Billion 30 - Manual

5 2.6.1 General VPN Setup 2.6.2 VPN Planning - Fail Over 2.6.3 Concentrator Chapter 3: Getting Started 3.1 Overview 3.2 Before You Begin 3.3 Connecting Your Router 3.4 Configuring PCs for TCP/IP Networking 3.4.1 Overview 3.4.2 Windows XP 3.4.2.1 Configuring 3.4.2.2 Verifying Settings 3.4.3 Windows 2...

7 4.4.4.8 Email Alert 4.4.5 Firewall 4.4.5.1 Packet Filter 4.4.5.2 URL Filter 4.4.5.3 LAN MAC Filter 4.4.5.4 Block WAN Request 4.4.5.5 Intrusion Detection 4.4.6 VPN 4.4.6.1 IPSec 4.4.6.1.1 IPSec Wizard 4.4.6.1.2 IPSec Policy 4.4.6.2 PPTP 4.4.7 QoS 4.4.8 Virtual Server 4.4.8.1 DMZ 4.4.8.2 Port Forwar...

8 5.2.3.3 Java Permissions 5.3 WAN Interface 5.3.1 Can’t Get WAN IP Address from the ISP 5.4 ISP Connection 5.5 Problems with Date and Time 5.6 Restoring Factory Defaults Appendix A: Product Specifications Appendix B: Customer Support Appendix C: FCC Interference Statement Appendix D: Network, Routi...

11 Chapter 1: Introduction 1.1 Overview Congratulations on purchasing BiGuard 30 Router from Billion. Combining a router with an Ethernet network switch, BiGuard 30 is a state-of-the-art device that provides everything you need to get your network connected to the Internet over your Cable or DSL con...

13 LED Function Power A solid light indicates a steady connection to a power source. Status A blinking light indicates the device is writing to flash memory. LAN 1 – 8 Lit when connected to an Ethernet device. 10/100M : Lit green when connected at 100Mbps. Not lit when connected at 10Mbps. Link/ACT:...

14 Port Function 1 RESET To reset the device and restore factory default settings, after the device is fully booted, press and hold RESET until the Status LED begins to blink. 2 WAN2 WAN2 10/100M Ethernet port (with auto crossover support); connect xDSL/Cable modem here. 3 WAN1 WAN1 10/100M Ethernet...

16 Chapter 2: Router Applications 2.1 Overview Your BiGuard 30 router is a versatile device that can be configured to not only protect your network from malicious attackers, but also ensure optimal usage of available bandwidth with Quality of Service (QoS) and both Inbound and Outbound Load Balancin...

17 2.2.2 QoS Policies for Different Applications By setting different QoS policies according to the applications you are running, you can use BiGuard 30 to optimize the bandwidth that is being used on your network. As illustrated in the diagram above, applications such as Voiceover IP (VoIP) require...

21 DiffServ (a.k.a. DSCP Marking) allows you to classify traffic based on IP DSCP values. Other interfaces can match traffic based on the DSCP markings. DSCP markings are used to decide how packets should be treated, and is a useful tool to give precedence to varying types of data. 2.2.8 DSCP (Match...

22 In the above example, PC 1 (IP_192.168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_230.100.100.1) on BiGuard 30. Should WAN1 fail, Outbound Fail Over tells BiGuard 30 to reroute outgoing traffic to WAN2 (IP_213.10.10.2). Configuring your BiGuard 30 for Outbound Fail ...

23 In the above example, PC 1 (IP_192.168.2.2) and PC 2 (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_230.100.100.1) and WAN2 (IP_213.10.10.2) on BiGuard 30. You can configure BiGuard 30 to balance the load of each WAN port with one of two mechanisms: 1. Session (by session/by traffic/...

27 In the above example, an FTP Server (IP_192.168.2.2) and an HTTP Server (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_200.200.200.1) on BiGuard 30. A remote computer is trying to access these servers via the Internet, and makes a DNS request. The DNS request ( www.mydomain.com ) wil...

