advertisement
© Copyright 2006 Compex Systems Pte Ltd
All Rights Reserved
This document contains information that is protected by copyright. Reproduction, adaptation or translation without prior permission is prohibited, except as allowed under the copyright laws.
Trademark Information
Compex ® , ReadyLINK ® and MicroHub ® are registered trademarks of Compex, Inc. Microsoft
Windows and the Windows logo are the trademarks of Microsoft Corp. NetWare is the registered trademark of Novell Inc. All other brand and product names are trademarks or registered trademarks of their respective owners.
Notice: Copyrights © 2006 by Compex, Inc. All rights reserved. Reproduction, adaptation, or translation without prior permission of Compex, Inc. is prohibited, except as allowed under the copyright laws.
Manual Revision by Daniel
Manual Number: U-0453-V1.3C
Disclaimer
Version 1.3, October 2006
Compex, Inc. provides this manual without warranty of any kind, either, expressed or implied, including but not limited to the implied warranties of merchantability and fitness for a particular purpose. Compex, Inc. may make improvements and/or changes to the product and/or specifications of the product described in this manual, without prior notice. Compex, Inc will not be liable for any technical inaccuracies or typographical errors found in this guide. Changes are periodically made to the information contained herein and will be incorporated into later versions of the manual. The information contained is subject to change without prior notice.
Your Feedback
We value your feedback. If you find any errors in this user’s manual, or if you have suggestions on improving, we would like to hear from you. Please contact us at:
Email:
FCC NOTICE
62809947 [email protected]
This device has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This device generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this device does cause harmful interference to radio or television reception, the user is encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Connect the computer into an outlet on a circuit different from that to which the receiver is connected.
Increase the separation between the computer and receiver.
Consult the dealer or an experienced radio/TV technician for help.
Caution: Any changes or modifications not expressly approved by the grantee of this device could void the user's authority to operate the equipment.
i
FCC Compliance Statement
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:
1. This device may not cause harmful interference, and
2. This device must accept any interference received, including interference that may cause undesired operation.
Declaration of Conformity
Compex, Inc. declares the following:
Product Name: Dual Band Wireless A+G VPN Internet Router, NetPassage 18A
Model No: NetPassage 18A conforms to the following Product Standards:
The device complies with the Electromagnetic Compatibility Directive (89/336/EEC), Low
Voltage Directive (73/23/EEC) and the Amendment Directive (93/68/EEC) issued by the
Commission of the European Community. Compliance with these directives implies conformity to the following European Norms (in brackets are the equivalent international standards).
EN 55022 (CISPR 22) – Electromagnetic Interference (Conduction and Radiation)
EN 55024 (IEC61000-4-2, 3,4,5,6,8,11) – Electromagnetic Immunity
EN 61000-3-2 (IEC610000-3-2) – Power Line Harmonics
EN 61000-3-3 (IEC610000-3-3) – Product Safety
Therefore, this product is in conformity with the following regional standards:
FCC Class B ⎯ following the provisions of FCC Part 15 directives,
CE Mark ⎯ following the provisions of the EC directive.
This Class B digital apparatus complies with Canadian ICES-003. ii
Technical Support Information
The warranty information and registration form are found in the Quick Install Guide.
For technical support, you may contact Compex or its subsidiaries. For your convenience, you may also seek technical assistance from the local distributor, or from the authorized dealer/reseller that you have purchased this product from. For technical support by email, write to [email protected].
Refer to the table below for the nearest Technical Support Centre.
Technical Support Centres
Contact the technical support centre that services your location.
U.S.A., Canada, Latin America and South America
Write
Call
Fax
Compex, Inc.
840 Columbia Street, Suite A
Brea, CA 92821, USA
Tel:
Tel:
Fax:
+1 (714) 482-0333 (8 a.m.-5 p.m. Pacific time)
+1 (800) 279-8891 (Ext.122 Technical Support)
+1 (714) 482-0332
Europe
Write
Call
Fax
ReadyLINK Networktechnology Gmbh
Albert Einstein Straβe 34/M21
63322 Rödermark, Germany
Tel: +49 (0) 6074 - 98017 (8 a.m.-5 p.m. local time)
Fax: +49 (0) 6074 - 90668
Support Email: [email protected]
Asia, Australia, New Zealand, Middle East and the rest of the
World
Write
Call
Fax
Internet
access/
Website:
Compex Systems Pte Ltd
135, Joo Seng Road #08-01, PM Industrial Building
Singapore 368363
Tel:
Tel:
Fax:
(65) 6286-1805 (8 a.m.-5 p.m. local time)
(65) 6286-2086 (Ext.199 Technical Support)
(65) 6283-8337
E-mail:
FTPsite: [email protected]
Ftp.compex.com.sg http://www.cpx.com
or http://www.compex.com.sg
iii
About This Document
The products described in this document, Compex Dual Band Wireless A+G VPN Internet
Router, NetPassage 18A series are licensed products of Compex Systems Pte Ltd.
Information provided: This document contains instructions for installing, configuring and using all two versions of the Compex NetPassage 18A series. It also gives an overview of key applications and networking concepts relevant to the products.
We feature the four devices interchangeably in our illustrations since this document is applicable for all four models, unless stated otherwise.
Audience: This documentation is intended for both network administrators and end users who possess some basic knowledge of networking structures and protocols.
Assumptions: Procedures listed in the document are intended for Microsoft Windows users. If you are running a different operating system, you may need to refer to your operating system’s documentation for relevant networking instructions.
Firmware
Please take note that this User’s Manual is written based on NetPassage 18A Firmware
Version 2.
Conventions
The class inclusive of all model versions in this series is often denoted as either NetPassage
18A or NP18A. iv
TABLE OF CONTENTS
© C OPYRIGHT 2006 C OMPEX S YSTEMS P TE L TD ....................................................
