AirLive RS-2500 User manual
Use
r
’s Manual
Dual WAN Security VPN
Gateway
RS-2500
Copyright and Disclaimer
AirLive RS-2500 User’s Manual
Copyright & Disclaimer
No part of this publication may be reproduced in any form or by any means, whether
electronic, mechanical, photocopying, or recording without the written consent of OvisLink
Corp.
OvisLink Corp. has made the best effort to ensure the accuracy of the information in this
user’s guide. However, we are not liable for the inaccuracies or errors in this guide.
Please use with caution. All information is subject to change without notice.
All Trademarks are properties of their respective holders.
Table of Contents
i AirLive RS-2500 User’s Manual
Table of Contents
1. Introduction................................................................................................1
1.1 Overview..............................................................................................1
1.2 How to Use This Guide........................................................................1
1.3 Firmware Upgrade and Tech Support..................................................4
1.4 Features...............................................................................................5
2. Installing the RS-2500................................................................................6
2.1 Before You Start...................................................................................6
2.2 Package Content .................................................................................6
2.3 Knowing your RS-2500........................................................................7
2.4 Hardware Installation...........................................................................7
2.5 LED Table ............................................................................................8
2.6 Restore Settings to Default..................................................................8
3. Configuring the RS-2500...........................................................................9
3.1 Important Information...........................................................................9
3.2 Prepare your PC..................................................................................9
3.3 Management Interface.......................................................................10
3.4 Introduction to Web Management......................................................11
3.4.1 Getting into Web Management ................................................................................11
3.5 Initial Configurations ..........................................................................14
4. Web Management ....................................................................................18
4.1 About RS-2500’s Menu Structure.......................................................18
4.2 Remote Web Management................................................................19
5. Administration..........................................................................................20
5.1 Admin.................................................................................................20
5.2 Permitted IP.......................................................................................22
5.3 Software Update................................................................................23
5.4 Logout................................................................................................23
6. Configure..................................................................................................24
Table of Contents
AirLive RS-2500 User’s Manual ii
6.1 Setting................................................................................................24
6.2 Date/Time ..........................................................................................29
6.3 Multiple Subnet..................................................................................30
6.4 Route Table........................................................................................33
6.5 DHCP.................................................................................................34
6.6 Dynamic DNS ....................................................................................36
6.7 Host Table..........................................................................................37
6.8 Language...........................................................................................37
7. Interface....................................................................................................38
7.1 LAN....................................................................................................40
7.2 WAN...................................................................................................41
7.3 DMZ...................................................................................................46
8. Address.....................................................................................................47
8.1 LAN....................................................................................................48
8.2 LAN Group.........................................................................................50
9. Service......................................................................................................53
9.1 Pre-defined........................................................................................54
9.2 Custom ..............................................................................................55
9.3 Group.................................................................................................58
10. Schedule.................................................................................................60
11. QoS..........................................................................................................62
12. Authentication........................................................................................68
12.1 Auth Setting .....................................................................................68
12.2 Auth User.........................................................................................71
13. Content Blocking ...................................................................................75
13.1 URL..................................................................................................75
13.2 Script................................................................................................77
13.3 Download.........................................................................................79
13.4 Upload .............................................................................................81
14. Application Blocking .............................................................................83
Table of Contents
iii AirLive RS-2500 User’s Manual
15. Virtual Server..........................................................................................89
15.1 Mapped IP .......................................................................................90