28 In the above example, an FTP server (IP_192.168.2.2) and an HTTP server (IP_192.168.2.3) are connected to the Internet via WAN1 (IP_200.200.200.1) and WAN2 (IP_100.100.100.1) on BiGuard 30. Remote PCs are attempting to access the servers via the Internet by making a DNS request, entering a URL (w...

29 In the example above, the client is making a DNS request. The request is sent to the DNS server of BiGuard 30 through WAN2 (1). WAN2 will route this request to the embedded DNS server of BiGuard 30 (2). BiGuard 30 will analyze the bandwidth of both WAN1 and WAN2 and decide which WAN IP to reply t...

30 The following section discusses Virtual Private Networking with BiGuard 30. 2.6.1 General VPN Setup There are typically three different VPN scenarios. The first is a Gateway to Gateway setup, where two remote gateways communicate over the Internet via a secure tunnel. The next type of VPN setup i...

33 Chapter 3: Getting Started 3.1 Overview BiGuard 30 is designed to be a powerful and flexible network device that is also easy to use. With an intuitive web-based configuration, BiGuard 30 allows you to administer your network via virtually any Java-enabled web browser and is fully compatible with...

34 password for security reason. 4. Prepare to physically connect BiGuard 30 to Cable or DSL modems and a computer. Be sure to also review the Safety Warnings located in the preface of this manual before working with your BiGuard 30. 3.3 Connecting Your Router Connecting BiGuard 30 is an easy three-...

35 3.4 Configuring PCs for TCP/IP Networking Now that your BiGuard 30 is connected properly to your network, it’s time to configure your networked PCs for TCP/IP networking. In order for your networked PCs to communicate with your router, they must have the following characteristics: 1. Have a prope...

36 - Mac OS 7 and later If you are using Windows 3.1, you must purchase a third-party TCP/IP application package. Any TCP/IP capable workstation can be used to communicate with or through BiGuard 30. To configure other types of workstations, please consult the manufacturer’s documentation. 3.4.2 Win...

37 3. Select Internet Protocol (TCP/IP) and click Properties . 4a. To have your PC obtain an IP address automatically, select the Obtain an IP

39 3.4.2.2 Verifying Settings To verify your settings using a command prompt: 1. Click Start > Programs > Accessories > Command Prompt . 2. In the Command Prompt window, type ipconfig and then press ENTER . If you are using BiGuard 30’s default settings, your PC should have:

41 2. Right click one of the network connections listed and select Status from the pop-up menu. 3. Click the Support tab.

44 4. In the Local Area Connection window, click Properties . 5. Select Internet Protocol (TCP/IP) and click Properties .

46 7. Click OK to finish the configuration. 3.4.3.2 Verifying Settings 1. Click Start > Programs > Accessories > Command Prompt .

48 3.4.4 Windows 98 / Me 3.4.4.1 Installing Components To prepare Windows 98/Me PCs for TCP/IP networking, you may need to manually install TCP/IP on each PC. To do this, follow the steps below. Be sure to have your Windows CD handy, as you may need to insert it during the installation process. 1. O...

53 b. Select Client , then click Add . c. Select Microsoft . Æ Client for Microsoft Networks , and then click OK . 3. Restart your PC to apply your changes. 3.4.4.2 Configuring 1. Select Start > Settings > Control Panel .

54 2. In the Control Panel, double-click Network and choose the Configuration tab.

55 3. Select TCP / IP > ASUSTek or the name of any Network Interface Card (NIC) in your PC and click Properties . 4. Select the IP Address tab and click the Obtain an IP address automatically radio button.

56 5. Select the DNS Configuration tab and select the Disable DNS radio button. 6. Click OK to apply the configuration.

57 3.4.4.3 Verifying Settings To check the TCP/IP configuration, use the winipcfg.exe utility: 1. Select Start > Run . 2. Type winipcfg , and then click OK. 3. From the drop-down box, select your Ethernet adapter.

