Transcript PowerPoint 簡報 - Netronix Inc.

Q : How can I do troubleshooting by myself if I can not visit Internet
1. Check the status of connection.
There is feature in web name " Status monitor", it is use to show information of Internet and
Intranet. Please check those information when disconnected happened .
2. When you find the disconnected again, remove all connection on LAN side of gateway and
leave two test PC connect on LAN side. Fixed IP at those two PCs. Let these two PC ping each
other. If those two PC ping are successful, then mean gateway not hang.
3. The test environment as above. Let one PC ping gateway’s LAN IP address.
If ping LAN IP is successfully, that’s mean gateway not hang.
4. Replace the gateway.
Do you have the other gateway , maybe different brand?
When the situation ( connection disconnected ), replace this gateway to new one and keep
watching does the situation happened again?
IP Sharing Product
Q: A little problem with the router. when i open the port 1723 for VPN over PPTP.
The router let the packets not pass through.please check it. And is it possible to change
the incomming policy ?
A: Only the new version up to V1.8 support VPN pass through.
Setting example:
1) You can set Remote host IP to be (0.0.0.0) as a default session simultaneously with
others of specified dedicated pass-through session (eg.)
0.0.0.0
-> 192.168.0.10
200.200.200.200 -> 192.168.0.101
IP Sharing Product
3. What many packet filter rules that IG-624D can support?
Ans : a. Incoming/outgoing rules : 20
b. Virtual Server rules : 20
c. Port Mapping rules : 15
4. Does IG-624D support uPnP function?
Ans : No. it can not support uPnP function.
Because only a few ALG application software that can support uPnP
function.
5. Does IG-624D support VPN function?
Ans : Yes. It supports pass through VPN function for IPSec, PPTP &
L2TP.
IP Sharing Product
Q: What is NAT?
A: Network Address Translation
NAT is used to connect private networks to the Internet without
having to allocate each user on the their own Internet identity,
known as an IP address. It also may mean that to the Internet at
large, the private network is just one entity and Internet users
cannot differentiate between each PC on the network.
Q: How is Router work?
A: A router links the two networks and connects both networks
to the Internet.
Static Route configure example:
Purpose: Ping 192.168.3.100 from PC 2.
( PC2 settings : IP: 192.168.1.100; Subnet: 255.255.255.0; Default Gateway: 192.168.1.1 )
Static Route configuration:
Destination IP: 192.168.3.0
Subnet Mask: 255.255.255.0
Gateway: 192.168.1.2
Interface: LAN
Ethernet Switch
192.168.1.1 / 24
WAN
192.168.3.3 / 24
LAN PORT
192.168.1.2 / 24
LAN PORT
WAN
DUT1
DUT2
PC 2
192.168.1.100
PC 3
192.168.3.100
VPN & Firewall
Q: What is DMZ for ?
A: DMZ is a field where set all the private service to public. For
security concern, firewall products provide LAN Interface and DMZ
Internet for Intranet. The field of DMZ is for public user can share
resource with Intranet.
Q: What is transparent ‘s mean, what is transparent mode for?
A: Transparent, it is means turn off NAT. If you select transparent
mode, there won't be any NAT relate function work. Select
transparent mode, all the interface are at the same subnet. ex: WAN
IP is 202.79.110.1 , then group which behind LAN will be at same
subnet like 202.79.110.2~254, same in DMZ it might be
202.79.110.3~254
VPN & Firewall
Q: In our order VPN & Internet firewall gateway router.
The problem is that they are don't work correctly. The
ADSL PPPoE connection it connected but doesn't do
anything. It means it doesn't execute nor HTTP never
Ping commands.
A: It could be possible "policy" settings issue.
There is feature name call "policy", you can find on the
web page. You might be add a outgoing policy then you
can access form Intranet to Internet.
Otherwise, It deny all access if you're using by
manufacture settings.
VPN & Firewall
Q: Is it possible by removing my original Win2K VPN client directory
behind VPN router and just change Win2K VPN client’s IP to a local IP?
A: No, it can be work. Because the VPN router doesn't support VPN
pass-through, so you can't set VPN as client behind VPN router.
Q: Does VPN working with dynamic IP at both sides?
A: Yes, it can be work. You have to give domain name at both side of
VPN device.
For IPSec: fill in remote device’s domain name at the location
“Remote Gateway -- Fixed IP “ .
For PPTP: fill in remote device’s domain name at the location
“Server Address “.
FW-613 Bandwidth Controller
Q : Is it possible to control smallest Bandwidth lest than 32Kbps ?
A: Yes, that's no problem. As FW-613, you can control by stream setup from
0kbps~10Mbps (Maximum controllable bandwidth)
Q: Suppose I have a WAN connection with 32Kbps, I would like to allow
the first computer to have 18 Kbps and the second computer to have
14Kbps....is it possible to do that with your FW-613?
A: Yes, you can do this setting.
Q: how many computer I can connect to your FW-613?
ANS: Up to 40 clients.
Q: Is there any traffic limitation?
A: Maximum controllable bandwidth is 10Mbps.
Q: How much memory your FW-613 built in?
A: It is 32MBytes.
FW-613 Bandwidth Controller
Q: Do FW-613 support symmetric, asymmetric and inverse asymmetry
(down less than up stream? )
A: There are features of maximum bandwidth (Downstream & Upstream)
at web page of Interface. User can key-in values of bandwidth by themselves.
Q: FW-613 is able to block MSN, Yahoo, etc.?
A: Yes, FW-613 is able to block MSN , Yahoo by Policy.
Q: FW-613 is able to block on line Radio and TV?
A: Yes, FW-613 is able to block any kind of service, just only you need to know
the service port number.
Q: Minimum bandwidth configuration steps? FE 32 Kbps
A: Minimum bandwidth for settings is 0 kbps.
Multi – Homing Router
Q: Is it possible set IP 192.168.1.10 to use the WAN#1 connection only;
all internet access should only pass through WAN#1 .
A: Recently, loading balance has no support this kind of method.
Q: How does the load balancing really work?
A: Load – Balance:
By IP address.
By socket port number.
By session.
By round-robin.
By bandwidth utilized on WAN ports.
Multi – Homing Router
Q: Firewall: when we define the rules, is it sequential in its packet filtering
base on the rule?
A: Yes, it is.
Q: For NAT , what does it mean when you say one-to-many, many-to-many, many-toone ?
A: NAT method:
one-to-many: one WAN port IP address to multiple LAN IP address.
many-to-many: multiple WAN (public IP address) to multiple LAN IP address.
one-to-one: one WAN IP address to one LAN IP address.