15.2 Virtual Server...................................................................................92
16. VPN..........................................................................................................99
16.1 One-Step IPSec.............................................................................100
16.2 IPSec Autokey ...............................................................................102
16.3 PPTP Server..................................................................................105
16.4 PPTP Client ...................................................................................106
17. Configuration Example: IPSec & PPTP VPN .....................................107
17.1 IPSec VPN - Office to Office (1).....................................................107
17.2 IPSec VPN - Office to Office (2).....................................................117
17.3 IPSec VPN - Office to Client..........................................................127
17.4 PPTP VPN - Office to Office ..........................................................134
17.5 PPTP VPN - Office to Client ..........................................................143
18. Policy ....................................................................................................152
19. Configuration Example: Policy Setting..............................................156
19.1 Configuration Example (1) - Traffic Log, Statistic...........................156
19.2 Configuration Example (2) - Specific WAN Addresses, Content
Blocking, Application Blocking ...............................................................159
19.3 Configuration Example (3) - Authentication, Schedule ..................164
19.4 Configuration Example (4) - Virtual Server....................................167
19.5 Configuration Example (5) - QoS, Virtual Server, MAX. Concurrent
Sessions................................................................................................169
20. Web VPN / SSL VPN.............................................................................171
20.1 Setting............................................................................................171
20.2 Hardware Auth...............................................................................174
20.3 Status.............................................................................................175
20.4 Configuration Example...................................................................176
21. Anomaly Flow IP ..................................................................................184
22. Monitor..................................................................................................190
Table of Contents
AirLive RS-2500 User’s Manual iv
22.1 Log.................................................................................................190
22.2 Accounting Report .........................................................................202
22.3 Statistic ..........................................................................................211
22.4 Diagnostic......................................................................................216
22.5 Wake On Lan.................................................................................220
22.6 Status.............................................................................................221
23. Frequent Asked Questions .................................................................225
24. Specifications.......................................................................................229
24.1 Hardware Features........................................................................229
25. Network Glossary ................................................................................234
25.1 Interface.........................................................................................234
25.2 System...........................................................................................235
25.3 VPN ...............................................................................................238
25.4 Anomaly Flow IP............................................................................240
1. Introduction
1AirLive RS-2500 User’s Manual
1 1. Introduction
1.1 Overview
The RS-2500 is powered by a powerful IXP425 533 MHz RISC processor, and increased of
memory capacity in order to make the performance better. Furthermore, it also provides
Web VPN/ SSL VPN Sever function, so remote users can easily connect to IPSec server by
using IE browser and access LAN resource.
Meanwhile, RS-2500 is also improved IM/P2P Blocking function, so it is not just able to
block IM and P2P program, the new Application Blocking is promoted to support the
blocking of Video/Audio Application, Webmail, Game Application, Tunnel Application, and
Remote Control Application. With omnibus advanced security function makes RS-2500 to
be an outstanding Security VPN Gateway than before.
1.2 How to Use This Guide
RS-2500 is an advanced VPN Security Gateway with many functions. It is recommended
that you read through the entire user’s guide whenever possible. The user guide is
divided into different chapters. You should read at least go through the first 3 chapters
before attempting to install the device.
Chapter 1 Introduction: This chapter is an introduction about the user’s manual.
It can help your to know the chapter’s contents, and how to get help from AirLive
Tech Support.
Chapter 2 Installing the RS-2500: This chapter is about hardware installation.
You should read through the entire chapter.
Chapter 3 Configuring the RS-2500: This chapter is the basic information
about preparation before you access RS-2500. It also includes the basic but
important information of RS-2500.
Chapter 4 Web Management: This chapter explains how to access RS-2500 via
web console.
1. Introduction
AirLive RS-2500 User’s Manual 2
Chapter 5 Administration: In this chapter, you can know how to create a
sub-admin account, change password, and upgrade firmware.
Chapter 6 Configure:
6.1 Setting: You can backup or restore RS-2500 config file, reset device to
default setting, define the mail address for notification, change the port
number of web management, change MTU value, enable RIP, SIP
pass-through function, and else.
6.3 Multiple Subnet: You can create the further subnet for LAN or DMZ
interface, and define those subnet as NAT mode or Routing mode.
6.5 DHCP: You can change DHCP client IP range for LAN or DMZ, or enable
DHCP Relay function to get the IP from upper DHCP server.
Chapter 7 Interface: This chapter is about interface configuration, and enable
Remote Management function.
Chapter 8 Address: The administrator can define the specific IP address, IP
range, IP subnet, or MAC address for the specific device in LAN, WAN, or DMZ,
so the Policy setting can be modified to restrict the service precisely.
Chapter 9 Service: In this chapter, it lists the standard protocol for user’s
reference, and it also allows user creating non-standard port number for the
request. In the end, the Address setting will be assigned to Mapped IP, Virtual
Server, or enabled by Policy setting.
