Asante TechnologiesメーカーVR2004の使用説明書/サービス説明書
ページ先へ移動 of 76
FriendlyNET ® VR2004 Series VPN Security Routers User ’ s Manual.
FriendlyNET V PN Security Router 2 Before Y ou Start Thank you for purchasin g the Asant é FriendlyNET VR2004 Series VPN Security R outer. Your rou ter has been des igned to prov ide a lifetime of tr ouble-free op eration.
User’s Manual 3 Quick Start Guide This se ction will g uide you thr ough sett ing up the Asanté FriendlyN ET router with y our Cable/DSL modem. Setting up your router requ ires three ba sic steps: 1. Determine t he TCP/IP settin gs for your com puter and record them in t he table provid ed.
FriendlyNET V PN Security Router 4 4. Once the in formation has been recorded , choose Using DH CP Server from the Conf igure: pul l-down menu. C lose the dia log box and sav e your cha nges. Repeat ste ps 1, 2, and 4 to configur e addition al Macs you w ish to add to the rout er.
User’s Manual 5 4. Once the in formation has been recorded , select Configure: Using DHCP . You w ill receive an IP a ddress aut omatically from your DHCP serve r. The T CP/IP configuration o f your computer is now com plete. Re- peat steps 1 , 2 and 4 to configure ad ditional M acs that y ou wish to add to the rout er.
FriendlyNET V PN Security Router 6 3. Expand th is dialog box by click ing on the Mor e Info >> button. 4. Complete t he informat ion in thi s table: Tip : Next to the DNS Ser vers field, clic k the button to show th e Secondary D NS (if availa ble).
User’s Manual 7 Windows XP 1. From the Start butt on, select Settings/Co ntrol Panel . 2. Click on N etwork and Interne t Connections . 3. Click the Network Connections ic on. 4. Double-cl ick on the network. 5. Under the Sup port tab, clic k on the D etails… button.
FriendlyNET V PN Security Router 8 The T CP/IP configuration o f your computer is now com plete. Re- peat steps 1 – 4 and 7 – 10 to conf igure additi onal PCs on your net- wor k. Red Hat Linux In order to gath er the inform ation necessary to comp lete the table, you w ill need to run th e /sbin/ipconfig co mmand.
User’s Manual 9 3. Configure Your Router From your co mputer , use your browser to conf igure the rout er for your netw ork. 1. Start your w eb browser . T ype http://192.16 8.123.254 i nto your browser’s address or locat ion field and press Enter .
FriendlyNET V PN Security Router 10.
User’s Manual 11 T able of Contents Before You Star t 2 Quick Start G uide 3 Chapter 1. Introducti on 13 Chapter 2. Con figuration 17 Chapter 3. Advan ced Setting s 27 Chapter 4. VPN Con figuration 41 Appendix A. Warranty Statement a nd Friendly Care Sup port 51 Appendix B.
FriendlyNET V PN Security Router 12.
User’s Manual 13 Chapter 1. Introduction Thank you for purchasin g the Friend lyNET VR 2004 Series VPN Se- curity Rou ter. The router prov ides an e asy, afforda ble way to com- municate ov er the Intern et, while ens uring a secure connecti on to another VR2004 (or other compatib le VPN solutio n).
FriendlyNET V PN Security Router 14 • Hacker A ttack Logging : Supports gen eral hacker attack pattern mo nitoring an d logging • High Performance 32-bit RIS C CPU Engine : W ith the most advan ce.
User’s Manual 15 • DMZ (Demilitarized Zo ne) : Allows y ou to place one s erver or workstat ion outsid e the firew all, to allow outs ide parties unrestricted access to the server 1.2 Package Contents Please comp are the item s included in your pa ckage to the list be- low.
