Bandwidth Management Gateway User's Manual
Contents
1. Authentication Content Filtering Alarm Accounting Report Statistics Es NA a T Y if x X j i 3 i Pro a al 3 Definitions Group name The Group name of the defined Service Service The Service item of the Group Configure Configure the settings of Group Click Modify to change the parameters of the Group Click Remove to delete the Group NOTE Inthe Group window if one of the Service Groups has been added to Policy In Use message will appear in the Configure column You are not allowed to modify or remove the settings Go to the Policy window remove the Service group first and then you are allowed to configure the setting Adding Service Groups Step 1 Inthe Group window click the New Entry button Step 2 Inthe Add Service Group window the following fields will appear n Available Services list all the available services n Selected Services list services to be assigned to the new group Step 3 Enter the new group name in the group Name field This will be the name referencing the created group 72 BM 500 Bandwidth Management Gateway User s Manual Step 4 To add new services Select the services desired to be added in the Available Services list and then click the Add gt gt button to add them to the group Step 5 To remove services Select services desired to be removed in the Available Services and then click the lt lt Remove button to remove the2. Schedule y Do you really want to delete Authentication Policy Content Filtering o tm Wl m T ql y ane za i 3 a ae pp Ae ry WE Bd i TY Accounting Report Statistics Status 74 BM 500 Bandwidth Management Gateway User s Manual 4 5 Schedule The Bandwidth Management Gateway allows the Administrator to configure a schedule for policies to take affect By creating a schedule the Administrator is allowing the Bandwidth Management Gateway policies to be used at those designated times only Any activities outside of the scheduled time slot will not follow the Bandwidth Management Gateway policies therefore will likely not be permitted to pass through the Bandwidth Management Gateway The Administrator can configure the start time and stop time as well as creating 2 different time periods in a day For example an organization may only want the Bandwidth Management Gateway to allow the LAN network users to access the Internet during work hours Therefore the Administrator may create a schedule to allow the Bandwidth Management Gateway to work Monday Friday 8AM 5PM only During the non work hours the Bandwidth Management Gateway will not allow Internet access Accessing the Schedule window Step 1 Click on Schedule on the menu bar and the schedule window will appear displaying the active schedules IE a Interface Address Authentication Content Filtering Log Accounti
3. 168 95 88 249 WAN The first department R amp D department was set while setting interface IP the other four ones have to be added in Multiple NAT gt after completing the settings each department use the different WAN IP Address to connect to the Internet The settings of each department are as the following Service IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 2 11 28 BM 500 Bandwidth Management Gateway User s Manual The other departments are also set by groups this is the function of Multiple NAT Multiple NAT settings Step 1 Click Multiple NAT in the System menu to enter Multiple NAT window PLANET Multiple NAT External Interface IP Alias IP of Int Interface Netmask Er ae A y CLA A Erea En re adata T A at External Interface IP WAN port IP Address Alias IP of Int Interface Netmask Local port IP Address and subnet Mask Configure Modify the settings of Multiple NAT Click Modify to modify the parameters of Multiple NAT or click Delete to delete settings Add Multiple NAT Step 1 Click the Add button below to add Multiple NAT Step 2 Enter the IP Address in the website name column of the new window n External interface IP Address Select Global port IP Address n Alias IP of Internal Interface Enter Local port IP Address n NetMask Enter Local port subnet Mask Step 3 Click OK to add Multiple NAT or click Cancel to discard changes 99
4. Downloading the Event Logs Step 1 In the Event Log window click the Download Logs button at the bottom of the screen Step 2 Follow the File Download pop up window to save the event logs into a specific directory on the hard drive 119 BM 500 Bandwidth Management Gateway User s Manual Event Log AS A ate Way 23 OF 1 37 24 2002 admin Add Policy Coutqoin Authentication May 23 07 37 38 2002 admin add Policy Incomin Content Filtering Alarm Accounting Report Statistics T T T 5 gt cy or is I SEAS ise a oe en ae ma a Ty m i Clearing the Event Logs The Administrator may clear on line event logs to keep just the most updated logs on the screen Step 1 Inthe Event Log window click the Clear Logs button at the bottom of the screen Step 2 Inthe Clear Logs pop up box click OK to clear the logs or click Cancel to cancel it PLANET Event Log System Interface Address Schedule Microsoft Internet Explorer E Y Do vou really want to delete Authentication Download Logs Content Filtering x Alarm Accounting Report Statistics J r a A Ae rea ie TL a x pant a g k 120 BM 500 Bandwidth Management Gateway User s Manual 4 11 3 Connection Log Click Log in the menu bar on the left hand side and then select the sub selection Connection Log Connection Log May 26 21 26 47 4 May 26 21
5. BM 500 Bandwidth Management Gateway User s Manual PLANET LAN E _IP Netmask MAC Address Configure Mew Entry Schedule Authentication Content Filtering Log Alarm Accounting Report Statistics Status Definition Name Name of LAN network address IP IP address of LAN network Netmask Netmask of LAN network MAC Address MAC address corresponded with LAN IP address Configure You can configure the settings in LAN network Click Modify to change the parameters in LAN network Click Remove to delete the settings In the LAN window if one of the members has been added to Policy or LAN Group the Configure column will show the message In Use In this case you are not allowed to modify or remove the setting Adding a new LAN Address Step 1 Inthe LAN window click the New Entry button Step 2 Inthe Add New Address window enter the settings of a new LAN network address Step 3 Click OK to add the specified LAN network or click Cancel to cancel the changes 54 BM 500 Bandwidth Management Gateway User s Manual PLANET LAN Add New Address iftpserver WAN _WAN Group 192 168 995 163 255 255 255 255 oo 304t0011 22 Clone MACAddress Add in Static DHCP Service Schedule 5 Authentication Cancel Policy D i Content Filtering Log Accounting Report Statistics If you want to
6. BM 500 Bandwidth Management Gateway User s Manual E PLANET Multiple NAT Add New Multiple NAT IP External nterface coc MN Oc IN F Cancel Software Update d Modify Multiple NAT Step 1 Find the IP Address you want to modify and click Modify Step 2 Enter the new IP Address in Modify Multiple NAT window Step 3 Click the OK button below to change the setting or click Cancel to discard changes Multiple NAT External Interface IP 1168 9588 2 M Alias IP of Internal Interface Figure 1 22 Modify Multiple NAT 30 BM 500 Bandwidth Management Gateway User s Manual Delete Multiple NAT Step 1 Find the IP Address you want to delete and click Remove Step 2 Aconfirmation pop up box will appear click OK to delete the setting or click Cancel to discard changes PLANET Multiple NAT External Interface IP Alias IP of Int Interface Netmask 3 2 1 1255 255 2550 Modify Remove 16895882 19216 Microsoft Internet Explorer El D Do you really want to delete 4 1 7 Hacker Alert The Administrator can enable the device s auto detect functions for hacker attackin this section When abnormal conditions occur the Bandwidth Management Gateway will send an e mail alert to notify the Administrator and also display warning messages in the Event window of Alarm Bf BM 500 Bandwidth Management Gateway User s Manual PLANET Hacker Alert A C Detect SY
7. Network LNK ACT 100 5V DC 2 4A Temperature 0 50 C Relative Humidity 5 90 220 x 149 x 37 mm Bandwidth Management Gateway BM 500 Button System LED Power Operating Environment Dimension WxDxH Regulatory FCC CE Mark Software Maximum Bandwidth Transparent 10Mbps NAT logging statistics 3Mbps session Web English Traditional Chinese Simplified Chinese mode Bandwidth Allocation Policy rules with Inbound Outbound traffic management Guaranteed and maximum bandwidth Scheduled in unit of 30 minutes 3 Priorities Log Traffic Log Event Log Connection Log Log backup by mail or syslog server Statistics WAN port statistics and policy statistics with graph display Firewall Security Policy based access control Stateful Packet Inspection SPI Scheduled in unit of 30 minutes Hacker Alert Detect SYN Attack Detect ICMP Flood Detect UDP Flood Detect Ping of Death Attack Detect Tear Drop Attack Detect IP Spoofing Attack Filter IP Route Option Detect Port Scan Attack Detect Land Attack Alarm w Traffic alarm for user defined traffic level wEvent alarm for hacker attack w The alarm message can sent to administrator by e mail Other Functions Firmware Upgradeable through Web NTP support Configuration Backup and Restore through Web Dynamic DNS support Multiple NAT and multiple DMZ mapped IP support Multiple server load balancing BM 500 Bandwidth Management Gateway User s Manual Cha
8. Status 56 BM 500 Bandwidth Management Gateway User s Manual 4 3 2 LAN Group Entering the LAN Group window The LAN Addresses may be combined together to become a group Step 1 Click LAN Group under the Address menu to enter the LAN Group window The current setting information for the LAN network group appears on the screen PLANET LAN Group PTE Member Configure System Interface LAN Group A A mm qm ei Authentication Content Filtering Log Alarm Accounting Report Statisti Definitions LAN group Name Name of the LAN group Member Members of the group Configure Configure the settings of LAN group Click Modify to change the settings of LAN group Click Remove to delete the group In the LAN Group window if one of the LAN Group has been added to Policy the Configure column will show the message In Use In this case you are not allowed to modify or remove the LAN group You have to delete the Group in Policy window and then you are allowed to configure the LAN Group Adding a LAN Group 57 BM 500 Bandwidth Management Gateway User s Manual Step 1 Inthe LAN Group window click the New Entry button to enter the Add New Address Group window Step 2 Inthe Add New Address Group window n Available Address list the names of all the members of the LAN network n Selected Address list the names to be assigned to the new group n Name
9. URL Blocking Add New Block String Block String plane lhl Interface Address Cancel i e u Authentication am i x Tl o n s a Log Alarm Accounting Report Statistics Modifying a URL Blocking Policy Step 1 Inthe URL Blocking window find the policy to be modified and click the corresponding Modify option in the Configure field Step 2 Make the necessary changes needed Step 3 Click on OK to save changes or click on Cancel to discard changes PLANET URL Blocking Interface pa TTEN nied o PD E j F i SGP PRR AL POPPE DA Address Service Schedule Authentication URL Blocking 99 BM 500 Bandwidth Management Gateway User s Manual Removing a URL Blocking policy Step 1 Inthe URL Blocking window find the policy to be removed and click the corresponding Remove option in the Configure field Step 2 A confirmation pop up box will appear click on OK to remove the policy or click on Cancel to discard changes PLANET URL Blocking a i Block String i Schedule Interface yahoo _ 1 None Modify Remove M B Schedule Microsoft Internet Explorer fx Authentication pa Aer A YY Do you really want to delete 1 Ss ee ee 2008 E GER Seb eie eneral Blocking g Blocked URL site When a user from the LAN network tries to acce
10. When user want to access WAN network and the authentication Policy gt Outgoing is enabled the user has to send http request with this port number The Bandwidth Management Gateway will send a User Login page for user to input user name and password For example if the gateway IP address is 192 168 1 1 and authentication port is 82 user have to open a web browser and input http 192 168 1 1 82 on the address file to have the user login page Re Login if Idle When the LAN user access to WAN network and do not use for a while the connection will be time out User has to re login again The default time is 30 minutes and you can configure this time by System gt Setting page 20 BM 500 Bandwidth Management Gateway User s Manual Pe i Bandwidth Management Configuration Export System Settings to Client Import System Settings from Client CADocuments and Setti Browse ex bandwidth cont O Reset Factory Settings E mail Settings Enable E mail Alert Notification Device Name brn 500 m Sender Address Required by some ISPs SMTP Server E mail Address 1 E mail Address 2 operator planet com tw nterace address sca Web Management WAN Interface E HTTP Port Authentication Management Policy sd Authentication Port 182 Re Login if Idle Minutes MTU set networking packet length The administrator can modify the networking packet length Step 1 MTU Setting Modify the networking packet le
11. amp Commasicatios Log Mail Configuration O Enable Log Mail Support When Log Full 300Kbytes Bandwidth Management Appliance sends Log You must set E mail Alarm gt enable Syslog Settings O Enable Syslog Messages Syslog Host IP Address 192 168 9953 syslog Host Port 514 Accounting Report Statistics 125 BM 500 Bandwidth Management Gateway User s Manual 4 12 Alarm In this chapter the Administrator can view traffic alarms and event alarms that occur and the Bandwidth Management Gateway has logged Bandwidth Management Gateway has two alarms Traffic Alarm and Event Alarm Traffic alarm In control policies the Administrator set the threshold value for traffic alarm The System regularly checks whether the traffic for a policy exceeds its threshold value and adds a record to the traffic alarm file if it does Event alarm When Bandwidth Management Gateway detects attacks from hackers it writes attacking data in the event alarm file and sends an e mail alert to the Administrator to take emergency steps 4 12 1 Traffic Alarm How to apply Traffic Alarm The administrator can use Traffic Alarm to track the Source Address Destination Address network service and the status of network The administrator can save Traffic Logs and Event Logs for a pre determined time and then delete them to keep the newest log In control policies the Administrator set the threshold value for traffic alarm The
12. enter the name of the new group in the open field Step 3 Add members Select names to be added in Available Address list and click the Add gt gt button to add them to the Selected Address list Step 4 Remove members Select names to be removed in the Selected Address list and click the lt lt Remove button to remove these members from Selected Address list Step 5 Click OK to add the new group or click Cancel to discard changes PLANET LAN Group Add New Address Group Address lt Available address gt lt Selectedaddress gt LAN tpserver webserver A webserver l LAN Group 5 QoS A Content Filtering Accounting Report Modifying a LAN Group Step 1 In the LAN Group window locate the network group desired to be modified and click its corresponding Modify option in the Configure field Step 2 A window displaying the information of the selected group appears n Available Address list names of all members of the LAN network n Selected Address list names of members which have been assigned to this group Step 3 Add members Select names in Available Address list and click the Add gt gt button to add them to the Selected Address list Step 4 Remove members Select names in the Selected Address list and click the lt lt Remove button to remove these members from the Selected Address list 58 BM 500 Bandwidth Management Gateway User s Manu
13. 5 n ie ae arom Mace as Content Filtering o ite Accounting Report Statistics Status 60 BM 500 Bandwidth Management Gateway User s Manual Definitions Name Name of WAN network address IP Netmask IP address Netmask of WAN network Configure Configure the settings of WAN network Click Modify to change the settings of WAN network Click Remove to delete the setting of WAN network NOTE In the WAN Network window if one of the members has been added to Policy or LAN Group the Configure column will show the message In Use In this case you are not allowed to modify or remove the settings Adding a new WAN Address Step 1 Inthe WAN window click the New Entry button Step 2 Inthe Add New Address window enter the settings for a new WAN network address Step 3 Click OK to add the specified WAN network or click Cancel to discard changes System HIRES Name TainanOfice j IP Address CE ok iere Authentication Content Filtering Log Alarm Accounting Report Statistics Status Modifying an WAN Address Step 1 Inthe WAN table locate the name of the network to be modified and click the Modify option in its corresponding Configure field Step 2 The Modify Address window will appear on the screen immediately In the Modify Address window fill in new addresses 61 BM 500 Bandwidth Management Gateway User s Manual Step 3 Click OK to save changes or
14. Dynamic IP Address Cable Modem User Static IP Address Current Status IP Address User Name Password IP Address provided by ISP Max Downstream Bandwidth Max Upstream Bandwidth Service On Demand Disconnected 0000 Dynamic Fixed IP Address Netmask Default Gateway _ Kbps Max 10 Mbps _ Kbps Max 10 Mbps Auto Disconnect if idle e minutes 0 means not disconnect Enable 49 O Ping O WebUl BM 500 Bandwidth Management Gateway User s Manual For PPPoE ADSL User This option is for PPPoE users who are required to enter a username and password in order to connect such as ADSL users Current Status Displays the current line status of the PPPoE connection IP Address Displays the IP Address of the PPPoE connection Username Enter the PPPoE username provided by the ISP Password Enter the PPPoE password provided by the ISP IP Address provided by ISP Dynamic Select this if the IP address is automatically assigned by the ISP Fixed Select this if you were given a static IP address Enter the IP address that is given to you by your ISP Upload Download Bandwidth The bandwidth your ISP provided Maximum bandwidth for Upload Download Bandwidth is 10Mbps Service On Demand Auto Disconnect The PPPoE connection will automatically disconnect after a length of idle time no activities Enter in the amount of idle minutes before disconnection Enter 0 if you do not want t
15. E mail Settings in System gt Settings Syslog Settings If you enable this function system will transmit the Traffic Log and the Event Log simultaneously to the server which supports Syslog function NOTE To restart Connection Log click the Refresh button on the right hand side in Log window Enable Log Mail Support amp Syslog Message Log Mail Configuration Enable Log Mail Support Step 1 Firstly go to Admin Select Enable E mail Alert Notification under E Mail Settings Enter the e mail address to receive the alarm notification Click OK Step 2 Goto LOG Log Backup Check to enable Log Mail Support Click OK System Settings Enable Syslog Message Step 1 Check to enable Syslog Message Enter the Host IP Address and Host Port number to receive the Syslog message Step 2 Click OK PLANET Log Backup Enable Log Mail Support When Log Full 300K bytes Bandwidth Management Appliance sends Log EXE You must set E mail Alarm gt enable Schedule Qos Enable Syslog Messages Poliey Syslog Host IP Address 1921689983 syslog Host Port 514 Log a Log Backup Accounting Report Statistics Disable Log Mail Support 8 Syslog Message Step 1 Goto LOG Log Backup Uncheck to disable Log Mail Support Click OK 124 BM 500 Bandwidth Management Gateway User s Manual Step 2 Goto LOG Log Backup Uncheck to disable Settings Message Click OK PLANET Log Backup Wenwerting
16. Mapped IP sessile ehh O taal alle cote Mens Ne a lead aia 103 E G40 f2 io 6 2 gene meee eR Amon A e ae Ene eee mer yee eee eS 106 O O 115 A O rone a a R A N 115 AT EVON LOO ii ti e 118 LAS CONMCCUONALOO da 121 ATADO DA Di ibid 123 4 12 ALARM REO PO PEO O A ee E 126 E A A sdat acu EN E 126 iy EN A A hahanccereh E AE ait Coal esbact meen skin bce seedaate 127 AsV ACCOUNTING REPORT dls sien ein E E E S 130 4 131 QUIDOUNO Accounting Report a e A 130 ANS E OOU A A ET A E T EE E A 135 WE DUA NC n oa N E O O 140 LAA WAN SUSIC S a tea dnc E A diate EA 140 4 14 2 A al ea ait Sancta E liens Mahe Odd E 141 Aloo TAU Sena a e aora 144 AR O AAA a rie ied nde A A O diate 144 ADE ME VIO Ad EE E 145 ANS DAA CIONS a dl uta esas ene ay Oe eee 146 BM 500 Bandwidth Management Gateway User s Manual Chapter 1 Introduction BM 500 is specifically designed for SOHO networks It has built in 4 port 10 100Mbps Ethernet LAN ports and NAT function Thus no broadband router is required for users which have only one public IP address It also supports virtual server Multi DMZ and dynamic DNS function which is very useful for users to share local resource to Internet users For bandwidth management packets can be classified based on IP address IP subnet and TCP UDP port number The device has more than 40 of the most common protocols such as H 323 Oracle HTTP FTP etc for ease of definition the administrator can then define policies to ensure committ