CHAPTER 2: GETTING TO KNOW YOUR ROUTER.........................................2
CHAPTER 3: HARDWARE SETUP.......................................................................12
CHAPTER 4: ACCESSING THE WEB INTERFACE .........................................14
CHAPTER 5: SETTING UP A WLAN ...................................................................17
H OW TO M AKE Y OUR WLAN M ORE S ECURE ..........................................................29
i
P REFERRED AP S (O NLY AVAILABLE IN C LIENT M ODE )............................................49
To reserve specific IP addresses for predetermined DHCP clients .....................55
CHAPTER 7: ENABLING AND DISABLING ROUTER.....................................64
ii
CHAPTER 9: SECURITY CONFIGURATION ..................................................110
CHAPTER 10: WEB INTERFACE UTILITIES..................................................125
CHAPTER 11: PRINTER SERVER SETUP........................................................138
A DDING A S HARED P RINTER V IA LPR IN W INDOWS XP .......................................138
A DDING A S HARED P RINTER V IA LPR IN W INDOWS 2000.....................................144
A DDING A S HARED P RINTER V IA LPR IN W INDOWS 98/ME .................................150
R EMOVING THE S HARED P RINTER FROM THE R OUTER ...........................................156
CHAPTER 12: USB STORAGE DISK SHARING ..............................................157
A CCESSING Y OUR USB H ARD D ISK V IA FTP S ERVER ...........................................164
iii
A CCESSING Y OUR USB H ARD D ISK V IA W INDOWS F ILE S ERVER .........................165
U SING W INDOWS F ILE S ERVER TO M AP TO N ETWORK D RIVE ................................166
CHAPTER 13: WEBCAM SETUP AND VIEW ..................................................168
APPENDIX A: CONFIGURING YOUR PC FOR NETWORK ACCESS ........173
C ONFIGURING D YNAMIC IP ADDRESS ALLOCATION ...............................................175
Microsoft Windows 98/98SE/ME/2000 ..............................................................175
C ONFIGURING S TATIC IP ADDRESS ALLOCATION ...................................................177
Microsoft Windows 98/98SE/ME/2000 ..............................................................177
C ONFIGURING W IRELESS N ETWORK S ETTINGS FOR W INDOWS XP ........................179
APPENDIX B: TROUBLESHOOTING...............................................................180
APPENDIX C CLI COMMANDS.........................................................................184
APPENDIX D: GLOSSARY OF TERMS .............................................................189
...........................................................................189
APPENDIX E: TECHNICAL SPECIFICATIONS ..............................................194
iv
Chapter 1: Introduction
Introducing the Router
T
His is a Dual Band Wireless A+G VPN Internet
Router. It does not merely operate in wired network environments, it additionally upholds simultaneous IEEE802.11a and IEEE802.11b/g connections, as is often required in hotspots and other public Internet access deployment.
Advanced Features
New 54Mbps 802.11a
& 802.11g 5X faster than 802.11b!
Secure your wireless data transmissions with WPA protocol,
IEEE 802.1x authentication and
64/128-bits WEP
Encryption !
Read on and find out more about these features!
Designed to support state-ofthe-art security standards such as the Wi-Fi Protected
Access (WPA) protocol, the
802.1x authentication standard and 64/128-bits Wired Equivalent
Privacy (WEP) encryption, the router also sports built-in hardware encryption and embedded VPN support that can create multiple IPSec tunnels to remote locations, thus promoting increased scalability within a robust security infrastructure.
This highperformance router also bears advanced features such as Load Balancing,
Fail-Over Redundancy, and exclusives: uConfig and Parallel Broadband. A fullfledged gateway with built-in DHCP server, the router further supports Virtual Servers based on IP and Port Forwarding, De-
Militarized Zone hosts, Packet Filtering and much more!
Quickly access your network device’s Web administration setup with uConfig !
Have you heard of
Parallel Broadband ?
If not, keep reading and discover the ultimate
Internet solution is
delivered!
1
Chapter 2: Getting to know your Router
The following will help you get more acquainted with the rich suite of features offered by the router so that you are better able to exploit your router’s full potential.
Key features
Compatible with IEEE 802.11g/b and IEEE 802.11a standards
Adopting the 802.11g standard, the router provides you the fastest wireless access within your office or home network. Since it is fully backward compatible with 802.11b, you can safeguard your existing network investments.
Easy Management & Configuration
You can browse or uConfig to the web interface for effortless configuration.
Additionally, you can make use of these features:
• HTTPS (SSL) is supported in addition to the standard HTTP. HTTP (SSL) features additional authentication and encryption for secure communication.
• Telnet allows a computer to remotely connect to the CLI (Command Line
Interface) for control and monitoring.
• SSH (Secure Shell Host) establishes a secure host connection to the CLI for control and monitoring.
SSH is designed and created to provide the best security when accessing another computer remotely. Not only does it encrypt the session, it also provides better authentication facilities and features that increase the security of other protocols. It can use different forms of encryption and ciphers.
• SNMP feature for managing the network performance.
2
Virtual AP (Multiple SSID)
Virtual AP implements mSSID (Multi-SSID)
This allows a single wireless card to be set up with up to 16 virtual AP connections with different SSIDs or BSSID (Basic Service Set Identifier) and security modes.
WMM
WMM (Wireless Multimedia) improves the user experience for audio, video, and voice applications by prioritizing data traffic.
Point-to-Point & Point-to-MultiPoint Support
Point-to-Point and Point-to-MultiPoint communication between different buildings enables you to bridge wireless clients that are kilometres apart while unifying the networks.
Antenna Alignment
Antenna Alignment function finds the best alignment for the unit antenna by measuring the quality of the signal.
3
Security Features
You will be glad to learn about the security elements we have put in place to better protect your data and privacy.
WPA (Wi-Fi Protected Access) Standard & 802.1x Authentication
The router supports the WPA standard for enhanced security in your wireless network.
The WPA protocol combines two mechanisms: Dynamic Key Encryption and Mutual
Authentication for enhanced security in the wireless LAN. This combination ensures that all users are authenticated through a central authority before being allowed network
WPA Modes: access.
