Edimax BR-6641 router
Contents
1. Network Service WAN Setting 4 LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 18 Network Service Names This function is to configure the name protocol and other parameters of service BR 6641 has a default list of commonly used services These defined names will appear in sub menu of service in Firewall Multihoming etc Service List Name Input the name of service PING F TP Protocol Protocol Number Select protocol for service ICMP Protocol Number e g ICMP Protocol TCP Number is 1 TCP is 6 For more information please refer to concern ES document 47 BR 6641 User Manual ICMP The service used ICMP e g Ping TCP The service used TCP e g FTP UDP The service used UDP Parameter Number Specify the parameter for different Protocols Type Number Input Protocol Number From To Type Input the service type of ICMP Input the Port Number TCP UDP Single Port Number A range of Port Number Input the start port number in From and the end port number in To Table 3 10 Service Name 48 BR 6641 User Manual 3 6 IP Grouping BR 6641 offers a variety of services These services will be discussed in the next chapter In order to help manager configure services efficiently BR 6641 provides a few management tools IP Grouping is one o2. Port Speed The speed and duplex of WAN Port You can 33 BR 6641 User Manual 10Mbps Half duplex Set it manually or system can got it 10Mbps Full duplex automatically 100Mbps Half duplex 100Mbps Full duplex Health Never This function is used to configure the WAN Detection Always link health detection mechanism for the Only ds Pes specific WAN link Please refer to Chapter 3 2 1 WAN Link Health Detection packetis received Input the user s account assigned by ISP Password si Enter the password of the account Automatically Enable this function and ISP will provide IP Obtain IP Address Gateway and Netmask Address Note If your ADSL is dynamic IP check the checkbox If it is static IP please do not Input the IP Address assigned by ISP Table 3 4 PPPoE Mode 34 BR 6641 User Manual 3 1 4 PPTP Mode This model is enabled when BR 6641 is access to PPTP server via Internet Basic Setting Enable Iv Made PPTP Downstream Bandwidth 22220 Upstream Bandwidth 0389 Speed Duplex Port Status Broken MAC Address 00 11 33 03 94 6 Wan Link Only When Packet Is Received Health Detection Host Protocol Destination IP of User Name Password Connection ID Server IP My IP My Subnet mask Figure 3 8 PPTP Mode Basic Setting Field Value Description Down Stream The down stream inbound bandwidth of the WAN link for exa
3. 63 Idle Hour Settings d Kbps Note Set Idle Hour in System Date Time Filters Max Kbps Guarantee BR 6641 User Manual connections on the WAN link Normally we will set up maximum bandwidth for services like WWW or SMTP that have a high volume of traffic and may affect the quality of other services The guaranteed bandwidth for this class This makes sure the connections through the WAN link will be at least allocated with the specified bandwidth It is particularly useful when you want to ensure the quality of a certain type of service e g VolP his defines the maximum bandwidth allowed for the connections on the WAN link Normally we will set up maximum bandwidth for services like WWW or SMTP that have high volume of traffic and may affect the quality of other services Table 4 4 The Description of the Fields in QoS Classes Fea vawe Source Destination Any address LAN WAN Localhost IP Address IP Range Subnet Named addresses lt IP Grouping gt Any address LAN WAN Localhost IP Address Packets sent from the specified source will be matched Any Address Match all packets regardless of its source LAN Match all packets that come from the LAN WAN Match all packets that come from the WAN Localhost Match all packets that come from BR 6641 Localhost IP Address Match packets from a single IP address e g 192 168 1 4 IP Range Mat
4. Basic Subnet The table of Basic Subnet allows you to specify one or more private subnets that connect to BR 6641 directly Basic Subnet Address 192 168 0 1 Netmask eei 255299 0 Port Setting Figure 3 11 LAN Setting Basic Subnet 39 BR 6641 User Manual Input the IP Address of LAN Port in Basic Subnet IP Address and input the corresponding subnet mask in Netmask Select the corresponding Speed Duplex in Port Speed RIP Configuration BR 6641 support RIP Routing Information Protocols for both version 1 and 2 RIP v1 is the basic definition while v2 has some functional enhancements Please refer to IETF s official documents for the complete definition of RIP If your private LAN subnet supports RIP you need to also enable BR 6641 s RIP function by doing as follows RIP RIP v1 n RIP v2 rJ Password Figure 3 12 LAN Private Subnet RIP Configuration If the router in LAN enable RIP v1 check the checkbox in front of RIP v1 If the router in LAN enable RIP v2 check the checkbox in front of RIP v2 BR 6641 supports the transmission of RIP packets If the authentication is enabled on RIP v2 password must be entered in Authentication Password field If there is no predefined password just leave the field blank Static Routing Subnet If there is static routing subnet in LAN you need to use Static Routing Subnet to fulfil the configuration Static Routing Subnet means that a router route out a subne
5. Fixed By Weight By Traffic lt select WAN link s for the algorithm or put a weight on each WAN link gt Enable Disable BR 6641 User Manual service types e g FTP or you can choose the port number in TCP UDP packet To specify a range of port numbers type starting port number plus hyphen and ending port number e g TCP 123 234 Group The packets from the group which are predefined in Service Grouping Any All packets are to be matched Algorithm for Auto Routing Fixed Only route the connections on a fixed WAN link By Weight Input the weight to route the connections to WAN link according to weight By Traffic Route the connection to the WAN link according to total traffic Connection will be route to the link which has more remained bandwidth The type of parameter depends on the algorithm you choose The number represents the number of WAN link You can check the check box under the number telling BR 6641 to apply the algorithm to this WAN link Enable The logging will be enabled Whenever the rule is matched the system will write the event to the log file Disable No log will be generated Table 4 2 The Description of the Fields the Auto Routing Policy Table 59 BR 6641 User Manual 4 3 Virtual Server Virtual Server is a feature to make your intranet LAN servers available to the Internet WAN Because the private IP addresses assigned to the intranet se
6. Network Service Notification Figure 5 2 The Location of Log View Page Menu Bar Fed Vale Delon _ System Log You can pick the log type of Traffic Log your preferred events to be shown in the log viewing window Recent Event Event log listed by order of timestamp Refresh Refresh to get the latest event log Table 5 1 The Description of the Fields on Log View Page 80 BR 6641 User Manual 5 2 Control With this sub menu you can set up how log data will be transmitted to other servers out of BR 6641 for archiving and further analyses Transmission methods include FTP Email and Syslog Each log type can have its own transmission method setting Service Log Control Notification Figure 5 3 Location of Log Control Page on the Menu Bar Description Log Control System Log Select the type of Log file to Traffic Log be pushed System Log Log Method See below Push Now Use this button to start log pushing immediately Traffic Log Log Method See below Push Now Use this button to start log pushing immediately Table 5 2 The Description of the Fields on Log Control Page 81 BR 6641 User Manual Method BR 6641 offers three types of log transmissions FTP out to an external FTP server Syslog out to a syslog server or send emails via SMTP to the administrator s mailbox B E mai
7. l TCP w Figure 3 5 WAN Link Health Detection Description Never BR 6641 assumes a healthy WAN and stop monitoring ICMP and TCP packets Always BR 6641 will always do the health detection according to the rules Only when no packet If BR 6641 detects no inbound WAN traffic it will start the is received health detection Protocol Choose either ICMP or TCP as methods for WAN health detection Input the destination IP Address Port Number of Hops Set the Hops if ICMP is selected Set the Port number if TCP is selected Table 3 2 The description of the field in WAN Link Health Detection 30 BR 6641 User Manual 3 1 2 DHCP Mode This model is enabled when 6641 is a client using DHCP to acquire a dynamic IP address from Basic Setting Enable Mode Downstream Bandwidth Upstream Bandwidth Speed Duplex Port Status MAC Address Wan Link Health Detection Clone an ISP s DHCP server meee 20450 20450 Broken O00 11 485 03 64 46 Host Port Number of UR Protocol Destination IP Hops HEBH v Ele rJ Figure 3 6 DHCP Mode Basic Setting Fed Down Stream The down stream inbound bandwidth of the WAN link for example 25600 Kbps Up Stream The up stream outbound bandwidth of the WAN link for example 25600 Kbps Port Speed Auto The speed and duplex of WAN Port You can 10Mbps Half duplex set it manu
