User ManualTable of ContentsChapter 1. Introduction10About this User Manual11Typographical Conventions11Chapter 2. Configuring Your Network: LAN Setup13LAN Configuration132.1.1 LAN Configuration in an IPv6 Network162.1.2 Configuring IPv6 Router Advertisements19VLAN Configuration212.2.1 Associating VLANs to ports22Configurable Port: DMZ Setup24Universal Plug and Play (UPnP)25Captive Portal27Chapter 3. Connecting to the Internet: WAN Setup28Internet Setup Wizard28WAN Configuration293.2.1 WAN Port IP address303.2.2 WAN DNS Servers303.2.3 DHCP WAN303.2.4 PPPoE313.2.5 Russia L2TP and PPTP WAN343.2.6 WAN Configuration in an IPv6 Network353.2.7 Checking WAN Status37Bandwidth Controls38Features with Multiple WAN Links413.4.1 Auto Failover413.4.2 Load Balancing423.4.3 Protocol Bindings43Routing Configuration443.5.1 Routing Mode443.5.2 Dynamic Routing (RIP)473.5.3 Static Routing48Configurable Port - WAN Option49WAN 3 (3G) Configuration49WAN Port Settings51Chapter 4. Wireless Access Point Setup53Wireless Settings Wizard534.1.1 Wireless Network Setup Wizard544.1.2 Add Wireless Device with WPS544.1.3 Manual Wireless Network Setup55Wireless Profiles554.2.1 WEP Security564.2.2 WPA or WPA2 with PSK574.2.3 RADIUS Authentication58Creating and Using Access Points59Primary benefits of Virtual APs:61Tuning Radio Specific Settings62Advanced Wireless Settings63Wi-Fi Protected Setup (WPS)63Chapter 5. Securing the Private Network65Firewall Rules65Defining Rule Schedules66Configuring Firewall Rules675.3.1 Firewall Rule Configuration Examples72Security on Custom Services76ALG support77VPN Passthrough for Firewall78Application Rules79Web Content Filtering805.8.1 Content Filtering805.8.2 Approved URLs815.8.3 Blocked Keywords825.8.4 Export Web Filter83IP/MAC Binding845.10 Intrusion Prevention (IPS)855.11 Protecting from Internet Attacks86Chapter 6. IPsec / PPTP / L2TP VPN88VPN Wizard90Configuring IPsec Policies926.2.1 Extended Authentication (XAUTH)956.2.2 Internet over IPSec tunnel95Configuring VPN clients96PPTP / L2TP Tunnels966.4.1 PPTP Tunnel Support966.4.2 L2TP Tunnel Support986.4.3 OpenVPN Support99Chapter 7. SSL VPN101Groups and Users1037.1.1 Users and Passwords109Using SSL VPN Policies1107.2.1 Using Network Resources113Application Port Forwarding114SSL VPN Client Configuration116User Portal1187.5.1 Creating Portal Layouts119Chapter 8. Advanced Configuration Tools121USB Device Setup121SMS service122Authentication Certificates124Advanced Switch Configuration126Chapter 9. Administration & Management127Configuration Access Control1279.1.1 Remote Management1279.1.2 CLI Access128SNMP Configuration128Configuring Time Zone and NTP130Log Configuration1319.4.1 Defining What to Log1319.4.2 Sending Logs to E-mail or Syslog1359.4.3 Event Log Viewer in GUI137Backing up and Restoring Configuration Settings138Upgrading Router Firmware139Dynamic DNS Setup140Using Diagnostic Tools1419.8.1 Ping1429.8.2 Trace Route1429.8.3 DNS Lookup1439.8.4 Router Options143Chapter 10. Router Status and Statistics14410.1 System Overview14410.1.1 Device Status14410.1.2 Resource Utilization14610.2 Traffic Statistics14910.2.1 Wired Port Statistics14910.2.2 Wireless Statistics15010.3 Active Connections15110.3.1 Sessions through the Router15110.3.2 Wireless Clients15310.3.3 LAN Clients15310.3.4 Active VPN Tunnels154Chapter 11. Trouble Shooting15611.1 Internet connection15611.2 Date and time15811.3 Pinging to Test LAN Connectivity15811.3.1 Testing the LAN path from your PC to your router15811.3.2 Testing the LAN path from your PC to a remote device15911.4 Restoring factory-default configuration settings160Chapter 12. Credits161Appendix A. Glossary162Appendix B. Factory Default Settings165Appendix C. Standard Services Available for Port Forwarding & Firewall Configuration166Appendix D. Log Output Reference167Appendix E. RJ-45 Pin-outs221Appendix F. Product Statement222Figure 1: Setup page for LAN TCP/IP settings15Figure 2: IPv6 LAN and DHCPv6 configuration17Figure 3: Configuring the Router Advertisement Daemon20Figure 4: IPv6 Advertisement Prefix settings21Figure 5: Adding VLAN memberships to the LAN22Figure 6: Port VLAN list23Figure 7: Configuring VLAN membership for a port24Figure 8: DMZ configuration25Figure 9: UPnP Configuration26Figure 10: Active Runtime sessions27Figure 11: Internet Connection Setup Wizard28Figure 12: Manual WAN configuration31Figure 13: PPPoE configuration for standard ISPs32Figure 14: WAN configuration for Japanese Multiple PPPoE (part 1)33Figure 15: WAN configuration for Multiple PPPoE (part 2)34Figure 16: Russia L2TP ISP configuration35Figure 