17. Minutes Exporting Bandwidth Management Gateway settings Step 1 Under Bandwidth Management Configuration click on the Download button next to Export System Settings to Client Step 2 When the File Download pop up window appears choose the destination place to save the exported file The Administrator may choose to rename the file if preferred Setting Bandwidth Management Configuration Expo f FS ad Import Save As O Res Of pm amy Documents E mail i Y My Computer O Engl My Recent k My Network Places Documents Deg a Sen E Desktop SMI 2 E m My Documents Mail E Web Mi My Computer HTTP F Authen a File name andwidth Re Loc Te i vinutes 17 BM 500 Bandwidth Management Gateway User s Manual Importing Bandwidth Management Gateway settings Under Bandwidth Management Gateway Configuration click on the Browse button next to Import System Settings When the Choose File pop up window appears select the file which contains the saved Bandwidth Management Gateway Settings then click OK Click OK to import the file into the Bandwidth Management Gateway or click Cancel to cancel importing PLANET Setting A System F Bandwidth Management Configuration Ad nin E Export System Settings to Client Setting Import System Settings from Client CADocuments and Setti Browse ve 3 ex bandwidth con
18. Report can be divided into two parts one is Outbound Accounting Report and the other is Inbound Accounting Report Outbound Accounting Report is the statistics of the downstream and upstream of the LAN WAN and all kinds of communication services Source IP the IP address used by LAN users who use Bandwidth Management Gateway Destination IP The IP address used by WAN service server which uses Bandwidth Management Gateway Service The communication service which listed in the pull down menu when LAN users use bandwidth Management Gateway to connect to WAN service server Inbound Accounting Report is the statistics of downstream upstream for all kinds of communication services the Inbound Accounting report will be shown when WAN user uses Bandwidth Management Gateway to connect to LAN Service Server Source IP the IP address used by WAN users who use Bandwidth Management Gateway Destination IP the IP address used by LAN service server who use Bandwidth Management Gateway Service The communication service which listed in the pull down menu when WAN users use bandwidth Management Gateway to connect to LAN Service server Administrator can use this Accounting Report to inquire the LAN IP users and WAN IP users and to gather the statistics of Downstream Upstream First packet Last packet Duration and the service of all the user s IP that passes the Bandwidth Management Gateway 4 13 1 Outbound Accounting Report Step 1 Click the Acco
19. System regularly checks whether the traffic for a policy exceeds its threshold value and adds a record to the traffic alarm file if it does Entering the Traffic Alarm window Step 1 Click the Traffic Alarm option below Alarm menu to enter the Traffic Alarm window 126 BM 500 Bandwidth Management Gateway User s Manual PLANET Traffic Alarm Prime Source Destination ip Schedule Authentication Content Filtering Alarm Taca yF Er RAZA a Accounting Report Step 2 The table in the Traffic Alarm window displays the current traffic alarm logs for connections n Time The start and stop time of the specific connection n Source Name of the source network of the specific connection n Destination Name of the destination network of the specific connection n Service Service of the specific connection n Traffic Traffic in Koytes Sec of the specific connection Downloading the Traffic Alarm Logs The Administrator can back up traffic alarm logs regularly and download it to a file on the computer Step 1 Inthe Traffic Alarm window click the Download Logs button on the bottom of the screen Step 2 Follow the File Download pop up box to save the traffic alarm logs into specific directory on the hard drive Clearing the Traffic Alarm Logs Step 1 Inthe Traffic Alarm window click the Clear Logs button at the bottom of the screen Step 2 Inthe Clear Logs pop up box click Ok to
20. Virtual Server menu bar A new window appears displaying the IP address and service of the specified virtual server Step 2 Click on the Virtual Servers IP Address button at the top of the screen Step 3 Choose a new IP address from the drop down list Step 4 Click OK to save new IP address or click Cancel to discard changes 108 BM 500 Bandwidth Management Gateway User s Manual PLANET Virtual Server 1 Interface J Address as Licht be Schedule dos Authentication Accounting Report A So Ex AAA iS rd n 1 O j WE Pekin Sas n Removing a Virtual Server Step 1 Click the virtual server to be removed in the corresponding Virtual Server option under the Virtual Server menu bar A new window displaying the virtual server s IP address and service appears on the screen Step 2 Click the Virtual Server s IP Address button at the top of the screen Step 3 Delete the IP address Step 4 Click OK to remove the virtual server 109 BM 500 Bandwidth Management Gateway User s Manual PLANET Virtual Server 1 System Add New Virtual Server IP Ones Virtual Server Real IP Assist Address ii 5 ak i a j Schedule Authentication Content Filtering me woe OE Virtual Server 1 LE A Afir Y Accounting Report Statistics Setting the Virtual Server s services Step 1 For the Virtual Server which has already be
21. a Bandwidth Management Gateway filter function is required please refer to the Policy section in the users manual PLANET Outgoing Modify Remove System No Source Destination Service Action Option __ Inside Any Outside Any ew SB sti Interface Jutsi Move Address New Entry OoS Authentication utgoing Incoming Content Filtering Accounting Report BM 500 Bandwidth Management Gateway User s Manual 3 3 Setting Up in NAT Mode STEP 1 After entering the Bandwidth Management Gateway WEB UI screen select the Interface tab on the left menu and a sub function list will be displayed Select the NAT Mode Enter the required information to their corresponding fields LAN Interface IP Address 192 168 1 1 NetMask 255 255 255 0 eame LAN Interface C Transparent Mode System E Intor Address Address NAT Mode Service IP Address fig2 16 1 1 Saa 7 Netmask 255 255 255 0 Enable Ping M YWebUl 6 PPPoE ADSL User C Dynamic IP Address Cable Modem User Alam C Static IP Address Current Status Disconnected Connected Statistics Status IP Address 0 0 0 0 User Name planet Password reso SN IP Address provided by ISP Dynamic Fixed IP Address Netmask Default Gateway ss Max Downstream Bandwidth 2304 Kbps Max 10 Mbps Max Upstream Bandwidth 2304 Kbps Max 10 Mbps Enter the information that you
22. click Cancel to discard changes PLANET WAN Modify Address LAN Group raros 168 95 87 0 255 255 255 0 Cancel Schedule gt gt ENE pa o LF Authentication Content Filtering Accounting Report Statisti Status Removing an WAN Address Step 1 Inthe WAN table locate the name of the network to be removed and click the Remove option in its corresponding Configure field Step 2 Inthe Remove confirmation pop up box click OK to remove the address or click Cancel to discard changes 692 BM 500 Bandwidth Management Gateway User s Manual PLANET WAN Name IP Netmask tr iyi Microsoft Internet Explorer E Schedule Authentication Y Do you really want ta delete Content Filtering Accounting Report WAN Group Log 4 3 4 WAN Group Entering the WAN Group window Step 1 Click the WAN Group under the Address menu bar to enter the WAN window The current settings for the WAN network group s will appear on the screen PLANET WAN Group Member Configure Authentication Content Filtering Log Alarm Accounting Report Statistics Status 63 Definitions BM 500 Bandwidth Management Gateway User s Manual Name Name of the WAN group Member Members of the group Configure Configure the settings of WAN group Click Modify to change the par
23. each computer a private IP address and converts it into a real IP address through Bandwidth Management Gateway s NAT Network Address Translation function If a server providing service to the WAN networks is located in the LAN networks outside users can t directly connect to the server by using the server s private IP address The Bandwidth Management Gateway s Virtual Server can solve this problem A virtual server has set the real IP address of the Bandwidth Management Gateway s WAN network interface to be the Virtual Server IP Through the virtual server feature the Bandwidth Management Gateway translates the virtual server s IP address into the private IP address of physical server in the LAN network When outside users on the Internet request connections to the virtual server the request will be forwarded to the private LAN server Virtual Server owns another feature known as one to many mapping This is when one virtual server IP address on the WAN interface can be mapped into 4 LAN network server private IP addresses This option is useful for Load Balancing which causes the virtual server to distribute data packets to each private IP addresses which are the real servers By sending all data packets to all similar servers this increases the server s efficiency reduces risks of server crashes and enhances servers stability How to use Virtual Server and mapped IP Virtual Server and Mapped IP are part of the IP mapping
24. enable Add in Static DHCP function enter the MAC Address then check the Add in Static DHCP Modifying an LAN Address Step 1 Inthe LAN window locate the name of the network to be modified Click the Modify option in its corresponding Configure field The Modify Address window appears on the screen immediately Step 2 Inthe Modify Address window fill in the new addresses Step 3 Click OK to save changes or click Cancel to discard changes 55 BM 500 Bandwidth Management Gateway User s Manual PLANET LAN Name feserver ji Modify Address E i pl 192 168 99163 les 255 255 255 255 00 30 4f0011 22 Clone MACAddress LAN Group WAN WAN Group Service Schedule Cancel Authentication Content Filtering m o Em Accounting Report Statistics Status Removing a LAN Address Step 1 In the LAN window locate the name of the network to be removed Click the Remove option in its corresponding Configure field Step 2 In the Remove confirmation pop up box click OK to remove the address or click Cancel to discard changes PLANET LAN IP Netmask MAC Address Configure 55 255 255 00 30 4 00 11 22 MAA o Ms J E r il Past WAN WAN Group Microsoft Internet Explorer E AN es ve Do you really want to delete Schedule oS Authentication Content Filtering L Alarm Accounting Report Statistics
25. o Other CM Log Alarm Accounting Report Statistics Modifying Custom Services Step 1 A table showing the current settings of the selected service appears on the screen Step 2 Enter the new values Step 3 Click OK to accept editing or click Cancel 70 BM 500 Bandwidth Management Gateway User s Manual PLANET Custom System Modify User Define Service Interface Address Pre defined Group Schedule 005 Authentication Content Filtering Log Accounting Report Statistics Status Removing Custom Services Step 1 Click its corresponding Remove option in the Configure field Step 2 Inthe Remove confirmation pop up box click OK to remove the selected service or click Cancel to cancel action MB PLANET Metodo amp Commanicilios Client Port Interface eDonkey TCP 102465535 4661 4665 city Remove Microsoft Internet Explorer Xx LY Do you really want to delete Group Schedule Authentication Content Filtering Alarm Accounting Report Statistics m x e D a7 lt BM 500 Bandwidth Management Gateway User s Manual 4 4 3 Group Accessing the Group window Step 1 Click Group under it A window will appear with a table displaying current service group settings set by the Administrator a TOUP name EC CEC 2S Configure System Interface Address Group A
26. own Revision User s Manual for PLANET BM 500 Model BM 500 Rev 1 0 March 2004 Part No EM BM500 BM 500 Bandwidth Management Gateway User s Manual Table of Contents CHAPTER 1 INTRODUCTION ani 1 PREMURA tina i 1 2 PACKAGE CONTENTS cuco EEE E E E A E 1 1 3 BANDWIDTH MANAGEMENT GATEWAY FRONT VIEW cccssccssceessceceseceesceeeseecseeenseeceseeeeseecnseeeeseeeeseeseseeseeeseneens 2 1 4 BANDWIDTH MANAGEMENT GATEWAY REAR PANE L cc ccessseesceceseccesceeeseeceeeceseeceseeseseeeeeeeeseeesseeseseeseeeseneess 2 Res five od ol 67 0 td E E ee ne ene ee ee 3 CHAPTER 2 HARDWARE INSTALLATION scccssssssssssecssceesseesennsneecccceceeseessnaneenencceesseesnansneeneceesssesennnas 4 2A INSTA LEA TION REQUIREMENTS ainda 4 2 2 OPERATION MODE is aT id 4 2 2 1 Transparent Mode CONNECTION Example di 4 222 NAT Mod COnneCHnG EXIME ci its 5 CHAPTER 3 GETTING STARTED cua A 7 Sul WEB CONFIGURATION tt ce Oring yet e aN iE A S N aE E is 7 3 2 SETTING UP IN TRANSPARENT MODE sssseeesseeseresecesrnssissresssnsiersressersreesstusirereardeusersteesieassiee cias 8 3 9 SETTING UPIN NAT MODE sinaturiou aa a A T a A a E 10 CHAPTER 4 WEB CONFIGURATION ccccceeeeesssessssceeeeeeeesnensesseeeeeeeseeesaaaesceeeeeeeeessaaeesseeeeeeeeesenenees 12 aN SD TE NS fate acces a Peale A e acumen aenaies 12 SN Re P a ARTS PEE PT aT ee PC REE POE eS OBE E DR O Pe mR 13 Sn ioe dient adams seeoaaiaa canines dead l
27. received packets and the error received packets will be shown Tx Pkts Error Pkts The transmit packets and the error transmit packets will be shown DNS Server 1 Displays the using DNS Server 1 DNS Server 2 Displays the using DNS Server 2 4 15 2 ARP Table Entering the ARP Table window Step 1 Click on Status in the menu bar then click ARP Table below it Step 2 A window will appear displaying a table with IP addresses and their corresponding MAC addresses For each computer on the LAN WAN network that replies to an ARP packet the device will list them in this ARP table PLANET ARP Table IP Address MAC Address Address zo pa Service Schedule Log Accounting Report Interface Status hj Aia IAE a A y y ARP Table AA _ ARP Table 145 BM 500 Bandwidth Management Gateway User s Manual IP Address The IP address of the host computer MAC Address The MAC address of that host computer Interface The port that the host computer is connected to LAN WAN 4 15 3 DHCP Clients Entering the DHCP Clients window Step 1 Click on Status in the menu bar then click on DHCP Clients below it Step 2 A window will appear displaying the table of DHCP clients that are connected to the device The table will list host computers on the LAN network that obtain its IP address from the Bandwidth Management Gateway s DHCP server function PLANET DHCP Clients Authentica
28. starting and the ending IP address dynamically assigning to DHCP clients Optional Step 2 Click OK to enable DHCP support 38 BM 500 Bandwidth Management Gateway User s Manual 4 1 10 DNS Proxy The Bandwidth Management Gateway s Administrator may use the DNS Proxy function to make the Bandwidth Management Gateway act as a DNS Server for the LAN and DMZ network All DNS requests to a specific Domain Name will be routed to the Bandwidth Management Gateway s IP address For example let s say an organization has their mail server i e mail planet com tw in the DMZ network i e 192 168 10 10 The outside Internet world may access the mail server of the organization easily by its domain name providing that the Administrator has set up Virtual Server or Mapped IP settings correctly However for the users in the LAN network their WAN DNS server will assign them a public IP address for the mail server So for the LAN network to access the mail server mail planet com tw they would have to go out to the Internet then come back through the Bandwidth Management Gateway to access the mail server Essentially the LAN network is accessing the mail server by a real public IP address while the mail server serves their request by a NAT address and not a real one This odd situation occurs when there are servers in the DMZ network and they are bound to real IP addresses To avoid this set up DNS Proxy so all the LAN network computers will use
29. the Bandwidth Management Gateway as a DNS server which acts as the DNS Proxy If you want to use the DNS Proxy function of the device the end user s main DNS server IP address should be the same IP Address as the device Click on System in the menu bar then click on DNS Proxy below it The DNS Proxy window will appear PLANET DNS Proxy Pe Virtual IP Address New Entry DNS Proxy PIPA E AREA P Se my eae en Pee era Gp A Y A R DN Authentication Interface Address 39 BM 500 Bandwidth Management Gateway User s Manual Below is the information needed for setting up the DNS Proxy e Domain Name The domain name of the server e Virtual IP Address The virtual IP address respective to DNS Proxy e Configure modify or remove each DNS Proxy policy Adding a new DNS Proxy Step 1 Click on the New Entry button and the Add New DNS Proxy window will appear Step 2 Fill in the appropriate settings for the domain name and virtual IP address Step 3 Click OK to save the policy or Cancel to cancel Modifying a DNS Proxy Step 1 In the DNS Proxy window find the policy to be modified and click the corresponding Modify option in the Configure field Step 2 Make the necessary changes needed Step 3 Click OK to save changes or click on Cancel to cancel modifications Removing a DNS Proxy Step 1 In the DNS Proxy window find the policy to be removed and click the corresponding Remove option
30. the authentication account and password The Bandwidth Management Gateway configures the authentication of LAN s user by setting account and password to identify the privilege Configuration of Authentication Click Authentication in the menu bar on the left hand side PLANET Authentication Schedule A E St utha ntir PA el A m m Content Filtering Accounting Report Statistics Definitions User Name The name of the authentication user you want to configure Configure modify settings or remove the user account Adding a new Auth User Step 1 In the Authentication window click the New User button to create a new Authentication Step 2 In the Add New User window n User Name enter the username of new Authentication n Password enter a password for the new Authentication n Confirm Password enter the password again Step 3 Click OK to add the user or click Cancel to cancel the addition 82 BM 500 Bandwidth Management Gateway User s Manual NOTE When the LAN user access to WAN network and do not use for a while the connection will be time out User has to re login again The default time is 30 minutes and you can configure this time by System gt Setting page PLANET Setting e Device Name Sender Address Required by some ISPs SMTP Server E mail Address 1 E mail Address 2 Mail Test HTTP Port Authentication Port Address MTU Bytes Upda
31. the interface address click OK button PLANET Hetworking amp Comemesication yste 5 my E Address Schedule Authentication Policy Content Filtering Virtual Server Lo Accounting Report Statistics Interface LAWN Interface Transparent Mode NAT Mode IP Address 192 168 99 160 Netmask 255 255 2550 Enable Ping WebUl WAN Interface PPPoE ADSL User Dynamic IP Address Cable Modem User Static IP Address IP Address 168 95 881 Netmask 265 255 2550 Default Gateway 168 95 88 254 DNS Server 1 168 9511 DNS Server 2 168 951921 Max Downstream Bandwidth 2304 Kbps Max 10 Mbps Max Upstream Bandwidth 2304 Kbps Max 10 Mbps Enable Ping WebUl If you want to set up DNS Server you have to go to Virtual Server function to map the real IP address from DNS server to the corresponding private IP address of internal DNS server Enter the mapped IP address of internal server in DNS server address field 59 BM 500 Bandwidth Management Gateway User s Manual 4 3 Address The Bandwidth Management Gateway allows the Administrator to set addresses of the LAN network LAN network group WAN network WAN group These settings are to be used for policy editing What is the Address Table An IP address in the Address Table can be an address of a computer or a sub network The Administrator can assign an easily recognized name to an IP add
32. 0 Bandwidth Management Gateway User s Manual Changing the Main Sub Administrator s Password Step 1 The Modify Administrator Password window will appear Enter in the required information n Password enter original password n New Password enter new password n Confirm Password enter the new password again Step 2 Click OK to confirm password change or click Cancel to cancel it PLANET Mehworklag amp Comas Admin Nam 1e dify Admin Password Schedule Content Filtering Authentication Adding a new Sub Administrator Step 1 Inthe Add New Sub Administrator window n Sub Admin Name enter the username of new Sub Admin n Password enter a password for the new Sub Admin n Confirm Password enter the password again Step 2 Click OK to add the user or click Cancel to cancel the addition 14 BM 500 Bandwidth Management Gateway User s Manual Add New Sub Admin Password Hacker Alert Route Table Software Update Schedule Content Filtering Removing a Sub Administrator Step 1 Inthe Administration table locate the Administrator name you want to edit and click on the Remove option in the Configure field Step 2 The Remove confirmation pop up box will appear Click OK to remove that Sub Admin or click Cancel to cancel 15 BM 500 Bandwidth Management Gateway User s Manual i n z i Pott e Y p adm
