language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or
otherwise, without the prior written permission of PLANET.
PLANET makes no representations or warranties, either expressed or implied, with respect to the contents
hereof and specifically disclaims any warranties, merchantability or fitness for any particular purpose. Any
software described in this manual is sold or licensed "as is". Should the programs prove defective following
their purchase, the buyer (and not this company, its distributor, or its dealer) assumes the entire cost of all
necessary servicing, repair, and any incidental or consequential damages resulting from any defect in the
software. Further, this company reserves the right to revise this publication and to make changes from time
to time in the contents hereof without obligation to notify any person of such revision or changes.
All brand and product names mentioned in this manual are trademarks and/or registered trademarks of their
respective holders.
Disclaimer
PLANET Technology does not warrant that the hardware will work properly in all environments and
applications, and makes no warranty and representation, either implied or expressed, with respect to the
quality, performance, merchantability, or fitness for a particular purpose.
PLANET has made every effort to ensure that this User’s Manual is accurate; PLANET disclaims liability
for any inaccuracies or omissions that may have occurred.
Information in this User’s Manual is subject to change without notice and does not represent a commitment
on the part of PLANET. PLANET assumes no responsibility for any inaccuracies that may be contained in
this User’s Manual. PLANET makes no commitment to update or keep current the information in this User’s
Manual, and reserves the right to make improvements to this User’s Manual and/or to the products described
in this User’s Manual, at any time without notice.
If you find information in this manual that is incorrect, misleading, or incomplete, we would appreciate your
comments and suggestions.
Trademarks
The PLANET logo is a trademark of PLANET Technology.
This documentation may refer to numerous hardware and software products by their trade names. In most, if
not all cases, these designations are claimed as trademarks or registered trademarks by their respective
companies.
CE mark Warning
This is a class A device, in a domestic environment; this product may cause radio interference, in which case the user may
be required to take adequate measures.
Federal Communication Commission Interference Statement
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to
Part 15 of FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a residential installation. This equipment generates, uses, and can radiate radio frequency
energy and, if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications. However, there is no guarantee that interference will not occur in a particular
installation. If this equipment does cause harmful interference to radio or television reception, which can
be determined by turning the equipment off and on, the user is encouraged to try to correct the interference
by one or more of the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio technician for help.
II
Gigabit SSL VPN Security Router User’s Manual
FCC Caution:
To assure continued compliance (example-use only shielded interface cables when connecting to computer or
peripheral devices). Any changes or modifications not expressly approved by the party responsible for
compliance could void the user’s authority to operate the equipment.
This device complies with Part 15 of the FCC Rules. Operation is subject to the Following two conditions: (1)
This device may not cause harmful interference, and (2) this Device must accept any interference received,
including interference that may cause undesired operation.
R&TTE Compliance Statement
This equipment complies with all the requirements of DIRECTIVE 1999/5/EC OF THE EUROPEAN
PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication
terminal Equipment and the mutual recognition of their conformity (R&TTE)
The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications Terminal
Equipment and Satellite Earth Station Equipment) As of April 8, 2000.
WEEE Caution
To avoid the potential effects on the environment and human health as a result of the presence of hazardous
substances in electrical and electronic equipment, end users of electrical and electronic equipment should
understand the meaning of the crossed-out wheeled bin symbol. Do not dispose of WEEE as unsorted
municipal waste and have to collect such WEEE separately.
Safety
This equipment is designed with the utmost care for the safety of those who install and use it. However,
special attention must be paid to the dangers of electric shock and static electricity when working with
electrical equipment. All guidelines of this and of the computer manufacture must therefore be allowed at all
times to ensure the safe use of the equipment.