Chapter 10 Schedule: This chapter can allow user defining the time schedule for
Policy setting.
Chapter 11 QoS: It is recommended to read this chapter if you would like to
configure the setting. This chapter will tell you how to configure QoS setting
correctly.
Chapter 12 Authentication: If you would like to ask user passing authentication
before to access Internet, you can read this chapter and follow the guide to
configure it.
Chapter 13 Content Blocking: You can configure the Content Blocking setting
and enable the function at Policy.
13.1 URL: You can define the key word or domain name to be blocked or be
allowed to access for the website.
13.3 Download: The specific type or extension name of files can be blocked.
1. Introduction
3AirLive RS-2500 User’s Manual
Chapter 14 Application Blocking: You can select the application type and
software, and enable to block those applications at Policy.
Chapter 15 Virtual Server: When you install server in LAN and allow Internet
users accessing, you should define the Virtual Server function.
Chapter 16 VPN: This chapter is an introduction for IPSec and PPTP server. You
can read next chapter to know how to configure them.
Chapter 17 Configuration Example - IPSec & PPTP VPN: We list several
examples for the VPN connection, and you can find the one and refer to the
example to configure your own setting.
Chapter 18 Policy: It is recommended to read this chapter, because it is the most
important setting for RS-2500. No matter how you configure QoS, VPN, or else
function, you have to enable them at Policy setting.
Chapter 19 Configuration Example - Policy Setting: We list several Policy
setting for your reference, and you can know better how to configure it.
Chapter 20 Web VPN / SSL VPN: This chapter will explain you the Web VPN /
SSL VPN function, and we also list the example for your reference about how to
configure it.
Chapter 21 Anomaly Flow IP: This chapter is an introduction to tell user how to
configure RS-2500 for the protection from being intrusion by the known malware.
Chapter 22 Monitor:
22.1 Log: Display kinds of log records for user’s reference.
22.2 Accounting Report: Display the calculation of Internet access result per
Source IP, Destination IP, and Service.
22.3 Statistic: Display WAN or Policy Statistic result for user’s reference.
22.4 Diagnostic: RS-2500 offers Ping and Traceroute tools to diagnostic
connection’s status per WAN, LAN, DMZ, or VPN.
22.5 Wake On Lan: This chapter is an introduction about the Wake On Lan
function, so Internet user can wake on LAN PC.
22.6 Status: You can find out the real-time status about Interface,
Authentication, ARP table, and DHCP Clients.
1. Introduction
AirLive RS-2500 User’s Manual 4
1.3 Firmware Upgrade and Tech Support
If you encounter a technical issue that can not be resolved by information on this guide, we
recommend that you visit our comprehensive website support at www.airlive.com. The
tech support FAQ are frequently updated with latest information.
In addition, you might find new firmware that either increase software functions or provide
bug fixes for RS-2500. You can reach our on-line support center at the following link:
http://www.airlive.com/support/support_2.jsp
Since 2009, AirLive has added the “Newsletter Instant Support System” on our website.
AirLive Newsletter subscribers receives instant email notifications when there are new
download or tech support FAQ updates for their subscribed airlive models. To become an
AirLive newsletter member, please visit: http://www.airlive.com/member/member_3.jsp
Figure: AirLive Newsletter Support System
1. Introduction
5AirLive RS-2500 User’s Manual
1.4 Features
Web VPN/SSL VPN, IPSec and PPTP VPN Server
VPN Trunk
Application Blocking, IM / P2P Blocking, Content Blocking
User Authentication
QoS, Max. Bandwidth Per Source IP, Max. Concurrent Sessions Per Source IP
Dual WAN Load Balance and Fail-over
Multiple Subnet
Custom Service Definition for IP, TCP, UDP
Detect and block the anomaly flow IP
Policy based Firewall
DMZ Transparent
Schedule
Static Route, RIPv2
Web Management
2. Install the RS-2500
AirLive RS-2500 User’s Manual 6
2 2. Installing the RS-2500
This section describes the hardware features and the hardware installation procedure for
the RS-2500. For software configuration, please go to chapter 3 for more details.
