Manuale d’uso / di manutenzione del prodotto BiPAC 7404V(G)OX del fabbricante Billion
Vai alla pagina of 168
BiP AC 7404V(G)OX BiP AC 7404V(G)PX 3G/V oIP/(802.1 1g) ADSL2+ (VPN) Firewall Router User Manual Last Revised Date 23-10-2008 V ersion release 5.53.s5.
T able of Contents Chapter 1: Introduction ..................................................................... 1 Introduction to your Router .................................................................. 1 Features ..............................
Error Log ........................................................................................... 30 Diagnostic ......................................................................................... 30 Quick Start ..............................
Firewall Log ..................................................................................... 85 VPN - Virtual Private Networks (Only available for BiP AC 7404V(G)OX) 86 PPTP (Point-to-Point T unneling Protocol) ..................................
Appendix: Product Support & Contact ........................................ 16 2.
Chapter 1: Introduction Introduction to your Router Welcome to the 3G/V oIP/ (802.1 1g) ADSL2+(VPN) Firewall Router . The router is an “all-in-one” ADSL router , combining an ADSL modem, ADSL rout.
Multi-Protocol to Establish a Connection It s upports PPPoA (RFC 2364 - PPP over A TM Adaptation Layer 5), RFC 1483 encapsulatio n overA TM (bridged or routed), PPP over Ethernet (RFC 2516), and IPoA (RFC1577) to establish a connection with the ISP . The product also supports VC-based and LLC-based multiplexing.
Quality of Service (QoS) QoS gives you full control over which types of outgoing data trafc should be given priority by the router , ensuring important data like gaming packets, customer information, or management information move through the router ay lightning speed, even under heavy load.
Firmware Upgradeable Device can be upgraded to the latest rmware through the WEB based GUI. Rich Management Interfaces It s upports exible management interfaces with local console port, LAN port, and W AN port.
Chapter 2: Installing the Router Important note for using this router Package Contents 3G/VoIP/(802.11g) ADSL2+ (VPN) Firewall Router CD-ROM containing the online manual RJ-11 ADSL/telephone Cable Eth.
The Front LEDs. LED Meaning 1 Power Lit when power is ON. Lit red means system failure. Restart the device or contact Billion for support. 2 Ethernet Port 1X — 4X (RJ-45 connector) Lit when one of LAN ports is connected to an Ethernet device.
The Rear Ports Port Meaning 1 Antenna (Wireless Router only) Connect the detachable antenna to this port. 2 DSL Connect this port to the ADSL/telephone network with the RJ- 1 1 cable (telephone) provided. 3 Line (Router with LINE port only) Connect this port to the telephone jack on the wall with RJ-1 1 cable.
Cabling One of the most common causes of problem is bad cabling or ADSL line(s) . Make sure that all connected devices are turned on. On the front panel of your router is a bank of LEDs. V erify that the LAN Link and ADSL line LEDs are lit. If they are not, verify if you are using the proper cables.
Chapter 3: Basic Installation The router can be congured through your w eb browser . A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me/Vista, etc. The product provides an easy and user-friendly interface for conguration.
Connecting Y our Router Connect this router to a 1. LAN (Local Area Network) and the ADSL/telephone ( ADSL ) net work. Power on the device. 2. Make sure the 3. Power LED lit steadily and that the LAN LED is lit. Connect your router to the telephone jack on the wall with RJ-1 1 cable.
Network Conguration Conguring PC in Windows V ista Go to Start. Click on Network. 1. Then click on Network and Sharing 2. Center at the top bar . When the Network and Sharing 3. Center window pops up, select and click on Manage network connec - tions on the left window column.
Select Internet Protocol V ersion 4 5. (TCP/IPv4) then click Properties. In the TCP/IPv4 properties window , 6. select the Obtain an IP address au- tomatically and Obtain DNS Server address automatically radio but- tons. Then click OK to exit the set - ting.
Conguring PC in Windows XP Go to Start > Control Panel (in Classic 1. View). In the Control Panel, double-click on Network Connections Double-click Local Area Connection. 2. In the Local Area Connection Status 3. window , click Properties. Select Internet Protocol (TCP/IP) and 4.
