BiPAC 7404V Series VoIP/(802.11g) ADSL2+ (VPN) Firewall Router User’s Manual Version Release 5.
Table of Contents CHAPTER 1: INTRODUCTION ............................................................................................................. 4 INTRODUCTION TO YOUR ROUTER................................................................................................. 4 FEATURES .............................................................................................................................................. 4 CHAPTER 2: INSTALLING THE ROUTER ............................................
Port Setting ..................................................................................................................................... 38 DHCP Server .................................................................................................................................. 39 WAN - Wide Area Network.................................................................................................................. 40 ISP .......................................................................
CHAPTER 5: TROUBLESHOOTING ................................................................................................ 152 PROBLEMS STARTING UP THE ROUTER ..................................................................................... 152 PROBLEMS WITH THE WAN INTERFACE .................................................................................... 152 PROBLEMS WITH THE LAN INTERFACE .....................................................................................
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Chapter 1: Introduction Introduction to your Router Welcome to the BiPAC 7404 VoIP/(802.11g) ADSL2+ (VPN) Firewall Router. The router is an “all-in-one” VoIP ADSL router, combining an ADSL modem, ADSL router, Ethernet network switch and 2 ports for Voice over IP facilities, providing everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Multi-Protocol to Establish a Connection The router supports PPPoA (RFC 2364 - PPP over ATM Adaptation Layer 5), RFC 1483 encapsulation over ATM (bridged or routed), PPP over Ethernet (RFC 2516), and IPoA (RFC1577) to establish a connection with the ISP. The product also supports VC-based and LLC-based multiplexing. Quick Installation Wizard A WEB GUI page is provided to set up the device quickly.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Virtual Server (“port forwarding”) Users can specify some services to be visible from outside users. The router can detect incoming service requests and forward either a single port or a range of ports to the specific local computer to handle it. For example, a user can assign a PC in the LAN acting as a WEB server inside and expose it to the outside network. Outside users can browse inside web servers directly while it is protected by NAT.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Chapter 2: Installing the Router Important note for using this router Do not use this router in high humidity or high temperatures. Do not use the same power source for this router as other equipment. Do not open or repair the case yourself. If this router overheats, turn off the power immediately and have it repaired at a qualified service center. Avoid using this product and all accessories outdoors.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router The Front LEDs LED Meaning 1 PWR Lit when power is ON. 2 SYS Lit when the system is ready. LAN Port 1X — 4X (RJ-45 connector) Lit when connected to an Ethernet device. Green for 100Mbps; Orange for 10Mbps. Blinking when data is Transmitted / Received. WLAN Lit green when the wireless connection is established. Flashes when sending/receiving data.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router The Rear Ports 6 8 5 3 4 7 1 2 The Ethernet Port # 4 can be used as a console port. You need a special console tool which already includes in the package to connect with LAN port 4 and PC’s RS-232 port (9-pin serial port). Port Meaning 1 Power Switch Power ON/OFF switch 2 PWR Connect the supplied power adapter to this jack. 3 RESET To be sure the device is being turned on press RESET button for: 1-3 seconds: quick reset the device.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router 7 ADSL Antenna 8 (Wireless Router only) Connect the supplied RJ-11 (“telephone”) cable to this port when connecting to the ADSL/telephone network. Connect the detachable antenna to this port. Cabling One of the most common causes of problems is bad cabling or ADSL line(s). Make sure that all connected devices are turned on. On the front of the product is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Chapter 3: Basic Installation The router can be configured with your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me, etc. The product provides an easy and user-friendly interface for configuration. Please check your PC’s network components. The TCP/IP protocol stack and Ethernet network adapter must be installed.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Connecting Your Router 1. Connect this router to a LAN (Local Area Network) and the ADSL/telephone (ADSL) network. 2. Power on the device. 3. Make sure the PWR and SYS LEDs are lit steadily and that the LAN LED is lit. 4. Connect an RJ11 cable to VoIP port when connecting to an analog phone set. 5. Connect RJ-11 cable to LINE Port when connecting to the telephone wall jack.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring PCs in Windows in Window XP 1. 2. Go to Start / Control Panel (in Classic View). In the Control Panel, double-click Network Connections. Double-click Local Area Connection. (See Figure 3.1) Figure 3.1: LAN Area Connection 3. In the LAN Area Connection Status window, click Properties. (See Figure 3.2) Figure 3.2: LAN Connection Status 4. Select Internet Protocol (TCP/IP) and click Properties. (See Figure 3.3) Figure 3.3: TCP / IP 5. 6.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring PCs in Windows 2000 1. Go to Start / Settings / Control Panel. In the Control Panel, double-click Network and Dial-up Connections. 2. Double-click Local Area (“LAN”) Connection. (See Figure 3.5) Figure 3.5: LAN Area Connection 3. In the LAN Area Connection Status window, click Properties. (See Figure 3.6) Figure 3.6: LAN Connection Status 4. Select Internet Protocol (TCP/IP) and click Properties. (See Figure 3.7) Figure 3.7: TCP / IP 5.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring PC in Windows 95/98/ME 1. 2. 3. Go to Start / Settings / Control Panel. In the Control Panel, double-click Network and choose the Configuration tab. Select TCP / IP -> NE2000 Compatible, or the name of any Network Interface Card (NIC) in your PC. (See Figure 3.9) Click Properties. Figure 3.9: TCP / IP 4. Select the IP Address tab. In this page, click the Obtain an IP address automatically radio button. (See Figure 3.10) Figure 3.10: IP Address 5.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring PC in Windows NT4.0 1. Go to Start / Settings / Control Panel. In the 2. Control Panel, double-click Network and choose the Protocols tab. Select TCP/IP Protocol and click Properties. (See Figure 3.12) Figure 3.12: TCP / IP 3. Select the Obtain an IP address from a DHCP server radio button and click OK. (See Figure 3.13) Figure 3.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Factory Default Settings Before configuring your, you need to know the following default settings. Web Interface (Username and Password) Username: admin Password: admin The default username and password are “admin” and “admin” respectively. If you ever forget the username/password to login to the router, you may press the RESET button up to 6 seconds to restore the factory default settings.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Information from your ISP Before configuring this device, you have to check with your ISP (Internet Service Provider) to find out what kind of service is provided such as DHCP (Obtain an IP Address Automatically, Static IP (Fixed IP Address) and PPPoE. Gather the information as illustrated in the following table and keep it for reference.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring with your Web Browser Open your web browser, enter the IP address of your router, which by default is 192.168.1.254, and click “Go”, a user name and password window prompt will appear. The default username and password are “admin” and “admin” respectively. (See Figure 3.14) Figure 3.14: User name & Password Prompt Widonw Congratulation! You are now successfully logged on to the VoIP/(802.
