Dec 25

1. Introduction

The objective of this document is to provide a guide describing how to configure the
devices to achieve the same environment as show at the network topology.
Users of this document are expected to already possess basic knowledge of D-Link
devices and TheGreenBow VPN program, and are familiar with how to perform basic
configurations. Only important configurations, such as those pertaining to interfacing and

integrating, will be described in this document.

2. Product used

TheGreenBow_VPN_Client 4.61.003 and DFL-800 are used in the FAQ. The same applies to all other DFL products with Netdefend OS.

3. Network Diagram


Note: Router is set to allow IPSec pass through.

4. Configurations

In this document, we will only describe the main configurations for this Scenario. The
configurations setting for all the D-Link products will not be described here and for more

detail about the product you can download their user guide.

4.1 TheGreenBow VPN client and DFL-800


In this scenario the user can connect back to the headquarter database by using
TheGreenBow VPN client tunneling to DFL-800.
All configurations are based on DFL-800 and TheGreenBow
VPN Client (F/W: 4.61.003)
The steps in this configuration are:
Setup DFL-800 for VPN tunneling
Setup Pre-shared Key
Phase 1 and Phase 2 algorithms setup
Setting up IPSec-Tunnel
Setup IP Rules
Setup TheGreenBow VPN client
Setup Phase 1

Setup Phase 2

4.1.1) Setup DFL-800 for VPN tunneling Setup Pre-Shared Key
1) Login to the DFL-800 and click Authenticate Objects and add

new Pre-shared Key and fill in the passphrase and name

A10089_image3 Phase 1 and Phase 2 algorithms setup
1) At the IKE Algorithms, select the Encryption and Integrity

algorithms for your phase 1 authenticate.


2) Next is the IPSec Algorithms, select the Encryption and

Integrity algorithms for the phase 2.

A10089_image5 Setting up IPSec-Tunnel
1) After we finish setting up the algorithms, next we will need to

create the IPSec-Tunnel as show below.


2) Next, click on the Authentication tab and select the PreShared Key you have setup at the steps 1.


3) After selecting the Pre-Shared Key, next is to enable the

Dynamically add route at the routing tab.


4) Last step is to make sure the DH Group at the IKE setting is the

same setting for the TheGreenBow Client.

A10089_image9 Setup IP Rules
Now is to setup the IP Rules so there the DFL-800 knows where
to direct all the traffic to.
1) First add a new interface group name IPSec-LAN by grouping

up IPSec-Tunnel and LAN.


2) Next, click IP Rules and add a new IP rule as show below.


4.1.2) Setup TheGreenBow VPN Client Phase 1
1) Right click on the Root to add a new Phase, next fill in the IP
address for this VPN client and Remote gateway IP follow by

Preshared Key and IKE setting.


Note: the Preshared Key and IKE must be the same setting set in the DFL-800 Setup Phase 2
1) Right click on the Phase1 to add a new Phase2, next fill in the
VPN Client address for this VPN client and Remote gateway IP

follow by ESP setting.


Note: the ESP Encryption and Authentication setting must be the same in the

DFL-800 IPSec-Tunnel.

5.1) Test Result
a. The VPN tunnel will be open at any negotiation

Tags: , ,

Dec 25

Multiple SSIDs are only supported in AP mode. One primary SSID and at most seven guest SSIDs (depending on model) can be configured to allow virtual segregation stations which share the same channel.Furthermore, you can enable the VLAN State to allow the Business Class AP to work with VLAN-supported switches or other devices. When the Primary SSID is set to Open System without encryption, the Guest SSIDs can only be set to no encryption, WEP, WPA-Personal or WPA2-Personal.

When the Primary SSIDs security is set to Open or Shared System WEP key, the Guest SSIDs can be set to use no encryption, use three other WEP keys, WPA-Personal, or WPA2-Personal.

When the Primary SSIDs security is set to WPA-Personal, WPA2-Personal, or WPA-Auto-Personal, slot 2 and slot 3 are used. The Guest SSIDs can be set to use no encryption, WEP, or WPA-Personal.

