll y fr o m th e DH C P po ol .
Co mp ut er N a me: Th e u se r de fi ne d na me fo r th e LA N ho s t.
IP A dd re s se s: T he LA N IP a dd re ss o f a ho s t th at i s re se r ve d by t he D HC P se r ve r.
M AC A dd re ss es: T he M A C ad dr e ss t ha t w il l b e a ssi g ne d th e r es e rv ed IP ad dr es s w he n it is o n t he
LA N.
As so ci at e wi th I P/ M AC B in di ng: W he n th e use r en ab le s th is o pt io n th e Co mp ut er N am e, I P an d
MA C ad d re ss es a re a ss oc ia t ed w it h th e IP /M AC bi nd in g.
Th e ac ti o ns t ha t ca n be t ak e n o n l is t of r es er ve d I P ad dr es se s ar e:
Se le ct: S el ec ts a ll t he r e se rv ed I P ad d re ss es i n th e li st .
Ed it: Op e ns t he L AN D HC P R es er ve d IP C o nf ig ur at io n pa ge t o ed it th e se le ct ed b in di n g ru le .
De le te: D el et es t he s el ec t ed I P ad dr e ss r ese r va ti on (s )
Ad d: O pe n s th e LA N DH C P Re se rv ed I P Co n fi gu ra ti on p ag e to a dd a ne w bi nd in g ru le .
F i g u r e 2 : L A N D H C P R e s e r v e d I P s
N ot e th e fo ll o wi ng l im it s fo r th e n um be r of D HC P Re s er ve d IP a dd r ess e s pe r pr od uc t:
Unified Services Router User Manual
18
o DS R -15 0 /1 50 N: 32
o DS R -25 0 /2 50 N: 64
o DS R -50 0 /5 00 N: 96
o DS R -10 0 0/ 10 00 N: 128
2.1.2 LA N DH CP L ea s ed C li en ts
Se tu p > Ne tw or k Se tt in gs > L AN D HC P Le as ed C li en ts
Th is p a ge p ro vi de s th e li st of c li en ts c on ne ct t o L AN D HC P se r ve r.
F i g u r e 3 : L A N D H C P L e a s e d C l i e n t s
IP A d dre s se s: T he LA N I P a dd re ss o f a h os t th at ma tc he s t he r e ser v ed I P l is t.
M AC A ddr e ss es: T he M AC a dd re ss o f a L AN h os t th at h as a c o nf ig ur ed I P ad d re ss r es er va ti on .
2.1.3 L AN C on fi gu ra ti on i n a n IP v6 N et w or k
Ad va nc ed > I Pv 6 > I Pv 6 L AN > IP v6 L AN C on fi g
(1 ) In IP v6 mo d e, th e LA N D HC P se rv er i s di sa b le d b y d ef a ul t ( si mi la r t o IP v4 mo de ). T he
DH CP v6 s er v er w il l se r ve I Pv 6 ad d re ss es f ro m co n fi gu re d ad d re ss p oo ls w it h t he I Pv 6 P re fi x
Le ng th a ss i gn ed t o th e LA N.
Unified Services Router User Manual
19
I Pv 4 / IP v6 mo de m us t b e e na bl ed in th e A dv an ce d > IP v6 > I P m od e t o e na bl e I P v6 co nf ig ur at io n
op ti on s.
LAN Set tings
Th e d ef au lt I Pv 6 L AN a d dr es s fo r t he r o ute r i s fe c 0: :1 . Y ou c an c ha ng e t hi s 1 28 b it I Pv 6 a dd re ss
ba se d on yo ur n et wo rk r eq ui re me nt s. T h e o th er f ie ld th at d ef in es t he LA N s et t in gs fo r t h e ro u te r i s
th e p re fi x l en gt h. Th e IP v 6 n et wo rk ( s ub ne t) is i de nt i fie d b y t he i ni t ia l bi t s of th e ad d re ss c a ll ed t he
pr ef ix . B y d ef au lt th is i s 64 b it s lo ng . A ll ho st s i n t he n et wo r k ha ve c om mo n i ni ti al b it s f or th ei r
IP v6 a d dr es s; t he n um be r o f co mm on i ni ti al bi ts in the ne tw or k’ s a dd re ss e s is se t b y th e p re fi x
le ng th f ie ld .
