SMC Networks SMCBR21VPN User Manual

Barricade™
Dual WAN Port Load Balancing VPN Router

SMCBR21VPN

Copyright

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate
and reliable. However, no responsibility is assumed by SMC for its use, nor for
any infringements of patents or other rights of third parties which may result from
its use. No license is granted by implication or otherwise under any patent or
patent rights of SMC. SMC reserves the right to change specifications at any
time without notice.

Copyright © 2008 by

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

All rights reserved. Printed in Taiwan

Trademarks:

SMC is a registered trademark; and EZ Connect is a trademark of SMC Networks,
Inc. Other product and company names are trademarks or registered trademarks of
their respective holders.

LIMITED W A RRANTY

Limited Warranty S tatement: SMC Networks, Inc. (“SMC”) warrants its products to be free
from defects in workmanship and materials, under normal use and service, for the
applicable warranty term. All SMC products carry a standard 90-day limited warranty from
the date of purchase from SMC or its Authorized Reseller. SMC may , at it s own discretion,
repair or replace any product not operating as warranted with a similar or functionally
equivalent product, during the applicable warranty term. SMC will endeavor to repair or
replace any product returned under warranty within 30 days of receipt of the product. The
standard limited warranty can be upgraded to a Limited Lifetime* warranty by registering
new products within 30 days of purchase from SMC or its Authorized Reseller. Registration
can be accomplished via the enclosed product registration card or online via the SMC
website. Failure to register will not affect the standard limited warranty . The Limited
Lifetime warranty covers a product during the Life of that Product, which is defined as the
period of time during which the product is an “Active” SMC product. A product is
considered to be “Active” while it is listed on the current SMC price list. As new
technologies emerge, older technologies become obsolete and SMC will, at its discretion,
replace an older product in its product line with one that incorporates these newer
technologies. At that point, the obsolete product is discontinued and is no longer an
“Active” SMC product. A list of discontinued products with their respective dates of
discontinuance can be found at:
http://www.smc.com/index.cfm?action=customer_service_warranty .
All products that are replaced become the property of SMC. Replacement products may
be either new or reconditioned. Any replaced or repaired product carries either a 30-day
limited warranty or the remainder of the initial warranty, whichever is longer. SMC is not
responsible for any custom software or firmware, configuration information, or memory
data of Customer contained in, stored on, or integrated with any products returned to SMC
pursuant to any warranty. Products returned to SMC should have any customer-installed
accessory or add-on components, such as expansion modules, removed prior to returning
the product for replacement. SMC is not responsible for these items if they are returned
with the product. Customers must contact SMC for a Return Material Authorization number
prior to returning any product to SMC. Proof of purchase may be required. Any product
returned to SMC without a valid Return Material Authorization (RMA) number clearly

2

marked on the outside of the package will be returned to customer at customer’s expense.
For warranty claims within North America, please call our toll-free customer support
number at (800) 762-4968. Customers are responsible for all shipping charges from their
facility to SMC. SMC is responsible for return shipping charges from SMC to customer.

WARRANTIES EX CLUSIV E: IF AN SMC P RODUC T DOES NOT OPERATE AS
WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR
REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE
FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF
ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN
FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING
WARRANTIES OR CONDITIONS OF M ERCHAN TABILITY AND FITNESS FOR A
PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER
PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE
SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC SHALL
NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION
DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS
CAUSED BY
CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT, IMPROPER
INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REP AIR, OR ANY
OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT,
FIRE, LIGHTNING, OR OTHER HAZARD.
LIMIT A TION OF LIABILITY : IN NO EVENT, WHETHER BASED IN CONTRACT OR TORT
(INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL,
CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND, OR
FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS
ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION,
MAINTENANCE, USE, PERFORMANCE, FAILU R E , O R I N TE R RUP T ION OF ITS
PRODUCTS, EVEN IF SMC OR ITS AUTHOR IZED RES ELLE R HAS BEE N ADVISED
OF THE POSSIBILITY O F SUC H DAMAGES. SOME STATES DO NOT ALLOW THE
EXCLUSION OF IMPLIED WARRANTIES OR THE LIMITATION OF I NC ID ENTAL OR

3

CONSEQUENTIAL DAMAGES FOR CO NSUMER PRODUCTS, SO THE ABOVE
LIMIT ATIONS AND EXCLUSIONS MAY NOT APP LY TO YOU. THIS W ARRANTY GIVES
YOU SPECIFIC LEGAL
RIGHTS, WHICH MAY VAR Y FROM STATE TO STA TE. NOTHING IN THIS W A RRANTY
SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.