When the Primary SSIDs security is set to WPA-Enterprise, WPA2-Enterprise, or WPA-Auto-Enterprise, the Guest SSIDs can be set to use any security.

Business Class APs listed in this FAQ will support VLANs. VLANs can be created with a Name and VID. Mgmt (TCP stack), LAN, Primary / Multiple SSID and WDS Connection can be assigned to VLAN as they are physical ports. Any packet that enters the AP without a VLAN tag will have a VLAN tag inserted with a PVID.

Step 1: As most APs, the default static IP address is

Step 2: Setup the AP with an IP Address pertaining to your Management Subnet.

Step 3: Prepare your Primary SSID in the Basic Settings.

Step 4: In Advanced Settings go into Multi-SSID to enable and start adding more SSIDs.


Step 5: Use the Index selection to activate the next SSID and configure the settings. Only by clicking on the ADDbutton will the next SSID be added to the AP. Add as many as you want or the amount supported by the AP from the Index list.

Step 6: In Advanced Settings select VLAN and Enable with the radio button. In the VLAN List, click on the edit icon to enter the default VLAN settings.

Step 7: In this default VLAN, maintain the Management and the LAN port, Untagged . Modify which SSIDs will belong to the default VLAN, though in most cases its only the Primary SSID. Once again, click on the ADD button to make the changes.


Step 8: Click on the ADD/EDIT VLAN tab, to add each of the next VLAN ID, Name and associated SSID. TheLAN port has to be Tagged but the Management port set to Not A Member.


Step 9: Click on ADD for each addition. Confirm that all is assign correctly in the VLAN List.

Step 10: Click on the PVID Setting tab. Preferably set to Auto Assign if single VLANs are assign to each SSID. Click on Apply to finalize.


Tags: , ,

Dec 23

Please read before upgrading your firmware:

  • Upgrading firmware (in most cases) will reset all the settings to default which means you will lose all your settings (including your password).
  • Unless specified, you do not have to upgrade incrementally. You can upgrade directly to the newest version.
  • Unless the new version of firmware is only a minor upgrade, you cannot use the backup settings feature to save and apply setting to the newer firmware.
  • Do NOT upgrade firmware from a computer with a wireless connection. Use a computer that you can connect to the router using a Ethernet cable. You may damage the router due to the increased chances of packet loss in a wireless connection environment.
  • Turn off or pause all anti-virus and firewall programs on your PC



Step 1.  Download the latest firmware. Visit  Make sure to save the file in an easy to find location (e.g., Desktop or Download Folder). Firmware files are usually in ZiP file format and must be extracted before using its content.


Step 2.  Once you’ve downloaded the firmware, open a web browser (e.g., Internet Explorer, Firefox, Chrome) and enter the IP address of your router on the address bar (default: you can also use it’s local friendly name http://dlinkrouter.local/.


Step 3.  Enter the username (admin) and your password (leave the password field blank of you have not setup a password yet). Click OK to gain access its web configuration pages.


Step 4.  Backup your configuration file. Navigate to Maintenance/System/Save Configuration Section. Click on [Save Configuration] button to download your current config file. Make sure to save the file in an easy to find location (e.g., Desktop or Download Folder).


Step 5.  Factory Reset the router*.  You can do this in two way:

1. Using the routers web interface (navigate to Maintenance/System/Restore to Factory Default section)
2. Using a paper clip and holding down the RESET button, located at the bottom of the unit, for 12 seconds.


Step 6. Update the router from the routers web page. To begin navigate to Maintenance/System/Upgrade Firmware and click the”browse” button find the .bin file extracted from the ZIP file you downloaded.


Step 7. Click Upload. It may take up to 300 seconds for the upgrade process to complete. When the countdown timer finishes, click on the continue button. The firmware is now upgraded. Reset the unit back to factory settings one more time, by following instruction in Step 5.


Step 8.  After the router reset process is complete and unit is back to ready, reconfigure the router from scratch or reload the saved configuration file.


Step 9. If you get a Page cannot be displayed or similar error after clicking Continue, close your browser and re-open it. Enter* and press Enter. You should now be prompted for your username (admin) and your password (leave blank)by default.


Your Firmware has been updated!


