User Guide
Page 17
... USB Storage ...487 46.4 Date and Time ...488 46.4.1 Pre-defined NTP Time Servers List 491 46.4.2 Time Server Synchronization 491 46.5 Console Port Speed ...492 46.6 DNS Overview ...493 46.6.1 DNS Server Address Assignment 493 46.6.2 Configuring the DNS Screen 493 46.6.3 Address Record ...496 46......496 46.6.5 Adding an Address/PTR Record 496 46.6.6 CNAME Record ...497 46.6.7 Adding a CNAME Record ...497 46.6.8 Domain Zone Forwarder ...498 46.6.9 Adding a Domain Zone Forwarder 498 46.6.10 MX Record ...499 46.6.11 Adding a MX Record ...500 46.6.12 Adding a DNS Service Control Rule 500 46.7...
... USB Storage ...487 46.4 Date and Time ...488 46.4.1 Pre-defined NTP Time Servers List 491 46.4.2 Time Server Synchronization 491 46.5 Console Port Speed ...492 46.6 DNS Overview ...493 46.6.1 DNS Server Address Assignment 493 46.6.2 Configuring the DNS Screen 493 46.6.3 Address Record ...496 46......496 46.6.5 Adding an Address/PTR Record 496 46.6.6 CNAME Record ...497 46.6.7 Adding a CNAME Record ...497 46.6.8 Domain Zone Forwarder ...498 46.6.9 Adding a Domain Zone Forwarder 498 46.6.10 MX Record ...499 46.6.11 Adding a MX Record ...500 46.6.12 Adding a DNS Service Control Rule 500 46.7...
User Guide
Page 20
...also provides bandwidth management, NAT, port forwarding, policy routing, DHCP server and many other powerful features. The UAG is a comprehensive service gateway. The UAG's security features include security policies and certificates. You can also forward the authenticated client's e-mail ...messages to -Site) Content Filtering Application Patrol Local AP (Built-in Wireless LAN Module) Drop-in one box. The UAG combines an IEEE 802.11n wireless access point, router, 4-port switch and service gateway in Mode UAG2100 V UAG4100 ...
...also provides bandwidth management, NAT, port forwarding, policy routing, DHCP server and many other powerful features. The UAG is a comprehensive service gateway. The UAG's security features include security policies and certificates. You can also forward the authenticated client's e-mail ...messages to -Site) Content Filtering Application Patrol Local AP (Built-in Wireless LAN Module) Drop-in one box. The UAG combines an IEEE 802.11n wireless access point, router, 4-port switch and service gateway in Mode UAG2100 V UAG4100 ...
User Guide
Page 29
... profiles. VLAN Create and manage VLAN interfaces and virtual VLAN interfaces. ALG Configure FTP pass-through which the user's traffic is forwarded. Walled Garden Create walled garden links that match the rules. Billing General Configure the general billing settings, such as part of... UAG does not apply IP/MAC binding. NAT Set up and manage SMTP redirection rules. SMTP Redirect Set up and manage port forwarding rules. IP/MAC Binding Summary Configure IP to set advertisement links. Payment Service Enable online payment service and configure the service ...
... profiles. VLAN Create and manage VLAN interfaces and virtual VLAN interfaces. ALG Configure FTP pass-through which the user's traffic is forwarded. Walled Garden Create walled garden links that match the rules. Billing General Configure the general billing settings, such as part of... UAG does not apply IP/MAC binding. NAT Set up and manage SMTP redirection rules. SMTP Redirect Set up and manage port forwarding rules. IP/MAC Binding Summary Configure IP to set advertisement links. Payment Service Enable online payment service and configure the service ...
User Guide
Page 105
...to the Internal Client from the list. If the field displays "0", the UAG ignores the Internal Port value and forwards requests on the WAN port) for connection requests destined for the NAT rule's Internal Port and Internal Client. This guest account has been used . This is often a wildcard, the... this is the index number of inbound IP packets. This guest account is blank, the UAG forwards all external port numbers (that are otherwise unmapped) to the Internal Client on the Internal Port (on the UAG. Chapter 7 Monitor The following table describes the labels in this screen, click...
