Table of Content Table of Content.........................................................................................1 Introduction................................................................................................2 Product Specifications ........................................................................2 Benefits and Key Features .................................................................3 Physical Parts and Panel of the Powerful Server ...............................
Introduction Thank you for purchasing our innovative all-in-one solution---Powerful Server appliance for your networking needs. The SA integrates server services such as a Network Address Translator (NAT), Virtual Private Network (VPN), SPI firewall, and networked storage into one easy to manage device. The Powerful Server appliance allows a group of trusted computers and networks to connect quickly and safely.
Services n n n n n DHCP Client/Server Proxy DNS RIP DDNS Client FTP Server Network n n Programmable Static Route Network Protocols Supported: PPPoE, TCP, UDP, ICMP, ARP PPP Authentication n PAP, CHAP, MS CHAPv2 Real Time Clock RAID Support n Supports RAID 0, 1 File Sharing n Supports CIFS,SMB, AppleTalk(AFP), NFS User Management n Local User Account Management Power Management n Support Mechanical Off/Soft Off/Sleeping/Working System States Other Features n n n n Personal Web Server USB Print
functionality, any sub-network can be grouped as though they are in the same network. Firewall The Powerful Server appliance provides a powerful firewall capable of preventing hackers from attacking the gateway or internal network. Many famous DoS attacks can be detected and prevented. Whenever an attack is detected, the system will alert the network manager that an attack has occurred. The network manager can then inspect the log information to find the IP address that sent the packets.
Network Attached Storage Network-attached storage (NAS) is the concept of shared storage on a network. NAS transfers data using industry standard file sharing protocols such as CIFS, AFP, NFS and FTP. Files can be shared simultaneously by clients regardless of the operating system they are using or the network server they are attached to. This solution provides convenient common storage resources. Dynamic DNS Dynamic DNS allows anyone wishing to reach your host by the name only.
server allows you full control over who can login to the Powerful Server appliance, which files the user can access or they could upload data. Power Management We divide the power management function into three parts. These are Power Down and Hard Disk Standby. We’ll describe each part in detail below. - Power Down We turn the power down in several ways: n n n Power Down by Web Please select System Management -> Administrator Settings.
Figure 1.2 Physical Parts and Panel of the Powerful Server n n n n n n n n One WAN port: 10/100 Mbps WAN port MDI/MDIX switch Four LAN ports: 10/100 Mbps Four USB 2.
WAN Port The WAN port is used to connect to an ADSL/Cable modem for linking to the Internet. WAN MDI/MDIX Switch The WAN MDI/MDIX switch is used to adjust the cable connection of the WAN port. If the port is connected to hub, you should move the switch to the “hub” side; if the port is connected to PC like machine, you should move the switch to the “PC” side. As for the four LAN ports, there is no need to add additional switches for each cable connection.
Description of LEDs Description of Status LEDs Power HD Indicator Access Indicator WAN/LAN Link/Activity WAN/LAN 10/100 Mbps Meaning On Power On Off Power Off On HD Abnormal Off HD Normal Flash HD is reading/writing data On Link up Off Link down Flash The interface is transmitting/receiving packets On The network link is 100 Mbps Off The network link is 10 Mbps No LED on Current transfer rate is < 10KB/s 1 LED on Throughput Current transfer rate is > 10KB/s 2 LEDs on Current transfer
Quick Installation This chapter will give you brief instructions on how to install the product. In section 2.1, we will configure the hardware part of SA step by step. In section 2.2, we will check whether the IP address of your PC is assigned by DHCP. Once we complete the installation of the SA hardware and checked your PC settings, we will use the web-based management to configure the SA to suit your network environment. In section 2.3, and 2.4, we will review all the software settings.
Check Your PC First Please check the following settings on your PC: Do not assign an IP address to your PC. 1. Please select sequentially: In Start menu -> Settings -> Control panel -> Network connections -> Local Area Connection. Then a 2. 3. 4. “Local Area Connection Status” window shows up. (Figure 2.2a) Click the Properties button in Local Area Connection Status. Then the “Local Area Connection Properties” window shows up. (Figure 2.
Figure 2.2b ` Figure 2.
