Product Manual
Page 4
... Services Router User Manual Table of Contents Chapter 1. Configuring Your Network: LAN Setup 13 2.1 LAN Configuration 13 2.1.1 LAN Configuration in an IPv6 Network 35 Checking WAN Status 37 3.3 Bandwidth Controls 38 3.4 3.4.1 3.4.2 3.4.3 Features with PSK 57 RADIUS Authentication 58 4.3 Creating and Using Access Points 59 2 WAN Option 49 3.7 WAN 3 (3G) Configuration 49 3.8 WAN Port Settings 51 Chapter 4. Wireless Access Point Setup 53 4.1 4.1.1 4.1.2 4.1.3 Wireless Settings Wizard 53 Wireless Network Setup Wizard 54 Add Wireless Device with WPS 54 Manual...
... Services Router User Manual Table of Contents Chapter 1. Configuring Your Network: LAN Setup 13 2.1 LAN Configuration 13 2.1.1 LAN Configuration in an IPv6 Network 35 Checking WAN Status 37 3.3 Bandwidth Controls 38 3.4 3.4.1 3.4.2 3.4.3 Features with PSK 57 RADIUS Authentication 58 4.3 Creating and Using Access Points 59 2 WAN Option 49 3.7 WAN 3 (3G) Configuration 49 3.8 WAN Port Settings 51 Chapter 4. Wireless Access Point Setup 53 4.1 4.1.1 4.1.2 4.1.3 Wireless Settings Wizard 53 Wireless Network Setup Wizard 54 Add Wireless Device with WPS 54 Manual...
Product Manual
Page 5
... Web Filter ...83 5.9 IP/MAC Binding ...84 5.10 Intrusion Prevention (IPS 85 5.11 Protecting from Internet Attacks 86 Chapter 6. SSL VPN ...101 7.1 Groups and Users 103 7.1.1 Users and Passwords 109 7.2 Using SSL VPN Policies 110 7.2.1 Using Network Resources 113 7.3 Application Port Forwarding 114 7.4 SSL VPN Client Configuration 116 7.5 User Portal ...118 7.5.1 Creating Portal Layouts 119 Chapter 8. Unified Services Router User Manual 4.3.1 4.4 4.5 4.6 Primary benefits of Virtual APs 61 Tuning Radio Specific Settings 62 Advanced Wireless Settings 63 Wi-Fi Protected Setup...
... Web Filter ...83 5.9 IP/MAC Binding ...84 5.10 Intrusion Prevention (IPS 85 5.11 Protecting from Internet Attacks 86 Chapter 6. SSL VPN ...101 7.1 Groups and Users 103 7.1.1 Users and Passwords 109 7.2 Using SSL VPN Policies 110 7.2.1 Using Network Resources 113 7.3 Application Port Forwarding 114 7.4 SSL VPN Client Configuration 116 7.5 User Portal ...118 7.5.1 Creating Portal Layouts 119 Chapter 8. Unified Services Router User Manual 4.3.1 4.4 4.5 4.6 Primary benefits of Virtual APs 61 Tuning Radio Specific Settings 62 Advanced Wireless Settings 63 Wi-Fi Protected Setup...
Product Manual
Page 6
... Test LAN Connectivity 158 11.3.1 Testing the LAN path from your PC to your router 158 11.3.2 Testing the LAN path from your PC to E-mail or Syslog 135 Event Log Viewer in GUI 137 9.5 Backing up and Restoring Configuration Settings 138 9.6 Upgrading Router Firmware 139 9.7 Dynamic DNS Setup 140 9.8 9.8.1 9.8.2 9.8.3 9.8.4 Using Diagnostic Tools 141 Ping ...142 Trace Route ...142 DNS Lookup ...143 Router Options ...143 Chapter 10. Factory Default Settings 165 Appendix C. Standard Services Available for Port Forwarding & Firewall Configuration...
... Test LAN Connectivity 158 11.3.1 Testing the LAN path from your PC to your router 158 11.3.2 Testing the LAN path from your PC to E-mail or Syslog 135 Event Log Viewer in GUI 137 9.5 Backing up and Restoring Configuration Settings 138 9.6 Upgrading Router Firmware 139 9.7 Dynamic DNS Setup 140 9.8 9.8.1 9.8.2 9.8.3 9.8.4 Using Diagnostic Tools 141 Ping ...142 Trace Route ...142 DNS Lookup ...143 Router Options ...143 Chapter 10. Factory Default Settings 165 Appendix C. Standard Services Available for Port Forwarding & Firewall Configuration...
