HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 TABLE OF CONTENTS 1: INTRODUCTION............................................................................................................................ 4 Internet Features........................................................................................................................ 4 Other Features ........................................................................................................................... 6 Package Contents......
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Upgrade Firmware.................................................................................................................... 60 10: DEVICE INFORMATION............................................................................................................ 61 Operation.................................................................................................................................. 61 System Status .....................................
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 1:Introduction Congratulations on the purchase of your new Dual WAN VPN Firewall. The Dual WAN VPN Firewall not only provides 2 WAN ports selections – it also provides Shared Broadband Internet Access for all LAN users. Figure 1-1: Dual WAN VPN Firewall Internet Features Dual WAN ports There are 2 WAN ports available for use on the Dual WAN VPN Firewall. They can function for load-balancing and failover.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Supports all common Connection Methods All popular DSL and Cable Modems and connection methods are supported, including Fixed IP, Dynamic IP, PPPoE, and PPTP. Outbound/Inbound Traffic Load Balancing and Failover There are many load-balancing methods to allow administrators to manage the traffic from LAN or WAN to maximize bandwidth usage. There are also smart health check methods to protect against connection failure by using failover.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Other Features 16-Port Switching Hub The Dual WAN VPN Firewall incorporates a 16-port 10 /100BaseT switching hub that allows you to quickly create or extend your LAN. DHCP Server Support Dynamic Host Configuration Protocol provides dynamic IP addresses to PCs and other devices upon request. The Dual WAN VPN Firewall can act as a DHCP Server for devices on your local LAN.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Package Contents The following items should be included: The Dual WAN VPN Firewall Unit Power Cord Quick Installation Guide CD-ROM containing the on-line manual. Note: If any of the above items are damaged or missing, please contact your dealer immediately.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Some Status and Error conditions are indicated by combinations of LED’s, as shown below LED Action Condition Status – System & Packets flash alternatively. Firmware Download in progress. Status – System & Packets flash concurrently. MAC address not assigned.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Rear Panel Figure 1-3: Rear Panel AC 100V ~ 240V Connect to AC100~240V / 50~60Hz with AC power cord. Default Settings When the Dual WAN VPN Firewall has finished booting, all configuration settings will initially be set to the factory defaults, including: IP Address set to its default value of 192.168.1.1, with a Network Mask of 255.255.255.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Note: The supplied Windows TFTP utility also allows you to perform three (3) additional operations: Save the current configuration settings to your PC (use the "Save Configuration" button). Restore a previously saved configuration file to the Dual WAN VPN Firewall (use the "Upgrade Firmware" button). Set the Dual WAN VPN Firewall to its default values (use the "Set to Default" button).
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 2: Quick Installation Overview Initial Basic Setup of your Dual WAN VPN Firewall involves the following steps: 1. Attach a PC to the Dual WAN VPN Firewall in port 3 ~ 16, and configure your LAN. 2. Install your Dual WAN VPN Firewall in your LAN, and connect the Broadband Modem or Modems. 3. Configure your Dual WAN VPN Firewall for Internet Access. 4. Configure PCs on your LAN to use the Dual WAN VPN Firewall.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 No Response? Is your PC using a Fixed IP address? If so, you must configure your PC to use an IP address within the range 192.168.1.2 to 192.168.1.254, with a Network Mask of 255.255.255.0. See Appendix B – Windows TCP/IP Setup for details. Check that the Dual WAN VPN Firewall is properly installed, LAN connection is OK, and it is powered ON. 7 After the login, you will see the Admin Password screen, as shown below.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 8. Select LAN & DHCP from the menu. You will see a screen like the example below. Figure 2-3: LAN & DHCP Setup 9. If your LAN already has a DHCP Server, and you wish to continue to use it, the following configuration is required. The DHCP Server function in the Dual WAN VPN Firewall must be disabled. This setting is on the LAN & DHCP screen. Your DHCP Server must be configured to provide the Dual WAN VPN Firewall LAN IP address as the "Default Gateway".