8. Apply page click this button to save your changes to memory the old settings will also be saved 10 BR 6641 User Manual Click this button to recover the old settings which apply has saved Click the Help button to display the on line help of the current page the on line help information will automatically swap when you change the function page or language Click Hide Help to hide the on line help information Table 5 0 Buttons Note The Apply and Reload buttons here are active only on certain pages any parameters modified without click Apply will not be saved to the memory Remember to click Apply when you are ready to move to the next page menu or logout 1 4 2 BR 6641 Rule Filter Policy Table Orders of Rules Filters Policies BR 6641 provides a rule table for you to perform the tasks like system parameter or service policies Often you are required to add or delete rules of your own In general when you have multiple rules in a table BR 6641 matches these rules from top to bottom That is the rules at the top of the table are given a higher precedence Thus to achieve the outcome of your desire the more specific rules should be placed on top of the less specific rules You will see in this table a few icons and their meanings Add a new rule below the current rule Move the current rule one row down Move the current rule one row up Delete the current rule 11 BR 6641 User M
9. access the web based administration Ul open http 192 168 2 1 in your Internet Explorer 6 0 B The default password for the administrator account is 1234 5678 for the monitor account We strongly recommend you to modify the passwords at the first time you log into the web based Ul It is also a wise idea to write down your changed passwords and keep them in a safe place in case you forget them B Check your network environment carefully before installing BR 6641 A well designed network environment with the necessary information such as your network structure IP addresses and network segments information will BR 6641 User Manual help you complete the setup of BR 6641 parameters BR 6641 uses a web based management user interface Web based Ul Due to internal design constraints you have to use MS Internet Explorer 6 0 IE 6 0 or higher to access the Web based UI A screen resolution of 800x600 or higher is recommended Use cross over cable to access BR 6641 Web based UI from the LAN port BR 6641 is shipped with two types of network cable in the box one is a cross over and the other is a straight cable Please use the cross over cable to connect to the computer and LAN port of BR 6641 the LED of the plugged in port will turn on when properly connected BR 6641 User Manual 1 2 Access to the Web based UI The Web based UI enables you to easily perform every configuration task Follow the steps below
10. in any form or by any means electronic mechanical magnetic optical chemical manual or otherwise without the prior written permission of this company This company makes no representations or warranties either expressed or implied with respect to the contents hereof and specifically disclaims any warranties merchantability or fitness for any particular purpose Any software described in this manual is sold or licensed as is Should the programs prove defective following their purchase the buyer and not this company its distributor or its dealer assumes the entire cost of all necessary servicing repair and any incidental or consequential damages resulting from any defect in the software Further this company reserves the right to revise this publication and to make changes from time to time in the contents hereof without obligation to notify any person of such revision or changes The product you have purchased and the setup screen may appear slightly different from those shown in this QIG For more detailed information about this product please refer to the User s Manual on the CD ROM The software and specifications subject to change without notice Please visit our web site www edimax com for the update All right reserved including all brand and product names mentioned in this manual are trademarks and or registeredtrademarks of their respective holders Certain Edimax products include software code developed by third parties i
11. Speed Auto The speed and duplex of WAN Port You can 10Mbps Half duplex set manually or system got it 1OMbps Full duplex 2Utomatically 100Mbps Half duplex 100Mbps Full duplex Health Never This function is used to configure the WAN Detection Always link health detection mechanism for the Only when no specific WAN link packetis received Address IP Address Input the IP Address of BR 6641 in WAN It IP Range can be IP Address IP Range Gateway Input the predefined Gateway e g 211 21 40 254 Subnet Mask a Input the Subnet Mask IP s in DMZ IP Address Input the IP Address of BR 6641 in DMZ It IP Range can be IP Address IP Range Table 3 1 Standard Mode Basic Setting WAN Link Health Detection This function allows MIS to configure how WAN link health detection is performed By fine tuning certain parameters an MIS can adjust BR 6641 to match a particular network structure and or a particular ISP For WAN link health detection BR 6641 sends out ICMP or TCP packets and monitors responses to determine the statuses of those links In the WAN Link 29 BR 6641 User Manual Health Detection page the following parameters are available Health Always Detection Host Port Number of Protocol Destination IP Hops El D B B B Bl Bd E 9 El TEE El ICMP v TEE El ICMP k El
12. enter www MX Record Host Name Enter the prefix of the mail server s domain name For example if the domain name is mail abc com enter mail Priority Enter the priority of the mail servers The higher the priority the lower the number Mail Server Enter the IP address of the mail server Table 4 11 The Description of the Fields in Domain Setting 76 BR 6641 User Manual 4 9 SNMP H Service Log Firewall Auto Routing Virtual Server Qos Multihoming Internal DNS SNMP UPnP Figure 4 14 The Location of Service SNMP on the Menu Bar SNMP Simple Network Management Protocol can be used to manage networks by providing statistical data regarding network performance and security It is often used in the management of TCP IP networks SNMP Settings Enable SNMP Enable Disable SNMP Community Enter the community which the SNMP belongs to The default value is public Enter the description of the machine Table4 12 The Description of the Fields in SNMP Td BR 6641 User Manual 4 10 UPnP System F Network Service Log m Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 15 The Location of Service UPnP on the Menu Bar BR 6641 will detect the publ
13. list IP Grouping If you predefined IP groups in Chapter 3 System IP Grouping their Group Name will be shown the list Packets sent from the specified destination will be matched Any Address Match all packets regardless of its source WAN Match all packets that come from the WAN Localhost Match all packets that come from BR 6641 Localhost IP Address Match packets from a single IP address e g 192 168 1 4 IP Range Match packets from a continuous range of IP addresses e g 192 168 1 10 192 168 1 20 Subnet Match packets that come from a subnet e g 192 168 1 0 255 255 255 0 Named IP addresses If you predefined IP groups in Chapter 3 System Named IP Grouping their group name will be shown in the list IP Grouping If you predefined IP groups in Chapter 3 System IP Grouping their Group Name will be shown the list The services which are predefined in Service Name will be matched For example FTP 21 The packets whose predefined TCP port number in Service Name is 21 are to be match Protocol Number Define the Protocol Number then the packets with the Protocol Number are to be defined ICMP Define the Type value then the packets whose ICMP take this Type value will be defined TCP UDP The TCP UDP service type to be matched You can select the matching criteria from the publicly known 58 Algorithm Parameter UDP lt Service Grouping Name gt Any
14. section s email account settings Network Service View Control Notification Figure 5 4 Location of Log Notification Page on the Menu Bar Notification SNMP Email SNMP Settings Destination IP Community Name Link Fail Email Settings SMTP Server Account Password Mail From Mail To Value Description Select how Email notifications are sent out lt Address The SNMP managing device IP lt Community Name gt The community name Enable this function system will notify administrator when a Link Fail happened SMTP Server Authenticated account for mail server Authenticated password for mail server Ooo i fee 84 BR 6641 User Manual Link Fail Enable this function system will notify administrator when a Link Fail happened Admin Password Change Enable this function system will notify administrator when Administrator password 16 changed Table 5 6 The Description of the Fields on Log Notification 85