•
•
•
WPA Personal
WPA Enterprise
WPA2 Personal
•
•
•
WPA2 Enterprise
WPA Auto Personal
WPA Auto Enterprise
Detailed information on the WPA Modes can be found in Chapter 5: Setting Up A WLAN
– How to Make Your WLAN More Secure
64/128-bit WEP encryption
The router supports the WEP (Wired Equivalent Privacy) protocol with key lengths of 64-bit and 128-bit to protect data communication in your wireless network.
4
Additional Features
These features reveal the comprehensive range of advanced functionalities when the router is further configured.
Static IP, Dynamic IP, PPPoE, PPTP, and L2TP WAN types
Whether you have subscribed to fixed IP, dynamic IP or PPPoE, you can use the router for broadband cable /ADSL Internet connection sharing.
Parallel Broadband
The unique Parallel Broadband technology features improved load balancing and fail-over
Internet connectivity.
Built-in “NAT” firewall & Packet filtering
Since it handles the incoming and outgoing data packet transactions between your LAN and the external network, the router can validate individual packet information before passing it on to a LAN client. To complement NAT, you can use the packet filtering features to regulate Internet access and control the transmission of TCP, UDP, ICMP or IGMP packets to and from your LAN clients.
Virtual Servers based on Port-forwarding, IP-forwarding and DMZ’s
The router lets you set up Internet application servers such as FTP file servers and HTTP web servers based on Port-forwarding, IP-forwarding and Demilitarised Zone hosts.
5
When to use which router
NetPassage 18A IB11US , 1A13EU , IB11US , and 1B13EU are dualband wireless A+G VPN Internet router offering simultaneous support of IEEE 802.11a and IEEE 802.11g/b wireless
LAN connections.
NetPassage 18A 1A00US , 1A00EU , 18A 1B00US , and 1B00EU are
VPN Internet routers used only in wired environments.
6
Panel Views
The router has been designed such that it can either be placed on a desktop or mounted onto a wall.
LED indicators denoting network status and activity, are situated on the front edge of the router for easy visibility. Moreover, two plastic feet support the router in a standing arrangement, thus minimising desktop clutter and ensuring better organization when setting up the hardware.
NOTICE
: Actual product appearance may slightly differ depending on the hardware version.
7
8
Panel Description
2 WAN
Name
1 Power (LED)
3 WLAN (1), (2)
(Link/Activity LED)
4 1, 2, 3, 4
(Link/Activity/Speed
LEDs)
5 DIAG (LED)
Description
Steady
Green
Off
Steady
Green
Flashing
Green
Steady
Green
The device is powered up.
No power is supplied to the device.
The WAN connection is ON.
Data transmission at WAN connection.
Wireless interface up and running.
Ready for operation.
Flashing
Green
Activity is detected in the wireless network.
These LEDs reflect the status of the integrated
Fast Ethernet Switch.
They will light up when connected with an
Ethernet cable.
Steady
Green
Flashing
Green
There is a connectivity link of
100Mbps.
100Mbps data transmission is detected at the port concerned.
Steady
Amber
Flashing
Amber
There is a connectivity link of
10Mbps.
10Mbps data transmission is detected at the port concerned.
This LED is reserved for diagnostic purposes.
9
6
7
External Antennas
Rest Feet
SMA antennas
These rest feet hold the router in the standing position.
USB2
(NP18A 1A, NP18A 2A)
9 R232 (Integrated Serial
Interface)
10 WAN (Ethernet Port)
These ports support printers, webcams, or hard drives.
Not in use.
Reserved for future update.
10/100Base-T Port connects to Cable/ADSL modem.
11 1, 2, 3, 4 (Ethernet Ports) Integrated 3-port 10/100Mbps Switching.
Ports 1, 2, 3, and 4 all function as normal
Ethernet ports except that Port 4 supports PoE connection.
Connect Port 4 to PoE Injector if you wish to use it to supply power to the unit.
Direct Current jack.
If using power adapter to supply power to the unit, attach the power adapter to the main electrical supply and connect the power plug into the DC Jack of the router.
10
(Push Button) The table below illustrates the use of the Reset button.
Reset
Push
Button
Less than
3 sec
5 sec
Between
8 sec and
10 sec
More than 10 sec
Diagnostic
LED
Router
Behavior
On Reboots.
Fast Blinking Restores the default login password, which is
‘password’.
Slow Blinking Restores all the default factory settings including password.
Off Reset cancelled.
! NOTE:
Although the Ethernet ports are numbered 1 to 4, they DO NOT have to be connected sequentially.
For example: in a network of two computers, you can choose to connect one computer to Port 2 and another to Port 4.
11
11
Chapter 3: Hardware Setup
Before attaching a pair of external antennas to the router, take note of the ‘A’ marking on one of the two antennas.
The antenna with the ‘A’ marking is the Dualband AG Antenna.
‘A’ marking
The antenna without the marking is the single-band G Antenna.
!
Connect the singleband G antenna to Ant-
2 on the RIGHT.
Connect the Dualband
AG antenna to Ant-1 on the LEFT.
Important: To ensure proper functionality of the router, these two antennas MUST NOT be swapped.
12
Insert one end of the RJ45 Ethernet cable to any of the LAN ports (1, 2,
3, or 4) on the router and the other end to your PC’s Ethernet network adapter.
PC
Attach the power adapter to the main electrical supply and connect the power plug into the socket of the router.
Power on your PC.
Notice that the Power and the corresponding port LEDs have lighted up.
This indicates that connection has been established successfully between the router and your PC.
13
Chapter 4: Accessing the Web interface
This chapter consists of the following:
Overview of alternatives to access the web interface
How to uConfig to the web interface
How to browse to the web interface
Overview of alternatives
The router can be configured with the web interface.
After connecting the router to your PC, there are two methods of accessing its web interface:
Installing and running the uConfig utility.
Changing your web browser settings.
How to uConfig to the Web Interface
exclusive!
The uConfig utility has been developed to allow access to the web interface of your product without having to change the TCP/IP settings of your PC.