FriendlyNET V PN Security Router 16 From left to ri ght, the rear p anel of the r outer contain s the following: Power (5 VDC) plug; Internet (WAN) port; COM port; Reset b utton; and LAN ports 4, 3, 2 and 1. LED Color Descri ption Link/ Activ ity LAN por ts 1 to 4 Green Blinking Off A vali d link h as been es tablis hed on the por t.
User’s Manual 17 Chapter 2. Configuration Power up the r outer first, before pow ering up the a t- tached d evices. Laun ch your w eb browser and type the default IP a ddress (192.168.123.2 54) in the browser’s addr ess box. Press Ent er . The login w indow will appear.
FriendlyNET V PN Security Router 18 • Time Zone Sett ings • Device IP Settin gs • ISP Settings • Additional ISP Set tings • Modem Settin gs • VPN Settings Important ! You must save an d restart the ro uter in the Save & Re- start scr een for your configurat ions to take effect.
User’s Manual 19 Quick St art Guide), and click Next to enter the data. If you use a dynamic IP Ad dress, che ck the Dynami c IP radio but ton and cl ick Next to continu e to Additio nal ISP Settings . 2.1.4 A dditional I SP Settings In this page, you can e nable the ty pe of W AN conne ction you are using.
FriendlyNET V PN Security Router 20 ISPs use the i nformation f or authenticatio n purposes, so y ou must select the check box and enter the requeste d informatio n for your WA N ty p e . Some provider s require the Ethernet addr ess (the M AC address) of the computer that is co nnecting the C able/DSL m odem to au thenti- cate the con nection.
User’s Manual 21 Click N ext to enter the n ew data and to proceed to th e Wir el ess Settings page (VR2004AC model o nly) or to th e Modem Setti ngs page. 2.1.5 Wirel ess Sett ings ( VR2004 A C only) The VR2004AC i s designe d to function as a wireless access point using the de fault setti ngs show n.
FriendlyNET V PN Security Router 22 Encry ption Most interna l LAN traffic do es not require additiona l security meas- ures. If you are transferrin g sensit ive files or ot her material over the wireless LAN, you may ena ble the W EP Secur ity Settings.
User’s Manual 23 2.1.7 VPN Setting s The router can be used a s an ordinary unen crypted co nnection to the Internet, or as a secur e connectio n to another VPN ro uter. To set up a V irtual Private Netw ork (VPN), you must enable the VPN feature, w hich allow s a secure con nection to the I nternet.
FriendlyNET V PN Security Router 24 2.2 Device Information This page di splays t he current settings of the r outer: • Device Name : The host name of th e router • IP Address : T he IP address of .
User’s Manual 25 • VPN Status : View the IPSec Connectio n Status for VPN tunnels • DHCP Status : Click to refresh the DHCP log 2.4 System Tools From th e Main Menu , select the Sy stem T ools bu tton t o displa y the st atus of th e ro uter.
FriendlyNET V PN Security Router 26 • Upgrade Firmware : Allows you to upgrade the rout er to the latest version of firm ware • Reset Device : Restarts the router.
User’s Manual 27 Chapter 3. A dvanced Settings From the main menu, cl ick on the corre sponding b utton to a ccess the Advanced Sett ings screen. Fr om here, you can access the follow ing pages for .
FriendlyNET V PN Security Router 28 IP Address Pool Rang e This pool c ontains the range of IP addres ses that w ill automatica lly be assigne d to the cli ents on y our network. T he default set ting is 192.168.123.2 to 192.168. 123.100. Incre ase the ran ge if you hav e more than 98 comput ers on your network.
User’s Manual 29 Enter the IP addre sses of the network server s and the Serv ice Port Range to al low remote a ccess to th e desired ports. T he Server Port is a TCP or UD P port numb er.
FriendlyNET V PN Security Router 30 3.3 Wireless A ccess Control Settings * This feature sh ould only be used by users with an extensive knowledge of TCP/IP.
User’s Manual 31 To delete a M AC addres s, select the correspondin g checkbo x and click t he Del button. The maximum number of e ntries allow ed in the table is 32. Note : At least on e client must have full acce ss in order to perform administrat ive tasks.
