DCB Ethernet Tunnel Family Configuration Guide



Similar documents
IP-6600 Router Configuration Quickstart Backing Up a Broadband Connection with Dialup

DSL-2600U. User Manual V 1.0

ADSL MODEM. User Manual V1.0

Internet Access Setup

VPN. VPN For BIPAC 741/743GE

ETHERNET WEATHER STATION CONNECTIONS Application Note 33

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Internet Access Setup

Multi-Homing Dual WAN Firewall Router

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

How To Configure Apple ipad for Cyberoam L2TP

Bits per Second Data Bits Parity Stop Bits Flow Control None 1 None

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

NEFSIS DEDICATED SERVER

Quick Installation Guide DSL-2750U/NRU. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch

Prestige 314 Read Me First

PPTP Server Access Through The

Preparing the Computers for TCP/IP Networking

NBG2105. User s Guide. Quick Start Guide. Wireless Mini Travel Router. Default Login Details. Version 1.00 Edition 1, 11/2012

Multi-Homing Security Gateway

Using VDOMs to host two FortiOS instances on a single FortiGate unit

FINS Gateway For OMRON PLCs

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

Broadband Router ESG-103. User s Guide

ABB solar inverters. User s manual ABB Remote monitoring portal

Configuring the PIX Firewall with PDM

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

MN-700 Base Station Configuration Guide

Innominate mguard Version 6

Guideline for setting up a functional VPN

UIP1868P User Interface Guide

Broadband Phone Gateway BPG510 Technical Users Guide

DSL-G604T Install Guides

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

DFL-210/260, DFL-800/860, DFL-1600/2500 How to setup IPSec VPN connection

Integrating a Hitachi IP5000 Wireless IP Phone

Quick Installation Guide DAP Wireless N 300 Access Point & Router

INTRODUCTION FEATURES OF THE ICM

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

MIP 5000 VoIP Radio Console VPN Solution Guide

Astaro User Portal: Getting Software and Certificates Astaro IPsec Client: Configuring the Client...14

RedRapid X WIRELESS MODEM ROUTER. Quick Installation Guide (DN-7060)

Setting up VPN Access for Remote Diagnostics Support

Lab Configuring Access Policies and DMZ Settings

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

Best Practices: Pass-Through w/bypass (Bridge Mode)

108Mbps Super-G TM Wireless LAN Router with XR USER MANUAL

Quick Installation Guide DSL-2640U. Wireless N 150 ADSL2+ Modem Router

If you have any problems, please contact our technical support team at , or

Deploying Secure Internet Connectivity

Lab Configuring PAT with SDM and Static NAT using Cisco IOS Commands

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

Wireless G Broadband quick install

Prestige 650R-31/33 Read Me First

OSBRiDGE 5XLi. Configuration Manual. Firmware 3.10R

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

Quick Note 32. Using Digi RealPort with a Digi TransPort Router. UK Support September 2012

Manual Wireless Extender Setup Instructions. Before you start, there are two things you will need. 1. Laptop computer 2. Router s security key

Debugging Network Communications. 1 Check the Network Cabling

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Installation of the On Site Server (OSS)

Step-by-Step Configuration

Internet Access to a DVR365

Digicom Remote Control for the SRT

LevelOne WBR-3405TX. User`s Manual. 11g Wireless AP Router

V310 Support Note Version 1.0 November, 2011

Chapter 10 Troubleshooting

Broadband Bandwidth Controller

PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications

11g WiFi ADSL Router. WL-AM604g ! User Manual

Linksys E2000 Wireless-N Router Configuration Guide

EMG Ethernet Modbus Gateway User Manual

ABB solar inverters. User s manual ABB Remote monitoring portal

DIR-100. Before You Begin. Check Your Package Contents. Triple Play Router

Chapter 4 Customizing Your Network Settings

DSA-1000 / PRT-1000 Device Server / Thermal Printer

IP Configuration Manual

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Linksys Gateway SPA2100-SU Manual

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Network Security Firewall Manual Building Networks for People

Chapter 2 Preparing Your Network

DRO-210i LOAD BALANCING ROUTER. Review Package Contents

Apliware firewall. TheGreenBow IPSec VPN Client. Configuration Guide.

IP Filtering for Patton RAS Products

Quick Installation Guide DSL-2750U. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Steps for Basic Configuration

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Steltronic Focus. Main Desk Internet connection

Chapter 4 Managing Your Network

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

This chapter describes how to set up and manage VPN service in Mac OS X Server.

NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1)

Topic 7 DHCP and NAT. Networking BAsics.