Installing uConfig
1
Insert the Product CD into the CD-
ROM drive.
It will automatically run and display the web page.
2 on .
2. Select to install the uConfig utility on your hard disk.
3. After installation, double-click on the
uConfig icon to run the program.
14
After installation, your PC will automatically detect connected products.
Double-click on the uConfig utility icon to run the program.
Running uConfig
1
1. Ensure that the router is selected under the Products List.
2. Click Open Web .
This opens the router’s login screen.
3
At the authentication page, click on the LOGIN! button to enter the main configuration page.
Note: The default password is
“password”
2
This screen prompts you not to exit uConfig while accessing the web interface or else connection to the device will fail.
Click on the OK button to proceed.
15
How to Browse to the Web Interface
Browsing to the web interface
Open your Command prompt window and type in: ping
192.168.168.1
to verify that your PC can communicate with the router.
If your TCP/IP settings are correct, you will get replies to this ping command.
1. Launch your web browser.
2. Under the Tools tab, select
Internet Options. the tab. the all the option boxes.
1. At the address bar, type: http://192.168.168.1
2. At the login page, press the
LOGIN!
button to enter the configuration pages.
Note: The default password is
“password”
You will then reach the home page of the router’s web interface.
16
Chapter 5: Setting Up a WLAN
This chapter applies exclusively to Wireless Setup (a/b/g) and Wireless
Setup (b/g).
Wireless Setup (a/b/g) supports IEEE 802.11a and IEEE 802.11g/b wireless
LAN connections simultaneously.
Wireless Setup (b/g) supports IEEE 802.11b and IEEE 802.11g wireless LAN connections simultaneously.
Whether you’re a home user or a network administrator, a WLAN implementation will allow your roaming users to enjoy network resources anywhere, anytime. It also provides convenience, and cost savings, since deploying WLANs is less costly than setting up cables.
The next sections involve the following:
WLAN Setup
Wireless Security Settings
Advanced Settings
The steps featured are common to both Wireless Setup (a/b/g) and
Wireless Setup (b/g), unless otherwise stated.
17
Operation Modes
Access Point Mode
This is the default mode of your access point. The Access Point mode enables you to bridge wireless clients to access the wired network infrastructure and to communicate with each other.
In the example above, the wireless users will be able to access the file server connected to the switch through the access point in Access
Point mode.
18
Client Mode
In Client mode, the device acts as a wireless Client.
When connected to an access point, it will create a network link between the Ethernet network connected at this Client device, and the wireless and Ethernet network connected at the access point.
In this mode it can only connect with an access point. Other wireless clients cannot connect with it directly unless connected to the same access point - allowing them to communicate with all devices connected at the Ethernet port.
In the example above, the workgroup PCs will be able to access the printer connected to the access point in Access Point Client mode.
19
Transparent Client Mode
In Transparent Client Mode, the access point provides connection with an AP acting as Root AP. This operation mode is designed for implementation of Point-to-Point and Point-to-MultiPoint connections.
Point-to-Point
An access point acts as Root AP and 1 other access point acts as
Transparent Client.
Point-to-MultiPoint
An access point acts as Root AP and several other access point acts as Transparent Clients.
This mode is generally used for outdoor connections over long distances, or for indoor connections between local networks.
20
Difference Between other client modes and Transparent Client Mode
Other client modes
Connectivity with any standard
APs.
All devices connected to the
Ethernet ports use a common
MAC address for
Transparent Client Mode
Connectivity with RootAP-supported
APs.
Devices connected to the Ethernet ports flow through freely and transparently without the MAC communications with the AP.
address restriction.
Transparent Client Mode is more transparent, making it more suitable for linking two networks as point-to-point, or point-to-multi-point network connection.
21
To Set Up a Wireless LAN
Follow these steps to setup your wireless LAN for IEEE 802.11a, IEEE
802.11b, and IEEE 802.11g.
WLAN Setup (a/b/g)
1
Click on WLAN Setup(a/b/g) from the CONFIGURATION menu.
2
Select Basic to make changes.
If you disable the card, you will not be able to use the features of this wireless card.
If you wish to disable the card, click on the Click to Disable This Wireless Card button.
Click Reboot in Reboot System page.
Rebooting page displays and machine reboots.
The Wireless Card Disabled screen indicates that the wireless card has been disabled.
22
3
4
The router supports wireless LAN connectivity that is fully compliant with the IEEE 802.11g, IEEE 802.11a, and IEEE 802.11b standards.
It also employs different security modes to secure the data transmission of the wireless clients within your network.
The Current Mode is defaulted to
Access Point.
To change the mode, click on the
Change button.
To change the wireless mode, make a selection from the dropdown box.
Operation Mode
WLAN name (ESSID)
: The router supports three types of modes such as Access
Point, Client, and Transparent Client.
: Enter a preferred name for the wireless network.
Your wireless clients must be configured with the same ESSID
(sometimes referred to as SSID).
23
Wireless mode
Country Code
Channel
: Select from the list of wireless modes available:
802.11a (not supported by WLAN Setup for b/g)
This mode supports wireless A clients with data rates of up to
54Mbps in the frequency range of 5.4GHz.
802.11b only
This mode supports wireless B clients with data rates of up to
11Mbps in the frequency range of 2.4Hz.
802.11g only
This mode supports wireless G clients with data rates of up to
54Mbps in the frequency range of 2.4Hz.
802.11b/g mixed
This mode supports both wireless B and G clients.
The basic rates are: 1, 2, 5.5, 11, 6, 9, 12, 18, 24, 36, 48, and
54Mbps.
: Choose the Country where you are located.
: This option allows you to select a frequency channel for wireless communication.
Select SmartSelect to automatically scan and recommend the best channel that can be utilised.
: Allow you to choose the rate of data transmission from Tx Rate
Maximum Associations : Allow you to limit the number of WLAN associations that can be made from 1 to 128. Default: 32
1Mbps to Fully Auto.