FriendlyNET V PN Security Router 32 To specify that gateway you need t o define a stati c route. • Destinati on IP Address: T he netw ork address of the re- mote network • Subnet Mask: The subnet mask of t he remote n etwork • Gateway IP Address: The IP a ddress to be us ed as a gate- way to the remote netw ork 3.
User’s Manual 33 3.5 Filter Settings Filter Setti ngs give you additio nal control over w hat user s on your local netw ork can see o n the Interne t, or what user s on the I nternet can connec t to on your local netw ork. LAN filters control w hat re- sources on t he Intern et your local users can connect to.
FriendlyNET V PN Security Router 34 Your sele ctions sh ould look like this: • LAN Side Filt er Enabled: Ena bled • Default LAN Sid e Filter: Pass • Filter Entry: Bloc k • Protocol: TCP • IP Address Ra nge: 192.
User’s Manual 35 3.6 A dministrative Settings In this scre en, you ca n set several a dministrativ e options for the router simply by enteri ng a passw ord or checking v arious op tions that are l isted.
FriendlyNET V PN Security Router 36 3.6.2 Remote System Administration You may conf igure your ro uter to allow a user on the Internet to ad- minister it.
User’s Manual 37 ISP sets the limit on packet siz e for PPPoE conne ction, in which case, you w ill have to change the M TU setting. See your ISP for details on packet siz e limits.
FriendlyNET V PN Security Router 38 may enable the Use wi ldcards feature. 3.8 URL Filter Settings This feat ure allows y ou to block ac cess to c ertain websi tes on the Internet. Y ou can specify w ords or letters th at, if they appear in the website na me (the URL) or new sgroup name, w ill cause the site to be blocked by the router .
User’s Manual 39 To enable thi s feature, a ccess the E-m ail Alert screen from the Ad- vanced Setti ngs page an d check t he box Enable E-mail Notifica- tion . Nex t, enter the IP addr ess of the outg oing mail server and the destinat ion e-mail addr ess in t he given fie lds and sele ct the fr e- quency for re ceiving E- mail alerts.
FriendlyNET V PN Security Router 40.
User’s Manual 41 Chapter 4. VPN Configuration If you require more than a n ordinary, u nencrypted connection to t he Internet, the ro uter support s IPSec to al low secure c ommunication s from a netw ork to another network, or from a client t o a network.
FriendlyNET V PN Security Router 42 You w ill require three pi eces of infor mation about e ach LAN that i s taking part i n a VPN connec tion: 1. The remot e Network IP addre ss of the LAN. This w ill usually be the same as the address of the LAN port of t he router, w ith the last segme nt of the addr ess ch anged to ‘0’.
User’s Manual 43 VR2004 ‘A’ (West end) • Connection Name : West-East • Local IPSec Id entifier : W est (A llows you to identify mult i- ple tunne ls and does n ot have to match the name used at the other end o f the tunnel . May be left blank.
FriendlyNET V PN Security Router 44 • Remote IP Net w ork : 192.16 8.123.0 • Remote IP Netmas k : 255.255.255. 0 • Remote Gateway IP : 172.16.0.123 • Network Interf ace : W AN ETHERNET 4.
User’s Manual 45 • Remote IP Net w ork : 192.16 8.123.0 • Remote Netmask : 255.255.255.0 • Remote Gateway IP : 172.16.0.123 • Network Interf ace : The interf ace on the ro uter used to communic ate with the re mote netw ork.
FriendlyNET V PN Security Router 46 The preferred w ay to do this is with auto matic keying using the Internet Key Ex change Protoc ol (IKE). This require s that your ISP or firewall allows traffic for T CP port 500. Chec k with your IS P or network ad ministrator if you are not sure if traffic fo r TCP port 500 is allowed.