Unified Services Router User Manual
20
F i g u r e 4: I P v 6 L A N a n d D H C P v 6 c o n f i g u r a t i o n
I f yo u ch a ng e th e IP ad dr es s an d cl ic k S av e Se tt i ng s, t he G UI wi ll n ot r es p ond . O pe n a n ew c on ne ct io n
to th e n ew IP ad dr es s a nd lo g i n a ga in . B e s ur e t he LA N ho s t ( th e m ac hi ne us ed to ma na ge th e r ou te r)
ha s o bt ai ne d I P a dd re ss fr om ne wl y as si g ne d po o l (o r has a st a tic IP ad dr es s i n t he ro ut er ’s LA N
su bn et ) b efo r e ac ce ss in g th e r ou te r vi a ch an ge d I P ad dr es s.
As wi th an IP v4 LA N n et wo rk , t he r ou te r h as a D HC Pv 6 s er ve r. I f e na bl ed , t he ro ut er as si gn s a n I P
ad dr es s wi th in t he sp ec i fi ed r an ge pl u s ad di t io na l s pe ci fi ed i n fo rm at io n t o a ny L AN PC th at
re qu es ts DH CP s er ve d a dd re ss es .
Th e fo ll o wi ng s et ti ng s a re u se d to co nf ig ur e th e D HC Pv 6 se r ve r:
Unified Services Router User Manual
21
DH CP Mo d e: Th e I P v6 D H CP se rv er is e it he r s ta te l es s o r s ta te f ul . I f s ta te le ss i s se l ec te d a n
ex te rn al I P v6 D HC P se r ve r is n ot r eq u ir ed as t he I P v6 L AN h os ts a re a u to -c o nf ig ur ed b y t hi s
ro ut er . I n t hi s ca se th e ro ut e r ad v er ti se me nt da em on (R AD VD ) m us t be co nf ig ur ed on t hi s
de vi ce an d IC MP v6 ro ut er di sc ov er y m es sa ge s ar e use d b y th e ho s t fo r a ut o - co nf ig ur at io n.
Th er e a re no ma na ge d ad d re ss es t o se rv e t he L AN n od es . If st a te fu l i s s el ec te d th e I Pv 6 L AN
ho st w il l re l y on a n e xt er na l DH CPv6 se r ver to p ro vi de r e qu ir ed c on fi gu ra ti o n se tt in gs
Th e do ma i n na me o f th e D HC Pv 6 se rv er i s a n op ti on al s et ti n g
Se rv er Pr ef er e nc e i s us e d t o i ndi ca t e t he p r ef er en ce le ve l o f t hi s D HC P s er ve r. DH CP ad ve r ti se
me ss ag es wi th t he hi gh es t se rv e r pr e fer e nc e va lu e to a LA N ho s t ar e pr ef er re d o ve r ot he r D HC P
se rv er a d ve rt is e me ss ag es . T he de fa ul t is 2 55 .
Th e D NS s er ve r d et ai ls ca n b e m an ua ll y e nt er ed he re (p ri ma r y/ se co nd ar y o pt io ns . A n
al te rn at iv e is to a ll ow th e LAN D HC P c li e nt to rec e ive t he DN S s er v er de ta il s fro m the I SP
di re ct ly . By s el ec ti n g Use DNS p ro x y, t hi s ro ut er a ct s as a p ro xy f or a l l D N S req u es ts a nd
co mm un ic a te s wi th t h e IS P’ s DN S se rv er s ( a W AN c on fi gu ra ti o n pa ra me t er).
Pr i mar y a nd Se co nd a ry DN S s er ve rs : I f t he re i s c on fi gu re d d o mai n na me sy st em (D NS ) se rv er s
av ai la bl e o n th e LA N en te r th e IP ad dr es se s he r e.
Le as e/ Re b ind ti me s et s t he d ur at io n of t he D H CP v6 l ea se f ro m t hi s r o ut er t o th e LA N c li en t.
IPv 6 Add ress Poo ls
Th is fe at ur e a ll ow s y ou to d e fi ne t he IP v6 de le ga ti on pr e fi x fo r a r a ng e o f IP ad dr es se s t o b e s er ve d
by t he g at e wa y’ s D H CP v6 s er ve r. U si ng a d el eg at io n pr e fi x yo u c an a uto m at e th e pr oc es s of
in fo rm in g o th er n et wo rk i ng e qu ip me nt o n t he L AN o f DH C P in fo r mat i on s pe ci fi c fo r t he a ss ig ne d
pr ef ix .
