Sharetech LB-2210 User Manual

Multi-Homing Dual WAN

Firewall Router

User’s Manual

Doc. No.: 120602-04

- 1 -

Contents

System

Admin

Setting

Date/Time

Multiple NAT

Hack Alert

Route Table

DHCP

DNS Proxy

Dynamic DNS

Logout

Software Update

Interface

5

7
12
19
20
25
27
31
33
37
41
42

43

LAN

WAN

Address

LAN

LAN Group

WAN

WAN Group

Service

Pre-defined

Custom

44
45

51

52
56
59
63

67

68
69

- 2 -

Group

73

Schedule
Policy

Outgoing

Incoming

VPN

Autokey IKE

PPTP Server

PPTP Client

Content filtering

URL Blocking

General Blocking

Virtual Server

Mapped IP

77
81

82
89

93

94
98

103

107

108
112

113

114

Virtual Server

LOG

Traffic Log

Event Log

Log Backup

Alarm

Traffic Alarm

Event Alarm

Statistics

WAN Statistics

Policy Statistics

Status

118

125

126
129
132

135

136
139

143

144
145

147

- 3 -

Interface Status

148

ARP Table

DHCP Clients

Setup Examples

149
150

151

- 4 -

System

The device Multi-Homing Administration and monitoring control is set by the System Administrator.
The System Administrator can add or modify System settings and monitoring mode. The sub
Administrators can only read System settings but not modify them. In System, the System
Administrator can:

(1) Add and change the sub Administrator’s names and passwords;
(2) Back up all Multi-Homing settings into local files;
(3) Set up alerts for Hackers invasion.

What is System?

“System” is the managing of settings such as the privileges of packets that pass through the Multi­Homing and monitoring controls. Administrators may manage, monitor, and configure Multi-Homing
settings. All configurations are “read-only” for all users other than the Administrator; those users are
not able to change any settings for the Multi-Homing.

The eleven sub functions under System are Admini, Setting, Date/Time, Multiple NAT, Hack Alert,

Route Table, DHCP, DNS Proxy, Dynamic DNS, Logout and Software Update.

Admin: has control of user access to the Multi-Homing. He/she can add/remove users and change

passwords.

Setting: The Administrator may use this function to backup Multi-Homing configurations and export

(save) them to an “Administrator” computer or anywhere on the network; or restore a configuration
file to the device; or restore the Multi-Homing back to default factory settings. Under Setting, the
Administrator may enable e-mail alert notification. This will alert Administrator(s) automatically
whenever the Multi-Homing has experienced unauthorized access or a network hit (hacking or
flooding). Once enabled, an IP address of a SMTP(Simple Mail Transfer protocol) Server is required.
Up to two e-mail addresses can be entered for the alert notifications.

Software Update: Administrators may visit distributor’s web site to download the latest firmware.
Administrators may update the device firmware to optimize its performance and keep up with the
latest fixes for intruding attacks.

Date/Time: This function enables the Multi-Homing to be synchronized either with an Internet Server
time or with the client computer’s clock.

Multiple NAT

Multiple NAT allows local port to set multiple subnetworks and connect with the

internet through different WAN 1 IP Addresses.

Hack Alert When abnormal conditions occur, the Multi-Homing will send an e-mail alert to notify the
Administrator, and also display warning messages in the Event window of Alarm.

Route Table Use this function to enable the Administrator to add static routes for the networks when
the dynamic route is not efficient enough.

DHCP Administrator can configure DHCP (Dynamic Host Configuration Protocol) settings for the LAN
(LAN) network.

- 5 -

DNS Proxy The device’s Administrator may use the DNS Proxy function to make the 10/100M 2
WAN /4 LAN Multi-Homing Dual WAN Firewall Router act as a DNS Server for the LAN and WAN 1/2
network. All DNS requests to a specific Domain Name will be routed to the Multi-Homing’s IP
address. For example, let’s say an organization has their mail server (i.e., mail.dfl300.com) in the
WAN 1/2 network (i.e.192.168.10.10). The outside Internet world may access the mail server of the
organization easily by its domain name, providing that the Administrator has set up Virtual Server or
Mapped IP settings correctly. However, for the users in the LAN network, their WAN 1/2 DNS server
will assign them a public IP address for the mail server. So for the LAN network to access the mail
server (mail.dfl300.com), they would have to go out to the Internet, then come back through the Multi­Homing to access the mail server. Essentially, the LAN network is accessing the mail server by a real
public IP address, while the mail server serves their request by a NAT address and not a real one.
This odd situation occurs when there are servers in the WAN 1/2 network and they are bounded to
real IP addresses. To avoid this, set up DNS Proxy so all the LAN network computers will use the
device as a DNS server, which acts as the DNS Proxy.

