Amit Sde852-00001 User manual

User Manual

FW: 00PI0.1001

UM: V0.93_20140709

SDE85x-00001

Multi-Service Gateway

with WLAN Controller

Multi-Service Gateway with WLAN Controller

TABLE OF CONTENTS

CHAPTER 1 INTRODUCTION.............................................................................................7

1.1 CONTENTS LIST.....................................................................................................................................................7

1.2 HARDWARE INSTALLATION...................................................................................................................................8

1.2.1 ATTENTION.............................................................................................................................8

1.2.2 SYSTEM REQUIREMENTS.....................................................................................................8

1.2.3 Hardware Configuration............................................................................................................9

1.2.4 LED Indicators........................................................................................................................11

CHAPTER 2 GETTING STARTED .....................................................................................12

2.1 CONNECT YOUR DEVICE ....................................................................................................................................12

2.2 EASY SETUP BY CONFIGURING WEB UI............................................................................................................12

CHAPTER 3 MAKING CONFIGURATIONS .....................................................................25

3.1 BASIC NETWORK ................................................................................................................................................25

3.1.1 WAN Setup.............................................................................................................................26

3.1.1.1 Physical Interface................................................................................................................................26

3.1.1.2 Internet Setup ......................................................................................................................................28

3.1.1.2.1 Ethernet WAN...................................................................................................................................28

3.1.1.2.2 Wireless WAN – 3G/4G.....................................................................................................................36

3.1.1.3 Load Balance.......................................................................................................................................38

3.1.2 LAN & VLAN...........................................................................................................................41

3.1.2.1 Network Setting ...................................................................................................................................42

3.1.2.2 LAN & VLAN........................................................................................................................................43

3.1.2.2.1 VLAN Scenarios...............................................................................................................................43

3.1.2.2.2 Port-Based VLAN.............................................................................................................................46

3.1.2.2.3 Tag-Based VLAN..............................................................................................................................48

3.1.3 IPv6 Setup..............................................................................................................................50

3.1.3.1 Static IPv6............................................................................................................................................50

3.1.4.2 DHCP v6..............................................................................................................................................52

3.1.4.3 PPPoEv6..............................................................................................................................................53

3.1.4.4 6 to 4.....................................................................................................................................................54

3.1.4.5 6 in 4.....................................................................................................................................................55

3.1.4.6 6rd........................................................................................................................................................56

3.1.4 NAT / Bridge...........................................................................................................................58

3.1.4.1 Configuration........................................................................................................................................58

3.1.4.2 Virtual Server & Virtual Computer ......................................................................................................58

3.1.4.2.1 Virtual Server....................................................................................................................................58

SDE852 User Manual 2

Multi-Service Gateway with WLAN Controller

3.1.4.2.2Virtual Computers.............................................................................................................................59

3.1.4.3 Special AP & ALG ...............................................................................................................................60

3.1.4.3.1 ALG .................................................................................................................................................60

3.1.4.3.2 Special AP ........................................................................................................................................60

3.1.4.3.3 DMZ.................................................................................................................................................61

3.1.5 Routing...................................................................................................................................63

3.1.5.1 Static Routing.......................................................................................................................................63

3.1.5.2 Dynamic Routing .................................................................................................................................64

3.1.5.3 Routing Information.............................................................................................................................66

3.1.6 Client/Server/Proxy.................................................................................................................66

3.1.6.1 Dynamic DNS......................................................................................................................................66

3.1.6.2 DHCP Server.......................................................................................................................................67

3.2 ADVANCED NETWORK........................................................................................................................................69

3.2.1 Firewall...................................................................................................................................70

3.2.1.1 Configuration........................................................................................................................................70

3.2.1.2 Packet Filters.......................................................................................................................................70

3.2.1.2.1 Configuration....................................................................................................................................71

3.2.1.2.2 Packet Filter List...............................................................................................................................71

3.2.1.2.3 Packet Filter Rule Configuration........................................................................................................72

3.2.1.3 URL Blocking.......................................................................................................................................73

3.2.1.3.1 Configuration....................................................................................................................................74

3.2.1.3.2 URL Blocking Rule List....................................................................................................................74

3.2.1.3.3 URL Blocking Rule Configuration.....................................................................................................75

3.2.1.4 Web Content Filters.............................................................................................................................75

3.2.1.4.1 Configuration....................................................................................................................................76

3.2.1.4.2 Web Content Filter Rule List .............................................................................................................76

3.2.1.4.3 Web Content Filter Configuration......................................................................................................77

3.2.1.5 MAC Control........................................................................................................................................77

3.2.1.5.1 Configuration....................................................................................................................................78