Conguring PC in Windows 2000 Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on Network and Dial-up Connections. Double-click Local Area Connection. 2. In the Local Area Connection Status 3. window click Properties.
Conguring PC in Windows 95/98/Me Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on Network and choose the Conguration tab. Select TCP/IP > NE2000 Compatible, 2. or the name of your Network Interface Card (NIC) in your PC.
Conguring PC in Windows NT4.0 Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on Network and choose the Protocols tab. Select TCP/IP Protocol and click Prop - 2. erties. Select the Obtain an IP address from 3. a DHCP server radio button and click OK.
Factory Default Settings Before conguring your router , you need to know the following default settings. Web Interface (Username and Password) Username: admin Password: admin The default username and password are “ admin ” and “ admin ” respectively .
Information from your ISP Before conguring this device, you have to check with your ISP (Internet Service Provider) to nd out what kind of service is provided such as DHCP (Obtain an IP Address Automatically , Static IP (Fixed IP Address) or PPPoE.
Conguring with your W eb Browser Open your web browser , enter the IP address of your router , which by default is 192.168.1.254, and click “Go”, a user name and password window prompt will appear . The default username and password are “admin” and “admin” respectively .
Chapter 4: Conguration At the conguration homepage, the left navigation column provides you the link to each conguration page. The category of each conguration page is listed as below .
Status ADSL Status This section displays the ADSL overall status, which shows a number of helpful information such as DSP rmware version. 3G Status This section displays the 3G Card’s overall sta.
Card Name: The name of the 3G card. Card Firmware: The current rmware for the 3G card. Current TX Bytes / Packets: The statistics of transmission, count for this call.
Leased T able IP Address: The IP address that assigned to client. MAC Address: The MAC address of client. Client Host Name: The Host Name (Computer Name) of client.
Routing T able Routing T able V alid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination Netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use.
NA T Sessions This section lists all current NA T sessions between interface of types external (W AN) and internal (LAN). UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play . See Advanced section of this manual for more details on UPnP and the router’s UPnP conguration options.
PPTP Status This shows details of your congured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN conguration. T ype: The type of connection (dial- in/dial -out). Enable: Whether th e connection is currently enabled.
IPSec Status This shows details of your congured IPSec VPN Connections. Name: The name you assigned to the particular VPN entry . Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected.
Email Status Details and status for the Email Account you have congured the router to check. Please see the Advanced section of this manual for details on this function.
Event Log This page displays the router ’s Event Log entries. Major events are logged to this window , such as when the router ’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Conguration – Firewall section of the interface.
Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window . Diagnostic It tests the connection to computer(s) which is connected to the LAN ports and also the W AN Internet connection. If PING www .
Quick Start Click Quick Start. Select the connect mode you want. There are 2 options to choose from: ADSL 1. or 3G. Select ADSL mode from the drop down menu and click Continue. If your ADSL line is not ready , you need to check your ADSL line has been set or not.
Please enter “Username” and “Password” as supplied by your ISP(Internet Service Provider) 5. and click Apply to continue. Pro le Port: Select the connection mode. There is ADSL . Protocol : Select the protocol mode. The default mode is PPPoE.
Congure the Wireless LAN setting. 6. WLAN Service: Default setting is set to Enable. If you want to use wireless, both 802.1 1g and 802.1 1b device in your network, you can select Enable. ESSID: The ESSID is the unique name of a wireless access point (AP) to be distinguished from another .
SIP: T o use V oIP SIP as V oIP call signaling protocol. Default is set to Disable. Region: This selection is a drop-down box, which allows user to select the country for which the V oIP device must work. When a country is selected, the country parameters are automatically loaded.
Conguration When you click this item, the column will expand to display the sub-items that will allow you to further congure your ADSL router . LAN, W AN, System, Firewall, V oIP , QoS, Virtual Server , T ime Schedule and Advanced The function of each conguration sub-item is described in the following sections.
LAN - Local Area Network Here are the items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client Filter , W ireless, Wireless Security , Wireless Client Filter , WPS, Port Setting and DHCP Server . Bridge Interface Y ou can setup member ports for each VLAN group under Bridge Interface section.