VoIP/(802.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Status ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Firewall – MAC Address Filter function. See the Firewall section of this manual for more information on this feature.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Destination: The IP address of the destination network. Netmask: The destination Netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use. Cost: The number of hops counted as the cost of the route. RIP Routing Table Destination: The IP address of the destination network. Netmask: The destination Netmask address. Gateway: The IP address of the gateway that this route will use.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Name: The name you assigned to the Permanent configuration. IP Address: The fixed IP address for the specify client. MAC Address: The MAC Address that you want to assign the fixed IP address. Maximum Lease Time: The maximum lease time interval you allow to clients. PPTP Status (Only the 7404VGO has VPN features) This shows details of your configured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN configuration.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router L2TP Status (Only the 7404VGO has VPN features) This shows details of your configured L2TP VPN Connections. Name: The name you assigned to the particular L2TP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled. Active: Whether the connection is currently active. Tunnel Connected: Whether the VPN Tunnel is currently connected.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router VoIP Call Log This page displays the detailed log of each call. The maximum number of record is 30 entries for each phone port. (Dialed Calls List: 10, Received Calls List: 10, Missed Calls List: 10). Event Log This page displays the router’s Event Log entries.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window. NAT Sessions This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). Diagnostic Tests the connection to computers that are connected to LAN ports and also the WAN Internet connection. If PING www.google.com shows FAIL and the other tests show PASS, you should check that the DNS setting is correct.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play. See Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Quick Start For detailed instructions on configuring your WAN settings, please see the WAN section of this manual. Usually, the only details you will need for the Quick Start wizard to get you online are your login (often in the form of username@ispname), your password and the encapsulation type. In addition, you have the option to provide a specific DNS if required, or check the Enable box to get the DNS automatically from your ISP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Select the desired option from the list and click Apply to return to the Quick Start interface to continue configuring your ISP connection. Please note that the contents of this list will vary, depending on what is supported by your ISP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuration When you click this item, you get following sub-items to configure the ADSL router. - LAN, Wan, System, Firewall, VPN, VoIP, QoS, Virtual Server, Time Schedule and Advanced These functions are described below in the following sections. LAN - Local Area Network Here are the items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client Filter, Wireless, Wireless Security, Wireless Client Filter, Port Setting and DHCP Server.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Ethernet Primary IP Address IP Address: The default IP on this router. Subnet Mask: The default subnet mask on this router. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. IP Alias This function supports creation of multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote node. In this case, an internal router is not required.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine(s) to access your LAN. There are no pre-define Ethernet MAC address filter rules; you can add the filter rules to meet your requirements. Ethernet Client Filter: Default setting is set to Disable.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router The Active PC in LAN screen displays a list of individual Ethernet device IP Address & MAC Address that are currently connected to the router. Select individual devices to be blocked or allowed, by checking the box next to the IP address. Then, Add to insert to the Ethernet Client Filter table. The maximum number of Ethernet clients is 16. Wireless (Wireless Router only) Parameters WLAN Service: Default setting is set to Enable.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router America (N.America), Europe, France, etc. The Channel ID will be different based on this setting. Channel ID: Select the wireless connection ID channel that you would like to use. Use the Scan Channel Usage to help to select non-occupied wireless channel. Scan Channel Usage: Wireless channel scan takes up to 14 seconds to survey the channel ID in the network area. The result will show all channels being occupied or not occupied.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Wireless Security (Wireless Router only) Wireless Security may be Disabled or Enabled with WEP or WPA (1,2) for protecting your wireless network. The default mode of wireless security is Disabled. It is strongly suggested that you Enable wireless security with at least WEP. WPA will provide stronger security if your client devices can support it.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router WEP Security Mode: To prevent unauthorized wireless stations from accessing data transmitted over the network, the router offers basic data encryption, known as WEP. WEP Authentication: Select Open or Shared as required. Note that client devices need the same setting. WEP Encryption:. There are two alternatives to select from for the key length: WEP 64 and WEP 128. WEP 128 will offer increased security over WEP 64.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Wireless Client / MAC Address Filter (Wireless Router only) The MAC Address filter supports up to 16 wireless network machines and helps you to manage your network control to accept traffic from specific authorized machines or to restrict unwanted machine(s) accessing your LAN. There are no pre-define MAC Address filter rules; you can add the filter rules to meet your requirements. Wireless Client Filter: Default setting is set to Disable.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Port Setting This section allows you to configure the settings for the router’s Ethernet ports to solve some compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network. Port # Connection Type: There are six options to choose from: Auto, disable, 10M half-duplex, 10M full-duplex, 100M half-duplex, 100M full-duplex and Disable.