Note: Do not forget to enable your Antivirus and Firewall programs after the upgrade is completed.


*If you have changed the local network IP address segment, resetting the unit will return the routers to it’s original LAN settings of

Tags: , ,

Dec 20

Note: After resetting the D-Link DCS-6620/DCS-6620G to default, the Auto Electronic Shutter (AES) is set to Auto. Some environmental lighting may affect the D-Link DCS-6620/DCS-6620G to a point where the video is unrecognizable. To fix this the CCD Settings must be changed.

Step 1: Log in to the web configuration of the D-Link DCS-6620/DCS-6620G.

Step 2: Select Configuration from the left hand menu.

Step 3: Click CCD on the left hand side.

Step 4: Using the Auto Electronic Shutter drop down menu, select the appropriate shutter speed. You may need to test different shutter settings for your environment.


Step 5 Use the references below to help you decide which settings your environment requires you to change.

Help File References:

Auto Electronic Shutter (AES) In this mode the AES will be fixed at 1/60 (1/50) second. The default setting of the CCD is in the auto-iris mode. If the shutter is selected to auto, the iris of the CCD will become fixed. Faster shutter speed will allow fast moving objects to be seen more clearly.

Auto tracking white balance This is helpful if the camera is monitoring outdoor objects. There are 9 levels of white balance that can be adjusted that will help the camera to capture video with correct colors.

White balance control Selecting this feature will disable the Auto tracking white balance. This is used mostly for monitoring indoor objects. Adjustments are from 3200K-8000K to get the correct colors.

Auto switch to B/W in low lux mode Selecting this option and the low lux mode will automatically switch video to black and white if the environment became dark such as going from evening to night.

Enable BLC This is for back light compensation. When object is in front of bright lights it is sometimes difficult to see, selecting this option and adjust sensitivity level can allow object to become clearer to see.

BLC sens level Adjusting this will allow objects to be seen more clearly by adjusting BLC sensitivity detection.

BLC area selection A selection window will pop up. The window is divided into 48 squares, select the squares that BLC is required; if no squares are selected there will be no differences in the video.


Dec 20

The firmware upgrade process for all D-Link managed switches runs over TFTP. You will need TFTP software running on the computer that has the Firmware file on the local hardrive. If you do not have TFTP software, it is freely available on the Internet.

The Firmware upgrade procedure requires an Ethernet connection between the switch and the TFTP server. You must be able to access the switch through Telnet or the Web based configuration from the computer that is running the TFTP software. Although there are many different ways to configure the switch, it is easiest for you to use the Web based configuration when upgrading the Firmware.

The Web based configuration of any D-Link switch can be accessed by entering the IP address in the address bar of any Java-enabled browser. The default IP address of the D-Link DES-3226 is If you are unable to access the web based configuration, connect to the switch through Hyperterminal and reset the switch to Factory default. If you have made configuration changes to the switch, make sure that your TFTP server is on the Management VLAN, and that it can PING the switch.

Step 1 Open your Web browser and enter the IP address of the DES-3226 in the address bar ( Select Login at the top of the web page. When prompted, enter the username/password that you have assigned to the switch. By default there is no username or password assigned to the switch.


Step 2 From the folder tree on the left-side of the page select Maintenance>TFTP Services>Update Firmware.


Step 3 Enter the IP address of the computer running the TFTP software in the field labeled Server IP Address. In the field labeled File Name, enter the path to the firmware file that is on the local hardrive of the computer running the TFTP software. Make sure that you include the file extension of the firmware file when specifying the directory path.


Step 4 Make sure that there is TFTP software running on the computer who-¦s IP address was entered in the Web based configuration. Click on the Apply button, and then click on Start.

Step 5 During the upgrade process this is what you should see. The D-Link TFTP software is also shown in the below screenshot which will also display the firmware upgrade status.


Step 6 After the Firmware upgrade is complete the switch will automatically reboot. Wait 1-2 minutes and then reconnect to the switch. Login and select Configuration>Switch Information. The field labeled Firmware Version should now display the Firmware Version that you just upgraded to.


Tags: ,

Prev 1 2 3 ... 13 14 15 16 17 18 19 ... 159 160 161 Next