59 ISP setting in WAN site: Obtain an IP Address automatically (DHCP Client) DHCP server: DHCP server is enabled. Start IP Address: 192.168.1.100 End IP Address: 192.168.1.199 3.5.1 User Name and Password The default user name and password are "admin" and "admin" respectively. If you...

60 Before configuring this device, you have to check with your ISP (Internet Service Provider) to find out what kind of service is provided such as DHCP, Static IP, PPPoE, or PPTP. The following table outlines each of these protocols: DHCP Configure this WAN interface to use DHCP client protocol to ...

63 5. If an IP address , subnet mask and a Default gateway are shown, write down the information. If no address is present, your account’s IP address is dynamically assigned. Click the Obtain an IP address automatically radio button. 6. If any DNS server addresses are shown, write them down. Click t...

64 server address automatically radio button. 7. Click OK to save your changes.

65 3.7 Web Configuration Interface BiGuard 30 includes a Web Configuration Interface for easy administration via virtually any browser on your network. To access this interface, open your web browser, enter the IP address of your router, which by default is 192.168.1.254, and click Go . A user name ...

67 access the page after a user-defined period (5 minutes by default). The following sections will show you how to configure your router using the Web Configuration Interface. 4.2 Status The Status menu displays the various options that have been selected and a number of statistics about your BiGuar...

68 No.: Number of the list. IP Address: A list of IP addresses of devices on your LAN. MAC Address: The Media Access Control (MAC) addresses for each device on your LAN. Interface: The interface name (on the router) that this IP address connects to. Static: Static status of the ARP table entry. NO i...

70 your network via Dynamic Host Configuration Protocol (DHCP). No.: Number of the list. IP Address: A list of IP addresses of devices on your LAN. Device Name: The host name (computer name) of the client. MAC Address: The MAC address of client. 4.2.5 IPSec Status The IPSec Status window displays th...

72 WAN1: Transmitted (Tx) and Received (Rx) bytes and packets for WAN1. WAN2: Transmitted (Tx) and Received (Rx) bytes and packets for WAN2. Display: Allows you to change the units of measurement for the traffic graph. 4.2.8 System Log This window displays BiGuard 30’s System Log entries. Major even...

73 Refresh: Refresh the IPSec Log. Clear Log: Clear the IPSec Log. Send Log: Send IPSec Log to your email account. You can set the email address in Configuration > System > Email Alert . See the Email Alert section for more details. Please refer to Appendix F: IPSec Log Events for more informa...

76 Username: Enter your user name. Password: Enter your password. Retype Password: Retype your password. Login Server: Enter the IP of the Login server provided by your ISP. Click Apply to save your changes. To reset to defaults, click Reset . For detailed instructions on configuring WAN settings, p...

77 4.4.1 LAN There are three items within this section: Ethernet , DHCP Server and LAN Address Mapping. 4.4.1.1 Ethernet IP Address: Enter the internal LAN IP address for BiGuard 30 (192.168.1.254 by default). Subnet Mask: Enter the subnet mask (255.255.255.0 by default). RIP: RIP v2 Broadcast and R...

78 4.4.1.2 DHCP Server In this menu, you can disable or enable the Dynamic Host Configuration Protocol (DHCP) server. The DHCP protocol allows your BiGuard 30 to dynamically assign IP addresses to PCs on your network if they are configured to automatically obtain IP addresses. To disable the router’...

79 Name: Enter the name you want to give for the IP+Mac Address Fixed Host account. Active: Select whether you want to Enable or Disable this particular Fixed Host account. IP Address: Enter the IP address that you want to reserve for the above MAC address. MAC Address: Enter the MAC address of the ...

80 Please click Create to create a LAN Address Mapping rule. Name: Please input the name of the rule. IP Address: Please input the LAN Gateway IP Address you would like to use. Netmask: Please input the Netmask you would like to use. WAN IP Address: Please click Candidates to select the WAN IP addre...