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router DHCP Server DHCP (Dynamic Host Configuration Protocol) allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically. You can enable or disable the router’s DHCP server, or enable the router’s DHCP relay functions in this screen. To change the DHCP operation of the router, select the required mode from the DHCP Server Mode section and click Next 1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router WAN - Wide Area Network WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the Internet. The items within the WAN section: ISP, DNS and ADSL. ISP The factory default is PPPoE. If your ISP uses this access protocol, click Edit to input other parameters as below. If your ISP does not use PPPoE, you can change the default WAN connection entry by clicking Change.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router RFC 1483 Routed Connections Description: User-definable name for the connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for the ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router RFC 1483 Bridged Connections Description: User-definable name for the connection. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for the ATM layer. Encapsulation method: Select the encapsulation format, this is provided by your ISP. Acceptable Frame Type: Specify what kind of traffic can pass through this connection, options are all traffic, or only VLAN tagged.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for the ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Idle Timeout: Auto-disconnect the broadband firewall gateway when there is no activity on the line for a predetermined period of time. Detail: You can define the destination port and packet type (TCP/UDP). This allows you to set which outgoing traffic will not trigger and reset the idle timer. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. MTU: Maximum Transmission Unit.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router IPoA Routed Connections Description: User-definable name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for the ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPPoE Connections Description: User-definable name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single ISP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet). Idle Timeout: Auto-disconnect the broadband firewall gateway when there is no activity on the line for a predetermined period of time. Detail: You can define the destination port and packet type (TCP/UDP). This allows you to set which outgoing traffic will not trigger and reset the idle timer. RIP: RIP v1, RIP v2, and RIP v2 Multicast.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPPoE with Pass-through Connections PPPoE with pass-through adapts the following method: PPPoE Routed mode + 1483 Bridge Mode. With pure PPPoE connection, the router can get one WAN address to the router. With the PPPoE and PPPoE pass-through, concurrently, it allows user to have a WAN address assigned to the router but also able to get another WAN IP from ISP using PPPoE dialer (e.g WinPoETor Windows XP PPPoE Dialer) at the same time.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Connection: Always on: If you want the router to establish a PPPoE session when starting up and to automatically re-establish the PPPoE session when disconnected by the ISP. Connect on Demand: If you want to establish a PPPoE session only when there is a packet requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router DNS A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. On the Internet, every host has a unique and user-friendly name (domain name) such as www.helloworld.com and an IP address. An IP address takes the form of xxx.xxx.xxx.xxx, for example 192.168.1.254. You can think of an IP address as a telephone number for devices on the Internet, and the DNS will allow you to find the telephone number for any particular domain name.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router ADSL Connect Mode: This mode will automatically detect your ADSL line code, ADSL2+, ADSL2, G.dmt, G.lite, T1.413, AnnexM2 and AnnexM2+. In some areas, multimode cannot detect the ADSL line code well. If this is the case, please adjust the ADSL line code to G.dmt or T1.413 first. If it still fails, please try the other values such as ALCTL, ADI, etc. If you still have trouble with the line, please check with your ISP for line connect information.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced Options ADSL Parameters help to interpret your ADSL line statistics. SNR Margin: Signal to Noise Ratio Margin. It is the DSL signal strength to Noise ratio. This margin is measured in decibels (dB). The higher the dB figure, the better the DSL signal strength and better chance to get faster speeds. Line Attenuation: Measures the signal loss in decibel (dB) between the CO DSLAM and the router.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router System Items in the System menu include: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart and User Management. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network. Choose your local time zone, click Enable and click the Apply button.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI. If you wish to permanently enable remote access, choose a time period of 0 minutes.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Firmware Upgrade Your router’s “firmware” is the software that allows it to operate and provides all its functionality. Think of your router as a dedicated computer, and the firmware as the software it runs. Over time this software may be improved and modified, and your router allows you to upgrade the software it runs to take advantage of these changes. Clicking on Browse will allow you to select the new firmware image file you have downloaded to your PC.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Backup / Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes. It is advisable to backup your router’s settings before making any significant changes to your router’s configuration.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router User Management In order to prevent unauthorized access to your router’s configuration interface, it is required that all users login with a password. You can set up multiple user accounts, each with their own password. You are able to Edit existing users and Create new users who are able to access the device’s configuration interface.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Firewall and Access Control Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. In addition to this, when using NAT, the router acts as a “natural” Internet firewall, as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet. Firewall: Prevents access from outside your network.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router General Settings You can choose not to enable Firewall and still be able to access the URL Filter and IM/P2P Blocking, or you may choose to enable the Firewall using preset filter rules and modify the port filter rules as required. The Packet Filter is used to filter packets based-on Applications (Port) or IP addresses.