User Guide
Page 6
...your own firewall rules. Package Contents The following items should be created. • High performance. DoS (Denial of the above items are filtered, thus protecting your dealer immediately. 3 Up to 70 VPN tunnels ...TW100-BRV304 Unit • Power Adapter • Quick Installation Guide • CD-ROM containing the on-line manual. All incoming data packets are monitored and all incoming server requests are damaged or missing, please contact your network from malicious attacks from external sources. • Protection against DoS attacks. • Rule-based Policy Firewall...
...your own firewall rules. Package Contents The following items should be created. • High performance. DoS (Denial of the above items are filtered, thus protecting your dealer immediately. 3 Up to 70 VPN tunnels ...TW100-BRV304 Unit • Power Adapter • Quick Installation Guide • CD-ROM containing the on-line manual. All incoming data packets are monitored and all incoming server requests are damaged or missing, please contact your network from malicious attacks from external sources. • Protection against DoS attacks. • Rule-based Policy Firewall...
User Guide
Page 10
... cannot use Microsoft networking or other networking protocols to connect to PCs on the DMZ. • PCs connected to launch an attack on the TW100-BRV304. If the Server is a normal port, not an "uplink" port. • PCs connected to the DMZ port are NOT visible to the...and LAN passes through the firewall. They must add the firewall rule manually. 7 If it stays on the hub (LAN) ports. So you must use a standard cable. 4. Using a different one may cause hardware damage 5. Connect WAN Cable Connect the DSL or Cable modem to the TW100-BRV304 and power up. Use ...
... cannot use Microsoft networking or other networking protocols to connect to PCs on the DMZ. • PCs connected to launch an attack on the TW100-BRV304. If the Server is a normal port, not an "uplink" port. • PCs connected to the DMZ port are NOT visible to the...and LAN passes through the firewall. They must add the firewall rule manually. 7 If it stays on the hub (LAN) ports. So you must use a standard cable. 4. Using a different one may cause hardware damage 5. Connect WAN Cable Connect the DSL or Cable modem to the TW100-BRV304 and power up. Use ...
User Guide
Page 18
... Internet access. MAC Address MAC Address Also called Network Adapter Address or Physical Address. If disabled, you wish an idle connection to establish the connection manually, using PPTP or Big Pond Cable, enter the IP address of the PC initially used , and enter the required data. • PPPoE - Setup Login Login...
... Internet access. MAC Address MAC Address Also called Network Adapter Address or Physical Address. If disabled, you wish an idle connection to establish the connection manually, using PPTP or Big Pond Cable, enter the IP address of the PC initially used , and enter the required data. • PPPoE - Setup Login Login...
User Guide
Page 32
...Cable modem, or other permanent connection is now completed. Control Panel - Cancel the pop-up my connection manually" and click Next. 8. Check "Connect using the "TW100-BRV304 " location. 29 Click Finish to configure your Internet Connection. 3. Select TCP/IP for Windows communication software...connection. Network and Internet Connections. 2. For Windows 9x/ME/2000 1. BRV304 ". • Click Edit Location. Click Next on " and click Next. 9. Ensure that you want to connect through the TW100-BRV304, the AOL for Windows software must be configured to close the New ...
...Cable modem, or other permanent connection is now completed. Control Panel - Cancel the pop-up my connection manually" and click Next. 8. Check "Connect using the "TW100-BRV304 " location. 29 Click Finish to configure your Internet Connection. 3. Select TCP/IP for Windows communication software...connection. Network and Internet Connections. 2. For Windows 9x/ME/2000 1. BRV304 ". • Click Edit Location. Click Next on " and click Next. 9. Ensure that you want to connect through the TW100-BRV304, the AOL for Windows software must be configured to close the New ...
User Guide
Page 33
...; Ensure your DNS settings are correct. If you wish to continue using manually assigned IP addresses instead of DHCP, the required changes are: • Set the Router Address field to the IP Address of the TW100-BRV304. • Ensure your DNS (Name server) settings are correct. Other... Unix Systems To access the Internet via the TW100-BRV304. TW100-BRV304 User Guide Macintosh Clients From your Macintosh, you can...
...; Ensure your DNS settings are correct. If you wish to continue using manually assigned IP addresses instead of DHCP, the required changes are: • Set the Router Address field to the IP Address of the TW100-BRV304. • Ensure your DNS (Name server) settings are correct. Other... Unix Systems To access the Internet via the TW100-BRV304. TW100-BRV304 User Guide Macintosh Clients From your Macintosh, you can...
