Product Manual
Page 5
... 7.1 Groups and Users 103 7.1.1 Users and Passwords 109 7.2 Using SSL VPN Policies 110 7.2.1 Using Network Resources 113 7.3 Application Port Forwarding 114 7.4 SSL VPN Client Configuration 116 7.5 User Portal ...118 7.5.1 Creating Portal Layouts 119 Chapter 8. Advanced Configuration Tools 121 8.1 USB Device Setup 121 8.2 SMS service...122 3 Securing the Private Network 65 5.1 Firewall Rules ...65...
... 7.1 Groups and Users 103 7.1.1 Users and Passwords 109 7.2 Using SSL VPN Policies 110 7.2.1 Using Network Resources 113 7.3 Application Port Forwarding 114 7.4 SSL VPN Client Configuration 116 7.5 User Portal ...118 7.5.1 Creating Portal Layouts 119 Chapter 8. Advanced Configuration Tools 121 8.1 USB Device Setup 121 8.2 SMS service...122 3 Securing the Private Network 65 5.1 Firewall Rules ...65...
Product Manual
Page 6
...135 Event Log Viewer in GUI 137 9.5 Backing up and Restoring Configuration Settings 138 9.6 Upgrading Router Firmware 139 9.7 Dynamic DNS Setup 140 9.8 9.8.1 9.8.2 9.8.3 9.8.4 Using Diagnostic Tools 141 Ping ...142 Trace Route ...142 DNS Lookup ...143 Router Options ...143 ... Active Connections 151 10.3.1 Sessions through the Router 151 10.3.2 Wireless Clients...153 10.3.3 LAN Clients ...153 10.3.4 Active VPN Tunnels 154 Chapter 11. Unified Services Router User Manual 8.3 Authentication Certificates 124 8.4 Advanced Switch Configuration 126 Chapter 9. Administration...
...135 Event Log Viewer in GUI 137 9.5 Backing up and Restoring Configuration Settings 138 9.6 Upgrading Router Firmware 139 9.7 Dynamic DNS Setup 140 9.8 9.8.1 9.8.2 9.8.3 9.8.4 Using Diagnostic Tools 141 Ping ...142 Trace Route ...142 DNS Lookup ...143 Router Options ...143 ... Active Connections 151 10.3.1 Sessions through the Router 151 10.3.2 Wireless Clients...153 10.3.3 LAN Clients ...153 10.3.4 Active VPN Tunnels 154 Chapter 11. Unified Services Router User Manual 8.3 Authentication Certificates 124 8.4 Advanced Switch Configuration 126 Chapter 9. Administration...
Product Manual
Page 10
..., Traps, and Access Control 129 Figure 89: SNMP system information for this router 130 Figure 90: Date, Time, and NTP server setup 131 Figure 91: Facility settings for Logging 133 Figure 92: Log configuration options for traffic through router 135 Figure 93: E-mail configuration as... List of configured resources, which are available to assign to the DSR 102 Figure 65: List of configured SSL VPN portals. Unified Services Router User Manual Figure 64: Example of clientless SSL VPN connections to SSL VPN policies .......114 Figure 76: List of Available Applications for Remote Logging...
..., Traps, and Access Control 129 Figure 89: SNMP system information for this router 130 Figure 90: Date, Time, and NTP server setup 131 Figure 91: Facility settings for Logging 133 Figure 92: Log configuration options for traffic through router 135 Figure 93: E-mail configuration as... List of configured resources, which are available to assign to the DSR 102 Figure 65: List of configured SSL VPN portals. Unified Services Router User Manual Figure 64: Example of clientless SSL VPN connections to SSL VPN policies .......114 Figure 76: List of Available Applications for Remote Logging...
Product Manual
Page 13
... in this User Manual This document is a high level manual to allow new D-Link Unified Services Router users to configure connectivity, setup VPN tunnels, establish firewall rules and perform general administrative tasks. Likewise the DLink Green Ethernet...links. For more detailed setup instructions and explanations of the global community, D-Link is only available for DSR-1000 and DSR-1000N. 1.1 About this document: Product Name - The DSR-250/250N, DSR-500/500N and DSR-1000/1000N support 25, 35 and 75 simultaneous IPSec VPN tunnels respectively. Efficient D-Link...