33. 1 BM 500 Bandwidth Management Gateway User s Manual Bandwidth Management Gateway to LAN user Upstream The percentage of upstream and the value of each LAN user who uses Bandwidth Management Gateway to WAN service server First Packet When the first packet is sent to WAN service server from LAN user the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet sent from WAN service server is received by the LAN user the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time which starts from the first packet to the last packet to be recorded Total Traffic The Bandwidth Management Gateway will record the sum of packet sent receive time and show the percentage of each LAN user s upstream downstream to WAN service server Reset Counter Click Reset Counter button to refresh Accounting Report Outbound Destination IP Accounting Report When WAN service server uses Bandwidth Management Gateway to connect to LAN user all of the Downstream Upstream First Packet Last Packet Duration log of the Destination IP will be recorded PLANET Outbound Top 1 10 Ml Starting Time Thu May 23 22 32 28 2002 No AL Downstream Upstream First Packet Last Packet Duration Action suvice 20370 2491 225MB __ 8002KB 05 2322 36 37 08 2405 29 41 06 53 04 Remove 5 66 197 103 40 2 KB 37KB 05124 30 1 AL Te 0 0 Outbound ic
34. 154 008 10KB 05 23 22 63 05 05 23 22 63 09 00 00 04 Remove 7 721601 ooB 9608 0512401 20 28 05124 01 21 27 00 00 59 Remove e 17216099 ooB sos 05 2401 27 36 05124 05 42 87 04 15 21 Remove o 192 168 1199 ooe 7oKe osr400 51 11 0812400 53 37 00 02 26 Remove moletsos2s3 cos 136 08 05 2405 15 53 05 24 05 15 53 Outbound inbound Statistics Total Traffic 5 5 KB SN Reset Counter Inbound Source IP Accounting Report Top Starting Time Thu May 23 22 32 28 2002 No source gt A Ag Upstream Downstream y First Packet Last Packet Duration v Action 4 211 23 80 85 67KB 21KB 05 2323 09 41 05 24 04 59 08 05 49 27 Remove 2 1921689962 66KB 164KB 05 2400 41 49 05 24 05 47 08 05 05 19 Remove Interface Address Service 3 20370 2491 22KB 70206 PE 05124 04 59 05 05 49 24 Remove Authentication a 192 168 99 250 40 06 05723 22 33 23 05124 05 47 17 07 13 64 Remove Policy rs 1921689862 00B 05724 00 41 34 05124 00 41 48 00 00 14 Remove menma 6 168 254 226 164 008 10KB 052322 59 05 05 23 22 53 09 00 00 04 Remove CE 9608 052401 20 28 05124 01 21 27 00 00 59 Remove 23 op 73608 052401 27 36 05124 05 42 57 04 15 21 Remove AE E E EE E E A ee ee ETE 0572405 15 53 05 24 05 15 53 Outbound Statistics ee wn a 3 Reset Co
35. 175 55 244 ACCEPT May 23 08 04 50 May 23 08 04 50 Event Log Connection Log Log Backup Alarm Accounting Report Statistics May 23 08 04 50 192 168 99 161 139 175 55 244 May 23 08 04 50 139 175 55 244 192 168 99 161 UDP 1444 192 168 99 161 139 175 55 244 139 175 55 244 192 168 99 161 UDP 1444 May 23 08 04 50 May 23 08 04 50 Traffic Log Table The table in the Traffic Log window displays current System statuses Definition Time The start time of the connection Source IP address of the source network of the specific connection Destination IP address of the destination network of the specific connection Protocol amp Port Protocol tyoe and Port number of the specific connection 3 3 J J 5 Disposition Accept or Deny Downloading the Traffic Logs The Administrator can backup the traffic logs regularly by downloading it to the computer Step 1 Inthe Traffic Log window click the Download Logs button at the bottom of the screen Step 2 Follow the File Download pop up window to save the traffic logs into a specified directory on the hard drive 116 BM 500 Bandwidth Management Gateway User s Manual Traffic Log Pome Source Westination Frotocol amp Fort UVisposition y 29 08 04 54 192 168 99 253 192 168 99 161 IcMP 0 ACCEPT Interface Address oS Authentication Content Filtering Hie Accounting Repo
36. 26 47 x Meli Connection Log May 26 21 26 47 Warning couldn t open ppp database Ivarirunipppd tdb May 26 21 26 47 pppd 2 4 1 started by root uidQ May 26 21 26 47 tdb_store failed Invalid tdb context May 26 21 26 47 Couldn t allocate PPP unitO as itis already in use May 26 21 26 47 PPPoE Couldn t increase MTU to 1500 May 26 21 26 47 Couldn t increase MRU to 1500 May 26 21 26 47 llocal IP address 10 64 64 64 May 26 21 26 47 remote IP address 10 133 42 43 May 26 21 26 47 linkname interface pppO Clear Logs Download Logs Accounting Report Statistics Status Definition Time The start and end time of connection Connection Log Event description during connection Download Logs Step 1 Click Log in the menu bar on the left hand side and then select the sub selection Connection Log Step 2 In Connection Log window click the Download Logs button Step 3 Inthe Download Logs window save the logs to the specified location 2421 BM 500 Bandwidth Management Gateway User s Manual PLANET Connection Log o Wabariigi amp Competition May 2b 21 26 47 Next Interface Address at ok ey ipase ivali Time Connection Log Authentication Content Filtering Virtual Server Alarm Accounting Report Statistics Status TEF R j r aa Bee dint ors ise ie Pa i Ki OS E 3 Lo SHST frema a if Clear Logs Step 1 Click Log in th
37. AN Bandwidth Upload 512K NAAA Download 512K NAT Mode WAN 61 11 11 11 Bandwidth LAN 192 168 1 10 MB Management PC 1 192 168 1 3 QoS enabled suaranteed PC 4 192 168 1 6 QoS enabled Guaranteed Upload 100K 3 192 168 1 5 Download 100K No QoS No Qos LAN and WAN side IP addresses are on the different subnet BM 500 Bandwidth Management Gateway User s Manual Chapter 3 Getting Started 3 1 Web Configuration STEP 1 Connect both the Administrator s PC and the LAN port of the Bandwidth Management Gateway to a hub or switch Make sure there is a link light on the hub switch for both connections The Bandwidth Management Gateway has an embedded web server used for management and configuration Use a web browser to display the configurations of the Bandwidth Management Gateway such as Internet Explorer 4 or above or Netscape 4 0 or above with full java script support The default IP address of the Bandwidth Management Gateway is 192 168 1 1 with a subnet mask of 255 255 255 0 Therefore the IP address of the Administrator PC must be in the range between 192 168 1 2 192 168 1 254 If the company s LAN IP Address is not subnet of 192 168 1 0 i e LAN IP Address is 172 16 0 1 then the Administrator must change his her PC IP address to be within the same range of the LAN subnet i e 172 16 0 2 Reboot the PC if necessary By default the Bandwidth Management Gateway is shipped with its DHCP Server functio
38. Bandwidth Interface Address N ri p Authentication LJ UR Content Filtering t t Alarm Accounting Report Statistics Definitions Name The name of the QoS you want to configure Downstream Bandwidth To configure the Guaranteed Bandwidth and Maximum Bandwidth Upstream Bandwidth To configure the Guaranteed Bandwidth and Maximum Bandwidth QoS Priority To configure the priority of distributing Upstream Downstream and unused bandwidth Add New QoS Step 1 Click QoS in the menu bar on the left hand side 78 BM 500 Bandwidth Management Gateway User s Manual PLANET QoS Add New QoS Interface Address Service Schedule Authentication Content Filtering La o Alarm Accounting Report Statistics Status Step 2 Click the New Entry button to add new QoS Definition Name The name of the QoS you want to configure Downstream Bandwidth To configure the Guarateed Bandwidth and Maximum Bandwidth Upstream Bandwidth To configure the Guarateed Bandwidth and Maximum Bandwidth QoS Priority To configure the priority of distrubuting Upstream Downstream and unused bandwidth Click the OK button to add new QoS Modify QoS Step 1 Click QoS in the menu bar on the left hand side 79 BM 500 Bandwidth Management Gateway User s Manual ict Modify QoS Interface Address Na Schedule Authentication Content
39. Business critical applications can receive maximum performance while other less urgent traffic is still available on remaining bandwidth Bandwidth Management Gateway also provides comprehensive security log and statistics functions to help monitor network and bandwidth usage and allow adjustment of the bandwidth management policies accordingly 2 2 Operation Mode BM 500 supports two operation modes Transparent and NAT In transparent mode BM 500 works as proxy with forward LAN packet to WAN and forward WAN packet to LAN The LAN and WAN side IP addresses are in the same subnet In NAT mode LAN side user will share one public IP address of WAN port to make Internet connection Please find the following two pictures for example 2 2 1 Transparent Mode Connection Example BM 500 Bandwidth Management Gateway User s Manual N Internet ADSL Cable Modem WAN Bandwidth Upload 512K Download 512K NAT Router WAN 61 11 11 11 LAN 197 168 1 2548 Transparent Bandwidth Mode Management f 192 168 1 10 PC 1 192 168 1 3 Qos enabled Guaranteed O PC 4 192 168 1 6 O QoS enabled Guaranteed Upload 200K L E EN E Upload 100K Download 200K PC 2 192 168 1 4 PC 3 192 168 1 5 Download 100K No QoS No QoS All the WAN and LAN side IP addresses are on the same subnet 2 2 2 NAT Mode Connecting Example BM 500 Bandwidth Management Gateway User s Manual Internet ADSL Cable Modem W
40. Filtering o Alarm Accounting Report Statistics dm Click the Modify button to modify QoS Definition Name The name of the QoS you want to configure Downstream Bandwidth To configure the Guarateed Bandwidth and Maximum Bandwidth Upstream Bandwidth To configure the Guarateed Bandwidth and Maximum Bandwidth QoS Priority To configure the priority of distrubuting Upstream Downstream and unused bandwidth Click the OK button to modify QoS Delete QoS Step 1 Inthe QoS window find the QoS you want to change and click Delete in the Configure column Step 2 Inthe Delete QoS window click OK to delete the QoS or click Cancel to discard the change 80 PLANET a awai E Commesication Interface Address Schedule Authentication Content Filtering g Alarm Accounting Report Statistics Tarts fm u BM 500 Bandwidth Management Gateway User s Manual QoS ae T icf i Downstream Bandwidth Upstream Bandwidth Priority Configure arta 3 E z gt J Re A F oo ore ih Py uy FIT Microsoft Internet Explorer lx LY Do you really want to delete 81 BM 500 Bandwidth Management Gateway User s Manual 4 7 Authentication By configuring the Authentication you can control the user s access right time of LAN to WAN The administrator can configure the authentication according to
41. Internet Explorer E A o FTP p YD Do you really want to delete Content Filtering Mapped ee f NOTE If the destination Network in Policy has set a virtual server it will not be able to change or configure this virtual server unless you have already removed this configuration of Policy 114 BM 500 Bandwidth Management Gateway User s Manual 4 11 Log The Bandwidth Management Gateway supports traffic logging and event logging to monitor and record services connection times and the source and destination network address The Administrator may also download the log files for backup purposes The Administrator mainly uses the Log menu to monitor the traffic passing through the Bandwidth Management Gateway What is Log Log records all connections that pass through the Bandwidth Management Gateway s control policies Traffic log s parameters are setup when setting up control policies Traffic logs record the details of packets such as the start and stop time of connection the duration of connection the source address the destination address and services requested for each control policy Event logs record the contents of System Configuration changes made by the Administrator such as the time of change settings that change the IP address used to log on etc How to use the Log The Administrator can use the log data to monitor and manage the device and the networks The Administrator can view
42. Modifying an Outgoing policy Step 1 Inthe Modify Policy window fill in new settings NOTE To change or add selections in the drop down list for source or destination address go to the section where the selections are setup Source Address LAN of Address menu Destination Address WAN of Address menu Service gt Pre defined Custom or Group under Service Click OK to do confirm modification or click Cancel to cancel it 89 BM 500 Bandwidth Management Gateway User s Manual Outgoing Modify Policy res i Outside_Any W PERMIT ae Interface Address Service Schedule Authentication eo LY lo TEMES jit AAN Incoming Content Filtering Accounting Report Source Address Select the name of LAN from the pull down menu The names of LAN listed in this pull down menu are the Source Addresses that are already set Destination Address Select the name of WAN from the pull down menu The names of WAN listed in this pull down menu are the Destination Addresses that are already set IP address of WAN network Service Select the service item from the pull down menu Action Select Permit or Block to allow or reject the specified packets from LAN network to WAN network Logging Select Enable to enable the Logging function Statistics Select Enable to enable the Statistics function Schedule Select the item listed in the schedule to enable the policy to auto
43. N Attack SYN Flood Threshold Total fo Pkts Sec SYN Flood Threshold Per Source IF la Pkts Sec SYN Flood Threshold Blocking Time Per Source IP lo Seconds C Detect ICMP Flood ICMP Flood Threshold Total 0 Pkts Sec Multiple NAT o ICMP Flood Threshold Per Source IP fo Pkts Sec i Hacker Alert i A A ICMP Flood Threshold Blocking Time Per Source IP lo Seconds oe lapie C Detect UDP Flood UDP Flood Threshold Total Pkts Sec UDF Flood Threshold Per Source IP o Pkts Sec UDP Flood Threshold Blocking Time Per Source IP lo Seconds Logout C Detect Ping of Death Attack L Detect Tear Drop Attack Sofneare Update L Detect IP Spoofing Attack C Filter IP Route Option Cl Detect Port Scan Attack Cl Detect Land Attack sevice Schedule Ba gt Auto Detect functions n Detect SYN Attack Select this option to detect TCP SYN attacks that hackers send to server computers continuously to block or cut down all the connections of the servers These attacks will prevent valid users from connecting to the servers After enabling this function the System Administrator can enter the number of SYN packets per second that is allowed to enter the network Bandwidth Management Gateway Once the SYN packets exceed this limit the activity will be logged in Alarm and an email alert is sent to the Administrator The default SYN flood threshold is set to 200 Pkts Sec n Detect ICMP Flood Select this option to detect ICMP flood attacks When
44. Netmask Ping WebUl oS ate Content Filtering 25 BM 500 Bandwidth Management Gateway User s Manual Add Permitted IP Address Step 1 Click New Entry button Step 2 In IP Address field enter the LAN IP address or WAN IP address n IP address Enter the LAN IP address or WAN IP address n Netmask Enter the netmask of LAN WAN n Ping Select this to allow the external network to ping the IP Address of the Firewall n WebUl Check this item Web User can use HTTP to connect to the Setting window of BandWidth Management Gateway Step 3 Click OK to add Permitted IP or click Cancel to discard changes PLANET Permitted IPs Add New Permitted IPs ddress 192 168 0100 ok J cancer re Updat a a Interface Schedule Authentication Content Filtering a E Modify Permitted IP Address Step 1 Inthe table of Permitted IPs highlight the IP you want to modify and then click Modify Step 2 In Modify Permitted IP enter new IP address Step 3 Click OK to modify or click Cancel to discard changes 96 BM 500 Bandwidth Management Gateway User s Manual PLANET Permitted IPs Sy921680100 255 255 255 255 Software Update Interface Address Service oS Authentication Content Filtering Remove Permitted IP addresses Step 1 Inthe table of Permitted IPs highlight the IP you want to remove and then click Remove Step 2 In Remove Permi
45. PoE Connection Time MAC Address 00 e0 98 a8 e8 ab 00 e0 98 a0 e8 ab ey teasaten 197 168 99 160 a ee 255 2552550 255 255 255 0 Default Gateway 192 168 99 253 192 168 99 253 DNS Server 168 95 1 1 168 95 1 1 DNS Server 168 95 192 1 168 95 192 1 Rx Pkts Error Pkts System Interface Address oS Authentication Policy Content Filtering Loy Accounting Report Tx Pkts Error Pkts ET Enable Enable PERE a 2 g Status ARP Table DHCP Clients Internal Interface In Internet Interface window The interface IP will be displayed System Uptime The time of booting the Bandwidth Management Gateway Forwarding Mode NAT mode or Transparent mode MAC Address The serial number of the network card IP Address Netmask Internal IP Address Internal Netmask Rx Pkts Error Pkts The received packets and the error received packets will be shown Tx Pkts Error Pkts The transmit packets and the error transmit packets will be shown 144 BM 500 Bandwidth Management Gateway User s Manual ADSL Static IP or Cable Modem users Forwarding Mode NAT mode or Transparent mode Connection Status Displays the connection status of LAN network Connection Time Displays the connection time of LAN network MAC Address The serial number of the network card IP Address Netmask external IP Address external Netmask Default Gateway Displays the WAN Gateway address Rx Pkts Error Pkts The
46. TPS IMAP SMTP POP3 ANY AOL BGP GOPHER InterLocator IRC gt L2TP LDAP gt NetMeeting gt NNTP gt PPTPReal Media RLOGIN SSH TCP ANY TELNET gt VDO Live gt WAIS WINFRAME gt X WINDOWS etc UDP services i g IKE DNS NTP IRC RIP SNMP SYSLOG TALK gt _ TFTP gt UDP ANY gt UUC etc Dor services i g PING TRACEROUTE etc Entering the Custom window Step 1 Click Custom under it A window will appear with a table showing all services currently defined by the Administrator 68 BM 500 Bandwidth Management Gateway User s Manual ans Client Port System Interface Address CA a a t I iD Authentication Content Filtering Accounting Report Statistics Status Figure 4 2 Custom Service Definitions Service name The defined service name Protocol Network protocol used in the basic setting Such as TCP UDP or others Client port The range of Client port in defined service If the number of ports entered in the two fields of Client port is different it means that the port numbers between these two numbers are opened If the number of ports entered in the two fields of Client port is identical it means that the entered port number is opened Service port The range of Service port in defined service If the number of ports entered in the two fields of Service port is different it means that the port numbers between these two numbers ar
47. Transmit Packets Time The statistics based on the units of minute 60 minutes hour 24 hours and day 30 days WAN Statistics Step 1 Click Statistics in the menu bar on the left hand side and then select WAN Statistics Step 2 In Statistics window find the domain name you want to view Step 3 In the Statistics window find the network you want to view and click Minute on the right hand side and then you will be able to view the Statistics figure of past 60 minutes click Hour to view the Statistics figure of past 24 hour click Day to view the Statistics figure or past 30 days Y Coordinate Network Traffic Kbytes Sec X Coordinate Time Hour Minute Day 4 14 2 Policy Statistics Entering the Statistics window The Statistics window displays the statistics of current network connections 141 BM 500 Bandwidth Management Gateway User s Manual Source the name of source address Destination the name of destination address Service the service requested Action permit or deny gt 3 J IJI 5 Time viewable by minutes hours or days PLANET Policy Statistics Address Authentication Content Filtering oS Accounting Report NOTE To use Statistics the administrator needs to go to Policy to enable Statistics function Entering the Policy Statistics Step 1 Click Statistics in the menu bar on the left hand side and then select WAN Statistics Step 2 In Statistics wi
48. User s Manual to a static hostname allowing your device to be more easily accessed by specific name When this function is enabled the IP address in Dynamic DNS Server will be automatically updated with the new IP address provided by ISP Logout Administrator logs out the Bandwidth Management Gateway This function protects your system while you are away Software Update The administrator can update the device s software with the latest version Administrators may visit distributor s web site to download the latest firmware Administrators may update the device firmware to optimize its performance and keep up with the latest fixes for intruding attacks 4 1 1 Admin On the left hand menu click on Setup and then select Admin below it The current list of Administrator s Shows up con E Amn Mew Sub Admin EL Schedule Content Filtering bg Ate Settings of the Administration table Administrator Name The username of Administrators for the Bandwidth Management Gateway The user admin cannot be removed Privilege The privileges of Administrators Admin or Sub Admin The username of the main Administrator is Administrator with read write privilege Sub Admins may be created by the Admin by clicking New Sub Admin Sub Admins have read only privilege Configure Click Modify to change the Sub Administrator s password and click Remove to delete a Sub Administrator 2402 BM 50