Connect to the Web-Based Manager Please follow the steps to connect to the web-based manager: 1. Open a browser on the PC that is DIRECTLY connected to the SA. Type “http://172.16.1.1” in address field. And then press Enter key. 2. An authentication window shows up to prompt you to type the username and the password. 3. Leave the username blank and type “admin” as a password. (Figure 2.3a.) Then press OK button. The default web page will appear like Figure 2.3b. 4. Figure 2.
Figure 2.
Web-Based Manager – Basic Settings Start to configure your network environment by clicking the Basic Settings in left menu. The Basic Settings page is shown as Figure 2.4a. Figure 2.4a The Basic Settings page contains Network Policy, Internal Network Interface, Domain Name Server, and External Network Interface. We describe these settings below in detail. You must click the apply button after you finish inputting the settings. You will see a rebooting window as Figure 2.4b.
Figure 2.4b •Internal Network Interface The default settings are: n Host Name: “SA” n Private IP: “172.16.1.1” n Private IP Netmask: “255.255.0.0” According to the default settings, we will assign the LAN to network “172.16.1.x” You can add more detailed configurations later in section 4.1 DHCP Server settings. For the Network Address Translation (NAT) application, the private network address should be set in the following address range reserved by the Internet Assigned Numbers Authority (IANA).
•External Network Interface External network interface includes ADSL/PPPoE , DHCP Client and Fixed IP Address settings. Make sure that the system information webpage shows that your Link status is ‘Link Up’. If not, please check your connection and/or switch the MDX switch located next to your WAN port. We have to choose one of the three ways to configure the external network interface. They are illustrated as follows: Example 1: If you are connecting through a fixed IP address from the ISP.
3. Enter the External Gateway. 4. Enter the External Netmask. 5. Click the apply button. •Example 2: DHCP Client / Cable Modem If you have a dynamic IP address from your ISP to access the Internet, please select the DHCP Client radio button. Once the external IP address is obtained via the DHCP protocol, there is no need to give an external IP address, external gateway address or netmask. The DHCP server will dynamically assign these fields.
•Example 3: ADSL Connection Most ADSL connections do not give you a fixed IP address. In this case, you must enter the user name and password provided by your ISP for authentication. Please follow the steps below. 1. Please select the ADSL/PPPoE radio button. 2. In ADSL/PPPoE Setting: Enter the User Name and Password. 3. Click the apply button to save your settings.
•Example 4: ADSL/PPTP Client Setting If your ISP provides a PPTP server, you could set up the PPTP client here. Please follow the steps: 1. Select ADSL/PPTP radio button. 2. Enter the user name. (You get this from your ISP) 3. Enter the password. (You get this from your ISP) 4. Enter the IP address of your host in My IP Address. 5. Enter the IP address of the server in Server IP Address. In the following chapters, we will cover more details of configuring the SA.
Configuration Hierarchy This chapter gives you an overview of all the configuration options available. The Powerful Server appliance is a multifunction product. The section3.1 explains the corresponding settings for each function. And in section3.2, we describe the power management in detail. There are eight main categories in configuration menu, Basic settings, Network settings, Firewall settings, VPN settings, System management, System reports, User management and NAS management.
Overview of Configuration Menu Figure 3.
Network Settings When you select Network Settings in the left menu of the web page, five configuration options appear: DHCP Server, IP Alias, Multiple NAT, Route Settings and DDNS. Please refer to the corresponding section for these configurations. •DHCP Server In DHCP Server settings, we assign the rage of the virtual IP addresses for the four LAN ports of SA. All devices connect to the LAN ports of SA will be dynamically assigned the IP addresses within the range.
as these IPs will not be handed out by the SA. If they have more devices or want a different IP range, then all they need to do is modify the range that the SA hands out so it does not hand out an IP in that range. Typical offices set their DHCP server to assign IPs from 30 through 200. IPs 1 through 29 are usually assigned to servers and 201 and above are reserved for special uses. You can either enable the DHCP server or disable it in this screen also.
n Or you do not have DHCP server on your network, but you would like to assign a static IP address to each device connected to the LAN port of SA. 1. Select Disable radio button. 2. Assign a static IP address to each device connected to the LAN port. For example, you have four PCs, PC1, PC2, PC3 and PC4 connected to the LAN port. You have to assign a UNIQUE static IP address i.e. “192.168.0.34”, “192.168.0.25”, “192.168.0.18”, “192.168.0.108” to PC1, PC2, PC3 and PC4 respectively.