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Installing the Dual WAN VPN Firewall on your LAN Figure 2-4: Installation Diagram 13. Ensure the Dual WAN VPN Firewall and the DSL/Cable modem are powered OFF. Leave the modem or modems connected to their data line. 14. Connect the Broadband modem or modems to the Dual WAN VPN Firewall. If using only one (1) Broadband modem, connect it to WAN port 1. Use the cable supplied with your DSL/Cable modem. If no cable was supplied, use a standard cable. 15.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 3. Quick Installation - LAN & DHCP Select LAN & DHCP from the menu. You will see a screen like the example below. Figure 3-1: LAN & DHCP Ensure these settings are suitable for your LAN. The default settings are suitable for most networks. See the following table for setting details.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 LAN IP Configuration: IP address - for the Dual WAN VPN Firewall, as seen from the local LAN. Use the default value unless the address is already in use or your LAN is using a different IP address range. In the latter case, enter an unused IP Address from within the range used by your LAN. Subnet Mask -The default value 255.255.255.0 is standard for small (class "C") networks.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 DHCP Client List This table shows the IP addresses that have been allocated by the DHCP Server. For each allocated address, the following information is displayed. Name – The ""hostname"" of the PC. In some cases, this may not be known. MAC Address – The physical address (network adapter address) of the PC. IP Address – The IP address allocated to this PC. Type – Indicates IP address to be dynamic or static.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Quick installation - Primary setup Connection mode Enable Select this if you have connected a broadband modem to this port. Disable – Select this if there is no broadband modem connected to this port. Backup – Use this if you have a broadband modem on each port, and wish to normally use only one. Select Enable for the primary port, and Backup for the secondary port. The Backup port will only be used if the primary port fails.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 3 : Loadbalancing This screen is only operational if using Internet connections on both WAN ports Figure 3-2: Load Balance Load balancing – Load Balancing Enable – Use this to enable your Load Balance settings. Unless this is checked, the other settings on this screen have no effect. Balance Type – Select the desired option: • Bytes rx+tx – Traffic is measured by Bytes. • Packets rx+tx – Traffic is measured by Packets.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 4 : Advanced WAN Port options Connection validation Health Check – If disabled, the Alive Indicator Check is not performed. The default is enabled. Health checking is performed by ICMP echo request and HTTP packets to the specified destination that could be either: the Name or IP Address the user specified in the “Alive Indicator” input box ororthe gateway of the WAN interface used if “Alive Indicator” input box is blank.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Transparant bridge option Bridge Mode – If set to Enable, this WAN port does not use NAT or the Load Balance function when both the LAN and WAN have real IP addresses on the same network segment. NetBIOS Broadcast – This function allows you to access files through Microsoft Network Neighborhood if it is enabled. Traffic Management Strict Binding: traffic from bridged hosts (eg. transparent to WAN 1) can only go through that specified WAN(eg.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 The screen is required in order to use multiple PPPoE sessions on the same WAN port. It can also be used to manually connect or disconnect a PPPoE session. Advanced WAN – PPPoE Select WAN port & Session WAN Port – Selected WAN port using the PPPoE connection PPPoE Session – Usually the ISP provides multiple floating real IPs for PPPoE. Each WAN port can have up to 8 PPPoE sessions with different IP addresses, if your WAN port is using a PPPoE connection.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced WAN PPTP Advanced WAN WAN Port - Select the desired WAN port (click desired WAN on Connection Status). The data of the selected port will then be displayed in the WAN IP Account section. PPTP MTU – Maximum transfer unit for PPTP. The default value is 1460 WAN IP Account User Name – The PPTP user name (login name) assigned by your ISP. Password – The PPTP password associated with the User Name above.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 5 : Advanced Configuration Advanced configuration – Host IP This feature is used in the following situations: You have Multi-Session PPPoE, and wish to bind each session to a particular PC on your LAN. You wish to use the Access Filter feature. This requires that each PC is identified by using the Host IP screen. You wish to have different Block URL settings for different PCs. This requires that each PC is identified by using the Host IP screen.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Reserve in DHCP – Select Enable to reserve a particular (LAN) IP address for a particular PC on your LAN. This allows the PC to use DHCP (Windows calls this "obtain an IP address automatically") while having an IP address that never changes. Reserved IP Address – Enter the IP address you wish to reserve, if the setting above is Enable. Otherwise, ignore this field.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration – Routing Routing This section is only relevant if your LAN has other Routers or Gateways. If you don't have other Routers or Gateways on your LAN, you can ignore the Static Routing page completely. If your LAN has other Gateways and Routers, you must configure the Static Routing screen as described below. You also need to configure the other Routers.