* SMC will provide warranty service for one year following discontinuance from the active
SMC price list. Under the limited lifetime warranty , internal and external power supplies,
fans, and cables are covered by a standard one-year warranty from date of purchase.

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

4

COMPLIANCES

FCC - Class A

This equipment has been tested and found to comply with the limits for a Class A digital
device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide
reasonable protection against harmful interference in a residential installation. This
equipment generates, uses and can radiate radio frequency energy and, if not installed
and used in accordance with instructions, may cause harmful interference to radio
communications. However, there is n o guarantee that the interference will not occur in a
particular installation. If this equipment does cause harmful interference to radio or
television reception, which can be determined by turning the equipment off and on, the
user is encouraged to try to correct the interference by one or more of the following
measures:

• Reorient the receiving antenna

• Increase the separation between the equipment and receiver

• Connect the equipment into an outlet on a circuit different from that to which the

receiver is connected

• Consult the dealer or an experienced radio/TV technician for help

EC Conformance Declaration - Class A

SMC contact for these products in Europe is:

SMC Networks Europe,
Edificio Conata II,
Calle Fructuós Gelabert 6-8, 2o, 4a,
08970 - Sant Joan Despí,

Barcelona, Spain.
This information technology equipment complies with the requirements of the Council
Directive 89/336/EEC on the Approximation of the laws of the Member States relating to
Electromagnetic Compatibility and 73/23/EEC for electrical equipment used within
certain
voltage limits and the Amendment Directive 93/68/EEC. For the evaluation of the
compliance with these Directives, the following standards were applied:

5

RFI Emission:

• Limit class A according to EN 55022:1998, IEC 60601-1-2 (EMC,medical)

• Limit class A for harmonic current emission according toEN 61000-3-2/1995

• Limitation of voltage fluctuation and flicker in low-voltage supply system

according to EN 61000-3-3/1995
Immunity:

• Product family standard according to EN 55024:1998

• Electrostatic Discharge according to EN 61000-4-2:1995

(Contact Discharge: ±4 kV, Air Discharge: ±8 kV)

• Radio-frequency electromagnetic field according to EN 61000-4-3:1996
(80 - 1000 MHz with 1 kHz AM 80% Modulation: 3 V/m)

• Electrical fast transient/burst according to EN 61000-4-4:1995 (AC/DC
power supply: ±1 kV, Data/Signal lines: ±0.5 kV)

• Surge immunity test according to EN 61000-4-5:1995
(AC/DC Line to Line: ±1 kV, AC/DC Line to Earth: ±2 kV)

• Immunity to conducted disturbances, Induced by radio-frequency fields:
EN 61000-4-6:1996 (0.15 - 80 MHz with

1 kHz AM 80% Modulation: 3 V/m)

• Power frequency magnetic field immunity test according to
EN 61000-4-8:1993 (1 A/m at frequency 50 Hz)

• Voltage dips, short interruptions and voltage variations immunity test
according to EN 61000-4-11:1994 (>95% Reduction @10 ms, 30%
Reduction @500 ms, >95% Reduction @5000 ms)

LVD:

• EN 60950-1:2001

6

Please read the following safety information carefully
before installing the device:

WARNING: Installation and removal of the unit must be carried out by

qualified personnel only.

• This guide is intended for use by network administrators who are
responsible for setting up and installing network equipment;
consequently it assumes a basic working knowledge of LANs (Local Area
Networks).

• The unit must be connected to an earthed (grounded) outlet to comply with
international safety standards.

• Do not connect the unit to an A.C. outlet (power supply) without an
earth (ground) connection.

• The appliance coupler (the connector to the unit and not the wall plug)
must have a configuration for mating with an EN 60320/IEC 320
appliance inlet.

• The socket outlet must be near to the unit and easily accessible. You can only
remove power from the unit by disconnecting the power cord from the outlet.

• This unit operates under SELV (Saf ety Extra Low Voltage) conditions
according to IEC 60950. The conditions are only maintained if the
equipment to which it is connected also operates under SELV
conditions.

7

Veuillez lire à fond l’information de la sécurité suivante avant d’installer le Device:
AVERTISSEMENT: L.installation et la dépose de ce groupe doivent être

confiés à un personnel qualifié.