Customer Service
For information on customer service and support for the Gigabit SSL VPN Security Router, please refer to the following
Website URL:
http://www.planet.com.tw
Before contacting customer service, please take a moment to gather the following information:
♦ Gigabit SSL VPN Security Router serial number and MAC address
♦ Any error messages that displayed when the problem occurred
♦ Any software running when the problem occurred
♦ Steps you took to resolve the problem on your own
Revision
User’s Manual for PLANET Gigabit SSL VPN Security Router
2.1SYSTEMATIC SETTING PROCESS ............................................................................................................................6
5.1.1 WAN Status .................................................................................................................................................13
5.1.2 Physical Port Status ...................................................................................................................................15
5.1.3 System Information ....................................................................................................................................16
5.1.5 VPN Status ..................................................................................................................................................17
5.1.6 Log Setting Status ......................................................................................................................................17
5.2CHANGE AND SET LOGIN PASSWORD AND TIME...................................................................................................17
5.2.2 Network Time ..............................................................................................................................................18
6.1.1 Host Name and Domain Name.................................................................................................................20
6.1.2 IP Mode........................................................................................................................................................ 20
6.1.3 LAN Setting .................................................................................................................................................20
6.1.3.2 Dual-Stack IP (IPv4 and IPv6)...................................................................................................................................22
6.1.4 WAN & DMZ Settings.................................................................................................................................24
6.1.4.2 Dual-Stack IP (IPv4 and IPv6)...................................................................................................................................35
7.2PORT STATU S ........................................................................................................................................................59
7.7PORT GROUP MANAGEMENT ................................................................................................................................69
CHAPTER 8: QOS (QUALITY OF SERVICE)................................................................................................ 70
8.1.4 Exception IP address .................................................................................................................................77
9.2.2 Add New Access Rule................................................................................................................................84
10.1.DISPLAY ALL VPNSUMMARY ............................................................................................................................91
10.1.1. Add a New VPN Tunnel..........................................................................................................................94
10.1.1.1 Gateway to Gateway Setting....................................................................................................................................94
10.1.1.2 Client to Gateway Setting (future feature).............................................................................................................104
10.1.2. PPTP Server .......................................................................................................................................... 110
10.1.3. VPN Pass Through ............................................................................................................................... 111
11.1 STAT US ..............................................................................................................................................................113
11.2 GROUP SUMMARY .............................................................................................................................................113
11.3 GROUP MANAGEMENT:......................................................................................................................................115
11.5 USER MANAGEMENT .........................................................................................................................................133
11.6 SERVICE RESOURCE MANAGEMENT .................................................................................................................136
11.7 LINK TO PORTAL ................................................................................................................................................138
12.1.2 Port Range Forwarding .........................................................................................................................146
12.4ONE TO ONE NAT ............................................................................................................................................. 152
12.5DDNS-DYNAMIC DOMAIN NAME SERVICE ...................................................................................................... 155
14.2SYSTEM STAT ISTI C ............................................................................................................................................171
14.3TRAFFIC STATI STIC ............................................................................................................................................172
14.4IP/PORT STATI STIC ...........................................................................................................................................175
VI
Gigabit SSL VPN Security Router User’s Manual
Chapter 1: Introduction
As Internet becomes essential for your business, the only way to prevent your Internet connection from failure
is to have more than one connection. PLANET’s Gigabit SSL VPN Security Router, SG-4800, reduces the
risks of potential shutdown if one of the Internet connections fails. Moreover, it allows you to perform
load-balancing by distributing the traffic through three or four WAN connections.
In addition to a multi-homing device, PLANET’s Gigabit SSL VPN Security Router provides a complete
security solution in a box. The policy-based firewall, content filtering function and VPN connectivity provides
SSL, IPSec, and PPTP VPN. The SSL VPN function supports up to 60 SSL VPN connection tunnels. The
IPSec VPN feature provides with 3DES and AES encryption make it a perfect product for your network
security. No more complex connection and settings for integrating different security products on the network is
required.
This product is built-in bandwidth management function which also supported to offers network administrators
an easy yet powerful means to allocate network resources based on business priorities, and to shape and
control bandwidth usage.