88 bandwidth for each WAN port. WAN1: Enter your ISP inbound and outbound bandwidth for WAN1. WAN2: Enter your ISP inbound and outbound bandwidth for WAN2. NOTE: These values entered here are referenced by both QoS and Load Balancing functions. 4.4.2.3 WAN IP Alias WAN IP Alias allows you to input a...

89 Name: Please input the name of the rule. IP Address: Please input the additional WAN IP address you would like to use. Interface: Please select the WAN Interface that you would like to add the additional WAN IP to. Click the Apply button to add the configuration into the WAN IP Alias. 4.4.3 Dual ...

94 To edit the Host Mapping URL list, click Edit . This will open the Host Mapping URL table, which lists the current Host Mapping URLs. To add a host mapping URL to the list, click Create . Domain Name: The domain name of the local host. Host URL: The URL to be mapped. Private IP Address: The IP ad...

95 Port Range: The port range of all incoming packets are accepted and processed by a local host with the specified private IP address. Candidates: You can also select the Candidates which are referred from the ARP table for automatic input. Name1: The Alias Host URL Name2: The Alias Host URL Click ...

100 functionality, better reliability, and ensure trouble-free operation. To upgrade your firmware, simply visit Billion’s website ( http://www.billion.com ) and download the latest firmware image file for BiGuard 30. Next, click Browse and select the newly downloaded firmware file. Click Upgrade to...

101 To restore a previously saved backup file, click Browse . You will be prompted to select a file from your PC to restore. Be sure to only restore setting files that have been generated by the Backup function, and that were created when using the same firmware version. Settings files saved to your...

107 The URL Filter is a powerful tool that can be used to limit access to certain URLs on the Internet. You can block web sites based on keywords or even block out an entire domain. Certain web features can also be blocked to grant added security to your network. URL Filtering: You can choose to Ena...

109 Enter a name for the IP Address and then enter the IP address itself. Click Apply to save your changes. The IP address will be entered into the Exception List, and excluded from the URL filtering rules in effect. 4.4.5.3 LAN MAC Filter LAN Mac Filter can decide that BiGuard will serve those devi...

110 Create: You can also input a specified MAC Address to be dropped or Forward without depending on the default rule. Rule: Enable or disable this entry. Action When Matched: Select to Drop or Forward the packet specified in this filter entry. MAC Address: The MAC Address you would like to apply. C...

111 Blocking WAN requests is one way to prevent DDOS attacks by preventing ping requests from the Internet. Use this menu to enable or disable function. 4.4.5.5 Intrusion Detection Intrusion Detection can prevent most common DoS attacks from the Internet or from LAN users. Intrusion Detection : Enab...

112 Limit Maximum sessions per IP to (with reject and drop options): Just like the previous option, this option expands on what to do with additional sessions above the maximum limit. You can either reject the additional sessions for a period of time or just drop all packets from those sessions for ...

117 VPN Client IP Address: The VPN Client Address for BiGuard VPN Client, this value will be applied on both remote ID and Remote Network as single address. Back: Back to the Previous page. Next: Go to the next page. After your configuration is done, you will see a Configuration Summary . Back: Back...

118 4.4.6.1.2 IPSec Policy Click Create to create a new IPSec VPN connection account. Configuring a New VPN Connection

119 Connection Name: A user-defined name for the connection. Tunnel: Select Enable to activate this tunnel. Select Disable to deactivate this tunnel. Interface: Select the interface the IPSec tunnel will apply to. WAN1: Select interface WAN1 WAN2: Select interface WAN2 Auto: The device will automati...

122 negotiation time. Diffie-Hellman is a public-key cryptography protocol that allows two parties to establish a shared secret over the Internet. Pre-shared Key: This is for the Internet Key Exchange (IKE) protocol. IKE is used to establish a shared security policy and authenticated keys for servic...

