Huawei EGW2100 Web Configuration Manual

Download

HUAWEI EGW2100

V100R001C01

Web Configuration Guide

Issue 01

Date 2010-02-20

Huawei Proprietary and Confidential

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any assistance, please contact our local office or company headquarters.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base

Bantian, Longgang Shenzhen 518129 People's Republic of China

Website: http://www.huawei.com

Email: support@huawei.com

No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice

The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Proprietary and Confidential

HUAWEI EGW2100 Web Configuration Guide Contents

About This Document.....................................................................................................................1

1 Configuration Example of Logging in to Web.....................................................................1-1

2 Configuration Example of Quick Config..............................................................................2-1

3 Configuration Example of the Basic Operation...................................................................3-1

4 Configuration Example of the Internetworking..................................................................4-1

4.1 Configuration Example of ADSL by Using PPPoE........................................................................................4-2

4.2 Configuration Example of SHDSL.................................................................................................................4-7

4.3 Configuration Example of DHCP Server......................................................................................................4-10

4.4 Configuration Example of RIP......................................................................................................................4-15

4.5 Configuration Example of OSPF..................................................................................................................4-18

4.6 Configuration Example of the 3G Interface for Dial-on-Demand................................................................4-21

4.7 Configuration Example of the 3G Interface for Automatic Dialup...............................................................4-30

4.8 Configuration Example of a WLAN (Crypto Service Class)........................................................................4-36

4.9 Configuration Example of a WLAN (Plain Service Class)...........................................................................4-40

4.10 Configuration Example of a WLAN (802.1X)............................................................................................4-43

5 Configuration Example of the ACL........................................................................................5-1

6 Configuration Example of NAT..............................................................................................6-1

7 Configuration Example of the Dual-System Hot Backup in Routing Mode..................7-1

8 Configuration Example of the VPN........................................................................................8-1

8.1 Configuration Example of GRE......................................................................................................................8-2

8.2 Configuration Example of L2TP IPSec..........................................................................................................8-6

A Acronyms and Abbreviations................................................................................................A-1

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

HUAWEI EGW2100 Web Configuration Guide Figures

Figures

Figure 1-1 Networking diagram for logging in....................................................................................................1-1

Figure 1-2 Login page..........................................................................................................................................1-1

Figure 2-1 Networking diagram for the web-manager function..........................................................................2-1

Figure 2-2 Configuring the ADSL.......................................................................................................................2-2

Figure 2-3 Configuring the 3G.............................................................................................................................2-3

Figure 2-4 Configuring the LAN..........................................................................................................................2-3

Figure 2-5 Configuring the WLAN......................................................................................................................2-3

Figure 2-6 Saving the configuration.....................................................................................................................2-4

Figure 3-1 Configuring the VLAN.......................................................................................................................3-1

Figure 3-2 Creating interface Dialer 0..................................................................................................................3-2

Figure 3-3 Configuring interface Ethernet0/0/0...................................................................................................3-2

Figure 3-4 Creating ACL 3001............................................................................................................................3-2

Figure 3-5 Configuring a rule...............................................................................................................................3-3

Figure 3-6 Configuring the interzone packet filtering rule..................................................................................3-3

Figure 3-7 Saving the configuration.....................................................................................................................3-4

Figure 4-1 Networking of the ADSL configuration example..............................................................................4-2

Figure 4-2 Configuring the ADSL interface........................................................................................................4-2

Figure 4-3 Configuring the PVC..........................................................................................................................4-3

Figure 4-4 Obtaining the IP address in PPP negotiation mode............................................................................4-3

Figure 4-5 Configuring the PPP user on the Dialer interface...............................................................................4-4

Figure 4-6 Configuring the Dialer interface.........................................................................................................4-4

Figure 4-7 Configuring the packet filtering rule between the Trust security zone and the Untrust security zone

...............................................................................................................................................................................4-4

Figure 4-8 Configuring the static route................................................................................................................4-5

Figure 4-9 Configuring the NAT..........................................................................................................................4-5

Figure 4-10 Enabling the DHCP function............................................................................................................4-6

Figure 4-11 Configuring the processing mode for DHCP packets on the interface.............................................4-6

