Product Manual
Page 5
... Radio Specific Settings 60 4.5 Advanced Wireless Settings 61 4.6 Wi-Fi Protected Setup (WPS 61 Chapter 5. IPsec / PPTP / L2TP VPN 85 6.1 VPN Wizard ...86 6.2 Configuring IPsec Policies 89 6.2.1 Extended Authentication (XAUTH 92 6.2.2 Internet over IPSec tunnel 92 6.3 Configuring VPN clients 93 6.4 PPTP / L2TP Tunnels 93 6.4.1 PPTP Tunnel Support 93 6.4.2 L2TP Tunnel Support 94 Chapter 7. SSL...
... Radio Specific Settings 60 4.5 Advanced Wireless Settings 61 4.6 Wi-Fi Protected Setup (WPS 61 Chapter 5. IPsec / PPTP / L2TP VPN 85 6.1 VPN Wizard ...86 6.2 Configuring IPsec Policies 89 6.2.1 Extended Authentication (XAUTH 92 6.2.2 Internet over IPSec tunnel 92 6.3 Configuring VPN clients 93 6.4 PPTP / L2TP Tunnels 93 6.4.1 PPTP Tunnel Support 93 6.4.2 L2TP Tunnel Support 94 Chapter 7. SSL...
Product Manual
Page 6
... ...138 10.2.1 Wired Port Statistics 138 10.2.2 Wireless Statistics 139 10.3 Active Connections 140 10.3.1 Sessions through the Router 140 10.3.2 Wireless Clients...142 10.3.3 LAN Clients ...142 10.3.4 Active VPN Tunnels 143 Chapter 11. Glossary ...152 Appendix B. Standard Services Available for Port Forwarding & Firewall Configuration 156 Appendix D. Unified Services Router User Manual...
... ...138 10.2.1 Wired Port Statistics 138 10.2.2 Wireless Statistics 139 10.3 Active Connections 140 10.3.1 Sessions through the Router 140 10.3.2 Wireless Clients...142 10.3.3 LAN Clients ...142 10.3.4 Active VPN Tunnels 143 Chapter 11. Glossary ...152 Appendix B. Standard Services Available for Port Forwarding & Firewall Configuration 156 Appendix D. Unified Services Router User Manual...
Product Manual
Page 8
PPTP Server 94 Figure 60: L2TP tunnel configuration - L2TP Server 94 Figure 61: Example of three IPsec client connections to the DSR 96 Figure 62: Available Users with WPA/WPA2 profile 62 Figure 38: List of Available Firewall Rules 64 Figure 39: List of Available Schedules to ... above example 73 Figure 43: List of user defined services 75 Figure 44: Available ALG support on the router 76 Figure 45: Passthrough options for VPN tunnels 77 Figure 46: List of Available Application Rules showing 4 unique rules 78 Figure 47: Content Filtering used to block access to proxy servers and...
PPTP Server 94 Figure 60: L2TP tunnel configuration - L2TP Server 94 Figure 61: Example of three IPsec client connections to the DSR 96 Figure 62: Available Users with WPA/WPA2 profile 62 Figure 38: List of Available Firewall Rules 64 Figure 39: List of Available Schedules to ... above example 73 Figure 43: List of user defined services 75 Figure 44: Available ALG support on the router 76 Figure 45: Passthrough options for VPN tunnels 77 Figure 46: List of Available Application Rules showing 4 unique rules 78 Figure 47: Content Filtering used to block access to proxy servers and...
Product Manual
Page 9
...as a Remote Logging option 125 Figure 83: Syslog server configuration for SSL Port Forwarding 106 Figure 68: SSL VPN client adapter and access configuration 107 Figure 69: Configured client routes only apply in the GUI 131 Figure 89: Sample traceroute output ...132 Figure 90: Device Status display......139 Figure 96: AP specific statistics...140 Figure 97: List of configured SSL VPN portals. Unified Services Router User Manual Figure 64: List of SSL VPN polices (Global filter 101 Figure 65: SSL VPN policy configuration 102 Figure 66: List of configured resources, which are available to...
...as a Remote Logging option 125 Figure 83: Syslog server configuration for SSL Port Forwarding 106 Figure 68: SSL VPN client adapter and access configuration 107 Figure 69: Configured client routes only apply in the GUI 131 Figure 89: Sample traceroute output ...132 Figure 90: Device Status display......139 Figure 96: AP specific statistics...140 Figure 97: List of configured SSL VPN portals. Unified Services Router User Manual Figure 64: List of SSL VPN polices (Global filter 101 Figure 65: SSL VPN policy configuration 102 Figure 66: List of configured resources, which are available to...
