Summary of the content on the page No. 1
BiGuard 50G
802.11g Dual WAN Security
Gateway
User’s Manual
Version Release 1.03 (FW:1.xx)
Summary of the content on the page No. 2
BiGuard 50G User’s Manual (Updated September, 2007) Copyright Information © 2007 Billion Electric Corporation, Ltd. The contents of this publication may not be reproduced in whole or in part, transcribed, stored, translated, or transmitted in any form or any means, without the prior written consent of Billion Electric Corporation. Published by Billion Electric Corporation. All rights reserved. Disclaimer Billion does not assume any liability arising out of the application of use
Summary of the content on the page No. 3
Safety Warnings Your BiGuard 50G is built for reliability and long service life. For your safety, be sure to read and follow the following safety warnings. • Read this installation guide thoroughly before attempting to set up your BiGuard 50G. • Your BiGuard 50G is a complex electronic device. DO NOT open or attempt to repair it yourself. Opening or removing the covers can expose you to high voltage and other risks. In the case of malfunction, turn off the power immediately and h
Summary of the content on the page No. 4
Table of Contents Chapter 1: Introduction 1.1 Overview 1.2 Product Highlights 1.2.1 Increased Bandwidth, Scalability and Resilience 1.2.2 Virtual Private Network Support 1.2.3 Advanced Firewall Security 1.2.4 Intelligent Bandwidth Management 1.3 Package Contents 1.3.1 Front Panel 1.3.2 Rear Panel 1.3.3 Cabling Chapter 2: Router Applications 2.1 Overview 2.2 Bandwidth Management with QoS 2.2.1 QoS Technology 2.2.2 QoS Policies for Different Applications 2.2.
Summary of the content on the page No. 5
2.6.2 VPN Planning - Fail Over 2.6.3 Concentrator Chapter 3: Getting Started 3.1 Overview 3.2 Before You Begin 3.3 Connecting Your Router 3.4 Configuring PCs for TCP/IP Networking 3.4.1 Overview 3.4.2 Windows XP 3.4.2.1 Configuring 3.4.2.2 Verifying Settings 3.4.3 Windows 2000 3.4.3.1 Configuring 3.4.3.2 Verifying Settings 3.4.4 Windows 98 / ME 3.4.4.1 Installing Components 3.4.4.2 Configuring 3.4.4.3 Verifying Settings 3.5 Factory Default Settings 3.5.1
Summary of the content on the page No. 6
4.2.3 Routing Table 4.2.4 Session Table 4.2.5 DHCP Table 4.2.6 IPSec Status 4.2.7 PPTP Status 4.2.8 Traffic Statistics 4.2.9 CPU Statistics 4.2.10 System Log 4.3 Quick Start 4.3.1 DHCP 4.3.2 Static IP 4.3.3 PPPoE 4.3.4 PPTP 4.3.5 Big Pond 4.4 Configuration 4.4.1 LAN 4.4.1.1 Ethernet 4.4.1.2 Wireless Security 4.4.1.3 WEP 4.4.1.4 DHCP Server 4.4.1.5 LAN Address Mapping 4.4.2 WAN 4.4.2.1 ISP Settings 4.4.2.1.1 DHCP 4.4.2.1.2 Static IP 4.4.2.1.3 PP
Summary of the content on the page No. 7
4.4.4.3 Firmware Upgrade 4.4.4.4 Backup / Restore 4.4.4.5 Restart 4.4.4.6 Password 4.4.5 Firewall 4.4.5.1 Packet Filter 4.4.5.2 URL Filter 4.4.5.3 Ethernet MAC Filter 4.4.5.4 Wireless MAC Filter 4.4.5.5 Block WAN Request 4.4.5.6 Intrusion Detection 4.4.6 VPN 4.4.6.1 IPSec 4.4.6.1.1 IPSec Wizard 4.4.6.1.2 IPSec Policy 4.4.6.2 PPTP 4.4.7 QoS 4.4.8 Virtual Server 4.4.8.1 DMZ 4.4.8.2 Port Forwarding Table 4.4.9 Advanced 4.4.9.1 Static Route 4.4.9.2 Dyna
Summary of the content on the page No. 8
5.1.1 Router Won’t Turn On 5.1.2 LEDs Never Turn Off 5.1.3 LAN or Internet Port Not On 5.1.4 Forgot My Password 5.2 LAN Interface 5.2.1 Can’t Access Router from the LAN 5.2.2 Can’t Ping Any PC on the LAN 5.2.3 Can’t Access Web Configuration Interface 5.2.3.1 Pop-up Windows 5.2.3.2 Javascripts 5.2.3.3 Java Permissions 5.3 WAN Interface 5.3.1 Can’t Get WAN IP Address from the ISP 5.4 ISP Connection 5.5 Problems with Date and Time 5.6 Restoring Factory Defaults A
Summary of the content on the page No. 9
Appendix D: Network, Routing, and Firewall Basics D.1 Network Basics D.1.1 IP Addresses D.1.1.1 Netmask D.1.1.2 Subnet Addressing D.1.1.3 Private IP Addresses D.1.2 Network Address Translation (NAT) D.1.3 Dynamic Host Configuration Protocol (DHCP) D.2 Router Basics D.2.1 Why use a Router? D.2.2 What is a Router? D.2.3 Routing Information Protocol (RIP) D.3 Firewall Basics D.3.1 What is a Firewall? D.3.2.1 Stateful Packet Inspection D.3.2.2 Denial of Service (DoS)
Summary of the content on the page No. 10
Appendix E: Virtual Private Networking E.1 What is a VPN? E.1.1 VPN Applications E.2 What is IPSec? E.2.1 IPSec Security Components E.2.1.1 Authentication Header (AH) E.2.1.2 Encapsulating Security Payload (ESP) E.2.1.3 Security Associations (SA) 10
Summary of the content on the page No. 11
E.2.2 IPSec Mod E.2.3 Tunnel Mode AH E.2.4 Tunnel Mode ESP E.2.5 Internet Key Exchange (IKE) Appendix F: IPSec Logs and Events F.1 IPSec Log Event Categories F.2 IPSec Log Event Table Appendix G: Bandwidth Management with QoS G.1 Overview G.2 What is Quality of Service? G.3 How Does QoS Work? G.4 Who Needs QoS? G.4.1 Home Users G.4.2 Office Users Appendix H: Router Setup Examples H.1 Outbound Fail Over H.2 Outbound Load Balancing H.3 Inbound Fail Over H.