Ethernet Primary IP Address IP Address: The default IP on this router . Subnet Mask: The default subnet mask on this router . RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. IP Alias This function creates multiple virtual IP interfaces on this router .
Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept trafc from specic authorized machines or can restrict unwanted machine(s) to access your LAN.
MAC Address which connecting to the router . Y ou can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table.
Wireless Parameters WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.1 1g and 802.1 1b, device in your network, select Disable. Mode: The default setting is 802.1 1b+g (Mixed mode). If you do not know or have both 1 1g and 1 1b devices in your network, then keep the default in mixed mode.
Note: Wireless performance may degrade if select ID channel is already being occupied by other AP(s). TX PowerLevel: It is a function that enhances the wireless transmitting signal strength. User may adjust this power level from minimum 1 up to maximum 127.
Wireless Security Y ou can disable or enable with WP A or WEP for protecting wireless network. The default mode of wireless security is disabled. 42.
WP A-PSK / WP A2-PSK Security Mode: Y ou can disable or enable with WP A or WEP for protecting wireless network. The default mode of wireless security is Disable .
Passphrase: This is used to generate WEP keys automatically based upon the input string and a pre-dened algorithm in WEP64 or WEP128. Default Used WEP Key: Select the encryption key ID; please refer to Key (1~4) below . Key (1-4): Enter the key to encrypt wireless data.
Wireless Client / MAC Address Filter The MAC Address supports up to 16 wireless network machines and helps you manage your network control to accept trafc from specic authorized machines or to restrict unwanted machine(s) to access your LAN.
connects to the router . Y ou can easily by checking the box next to the MAC address to be blocked or allowed. Then, Add to insert to the Wireless Client (MAC Address) Filter table.
Port Setting This section allows you to congure the settings for the router ’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network.
DHCP Server Y ou can disable or enable the DHCP (Dynamic Host Conguration Protocol) server or enable the router ’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are congured to obtain IP addresses automatically .
W AN - Wide Area Network W AN refers to your Wide Area Network connection, i.e. your router ’s connection to your ISP and the Internet. Here are the items within the W AN section: W AN Interface, W AN Prole and ADSL Mode. W AN Interface W AN Connection-ADSL Mode The default setting for Connection Mode is ADSL and for Protocol is PPPoE.
Rule 1. ADSL Down Rule 2. Ping Fail No Ping: It will not send any ping packet to determine the connection. It means to disable the ping fail detection. Ping Gateway: It will send ping packet to gateway and wait response from gateway in every “Probe Cycle”.
W AN Prole PPPoE Connection PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP . Prole Port: Select the prole port as ADSL. Protocol: The A TM protocol will be used in the device. Description: A given name for the connection.
Auth. Protocol: Default is Auto. Y our ISP should advise you on whether to use Chap or Pap. Connection: Always on: If you want the router to establish a PPPoA session when starting up and to au- tomatically re-establish the PPPoA session when disconnected by the ISP.
PPPoA Connection Prole Port: Select the prole port as ADSL. Protocol: The A TM protocol will be used in the device.. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP . A TM Class: The Quality of Service for A TM layer .
Detail: You can dene the destination port and packet type (TCP/UDP) without checking by timer. It allows you to set which outgoing trafc will not trigger and reset the idle timer. MTU: Maximum T ransmission Unit. The size of the largest datagram (excluding media-specic headers) that IP will attempt to send through the interface.
MPoA Connection Prole Port: Select the prole port as ADSL. Protocol: The A TM protocol will be used in the device. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP . A TM Class: The Quality of Service for A TM layer .
MAC Spoong: Some service providers require the conguring of this option. Y ou must ll in the MAC address that specify by service provider when it is required. Default is disabled. Obtain DNS: A Domain Name System (DNS) contains a mapping table for domain name and IP addresses.
IPoA Routed Connection Prole Port : Select the prole port as ADSL. Protocol: The A TM protocol will be used in the device. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP . A TM Class: The Quality of Service for A TM layer .
Pure Bridge Prole Port: Select the prole port as ADSL. Protocol: The A TM protocol will be used in the device. Description: A given name for this connection. VPI/VCI: Enter the information provided by your ISP . A TM Class: The Quality of Service for A TM layer .