1.1 Features
Multi-WAN Auto Backup: The SG-4800 can monitor each WAN link status and automatically activate
backup links when a failure is detected. The detection is based on the configurable target Internet
addresses.
Outbound Load Balancing: The network sessions are assigned based on the user configurable load
balancing mode, including “Auto Load Balance”, “Unbinding WAN Balance” and “Strategy Routing”,. User can also configure which IP or TCP/UDP type of traffic use which WAN port to connect.
Inbound Load Balancing: The SG-4800 provides the Inbound Load Balancing for enterprise’s internal
server. The Inbound Load Balancing can reduce the server loading and system crash risks, in order to
improve the server working efficiency.
Policy-based Firewall: The built-in policy-based firewall prevent many known hacker attack including
Ping of Death, SYN Flooding, Land attack, IP Spoofing, etc. The access rule function allowed only
specified WAN or LAN users to use only allowed network services on specified time.
VPN Connectivity: The security gateway support PPTP, IPSec and the SSL VPN. The SSL VPN
function supports up to 60 SSL VPN connection tunnels. The IPSec VPN with DES, 3DES and AES
encryption and SHA-1 / MD5 authentication, the network traffic over public Internet is secured.
Content Filtering: The security gateway can block network connection based on URLs, Scripts (The
Java Applet, cookies and Active X), Restrict Application (MSN, Yahoo Messenger, QQ, PPSTREAM and
PPTV) and Download/Upload blocking.
- 1 -
Gigabit SSL VPN Security Router User’s Manual
Multiple DHCP Server: The multi DHCP server support 4 sets of Class C IP address, each server can
allocate up to 253 client IP addresses and distribute them including IP address, subnet mask as well as
DNS IP address to local computers. It provides an easy way to manage the local IP network.
QoS Bandwidth Management: Featured Smart QoS with dynamic bandwidth management to
automatically control P2P and video downloading and other bandwidth hogging to avoid bandwidth
insufficient. Prioritizing different person/group or applications in bandwidth using for a better reasonable
management.
Dynamic Domain Name System (DDNS): The Dynamic DNS service allows users to alias a dynamic
IP address to a static hostname.
Multiple NAT: Multiple NAT allows local port to set multi-subnet and connect to the Internet through
different WAN IP addresses.
Port Range Forwarding (Virtual Server): The Port Forwarding and DMZ function can let you setup
your servers in the Intranet and still provide services to the Internet users.
Easy Management:Embedded Mirror Port to connect with monitoring devices to monitor online
behavior. It also supporting remote management by web browser with user name and password to
realize router management from remote places.
Log Feature: The log and traffic statistic function can helping administrators to record the
change/abnormal of the whole network status and take actions according to the log information.
1.2 Package Contents
The following items should be included:
SG-4800 x 1
Power Cord x 1
Quick Installation Guide x 1
User’s Manual CD x 1
Cat5 Cable x 1
Screw Packer x1
Rack-mount ear x 2
If any of the contents are missing or damaged, please contact your dealer or distributor immediately.
1.3 Physical Specification
Front Panel
- 2 -
Gigabit SSL VPN Security Router User’s Manual
LED definition
LED Color Status Description
Green Steady Power On
PWR
Off Off Power Off
Steady on System is crashed.
DIAG Amber
Blinking System is on self-test after power on the device.
Off System is ready.
Steady on Port has been connected & Get IP
WAN/ DMZ:
Link/Act
Green
Blinking Transmit data.
Off Not get the IP address, even the port has been connected.
Steady on LAN port has been connected.
LAN: Link/Act Green
Blinking Transmit data.
Green Steady On Works on 1000M
LAN/WAN/DMZ:
Speed
Amber Steady On Works on 100M.
Off Off Works on 10M.
Button definition
Button Description
Reset Push 5 seconds for “Warm Start”, and push 10 seconds for Factory Default.