Dynamic DNS The Dynamic DNS (require Dynamic DNS Service) allows you to alias a dynamic IP

address to a static hostname, allowing your device to be more easily accessed by specific name. When
this function is enabled, the IP address in Dynamic DNS Server will be automatically updated with the
new IP address provided by ISP

Logout

Administrator logs out the Multi-Homing. This function protects your system while you are

away.

Software Update The administrator can update the device’s software with the latest version..

- 6 -

Admin

On the left hand menu, click on Setup, and then select Admin below it. The current list of
Administrator(s) shows up.

- 7 -

Settings of the Administration table

Administrator Name: The username of Administrators for the Multi-Homing. The user admin cannot
be removed.

Privilege:

The username of the main Administrator is Administrator with read / write privilege.
Sub Admins may be created by the Admin by clicking

only privilege.

Configure:

“Sub Administrator.”

The privileges of Administrators (Admin or Sub Admin)

New Sub Admin

Click Modify to change the “Sub Administrator’s” password and click Remove to delete a

. Sub Admins have read

- 8 -

Adding a new Sub Administrator

Step 1. In the Admin window, click the New Sub Admin button to create a new Sub Administrator.

Step 2. In the Add New Sub Administrator window:

 Sub Admin Name: enter the username of new Sub Admin.

 Password: enter a password for the new Sub Admin.

 Confirm Password: enter the password again.

Step 3. Click OK to add the user or click Cancel to cancel the addition.

- 9 -

Changing the Sub-Administrator’s Password

Step 1. In the Admin window, locate the Administrator name you want to edit, and click on

Modify in the Configure field.

Step 2. The Modify Administrator Password window will appear. Enter in the required

information:

 Password: enter original password.
 New Password: enter new password
 Confirm Password: enter the new password again.

Step 3. Click OK to confirm password change or click Cancel to cancel it.

- 10 -

Removing a Sub Administrator

Step 1. In the Administration table, locate the Administrator name you want to edit, and click on the

Remove option in the Configure field.

Step 2. The Remove confirmation pop-up box will appear.

Step 3. Click OK to remove that Sub Admin or click Cancel to cancel.

- 11 -

Settings

The Administrator may use this function to backup Multi-Homing configurations and export (save)
them to an “Administrator” computer or anywhere on the network; or restore a configuration file to
the device; or restore the Multi-Homing back to default factory settings.

Entering the Settings window

Click Setting in the System menu to enter the Settings window. The Multi-Homing Configuration
settings will be shown on the screen.

- 12 -

Exporting Multi-Homing Dual WAN Firewall Router settings

Step 1. Under Multi-Homing Configuration, click on the Download button next to Export System

Settings to Client.

Step 2. When the File Download pop-up window appears, choose the destination place in which to

save the exported file. The Administrator may choose to rename the file if preferred.

- 13 -

Importing Multi-Homing settings

Step 1. Under Multi-Homing Configuration, click on the Browse button next to Import System

Settings. When the Choose File pop-up window appears, select the file to which contains
the saved Multi-Homing Settings, then click OK.

Step 2. Click OK to import the file into the Multi-Homing or click Cancel to cancel importing.

- 14 -

Restoring Factory Default Settings

Step 1. Select Reset Factory Settings under Multi-Homing Configuration.

Step 2. Click OK at the bottom-right of the screen to restore the factory settings.

- 15 -

Enabling E-mail Alert Notification

Step 1. Select Enable E-mail Alert Notification under E-Mail Settings. This function will enable

the Multi-Homing to send e-mail alerts to the System Administrator when the network is
being attacked by hackers or when emergency conditions occur.

Step 2. SMTP Server IP: Enter SMTP server’s IP address.

Step 3. E-Mail Address 1: Enter the first e-mail address to receive the alarm notification.

Step 4. E-Mail Address 2: Enter the second e-mail address to receive the alarm notification.

(Optional)

Step 5. Click OK on the bottom-right of the screen to enable E-mail alert notification.