Closed system : The router will suppress and not broadcast its WLAN name
(SSID) when Closed system is enabled.
Closed system is disabled by default.
Act as RootAP : The router will connect with one or multiple Transparent
Clients to create a point-to-point and point-to multi-point connections network with 2 or more APs.
This connection method is fully compliant with 802.1h standards.
VLANID : Select and specify the VLANID.
This is a number to identify the different virtual network segments to which the network devices are grouped.
This can be any number from 1 to 4094.
24
Point-to-Point & Point-to-MultiPoint Setup
You can implement Point-to-Point connection by simply setting one access point as RootAP in Access Point mode and setting the other access points to Transparent Client mode.
You can set a root access point and a transparent client to allow pointto-point communication between different buildings and enable you to bridge wireless clients that are kilometres apart while unifying the networks. Or you can set a root access point and multiple transparent clients to allow point-to-multiple-point communication between the access point located at a facility and several other access points installed in any direction from that facility.
Follow these steps to setup RootAP
R o o t t A P S t t e p 1 : :
Click on W L A N S e t t u p from the the sub-menus expanded under
C O
W L
N
A
F
N
I I G
S
U e t t
R u
A p
T T I O N menu. You will see
. Click on B a s i i c .
Ensure that T h e C u r r r r e n t t M o d e is set to A c c e s s P o i i n t t .
To change T T h e C u r r r e n t t M o d e , please refer to: Common
Configuration – WLAN Setup - To Configure the Basic Setup of the
Wireless Mode.
25
R o o t t A P S t t e p 2 : :
Select A c t t a s R o o t t A P , click on the A device to let your changes take effect. p p l l y button and reboot your
26
Follow these steps to setup Transparent Client/s.
T T r r a n s s p a r r e n t t C l i i e n t t S t t e p 1 : :
Click on W L A N S e t t u p from the the sub-menus expanded under
C O
W L
N
A
F
N
I I G
S
U e t t
R u
A p
T T I I O N menu. You will see
. Click on B a s i c .
Ensure that T h e C u r r e n t t M o d e is set to T r r a n s p a r r e n t t C l i i e n t .
To change T T h e C u r r r r e n t t M o d e , please refer to: Common
Configuration – WLAN Setup - To Configure the Basic Setup of the
Wireless Mode.
27
T T r r a n s s p a r r e n t t C l i i e n t t S t t e p 2 : :
Select the R e m o t t e A P M A C checkbox.
Enter the R e m o t t e A P M A C .
Note:
When using R e m o t t e A P M A C , the E S S I I D name must also match the
AP’s ESSID name, especially when Closed System is enabled on the
AP.
Repeat Transparent Client step to add more points to the Point-to-
MultiPoint connection.
28
How to Make Your WLAN More Secure
All your network clients MUST share the same wireless settings as your router to be able to communicate.
The router offers 8 types of security modes:
WEP
Short for Wired Equivalent Privacy, WEP is a security protocol basing on a secret key to encrypt data packets before they are transmitted.
You MUST remember to apply the same WEP settings and key to the router as well as to all your wireless clients.
802.1x
This mode conforms to the IEEE 802.1x authentication standard that ensures that a client is not given access to network resources unless it has been successfully authenticated.
There MUST be a RADIUS server on your LAN for this security mode to function.
WPA Personal
WPA, or Wi-Fi Protected Access, is a protocol for authorising and authenticating users onto the wireless network and implements the majority of the IEEE 802.11i standard.
WPA Personal mode implements a shared network password for clients and access points.
The only interaction is between the router and the client, therefore, a
RADIUS server is NOT required.
WPA Enterprise
WPA Enterprise mode implements the 802.1X authentication.
There MUST be a RADIUS server on your LAN for this security mode to function.
29
WPA2 Personal
WPA2 Personal mode implements the full IEEE 802.11i standard with a shared network password for clients and access points.
The only interaction is between the router and the client, therefore, a
RADIUS server is NOT required.
WPA2 Enterprise
WPA2 Enterprise mode implements the full IEEE 802.11i standard and
802.1X authentication.
There MUST be a RADIUS server on your LAN for this security mode to function.
WPA Auto Personal
WPA Auto Personal mode implements a shared network password for clients and access points and if there are no WPA enabled access points available with the given SSID in WPA Personal mode, the unit will attempt to associate with a non-WPA point with the given SSID, if available.
The only interaction is between the router and the client, therefore, a
RADIUS server is NOT required.
WPA Auto Enterprise
WPA Auto Enterprise implements 802.1X authentication and if there are no WPA enabled access points available with the given SSID in WPA
Enterprise mode, the unit will attempt to associate with a non-WPA point with the given SSID, if available.
There MUST be a RADIUS server on your LAN for this security mode to function.
30
The subsequent sections illustrate how to configure each security mode.
Begin with following the two common preliminary steps shown below to select the most appropriate security mode to protect your wireless communications.
Selecting a security mode
1 Click on WLAN Setup(a/b/g) from the CONFIGURATION menu.
Select Security .
2 1. Make a selection from the
Security Mode drop down menu.
The Security Mode is disabled by default. on .
31
How to Setup WEP
WEP
1 You can define up to 4 WEP keys.
For each key, you can specify:
The Key Entry Method , by selecting either:
-
-
Hexadecimal
ASCII text
The encryption level, from the dropdown list:
-
64-bit
-
128-bit
Click Edit to set the keys, and then click Apply.
32
2 For hexadecimal key entry:
1. Select radio button.
2. Select the radio button of the key to be entered.
3. Select the key encryption mode from the drop down menu.
4. Fill in the key value.
A hexadecimal value is made of digits 0-9 and letters A-F, and is NOT case-sensitive.
For 64-bit encryption:
Your WEP key has to be 10 hex digits long.
For 128-bit encryption:
Your WEP key has to be 26 hex digits long. on .
6. If the key format is valid, the page will refresh and the key will appear in encrypted form.
33
3 For ASCII key entry: button. the radio
2. Select the radio button of the key to be entered.
3. encryption mode from the drop down menu.
