- DL manuals
- XiNCOM
- Network Router
- Twin WAN XC-DPG503
- User Manual
XiNCOM Twin WAN XC-DPG503 User Manual
Summary of Twin WAN XC-DPG503
Page 1
twin wan vpn gateway cutting edge innovations..
Page 2
Table of contents introduction 4 features 5 physical details 7 basic setup 9 configuring your lan 10 connecting broadband modems 12 configuring for interent access 13 configuring your lan pcs 14 advanced port 16 port options 17 load balance 18 advanced pppoe 19 advanced pptp 20 advanced setup 21 host i...
Page 3
Table of contents qos configuration 33 vpn configuration 34 ipsec global setting 35 policy setup 36 management assistant 38 snmp 38 email alert 38 syslog 39 upgrade firmware 40 operation & status 42 system status 42 restore factory defaults 43 wan status 43 lan status 43 advanced lan configuration 44 e...
Page 4
Chapter 1 - introduction xincom xc-dpg503 is a vpn capable dual wan gateway with the industry standard ipsec encryption. It provides extremely secure lan-to-lan connectivity over the internet. The 503 supports vpn by encryption, encapsulation, and authentication using the following methods: des/3des...
Page 5
Features built-in vpn endpoint full vpn endpoint with support for up to 50 vpn tunnels using the ipsec encryption protocol. Multiple connection methods all popular dsl and cable modems and connection methods are supported, including fixed ip, dynamic ip, pppoe, even multiple-session pppoe. 2 x 10/10...
Page 6
Other features: dhcp server support dynamic host configuration protocol provides a dynamic ip address to pcs and other devices upon request. The xc-dpg503 can act as a dhcp server for devices on your local lan. Multi segment lan support lans containing one or more segments are supported via the xc-dp...
Page 7
Twin wan vpn gateway xc-dpg503 front panel: operation of the front panel leds is as follows: system: power off - no power. On - normal operation status off - normal operation on - firmware not loaded or hardware error blinking - data in/out wan: link/act on - physical connection to the broadband mod...
Page 8
Physical details lan ports wan1 wan2 reset dc 5v front panel status and error conditions led action condition wan1 link/act & 10m/100m leds flash alternatively. Firmware download in progress. Wan1 link/act & 10m/100m leds flash concurrently. Mac address not assigned. Wan1 link/act & 10m/100m leds soli...
Page 9
Chapter 2 - basic setup overview basic setup of your xc-dpg503 wil involve the following steps: 1. Connect the xc-dpg503 to one (1) pc and configure it to your existing lan. 2. Connecting one or two broadband modems to your xc-dpg503. 3. Configuring the xc-dpg503 for interent access. 4. Configuring all...
Page 10
Configuring the xc-dpg503 for your lan a 1. 2. 3. 4. 5. 6. 7. 8. 9. Procedure use a standard lan cable to connect your pc to any lan port on the xc-dpg503. Connect the power adapter and power up the xc-dpg503. Only use the power adapter provided with the product; using a different one may cause hard...
Page 11
Ensure these settings are suitable for your lan: • the default settings are suitable for many situations. • see the following table for details of each setting. Figure 3. Lan & dhcp configuring the xc-dpg503 for your lan 11.
Page 12
Lan ports wan1 wan2 reset dc 5v connecting two broadband modems a 1. 2. 3. 4. 5. Procedure ensure the xc-dpg503 and the dsl/cable modem are powered off. Leave the modem or modems connected to their data line. Connect the broadband modem(s) to the xc-dpg503. If using only one (1) broadband modem, con...
Page 13
Select primary setup from the menu. Configure wan 1 and/or wan 2 as required. For any of the following situations, refer to chapter 3: advanced port setup for any further configuration which may be required such as: • using both ports • multiple ip addresses on either port • multiple pppoe sessions • ...
Page 14
Configure pcs on your lan overview for each pc, the following may need to be configured: tcp/ip network settings internet access configuration tcp/ip settings when using windows 95/98/me/2000/xp and the xc-dpg503’s tcp/ip default settings, no changes need to be made. Just start or reboot your pc. By d...
Page 15
For apple clients open the tcp/ip control panel. Select ethernet from the connect via pop-up menu. Select using dhcp server from the configure pop-up menu. The dhcp client id field can be left blank. Close the tcp/ip panel, saving your settings. Note: if using manually assigned ip addresses instead of...
Page 16
Chapter 3 - advanced port overview port options contains some options which can be set on either or both wan ports. For most situations, the default values are satisfactory.Virtual server load balance screen is only functional if you are using both wan ports. It allows you to determine the proportio...
