HotBrickメーカーVPN 800 / 2の使用説明書/サービス説明書
ページ先へ移動 of 89
Dual WAN Firewall Router VPN 800 / 2 User’s Guide HotBrick Network Solutions.
.
HotBrick Network Solutions T ABLE OF C ONTENTS 1: INTRODUCTION .............................................................................................................................. 1 Internet Features .........................................
HotBrick Network Solutions 9: ADVANCED LAN CONFIGURAT ION ………………………………………………………………...68 Overview ..........................................................................................................
HotBrick Network Solutions 1: Introduction Congratulations on the purchase of your new HotBrick VPN 800/2 Firewall Router. The VPN 800/2 Firewall Router provides Shared Broadband Internet Access and VPN tunnels for LAN users.
HotBrick Network Solutions • PPPoE Session Management Multiple PPPoE sessions are supported and you can choose to “map” sessions to individual PCs if desired. • Multiple IP Address Support If your ISP allocates you multiple IP addresses, these are also supported and you can “map” IP addresses to individual PCs if desired.
HotBrick Network Solutions Other Features • 8-Port Switching Hub The VPN 800/2 Firewall Router incorporates with 8-port 10 /100BaseT switching hub, making it easy to create or extend your LAN. • DHCP Server Support D ynamic H ost C onfiguration P rotocol provides a dynamic IP address to PCs and other devices upon request.
HotBrick Network Solutions Package Contents The following items should be included: • The VPN 800/2 Firewall Router Unit • Power Cord. • Quick Installation Guide • CD-ROM containing the on-line manual. If any of the above items are damaged or missing , please contact your dealer immediately.
HotBrick Network Solutions Also, some Status and Error condit ions are indicated by combinations of LEDs, as shown below LED Action Condition WAN, LAN Status LEDs flash alternatively. Firmware Download in progress. WAN & LAN LEDs flash concurrently.
HotBrick Network Solutions Rear Panel VPN 800/2 Firewall Router Figure 1-3: Rear Panel VPN 800/2 Firewall Router AC power socket Connect the supplied power here.
HotBrick Network Solutions Note: The supplied Windows TFTP utility also allows you to perform three (3) other operat ions: • Save the current configuration settings to your PC (use the "Upload" button). • Restore a previously saved configuration file to the VPN 800/2 Firewall Router (use the "Download" button).
HotBrick Network Solutions 2: Basic Setup Overview Basic Setup of your HotBrick VPN 800/2 Firewall Router involves the following steps: 1. Attach the HotBrick VPN 800/2 Firewall Router to one (1) PC, and configure it for your LAN. 2. Install your HotBrick VPN 800/2 Firewall R outer in your LAN, and connect the Broadband Modem or Modems.
HotBrick Network Solutions 7. Enter admin for the "User Name" and leave the "Password" blank. • The "User Name" is always admin • You can and should set a password, using the following Admin Password screen.
HotBrick Network Solutions 9. Select LAN & DHCP from the menu. You will see a screen like the example below. Figure 2-3: LAN & DHCP 10. Ensure these settings are suitable fo r your LAN: • The default settings are suitable for many situations.
HotBrick Network Solutions DHCP Server Configuration • DHCP Server Setup - If enabled , the VPN 800/2 Firewall Router will allocate IP Addresses to PCs (DHCP clients) on your LAN when they start up. The default and recommended value is "Enable".
HotBrick Network Solutions 2. Installing the HotBrick VPN 800/2 Firewall Router in your LAN 1. Ensure the HotBrick VPN 800/2 Firewall Router and the DSL/Cable modem are powered OFF. Leave the modem or modems connected to their data line. 2. Connect the Broadband modem or modems to the VPN 800/2 Firewall Router.
HotBrick Network Solutions Figure 2-4: Primary Setup Screen VPN 800/2 Firewall Router Settings – Primary Setup Connection Mode Select the appropriate setting: • Enable – Select this if you have connected a broadband modem to this port. • Disable – Select this if there is no broadband modem connected to this port.
HotBrick Network Solutions Connection Type Check the data supplied by your ISP, and select the appropriate option. • Static IP – Select this if your ISP has provided a Fixed or Static IP address. Then enter the data into the Address Info fields. • Dynamic IP – Select this if your ISP provides an IP address automatically, when you connect.