... in this User Manual This document is a high level manual to allow new D-Link Unified Services Router users to configure connectivity, setup VPN tunnels, establish firewall rules and perform general administrative tasks. Likewise the DLink Green Ethernet...links. For more detailed setup instructions and explanations of the global community, D-Link is only available for DSR-1000 and DSR-1000N. 1.1 About this document: Product Name - The DSR-250/250N, DSR-500/500N and DSR-1000/1000N support 25, 35 and 75 simultaneous IPSec VPN tunnels respectively. Efficient D-Link...
Product Manual
Page 31
...PPPoE support). ISP login information. To log out after the connection is enabled, DSR won't expect a default route from Static Routing page. Connectivity Type: To ... MPPE Encryption: For PPTP links, your LAN hosts to access internet sites over this WAN link while still permitting VPN traffic to be directed to a VPN configured on this router, choose Static ...access with the primary WAN port (WAN1) configuration only. 3.2 WAN Configuration Setup > Internet Settings > WAN1 Setup You must either allow the router to detect WAN connection type automatically or configure...
...PPPoE support). ISP login information. To log out after the connection is enabled, DSR won't expect a default route from Static Routing page. Connectivity Type: To ... MPPE Encryption: For PPTP links, your LAN hosts to access internet sites over this WAN link while still permitting VPN traffic to be directed to a VPN configured on this router, choose Static ...access with the primary WAN port (WAN1) configuration only. 3.2 WAN Configuration Setup > Internet Settings > WAN1 Setup You must either allow the router to detect WAN connection type automatically or configure...
Product Manual
Page 92
..., follow the steps below: 1. Unified Services Router User Manual 6.1 VPN Wizard Setup > Wizard > VPN Wizard You can modify it as required. if there is more than 1 WAN configured the tunnel can either be a gateway to gateway connection (site -to-... to a host on the internet (remote access). Set the Connection Name and pre-shared key: the connection name is created, you can use the VPN wizard to establish the tunnel Determine the local gateway for either of the gateways. 90 Once the IKE or...
..., follow the steps below: 1. Unified Services Router User Manual 6.1 VPN Wizard Setup > Wizard > VPN Wizard You can modify it as required. if there is more than 1 WAN configured the tunnel can either be a gateway to gateway connection (site -to-... to a host on the internet (remote access). Set the Connection Name and pre-shared key: the connection name is created, you can use the VPN wizard to establish the tunnel Determine the local gateway for either of the gateways. 90 Once the IKE or...
Product Manual
Page 94
... serve IP leases to the online help for details. Once the Wizard creates the matching IKE and VPN policies required by importing a file containing vpn policies. 6.2 Configuring IPsec Policies Setup > VPN Settings > IPsec > IPsec Policies An IPsec policy is between the two policy endpoints. ...the header is encrypted and/or authenticated. The IPsec mode can modify the required fields through VPN wizard use easy setup site to configure VPN policies through the edit link. Unified Services Router User Manual Parameter Exchange Mode ID Type Local WAN ID Remote WAN ID...
... serve IP leases to the online help for details. Once the Wizard creates the matching IKE and VPN policies required by importing a file containing vpn policies. 6.2 Configuring IPsec Policies Setup > VPN Settings > IPsec > IPsec Policies An IPsec policy is between the two policy endpoints. ...the header is encrypted and/or authenticated. The IPsec mode can modify the required fields through VPN wizard use easy setup site to configure VPN policies through the edit link. Unified Services Router User Manual Parameter Exchange Mode ID Type Local WAN ID Remote WAN ID...
Product Manual
Page 98
... and/or configure RADIUS authentication. 6.4 PPTP / L2TP Tunnels This router supports VPN tunnels from either PPTP or L2TP ISP servers. Refer to the client software guide for detailed instructions on setup as well as a broker device to allow the ISP's server to create ...connection between the router and remote endpoint. Once client is required to establish a VPN tunnel between the LAN VPN client and the VPN server. 6.4.1 PPTP Tunnel Support Setup > VPN Settings > PPTP > PPTP Client PPTP VPN Client can be configured on this client we can be authenticated using a configured Radius...
... and/or configure RADIUS authentication. 6.4 PPTP / L2TP Tunnels This router supports VPN tunnels from either PPTP or L2TP ISP servers. Refer to the client software guide for detailed instructions on setup as well as a broker device to allow the ISP's server to create ...connection between the router and remote endpoint. Once client is required to establish a VPN tunnel between the LAN VPN client and the VPN server. 6.4.1 PPTP Tunnel Support Setup > VPN Settings > PPTP > PPTP Client PPTP VPN Client can be configured on this client we can be authenticated using a configured Radius...