Page 17
Port options figure 6. Port options connection validation pppoe / pptp connection options transparent bridge mode health check use this field to select the type of connection validation to perform. When set to icmp, the xc-dpg503 sends out icmp echo requests. When set to http, the xc- dpg503 requests...
Page 18
Load balance figure 7. Load balance console configuring load balancing the twin wan line of products uses a session based load balancing algorithm by allowing you to manage sessions using several different options: bytes rx+tx by monitoring real time speed of both wan connections, the xc-dpg503 will ...
Page 19
Advanced pppoe figure 8. Advanced pppoe settings - advanced pppoe wan port pppoe session select the desired port and session, then click the “select” button. The data for the selected port/session will then be displayed in the wan ip account section. Wan ip account • user name – enter the pppoe user...
Page 20
Advanced pptp figure 9. Advanced pptp settings - advanced pptp wan port select the desired port and click the “select” button. The data for the selected port will then be displayed in the wan ip account section. Wan ip account • user name – the pptp user name (login name) assigned by your isp. • pas...
Page 21
21 chapter 4 - advanced setup overview the following advanced features are provided. Host ip setup virtual server custom virtual server special applications dynamic dns multi dmz advanced features upnp this chapter contains details of the configuration and use of each of these features. Xc-dpg503 twi...
Page 22
Host ip host ip this feature is used in the following situations: when you have multi-session pppoe and wish to bind each session to a particular pc on your lan. When you wish to use the access filter feature. This requires that each pc be identified by using the host ip setup screen. When you wish t...
Page 23
Virtual servers figure 10. Virtual servers virtual servers this feature allows you to make servers on your lan accessible to internet users. Normally, internet users would not be able to access a server on your lan because: your server’s ip address is only valid on your lan, not on the internet. Att...
Page 24
Custom virtual servers settings - custom virtual servers select custom server name server list if creating a new entry, ignore this list. To edit an existing entry, select it, and then click the “select” button. The screen will update with data for the selected entry. Custom server configuration this...
Page 25
Special applications settings - special applications select special application name select name item this lists any special applications which are currently defined. • ignore this list if adding a new special application. Enter your data in the special application configuration section, and click the...
Page 26
Dynamic dns dynamic dns dynamic dns is very useful when combined with the virtual server feature. It allows internet users to connect to your virtual servers using a url, rather than an ip address. This also solves the problem of having a dynamic ip address. With a dynamic ip address, your ip addres...
Page 27
Multi dmz & upnp dynamic dns this feature allows each wan port ip address to be associated with one (1) computer on your lan. All outgoing traffic from that pc will be associated with that wan port ip address. Any traffic sent to that ip address will be forwarded to the specified pc. This allows unrest...
Page 28
Advanced features advanced features nat – nat (network address translation) is the technology which allows a number of lan pcs to share one (1) internet ip address. Remote access configuration – this feature allows you to manage the xc-dpg503 via the internet. You can restrict access to a specified ip...
Page 29
Advanced features (continued) using remote web-based setup to connect to the xc-dpg503 from a remote pc via the internet: 1. Ensure that both your pc and the xc-dpg503 are connected to the internet. 2. Start your web browser. 3. In the address bar enter: http:// (internet ip address of the xc-dpg503...
Page 30
Chapter 5 - security management overview block url - this feature blocks specific web sites by ip address, url, or keywords. Access filter - block all internet access, well-known ports, or block user define ports by groups. Session limit - eliminate users’ internet access and send email alert to the a...
Page 31
Block url block url this feature allows you to block access to undesirable web sites. You can block by url, ip address, or keyword. You can also have different blocking settings for different groups of pcs. Every url is searched to see if it matches or contains any of the url or keywords entered her...
Page 32
Session limit & firewall exception session limit this new feature allows to drop the new sessions from both wan and lan side. If the new sessions number are exceed the maximum sessions in a sampling time. Settings - session limit firewall exception system firewall exception rules: the rules with whi...
Page 33
Chapter 6 - qos configuration overview the xc-dpg503 provides qos, which supports the high quality of network service. Classifying outgoing packets based on some policies defined by users provides real-time applications to get better response or performance. Settings - qos setup qos feature • enable q...
Page 34
Chapter 7 - vpn configuration overview virtual private network (vpn) uses encryption to connect computers over a public network such as the internet. Encrypted connections between computers are commonly referred to as a tunnel . These secure tunnels permit sending private data from one computer to an...