Figure 4-12 Enabling the DNS proxy...................................................................................................................4-6

Figure 4-13 Configuring the DNS server address................................................................................................4-7

Figure 4-14 Saving the configuration...................................................................................................................4-7

Figure 4-15 Networking of the ADSL configuration example............................................................................4-8

Figure 4-16 Basic configuration of the SHDSL interface....................................................................................4-8

Figure 4-17 Configuring the SHDSL interface....................................................................................................4-9

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

iii

HUAWEI EGW2100

Figures

Figure 4-18 Configuring the packet filtering rule between the Trust security zone and the Untrust security zone

...............................................................................................................................................................................4-9

Figure 4-19 Configuring the static route..............................................................................................................4-9

Figure 4-20 Saving the configuration.................................................................................................................4-10

Figure 4-21 Networking for configuring the DHCP client................................................................................4-11

Figure 4-22 Setting the Vlanif20 interface process mode of DHCP packets.....................................................4-12

Figure 4-23 Setting the Vlanif10 interface process mode of DHCP packets.....................................................4-12

Figure 4-24 Configuring the forbidden IP addresses.........................................................................................4-13

Figure 4-25 Configuring the forbidden IP addresses.........................................................................................4-13

Figure 4-26 Configuring the forbidden IP addresses.........................................................................................4-13

Figure 4-27 Configuring the forbidden IP addresses.........................................................................................4-13

Figure 4-28 Configuring attributes of DHCP address pool 1 ............................................................................4-14

Figure 4-29 Configuring attributes of DHCP address pool 2.............................................................................4-14

Figure 4-30 Saving the configuration.................................................................................................................4-15

Figure 4-31 Networking of the RIP configuration example...............................................................................4-16

Figure 4-32 Configuring the packet receiving and packet sending functions....................................................4-17

Figure 4-33 Enabling the RIP function..............................................................................................................4-17

Figure 4-34 Configuring the IP address of the RIP network segment...............................................................4-17

Figure 4-35 Enabling RIP on the Specified Network Segment..........................................................................4-18

Figure 4-36 Saving the configuration.................................................................................................................4-18

Figure 4-37 Networking diagram of OSPF configurations................................................................................4-19

Figure 4-38 Configuring process 100.................................................................................................................4-20

Figure 4-39 Configuring area 0..........................................................................................................................4-20

Figure 4-40 Configuring area 1..........................................................................................................................4-21

Figure 4-41 Saving the configuration.................................................................................................................4-21

Figure 4-42 Networking diagram of dial-on-demand through the Dialer interface...........................................4-22

Figure 4-43 Configuring the Modem.................................................................................................................4-22

Figure 4-44 Configuring the dialer rule.............................................................................................................4-22

Figure 4-45 Creating interface Dialer 0..............................................................................................................4-23

Figure 4-46 Adding the Dialer0 interface to the Untrust zone...........................................................................4-23

Figure 4-47 Obtaining the IP address in PPP negotiation mode........................................................................4-23

Figure 4-48 Configuring the PPP user on the Dialer0 interface.........................................................................4-24

Figure 4-49 Configuring circular DCC..............................................................................................................4-24

Figure 4-50 Configuring the PPP user on the Cellular interface........................................................................4-25

Figure 4-51 Adding the Cellular interface to the Dialer circular group.............................................................4-25

Figure 4-52 Configuring the operator................................................................................................................4-25

Figure 4-53 Configuring Ethernet 0/0/0 interface..............................................................................................4-26

Figure 4-54 Creating ACL 3001........................................................................................................................4-26

Figure 4-55 Configuring a rule...........................................................................................................................4-27

Figure 4-56 Configuring the NAT......................................................................................................................4-27

Figure 4-57 Configuring the interzone packet filtering rule..............................................................................4-28

Figure 4-58 Configuring the static route............................................................................................................4-28

Figure 4-59 Enabling the DHCP function..........................................................................................................4-28

Web Configuration Guide

iv Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide Figures

Figure 4-60 Configuring the processing mode for DHCP packets on the interface...........................................4-29

Figure 4-61 Enabling the DNS proxy.................................................................................................................4-29

Figure 4-62 Configuring the DNS server address..............................................................................................4-29

Figure 4-63 Saving the configuration.................................................................................................................4-29