3.2.1.5.2 MAC Control Rule List .....................................................................................................................78

3.2.1.5.3 MAC Control Rule Configuration......................................................................................................79

3.2.1.6 Application Filters................................................................................................................................79

3.2.1.6.1 Configuration....................................................................................................................................80

3.2.1.7 IPS........................................................................................................................................................80

3.2.1.8 Options.................................................................................................................................................81

3.2.2 QoS & BWM...........................................................................................................................82

3.2.2.1 Configuration........................................................................................................................................83

3.2.2.2 Rule-based QoS..................................................................................................................................84

3.2.2.2.1 Configuration....................................................................................................................................85

SDE852 User Manual 3

Multi-Service Gateway with WLAN Controller

3.2.2.2.2 QoS Rule List ...................................................................................................................................85

3.2.2.2.3 QoS Rule Configuration ....................................................................................................................86

3.2.3 VPN Setup..............................................................................................................................90

3.2.3.1 IPSec....................................................................................................................................................90

3.2.3.1.1 IPSec VPN Tunnel Scenarios.............................................................................................................91

3.2.3.1.2 IPSec Configuration..........................................................................................................................92

3.2.3.1.3 Tunnel List & Status..........................................................................................................................93

3.2.3.1.4 Tunnel Configuration ........................................................................................................................94

3.2.3.1.5 Local & Remote Configuration..........................................................................................................94

3.2.3.1.6 Authentication...................................................................................................................................95

3.2.3.1.7 IKE Phase.........................................................................................................................................95

3.2.3.1.8 IKE Proposal Definition....................................................................................................................96

3.2.3.1.9 IPSec Phase......................................................................................................................................97

3.2.3.1.10 IPSec Proposal Definition..................................................................................................................97

3.2.3.1.11 Manual Proposal...............................................................................................................................98

3.2.3.2 PPTP....................................................................................................................................................98

3.2.3.2.1 PPTP / L2TP VPN TunnelScenarios..................................................................................................99

3.2.3.2.1 PPTP Server Configuration..............................................................................................................100

3.2.3.2.2 PPTP Server Status..........................................................................................................................100

3.2.3.2.3 User Account List............................................................................................................................101

3.2.3.2.4 User Account Configuration ............................................................................................................101

3.2.3.2.5 PPTP Client ....................................................................................................................................101

3.2.3.2.6 PPTP Client List & Status................................................................................................................102

3.2.3.2.7 PPTP Client Configuration ..............................................................................................................102

3.2.3.3 L2TP...................................................................................................................................................104

3.2.3.3.1 L2TP Server Configuration..............................................................................................................104

3.2.3.3.2 L2TP Server Status..........................................................................................................................105

3.2.3.3.3 User Account List............................................................................................................................106

3.2.3.3.4 User Account Configuration ............................................................................................................106

3.2.3.3.5 L2TP Client ....................................................................................................................................106

3.2.3.3.6 L2TP Client List & Status................................................................................................................106

3.2.3.3.7 L2TP Client Configuration ..............................................................................................................107

3.2.3.4 GRE....................................................................................................................................................108

3.2.3.4.1 GRE VPN Tunnel Scenario..............................................................................................................108

3.2.3.4.2 GRE Configuration .........................................................................................................................109

3.2.3.4.3 GRE Tunnel Definitions..................................................................................................................109

3.2.3.4.4 GRE rule Configuration...................................................................................................................109

3.2.4 Redundancy.........................................................................................................................110

3.2.4.1 VRRP.................................................................................................................................................110

SDE852 User Manual 4

Multi-Service Gateway with WLAN Controller

3.2.5 System Management............................................................................................................112

3.2.5.1 TR-069 ...............................................................................................................................................112

3.2.5.2 SNMP.................................................................................................................................................112

3.2.5.3 Telnet with CLI...................................................................................................................................114

3.2.5.4 UPnP..................................................................................................................................................114

3.3 APPLICATIONS...................................................................................................................................................116

3.3.1 AP Management...................................................................................................................116

3.3.1.1 Configuration......................................................................................................................................116

3.3.1.1.1 AP Management Configuration........................................................................................................ 116

3.3.1.1.2 AP Configuration Proposal List ....................................................................................................... 116

3.3.1.2 AP List................................................................................................................................................117

3.3.1.2.1 Trusted AP List & Status.................................................................................................................. 117

3.3.1.3 AP Configuration................................................................................................................................118

3.3.1.3.1 AP Configuration .................................................................................................................................. 118

3.3.2 Captive Portal.......................................................................................................................119

3.3.2.1 Captive Portal Configuration.............................................................................................................119