3G TEL No.: The dial string to make a GPRS / 3G user internetworking call. It may provide by your mobile service provider . APN: An APN is similar to a URL on the WWW , it is what the unit makes a GPRS / UMTS call.
Connection: Always On: The router will make UMTS/GPRS call when starting up. Enabling Always On, will give you an option of Keep Alive. Keep Alive: Set Enable to allow the router automatically reconnects the connection when ISP disconnects it.
ADSL Mode Connect Mode: This mode will automatically detect your ADSL line code, ADSL2+, ADSL2, AnnexM2 and AnnexM2+, ADSL, All. Please keep the factory setting unless ADSL is detected as the symptom of synchronization problem. Modulation: It will automatically detect capability of your ADSL line mode.
System Here are the items within the System section: T ime Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart and User Management. T ime Zone The router does not have a real time clock on board; instead, it uses the Simple Network T ime Protocol (SNTP) to get the current time from an SNTP server outside your network.
Remote Access T o temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. Y ou may change other conguration options for the web administration interface using Device Management options in the Advanced section of the GUI.
Backup / Restore These functions allow you to save and backup your router ’ s current settings to a le on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with dif ferent settings, knowing that you have a backup handy in the case of any mistakes.
Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved conguration). If you wish to restart the router using the factory default settings (for .
User Management In order to prevent unauthorized access to your router ’s conguration interface, it requires all users to login with a password. Y ou can set up multiple user accounts, each with their own password. Y ou are able to Edit existing users and Add new users who are able to access the device’s conguration interface.
When you create a user account , check V alid box and ll in the respective information for User , Comment, Password and Conrm Password in the blanks provided.
Firewall and Access Control Y our router includes a full SPI (Stateful Packet Inspection) rewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers.
Listed are the items under the Firewall section: General Settings, Packet Filter , Intrusion Detection, URL Filter , IM/P2P Blocking and Firewall Log. General Settings Y ou can choose not to enable Fi.
disable. Mostly it is for preventing any scan tools from W AN site by hacker . Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low).
Example: Predened Port Filters Rules The predened port lter rules for High, Medium and Low security levels are listed. See T able 1. Note: Firewall – All Blocked/User-dened, you must dene and create the port lter rules yourself. No predened rule is being precongured.
Inbound: Internet to LAN Outbound: LAN to Internet YES: Allowed NO: Blocked N/A: Not Applicable Packet Filter – Add TCP/UDP Filter Rule Name Helper: Users-dene description to identify this entry or click “ Select ” drop-down menu to select existing predened rules.
Packet Filter – Add Raw IP Filter Go to “ T ype ” drop-down menu, select “ Use Protocol Number ” . Rule Name Helper: Users-dene description to identify this entry or choosing “ Select ” drop-down menu to select existing predened rules.
As you can see from the diagram below , when the rewall is enabled with one of the three presets (Low/Medium/High), inbound HTTP access is not allowed which means remote access through HTTP to your router is not allowed. Note: Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet.
Conguring Packet Filter: Click Packet Filters. Y ou will then be presented with the predened port lter rules screen (in 1. this case for the low security level), shown below: Note: Y ou may click Edit the predened rule instead of Delete it.
Example: Application: Cindy_HTTP T ime Schedule: Always On Source / Destination IP Address(es): 0.0.0.0 (I do not wish to active the address-lter , instead I use the port-lter) T ype: TCP (Pleas.
77.
Intrusion Detection The router ’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the rewall is enabled, inbound.
cannot protect against such attacks. T able 2: Hacker attack types recognized by the IDS Intrusion Name Detect Parameter Blacklist T ype of Block Duration Drop Packet Show Log Ascend Kill Ascend Kill .
ICMP Flood Max ICMP Count (Default 100 c/ sec) Y es ICMP Echo Max PING Count (Default 15 c/sec) Y es Src IP : Source IP Src Port : Source Port Dst Port : Destination Port Dst IP : Destination IP 80.
URL Filter URL (Uniform Resource Locator – e.g. an address in the form of http://www .abcde.com or http:// www .example.com) lter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-dened URL lter rules; you can add lter rules to meet your requirements.