15. target device in the Target IP field It accepts either an IP address or a host name You may specify a target device in the Target IP field It accepts either an IP address or FQDN Select a network interface WAN or LAN If it is WAN select WAN link number in Index field Note If a domain name is used to traceroute a DNS server has to be specified in Network gt Host Names Arping Arping is used to detect the MAC address of a computer You may specify a target device in the Target IP field It accepts either an IP address or a host name Select a network interface WAN LAN If it is WAN select WAN link number in Index field For ARP related error messages please refer other materials Note If a host name is used in Target IP field then a DNS server has to be specified in Network gt Names 19 BR 6641 User Manual 2 4 Date amp Time Service Traffic Statistics Diagnostic Tools Administration Figure 3 4 The Location of System Date Time on the Menu Bar 2 4 1 Date amp Time Setting In this page you can set up time related configurations For time zone information You should pick the region first and then the city you are located in or a city of the same time zone as you For example if you are located in Hawaii select US in the left list and then choose Hawaii in the right list BR 6641 can use the NTP protocol to get time f
16. EDIMAX NETWORKING PEOPLE TOGETHER BR 6641 4WAN 1LAN Load Balancer Router User Manual BR 6641 User Manual Table of Contents Chapter Quick Start eodem sues Ur EE cuu Una vou 4 USE Preparation EE 4 1 2 Access to the Web based Ul 6 1 3 BR 6641 Web based UI 8 1 4 How to use BR 6641 Web based 1 10 1 4 1 BR 6641 Operating uo obe e x PR ne Gr det nca 10 1 4 2 BR 6641 Rule Filter Policy Table 11 Chapter 2 m 13 SUMMA idu 14 2 2 Trame etos a 16 23 Wagosi e NT ER 17 ZA NALS pal 20 2 4 1 Date amp Time 2 20 ZA2 B syho r Setting 21 22 Chapters NeDWOLK nidi uic 25 l WAN SEUNG I LT 26 od Standard MOGE 28 90122 DACP MOGE 31 APIO 33 PPTP i 35 2ko JAdVariced Mode DI b
17. Host Name Enter the prefix of the primary workstations name example if the name 15 www abc com enter www 73 BR 6641 User Manual Policy Type The algorithm for selecting WAN links by Wight or by Traffic By Weight Answer DNS queries by the weight given to each link By Total Traffic Answer DNS queries by selecting the WAN link with the lightest total traffic Parameter IP Enter the IP address to answer DNS queries Parameter Weight Input the weight for each WAN Link CName Record Alias Enter the alias of the domain name For example if you wish to use www1 abc com as the alias of www abc com domain name enter www1 in this field Target Enter the real domain name For example if you wish to use www1 abc com as the alias for www abc com enter www MX Record Host Name Enter the prefix of the mail server s domain name For example if the domain name is mail abc com enter mail Priority Enter the priority of the mail servers The higher the priority the lower the number Enter the IP address of the mail server Table 4 9 The Description of the Fields in Domain Setting 74 BR 6641 User Manual 4 8 Internal DNS Network Service Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 13 The Location of Service Internal DNS on the Menu Bar BR 6641 ha
18. I Overview After logging in you will be able to start configuring or monitoring BR 6641 through the Web based UI In order to help you to familiar with the basic operations the explanations are as follows The Web based UI tasks are grouped into four categories The categories are located at the upper left hand corner of Web based UI task bar These categories cover all the configuration possibilities in BR 6641 The four categories are B System B Network B Service B log In the later chapters we will introduce the functions of these four categories On the first stage you can login as Administrator in the Web based UI and modify the Administrator or Monitor password by performing the following 1 Click System and select Administration on task bar 2 enter your new Administrator password or Monitor password after the system confirmation using the new password next time you log in What shall we do if we forget the new password If you forget your administrator password use a Terminal VT 100 compatible to establish the connection between PC RS 232 series port and BR 6641 Console interface execute system reset to default Before you log into serial console please complete following setting Bits per BR 6641 User Manual second 9600 Data bits 8 Parity None Stop bits 8 Flow control None The serial console and Web based UI use the same username and password pairs By default the password of Administr
19. Note This address should be in the subnet with LAN s Subnet Input the IP Address of DNS The Client will take this address as DNS Netmask Server when DHCP is enabled Input the Domain Name of DHCP DNS Input the IP Address of DNS Range Start Input the dynamic Range Start and Range End assinged for LAN Range End host e g 192 168 10 53 199 168 10 100 IP MAC the host in LAN require a stable IP Address input IP Address and Address IP MAC Address Table 3 7 DHCP Setting 44 BR 6641 User Manual 3 4 Host Names Network Service WAN Setting 4 LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 17 Network DHCP Setting This function is to define the the name for system specific IP and IP group These defined names will appear in sub menu of source and destination in Firewall Multihoming etc System Name Input the host name of the BR 6641 Input the domain of the BR 6641 DNS Input the IP Address of DNS BR 6641 will use it to resolve machine names to obtain IP addresses Table 3 8 System Name 45 BR 6641 User Manual Named IP Addresses Feld Deseription Name Input the name which is to be substitute for the IP address Address Specify the IP Address It can be IP Address IP Range Table 3 9 System Name 46 BR 6641 User Manual 3 5 Service Names
20. P UPnP Figure 4 3 The Location of Service Auto Routing on the Menu Bar Auto Routing Fed 0 Busy Select when the rule will be applied There are three options Idle available Busy hour idle hour and All time All time mean All Time the rule will be applied for all the 24 hours a day Please refer to Chapter 2 System gt Date amp Time gt Busyhour Setting for setting up the definition of busy or idle hours 57 Source Destination Service Any address LAN Local host IP Address IP Range Subnet lt Named addresses gt lt IP Grouping gt Any address WAN Local host IP Address IP Range Subnet lt Named addresses gt lt IP Grouping gt FTP 21 SSH 22 TELNET 23 SMTP 25 POP3 110 H323 1720 Protocol Number ICMP TCP BR 6641 User Manual Packets sent from the specified source will be matched Any Address Match all packets regardless of its source LAN Match all packets that come from the LAN Localhost Match all packets that come from BR 6641 Localhost IP Address Match packets from a single IP address e g 192 168 1 4 IP Range Match packets from a continuous range of IP addresses e g 192 168 1 10 192 168 1 20 Subnet Match packets that come from a subnet e g 192 168 1 0 255 255 255 0 Named IP addresses If you predefined IP groups in Chapter 3 System Named IP Grouping their group name will be shown in the
21. Public IP Subnet in DMZ Subnet IP Subnet Mask Figure 3 9 Advanced Model Basic Setting 37 BR 6641 User Manual vawe Down Stream The down stream inbound bandwidth of the WAN link for example 25600 Kbps Up Stream The up stream outbound bandwidth of the WAN link for example 25600 Kbps Port Speed Auto The speed and duplex of WAN Port You can 10Mbps Half duplex Set it manually or system can get it 10Mbps Full duplex 9utematically 100Mbps Half duplex 100Mbps Full duplex Health Never This function is used to configure the WAN Detection Always link health detection mechanism for the specific WAN link Please refer to Chapter Sny uer WANT Link Health Detection packet is received Subnet in WAN Address IP Address Input the private IP address of BR 6641 IP Range connected with the router There are two options available IP Address IP Range Gateway Input the predefined Gateway e g 192 168 99 1 Subnet Mask Input the Subnet Mask Public IP Subnet in DMZ aP Input the public IP of BR 6641 in DMZ Subnet Mask Input the Subnet Mask Table 3 6 The description of the fields in Advanced Mode 38 BR 6641 User Manual 3 2 LAN Setting Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 10 Network LAN Setting