3.4 SYSTEM .............................................................................................................................................................120

3.4.1 System Related....................................................................................................................120

3.4.1.1 Change Password.............................................................................................................................121

3.4.1.2 SystemInformation............................................................................................................................121

3.4.1.3 System Status....................................................................................................................................122

3.4.1.4 SystemTools.....................................................................................................................................123

3.4.2 Scheduling............................................................................................................................125

3.4.3 User Management................................................................................................................126

3.4.3.1 User List.............................................................................................................................................127

3.4.3.2 User Profile........................................................................................................................................128

3.4.3.3 User Group.........................................................................................................................................129

3.4.4 MMI......................................................................................................................................130

3.4.4.1 Web UI...............................................................................................................................................130

CHAPTOR 4TROUBLESHOOTING................................................................................132

APPENDIXA. LICENSING INFORMATION ...................................................................136

SDE852 User Manual 5

Multi-Service Gateway with WLAN Controller

The contents of this publication may not be reproduced in any part or as a whole, stored,

transcribed in an information retrieval system, translated into any language, or transmitted

in any form or by any means, mechanical, magnetic, electronic, optical, photocopying,

manual, or otherwise, without the prior written permission.

Trademarks

All products, company, brand names are trademarks or registered trademarks of their

respective companies. They are used for identification purpose only. Specifications are

subject to be changed without prior notice.

SDE852 User Manual 6

Multi-Service Gateway with WLAN Controller

Chapter 1 Introduction

Congratulations on your purchase of this outstanding product: SDE85x-00001

Multi-Service Gateway with WLAN Controller.The product series, the multi-service

security gateway comes with fruitful functions to meet SMB fast growing intranet access

requirement. Multi-WAN NAT function allows multiple clients to have high speed access.

VPN technology can enable secure access within intranet. By AP controller function, it is

easy to deploy WiFi access infrastructure. Firewall and access control can prevent from

hackers attack and avoid unproductive activity. Friendly setting and professional network

management function, supervisor can easily take control of whole intranet. Besides being

used for SMBcorporate, when combined with AMIT various gateway series, it is also quite

suitable for commercial, mobile office, hotspot deployment, and M2M-IoT application. For

optimal IT investment, AMIT solutions will guarantee maximum ROI and highest reliability.

Instructions for installing and configuring this product can be found in this manual. Before

you install and use this product, please read this manual carefully for fully exploiting the

functions of this product.

1.1 Contents List

Items Description Contents Quantity

1 Device

1pce

2 Power Adapter

1pce

3 RJ45 Cable

1pce

4 CD

1pce

SDE852 User Manual 7

Multi-Service Gateway with WLAN Controller

1.2 Hardware Installation

1.2.1 ATTENTION

1.2.2 SYSTEM REQUIREMENTS

Network Requirements •An Ethernet RJ45 cable or DSL modem

•10/100/1000 Ethernet adapter on PC / NB.

Web-based Configuration Utility

Requirements

Computer with the following:

•Windows®, Macintosh, or Linux-based

operating system

•An installed Ethernet adapter

Browser Requirements:

•Internet Explorer 6.0 or higher

•Chrome 2.0 or higher

•Firefox 3.0 or higher

•Safari 3.0 or higher.

CD Installation Wizard Requirements

Computer with the following:

•Windows®7 / 8, Vista®

, or XP with Service Pack

•An installed Ethernet adapter

•CD-ROM drive

Do not use the product in high humidity or high

temperatures.

Only usethe power adapter that comes with the

package. Using a different voltage rating power

adaptor may damage the product.

Do not open or repair the case yourself. If the

Product is too hot, turn off the power immediately

and have it repaired at a qualified service center.

Place the Product on a stable surface and avoid

using this product and all accessories outdoors.

Attention

SDE852 User Manual 8

Multi-Service Gateway with WLAN Controller

1.2.3 Hardware Configuration

Rear View:

SDE852-00001

Console Port

(DB9)

Receptor

for Power

Cable

Power

ON/OFF

Switch

SDE852 User Manual 9

Multi-Service Gateway with WLAN Controller

Front View:

SDE852-00001

Auto MDI/MDIX RJ-45 Ports

2x GbE WAN to connect Internet,

1x GbE DMZ to connect Local Server

5x GbE LAN to connect local devices

Reset

Button

USB

SDE852 User Manual 10

Multi-Service Gateway with WLAN Controller

1.2.4 LED Indicators

SDE852-00001

LED

Description

Power OFF: Device is powered down.

Green: Device is powered on.

Status Green in flash: Device is in normal operation.

Green in fast flash: Device is in recovery mode or abnormal state.