Power Rocker switch ,Internal 12V/1.65A
- 3 -
1.4 Specification
Product
Model SG-4800
Hardware
LAN
Gigabit SSL VPN Security Router
8x 10/100/1000 Mbps RJ-45
Gigabit SSL VPN Security Router User’s Manual
Ethernet
Button
Software
Multi-WAN Function
System Performance
Bandwidth Management
Firewall Security
Networking
Network Management
WAN
DMZ
Reset 1 x Reset button for reset to factory default setting
Power 1 x Power on/off Switch
Routing
4 x 10/100/1000 Mbps RJ-45
1 x 10/100/1000 Mbps RJ-45
z Inbound / Outbound Load Balance: by session and by IP
z Protocol Binding
z Network Service Detection
z Dynamic Route RIP v1/v2
z Static Route
z Strategy Routing
z Concurrent session :50000
z Firewall performance :1Gbps
z Corporation Size: SMB(clients 200~250)
z 3DES performance:270Mbps
z Guaranteed Bandwidth
z Max Bandwidth
z Session Limit
z Port-based QoS
z NAT
z One-to-One NAT
z Multiple-to-One NAT
z Stateful Packet Inspection(SPI) Firewall
z Denial of Service (DoS) prevention
z IP & Port filtering
z Block Website by Keyword, Content Filter
z Firewall detection: Ping of Death, SYN Flooding, Land attack, IP Spoofing
z Email Alert for Hacker Attack
z IP&MAC Binding
z Support DMZ to protect your network: DMZ Host
z Prevent ARP Attack on LAN
z Configurable DMZ
z DHCP Server (support class C), client, dynamic IP, static IP,IP Grouping
support
z Multiple DHCP Server (support 4 sets of Class C)
z PPPoE / Static IP/ DHCP Client
z Multiple Subnet
z Protocol: TCP /IP, ARP, ICMP, FTP/TFTP, IPv4
z NAT with port forwarding(Virtual Server)
z DNS Relay
z DDNS: Support DynDNS,3322
z Password protected configuration or management sessions for web
access
z Port Management – Speed/Duplex/Auto Negotiation/VLAN
z Transparent Bridge
z Support IPv4/IPv6
z Comprehensive web based management and policy setting
z SNMP v1/v2c
z Monitoring, Logging, and Alarms of system activities
- 4 -
A
VPN Support
zFirmware upgrade through Web browser
PPTP VPNl z 60 PPTP VPN Tunnels
z 200 IPSec VPN Tunnels
z IPSec H/W acceleration
z Friendly VPN Tunnel Management
z IKE: Pre-Shared keys
z IPSec Encryption DES/3DES/AES128/AES192/AES256
z IPSec Authentication MD5/SHA1
IPSec VPN
SSL VPN
z Support PMTU
z NAT Traversal
z Connect on Demand
z DPD detection
z VPN Hub
z IP by DNS Resolved
z View Log
z 10 full set SSL VPN tunnel / 50 Virtual Passage SSL VPN Client
z SSL H/W acceleration
z Remote Desktop Access
z HTTP and HTTPs Proxy
z FTP and Windows Network File Sharing
z Terminal Access: Telnet, SSH
z
z Platform support Windows / Linux / MAC
z SSL Encryptions: 128bit SHA1 (DES-CBC-SHA)
z Encrypted cookies
z Web cache cleaner
z Certificate Server: RSA, PKI, Digital Certificate
z Host Check: Virus Scan, Personal Firewalls, OS Patch
z Role based management
z Access Policy Management
z Logging and monitoring: Syslog logging of SSL VPN events by user,
z Customized User Portal: Allows Portal Layout, Available Services to be
z Single sign-on: Allows Single Sign-On for accessing multiple private
z Group and Global Bookmark Support: Enables users to access resources
uthentication: Radius, LDAP, Microsoft Active Directory and NT Domain
Name
service and type of event
customized
network resources
without needing to remember hostnames or IP addresses
zTunnel quantity upgrade mechanism
VPN Pass
through
zIPSec, PPTP ,L2TP Pass through
Gigabit SSL VPN Security Router User’s Manual
- 5 -
Gigabit SSL VPN Security Router User’s Manual
Chapter 2: Installation Procedure
In this chapter we are going to introduce hardware installation. Through the understanding of multi-WAN
setting process, users can easily setup and manage the network, making VPN Router functioning and having
best performance.
