Peplink Balance_One Router Manual PDF (Setup & Configuration Guide)

Page 151 / 234 Scroll up to view Page 146 - 150

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-151 / 234 -

20.1.1.1

Intrusion Detection and DoS Prevention

The Balance can detect and prevent intrusions and Denial-of-Service (DoS) attacks from the Internet. To

turn on this feature, click

, check the

Enable

check box for the

Intrusion Detection and DoS

Prevention

and press the

Save

button.

When this feature is enabled, the Balance will detect and prevent the following kinds of intrusions and

denial-of-service attacks.



Port Scan:



NMAP FIN/URG/PSH



Xmas Tree



Another Xmas Tree



Null Scan



SYN/RST



SYN/FIN



SYN Flood Prevention



Ping Flood Attack Prevention

Page 152 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-152 / 234 -

20.1.2 Web Blocking

(Available on Peplink Balance 305/380+ and MediaFast 200+)

20.1.2.1

Web Blocking

Enter an appropriate website address and Peplink Balance will block and disallow

LAN/PPTP/SpeedFusion

TM

peer clients to access these websites. Exception can be added in the

following sections - 20.1.2.2 and 20.1.2.3

.

You may enter the wild card ".*" at the end of a domain name to block any web site with a host name

having the domain name in the middle.

For example, If you enter "foobar.*," then "www.foobar.com," "www.foobar.co.jp," or "foobar.co.uk" will be

blocked.

Placing the wild card in any other position is not supported.

The Peplink Balance will inspect and look for blocked domain names on all HTTP traffic. Secure web

(HTTPS) traffic is not supported.

20.1.2.2

Exempted User Groups

Check and select pre-defined user group(s) who can be exempted from the access blocking rules. User

groups can be defined at

QoS>User Groups

section. Please refer to section 19.1.1 for details.

20.1.2.3

Exempted Subnets

With the subnet defined in the field, clients on the particular subnet(s) can be exempted from the access

blocking rules.

Page 153 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-153 / 234 -

21

OSPFv2 & RIPv2

The Balance Router supports OSPFv2 and RIPv2 dynamic routing protocols. Click the

Network

tab from

the top bar, and click the

OSPFv2 & RIPv2

item on the side bar to reach the following menu:

OSPFv2

Router ID

This field determines the ID of the router. By default, this is specified as the LAN IP

address. If you want to specify your own ID, enter it on the

Custom

field.

Area

This is an overview of the OSPFv2 areas you have defined. Click on the area name to

configure it. To set a new area, click the button

. To delete an

existing area, click the

button

Page 154 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-154 / 234 -

OSPFv2 / RIPv2 Settings

Area ID

Determine the name of your Area ID to apply to this group. Machines linked to this group

will send and receive related OSPFv2 packets, while unlinked machines will ignore it.

Link Type

Choose the network type that this area will use.

Interfaces

Determine which interfaces this area to use to listen to and deliver OSPFv2 packets

RIPv2 Settings

Interfaces

Determine which interfaces this group to use to listen to and deliver RIPv2 packets.

Page 155 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-155 / 234 -

22

Miscellaneous Settings

The miscellaneous settings include configuration for high availability, PPTP server, service forwarding,

and service passthrough.

22.1

High Availability

(Available on Peplink Balance 210+)

Peplink Balance supports High Availability (HA) configurations via an open standard Virtual Router

Redundancy Protocol (VRRP, RFC 3768).

In an HA configuration, two same-model Peplink Balance units (e.g. a pair of Peplink Balance 210 units or

a pair of Peplink Balance 710 units) provide redundancy and failover in a master-slave arrangement. In

the event that the Master Unit is down, the Slave Unit becomes active.

High Availability will be disabled automatically where there is a Drop-in connection configured on a LAN

Bypass port.

The following diagram illustrates an HA configuration with two Peplink Balance 210 units, and two Internet

connections:

In the diagram, the WAN ports of each Peplink Balance unit connect to the router and to the modem. Both

Peplink Balance units connect to the same LAN switch via a LAN port.

An elaboration on the technical details of the implementation, by Peplink Balance, of Virtual Router

Redundancy Protocol (VRRP, RFC 3768) is as follows:



In an HA configuration, the two Peplink Balance units communicate with each other using VRRP

over the LAN.



The two Peplink Balance units broadcast heartbeat signals to the LAN at a frequency of one

heartbeat signal per second.



In the event that no heartbeat signal from the Master Peplink Balance unit is received in 3

seconds (or longer) since the last heartbeat signal, the Slave Peplink Balance unit becomes

active.



The Slave Peplink Balance unit initiates the WAN connections, and binds to a previously

configured LAN IP address.



At a subsequent point when the Master Peplink Balance unit recovers, it will once again become

active.

Rate

Popular Peplink Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share