WAN-1 / WAN-2 Green: Ethernet connection is established

Green in flash: data packet transferred through WAN

OFF: No Ethernet cable attached or Device not linked

USB

(for 3G/4G)

OFF: USB 3G/4G connection is not established

Green: USB 3G/4G connection is established

Green in flash: data packet transferred via USB 3G/4G

DMZ / LAN-

1 ~

LAN-5

Green: Ethernet connection is established

Green in flash: data packet transferred via Ethernet

OFF: No Ethernet cable attached or Device not linked

SDE852 User Manual 11

Multi-Service Gateway with WLAN Controller

Chapter 2 Getting Started

2.1 Connect Your Device

Before you can use this product, you need to connect your PC or NB to this gateway first.

You can connect your PC to one of LAN1~LAN5 ports through an Ethernet cable.

2.2 Easy Setup by Configuring Web UI

You can browse web UI to configure the device. Firstly you need to launch the Setup

Wizard browser first and then the Setup Wizard will guide you step-by-step to finish the

basic setup process.

Browse to Activate the Setup Wizard

Type in the IP Address (http://192.168.123.254)

When you see the login page, type the password ‘admin’

and then click ‘login’

button.

After login, select your language from the list.

1 The default LAN IPaddress of this gatewayis 192.168.123.254. If you change it, you need to type the new

IP address

2 It’s strongly recommending you to change this login password from default value

SDE852 User Manual 12

Multi-Service Gateway with WLAN Controller

I. Wizard

Select “Wizard” for basic network settings and VPN settings in a simple way. Or, you can

go to Basic Network / Advanced Network / Applications / System to setup the

configuration by your own selection.

A. Configure with the Network Setup Wizard

Step 1

The network setup wizard will guide you

to finish some basic settings, including

interface and LAN interface.

Press “Next” to start the wizard.

SDE852 User Manual 13

Multi-Service Gateway with WLAN Controller

Step 2: Change Password

Password setting. You can change the

strongly recommending you to change

this login password from default value.

Press “Next” to continue.

Step 3: Time Zone

Time Zone setting. It will detect your time

zone automatically. If the result of auto

detection is not correct, you can press

“Detect Again” button or select manually.

Press “Next” to continue.

Step 4: WAN

WAN Interface setting. Choose type of

WAN connection. You can select

Ethernet WAN if you want to connect to

Internet through fixed line. Or select

3G/4G if you want to connect to Internet

through 3G/4G network. A variety of WAN

types are available for Ethernet WAN

connection.

Press “Next” to continue.

Step 4-1: Ethernet (Static IP Address)

If choosing Ethernet->Static IP Address,

you need to input all IP address that you

get from ISP (Internet Service Provider)

manually. This option is usually chosen

when you get a fixed IP address from

ISP.

Press “Next” to continue.

SDE852 User Manual 14

Multi-Service Gateway with WLAN Controller

Step 4-2: Ethernet (Dynamic IP Address)

If choosing Ethernet->Dynamic IP

Address, you can input host name or

registered MAC address when your ISP

requests it. In most cases, you can leave

them as blank and go next. This option is

usually chosen when you get a dynamic

IP address from ISP.

Press “Next” to continue.

Step 4-3: Ethernet (PPPoE)

If choosing Ethernet->PPP over Ethernet

(so-called PPPoE), you need to input

account and password that you get from

ISP. For other fields, you can leave them

as blank in most cases. This option is

usually chosen when you use ADSL for

WAN connection.

Press “Next” to continue.

Step 4-4: Ethernet (PPTP)

If choosing Ethernet->PPTP, you need to

inputrequired dial-up information that you

get from ISP. This option is usually

chosen when your ISP requests it.

Press “Next” to continue.

Step 4-5: Ethernet (L2TP)

If choosing Ethernet->L2TP, you need to

inputrequired dial-up information that you

get from ISP. This option is usually

chosen when your ISP requests it.

Press “Next” to continue.

SDE852 User Manual 15

Multi-Service Gateway with WLAN Controller

Step 4-6: 3G/4G

If choosing 3G/4G->3G/4G, please make

sure you have inserted SIM card. If not,

please power off this gateway, and insert

SIM card first. Then you can select

“Auto-Detection” to finish dial-up profile

automatically. This option is chosen when

you want to connect to Internet through

3G/4G network instead of fixed line

broadband.

Press “Next” to continue.

Step 5: LAN

LAN Interface setting. Change the LAN IP

address and subnet mask of this gateway.

You can keep the default setting and go to

next step.

Press “Next” to continue.

Step 6: Confirm and Apply

Check the new settings again. If all

information is correct, please press “Apply”

button to save new settings. Then it will

take 65 seconds to restart this gateway

and take new settings effective.