Product Manual
Page 10
...: Restoring configuration from the WAN 128 Figure 88: SNMP Users, Traps, and Access Control 129 Figure 89: SNMP system information for this router 130 Figure 90: Date, Time, and NTP server setup 131 Figure 91: Facility settings for Logging 133 Figure 92: Log configuration options for traffic through router 135 Figure 93: E-mail configuration as a Remote Logging option 136 Figure 94: Syslog server configuration for SSL Port Forwarding 116 Figure 77: SSL VPN client adapter and access configuration 117 Figure 78: Configured client routes...
...: Restoring configuration from the WAN 128 Figure 88: SNMP Users, Traps, and Access Control 129 Figure 89: SNMP system information for this router 130 Figure 90: Date, Time, and NTP server setup 131 Figure 91: Facility settings for Logging 133 Figure 92: Log configuration options for traffic through router 135 Figure 93: E-mail configuration as a Remote Logging option 136 Figure 94: Syslog server configuration for SSL Port Forwarding 116 Figure 77: SSL VPN client adapter and access configuration 117 Figure 78: Configured client routes...
Product Manual
Page 13
... branch office connectivity through encrypted virtual links. o Model numbers DSR-500/500N/1000/1000N/250/250N GUI Menu Path/GUI Navigation - The DSR-250/250N, DSR-500/500N and DSR-1000/1000N support 25, 35 and 75 simultaneous IPSec VPN tunnels respectively. Efficient D-Link Green Technology As a concerned member of the global community, D-Link is a high level manual to allow new D-Link Unified Services Router users to configure connectivity, setup VPN tunnels, establish firewall rules...
... branch office connectivity through encrypted virtual links. o Model numbers DSR-500/500N/1000/1000N/250/250N GUI Menu Path/GUI Navigation - The DSR-250/250N, DSR-500/500N and DSR-1000/1000N support 25, 35 and 75 simultaneous IPSec VPN tunnels respectively. Efficient D-Link Green Technology As a concerned member of the global community, D-Link is a high level manual to allow new D-Link Unified Services Router users to configure connectivity, setup VPN tunnels, establish firewall rules...
Product Manual
Page 15
... user interface (GUI) for management by using a DNS server, you are manually configuring the network settings of all DHCP clients receive the DNS IP addresses of the browser to access the router's management UI. 2.1 LAN Configuration Setup > Network Settings > LAN Configuration By default, the router functions as a proxy for wireless clients. Each pool address is tested before it is the equivalent of using any web browser, such as addresses for the LAN. DHCP relay can also enable DNS proxy for DNS servers, Windows Internet Name Service (WINS) servers, and the default gateway...
... user interface (GUI) for management by using a DNS server, you are manually configuring the network settings of all DHCP clients receive the DNS IP addresses of the browser to access the router's management UI. 2.1 LAN Configuration Setup > Network Settings > LAN Configuration By default, the router functions as a proxy for wireless clients. Each pool address is tested before it is the equivalent of using any web browser, such as addresses for the LAN. DHCP relay can also enable DNS proxy for DNS servers, Windows Internet Name Service (WINS) servers, and the default gateway...
Product Manual
Page 21
RADVD Advanced > IPv6 > IPv6 LAN > Router Advertisement To support stateless IPv6 auto configuration on the LAN, set this maximum transmission unit (MTU) value for all interfaces in the multicast group. To restrict RA's to Enable. If the Other flag is selected the host uses administered/stateful protocol for stateless auto configuration of the IPv6 LAN. The default is required for non-address auto configuration. Router Preference: this router, the DSR will listen on this...
RADVD Advanced > IPv6 > IPv6 LAN > Router Advertisement To support stateless IPv6 auto configuration on the LAN, set this maximum transmission unit (MTU) value for all interfaces in the multicast group. To restrict RA's to Enable. If the Other flag is selected the host uses administered/stateful protocol for stateless auto configuration of the IPv6 LAN. The default is required for non-address auto configuration. Router Preference: this router, the DSR will listen on this...
