Jan 26
How do I configure Captive Portal on my D-Link DSR Series Router?
Network-Diagram
Step 1: Click Setup-tab.

Step 2Click Network Settings > Lan Setup Configuration.

Step 3: Enable Run-Time User Authentication.

Step 4: Click Advanced tab.

Step 5: Click Users > Users.

Step 6: Click Add.

Tags: , ,

Apr 05

System Requirements:

IE 10 64bit

Windows 7 SP1 or Higher

Java 64 Bit

Microsoft Visual C++ 2005 (64bit)

Browser Configuration: Enter IE10 – Tools – Internet Options – Advanced Tab

establish SSL VPN tunnel to D-Link DSR Series

And Enable Enhanced Protected Mode* and Enable Smart Filter. Whilst inside Internet Options – Go to Security – Trusted sites and Enable Protected Mode the click on Sites.

124

Add the WAN IP of the device here (for example: https://111.250.29.140)

establish SSL VPN tunnel to D-Link DSR Series_1

Click Close. The next step is to configure the Account Control Settings.

establish SSL VPN tunnel to D-Link DSR Series_2

Click on Change User Account Control settings and configure as follows:

establish SSL VPN tunnel to D-Link DSR Series_3

When you click on OK, you will be presented with the following message:

establish SSL VPN tunnel to D-Link DSR Series_4

Before continuing with the SSL VPN tunnel ALL of the above must be installed and configured.

When all complete follow these instructions:

1. Open a browser and access the portal for SSL VPN tunnel

2.Accept the warning for this certificate.

3. Enter Login credentials

121

4. Click on VPN Tunnel tab

1212

5. Click on the icon to begin the connection. You will be presented with a message regarding User Accounts.

Click yes to accept changes. You should see the below message briefly whilst authentication and connection is being made.

When connection has been established you will be presented with the following screen.

1111

You are able make a further check for connectivity by right clicking on SSL VPN Tunnel icon in the taskbar.

11111

Tags: , ,

Apr 05

Network Configuration:

This setup consists of separating two networks by the creating two VLANS on the DSR Series Service Router. This example will use the following setup:

Network 1 – 192.168.10.0 /24 – Default

Network 2 – 192.168.20.0 /24 – VLAN20

Step 1 – Enter the web GUI interface of the DSR using its IP address in a web browser. In our example we have used the IP address of 192.168.10.1

DSR_Series_FW2_How_to_setup_Two_VLANS1

Accept any certificate warnings you may see, this is perfectly normal and safe

Step 2 – You should then be presented with the login page

DSR_Series_FW2_How_to_setup_Two_VLANS2

Username: admin

Password: admin

Click “Login”

Step 3 – Click on the following options to setup VLANS

Network > VLAN > VLAN Settings

DSR_Series_FW2_How_to_setup_Two_VLANS3

Step 4 – Here you must firstly enable VLAN then click “Save”

DSR_Series_FW2_How_to_setup_Two_VLANS4

Step 5 – Once saved, click “Add New VLAN”

DSR_Series_FW2_How_to_setup_Two_VLANS5

VLAN IP: 20
Name: VLAN20
Capital Portal: Off
Activate InterVLAN Routing: Off
(InterVLAN Routing can stay “Off” this way there is no way that both networks will see each other
Multi VLAN Subnet: 192.168.20.1
Subnet Mask: 255.255.255.0

Step 5 – Click on the option “DHCP Server”

DSR_Series_FW2_How_to_setup_Two_VLANS6

Domain Name:
DHCP_VLAN20

Starting IP Address: 192.168.20.2

Ending IP Address: 192.168.20.254

Default Gateway: 192.168.20.1

Primary DNS Server: 8.8.8.8

Secondary DNS Server: 8.8.4.4.

Lease Time: 24

LAN Proxy: On (Default)

If you have a DHCP available for this new subnet, then click “DHCP Relay” and configure according to this network requirements. Once done, click “Save”

Within our example, we have used VLANID 20 for network 192.168.20.0/24. After clicking on “Save” our second VLAN will have been created

DSR_Series_FW2_How_to_setup_Two_VLANS7

Step 6 – The next step is to associate the VLAN with a port or certain ports. We will associate with Port 4

DSR_Series_FW2_How_to_setup_Two_VLANS8

Network > VLAN > Port VLAN

DSR_Series_FW2_How_to_setup_Two_VLANS9

Step 7
– In our example we are going to associate VLAN20 to Port 4. To do this, place the mouse over Port 4 and Right-Click then click on “Edit”

DSR_Series_FW2_How_to_setup_Two_VLANS10

Step 8 – Once clicked on “Edit”, we will need to select “Mode” as “Access” with a PVID 20 (Step 5)

DSR_Series_FW2_How_to_setup_Two_VLANS11

Once done, click on “Save”

DSR_Series_FW2_How_to_setup_Two_VLANS12

NOTE: If you intend to connect a non-manageable switch to port 4 which doesn’t support VLANS then the mode “Access” is correct.