Figure 4-64 Networking diagram of automatic dialup through the Dialer interface..........................................4-30

Figure 4-65 Configuring the Modem.................................................................................................................4-30

Figure 4-66 Configuring the dialer rule.............................................................................................................4-31

Figure 4-67 Adding Cellular5/0/0 interface to the Untrust zone........................................................................4-31

Figure 4-68 Obtaining the IP address in PPP negotiation mode........................................................................4-31

Figure 4-69 Configuring the PPP user...............................................................................................................4-32

Figure 4-70 Configuring circular DCC..............................................................................................................4-32

Figure 4-71 Configuring the Ethernet 0/0/0 interface........................................................................................4-33

Figure 4-72 Creating ACL 3001........................................................................................................................4-33

Figure 4-73 Configuring a rule...........................................................................................................................4-34

Figure 4-74 Configuring the NAT......................................................................................................................4-34

Figure 4-75 Configuring the interzone packet filtering rule..............................................................................4-35

Figure 4-76 Configuring the static route............................................................................................................4-35

Figure 4-77 Enabling the DHCP function..........................................................................................................4-35

Figure 4-78 Configuring the processing mode for DHCP packets on the interface...........................................4-36

Figure 4-79 Enabling the DNS proxy.................................................................................................................4-36

Figure 4-80 Saving the configuration.................................................................................................................4-36

Figure 4-81 Networking diagram of configuring a WLAN (Crypto service class)...........................................4-37

Figure 4-82 Creating a Service Class.................................................................................................................4-37

Figure 4-83 Configuring the crypto service class...............................................................................................4-38

Figure 4-84 Creating the WLAN-BSS interface................................................................................................4-38

Figure 4-85 Configuring interface Wlan-Bss2...................................................................................................4-39

Figure 4-86 Configuring the interzone packet filtering rule..............................................................................4-39

Figure 4-87 Configuring the NAT......................................................................................................................4-39

Figure 4-88 Configuring the static route............................................................................................................4-40

Figure 4-89 Saving the configuration.................................................................................................................4-40

Figure 4-90 Networking diagram of configuring a WLAN (Plain service class)..............................................4-41

Figure 4-91 Enabling the DHCP function..........................................................................................................4-41

Figure 4-92 Configuring the processing mode for DHCP packets on the interface...........................................4-42

Figure 4-93 Configuring the plain service class.................................................................................................4-42

Figure 4-94 Configuring interface Wlan-Bss0...................................................................................................4-43

Figure 4-95 Saving the configuration.................................................................................................................4-43

Figure 4-96 Networking diagram of configuring a WLAN (802.1X)................................................................4-44

Figure 4-97 Creating a Service Class.................................................................................................................4-44

Figure 4-98 Configuring the crypto service class...............................................................................................4-45

Figure 4-99 Creating 802.1X domain abc..........................................................................................................4-45

Figure 4-100 Creating the WLAN-BSS interface..............................................................................................4-45

Figure 4-101 Configuring interface Wlan-Bss2.................................................................................................4-46

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

HUAWEI EGW2100

Figures

Figure 4-102 Configuring the RADIUS template..............................................................................................4-46

Figure 4-103 Configuring the RADIUS authentication server...........................................................................4-47

Figure 4-104 Configuring the RADIUS authentication scheme........................................................................4-47

Figure 4-105 Configuring the domain................................................................................................................4-47

Figure 4-106 Configuring the AAA domain policy...........................................................................................4-48

Figure 4-107 Saving the configuration...............................................................................................................4-48

Figure 5-1 Networking of the ACL configuration example.................................................................................5-2

Figure 5-2 Creating VLAN 5............................................................................................................................... 5-2

Figure 5-3 Creating Vlanif 5................................................................................................................................5-2

Figure 5-4 Setting basic parameters of the Vlanif 5 interface .............................................................................5-3

Figure 5-5 Configuring interface Ethernet0/0/0...................................................................................................5-3

Figure 5-6 Configuring the static route................................................................................................................5-4

Figure 5-7 Configuring ACL rule 1..................................................................................................................... 5-4

Figure 5-8 Configuring ACL rule 2..................................................................................................................... 5-5

