Manuale d’uso / di manutenzione del prodotto WBR-2401 del fabbricante LevelOne
Vai alla pagina of 99
1 LevelOne WBR -2401 22Mbps Wireless ADSL Firewall/VPN router w/Printer Server User`s Manual.
2 FCC Interference S tatement This equipment has be en tested and found to co mply with the limits for a Class B digital device pursuant to Part 15 of t he FCC Rules. T hese limit s are designed to p rovide reasona ble protecti on against radio interfe rence in a commercial environm ent.
3 T able of Contents Chapter 1 In troduction ...................................................................................................... 5 Functions and Features ..............................................................................
4 4.8 T oolbox .............................................................................................................. 74 4.8.1 V iew Log ......................................................................................................... 75 4.
5 Chapter 1 Introduction Congratulations on your purchase of this outstan ding LevelOne WBR-2401 22MbpsW ireless ADSL Firewall/VPN Router . w/Printer Port This product is s pecifically desi gned for Sm all Offi ce and Home Office needs.
6 Packet Filter allows you to c ontrol access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on th e IP address of the source and destination.
7 ! Schedule Rule Y ou can set the schedule time to decide which se rvice at what time will be turned on or off. Packing List ! WBR-2401 22M bps W ireless ADSL Firewall/VPN R outer w/Printer Port. ! Installation CD-ROM ! Power adapter ! CA T -5 UTP Fast Ethernet cable Chapter 2 Hardware Inst allation 2.
8 LED: LED Function Color S tatus Description POWER Power indication Green On Power is being applied to this product. M1 System st atus 1 Green Blinking This product is functi oning properly .
9 2.1.2. Rear Panel Figure 2-2 Re ar Panel Ports: Port Description 5VDC Power inlet: DC 5V , 2.5A (minimum) W AN The port where you will connect yo ur phon e jack. Port 1-4 The ports where you will co nnect networked computers and other devices. PRINTER Printer Port RESET T o reset system settings to factor y defaults, please follow the steps: 1.
10 Figure 2-3 Setup of LAN a nd W AN connecti ons for this product. 3. Setup ADSL connection Prepare an telephone cab le for connectin g this pro d u ct to your ISP .
11 Chapter 3 Network Settings and Sof tware Installation T o use Lev elOne WBR-2401 correctly , you h ave to properly configure the network settin gs of your computers and i nstall the attach ed setup program into your MS W indows platform (Windows 95/98/NT/2000).
12 3.2 Install the Softwar e into Y our Computers Skip this sectio n if you do not want to use the print server f unction of t his pr oduct. Step 1: Insert the installation CD-ROM into the CD-ROM drive. The following window will be shown automatically .
13 Step 4: When the following wi nd ow is di spl a yed, click on the Finish button. Step 5: Select the item to restart the com puter and then click the OK button to reboot y our computer . Step 6: Af ter r ebooting your co mputer , th e software installatio n procedure is fin ished.
14 Chapter 4 Configuring Wireless ADSL Broadband Router LevelOne WBR-2401 provides W eb based configuratio n scheme, that is, configuring by your W eb browser , such as Nets cape Comm unicator or Int ernet Explorer . This appr oach can be adopted in a ny MS W indows, Macintosh or UNIX based platforms.
15 4.2 S t atus This option p r ovi des the functi on fo r ob ser v ing this prod uc t’ s working sta t us: A. W AN Port Status. If the W AN port is assigned a dynam ic IP , there may appear a “ Renew ” or “ Release ” button on the Side note column.
16 Notice: For t he WBR-2401B, i t can support both Annex B and U-R2 ADSL line coding schem es. The default setting is Annex B. If your ISP used U-R2 sc hem e, you have to change the line coding scheme to U-R2, and then reboo t this product to successfully establish th e connection with ISP 4.
17 Setup W izard will guide you through a basic configuration procedure step by step. Press ”Next >” Setup W izard - Select W AN T ype : For detail settings, please refer to 4.
18 4.4 Basic Setting.
19 4.4.1 Primary Setup – W AN T ype Press “Change”.
20 This page is primary to enable LevelOne WBR-24 01 to wo rk properly . The setting items and the web appearance de pend on the W AN type. Choose correct W AN type before you sta rt. 1. LAN IP Addr ess : the local IP address of this device. The computers on your network must use the LAN IP address of your product as th eir Defa ult Gateway .