49. a PLANET XxX Networking amp Communication Bandwidth Management Gateway BM 500 User s Manual BM 500 Bandwidth Management Gateway User s Manual Copyright Copyright C 2004 PLANET Technology Corp All rights reserved The products and programs described in this User s Manual are licensed products of PLANET Technology This User s Manual contains proprietary information protected by copyright and this User s Manual and all accompanying hardware software and documentation are copyrighted No part of this User s Manual may be copied photocopied reproduced translated or reduced to any electronic medium or machine readable form by any means by electronic or mechanical Including photocopying recording or information storage and retrieval systems for any purpose other than the purchaser s personal use and without the prior express written permission of PLANET Technology Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications and makes no warranty and representation either implied or expressed with respect to the quality performance merchantability or fitness for a particular purpose PLANET has made every effort to ensure that this User s Manual is accurate PLANET disclaims liability for any inaccuracies or omissions that may have occurred Information in this User s Manual is subject to change without notice and does not represent a commi
50. a Schedule Step 1 Inthe Schedule window find the policy to be removed and click the corresponding Remove option in the Configure field Step 2 A confirmation pop up box will appear click on OK to remove the schedule PLANET Schedule o Metworilag Commsaitallos PE TC officehour Modify Remove Interface Address Microsoft Internet Explorer Authentication Policy YY Do you really want to delete cti r A a n Content Filtering Log Accounting Report Statistics Status 71 BM 500 Bandwidth Management Gateway User s Manual 4 6 QoS By configuring the QoS you can control the outbound Upstream downstream Bandwidth The administrator can configure the bandwidth according to the WAN bandwidth Downstream Bandwidth To configure the Guaranteed Bandwidth and Maximum Bandwidth Upstream Bandwidth To configure the Guaranteed Bandwidth and Maximum Bandwidth QoS Priority To configure the priority of distributing Upstream Downstream and unused bandwidth The Bandwidth Management Gateway configures the bandwidth by different QoS and selects the suitable QoS through Policy to control and efficiently distribute bandwidth The Bandwidth Management Gateway also makes it convenient for the administrator to use the Bandwidth Management Gateway with the best Utility Configuration of QoS Click QoS in the menu bar on the left hand side Downstream Bandwidth Upstream
51. addresses and destination ports Control policies decide whether packets from different network objects network services and applications are able to pass through the Bandwidth Management Gateway What is Policy The device uses policies to filter packets The policy settings are source address destination address services permission packet log packet statistics and flow alarm Based on its source addresses a packet can be categorized into 1 Outgoing a client is in the LAN networks while a server is in the WAN networks 2 Incoming a client is in the WAN networks while a server is in the LAN networks How do I use Policy The policy settings are source addresses destination addresses services permission log statistics and flow alarm Among them source addresses destination addresses and IP mapping addresses have to be defined in the Address menu in advance Services can be used directly in setting up policies if they are in the Pre defined Service menu Custom services need to be defined in the Custom menu before they can be used in the policy settings If the destination address of an incoming policy is a Mapped IP address or a Virtual Server address then the address has to be defined in the Virtual Server section instead of the Address section 4 8 1 Outgoing This section describes steps to create policies for packets and services from the LAN network to the WAN network Entering the Outgoing window St
52. addresses are also configured in this section Entering the Interface menu Step 1 Click on Configuration in the left menu bar Step 2 Then click on Interface below it The current settings of the interface addresses will appear on the screen LAN Interface Using the Internal Interface the Administrator sets up the Internal LAN network The Internal network will use a private IP scheme The private IP network will not be routable on the Internet Transparent Mode All the IP internetwork uses real IP NAT Mode All the IP Internetwork uses NAT Network Address Translation which allows the private IP internetworks use non registered IP addresses to connect to the Internet IP Address The private IP address of the Firewall s internal network is the IP address of the Internal LAN port of the Bandwidth Management Gateway The default IP address is 192 168 1 1 NOTE The IP Address of Internal Interface and the DMZ Interface is a private IP address only If the new Internal IP Address is not 192 168 1 1 the Administrator needs to set the IP Address on the computer to be on the same subnet as the Firewall and restart the System to make the new IP address effective For example if the Firewall s new Internal IP Address is 172 16 0 1 then enter the new Internal IP Address 172 16 0 1 in the URL field of browser to connect to Firewall NetMask This is the netmask of the internal network The default netmask of the Bandwidth Managemen
53. al Click OK to save changes or click Cancel to discard changes PLANET LAN Group Modify Address Group Name webaccess lt Available address gt fipserver webserver enmgroup A remove lt Selected address gt webserver enmgroup x Pe od WAN Group Add o gt Schedule Authentication Content Filtering Alarm Accounting Report Statistics Status Figure3 7 Modify LAN Group Removing a LAN Group Step 1 Inthe LAN Group window locate the group to be removed and click its corresponding Remove option in the Configure field Step 2 In the Remove confirmation pop up box click OK to remove the group or click Cancel to discard changes 59 BM 500 Bandwidth Management Gateway User s Manual 2 PLANET LAN Group Microsoft Internet Explorer ES 22 Do you really want to delete E Ti j Lie ri a P oa E F LE E fy A y q a i x J T QoS ee Authentication Content Filtering Log Accounting Report Statistics Status 4 3 3 WAN Entering the WAN window Step 1 Click WAN under the Address menu to enter the WAN window The current setting information such as the name of the WAN network IP and Netmask addresses will show on the screen PLANET WAN System Interface Service Schedule Authentication 5 l es
54. ally 200 BM 500 Bandwidth Management Gateway User s Manual Follow this step to sync to your computer s clock Step 1 Click on the Sync button Click OK to apply the setting or click Cancel to discard changes PLANET Date Time Wetworting amp Commerce System time Thu Mar 4 10 19 59 2004 Synchronize system clock T l Enable synchronize with an Internet time Server al Date Time Set offset 8 hours from GMT Assist Server IP Name 140 1 09 1 10 Assist Ss Update system clock every 50 minutes 0 means not update synchronize system clock with this client y ee ey Fah i Lpgale q F pr a A ke i Schedule Content Filtering f l 4 1 4 Language Administrator can configure the Bandwidth Management Gateway Select the Language version Step 1 Selectthe Language version English Version Traditional Chinese Version or Simplified Chinese Version Step 2 Click OK to set the Language version or click Cancel to discard changes 924 BM 500 Bandwidth Management Gateway User s Manual PLANET Language English Version O Traditional Chinese Version Simplified Chinese Version ate A EE Authentication Content Filtering 4 1 5 Permitted IPs Only the authorized IP address is permitted to manage the Bandwidth Management Gateway PLANET Permitted IPs IP Address
55. also called DMZ De Militarization Zone scheme By applying the incoming policies Virtual Server and IP mapping work similarly They map real IP addresses to the physical servers private IP addresses which is opposite to NAT but there are still some differences n Virtual Server can map one real IP to several LAN physical servers while Mapped IP can only map one real IP to one LAN physical server 1 to 1 Mapping The Virtual Servers load balance feature can map a specific service request to different physical servers running the same services n Virtual Server can only map one real IP to one service port of the LAN physical servers while Mapped IP maps one real IP to all the services offered by the physical server n IP mapping and Virtual Server work by binding the IP address of the WAN virtual server to the private LAN IP address of the physical server that supports the services Therefore users from the WAN network can access servers of the LAN network by requesting the service from the IP address provided by Virtual Server 102 BM 500 Bandwidth Management Gateway User s Manual 4 10 1 Mapped IP Internal private IP addresses are translated through NAT Network Address Translation If a server is located in the LAN network it has a private IP address and outside users cannot connect directly to LAN servers private IP address To connect to a LAN network server outside users have to first connect to a real IP a
56. ameters of WAN group Click Remove to delete the selected group NOTE In the WAN Group window if one of the members has been added to the Policy In Use message will appear in the Configure column You are not allowed to modify or remove the settings Go to the Policy window to remove the setting and then you can configure Adding an WAN Group Step 1 Inthe WAN Group window click the New Entry button and the Add New Address Group window will appear Step 2 Inthe Add New Address Group window the following fields will appear n n n n Name enter the name of the new group Available Address List the names of all the members of the WAN network Selected Address List the names to assign to the new group Add members Select the names to be added in the Available Address list and click the Add gt gt button to add them to the Selected Address list n Remove members Select the names to be removed in the Selected Address list and click the lt lt Remove button to remove them from the Selected Address list Step 3 Click OK to add the new group or click Cancel to discard changes WAN Group PLANET Networking Comerpescaticn Interface AA AU Authentication Content Filtering Lo Alarm Accounting Report Statisti a AE nl i bee i ale AN Aue al AA e AA C arim ee ee re TAFARI TAPAR y r p be y ig Pees hae fl Hig Add New Addr
57. ane so vada ea eeeseaasoancteteot i aseetieecass 16 CoV Di MUCH IMAC sets O O ae aaa 23 414 AAT o o R A 24 A RC OO AP Sosa ce ct aes ces iia 25 ASOMAN 28 A ated actinic Mauiendd cuatian r da saad 3 4 1 8 Route TADO mi au deataniuinsctasl ee aeetenwaledathneanees e S N E 33 7 as BS DA A a 37 INTO Shel OXY dirt 39 ARAN oo Annee ee eee A A a 40 Pe Di OO OUI E E ated ata Utara ih T a Ons So a AE E te lac lah fat A E S 2 45 Ae Vs Vo SON WA O OCA Costa enes ie ran se8 ies canes Sa aca aeee dasa iaa 46 42 INTERFACES ad 48 A A ee A 53 4o TLAN id 53 AZLAN COUO ar sem ae eee me A A nr y BM 500 Bandwidth Management Gateway User s Manual AS SWAN ia MES CR Eo PU CR ee OEE NE TDS a ne 60 ES SO ssiteractss cates teh E aU eat sista Dennca hatte Atma Oe Ronee Ota E E 63 AA NSE doit 67 A A E eae d dee arenas E E E A 67 AA GUS CON verde A AS A ue Sie hate ac alia deca at cee A rere oe et 68 EN Osa csc tata am EA ci send Sic notsGs dae nae bony oaeeatea odes E E E esate neato 72 BA HS A Le reer GU POP O to och ane PO ORO O 75 46 AO 78 ASA TAENTICA TON o aio ceo coco cee eaatessaueaceaaeee deussenes oa telat 82 A ONG RT 86 EGF OG OIG EAE A hal eiaein ees 86 4 8 2 TAC OM MAG saris es tects ences A teehee wcheesd Seals even oscar th mcetea sdadte ein aha veieaaael acta Aare teedtaten ed adedls 9 4 F SONTENT FILTERING A AA AN 97 E r N aawineata ac 97 49 2 General BIOCKINO dai A A a A a titdas 101 A 0 thats sea caesarean Geer aes ee tee ate 102 ATO
58. ateway will be rebooted Reboot Bandwidth Management Gateway Click Reboot A confirmation pop up box will appear Follow the confirmation pop up box click OK to restart Bandwidth Management Gateway or click Cancel to discard changes e Sender Address Required by some ISPs bmS500 planet car tw SMTP Server planetcomtw E mail Address 1 admin planetcomtw E mail Address 2 operator planetcom w Mail Test Web Managemen Microsoft Internet Explorer ES HTTP Port y Do you really want to Reboot Authentication Mi Authentication Pd Re Login if Idle 30 Minutes A To Appliance Packets Log EXE O Enable To Appliance Packets Log J System Reboot QoS Reboot Bandwidth Management Appliance Content Filtering 4 1 3 Date Time Synchronizing the Bandwidth Management Gateway with the System Clock Administrator can configure the Bandwidth Management Gateway s date and time by either syncing to an Internet Network Time Server NTP or by syncing to your computer s clock Follow these steps to sync to an Internet Time Server Step 1 Enable synchronization by checking the box Step 2 Click the down arrow to select the offset time from GMT Step 3 Enter the Server IP Address or Server name with which you want to synchronize Step 4 Update system clock every 5 minutes You can set the interval time to synchronize with outside servers If you set it to 0 it means the device will not synchronize automatic
59. clear the logs or click Cancel to cancel 4 12 2 Event Alarm s127 BM 500 Bandwidth Management Gateway User s Manual When Bandwidth Management Gateway detects attacks from hackers it writes attacking data in the event alarm file and sends an e mail alert to the Administrator to take emergency steps Entering the Event Alarm window Step 1 Click the Event Alarm option below the Alarm menu to enter the Event Alarm window PLANET Event Alarm Authentication Content Filtering P Event Alarm A A Accounting Report Statisti The table in Event Alarm window displays current traffic alarm logs for connections n Time log time n Event event descriptions Downloading the Event Alarm Logs The Administrator can back up event alarm logs regularly by downloading it to a file on the computer Step 1 Inthe Event Alarm window click the Download Logs button at the bottom of the screen Step 2 Follow the File Download pop up box to save the event alarm logs into specific directory on the hard drive Clearing Event Alarm Logs The Administrator may clear on line logs to keep the most updated logs on the screen 128 BM 500 Bandwidth Management Gateway User s Manual Step 1 Inthe Event Alarm window click the Clear Logs button at the bottom of the screen Step 2 Inthe Clear Logs pop up box click OK 109 BM 500 Bandwidth Management Gateway User s Manual 4 13 Accounting Report Accounting
60. d the route to edit and click the corresponding Modify option in the Configure field Step 2 Inthe Modify Static Route window modify the necessary routing addresses Step 3 Click OK to apply changes or click Cancel to cancel it 35 BM 500 Bandwidth Management Gateway User s Manual PLANET Route Table o Habwarilos E Commit A Modify Static Route Authentication Removing a Static Route Step 1 Inthe Route Table window find the route to remove and click the corresponding Remove option in the Configure field Step 2 Inthe Remove confirmation pop up box click OK to confirm removing or click Cancel to cancel it 36 BM 500 Bandwidth Management Gateway User s Manual PLANET Route Table sll Destination IP Netmask Internal 192 168 4 0 255 255 255 0 192 168 99 2 Modify Remove Microsoft Internet Explorer 2 Do you really want to delete Cx 4 1 9 DHCP In the section the Administrator can configure DHCP Dynamic Host Configuration Protocol settings for the LAN LAN network Entering the DHCP window Click System on the left hand side menu bar then click DHCP below it The DHCP window appears in which current DHCP settings are shown on the screen mcrae BM 500 Bandwidth Management Gateway User s Manual PLANET DHCP Dynamic IP Address Subnet 192 168 99 0 Netmask 255 255 255 0 Gateway 192 168 99 160 Broadcast 192 168 99 255 Enabl
61. ddress of the WAN network and the real IP is translated to a private IP of the LAN network Mapped IP and Virtual Server are the two methods to translate the real IP into private IP Mapped IP maps IP in one to one fashion that means all services of one real WAN IP address is mapped to one private LAN IP address Entering the Mapped IP window Step 1 Click Mapped IP under the Virtual Server menu bar and the Mapped IP configuration window will appear PLANET Mapped IP External IP Map To Virtual IP Address Schedule Interface Authentication Content Filtering MB i Accounting Report aoe L a ry Pee a Definition External IP WAN IP Address Map to Virtual IP The IP address which WAN maps to the virtual network in the server Configure To change the setting click Configure to modify the parameters click delete to delete the setting 103 BM 500 Bandwidth Management Gateway User s Manual Adding a new IP Mapping Step 1 In the Mapped IP window click the New Entry button The Add New Mapped IP window will appear n WAN IP select the WAN public IP address to be mapped n Internal IP enter the LAN private IP address will be mapped 1 to 1 to the WAN IP address Step 2 Click OK to add new IP Mapping or click Cancel to cancel adding PLANET Mapped IP e ok J Cancel Authentication Content Filtering ced a mE e TTE ee Ria Ge
62. dress of the WAN port Modify Modify dynamic DNS settings Click Modify to change the DNS parameters click Delete to delete the settings How to use dynamic DNS The Bandwidth Management Gateway provides many service providers users have to register prior to use this function For the usage regulations see the providers websites How to register Firstly Click Dynamic DNS in the System menu to enter Dynamic DNS window then click Add button on the right side of the service providers click Register the service providers website will appear please refer to the website for the way of registration 41 BM 500 Bandwidth Management Gateway User s Manual PLANET DIDIN j S DynDNS www clyndns org USA Climas Y External IP _m Automatically Language Permitted IPs Click to link to the website selected on the left Authentication Add Dynamic DNS settings Step 1 Click Add button Step 2 Click the information in the column of the new window Service providers Select service providers Register to the service providers website WAN IP Address IP Address of the WAN port automatically fill in the WAN IP Check to automatically fill in the WAN IP User Name Enter the registered user name Password Enter the password provided by ISP Internet Service Provider Domain name Your host domain name provided by ISP Click OK to add dynamic DNS or click Cancel to d
63. e Bandwidth Management Gateway This function protects your system while you are away Step 2 Click Logout the Bandwidth Management Gateway Step 3 Click OK to logout or click Cancel to discard the change 45 BM 500 Bandwidth Management Gateway User s Manual Pe j 4 Microsoft Internet Explorer x V Do you really want to Logout Schedule 4 1 13 Software Update Under Software Update the admin may update the device s software with a newer software You may acquire the current version number of software in Version Number Administrators may visit distributor s web site to download the latest version and save it in server s hard disc Step 1 Click Browse to select the latest version of Software Step 2 Click OK to update software AG BM 500 Bandwidth Management Gateway User s Manual PLANET Software Update os Version Number v 2 06 Software Update Ca ex Planet _Bm200_020600 im9 Software U Interface s EXT aa NOTE It takes three minutes to update the software The system will restart automatically after updating the software A7 BM 500 Bandwidth Management Gateway User s Manual 4 2 Interface In this section the Administrator can set up the IP addresses for the office network The Administrator may configure the IP addresses of the Internal LAN network and the External WAN network The netmask and gateway IP
64. e Communication Service will be recorded NOTE To correctly display the pizza chart please install the latest java VM for http www java com PLANET Outbound Top 1 10 ii e Starting Time Thu May 23 22 32 28 2002 No EAERI Downstream Upstream y First Packet v Last Packet Duration Action Content Filtering gEREREBE eta gt A j A 7 pi y f 31 FT T T11 rT as RS y f i E i ts al gt h gt I y Laue ad SE AD ceniuntinma Dannrt ccoun na A Lela J 55555555 5 2MB Outbound Statistics Reset Counter 133 BM 500 Bandwidth Management Gateway User s Manual PLANET Outbound Service Distribution Era AAA Lc ET Definitions TOP Select the data you want to view It presents 10 results in one page According to the downstream upstream report of the selected TOP numbering to draw the Protocol Distribution chart ih a G amp G s amp s Pull down menu selection toggle between two display mode Service The report of Communication Service when LAN users use the Bandwidth Management Gateway to connect to WAN service server Downstream The percentage of downstream and the value of each WAN service server who uses Bandwidth Management Gateway to connect to LAN user Upstream The percentage of upstream and the value of each LAN user who uses Bandwidth Management Gateway to WAN s
65. e DHCP Support Domain Name fo DNS Server 1 1669511 DNS Server 2 168 9511 0 WINS Server 1 o WINS Server 2 e Client IP Range 1 192 168 991 To 19216899159 Client IP Range 2 192 168 99 161 To 19216899254 TETE Leased Time 24 hours Address Authentication Toara ME AT x ee MSALA En a E A ee E uA om i 71 a TI i Em m f i 3 O e 4 her i ae an a Pp T F ree aim j n j fan A 4 Jr Un E E uri piel O t 7 i F z m Ph tim wie ni a F 1 58 iat E _ fe LA tw fa sama E ME 1 lr ie zr 1 A 7 y ia Sy i ie im Y T Ao a i Ts ee ea Bo a x i ao af f ES Aa F ae a af iz ee akg Dynamic IP Address functions n Subnet LAN network s subnet n NetMask LAN network s netmask n Gateway LAN network s gateway IP address n Broadcast LAN network s broadcast IP address Enabling DHCP Support Step 1 Inthe Dynamic IP Address window click Enable DHCP Support Domain Name The Administrator may enter the name of the LAN network domain if preferred DNS Server 1 Enter the distributed IP address of DNS Server 1 DNS Server 2 Enter the distributed IP address of DNS Server 2 WINS Server 1 Enter the distributed IP address of WINS Server 1 WINS Server 2 Enter the distributed IP address of WINS Server 2 Client IP Address Range 1 Enter the starting and the ending IP address dynamically assigning to DHCP clients Client IP Address Range 2 Enter the