2.1 Systematic Setting Process
Users can set up and enable the network by utilizing bandwidth efficiently. The network can achieve the ideal
efficiency, block attacks, and prevent security risks at the same time. Through the process settings, users can
install and operate VPN Router easily. This simplifies the management and maintenance, making the user
network settings be done at one time. The main process is as below:
Step 1. Hardware installation
Step 2. Login
Step 3. Verify device specification and set up password and time
Step 4. Set WAN connection
Step 5. Set LAN connection: physical port and IP address settings
Step 6. Set QoS bandwidth management: avoid bandwidth occupation
Step 7. Set Firewall: prevent attack and improper access to network resources
Step 8. Other settings: UPnP, DDNS, MAC Clone
Step 9. Management and maintenance settings: Syslog, SNMP, and configuration backup
Below is the description for each setting process, and the correspondent contents and purposes.
# Setting Content Purpose
1 Hardware installation user’s demand. Install VPN Router hardware based on
user physical requirements.
2 Login Login the device with
Web Browser.
Verify device
3
specification
Set password and time Set time and re-new
4 Set WAN connection Verify WAN connection
5 Set LAN connection:
physical port and IP
address settings
6 Set QoS bandwidth
Verify Firmware version
and working status.
password.
setting, bandwidth
allocation, and protocol
binding.
Set mirror port and
VLAN. Allocate and
manage LAN IP.
Restrict bandwidth and
Login VPN Router web-based UI.
Verify VPN Router specification, Firmware
version and working status.
Modify the login password considering safe
issue.
Synchronize the VPN Router time with WAN.
Connect to WAN. Configure bandwidth to
optimize data transmission.
Provide mirror port, port management and VLAN
setting functions. Support Static/DHCP IP
allocation to meet different needs. IP group will
simplize the management work.
To assure transmission of important information,
management: avoid
bandwidth occupation
7 Set Firewall: prevent
attack and improper
access to network
resources
8 Advanced
Settings:DMZ/Forwardin
g, UPnP, DDNS, MAC
Clone
9 Management and
maintenance settings:
Syslog, SNMP, and
configuration backup
session of WAN ports,
LAN IP and application.
Block attack, Set
Access rule and restrict
Web access.
DMZ/Forwarding,
UpnP, Routing Mode,
multiple WAN IP, DDNS
and MAC Clone
Monitor VPN Router
working status and
configuration backup.
manage and allocate the bandwidth further to
achieve best efficiency.
Administrators can block BT to avoid bandwidth
occupation, and enable access rules to restrict
employee accessing internet improperly or using
MSN, QQ and Skype during working time. They
can also protect network from Worm or ARP
attacking.
DMZ/Forwarding, UpnP, Routing Mode, multiple
WAN IP, DDNS and MAC Clone
Administrators can look up system log and
monitor system status and inbound/outbound
flow in real time.
10 VPN Virtual Private Configure VPN tunnels, Configure different types of VPN to meet
- 7 -
Gigabit SSL VPN Security Router User’s Manual
Network function setting e.g. PPTP. different application environment.
11 Logout Close configuration
window.
Logout VPN Router web-based UI.
We will follow the process flow to complete the network setting in the following chapters.
- 8 -
Gigabit SSL VPN Security Router User’s Manual
Chapter 3: Hardware Installation
In this chapter we are going to introduce hardware interface as well as physical installation.
3.1 Installing the Device on a Standard 19” Rack
We suggest to either place the device on a desk or install it in a rack with attached brackets. Do not place
other heavy objects together with the device on a rack. Overloading may cause the rack to fail, thus causing
damage or danger.