21 4.3.2.1 Ethernet Over A TM (RFC 1483 Bridged) without NA T This W AN type disab le the NA T , this device b ecom es a pure bridg e between your LAN and W AN, all the clients in your LAN must have legal IPs. If you enable the NA T feature, you have to set the following W AN IP settings.
22 4.3.2.2 Ethernet Over A TM (RFC 1483 Bridged) with NA T A. S tatic I P A ddress : ISP assigns you a static IP a ddress: W AN IP Addr ess, Subnet Mask, Gateway , Primary and Second ary DNS : enter the proper setting pro vided by your ISP .
23 B. Dynamic IP A ddress : Obtain an IP address from ISP automatically . Host Name : o ptional. Re quired by some ISPs, f or exam ple, @Home. Renew IP For ever : this feature enables this product to renew your IP address automatically when the lease tim e is expiring-- even when the system is idle.
24 4.3.2.3 IP over A TM (RFC 1483 Routed): In the Router Mode, NA T is always enabled. Y ou have to set the following W AN IP settings: W AN IP Mode: This product supports two W AN IP modes: static and dynamic. If you select dynamic mode, it will try to get a legal IP and W AN settings from ISP’ s DHCP server .
25 VPI/VCI Numbers: The channe l settin gs provide d b y your ISP . Schedule T ype: The setting of the ADSL traffic schedule type. This device supports UBR (Un-specified bit rate) and CBR (Constant bit rate).
26 W AN IP Mode: This product supports two W AN IP modes: static and dynamic. If you select dynamic mode, it will try to get a legal IP and W AN settings from ISP’ s DHCP server . If you select static mode, you have to set the following W AN setting manually .
27 4.3.2.5 PPP over A TM: Press “ More >> ”.
28 PPPoA Account/Password: The account I D & passwor d provided by your ISP . Maximum Idle Time: The time of no activity disconnect to your PPPoA session.
29 Optional. Required by so me ISPs. Once you fin ish ed the required configuration, you must click on the "Save" button to save the config uration into Flash memory , and the reboot this device.
30 PPPoE Account/Password: The account I D & passwor d provided by your ISP . Maximum Idle Time: The time of no activity disconnect to your PPPoE session.
31 Optional. Required by so me ISPs. Once you fin ish ed the required configuration, you must click on the "Save" button to save the config uration into Flash memory , and the reboot this device.
32 4.3.3 OAM Setup In this page, you can set the OAM feature for virtual channel. First click on the Enable or Disable circle for th e settings of OAM Function, Activation/De-activation , Loopback, a nd Fault Ma nagement i ndividua lly . Then, click on the "Save" button to finish the configuration of th e selected session.
33 4.4.2 DHCP Server Press “More>>”.
34 The settings of a TCP/IP environment include host IP , Subnet Mask, Gateway , and DNS co nfigurations. It is not easy to manually configure all th e computers and devices in your network. Fortunately , DHCP Server provide s a rather simple appr oach to handle all these settings.
35 This function enab les you to assign another gateway to your PC, wh en DHCP server offers an IP to your PC. 4.4.3 W ireless Setting, and 802.1X setting W ireless settings allow you to set the wireless configuration ite ms. 1. Network I D (SSID) : Network ID is used for identifyi ng the W ireless LAN (WLAN).
36 word or phrase into hex. 6. 802.1X Setting 802.1 X CheckBox was used to switch the functi on of the 802.1X. When the 802.1X function is enable, the W ireless user must authenticate to this router first to use th e Network service. RADIUS Server IP address or the 802.
37 4.4.4 Change Password Y ou can change Password here. W e strongly recommend you to c hange the sy stem passwo rd for security reason..
38 4.5 Forwarding Rules.
39 4.5.1 V irtual Server This product’ s NA T firewall filters out unrecognized packets to protect your Intranet, so all ho sts behind this pr oduct are invi sible to the outsi de world. If you wi sh, you can m ake some of them accessible by enabling the V irtual Server Ma ppi ng .
40 4.5.2 Special AP Some applications require multiple connectio ns, like Internet g ames, V id eo conferencing, Internet telephony , etc. Because of the firewall function, thes e applications ca nnot work with a pure NA T router . The Special Applications feature allows some of these applications to work with this produ ct.
41 4.5.3 Miscellaneous Items IP Address of DMZ Host DMZ (DeMilitarized Zone) Host is a host without the pr otection of firewall. It a llows a computer to be exposed to unre st ri cted 2- way com m unication for Internet games, V ideo conferencing, Int ernet telephony a nd othe r special appli cations.