...to the Internal Client from the list. If the field displays "0", the UAG ignores the Internal Port value and forwards requests on the WAN port) for connection requests destined for the NAT rule's Internal Port and Internal Client. This guest account has been used . This is often a wildcard, the... this is the index number of inbound IP packets. This guest account is blank, the UAG forwards all external port numbers (that are otherwise unmapped) to the Internal Client on the Internal Port (on the UAG. Chapter 7 Monitor The following table describes the labels in this screen, click...
User Guide
Page 106
...in the screen. 7.11 The USB Storage Screen This screen displays information about a connected USB storage device. Internal Port This field displays the port number on the Internal Client to 255.255.255.255 for UDP mappings. UAG Series User's Guide 106 Delete ... the LAN. Multiple NAT clients can use a single port simultaneously if the internal client field is set to which the UAG should forward incoming connection requests. Chapter 7 Monitor Table 32 Monitor > System Status > UPnP Port Status (continued) LABEL DESCRIPTION Protocol This field displays the...
...in the screen. 7.11 The USB Storage Screen This screen displays information about a connected USB storage device. Internal Port This field displays the port number on the Internal Client to 255.255.255.255 for UDP mappings. UAG Series User's Guide 106 Delete ... the LAN. Multiple NAT clients can use a single port simultaneously if the internal client field is set to which the UAG should forward incoming connection requests. Chapter 7 Monitor Table 32 Monitor > System Status > UPnP Port Status (continued) LABEL DESCRIPTION Protocol This field displays the...
User Guide
Page 111
.... This field displays how long the physical port has been connected. Chapter 7 Monitor configuration information, port status and station statistics for the AP. This field displays the current status of the VLAN. If any of the physical Ethernet port on a port so that the frames are forwarded to the VLAN group that adds to incoming...
.... This field displays how long the physical port has been connected. Chapter 7 Monitor configuration information, port status and station statistics for the AP. This field displays the current status of the VLAN. If any of the physical Ethernet port on a port so that the frames are forwarded to the VLAN group that adds to incoming...
User Guide
Page 140
...the AP monitors the broadcast area for managing). Radio 1/2 Profile VLAN Settings Force Overwrite VLAN Config Management VLAN ID As Native VLAN Port Setting # Status Port PVID VLAN Configuration # Status Name VID Member OK Cancel Note: Ensure you restart the managed AP after you change the AP's ...that the frames are editing the local AP's settings. If no profile exists, you are forwarded to this list. UAG Series User's Guide 140 This section is the port's index number in the Port Setting table of this VLAN ID as a VLAN created on to incoming untagged frames received on...
...the AP monitors the broadcast area for managing). Radio 1/2 Profile VLAN Settings Force Overwrite VLAN Config Management VLAN ID As Native VLAN Port Setting # Status Port PVID VLAN Configuration # Status Name VID Member OK Cancel Note: Ensure you restart the managed AP after you change the AP's ...that the frames are editing the local AP's settings. If no profile exists, you are forwarded to this list. UAG Series User's Guide 140 This section is the port's index number in the Port Setting table of this VLAN ID as a VLAN created on to incoming untagged frames received on...
User Guide
Page 141
... close the window with changes unsaved. 9.3.3 VLAN Add/Edit Use this screen to create a new VLAN or configure an existing VLAN on a port so that the frames are forwarded to the VLAN group that adds to 4094 for this screen, click Add or select a VLAN and click the Edit button in the... following table. This shows the name of the Configuration > Wireless > AP Management > Edit AP List screen. A PVID (Port VLAN ID) is described in the...
... close the window with changes unsaved. 9.3.3 VLAN Add/Edit Use this screen to create a new VLAN or configure an existing VLAN on a port so that the frames are forwarded to the VLAN group that adds to 4094 for this screen, click Add or select a VLAN and click the Edit button in the... following table. This shows the name of the Configuration > Wireless > AP Management > Edit AP List screen. A PVID (Port VLAN ID) is described in the...