66. e LAN section of the Address menu To create a new source address please go to the LAN section under the Address menu 88 BM 500 Bandwidth Management Gateway User s Manual Destination Address Select the name of the WANnetwork from the drop down list The drop down list contains the names of all WAN networks defined in the WANsection of the Address window To create a new destination address please go to the WANsection under the Address menu Service Specified services provided by WANnetwork servers These are srvices application that are allowed to pass from the LAN network to the WANnetwork Choose ANY for all services Action Select Permit or Deny from the drop down list to allow or reject the packets travelling between the source network and the destination network Logging Select Enable to enable flow monitoring Statistics Select Enable to enable flow statistics Schedule Select the pre defined schedule name from the pull up menu The policy will be executed in the specific time slot automatically Alarm Threshold set a maximum flow rate in Kbytes Sec An alarm will be sent if flow rates are higher than the specified value QoS To determine if the QoS function can work in this Policy function Click OK to add a new outgoing policy or click Cancel to cancel adding a new outgoing policy To change the Policy order of Outgoing select the number from the pull down menu on the right hand side Move column
67. e menu bar on the left hand side and then select the sub selection Connection Logs Step 2 In Connection Log window click the Clear Logs button Step 3 In Clear Logs window click OK to clear the logs or click Cancel to discard changes 2422 BM 500 Bandwidth Management Gateway User s Manual PLANET Connection Log System May beliebid Next Interface Connection Log Address Service May 26 21 26 47 Warning couldn t open ppp database varirunipppd tdb Schedule dk TAR ppi 4 10 tO as itis already in use Authentication DY Do you really want to delete e MTU to 1500 Content Filtering Virtual Server Clear Logs Download Logs Accounting Report Statistics iO im j m i a ethic mU ie LJ a a a 4 A i Y i Far b 5 a i de ss 1 AS Y A z i oY mH erate k hi g T 4 11 4 Log Backup Step 1 Click Log Log Backup PLANET Log Backup Log Mail Configuration O Enable Log Mail Support When Log Full 300Kbytes Bandwidth Management Appliance sends Log You must set E mail Alarm gt enable syslog Settings O Enable Syslog Messages Syslog Host IP Address Syslog Host Port j Log Mail Configuration When the Log Mail files accumulated up to 300Kbytes router will notify 2400 BM 500 Bandwidth Management Gateway User s Manual administrator by email with the traffic log and event log NOTE Before enabling this function you have to configure
68. e opened If the number of ports entered in the two fields of Service port is identical it means that the entered port number is opened Configure Configure the settings in Service table Click Modify to change the parameters in Service table Click Remove to delete the selected setting NOTE In the Custom window if one of the services has been added to Policy or Group In Use message will appear in the Configure column In this case you are not allowed to modify or remove the settings Go to the Policy or Group window to delete the setting and then you can configure the settings Adding a new Service In the Custom window click the New Entry button and a new service table appears In the new service table 69 BM 500 Bandwidth Management Gateway User s Manual n New Service Name This will be the name referencing the new service n Protocol Enter the network protocol type to be used such as TCP UDP or Other please enter the number for the protocol type n Client Port enter the range of port number of new clients n Server Port enter the range of port number of new servers The client port ranges from 1024 to 65535 and the server port ranges from 0 to 1023 Step 1 Click OK to add new services or click Cancel to cancel Step 2 Click OK to accept editing or click Cancel ene Interface Address Schedule 5D Wn Authentication rey do Content Filtering 8 e TCP e UDP
69. ebUl ok For Static IP Address This option is for users who are assigned a static IP Address from their ISP Your ISP will provide all the information needed for this section such as IP Address Netmask Gateway and DNS Use this option if you have more than one public IP Address assigned to you IP Address Enter the static IP address assigned to you by your ISP This will be the public IP address of the External WAN port of the Bandwidth Management Gateway Netmask This will be the Netmask of the external WAN network i e 255 255 255 0 Default Gateway This will be the Gateway IP address DNS Server 1 2 Enter the DNS 1 2 server provided by ISP See Note Max Upstream Bandwidth Max Downstream Bandwidth The bandwidth provided by ISP Upstream Downstream can be up to 10Mbps no Ping Select this to allow the external network to ping the IP Address of the Firewall This will allow people from the Internet to be able to ping the Firewall If set to enable the Bandwidth Management Gateway will respond to echo request packets from the external network 54 BM 500 Bandwidth Management Gateway User s Manual WebUI Select this to allow the Bandwidth Management Gateway WEBUI to be accessed from the External WAN network This will allow the WebUI to be configured from a user on the Internet Keep in mind that the Bandwidth Management Gateway always requires a username and password to enter the WebUI After setting all of
70. ed To view the traffic and event log of the system click Log function in the menu bar on the left hand side To view the alarm records of the system click Alarm function in the menu bar on the left hand side To view the statistics Y of the system click Statistics function in the menu bar on the left hand side Bandwidth Management Gateway can execute the schedule in time slot automatically To modify the schedule click the Schedule function in the menu bar Adding an Incoming Policy Under Incoming of the Policy menu click the New Entry button 93 BM 500 Bandwidth Management Gateway User s Manual Source Adaress Outsicle Any 6 es tin t ic TY Ad ir 235 richard v Service Service NetMeeting QoS Logging E Enable Policy SCHEGUIE officehours i Incoming i mee jict flog Log Accounting Report Statistics Source Address Select the name of WAN from the pull down menu The names of WAN listed in this pull down menu are the Source Addresses that are already set If you want to add new WAN addresses to WAN of address menu you have to go to WAN function window to configure you will not be able to add new WAN addresses here Source Address Select the name of WAN from the pull down menu The names of WAN listed in this pull down menu are the Source Addresses that are already set If you want to add new WAN addresses to WAN of address menu y
71. ed and maximum bandwidth levels for inbound outbound traffic in each class The administrator can also define three priority levels for each policy to ensure that high priority packets receive the maximum available bandwidth In addition each policy can have a schedule defined for when the policy is activated or inactivated in increments of 30 minutes Both the NAT mode and transparent mode are supported therefore allowing the existing network structure to remain the same without reconfiguring The BM 500 provides policy based firewall protection and several hacker protections to prevent any hacker attack Besides the comprehensive alarm and log function allow the network Management Gateway to easily enhance the security of local network 1 1 Features Provides four 10 100Mbps LAN port and one 10 100Mbps WAN port Supports NAT mode and transparent mode Transparent mode requires no changing for the original network structure Traffic classification bases on IP IP range subnet TCP UDP port range Guaranteed and maximum bandwidth with 3 level of priorities Dynamic and prioritized bandwidth sharing with fairness between equal level priority Assigns daily and weekly access schedule to each individual policy Professional Network Log and Accounting Report Supports MRTG like Traffic Statistics easy to trace and analyze Provides Multi Servers Load Balancing Provides Dynamic DNS and DHCP server functions Supports Content Filter on scheduled time S
72. en set up with an IP address click the New Service button in the table Step 2 Inthe Virtual Server Configurations window n Virtual Server Real IP displays the WAN IP address assigned to the Virtual Server n Service Name Port select the service from the pull down list that will be provided by the Real Server Load Balance Server n External Service Port Input the port number that the virtual server will use Changing the Service will change the port number to match the service n Load Balance Server The internal server IP address mapped by the virtual server Four computer IP addresses can be set at most and the load can be maintained in a balance by round robin algorithm Step 3 Enter the IP address of the LAN network server s to which the virtual server will be mapped Up to four IP addresses can be assigned at most Step 4 Click OK to save the settings of the Virtual Server 110 BM 500 Bandwidth Management Gateway User s Manual NOTE The services in the drop down list are all defined in the Pre defined and Custom section of the Service menu PLANET Virtual Server 1 i HTTP 80 x Service 3088 aa Schedule gt Server Virtual IP 19216899166 192 168 99 167 Content Filtering 192168 99 168 19216899169 ok Jl Cancel Accounting Report Adding New Virtual Server Service Configuration Step 1 Select Virtual Server in the menu ba
73. enabling the needed detect functions click OK to activate the changes 4 1 8 Route Table In this section the Administrator can add static routes for the networks Entering the Route Table screen Click System on the left side menu bar then click Route Table below it The Route Table window appears in which current route settings are shown 230 2 BM 500 Bandwidth Management Gateway User s Manual PLANET Route Table A Destination IP Netmask Interface at ta nF sooo E TN poate E Route Table functions n Interface Destination network LAN or WAN 1 networks Destination IP IP address of destination network NetMask Netmask of destination network n n n Gateway Gateway IP address for connecting to destination network n Configure Change settings in the route table Adding a new Static Route Step 1 Inthe Route Table window click the New Entry button Step 2 Inthe Add New Static Route window enter new static route information Step 3 Inthe Interface field s pull down menu choose the network to connect LAN WAN Step 4 Click OK to add the new static route or click Cancel to cancel Sl BM 500 Bandwidth Management Gateway User s Manual PLANET Route Table E us ok JI Cancel Date Time Language Permitted IPs Multiple NAT Hacker Alert Authentication Modifying a Static Route Step 1 Inthe Route Table menu fin
74. ep 1 Click Policy on the left hand side menu bar Step 2 Click Outgoing under it A window will appear with a table displaying currently defined Outgoing policies 86 BM 500 Bandwidth Management Gateway User s Manual Outgoing Interface Address Authentication a A Content Filtering a dm Po ne E p ark Alarm Accounting Report Statistics N gt A AAA A le Any Outside Any a gB 0 o novels ME The fields in the Outgoing window are n Source source network addresses that are specified in the LAN section of Address menu or all the LAN network addresses n Destination destination network addresses that are specified in the WAN section of the Address menu or all of the WAN network addresses n Service specify services provided by WAN network servers n Action control actions to permit or reject deny packets from LAN networks to WAN network travelling through the Bandwidth Management Gateway n Option specify the monitoring functions on packets from LAN networks to WAN networks travelling through the Bandwidth Management Gateway n Configure modify settings 5 Descriptions for Policy figures Permit the specified packets from LAN network to WAN Figure E ee Statistics Schedule Block Block the specified packets from LAN network to WAN oc w D log Traffic and event log function is enabled Flow statistics f
75. ep 2 Click OK to save modifications or click Cancel to cancel modifications AL TA ISLE I AS Interface Ss Address Outside Any vi Destination Address rian SN Schedule chedule I PERMIT u Enable le Enable Authentication aoe aoe schedule officehours TA LA L e D bon DL aad 5 i lig A i i Incoming ox nr Accounting Report Statistics Log Source Address Select the name of WAN from the pull down menu The names of WAN listed in this pull down menu are the Source Addresses that are already set If you want to add new WAN addresses to WAN of address menu you have to go to WAN function window to configure you will not be able to add new WAN addresses here Destination Address Select the name of LAN from the pull down menu The names of LAN listed in this pull down menu are The Mapped IP or Server Virtual IP configured in the Mapped IP or Virtual Server 1 2 3 4 window under Virtual Server function To add new items into the pull down menu go to Virtual Server window to configure Service Select the service item from the pull down menu Action Select from the pull down menu to determine the WAN Virtual Server or Mapped IP packets are permitted or forbidden to pass Select Permit or Forbid Logging Select Enable to enable the Logging function Statistics Select Enable the enable the Statistics function Schedule Select the item li
76. ervice server First Packet When the first packet is sent to the WAN Service Server the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet is sent from the WAN Service Server the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time starts from the first packet to the last packet to be recorded Total Traffic The Bandwidth Management Gateway will record the sum of time and show the percentage of each Communication Service s upstream downstream to WAN service server Reset Counter Click the Reset Counter button to refresh the Accounting Report 134 BM 500 Bandwidth Management Gateway User s Manual 4 13 2 Inbound Click Service in the menu bar on the left hand side of the window Click Group under it vt IA System Top Interface Starting Time Thu May 23 22 32 28 2002 Address iser Upstream Downstream First Packet LastPacket Duration Action Ls 1 211 23 80 85 A 05 23 23 09 41 05124 04 59 08 Remove 2 192 168 9962 66KB 16 4KB 0524 00 41 49 05 24 05 47 08 05 05 19 Remove o E 3 203702491 22Ke 70208 0523 23 09 41 08124 04 59 08 05 49 24 Remove Authentication a 192 168 99260_ 4008 312KB 085723 22 33 23 05124 05 47 17 07 13 54 Remove ia rs 1921689862 00B 32Ks 05124 00 41 zenera 169 254 226
77. ess Group c Selected address gt TainanOffice l ManagerHome lt available address gt Talnanttffice ManaqerHome 64 BM 500 Bandwidth Management Gateway User s Manual Modifying a WAN Group Step 1 Inthe WAN Group window locate the network group to be modified and click its corresponding Modify button in the Configure field Step 2 A window displaying the information of the selected group appears n Available Address list the names of all the members of the WAN network n Selected Address list the names of the members that have been assigned to this group Step 3 Add members Select the names to be added in the Available Address list and click the Add gt gt button to add them to the Selected Address list Step 4 Remove members Select the names to be removed in the Selected Address list and click the lt lt Remove button to remove them from the Selected Address list Step 5 Click OK to save changes or click Cancel to discard changes PLANET WAN Group System Modify Address Group Interface Name OutsideUser i ir aF z me Ls toe ari 1 Li PE __ lt Available address gt lt Selected address gt TainanOtice TainanOfice ManagerHome ManagerHome _WAN Group _Add gt gt 7 ok j Cancel Content Filtering Accounting Report Removing a WAN Group Step 1 Inthe WAN Group wi
78. etect tear drop attacks These are packets that are segmented to small packets with negative length Some Systems treat the negative value as a very large number and copy enormous data into the System to cause System damage such as a shut down or a restart Detect IP Spoofing Attack Select this option to detect spoof attacks Hackers disguise themselves as trusted users of the network in Spoof attacks They use a fake identity to try to pass through the Bandwidth Management Gateway System and invade the network Filter IP Source Route Option Each IP packet can carry an optional field that specifies the replying address that can be different from the source address specified in packet s header Hackers can use this address field on disguised packets to invade LAN networks and send LAN networks data back to them Detect Port Scan Attack Select this option to detect the port scans hackers use to continuously scan networks on the Internet to detect computers and vulnerable ports that are opened by those computers Detect Land Attack Some Systems may shut down when receiving packets with the same source and destination addresses the same source port and destination port and when SYN on the TCP header is marked Enable this function to detect such abnormal packets Default Packet Deny Denies all packets from passing the Bandwidth Management Gateway A packet can pass only when there is a policy that allows it to pass After
79. f O Reset Factory Settings O Enable E mail Alert Notification Device Name gt y l Sender Address Required by some ISPs i SMTP Server fp E mail Address 1 a E mail Address 2 e Mail Test MailT est Serice Schedule i HTTP Port E Ll Authentication Fort lez O Re Login if Idle 30 Minutes Restoring Factory Default Settings Step 1 Select Reset Factory Settings under Bandwidth Management Configuration Click OK at the bottom right of the screen to restore the factory settings 18 BM 500 Bandwidth Management Gateway User s Manual PLANET Setting il 4 Bandwidth Management Configuration Export System Settings to Client Import System Settings from Client C Documents and Setti Browse l ex bandwidth conf E Reset Factory Settings Enable E mail Alert Notification Dados Nam Cc E xy j Sender Address Required by some ISPs mms SMTP Server E mail Address 1 a LC E mail Address 2 SY Mail Test MailTest Service HTTP Port eo nl Authentication Port Re Login if Idle 30 Minutes Enabling E mail Alert Notification Step 1 Select Enable E mail Alert Notification under E Mail Settings This function will enable the Bandwidth Management Gateway to send e mail alerts to the System Administrator when the network is being attacked by hackers or when emergency conditions occur Step 2 SMTP Server IP Enter SMTP server s IP addre
80. hackers continuously send PING packets to all the machines of the LAN networks or to the Bandwidth Management Gateway your network is experiencing an ICMP flood attack This can cause traffic congestion on the network and slows the network down After enabling this function the System Administrator can enter the number of ICMP packets per second that is allowed to enter the network Bandwidth Management Gateway Once the ICMP packets exceed this limit the activity will be logged in Alarm and an email alert is sent to the Administrator The default ICMP flood threshold is set to 1000 Pkts Sec n Detect UDP Flood Select this option to detect UDP flood attacks A UDP flood attack is similar to an ICMP flood attack After enabling this function the System Administrator can enter the number of UDP packets per second that is allow to enter the network Bandwidth Management Gateway Once the UDP packets exceed this limit the activity will be logged sop BM 500 Bandwidth Management Gateway User s Manual in Alarm and an email alert is sent to the Administrator The default UDP flood threshold is set to 1000 Pkts Sec Detect Ping of Death Attack Select this option to detect the attacks of tremendous trash data in PING packets that hackers send to cause System malfunction This attack can cause network speed to slow down or even make it necessary to restart the computer to get a normal operation Detect Tear Drop Attack Select this option to d