Pre fix D eleg ation
Th e fo ll o wi ng s et ti ng s a re u se d to c on f ig ur e th e Pr ef i x D e le ga ti on :
Pr ef ix De le ga ti o n: S el ec t t hi s o pt io n to en ab le pr ef ix de le ga ti on in DH CP v6 se rv er . Th is op ti on
ca n be s el e ct ed o nl y in St at el es s A dd re ss A ut o C on fi gu ra ti on m od e o f DH CP v6 se r ver .
Pr ef ix Add r es s: I Pv 6 p re fi x ad dr e ss i n th e DH CP v6 se rv er p re fi x po o l
Pr ef ix Le ng th : Le n gt h pr ef ix a dd re ss
2.1.4 C on fi gu ri ng I Pv 6 R ou te r Ad ve rt is em e nts
Ro ut er Ad v er ti se me nt s a re a nal o go us to IP v4 DH CP as si gn me n ts fo r L AN cl ie nt s, i n th a t t he ro ut er
wi ll as si gn an I P ad dr e ss a nd sup p or ti ng ne tw or k in fo r ma ti on to d ev ic es tha t a re con fi g ur ed to
ac ce pt su ch d et ai ls . R o ut er Ad ve rt is e me nt is r eq ui r ed i n a n I Pv 6 n et w or k i s r eq ui re d f or st a te le ss
au to co nf ig ur at io n o f th e I Pv 6 LA N. B y co nf ig ur i ng t he Ro ute r Adv er ti se m en t Da em on on thi s
ro ut er , t he DS R wi ll li st en on th e L AN fo r r ou te r s ol ic it at io ns an d r e sp on d t o t he se LA N h os ts wi th
ro ut er a d vi se me nt s.
Unified Services Router User Manual
22
RAD VD
Ad va nc ed > I Pv 6 > I Pv 6 L AN > R ou te r Ad ve rt is em en t
To s up po r t s ta t el es s IP v6 au to co nf ig ur at io n on t he L AN , se t t h e RAD VD s t at us t o Ena b l e. T he
fo ll o wi ng se t ti ng s ar e us ed to c on fi gu re R AD VD :
Ad ve rt is e Mo de : S el ec t Un so li ci t ed Mul ti ca st to se nd ro ut er adv er ti se me n ts (RA ’s ) to al l
in te rf ac e s in t he mul ti ca s t gr ou p. To re st ri ct R A’s t o w el l- k no wn I P v6 a dd re s se s on t he
LA N, a nd th er eb y re du ce o v er al l ne tw or k tr a ff ic , se le ct U ni ca s t on ly .
Ad ve rt is e In te rv al : W he n ad ve rt is em en ts ar e un so li ci te d m ul ti ca st pa c ke ts , t hi s i nt er va l s et s
th e ma xi mu m t im e b et we e n a dv er ti se me n ts fr om t he i nt er fa ce . T he a ct ua l du ra ti on b et we en
ad ve rt is e me nt s i s a ra nd om v al ue b et we en o ne th ir d of t hi s f ie ld a nd th i s f ie ld . T he de fa ul t
is 3 0 se co nd s .
RA F la gs : The ro ut er adv er ti se me n ts ( RA ’s) ca n be sen t wi t h on e or bot h of the se fla g s.
Ch os e Ma na ge d to u se th e ad mi ni st er ed / sta te fu l pr o to co l f or a dd re ss a uto co nf ig ur a ti on . If
th e O th er f la g i s se le ct ed th e ho s t us es ad mi ni st er ed / st at ef ul p ro to co l fo r n on - ad dr es s au to
co nf ig ur at io n .
Ro ut er Pr ef er en ce : thi s l ow /m ed iu m/ hi g h pa r am et er det er mi ne s the pr ef er en ce as so ci at ed
wi th t he RA DV D pro c es s o f the r ou te r. T hi s i s use f ul if t her e ar e o t her R AD VD e na bl ed
de vi ce s o n th e LA N as i t h el ps a vo id c on fl ic ts fo r IP v6 c li en ts .
MT U: Th e ro ut er a dv er t is em en t wi ll s e t th is ma xi mu m tr a ns mi ss io n un it ( M TU ) v al ue f or a ll
no de s in th e LA N th at a re au to c on fi g ur ed b y t he r ou te r. Th e de fa ul t is 1 50 0 .
Ro ut er Li fe t im e: T his va l ue is pr es en t i n R A’ s a nd in d ic at es th e u se fu ln es s o f t hi s ro ut er as
a d efa ul t r ou te r fo r t he i nt e rfa ce . Th e de fa u lt i s 36 00 se co nd s. Up o n ex pi ra ti on o f t hi s va l ue ,
a ne w RA DV D e xc ha ng e m us t ta ke p la c e be tw ee n th e ho s t an d th is r ou te r.