User Guide
Page 205
...a packet meets the criteria. Finding Out More • See Section 12.4 on the marking rule, different kinds of forwarding. DSCP (6 bits) Unused (2 bits) DSCP is taken only when all the criteria are met. The DSCP value determines the... forwarding behavior, the PHB (Per-Hop Behavior), that non-DiffServ compliant, ToS-enabled network device will not conflict with... user name, source address and incoming interface, destination address, schedule, IP protocol (ICMP, UDP, TCP, etc.) and port.
...a packet meets the criteria. Finding Out More • See Section 12.4 on the marking rule, different kinds of forwarding. DSCP (6 bits) Unused (2 bits) DSCP is taken only when all the criteria are met. The DSCP value determines the... forwarding behavior, the PHB (Per-Hop Behavior), that non-DiffServ compliant, ToS-enabled network device will not conflict with... user name, source address and incoming interface, destination address, schedule, IP protocol (ICMP, UDP, TCP, etc.) and port.
User Guide
Page 206
...This is inactive. any means all IP addresses. This is usually best effort traffic Service Source Port Next-Hop The "af" entries stand for where you want to have the UAG forward packets that you typed. # Status User Schedule Incoming Source Destination DSCP Code The ordering of your...'s position in this to remove it and click Inactivate. This is the name of the destination IP address (group) object. See Assured Forwarding (AF) PHB for DiffServ on which the packets are received or the VPN tunnel through which the packets are sent. Chapter 12 Policy and...
...This is inactive. any means all IP addresses. This is usually best effort traffic Service Source Port Next-Hop The "af" entries stand for where you want to have the UAG forward packets that you typed. # Status User Schedule Incoming Source Destination DSCP Code The ordering of your...'s position in this to remove it and click Inactivate. This is the name of the destination IP address (group) object. See Assured Forwarding (AF) PHB for DiffServ on which the packets are received or the VPN tunnel through which the packets are sent. Chapter 12 Policy and...
User Guide
Page 209
...the packets are coming from which the UAG sends the matched packets to identify the source port of 0. Enter a descriptive name of up the next-hop router or switch as your UAG that will forward the packet to the interface). The gateway must be a router or switch on page 212... select one of three drop preferences. The lower the number the higher the priority with a DSCP value of packets to find a next-hop and forward the matched packets automatically. This is usually given only best-effort treatment. Select a user name or user group from ; Select a service or service...
...the packets are coming from which the UAG sends the matched packets to identify the source port of 0. Enter a descriptive name of up the next-hop router or switch as your UAG that will forward the packet to the interface). The gateway must be a router or switch on page 212... select one of three drop preferences. The lower the number the higher the priority with a DSCP value of packets to find a next-hop and forward the matched packets automatically. This is usually given only best-effort treatment. Select a user name or user group from ; Select a service or service...
User Guide
Page 210
... this field to specify a custom DSCP value. Check Method Select the method that matches this route. Specify the port number to use NAT for the policy route. The "af" choices stand for DiffServ on the connection check. ... the gateway. Enter the number of seconds between connection check attempts. Check Period Check Timeout Check Fail Tolerance Check Port Select tcp to have the UAG regularly ping the gateway you need to configure a new address (group) to use...virtual interface and physical interface must be in the Type field. See Assured Forwarding (AF) PHB for Assured...
... this field to specify a custom DSCP value. Check Method Select the method that matches this route. Specify the port number to use NAT for the policy route. The "af" choices stand for DiffServ on the connection check. ... the gateway. Enter the number of seconds between connection check attempts. Check Period Check Timeout Check Fail Tolerance Check Port Select tcp to have the UAG regularly ping the gateway you need to configure a new address (group) to use...virtual interface and physical interface must be in the Type field. See Assured Forwarding (AF) PHB for Assured...
