SnapGear SG565 Router Manual PDF (Setup & Configuration Guide)

Page 141 / 249 Scroll up to view Page 136 - 140

Web Cache

136

Network Shares

Typically, you will find the CyberGuard SG appliance’s web cache most useful when

utilizing a

Network Share

for additional storage space.

The CyberGuard SG appliance is

not equipped with a hard disk of its own, so is quite limited in terms of the amount of

Internet objects it can cache.

A network share is a shared folder or drive on a local Windows PC, or a PC running

another operating system capable of SMB sharing (such as a Linux PC running the

SAMBA service).

Refer to your operating system’s documentation for details on creating a network share.

What follows are some basic instructions for creating a network share under Windows

XP.

Create a new user account

Note

We recommend that you create a special user account to be used by the CyberGuard SG

appliance for reading and writing to the network share.

If you have an existing account or

wish to may the network share readable and writeable by everyone, you may skip the

next step.

To create an account, click

Start

->

Control Panel

->

User Accounts

->

Create a

new account

.

Type a name for the new account, e.g.

sguser

, and click

Typically

it will be sufficient to grant this account

Limited

privileges.

Click

Create Account

to

create it.

Select the account you have just create under

Pick an account to change

.

Select

Create a password

.

Enter and confirm a password for this account, as well as a

password hint if desired.

Page 142 / 249

Web Cache

137

Create the network share

Figure 8-2

Launch Windows Explorer (

Start

->

(All) Programs

->

Accessories

->

Windows

Explorer

) and open up a folder or drive to dedicate as a network share for use by the

CyberGuard SG appliance’s web cache.

Begin by disabling simple file sharing for this folder.

From the

Tools

menu, select

Folder

Options

.

Click the

View

tab and under the

Advanced settings

section

uncheck

Use

simple file sharing (Recommended)

.

Click

OK

.

Next, share the folder.

Right click on the folder and select

Sharing and Security

.

Select

Share this folder

and note the

Share name

, you may change this to something easier to

remember if you wish.

Finally, to set the security permissions of the newly created network share, click

Permissions

.

If you wish to secure the network share with a username and password (recommended),

click

Add

and type the user name the account to be used by the CyberGuard SG

appliance and click

Check Names

then

OK

.

Select this account, or

Everyone

if you are not securing the network share with a

username and password, and check

Allow

next to

Full Control

.

Click

OK

and

OK

again

to finish.

Page 143 / 249

Web Cache

138

Set the CyberGuard SG appliance to use the network share

Check

Use share

.

Enter the location of the network share in the format:

\\HOSTNAME\sharename

Figure 8-3

Enter the maximum size for the cache in

Cache size

.

Warning

Cache size

should not be more than 90% of the space available to the network share,

e.g. if you shared a drive with 1 gigabyte of available storage, specify a

Cache size

of

900 megabytes.

Enter the

Username

and

Password

for a user that can read and write to the network

share.

If you allowed

Full Control

to

Everyone

, you may leave these blank.

Page 144 / 249

Web Cache

139

Peers

The CyberGuard SG appliance’s web cache can be configured to share cached objects

with, and access objects cached by, other web caches.

Web caches communicate using the Internet Cache Protocol (ICP).

ICP is used to

exchange hints about the existence of URLs in neighbour caches.

Caches exchange ICP

queries and replies to gather information to use in selecting the most appropriate location

from which to retrieve an object.

First of all, the messages transmitted by a cache to locate a specific object are sent to

Sibling

caches, which are placed at the same level in the hierarchy. Then, the caches

placed at the

Parent

level are queried if the replies from sibling caches did not succeed.

Enter the host or IP address of an ICP capable web cache peer in

Host

, then select its

relationship to the CyberGuard SG appliance’s web cache (as described above) from

Type

and click

Apply

.

Set up LAN PCs to Use the Web Cache

Once the web cache has been set up, PCs on the LAN must have their browsers

configured appropriately.

In Internet Explorer, select

Internet Options

from the

Tools

menu.

Select the

Connections

tab and click

LAN Settings

.

Under

Proxy Server

, check

Use proxy

server…

and enter the IP address of your CyberGuard SG appliance in

Address

.

Note

The CyberGuard SG appliance’s web cache uses port

3128

by default.

Enter

3128

in

Port

, select

Bypass proxy for local addresses

and click

OK

.

Page 145 / 249

Virtual Private Networking

140

9. Virtual Private Networking

Virtual Private Networking (VPN) enables two or more locations to communicate securely

and effectively, usually across a public network (e.g.

the Internet) and has the following

key traits:

•

Privacy

- no one else can see what you are communicating

•

Authentication

- you know who you are communicating with

•

Integrity

- no one else can tamper with your messages/data

Using VPN, you can access the office network securely across the Internet using Point-

to-Point Tunneling Protocol (PPTP), IPSec, GRE or L2TP.

If you take your portable

computer on a business trip, you can dial a local number to connect to your Internet

access provider and then create a second connection (called a

tunnel

) into your office

network across the Internet and have the same access to your corporate network as if

you were connected directly from your office.

Similarly, telecommuters can also set up a

VPN tunnel over their cable modem or DSL links to their local ISP.

VPN technology can also be deployed as a low cost way of securely linking two or more

networks, such as a headquarters LAN to the branch office(s).

IPSec is generally the

most suitable choice in this scenario.

With the CyberGuard SG appliance you can establish a VPN tunnel over the Internet

using either PPTP, IPSec, GRE or L2TP.

IPSec provides the best security; however

PPTP is the preferred protocol for integrating with existing Microsoft infrastructure.

GRE

and L2TP VPNs will generally be used for specialized purposes only.

The CyberGuard

SG appliance provides a PPTP server to enable remote Windows clients to securely

access your office network.

Using the CyberGuard SG appliance’s PPTP client or IPSec

you can also connect your office network to one or more remote networks.

This chapter details how to configure the PPTP server and client and how to configure a

remote client to connect, how to establish an IPSec tunnel, and also provides an

overview of GRE and L2TP VPN tunneling.

Rate

Popular SnapGear Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share