HotBrick Network Solutions 4: Configure PCs on your LAN Overview For each PC, the following may need to be configured: • TCP/IP network settings • Internet Access configuration TCP/IP Settings If using the default VPN 800/2 Firewall Router settings, and the default Windows 95/98/ME/2000/XP TCP/IP settings, no changes need to be made.
HotBrick Network Solutions 7. Select "Set up my connection manually" and click Next . 8. Check "Connect using a broadband connection t hat is always on" and click Next . 9. Click Finish to close the New Connection Wizard. Setup is now completed.
HotBrick Network Solutions Fixed IP Address By default, most Unix installations use a fixed IP Address. If you wish to continue using a fixed IP Address, make the following changes to your configuration. • Set your Default Gateway to the IP Address of the VPN 800/2 Firewall Router.
HotBrick Network Solutions 3: Advanced Port Setup Overview • Port Options contains some options, which can be set on either or both WAN ports. For most situations, the default values are satisfactory. • Load Balance screen is only functional if you are using both WAN ports.
HotBrick Network Solutions Settings – Port Options Connection Validation • Health Check – Disable will not do Alive Indicator Check. By default health check is enable. Health checking is performing an ICMP echo request and HTTP packets to the specific destination that could be either: 1.
HotBrick Network Solutions Load Balance This screen is only operational if using Internet connections on both WAN ports. Figure 3-2: Load Balance These settings are only functional if using both WAN ports. If using both WAN ports, these settings determine the proportion of traffic sent over each port.
HotBrick Network Solutions Settings – Load Balance Load Balance Configuration • Enable – Use this to en able your Load Balance settings. Unless this is checked, the other settings on this screen have no effect. • Balance Type – Select the desired option: • Bytes rx+tx – Traffic is measured by Bytes.
HotBrick Network Solutions Advanced PPPoE The screen is required in order to use multiple PPPoE sessions on the same WAN port. It can also be used to manually co nnect or disconnect a PPPoE session.
HotBrick Network Solutions Action Use the "Connect" and "Disconnect" buttons to establish or t erminate a connection on this session, if required.
HotBrick Network Solutions Advanced PPTP This screen is only useful if using the PPTP connection method. Figure 3-4: Advanced PPTP Settings – Advanced PPTP Select WAN Port Select the desired Port, and then click the "Select" button. The data for t he selected Port will then be displayed in the WAN IP Account section.
HotBrick Network Solutions 4: Advanced Setup Overview The following advanced features are provided. • Host IP Setup • Virtual Servers • Custom Virtual Server • Special Applications • Dynamic.
HotBrick Network Solutions Figure 4-1: Host IP Setup Settings – Host IP Setup Host Network Identity This section identifies each Host (PC) • Host List – When adding a new Host, ignore this list. To edit an existing entry, select it from the list, and click the "Select" button.
HotBrick Network Solutions Host Network Binding • Bind WAN port/Session – Select Enable if you wish to associate this PC with a particular PPPoE Session. All traffic for that PC will then use the selected PPPoE port and session. • Binding Method – Suppose your PC is bound to WAN1 port, now you are selecting “Strict Binding”.
HotBrick Network Solutions Virtual Servers This feature allows you to make Servers on your LAN accessible to Internet users. Normally, Internet users would not be able to access a server on your LAN because: • Your Server's IP address is only valid on your LAN, not on the Internet.
HotBrick Network Solutions • This address should be static, rather than dynamic, to make it easier for I nternet users to connect to your Servers. However, you can use the Dynamic DNS feature (explained later in this chapter) to allow users to connect to your Virtual Servers using a URL, instead of an IP Address.
HotBrick Network Solutions Custom Virtual Servers This screen allows you to define your own Server types, for situations when the desired Server type is not listed on the Virtual Servers screen. Figure 4-4:Custom Virtual Servers Settings – Custom Virtual Servers Select Custom Server Name Server List If creating a new entry, ignore this list.
HotBrick Network Solutions Each PC must be running the appropriate Server software. • Protocol Type – Select the network protocol used by this sever type. • LAN Port Range – Enter the range of port number used for outgoing traffic from this Server.
HotBrick Network Solutions Special Applications If you use Internet applications which have non-st andard connections or port numbers, you may find that they do not function correctly because they are blocked by the firewall in the Load Balancer .
HotBrick Network Solutions Special Application Configuration Enable - Use this to Enable or Disable this Special Application as required. Name - Enter a descriptive name to identify this Special Application. Outgoing Protocol - Select the protocol used by this application, when sending data to the remote server or PC.