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All Blocked, High, Medium and Low). The preset port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected. See Table1: Predefined Port Filter for more detail information.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Predefined Port Filters Rules The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1. Note: Firewall – All Blocked/User-defined setting - you must define and create the port filter rules yourself. No predefined rule is pre-configured in these modes.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router MSN (7001) UDP(17) 7001 7001 YES MSN VEDIO TCP(6) (9000) 9000 9000 NO YES N/A N/A N/A N/A YES N/A N/A N/A N/A Inbound: Internet to LAN ; Outbound: LAN to Internet. YES: Allowed ; NO: Blocked ; N/A: Not Applicable Packet Filter – Add TCP/UDP Filter Rule Name: User-defined description to identify this entry or click predefined rules. The maximum name length is 32 characters.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Packet Filter – Add Raw IP Filter Rule Name: User-defined description to identify this entry or click predefined rules. to select existing Time Schedule: You may specify a time schedule for your prioritization policy. For setup and detail, refer to Time Schedule section Protocol Number: Insert the port number, i.e. GRE 47. Inbound / Outbound: Select Allow or Block the access to the Internet (“Outbound”) or from the Internet (“Inbound”).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring your firewall to allow for a publicly accessible web server on your LAN The predefined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to a high, medium or low security level. To setup a web server located on the local network when the firewall is enabled, you have to configure the Port Filters setting for HTTP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring Packet Filter: 1. Click Port Filters. You will then be presented with the predefined port filter rules screen (in this case for the low security level), shown below: Note: You may click Edit the predefined rule instead of Delete it. This is an example to show to how you add a filter on your own. Click Delete 2. Click Delete to delete the existing HTTP rule. 3. Click Add TCP/UDP Filter. Click Add TCP/UDP Filter 4.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router 5. The new port filter rule for HTTP is shown below: 6. Configure your Virtual Server (“port forwarding”) settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server: Note: For details on how to configure the HTTP in Virtual Server, go to Add Virtual Server in Virtual Server section.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Intrusion Detection The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious.
VoIP/(802.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router URL Filter URL (Uniform Resource Locator – e.g. an address in the form of http://www.abcde.com or http://www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements. Enable/Disable: To enable or disable URL Filter feature. Block Mode: A list of the modes that you can choose to check the URL filter rules.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router In the example below, the URL request for www.abc.com will be sent to the remote web server because it is listed in the trusted list, whilst the URL request for www.google or www.google.com will be dropped, because www.google is in the forbidden list. Example: Andy wishes to disable all WEB traffic except for sites listed in the trusted domain, which would prevent Bobby from accessing other web sites.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router IM / P2P Blocking IM, short for Instant Message, uses a client program that allows users to communicate by exchanging text messages with other IM users in real time over the Internet. A P2P application, known as Peer-to-Peer, is a group of computer users who share files to specific groups of people across the Internet.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Firewall Log Firewall Log will record log information of any unexpected action with your firewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router VPN - Virtual Private Networks (BiPAC 7404VGO Only) Virtual Private Networks provide a way to establish secure communication tunnels to an organization’s network via the Internet. Your Billion router supports three main types of VPN (Virtual Private Network), PPTP, IPSec and L2TP. PPTP (Point-to-Point Tunneling Protocol) There are two types of PPTP VPN supported: Remote Access and LAN-to-LAN (please refer below for more information.).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPTP Connection - Remote Access Connection Name: User-defined name for the connection (e.g. “Connection to office”). Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g. your office server); check Dial In to operate as a VPN server. When configuring your router as a Client, enter the remote Server IP Address (or Domain Name) you wish to connection to.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-out Connection A company’s office establishes a PPTP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a several PCs and Servers.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a Remote Access PPTP VPN Dial-out Connection (ctd) Configuring the PPTP VPN in the Office You can either input the IP address (69.1.121.33 in this case) or hostname to reach the server. 1 2 3 4 5 Item 1 2 3 4 5 Connection Name Dial out Server IP Address (or Domain name) Username Password Auth.Type Data Encryption Key Length Function VPN_PPTP 69.121.1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPTP Connection - LAN to LAN Connection Name: User-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g. your office server), check Dial In to operate as a VPN server. When configuring your router as a Client, enter the remote Server IP Address (or Domain name) you wish to connection to.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a PPTP LAN-to-LAN VPN Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch office accordingly. Both office LAN networks MUST in different subnet with LAN to LAN application.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a PPTP LAN-to-LAN VPN Connection (ctd) Configuring PPTP VPN in the Head Office The IP address 192.168.1.201 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. 1 2 3 4 5 6 Item 1 2 3 4 5 6 Function Description Connection Name Dial in Private IP Address Assigned to Dialing User Peer Network IP Netmask Username Password Auth.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring PPTP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router. 1 2 3 4 5 6 Item 1 2 3 4 5 6 Function Description Connection Name Dial out Server IP Address (or Domain name ) Peer Network IP Netmask Username Password Auth.