User’s Manual 47 4.3.3 Pre-Sha red Key IKE can establ ish a key for the tw o ends of the tun nel to use t o en- crypt the traff ic bound for the other n etwork, but it cannot gua rantee that the router on the other e nd of the tu nnel can be tru sted.
FriendlyNET V PN Security Router 48 The follow ing sectio ns describ e the paramet ers that will need to be entered for a m anually key ed tunnel. 4.4.1 Incoming and Outgoing SPI (Secur ity Parameter Index) The SPI is a 32- bit field th at the router w ill use to id entify the Secure Associatio n.
User’s Manual 49 4.4.5 Authenticatio n Key This string is used a s key authenti cation. Use a n alpha-nu meric value of 16 characters (M D5) or 20 char acters (SHA-1) . Note : The value entered mu st match that u sed by the r emote de- vic e. After configuri ng all the VPN v alues that ar e required, c lick on the Save button.
FriendlyNET V PN Security Router 50.
User’s Manual 51 Appendix A . W arrant y Statement and Friendl yCare Support Subject to th e limitations and exclusions below, Asanté warrants to the origi- nal end user purchaser that the covered products will be free fro m defect s in titl e, materials and manufacturing w orkm anship for a period of two years from the date of purchase.
FriendlyNET V PN Security Router 52 LOSS, D AMAGE TO PRO PERTY AND, TO THE EX TENT P ERMITTED BY LAW , DAM AGE S F OR P ERS ON AL I NJ URY , H OW EVE R CA US ED AND ON ANY T HEORY OF LIABI LITY (INCLUDI NG NEGLIG ENCE).
User’s Manual 53 Appendix B. FCC Statement This equ ipment has be en test ed and found t o comply w ith the limit s for a Class B di gital dev ice, pursuan t to part 15 of the FCC Rules. These limit s are desi gned to p rovide reaso nable prote ction again st harmful interf erence in a residentia l installa tion.
FriendlyNET V PN Security Router 54.
User’s Manual 55 Appendix C. T r oubleshooting Before beginni ng the troubl eshootin g process, please chec k the System Re quirements found in Chapt er 1 have been met. If not, resolve the Sy stem Requ irement defi ciencies before attemp ting to troubleshoot furth er.
FriendlyNET V PN Security Router 56 C.2 Problems Accessing Router If you have problems acc essing the router , please c heck the follow- ing: 1. Can you ping 192.168.123. 254? If so, disable th e proxy in your browser 's setting. 2. If http://192.
User’s Manual 57 C.3 Cabling Problems Network cab les conne ct devices i n an Ethernet n etwork, suc h as computers, p rinters, hubs, rout ers and Cable/DSL modems. The network co nnections prov ided by Ethernet cabli ng allow the devices to share infor mation, and allow a LAN to acce ss the Intern et.
FriendlyNET V PN Security Router 58 2. If the port f unctions corre ctly, make s ure the router is attached to an Uplink Port on the hub o r switch. I f there is an Upl ink button on the hub or sw itch, make sure it is in th e Uplink po si- tion.
User’s Manual 59 A pp endix D. Renew ing Client IP A d dres ses Perform the f ollowing to r enew the IP addr esses of client co mputers after configur ing your VR 2004 Series R outer: D.1 Windows 98/Me Perform the f ollowing st eps to Relea se and Renew the IP Address on each client attache d to the router: 1.
FriendlyNET V PN Security Router 60.
User’s Manual 61 Appendix E. Service Ports The table bel ow list s some of the m ore common T CP and UDP ser- vice ports. Port Servi ce 20 FTP-D ATA 21 FTP 23 Te lnet, I nte rnet BBS 25 SMTP, Se nd .
FriendlyNET V PN Security Router 62.
User’s Manual 63 App endix F . Hardware and Soft ware Comp atibility Protocols Supported TCP/IP, NAT, DHCP, PPP, PPPoE, VPN Network and Cli ent Platforms comp atibility Windows 9 5/98/NT/2000/ W or .