Product Manual
Page 99
PPTP Client User Manual Figure 60: PPTP VPN connection status Setup > VPN Settings > PPTP > PPTP Server A PPTP VPN can reach the router's PPTP server. Once authenticated by the router. 97 Once the PPTP server is available on the router for LAN and WAN ...
PPTP Client User Manual Figure 60: PPTP VPN connection status Setup > VPN Settings > PPTP > PPTP Server A PPTP VPN can reach the router's PPTP server. Once authenticated by the router. 97 Once the PPTP server is available on the router for LAN and WAN ...
Product Manual
Page 100
... router for LAN and WAN L2TP client users to the network managed by the router. 98 PPTP Server User Manual 6.4.2 L2TP Tunnel Support Setup > VPN Settings > L2TP > L2TP Server A L2TP VPN can reach the router's L2TP server. Once enabled a L2TP server is enabled, L2TP clients that are within the range of configured IP...
... router for LAN and WAN L2TP client users to the network managed by the router. 98 PPTP Server User Manual 6.4.2 L2TP Tunnel Support Setup > VPN Settings > L2TP > L2TP Server A L2TP VPN can reach the router's L2TP server. Once enabled a L2TP server is enabled, L2TP clients that are within the range of configured IP...
Product Manual
Page 101
...key, certificates, or username/password. Ex: SHA1, SHA256 and SHA512. When used in client mode). Vpn Network: Address of the Virtual Network. Vpn Netmask: Netmask of the Virtual Network. Port: The port number on which the packets are encrypted. ...(Applicable in a multiclient-server configuration, it allows the server to only specified resources 99 L2TP Server User Manual 6.4.3 OpenVPN Support Setup > VPN Settings > OpenVPN > OpenVPN Configuration OpenVPN allows peers to communicate with which openvpn server(or Access Server) runs. Tunnel...
...key, certificates, or username/password. Ex: SHA1, SHA256 and SHA512. When used in client mode). Vpn Network: Address of the Virtual Network. Vpn Netmask: Netmask of the Virtual Network. Port: The port number on which the packets are encrypted. ...(Applicable in a multiclient-server configuration, it allows the server to only specified resources 99 L2TP Server User Manual 6.4.3 OpenVPN Support Setup > VPN Settings > OpenVPN > OpenVPN Configuration OpenVPN allows peers to communicate with which openvpn server(or Access Server) runs. Tunnel...
Product Manual
Page 112
...group, or all users (global). A more specific policy takes precedence over a generic policy when both are applied to different SSL VPN services supported by the router. The List of addresses containing the IP address already referenced. 110 I.e. a policy for a range of Available... takes precedence over Global policies. Unified Services Router Figure 72: User configuration options User Manual 7.2 Using SSL VPN Policies Setup > VPN Settings > SSL VPN Server > SSL VPN Policies SSL VPN Policies can be filtered based on the LAN, or to the same user/group/global domain.
...group, or all users (global). A more specific policy takes precedence over a generic policy when both are applied to different SSL VPN services supported by the router. The List of addresses containing the IP address already referenced. 110 I.e. a policy for a range of Available... takes precedence over Global policies. Unified Services Router Figure 72: User configuration options User Manual 7.2 Using SSL VPN Policies Setup > VPN Settings > SSL VPN Server > SSL VPN Policies SSL VPN Policies can be filtered based on the LAN, or to the same user/group/global domain.
Product Manual
Page 115
Network resources must be explicitly permitted or denied. 7.2.1 Using Network Resources Setup > VPN Settings > SSL VPN Server > Resources Network resources are services or groups of LAN IP addresses that are used for defining TCP or UDP port number... A network resource can be configured in the GUI: Resource name: A unique identifier name for the resource. Service: The SSL VPN service corresponding to specific network resources. The services offered are created with the service. Adding a Network Resource involves creating a unique name to identify the resource...