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router IPSec (IP Security Protocol) Click Create to create a new IPSec VPN connection account. After you have created the IPSec connection, account information will be displayed. (See example above). Enable / Disable: This function activates or deactivates the IPSec connection. Check Enable or Disable radio button and click Apply button to activate or deactivate the connection. Name: The user-defined name of the connection.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router IPSec VPN Connection Connection Name: User-defined name for the connection (e.g. “connection to office”). Local Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host. Subnet: The subnet of the local network. For example, IP: 192.168.1.0 with netmask 255.255.255.0 specifies one class C subnet starting from 192.168.1.1 (i.e. 192.168.1.1 through to 192.168.1.254).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Encryption: Select the encryption method from the pull-down menu. There are several options, DES, 3DES, AES (128, 192 and 256) and NULL. NULL means it is a tunnel only with no encryption. 3DES and AES are more powerful but increase latency. DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method. 3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption method.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced Option This function is only available after completed creating an IPSec account. Click Advanced Option to change the following settings: IKE (Internet key Exchange) Mode: Select IKE mode to Main mode or Aggressive mode. This IKE setting provides secured key generation and key management. IKE Proposal: Hash Function: It is a Message Digest algorithm which coverts any length of a message into a unique set of bits.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router AES: Stands for Advanced Encryption Standards, you can use 128, 192 or 256 bits as encryption method. Diffie-Hellman Group: A public-key cryptography protocol that allows two parties to establish a shared secret over an unsecured communication channel (i.e. over the Internet). There are three modes, MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for Modular Exponentiation Groups. Local ID: Type: Specify local ID type.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a IPSec LAN-to-LAN VPN Connection Table 3: Network Configuration and Security Plan Branch Office Head Office Local Network ID 192.168.0.0/24 192.168.1.0/24 Local Router IP 69.1.121.30 69.1.121.3 Remote Network ID 192.168.1.0/24 192.168.0.0/24 Remote Router IP 69.1.121.3 69.1.121.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring IPSec VPN in the Head Office 1 2 3 4 5 Item 1 2 3 4 5 Function Connection Name Subnet IP Address Netmask Secure Gateway Address (or Hostname) Subnet IP Address Netmask ESP Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration Description IPSec_HeadOffice 192.168.1.0 255.255.255.0 69.121.1.30 192.168.0.0 255.255.255.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring IPSec VPN in the Branch Office 1 2 3 4 5 Item 1 2 3 4 5 Function Connection Name Subnet IP Address Netmask Secure Gateway Address (or Hostname) Subnet IP Address Netmask ESP Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration Description IPSec_Branch Given a name of IPSec connection Office Check Subnet radio button 192.168.0.0 Branch office network 255.255.255.
VoIP/(802.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuring IPSec VPN in the Office 1 2 3 4 5 Item 1 2 3 4 5 Function Connection Name Subnet IP Address Netmask Secure Gateway Address (or Hostname) Single Address IP Address ESP Authentication Encryption Prefer Forward Security Pre-shared Key Chapter 4: Configuration Description IPSec 192.168.1.0 255.255.255.0 69.121.1.30 69.121.1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router L2TP (Layer Two Tunneling Protocol) Two types of L2TP VPN are supported - Remote Access and LAN-to-LAN (please refer below for more information.). Click Create to create a new VPN connection account. After you have created a L2TP connection, the status will be displayed. (See example above). Enable / Disable: This function activates or deactivates the L2TP connection. Check the Enable or Disable radio button as required and click Apply.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router L2TP Connection - Remote Access L2TP VPN Connection Connection Name: User-defined name for the connection (e.g. “connection to office”). Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g. your office server), check Dial In operates as a VPN server. When configuring your router as a Client, enter the remote Server IP Address (or Hostname) you wish to connection to.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Active as default route: When used by the Dial-out connection all packets will route through the VPN tunnel to the Internet. Thus, activating this function may degrade the Internet performance. Click Apply after changing settings. L2TP over IPSec (L2TP/IPSec) VPN Connection IPSec: Enable for enhancing your L2TP VPN security. Authentication: Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a L2TP VPN - Remote Access Dial-in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head office, connected to several PCs and Servers.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a L2TP VPN - Remote Access Dial-in Connection (ctd) Configuring L2TP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Ensure this IP is not used in the Office LAN. 1 2 3 4 5 6 Item Function Description VPN_L2TP Given a name of L2TP connection Check Dial in 192.168.1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a Remote Access L2TP VPN Dial-out Connection A company’s office establishes a L2TP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring a Remote Access L2TP VPN Dial-out Connection (ctd) Configuring the L2TP VPN in the Office 1 2 3 4 5 6 Item 1 4 Function Connection Name VPN_L2TP Dial out Server IP Address (or 69.121.1.33 Hostname) Username username Password 123456 Auth.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring your Router to Dial-in to the Server Currently, Microsoft Windows operation system does not support L2TP incoming service. Additional software may be required to set up your L2TP incoming service. L2TP Connection - LAN to LAN L2TP VPN Connection Connection Name: User-define description of the connection. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PPP Authentication Type: Default is Auto if you want the router to determine the authentication type to use, or else manually specify CHAP (Challenge Handshake Authentication Protocol) or PAP (Password Authentication Protocol) if you know which type the server is using (when acting as a client), or else the authentication type you want clients connecting to you to use (when acting as a server).