Summary of the content on the page No. 12
Chapter 1: Introduction 1.1 Overview Congratulations on purchasing BiGuard 50G Router from Billion. Combining a router with an Ethernet network switch, BiGuard 50G is a state-of-the-art device that provides everything you need to get your network connected to the Internet over your Cable or DSL connection quickly and easily. The Quick Start Wizard and DHCP Server will get first-time users up and running with minimal fuss and configuration, while sophisticated Quality of Service (
Summary of the content on the page No. 13
connections are possible on BiGuard 50G, with performance of up to 10Mbps. 1.2.3 Advanced Firewall Security Aside from intelligent broadband sharing, BiGuard 50G offers integrated firewall protection with advanced features to secure your network from outside attacks. Stateful Packet Inspection (SPI) determines if a data packet is permitted to enter the private LAN. Denial of Service (DoS) prevents hackers from interrupting network services via malicious attacks. In addition, BiGuard
Summary of the content on the page No. 14
LED Function Power A solid light indicates a steady connection to a power source. Status A blinking light indicates the device is writing to flash memory. LAN Lit when connected to an Ethernet device. 1 – 4 10/100M : Lit green when connected at 100Mbps. Not lit when connected at 10Mbps. Link/ACT: Lit when device is connected. Blinking when data is transmitting/receiving. WAN1 Lit when connected to an Ethernet device. 10/100M : Lit green when connected at 100Mbps. Not lit wh
Summary of the content on the page No. 15
1.3.2 Rear Panel Port Function Wireless 1 One detachable 2.4GHz 5dbi SMA antenna Antenna WAN2 10/100M Ethernet port (with auto 2 WAN2 crossover support); connect xDSL/Cable modem here. WAN1 10/100M Ethernet port (with auto 3 WAN1 crossover support); connect xDSL/Cable modem here. Connect a UTP Ethernet cable (Cat-5 or LAN 4 Cat-5e) to one of the eight LAN ports when 1 — 4 connecting a PC to the network. To reset the device and restore factory default settings, after t
Summary of the content on the page No. 16
1.3.4 Cabling Most Ethernet networks currently use unshielded twisted pair (UTP) cabling. The UTP cable contains eight conductors, arranged in four twisted pairs, and terminated with an RJ45 type connector. One of the most common causes of networking problems is bad cabling. Make sure that all connected devices are turned on. On the front panel of BiGuard 50G, verify that the LAN link and WAN line LEDs are lit. If they are not, check to see that you are using the proper cabling.
Summary of the content on the page No. 17
Chapter 2: Router Applications 2.1 Overview Your BiGuard 50G router is a versatile device that can be configured to not only protect your network from malicious attackers, but also ensure optimal usage of available bandwidth with Quality of Service (QoS) and both Inbound and Outbound Load Balancing. Alternatively, BiGuard 50G can also be set to redirect incoming and outgoing network traffic with the Fail Over capability, ensuring minimal downtime and increased reliability. The f
Summary of the content on the page No. 18
2.2.2 QoS Policies for Different Applications By setting different QoS policies according to the applications you are running, you can use BiGuard 50G to optimize the bandwidth that is being used on your network. VoIP Normal PCs Restricted PC As illustrated in the diagram above, applications such as Voiceover IP (VoIP) require low network latencies to function properly. If bandwidth is being used by other 18
Summary of the content on the page No. 19
applications such as an FTP server, users using VoIP will experience network lag and/or service interruptions during use. To avoid this scenario, this network has assigned VoIP with a guaranteed bandwidth and higher priority to ensure smooth communications. The FTP server, on the other hand, has been given a maximum bandwidth cap to make sure that regular service to both VoIP and normal Internet applications is uninterrupted. 2.2.3 Guaranteed / Maximum Bandwidth Setting a Guarantee
Summary of the content on the page No. 20
manage your bandwidth, providing reliable Internet and network service to your organization. 2.2.5 Priority Bandwidth Utilization Assigning priority to a certain service allows BiGuard 50G to give either a higher or lower priority to traffic from this particular service. Assigning a higher priority to an application ensures that it is processed ahead of applications with a lower priority and vice versa. 20