22. Routing Mode If the WAN type is Bridge Mode One Static IP your WAN IP in this field should be the public IP assigned from your ISP Or if your WAN type is none of the above then choose dynamic IP at WAN The services which are predefined in Service Name will be matched For example 21 The packets whose predefined TCP number in Service Name is 21 are to be match Protocol Number Define the Protocol Number then the packets with the Protocol Number are to be defined ICMP Define the Type value then the packets whose ICMP take this Type value will be defined TCP UDP The TCP UDP service type to be matched You can select the matching criteria from the publicly known service types e g you can choose the port number in TCP UDP packet To specify a range of port numbers type starting port number plus hyphen and ending port number e g TCP 123 234 Group The packets from the group which are predefined in Service Grouping Any All packets are to be matched Server Server The original IP address of your virtual server It can be a private IP in the LAN or a public IP in DMZ Port Number Input the Port Number of Server IP Enable Disable Enable the logging will be enabled Whenever the rule is matched the system will write the event to the log file Disable No log will be generated Table 4 3 The Description of the Fields on Virtual Ser
23. ____ Expand inbound Bandwidth Settings LL Expand Outbound Bandwidth Setings 3 Normal ____ wpandinboundBandwim settings 2 BmpOuboundBandwenSenngs 4 Normal 2 1 11111 amp wpandinboundgandwidn Settings 2 Epand Outbound Bandwidth Settings 5 5 Normal xmPandinboungBandeemSenngs LL LLEmamdOuboundBandwihSetings Filters 3 Source Destination Service Class ay 21 al Figure 4 6 The Screenshot of Classes Classes Description The name for this bandwidth class We recommend you using a self explanatory name so that you can understand it easily when it is used later in the filter table For example you can name your bandwidth class HTTP to manage the bandwidth of HTTP service Priority Normal The priority of the connections on the WAN link It can be High High Normal or Low The connections with higher priority o9 are allocated with available bandwidth first The WAN link which you want your bandwidth limit to apply Busy Hour Settings Guarantee The guaranteed bandwidth for this class Note Set Busy Hour 9 Kops This makes sure the connections through the WAN link will in System Date at least be allocated with the specified bandwidth It is Time particularly useful when you want to ensure the quality of a certain type of service e g VoIP Max Kbps This defines the maximum bandwidth allowed for the
24. ach WAN link The statistics of traffic classes in the table is adjusted accordingly by your selection of traffic type either inbound or outbound traffic Value Descriptions Traffic Inbound The direction of traffic flow either inbound traffic Outbound or outbound traffic Traffic Class The names of the traffic classes defined on the QoS page The rest of unclassified information is labelled as Default Class WAN Link The total number of WAN links you want to inspect Table 3 2 The Description of the fields on the Statistics Traffic Page 16 BR 6641 User Manual 2 3 Diagnostic Tools Service Traffic Statistics Date amp Time Administration Figure 3 3 The Location of System Diagnostic Tools on the Menu Bar ARP Enforcement ARP Enforcement updates ARP tables of servers and network devices around BR 6641 When the Enforce button is pushed BR 6641 sends out ARP packets to the surrounding servers or network devices to update their ARP tables This is necessary only if certain equipments in DMZ cannot connect to the Internet properly after initial setup IP Conflict Test IP Conflict Test helps you to detect if the location of any machines on the network conflicts with the DMZ WAN settings of Network Setting category on BR 6641 17 BR 6641 User Manual Push Test button to begin the test The result of the test is one of the following Ever
25. ally or system got it 10Mbps Full duplex automatically 100Mbps Half duplex 3l BR 6641 User Manual Health Never This function is used to configure the WAN Detection Always link health detection mechanism for the specific WAN link Please refer to Chapter Only when 3 2 1 WAN Link Health Detection packet is Clone MAC Normally DHCP will assign IP dynamically Static IP however can be assigned to the WAN link via the DHCP server with MAC address binding You can enable the Mac Cloning option to force the DHCP server to assign the static IP according to the BR 6641 s MAC address Table 3 3 DHCP Mode 32 BR 6641 User Manual 3 1 3 PPPoE Mode PPPoE is a very popular bridging mode protocol for ADSL You need to specify the ADSL account information to obtain IPs from the ISP PPPoE server Basic Setting Enable Mode PPPOE Downstream Bandwidth 22220 Upstream Bandwidth 2490 Speed Duplex Port Status Broken MAC Address 00 11 3 03 84 56 m Health Always Detection Host Protocol Destination IP aamu re Eo t BR User Name Password Automatically Obtain IP E Address Address Figure 3 7 PPPoE Mode Basic Setting Field Value Description Down Stream The down stream inbound bandwidth of the WAN link for example 25600 Kbps Up Stream The up stream outbound bandwidth of the WAN link for example 25600 Kbps
26. anual Write note for the current rule Table 5 1 Operating Rules When you add a new rule the newly added rule will be placed right below the current rule Moving the rule up or down will swap positions between the upper and lower rules Checkbox is quite common that you see the following checkboxes in some tables These checkboxes indicate whether certain functions are enabled or not Ared check sign inside a checkbox stands for enabled and an empty checkbox means disabled For example you can enable logging for a rule by checking its checkbox in the rule table The function is disabled La The function is enabled Table 5 2 Check Box So far we have only mentioned the basic operations of the Web based Ul In the next section we will talk more on how to integrate BR 6641 into your present network environment 12 BR 6641 User Manual Chapter 2 System In this chapter you will learn how to configure system settings System settings are the fundamental configurations of the BR 6641 system They have to be specific in order for the system to work properly Examples are provided here to help you to fulfill the configuration System Network Service Traffic Statistics Diagnostic Tools Date amp Time Administration Figure 3 1 The Location of System Summary on the Menu Bar 13 BR 6641 User Manual 2 1 Summary Summary is i
27. atched including LAN IP Address IP Range IP Subnet and specified IP Group Inbound Kbps Maximum bandwidth assigned to inbound traffic per IP Outbound Kbps Maximum bandwidth assigned to outbound traffic per IP Table 4 7 The Description of the fields in the Per IP Max Rate Control Table 69 BR 6641 User Manual 4 7 Multihoming Network Service Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 11 The Location of Service Multihoming on the Menu Bar 6641 5 auto routing service is a trunking technology that provides load balancing and fault tolerance for all outbound requests But it does not apply to inbound requests Based on a unique technology called SwiftDNS BR 6641 offers a Multihoming service for load balancing and fault tolerance for inbound requests The minimum requirement for Multihoming is that you must have multiple WAN links and registered domain names for your publicly accessible servers Whenever BR 6641 receives a DNS query it answers the DNS query with a public IP address assigned to one of the WAN links according to the settings of your answering policies Therefore subsequent requests to your server will be sent the public IP of the WAN link based on BR 6641 s previous response You can configure your answering policies with a weight for each WAN link so that the public IPs re
28. ator is 1234 and the password of Monitor is 5678 If the password is changed via the Web based UI it will also be changed in the serial console In case you lose your password you can use the username reset and password BR 6641_edimax to log into serial console and reset the system to default Open the IE browser to access the Web based UI Note Please remember the changed password otherwise it is not possible to access the BR 6641 management interface BR 6641 User Manual 1 4 How to use BR 6641 Web based UI This section describes the operations and arrangement of Web Based UI figure 1 2 displays the operating menu of BR 6641 Web based UI system gt NETWORKING PEOPLE TOGETHER System Network Service Log Administrator 192 168 0 23 Logout System Summary BR 6641 Web Based UI Operating Menu Items 1 4 4 BR 6641 Operating Menu The task bar of operating menu contains five categories which are System Service Network Log each category has these own menu System Summary in figure 1 2 indicates the current working menu while Administrator 192 168 2 1 indicates login account is Administrator at system name of 192 168 2 1 Select the Logout from up right corner to exit the system Apply Reload Help Hide Help buttons are always displayed on the operating menu the functions are as described below Button Function After modifying the parameters of specific menu