Unified Services Router User Manual
23
F i g u r e 5 : C o n f i g u r i n g t h e R o u t e r A d v e r t i s e m e n t D a e m o n
Adv ertis emen t Pr efixe s
Ad va nc ed > I Pv 6 > I Pv 6 L AN > Ad ve rt i sem e nt Pr ef i xe s
Th e r out er a dv e rt is em en ts c on fi g ure d wi th ad v er ti se me nt p re fi xe s a llo w t hi s r o ut er to i n fo rm ho s ts
ho w to p er fo r m s ta te le ss a dd re ss a ut o c on fi gu ra ti o n. R ou te r a d ve rt is em en ts c on ta in a l is t o f s ub ne t
pr ef ix es th at al lo w t he r ou t er t o d et er mi ne n ei gh bo r s a nd w he th er th e h os t i s on th e s am e li n k a s t he
ro ut er .
Th e fo ll o wi ng p re fi x op ti o ns a re a va il ab le for th e ro ut er a dv er t is em en ts :
IP v6 P r ef ix T yp e: To e ns ur e h os ts s up po rt I Pv 6 t o IP v4 tu nn el s el ec t t he 6 to 4 p re fi x ty pe .
Se le ct in g G lo ba l/ Lo c al /I SA T AP w il l al lo w t he no d es to s u pp or t al l o th er I P v6 r ou ti ng
op ti on s
SL A ID : T he S LA I D ( Si te - Le ve l Ag gr eg at io n Id e nt if ie r) is a va il ab le wh en 6 to 4 Pr e fi xes ar e
se le ct ed . Thi s s ho ul d be t he in t er fa ce ID o f t he r ou te r’ s L AN i nt er fa ce u se d fo r ro ut e r
ad ve rt is e me nt s.
IP v6 Pr ef ix : W he n us in g G lo ba l/ Lo ca l/ IS AT A P p re fi xe s, t hi s f ie ld i s us e d to d ef in e t he I Pv 6
ne tw or k ad v er ti se d b y t h is r ou te r.
IP v6 P re fi x Le ng th : Th is v al ue i nd ic at es t he n um be r co nt i guo u s, h ig he r o r de r bit s of t he
IP v6 a d dr es s th at d ef in e up th e ne tw or k po r tio n o f th e ad d re ss. T y pi ca ll y th is i s 6 4.
Unified Services Router User Manual
24
Pr ef ix Li fe ti me : T hi s de f in es t he d ur at io n ( in s ec o nd s) t ha t t he re qu es ti ng no de i s al lo we d t o
us e th e ad v er ti se d pr ef ix . I t is a na l og ou s to D HC P le a se t im e in a n IP v4 ne tw or k.
F i g u r e 6 : I P v 6 A d v e r t i s e m e n t P r e f i x s e t t i n g s
2. 2 VL AN C on fi gu ra ti on
Th e ro ut er su pp or ts v ir tu a l ne tw or k is ol at io n o n th e LA N wi t h th e us e of V L AN s. L AN d e vic e s ca n be
co nf ig ur ed to c o mmu n ic at e in a s ub net wo r k de fi n ed b y V LA N id en ti fi er s . L AN p o rt s ca n be as si gn ed
un iq ue VL AN ID s so th at t r af fi c to an d f ro m t ha t p hy si ca l p or t ca n b e is ol a te d fr o m th e ge n er al L A N.
VL AN f il te r in g is p ar ti c ula r ly u se fu l to l i mit b r oa dc as t pa ck et s o f a de vi ce i n a l ar ge n et wo rk
VL AN su pp or t i s ena bl ed b y d efa u lt i n t he r ou te r. In th e V LA N C on fi g ura ti o n p ag e, e na b le V LA N
su pp or t o n th e ro ut er a nd t he n p ro ce ed t o th e ne x t se ct io n to d ef i ne t he v ir tu al n e tw or k.
Se tu p > VL AN S et ti ng s > Av ai la bl e VL AN
Th e Av ai la bl e V L AN p a ge s ho ws a lis t of co nfi g ur ed V L AN s by n a me a nd V LA N I D. A VL AN
me mb er sh ip ca n be c re at ed by c li ck in g th e Ad d bu tt on b e lo w th e Li st o f A va il ab le V LA Ns .