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Gateway – The IP Address of the Gateway or Router that the Dual WAN VPN Firewall must use to communicate with the destination above. (NOT the router attached to the remote segment.) Interface – Select the correct interface, usually "LAN". The "WAN" interface is only available if NAT (Network Address Translation) is disabled. Metric – The number of "hops" (routers) pass through to reach the remote LAN segment. The shortest path will be used.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 For Router A's Default Route Destination IP 0.0.0.0 Address Network Mask 0.0.0.0 Gateway IP Address 192.168.1.1 Metric 2 For Router B's Default Route Destination IP Address Network Mask Gateway IP Address Interface Metric 0.0.0.0 0.0.0.0 192.168.2.80 LAN 3 Virtual Server This feature allows you to make Servers on your LAN accessible to Internet users.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Web Server (192.168.1.45) PC using FTP Server (ftp://205.20.45.34) FTP Server (192.168.1.20) 205.20.45.34 (WAN) PC using Web Server (http://205.20.45.34) 192.168.1.1 (LAN) Multi-WAN VPN Link Balancer Note that, in this illustration, both Internet users are connecting to the same IP Address, but using different protocols. Connecting to the Virtual Server Once configured, anyone on the Internet can connect to your Virtual Servers.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration – virtual server Virtual Server Configuration Enable – The enable checkbox enables or disables each Virtual server as required. Server Name – Enter a name for this server. (By default, there are 12 well-known virtual servers on the Custom Virtual Server List that you may use.) Protocol – Select the network protocol (TCP/UDP) used by this sever.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Update – Save any changes you have made to the current entry. Cancel – Cancel any changes you have made since the last save operation. Virtual Server List - This table shows the detail for all Custom Virtual Server configuration data. You can modify this configuration data by clicking the specific row you want to change.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration - Special Application If you use Internet applications that use non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the Dual WAN VPN Firewall. In this case, you must define the application as a "Special Application” in order for the application to work.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Special Application List - This list shows the details for all currently defined Special Applications. You can modify its configuration data by mouse clicking the appropriate row. Using a Special Application on your PC When the Special Applications screen is configured correctly, you can use the application on your PC normally. Remember that only one (1) PC can use each Special application at any time.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Dynamic DNS Service This pull-down menu can Enable/Disable the Dynamic DNS feature, and select the required service provider. Disable – Dynamic DNS is not used. TZO – Select this to use the TZO service (www.tzo.com). You must configure the TZO section of this screen. DynDNS – Select this to use the standard service (from www.dyndns.org or another provider). You must configure the Standard Client section of this screen.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration - Multi DMZ This feature allows each WAN port IP address to be associated with one (1) computer on your LAN. All outgoing traffic from that PC will be associated with that WAN port IP address. Any traffic sent to that IP address will be forwarded to the specified PC, allowing unrestricted 2-way communications between the "DMZ PC" and other Internet users or Servers.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration - UPnP Setup With the UPnP (Universal Plug & Play) function, it is easy to setup and configure an entire network to enable discovery and control of networked devices and services. UPnP Option - If UPnP is enabled, then this device will become one of the local network devices. You can then find an icon for it in Network Neighborhood on a Windows XP computer on your LAN.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration – NAT Setting NAT Configuration NAT Routing – You can enable or disable NAT by using the checkbox. If you disable the NAT checkbox, it will act as a bridge or Static Router. Most features will be unavailable. TCP Timeout – Enter the desired value to use for the WAN port. The default is 300. UDP Timeout – Enter the desired value to use for the WAN port. The default is 120.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration – Advanced Feature External Filters Configuration IDENT Port – Port 113 is associated with the Internet's (Identification / Authentication) service. When a client program in your computer contacts a remote server for services such as POP, IMAP, SMTP, that remote server sends back a query to the "Ident" server running in many systems listening for these queries on port 113.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 settings to correct the problem. Enable - If enabled, the WAN port you specify will be used for all outgoing SMTP traffic. If disabled, either WAN port will be used. WAN – Select the desired WAN port to be bound. Protocol and Port Bindings - Use these settings if you wish to ensure that particular traffic is sent by a particular WAN port, and thereby a particular ISP account. Enable - Enable or disable each item as required.