29. ch packets from a continuous range of IP addresses e g 192 168 1 10 192 168 1 20 Subnet Match packets that come from a subnet e g 192 168 1 0 255 255 255 0 IP Grouping If you predefined IP groups in Chapter 3 System IP Grouping their Group Name will be shown in the list Named IP addresses If you predefined IP groups in Chapter 3 System Named IP Grouping their group name will be shown in the list Connections to the specified destination will be matched This field is the same as the Source field except it matches packets with specified destination In addition the predefined IP groups will be shown in 64 Classes IP Range Subnet lt Named addresses gt lt IP Grouping gt FTP 21 SSH 22 TELNET 23 SMTP 25 POP3 110 H323 1720 Protocol Number ICMP TCP UDP lt Service Grouping Name gt Any BR 6641 User Manual the list as well Please See System IP Grouping for setting up your own IP groups The services which are predefined in Service Name will be matched For example 21 The packets whose predefined TCP port number in Service Name is 21 are to be match Protocol Number Define the Protocol Number then the packets with the Protocol Number are to be defined ICMP Define the Type value then the packets whose ICMP take this Type value will be defined TCP UDP The TCP UDP service type to be matched You can selec
30. e time interval used for system to write the event to the log file Source lt IP Address Connections established from the specified source will be matched including Any Address LAN WAN IP Address IP Range Subnet and IP Group The maximum number of the connections allowed Log Enable If the check box is ticked whenever the rule is Disable matched the system will write the event to the log file Table 4 6 The Description of the fields in the Per IP Max Connection Table 67 BR 6641 User Manual 4 6 Per IP Max Rate Control Service Firewall Auto Routing Virtual Server QoS Per IP Max Connection Per IP Max Rate Control Multihoming Internal DNS SNMP UPnP Figure 4 9 The Location of Service Per IP Max Rate Control on the Menu Bar This function is used to set the maximum bandwidth assigned to inbound and outbound traffic per IP in order to prevent network congestion from non business application bandwidth consumption Rules Bandwidth Limit Inbound Kbps Outbound Kbps E 192 168 0 88 100 889 10 9 18 77 10 9 18 90 v 1234 789605 i LAN 9 E Group 999999 0 Figure 4 10 The screenshot of Per Rate Control 68 BR 6641 User Manual lt IP Address The IP where the packets come from will be m
31. f them This function allows you to assign a name to a group of IP addresses Later on when you are asked to specify one or more IP addresses you can use the name of an IP group instead The name of this IP group will automatically show up in the IP address selection list if the IP group is enabled Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 19 The Location of System IP Grouping on the Menu Bar 49 BR 6641 User Manual IP Grouping Feld Description Group Name Input the name of the group then it will appear in the service menu and the relevant options Note You can set at most 5 groups Table 3 11 IP Grouping Rules Setting Fed vawe Deseripion IP address IP Input IP address One single IP address or address an IP address range in the format of XXX XXX XXX XXX yyy yyy yyy yyy Or a subnet in the format of XXX XXX XXX XXXl yyy yyy yyy yyy belong to Select the in group which the IP Address not belong to belongs to Table 3 12 Rules Setting Note The difference between the setting of and the setting of Named IP Addresses is that the format in Named IP Addresses can only be a range of IP Address while IP Group provide several types of format BR 6641 give more priority to the group in Named IP Addresses It is recommended to use gr
32. g FTP or you can choose the port number in TCP UDP packet To specify a range of port numbers type starting port number plus hyphen and ending port number e g TCP 123 234 55 Action lt Service Grouping Name gt Enable Disable BR 6641 User Manual Group The packets from the group which are predefined in Service Grouping Any All packets are to be matched Note The default value by BR 6641 is to neglect all the packets Accept The firewall will let the matched packets pass through Deny The firewall will drop all the matched packets Enable The logging will be enabled Whenever the rule is matched the system will write the event to the log file Disable No log will be generated Table 4 1 The Description of the Fields on Firewall Page 56 BR 6641 User Manual 4 2 Auto Routing Auto Routing service allows administrators to specify how traffic is routed to WAN links If you have only one WAN link default configuration is ok If you have multiple WAN links you may like to setup your routing rules in many situations For example an administrator can reserve a WAN link to a group of private IP addresses or an administrator can force an application to take a particular WAN link depending on the traffic loads in each WAN links System Network Service Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNM
33. he submenu of System which helps the Administrator to know the system information While logging in the Web UI System Summary is the first page you see when you log into BR 6641 s web based UI Summary provide the following information System Network Service Log Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 2 The Location of Service Firewall on the Menu Bar You can add as many rules as you like in the list For each rule you can enable or disable it individually The rules are matched from top to down that is the rules listed at the top of the list are given higher precedence Fed Vie Busy There are three options available Busy hour idle hour and Idle All times Please refer to Chapter 2 System Date Time All Time for setting up the definition of busy or idle hours 54 Source Destination Service Any address LAN WAN Localhost IP Address IP Range Subnet lt Named addresses gt lt IP Grouping gt Any address LAN WAN Localhost IP Address IP Range Subnet lt Named addresses gt lt IP Grouping gt FTP 21 SSH 22 TELNET 23 SMTP 25 HTTP 80 POP3 110 H323 1720 Protocol Number ICMP TCP UDP Any BR 6641 User Manual Packets sent from the specified source will be matched Any Address Match all packets regardle
34. ic UPnP Universal Plug and Play equipment in the network and automatically respond to its predefined IP Address Field Value Description Enable UPnP Enable Enable or disable the function Disable IP lt IP Address gt Input the WAN IP preserved for public UPnP including dynamic IP address and open IP address 1 2 Input the weight the bigger number will be given the higher priority Table 4 13 The Description of the Fields in UPnP 78 BR 6641 User Manual Chapter 5 Log In this Chapter you can control BR 6641 s logging activities with repect to various functionalities such as the System Firewall Routing etc Administrator can also either set up the log transmission methods to another server for purpose of archiving and further analyses or control the event notifications settings via emails Notification Figure 5 1 Location of Log and its Function on the Menu Bar 79 BR 6641 User Manual 5 1 View In the View Sub menu BR 6641 provides two types of comprehensive log records see the table below Administrator can pick the desired log type and the corresponding events for that type will be shown in the windows below Press the refresh button to get a copy of the latest log For log data pushing and archiving see the control sub menu in next section An FTP Server or Email Server or Syslog Server should be provided
35. iguration File Restore select Browse to pick the saved config file and select Upload Notice DO NOT to turn off the power during the config file upload process or repetitively select the Upload button Restart BR 6641 to effect the configuration Maintenance Push Factory Default button to reset BR 6641 configuration to its factory default You can do the same operation using resetconfig command in console Push reboot button to reboot BR 6641 24 BR 6641 User Manual Chapter3 Network Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 1 The Location of Network on the Menu Bar 25 BR 6641 User Manual 3 1 WAN Setting Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 2 System Network Setting WAN Setting is quite important part for BR 6641 The relavent parameter is defined here The configuration is done one WAN link at a time However you can apply all the changes at once at the end You can select a WAN link by selecting the link number in a WAN Link drop down box For each WAN link you will fill out a few tables with correct information from its ISP The first thing you have to decide is the WAN type The rest of the