For additional IP addresses of the internal network interface to be accepted, enter the other IP address in IP Alias 2 and IP Alias 3. Enter “0” in each field if none. •Multiple NAT If you get several fixed IP addresses from your ISP and the ISP restricts the bandwidth for each fixed IP address, you have to prevent the network packets from always sending on the same IP address and the other IP address to sit idle. Multiple NAT solves this and allows you to increase the bandwidth.
1. Enter the Internal IP range1, e.g. “172.16.1.1/24”. It means the network is “172.16.1.x” 2. Enter the External IP range1, the IP address range you get from your ISP. 3. Enter the Internal IP range2, e.g. “192.168.1.1/24”. It means the network is “192.168.1.x”. 4. Enter the External IP range2, the IP address range you get from your ISP. 5. Or enter “0” in each field for non-setting multiple NAT. 6. Click the apply button.
1. Select Enable radio button in Routing Setup. 2. Enter the network in Destination network column. (e.g. “192.168.6.0/24”) 3. Enter IP address of the gateway in Gateway column. (e.g. “172.16.1.249”) 4. Enter the number in Hop count column. The number means how many gateways you have to pass through. 5. Click the apply button. In the figures, the destination network is “192.168.6.x”. And the packets will be route in or out of the destination network through the gateway “172.16.1.249”.
The Internet uses DNS servers to lookup domain names and translates then into IP addresses. Domain names, such as www.yahoo.com, are just easy to remember aliases for IP addresses. A dynamic DNS service provides a means of updating your IP address so that you listing will be current when your IP address changes. There are several services on the Internet that are available for free. We will only cover one, www.dyndns.org.
6. Click the apply button. Every time your public IP changes, the SA will tell the DDNS server what your new IP address is. Other users, through the magic of DDNS, will be sent to the right place. Firewall Settings When you select the Firewall Settings item in left menu of the web page, four configuration items appear including: Virtual Server settings, URL Filter, IP Filter setup and Denial of Service. Please refer the corresponding section for each of these items.
The virtual server service is a way to simulate multiple servers on the intranet. You have several IP addresses within your LAN. These IPs are not visible to the users from the Internet. When servers are installed in the office that need to be seen from the Internet, we establish some forwarding rules to deal with the packet from the Internet users and direct the SA to forward the specific packets to the specific IP address. Users from the Internet could be allowed to access the specific server on your LAN.
•URL Filter Setup The URL Filter function is used to restrict internal hosts from accessing specific URL locations. You deny any access to the URL location specified in the Site1, Site2 …Site10 fields. Please follow the steps: 1. Select Enable radio button in URL Filter. 2. In Site 1, please enter the URL address. 3. Please repeat the step 2 to build more URL addresses not allowed. 4. Click the apply button. If the Site1 is given as www.yahoo.
•IP Filter Setup The IP filter function is similar to URL Filter. It provides further restrictions in access permission. URL Filtering only blocks port number 80 (HTTP). In IP filtering, you can assign a group of IP to be restricted. You can block four individual ports or a range of ports in the same time. So the specific group of intranet hosts cannot connect to these ports. Please follow the steps: 1. Select Enable radio button in IP Filter. 2. Enter the IP address range in the format “x. x. x. x / x”(e.
•Denial of Service It is highly recommended that the DoS Protection feature be enabled to prevent attacks on the network. However, if you allow someone to manage the router from outside or are running a web server, e-mail server, or FTP server, you should either disable Detect SYN Flood Attack or increase the TCP flow. Otherwise, the configuration web pages will not be sent smoothly.
VPN Settings VPNs (Virtual Private Networking) provide secure communication between two separate networks without using a dedicated leased line. In order to achieve this functionality, a secure tunnel must be built between the two sites for secure communication over the Internet. The SA supports the most popular protocol - PPTP. PPTP (Point-to-Point Tunneling Protocol), described in RFC 2637 is a PPP-specific protocol proposed by Microsoft. The SA implements a PPTP server.