2.1 Before You Start
It is important to read through this section before you install the RS-2500
The RS-2500 comes with everything you need to start installation. You can use
CAT-5 Ethernet cable according to the length you need.
The RS-2500 must be installed with 5V adapter. Please do not use the other
voltage of adapter.
During upgrading firmware, please do not renew or close the webpage, otherwise
it could crash the firmware.
Please do not use FTP to transfer firmware file, because the firmware could be
transferred incompletely. If user upgrades RS-2500 with incomplete firmware it
will damage the device.
2.2 Package Content
The RS-2500 package contains the following items:
One RS-2500 main unit
One 5V 2.5A DC power adapter
2 x RJ-45 Ethernet Cable
User’s Guide CD
Quick Start Guide
2. Install the RS-2500
7 AirLive RS-2500 User’s Manual
2.3 Knowing your RS-2500
Below are descriptions and diagrams of the product:
2.4 Hardware Installation
1. Plug in power adapter to RS-2500 and
electric outlet at wall 2. Connect an Ethernet cable to PC and
RS-2500 LAN port
3. Wait for RS-2500 Status LED to stop
blinking the light 4. PC should get the IP address from RS-2500
DHCP server, and now you can login to
RS-2500 and configure the setting.
2. Install the RS-2500
AirLive RS-2500 User’s Manual 8
2.5 LED Table
This section describes the LED behavior of RS-2500.
You can find the LED on the Front side of the RS-2500.
Power
Steady Green – Power On device
OFF – No Power
Status
Steady Green – Ready to use
Blinking – At the booting process
WAN1/2, LAN, DMZ
Steady Green – Cable is connected
Blinking – Packets is sending/receiving
2.6 Restore Settings to Default
If you have forgotten your RS-2500’s IP address or password, you can restore your
RS-2500 to the default settings by pressing on the “reset button” for more than 10 seconds.
You can find the reset button at back panel. Please see diagram below for details.
3. Configuring the RS-2500
9 AirLive RS-2500 User’s Manual
3 3. Configuring the
RS-2500
To use this product correctly, you have to properly configure the network settings of your
computers and install the attached setup program into your MS Windows platform
(Windows 95/98/NT/2000/XP).
3.1 Important Information
The following information will help you to get start quickly. However, we recommend you
to read through the entire manual before you start. Please note the password are case
sensitive.
The default IP address is: 192.168.1.1 Subnet Mask: 255.255.255.0
The default user name is: admin
The default password is: airlive
After power on, please wait for 2 minutes for RS-2500 to finish boot up
3.2 Prepare your PC
The default IP address of this product is 192.168.1.1, and the default subnet mask is
255.255.255.0. These addresses can be changed on your need, but the default values are
used in this manual. If the TCP/IP environment of your computer has not yet been
configured, you can refer to the example:
1. Configure IP as 192.168.1.2, subnet mask as 255.255.255.0 and gateway as
192.168.1.1, or more easier,
2. Configure your computers to load TCP/IP setting automatically, that is, via DHCP
server of this product.
After installing the TCP/IP communication protocol, you can use the ping command to
check if your computer has successfully connected to this product. The following example
shows the ping procedure for Windows platforms. First, execute the ping command
ping 192.168.1.1
3. Configuring the RS-2500
AirLive RS-2500 User’s Manual 10
If the following messages appear:
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time=2ms TTL=64
A communication link between your computer and this product has been successfully
established. Otherwise, if you get the following messages,
Pinging 192.168.1.1 with 32 bytes of data:
Request timed out.
There must be something wrong in your installation procedure. You have to check the
following items in sequence:
1. Is the Ethernet cable correctly connected between this product and your computer?
Tip: The LAN LED of this product and the link LED of network card on your computer must
be lighted.
2. Is the TCP/IP environment of your computers properly configured?
Tip: If the IP address of this product is 192.168.1.1, the IP address of your computer must
be 192.168.1.X and default gateway must be 192.168.1.1.