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 6 – Security Management Security Management – Block URL This feature allows you to block access to undesirable Web sites. You can block by URL, IP address, or Keyword. You can also have different blocking settings for different groups of PCs. Every URL is searched to see if it matches or contains any of the URLs or keywords entered here.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Security Management – Access Filter The network administrator can use the Access Filter to control the Internet access and applications available to LAN users. Five (5) user groups are available, and each group can have different access rights. All PCs (users) are in the Default group, unless assigned to another group on the Host IP screen. Access Group - This allows you to create different access rights for different Groups of PCs.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Port Blocking – There are two possible settings : No Filtering - all ports are open Block All Access – All ports are closed. When you make a new rule, the port will be opened for that entry (maximum number of rules you enter are 50 ). Filter Name – Enter a meaningful name for this filter. Protocol Type – Select a protocol type you wish to block. Port No. Range – Enter the range of port numbers you wish to block.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Security Management – System Filter Exeption Sysfilter exception - System Filter Exception – will reject every packet with an unrecognized port to avoid port scan programs run by hackers but this also incurs problems when servers (e.g. SMTP server port 113) or clients from the WAN need to respond to packets to verify their availability to their communication peers. Enable – If the check box is checked, the System Filter Exception is enabled.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 7 : VPN Configuration Virtual Private Network (VPN) uses encryption and authentication to create the connection between two end points (computers or networks). It allows private data to be sent securely over a public network or Internet without the risk of unauthorized access from outside intruders. VPNs establish a private network that can send data securely between two networks. We call this creating a “tunnel”. A VPN tunnel connects the two PCs or networks.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – Tunnel to HotBrick Unit VPN Tunnel List– here you can add a new tunnel or change an existing one from the list. The router allows a maximum of 50 tunnels. Tunnel Name– In order to distinguish the tunnels, you have to give the “Tunnel” a unique name. Tunnel – The tunnel can be connected only after the tunnel check box is enabled. WAN port – You can choose WAN1, WAN2 or Any to make the VPN connection.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Tunnel to HotBrick Client – This describes an IPSec tunnel from a the VPN 1400/2 to the HotBrick Client Software. VPN Tunnel List– allows you to add a new tunnel or change an existing one on the list. The router can support a maximum of 50 tunnels. Tunnel Name– In order to distinguish the tunnels, you have to give the “Tunnel” a unique name. Tunnel – Only after you enable the tunnel check box, the tunnel can be connected.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Tunnel Name– In order to distinguish the tunnel, you have to give the “Tunnel” a unique name. PPPoE Session– If you are using PPPoE to make the connection, and your ISP offers multiple PPPoE sessions, you can select these PPPoE sessions to construct VPN tunnels. Enable setting – The tunnel can only be connected if enabled. Phase 1 DH Group – Use DH Group 1(768-bits), DH Group 2(1024-bits), or Group 5 (1536-bits) to generate IPSec SA keys.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Key management Key – Key Type: there are two key types (manual key and auto key) available for key exchange management. Manual Key: If manual key is selected, no key negotiation is needed. AutoKey (IKE)- There are two types of operation modes that can be used. Main mode accomplishes a phase one IKE exchange by establishing a secure channel. Aggressive Mode is another way of accomplishing a phase one exchange.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 IPSec policy options Tunnel Attribute – The defined attributes for the tunnel. Dead Peer Detection - This setting allows you to use a WAN port for backup or for WAN failover in the event of a connection failure. Check Method – You can choose ICMP, Heartbeat or DPD protocol. This detects if the remote end of the VPN tunnel is alive or not. Options : NetBIOS Broadcast- This is used to forward NetBIOS broadcasts across the Internet.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Set DF Flag- If this DF (Do not Fragment) flag is set, it means the fragmentation of this packet at the IP level is not permitted. VPN configuration – VPN preset ISAkmp Port– Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify and delete security associations and their attributes. In particular, it was assigned UDP port 500 by the IANA.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – SA List VPN configuration – SA list The list will display the details of all Policy Setup configuration data that you have setup. You can modify it by mouse-clicking each row.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – VPN Log You can monitor the VPN status through the VPN log web page. The log level (priority) can be chosen from VPN IKE Global Setting web page. Message Status Priority – It This indicates the severity level of a message for analysis. Time – This indicates when this message is created using the system time. Undefined messages Module – The module that is responsible for the message being sent in IPSec architecture.