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring L2TP LAN-to-LAN VPN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch office accordingly. Both office LAN networks MUST in different subnet with LAN to LAN application. Functions of Pre-shared Key, VPN Connection Type and Security Algorithm MUST BE identically set up on both sides.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring L2TP LAN-to-LAN VPN Connection (ctd) Configuring L2TP VPN in the Head Office The IP address 192.168.1.200 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. 1 2 3 4 5 6 7 Item Function Description HeadOffice Given a name of L2TP connection Check Dial in 192.168.1.200 IP address assigned to branch office network 192.168.0.0 255.255.255.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Configuring L2TP LAN-to-LAN VPN Connection Configuring L2TP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router. 1 2 3 4 5 6 7 Item Function Description BranchOffice Given a name of L2TP connection Check Dial out 69.121.1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router VoIP - Voice over Internet Protocol VoIP enables telephone calls through existing Internet connection instead of going through the PSTN (Public Switched Telephone Network). It is cost-effective, especially for a long distance telephone charges, and can provide toll-quality voice calls over the Internet. After completing VoIP configuration, remember to apply the changes, SAVE CONFIG and Sync or Restart to activate your VoIP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Wizard This section provides an easy setup for your VoIP service. Phone Port 1 and 2 can be registered to the same or different SIP Service Providers. Voice QoS DSCP Marking: Differentiated Services Code Point (DSCP), it is the first 6 bits in the ToS byte. DSCP Marking allows users to assign specific application traffic to be executed in priority by the next Router based on the DSCP value.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Setting for Phone Port 2 Click the checkbox for Same as Phone Port 1 to set Phone Port 2 be identical to Phone Port 1. Please refer to descriptions in “Setting for Phone Port 1” above. Click on Apply and you will be taken to the General Settings screen (see below). User-defined Profiles This function may be used to set up the details for your VoIP services as a named profile, including the provider details and the individual account details.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Expire: Expire time for the registration message sending. Default is 3600 seconds. Your VoIP provider may advise an alternate time period. User Domain/Realm: Set the domain name for the VoIP SIP proxy server if required by your provider. This is often the same as the registrar address, and may be left blank if this is the case. Outbound Proxy Address: Indicate the VoIP SIP outbound proxy server IP address.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router General Settings This section contains the basic settings for the VoIP service from the provider selected in the Wizard section. Settings may be altered here if required. Failure to provide correct information will halt making calls out to the Internet. SIP Device Parameters SIP: To use SIP as VoIP call signalling protocol.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Voice QoS,: Differentiated Services Code Point (DSCP) is the first 6 bits in the ToS byte. DSCP Marking allows users to assign specific application traffic to be executed in priority by the next Router based on the DSCP value. See Table 4. The DSCP Mapping Table. Note: To be effective, the router(s) in the backbones network have the capability in executing and checking the DSCP through out the QoS network.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced – Parameters VoIP through IP Interface: Select where to send/receive the voip traffic, either ipwan or iplan. If the location of the SIP server is in the Internet then select ipwan. (Default) If the VoIP SIP server is on the local Network then select iplan. Voice Frame Size: Frame size is available from 10mSec to 60mSec. Frame size means how many milliseconds the Voice packets will be queued and sent out.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced – PSTN Environment Adjustment PSTN Environment Adjustment options will help you to adjust the onhook and offhook voltage detection values for your environment. You should use these if the default values are incorrect and result in PSTN calls not being detected properly, e.g. calls being terminated within 5 seconds of being answered. The actual levels are determined by your environment including the number and type of telephones used.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Phone Port This section displays status and allows you to edit the account information of your Phones. Click Edit to update your phone information. Login Account Configuration This information will be the same as that entered in the VoIP Wizard, User Defined Profiles and General Settings pages. See these sections for more detail of the various fields. Phone Number: This parameter holds the registration ID of the user within the VoIP SIP registrar.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Codec Preference Codec is short for Coder-Decoder used for data signal conversion. The order of preference for Codec usage is set here Note that some VSPs require that certain Codecs are available for use eg G.729 G.729: Used to encode and decode voice information into a single packet which reduces the bandwidth consumption. G.711µ-LAW: A basic non-compressed encoder and decoder technique.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router PSTN Dial Plan (Router with LINE port only) This section enables you to configure “VoIP with PSTN switching” on your system. You can define a range of dial plans to make regular calls from the phone attached to the Router to be switched to the PSTN line. Emergency Service numbers such as 000 should be dialed via the PSTN to provide location information. Other location sensitive numbers include 13 and 18 numbers.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Attention Phone Port 1 and 2 will automatically switch to the PSTN line when: - The Router is Powered Down - The Internet Service Fails, i.e., lost of WAN IP Address - SIP option is disabled. See VoIP General Setting section. - Calls match with rule(s) defined in the PSTN or VoIP Dial Plan. - SIP service is not accessible: User manually disables Registration. User inserts a wrong authentication Username or Password.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router 3) Dial at Timeout If you only dial 01223 7070 and no more numbers, after the timeout activates, 012237070 will be dialed to make a regular call via FXO (PSTN) port. Even though 7070 (only 4 digits) does not match with number of digits 6 defined in the field, 7070 is still a valid phone number since it does not exceed 6 digits.