Figure 5-9 Configuring ACL rule 3..................................................................................................................... 5-6

Figure 5-10 Configuring packet filtering rule 1...................................................................................................5-6

Figure 5-11 Configuring interzone ASPF............................................................................................................5-7

Figure 5-12 Configuring ACL rule 4................................................................................................................... 5-7

Figure 5-13 Configuring ACL rule 5................................................................................................................... 5-8

Figure 5-14 Configuring packet filtering rule 2...................................................................................................5-8

Figure 5-15 Saving the configuration...................................................................................................................5-9

Figure 6-1 Networking of a NAT configuration example....................................................................................6-1

Figure 6-2 Configuring the advanced ACL rule 0................................................................................................6-2

Figure 6-3 Configuring advanced ACL rule 5 .................................................................................................... 6-3

Figure 6-4 Configuring the packet filtering rule between the DMZ security zone and the Untrust security zone

...............................................................................................................................................................................6-3

Figure 6-5 Configuring the ASPF between the DMZ security zone and the Untrust security zone....................6-4

Figure 6-6 Configuring the address mapping of the WWW server......................................................................6-4

Figure 6-7 Configuring the address mapping of the FTP server..........................................................................6-4

Figure 6-8 Saving the configuration.....................................................................................................................6-5

Figure 7-1 Networking of the dual-system hot backup in routing mode ............................................................ 7-2

Figure 7-2 Configuring VRRP backup group 1................................................................................................... 7-2

Figure 7-3 Configuring VRRP backup group 2................................................................................................... 7-3

Figure 7-4 Configuring VRRP backup group 3................................................................................................... 7-3

Figure 7-5 Configuring VGMP............................................................................................................................7-4

Figure 7-6 HRP two-node cluster hot backup in routing mode........................................................................... 7-4

Figure 7-7 Saving the configuration.....................................................................................................................7-5

Figure 8-1 GRE tunnel using static routes........................................................................................................... 8-2

Figure 8-2 Creating an interface named Tunnel1.................................................................................................8-2

Figure 8-3 Configuring the tunnel1 interface.......................................................................................................8-3

Figure 8-4 Configuring the static route................................................................................................................8-3

Figure 8-5 Configuring the static route................................................................................................................8-4

Figure 8-6 Creating an interface named Tunnel1.................................................................................................8-4

Web Configuration Guide

vi Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide Figures

Figure 8-7 Configuring the tunnel1 interface.......................................................................................................8-5

Figure 8-8 Configuring the static route................................................................................................................8-5

Figure 8-9 Configuring the static route................................................................................................................8-6

Figure 8-10 Networking diagram of L2TP IPSec................................................................................................8-7

Figure 8-11 Configuring the Virtual-Template1 interface...................................................................................8-8

Figure 8-12 Configuring PPP...............................................................................................................................8-8

Figure 8-13 Disabling the fast forwarding function.............................................................................................8-9

Figure 8-14 Configuring the local user................................................................................................................8-9

Figure 8-15 Configuring the IP pool....................................................................................................................8-9

Figure 8-16 Configuring the L2TP-group..........................................................................................................8-10

Figure 8-17 Configuring the IKE proposal........................................................................................................8-10

Figure 8-18 Configuring the IKE peer...............................................................................................................8-11

Figure 8-19 Configuring the IPSec proposal......................................................................................................8-11

Figure 8-20 Configuring the IPSec policy template...........................................................................................8-12

Figure 8-21 Configuring the IPSec policy.........................................................................................................8-12

Figure 8-22 Applying the policy........................................................................................................................8-12

Figure 8-23 Saving the configuration.................................................................................................................8-13

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

vii

HUAWEI EGW2100 Web Configuration Guide About This Document

About This Document

Purpose

This document provides the methods for configuring the functions of the EGW2100.

Product Version

The following table lists the product versions related to this document.

Product Name Version

HUAWEI EGW2100 V100R001C01

Intended Audience

This document is intended for:

l Technical support engineer

l Maintenance engineer

l Network engineer

l Network administrator

l Network maintenance engineer

Organization

This document is organized as follows.

Chapter

1 Configuration Example of Logging in to Web

2 Configuration Example of Quick Config

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

Description

This chapter describes the configuration of logging in to web.