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 8: QoS Configuration QoS Configuration – overview The Dual WAN VPN Firewall provides QoS, which supports high quality network service. By prioritizing outgoing packets based on user-defined policies, the Quality of Service feature can result in real-time applications achieving better response or performance. QoS Features : Enable QoS – This enables the QoS function. Queuing Method – Theses methods determine how to manage your queue.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 QoS Configuration – QoS Setup QoS Setup QoS Feature Enable QoS – This will allow users to enable the QoS function. Queuing Method - The method used to manage your queue. Priority queuing is one of the first queuing solutions to be widely implemented. IP TOS Process TOS Field – An 8 bits field in the IP packet header designed to contain values indicating how each packet should be processed in the network.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Policy Name List – When adding a new Policy, ignore this list. To edit an existing entry, select it from the list and then click the "Select" button. The data fields will be updated with data for the selected entry. Policy Name – Enter a suitable name. Generally, you should use the "Policy Name" for the network traffic type for ease of identification. Source Address – Define the source address of packets here. It has two types: IP address or MAC address.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 9 : Management Assistant Management assistant – Admin Password Enter the desired password, re-enter it in the Verify Password field, then save it. When you connect to the Load Balancer with your Browser, you will be prompted for the password as shown below. Enter "Admin" for the User Name. Enter the password for the Dual WAN VPN Firewall, as set on the Admin Password screen above. (The default is blanks.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Assistant – Email Alert This feature will send a warning Email to inform the system administrator that one of the WAN ports is disconnected. Enable/Disable Email Alert Enable – This enables Email Alert to send a warning email when a WAN port disconnects. Disable – This disables Email Alert so no warning email is sent when a WAN port disconnects.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Ping Before Notification - A threshold value for the maximum Pings allowed to each interface on this device in a minute. The valid values range from 0 to 9999. Management Assistant – SNMP This section is only useful if you have SNMP(Simple Network Management Protocol) software on a PC or server. If you have SNMP software, you can use a standard MIB 2 f ile with the VPN 1400/2.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Asssistant – Syslog This feature can send real time system information on the web page or to the specified PC. Syslog Delivery Sending out – Check this, if you want to send syslog messages to another machine. Keep Sent messages – Check this if you want to keep sent messages; otherwise the sent message will be deleted. Syslog Server - IP address: Up to 3 syslog servers can be used. Enable: You can enable or disable each server temporarily.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Assistant - Upgrade Firmware
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 10: Device Status Once both the Dual WAN VPN Firewall and the PCs are configured, operation is automatic. However, some additional Internet configuration may be required for your specific network. Refer to Chapter 6 - Advanced Features for further details. Device status – System status Connection Status – Current status – either "Connected" or "Disconnected". Connection Type – The type of connection used – DHCP, Fixed IP, PPPoE or PPTP.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 DHCP Server – The status of the DHCP Server function - either "Enabled" or "Disabled". Device Status - WAN status NAT Statistics This section displays data for each WAN port. Connection status – This will display either Connected or Not Connected. Default Loading Share - The default traffic loading between the WAN ports. Current Loading Share – The current traffic loading between the WAN ports.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Data – NAT Status LAN IP info IP Address – The LAN IP Address of the Dual WAN VPN Firewall. Mask Address – The Network Mask (Subnet Mask) for the IP Address above. Active WAN IP Info – There is one (1) row for each active connection. The following data is displayed for each connection: IP Address – The WAN (Internet) IP Address of the VPN1400/2 Firewall Router. Mask Address – The Network Mask (Subnet Mask) for the IP Address.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Device information – Device Information Device Information Firmware Version – Version of the Firmware currently installed. NAT – Status of the NAT feature – either “Enable” or “Disable”. Load Balance – Status of the Load Balance feature –either “Enable” or “Disable”. Virtual Server – Status of the Virtual Server feature - either “Enable” or “Disable”. Special Applications – Status of the Special Applications feature - either “Enable” or “Disable”.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 If the "Restore Default Value" button on this screen is clicked: All your current settings will be erased. The default IP address, password and ALL other settings will be restored to the factory default values. The DCHP server function will be enabled. These changes mean that your prior configuration is invalid, and you will have to re-connect to the Dual WAN VPN Firewall using its default IP address (192.168.1.1).