Page 35
Ipsec global settings ipsec global setting ip global setting enable enabling either wan 1, wan 2, or both will start the vpn global setting. Isakmp port internet security association and key protocol management (isakmp) is designed to negotiate, establish, modify, and delete security associations an...
Page 36
Policy setup vpn policy setup ipsec traffic binding vpn tunnel list it shows the tunnels that you have entered. The router can setup up to 50 tunnels tunnel name this distinguishes different “tunnels” by name. Tunnel the tunnel can only be connected when the enable check box is selected. Wan port you...
Page 37
Policy setup vpn policy setup (continued) key management key - key type: there are two key types (manual key and auto key) available for the key exchange management. Manual key: if manual key is selected, no key negotiation is needed. Encryption key - this field specifies a key to encrypt and decrypt ...
Page 38
Chapter 8 - management assistant snmp - simple network management protocol this section is to compliment any snmp (simple network management protocol) software installed on your pc. If you have snmp software, you can use a standard mib ii file with the xc-dpg503. Settings - snmp system information • ...
Page 39
Management assistant email alert (continued) email (smtp) server address this field sets the email sever’s address for the warning email will be sent to. (email alert must be enabled) for example: mail.Domain.Com email recipient address this field sets the email address for the warning email will be s...
Page 40
Management assistant admin password screen the password screen allows you to assign a password to the xc-dpg503. Enter the desired password. Re-enter the password in the verify password field and then save it. When you connect to the xc-dpg503 with your browser, you will be prompted for the password ...
Page 41
Management assistant example of how to configure to save file. Uploading the firmware using the tftp utility you are able to update the firmware on the xc-dpg503, this is useful when you also need to recover the router from a crash. To upload the firmware to the router: 1. Open the tftp utility by doubl...
Page 42
Chapter 9 - operation & status operation & status overview once both the xc-dpg503 and the pcs are configured, operation is automatic. However, there are some situations where additional internet configuration may be required (refer to chapter 4 - advanced features for further details) system status w...
Page 43
Operation & status restore factory defaults when the “restore factory defaults” button on the status screen above is clicked, the following screen is displayed. If the “restore default value” button on this screen is clicked: • all of your settings will be erased. • the default ip address, password ...
Page 44
44 chapter 10 - advanced lan configuration overview these settings are provided to deal with non-standard situations or to provide additional options for advanced users. Existing dhcp server if your lan already has a dhcp server, and you wish to continue using it, the following configuration is requir...
Page 45
45 advanced lan configuration static routing this section is only relevant if your lan has other routers or gateways. If you do not have other routers or gateways on your lan, skip the static routing page. If your lan has other gateways and routers, you must configure the static routing screen as des...
Page 46
46 advanced lan configuration for the xc-dpg503 gateway’s routing table entry 1 (segment 1) destination ip address 192.168.2.0 network mask 255.255.255.0 gateway ip address 192.168.1.100 interface lan metric 2 entry 2 (segment 2) destination ip address 192.168.3.0 network mask 255.255.255.0 (standar...
Page 47
47 appendices appendix a specifications model xc-dpg503 dimensions 245mm (w) x 137mm (d) x 30mm (h) operating temperature 0° c to 40° c storage temperature -10° c to 70° c network protocol tcp/ip network interface 6 ethernet: 4 x 10/100baset (rj45) auto-switching hub ports for lan devices 2 x 10/100b...
Page 48
48 appendices appendix b windows tcp/ip setup tcp/ip settings if using the default xc-dpg503 settings, and the default windows 95/98/ me/2000 tcp/ip settings, no changes need to be made. By default, the xc-dpg503 will act as a dhcp server and automatically provide a suitable ip address (and related ...
Page 49
49 appendices on the dns configuration tab, ensure enable dns is selected. If the dns server search order list is empty, enter the dns address provided by your isp in the fields beside the add button, then click add . Figure d. Dns tab (windows 95/98) checking tcp/ip settings - windows 2000: 1. Select...
Page 50
Appendices appendices 50 checking tcp/ip settings - windows xp: 1. Select control panel - network connection. 2. Right click the local area connection and choose properties . You should see a screen like the following: figure g. Network configuration (windows xp) 3. Select the tcp/ip protocol for you...
Page 51
Appendices appendices 51 appendix c troubleshooting overview this chapter covers some common problems that may be encountered while using the xc-dpg503 and some possible solutions to them. If you follow the suggested steps and the xc-dpg503 still does not function properly, contact xincom for furthe...