Product Manual
Page 10
Unified Services Router User Manual Figure 98: List of connected 802.11 clients per AP 142 Figure 99: List of LAN hosts...143 Figure 100: List of current Active VPN Sessions 144 8
Unified Services Router User Manual Figure 98: List of connected 802.11 clients per AP 142 Figure 99: List of LAN hosts...143 Figure 100: List of current Active VPN Sessions 144 8
Product Manual
Page 29
Required fields for PPTP and L2TP connection). This is enabled, DSR won't expect a default route from Static Routing page. Connectivity Type: To keep the connection always on the secondary WAN port (WAN2). Enter the following ... are based on the ISP you to enable Microsoft Point-to -Point Protocol over this WAN link while sti ll permitting VPN traffic to be directed to a VPN configured on this router, choose Static IP address, DHCP client, Point-to-Point Tunneling Protocol (PPTP), Point-to -Point Encryption (MPPE). Split Tunnel (supported for...
Required fields for PPTP and L2TP connection). This is enabled, DSR won't expect a default route from Static Routing page. Connectivity Type: To keep the connection always on the secondary WAN port (WAN2). Enter the following ... are based on the ISP you to enable Microsoft Point-to -Point Protocol over this WAN link while sti ll permitting VPN traffic to be directed to a VPN configured on this router, choose Static IP address, DHCP client, Point-to-Point Tunneling Protocol (PPTP), Point-to -Point Encryption (MPPE). Split Tunnel (supported for...
Product Manual
Page 87
... (―tunnel‖) between remote sites. Remote Client (client-to the Internet 85 The gateway WAN port acts as a responder. Remote client behind a NAT Router. Figure 53: Example of Gateway-to-Gateway IPsec VPN tunnel using two DSR routers connected to -gateway VPN tunnel): A remote client initiates a VPN tunnel as the IP address of the remote...
... (―tunnel‖) between remote sites. Remote Client (client-to the Internet 85 The gateway WAN port acts as a responder. Remote client behind a NAT Router. Figure 53: Example of Gateway-to-Gateway IPsec VPN tunnel using two DSR routers connected to -gateway VPN tunnel): A remote client initiates a VPN tunnel as the IP address of the remote...
Product Manual
Page 88
Unified Services Router User Manual Figure 54: Example of three IPsec client connections to quickly create both IKE and VPN policies. Once the IKE or VPN policy is created, you can use the VPN wizard to the internal network through the DSR IPsec gateway 6.1 VPN Wizard Setup > Wizard > VPN Wizard You can modify it as required. 86
Unified Services Router User Manual Figure 54: Example of three IPsec client connections to quickly create both IKE and VPN policies. Once the IKE or VPN policy is created, you can use the VPN wizard to the internal network through the DSR IPsec gateway 6.1 VPN Wizard Setup > Wizard > VPN Wizard You can modify it as required. 86
Product Manual
Page 89
... launch screen User Manual To easily establish a VPN tunnel using VPN Wizard, follow the steps below: 1. Select the VPN tunnel type to create The tunnel can be required on the VPN client or gateway to establish the tunnel Determine the local gateway for either be a gateway ...a host on the internet (remote access). Set the Connection Name and pre-shared key: the connection name is a Gateway. For VPN Clients, this router's endpoint of the gateways. 2. Configure Remote and Local WAN address for the tunnel endpoints Remote Gateway Type: identify the...
... launch screen User Manual To easily establish a VPN tunnel using VPN Wizard, follow the steps below: 1. Select the VPN tunnel type to create The tunnel can be required on the VPN client or gateway to establish the tunnel Determine the local gateway for either be a gateway ...a host on the internet (remote access). Set the Connection Name and pre-shared key: the connection name is a Gateway. For VPN Clients, this router's endpoint of the gateways. 2. Configure Remote and Local WAN address for the tunnel endpoints Remote Gateway Type: identify the...