User Guide
Page 219
... to a third (C in this Chapter Use the NAT screens (see their configuration details. The NAT network appears as virtual server, port forwarding, or port translation. Figure 140 Multiple Servers Behind NAT Example 14.1.1 What You Can Do in the example). UAG Series User's Guide 219 For example,...packet, used within another (B in the example) and assign a default server IP address of a host in the private network available by using ports to forward packets to these screens. Suppose you can also create new NAT rules and edit or delete existing ones. 14.1.2 What You Need to make ...
... to a third (C in this Chapter Use the NAT screens (see their configuration details. The NAT network appears as virtual server, port forwarding, or port translation. Figure 140 Multiple Servers Behind NAT Example 14.1.1 What You Can Do in the example). UAG Series User's Guide 219 For example,...packet, used within another (B in the example) and assign a default server IP address of a host in the private network available by using ports to forward packets to these screens. Suppose you can also create new NAT rules and edit or delete existing ones. 14.1.2 What You Need to make ...
User Guide
Page 223
... sends from the users to the UAG. this NAT rule supports a range of original destination ports this NAT rule forwards the packet. This field is available if Port Mapping Type is Ports. Select the protocol (TCP, UDP, or any changes (if it sends to the LAN server... for unknown services or when one destination port. This field is available if Port Mapping Type is Port. For users connected to forward traffic from external addresses. This field is available if Port Mapping Type is Port. Enter the original destination port this NAT rule supports for more than one...
... sends from the users to the UAG. this NAT rule supports a range of original destination ports this NAT rule forwards the packet. This field is available if Port Mapping Type is Ports. Select the protocol (TCP, UDP, or any changes (if it sends to the LAN server... for unknown services or when one destination port. This field is available if Port Mapping Type is Port. For users connected to forward traffic from external addresses. This field is available if Port Mapping Type is Port. Enter the original destination port this NAT rule supports for more than one...
User Guide
Page 234
Port Enter the port number that the proxy server uses. Table 102 Network > HTTP Redirect > Edit LABEL DESCRIPTION Enable Use this option to exit this screen without saving. Cancel ... Enter a name to the UAG. You may use 1-31 alphanumeric characters, underscores(_), or dashes (-), but the first character cannot be received for the UAG to forward it to the specified proxy server. OK Click OK to save your changes back to identify this screen.
Port Enter the port number that the proxy server uses. Table 102 Network > HTTP Redirect > Edit LABEL DESCRIPTION Enable Use this option to exit this screen without saving. Cancel ... Enter a name to the UAG. You may use 1-31 alphanumeric characters, underscores(_), or dashes (-), but the first character cannot be received for the UAG to forward it to the specified proxy server. OK Click OK to save your changes back to identify this screen.
User Guide
Page 235
CHAPTER 17 SMTP Redirect 17.1 Overview SMTP redirect forwards the authenticated client's SMTP message to the recipient. E-mail clients also generally use mail server protocols such as POP (Post Office Protocol) or IMAP (Internet ..., where the message will be delivered to a SMTP server, that handles all outgoing e-mail messages. When a client connected to SMTP server A. The UAG forwards SMTP traffic using TCP port 25. In the following example, SMTP server A is connected to the lan2 interface in the LAN1 zone logs into the UAG and wants...
CHAPTER 17 SMTP Redirect 17.1 Overview SMTP redirect forwards the authenticated client's SMTP message to the recipient. E-mail clients also generally use mail server protocols such as POP (Post Office Protocol) or IMAP (Internet ..., where the message will be delivered to a SMTP server, that handles all outgoing e-mail messages. When a client connected to SMTP server A. The UAG forwards SMTP traffic using TCP port 25. In the following example, SMTP server A is connected to the lan2 interface in the LAN1 zone logs into the UAG and wants...
User Guide
Page 239
...a second interface set to passive) in this Chapter Use the ALG screen (Section 18.2 on the LAN, you must also configure NAT (port forwarding) and security policies if you send your ALG-managed traffic through the second interface. CHAPTER 18 ALG 18.1 ALG Overview Application Layer Gateway (...through the second interface (that goes through the UAG's NAT. 18.1.1 What You Can Do in order to have a trunk with a specified port destination to the second (passive) interface when the active interface's connection goes down. When the active interface's connection fails, the client needs to...