3.3 Management Interface
The RS-2500 can be configured using one the management interfaces below:
Web Management (HTTP): You can manage your RS-2500 by simply typing its IP
address in the web browser. We recommend using this interface for initial
configurations. To begin, simply enter RS-2500 IP address (default is 192.168.1.1) on
the web browser. The default password is “airlive”.
Secure Web Management (HTTPS): HTTPS is also using web browser for
configuration. But all the data transactions are securely encrypted using SSL
encryption. Therefore it is safe and easy way to manage your RS-2500.
3. Configuring the RS-2500
11 AirLive RS-2500 User’s Manual
3.4 Introduction to Web Management
The RS-2500 offers both normal (http) and secured (https) Web Management interfaces.
Their share the same interface and functions, and they can both be accessed through web
browsers. The only difference is HTTPS are encrypted for extra security. Therefore, we
will discuss them together as “Web Management” on this guide.
If you are placing the RS-2500 behind router or firewall, you might need to open virtual
server ports to RS-2500 on your firewall/router
HTTP: TCP Port 80
HTTPS: TCP/UDP Port 443
3.4.1 Getting into Web Management
Normal Web Management (HTTP)
To get into the Normal Web Management, simply type in the RS-2500’s IP address (default
IP is 192.168.1.1) into the web browser’s address field.
3. Configuring the RS-2500
AirLive RS-2500 User’s Manual 12
Secured Web Management (HTTPS)
To get into the Secured Web Management, just type “https://192.168.1.1” into the web
browser’s address field. The “192.168.1.1” is RS-2500’s default IP address. If the IP
address is changed, the address entered in the browser should change also.
A security warning screen from your browser will then pop-up depending on the browser
you use. Please follow step below to clear the security screen.
Internet Explorer: Select “Yes” to proceed
Firefox:
1. Select “or you can add an exception”
1
3. Configuring the RS-2500
13 AirLive RS-2500 User’s Manual
2. Click on “Add Exception”
2
3. Click on “Get Certificate”. Then, please enter RS-2500’s IP address. Finally,
please click on “Confirm Security Exception.”
3
4
3. Configuring the RS-2500
AirLive RS-2500 User’s Manual 14
3.5 Initial Configurations
We recommend users to browse through RS-2500’s web management interface to get an
overall picture of the functions and interface. Below are the recommended initial
configurations for first time login:
STEP 1:
1. Connect theAdmin’s PC and the LAN port of the Security VPN Gateway.
2. Open an Internet web browser and type the default IP address of the Security VPN
Gateway as 192.168.1.1 in the address bar.
3. A pop-up screen will appear and prompt for a username and password. Enter the
default login username (admin) and password (airlive) of Administrator.
STEP 2:
After entering the username and password, the Security VPN Gateway WEB UI screen will
display. Select the Interface tab on the left menu and a sub-function list will be displayed.
Click on WAN from the sub-function list, enter proper the network setup information
Click Modify to modify WAN1/2 settings (i.e. WAN1 Interface)
WAN1 interface IPAddress 60.250.158.64
NetMask 255.255.255.0
Default Gateway 60.250.158.254
DNS Server1 168.95.1.1
Table of contents
Other AirLive Gateway manuals
AirLive
AirLive RS-2000 User manual
AirLive
AirLive IAS-2000 V2 User manual
AirLive
AirLive MW-2000SV2 User manual
AirLive
AirLive MW-1000S User manual
AirLive
AirLive IGR-1500 User manual
AirLive
AirLive RS-1200 User manual
AirLive
AirLive RS-2000 User manual
AirLive
AirLive VH-4GW User manual
AirLive
AirLive VOIP-111A User manual
AirLive
AirLive RS-1200 User manual
AirLive
AirLive AirMax4GW User manual
AirLive
AirLive AirMax4GW User manual
AirLive
AirLive IGR-2500 User manual
AirLive
AirLive IGR-1500 User manual
AirLive
AirLive AirMax4GW User manual
AirLive
AirLive VH-4GW User manual
AirLive
AirLive SKY-211 User manual
AirLive
AirLive IAS 2000 User manual
AirLive
AirLive RS-3000 User manual
AirLive
AirLive MW-2000S User manual