81. he PPPoE connection to disconnect at all Ping Select this to allow the external network to ping the IP Address of the Firewall This will allow people from the Internet to be able to ping the Firewall If set to enable the Bandwidth Management Gateway will respond to echo request packets from the external network WebuUI Select this to allow the Bandwidth Management Gateway WEBUI to be accessed from the External WAN network This will allow the WebUI to be configured from a user on the Internet Keep in mind that the Bandwidth Management Gateway always requires a username and password to enter the WebUI After completing the setting click OK For Dynamic IP Address Cable Modem User This option is for users who are automatically assigned an IP address by their ISP such as cable modem users The following fields apply IP Address The dynamic IP address obtained by the Firewall from the ISP will be displayed here This is the IP address of the External WAN port of the Bandwidth Management Gateway MAC Address This is the MAC Address of the Bandwidth Management Gateway User Name Some ISPs may require This is provided by your ISP Hostname his will be the name assign to the Bandwidth Management Gateway Some cable modem ISP assign a specific hostname in order to connect to their network Please enter the hostname here If not required by your ISP you do not have to enter a hostname Max Upstream Downstream Bandwidth The bandw
82. i 458MB 34MB Reporting time Fri May 24 05 32 06 2002 Statistics Reset Counter Definition TOP Select the data you want to view it presents 10 results in one page Pull down menu selection Destination IP The IP address used by WAN service server which uses Bandwidth Management Gateway Downstream The percentage of downstream and the value of each WAN service server which uses Bandwidth Management Gateway to LAN user Upstream The percentage of upstream and the value of each LAN user who uses Bandwidth Management Gateway to WAN service server 100 BM 500 Bandwidth Management Gateway User s Manual First Packet When the first packet is sent from WAN service server to LAN users the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet from LAN user is sent to WAN service server the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time which starts from the first packet to the last packet to be recorded Total Traffic The Bandwidth Management Gateway will record the sum of time and show the percentage of each WAN service server s upstream downstream to LAN user Reset Counter Click Reset Counter button to refresh Accounting Report Outbound Service Accounting Report When LAN users use Bandwidth Management Gateway to connect to WAN Service Server all of the Downstream Upstream First Packet Last Packet Duration log of th
83. ic The Bandwidth Management Gateway will record the sum of time and show the percentage of each WAN user s upstream downstream to LAN service server Reset Counter Click the Reset Counter button to refresh the Accounting Report Inbound Service Accounting Report When WAN users use Bandwidth Management Gateway to connect to LAN Service Server all of the Downstream Upstream First Packet Last Packet Duration log of the Communication Service will be recorded NOTE To correctly display the pizza chart please install the latest java VM for http www java com Top 1 10 e Starting Time Thu May 23 22 32 28 2002 Address a SO Serco A A OE ET EO 05 24 01 10 senice Schedule a Authentication pa lar et eit mE et a f AT 0 0 0 0 0 6 Remove Total Traffic 15 5 K 2 3MB RA Wey AE Inbound Status Reset Counter 2107 BM 500 Bandwidth Management Gateway User s Manual Service Distribution Authentication Content Filtering Definitions TOP Select the data you want to view It presents 10 results in one page According to the downstream upstream report of the selected TOP numbering to draw the Protocol Distribution chart ae a toggle between two display mode Pull down menu selection Service The report of Communication Service when WAN users use the Bandwidth Management Gateway to connect to LAN service server Downstream The percentage of downst
84. idth provided by ISP Upstream Downstream can be up to 10Mbps Renew Requests for receiving the new WAN IP address Release Requests for releasing the obtained WAN IP address 50 BM 500 Bandwidth Management Gateway User s Manual Ping Select this to allow the external network to ping the IP Address of the Firewall This will allow people from the Internet to be able to ping the Firewall If set to enable the Bandwidth Management Gateway will respond to echo request packets from the external network WebuUI Select this to allow the Bandwidth Management Gateway WEBUI to be accessed from the External WAN network This will allow the WebUI to be configured from a user on the Internet Keep in mind that the Bandwidth Management Gateway always requires a username and password to enter the WebUI After setting all of the parameters click OK button a aE Sa IP Address 192 168 993 160 system ela 552552550 dicas Enable Ping WebUl Address WAN Interface PPPoE ADSL User Dynamic IP Address Cable Modem User A A Static IP Address Schedule Authentication a 5 z e p q IP Address 0 0 0 0 Content Filtering MAC Address 00 E0 98 AS EB AC Virtual Server Hostname AN L gq E Domain Name ci ser Name Requires by e ya 7 Password Requires by 7 Te a Max Downstream Bandwidth Kbps Max 10 Mbps Max Upstream Bandwidth Kbps Max 10 Mbps Enable O Ping O W
85. in Rea ee e cas MAA AS 4 a are TT ES En TA z 3 ym oar en if m K Es Mew Sub Admin Microsoft Internet Explorer El Y Do you really want to delete Interface Address Service Schedule Authentication Content Filtering pm is z GP o li a E B r A ia o ai f a m Md ry p br i r i h we elit E pic El EE i i s feir f q 4 1 2 Settings The Administrator may use this function to backup Bandwidth Management Gateway configurations and export save them to an Administrator computer or anywhere on the network or restore a configuration file to the device or restore the Bandwidth Management Gateway back to default factory settings Entering the Settings window Click Setting in the System menu to enter the Settings window The Bandwidth Management Gateway Configuration settings will be shown on the screen 16 BM 500 Bandwidth Management Gateway User s Manual PLANET Setting a Metering amp Connais Ail Bandwidth Management Configuration Export System Settings to Client Import System Settings from Client sO Browse ex bandwidth conf O Reset Factory Settings O Enable E mail Alert Notification Device Name BandwicthManagement Sender Address Required by some ISPs _ SMTP Server je E mail Address 1 ey k ate E mail Address 2 A Mail Test MailTest Service EXT HTTP Port ai Poliey Authentication Fort Re Login if Idle
86. in the Configure field Step 2 A confirmation pop up box will appear click OK to remove the DNS Proxy or click Cancel 4 1 11 DDNS The Dynamic DNS require Dynamic DNS Service allows you to alias a dynamic IP address to a static hostname allowing your device to be more easily accessed by specific name When this function is enabled the IP address in Dynamic DNS Server will be automatically updated with the new IP address provided by ISP AQ BM 500 Bandwidth Management Gateway User s Manual PLANET DDNS External Interface IP 168 95 88 1 a exter Interface Address A a oe a Tia D e sui h gt a 7 H Mo fur PU Er oy FO an co Mo vr a ee E oe el i 2 Ln aT F a 7 o Mica e ee Ms r ee O po 7 i D Tims AE eS Ml tl Se pe tl tne a k T p e e 0 Se A A r E nn E j L fs q mm er re Yf x a Mr or k ON n A ry a LES i y J z 27 a xk ee t T y y i ME al a a A ries ye Oar 4 a aida Y 1 a Blo i E E mm mt Epa ty me 7 i i j ri f 1 oT r y qe MN PP oD 7 ii TD E i ee a as 7 ke Y _ m ete Ae coe T m eee Dra Dare boosie E Pe a ah ma p e 1 Authentication Click DDNS in the System menu to enter Dynamic DNS window The nouns in Dynamic DNS window Update Status Connecting update succeed Update fail amp Unidentified error Domain name Enter the password provided by ISP WAN IP Address IP Ad
87. iscard changes 42 BM 500 Bandwidth Management Gateway User s Manual PLANET DDNS Add New Dynamic DNS Admin Service Provider DynDNS www cyndns org USA Y Sianue 168 95 88 1 Automatically planetbmS00 ok cance J Software Update Address Schedule Authentication Modify dynamic DNS Step 1 Find the item you want to change and click Modify Step 2 Enter the new information in the Modify Dynamic DNS window Click OK to change the settings or click Cancel to discard changes 43 BM 500 Bandwidth Management Gateway User s Manual SEE Dyn www cyndns org USA Y Bans External IP EN ci Automatically planetom500 osesses O O O ok Ok Cancel cel DNS Proxy DONS Schedule Authentication Remove Dynamic DNS Step 1 Find the item you want to change and click Remove Step 2 Aconfirmation pop up box will appear click OK to delete the settings or click Cancel to discard changes 44 BM 500 Bandwidth Management Gateway User s Manual PLANET DDNS External Interface IP 168 95 88 1 El ne if ii aE p TF CX Ty 1 s 95 F E 1 1 u K planetbm5 w bm500 dyndns org Microsoft Internet Explorer EJ a YY Do you really want to delete Authentication 4 1 12 Logout Step 1 Select this option to the device s Logout th
88. l of Ee Er A EA ee Mapped IP ey ee Accounting Report e y A M e ae x ma A a ha Modifying a Mapped IP Step 1 In the Mapped IP table locate the Mapped IP you want it to be modified and click its corresponding Modify option in the Configure field Step 2 Enter settings in the Modify Mapped IP window Step 3 Click OK to save change or click Cancel to cancel 104 BM 500 Bandwidth Management Gateway User s Manual PLANET Mapped IP Interface Address o z Schedule Authentication E n r n Fy tl n i Content Filtering oN L Status NOTE A Mapped IP cannot be modified if it has been assigned used as a destination address of any Incoming policies Removing a Mapped IP Step 1 Inthe Mapped IP table locate the Mapped IP desired to be removed and click its corresponding Remove option in the Configure field Step 2 Inthe Remove confirmation pop up window click OK to remove the Mapped IP or click Cancel to cancel 105 BM 500 Bandwidth Management Gateway User s Manual e System ExternalIP Map To Virtual IP PLANET Mapped IP Configure weeoree es 100716600165 adit Burau Interface ECE NAAA Address Service New Entry rs Microsoft Internet Explorer Authentication p LY Do you really want to delete Content Filteri
89. m from the group Step 6 Click OK to add the new group ene Add Service Group Name Eat E_ x__ A m a i d Address lt Selected service gt Address e nn FE NetMeeting bail ia gt Modifying Service Groups Step 1 Inthe Mod modify group window the following fields are displayed n Available Services lists all the available services n Selected Services list services that have been assigned to the selected group Step 2 Add new services Select services in the Available Services list and then click the Add gt gt button to add them to the group Step 3 Remove services Select services to be removed in the Selected Services list and then click the lt lt Remove button to remove theses services from the group Step 4 Click OK to save editing changes 273s BM 500 Bandwidth Management Gateway User s Manual PLANET O Mabreridog A Comemetratinn Modify Service Group i Al lt Selected service gt FTP GOPHER AAA JHTTP Schedule Authentication gt ai Ok Cancel Content Filtering Log Alarm Accounting Report Statistics Ma ls f ry i i r f y a Removing Service Groups In the Remove confirmation pop up box click OK to remove the selected service group or click Cancel to cancel removing Group name Service Configure Microsoft Internet Explorer ES
90. matically execute the function in a certain time and range Alarm Threshold To set the maximum value of transmitting and receiving packet enter the number based on the unit KBytes Sec QoS To determine if the QoS function can work in this Policy function Click OK to execute the new setting or click Cancel to discard changes NOTE If you want to change or add new items in the pull down menu go to the corresponding chapter for setup Source Address LAN of Address menu Destination Address WAN of Address menu 90 BM 500 Bandwidth Management Gateway User s Manual Removing the Outgoing Policy Step 1 Inthe Remove confirmation dialogue box click OK to remove the policy or click Cancel to cancel removing PLANET Outgoing NoJ Source Destination Service Action Option Configure Move aE Ee ee DR oT ain Pe Eee Inside Any Outside Any OB Address 1 MA E R aa E Outside Any ba aie a es E gmp A es PS 0 E oo oe F phe yi a l E mcd BY A NN ac pp een A HOD Fae Pl erty ET Microsoft Internet Explorer ES Outgoing tr LY Do you really want to delete Beas Content Filtering h Lo Accounting Report Statistics Status gia E a A A 1 4 8 2 Incoming This chapter describes steps to create policies for packets and services from the WAN network to the LAN network including Ma
91. means you can setup four virtual servers at most Setup under the Virtual Server sub selections Virtual Server 1 2 3 4 in the menu bar on the left hand side The administrator can select Virtual Server1 2 3 4 under Virtual Server selection in the menu bar on the left hand side click Server Virtual IP to add or change the virtual server IP address click Click here to configure to add or change the virtual server service configuration Adding a Virtual Server Step 1 Click an available virtual server from Virtual Server in the Virtual Server menu bar to enter the virtual server configuration window In the following Virtual Server is assumed to be the chosen option Step 2 Click the click here to configure button and the Add new Virtual Server IP window appears and asks for an IP address from the WAN network Step 3 Select an IP address from the drop down list of available WAN network IP addresses 107 BM 500 Bandwidth Management Gateway User s Manual Step 4 Click OK to add new Virtual Server or click Cancel to cancel adding PLANET Virtual Server 1 Wetweorileg amp Comper at lcm Add New Virtual Server IP ed es E _ eS oe Jf cones Content Filtering Virtual Server ce a t aTi a te JA Ara E E o Tr A 5 L Li Modifying a Virtual Server IP Address Step 1 Click the virtual server to be modified Virtual Server under the
92. n If the figures appear in the column it means that the function is enabled On the other hand if there is no figures appeared in the column it means that the function is not enabled The fields of the Incoming window are n Source source networks which are specified in the WAN section of the Address menu or all the WAN network addresses n Destination destination networks which are IP Mapping addresses or Virtual server network addresses created in Virtual Server menu n Service services supported by Virtual Servers or Mapped IP n Action control actions to permit or deny packets from WAN networks to Virtual Server Mapped IP travelling through the device 99 BM 500 Bandwidth Management Gateway User s Manual n Option specify the monitoring functions on packets from WAN _ networks to Virtual server Mapped IP travelling through the Bandwidth Management Gateway n Configure modify settings or remove incoming policy n Move this sets the priority of the policies number 1 being the highest priority Descriptions for Policy figures Name Deseplon Permit the specified packets from WAN to LAN Block the specified packets from WAN network to LAN network Log Traffi and event log function is enabled Statistics Flow statistics function is enabled The automatic execution function in Schedule table has Schedule been enabled Alarm Threshold Traffic and event alarm function is enabled Qos Qs function is enabl
93. n enabled This means the client computers on the LAN network including the Administrator PC can set their TCP IP settings to automatically obtain an IP address from the Bandwidth Management Gateway The following table is a list of private IP addresses These addresses may not be used as a WAN IP address 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 STEP 2 Once the Administrator PC has an IP address on the same network as the Bandwidth Management Gateway open up an Internet web browser and type in http 192 168 1 1 in the address bar A pop up screen will appear and prompt for a username and password A username and password is required to connect to the Bandwidth Management Gateway Enter the default login username and password of Administrator see below Username admin Password admin Click OK BM 500 Bandwidth Management Gateway User s Manual Connect to 192 168 1 1 Bandwidth Administration Tools User name admin l Remember my password 3 2 Setting Up in Transparent Mode STEP 1 After entering the username and password the Bandwidth Management Gateway WEB UI screen will display Select the Interface tab on the left menu and a sub function list will be displayed e Select Transparent Mode e Enter required information to their corresponding fields LAN interface IP Address NetMask Default Gateway DNS Server system Interface n S
94. n the custom menu users can define other TCP port and UDP port numbers that are not in the pre defined menu according to their needs When defining custom services the client port ranges from 1024 to 65535 and the server port ranges from O to 1023 How do I use Service The Administrator can add new service group names in the Group option under Service menu and assign desired services into that new group Using service group the Administrator can simplify the processes of setting up control policies For example there are 10 different computers that want to access 5 different services on a server such as HTTP FTP SMTP POP3 and TELNET Without the help of service groups the Administrator needs to set up 50 10x5 control policies but by applying all 5 services to a single group name in the service field it takes only one control policy to achieve the same effect as the 50 control policies 4 4 1 Pre defined Entering a Pre defined window Step 1 Click Pre defined under it A window will appear with a list of services and their associated IP addresses This list cannot be modified 267s PLANET s E Interface Address Group Schedule Authentication Policy elsi f Content Filtering Log Alarm Accounting Report Statistics Status BM 500 Bandwidth Management Gateway User s Manual Pre defined Icons and Descriptions 4 4 2 Custom TCP services i g FTP FINGER HTTP HT
95. ndow find the domain name you want to view Step 3 Inthe Statistics window find the network you want to view and click Minute on the right hand side and then you will be able to view the Statistics figure every minute click Hour to view the Statistics figure every hour click Day to view the Statistics figure every day Y Coordinate Network Traffic Kbytes Sec X Coordinate Time Hour Minute Day 10 PLANET Metweorklog amp Comme i s Authentication Content Filtering Accounting Report BM 500 Bandwidth Management Gateway User s Manual Policy Statistics Bytes sec Service ANY Action PERMIT Minute Hour Day Inside_Any to Outside_Any Downstream 54 2 K Max id LK 41 2 k AA af k Bits per Seconds 15 7 k Minute MA Maximum stream Mi Traffic stream M Average stream 143 BM 500 Bandwidth Management Gateway User s Manual 4 15 Status In this section the device displays the status information about the Bandwidth Management Gateway Status will display the network information from the Configuration menu The Administrator may also use Status to check the DHCP lease time and MAC addresses for computers connected to the Bandwidth Management Gateway 4 15 1 Interface Status Entering the Interface Status window PLANET Interface Status system Uptime 2 Day 22 Hour 46 Min 46 Sec AAA Forwarding Mode Transparent Transparent PPPoE Connection Status PP
96. ndow locate the group to be removed and click its corresponding Modify option in the Configure field Step 2 Inthe Remove confirmation pop up box click OK to remove the group or click Cancel to discard changes 65 PLANET A System Interface AN Group Authentication Policy E a 5 BE E ee ee ee Fi Ta g Mo La rl _ i ae Content Filtering Log Alarm Accounting Report Statisti BM 500 Bandwidth Management Gateway User s Manual WAN Group Microsoft Internet Explorer E LY Do you really wank to delete x Cara 66 BM 500 Bandwidth Management Gateway User s Manual 4 4 Service In this section network services are defined and new network services can be added There are three sub menus under Service which are Pre defined Custom and Group The Administrator can simply follow the instructions below to define the protocols and port numbers for network communication applications Users then can connect to servers and other computers through these available network services What is Service TCP and UDP protocols support varieties of services and each service consists of a TCP Port or UDP port number such as TELNET 23 SMTP 21 POP3 110 etc The Bandwidth Management Gateway defines two services pre defined service and custom service The common use services like TCP and UDP are defined in the pre defined service and cannot be modified or removed I
97. ng MappedIP Se A A a PR E Mir 7 ya E da a mores 1031 SEVer 3a AS Log 4 10 2 Virtual Server Virtual server is a one to many mapping technique which maps a real IP address from the WAN interface to private IP addresses of the LAN network This function provides services or applications defined in the Service menu to enter into the LAN network Unlike a mapped IP which binds a WAN IP to a LAN IP virtual server binds WAN IP ports to LAN IP ports 106 BM 500 Bandwidth Management Gateway User s Manual PLANET Virtual Server 1 Virtual Server Real IP click here to configure Service Name Port External Port Server VirtualIP Configure Schedule Content Filtering a a Ta Pn E Gerrer L ana at bel N a Virtual Server 1 Accounting Report A Je A U JA a NE M Arya A n Definition Virtual Server IP The WAN IP address configured by the virtual server Click Click here to configure button to add new virtual server address Service name The service names that provided by the virtual server Port The TCP UDP ports that present the service items provided by the virtual server Server Virtual IP The virtual IP which mapped by the virtual server Configure To change the service configuration click Configure to change the parameters click Delete to delete the configuration This virtual server provides four real IP addresses which