• Ne branchez pas votre appareil sur une prise secteur (alimentation
électrique) lorsqu’il n’y a pas de connexion de mise à la terre (mise à la
masse).

• Vous devez raccorder ce groupe à une sortie mise à la terre (mise à la masse)
afin de respecter les normes internationales de sécurité.

• Le coupleur d.appareil (le connecteur du groupe et non pas la prise
murale) doit respecter une configuration qui permet un branchement sur une
entrée d.appareil EN 60320/IEC 320.

• La prise secteur doit se trouver à proximité de l.appareil et son accès doit être
facile. Vous ne pouvez mettre l.appareil hors circuit qu.en
débranchant son cordon électrique au niveau de cette prise.

• L.appareil fonctionne à une tension extrêmement basse de sécurité qui
est conforme à la norme IEC 60950. Ces conditions ne sont maintenues que si
l.équipement auquel il est raccordé fonctionne dans les mêmes conditions.

Bitte unbedingt vor dem Einbauen des RPU die
folgenden Sicherheitsanweisungen durchlesen:

WARNUNG: Die Installation und der Ausbau des Geräts darf nur durch

Fachpersonal erfolgen.

• Diese Anleitung ist fr die Benutzung durch Netzwerkadministratoren
vorgesehen, die fr die Installation und das einstellen von
Netzwerkkomponenten verantwortlich sind; sie setzt Erfahrung bei der Arbeit mit
LANs (Local Area Networks) voraus.

• Das Gerät sollte nicht an eine ungeerdete Wechselstromsteckdose
angeschlossen werden.

8

• Das Gerät muß an eine geerdete Steckdose angeschlossen werden,
welche die internationalen Sicherheitsnormen erfüllt.

• Der Gerätestecker (der Anschluß an das Gerät, nicht der
Wandsteckdosenstecker) muß einen gemäß EN 60320/IEC 320
konfigurierten Geräteeingang haben.

• Die Netzsteckdose muß in der Nähe des Geräts und leicht zugänglich
sein. Die Stromversorgung des Geräts kann nur durch Herausziehen des
Gerätenetzkabels aus der Netzsteckdose unterbrochen werden.

• Der Betrieb dieses Geräts erfolgt unter den SELV-Bedingungen
(Sicherheitskleinstspannung) gemäß IEC 60950. Diese Bedingungen sind
nur gegeben, wenn auch die an das Gerät angeschlossenen Geräte unter
SELV-Bedingungen betrieben werden

Stromkabel. Dies muss von dem Land, in dem es
benutzt wird geprüft werden:

Dieser Stromstecker muß die SEV/ASE

Schweiz

1011Bestimmungen ein- halten.
Das Netzkabel muß vom Typ

Europe

HO3VVF3GO.75 (Mindestan-

forderung) sein und die Aufschrift <HAR>

oder <BASEC> tragen

Der Netzstecker muß die Norm CEE 7/7

erfüllen (.SCHUKO.).

9

Warnings and Cautionary Messages

Warning: This product does not contain any serviceable user parts.
Warning: Installation and removal of the unit must be carried out by qualified personnel

only.

Warning: When connecting this device to a power outlet, connect the field ground lead

on the tri-pole power plug to a valid earth ground line to prevent electrical
hazards.

Caution: Wear an anti-static wrist strap or take other suitable measures to prevent

electrostatic discharge when handling this equipment.

Caution: Do not plug a phone jack connector in the RJ-45 port. This may damage this

device. Les raccordeurs ne sont pas utilisé pour le système téléphonique!

Caution: Use only twisted-pair cables with RJ-45 connectors that conform to FCC

standards.

Warnings (in German)

Achtung: Dieses Produkt enthält keine Teile, die eine Wartung vom Benutzer

benötigen.
Achtung: Installation und Deinstallation des Gerätes müssen von qualifiziertem

Servicepersonal durchgeführt werden.
Achtung: Wenn das Gerät an eine Steckdose angeschlossen wird, muß der
Masseanschluß

n Netzstecker mit Schutzerde verbunden werden, um elektrische

Gefahren zu vermeiden.

10

Environmental Statement

The manufacturer of this product endeavours to sustain an environmentally-friendly
policy throughout the entire production process. This is achieved though the following
means:

• Adherence to national legislation and regulations on environmental production

standards.

• Conservation of operational resources.