< Introduction > This technical note explains how to connect New SVR Series to DSL Modem or DSL Router. Samsung Techwin Co., Ltd.

D-Link DFL-700. Manual

Establishing a VPN tunnel to CNet CWR-854 VPN router using WinXP IPSec client

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

Transcription:

DCB Ethernet Tunnel Family Configuration Guide Introduction Thank you for your purchase of the DCB Ethernet Tunnel. This guide will step you through a typical installation as shown in the following diagram. The example shows a single server with a single client. A single server is capable of supporting 1 to 8 clients in a star topology. Other topologies, such as a daisychain, are possible. Although the ET-6600 is used in the examples, the same configuration is used on the entire ET family of products. An example of a daisy-chain installation is shown later in the guide. This guide does not detail the user interface or how to initially configure the unit. You can refer to the User's Manual for that information. However, for those wishing a quick start guide, this is the condensed version of those instructions. The Ethernet Tunnel is configured through Ethernet-A using a web browser. It has a default IP address of 192.168.0.1. To access the web server, use the URLhttp://192.168.0.1 or https://192.168.0.1. The Secure web URL (https) is used on the higher performance models, the ET- 6604 and ET-6620 models. The default username is admin and there is no password. If the default IP address is incompatible with your network, you can change the address through the Serial- A port. Configure the terminal for 9600 baud, 8 bits, no parity, one stop. Typically, one would lift DIP switch 2 on the Ethernet Tunnel, then apply power. After about 15 seconds, you should see some instructions. When done, make sure to lower DIP switch 2. Some models use a push button for this purpose instead of DIP switches. Network Information Before we can begin, we need to gather information about your network. The following worksheet will help you gather the required information.

Configuration Worksheet

Server Items Worksheet Item Description (A) The subnet mask for your private network. Typically this is something like 255.255.255.0. All devices on your private network will have this same subnet mask. (B) The subnet mask for your public network. Typically this is something line 255.255.255.192. This value is assigned by your ISP and is based on the number of IP addresses they are providing you. (C) The IP address of the Server ET on the private network. An example would be 10.1.0.2 (D) The IP address of the Server ET on the public network. This must be a public address visible on the Internet. An example would be 12.96.67.11 (E) The IP address of the ISP router on the public network. An example would be 12.96.67.1 (F) The common passphrase. This is a secret passphrase that you will enter into all of your ET devices. It is used to generate an initial AES encryption key. The passphrase is sensitive to case, spacing and punctuation. You should always use a passphrase that has more than 20 characters and includes a mixture of characters, numbers, punctuation, and spaces. However, you may not use the double quote or the backslash character. An example would be: The 12 roses are especially lovely 2 day. Client Items (G) The subnet mask for your public network. If you will be using a DHCP server, you can leave this item blank. An example would be 255.255.255.0 (H) The IP address of the Client ET on the private network. Remember, this is logically the same private network that the Server ET is on. An example would be 10.1.0.3 (I) The IP address of the Client ET on the public network. If a DHCP server is available on this network segment, we recommend using it. If you will be using a DHCP server, you can leave this item blank. In order for the Client ET to connect to the Server ET, this address must either be a public address visible on the Internet, or the ISP router must be performing NAT or IP Address Sharing. An example would be 192.168.0.2 (J) The IP address of the ISP router on the public network. An example would be 192.168.0.1. If you will be using a DHCP server, you can leave this item blank. (K) The client user name. This a user name assigned to the client ET and will be used for authentication with the server ET. The user name is sensitive to case, spacing and punctuation. You may not use a double quote or the backslash characters. If you will be using more than one client, each client should be given a unique user name. However, this is not a requirement and all clients could be given the same username and passphrase. (L) The client's passphrase. This is a secret passphrase that will be unique to the client. It will be used for authentication with the server ET. It will also be used to generate AES session keys unique for this client. However, this is not a requirement and all clients could be given the same username and passphrase.