Each device comes with a set of rack installation accessories, including 2 L brackets and 8 screws. Users can
rack- mount the device onto the chassis.
Refer to the figure below for the device installation onto a 19” rack:
In order for the device to run smoothly, wherever users install it, be sure not to obstruct the vent
"
Attention
on each side of the device. Keep at least 10cm space in front of both the vents for air
convection.
- 9 -
Gigabit SSL VPN Security Router User’s Manual
3.2 VPN Router Network Connection
The device has 4 WAN ports and a hardware DMZ port, therefore, users can connect the device to the
Internet, and configure a connection to a Public IP server at the same time.
WAN Connection:
A W
AN port can be connected with xDSL Modem, Fiber Modem, Switching Hub, or through an external
router to connect to the Internet. The device has 4 WAN ports. If some of the ports are not in use, WAN3
and WAN4 can be set up, through software, as LAN ports. If only some of the WAN ports are to be
used, it is suggested to select WAN1 and WAN2 as the default choices for Internet connection.
LAN Connection:
The LAN port can b
DMZ port:
The DMZ p
vers, etc
ser
ort can be connected to servers that have legal IP addresses, such as Web servers, mail
e connected to a Switching Hub or directly to a PC.
- 10 -
Gigabit SSL VPN Security Router User’s Manual
Chapter 4: Login VPN Security Router
This chapter is mainly introducing Web-based UI after connecting VPN Router.
First, check up VPN Router IP address by connecting to DOS through the LAN PC under VPN Security
Router. Go to Start → Run, enter cmd to commend DOS, and enter ipconfig for getting Default Gateway
address, as the graphic below, 192.168.1.1. Make sure Default Gateway is also the default IP address of VPN
QoS Router.
When not getting IP address and default gateway by using “ipconfig”, or the received IP
"
Attention
Then, open webpage browser, IE for example, and key in 192.168.1.1 in the website column. The login
window will appear as below:
address is 0.0.0.0 and 169.X.X.X, we recommend that users should check if there is any
problem with the circuits or the computer network card is connected nicely.
- 11 -
Gigabit SSL VPN Security Router User’s Manual
VPN Router default username and password are both “admin”. Users can change the login password in the
setting later.
For security, we strongly suggest that users must change password after login. Please keep the
"
Attention
After login, VPN Router web-based UI will be shown.
password safe, or you can not login to VPN Router. Press Reset button for more than 10 sec, all
the setting will return to default.
- 12 -
Gigabit SSL VPN Security Router User’s Manual
Chapter 5: System Status
This chapter introduces the device specification and status after login as well as change password and
system time settings for security.
5.1 Home Page
In the Home page, all VPN Security Router parameters and status are listed for users’ reference.
5.1.1 WAN Status
Item Description
WAN IP Address
Default Gateway
DNS
Downstream Bandwidth
Usage(%)
Upstream Bandwidth
Usage(%)
DDNS Setup
Indicates the current IP configuration for WAN port.
Indicates current WAN gateway IP address from ISP.
Indicates the current DNS IP configuration.
Indicates the current downstream bandwidth usage (%) for each WAN.
Indicates the current upstream bandwidth usage (%) for each WAN.
Indicates if Dynamic Domain Name is activated. The default configuration is
- 13 -
“Off”.
Gigabit SSL VPN Security Router User’s Manual
Quality of Service
Manual Connect
DMZ IP Address
Indicates how many QoS rules are set.
When “Obtain an IP automatically” is selected, two buttons (Release and
Renew) will appear. If a WAN connection, such as PPPoE or PPTP, is
selected, “Disconnect” and “Connect” will appear.
Indicates the current DMZ IP address.
- 14 -
Gigabit SSL VPN Security Router User’s Manual
5.1.2 Physical Port Status
The status of all system ports, including each connected and enabled port, will be shown on this Home page
(see above table). Click the respective status button and a separate window will appeare to show detailed
data (including setting status summary and statisitcs) of the selected port.
