Z Com 002250 User Manual

Chapter 1: Introduction

This manual contains detail instructions, on how to setup and operate the VPN Internet Gateway.

The VPN Internet Gateway provides an easy and cost effective way to communicate securely over a public network, such as the Internet. You can configure the VPN Internet Gateway to automatically encrypt all data transmitted to a particular site or sites over the Internet. The VPN Internet Gateway can create a secure connection between two or more sites.

The VPN Internet Gateway is equipped with:

• A WAN Ethernet port (connects to any Cable/XDSL modem)

• 4 LAN Ethernet ports (connect to a PC client or a Hub/switch etc.)

• One asynchronous port (connects to a dial up modem or a ISDN TA)

Connect any Cable/XDSL modem to the VPN Internet Gateway, to establish a high speed Internet connection. Once an Internet connection is made, you can start establishing VPN connections. Those who require a private and secure connection will find this device an easy and cost effective solution to a lease line connection.

The asynchronous port can be connected to a dial-up modem or to an ISDN TA and provides you with a backup Internet connection should the Cable/xDSL connection fail. If there is no Cable/xDSL service in your area, the asynchronous port can also serve as your Internet access connection.

The VPN Internet Gateway provides a total solution for those SOHO (Small Office and Home Office), SMB (Small and Medium size Businesses) and ROBO (Remote Office and Branch Office) users, who require a VPN and other sophisticated functions at a cost effective price.

Features

 Supports Virtual Private Network (VPN) connections (IPSec)  Supports up to 8 IPSec tunnel connections  Supports VPN client software (Safenet and SSH)

 Supports DES/3DES Encryption, IP Encapsulating Security Payload

(ESP), Authentication (MD5/SHA-1)

 Shared Internet connection via any Cable or xDSL modem

 Asynchronous port for backup or dial-up Internet connection  Supports up to 253 users  Provides solid firewall protection for LAN clients/computers  Built-in high speed 4 port 10/100 switch to connect to computers or to

additional switches/hubs

 Provides centralization of all network address settings (DHCP)  Comprehensive device monitoring system: Device status, Device

information, System Tools, Intruder Detection log and more…

 Easy-to-use, Web-based setup and configuration  Dynamic DNS to have Web and other Servers behind a Dynamic IP

address

 Acts as a Virtual server to enable remote access to Web, FTP, and

other services on your network

 DMZ for full 2-way communication between your LAN and the Internet  URL filtering function  Supports the UPnP protocol  E-Mail alert when a network security breach occurs

Package Contents

Please inspect your package. The following items should be included:

1). One VPN Internet Gateway (the Device)

2). One Power adapter

3). One User’s Guide

If any of the above items are damaged or missing, please contact your dealer immediately.

Minimum System Requirements

 Microsoft Internet Explorer 4.0 (or later version) or Netscape Navigator

4.0 (or later version)

 One computer with an installed 10Mbps, 100Mbps or 10/100Mbps

Ethernet card

 One external xDSL or Cable modem with an Ethernet port (RJ-45)  One Modem or ISDN TA (if a dialup connection is needed)  One RJ-45 Cable/XDSL Internet connection  TCP/IP protocol installed in your computer

 UTP network Cable with a RJ-45 connector

Pre-Installation Checklist

Before installing the Internet Gateway, you should:

 Have carefully read the entire manual.  Be familiar with the terminology and concepts of browsers. (This guide

works under the assumption that you are proficient with the browsers you are using).

 Have met all the hardware and software requirements.

The Gateway’s Rear View

The diagram below shows the Internet Gateway’s rear panel and is where all the hardware connections are made.

12VDC

Rear View Ports Description

Power (12VDC) The power port is where you connect the DC power

adapter

WAN The WAN 10M Ethernet port is where you connect your

ADSL/Cable modem.

Serial The Serial port is where you connect the 56K modem /

ISDN TA

Reset If you want the device to have the factory default settings,

press the reset button and hold it for 5 ~ 6 seconds. This will load the factory default settings into the device.

Please be careful. Do not press the reset button unless you want to clear the current configurations.

Ports 1-4 There are four LAN ports on the rear panel (supports

auto crossover). This is where you connect network devices, such as PCs, switches, hubs, print servers, LAN servers or other network devices.

The Gateway’s Front Panel LED

On the router’s front panel there are LED lights that inform you of the router’s current status. Below is an explanation of each LED and its function.