HotBrick Network Solutions Dynamic DNS Dynamic DNS is very useful when combined with the Virtual Server feature. It allows Internet users to connect to your Virtual Servers using a URL, rather than an IP Address. This also solves the problem of having a dynamic IP address.
HotBrick Network Solutions Figure 4-6: Dynamic DNS Settings – Dynamic DNS Dynamic DNS Service Use this to Enable/Disable the Dynamic DNS feature, and select the required service provider. • Disable – Dynamic DNS is not used. • DNS4BIZ Hotbrick Premium – It provides reliability for normal business requirement.
HotBrick Network Solutions WAN Port Binding • Select the WAN port on which the Dynamic DNS is used. • The "Force Update" button will update your record on the Dynamic DNS Server immediately. Additional Setting These options are available if using the standard client.
HotBrick Network Solutions Multi DMZ This feature allows each WAN port IP address to be associated with one (1) computer on your LAN. All outgoing traffic from that PC will be associated with that WAN port IP address.
HotBrick Network Solutions Settings – Multi DMZ Enable Use this to e nable or disable the DMZ setting, as required. Name Enter a name to assist you to remember this setting. This name has no effect on the operation. For Static IP Public IP address Enter the WAN port (Internet) IP address you wish to associate to a PC.
HotBrick Network Solutions UPnP With UPNP (Universal Plug & Play) function, it can easily setup and configure an entire network, enable discovery and control of networked devices and services. Figure 4-8: UPnP Settings – UPnP UPnP Option If you Enable UPnP, then this two wan router will become one of the entire local network.
HotBrick Network Solutions NAT Setting NAT (Network Address Translation) is the technology which allows one (1) WAN (Internet) IP address to be used by many LAN users. Figure 4-9: NAT Settings – NAT NAT Configuration • NAT Routing – You can enable or disable NAT through the check box.
HotBrick Network Solutions Advanced Features This screen allows you to change some advanced settings: • Remote Access Configuration – This feature allows you to manage the VPN 800/2 Firewall Router via the Internet. You can restrict access to a specified IP address or address range.
HotBrick Network Solutions Settings – Advanced Features Remote Access Configuration • Remote Upgrade – If enabled, you can use the supplied Windows program to remotely upgrade the Firmware. If not enabled, upgrades must be performed by a PC on the LAN.
HotBrick Network Solutions Interface Binding SMTP (Simple Mail Transport Protocol) Binding Unless you are using E-mail accounts from different ISPs on each port, you can ignore these settings. Some ISPs configure their E-mail Servers so they will not accept E-mail from IP addresses not allocated by themselves.
HotBrick Network Solutions 5: Security Management Overview • Block URL It can block specific website by configure IP address, URL or Key words • Access filter You can block all Internet access or select block well-known port or block user define ports by groups.
HotBrick Network Solutions Figure 5-1: Block URL Settings – Block URL Access Group This allows you have different blocking rules for different Groups of PCs. • All PCs (users) are in the Default Group unless moved to another group on the Host IP screen.
HotBrick Network Solutions Access Filter The network Administrator can use the Access Filter to gain fine control ov er the Internet access and applications available to LAN users. • Five (5) user groups are available, and each group can have different access rights.
HotBrick Network Solutions Filter Setting Select the desired option for this Group: • No filtering – Nothing is blocked, Internet access is not restricted. • Block All Access – Everything is blocked, Internet access is not available. • Block selected items – Items selected on this screen are blocked.
HotBrick Network Solutions Session Limit This new feature allows to drop the new sessions from both WAN and LAN side. If the new sessions number are exceed the maximum sessions in a sampling time. Figure 5-3: Session Limit Session Limit Outgoing New session Session Limit Enable or disable “Session Limit” function.
HotBrick Network Solutions System Filter Exception System Firewall Exception Rules: The rules with which any received packets is complied, the packets will not processed by Firewall or NAT module, but to be processed directly by system protocol stack.
HotBrick Network Solutions 6: VPN Configuration Overview Virtual Private Network (VPN), is a connection between two end points. It allows private data to be sent securely over a public network, such as Internet. VPN establishes a private network that can send data securely between two networks.
HotBrick Network Solutions IPSec Global Setting Figure 6-1: IPSec Global Setting Page 51.