User Guide
Page 37
... Update the data on Demand Manual connection Reset physical connection Connecting to remote server Remote Server located Start PPP PPP up successfully Idle time-out reached Disconnecting Error: Remote Server not found Error: PPP Connection failed Error: Connection to your ISP. Able to login to the Server. TW100-BRV304 User Guide Buttons Connect...
... Update the data on Demand Manual connection Reset physical connection Connecting to remote server Remote Server located Start PPP PPP up successfully Idle time-out reached Disconnecting Error: Remote Server not found Error: PPP Connection failed Error: Connection to your ISP. Able to login to the Server. TW100-BRV304 User Guide Buttons Connect...
User Guide
Page 41
...IP Address from the ISP's DHCP Server. • If an IP Address has been allocated to manually renew the lease immediately. DNS IP Address The IP Address of the remote Gateway or Router associated with the IP Address above is allocated automatically on connection. (Dynamic IP address). If "Enabled... Fixed (Static) IP address, this button has no effect. • If the ISP's DHCP Server has NOT allocated an IP Address for the TW100-BRV304, this device is only useful if the IP address shown above . Buttons Release/Renew Button will say "Renew". DHCP Client This will break the...
...IP Address from the ISP's DHCP Server. • If an IP Address has been allocated to manually renew the lease immediately. DNS IP Address The IP Address of the remote Gateway or Router associated with the IP Address above is allocated automatically on connection. (Dynamic IP address). If "Enabled... Fixed (Static) IP address, this button has no effect. • If the ISP's DHCP Server has NOT allocated an IP Address for the TW100-BRV304, this device is only useful if the IP address shown above . Buttons Release/Renew Button will say "Renew". DHCP Client This will break the...
User Guide
Page 42
...the hardware address seen by Internet users. Fixed/Dynamic IP address Screen Internet Physical Address The hardware address of the remote Gateway or Router associated with the IP Address above . Network Mask The Network Mask associated with the IP Address above . If "Enabled" the ..."Remaining lease time" field indicates when the IP Address allocated by your access method is different to manually renew the lease immediately. Buttons Release/Renew Button will show "Enabled" or "Disabled", depending on expiry; Fixed/Dynamic IP Address If ...
...the hardware address seen by Internet users. Fixed/Dynamic IP address Screen Internet Physical Address The hardware address of the remote Gateway or Router associated with the IP Address above . Network Mask The Network Mask associated with the IP Address above . If "Enabled" the ..."Remaining lease time" field indicates when the IP Address allocated by your access method is different to manually renew the lease immediately. Buttons Release/Renew Button will show "Enabled" or "Disabled", depending on expiry; Fixed/Dynamic IP Address If ...
User Guide
Page 45
...not function correctly because they are supported transparently by clicking the Special Applications button on the advanced menu. • For each change; If this problem arises, you can use non-...manually, using the "PC Database" option on the Advanced Internet screen. Special Applications Screen This screen can define the application as described below. you can be reached by the TW100-BRV304. But sometimes it is normally available from the client (PC) viewpoint 42 TW100-BRV304 User Guide Communication Applications Most applications are blocked by the TW100-BRV304 's firewall...
...not function correctly because they are supported transparently by clicking the Special Applications button on the advanced menu. • For each change; If this problem arises, you can use non-...manually, using the "PC Database" option on the Advanced Internet screen. Special Applications Screen This screen can define the application as described below. you can be reached by the TW100-BRV304. But sometimes it is normally available from the client (PC) viewpoint 42 TW100-BRV304 User Guide Communication Applications Most applications are blocked by the TW100-BRV304 's firewall...
User Guide
Page 52
... menu. Virtual Servers Screen Servers Servers Properties This lists a number of the selected Server are shown in the "Properties" area. The PC must add the firewall rule manually. Note that the DMZ port is connected to the standard port on your LAN. • For each enabled Virtual Server...
... menu. Virtual Servers Screen Servers Servers Properties This lists a number of the selected Server are shown in the "Properties" area. The PC must add the firewall rule manually. Note that the DMZ port is connected to the standard port on your LAN. • For each enabled Virtual Server...
User Guide
Page 71
... at the packet level, and authenticates and encrypts all keys and IDs (SPIs) must be entered manually, and Certificates can use with IPSec: • Transport Mode - The TW100-BRV304 always uses Tunnel Mode. This is a near-ubiquitous VPN security standard, designed for the IKE connection as well as the IPsec connection. Any application can...