The current port setting status information will be shown in the Port Information Table. Examples: type
(10Base-T/100Base-TX/1000Base-T), iniferface (WAN/ LAN/ DMZ), link status (Up/ Down), physical port
status (Port Enabled/ Port Disabled), priority (high or normal), speed status (10Mbps or 100Mbps), duplex
status (Half/ Full), auto negotiation (Enabled or Disabled). The tabble also shows statistics of Receive/
Transmit Packets, Receive/Transmit Packets Byte Count as well as Error Packets Count.
- 15 -
5.1.3 System Information
Item Description
Gigabit SSL VPN Security Router User’s Manual
LAN IP Address/ Subnet
Mask
Working Mode
System active time:
Serial Number:
Firmware Version
Current Time
5.1.4 Firewall Status
Identifies the current device IP address and subnet mask. The default is
192.168.1.1 and 255.255.255.0
Indicates the current working mode. Can be Gateway or Router mode. The
default is “Gateway” mode
Indicates how long the device has been running.
This number is the device serial number.
Information about the device present software version.
Indicates the device present time.
"
Note
To have the correct time, users must synchronize the device with
the remote NTP server first.
Item Description
SPI (Stateful Packet
Inspection)
DoS (Denial of Service)
Block WAN Request
Indicates whether SPI (Stateful Packet Inspection) is on or off. The default
configuration is “On”.
Indicates if DoS attack prevention is activated.The default configuration is “On”.
Indicates that denying the connection from Internet is activated. The default
- 16 -
configuration is “On”.
Gigabit SSL VPN Security Router User’s Manual
Prevent ARP Virus
Attack
Remote Management
Access Rule
Indicates that preventing Arp virus attack is acitvated. The default configuration
is “Off”.
Indicates if remote management is activated (on or off). Click the hyperlink to
enter and manage the configuration. The default configuration is “Off”.
Indicates the number of access rule applied in VPN Security Router.
5.1.5 VPN Status
Item Description
VPN Setting Status
Indicates VPN setting information in VPN Router.
Tunnel(s) Used
Tunnel(s) Available
Indicates number of tunnels that have been configured in VPN (Virtual Private
Network).
Indicates number of tunnels that are available for VPN (Virtual Private
Network).
5.1.6 Log Setting Status
Item Description
Sent Log To
Indicates if Syslog Server is Enabled or Disabled.
5.2 Change and Set Login Password and Time
5.2.1 Password Setting
When you login VPN Router setting window every time, you must enter the password. The default value for
VPN Router username and password are both “admin”. For security reasons, we strongly recommend that
you must change your password after first login. Please keep the password safe, or you might not login to
VPN Router. You can press Reset button for more than 10 sec, VPN Router will return back to default.
- 17 -
Item Description
Gigabit SSL VPN Security Router User’s Manual
User Name
Password
New User Name
New Passwor d
Confirm New Password
Apply
Cancel
If users have already changed username and password, they should login with current username and
password and input “admin” as new username and password if they have to return back to default.
The default is “admin”.
Input the original password.(The default is “admin”.)
Input the new user name. e.x. Planet
Input the new password.
Input the new password again for verification.
Click “Apply” to save the configuration.
Click “Cancel" to leave without making any change. This action will be
effective before ”Apply” to save the configuration.
5.2.2 Network Time
VPN Router can adjust time setting. Users can know the exact time of event occurrences that are recorded in
the System Log, and the time of closing or opening access for Internet resources. You can either select the
embedded NTP Server synchronization function or set up a time reference.
Set system time using a NTP server : VPN Router has embedded NTP server, which will update the time
spontaneously.
- 18 -
Item Description
Gigabit SSL VPN Security Router User’s Manual
Time Zone
Daylight Saving
NTP Server
Apply
Cancel
Select your location from the pull-down time zone list to show correct local time.
If there is Daylight Saving Time in your area, input the date range. The device
will adjust the time for the Daylight Saving period automatically.
If you have your own preferred time server, input the server IP address.