Domains Filtering: This function checks the whole URL not the IP address, in URLs accessed against your list of domains to block or allow . If it is matched, the URL request will be sent (T rusted) or dropped (Forbidden). For this function to be activated, both check-boxes must be checked.
Example: Andy wishes to disable all WEB trafc except for ones listed in the trusted domain, which would prevent Bobby from accessing other web sites.
IM / P2P Blocking IM, short for Instant Message, is required to use client program software that allows users to communicate , in exchanging text message, with other IM users in real time over the Internet. A P2P applica tion, known as Peer-to-peer , is group of computer users who share le to specic groups of people across the Internet.
Firewall Log Firewall Log display log information of any unexpected action with your rewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling.
VPN - V irtual Private Networks (Only available for BiP AC 7404V(G)OX) Virtual Private Networks is ways to establish secured communication tunnels to an organization’ s network via the Internet. Y our router supports three main types of VPN (Virtual Private Network): PPTP , IPSec and L2TP .
Username: If you are a Dial-Out user (client), enter the username provided by your Host. If you are a Dial-In user (server), enter your own username. Password: If you are a Dial-Out user (client), enter the password provided by your Host. If you are a Dial-In user (server), enter your own password.
Example: Conguring a Remote Access PPTP VPN Dial-out Connection A company’ s ofce establishes a PPTP VPN connection with a le server located at a separate location. The router is installed in the ofce, connected to a couple of PCs and Servers.
Conguring the PPTP VPN in the Ofce Click Conguration/VPN/PPTP . Choose Remote Access from Connect T ype drop-down menu. Y ou can either input the IP address (69.
PPTP Connection - LAN to LAN Click Conguration/VPN/PPTP . Choose LAN to LAN from Connect T ype drop-down menu. Name: A given name for the connection (e.g. “connection to ofce”). Connection T ype: Remote Access or LAN to LAN. T ype: Check Dial Out if you want your router to operate as a client (connecting to a remote VPNserver , e.
than 40 bit keys. Mode: Y ou may select Stateful or Stateless mode. The key will be changed every 256 packets when you select Stateful mode. If you select Stateless mode, the key will be changed in each packet.
Example: Conguring a Remote Access PPTP VPN Dial-out Connection The branch ofce establishes a PPTP VPN tunnel with head ofce to connect two private networks over the Internet. The routers are installed in the head ofce and branch ofces accordingly .
Conguring the PPTP VPN in the Head Ofce The IP address 192.168.1.201 will be assigned to the router located in the branch ofce. Please make sure this IP is not used in the head ofce LAN.
Conguring the PPTP VPN in the Head Ofce The IP address 69.1.121.30 is the Public IP address of the router located in head ofce. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router .
IPSec (IP Security Protocol) Active: This function activates or deactivates the IPSec connection. Check Active checkbox if you want the protocol of tunnel to be activated and vice versa. Note: When the Active checkbox is checked, the function of Edit and Delete will not be available.
IPSec VPN Connection Name: A given name for the connection (e.g. “connection to ofce”). Local Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host. Subnet: The subnet of the local network.
Remote ID: Identier: Input remote ID’s information, like domain name www.ipsectest.com Hash Function: It is a Message Digest algorithm which coverts any length of a message into a unique set of bits. It is widely used MD5 (Message Digest) and SHA-1 (Secure Hash Algorithm) algorithms.
unsecured communication channel (i.e. over the Internet). There are three modes, MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for Modular Exponentiation Groups. SA Lifetime: Specify the number of minutes that a Security Association (SA) will stay active before new encryption and authentication key will be exchanged.
Example: Conguring an IPSec LAN to LAN VPN Connection T able 3: Network Conguration and Security Plan Branch Ofce Head Ofce Local Network ID 192.168.0.0/24 192.168.1.0/24 Local Router IP 69.1.121.30 69.1.121.3 Remote Network ID 192.168.1.0/24 192.
Conguring IPSec VPN in the Head Ofce Function Description Name IPSec_HeadOfce Give a name of IPSec Connection Local Network Subnet Select Subnet from Local Network drop-down menu. IP Address 192.168.1.0 Head ofce network Netmask 255.255.255.