Product Manual
Page 90
...the settings and click Connect to the online help for a VPN Client or Gateway policy (these can be left blank if you are not using a different FQDN or IP address than the one can modify the required fields through the edit link. The Wizard will create a Auto IPsec policy with the ...or Main (Gateway policy) FQDN wan_local.com (only applies to Client policies) wan_remote.com (only applies to Client policies) 3DES SHA-1 Pre-shared Key DH-Group 2(1024 bit) 24 hours 8 hours Enabled (only applies to Gateway policies) The VPN Wizard is the recommended method to set up an Auto IPsec ...
...the settings and click Connect to the online help for a VPN Client or Gateway policy (these can be left blank if you are not using a different FQDN or IP address than the one can modify the required fields through the edit link. The Wizard will create a Auto IPsec policy with the ...or Main (Gateway policy) FQDN wan_local.com (only applies to Client policies) wan_remote.com (only applies to Client policies) 3DES SHA-1 Pre-shared Key DH-Group 2(1024 bit) 24 hours 8 hours Enabled (only applies to Gateway policies) The VPN Wizard is the recommended method to set up an Auto IPsec ...
Product Manual
Page 91
Unified Services Router User Manual 6.2 Configuring IPsec Policies Setup > VPN Settings > IPsec > IPsec Policies An IPsec policy is between this router and the tunnel endpoint, either tunnel or... to hosts on the remote LAN. When tunnel mode is used for network-to -end communication between this router and a IPsec client on a host. The IPsec mode can communicate over the tunnel. 89 In this mode the entire IP packet including the header ... private networks that can be either another gateway or this router and another IPsec gateway or an IPsec VPN client on a remote host.
Unified Services Router User Manual 6.2 Configuring IPsec Policies Setup > VPN Settings > IPsec > IPsec Policies An IPsec policy is between this router and the tunnel endpoint, either tunnel or... to hosts on the remote LAN. When tunnel mode is used for network-to -end communication between this router and a IPsec client on a host. The IPsec mode can communicate over the tunnel. 89 In this mode the entire IP packet including the header ... private networks that can be either another gateway or this router and another IPsec gateway or an IPsec VPN client on a remote host.
Product Manual
Page 94
... not, the router connects to the RADIUS server. 6.2.2 Internet over IPSec tunnel In this feature all the traffic will pass through the VPN Tunnel and from a stored list of user accounts or with the authentication protocol supported by the server (PAP or CHAP). With a configured... remote gateway side, the outgoing packet will be SNAT'ed. 92 if they are used to it the credentials that it receives from the VPN client. Unified Services Router User Manual Figure 58: IPsec policy configuration continued (Auto / Manual Phase 2) 6.2.1 Extended Authentication (XAUTH) You can secure...
... not, the router connects to the RADIUS server. 6.2.2 Internet over IPSec tunnel In this feature all the traffic will pass through the VPN Tunnel and from a stored list of user accounts or with the authentication protocol supported by the server (PAP or CHAP). With a configured... remote gateway side, the outgoing packet will be SNAT'ed. 92 if they are used to it the credentials that it receives from the VPN client. Unified Services Router User Manual Figure 58: IPsec policy configuration continued (Auto / Manual Phase 2) 6.2.1 Extended Authentication (XAUTH) You can secure...
Product Manual
Page 95
... also be populated with an account to give a user access to the tunnel. VPN client software is required to establish a VPN tunnel between the LAN VPN client and the VPN server. 6.4.1 PPTP Tunnel Support Setup > VPN Settings > PPTP > PPTP Server A PPTP VPN can be authenticated using a configured Radius database. The user database contains the list of allowed...
... also be populated with an account to give a user access to the tunnel. VPN client software is required to establish a VPN tunnel between the LAN VPN client and the VPN server. 6.4.1 PPTP Tunnel Support Setup > VPN Settings > PPTP > PPTP Server A PPTP VPN can be authenticated using a configured Radius database. The user database contains the list of allowed...
Product Manual
Page 97
... Java based) is installed in place of a VPN client on the remote host to join the corporate LAN with pre-configured access/policy privileges. The router supports multiple concurrent sessions to allow remote users to access the LAN over an encrypted link through this router: VPN Tunnel: The remote user's SSL enabled browser...
... Java based) is installed in place of a VPN client on the remote host to join the corporate LAN with pre-configured access/policy privileges. The router supports multiple concurrent sessions to allow remote users to access the LAN over an encrypted link through this router: VPN Tunnel: The remote user's SSL enabled browser...