123 Local Subnet: Displays IP address and subnet of the local network. Remote Subnet: Displays IP address and subnet of the remote network. Remote Gateway: This is the IP address or Domain Name of the remote VPN device that is connected and has an established IPSec tunnel. IPSec Proposal: This is th...

126 Creating a New QoS Rule To get started using QoS, you will need to establish QoS rules. These rules tell BiGuard 30 how to handle both incoming and outgoing traffic. The following example shows you how to configure WAN1 Outbound QoS. Configuring the other traffic types follows the same process. ...

129 ports to the PC on your network running the application. You will also need to use port forwarding if you want to host an online game server. The reason for this is that when using NAT, your publicly accessible IP address will be used by and point to your router, which then needs to deliver all ...

130 table for automatic input. Select the Apply button to apply your changes. 4.4.8.2 Port Forwarding Table Because NAT can act as a "natural" Internet firewall, your router protects your network from being accessed by outside users, as all incoming connection attempts will point to your rou...

134 You will first need to register and establish an account with the Dynamic DNS provider using their website, Example: DYNDNS http://www.dyndns.org/ (BiGuard 30 supports several Dynamic DNS providers , such as www.dyndns.org , www.orgdns.org , www.dhs.org , www.dyns.cx , www.3domain.hk , www.dyndn...

135 4.4.9.3 Device Management The Device Management Advanced Configuration settings allow you to control your router’s security options and device monitoring features. Device Name Name: Enter a name for this device. Web Server Settings HTTP Port: This is the port number the router’s embedded web ser...

138 Tagged Member port(s): Please check the interface that you would like to use in this VLAN ID group. Untagged Member port(s): Please check the interface that you would like to use in this VLAN ID group. Click Apply to add this rule. 4.5 Save Configuration To Flash After changing the router’s conf...

140 or workstation. - Make sure that power is turned on to the connected hub or workstation. - Be sure you are using the correct cable. When connecting the firewall’s Internet port to a cable or DSL modem, use the cable that was supplied with the cable or DSL modem. This cable could be a standard st...

141 - Check the 10/100 LAN LEDs on BiGuard 30’s front panel. One of these LEDs should be on. If they are both off, check the cables between BiGuard 30 and the hub or PC. - Check the corresponding LAN LEDs on your PC’s Ethernet device are on. - Make sure that driver software for your PC’s Ethernet ad...

142 3. Make sure that the Delete All Offline Content checkbox is checked, and click OK . 4. Click OK under Internet Options to close the dialogue. - In Windows, type arp –d at the command prompt to clear you computer’s ARP table.

145 4. Click OK to close the dialogue. NOTE: If Java from Sun Microsystems is installed, scroll down to Java (Sun) and ensure that the checkbox is filled. 5.3 WAN Interface If you are having problems with the WAN Interface, refer to the tips below. 5.3.1 Can’t Get WAN IP Address from the ISP If the ...

147 If an IP address can be obtained, but your PC cannot load any web pages from the Internet: - Your PC may not recognize DNS server addresses. Configure your PC manually with DNS addresses. - Your PC may not have the router correctly configured as its TCP/IP gateway. 5.5 Problems with Date and Tim...

148 Appendix A: Product Specifications Availability and Resilience - Dual-WAN ports - Load balancing for increased bandwidth of inbound and outbound traffic - Automatic failover to redirect the packet when one broadband connection is broken. It will keep your Internet connection always online whenev...

149 Firewall - Stateful Packet Inspection (SPI) and Denial of Service (DoS) prevention - Packet filter un-permitted inbound (WAN)/Inbound (LAN) Internet access by IP address, port number and packet type - Email alert and logs of attack - MAC Address Filtering - Intrusion detection Content Filtering ...

151 Appendix B: Customer Support Most problems can be solved by referring to the Troubleshooting section in the User’s Manual. If you cannot resolve the problem with the Troubleshooting chapter, please contact the dealer where you purchased this product. Contact Billion Worldwide http://www.billion....