98. ng Report Statistics Status The following items are displayed in this window Name the name assigned to the schedule Comment a short comment describing the schedule Configure modify or remove 75 BM 500 Bandwidth Management Gateway User s Manual Adding a new Schedule Step 1 Click on the New Entry button and the Add New Schedule window will appear n Schedule Name Fill in a name for the new schedule n Period 1 Configure the start and stop time for the days of the week that the schedule will be active Step 2 Click OK to save the new schedule or click Cancel to cancel adding the new schedule PLANET Schedule System sid Add New Schedule Schedule Name oficehour Period CU 600 Ea EE NOTE In setting a Schedule the value in Start time must be less than the value in Stop Time or you cannot add or configure the setting Modifying a Schedule Step 1 Inthe Schedule window find the policy to be modified and click the corresponding Modify option in the Configure field Make needed changes Step 2 Click OK to save changes 76 BM 500 Bandwidth Management Gateway User s Manual Schedule Modify Schedule Schedule Name cofficehours Period _ Start Time Stop Time System Interface Address Week Day 5 Authentication D o is 2 IN 09 00 AN Policy Content Filtering Log Alarm Accounting Report Statistics Cancel Removing
99. ng or blocking certain websites to enter Configuration To change the settings of URL Blocking click Modify to change the parameters click Delete 97 BM 500 Bandwidth Management Gateway User s Manual to delete the settings How to use URL Blocking Description of signs means to permit to enter means wild card To block certain websites Enter the complete domain name or key words of the website you want to block in the Block String column For example www yahoo com or yahoo Only permit certain websites to enter Enter the complete domain name or key words of the website you permit to enter and add the sign in the front For example www yahoo com or yahoo After setting all the websites you permit entering add the sign in front of the last website you want to permit entering Note This instruction is always put in front of the last one If you want to add new websites to permit entering you have to remove the instruction of blocking all websites and then key in the new domain name after that add the block all instruction URL Blocking ve Block String Schedule Configure Adding a URL Blocking policy Step 1 After clicking New Entry the Add New Block String window will appear Step 2 Enter the URL of the website to be blocked Step 3 Click OK to add the policy Click Cancel to discard changes 98 BM 500 Bandwidth Management Gateway User s Manual
100. ngth 91 BM 500 Bandwidth Management Gateway User s Manual PLANET Setting ad Device Name bm 500 Sender Address Required by some ISPs bm500 planet com tw SMTP Server planet com tw E mail Address 1 E mail Address 2 operator planet com ty Mail Test Web Management WAN Interface HTTP Port Authentication Management Authentication Port B2 PE Re Login if Idle Minutes MTU Setting MTU Bytes To Appliance Packets Log Schedule sa O Enable To Appliance Packets Log Authentication rm Reboot Bandwidth Management Appliance Content Filtering To Appliance Packets Log Once this function is enabled every packet to this appliance will be recorded for the administrator to trace Step 1 Select this option to the device s To Appliance Packets Log Once this function is enabled every packet to this appliance will be recorded for system administrator to trace Setting 28 sender Address Required by some ISPs SMTP Server pu E mail Address 1 E mail Address 2 oe Mail Test MailTest HTTP Port leo Authentication Management Authentication Port 182 Re Login if Idle Minutes Sof MTU Setting ERP MTU Bytes EXE Enable To Appliance Packets Log Schedule ka System Reboot Reboot Bandwidth Management Appliance Policy 22 BM 500 Bandwidth Management Gateway User s Manual System Reboot Once this function is enabled the Bandwidth Management G
101. nistrator may enable e mail alert notification This will alert Administrator s automatically whenever the Bandwidth Management Gateway has experienced unauthorized access or a network hit hacking or flooding Once enabled an IP address of a SMTP Simple Mail Transfer protocol Server is required Up to two e mail addresses can be entered for the alert notifications Date Time This function enables the Bandwidth Management Gateway to be synchronized either with an Internet Server time or with the client computer s clock Language Both Chinese and English are supported in the Bandwidth Management Gateway Multiple NAT Multiple NAT allows local port to set multiple subnet works and connect with the Internet through different WAN IP Addresses Address Enables the Administrator to authorize specific internal external IP address s for Management Gateway Hack Alert When abnormal conditions occur the Bandwidth Management Gateway will send an e mail alert to notify the Administrator and also display warning messages in the Event window of Alarm Route Table Use this function to enable the Administrator to add static routes for the networks when the dynamic route is not efficient enough DHCP Administrator can configure DHCP Dynamic Host Configuration Protocol settings for the LAN LAN network Dynamic DNS The Dynamic DNS require Dynamic DNS Service allows you to alias a dynamic IP address _ 2 BM 500 Bandwidth Management Gateway
102. nnect to LAN service server all of the Downstream Upstream First Packet Last Packet Duration log of the Destination IP will be recorded Top 1 10 o Starting Time Thu May 23 22 32 28 2002 No EEEE Upstream Downstream First Packet LastPacket Duration Action QoS Content Filtering SIE MAC Address 00 30 4F 0B 3C B8 a Neem LIEI SKB Take 5232328 0 0 0 6 105 0 6 i 0 0 0 0 Total Traffic 15 5 24 MB as Reporting ti me 5 May 24 ae 44 2002 Inbound Statistics Definitions 136 BM 500 Bandwidth Management Gateway User s Manual TOP Select the data you want to view It presents 10 pages in one page Pull down menu selection Destination IP The IP address used by WAN users who uses Bandwidth Management Gateway Downstream The percentage of Downstream and the value of each WAN user who uses Bandwidth Management Gateway to LAN service server Upstream The percentage of Upstream and the value of each LAN service server who uses Bandwidth Management Gateway to WAN users First Packet When the first packet is sent from WAN users to LAN service server the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet is sent from LAN service server to WAN users the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time starts from the first packet to the last packet to be recorded Total Traff
103. ou have to go to WAN function window to configure you will not be able to add new WAN addresses here Destination Address Select the name of LAN from the pull down menu The names of LAN listed in this pull down menu are The Mapped IP or Server Virtual IP configured in the Mapped IP or Virtual Server 1 2 3 4 window under Virtual Server function To add new items into the pull down menu go to Virtual Server window to configure Service Select the service item from the pull down menu Action Select from the pull down menu to determine the WAN Virtual Server or Mapped IP packets are permitted or forbidden to pass Select Permit or Forbid Logging Select Enable to enable the Logging function Statistics Select Enable the enable the Statistics function Schedule Select the item listed in the schedule to enable the policy to automatically execute the function in a certain time and range Alarm Threshold To set the maximum value of transmitting and receiving packet enter the number based on the unit KBytes Sec QoS To determine if the QoS function can work in this Policy function 94 BM 500 Bandwidth Management Gateway User s Manual Click OK to execute the new setting or click Cancel to discard changes NOTE To change the Policy order of Incoming select the number from the pull down menu on the right hand side Move column Modifying Incoming Policy Step 1 Inthe Modify Policy window fill in new settings St
104. ounting Report 247 lt BM 500 Bandwidth Management Gateway User s Manual Chapter 4 Web Configuration 4 1 System The Bandwidth Management Gateway Administration and monitoring control is set by the System Administrator The System Administrator can add or modify System settings and monitoring mode The sub Administrators can only read System settings but not modify them In System the System Administrator can 1 Add and change the sub Administrator s names and passwords 2 Back up all Bandwidth Management Gateway seitings into local files 3 Set up alerts for Hackers invasion System is the managing of settings such as the privileges of packets that pass through the Bandwidth Management Gateway and monitoring controls Administrators may manage monitor and configure Bandwidth Management Gateway settings All configurations are read only for all users other than the Administrator those users are not able to change any settings for the Bandwidth Management Gateway Admin has control of user access to the Bandwidth Management Gateway He she can add remove users and change passwords Setting The Administrator may use this function to backup Bandwidth Management Gateway configurations and export save them to an Administrator computer or anywhere on the network or restore a configuration file to the device or restore the Bandwidth Management Gateway back to default factory settings Under Setting the Admi
105. pped IP and Virtual Server Enter Incoming window Step 1 Click Incoming under the Policy menu to enter the Incoming window The Incoming table will display current defined policies from the WAN network to assigned Mapped IP or Virtual Server 91 BM 500 Bandwidth Management Gateway User s Manual No Source Destination ServicelAction Option Configure Move zt Outside _Any Inside Any ANY Es E J hodit Remove 1 ME Schedule Inliru i Incoming AA Content Filtering Alarm Accounting Report Definition Incoming No The numbering of the selected Policy starting with Number 1 Source Address The WAN address was selected in WAN function of the Address Table Destination Address The mapped IP or Virtual Server IP configured in the Mapped IP or Virtual Server 1 2 3 4 window under Virtual Server function Service The service item provided by Virtual Server or Mapped IP Action Control actions to permit or reject packets from LAN networks to WAN network or Virtual Server Mapped IP traveling through the Bandwidth Management Gateway Option Control actions to monitor packets from WAN network or Virtual Server Mapped IP traveling through the Bandwidth Management Gateway The first column is the logging function The second column is the Statistics function The third column is the Schedule function The fourth column is the Alarm Threshold function The fifth column is the QoS functio
106. pter 2 Hardware Installation 2 1 Installation Requirements Before installing the Bandwidth Management Gateway make sure your network meets the following requirements Mechanical Requirements The Bandwidth Management Gateway is to be installed between your Internet connection and local area network The Bandwidth Management Gateway can be placed on the table or rack Locate the unit near the power outlet Electrical Requirements The Bandwidth Management Gateway is a power required device it means the Bandwidth Management Gateway will not work until it is powered If your networked PCs will need to transmit data all the time please consider use an UPS Uninterrupted Power Supply for your Bandwidth Management Gateway lt will prevent you from network data loss In some area installing a surge suppression device may also help to protect your Bandwidth Management Gateway from being damaged by unregulated surge or current to the Bandwidth Management Gateway Network Requirements In order for Bandwidth Management Gateway to manage traffic the traffic must pass through Bandwidth Management Gateway at a useful point in a network In most situations the bandwidth Management Gateway should be placed behind the Internet connection device This deployment allows the network administers to control all bandwidth based on business priorities and give business critical and time sensitive applications guarantee bandwidth and higher priority
107. r ISP provided STEP 2 Click on the Policy tab from the main function menu and then click on Outgoing from the sub function list Click on the Policy tab from the main function menu and then click on Incoming from the sub function list STEP 3 Click on New Entry button STEP 4 When the New Entry option appears enter the following configuration Source Address select Inside_Any Destination Address select Outside_Any Service select ANY Action select Permit Click on OK to apply the changes 10 BM 500 Bandwidth Management Gateway User s Manual PLANET Outgoing Heteoridng A Commando dd New Policy Source Address ERIM isd RE Outside Any E aa Er pal Incoming Content Filtering Log Accounting Report Statistics Status STEP 5 The configuration is successful when the screen below is displayed Make sure that all the computers that are connected to the LAN port have their Default Gateway IP Address set to the Bandwidth Management Gateway s LAN IP Address i e 192 168 1 1 At this point all the computers on the LAN network should gain access to Internet immediately If a Bandwidth Management Gateway filter function is required please refer to Address and Policy sections Outgoing No Source DestinationlServicelAction Option _ Configure Move El eee eee EA EA ee Service Policy Outgoing Incoming Content Filtering Acc
108. r on the left hand side and then select Virtual Server 1 2 3 4 sub selections Step 2 In Virtual Server 1 2 3 4 Window click New Service button Step 3 Enter the parameters in the Virtual Server Configuration column 111 BM 500 Bandwidth Management Gateway User s Manual PLANET Virtual Server 1 System Virtual Server Configuration Address i ort FTF 21 i E Schedule ii SERRE ET ia Content Filtering 192 168 99 192 Virtual Server Tiez16893193 i Virtual Server 1 A H i oF a n n Virtual Server Real IP displays the WAN IP address assigned to the Virtual Server n Service Name Port select the service from the pull down list that will be provided by the Real Server Load Balance Server n External Service Port Input the port number that the virtual server will use Changing the Service will change the port number to match the service n Load Balance Server The internal server IP address mapped by the virtual server Four computer IP addresses can be set at most and the load can be maintained in a balance by round robin algorithm Click OK to execute adding new virtual server service or click Cancel to discard adding Remember to configure the service items of virtual server before you configure Policy or the service names will not be shown in Policy Modifying the Virtual Server configurations Step 1 In the Virtual Server window s service
109. ream and the value of each WAN user who uses Bandwidth Management Gateway to LAN service server Upstream The percentage of upstream and the value of each LAN service server who uses Bandwidth Management Gateway to WAN user First Packet When the first packet is sent to the LAN Service Server the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet is sent from the LAN Service Server the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time starts from the first packet to the last packet to be recorded Total Traffic The Bandwidth Management Gateway will record the sum of time and show the percentage of each Communication Service s upstream downstream to LAN service server 138 BM 500 Bandwidth Management Gateway User s Manual Reset Counter Click the Reset Counter button to refresh the Accounting Report 139 BM 500 Bandwidth Management Gateway User s Manual 4 14 Statistics In this chapter the Administrator queries the Bandwidth Management Gateway for statistics of packets and data which passes across the Bandwidth Management Gateway The statistics provides the Administrator with information about network traffics and network loads What is Statistics Statistics are the statistics of packets that pass through the Bandwidth Management Gateway by control policies setup by the Administrator How to use Statistics The Admini
110. ress Based on the network it belongs to an IP address can be an LAN IP address WAN IP address If the Administrator needs to create a control policy for packets of different IP addresses he can first add a new group in the LAN Network Group or the WAN Network Group and assign those IP addresses into the newly created group Using group addresses can greatly simplify the process of building control policies With easily recognized names of IP addresses and names of address groups shown in the address table the Administrator can use these names as the source address or destination address of control policies The address table should be built before creating control policies so that the Administrator can pick the names of correct IP addresses from the address table when setting up control policies How to use Address Table With easily recognized names of IP addresses and names of address groups shown in the address table the Administrator can use these names as the source address or destination address of control policies The address table should be built before creating control policies so that the Administrator can pick the names of correct IP addresses from the address table when setting up control policies 4 3 1 LAN Entering the LAN window Step 1 Click LAN under the Address menu to enter the LAN window The current setting information such as the name of the LAN network IP and Netmask addresses will show on the screen 53
111. rt TF g ai ES Lola oe 7 r pe TUERI A Y IS a Statistics 2 3 939 157 133 1 5 55 244 PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP PROTO ICMP SRC 1 4 SRC 1 94 SRC 1 94 SRC 1 94 SRC 192 SAc 142 SRC 192 SRC 192 SRCH 192 SRC 1 94 SRC 192 SRC 192 SRC 192 SRC 1 4 SRC 1 4 SRC 192 SRC 1 4 JOF J UDP 1444 Clear Logs Download Logs Clearing the Traffic Logs The Administrator may clear on line logs to keep just the most updated logs on the screen Step 1 Inthe Traffic Log window click the Clear Logs button at the bottom of the screen Step 2 Inthe Clear Logs pop up box click Ok to clear the logs or click Cancel to cancel it s117 BM 500 Bandwidth Management Gateway User s Manual Traffic Log May 23 08 04 54 192 168 99 253 192 168 99 161 PLANET Herring amp correa tion e ICMP 0 ACCEPT ACCEPT May 23 08 04 54 192 168 99 161 192 168 99 253 May 23 08 04 53 192 168 99 161 192 168 99 160 Interface Address Service TCP 80 ACCEPT May 23 08 04 53 192 168 99 253 192 168 99 161 ICMP 0 ACCEPT May 23 08 04 53 192 168 99 161 192 168 99 253 E ACCEPT May 23 08 04 52 192 168 99 161 192 168 99 160 TCP 80 ACCEPT May 23 08 04 Microsoft In
112. s and pre defined policy The bandwidth Management Gateway will need the three parameters before it operates the bandwidth control Host illustrated in section 4 1 6 Services illustrated in section 4 1 7 and Policy illustrated in section 4 2 However some of the configurations are also required Please refer to the related section for the details 96 BM 500 Bandwidth Management Gateway User s Manual 4 9 Content filtering Content Filtering includes URL Blocking and General Blocking u k URL Blocking The administrator can use a complete domain name key word or to make rules for specific websites General Blocking To let Popup ActiveX Java Cookie in or keep them out 4 9 1 URL Blocking The Administrator may setup URL Blocking to prevent LAN network users from accessing a specific website on the Internet Any web request coming from an LAN network computer to a blocked website will receive a blocked message instead of the website Entering the URL blocking window Step 1 Click on URL Blocking under the Configuration menu bar Step 2 Click on New Entry PLANET URL Blocking Block String Schedule gt Aur URL Blocking A A Log Accounting Report Statistics y i i PLE AAA Ar Ber 2 e E Definition Block String The domain name that is permitted or blocked to enter by Bandwidth Management Gateway Schedule This schedule is used to set the time of permitti
113. ss Step 3 E Mail Address 1 Enter the first e mail address to receive the alarm notification Step 4 E Mail Address 2 Enter the second e mail address to receive the alarm notification Optional Click OK on the bottom right of the screen to enable E mail alert notification 19 BM 500 Bandwidth Management Gateway User s Manual Bandwidth Management Configuration Export System Settings to Client Import System Settings from Client CADocuments and Setti Browse dii Renee ont O Reset Factory Settings E mail Settings Enable E mail Alert Notification Device Name Sender Address Required by some ISPs bm500 planetcomtw SMTP Server planetcomiw _ E mail Address 1 admin planet com tw _ E mail Address 2 loperator planetcom Mail Test Service E HTTP Port a Policy sd Authentication Port 182 Re Login if Idle 30 Minutes Web Management WAN Interface Remote Ul Management The administrator can change the port number used by HTTP port anytime Remote Ul Management Step 1 Set Web Management WAN Interface The administrator can change the port number used by HTTP port anytime Authentication The administrator can specify the port number and authentication time of authentication management system for LAN user to access WAN network Needs to setup authentication table in advance Authentication functions Authentication Port The port number used for user login page