LED LED Status Description

LAN (1-4) Link/Act Off Green LED will NOT Light if there is no

connection

ON Green LED will LIGHT when a connection

has been established.

Blink Green LED will BLINK if packets are been

transmitted or received

Serial Off Green LED will NOT Light if there is no

connection

ON Green LED will LIGHT when a link

has been established.

WAN Off Green LED will NOT Light when a link has

not been established.

ON Green LED will LIGHT when a link has

been established.

LED LED Status Description

STATUS Blink Yellow LED will BLINK when the device is

booting up or upgrading a firmware.

POWER Off NO Power

ON Red LED will LIGHT if the Gateway is

receiving power.

Hardware Installation Setup

The diagram below shows how the Internet Gateway is typically setup.

When you setup the hardware installation please note the following.

1. Make sure that the power supply outlet voltage is compatible with the power adapters of your PCs, Cable/XDSL modem and the Internet Gateway.

2. For the Internet Gateway, only use the power adapter that comes with it.

3. Connect a network cable from your PC’s Ethernet port to one of the LAN ports at the rear panel of the Internet Gateway. Do the same with all of the PCs or switches/hubs you wish to connect to the Internet Gateway.

4. Connect the network cable from your Cable/XDSL modem to the WAN Ethernet port at the rear panel of the Internet Gateway.

Chapter 2: Getting Started

To setup the Internet Gateway and get connected to the Internet; follow the following step-by-step procedure:

1. Setup your hardware network installation (see Chapter 1 – Hardware Installation setup)

2. Configure your network computers (LAN server/client/host) to “Obtain an IP address automatically.” (See Appendix)

Note: By default the Internet Gateway’s DHCP is enabled - so by setting your computer to “Obtain and IP address automatically” - you can connect to the Gateway automatically.

3. Launch your web browser and type the router’s default IP address

(http:// 192.168.2.1) into the browser’s address box and press Enter.

Note: If you have setup your computer to use a static IP address:

Please make sure your PC’s IP address is in the same network as the router’s. In windows 95/98 you can type WINIPCFG and in windows 2000/NT you can type IPCONFIG (see appendix) to find out if you are on the same network.

4. The main menu will appear. It displays all the functions that you can use and configure for the Internet Gateway.

The User Interface is designed to be extremely user-friendly and is divided into 6 main sections. The 6 sections are listed on the top Tool bar (see screen above) and appear at the top of every browser screen for easy access. For your reference the 6 sections are as follow:

Main Menu Description

Device Information (chapter 3) The Device information section displays

the Internet Gateway’s network and firmware information.

Device Status (chapter 4) Device status displays the current

connection status of the Internet Gateway.

Main Menu Description

Setup Wizard (chapter 2) This is the most important section out of

the 6 sections. You must configure this section to begin using the Internet Gateway. The Setup wizard is where you input the information required to connect the Internet Gateway to your Internet Service Provider (ISP).

Advanced Settings (chapter 5) The Advanced settings section is where

you can configure all the major features and functions of the Internet Gateway. They include: DHCP Server Settings, Virtual Server Settings, Routing Settings, Filter Settings, Administration Settings, Dynamic DNS Settings, URL Filter Settings and E-Mail ALERT

System Tools (chapter 6) The System Tools section detects the

status of the Internet Gateway, such as Intruder Detection Log, Display Routing Table, System Diagnostics, Save Settings, Load Settings, Upgrade Firmware and Reset Device

Help (chapter 7) A help section for the Internet Gateway

5. Click the SETUP WIZARD. A username and password will appear. Leave the password box empty and type admin (the default username) in the username box. Click OK.

The setup wizard’s page will appear as shown below.

The Setup wizard will take you through 7 step-by-step (7 steps: buttons on the left) configuration procedures that you’ll need to do in order to setup the Internet Gateway (e.g. connecting to the Internet / establishing a VPN connection).

You can click on one of the 7 buttons on the left to jump to that specific setting. Otherwise by clicking Next, you will proceed to the next step sequentially. (We recommend that you follow the 7 steps sequentially). The 7 steps are as follows:

 (Step A) Time Zone Settings  (Step B) Device IP Settings  (Step C) ISP Settings  (Step D) ISP Additional Settings  (Step E) Modem Settings  (Step F) VPN Settings  (Step G) Save & Restart

6. (Step A) Time Zone Settings: Please choose a local time zone. Once you have selected a time zone, click the Next button to continue to the next step.