Product Manual
Page 108
... router's IP address or a server on the corporate LAN that the virtual (PPP) interface address of Available Applications for SSL Port Forwarding 7.4 SSL VPN Client Configuration Setup > VPN Settings > SSL VPN Client > SSL VPN Client An SSL VPN tunnel client provides a point-to access services on the private network without any special network configuration on the LAN. When a SSL...
... router's IP address or a server on the corporate LAN that the virtual (PPP) interface address of Available Applications for SSL Port Forwarding 7.4 SSL VPN Client Configuration Setup > VPN Settings > SSL VPN Client > SSL VPN Client An SSL VPN tunnel client provides a point-to access services on the private network without any special network configuration on the LAN. When a SSL...
Product Manual
Page 109
...tunnel mode only sends traffic to the SSL VPN client. Client level configuration supports the following: Enable Split Tunnel Support: With a split tunnel, only resources which will be accessed over the VPN tunnel. This configuration is disabled the DSR acts in full tunnel mode) all traffic from... the range of addresses beginning with this IP address Client Address Range End: The ending IP address of the DHCP ...
...tunnel mode only sends traffic to the SSL VPN client. Client level configuration supports the following: Enable Split Tunnel Support: With a split tunnel, only resources which will be accessed over the VPN tunnel. This configuration is disabled the DSR acts in full tunnel mode) all traffic from... the range of addresses beginning with this IP address Client Address Range End: The ending IP address of the DHCP ...
Product Manual
Page 110
...: The network address of the LAN or the subnet information of the destination network from the VPN tunnel clients' perspective is set here. Unified Services Router User Manual Setup > VPN Settings > SSL VPN Client > Configured Client Routes If the SSL VPN client is set here. Subnet mask: The subnet information of the destination network is assigned an...
...: The network address of the LAN or the subnet information of the destination network from the VPN tunnel clients' perspective is set here. Unified Services Router User Manual Setup > VPN Settings > SSL VPN Client > Configured Client Routes If the SSL VPN client is set here. Subnet mask: The subnet information of the destination network is assigned an...
Product Manual
Page 111
...portal layouts are various fields in the portal that is the same page that appears when the client accesses this allows the router administrator to login. This is displayed to SSL VPN clients prior to communicate details such as login instructions, available services, and other usage details in ...the SSL VPN menu. It is used as part of the SSL portal URL. Portal site title: The portal web browser window title that opens when the ―User Portal‖ link...
...portal layouts are various fields in the portal that is the same page that appears when the client accesses this allows the router administrator to login. This is displayed to SSL VPN clients prior to communicate details such as login instructions, available services, and other usage details in ...the SSL VPN menu. It is used as part of the SSL portal URL. Portal site title: The portal web browser window title that opens when the ―User Portal‖ link...
Product Manual
Page 112
...prevents expired web pages and data from being stored in the client's web browser cache. Once the portal settings are configured, the newly configured portal is added to login. It is recommended that is displayed to SSL VPN clients prior to the list of portal layouts. Figure 71: SSL... VPN Portal configuration 110 Unified Services Router User Manual Banner message: The banner message that the user ...
...prevents expired web pages and data from being stored in the client's web browser cache. Once the portal settings are configured, the newly configured portal is added to login. It is recommended that is displayed to SSL VPN clients prior to the list of portal layouts. Figure 71: SSL... VPN Portal configuration 110 Unified Services Router User Manual Banner message: The banner message that the user ...
Product Manual
Page 146
... the SSL connection between this router. Table fields are displayed on this page as follows. The assigned IP address of the remote VPN client. IP Address Local PPP Interface Peer PPP Interface IP Connect Status IP address of the virtual network adapter. The interface (WAN1 or...List of current Active VPN Sessions User Manual All active SSL VPN connections, both for VPN tunnel and VPN Port forwarding, are as well. Field Description User Name The SSL VPN user that has an active tunnel or port forwarding session to this router and the remote VPN client: Not Connected or ...
... the SSL connection between this router. Table fields are displayed on this page as follows. The assigned IP address of the remote VPN client. IP Address Local PPP Interface Peer PPP Interface IP Connect Status IP address of the virtual network adapter. The interface (WAN1 or...List of current Active VPN Sessions User Manual All active SSL VPN connections, both for VPN tunnel and VPN Port forwarding, are as well. Field Description User Name The SSL VPN user that has an active tunnel or port forwarding session to this router and the remote VPN client: Not Connected or ...