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router VoIP Dial Plan This section describes how to set up dialing rules for each Phone Port. Dialling rules may be used for a range of range of functions including: - to route calls to specific VSP accounts depending on the type of call (local, interstate, overseas, mobile) - to automatically add Area Codes for local calls Parameters - Special Digit Sequences A list of special dialling features are predefined and may be enabled by selecting the checkboxes.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Phone Number + # Immediate Call Out: If enabled, you can dial out a phone number without waiting for the post dialing timeout by dialing # after the required number. The default VSP account for the Phone Port will be used ie other Dial Plan rules will not apply. This feature is disabled by default. Test: Launches a screen which may be used to test the dial plan rules. Click Apply to apply the settings.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Main Digit Sequence This field specifies the main number pattern to be matched after the Prefix operations. Characters which may be used are: x: Any numeric number between 0 and 9. . ( period ): Repeat numeric number(s) between 0 and 9. * (asterisk sign): The character ‘*’ on phone key pad. Please check if it is supported by your VoIP Service Provider or Local Telephone Service Provider for special service(s). # (pound sign): The character ‘#’ on phone key pad.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Special Dial Plan Examples: *xx*x. *xx **xx*x. #xx. ##xx*x. Description Starting with ‘* sign’ + any two digit numbers + any number (0-9) in variable length. Maximum length is 16. Note the period required. Dialled after timeout. Starting with ‘* sign’ + any 2 digit numbers between 0 and 9. Total length including the * is 3. Note: No period is needed (.) Dialled after second digit.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router 2) For International calls I want to use longdischeap.com that charges $0.05 per minute for all long distance calls. I set up a dial rule 0[2456]x.T<@LongdisCheap> Longischeap.com is one of the VoIP providers I have set up in the User-Defined Profile. No prefix is attached to the dialed number when I dial the digit 0 plus any following number 2 or 4 or 5 or 6, plus the rest of the phone number for a long distance call.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Call Features This section allows users to set up call handling features including Call Forwarding, Call Waiting and Anonymous Call. These settings are applied independently to each Phone Port. Call Forwarding All Calls: If selected by clicking on the checkbox, all calls will be forwarded to the specified number. Busy Calls: If selected by clicking on the checkbox, calls will be forwarded to the specified number if the Phone Port is in use.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Ring & Tone This section allows advanced users to change the existing parameters for the various ring tones (dial tone, busy tone, answer tone etc.) Country Specific Ring & Tone Region: Select a country ring-tone, from the drop-down list, to suit where you are located. This VoIP router provides default parameter of ring tones according to different countries. The ring-tone parameters are automatically displayed after entering a specific country.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Special Dial Codes The following table lists the special dial codes that are built-in to the system: Option Flash-hook Description Switch to PSTN line Note: A quick press of the hook. On some phones a button is (Router with LINE port provided which provides Flash-hook functionality. The button is only) marked "FLASH" or "RECALL".
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router QoS - Quality of Service QoS function helps you to control your network traffic for each application from LAN (Ethernet and/or Wireless) to WAN (Internet). It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream. Here are the items within the QoS section: Prioritization and Outbound / Inbound IP Throttling (bandwidth management).
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Source IP Address Range: The source IP address or range of packets to be monitored. Destination IP address Range: The destination IP address or range of packets to be monitored. DSCP Marking: Differentiated Services Code Point (DSCP), is the first 6 bits in the ToS byte. DSCP Marking allows users to assign specific application traffic to be executed in priority by the next Router based on the DSCP value. See Table 4.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Outbound IP Throttling (LAN to WAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps. Click Clear You can click Clear to delete the existing Application. Application: User-define description to identify this new policy/application. Time Schedule: Scheduling your prioritization policy. Refer to Time Schedule for more information.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Inbound IP Throttling (WAN to LAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps. Click Clear You can click Clear to delete the existing Application. Application: User-define description to identify this new policy/application. Time Schedule: Scheduling your prioritization policy. Refer to Time Schedule for more information.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: QoS for your Network Connection Diagram VoIP Normal PCs Restricted PC Information and Settings Upstream: 928 kbps Downstream: 8 Mbps VoIP User Normal Users Restricted User : 192.168.1.1 ( Note: This is a VoIP device external to the Router) : 192.168.1.2 ~ 192.168.1.5 : 192.168.1.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Mission-critical application Mostly the VPN connection is mission-critical application for doing data exchange between head and branch office. The mission-critical application must be sent out smoothly without any dropping. Set priority as high level for preventing any other applications to saturate the bandwidth. Voice application Voice is latency-sensitive application.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth; even when the applications are located in the same priority level.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Virtual Server (also known as Port Forwarding) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”. Servers follow the well-known port assignments so clients can locate them.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Add Virtual Server Because NAT can act as a “natural” Internet firewall, your router protects your network from being accessed by outside users when using NAT, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network. When your router needs to allow outside users to access internal servers, e.g.