42 4.6 Security Settings.
43 4.6.1 Packet Filter Packet Filter enables you to con trol what packets are allowed to pass the router . Outbound filter applies on all outbound packets. However, Inbound filter applies on packets that destin ed to V irtual Servers or DMZ host only .
44 addresses (4.3.2 .1-4.3.2 .25 4). An empty implies all IP addresses. For source or destination port, you can define a single por t (8 0) or a range of ports (1000 -1999). Add prefix "T" or "U" to spec ify TCP or UDP protocol . For exam ple, T80, U53, U2000- 2999.
45 Example 2: (192.168.1 23.100-192. 168.123.1 19) They can do everythi ng except rea d net news ( port 1 19) and transfer files via FTP (port 21) Others are all allowed.
46 (192.168.123.100-1 92.168.123.149) They are allowed to se nd mail (port 25), receive mail (port 1 10), and browse Internet ( port 80); port 53 (DNS) is necessa ry to resolve the domain nam e. (192.168.12 3.10-192.168.123 .20) They can do everyth ing (blo ck nothing) Others are all blocked.
47 transfer files via FTP (port 21) Others are allowed After Outbound Packet Filter setting is configured, click the save button..
48 4.6.2 Domain Filter Domain Filter let you prevent users under this device from accessing specific URLs. Domain Filter Enable Checke if you want to enable Domain Filter . Log DNS Query Checke if you want to log t he action when someone access es the specific URLs.
49 Example: In this example: 1. URL include “sex.co m” will be blocke d, an d the action will be record in log-file. 2. URL include “girl.co m” will not be blocked, but th e action will be record in log-file. 3. URL include “erotica.com” will be block ed, but the action will not be record in log-file.
50 4.6.3 MAC Address Control MAC Address Cont rol allows y ou to assign dif feren t access right for different users and to assign a specific IP address to a certain MAC address. MAC Address Co ntrol Check “Enable” to enable the “M AC Address Control”.
51 addresses are not in the "Control table", to associate to the wireless LAN. Control table "Control table" is the table at the botto m of the "MAC Address Co ntrol" page. Each r ow of this t able indicat es t h e MAC address and the expected IP add ress mapping of a client.
52 4.6.4 VPN s etting VPN Settings are settings that are used to create vi rtual private tunnels to remote VPN gateways. The tunnel technology sup ports data confidentiality , data origin authenticatio n and data integrity of network information by utilizing en cap sulation protocols, encryption algorith ms, and hashing algorithms.
53 System m anagers of both en d gateways only need set the sam e pre-shared key . Function of Buttons More : T o setup detaile r configuration f or manual key or IKE approaches by cl icking the "More" button.
54 Local netmask Local netmask combined with local subnet to form a subnet domain. Remote subnet The subnet of LAN site of remote VPN gateway , it can be a host, a partial subnet, and th e whole subnet of LAN site of remote gateway . Remote netm ask Remote netmask combined with remote subnet to form a subnet domain of remote end.
55 • VPN Settings - Set IKE Proposal IKE Pro pos al index A list of selected proposal indexes from the IKE proposal pool listed below . The selecting activity is performed by selecting a proposal ID an d clicking "add to" button i n the bottom of the page.
56 • VPN Settings -Set IPSec Pr oposal IPSec Proposal index A list of select ed proposal i ndexes from the IPSec proposal pool l isted bel ow. The selecting act ivity is performed by selecting a proposal ID an d clicking "add to" button i n the bottom of the page.
57 IPSec proposal. Life time The unit of life time is based on the value of Life T ime Unit. If the value of unit is second, the value of life time represents the life time of dedicated VPN tunnel between both e n d gateways. Its value ran ges from 300 seconds to 172,8 00 seconds.
58 4.6.5 Miscellaneous Items Remote Administrator Host/Port In general, only Intranet user can browse the built-in web pages to perform admin istration task. This feature enables you to perf orm administ ration task from remote host. If this feature is enabled, only th e specified IP address can perform rem o te administration.
59 4.7 Advanced Setting.
60 4.7.1 ADSL Modem Performance Setting Tx Gain Offset This parameter allows the user to add an offset on the Tx gain of the CPE Modem. The offset range is limited bet ween -10 dB and +3 dB with a gr anularity of 0.5 dB. The default val ue is set to 0 dB, no offset .