Figure 6.
System Management When you select the System Management item in the left menu, five configuration items appear including; Administrator Settings, Event Report Settings, Firmware Update, Time Settings and SNMP. Please refer the corresponding section for these configuration details. •Administrator Settings In Administrator settings you will find the basic administrator functions. The settings are easily modified and managed by the administrator.
1. New Password: the administrator could change the administrator password here. Please enter the new password you would like to change to. Note that you must fill the new password in both Password change and Password confirmation fields. If both fields are not the same, the page will not be submitted. 2. Confirm New Password: please enter the new password again. 3. External Admin.: This feature allows administrators to access the web based configuration menu from the Internet.
•Event Report Settings Send alerts to an e-mail account. The mail server should allow e-mails from the same network. E-mail address to send the alerts to. •Firmware Update Updates and functionality can be added via this function. Please check the web for the latest firmware if you are having any issues. In general, no update should be needed unless it is recommended by technical support. Note: Do not do a firmware update over a wireless connection or power the unit down during a firmware update.
The update percentage will update the status. Click Restart when the upload is complete. Though it is not generally necessary, You should restore factory default to make sure that new features and settings are implemented. Note: You must re-initialize the hard drive if you do this.
•Time Settings The NAS’s built-in clock should be adjusted to the current local time. This will insure accurate time reporting in the logs and file records. Select your GMT time zone and then enter the date and time. Click on Apply to make the changes. You can find your GMT time zone by double clicking on the clock located on the bottom right corner of your desktop.
•SNMP The SNMP agent allows users with SNMP client applications to conveniently inspect the network status of SA. Please follow the steps below to setup the SNMP agent. 1. Select the Enable radio button in the SNMP Agent field. 2. Enter the Community Name. Note that the agent side and the client side must use the same community name. 3. Enter the contact information in System Contact field. For example, the phone number or the email account of the administrator. 4.
System Reports When you select System Reports in the left menu of the web page, four configuration items appear including; System Information, System Log, URL Log, and DHCP Lease Report. Please refer to the corresponding section for these configuration items.
•System information 44
The System Information displays some useful information about the system. It shows the firmware version, the system up time and the internal and external network connections. On SA, We have one WAN port and four LAN ports. The WAN port belongs to the external network interface and the LAN port belongs to the internal network interface. They are described as below: n Firmware Version: 2.00 n The system up time n IP Address: the IP address is shown as your current setting. In Chapter 2, section 2.
•System Log Use the information provided here to help diagnose any network related issues. Navigate through the history with these buttons. You can clear the event logs under the Administrator settings page. •URL Log The URL Log function records the recent connections for each client. If you would like to view what the user is browsing, you can click the corresponding Destination URL in the rightmost column.
•DHCP Lease Report The DHCP Lease Report function reports all leased IP provided by DHCP server. From this page, you can find out which host was assigned to which IP address. You can clear all the records through administrator settings. Please refer to the section 7.1, Clear DHCP Lease.
User Management The NAS provides a client/server environment for users to share files over the network. File sharing works by authorizing the users or groups to access shared folders by their username and password. When creating a new shared folder, user and groups from the current list must be assigned. When a user/group tries to access the folder, the system will check the list of valid users for the shared folder.
required. Click Apply when completed. Highlight a user name and click on Remove or Modify to delete or change user information. •Groups After creating the users, you can categorize the users into different groups to make assignment easier. Click on Add to create a new group name. Enter the group name Highlight the user(s) on the right side and click on the ß button to assign the user(s) to the group. Highlight multiple users by holding down the Shift key or Ctrl key while selecting users.
NAS Management Manage the main functions of the shared storage from this menu. •RAID Initialization Wizard The first time you use the NAS, you may have to initialize the hard disk. The wizard provides an easy way to initialize the hard disk.
By enabling SMART, the NAS will report when the hard drive is about to fail. Your hard drive must support this feature. The HD Power Management should be enabled to prolong the life of the hard drive. When there is no activity for the set time period, the hard drive will power down to conserve power, save wear and tear, and prevent the unit from building up unnecessary heat. When a user wants to access the storage, the NAS will automatically wake up.