152 Appendix C: FCC Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: - This device may not cause harmful interference. - This device must accept any interference received, including interference that may cause undesired oper...

155 from these ranges. D.1.2 Network Address Translation (NAT) Traditionally, multiple PCs that needed simultaneous Internet access also required a range of IP addresses from the Internet Service Provider (ISP). Not only was this method very costly, but the number of available IP addresses for PCs i...

161 E.2.1.2 Encapsulating Security Payload (ESP) Encapsulating Security Payload (ESP) provides privacy for data through encryption. An encryption algorithm combines the data with a key to encrypt it. It then repackages the data using a special format, and transmits it to the destination. The receive...

164 E.2.4 Tunnel Mode ESP Here is an example of a packet with ESP applied: E.2.5 Internet Key Exchange (IKE) Before either AH or ESP can be used, it is necessary for the two communication devices to exchange a secret key that the security protocols themselves will use. To do this, IPSec uses Interne...

166 Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories There are three major categories of IPSec Log Events for your BiGuard 30. These include: 1. IKE Negotiate Packet Messages 2. Rejected IKE Messages 3. IKE Negotiated Status Messages The table in the following section lists the diffe...

170 Appendix G: Bandwidth Management with QoS G.1 Overview In a home or office environment, users constantly have to transmit data to and from the Internet. When too many are accessing the Internet at the same time, service can slow to a crawl, causing service interruptions and general frustration. ...

173 Appendix H: Router Setup Examples H.1 Outbound Fail Over Step 1: Go to Configuration > WAN > ISP Settings . Select WAN1 and WAN2 and click Edit . Step 2: Configure WAN1 and WAN2 according to the information given by your ISP.

174 Step 3: Go to Configuration > Dual WAN > General Settings. Select the Fail Over radio button. Under Connectivity Decision, input the number of times BiGuard 30 should probe the WAN before deciding that the ISP is in service or not (3 by default). Next, input the duration of the probe cycle...

175 Please ensure the WAN ports are functioning by performing a ping operation on each before proceeding. Finally, choose whether or not BiGuard 30 should fail back to WAN1. Step 4: Click Save Config to save all changes to flash memory. H.2 Outbound Load Balancing With Outbound Load Balancing, you c...

176 Step 2: Configure your WAN2 ISP settings and click Apply . Step 3: Go to Configuration > Dual WAN > General Settings . Select the Load Balance radio button.

178 H.3 Inbound Fail Over Configuring your BiGuard 30 for Inbound Fail Over is a great way to ensure a more reliable connection for incoming requests. To do so, follow these steps: NOTE: Before you begin, ensure that both WAN1 and WAN2 have been properly configured. See Chapter 4: Router Configurati...

179 Step 2: Configure Fail Over options if necessary. Step 3: Go to Configuration > Advanced > Dynamic DNS . Set the WAN1 DDNS settings.

181 H.4 DNS Inbound Fail Over NOTE: Before proceeding, please ensure that both WAN1 and WAN2 are properly configured according to the settings provided by your ISP. If not, please refer to Chapter 4.2.2.1 ISP Settings for details on how to configure your WAN ports. Step 1: Go to Configuration > D...

183 Step 5: Click Save Config to save all changes to flash memory. H.5 DNS Inbound Load Balancing Step 1: Go to Configuration > Dual WAN > General Settings . Select the Load Built-in DNS 192.168.2.2 192.168.2.3 FTP HTTP 200.200.200.1 www.mydomain.com 200.200.200.1 Authoritative Domain Name Ser...

184 Balance radio button. Step 2: Go to Configuration > Dual WAN > Inbound Load Balance > Server Settings and configure DNS Server 1. Step 3: Go to Configuration > Dual WAN > Inbound Load Balance > Host URL

185 Mapping and configure your FTP mapping. Step 4: Next configure your HTTP mapping. Step 5: Click Save Config to save all changes to flash memory.