114. ss a blocked URL the error below will appear A http Awww msn com Microsoft Internet Explorer Sele Fie Edit View Favorites Tools Help a o p T ox EE an Back gt ie x A p Search S Favorites Address 2 Ate aia msn comi ey This page is blocked a Internet BM 500 Bandwidth Management Gateway User s Manual 4 9 2 General Blocking To let Popup Activex Java or Cookies in or keep them out Step 1 Click Content Filtering in the menu Step 2 General Blocking detective functions Popup filtering Prevent pop up boxes from appearing Activex filtering Prevent ActiveX packets Java filtering Prevent Java packets Cookie filtering Prevent Cookie packets Step 3 After selecting each function click the OK button below PLANET General Blocking System General Blocking L Popup Block C ActiveX Block E Java Block Cl Cookie Block cee tt oth al ote ckina Lo Pall wee Ss yl j J General Blocking A A TA A m EZ o Accounting Report Statistics When the system detects the setting the Bandwidth Management Gateway will spontaneously work 101 BM 500 Bandwidth Management Gateway User s Manual 4 10 Virtual Server The Bandwidth Management Gateway separates an enterprise s Intranet and Internet into LAN networks and WAN networks respectively Generally speaking in order to allocate enough IP addresses for all computers an enterprise assigns
115. sted in the schedule to enable the policy to automatically execute the function in a 95 BM 500 Bandwidth Management Gateway User s Manual certain time and range Alarm Threshold To set the maximum value of transmitting and receiving packet enter the number based on the unit KBytes Sec QoS To determine if the QoS function can work in this Policy function Click OK to execute the new setting or click Cancel to discard changes NOTE if you want to change or add new items into the pull down menu go to the original configuration unit Removing an Incoming Policy Step 1 In the Remove confirmation window click Ok to remove the policy or click Cancel to cancel removing PLANET Incoming System No Source Destination Service Action Option Configure AAA e a Sp bes te TA ap een OP IO Epean tener lO Schedule os MERETE Microsoft Internet Explorer E E alo a A iar ee Do you really want to delete a Incoming Content Filtering EE This chapter introduces how to configure the Bandwidth Management Gateway to effectively control your bandwidth usage On the top of the Web interface there is three major menu of the bandwidth Management Gateway System Settings The basic system configurations Policy Editor The policy that will be used to manage the bandwidth Report The reporting system of the bandwidth Management Gateway base on the system setting
116. strator can get the current network status from statistics and use the information provided by statistics as a basis to mange networks How to apply WAN Statistics The Administrator needs to go to Policy to set the network IP addresses that you want to gather statistics in this way the administrator can handle the whole network condition and takes it as a basis of managing the network The administrator needs to go to the Policy to set the network IP of the WAN statistics By the Wan statistics you can obtain the status of the network 4 14 1 WAN Statistics Step 1 Click Statistics in the menu bar on the left hand side and then select WAN Statistics Step 2 The WAN Statistics will be displayed 140 BM 500 Bandwidth Management Gateway User s Manual Bits sec Bytes sec Utilization Minute Hour Day Content Filtering Accounting Report _ WAN Statistics WAN Downstream Ze fl So E ag ab lay site on Me Se ga sees Gade js A y ES a aaia ag Se pe aoe a hiya Oe agate a ja ae ieesa bits per Seconds FR 0 6 M de eat ee ears ee cats eee alae ae pay eee ats aaa se ae alae ae pyre PE pay po Max 0 3M _ _ __ _ A A ne AA E AR A E RC RO 5 12 nize a Bidz noe 6 Z 6 12 Minutes MA VAN stream Mi Maximum stream M Average stream WAN Upstream 2 2 M Figure13 1 WAN Statistics This statistics provide three figure WAN Downstream WAN Upstream WAN Receive Packets WAN
117. t Gateway is 255 255 255 0 Ping Select this to allow the internal network to ping the IP Address of the Firewall If set to enable the Bandwidth Management Gateway will respond to ping packets from the internal network WebuUI Select this to allow the Bandwidth Management Gateway WEBUI to be accessed from the Internal LAN network 48 PLANET Wetweorhing amp Correcta Address Schedule Authentication Content Filtering Virtual Server Log Alarm Accounting Report Statistics a ve qu alex qu Step 1 Step 2 Step 3 Address Schedule Authentication Content Filtering Virtual Server Lo Accounting Report Statistics Status a oS m Ja m BM 500 Bandwidth Management Gateway User s Manual Interface Transparent Mode NAT Mode IP Address Netmask Enable LAN Interface Tazas 255 255 2550 Ping WebUl WAN Interface O PPPoE ADSL User Dynamic IP Address Cable Modem User Static IP Address IP Address Netmask Default Gateway DNS Server 1 DNS Server 2 Max Downstream Bandwidth Max Upstream Bandwidth Enable ADSL user Interface setting PPPoE External Interface Select Interface function in the menu bar Check the item PPPoE ADSL User below WAN Interface Enter each parameter of WAN Interface 2304 Kbps Max 10 Mbps Kbps Max 10 Mbps Ping WebUl WAN Interface PPPoE ADSL User AA
118. table locate the name of the service desired to be modified and click its corresponding Modify option in the Configure field Step 2 Inthe Virtual Server Configuration window enter the new settings Step 3 Click OK to save modifications or click Cancel to discard changes ads BM 500 Bandwidth Management Gateway User s Manual PLANET Virtual Server 1 Virtual Server Configuratio Virtual ServerRealIP n 16895886 HTTP en 8088 Server Virtual IP_ 192168 99 166 192 168 99 167 19216899168 Click OK to execute the change of the virtual server or click Cancel to discard changes NOTE If the destination Network in Policy has set a virtual server it will not be able to change or configure this virtual server you have to remove this configuration of Policy and then you can execute the modification or configuration Removing the Virtual Server service Step 1 In the Virtual Server window s service table locate the name of the service desired to be removed and click its corresponding Remove option in the Configure field Step 2 In the Remove confirmation pop up box click OK to remove the service or click Cancel to cancel removing 118 BM 500 Bandwidth Management Gateway User s Manual Virtual Server 1 Virtual Server Real IP Service Name Port External Port Server Virtual IP Service 192 168 99 166 Microsoft
119. te Re Login if Idle Minutes Serice EE To Appliance Packets Log O Enable To Appliance Packets Log System Reboot Content Filtering Reboot Bandwidth Management Appliance In the form of controlling the Outgoing Policy enable the Authentication User Function PLANET Outgoing ECT nside_Any v Jar CU Interface Address Schedule Authentication J Cancel Accounting Report Statistics Status 83 BM 500 Bandwidth Management Gateway User s Manual When the user s idle time exceed the Re Login If Idle time and the user wan to connect to WAN the authentication web page will be shown again or user need to manually input the login page Once user enters the correct user name and password he can access the WAN resource again User Login Page Definitions n User Name The name of the Authentication you want to configure n Password The input carries on the authentication the password uN a 3 Authentication Microsoft Internet Explorer Bia File Edit wiew Favorites Tools Help Beck E gt x E HA pa Search S Favorites A media NN aj Address hetp J192 168 1 1 82 gt ins User Login richard Ep Modifying the Authentication User Step 1 In the Authentication window locate the User name you want to edit and click on Modify in the Configure field Step 2 The Modify Auth User Password window will appear En
120. ter in the required information n Auth User show original authentication user n Password show original password n New Password enter new password n Confirm Password enter the new password again Step 3 Click OK to confirm authentication user change or click Cancel to cancel it 84 BM 500 Bandwidth Management Gateway User s Manual PLANET Authentication Aitr idag amp bencana System Interface Address Service Schedule Modify User Password Content Filtering Log Alarm Accounting Report Statistics Status Removing a Authentication User Step 1 In the Authentication table locate the user name you want to remove and click on the Remove option in the Configure field Step 2 The Remove confirmation pop up box will appear Step 3 Click OK to remove that Authentication User or click Cancel to cancel PLANET Authentication Hatwerklog amp Conca los System Interface Address Schedule QoS Microsoft Internet Explorer E LY Do you really want to delete Content Filtering Log Alarm Accounting Report Statistics Status E 1 L om panel J ple ae a 85 BM 500 Bandwidth Management Gateway User s Manual 4 8 Policy This section provides the Administrator with facilities to sent control policies for packets with different source IP addresses source ports destination IP
121. ternet Explorer ES 19 161 UDP 1444 ENEE 9 161 PAE ACCEPT ENTES 2 Do youreally want to delete PELS ACCEPT May 23 08 04 39 161 UDP 1633 ACCEPT May 23 08 04 Lo Je PUTAS May 23 08 04 Ii 3 S 38 20 UDP 53 ACCEPT May 23 08 04 50 139 175 55 244 192 168 99 161 UDP 1919 ACCEPT May 23 08 04 50 192 168 99 161 139 175 55 244 UDP 53 ACCEPT May 23 08 04 50 139 175 55 244 192 168 99 161 UDP 1918 O05 Authentication Policy Content Filtering Event Log Connection Log ee May 23 08 04 50 192 168 99 161 139 175 55 244 Alarm O O May 23 08 04 50 192 168 99 161 139 175 55 244 UDP 53 ACCEPT May 23 08 04 50 139 175 55 244 192 168 99 161 UDP 1444 EXE May 23 08 04 50 192 168 99 161 139 175 55 244 Status sd May 23 08 04 50 139 175 55 244 192 168 99 161 Clear Logs Download Logs 4 11 2 Event Log When the Bandwidth Management Gateway WAN detects events the Administrator can get the details such as time and description of the events from the Event Logs Entering the Event Log window Step 1 Click the Event Log option under the Log menu and the Event Log window will appear 118 BM 500 Bandwidth Management Gateway User s Manual Event Log Clear Logs Download Logs Step 2 The table in the Event Log window displays the time and description of the events n Time time when the event occurred n Event description of the event
122. the logged data to evaluate and troubleshoot the network such as pinpointing the source of traffic congestions 4 11 1 Traffic Log The Administrator queries the Bandwidth Management Gateway for information such as source address destination address start time and Protocol port of all connections Entering the Traffic Log window Step 1 Click the Traffic Log option under Log menu to enter the Traffic Log window 115 BM 500 Bandwidth Management Gateway User s Manual J miae cm PLANET Traffic Log System Ne Interface Address May 23 08 04 54 192 168 99 253 192 168 99 161 May 23 08 04 54 192 168 99 161 192 168 99 253 May 23 08 04 53 192 168 99 161 192 168 99 160 Schedule May 23 08 04 53 192 168 99 253 192 168 99 161 May 23 08 04 53 192 168 99 161 192 168 99 253 ICMP 8 ACCEPT May 23 08 04 52 192 168 99 161 192 168 99 160 May 23 08 04 51 139 175 55 244 192 168 99 161 UDP 1444 ACCEPT May 23 08 04 51 May 23 08 04 50 Authentication Policy Content Filtering Log 207 46 138 20 192 168 99 161 UDP 1920 ACCEPT 192 168 99 161 139 175 55 244 139 175 55 244 192 168 99 161 UDP 1633 139 175 55 244 192 168 99 161 UDP 1444 192 168 99 161 207 46 138 20 May 23 08 04 50 139 175 55 244 192 168 99 161 May 23 08 04 50 192 168 99 161 139 175 55 244 May 23 08 04 50 139 175 55 244 192 168 99 161 UDP 1918 ACCEPT May 23 08 04 50 192 168 99 161 139
123. tion Content Filtering Accounting Report rere lee neers IP Address the IP address of the LAN host computer MAC Address MAC address of the LAN host computer 146
124. tment on the part of PLANET PLANET assumes no responsibility for any inaccuracies that may be contained in this User s Manual PLANET makes no commitment to update or keep current the information in this User s Manual and reserves the right to make improvements to this User s Manual and or to the products described in this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions CE mark Warning This is a class B device In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Trademarks The PLANET logo is a trademark of PLANET Technology This documentation may refer to numerous hardware and software products by their trade names In most if not all cases these designations are claimed as trademarks or registered trademarks by their respective companies Customer Service For information on customer service and support for the Bandwidth Management Gateway please refer to the following Website URL http www planet com tw Before contacting customer service please take a moment to gather the following information Bandwidth Management Gateway serial number and MAC address Any error messages that displayed when the problem occurred Any software running when the problem occurred Steps you took to resolve the problem on your
125. tted IP enter new IP address Step 3 In the confirm window click OK to remove or click Cancel to discard changes 97 BM 500 Bandwidth Management Gateway User s Manual PLANET Permitted IPs a 7 IP Address Netmask Webul 192 168 0 100 255 255 255 255 Modify Remove Permitted IPs Microsoft Internet Explorer E ys Do vou really want to delete Fae 4 aa q A ee ae Lsi i 04 ae IT be Schedule E Content Filtering 4 1 6 Multiple NAT Multiple NAT allows local port to set multiple subnetworks and connect with the Internet through different WAN IP Addresses NOTE This function is only available when the device is configured to NAT mode For instance the lease line of a company applies several real IP Addresses 168 95 88 0 24 and the company is divided into R amp D department service sales department procurement department accounting department the company can distinguish each department by different subnetworks for the purpose of convenient Management Gateway The settings are as the following 1 R amp D department subnetwork 192 168 1 11 24 Internal fl 168 95 88 253 WAN 2 Service department subnetwork 192 168 2 11 24 Internal fl 168 95 88 252 WAN 3 Sales department subnetwork 192 168 3 11 24 Internal fl 168 95 88 251 WAN 4 Procurement department subnetwork 192 168 4 11 24 Internal fl 168 95 88 250 WAN 5 Accounting department subnetwork 192 168 5 11 24 Internal fl
126. unction is enabled The automatic execution function in Schedule table has Move this sets the priority of the policies number 1 being the highest priority been enabled 87 BM 500 Bandwidth Management Gateway User s Manual S jiem Threshold Traffic and event alarm function is enabled las QoS function is enabled Remarks To view the traffic and event log ofthe system click Log function in the menu bar on the left hand side To view the alarm records of the system click Alarm function in the menu bar on the left hand side To view the statistics of the system click Statistics function in the menu bar on the left hand side Bandwidth Management Gateway can execute the schedule 2 function automatically ina certain time and range To modify the schedule click the Schedule function in the menu baron the left hand side Bandwidth Management Gateway can execute the QoS function function automatically To modify the QoS click the QoS function in the menu bar on the left hand side Adding a new Outgoing Policy Click on the New Entry button and the Add New Policy window will appear PLANET Outgoing System ETICO o ne Authentication IAEA Pe ee a Sie x ete hat T i i a Content Filtering Accounting Report Source Address Select the name of the LAN network from the drop down list The drop down list contains the names of all LAN networks defined in th
127. unter Source IP When WAN users use Bandwidth Management Gateway to connect to LAN service server all of the Downstream Upstream First Packet Last Packet Duration log of the source IP will be recorded 135 BM 500 Bandwidth Management Gateway User s Manual Definitions TOP Select the data you want to view It presents 10 pages in one page Select from the Pull down menu Source IP The IP address used by WAN users who use Bandwidth Management Gateway Downstream The percentage of Downstream and the value of each WAN user who uses Bandwidth Management Gateway to LAN service server Upstream The percentage of Upstream and the value of each LAN service server who uses Bandwidth Management Gateway to WAN users First Packet When the first packet is sent from WAN users to LAN service server the sent time will be recorded by the Bandwidth Management Gateway Last Packet When the last packet is sent from LAN service server to WAN users the sent time will be recorded by the Bandwidth Management Gateway Duration The period of time starts from the first packet to the last packet to be recorded Total Traffic The Bandwidth Management Gateway will record the sum of time and show the percentage of each WAN user s upstream downstream to LAN service server Reset Counter Click the Reset Counter button to refresh the Accounting Report Inbound Destination IP Accounting Report When WAN users use Bandwidth Management Gateway to co
128. unting Report function and then select Outbound 130 BM 500 Bandwidth Management Gateway User s Manual PLANET Outbound Top 1 44 Interface Starting Time Thu May 23 22 32 28 2002 Address First Packet Last Packet Duration 05 24 03 13 08 05 24 05 10 06 01 56 58 05123 22 36 37 05 24 05 25 15 06 Authentication Policy Content Filtering o Reset Counter N Statistics p a gt Outbound source IP Accounting Report When LAN users use Bandwidth Management Gateway to connect to WAN service server all of the Downstream Upstream First Packet Last Packet Duration log of the source IP will be recorded PLANET Outbound System Top 1 4 w Interface Starting Time Thu May 23 22 32 28 2002 Address No E 9 1 AA E EEC 05 24 03 13 08 05 24 05 10 06 01 56 58 Remove f Source IP v 192 168 99 1 l 192 168 99 53 SMB 24mB 05 23 22 36 37 05 24 05 29 41 Authentication a 010102 ool 23KB 05124 04 46 60 Policy Content Filtering i a Reset Counter Statistics al Definitions TOP Select the data you want to view it presents 10 results in one page Pull down menu selection Source IP The IP address used by LAN users who use Bandwidth Management gateway to connect to WAN service server Downstream The percentage of downstream and the value of each WAN service server which uses 13
129. upports Virtual Server and IP mapping Multi DMZ Host Supports Multi language web UI easy to manage o gt gt OT Fe FH FTF fF gt gt gt SF Support user authentication based user s user name and password 1 2 Package Contents The following items should be included Bandwidth Management Gateway Power Adapter Quick Installation Guide User s Manual CD If any of the contents are missing or damaged please contact your dealer or distributor immediately BM 500 Bandwidth Management Gateway User s Manual 1 3 Bandwidth Management Gateway Front View gt PLANET Bandwidth Management Gateway Networking 4 Communication 100 O PWR BM 500 LNK ACT O STATUS Power is supplied to this device STATUS Blinks to indicate this devise is being turned on After one minute this LED indicator will stop blinking it means this device is now ready to use on 100Mbps speed LNK ACT Steady on indicates the port is connected to other network device Blink to indicates there is traffic on the port 1 4 Bandwidth Management Gateway Rear Panel WAN AN O E 1 2 3 4 button default settings or other Internet connection device other local network device BM 500 Bandwidth Management Gateway User s Manual 1 5 Specification Product Model Hardware Connections 1 x 10 100Base TX 4 x 10 100Base TX Auto MDI MDI X Reset button fro hardware reset factory default System PWR STATUS
130. ystem TE ACE e Transparent Mode C NAT Mode MEE IP Address 192 168 99 160 ESP Netmask 255 255 255 0 Default Gateway fisz 168 99 253 DNS Server 1 168 95 1 1 DNS Server2 168 45 192 1 Max Downstream Bandwidth 2304 Kbps Max 10 Mbps Max Upstream Bandwidth 2304 Kbps Max 10 Mbps Statistics Enable LAN Ping 7 WebUl Enable WAN M Ping Y WebUl Ok Cancel Note The above figures are only examples Please fill in the appropriate IP address information provided to you by the ISP STEP 2 Click on the Policy tab from the main function menu and then click on Outgoing from the sub function list STEP 3 BM 500 Bandwidth Management Gateway User s Manual Click on New Entry button STEP 4 When the New Entry option appears enter the following configuration Source Address select Inside_Any Destination Address select Outside_Any Service select ANY Action select Permit Click on OK to apply the changes PLANET Outgoing add New Policy Qos Content Filtering Accounting Report Statistics STEP 5 The configuration is successful when the screen below is displayed Make sure that all the computers that are connected to the LAN port have their Default Gateway IP Address set to the Bandwidth Management Gateway s LAN IP Address i e 192 168 1 1 At this point all the computers on the LAN network should gain access to the Internet immediately If
Download Pdf Manuals
Related Search