• Waste reduction and safe disposal of all harmful un-recyclable by-products.

• Recycling of all reusable waste content.

• Design of products to maximize recyclables at the end of the product.s life span.

• Continual monitoring of safety standards.

End of Product Life Span

This product is manufactured in such a way as to allow for the recovery and disposal of
all included electrical components once the product has reached the end of its life.

Manufacturing Materials

There are no hazardous nor ozone-depleting materials in this product.

Documentation

All printed documentation for this product uses biodegradable paper that originates from
sustained and managed forests. The inks used in the printing process are non-toxic.

Purpose

This guide details the hardware features of the product, including Its physical and
performance-related characteristics, and how to install the product.

11

Audience

The guide is intended for use by network administrators who are responsible for
installing and setting up network equipment; consequently, it assumes a basic working
knowledge of LANs (Local Area Networks).

Diese Anleitung ist für die Benutzung durch Netzwerkadministratoren vorgesehen, die
für die Installation und das einstellen von Netzwerkkomponenten verantwortlich sind;
sie setzt Erfahrung bei der Arbeit mit LANs (Local Area Networks) voraus.

12

Contents

CHAPTER 1 ADMINISTRATOR...........................................................................................................16

ADMIN....................................................................................................................................................18

LOGOUT..................................................................................................................................................21

SOFTWARE UPDATE.................................................................................................................................22

CHAPTER 2 CONFIGURE....................................................................................................................23

SETTING..................................................................................................................................................28

DATE / TIME............................................................................................................................................34

MULTIPLE SUBNET..................................................................................................................................35

ROUTE TABLE.........................................................................................................................................38

DDNS ....................................................................................................................................................44

HOST TABLE ...........................................................................................................................................46

LANGUAGE .............................................................................................................................................47

CHAPTER 3 INTERFACE......................................................................................................................48

LAN.......................................................................................................................................................53

WAN ......................................................................................................................................................54

DMZ ...................................................................................................................................................... 62

CHAPTER 4 ADDRESS ..........................................................................................................................64

EXAMPLE................................................................................................................................................67

CHAPTER 5 SERVICE...........................................................................................................................74

CUSTOM..................................................................................................................................................78

GROUP....................................................................................................................................................82

CHAPTER 6 SCHEDULE.......................................................................................................................85

EXAMPLE................................................................................................................................................86

CHAPTER 7 QOS....................................................................................................................................88

EXAMPLE................................................................................................................................................92

13

CHAPTER 8 AUTHENTICATION ........................................................................................................94

EXAMPLE..............................................................................................................................................100

CHAPTER 9 CONTENT BLOCKING................................................................................................104

URL .....................................................................................................................................................108

SCRIPT................................................................................................................................................111

DOWNLOAD..........................................................................................................................................113

P2P / IM ...............................................................................................................................................115

CHAPTER 10 VIRTUAL SERVER......................................................................................................118

EXAMPLE..............................................................................................................................................122

CHAPTER 11 VPN.................................................................................................................................137

EXAMPLE..............................................................................................................................................145

CHAPTER 12 POLICY.........................................................................................................................169

EXAMPLE..............................................................................................................................................175

CHAPTER 13 ALERT SETTING......................................................................................................193

INTERNET ALERT ..................................................................................................................................198

CHAPTER 14 ATTACK ALARM......................................................................................................202

INTERNAL ALARM.................................................................................................................................204

EXTERNAL ALARM ...............................................................................................................................205

CHAPTER 15 LOG.............................................................................................................................207

TRAFFIC LOG........................................................................................................................................209

EVENT LOG...........................................................................................................................................214

CONNECTION LOG ................................................................................................................................217

LOG BACKUP........................................................................................................................................220

CHAPTER 16 ACCOUNTING REPORT.........................................................................................222

OUTBOUND...........................................................................................................................................225

INBOUND ..............................................................................................................................................232

14

CHAPTER 17 STATISTICS...............................................................................................................238

WAN STATISTICS ..................................................................................................................................240

POLICY STATISTICS ...............................................................................................................................242

CHAPTER 18 STATUS....................................................................................................................... 244

INTERFACE............................................................................................................................................245

AUTHENTICATION.................................................................................................................................247

ARP TABLE...........................................................................................................................................248

DHCP CLIENTS ....................................................................................................................................249

15

Chapter 1 Administrator

Administration

“System” is the managing of settings such as the privileges of packets that pass
through the SMC BR21VPN and monitoring controls. The System Administrators
can manage, monitor, and configure SMC BR21VPN settings. But all
configurations are “read-only” for all users other than the System Administrator;
those users are not able to change any setting of the SMC BR21VPN.