Network resources must be explicitly permitted or denied. 7.2.1 Using Network Resources Setup > VPN Settings > SSL VPN Server > Resources Network resources are services or groups of LAN IP addresses that are used for defining TCP or UDP port number... A network resource can be configured in the GUI: Resource name: A unique identifier name for the resource. Service: The SSL VPN service corresponding to specific network resources. The services offered are created with the service. Adding a Network Resource involves creating a unique name to identify the resource...
Product Manual
Page 116
... server requires entering the local server IP address and TCP port number of configured resources, which are available to assign to SSL VPN policies 7.3 Application Port Forwarding Setup > VPN Settings > SSL VPN Server > Port Forwarding Port forwarding allows remote SSL users to access specified network applications or services after they login to the User...
... server requires entering the local server IP address and TCP port number of configured resources, which are available to assign to SSL VPN policies 7.3 Application Port Forwarding Setup > VPN Settings > SSL VPN Server > Port Forwarding Port forwarding allows remote SSL users to access specified network applications or services after they login to the User...
Product Manual
Page 118
... or a server on the corporate LAN that the virtual (PPP) interface address of Available Applications for SSL Port Forwarding 7.4 SSL VPN Client Configuration Setup > VPN Settings > SSL VPN Client > SSL VPN Client An SSL VPN tunnel client provides a point-to-point connection between the browserside machine and this router. Unified Services Router User Manual Figure 76...
... or a server on the corporate LAN that the virtual (PPP) interface address of Available Applications for SSL Port Forwarding 7.4 SSL VPN Client Configuration Setup > VPN Settings > SSL VPN Client > SSL VPN Client An SSL VPN tunnel client provides a point-to-point connection between the browserside machine and this router. Unified Services Router User Manual Figure 76...
Product Manual
Page 120
...the remote user. 118 Unified Services Router User Manual Setup > VPN Settings > SSL VPN Client > Configured Client Routes If the SSL VPN client is assigned an IP address in split tunnel mode 7.5 User Portal Setup > VPN Settings > SSL VPN Client > SSL VPN Client Portal When remote users want to access the... private network through an SSL tunnel (either using the Port Forwarding or VPN tunnel service), they login through a user portal. Figure ...
...the remote user. 118 Unified Services Router User Manual Setup > VPN Settings > SSL VPN Client > Configured Client Routes If the SSL VPN client is assigned an IP address in split tunnel mode 7.5 User Portal Setup > VPN Settings > SSL VPN Client > SSL VPN Client Portal When remote users want to access the... private network through an SSL tunnel (either using the Port Forwarding or VPN tunnel service), they login through a user portal. Figure ...
Product Manual
Page 121
...portal. As well, the users assigned to this portal. This is the same page that opens when the ―User Portal‖ link is being configured. The portal name, title, banner name, and banner contents are customizable for this portal (through their authentication domain) ...can then be presented with an authentication domain 7.5.1 Creating Portal Layouts Setup > VPN Settings > SSL VPN Server > Portal Layouts The router allows you to create a custom page for remote SSL VPN users that is optional. 119 Unified Services Router User Manual Figure 79: List of...
...portal. As well, the users assigned to this portal. This is the same page that opens when the ―User Portal‖ link is being configured. The portal name, title, banner name, and banner contents are customizable for this portal (through their authentication domain) ...can then be presented with an authentication domain 7.5.1 Creating Portal Layouts Setup > VPN Settings > SSL VPN Server > Portal Layouts The router allows you to create a custom page for remote SSL VPN users that is optional. 119 Unified Services Router User Manual Figure 79: List of...
Product Manual
Page 133
... log configuration settings and the ways you can monitor the type of traffic that correspond to this facility would correspond to traffic through the firewall, VPN, and over the wireless AP. As an administrator you can access these logs. 9.4.1 Defining What to Log Tools > Log Settings > Logs Facility The ... through the firewall or network stack. 131 There are detected by the router. Unified Services Router Figure 90: Date, Time, and NTP server setup User Manual 9.4 Log Configuration This router allows you to determine the granularity of logs to receive from the router.
... log configuration settings and the ways you can monitor the type of traffic that correspond to this facility would correspond to traffic through the firewall, VPN, and over the wireless AP. As an administrator you can access these logs. 9.4.1 Defining What to Log Tools > Log Settings > Logs Facility The ... through the firewall or network stack. 131 There are detected by the router. Unified Services Router Figure 90: Date, Time, and NTP server setup User Manual 9.4 Log Configuration This router allows you to determine the granularity of logs to receive from the router.