- 16 -

To-Multi-Homing Packets Log

Select this option to the device’s To-Multi-Homing Packets Log. Once this function is enabled,
every packet to this appliance will be recorded for system manager to trace.

- 17 -

Multi-Homing Reboot

Select this option to the device’s Multi-Homing Reboot. Once this function is enabled, the Multi­Homing will be reboot.

Step 1. Click Setting in the Administration menu to enter the settings window.

Step 2. Reboot Multi-Homing: Click Reboot.

Step 3. A confirmation pop-up box will appear.
Step 4. Follow the confirmation pop-up box, click OK to restart Multi-Homing or click Cancel to

discard changes.

- 18 -

Date/Time

Synchronizing the Multi-Homing with the System Clock

Select this option to synchronize this device’s System clock with the client computer’s clock. This will
allow the logs to be time stamped correctly according to the computer clock time.

Step 1. Click System →Date/Time.

Step 2. Click the down arrow b to select the offset time from GMT.

Step 3. Enter the Server IP Address or Server name with which you want to synchronize.

Step 4. Update system clock every  minutes You can set the interval time to synchronize with

outside servers. If you set it to 0, it means the device will not synchronize automatically.

Step 5. Synchronize system clock with this client: You can synchronize this Homing Gateway with
this client computer by clicking the Sync button .

Step 6. Click the OK button below to change the setting or click Cancel to discard changes.

- 19 -

Multiple NAT

Multiple NAT allows local port to set multiple subnetworks and connect with the internet through
different WAN 1 IP Addresses.
For instance：The lease line of a company applies several real IP Addresses 168.85.88.0/24，and the

company is divided into R&D department, service, sales department, procurement department,
accounting department， the company can distinguish each department by different subneworks for

the purpose of convenient management. The settings are as the following：

1.R&D department subnetwork：192.168.1.11/24(Internal)  168.85.88.253(WAN 1)

2. Service department subnetwork： 192.168.2.11/24(Internal)  168.85.88.252(WAN 1)

3.Sales deparment subnetwork： 192.168.3.11/24(Internal)  168.85.88.251(WAN 1)

4.Procurement department subnetwork 192.168.4.11/24(Internal)  168.85.88.250(WAN 1)

5.Accounting department subnetwork 192.168.5.11/24(Internal)  168.85.88.249(WAN 1)
The first department(R&D department) was set while setting interface IP, the other four ones have
to be added in Multiple NAT，after completing the settings, each deparment use the different WAN

IP Address to connect to the internet. The settings of each department are as the following
Service IP Address：192.168.2.1

Subnet Mask：255.255.255.0
Default Gateway：192.168.2.11

The other departments are also set by groups, this is the function of Multiple NAT.

- 20 -

Multiple NAT settings

Click Multiple NAT in the System menu to enter Multiple NAT window.

Multiple NAT

 Global port interface IP Address：Global port IP Address.
 Local port interface IP Address：Local port IP Address and subnet Mask.

 Modify：Modify the settings of Multiple NAT. Click Modify to modify the parameters of

Multiple NAT or click Delete to delete settings.

- 21 -

Add Multiple NAT

Step 1. Click Multiple NAT in the System menu to enter Multiple NAT window.

Step 2. Click the Add button below to add Multiple NAT.

Step 3. Enter the IP Address in the website name column of the new window.

1.1 Global port interface IP Address： Select Global port IP Address.

3.2 Local port interface IP Address： Enter Local port IP Address.

3.3 Subnet Mask：Enter Local port subnet Mask.

Step 4. Click OK to add Multiple NAT or click Cancel to discard changes.

- 22 -

Modify Multiple NAT

Step 1.

Step 2. Find the IP Address you want to modify and click Modify

Step 3. Enter the new IP Address in Modify Multiple NAT window.

Click Multiple NAT in the System menu to enter Multiple NAT window.

Step 4.

Click the OK button below to change the setting or click Cancel to discard changes.

- 23 -

Delete Multiple NAT

Step 1.Click Multiple NAT in the System menu to enter Multiple NAT window.

Step 2.

Step 3.

changes.

Find the IP Address you want to delete and click Delete.

A confirmaion pop-up box will appear, click OK to delete the setting or click Cancel to discard

- 24 -

Hacker Alert

The Administrator can enable the device’s auto detect functions in this section. When abnormal
conditions occur, the Multi-Homing will send an e-mail alert to notify the Administrator, and also
display warning messages in the Event window of Alarm.