Conguring IPSec VPN in the Branch Ofce Function Description Name IPSec_BranchOfce Give a name of IPSec Connection Local Network Subnet Select Subnet from Local Network drop-down menu. IP Address 192.168.0.0 Branch ofce network Netmask 255.
Example: Conguring an IPSec Host to LAN VPN Connection 102.
Conguring IPSec VPN in the Ofce Function Description Name IPSec Give a name of IPSec Connection Local Network Subnet Select Subnet from Local Network drop-down menu. IP Address 192.168.1.0 Head ofce network Netmask 255.255.255.0 Remote Secure Gateway IP (or Hostname) 69.
L2TP (Layer T wo T unneling Protocol) T wo types of L2TP VPN are supported Remote Access and LAN-to-LAN (please refer below for more information.). Fill in the blank with information you need and click Add to create a new VPN connection account. Active: This function activates or deactivates the PPTP connection.
Connection T ype: Remote Access or LAN to LAN Name: A given name for the connection (e.g. “connection to ofce”). Connection T ype: Remote Access or LAN to LAN. T ype: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server , e.
SHA1: A one-way hashing algorithm that produces a 160−bit hash. Encryption: Select the encryption method from the pull-down menu. There are four options, DES, 3DES, AES and NULL. NULL means it is a tunnel only with no encryption. 3DES and AES are more powerful but increase latency .
Example: Conguring a L2TP VPN - Remote Access Dial-in Connection A remote worker establishes a L2TP VPN connection with the head ofce using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head ofce, connected to a couple of PCs and Servers.
Conguring L2TP VPN in the Ofce The input IP address 192.168.1.200 will be assigned to the remote worker . Please make sure this IP is not used in the Ofce LAN.
Example: Conguring a Remote Access L2TP VPN Dial-out Connection A company’ s ofce establishes a L2TP VPN connection with a le server located at a separate location. The router is installed in the ofce, connected to a couple of PCs and Servers.
Conguring L2TP VPN in the Ofce The input IP address 192.168.1.200 will be assigned to the remote worker . Please make sure this IP is not used in the Ofce LAN.
L2TP Connection - LAN to LAN L2TP VPN Connection Name: A given name for the connection Connection T ype: Remote Access or LAN to LAN. T ype: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server , e.g. your ofce server), check Dial In to have it operate as a VPN server .
Active as default route: Commonly used by the Dial-out connection which all packets will route through the VPN tunnel to the Internet; therefore, active the function may degrade the Internet performance. Remote Host Name (Optional): Enter hostname of remote VPN device.
Example: Conguring L2TP LAN-to-LAN VPN Connection The branch ofce establishes a L2TP VPN tunnel with head ofce to connect two private networks over the Internet.
Conguring L2TP VPN in the Head Ofce The IP address 192.168.1.200 will be assigned to the router located in the branch ofce. Please make sure this IP is not used in the head ofce LAN.
Conguring L2TP VPN in the Branch Ofce The IP address 69.1.121.30 is the Public IP address of the router located in head ofce. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router .
1 16 V oIP - V oice over Internet Protocol V oIP enables telephone calls through existing Internet connection instead of going through the PSTN (Public Switched T elephone Network). It is not only cost-ef fective, especially for a long distance telephone charges, but also toll-quality voice calls over the Internet.
1 17 SIP Device Parameters This section provides easy setup for your V oIP service. Phone port 1 and 2 can be registered to different SIP Service Provider . SIP Device Parameters SIP: T o use V oIP SIP as V oIP call signaling protocol. Default is set to Disable.
1 18 Advanced – Parameters V oIP through IP Interface: IP Interface decides where to send/receive the voip trafc; it includes: ipwan and iplan. Easy way to select the interface is to check the location of the SIP server . If it locates some where in the Internet then select ipwan.
1 19 T o take your phone OFFHOOK, lift the receiver then press Hook/Flash until you hear your normal PSTN dialtone, not your V oIP dialtone. W ait several seconds and then press Check Level. Y ou should check the OFFHOOK value for each telephone you have connected to this device.
120 SIP Accounts This section reects and contains basic settings for the V oIP module from selected provider in the Wizard section. Fail to provide correct information will halt making calls out to the Internet. Prole Name: U ser-dened name is for identifying the Prole.