SDE852 User Manual 16

Multi-Service Gateway with WLAN Controller

Step 7: Counting Down

Configuration is completed. Press “Finish”

button to close Setup Wizard and browser

counts down for 65 seconds and provides

you with “Click here” button to reconnect

to the device.

B. Configure with the VPN Setup Wizard

Step 1

The VPN setup wizard will guide you to

finish profiles of IPSec, PPTP, and L2TP

VPN connection quickly.

Press “Next” to start the wizard.

Step 2: VPN Type

Select type of VPN connection you want

to create. Here you can choose IPSec,

PPTP, or L2TP.

Press “Next” to continue.

SDE852 User Manual 17

Multi-Service Gateway with WLAN Controller

Step 2-1: IPSec

If choosing IPSec, there are two options

of tunnel scenario can be chosen. “Site to

Site” is for two offices to create VPN

tunnel. “Dynamic VPN” is for remote

users to connect to office. For other

options, please go to Advanced

Network->VPN to setup. Input the

required network information and

pre-shared key for VPN connection.

For Dynamic VPN, you don’t need to

input network information of remote

subnet and remote gateway.

Press “Next” to continue.

Step 2-2: PPTP

If choosing PPTP, there are two options

of mode can be chosen. Choose “Client”

if you want this device to connect to

another PPTP server. Or choose “Server”

if you want other PPTP clients to connect

to it.

Press “Next” to continue.

If choosing PPTP Client, please input

tunnel name, IP/FQDN of PPTP server,

username/password, authentication, and

MPPE options. Please make sure these

settings are accepted by PPTP server.

Otherwise, remote PPTP server will

reject the connection.

Press

“Next”

to continue.

SDE852 User Manual 18

Multi-Service Gateway with WLAN Controller

If choosing PPTP Server, please select

options of authentication and MPPE. You

also need to create a set of username

and password for PPTP clients. In this

wizard, you can only create one user

account. If you want to create more user

accounts, please go to Advanced

Network->VPN-> PPTP to add more

users.

Press “Next” to continue.

Step 2-3: L2TP

If choosing L2TP, there are two options

of mode can be chosen. Choose “Client”

if you want this device to connect to

another L2TP server. Or choose “Server”

if you want other L2TP clients to connect

to it.

Press “Next” to continue.

If choosing L2TP Client, please input

tunnel name, IP/FQDN of L2TP server,

username/password, authentication, and

MPPE options. Please make sure these

settings are accepted by L2TP server.

Otherwise, remote L2TP server will reject

the connection.

Press “Next” to continue.

SDE852 User Manual 19

Multi-Service Gateway with WLAN Controller

If choosing L2TP Server, please select

options of authentication and MPPE. You

also need to create a set of username

and password for L2TP clients. In this

wizard, you can only create one user

account. If you want to create more user

accounts, please go to Advanced

Network->VPN-> L2TP to add more

users.

Press “Next” to continue.

Step 3: Confirm and Apply

Confirm new settings. If all new settings

are correct, please press “Apply” button

to save these new settings and take them

effective.

II. Status

A. Network Status

In Network Status page, you can review lots information of network status, including a

connection diagram, WAN IPv4 status, WAN IPv6 status, LAN status, and 3G/4G modem

status. You can also check the device time at the bottom of this page.

Connection Diagram

SDE852 User Manual 20

Table of contents

Popular Gateway manuals by other brands

THOMSON

THOMSON SpeedTouch 500Series Setup and user guide

Atel

Atel AER-W80 user manual

NotifEye

NotifEye Wireless Sensors and Ethernet Gateway manual

Phytec

Phytec phyGATE Tauri-S L-1012e.A3 manual

Eaton

Eaton 415U-2 installation guide

Tainet

Tainet Venus Series user manual

ZyXEL Communications

ZyXEL Communications ZYWALL - CLI reference guide

RTA

RTA 460MSUS-NNA1 Product user guide

ZyXEL Communications

ZyXEL Communications P-793H 601156 Declaration of conformity

S&C

S&C SpeedNet installation manual

Dragino

Dragino LG01N user manual

RTA

RTA 460MSBS Product user guide

SSS Siedle

SSS Siedle Smart Gateway Professional Commissioning instructions

Entel

Entel GW-UNI Quick start user guide

Abbott

Abbott CONNECT Setup guide

DCB

DCB Ether Series user guide

SAGEMCOM

SAGEMCOM F@ST 3896 SUM Quick setup guide

H3C

H3C VG Series Configuration manual

Amit SDE852-00001 User manual

Popular Gateway manuals by other brands