HotBrick Network Solutions IP Global Setting Global Parameters Enable –If you enable check box either WAN1,WAN2 or both, this will start VPN global setting ISAkmp Port – Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify and delete security associations and their attributes.
HotBrick Network Solutions Policy Setup Policy Setup Figure 6-2: Policy Setup Page 53.
HotBrick Network Solutions VPN Policy Setup IPSec Traffic Binding VPN Tunnel List – It shows the tunnels that you have entered. The router can setup up to 20 tunnels Tunnel Name – In order to distinguish the tunnel, you have to give “Tunnel” a name.
HotBrick Network Solutions Key Management Key – Key Type: there are two key types (manual key and auto key) available for the key exchange management. Manual Key: If manual key is selected, no key negotiation is needed. AutoKey (IKE)- There are two types of operation modes can be used.
HotBrick Network Solutions IPSec Policy options Figure 6-3: IPSec Policy Options Tunnel Attribute The current tunnel attribute that you just setup Dead Peer Detection If you like to utilize one of the wan port as a backup or plan failover function, you can enable Dead Peer Detection function.
HotBrick Network Solutions Set Options NetBIOS Broadcast- This is used to forward NetBIOS broadcast across the Internet. Auto Trigger –This is help to keep up the IPSec connection tunnel. It can be re-established immediately, if a connection is dropped and detected.
HotBrick Network Solutions 7: QoS Configuration Overview The VPN 800/2 Firewall Router provides QoS, which supports the high quality of network service. Because it will classify outgoing packets ba sed on some policies defined by users, make some real-time applications to get better response or performance.
HotBrick Network Solutions Data – QoS Setup. QoS Feature  Enable QoS – This will allow users enable QoS function. • Queuing Method – The methods that how you manage your queue.” Priority queuing”. It is one of the first queuing variations to be wildly implemented.
HotBrick Network Solutions Data – Policy Confi guration. Policy Priority This section identifies each policy • Policy Name List – When adding a new Policy, ignore this list. To edit an existing entry, select it from the list, and click the "Select" button.
HotBrick Network Solutions 8: Management Assistant Overview The following advanced features are provided. • SNMP • Email Alert • SNMP • Syslog • Upgrade Firmware This chapter contains details of the configuration and use of each of these features.
HotBrick Network Solutions Settings – SNMP System Information • Contact Person – The name of the person responsible for this device. • Device name – The name of VPN 800/2 Firewall Router. • Physical Location – The location of the VPN 800/2 Firewall Router.
HotBrick Network Solutions Settings – Email Alert Enable/Disable Email Alert • Enable – This will enable email alert to send a w arning email when WAN port was disconnected. • Disable – This will disable email alert not to send a warning email when WAN port was disconnected.
HotBrick Network Solutions Syslog This feature can send real time system information on the web page or to the specifie d PC. Syslog Configuration – Syslog Configuration allow you where to send system information to other machine or not. There are up to three machines you can choose to send your system log.
HotBrick Network Solutions Syslog Confi gurati on Syslog Delivery Sending out – Check this, if you want to send syslog messages to other machine. Keep Send messages – Check this, if you want to keep sent messages, otherwise the sent message will be delete.
HotBrick Network Solutions Admin Password The password screen allows you to assign a password to the Firewall Router. Figure 8-4: Admin Password Screen Enter the desired password, re-enter it in the Verify Password field, then save it.
HotBrick Network Solutions Upgrade Firmware This Upgrade Firmware Screen allows you to upgrade firmware or backup system configuration by using HTTP upgrade. Figure 8-6: Upgrade Firmware  You can backup your system configuration by press “save” button of Save System Configuration.
HotBrick Network Solutions 9: Advanced LAN Configuration Overview These screens and settings are provided to deal with non-standard situations, or to provide additional options for advanced users. Existing DHCP Server If your LAN already has a DHCP Server, and you wish to continue using it, the following configuration is required.
HotBrick Network Solutions Note: If there is an entry or entries in the Routing table with an Inde x of zero ( 0 ), these are System entries. You cannot modify or delete these entries. Settings – Routing Dynamic Routing • RIP v2 – This acts as “master” switch.
HotBrick Network Solutions For the VPN 800/2 Firewall R out er Gateway 's Routing Table For the LAN shown above, with 2 routers and 3 LAN segments, the VPN 800/2 Firewall Router requires 2 entries as follows. Entry 1 (Segment 1) Destination IP Address 192.