36. l SMTP Server IP or Domain Name SMTP server for the logs Account SMTP Account Authenticated account for mail server Account s Password Authenticated password for mail server e Mail address sender of the Email e Mail address Receiver of the Email Auto Push Push this button to start log pushing automaticaly Scheduled Push ee ee Turn on scheduled push Initial Time lt Year Month Day Hour Minute Second gt Start time for the scheduled push lt Day Hour Minute gt Scheduled push duration Table 5 3 Method E mail 82 BR 6641 User Manual FTP Field Value Description Server lt IP gt Domain Name FTP Servers domain name Account lt FTP lt FTP Account gt FTP user account 5 Password gt FTP user password Pah POTE FTP server path Auto Push Push this button to start log pushing automatically Scheduled Push Tum scheduled push Initial Time lt Year Month Day Hour Minute Second gt Start time for the scheduled push Period lt Day Hour Minute gt Scheduled push duration Table 5 4 Method FTP B Syslog Fed Syslog Server lt IP gt or lt Domain Name gt Syslog Servers IP domain name Table 5 5 Method Syslog 83 BR 6641 User Manual 5 3 Notification In this sub menu you can set up how email notifications are sent out for important system events The setup is similar to previous
37. ld configure your domain settings including your multihoming domain names can be more than one the DNS servers for querying your domain names and the answering policy to apply a given prefix of the domain name Domain Settings Domain Settings t tj 4 5 Domain Name O Heos TTL Responsible Mail Primary Name Server IP Address WS Record Name Server IP Address HE Er H A Record Host Name Policy Type Parameter Som py weit Heee IP Weight 72 BR 6641 User Manual WAN 1 Mot Used WAN 2 Not Used WAN ot Used WAN Not Used By Weight Weight 1 Used WAN 2 Not Used WAN Used WAM 4 Not Used T Record Alias Target MX Record Host Name Priority Mail Server HOW Bu Figure 4 12 Domain Setting Domain Setting Domain Name Enter the domain names for Multihoming enter additional domain names press TT Assign DNS query response time Responsible Mail Enter the domain administrator s email Primary Name Server Enter the primary server name Source IP The query IP address can be an IP address IP range subnet or any address NS Record Name Server Enter the prefix of the server name For example if a server s FQDN is nsl abc com please enter nsl IP Address Enter the IP address corresponding to the name server A Record
38. mple 25600 Kbps The up stream outbound bandwidth of the Up Stream WAN link for example 25600 Kbps 35 BR 6641 User Manual Port Speed Auto The speed and duplex of WAN Port You can 10Mbps Half duplex set it manually or system got it 1OMbps Full duplex 2Utomatically 100Mbps Half duplex 100Mbps Full duplex Health Never This function is used to configure the WAN Detection Always link health detection mechanism for the Only when o specific WAN link Please refer to Chapter 3 2 1 WAN Link Health Detection packet 15 received Connection ID eee Input the ID for Connection through VPN Input the PPTP Sever IP Address for VPN 1 MyIP IP XxXxX X X X Input the IP Address of the local machine the IP Address of the local machine My subnet Input the Subnet Mask of the local machine mask Table 3 5 PPTP Mode 36 BR 6641 User Manual 3 1 5 Advanced Mode Advanced mode 15 used where BR 6641 is connected with a router via its private IP and its actual public IP deployed in DMZ WAN WAM 1 he Basic Setting Enable Mode Downstream AE saad width Speed Duplex Port Status Broken MAC Address 00 11 3 03 84 6 Wan Link Health Only When No Packet Is Received When Mo Packet Is Received Detection Host Protocol Destination IP of gg Het cme Subnet in WAN IP Range Add ress Gateway Subnet Mask
39. n the submenu of System which helps the Administrator to know the system information While logging the Web UI System Summary is the first page you see when you log into BR 6641 s web based UI Summary provide the following information System Information System Information The Firmware Version Serial Number The Serial number Up Time Time since the last reboot Connections Number of total connections CPU Usage 90 CPU usage in percentage Packets Second Number of packets served second Table 3 1 System Information Note Connections may jump up to over 100 when BR 6641 is starting up This is due to many ICMP packets sent out by BR 6641 to test the network It will drop back to normal there after BR 6641 User Manual WAN Link State The section on WAN Link State shows the current status of each and every WAN link Each WAN link is represented as a color coded block with the following color coding scheme to indicate its status The allowed number of WAN Link is also shown here Green Active WAN link e Red Broken WAN link e Black WAN link not in use 15 BR 6641 User Manual 2 2 Traffic Statistics Summary Diagnostic Tools Date amp Time Administration Figure 3 2 The Location of System Traffic Statistics on the Menu Bar In the traffic statistics page you can inspect real time traffic information sorted by traffic class over e
40. ncluding software code subject to the GNU General Public License GPL or GNU Lesser General Public License LGPL Please see the GNU www gnu org and L L www gnu org Web sites to view the terms of each license The GPL Code and LGPL Code used in Edimax products are distributed without any warranty and are subject to the copyrights of their authors For details see the GPL Code and LGPL Code licenses You can download the firmware files at http www edimax com under Download page BR 6641 User Manual Chapter Quick Start At the first time using the product of BR 6641 you may confronted with complicated settings which prevents you from starting well This chapter will explain the basic functionalities of BR 6641 and how to operate and configure the system lt will also cover related subjects in network structures and hardware installation which will help you during your setup of BR 6641 1 1 Preparation Before you get started there are few things you need to know The position of the BR 6641 LAN Port It has five network interfaces the last port is LAN Port which is marked on the machine B The default IP address for LAN interface is 192 168 2 1 B Your IP addresses for computers the LAN should be changed to 192 168 2 2 or 192 168 2 x in order to avoid conflicts with the default LAN port B Connect your computers in the LAN to the BR 6641 with a cross over cable which is a standard attachment B
41. oot halitu 37 925 MAN GOUN anen er tz 39 DACP Se UN o in dioe ee cee acne eee ee 42 2A SHOSEINSITIOS 45 5 SEVICE NIME Sa 47 9 5 TOUPIN a D EQ i 49 Sel Servie 51 Chapter 4 Servi Ercsi 53 AV Firewall 54 42 HAUG CE 57 37 Mual SerVel iia 60 BR 6641 User Manual 2 EGO M 62 45 2 nn 66 46 PeriPMaxtisale 68 ULUSM 70 48 Interal tem IM MUT 75 SNMP HR 77 NOP ee 78 Chapters uoo 79 OMM III Tr 80 2 GIO ERR UU E 81 5 9 NOCION aetas ERN EM IDEE ILLA LIE 84 BR 6641 User Manual NETWORKING PEOPLE TOGETHER Copyright by Edimax Technology Co LTD all rights reserved No part of this publication may be reproduced transmitted transcribed stored in a retrieval system or translated into any language or computer language
42. oups defined in Host Name 50 BR 6641 User Manual 3 Service Grouping This function allows you to assign a name to a group of TCP ports UDP ports and or ICMP Later on when you are asked to specify a port you can use the name of the service group instead The name of a service group will automatically show up in the port selection list if the service group is enabled Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 20 The Location of System Service Grouping on the Menu Bar Service Grouping Fed Description Group Name name Input the group name e g MSN File Transfer then it will appear in the service menu and relevant options Note You can set at most 5 groups Service ICMP Define the assigned TCP UDP and TCP ICMP as a group for the usage in the 51 BR 6641 User Manual UDP service menu The format is port xxx for single Port and port xxx yyy for a range of port e g 6891 6900 Group belong to Define if the the Port IPAddress not belong to former Field belongs to the group Table 3 13 Service Grouping For example you can set up a service group called MSN File Transfer Its ports are TCP 6891 to 6900 You need to fill TCP 6891 6900 into Service field 52 BR 6641 User Manual Chapter 4 Service After having set up your netwo
43. rk environment in the previous chapter we will now look into the services provided by BR 6641 These services can help you manage your network more efficiently and effectively In figure 4 1 you can see a list of functions BR 6641 is capable of These services play an important role in daily network administration For example Firewall protects your network from hacker attacks It also improves your network security by filtering out unwanted service types Routing policies can maximize the utilization of your network resources and assign routing paths accordingly based on the status of the network QoS is another feature that you can set up to manage the traffic limit for a given TCP UDP service e g HTTP FTP This feature helps you allocate available bandwidth for each type of service and maximize the efficiency of your network Multihoming provides a safeguard against failures in WAN links Requests to the internal servers e g WWW server will be dispatched evenly on every live WAN link If one of them fails the internal servers can still be reached via other live links System Network Service Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 1 The Location of System Summary on the Menu Bar 53 BR 6641 User Manual 41 Firewall Summary is in t
