beautypg.com

Planet Technology WLS-1280 User Manual

Page 132

background image

129

During the first-time login to PLANET WLS-1280, Internet Explorer will ask user to download the ActiveX

component of IPSec VPN. This ActiveX component once downloaded will be running paralleled with the “Login

Success Page” after the page being brought up successfully. The ActiveX component helps to setup the IPSec

VPN tunnel between client’s device and PLANET WLS-1280 controller, and to check the validity of the IPSec

VPN tunnel between them. If the connection is down, the ActiveX component will detect the broken link and

decompose the IPSec tunnel. Once the IPSec VPN tunnel was built, any packet sent will be encrypted. Without

connecting to the original IPSec VPN tunnel, user or client device has no alternative to gain network connection

beyond this.

The design of PLANET WLS-1280’s IPSec VPN feature directly solves possible data security leak

problem between client and the controller via either wireless or wired connection without extra hardware or client

software installed.

2. Limitations

The limitation of the client side due to ActiveX and Windows OS includes:

a. Internet Connection Firewall of Windows XP or Windows XP SP1 is not compatible with IPSec protocol. It

shall be turned off to allow IPSec packets to pass through.

b. Without patch, ICMP (Ping) and PORT command of FTP can not work in Windows XP SP2.

c. The Forced termination (through CTRL+ALT+DEL, Task Manager) of the Internet Explorer will stop the

running of ActiveX. It causes IPSec tunnel can’t be cleared properly at client’s device. A reboot of client’s

device is needed to clear the IPSec tunnel.

d. The crash of Windows Internet Explorer may cause the same result.

3. Internet Connection Firewall

In Windows XP and Windows XP SP1, the Internet Connection Firewall is not compatible with IPSec. Internet

Connection Firewall will drop packets from tunneling of IPSec VPN.