This chapter describes the configuration of quick config.

DANGER

WARNING

CAUTION

TIP

NOTE

About This Document

HUAWEI EGW2100

Web Configuration Guide

Chapter Description

3 Configuration Example of the Basic Operation

4 Configuration Example of the Internetworking

5 Configuration Example of the ACL

6 Configuration Example of NAT

7 Configuration Example of the Dual-System Hot Backup in Routing Mode

8 Configuration Example of the VPN

A Acronyms and Abbreviations

This chapter describes the configuration of the basic operation.

This chapter describes the internetworking configuration of the EGW2100.

This chapter describes the configuration of the ACL.

This chapter describes the configuration of the NAT.

This chapter describes the configuration of the dual-system hot backup in routing mode.

This chapter describes the configuration of the VPN.

This chapter describes the abbreviations in this document.

Conventions

Symbol Conventions

The symbols that may be found in this document are defined as follows.

Symbol

Description

Indicates a hazard with a high level of risk, which, if not avoided, could result in death or serious injury.

Indicates a hazard with a medium or low level of risk, which, if not avoided, could result in minor or moderate injury.

Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results.

Indicates a tip that may help you solve a problem or save time.

Provides additional information to emphasize or supplement important points of the main text.

2 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide About This Document

General Conventions

The general conventions that may be found in this document are defined as follows.

Convention Description

Times New Roman Normal paragraphs are in Times New Roman.

Boldface Names of files, directories, folders, and users are in

boldface. For example, log in as user root.

Italic Book titles are in italics.

Courier New

Command Conventions

The command conventions that may be found in this document are defined as follows.

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[ ] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by

[ x | y | ... ] Optional items are grouped in brackets and separated by

{ x | y | ... }

Examples of information displayed on the screen are in Courier New.

vertical bars. One item is selected.

vertical bars. One item is selected or no item is selected.

Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected.

[ x | y | ... ]

Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected.

GUI Conventions

The GUI conventions that may be found in this document are defined as follows.

Convention

Boldface Buttons, menus, parameters, tabs, windows, and dialog titles

> Multi-level menus are in boldface and separated by the ">"

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

Description

are in boldface. For example, click OK.

sign. For example, choose File > Create > Folder.

About This Document

Keyboard Operations

The keyboard operations that may be found in this document are defined as follows.

Format Description

Key Press the key. For example, press Enter and press Tab.

Key 1+Key 2 Press the keys concurrently. For example, pressing Ctrl+Alt

Key 1, Key 2 Press the keys in turn. For example, pressing Alt, A means

Mouse Operations

The mouse operations that may be found in this document are defined as follows.

Action Description

HUAWEI EGW2100

Web Configuration Guide

+A means the three keys should be pressed concurrently.

the two keys should be pressed in turn.

Click Select and release the primary mouse button without moving

Double-click Press the primary mouse button twice continuously and

Drag Press and hold the primary mouse button and move the

Update History

Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.

Updates in Issue 01 (2010-02-20)

Initial commercial release.

the pointer.

quickly without moving the pointer.

pointer to a certain position.

4 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 1 Configuration Example of Logging in to Web

1 Configuration Example of Logging in to Web

Networking Requirements

As shown in Figure 1-1, the PC is connected to Ethernet1/0/0 of the EGW2100. You can control and manage the EGW2100 by accessing its IP address 192.168.0.1 through the Web browser on the PC.

Procedure

Step 1 The PC is connected to Ethernet1/0/0 of the EGW2100.

Step 2 Configure the IP address of the PC.

Step 3 Access the EGW2100 through the Web browser of the PC.

Figure 1-1 Networking diagram for logging in

Ethernet1/0/0

Vlanif1

192.168.0.1/24

192.168.0.2/24

The configuration details are not mentioned here.

Input http://192.168.0.1 in the Internet Explorer to enter the Web login page. Figure 1-2 shows the login page.

EGW

Figure 1-2 Login page

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

1-1

1 Configuration Example of Logging in to Web

Step 4 Input username admin and password Admin@123. The configuration interface is shown.