186 H.6 Dynamic DNS Inbound Load Balancing Step 1: Go to Configuration > WAN > Bandwidth Settings. Configure your WAN inbound and outbound bandwidth. www.billion2.dyndns.org Remote Access from Internet www.billion3.dyndns.org www.billion3.dyndns.org www.billion2.dyndns.org 192.168.2.2 192.168....

188 Step 4: Go to Configuration > Advanced > Dynamic DNS and input the dynamic DNS settings for WAN1 and WAN2. WAN1:

189 WAN 2: Step 5: Go to Configuration > Virtual Server and set up a virtual server for both FTP and HTTP.

190 Step 6: Click Save Config to save all changes to flash memory. H.7 VPN Configuration This section outlines some concrete examples on how you can configure BiGuard 30 for your VPN. H.7.1 LAN to LAN [

192 H.7.2 Host to LAN Single client Head Office Local ID IP Address IP Address Data 69.121.1.30 69.121.1.3 Network Any Local Address Any Local Address IP Address 0.0.0.0 192.168.1.0 Netmask 0.0.0.0 255.255.255.0 Remote Secure Gateway Address(or Hostname) 69.121.1.3 69.121.1.30 ID IP Address IP Addre...

193 Network Subnet Single Address IP Address 192.168.1.0 69.121.1.30 Netmask 255.255.255.0 255.255.255.255 Proposal IKE Pre-shared Key 12345678 12345678 Security Algorithm Main Mode; ESP: MD5 3DES PFS Main ESP MD5 3DES PFS H.8 IP Sec Fail Over (Gateway to Gateway) Before Fail Over After Fail Over 19...

196 H.9 VPN Concentrator Step 1: Go to Configuration > VPN > IPSec > IPSec Policy and configure the link from BiGuard 30 to BiGuard 10 Branch A. 100.100.100.1 200.200.200.1 192.168.2.x 192.168.3.x 201.201.201.1 192.168.4.x Local ID Type: Subnet Local subnet: 0.0.0.0 Local mask: 0.0.0.0 Remo...

198 Step 4: Go to Configuration > VPN > IPSec > IPSec Policy and configure the connection from BiGuard 10 Branch B to BiGuard 30. Step 5: Click Save Config to save all changes to flash memory. H.10 Protocol Binding Step 1: Go to Configuration > Dual WAN > General Settings. Select the ...

200 H.11 Intrusion Detection Intrusion Detection on Internet Internet Detected! Dropped BiGuard Safe!! Server Safe!! Hacker DoS Attack DoS Attack Hacker Hacker DoS Attack DoS Attack Step 1: Go to Configuration > Firewall > Intrusion Detection and Enable the settings. Step 2: Click Apply and th...

203 Step6: In Network Tasks , Click Create a new connection , and press Next. Step7: Select Connect to the network at my workplace and press Next .

204 Step8: Select Virtual Private Network connection and press Next . Step9: Input the user-defined name for this connection and press Next .

205 Step10: Input PPTP Server Address and press Next . Step11: Please press Finish .

206 Step12: Double click the connection, and input Username and Password that defined in BiGuard PPTP Account Settings . PS. You can also refer the Properties > Security page as below, by default.

207 H.13 PPTP Remote Access by BiGuard Internet Internet Internet Internet 100.100.100.1 Headquarter BiGuard &PPTP Server PPTP Tunnel Branch Office 200.200.200.1 BiGuard &PPTP Client Local subnet: 192.168.30.0Local mask: 255.255.255.0 Step1: Go to Configuration > VPN > PPTP and Enable ...

208 Step2: Click Create to create a PPTP Account. Step3: Click Apply , you can see the account is successfully created. Step4: Click Save Config to save all changes to flash memory.

209 Step5: In another BiGuard as Client, Go to Configuration > WAN > ISP Settings . Step6: Click Apply , and Save CONFIG .