16

Define the required fields of Administrator

Administrator Name:
 The username of Administrators and Sub Administrator for the SMC

BR21VPN. The admin user name cannot be removed; and the sub-admin
user can be removed or configure.

The default Account: admin; Password: smcadmin

Privilege:

 The privileges of Administrators (Admin or Sub Admin). The username of

the main Administrator is Administrator with reading / writing privilege.
Administrator also can change the system setting, log system status, and to
increase or delete sub-administrator. Sub-Admin may be created by the

Admin by clicking

New Sub Admin

. Sub Admin have only read and

monitor privilege and cannot change any system setting value.

Configure:
 Click Modify to change the “Sub-Administrator’s” password or click

Remove to delete a “Sub Administrator.”

17

Admin

Adding a new Sub Administrator

STEP 1﹒In the Admin WebUI, click the New Sub Admin button to create a

new Sub Administrator.

STEP 2﹒In the Add New Sub Administrator WebUI (Figure 1-1) and enter the

following setting:

 Sub Admin Name: sub_admin
 Password: 12345
 Confirm Password: 12345

STEP 3﹒Click OK to add the user or click Cancel to cancel it.

Figure1-1 Add New Sub Admin

18

Modify the Administrator’s Password

STEP 1﹒In the Admin WebUI, locate the Administrator name you want to edit,

and click on Modify in the Configure field.

STEP 2﹒The Modify Administrator Password WebUI will appear. Enter the

following information:

 Password: admin
 New Password: 52364
 Confirm Password: 52364 (Figure1-2)

STEP 3﹒Click OK to confirm password change.

Figure1-2 Modify Admin Password

19

Add Remote Management IPs

STEP 1﹒Add the following setting in Permitted IPs of Administration:

(Figure1-3)

 Name: Enter master
 IP Address: Enter 163.173.56.11
 Netmask: Enter 255.255.255.255
 Service: Select Ping and HTTP
 Click OK
 Complete add new permitted IPs (Figure1-4)

Figure1-3 Setting Permitted IPs WebUI

Figure1-4 Complete Add New Permitted IPs

To make Permitted IPs be effective, it must cancel the Ping and WebUI selection

in the WebUI of SMC BR21VPN that Administrator enter. (LAN, WAN, or DMZ Interface)
Before canceling the WebUI selection of Interface, must set up the Permitted IPs first,
otherwise, it would cause the situation of cannot enter WebUI by appointed Interface.

20

Logout

STEP 1﹒Click Logout in System to protect the system while Administrator are

away. (Figure1-5)

Figure1-5 Confirm Logout WebUI

STEP 2﹒Click OK and the logout message will appear in WebUI. (Figure1-6)

Figure1-6 Logout WebUI Message

21

Software Update

STEP 1﹒Select Software Update in System, and follow the steps below:

 To obtain the version number from Version Number and obt ain the

latest version from Internet. And save the latest version in the
hardware of the PC, which manage the SMC BR21VPN

 Click Browse and choose the latest software version file.
 Click OK and the system will update automatically. (Figure1-7)

Figure1-7 Software Update

It takes 3 minutes to update software. The system will reboot after update. During

the updating time, please don’t turn off the PC or leave the WebUI. It may cause some
unexpected mistakes. (Strong suggests updating the software from LAN to avoid
unexpected mistakes.)

22

Chapter 2 Configure

Configure

The Configure is according to the basic setting of the SMC BR21VPN. In this
chapter the definition is Setting, Date/Time, Multiple Subnet, Route Table, DHCP,
Dynamic DNS, Hosts Table, and Language settings.

23

Define the required fields of Settings

SMC BR21VPN Configuration:
 The Administrator can import or export the system settings. Click OK to

import the file into the SMC BR21VPN or click Cancel to cancel importing.
You also can revive to default value here.

Email Settings:
 Select Enable E-mail Alert Notification under E-mail Settings. This

function will enable the SMC BR21VPN to send e-mail alerts to the System
Administrator when the network is being attacked by hackers or when
emergency conditions occur. (It can be set from Settings-Hacker Alert in
System to detect Hacker Attacks)

Web Management (WAN Interface):
 The System Manager can change the port number used by HTTP port

anytime. (Remote WebUI management)

After HTTP port has changed, if the administrator want to enter WebUI from WAN,

will have to change the port number of browser. (For example:
http://61.62.108.172:8080)

MTU Setting:
 It provides the Administrator to modify the networking package length

anytime. Its default value is 1500 Bytes.