... at the packet level, and authenticates and encrypts all keys and IDs (SPIs) must be entered manually, and Certificates can use with IPSec: • Transport Mode - The TW100-BRV304 always uses Tunnel Mode. This is a near-ubiquitous VPN security standard, designed for the IKE connection as well as the IPsec connection. Any application can...
User Guide
Page 75
... that the order of the selected policy. This will be empty. VPN Policies Screen To view this screen, select VPN Policies from the VPN menu. TW100-BRV304 User Guide VPN Configuration This section covers the configuration required on the TW100-BRV304 when using Certificates are covered in a later section. Use the ...section for details. When creating a policy, you have more than one policy for the traffic under consideration) will indicate "Manual" (manual key exchange) or "IKE" (Internet Key Exchange) Add To add a new policy, click the "Add" button. This screen lists all existing...
... that the order of the selected policy. This will be empty. VPN Policies Screen To view this screen, select VPN Policies from the VPN menu. TW100-BRV304 User Guide VPN Configuration This section covers the configuration required on the TW100-BRV304 when using Certificates are covered in a later section. Use the ...section for details. When creating a policy, you have more than one policy for the traffic under consideration) will indicate "Manual" (manual key exchange) or "IKE" (Internet Key Exchange) Add To add a new policy, click the "Add" button. This screen lists all existing...
User Guide
Page 77
... not supplied to help you are possible. • Fixed. Select this if the Internet IP address is recommended. 2. Keys Select Manually assigned or IKE (Internet Key Exchange) as required. Select this case, only incoming connections are setting up both endpoints, using IKE ... Enter a suitable name. You will see a screen like the following: 74 TW100-BRV304 User Guide Figure 49: VPN Wizard - This name is used only to the remote VPN. Remote VPN Endpoint The Internet IP address of the remote VPN endpoint (Gateway or client). • Dynamic. Click Next to continue. In ...
... not supplied to help you are possible. • Fixed. Select this if the Internet IP address is recommended. 2. Keys Select Manually assigned or IKE (Internet Key Exchange) as required. Select this case, only incoming connections are setting up both endpoints, using IKE ... Enter a suitable name. You will see a screen like the following: 74 TW100-BRV304 User Guide Figure 49: VPN Wizard - This name is used only to the remote VPN. Remote VPN Endpoint The Internet IP address of the remote VPN endpoint (Gateway or client). • Dynamic. Click Next to continue. In ...
User Guide
Page 79
The screen you will see depends on whether you previously selected "Manual Key Exchange" or "IKE". Manual Key Exchange 76 Manual Key Exchange Figure 51: VPN Wizard - TW100-BRV304 User Guide Remote IP addresses Type • Single address - enter the desired IP address in the "Start IP address" field, and the ... the starting IP address in the "Start IP address" field, and the finish IP address in the "Subnet Mask" field. The remote VPN should have these IP addresses entered as it's "Local" addresses. 3. enter an IP address in the "Start IP address" field. • Range address...
The screen you will see depends on whether you previously selected "Manual Key Exchange" or "IKE". Manual Key Exchange 76 Manual Key Exchange Figure 51: VPN Wizard - TW100-BRV304 User Guide Remote IP addresses Type • Single address - enter the desired IP address in the "Start IP address" field, and the ... the starting IP address in the "Start IP address" field, and the finish IP address in the "Subnet Mask" field. The remote VPN should have these IP addresses entered as it's "Local" addresses. 3. enter an IP address in the "Start IP address" field. • Range address...
User Guide
Page 80
... Generally, you will want to exit the Wizard. 77 Keys • The "in" key here must match the "out" key on the remote VPN, and the "out" key here must match the remote VPN. For Manual Key Exchange, configuration is not enabled, the following settings can be in " key on the remote... VPN. • Keys can be 40 hex/20 ASCII characters. VPN These settings must match the "in ASCII or Hex (0..9 A..F) • For MD5, the keys ...
... Generally, you will want to exit the Wizard. 77 Keys • The "in" key here must match the "out" key on the remote VPN, and the "out" key here must match the remote VPN. For Manual Key Exchange, configuration is not enabled, the following settings can be in " key on the remote... VPN. • Keys can be 40 hex/20 ASCII characters. VPN These settings must match the "in ASCII or Hex (0..9 A..F) • For MD5, the keys ...