4. Fill in the key value.
An ASCII value can take in any alphanumeric character and is
NOT case-sensitive.
For 64-bit encryption:
Your WEP key has to be 5 characters long.
For 128-bit encryption:
Your WEP key has to be 13 characters long. on .
6. If the key format is valid, the page will refresh and the key will appear in encrypted form.
4 To add more hexadecimal WEP keys, repeat step 2.
To add more ASCII WEP keys, repeat step 2.
You can set a maximum of 4 WEP keys using different key entry methods and encryption levels.
To specify which key to use:
1. Select the radio button of the key to be used. on , then on
Reboot to apply the changes.
34
How to Setup 802.1x
802.1x
1 1. Key in the IP address of the Primary RADIUS Server in your WLAN.
Optional: You may also key in a
Secondary RADIUS Server, if any.
Note: The RADIUS server MUST be in the same subnet as your router.
2. The is preset as 1812, but another port number can be used.
Note: The Authentication Port
MUST match the corresponding port of the RADIUS server.
3. Enter
RADIUS server.
Shared Secret
Key , known only to you and the
4. The preset as 1813 , but another port number can be used.
is
5. You can opt for a Key
Length of either 64 bits (10 hex /
5 ASCII values) or 128 bits (26 hex / 13 ASCII values).
6. Click
7. Click to restart the system, after which the settings will be effective.
35
How to Setup WPA Enterprise Modes
Follow these steps to setup the router to use WPA Enterprise, WPA2
Enterprise, and WPA Auto Enterprise.
WPA Enterprise
1 the to implement:
• TKIP
• AES
• AUTO
The Cipher Type is set to
AUTO by default so that the router can automatically detect which cipher type can be supported by the client.
2. Key in the IP address of the
RADIUS Server in your WLAN.
Note: The RADIUS server MUST be in the same subnet as your router.
3. The Authentication Port is preset as 1812, but another port number can be used.
Note: The Authentication Port
MUST match the corresponding port of the RADIUS server.
4. Enter , known only to you and the
RADIUS server.
Accounting Port is preset as 1813 , but another port number can be used.
6. Click .
7. Click the system, after which your settings will become effective. to restart
36
How to Setup WPA Personal
Follow these steps to setup the router for using WPA Personal, WPA2
Personal, and WPA Auto Personal.
WPA Personal
1 in shared network key.
2. Select implement: a. TKIP b. AES c. AUTO.
to
The Cipher Type is set to
AUTO by default so that the router can automatically detect which cipher type can be supported by the client.
2 1. Click .
2. Click Reboot to restart the system, after which your settings will become effective.
37
Advanced WLAN Settings
Follow these steps to change the radio settings of your router.
Editing Advanced Settings
1 1. Click on WLAN Setup
(a/b/g) from the
CONFIGURATION menu.
Advanced.
2
1. Set (the time lapse between every beacon sent) to any value between 200 and 1000.
It is preset as 200 seconds. the from 1 to
16384.
This determines how often the beacon should contain a Delivery Traffic
Indication Message ( DTIM ) that tells power-save clients that a packet is waiting for them.
3. Set from 256 to
2346.
It is preset to 2346.
4. Set the from 256 to 2346.
It is preset to 2346.
5. Transmission Power Control (TPC) offers the flexibility to set the Transmit Power .
(802.11h compliant)
It is set to Maximum by default, but should be reduced if there is more than one unit using the same channel frequency.
It can be set from Minimum to
Maximum, 1dBm to 20dBm, in increments or 1dBm per step.
38
3
1. Click .
Changes will be enabled after reboot.
8.
6. Select whether to enable Station
Isolation .
This security feature implements isolation, in order to prevent network clients from attacking other network clients.
7. The function allow you to control whether to use the:
• MAIN antenna (Default)
• AUX (Auxiliary) antenna
OR
• Diversity, to monitor the signal from each antenna and automatically switch to the one with the better signal.
For Antenna Control recommended settings, please refer to the next section.
Dynamic Frequency Selection
(DFS) support provides flexible selection of the best frequency channel for the wireless communication to allow mobility among networks.
It reduces interference by detecting and avoiding other frequencies in use.
(DFS is a component of, and compliant with 802.11h specifications.)
DFS is enabled by default.
39
Antenna Control
These are the recommended antenna control settings.
Antenna Control
If both antennas are connected: set antenna control to Diversity
If antenna is connected to main: set antenna control to MAIN
If antenna is connected to auxiliary: set antenna control to AUX
40
Long Distance Parameters
It is necessary to adjust the long distance parameters, only if the distance is 100 meters and beyond.
Follow these steps to change the long distance parameters of your router.
Editing Long Distance Parameters
1 1. Click on
(a/b/g) from the
CONFIGURATION menu.
2
1. Click .
41
3
1. Select whether to
Enable or Disable
Outdoor operation.
2. Enter Distance of the unit in meters.
3. Enter the SlotTime.
4. Enter acknowledgement the timeout.
5. Enter the CTS timeout.
This dialog box displays if the Distance entered is less than 100 meters.
To view recommended long distance parameters:
Click Show Reference Data button.
42
WMM
Wireless Multimedia (WMM) is a feature specially developed to improve the user’s experience for audio, video, and voice applications by prioritizing data traffic.
43
Follow these steps to change the setup Wireless Multimedia on your access point.
Setting WMM
1 3. Click on
(a/b/g) from the
CONFIGURATION menu.
2
Click WMM Settings .
3
1. Wireless
Multimedia (WMM)
2. Enter the desired WMM parameters.
Using the default parameters is recommended.
3. Click to apply the WMM settings, click Default to reset all parameters to default, or click Back to discard any changes and return to WLAN Basic Setup page.
44
AIFs (Arbitrary Inter-
Frame Space)
Cwmin (Contention
Window Minimum)
CwMax (Contention
Window Maximum)
TxOp limit (Transmit
Opportunity Limit)
NoAck (No
Acknowledgement)
ACM (Admission
Control Mandatory)
BE (Best Effort)
BK (Background)
VI (Video)
VO (Voice)
WMM Parameters (for advanced users)
Arbitrary Inter-Frame Space is the fixed wait time for different data traffic to access the network.