61 offset . Tx Output Power Offset This parameter all ows user t o reduce t he Tx output power (in the upstream direction). T he value should be rang ed between 0 and 10 dBm. Rx Output Power Offset This parameter allows user to reduce the Rx output power .
62 4.7.2 System T ime Get Date and T ime by NTP Protoc ol Selected if you want to Get Date and T ime by NTP Pro tocol. Time Server Select a NTP time server to consu lt UTC time Time Z one Select a time zone where this device locates. Set Date and T ime manually Selected if you want to Set Date and T ime manually .
63 4.7.3 System Log This page s upport two m ethods to export syst em logs to s pecific dest ination by m eans of syslog(UDP) and SMTP(TC P). The item s you have to setup incl uding: IP Address for Syslog Host IP of destination where syslo gs will be sent to.
64 E-mail Subject The subject of email aler t. This settin g is optional..
65 4.7.4 Dynamic DNS To host your s erver on a c hanging IP ad dress, you ha ve to use dynam ic domain name service (D DNS). So that anyone wishing to reach your host only needs to know the name of it. Dynamic DNS will map the name of your host to your curr ent IP address, which changes eac h time you connect your Internet service provid er.
66 Username/E-mail Password/Key You will get this information whe n you regi ster an account on a Dynamic DNS serve r. Example: After Dynamic DNS setting is configured, click the save button.
67 4.7.5 SNMP Setting In brief, S NMP, the Sim ple Network Managem ent Protocol, is a p rotocol desig ned to give a user the capability to remotely manage a co mputer network by polling and setting terminal values and monitori ng network e v ents. Enable SNMP Y ou must check either Local or Remote or both to enab le SNMP function.
68 1. This device will response to SNMP client which’ s get co mmuni ty is set as “public” 2. This device will response to SNMP client which’ s set community is set as “priv ate” 3.
69 4.7.6 Routing T able Routing T ables allow you to determine which physical int e rface address to use for outgoing IP data grams. If you have more than one routers and subnets, you will need to enable routing table to allow packets to fin d proper rout ing path an d allow dif ferent subnets to c ommunicate wi th each othe r .
70 Example: So if, for example, the ho st wanted to send an IP data gram to 192.168.3 .88 , it would use the above table to determin e that it had to go via 19 2.168.1.33 (a gateway), And if it sends Packets to 192.168.5.77 will go via 192 .168.1.55 Each rule can be enabled or di sabl ed i ndi vidually .
71 4.7.7 Schedule Rule Y ou can set the schedule tim e to decide which ser vice at what time will be turned on or off. Select the “enable” item. Press “Add New Rule” Y ou can write a rule name and set which day and what time to schedule from “Start T ime” to “End T ime”.
72.
73 Schedule Enable Selected if you want to Enable the Schedu ler . Edit T o edit th e schedule rule. Delete T o d elete the sche dule rule, and the rule# of th e rules behind the deleted one will decrease one automatically .
74 4.8 T oolbox.
75 4.8.1 V iew Log Y ou can V iew system log by clicking the Vi e w L o g button.
76 4.8.2 Firmwar e Upgrade Y ou can upgrade fi rmware by cl icking Firmwar e Upgrade bu tton..
77 4.8.3 Backup Setting Y ou can backup your settings by clicking the Backup Setting button and save it as a bin file. Once you want to rest ore these settings, please click Firmwar e Upgrade button and use the bin file you saved. 4.8.4 Reset to default Y ou can also reset this product to factor y default by click ing the Reset to default button.
78 4.8.6 Miscellaneous Items MAC Address for W ake-on-LAN W ake-on-LAN is a techno logy that enables you to power up a network ed device remotely . In order to enjoy this feat ure, the ta rget device must be W ake-on-LAN enable d and you ha ve to know the MAC address of this device, say 00-11- 22-33-44-55.
79 Chapter 5 Print Server LevelOne WBR-2401 provides th e function of network pri nt server for MS W indows 95/98/NT/2000 an d Unix based platforms. 5.
80 1. Find out the corresp onding icon of your s erver printer , for example, t he HP LaserJet 6L . Click the mouse’ s right button on that icon, and then select the Properties item: 2.
81 3. Choose the “PR Tmate: (All-in-1)” from the list attached at the Print T o item. Be sure that the Printer Driver item is configured to th e correct driv er of your server printer . 4. C lick on t he butt on of Port Settings : T ype in the IP address of this product and then click the OK button.