After the changes are completed, click “Apply” to save the configuration.
Click “Cancel" to leave without making any change. This action will be
effective before ”Apply” to save the configuration.
Select System Time Manually: Input the correct time, date, and year in the boxes.
After the changes are completed, click “Apply” to save the configuration. Click “Cancel" to leave without
making any change. This action will be effective before ”Apply” to save the configuration.
- 19 -
Gigabit SSL VPN Security Router User’s Manual
Chapter 6: Network
This Network page contains the basic settings. For most users, completing this general setting is enough for
connecting with the Internet. However, some users need advanced information from their ISP. Please refer to
the following descriptions for specific configurations.
6.1 Network Connection
6.1.1 Host Name and Domain Name
Dev
ice name and domain name can be input in the two boxes. Though this configuration is not necessary in
most environments, some ISPs in some countries may require it.
6.1.2 IP Mode
Cho
ose the type of addressing to use on your network:
IPv4 Only: Use only IPv4 addressing.
Dual-Stack IP: Use IPv4 and IPv6 addressing. So that you can configure both IPv4 and IPv6 addresses for
LAN, WAN, and DMZ settings on this page.
6.1.3 LAN Setting
- 20 -
Gigabit SSL VPN Security Router User’s Manual
6.1.3.1 IPv4 Only
This is configuration information for SG-4800 current LAN IP address. The default configuration is
192.168.1.1 and the default Subnet Mask is 255.255.255.0. It can be changed according to the actual network
structure.
Multiple-Subnet Setting: (IPv4 Only)
Click “Unified IP Management” to enter the configuration page, as shown in the following figure. Input the
respective IP addresses and subnet masks.
This is configuration information for the device current LAN IP address. The default configuration is
192.168.1.1 and the default Subnet Mask is 255.255.255.0. It can be changed according to the actual network
structure.
- 21 -
Gigabit SSL VPN Security Router User’s Manual
This
function enables users to input IP segments that differ from the router network segment to the multi-net
segment configuration; the Internet will then be directly accessible. In other words, if there are already
different IP segment groups in the Intranet, the Internet is still accessible without making any changes to
internal PCs. Users can make changes according to their actual network structure.
6.1.3.2 Dual-Stack IP (IPv4 and IPv6)
rs have to enable Dual-Stack IP in the IP mode section in advance to configure IPv6. Then click the IPv6
Use
tab, and then enter the IPv6 Address and the Prefix Length. The default IP address is fc00::1, and the default
prefix length is 7. It can be changed according to the actual network structure.
- 22 -
Gigabit SSL VPN Security Router User’s Manual
Click “Unified IP Management” to enter the configuration page, as shown in the following figure. Input the
respective IP addresses and subnet masks.
"
Note
making any change.
To configure global IPv6 prefixes for your LAN devices, go to the WAN Setting, click the IPv6 tab,
and click Edit for the WAN interface. Then enter the LAN IPv6 Address.
After the changes are completed, click “Apply” to save the configuration. Click “Cancel" to leave without
- 23 -
6.1.4 WAN & DMZ Settings
6.1.4.1 IPv4 Only
WAN Setting
Item Description
Gigabit SSL VPN Security Router User’s Manual
Interface
Connection Type
Config
An indication of which port is connected.
Obtain an IP automatically, Static IP connection, PPPoE (Point-to-Point
Protocol over Ethernet), PPTP (Point-to-Point Tunneling Protocol) or
Transparent Bridge.
A modification in an advanced configuration: Click Edit to enter the advanced
configuration page.
Obtain an Automatic IP automatically
This mode is often used in the connection mode to obtain an automatic DHCP IP. This is the device
system default connection mode. It is a connection mode in which DHCP clients obtain an IP address
automatically. If having a different connection mode, please refer to the following introduction for selection of
appropriate configurations. Users can also set up their own DNS IP address. Check the options and input the
user-defined DNS IP addresses.
- 24 -
Loading...
+ 152 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.