Contention Window Minimum is the minimum random wait time for different data traffic to access the network.
Contention Window Maximum is the maximum random wait time for different data traffic to access the network.
Transmit Opportunity limit specifies the duration that an end-user device can transmit data traffic. TxOp limit can be used to give data traffic longer and shorter access.
No Acknowledgement provides control of the reliability of traffic flow. Usually an acknowledge packet is returned for every packet received, increasing traffic load and decreasing performance.
Enabling No Acknowledgement cancels the acknowledgement.
This is useful for data traffic where speed of transmission is important.
Admission Control Mandatory enables WMM on the radio interface. When ACM is enabled, associated clients must complete the WMM admission control procedure before access.
Parameters for Data0 Best Effort.
Best Effort data traffic has no prioritization and applications equally share available bandwidth.
Parameters for Data1 Background.
Background data traffic is de-prioritized and is mostly for backup applications, or background transfers like backup applications or background transfers like bulk copies that do not impact ongoing traffic like Internet downloads.
Parameters for video data traffic.
Parameters for voice data traffic.
45
Statistics
Follow these steps to view the WLAN detailed connections statistics per
WLAN station.
Statistics
1 on from the CONFIGURATION menu.
Statistics.
3
The WLAN connection’s statistics displays.
Click Back to return to WLAN Basic
Setup page.
2
1. Select the WLAN connection to view statistics of.
• Click Refresh to refresh the WLAN
Connection List.
• Click Back to return to the WLAN
Basic Setup page.
46
Virtual AP (Multiple SSID)
Virtual AP implements mSSID (Multi-SSID) whereby a single wireless card can be setup with up to 16 virtual AP connections with different SSIDs or
BSSID (Basic Service Set Identifier) and security modes.
Virtual AP delivers multiple services by VLAN segmentation: making the network think there are many SSIDs available and channeling each connection through different VLANs to the respective virtual network segments on the Ethernet network.
How it Works
When WLAN PC 1 connects to VAP 1 its packets are channeled to
VLAN 10 group where only services connected to Port 2 and Port 3 are available to this wireless connection.
It is similar for WLAN PC 2 and WLAN PC 3. Although they connect to the same radio card as WLAN PC 1, WLAN PC 2 can only access the services available at Port 6 and Port 7 and WLAN PC 3 can only access the services available at Port 10 and Port 11.Follow these steps to setup
Virtual AP.
47
Follow these steps to setup Virtual AP.
Virtual AP
1 on from the
CONFIGURATION menu.
Virtual AP.
2
•
•
Virtual AP List page displays.
• Click Apply to register changes.
Click Clear to clear Virtual AP List.
Click Back to return to WLAN Basic
•
Setup page.
Select the Delete option beside any Virtual APs you wish to delete.
Click Add to goto add Virtual AP page.
3
1. Enter ESSID name.
2. Settings:
• VLAN ID
• Closed System
• RootAP
3. Select Security Mode
4. Click Apply to make changes or click Back to return to Virtual AP List page.
48
Preferred APs (Only available in Client Mode)
When there is more than one AP with the same SSID, the Preferred APs function allows you define the MAC address of the APs in order of preference.
The MAC address at the top of the Preferred APs list has the highest connection preference, and the MAC address at the bottom has the lowest connection preference.
Follow these steps to specify your preferred APs.
Preferred APs
1
1. Click on WLAN Setup (a/b/g) from the
CONFIGURATION menu.
2. Select Preferred APs.
2
1. Enter the MAC addresses of the preferred APs.
2. Click Apply to effect the settings.
49
Antenna Alignment
The antenna alignment function helps you find the best alignment for the antenna by measuring the quality of the signal.
For best results during the antenna alignment, turn off all wireless networking devices within range except the device with which you are trying to align the antenna.
Follow these steps to setup your wireless LAN.
Antenna Alignment
1
1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu.
2. Select Antenna Alignment.
2
1. Enter the Remote AP MAC Address you wish to align with.
2. Click Start to perform antenna alignment.
! NOTE: To ensure proper functionality of the device, select to Stop after performing antenna alignment.
Alternatively, you may also reboot the device.
50
Chapter 6: Configuration
This chapter describes the different features of your router and explains how to customise them to meet your network requirements.
Setting up the router in your LAN
SNMP (Simple Network Management Protocol) Setup
Setting Up the Router in Your LAN
The following table lists out the parameters relevant to your LAN setup.
You can replace the default settings with appropriate values to suit the needs of your LAN.
LAN Parameters Description
IP Address
Network Mask
Management
Gateway IP
The IP address of your router access point is 192.168.168.1
by default.
When the DHCP server of the access point is enabled, this
LAN <IP address> would be allocated as the Default
Gateway of the DHCP client unless you set a different
<DHCP Gateway IP address>
The Network Mask identifies the subnet in which your router resides.
The default network mask is 255.255.255.0
.
(Optional) As a bridge router, the router does not usually communicate with devices on other IP subnets. However, the Management Gateway here acts as the equivalent of the Default Gateway of a PC, to allow the router to communicate with devices on different subnets.
For instance, if you want to access the router from the internet or from the router on the LAN, you can set the IP address of the router as the Management Gateway IP.
The Management Gateway IP address of your router is set to Nil by default.
The next two fields (DHCP Start IP Address and DHCP End IP Address) allow you to define the range of IP addresses from which the DHCP Server can assign an
IP address to the LAN.
DHCP Start IP
This is the first IP address that the DHCP server will assign.
Address The value you enter should belong to the same subnet as your router.
For example if the IP address and network mask of your router are 192.168.168.1 and 255.255.255.0 respectively,
51
Address the DHCP Start IP Address should be 192.168.168.X where
X is any value from 2 to 254.
It is preset to 192.168.168.100
.