121 Phone Port This section displays status and allows you to edit the account information of your Phones. Click Edit to update your phone information. Port: It allows you to change the phone port setting for specify FXS port. *69 (Return Call): Dial *69 to return the last missed call.
122 without waiting. Note: Refer to Special Dial Code section in this Manual for more details. Codec Preference Codec is known as Coder-Decoder used for data signal conversion. Set the priority of voice compression; Priority 1 owns the top priority . G.
123 PSTN Dial Plan (Router with LINE port only) This section enables you to congure “V oIP with PSTN switching” on your system. Y ou can dene a range of dial plans to make regular call from V oIP switching to PSTN line. Prex numbers is essential key to make a distinguishing between V oIP and Regular phone call.
124.
125 PSTN Dial Plan Examples: Dial with Prex 1. If you dial 01223 707070, number 01223707070 will be dialed out via FXO to make a regular phone call. Dial without Prex 2. If you dial 9102, the number 102 will only be dialed out via FXO port to make a regular phone call.
126 Even though 7070 (only 4 digits) does not match with number of digits 6 dened in the led, 7070 is still a valid phone number since it has not exceeded 6 digits. Dial at T imeout no Prex 4. If you only dial 97070 and no more numbers, after the timeout activates, 7070 will be dialed without prex to make a regular call via FXO port.
127 V oIP Dial Plan This section helps you to make a telephony number dialed as making a regular call via V oIP . Y ou no longer need to memorize a long dial string of number for making a V oIP call. Go to Conguration > V oIP > V oIP Dial Plan.
128 Main Digit Sequence: The call(s) can be called out via SIP or PSTN or ENUM. x: Any numeric number between 0 and 9. . ( period ): Repeat numeric number(s) between 0 and 9.
129 **xx*x. Starting with ‘** sign ’ + a ny two digit numbers between 0 + any number (0-9) in variable length. Maximum length is 16. #xx. Starting with ‘# sign ’ + a ny digit number (0-9) in variable length but no shorter than 1 digits . Maximum length is 16.
130 Call Feature V oIP has all the basic features of a traditional phone. Besides the provided basic features, V oIP also comes with several enhanced features that allows you to further customize thei.
131 Ring & T one This section allows advanced user to change the existing or newly dened parameters for the various ring tones (dial tone, busy tone, answer tone and etc.) Country Specic Ring & T one Region: Select a country ring-tone, from the drop-down list, where you are located.
132 T one Parameters Y ou may need to check with your local telephone service provider for such information. Also, it is recommended that this option be congured by advance d user unless you are instructed to do so. Click Apply to apply the settings.
133 QoS - Quality of Service QoS function helps you to control your network trafc for each application from LAN (Ethernet and/or Wireless) to W AN (Internet). It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream.
134 Destination IP address Range : The destination IP address or range of packets to be monitored. Destination Port : The destination port of packets to be monitored. DSCP Marking : Dif ferentiated Services Code Point (DSCP), it is the rst 6 bits in the T oS byte.
135 information. Protocol : The name of supported protocol. Rate Limit : T o limit the speed of outbound trafc Source IP Address Range : The source IP address or range of packets to be monitored. Source Port(s) : The source port of packets to be monitored.
136 Inbound IP Throttling (W AN to LAN) IP Throttling allows you to limit the speed of IP trafc. The value entered will limit the speed of the application that you set to the specied value’s multiple of 32kbps. Name : U ser-dene description to identify this new policy/application.
137 Example: QoS for your Network Connection Diagram R e stric ted P C N o rm al P C s V o I P.
138 Information and Settings Upstream: 928 kbps Downstream: 8 Mbps V oIP User : 192.168.1.1 Normal Users : 192.168.1.2~192.168.1.5 Restricted User: 192.
139 Mission-critical application Mostly the VPN connection is mission-critical application for doing data exchange between head and branch ofce. The mission-critical application must be sent out smoothly without any dropping. Set priority as high level for preventing any other applications to saturate the bandwidth.
140 With above settings that help to limit utilization of upstream of FTP . T ime schedule also help you to only limit utilization at daytime. Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth; even the applications are located in the same level.