Product Manual
Page 31
... useful when configuring multiple PPPoE connections (i.e. Unified Services Router User Manual 3G Internet access with the primary WAN port (WAN1) configuration only. 3.2 WAN Configuration Setup > Internet Settings > WAN1 Setup You must either allow the router to detect WAN connection type automatically or configure manually the following information as needed and as provided by configuring the routing from the ISP server. In such case, user has to -Point Protocol over Ethernet (PPPoE), Layer 2 Tunneling Protocol (L2TP). Enter the following basic settings to enable...
... useful when configuring multiple PPPoE connections (i.e. Unified Services Router User Manual 3G Internet access with the primary WAN port (WAN1) configuration only. 3.2 WAN Configuration Setup > Internet Settings > WAN1 Setup You must either allow the router to detect WAN connection type automatically or configure manually the following information as needed and as provided by configuring the routing from the ISP server. In such case, user has to -Point Protocol over Ethernet (PPPoE), Layer 2 Tunneling Protocol (L2TP). Enter the following basic settings to enable...
Product Manual
Page 34
... the DSR with the ISP. control) traffic between the DSR and the ISP. Unified Services Router Figure 13: PPPoE configuration for standard ISPs User Manual Most PPPoE ISP's use of ―Japanese Multiple PPPoE‖ is used for the bulk of data and internet traffic and the Secondary PPPoE connection carries ISP specific (i.e. The GUI will prompt you for this case is ―PPPoE (Username/Password)‖. The ISP connection type for authentication, service, and connection settings in...
... the DSR with the ISP. control) traffic between the DSR and the ISP. Unified Services Router Figure 13: PPPoE configuration for standard ISPs User Manual Most PPPoE ISP's use of ―Japanese Multiple PPPoE‖ is used for the bulk of data and internet traffic and the Secondary PPPoE connection carries ISP specific (i.e. The GUI will prompt you for this case is ―PPPoE (Username/Password)‖. The ISP connection type for authentication, service, and connection settings in...
Product Manual
Page 47
... use a "private" IP address range while the WAN port on the router is a technique which allows several computers on the LAN interface are configured to access internal servers (eg. Broadcast and multicast packets that connect through the firewall to reach LAN servers by firewall or VPN policies. To maintain the LAN and WAN in the same broadcast domain. NAT routing has a feature called ―NAT Hair-pinning‖ that allows internal network users on the Internet...
... use a "private" IP address range while the WAN port on the router is a technique which allows several computers on the LAN interface are configured to access internal servers (eg. Broadcast and multicast packets that connect through the firewall to reach LAN servers by firewall or VPN policies. To maintain the LAN and WAN in the same broadcast domain. NAT routing has a feature called ―NAT Hair-pinning‖ that allows internal network users on the Internet...
Product Manual
Page 51
... key elements of WAN 3 configuration. Reconnect Mode: Select one of the physical ports WAN3 to WAN2 are enabled. 3.7 WAN 3 (3G) Configuration This router supports one of minutes in to the ISP. Unified Services Router Figure 25: Static route configuration fields User Manual 3.6 Configurable Port - Setup > Internet Settings > WAN3 Setup WAN3 configuration for the 3G USB modem is always on WAN3 interface. If the port is idle for 3G internet access. Username: Enter the username required to be configured for a specified number of...
... key elements of WAN 3 configuration. Reconnect Mode: Select one of the physical ports WAN3 to WAN2 are enabled. 3.7 WAN 3 (3G) Configuration This router supports one of minutes in to the ISP. Unified Services Router Figure 25: Static route configuration fields User Manual 3.6 Configurable Port - Setup > Internet Settings > WAN3 Setup WAN3 configuration for the 3G USB modem is always on WAN3 interface. If the port is idle for 3G internet access. Username: Enter the username required to be configured for a specified number of...
Product Manual
Page 68
... used. Outbound (LAN/DMZ to WAN) rules restrict access to traffic leaving your network, selectively allowing only specific local users to block hosts on choosing your WAN address is dynamic a DDNS (Dynamic DNS) name can to access specific outside resources. On other hand the default outbound rule is to deny access from DMZ to the section on the LAN from the secure zone (LAN) to the WAN port, or if your Time Zone and configuring NTP servers...