44. rom the Internet You can select a time server from the list or add your preferred time server to the list With NTP BR 6641 automatically adjusts its time when necessary On the other hand you can push the Synchronize Time button to adjust time immediately 20 BR 6641 User Manual 2 4 2 Busyhour Setting Busyhour Setting is very important from a MIS manager s point of view It provides a tool for you to define two time segments busy hour and idle hour All other rule based services such as bandwidth management and auto routing can take advantage of this function For example you can define 9 00 am to 5 00 pm Monday through Friday to be busy hour Then you can reserve bandwidth to business related network traffic during busy hour and relax the rule on idle hour Value Description Default NE 5 Idle Define default type to be either Idle or Busy Busy hour Rule You set the time segment rules in this table They are matched in sequence on a first match basis If none of the rules match the default type is used Weekday Sunday Day of the week Monday Tuesday Wednesday Thursday Friday Saturday Any Day lt Hour Minute gt The start time ae o lt Hour Minute gt The end time Type Busy If the current time matches the day of Idle the week and in between From and To time then Type field applies Table 3 3 Busyhour Setting 21 BR 6641 User Manual 2 5 Administration Hm Summary Traffic Sta
45. rvers are invisible to the external environment If you wish to make these services provided on the servers accessible to outsiders you must tell BR 6641 to redirect these external requests to the right servers in the LAN or DMZ Whenever an external request arrives at BR 6641 BR 6641 will look up the Virtual Server table and redirect the packet right to the corresponding server in the LAN or DMZ You can use this function to respond to the outside request with the server in the LAN or DMZ when you don t want the private IP address to be public p M 9D Firewall Auto Routing Virtual Server QoS Multihoming Internal DNS SNMP UPnP Figure 4 4 The Location of Service Virtual Server on the Menu Bar 60 Virtual Server BR 6641 User Manual Fed Description WAN IP Service Busy Idle All Time WAN IP FTP 21 SSH 22 TELNET 23 H323 1720 Protocol Number ICMP TCP UDP lt Service Grouping Name gt Any There are three options available Busy hour idle hour and All times Please refer to Chapter 2 System Date Time for setting up the definition of busy or idle hours To the users from the Internet your virtual server is visible as a public IP on the WAN port This WAN IP is the visible IP for your virtual server in the external environment Internet You must specify a public IP if your WAN type is
46. s a built in DNS server function which can be activated by completing the fields in this page Global Settings Enable InternalDNS Turn on off internal DNS server PTR Record TTL Set DNS query response time IP Address Enter the reverse lookup IP address Host Name Enter the corresponding FQDN to the reverse IP Table 4 10 The Description of the Fields in Global Setting 75 BR 6641 User Manual Domain Settings Fed Deseription Domain Name Enter the domain names for internal DNS enter domain names press Tm Assign DNS query response time Responsible Mail Enter the domain administrator s email Primary Name Server Enter the primary server name IP Address The query IP address can be an IP address IP range subnet or any address NS Record Name Server Enter the prefix of the server name For example if a server s FQDN is nsl abc com please enter nsl IP Address Enter the IP address A Record Host Name Enter the prefix of the primary workstation s name ug S a if the name is www abc com enter www IP IP Address sid Input the Address of Localhost i the IP Address of Localhost Cname Record Alias Enter the alias of the domain name For example if you wish to use www1 abc com as the alias of www abc com domain name enter www1 in this field Target Enter the real domain name For example if you wish to use www1 abc com as the alias for www abc com
47. settings will change based on the WAN type you have selected BR 6641 supports the following WAN types 26 BR 6641 User Manual After connecting the WAN Link to the machine WAN No need to be defined in Basic Setting WAN is to be different for different type of WAN BR 6641 provide the following choices B Standard B DHCP PPPoE B PPTP H Advanced Basic Setting Enable Standard Downstream Bandwidth DHCP PPPOE Upstream PPTP Bandwidth Advanced Figure 3 3 WAN Setting Basic Setting 27 BR 6641 User Manual 3 1 1 Standard Mode Basic Setting Basic Setting Enable Made Standard v Downstream Bandwidth 0799 Upstream Bandwidth ANE Speed Duplex Port Status Broken Address 00 11 3 03 64 6 WEAR aways Health Always Detection Host Port Number of IE Protocol Destination IP Hops Hef 9 re 192 168 1 1 Address Gateway 192 168 1 2 54 Subnet Mask 255 255 255 0 IP Range IP 5 DMZ Figure 3 4 Standard Mode Basic Setting When you select Standard Mode as the WAN Type you need to fill the parameters as in the Basic Setting table BR 6641 User Manual Basic Setting vawe Down Stream The down stream inbound bandwidth of the WAN link for example 25600 Kbps Up Stream The up stream outbound bandwidth of the WAN link for example 25600 Kbps Port
48. ss of its source LAN Match all packets that come from the LAN WAN Match all packets that come from the WAN Localhost Match all packets that come from BR 6641 Localhost IP Address Match packets from a single IP address e g 192 168 1 4 IP Range Match packets from a continuous range of IP addresses e g 192 168 1 10 192 168 1 20 Subnet Match packets that come from a subnet e g 192 168 1 0 255 255 255 0 Named IP addresses If you predefined IP groups in Chapter 3 System Named IP Grouping their group names will be shown in the list IP Grouping If you predefined IP groups in Chapter 3 System IP Grouping their Group Name will be shown in the list Packets sent to specified destination will be matched This field is the same as the Source field except it matches packets with specified destination Likewise All IP groups setup in System gt IP Grouping will be shown here The services which are predefined in Service Name will be matched For example FTP 21 The packets whose predefined TCP port number in Service Name is 21 are to be match Protocol Number Define the Protocol Number then the packets with the Protocol Numbers are to be defined ICMP Define the Type value then the packets whose ICMP take this Type value will be defined TCP UDP The TCP UDP service type to be matched You can select the matching criteria from the publicly known service types e
49. t and password Confirm Enter the new password here again Set Password Click the button to enable the new password Monitor Password Here you can add delete or modify Monitor s account and password Set Password Click the button to enable the new password Firmware Update Push the Update button and follow the following instruction to start the firmware update process Obtain the latest firmware pack from your SI or VAR 23 BR 6641 User Manual Log on to Web UI as the Administrator and go to function System Administration Use Browse to select the path to the new firmware image then select Upload The firmware update will take a while so be patient During the update process BE SURE not to turn off the system or pull the power plug You should also NOT click on Upload button Note Update will succeed when the Update succeeded message appears At this time please power off and then on again the system to restart BR 6641 with the new firmware Configuration File Push Save button to save current configuration into a file Push Restore button to restore the configuration back from a saved configuration file See Appendix 2 for more information Log into BR 6641 as Administrator the Web Ul go to System Administration and select Configuration File Save to backup the Config File to your local machine notebook To restore to the previously saved config file go to Conf