7. (Step B) Device IP Settings In this section, you have to give your Internet Gateway an IP address for the local area network (LAN) side. This is not the IP address given to you by your ISP, but rather the local internal LAN (Private) IP address of your network. The IP address “192.168.2.1” is the default value of your Gateway.

The screen shown above is described in the following table:

Parameters Description

Device IP Address Settings

IP Address Assign an internal LAN IP address for this

Internet Gateway or leave it as the default value “192.168.2.1.”

IP Subnet Mask Enter the subnet mask, you can usually

leave it as the default entry “255.255.255.0”

Once you have filled in the above information, click the Next button to continue to the next step.

8. (Step C) ISP Settings Different ISPs require different methods of connecting to the Internet. The ISP Settings section is where you input all the information required by your ISP, so that you can connect to the Internet. There are 5 different types of ISP connections in the ISP Settings section. Select the connection required by your ISP from the Select the ISP connection type pull down menu and then proceed to that connection type step. The 5 ISP connection types are as follow:

ISP Connection Type Description Connect to Cable ISP (Step 8-1) Your ISP will automatically give

you an IP address

Static IP Settings (Step 8-2) Your ISP has given you an IP

address already

PPPoE Settings (Step 8-3) Your ISP requires you to use a

Point-to-Point Protocol over Ethernet (PPPoE) connection.

ISP Connection Type Description

PPTP Settings (Step 8-4) Your ISP requires you to use a

Point-to-Point Tunneling Protocol (PPTP) connection.

Telstra Settings (Step 8-5) The Telstra Settings is a service

that applies to connections in Australia only.

Step 8-1) Connect to Cable ISP: Select Connect to Cable ISP if you

have a cable connection. Please select “Connect to Cable ISP” and click “Next” to proceed to the next page. Proceed to step 9 (Step D) ISP Additional Settings of this manual

Step 8-2) Static IP Settings: Select Static IP Settings, if your ISP has

given you a static IP address. You will have to enter the following information:

Parameter Description

IP assigned by your ISP Enter the IP address (provided by your ISP)

IP Subnet Mask Enter the IP subnet mask (provided by your ISP)

ISP Gateway Address Enter the ISP gateway address (provided by your

ISP)

Note: Once you have filled in the above information, click “Next” to proceed to the next step. Proceed to step 9 (Step D) ISP Additional Settings of this manual

Step 8-3) PPPoE Settings: Select PPPoE Settings if your ISP requires the

PPPoE protocol to establish an Internet connection. You will have to enter the following information:

Parameter Description

User name Enter the user name of your ISP account. Password Enter the password of your ISP account. Retype password Enter the password of your ISP account again to

re-confirm.

Connection Type Select ONE.

Always Connect - The VPN Gateway will always connect with your ISP. If this is the case, the Idle Time function is unavailable.

Trigger on Demand – Once the VPN Gateway

detects any packets want to get to Internet, the VPN Gateway will connect with your ISP automatically. Manual – You can manually disconnect/connect with your ISP for the WAN port (Cable/xDSL). If this is the case, you have to go to the DEVICE STATUS page and click Connect button to establish the connection or click Disconnect button to disconnect the connection.

Dynamic/Fixed: Select ONE.

Dynamic - If your ISP will automatically assign

you an IP address

Fixed - If your ISP has given you a fixed IP address already, then enter that IP address in the IP assigned by your ISP box. Also enter the subnet mask (provided by ISP) in the IP Netmask

box Note: Once you have filled in the above information, click “Next” to proceed to the next step. Proceed to step 9 (Step D) ISP Additional Settings of this manual

Step 8-4) PPTP Settings: Select PPTP Settings, if your ISP requires the

PPTP protocol to establish an Internet connection (e.g. Europe). You will have to enter the following information:

Parameter Description

User name Enter the user name of your ISP account.

Password: Enter the password of your ISP account.

Idle Time Optional: You do not have to configure this

section. It depends on the user’s needs. If the Internet connection has been idle for a certain period of time (the Idle Time selected), the Idle Time function will automatically disconnect the Internet connection.

PPTP Client IP Enter the PPTP client IP address (Provided by

ISP)

Parameter Description

Connection ID Input this ID information only if your ISP has

given you one.

Connection Type Select ONE.

Always Connect - The VPN Gateway will always connect with your ISP. If this is the case, the Idle Time function is unavailable.

Trigger on Demand – Once the VPN Gateway

Dynamic/Fixed Select ONE.