Link Speed / Duplex Mode:

 By this function can set the transmission speed and mode of WAN Port

when connecting other device.

24

Administration Packet Logging:

 After enable this function; the SMC BR21VPN will record packet which

source IP or destination address is SMC BR21VPN. And record in Traffic
Log for System Manager to inquire about.

Define the required fields of Time Settings

Synchronize Time/Date:

 Synchronizing the SMC BR21VPN with the System Clock. The

administrator can configure the SMC BR21VPN’s date and time by either
syncing to an Internet Network Time Server (NTP) or by syncing to your
computer’s clock.

GMT:

 International Standard Time (Greenwich Mean Time)

Define the required fields of Multiple Subnet

Forwarding Mode:

 To display the mode that Multiple Subnet use. (NAT mode or Routing Mode)

WAN Interface Address:

 The IP address that Multiple Subnet corresponds to WAN.

LAN Interface Address/Subnet Netmask:

 The Multiple Subnet range

25

NAT Mode:

 It allows Internal Network to set multiple subnet address and connect with

the Internet through different WAN IP Addresses. For example：The lease
line of a company applies several real IP Addresses 168.85.88.0/24, and the
company is divided into R&D department, service, sales department,
procurement department, accounting department, the company can
distinguish each department by different subnet for the purpose of
managing conveniently. The settings are as the following：

1. R&D department subnet：192.168.1.1/24(LAN) ÅÆ 168.85.88.253(W AN)

2. Service department subnet： 192.168.2.1/24(LAN) ÅÆ

168.85.88.252(WAN)

3. Sales department subnet： 192.168.3.1/24(LAN) ÅÆ

168.85.88.251(WAN)

4. Procurement department subnet

192.168.4.1/24(LAN) ÅÆ 168.85.88.250(WAN)

5. Accounting department subnet

192.168.5.1/24(LAN) ÅÆ 168.85.88.249(WAN)

The first department (R&D department) had set while setting interface IP; the
other four ones have to be added in Multiple Subnet. After completing the
settings, each department uses the different WAN IP Address to connect to the
Internet. The settings of each department are as following:

Service Sales Procurement Accounting
IP

192.168.2.2~254 192.168.3.2~254 192.168.4.2~254 192.168.5.2~254
Address
Subnet

255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Netmask
Gateway 192.168.2.1 192.168.3.1 192.168.4.1 192.168.5.1

Routing Mode:
 It is the same as NAT mode approximately but does not have to correspond

to the real WAN IP address, which let intern al PC to ac cess to Inte rnet by its
own IP. (External user also can use the IP to connect with the Internet)

26

Define the required fields of DHCP

Subnet:

 The domain name of LAN

NetMask:
 The LAN Netmask

Gateway:
 The default Gateway IP address of LAN

Broadcast IP:

 The Broadcast IP of LAN

Define the required fields of DDNS

Domain Name:
 The domain name that provided by DDNS

WAN IP Address:

 The WAN IP Address, which the domain name corresponds to.

Define the required fields of Host Table

Domain Name:

 It can be set by System Manager. To let the internal user to access to the

information that provided by the host by this domain name

Virtual IP Address:
 The virtual IP address respective to Host Table. It must be LAN or DMZ IP

address.

27

Setting

System Settings- Exporting

STEP 1﹒In System Setting WebUI, click on button next to

Export System Settings to Client.

STEP 2﹒When the File Download pop-up window appears, choose the

destination place where to save the exported file and click on Save.
The setting value of SMC BR21VPN will copy to the appointed site
instantly. (Figure2-1)

Figure2-1 Select the Destination Place to Save the Exported File

28

System Settings- Importing

STEP 1﹒In System Setting WebUI, click on the Browse button next to Import

System Settings from Client. When the Choose File pop-up window

appears, select the file to which contains the saved SMC BR21VPN
Settings, then click OK. (Figure2-2)

STEP 2﹒Click OK to import the file into the SMC BR21VPN (Figure2-3)

Figure 2-2 Enter the File Name and Destination of the Imported File

Figure 2-3 Upload the Setting File WebUI

29