A VL AN me mb er sh ip e nt r y co ns is ts of a V LA N id e nt if ie r an d t he n um er ic a l VL AN ID wh i ch is
as si gn ed t o th e V LA N me mb er sh ip . T he V LA N ID v al ue c a n b e a ny n um be r fr o m 2 t o 40 9 1. V LA N
ID 1 is r es er ve d fo r th e de fa u lt V LA N, w hi ch i s u se d fo r un ta g ge d f ra me s re c ei ve d o n t he i nt er fa ce .
B y en ab li n g I nt er VL AN Ro u ti ng , y ou wi ll al lo w tr af fi c f ro m LA N h os ts be lo n gi ng to th is VL A N I D
to p as s t hr ou gh t o ot he r co n fi gu re d VL AN I D s th at h av e In te r V LA N Ro ut in g en ab le d.
Unified Services Router User Manual
25
F i g u re 7: A d d i n g V L A N m e m b e r s h i p s t o t h e L A N
2.2.1 Ass o ci at in g V LAN s t o po rt s
In or d er to ta g al l t ra ff ic t hr ou gh a sp ec i fic L AN po r t w it h a V LA N I D, yo u ca n a ss oc ia t e a V LA N
to a p hy s ica l p or t.
Se tu p > VL AN S et ti ng s > Po rt V LA N
VL AN m em be rs hi p p ro p er ti es fo r t he L AN a nd w ir el es s L AN ar e l i ste d o n t hi s p ag e. T he VL AN
Po rt ta bl e d is pl ay s t he p or t i de nt if ie r, t he mo de se tt in g f or t ha t p or t a nd V LA N m em be r sh ip
in fo rm at io n. T h e c o nf ig ur at io n pa ge i s acc e ss ed b y sel ec t in g one o f th e fo ur p h y si ca l por t s o r a
co nf ig ur ed ac ce ss p oi nt a n d cl ic ki ng E di t.
Th e ed it p a ge o ff er s th e fo l lo wi ng c on fi gu ra ti o n op ti on s:
Mo de : T he mo d e of t hi s V LA N ca n be G e ne r al , Ac ce ss , or Tr un k. T h e de fa ul t is a cc es s .
In G e ne ra l m od e t he p or t i s a me mb er o f a u se r s el e ct ab le se t o f V LA Ns . T h e po r t se nd s
an d r ec ei ve s d at a t ha t i s ta gg ed o r u nt ag ge d w it h a V LA N I D. I f t he d at a i nt o t he p or t i s
un ta gg ed , i t is a s si gn ed t he d ef in ed P V ID . In t he c o nf ig ur at io n fr o m Fi gu re 4 , P or t 3 i s a
Ge ne ra l po r t wi th P VI D 3 , so unt a gg ed d a ta in to P or t 3 wi l l be a ss ig ne d P VI D 3. All ta gg ed
da ta se nt o u t o f th e p or t w it h t he sa me P V ID wi ll b e u nt ag ge d. Thi s i s m od e i s t yp ic al ly
us ed w it h IP P ho n es t ha t ha ve d ua l E th er ne t po rt s . D at a co mi ng f ro m p ho ne t o th e s wi tc h
po rt o n t he ro ut er w il l b e t ag ge d. Da t a p as si ng t hr ou gh th e ph on e fr om a c o nn ec ted d ev ic e
wi ll b e u nta g ge d.
Unified Services Router User Manual
26
F i g u r e 8 : P o r t V L A N l i s t
In Ac ce ss mo de th e p or t i s a me mb er of a si n gl e V LA N ( an d o nl y o ne ) . A ll da ta go in g i nt o
an d o u t o f t he p or t i s u nt a gg ed . Tr af fi c t h ro ug h a po r t i n a cc es s mo de lo o ks li ke a ny ot he r
Et he rn et fr am e.
In Tr un k m od e t h e po r t is a me mb er of a u se r s el ec ta b le s e t o f V LA Ns . Al l d at a g o in g i nt o
an d o ut o f t he p or t i s ta g ge d. Un ta g ged co mi ng in to t he po rt i s n ot f or wa rd e d, e xc ep t fo r
th e d e fa ul t V L AN wi th P VI D= 1, w hi ch is u nt ag ge d . T ru nk p or ts mu lt ip l ex tr af fi c fo r
mu lt ip le V L AN s ov er t he sa me p hy si ca l li n k.
Se le ct P V ID f or t he p or t w he n th e G en er al m od e i s se le ct ed .