17: IPv6 WAN Setup page36Figure 18: Connection Status information for both WAN ports38Figure 19: List of Configured Bandwidth Profiles39Figure 20: Bandwidth Profile Configuration page40Figure 21: Traffic Selector Configuration41Bindings have been defined43destination network44Dynamic routing (RIP)46Figure 25: Static route configuration fields49Figure 26: WAN3 configuration for 3G internet51Figure 27: Physical WAN port settings52Figure 28: Wireless Network Setup Wizards54Figure 29: List of Available Profiles shows the options available to secure the wireless link56Figure 30: Profile configuration to set network security57Figure 31: RADIUS server (External Authentication) configuration59Figure 32: Virtual AP configuration60radio, broadcasting its SSID61Figure 34: Radio card configuration options62Figure 35: Advanced Wireless communication settings63Figure 36: WPS configuration for an AP with WPA/WPA2 profile64Figure 37: List of Available Firewall Rules66Figure 38: List of Available Schedules to bind to a firewall rule67(209.156.200.225) to a private DMZ IP address (10.30.30.30)70action, schedules, and specify source/destination IP addresses as needed.71Figure 41: Schedule configuration for the above example.75Figure 42: List of user defined services.77Figure 43: Available ALG support on the router78Figure 44: Passthrough options for VPN tunnels79Figure 45: List of Available Application Rules showing 4 unique rules80from being downloaded81Figure 47: Two trusted domains added to the Approved URLs List82Figure 48: One keyword added to the block list83Figure 49: Export Approved URL list84logs will be captured85Figure 51: Intrusion Prevention features on the router86Figure 52: Protecting the router and LAN from internet attacks87to the Internet88IPsec gateway89Figure 55: VPN Wizard launch screen90Figure 56: IPsec policy configuration93Figure 57: IPsec policy configuration continued (Auto policy via IKE)94Figure 58: IPsec policy configuration continued (Auto / Manual Phase 2)95Figure 59: PPTP tunnel configuration – PPTP Client97Figure 60: PPTP VPN connection status97Figure 61: PPTP tunnel configuration – PPTP Server98Figure 62: L2TP tunnel configuration – L2TP Server99Figure 63: OpenVPN configuration100Figure 64: Example of clientless SSL VPN connections to the DSR102Figure 65: List of groups103Figure 66: User group configuration104Figure 67: SSLVPN Settings105Figure 68: Group login policies options106Figure 69: Browser policies options107Figure 70: IP policies options108Figure 71: Available Users with login status and associated Group109Figure 72: User configuration options110Figure 73: List of SSL VPN polices (Global filter)111Figure 74: SSL VPN policy configuration112Figure 75: List of configured resources, which are available to assign to SSL VPN policies114Figure 76: List of Available Applications for SSL Port Forwarding116Figure 77: SSL VPN client adapter and access configuration117Figure 78: Configured client routes only apply in split tunnel mode118an authentication domain119Figure 80: SSL VPN Portal configuration120Figure 81: USB Device Detection122Figure 82: SMS Service – Send SMS123Figure 83: SMS Service – Receive SMS124Figure 84: Certificate summary for IPsec and HTTPS management125Figure 85: Advanced Switch Settings126Figure 86: User Login policy configuration127Figure 87: Remote Management from the WAN128Figure 88: SNMP Users, Traps, and Access Control129Figure 89: SNMP system information for this router130Figure 90: Date, Time, and NTP server setup131Figure 91: Facility settings for Logging133Figure 92: Log configuration options for traffic through router135Figure 93: E-mail configuration as a Remote Logging option136Figure 94: Syslog server configuration for Remote Logging (continued)137Figure 95: VPN logs displayed in GUI event viewer138overwritten and a reboot139Figure 97: Firmware version information and upgrade option140Figure 98: Dynamic DNS configuration141Figure 99: Router diagnostics tools available in the GUI142Figure 100: Sample trace route output143Figure 101: Device Status display145Figure 102: Device Status display (continued)146Figure 103: Resource Utilization statistics147Figure 104: Resource Utilization data (continued)148Figure 105: Resource Utilization data (continued)149Figure 106: Physical port statistics150Figure 107: AP specific statistics151Figure 108: List of current Active Firewall Sessions152Figure 109: List of connected 802.11 clients per AP153Figure 110: List of LAN hosts154Figure 111: List of current Active VPN Sessions155Size: 4 MBPages: 233Language: EnglishOpen manual