----End

HUAWEI EGW2100

Web Configuration Guide

1-2 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 2 Configuration Example of Quick Config

2 Configuration Example of Quick Config

Networking Requirements

As shown in Figure 2-1, the EGW2100 connects to a LAN through WLAN and LAN users access the Internet through the ADSL and 3G. The ADSL is the master link, otherwise, the 3G is the backup link.

Figure 2-1 Networking diagram for the web-manager function

Data Preparation

Item

ADSL PVC 0/33 -

3G User Name internet -

192.168.0.0/24

ADSL

WLAN

EGW2100 Station

User Name adsl -

Password password -

Dialer Number *99# -

Access point name APN -

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

2-1

2 Configuration Example of Quick Config

Item EGW2100 Station

HUAWEI EGW2100

Web Configuration Guide

Procedure

Step 1 Configure the Internet access.

WLAN Access Mode encrypted (WPA/WPA2-

PSK mixed)

encrypted (WPA/WPA2PSK mixed)

SSID WLAN100 WLAN100

Key Value abcdef123 abcdef123

NOTE

Obtain the parameters for ADSL or 3G dial-up, such as the user name and password from the operator or network administrator.

1. Choose Quick Config > Internet Access. The Internet Access page is displayed.

2. In the ADSL Configuration group box, Figure 2-2 shows the parameter setting.

Figure 2-2 Configuring the ADSL

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

4. Click Refresh, ADSL IP disconnected (as shown in Figure 2-2) turns to the obtained IP address. This indicates the ADSL connection succeeds.

5. In the 3G configuration group box, Figure 2-3 shows the parameter setting.

2-2 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 2 Configuration Example of Quick Config

Figure 2-3 Configuring the 3G

6. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

7. Click Refresh, 3G IP (as shown in Figure 2-3) turns to the obtained IP address. This indicates the 3G connection succeeds.

Step 2 Configure the LAN and WLAN.

1. Choose Quick Config > LAN/WLAN. The LAN/WLAN page is displayed.

2. In the LAN configuration group box, Figure 2-4 shows the parameter setting.

Figure 2-4 Configuring the LAN

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

4. In the WLAN configuration group box, Figure 2-5 shows the parameter setting.

Figure 2-5 Configuring the WLAN

5. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 3 Save the configuration.

1. Click Save on the upper right of the page to save the configuration. Figure 2-6 shows the parameter setting.

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

2-3

2 Configuration Example of Quick Config

Figure 2-6 Saving the configuration

2. Click OK in the This will save current configuration, if you switch to other pages, you will not get the operation result. Are you sure to save? dialog box that is displayed to complete the configuration.

Step 4 Save the Station.

Change the TCP/IP setting of the Station to obtain its IP address automatically. For help, see the operating system documentation for the Station.

----End

HUAWEI EGW2100

Web Configuration Guide

2-4 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 3 Configuration Example of the Basic Operation

3 Configuration Example of the Basic

Operation

Networking Requirements

Procedure

Step 1 Create VLAN 5 and Add Ethernet 1/0/0 to VLAN 5.

This describes the basic procedure for configuring the device, including:

l Configure the VLAN and add interfaces.

l Create an interface.

l Configure an interface.

l Configure the ACL.

l Configure the Packet-Filter.

l Save the configuration.

1. Choose NetWork > VLAN. The VLAN page is displayed.

2. Click New to enter the VLAN Config interface. Figure 3-1 shows the parameter setting.

Figure 3-1 Configuring the VLAN

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 2 Create interface Dialer 0.

1. Choose NetWork > Interface. The Interface page is displayed.

2. Click New to enter the Create New Interface interface. Figure 3-2 shows the parameter setting.

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

3-1

3 Configuration Example of the Basic Operation

Figure 3-2 Creating interface Dialer 0

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 3 Configure an IP address for Ethernet 0/0/0 and add Ethernet 0/0/0 to the Untrust zone.

1. Choose NetWork > Interface. The Interface page is displayed.

2. Click MORE corresponding to Ethernet0/0/0 to enter the Interface Basic Config interface.

Figure 3-3 shows the parameter setting.

Figure 3-3 Configuring interface Ethernet0/0/0

HUAWEI EGW2100

Web Configuration Guide

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 4 Create ACL 3001 and configure the rule for ACL 3001: The action of the packets whose source

IP addresses are in network segment 10.1.1.0/24 is configured as Permit.