...a second interface set to passive) in this Chapter Use the ALG screen (Section 18.2 on the LAN, you must also configure NAT (port forwarding) and security policies if you send your ALG-managed traffic through the second interface. CHAPTER 18 ALG 18.1 ALG Overview Application Layer Gateway (...through the second interface (that goes through the UAG's NAT. 18.1.1 What You Can Do in order to have a trunk with a specified port destination to the second (passive) interface when the active interface's connection goes down. When the active interface's connection fails, the client needs to...
User Guide
Page 345
...source address range (SNAT). Chapter 30 IPSec VPN Table 156 Configuration > VPN > IPSec VPN > VPN Connection > Add/Edit (continued) LABEL Perfect Forward Secrecy (PFS) DESCRIPTION Select whether or not you want the UAG to wait for a TCP connectivity check. enable PFS and use the same DH ...the address you set the Check Method to make sure traffic can still go through the connection. Check Port This field displays when you specify to tcp. Specify the port number to generate encryption keys for the connectivity check. Check Timeout Enter the number of consecutive failures ...
...source address range (SNAT). Chapter 30 IPSec VPN Table 156 Configuration > VPN > IPSec VPN > VPN Connection > Add/Edit (continued) LABEL Perfect Forward Secrecy (PFS) DESCRIPTION Select whether or not you want the UAG to wait for a TCP connectivity check. enable PFS and use the same DH ...the address you set the Check Method to make sure traffic can still go through the connection. Check Port This field displays when you specify to tcp. Specify the port number to generate encryption keys for the connectivity check. Check Timeout Enter the number of consecutive failures ...
User Guide
Page 611
... 222 and policy routes 204, 210 and security policy 292 and to-Device security policy 223 and VPN 358 loopback 224 port forwarding, see NAT port translation, see NAT traversal 358 NAT Port Mapping Protocol 241 NAT Traversal 241 NAT-PMP 241 NBNS 164, 180, 188, 193 NetBIOS Broadcast over IPSec 343 Name Server...
... 222 and policy routes 204, 210 and security policy 292 and to-Device security policy 223 and VPN 358 loopback 224 port forwarding, see NAT port translation, see NAT traversal 358 NAT Port Mapping Protocol 241 NAT Traversal 241 NAT-PMP 241 NBNS 164, 180, 188, 193 NetBIOS Broadcast over IPSec 343 Name Server...
User Guide
Page 612
... Authentication Protocol (PAP) 485 Peanut Hull 214 Peer-to-peer (P2P) managing 376 Perfect Forward Secrecy (PFS) 345 Diffie-Hellman key group 360 PFS (Perfect Forward Secrecy) 345, 360 physical ports packet statistics 92, 93, 110 pointer record 496 Point-to -Point Tunneling Protocol, see PPTP... 1-1 mapping 227 benefits 204 criteria 205 overriding direct routes 206 pop-up windows 22 port forwarding, see NAT port groups 155, 157 port roles 156 and Ethernet interfaces 156 and physical ports 156 port translation, see NAT power off 582 PPP 194 troubleshooting 585 PPP interfaces subnet mask 191...
... Authentication Protocol (PAP) 485 Peanut Hull 214 Peer-to-peer (P2P) managing 376 Perfect Forward Secrecy (PFS) 345 Diffie-Hellman key group 360 PFS (Perfect Forward Secrecy) 345, 360 physical ports packet statistics 92, 93, 110 pointer record 496 Point-to -Point Tunneling Protocol, see PPTP... 1-1 mapping 227 benefits 204 criteria 205 overriding direct routes 206 pop-up windows 22 port forwarding, see NAT port groups 155, 157 port roles 156 and Ethernet interfaces 156 and physical ports 156 port translation, see NAT power off 582 PPP 194 troubleshooting 585 PPP interfaces subnet mask 191...