... used. Outbound (LAN/DMZ to WAN) rules restrict access to traffic leaving your network, selectively allowing only specific local users to block hosts on choosing your WAN address is dynamic a DDNS (Dynamic DNS) name can to access specific outside resources. On other hand the default outbound rule is to deny access from DMZ to the section on the LAN from the secure zone (LAN) to the WAN port, or if your Time Zone and configuring NTP servers...
Product Manual
Page 70
This will allow rule you can enable port forwarding for managing traffic from the internet to reach the appropriate LAN port via a port forwarding rule. Translate Port Number: With port forwarding, the incoming traffic to the port number entered here. 68 Unified Services Router User Manual Service: ANY means all users) Single Address (enter an IP address) Address Range (enter the appropriate IP address range) Log: traffic that is filtered by this rule. A schedule must be preconfigured in...
This will allow rule you can enable port forwarding for managing traffic from the internet to reach the appropriate LAN port via a port forwarding rule. Translate Port Number: With port forwarding, the incoming traffic to the port number entered here. 68 Unified Services Router User Manual Service: ANY means all users) Single Address (enter an IP address) Address Range (enter the appropriate IP address range) Log: traffic that is filtered by this rule. A schedule must be preconfigured in...
Product Manual
Page 123
... LAN host and traffic will automatically detect the type of Windows 7) and give the following URL http:// Upon inserting your USB storage device, printer cable or 3G modem the DSR router will be routed through the USB. Load balancing, auto-failover, or primary WAN access can be accessed by name ‗in and used as a network drive. USB Printer: The DSR can be configured through the 3G interface. Unified Services Router User Manual...
... LAN host and traffic will automatically detect the type of Windows 7) and give the following URL http:// Upon inserting your USB storage device, printer cable or 3G modem the DSR router will be routed through the USB. Load balancing, auto-failover, or primary WAN access can be accessed by name ‗in and used as a network drive. USB Printer: The DSR can be configured through the 3G interface. Unified Services Router User Manual...
Product Manual
Page 158
.... 7. Unified Services Router User Manual Chapter 11. Trouble Shooting 11.1 Internet connection Symptom: You cannot access the router's web-configuration interface from the PC to factory defaults (this information. Recommended action: 1. If you are using Internet Explorer, click Refresh to 192.168.10.1). 5. Check your changes are in this range, check the connection from a PC on the same subnet as Ethereal™) to another menu or tab; These auto-generated addresses are lost...
.... 7. Unified Services Router User Manual Chapter 11. Trouble Shooting 11.1 Internet connection Symptom: You cannot access the router's web-configuration interface from the PC to factory defaults (this information. Recommended action: 1. If you are using Internet Explorer, click Refresh to 192.168.10.1). 5. Check your changes are in this range, check the connection from a PC on the same subnet as Ethereal™) to another menu or tab; These auto-generated addresses are lost...
Product Manual
Page 162
... MAC address from the configuration interface or the Reset button - If this is the case, configure your firewall to factory defaults -whether initiated from the authorized PC. 11.4 Restoring factory-default configuration settings To restore factory-default configuration settings, do the following : 1. Release the button and wait for the router to make the default settings effective. 3. the following settings apply: LAN IP address: 192.168.10.1 Username: admin Password: admin DHCP server on LAN: enabled WAN port configuration: Get configuration...
... MAC address from the configuration interface or the Reset button - If this is the case, configure your firewall to factory defaults -whether initiated from the authorized PC. 11.4 Restoring factory-default configuration settings To restore factory-default configuration settings, do the following : 1. Release the button and wait for the router to make the default settings effective. 3. the following settings apply: LAN IP address: 192.168.10.1 Username: admin Password: admin DHCP server on LAN: enabled WAN port configuration: Get configuration...
Product Manual
Page 164
.... Unique physical-address identifier attached to a remote access server or ISP. 162 NAT enables multiple hosts on . Maximum transmission unit. Password Authentication Protocol. IPsec operates in real time. Glossary ARP CHAP DDNS DHCP DNS FQDN FTP HTTP IKE IPsec ISAKMP ISP MAC Address MTU NAT NetBIOS NTP PAP Address Resolution Protocol. Challenge-Handshake Authentication Protocol. Dynamic DNS. System for authenticating users to a network adapter. Protocol used to assist in ISAKMP as a packet passes through a router or firewall. Media-access-control address.