1. Choose Resource > ACL. The ACL page is displayed.

2. Click New to enter the ACL Basic Config interface. Figure 3-4 shows the parameter setting.

Figure 3-4 Creating ACL 3001

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

4. Click New to enter the Rule Config interface. Figure 3-5 shows the parameter setting.

3-2 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 3 Configuration Example of the Basic Operation

Figure 3-5 Configuring a rule

5. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 5 Configure the packet filtering rule between the Trust zone and Untrust zone as Permit.

1. Choose Security > Packet-Filter. The Packet-Filter page is displayed.

2. Click MORE corresponding to trust-untrust. The Packet-Filter Config page is displayed.

Figure 3-6 shows the parameter setting.

Figure 3-6 Configuring the interzone packet filtering rule

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 6 Save the configuration.

1. Click Save on the upper right of the page to save the configuration. Figure 3-7 shows the parameter setting.

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

3-3

3 Configuration Example of the Basic Operation

Figure 3-7 Saving the configuration

----End

HUAWEI EGW2100

Web Configuration Guide

3-4 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 4 Configuration Example of the Internetworking

4 Configuration Example of the

Internetworking

About This Chapter

4.1 Configuration Example of ADSL by Using PPPoE

4.2 Configuration Example of SHDSL

4.3 Configuration Example of DHCP Server

The locations and number of terminals in the network change frequently, so you need to use the Dynamic Host Configuration Protocol (DHCP) to allocate dynamic IP addresses to the terminals. The EGW2100 can serve as a DHCP server to offer IP addresses to the DHCP client.

4.4 Configuration Example of RIP

Routing Information Protocol (RIP) is a type of protocol based on the distance-vector (D-V) algorithm. By using RIP, you can exchange routing information through UDP packets. This protocol is widely used in simple small-/medium-sized networks.

4.5 Configuration Example of OSPF

OSPF is an internal network gateway protocol based on the link status developed by the IETF and is also a dynamic routing protocol applied to the internal of the AS.

4.6 Configuration Example of the 3G Interface for Dial-on-Demand

4.7 Configuration Example of the 3G Interface for Automatic Dialup

4.8 Configuration Example of a WLAN (Crypto Service Class)

4.9 Configuration Example of a WLAN (Plain Service Class)

4.10 Configuration Example of a WLAN (802.1X)

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

4-1

HUAWEI EGW2100

4 Configuration Example of the Internetworking

Web Configuration Guide

4.1 Configuration Example of ADSL by Using PPPoE

Networking Requirements

The EGW2100 connects to a LAN through Ethernet 0/0/0 and LAN users access the Internet through the ADSL interface (ATM 2/0/0).

Networking Diagram

Figure 4-1 shows the networking of the ADSL configuration example.

Figure 4-1 Networking of the ADSL configuration example

Ethernet 0/0/0

192.168.1.1/24 ATM 2/0/0

Procedure

Step 1 Configure an IP address for Ethernet 0/0/0 and add Ethernet 0/0/0 to the Trust zone.

Step 2 Create Virtual-Ethernet 1 (VE 1) interface and add VE 1 to the Untrust zone. Create Dialer 1

Step 3 Configure the ADSL interface.

EGW DSLAM

For the configuration procedure, see 3 Configuration Example of the Basic Operation.

interface and add Dialer 1 to the Untrust zone.

For the configuration procedure, see 3 Configuration Example of the Basic Operation.

1. Choose NetWork > Interface. The Interface page is displayed.

2. Click MORE corresponding to Atm2/0/0 to enter the Interface Basic Config interface.

Figure 4-2 shows the parameter setting.

Figure 4-2 Configuring the ADSL interface

PPPoE Server

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

4-2 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 4 Configuration Example of the Internetworking

4. In the Interface Physical Config group box, select activate. Then click OK in the Are you sure to submit? dialog box that is displayed to activate the interface.

5. In the PVC Configuration group box, select New. The PVC Configuration interface is displayed. Figure 4-3 shows the parameter setting.

Figure 4-3 Configuring the PVC

NOTE

You can obtain the PVC from the operator.

6. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 4 Configure the PPPoE session.