141 Sometime your customers or friends may upload their les to your FTP server and that will saturate your downstream bandwidth. The settings below help you to limit bandwidth for the restricted application.
142 V irtual Server (known as Port Forwarding) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to.
143 Add V irtual Server Because NA T can act as a “natural” Internet rewall, your router protects your network from being accessed by outside users when using NA T , as all incoming connection attempts will point to your router unless you specically create Virtual Server entries to forward those ports to a PC on your network.
144 enable port number 80 (Web/HTTP) and map to Router’s IP Address. Then all incoming HTTP requests from you (Remote side) will be forwarded to the Router with IP address of 192.168.1.254. Since port number 80 has already been predened, next to the Application click Helper .
145 Edit DMZ Host The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and NA T algorithms then passed to the DMZ host, when a packet received does not use a port number used by any other Virtual Server entries.
146 Edit One-to-One NA T (Network Address T ranslation) One-to-One NA T maps a specic private/local IP address to a global/public IP address. If you have multiple public/W AN IP addresses from you ISP , you are eligible for One-to-One NA T to utilize these IP addresses.
147 Application : Users-dened description to identify this entry or click drop-down menu to select existing predened rules. : 20 predened rules are available. Application, Protocol and External/Redirect Ports will be lled after the selection.
148 Example: List of some well-known and registered port numbers. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols.
149 T ime Schedule The T ime Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time prole, you may schedule specic day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications.
150 Conguration of T ime Schedule Edit a T ime Slot Choose any T ime Slot (ID 1 to ID 16) to edit, click Edit radio button. 1. Note: Watch it carefully , the days you have selected will present in capital letter . Lower case letter shows the day(s) is not selected, and no rule will apply on this day(s).
151 Delete a Time Slot Select the Delete radio button of the selected T ime Slot under the Time Slot section, and click the Edit/ Delete button to conrm the deletion of the selected T ime prole, i.e. erase the Day and back to default setting of Start T ime / End T ime.
152 Advanced Conguration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router . Users who do not understand the features should not attempt to recongure their router , unless advised to do so by support staf f.
153 Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name.
154 Check Email This function allows you to have the router check your POP3 mailbox for new Email messages. The Mail LED on your router will light when it detects new messages waiting for download.
155 Device Management The Device Management advanced conguration settings allow you to control your router ’s security options and device monitoring features. Device Host Name Host Name: Assign it a name . (The Host Name cannot be used with one word only .
156 For Example: User A changes HTTP port number to 100 , species their own IP address of 192.168.1.55 , and sets the logout time to be 100 seconds. The router will only allow User A access from the IP address 192.168.1.55 to logon to the W eb GUI by typing: http://192.
157 for “security”, but is widely accepted as the SNMPv2 standard. SNMPv3 is a strong authentication mechanism, authorization with ne granularity for remote monitoring.
158 IGMP IGMP , known as Internet Group Management Protocol, is used to management hosts from multicast group. IGMP Forwarding: Accepting multicast packet. Default is set to Enable. IGMP Snooping: Allowing switched Ethernet to check and make correct forwarding decisions.
159 Logout T o exit the router web interface, choose Logout. Please save your conguration setting before logging out of the system. Be aware that the router conguration interface can only be accessed by one PC at a time.
160 Chapter 5: T roubleshooting If your router is not functioning properly , please refer to the suggested solutions provided in this chapter . If your problems persist or the suggested solutions do not meet your needs, please kindly contact your service provider or Billion for support.
161 Problem with LAN interface Problem Suggested Action Cannot PING any PC on LAN Check the Ethernet LEDs on the front panel. The LED should be on for the port that has a PC connected. If it does not lit, check to see if the cable between your router and the PC is properly connected.
162 Appendix: Product Support & Contact Following the suggestions listed in the T roubleshooting section of the user manual can help you solve most of your problems.
163.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il Billion BiPAC 7404V(G)OX è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del Billion BiPAC 7404V(G)OX - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso Billion BiPAC 7404V(G)OX imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul Billion BiPAC 7404V(G)OX ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il Billion BiPAC 7404V(G)OX, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del Billion BiPAC 7404V(G)OX.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il Billion BiPAC 7404V(G)OX. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo Billion BiPAC 7404V(G)OX insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.