Co nf i gur ed VL AN me mb er sh ip s w il l be di sp la ye d o n th e V LA N Me mb er s hi p Co nf ig ur at io n
fo r t he p or t. By sel ec t in g o ne m or e V LA N me mb er s hi p op ti on s f or a Ge ne ra l or Tr un k p or t,
tr af fi c ca n b e ro ut ed b et we e n t he s el ec te d VL AN me mb er sh ip I Ds
T he D SR -1 5 0 / 15 0N d oe s no t s up po rt G en er al mo de f or p or t V LA Ns d ue t o ha rd wa r e li mi ta ti on s.
Unified Services Router User Manual
27
F i g u r e 9 : C o n f i g u r i n g V L A N m e m b e r s h i p f o r a p o r t
2.2.2 Mu lt ip le V L AN S ub ne ts
Se tu p > VL AN S et ti ng s > Mu lt i VL AN S et ti ng s
Th is pa g e s ho ws a l is t o f av ai la bl e mu lt i -V L AN su bn et s. E ac h c on fi gu re d VL AN ID ca n ma p
di re ct ly t o a su bn et w it hi n the L AN . Ea c h LAN p or t ca n b e as si g ned a u ni q ue IP a d dr es s a n d a
VL AN s pe c if ic D HC P se rv e r ca n be c on fi gu re d to as si gn I P ad dr e ss l ea se s to d e vic e s on t hi s VL AN .
VL AN ID: T he P VI D o f t he VL AN th at wi ll ha ve a ll mem be r d ev ic es be pa rt o f the sa me su b ne t
ra ng e.
IP A dd re s s: T he I P ad d re ss a ss oc ia te d wi t h a po rt a ss ig ne d t hi s VL AN I D.
Su bn et M a sk: Su bn et M a sk f or t he a bo v e IP A dd re ss
Unified Services Router User Manual
28
F i g u r e 10: M u l t i p l e V L A N S u b n e t s
2.2.3 VL AN c on fi gu r at io n
Se tu p > VL AN S et ti ng s > VL AN c on fi gu ra ti on
Th is pa ge a ll o ws e na bl i ng o r d is ab li ng th e VL AN fu nc ti on on t he r ou te r. Vi rt ua l L AN s ca n be
cr ea te d in t hi s ro ut er t o pr o vi de se g me nt at io n ca pa b il it ie s fo r fi re wa ll r ul es a nd V PN p ol ic ie s. T he
LA N ne t wor k i s co n sid e re d th e d ef a ul t V LA N. C he ck th e En ab le V LA N bo x to a dd V LAN
fu nc ti on a lit y t o th e LA N.
Unified Services Router User Manual
29
F i g u r e 11 : V L A N C o n f i g u r a t i o n
2. 3 Co nf ig ur ab le P or t: D MZ S et up
Th is r o ut er s up po rt s o ne o f t he p hy si ca l po r ts t o be co n fi gu re d as a se co nd ar y W AN E th er ne t po r t or a
de di ca te d DM Z p or t . A DM Z is a s ub ne tw or k th at i s o pe n t o th e p ub li c bu t be hi nd t he fi re wa ll . T he
DM Z a dd s a n ad di ti o na l la ye r o f se c ur it y t o th e L A N, a s s pe ci fi c s er vi ce s/ po rt s t h at a re e xp os ed to
th e i nt er ne t o n t he DM Z d o n ot ha ve t o b e e xp os ed on th e L AN . It is re co m me nd ed t ha t h os t s th at
mu st be exp o se d t o th e in te r ne t ( su ch as w eb or em ai l se r ve rs ) b e p lac e d in th e D MZ ne tw or k.
Fi re wa ll ru le s c a n be al lo we d to pe rm it ac ce ss sp ec if ic se r vic e s/ po rt s t o t he DM Z f ro m b ot h t he LA N
or WA N. I n t he ev en t o f a n at ta c k to an y o f t he D MZ no de s, th e L AN i s n ot ne ce ss ar il y v ul ne ra bl e a s
we ll .
Se tu p > DM Z Se tu p > DM Z Se tu p Co nf ig ur at ion
DM Z co nf ig ur at i on is id en ti ca l to t he LA N c on fi gu ra ti on . Th er e ar e n o re st ri ct io ns o n t he IP a dd re ss
or s ub ne t a ss ig ne d t o th e D MZ p or t, o t he r th an t he fa ct t ha t i t ca n no t be i de n ti ca l to t he I P a dd re ss
gi ve n to t he LA N in te rf ac e o f th is g at ew ay .