You must assign at least one user to this share folder. (1) Highlight the user on the list to the right. (2) Select the permission you want them to have: Read/Write or Read Only. (3) Click on the ß button to move the user over to the Allowing User List. If you choose Single configuration, you also have to decide which volume you will put your share folder in. 1 3 2 Highlight users on the left list and select the à button to remove them from the share or change their permissions. Click Next to continue.
Hard Disk Status When Powerful Server appliance cannot detect hard drive (Status of Disk 1 as illustrated in Figure 3.8a) or detect an error in S.M.A.R.T. (Status of Disk 2 also illustrated in Figure 3.8a), you will see “Not Active” shown in Status field column. If all hard disks in “Not Active” mode, RAID and HD configuration will not be activated. Figure 3.8a As long as any of the hard disks is “Not Active” or in initialization process, user won’t be able to execute RAID and HD initialization.
Then only Single configuration operable, RAID configuration unavailable as illustrated in Figure 3.8d. Figure 3.8d Disk size will be shown in Size field column of Hard Disk(s) Availability as illustrated in Figure 3.8e Figure 3.8e RAID 1 (Mirror) After initializing to RAID 1 (Mirror), you should see a screen similar to Figure 3.8f where total size is the same as the original hard disk size.
When a new HD is installed to replace a broken one in RAID 1 (Mirror), the Powerful Server appliance will set in Degraded mode. You can see Recall button in the Status field column of Volume status and see only HDD-A (Figure 3.8g). Press Recall to add HDD-B in RAID 1. The warning message will appear after pushing the button (Figure 3.8h). Press ok to continue the addition. Please note that the action will re-partition and re-format new HD and all data inside will be lost. Figure 3.8g Figure 3.
When any HD is removed or broken and cannot be operated in RAID 1, you will see "Not Active" shown in Status field. The system will set in Degraded mode and Recall cannot be run (Figure 3.8j). Figure 3,8j RAID 0 (Stripe) After initializing to RAID 0 (Stripe), as shown in Figure 3.8k, you can see that total size is the sum of two hard disks. Please be reminded that the total size of RAID 0 would always be the sum of Disk 1 and Disk 2. Figure 3.
Single After being initialized to Single, you will see 2 hard disks activated in Volume Status in Powerful Server appliance (Figure 3.8m). When choosing single configuration, Powerful Server appliance will format all hard disks and make them respective ones. For initializing only one hard disk, please refer to the following instructions. Figure 3.8m If Powerful Server appliance detects a new hard disk that is not mounted, the Initialize button will appear in the Status field column (Figure 3.8n).
•USB HD Information Each of formatted partitions (FAT32, EXT2 and EXT3) on the attached USB storage drive will be shown in the USB HD information page. The naming rule for “Mounting path” is based on the connecting port. For example, if the USB hard drive was attached on port A and here are three formatted primary partitions on the disk, the SA will create "USBHDA1" and "USBHDA2" mounting path to represent each partition space.
•Erase CD/DVD Before you erase CD/DVD-RW disc, the current media information will be shown as the picture on the right side. The most important thing is you can know how much data have been stored in this disc. When you press the “Apply” button on the “Current Media Information” page, the warning dialog will be pop-up , it will remind you all data will be destroyed after erasing the disc.
Next, you can select files to backup from the connected USB HD in the Step1 page. All available USB storage be shown in the USB HD List. Highlight the file(s) on the right side and click on the ß button to select the burning file. Select the files on the left side and click the à button to remove file from burning Files list. When complete, press the next to enter next step.
Please wait the progress bar up to 100% and disc will be ejected automatically when the burning complete. •Advanced Settings All the file protocols settings are located here. Disable any protocols not in use by the computers on the network to increase performance. Most users will not need to change any of the settings. Make sure to click on Apply after making any changes. Change the workgroup or NAS description. Workgroup name should be the same for all computers sharing files.
Linux users need to create NFS Mappings in order to connect to the NAS. Enable the Network File System and click on Add to create the mapping. Enter the Remote UID, IP, netmask and the local mapping user. Once complete, mount the share on the Linux machine.