82 5.2 Configuring on Window s NT Platforms The configurati on p roce d ure f or a W indows NT platform is similar to that of W indows 95/98 except the screen of printer Pr op erties : Compared to the pro cedure in last section, the selection of Det ails is equivalent to the selection of Ports , and Port Settings is equi valent to Configure Port .
83 5.3 Configuring on W indows 2000 and XP Platforms W indows 2000 and XP have built-in LPR client, users could utilize this feature toPrint. Y ou have to install your Printer Driver on LPT1 or other ports before you pr eceed the following sequence. 1.
84 2. Select “Ports” page , Click “Add Port…”.
85 3. Select “Standa rd TCP/IP Port”, and then click “New Port…” 4. Click Ne xt and then provide t he followin g inform ation: T ype address of serve r providing LPD that i s our NA T device:192.
86 5. Select Custom, then click “Settings…”.
87 6. Select “LPR”, type ” lp “ lowercase letter in “Queue Nam e:” And enable “LPR Byte Counting Ena b led”. 7. Apply your settings.
88.
89 5.4 Configuring on Unix based Platforms Please follow the traditional configur ation procedure on Unix platforms to setup the print server of this product.
90 Appendix A TCP/IP Configuration for W indows 95/98 This section introduces you ho w to install TCP/IP protocol into you r personal computer . And suppose you have been success fully installed one network ca rd on your personal computer . If not, please refer to your network card manual.
91 5. Select Microsoft item in the manufactu r es list. And choose TCP/IP in the Network Pr otocols . Click OK button to return to Network window . 6. The TCP/IP protoco l shall be listed in the Network window . Click OK to co mplete the install procedure and restart your PC to enable t he TCP/ IP protocol.
92 4. Now , you have two setting method s: A. Get IP via DHCP serv er a. Select Obtain an IP addr ess automatically in the IP Addr ess tab. b. Don’ t input a ny value in t h e Gateway tab.
93 c. Choose Disable DNS in the DNS Configuration tab . B. Configure I P manually a. Select Speci fy an IP addre ss in the IP Addr ess tab. The default IP address of this product is 19 2.168.123.254 . So please use 192.168.1 23.xxx (xx x is be tween 1 and 253) for IP Ad dr ess field and 255.
94 b. In the Gateway tab, add the IP address of this product (default IP is 192.168.123.254) in the New gateway field an d click Add button. c. In the DNS Configuration tab, add the DNS values which are provided by the ISP into DNS Server Sear ch Or der field and click Add button.
95 Appendix B Main ISP setting for ADSL modem configuration. Argentina : Argentina T elecom : Encapulation : RFC 1483 Bridge LLC V P I : 0 V C I : 3 3 Handshack protocal : Autosense-G .dmt first Belgium : Belgacom : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 8 V C I : 3 5 Handshack protocal : Autosense-G .
96 Encapulation : RFC 1483 Bridge LLC V P I : 0 VCI : 100 Handshack protocal : Autosense-G .dmt first France : France T elecom : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 8 V C I : 3 5 Handshack protocal : Autosense-G .
97 Israel : Israel : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 8 V C I : 4 8 Handshack protocal : Autosense-G .dmt first Italy : Italy : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 8 V C I : 3 5 Handshack protocal : Autosense-G .
98 Handshack protocal : Autosense-G .dmt first New Zealand : New Zealand T elecom : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 0 VCI : 100 Handshack protocal : Autosense-G .dmt first Portugal : PT : Encapulation : RFC 2516 PPPoE LLC V P I : 0 V C I : 3 5 Handshack protocal : Autosense-G .
99 BT : Encapulation : RFC 2364 PPPoA VC-Mux V P I : 0 V C I : 3 8 Handshack protocal : Autosense-G .dmt first Encapsulation : RFC 2364 PPPoA VC-Mux RFC 2364 PPPoA LLC RFC 1483 Bridge LLC RFC 1483 Routed LLC RFC 1483 Bridge VC-Mux RFC 1483 Routed VC-Mux RFC 1577 IpoA RFC 2516 PPPoE VC-Mux RFC 2516 PPPoE LLC Handshacke Protocal : Autosense-G .
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il LevelOne WBR-2401 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del LevelOne WBR-2401 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso LevelOne WBR-2401 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul LevelOne WBR-2401 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il LevelOne WBR-2401, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del LevelOne WBR-2401.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il LevelOne WBR-2401. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo LevelOne WBR-2401 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.