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: Remotely Access Router GUI If you wish to remotely access your Router through the Web/HTTP at all times, you would need to enable port number 80 (Web/HTTP) and map to Router’s IP Address (192.168.1.254). Then all incoming HTTP requests from you (WAN side) will be forwarded to the Router IP address of 192.168.1.254. Port number 80 has already been predefined, so you can set this up simply by clicking on Helper.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Edit DMZ Host The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host, when a packet received does not use a port number used by any other Virtual Server entries. Caution: This Local computer exposed to the Internet may face a variety of security risks. Disabled: Disables the DMZ function. Default.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Edit One-to-One NAT (Network Address Translation) One-to-One NAT maps a specific private/local IP address to a global/public IP address. If you have multiple public/WAN IP addresses from your ISP, you are able to use the One-to-One NAT facility to utilize these IP addresses. NAT Type: Select desired NAT type. By default, the One-to-One NAT function is disabled. Global IP Address: Subnet: The subnet of the public/WAN IP address given by your ISP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Time Schedule: User-defined time period to enable your virtual server. You may specify a time schedule or Always on for the usage of this Virtual Server Entry. For setup and detail, refer to Time Schedule section Application: Users-defined description to identify this entry or click predefined rules. to select existing : Some 20 predefined rules are available.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Example: List of some well-known and registered port numbers. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols. Port numbers range from 0 to 65535, but ports numbers 0 to 1023 are reserved for privileged services and are designated as “well-known ports” (Please refer to Table 5). The registered ports are numbered from 1024 through 49151.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time profile, you may schedule specific day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Configuration of Time Schedule Edit a Time Slot 1. Choose any Time Slot (ID 1 to ID 16) to edit, click Edit. Click Edit Note: The days you have selected will be presented as a capital letter. Lower case letters show the days that are not selected, and no rule will apply on these days. 2. A detailed setting of this Time Slot will be shown. ID: This is the index of the time slot. Name: A user-define description to identify this time portfolio.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff. Items within the Advanced section include: Static Route, Dynamic DNS, Check Email, Device Management, IGMP and VLAN Bridge.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via your Internet connection, so that anyone wishing to connect to you may use your domain name, rather than having to use your dynamic IP address, which changes from time to time.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Check Email This function allows you to have the router check your POP3 mailbox for new Email messages. The Mail LED on your router will light when it detects new messages waiting for download. You may also view the status of this function using the Status – Email Checking section of the web interface, which also provides details on the number of new messages waiting. See the Status section of this manual for more information.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Embedded Web Server ( 2 Management IP Accounts) HTTP Port: This is the port number the router’s embedded web server (for web-based configuration) will use. The default value is the standard HTTP port, 80.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router 192.168.1.55 to logon to the Web GUI by typing: http://192.168.1.254:100 in their web browser. After 100 seconds, the device will automatically logout User A. Universal Plug and Play (UPnP) UPnP offers peer-to-peer network connectivity for PCs and other network devices, along with control and data transfer between devices.
VoIP/(802.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router IGMP IGMP, known as Internet Group Management Protocol, is used to management hosts from multicast group. IGMP Forwarding: Accepting multicast packet. Default is set to Enable. IGMP Snooping: Allowing switched Ethernet to check and make correct forwarding decisions. Default is set to Disable. VLAN Bridge This section allows you to create a VLAN group and specify the members. Edit: Edit your member ports in selected VLAN group.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Ethernet: P1 (Port 1) Ethernet1: P2, P3 and P4 (Port 2, 3, 4) Please uncheck P2, P3, P4 from Ethernet VLAN Port first. Note: You should setup each VLAN group with caution. Each Bridge Interface is arranged in this order.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Spaces next to VPI and VCI, enter 0 and 33 respectively. Select appropriate ATM Class, Encapsulation Method, Acceptable Frame Type, Filter Type and PVID for Untagged Frames. VPI and VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Encapsulation method: Select the encapsulation format, this is provided by your ISP.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Step 3: Setup VLAN Service Go to Configuration Advanced VLAN Bridge DefaultVlan lists all member ports. It is necessary to group specific member ports for each VLAN. From the example, two VLAN groups are requested: Data and Video. To create another VLAN group for Video by clicking Create VLAN. Given a name and ID (PVID) to identify the Video group and the valid value range for PVID is 1 ~ 4094.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Mapping the VLAN Bridge with Bridge Interface created in Step1, you will see the relationship between the two screenshots. Step 4: IGMP Snooping Enable Go to Configuration Advanced IGMP. IGMP Snooping must be enabled in order to allow video stream forwarding correctly.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Chapter 5: Troubleshooting If the router is not functioning properly, first check this chapter for simple troubleshooting before contacting your service provider or Billion support. Problems starting up the router Problem Corrective Action None of the LEDs are on when you turn on the router. Check the connection between the power adapter and the router. If the error persists, you may have a hardware problem. In this case you should contact technical support.
VoIP/(802.11g) ADSL2+ (VPN) Firewall Router APPENDIX A: Product Support and Contact Information Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve the problem with the Troubleshooting chapter, please contact the dealer where you purchased this product. You may also get assistance from Internet forums such as: http://www.billion.com.au/forum Contact Billion Worldwide http://www.billion.com/ Australia http://www.billion.com.