•File Sharing For file sharing, you must create users and groups first. Use this to organize the data on the NAS. You can create private and public folders. By managing which users have access to the shares, users can only access information that they are allowed to. This access is the same whether they are accessing the share from the local network or through the Internet via FTP. Click on Add to create a new shared folder.
For USB Storage Sharing As mentioned above, each partition of the attached USB storage will be presented to one shared folder. So, if one USB storage device be plugged into A port and it have 2 partitions. The system create the USBHDA1 and USBHDA2 automatically and assigned the guest have read/write permission by default. FTP Server If you want to access files stored on your NAS from a remote location, the included FTP server is the easiest way.
your NAS’s fixed IP address. Refer to the DDNS and port forwarding/virtual server chapter of your router manual for details. Enable the FTP server on the NAS. You can change the default FTP port in the same configuration screen. This is useful for making you FTP server less visible to users whom you do not want to grant access. Some networks also block the standard port 21 and may require you to change to a different port.
Personal Web Server The Web Server settings are currently under 'Nas Management->Web Server'. Getting started Enable the web server by selecting the ‘Enable’ radio button. It will then create a shared folder called 'www'. Set the server port number to '80' if you want all default HTTP calls to go to your website. When you type in a URL address in a browser, the Internet automatically directs your browser to port 80 at that address. This is the industry standard and should be used 99% of the time.
Accessing the website Users with a static WAN IP address can access the website simply by typing in the IP address on any browser. If you are on the inside of the network, you must use the WAN IP address to access the website, not the internal appliance IP address. If you have a domain name, then you can have the domain name company forward the domain to this static IP address. With a domain name, you do not have to remember the IP address, just the domain name.
should limit the maximum size a mailbox under the quota field and the size of each e-mail in the following field. Default settings are ‘0’ for unlimited. E-mail names After applying the settings, your e-mail accounts are now active. They are based on your user names that are created under user management. For example, if ‘teacher’ is a user on the appliance, and ‘school.com’ is the domain name, the e-mail address for ‘teacher’ is now ‘teacher@school.com’. DDNS e-mail addresses work in a similar manner.
Windows USB Printer Server Standard USB 1.1 and 2.0 printers can easily be shared between Windows users on the network with the built-in USB printer server. Note: Some or all functions of multi-function printers may not work depending on the driver support by the respective printer manufacturers. Please make sure the hard disk has been initialized. (The RAID status is Active) Connect a USB Printer to the USB port on the back of the NAS and turn it on.
the printer the same way as any other networked printer under Windows. •Standard TCP/IP Port for Windows 2K/XP (LPR & Raw mode) The following two pictures demonstrate how to setup the TCP/IP printer port under Windows 2K/XP. As mentioned before, if the printer connected to USB port A position, we will name it as “PortA”. So, when you want to setup LPR protocol, the “Queue name” should be filled with which port you plug in. And LPR Byte Counting Enabled is required.
Appendix A PPTP VPN (W2K and XP only) Important: Make sure that the subnet of your Appliance is different the network you are trying to connect from. For example: User’s office IP addresses are 192.168.1.x, set your Appliance to 192.168.2.1 Netmask 255.255.255.0. Make sure that you have created a user account and password on the Appliance for the users that you want to allow VPN access. Proceed to your appliance’s PPTP Settings under VPN Settings. 1. Enable the Server 2.
6. Name your connection and select if you want to have an icon on your desktop. Click Finish when done. 7. Use the user name and password on your Appliance to log in. You should be able to see the Appliance in your network neighborhood now. You must initiate the VPN connection each time unless you selected otherwise. TIPS: If all you need is file transfer, we suggest using the FTP server feature, as it is faster and simpler.
Searching the Network for the NAS If you are not able to locate the NAS in the Network Neighborhood or My Network Places, you can try to search for it. Click Search under My Network Places. Enter the name of the NAS or the Fixed IP address if configured that way and click Search Now. All other company and/or products names are trademarks and/or registered trademarks of their respective owners. HD Installation Note To install HD, Please follow the step listed below: 1.