1. Choose NetWork > Interface. The Interface page is displayed.

2. Click MORE corresponding to Dialer1 to enter the Interface Basic Config interface.

3. In the Interface Basic Config group box, click IP Address Detail Config. The IP Address

Config interface is displayed. Figure 4-4 shows the parameter setting.

Figure 4-4 Obtaining the IP address in PPP negotiation mode

4. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

5. Click back, then return to Interface interface.

6. In the PPP User and Dialer group box, click PPP User and Dialer. The PPP User Config interface is displayed. Figure 4-5 shows the parameter setting.

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

4-3

4 Configuration Example of the Internetworking

Figure 4-5 Configuring the PPP user on the Dialer interface

7. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

8. Click back, then return to Interface interface.

9. In the PPPOE Dialer interface Config group box, click Detail Config. The Dialer

interface detail Config interface is displayed. Figure 4-6 shows the parameter setting.

Figure 4-6 Configuring the Dialer interface

HUAWEI EGW2100

Web Configuration Guide

10. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 5 Configure the interzone packet filtering rule.

1. Choose Security > Packet-Filter. The Packet-Filter page is displayed.

2. Click MORE corresponding to trust-untrust. The Packet-Filter Config page is displayed.

Figure 4-7 shows the parameter setting.

Figure 4-7 Configuring the packet filtering rule between the Trust security zone and the

Untrust security zone

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 6 Configure a specific route.

4-4 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

HUAWEI EGW2100 Web Configuration Guide 4 Configuration Example of the Internetworking

1. Choose NetWork > Route Config. The Route Config page is displayed.

2. Click the Route-Static tab. Click New. The Route-Static Config page is displayed. Figure

4-8 shows the parameter setting.

Figure 4-8 Configuring the static route

3. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 7 Configure NAT.

1. Create ACL 3001 and configure the rule for ACL 3001: Match all IP packets.

For the configuration procedure, see 3 Configuration Example of the Basic Operation.

2. Choose Service > NAT > Nat-Policy. The Nat-Policy page is displayed.

3. Select NAT-Policy tab. Click New. The NAT-Policy page is displayed. Figure 4-9 shows the parameter setting.

Figure 4-9 Configuring the NAT

NOTE

When selecting the ACL, you can select basic ACL or advanced ACL from the drop-down list. Then select the proper ACL in the ACL classification table.

4. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 8 Configure the DHCP function, which can dynamically assign IP addresses to intranet users.

1. Choose Service > DHCP > DHCP Basic. The DHCP Basic Config page is displayed.

Issue 01 (2010-02-20) Huawei Proprietary and Confidential

4-5

4 Configuration Example of the Internetworking

2. In the DHCP Basic Config group box, select the DHCP Enable check box. Click OK in the Are you sure to enable? dialog box to enable the DHCP function. Figure 4-10 shows the parameter setting.

Figure 4-10 Enabling the DHCP function

3. In the Setting Interface Process Mode Of DHCP Packet group box, configure the processing mode for DHCP packets on Ethernet0/0/0. Figure 4-11 shows the parameter setting.

Figure 4-11 Configuring the processing mode for DHCP packets on the interface

HUAWEI EGW2100

Web Configuration Guide

4. Click Apply. Then click OK in the Are you sure to submit? dialog box that is displayed to complete the configuration.

Step 9 Configure the DNS.

1. Choose NetWork > DNS Config. The DNS Config page is displayed.

2. Click the Basic Configurations tab. Select the Enable DNS Proxy check box to enable the DNS proxy function. Figure 4-12 shows the parameter setting.

Figure 4-12 Enabling the DNS proxy

3. Click the DNS Server Address tab. Choose the interface Dialer1, Figure 4-13 shows the parameter setting.

4-6 Huawei Proprietary and Confidential

Issue 01 (2010-02-20)

+ 80 hidden pages

Huawei EGW2100 Web Configuration Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Figures

About This Document

1 Configuration Example of Logging in to Web

2 Configuration Example of Quick Config

HUAWEI EGW2100 Web Configuration Guide 3 Configuration Example of the Basic Operation

HUAWEI EGW2100 Web Configuration Guide 4 Configuration Example of the Internetworking

4.1 Configuration Example of ADSL by Using PPPoE