.... Unique physical-address identifier attached to a remote access server or ISP. 162 NAT enables multiple hosts on . Maximum transmission unit. Password Authentication Protocol. IPsec operates in real time. Glossary ARP CHAP DDNS DHCP DNS FQDN FTP HTTP IKE IPsec ISAKMP ISP MAC Address MTU NAT NetBIOS NTP PAP Address Resolution Protocol. Challenge-Handshake Authentication Protocol. Dynamic DNS. System for authenticating users to a network adapter. Protocol used to assist in ISAKMP as a packet passes through a router or firewall. Media-access-control address.
Product Manual
Page 167
... User login URL Device login User name (case sensitive) Login password (case sensitive) Internet Connection WAN MAC address WAN MTU size Port speed IP address IPv4 subnet mask RIP direction RIP version RIP authentication Local area network (LAN) DHCP server DHCP starting IP address DHCP ending IP address Time zone Time zone adjusted for Daylight Saving Time SNMP Remote management Inbound communications from the Internet Firewall Outbound communications to the Internet Source MAC filtering Stealth mode Default Setting http://192.168.10.1 admin admin Use default address...
... User login URL Device login User name (case sensitive) Login password (case sensitive) Internet Connection WAN MAC address WAN MTU size Port speed IP address IPv4 subnet mask RIP direction RIP version RIP authentication Local area network (LAN) DHCP server DHCP starting IP address DHCP ending IP address Time zone Time zone adjusted for Daylight Saving Time SNMP Remote management Inbound communications from the Internet Firewall Outbound communications to the Internet Source MAC filtering Stealth mode Default Setting http://192.168.10.1 admin admin Use default address...
Product Manual
Page 192
... failed ERROR VAP(%s) set RTS Threshold failed ERROR VAP(%s) set Fragmentation Threshold failed ERROR VAP(%s) set Protection Mode failed VAP(%s) set Tx Power failed WDS Profile %s not found sqlite3QueryResGet failed.Query:%s Interface name and policy must be specified Interface name and policy must be specified invalid ACL type %d interface name not specified interface name not specified Invalid interface - %s specified buffer length not specified Invalid length(%d) specified failed created iappdLock failed to val = %d Custom wireless event: '%s' Wireless...
... failed ERROR VAP(%s) set RTS Threshold failed ERROR VAP(%s) set Fragmentation Threshold failed ERROR VAP(%s) set Protection Mode failed VAP(%s) set Tx Power failed WDS Profile %s not found sqlite3QueryResGet failed.Query:%s Interface name and policy must be specified Interface name and policy must be specified invalid ACL type %d interface name not specified interface name not specified Invalid interface - %s specified buffer length not specified Invalid length(%d) specified failed created iappdLock failed to val = %d Custom wireless event: '%s' Wireless...
Product Manual
Page 194
... to get %s mac address Failed to set %s SSID Failed to set SSID broadcast status Failed to set PreAuth mode unable to install key KDOT11_SET_PARAM:IEEE80211_I OC_AUTHMODE failed KDOT11_SET_PARAM:IEEE80211_I OC_PRIVACY failed wpaInit failed dot11InstallProfile: unable to get interface index adpHmacInit(%s) failed interface %s not found AP not found on %s keyLen > PNAC_KEY_MAX_SIZE Invalid profile name passed Creation of WPS EAP Profile failed unsupported command %d device %s not found unsupported command %d dot11NodeAlloc failed Getting WPA IE failed for %s Getting WPS IE failed for %s Failed...
... to get %s mac address Failed to set %s SSID Failed to set SSID broadcast status Failed to set PreAuth mode unable to install key KDOT11_SET_PARAM:IEEE80211_I OC_AUTHMODE failed KDOT11_SET_PARAM:IEEE80211_I OC_PRIVACY failed wpaInit failed dot11InstallProfile: unable to get interface index adpHmacInit(%s) failed interface %s not found AP not found on %s keyLen > PNAC_KEY_MAX_SIZE Invalid profile name passed Creation of WPS EAP Profile failed unsupported command %d device %s not found unsupported command %d dot11NodeAlloc failed Getting WPA IE failed for %s Getting WPS IE failed for %s Failed...