ET Server Configuration Procedure 1. Enable Ethernet-A 3. Set the IP address to worksheet item (C). 4. Set the subnet mask to worksheet item (A). 1. Enable Ethernet-B 3. Set the IP address to worksheet item (D). 4. Set the subnet mask to worksheet item (B). Ethernet-B / Static Routes 1. Add a default routing entry to the ISP router: Target= 0.0.0.0, Netmask= 0.0.0.0, Gateway= worksheet item (E). 2. Set the Common Passphrase to worksheet item (F). 3. Enable Server Mode 4. Set the Listen to Port to 22. 5. Disable Client Mode Ethernet Tunnel / Users 1. Set User 1 to: worksheet item (K) 2. Set User 1's passphrase to: worksheet item(l) Activate Changes

ET Client Configuration Procedure 1. Enable Ethernet-A 3. Set the IP address to worksheet item (H). 4. Set the subnet mask to worksheet item (A). 1. Enable Ethernet-B 2. If the network has a DHCP server, enable DHCP Client. 3. If the network does not have a DHCP server, Set the IP address to worksheet item (I). 4. If the network does not have a DHCP server, Set the subnet mask to worksheet item (G). Ethernet-B / Static Routes 1. If the network does not have a DHCP server, set a default route through the ISP router. Target= 0.0.0.0, Netmask= 0.0.0.0, Gateway= worksheet item (J). 2. Set the Common Passphrase, to worksheet item (F). 3. Disable Server Mode 4. Enable Client Mode 5. Set Connect to Server to worksheet item (D). 6. Set Connect to Port to 22. 7. Set User Name to: worksheet item (K) 8. Set User Passphrase to: worksheet item (L) Activate Changes

Dial-up Client Instead of using a broadband connection for your client, you may want to use a dial-up connection as shown in the following diagram. Configuration of the Server Ethernet Tunnel is the same as our previous example. For the Client Ethernet Tunnel, we will be configuring a dial-up PPP connection. Use the worksheet on the next page to collect the needed information.

Dial-up Worksheet Item Description (H) The IP address of the Client ET on the private network. Remember, this is logically the same private network that the Server ET is on. An example would be 10.1.0.3 (K) The client user name. This a user name assigned to the client ET and will be used for authentication with the server ET. The user name is sensitive to case, spacing and punctuation. You may not use a double quote or the backslash characters. If you will be using more than one client, each client should be given a unique user name. However, this is not a requirement and all clients could be given the same username and passphrase. (L)The client's passphrase. This is a secret passphrase that will be unique to the client. It will be used for authentication with the server ET. It will also be used to generate AES session keys unique for this client. However, this is not a requirement and all clients could be given the same username and passphrase. (M)Phone number of your Dial-up ISP. (N) Username for your Dial-up account. (O) Password for your Dial-up account.

ET Dial-up Client Configuration 1. Enable Ethernet-A 3. Set the IP address to worksheet item (H). 4. Set to subnet mask to worksheet item (A). 1. Disable Ethernet-B Serial-B / Operating Mode 2. Configure the port options appropriate for your Modem. Serial-B / PPP Options 1. Set the Connection Type to Modem 2. Set Dial-in to no. 3. Set Dial-out to yes. 4. Enter the phone number for your ISP worksheet item (M). 5. Enter the user name for your ISP account, worksheet item (N). 6. Enter the password for your ISP account, worksheet item (O). 7. Leave all other setting in their default state. Serial-B / Static Routes 1. Add a default routing entry to your ISP Target 0.0.0.0, Netmask 0.0.0.0 Serial-B / Modem Options 1. Set options appropriate for your modem. 2. Set a Common Passphrase to worksheet item (F). 3. Disable Server Mode 4. Enable Client Mode 5. Set Connect to Server to worksheet item (D). 6. Set Connect to Port to 22. 7. Set User Name to: worksheet item (K). 8. Set User Passphrase to: worksheet item (L). Activate Changes

Daisy-Chain Example This example shows how to use the Ethernet Tunnels in a daisy-chained topology. At the ends of the chain, you have a server and a client. In the middle of the chain, you have units operating as both a server to the downstream unit and a client to the upstream unit. The units are daisy-chained using the serial ports. A unit's Serial-B port is attached to the Serial-A port of the next unit in the chain. ET Server Configuration 1. Enable Ethernet-A 3. Set the IP address to 10.0.0.1 4. Set the subnet mask to 255.255.255.0 1. Disable Ethernet-B Serial-B / Operating Mode 2. Configure the port options appropriate for your application. Serial-B / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.2.0.1 3. Leave all other setting in their default state. 2. Set a Common Passphrase, for this example we will use: The roses are lovely in the winter. Please note that the passphrase is sensitive to case, punctuation, and spacing. 3. Enable Server Mode 4. Set the Listen to Port to 22. 5. Disable Client Mode Ethernet Tunnel / Users 1. Set User 1 to: John Doe 2. Set User 1's passphrase to: This is John Doe's secret passphrase.