Auto Detect functions

 Detect SYN Attack: Select this option to detect TCP SYN attacks that hackers send to

server computers continuously to block or cut down all the connections of the servers. These
attacks will prevent valid users from connecting to the servers. After enabling this function,
the System Administrator can enter the number of SYN packets per second that is allow to
enter the network/Multi-Homing. Once the SYN packets exceed this limit, the activity will be
logged in Alarm and an email alert is sent to the Administrator. The default SYN flood
threshold is set to 200 Pkts/Sec

 Detect ICMP Flood: Select this option to detect ICMP flood attacks. When hackers

continuously send PING packets to all the machines of theLAN networks or to the Multi­Homing, your network is experiencing an ICMP flood attack. This can cause traffic
congestion on the network and slows the network down. After enabling this function, the
System Administrator can enter the number of ICMP packets per second that is allowed to
enter the network/Multi-Homing. Once the ICMP packets exceed this limit, the activity will
be logged in Alarm and an email alert is sent to the Administrator. The default ICMP flood
threshold is set to 1000 Pkts/Sec.

 Detect UDP Flood: Select this option to detect UDP flood attacks. A UDP flood attack is

similar to an ICMP flood attack. After enabling this function, the System Administrator can
enter the number of UDP packets per second that is allow to enter the network/Multi-Homing.
Once the UDP packets exceed this limit, the activity will be logged in Alarm and an email
alert is sent to the Administrator. The default UDP flood threshold is set to 1000 Pkts/Sec .

.

- 25 -

 Detect Ping of Death Attack: Select this option to detect the attacks of tremendous trash

data in PING packets that hackers send to cause System malfunction This attack can cause
network speed to slow down, or even make it necessary to restart the computer to get a
normal operation.

 Detect Tear Drop Attack: Select this option to detect tear drop attacks. These are packets

that are segmented to small packets with negative length. Some Systems treat the negative
value as a very large number, and copy enormous data into the System to cause System
damage, such as a shut down or a restart.

 Detect IP Spoofing Attack: Select this option to detect spoof attacks. Hackers disguise

themselves as trusted users of the network in Spoof attacks. They use a fake identity to try
to pass through the Multi-Homing System and invade the network.

 Filter IP Source Route Option: Each IP packet can carry an optional field that specifies the

replying address that can be different from the source address specified in packet’s header.
Hackers can use this address field on disguised packets to invadeLAN networks and
sendLAN networks’ data back to them.

 Detect Port Scan Attack: Select this option to detect the port scans hackers use to

continuously scan networks on the Internet to detect computers and vulnerable ports that
are opened by those computers.

 Detect Land Attack: Some Systems may shut down when receiving packets with the same

source and destination addresses, the same source port and destination port, and when
SYN on the TCP header is
marked. Enable this function to detect such abnormal packets.

 Default Packet Deny: Denies all packets from passing the Multi-Homing. A packet can pass

only when there is a policy that allows it to pass.

After enabling the needed detect functions, click OK to activate the changes.

- 26 -

Route Table

In this section, the Administrator can add static routes for the networks.

Entering the Route Table screen

Click System on the left side menu bar, then click Route Table below it. The Route Table window
appears, in which current route settings are shown.

Route Table functions

 Interface: Destination network , LAN or WAN 1 networks.

 Destination IP: IP address of destination network.

 NetMask: Netmask of destination network.

 Gateway: Gateway IP address for connecting to destination network.

 Configure: Change settings in the route table.

- 27 -

Adding a new Static Route

Step 1. In the Route Table window, click the New Entry button.

Step 2. In the Add New Static Route window, enter new static route information.

Step 3. In the Interface field’s pull-down menu, choose the network to connect (Internal, WAN 1 or

WAN 2).

Step 4. Click OK to add the new static route or click Cancel to cancel.

- 28 -

Modifying a Static Route:

Step 1. In the Route Table menu, find the route to edit and click the corresponding Modify option in

the Configure field.

Step 2. In the Modify Static Route window, modify the necessary routing addresses.

Step 3. Click OK to apply changes or click Cancel to cancel it.

- 29 -

Removing a Static Route

Step 1. In the Route Table window, find the route to remove and click the corresponding Remove

option in the Configure field.

Step 2. In the Remove confirmation pop-up box, click OK to confirm removing or click Cancel to

cancel it.

- 30 -