Dynamic - If your ISP will automatically assign

you an IP address

Fixed - If your ISP has given you a fixed IP

address already, then enter that IP address in the

IP assigned by your ISP

box. Also enter the subnet mask (provided by ISP) in the IP Netmask box

Note: Once you have filled in the above information, click “Next” to proceed to the next step. Proceed to step 9 (Step D) ISP Additional Settings of this manual

Step 8-5) Telstra Settings: The Telstra Settings is a service that applies to

connections in Australia only. You will have to enter the following:

Parameter Description

User Name Enter the User Name (Provided by the ISP)

Password Enter the Password (Provided by the ISP)

Retype password Re-Enter the password of your ISP account again

to re-confirm.

Default Domain Input the default domain if your ISP has given

you one

Note: Once you have filled in the above information, click “Next” to proceed to the next step. Proceed to step 9 (Step D) ISP Additional Settings of this manual

9 (Step D) ISP Additional Settings

In this section you can input special settings required by certain ISPs. You do not need to configure the entire section or any part of the section, only the settings needed by your particular ISP (if any). If your ISP does not require any additional settings, then please leave this section blank and proceed to the next step.

Parameter Description

Your ISPs require If your ISP requires you to input a DNS you to manually setting then you must check this box to setup the DNS settings enable this function and then enter the

DNS address (see DNS IP Address below)

DNS IP Address Enter the DNS IP address (provided by

ISP)

Parameter Description

Some ISPs use Host Name If your ISP requires you to fill in a Host and Domain Name to Name and Domain Name then you must authenticate the user check this box to enable this function and

then enter the Host Name and Domain Name (see Host/Domain Name below)

Host Name Enter the Host Name (provided by your

ISP)

Domain Name Enter the domain name (provided by your

ISP)

Your ISPs require you to If your ISP requires a specific MAC input the LAN card’s address in order for you to connect Mac address to the Internet, then check the box to

enable this function and then enter the Mac address (see MAC Address below)

NOTE: Some ISPs may only recognize your PC’s LAN card MAC address as a legal user. In this case, you will have to copy the LAN card MAC address of that PC and input it in the MAC address field. For WIN 95/98 you can run winipcfg to see the LAN card Mac address For WIN 2000/NT you can run ipconfig/all to see the LAN card Mac address

MAC Address Enter the PC’s LAN card MAC address

that your ISP recognizes as the legal user

Note: Once you have filled in the above information, click “Next” to proceed to the next step.

10. (Step E) Modem Settings

The modem settings screen is where you can setup the asynchronous port as either a backup connection for the Cable/xDSL connection or a dialup Internet access connection.

Note: This section is Optional. You may proceed to Step F if you do not wish to use the asynchronous port.

Parameter Description

Dialup Modem When Click on this box to enable Cable/xDSL is not the asynchronous port Connected

ISP Phone Number Enter the ISP phone number (Dial-Up)

User Name Enter the User Name for the dial-up

Password Enter the Password for the dial-up

Parameter Description

Retype Password Enter the Password again to re-confirm

Idle Time You can select an idle time threshold

(minutes) for the WAN port. This means if no packets have been sent (no one using the Internet) throughout this specified period, then the router will automatically disconnect with your ISP.

External IP (Optional) If your ISP requires you to

input an IP address then please input the IP address here. Otherwise leave it as the default setting (0.0.0.0).

Modem String settings (Optional) Some modems require specific

communication strings. This section allows you to specify strings on the router, so that it can communicate with your modem (if required). If you would like to change the baudrate speed, you can do so in the Baudrate Settings field. (Please

refer to your modem’s or ISDN TA’s manual for more information)

Note: Once you have filled in the above information, click “Next” to proceed to the next step.

11. (Step F) VPN Settings

The VPN Settings section is where you can enable and configure the VPN function. Specifically, this device supports the widely used IPSec protocol standard for its VPN connection. VPN allows a secure connection between two parties over a public network, such as the Internet.

Note: This section is Optional. You may proceed to Step G if you do

not wish to establish a VPN connection.

The VPN settings has 3 steps: 11-1) Add a VPN connection: Connection Name 11-2) Configure the VPN Connection 11-3) Secure Association

11-1) Add a VPN connection: Connection Name

Parameter Description Connection Name To add a VPN connection: Enter a string

(name) into the Connection Name box, and then click the “ADD” button.

Note: Once you have entered the connection name - click on the “ ADD” button to start configuring this VPN connection. The screen below will appear and this is where the VPN configuration is entered.

+ 56 hidden pages