Activate Changes First ET Client/Server Configuration 1. Enable Ethernet-A 3. Set the IP address to 10.0.0.2 4. Set the subnet mask to 255.255.255.0 1. Disable Ethernet-B Serial-A / Operating Mode 2. Configure the port options appropriate for your application. Serial-A / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.1.0.2 3. Leave all other setting in their default state. Serial-B / Operating Mode 2. Configure the port options appropriate for your application. Serial-B / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.2.0.2 3. Leave all other setting in their default state. 2. Set a Common Passphrase, for this example we will use: The roses are lovely in the winter. Please note that the passphrase is sensitive to case, punctuation, and spacing. 3. Enable Server Mode 4. Set the Listen to Port to 22. 5. Enable Client Mode 6. Set Connect to Server to 10.2.0.1 7. Set Connect to Port to 22 8. Set User Name to: John Doe 9. Set User Passphrase to: This is John Doe's secret passphrase. Ethernet Tunnel / Users 3. Set User 1 to: John Doe 4. Set User 1's passphrase to: This is John Doe's secret passphrase. Activate Changes Second ET Client/Server Configuration

1. Enable Ethernet-A 3. Set the IP address to 10.0.0.3 4. Set the subnet mask to 255.255.255.0 1. Disable Ethernet-B Serial-A / Operating Mode 2. Configure the port options appropriate for your application. Serial-A / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.1.0.3 3. Leave all other setting in their default state. Serial-B / Operating Mode 2. Configure the port options appropriate for your application. Serial-B / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.2.0.3 3. Leave all other setting in their default state. 2. Set a Common Passphrase, for this example we will use: The roses are lovely in the winter. Please note that the passphrase is sensitive to case, punctuation, and spacing. 3. Enable Server Mode 4. Set the Listen to Port to 22. 5. Enable Client Mode 6. Set Connect to Server to 10.2.0.2 7. Set Connect to Port to 22 8. Set User Name to: John Doe 9. Set User Passphrase to: This is John Doe's secret passphrase. Ethernet Tunnel / Users 1. Set User 1 to: John Doe 2. Set User 1's passphrase to: This is John Doe's secret passphrase. Activate Changes ET Client Configuration 1. Enable Ethernet-A 3. Set the IP address to 10.0.0.4 4. Set the subnet mask to 255.255.255.0 1. Disable Ethernet-B

Serial-A / Operating Mode 2. Configure the port options appropriate for your application. Serial-A / PPP Options 1. Set the Connection Type to direct. 2. Set the Local IP address to 10.1.0.4 3. Leave all other setting in their default state. 2. Set a Common Passphrase, for this example we will use: The roses are lovely in the winter. Please note that the passphrase is sensitive to case, punctuation, and spacing. 3. Disable Server Mode 4. Enable Client Mode 5. Set Connect to Server to 10.2.0.1 6. Set Connect to Port to 22 7. Set User Name to: John Doe 8. Set User Passphrase to: This is John Doe's secret passphrase. Activate Changes

Security Considerations This guide would be incomplete without touching on some security issues. The Ethernet Tunnel's default configuration has a strong security policy for the public network connection and a weak security policy for the private network connection. This was chosen because most users will be tunneling their private network across the Internet. However, this may be inappropriate for your application. You need to determine which network connection is considered risky and which is considered safe. Its possible that both may be safe or both may be risky. So what do we mean by a strong security policy? The Ethernet Tunnel's default configuration does not allow any access to the web interface from the public network interface, thus it may not be configured from the public network. The only visible TCP port is the one used for the tunnel connection and that port is only visible on the server tunnel. The tunnel connection is protected by an authentication handshake using the SHA-1 algorithm and the conversation between the client and server tunnel are AES-128 encrypted. The Ethernet Tunnel will respond to ping (ICMP echo), but that can be disable from the Administration / Access Control page. So what do we mean by a weak security policy? The web interface is open on the private network interface. It has an easily guessed user name of admin and no password. Any client on the private network may access the web server and all configuration traffic may be monitored. The security settings can be modified from the Administration menu. Under the Administration menu you will see the items Admin Password and Access Control. These pages will allow you to change the user name and password and to select the interfaces open for configuration. You can also add IP filters to limit which client IP addresses have access to the web server. If both of your networks are considered risky, you have the option of disabling web configuration from both interfaces. This should be done as the last configuration step, after which the only way to regain access to the unit is through the serial interface. If you choose to do this, remember to store your settings before you activate them. One other item of concern is the configuration file. A valuable feature of the Ethernet Tunnel is the ability to retrieve the configuration out of the unit and store it on a host computer. Please note that this configuration file contains all user names and passphrases. You should take care to secure this file from unauthorized users.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information