50. t from LAN which is not connected to the BR 6641 directly 40 BR 6641 User Manual Note DMZ is virtual area which is in the port with LAN DMZ support the public IP Address The public IP support only one IP range which do not support multi IP range Routing Example AscenLink 192 168 34 50 192 168 34 50 Figure 3 13 LAN Private Subnet Static Routing Subnet Static Routing Subnet Subnet Subnet Mask Gateway Figure 3 14 LAN Private Subnet Static Routing Subnet Setting 41 BR 6641 User Manual 3 3 DHCP Setting Network Service WAN Setting LAN Setting DHCP Setting Host Names Service Names IP Grouping Service Grouping Figure 3 15 Network DHCP Setting Click on Enable DHCP to enable this function BR 6641 is a client using DHCP to acquire a dynamic IP address from an ISP s DHCP server The following is an example of how you set it up 42 DHCP Setting Lease Time Default Gateway Subnet Mask Domain Name Dynamic Range Start IP MAC MAPPING Address Figure 3 16 BR 6641 User Manual S6000 192 158 0 1 DNS Server Dynamic Range End MAC Address DHCP Setting 43 BR 6641 User Manual Fed Description Input the Lease Time by hour Default Input the Default Gateway The Client will take this address as Gateway Gateway when DHCP is enabled
51. t the matching criteria from the publicly known service types e g FTP or you can choose the port number in TCP UDP packet To specify a range of port numbers type starting port number plus hyphen and ending port number e g TCP 123 234 Group The packets from the group which are predefined in Service Grouping Any All packets are to be matched The bandwidth class to be imposed These classes are defined in the bandwidth class table we mentioned earlier Table 4 5 The Description of the Fields in the Inbound BM Filter Table 65 BR 6641 User Manual 4 5 Per IP Max Connection Network Service Firewall Auto Routing Virtual Server QoS Per IP Max Connection Per IP Max Rate Control Multihoming Internal DNS SNMP UPnP Figure 4 7 The Location of Service Per IP Max Connection on the Menu Bar This function is used to protect network against malicious attacks caused by virus or hackers When the number of connections exceeds the preset value BR 6641 will block the rest of connections and write the event to a log file if the check box of Log is ticked Log Interval 30 seconds Rules Source Limit Log E 1000 gt Figure 4 8 The screenshot of Per Max Connection 66 BR 6641 User Manual Log Interval lt in seconds gt Th
52. tistics Diagnostic Tools Date amp Time Figure 3 5 The Location of System Administration on the Menu Bar In this page you can do a few administrative tasks First you can change the password of Administrator and Monitor accounts Every BR 6641 comes with the same passwords initially To avoid any security risks it is absolutely necessary to change passwords before putting your BR 6641 on line From time to time you might receive BR 6641 firmware updates from AscenVision or your system integrator Just push the Update button and follow the instructions on the screen to update You can save your current configurations to a file and restore it later We recommend that you save your working configuration before modifying the configuration In case of configuration error such as rules that block you from accessing BR 6641 anymore you can always reset the machine to factory default state using the console command and quickly restore to your original configuration 22 BR 6641 User Manual You can reset BR 6641 to its factory default state In doing this you will lose your entire customized configuration Finally you can reboot BR 6641 Due to web interface limitations There will not be any messages after you have rebooted the system Wait two minutes or so and try to re connect to BR 6641 using the browser Administrator Password Here you can add delete or modify administrator s accoun
53. to access the Web based UI 1 Connect your PC Ethernet LAN interface to LAN port of BR 6641 with a cross over cable The default management LAN port of BR 6641 is LAN port 2 After powering on BR 6641 the LED of LAN port will turn to orange This indicates that it is on line 3 Assign your PC Ethernet LAN interface with IP 192 168 2 2 subnet mask 255 255 255 0 4 Check that the proxy setting of your IE browser is turned off no proxy server is required in order to access BR 6641 s Web based UI Open MS IE 6 0 select Internet Option on the menu bar of Tools click the Connection tab and then click LAN settings to open Local Area Network Settings dialog box under Proxy server make sure proxy server is not selected 5 Inthe URL of IE 6 0 type in http 192 168 2 1 to access the Web based UI p BR 6641 provides two types of user accounts B Administrator Has privileges to monitor and modify system parameters B Monitor Has privileges to monitor only BR 6641 allows up to 1 administrator and 1 monitor to access concurrently Default password for Administrator and Monitor are 1234 and 5678 respectively Please have your password change the first time you log in BR 6641 User Manual Local Area Network Settings e es HOOK ESS Bypass proxy server for local addresses Cancel the Proxy Setting BR 6641 User Manual 1 3 BR 6641 Web based U
54. turned will be distributed evenly by weight If one of your WAN links fails BR 6641 will not return the public IP assigned to that failed link nevertheless your publicly accessible servers 70 BR 6641 User Manual are still reachable via other live WAN links In order to let your Multihoming function properly you must make sure that the requirements listed below are met Prerequisites for Multihoming Multiple WAN links at least two Registered domain names for your publicly accessible servers Your publicly accessible servers must be configured as virtual servers or have public IP addresses By default Multihoming is switched off To use this service check the check box to the right of Enable Multihoming on the top of the page There are three tables for configuring your Multihoming settings The first table lets you define the global parameters The second table is used to configure your domain name settings B Global Setting opecify the PTR data in this field including TTL IP Address and Host Name for reverse looking up the host name of corresponding IP Address 71 BR 6641 User Manual Global Setting _ We erin _ Set DNS query response time IP Address lt Address Enter the reverse lookup IP address lt Link Number gt Enter the corresponding FQDN to the reverse IP Table 4 8 The Description of the Fields in Multihoming Global Setting B Domain Setting In this table you shou
55. ver Page 61 BR 6641 User Manual 4 4 QoS BR 6641 provides QoS towards both inbound and outbound traffic It can ensure certain services which are allocated enough bandwidth to provide satisfactory quality Because of the burst nature of voice video data traffic sometimes the amount of traffic exceeds the speed of a link This function is to manage the bandwidth so as to fine tune your bandwidth utilization Bandwidth Management BM in BR 6641 is separated by the direction of traffic flow either inbound from WAN to LAN or outbound from LAN to WAN System Network Service Log Auto Routing Virtual Server Qos Multihoming Internal DNS SNMP UPnP Figure 4 5 The Location of Service QoS on the Menu Bar The setting of QoS includes two parts Classes and Filters Classes are to define the bandwidth classes that the rules are imposed on The defining of the class can be according to Priority Idle Busy Hour 62 BR 6641 User Manual You can configure your own bandwidth limit for each WAN link in Inbound Bandwidth Settings and Outbound Settings by collapse or expand them Administrator 10 9 8 201 Busy Hour Setting Idle Hour Setting Prec ty Link Gu Max Kbps Max Kbps 1 Normal 2 Epandinbound Bandwidth Settings 2 Epand Outbound Bandwidth Settings 2 2 Norma
56. ything is ok B BR 6641 discovers that a machine in DMZ conflicts with Network Setting on BR 6641 For example a public IP address should be in WAN but is used by a machine in DMZ An error message with the conflicting IP address and MAC address of the machine will be displayed BR 6641 discovers that a machine in WAN conflicts with Network Setting BR 6641 For example a public IP address should be in DMZ but is used by a machine in WAN An error message with the conflicting IP address and MAC address of the machine will be displayed Ping Ping is used to detect network condition by sending ICMP packets to a target device You may specify a target device in the Target IP field It accepts either an IP address or a host name Select a network interface WAN or LAN If it is WAN select WAN link number in Index field As to the error message about ICMP please refer to the concerned document Note If a domain name is used to ping a DNS server has to be specified in Network gt Host Names Trace Route Trace route is used to detect network condition by showing the routing path from BR 6641 to the target device You may specify a target device in the Target IP field It accepts either an IP address or a host name Select a network interface WAN or LAN If it is WAN select WAN link number in Index field For ICMP related error messages please 18 BR 6641 User Manual refer other materials You may specify a
Download Pdf Manuals
Related Search