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix A Specifications Model Dimensions Operating Temperature HotBrick VPN 1400/2 Dual WAN Firewall 120mm (W) x 427mm (D) x 43.4mm (H) 0° C to 40° C Storage Temperature -10° C to 70° C Network protocol TCP/IP Protocol: Network Interfaces 16 Ethernet: 14 * 10/100BaseT (RJ45) auto-Switching Hub ports for LAN devices 2 * 10/100BaseT (RJ45) for WAN LEDs 14 LAN 2 WAN 2 Status 1 Power Power Input AC 110V-230V @ 0.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix B Windows TCP/IP Setup Overview TCP/IP Settings If using the default Load Balancer settings, and the default Windows 95/98/ME/2000 settings, no changes need to be made. By default, the Dual WAN VPN Firewall will act as a DHCP Server, automatically providing a suitable IP Address (and related information) to each PC when the PC boots. For all non-Server versions of Windows, the default TCP/IP setting is to act as a DHCP client.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Ensure your TCP/IP settings are correct, as follows: Using DHCP To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows settings. Restart your PC to ensure it obtains an IP Address from the VPN 1400/2 Firewall Router.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 On the DNS Configuration tab, ensure Enable DNS is selected. If the DNS Server Search Order list is empty, enter the DNS address provided by your ISP in the fields beside the Add button, then click Add. Checking TCP/IP Settings - Windows 2000: 6. Select Control Panel - Network and Dial-up Connection. Right click the Local Area Connection icon and select Properties.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Figure B-6: TCP/IP Properties (Win 2000) Ensure your TCP/IP settings are correct. Using DHCP To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows setting. Restart your PC to ensure it obtains an IP Address from the Dual WAN VPN Firewall.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Checking TCP/IP Settings - Windows XP: 7. Select Control Panel - Network Connection. Right click the Local Area Connection and choose Properties. You should see a screen like the following: Figure B-7: Network Configuration (Windows XP) Select the TCP/IP protocol for your network card. Click on the Properties button.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Figure B-8: TCP/IP Properties (Windows XP) Ensure your TCP/IP settings are correct. Using DHCP To use DHCP, select the radio button obtain an IP Address automatically. This is the default Windows setting. Restart your PC to ensure it obtains an IP Address from the Multi-WAN VPN Link Balancer. Using a fixed IP Address ("Use the following IP Address") If your PC is already configured, check with your network administrator before making the following changes.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix C Troubleshooting Overview This chapter covers some common problems that may be encountered while using the Dual WAN VPN Firewall and some possible solutions for them. If you follow the suggested steps and the Dual WAN VPN Firewall still does not function properly, contact your dealer for further advice. General Problems Problem : Can't connect to the Dual WAN VPN Firewall to configure it.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix D : IPSec Tunnel Examples VPN Configuration – Examples Tunnel to HotBrick Unit The HotBrick units in the following example use registered IP addresses. You have to replace these addresses with IP addresses that are available to you. These settings are only possible if you have a static IP address available on one or both of your WAN ports. This example takes a tunnel between a VPN 1400/2 and a LB-2 VPN.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 First we will make settings in the VPN 1400/2 Next we will make settings for the LB-2 VPN Note : you need different subnets at both ends of the tunnel. This is because the IPSec tunnel will connect the two subnets so they need to be different in order to avoid IP address conflicts. These are all the settings you need to setup the tunnel.
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 76