HotBrick Network Solutions 10: Operation and Status Operation Once both the VPN 800/2 Firewall Router and the PCs are configured, operation is automatic. However, there are some situations where additional Internet configuration may be required: Refer to Chapter 4 - Advanced Features for further details.
HotBrick Network Solutions Data – System Stat us WAN Information • Connection Status – Current status – either "Connected" or "Not connected". • Connection Type – The type of connection used – DHCP, Fixed IP, PPPoE, or PPTP.
HotBrick Network Solutions Buttons • Refresh – Update the data on screen. • Restart – Restart (reboot) the VPN 800/2 Firewall Router. • Restore Factory Defaults – This will delete all existing settin gs, and restore the factory default settings.
HotBrick Network Solutions These changes may mean that the current connection is invalid, and you will have to re-connect to the VPN 800/2 Firewall Router using its default IP address (192.168.1.1 ). WAN Status Use the WAN Status link on the main menu to view this screen.
HotBrick Network Solutions NAT Status This screen is displayed when you click the "Check NAT Detail" button o n the WAN Status screen. Figure 10-4: NAT Status Data – NAT Status LAN IP Info • IP Address – The LAN IP Address of the VPN 800/2 Firewall Router.
HotBrick Network Solutions NAT Traffic This section displays statistics for both outgoing (LAN to Internet) and Incoming (Internet to Local) traffic. NAT Connections This displays the current number of active connections. For further details, click the "View Connection" list button.
HotBrick Network Solutions Appendix A Specifications Model Hotbrick VPN 800/2 Firewall Router Dimensions 120mm (W) x 427mm (D) x 43.4mm (H) Operating Temperature 0 ° C to 40 ° C Storage Temperature .
HotBrick Network Solutions Appendix B Windows TCP/IP Setup Overview TCP/IP Settings If using the default Load Balancer setti ngs, and the default Windows 95/98/ME/2000 TCP/IP settings, no changes need to be made.
HotBrick Network Solutions Figure B-2: IP Address (Win 95) Ensure your TCP/IP settings are correct, as follows: Using DHCP To use DHCP, select the radio button Obtain an IP Address automatically . This is the default Windows settings. Restart your PC to ensure it obtains an IP Address from the VPN 800/2 Firewall Router.
HotBrick Network Solutions • On the DNS Configuration tab, ensure Enable DNS is selected. If the DNS Server Search Order list is empty, enter the DNS address provided by your ISP in the fields beside the Add button, then click Add . Figure B-4: DNS Tab (Win 95/98) Checking TCP/IP Settings - Windows 2000: 1.
HotBrick Network Solutions Figure B-6: TCP/IP Properties (Win 2000) 5. Ensure your TCP/IP settings are correct: Using DHCP To use DHCP, select the radio button obtain an IP Address automatically . This is the default Windows settings. Restart your PC to ensure it obtains an IP Address from the VPN 800/2 Firewall Router.
HotBrick Network Solutions Checking TCP/IP Settings - Windows XP: 1. Select Control Panel - Network Connection. 2. Right click the Local Area Connection and choose Properties . You should see a screen like the following: Figure B-7: Network Configura tion (Windows XP) 3.
HotBrick Network Solutions Figure B-8: TCP/IP Properties (Windows XP) 5. Ensure your TCP/IP settings are correct. Using DHCP To use DHCP, select the radio button obtain an IP Address automatically . This is t he default Windows settings. Restart your PC to ensure it obtains an IP Address from the VPN 800/2 Firewall Router.
HotBrick Network Solutions Appendix C Troubleshooting Overview This chapter covers some common problems that may be encountered while using the VPN 800/2 Firewall Router and some possible solutions to them. If you follow the suggested steps and the VPN 800/2 Firewall Router still does not function prop erly, contact your dealer for further advice.
HotBrick Network Solutions Solution 2: The VPN 800/2 Firewall Router processes the data passing through it, so it is not transparent. Use the Special Applications feature to allow the use of Internet applicatio ns which do not function correctly. If this does solve the problem you can use the DMZ function.
デバイスHotBrick VPN 800 / 2の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
 
                HotBrick VPN 800 / 2をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはHotBrick VPN 800 / 2の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。HotBrick VPN 800 / 2の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。HotBrick VPN 800 / 2で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
HotBrick VPN 800 / 2を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はHotBrick VPN 800 / 2の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、HotBrick VPN 800 / 2に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちHotBrick VPN 800 / 2デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。