FriendlyNET V PN Security Router 64.
User’s Manual 65 Appendix G. Specifications Connectors: LAN: 4 Fast Ethe rnet (100Bas eTX, 10BaseT ): RJ-45 WAN: 1 Fast Ethernet (10 0BaseTX, 10BaseT): RJ -45 COM: Serial (analog modem or IS DN TA): DB9 WLAN: 11 Mbps (802.
FriendlyNET V PN Security Router 66 Advanced S ettings DHCP: Dynamic hos t configuration p rotocol automatic ally assi gns IP address to spec ified cli ents. Choose addres s pool ran ge. Reserve LA N IP addresses for selec ted devic es (by MAC addresses).
User’s Manual 67 Intrusion: Detects 11 typ es of denial of service (DOS) attacks including: ping of death (il legal ping p acket), SYN fl ood (detects if SYN is from the sa me source), LA ND atta ck.
FriendlyNET V PN Security Router 68 Performanc e Processor: 32-bi t RISC CPU Memory: Upgradeable FLAS H firmware from web bro wser LAN: 10/100 Mbps WAN: 10/100 Mbps WLAN: Up to 11 Mbps Physical Charac teristics Dimensions : 7.9 x 5.9 x 1. 7 inches (2 01 x 151 x 44 mm) Weight: VR2004C: 1.
User’s Manual 69 Appendix H. Configuri ng a Sy stem Log Server Because the router ’s memory cann ot hold as many message s as a computer with a hard drive, you can have the r outer send its System Log message s to a server on the network. The ability to receive system log m essages is most com mon on Unix-ty pe sys- tems.
FriendlyNET V PN Security Router 70 # /etc/init.d/ syslog restart 4. A default inst all of a rec ent version of R ed Hat Linux has proba- bly also c onfigured a f irewall that m ay be blocki ng access to the syslog port. Usually ipchai ns is used by def ault.
User’s Manual 71 ConsoleM essage "Start ing system lo g" if [ -f /et c/syslog.conf ]; then if ! pid= $(GetPID syslog); then rm -f /d ev/log sys logd fi else echo " Warning: sy slogd w as not started" fi } -- 2. Add a p arameter -u to the end of the line that starts the daemon: syslogd - u 3.
FriendlyNET V PN Security Router 72 8. Selec t Other under Port Name . Enter 514 and sy sl og in the Port Number and Desc ri pti on fields, and click OK .
User’s Manual 73 Appendix I. Y our 802.1 1b Wireless Net w ork Thank you for choos ing As anté for your wir eless net work ing solu- tions. In or der to m ake wire less net working as safe an d eas y as possible, p lease c onsider t he follo wing inf orm ation when sett ing up and usi ng your wireless network .
FriendlyNET V PN Security Router 74 • The type of w alls, window s, doorw ays or other buildi ng structures w ill affect the range of the wireless s ignal.
User’s Manual 75 M A C A ddress Control Every netw ork device ha s a unique hardware addre ss known as a media acc ess control (M AC) address. En abling M AC address con- trol allow s you to contro l LAN and W AN access for ea ch clie nt in your netw ork.
Asanté T echnologie s, Inc. 821 Fox Lane San Jose, C A 95131 FriendlyNE T VR2004 Series V PN Security Router User’s M anual SALES 800-662-9686 H ome/Office Solutions 800-303-9121 En terprise Solu tions 408-435-8388 TECHNICAL SUPPORT 801-566-8991 Worldw ide 801-566-3787 FAX www .
デバイスAsante Technologies VR2004の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Asante Technologies VR2004をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはAsante Technologies VR2004の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Asante Technologies VR2004の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Asante Technologies VR2004で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Asante Technologies VR2004を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はAsante Technologies VR2004の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Asante Technologies VR2004に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちAsante Technologies VR2004デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。