However, if you are planning to connect a manageable switch that does understand VLANS then you will need to select “Trunk” and VLAN Membership 20

DSR_Series_FW2_How_to_setup_Two_VLANS13

Tags: ,

Apr 02

How to Setup VPN IPsec Between D-Link DSR-Series FW.2.x

Step 1 – Setup WAN port setup DSR1

Network > WAN1 Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_1-1

Step 2 – Here you will need to select the ISP Connection Type

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_2

Wan1 Setup:

Connection Type: Static IP (In our example it was set as static)

IP Address: 1.1.1.1

IP Subnet Mask: 255.0.0.0

Domain Name System (DNS) Servers

Primary DNS Server: 8.8.8.8 (Google DNS)

Secondary DNS Server: 8.8.4.4 (Google DNS)

Click on “Save

Step 3 – Setup LAN Configuration DSR1

Network > LAN Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_3

Step 4 – Enter an IP address for the LAN interface and DHCP Server

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_4

In our example we have given the IP: 192.168.10.1

IP Address Setup:

IP Address: 192.168.10.1

Subnet Mask: 255.255.255.0

DHCP Setup:

DHCP Mode: DHCP Server

Starting IP Address: 192.168.10.2

Ending IP Address: 192.168.10.254

Default Gateway: 192.168.10.1

Click on “Save

Step 4 – Setup WAN port setup DSR2

Network > WAN1 Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_1

Step 5 – Here you will need to select the ISP Connection Type

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_2-1

Wan1 Setup:

Connection Type: Static IP (In our example it was set as static)

IP Address: 1.1.1.1

IP Subnet Mask: 255.0.0.0

Domain Name System (DNS) Servers

Primary DNS Server: 8.8.8.8 (Google DNS)

Secondary DNS Server: 8.8.4.4 (Google DNS)

Click on “Save

Step 6 – Setup LAN Configuration DSR2

Network > LAN Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_5

Step 7 – Enter an IP address for the LAN interface and DHCP Server

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_6

In our example we have given the IP: 192.168.10.1

IP Address Setup:

IP Address: 192.168.20.1

Subnet Mask: 255.255.255.0

DHCP Setup:

DHCP Mode: DHCP Server

Starting IP Address: 192.168.20.2

Ending IP Address: 192.168.20.254

Default Gateway: 192.168.20.1

Click on “Save

VPN IPsec Setup – DSR1:

Step 8 – You will now need to setup an IPsec Policy

VPN > Policies

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_7

Step 9 – Click “Add New IPSec Policy” to configure a new IPsec Policy

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_8

IPSec Policy Configuration

General

Policy Name: VPN1

Policy Name: Auto Policy

IP Protocol Version: IPv4

IKE Version: IKEv1

L2TP Version: None

IPSec Model        Tunnel Model

Select Local Gateway: Dedicated WAN

Remote Endpoint: 2.2.2.2

Enable DHCP: Off

Local IP: Subnet

Local Start IP Address: 192.168.10.1 (LAN IP Address of DSR1)

Local Subnet Mask: 255.255.255.0

Remote IP: Subnet

Remote Start IP Address: 192.168.20.1

Remote Subnet Mask: 255.255.255.0

Enable Keepalive: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_9

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_10
Phase 1 (IKE SA Parameters)

Exchange Mode: Main

Direction Type: Both

Nat traversal: On

NAT Keep Alive Frequency: 20

Remote Identifier Type: Local Wan IP

Remote Identifier Type: Remote Wan IP

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_11

Encryption Algorithm

DES: On                                 3DES: On

AES-128: On                        AES-192: On

AES-256: On

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12

Authentication Algorithm

MD5: On                                SHA-1: On

SHA2-256: Off                     SHA2-384: Off

SHA2-512: Off

Authentication Method: Pre-Shared Key

Pre-Shared Key: sharedkey

Diffie-Hellman (DH) Group: Group: Group 2 (1024 bit)

SA-Lifetime: 28800

Enable Dead Peer Detection: Off

Extended Authentication: None

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_13

Phase2 – (Auto Policy Parameters)

SA Lifetime: 3600  Seconds

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_14

Encryption Algorithm

DES: On                                 None: Off

3DES: On                              AES-128: On

AES-192: On                        AES-256: On

TWOFISH (128): Off          TWOFISH (192): Off

TWOFISH (256): Off

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-1

Integrity Algorithm

MD5: On                                SHA1: On

SHA2-224: Off                     SHA2-256: Off

SHA2-384: Off                     SHA2-512: Off

PFS Key Group: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_15

Click “Save
VPN IPsec Setup – DSR2:

Step 10 – You will now need to setup an IPsec Policy for the second DSR

VPN > Policies

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_7-1
Step 11 – Click “Add New IPSec Policy” to configure a new IPsec Policy
DSR_Series_FW2_How_to_setup_VPN_IPsec_between_17

IPSec Policy Configuration

General

Policy Name: VPN2

Policy Name: Auto Policy

IP Protocol Version: IPv4

IKE Version: IKEv1

L2TP Version: None

IPSec Model        Tunnel Model

Select Local Gateway: Dedicated WAN

Remote Endpoint: 2.2.2.2

Enable DHCP: Off

Local IP: Subnet

Local Start IP Address: 192.168.10.1 (LAN IP Address of DSR1)

Local Subnet Mask: 255.255.255.0

Remote IP: Subnet

Remote Start IP Address: 192.168.20.1

Remote Subnet Mask: 255.255.255.0

Enable Keepalive: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_18

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_19

Phase 1 (IKE SA Parameters)

Exchange Mode: Main

Direction Type: Both

Nat traversal: On

NAT Keep Alive Frequency: 20

Remote Identifier Type: Local Wan IP

Remote Identifier Type: Remote Wan IP

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_11-1

Encryption Algorithm

DES: On                                 3DES: On

AES-128: On                        AES-192: On

AES-256: On

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-3

Authentication Algorithm

MD5: On                                SHA-1: On

SHA2-256: Off                     SHA2-384: Off

SHA2-512: Off

Authentication Method: Pre-Shared Key

Pre-Shared Key: sharedkey

Diffie-Hellman (DH) Group: Group: Group 2 (1024 bit)

SA-Lifetime: 28800

Enable Dead Peer Detection: Off

Extended Authentication: None

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-2

Phase2 – (Auto Policy Parameters)

SA Lifetime: 3600  Seconds

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_14-1

Encryption Algorithm

DES: On                                 None: Off

3DES: On                              AES-128: On

AES-192: On                        AES-256: On

TWOFISH (128): Off          TWOFISH (192): Off

TWOFISH (256): Off

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-4

Integrity Algorithm

MD5: On                                SHA1: On

SHA2-224: Off                     SHA2-256: Off

SHA2-384: Off                     SHA2-512: Off

PFS Key Group: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_15-1

Click “Save

Step 12 – To view if the VPN connection has been established

STATUS > Active VPNs

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_20

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_21
Step 13 – If you see “IPsec SA Not Established”, Right-Click on a record then click “Connect

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_22

Tags: ,

Apr 02

Information:                       

The use of load balancing with multiple WAN links can provide simultaneous outbound traffic efficiency and optimizing bandwidth. The following is a typical scenario of load balancing that involves all Internet traffic and can dynamically share the WAN links RoundRobin Algorithm.

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_21

Step 1 – Login to the DSR using its IP address

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_22

Network > WAN Mode

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_23

Step 2 – Select “Load Balancing” from the drop-down list and select “Round Robin

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_24

Round Robin:

This is when the new Internet connections alternate between WANs available.

Spillover:

This will use a single WAN link for all connections up until the maximum bandwidth limit (pre-configured) has been reached. After that the other WAN link is used for the new connections

Step 3 – For the DSR to check the status of connections WANs have three options to configure WAN health check. They are as follows:

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_25

  • WAN DNS Servers (This will use the DNS servers configured in the WAN)
  • DNS Servers (This allows you to enter the addresses you want to use)
  • PingThese IP Addresses (This allows you to enter the public IP address you want)

Once you have selected the verification mode, click “Save

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_26

Note:

Binding Protocol – Network > Routing > Protocol Binding

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_27

This is a key component with regards to “Load Balancing”.

This protocol allows a specific service to be associated with one of the available WAN links.

A description of this can be seen below:

  • Service: The user specifies the service name (choosing from the list of predefined or custom services). Custom services can be configured in the Firewall Menu – Security > Firewall > Custom Services

DSR_how_to_setup_load_balancing_with_multiple_wan_links_FW_28

 

  • Local Gateway: You can assign a specific WAN link to the service configured above
  • Source Network: The user specifies the LAN hosts assigned to the Protocol-Binding rule. Only those hosts that are linked to the protocol can therefore transmit or receive traffic through the WAN selected, meanwhile the other hosts will transmit traffic via the other WAN port(s). The user may choose to assign the rule for any host or a single machine within the LAN and / or alongside hosts within an IP pool.
  • Destination Network: The user specifies the LAN hosts assigned to the Protocol Binding Rule. The user can choose to assign the rule to any host, a single machine on the LAN or set of hosts within a pools of IP addresses

When a user adds a rule, the device updates the new entry and displays it in the Protocol Bindings List table. The table shows information about the service, the network source and destination and also if the link-up is enabled or not. The user can enable, disable and or edit a binding standard and also remove configured links if and when needed.

Tags: ,



 
1 2 Next
css.php