This is the last IP address that the DHCP server can assign.
The value you enter should also belong to the same subnet as your router.
For example if the IP address and network mask of your router are 192.168.168.1 and 255.255.255.0 respectively, the DHCP End IP Address should be 192.168.168.X where X is any value from 2 to 254.
It is preset as 192.168.168.254
.
DHCP Gateway IP
Address
Enter the IP address of the gateway to Internet or of the router if this access point is the one connecting to the
Internet.
If your network uses multiple gateways / access points, you may wish the router to act as DHCP server to a LAN segment while another access point connects to the
Internet or to another LAN.
Though the DHCP server usually acts as the Default
Gateway of the DHCP client, you can define a different
<DHCP Gateway IP address>, which will be allocated as the Default Gateway of the DHCP client.
The DHCP client will thus receive its dynamic IP address from the router but will access the Internet or the other
LAN through the Default Gateway defined by the <DHCP
Gateway IP address>.
Always use these
DNS servers
Primary DNS IP
Enable this option if you want the router to use only the
DNS server you have specified.
Your ISP usually provides the IP address of the DNS server.
Address
Secondary DNS IP
Address
DHCP Server
This optional field is for the IP address of a secondary DNS server.
If DHCP server is disabled you will need to manually configure the TCP/IP parameters of each computer in your LAN.
52
Setting Up Your LAN
Follow these steps to change the values and customise them for your
LAN settings.
LAN Setup
1
Click LAN Setup from the
CONFIGURATION menu.
2 2. Amend the relevant fields in the
LAN Setup page.
3. Click Apply , to apply the changes.
53
To view the active DHCP leases
The following will guide you to a display of the active IP address leases that have been allocated by the built-in DHCP server.
To view the active DHCP leases
1 1. Click from the
CONFIGURATION menu.
2. In page, go to
Advanced DHCP Server
Options .
3. Click leases .
2 The DHCP Active Leases table displays:
The IP Address that has been allocated to the DHCP client.
The Host Name of the DHCP client.
The Hardware Address (MAC) of the DHCP client.
The date and time when the IP address leased expires.
NOTE: Invalid date and time displayed in the Expires column ! indicates that the clock of your router has not been set. Please refer to the SYSTEM TOOLS section for more details on how to set the router’s clock.
54
To reserve specific IP addresses for predetermined DHCP clients
The ability to make IP reservations enables you to assign a fixed IP address to a predetermined client (identified by its MAC address), thus informing the DHCP server to exclude that specific address from the pool of free IP addresses it draws on for its dynamic address allocation.
For instance, if you set up a publicly accessible FTP/HTTP server within your private LAN, while that server would require a fixed IP address, you would still want the DHCP server to dynamically allocate IP addresses to the rest of the PCs on the LAN.
The following shows you how to modify the settings of the built-in DHCP server.
Advanced DHCP Options
1 1. Click from the
CONFIGURATION menu.
2. In page, go to
Advanced DHCP Server
Options .
3. Click DHCP Server
Reservations .
4. Click Add .
2 1. Enter:
The host portion of the IP Address to reserve.
The Hardware Address , in 6 pairs of two hex values
2. Click effect the changes.
3. The DHCP Reservations table will refresh to display the currently reserved IP addresses.
55
3 If you do not need the DHCP server to reserve an IP address anymore, you can delete the
DHCP Server Reservation:
1. Select the reserved IP address to delete.
2. Click .
3. The DHCP Reservations table will refresh to reflect the changes.
56
Bandwidth Control for WAN
Bandwidth Control allows you to decide the available bandwidth in levels of 1kbit.
Follow these steps to setup Bandwidth Control for WAN.
Bandwidth Control for WAN
1
Click Bandwidth Control from the
CONFIGURATION menu.
3
To apply Bandwidth Control on WAN, in WAN
Bandwidth Control Setup:
1. Enter the Download Total Rate in kbit. This restricts the bandwidth available for downloading.
2. Enter the Upload Total Rate in kbit. This restricts the bandwidth available for uploading.
3. Click Apply.
2
Select whether to Enable or
Disable Bandwidth Control and click Apply.
57
Bandwidth Control for LAN
Bandwidth Control allows you to decide the available bandwidth in levels of 1kbit.
Follow these steps to setup Bandwidth Control for LAN.
Bandwidth Control for LAN
1
Click Bandwidth Control from the
CONFIGURATION menu.
2
Select whether to Enable or
Disable Bandwidth Control and click Apply.
3
Click Add to add a Bandwidth
Control Entry
58
3
1. Enter the Bandwidth Control Rule
Name.
2. Enter the Committed Rate in kbit.
This sets the bandwidth committed.
3. Enter the Ceil Rate in kbit. This is the ceiling rate which sets the maximum bandwidth allowed.
4. Enter the Rule Type
Rule Types:
• Download by IP Address
• Download by MAC Address
• Upload by IP Address
• Upload by MAC Address
5. Enter the IP or MAC Address according to the Rule Type selected.
6. Click Add to add this Bandwidth
Control Entry or click Cancel to cancel to disregard your entry.
59
STP Setup
Spanning Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations.
Multiple active paths between stations cause loops in the network. If a loop exists in the network topology, the potential exists for duplication of messages.
When loops occur, some switches see stations appear on both sides of the switch. This condition confuses the forwarding algorithm and results in duplicate frames being forwarded.
Enabling Spanning Tree Protocol
1
Click STP Setup from the CONFIGURATION menu.
2
Select Enable, and click Apply to allow spanning tree protocol to be activated on the router.
STP Status:
Spanning Tree Protocol (STP) function makes your network more resilient to link failure and avoids loop formation.
60
Priority:
Specify the priority given to the AP.
This value determines which access point acts as the central reference point, or Root
AP, for the STP system — the lower the priority value, the more likely the access point is to become the Root AP.
If the priority values are all the same, then the system will search for the access point with the smallest MAC address and set it as the Root AP.
Hello Time:
Specify the time in seconds that elapses between the generation of configuration messages (also known as Hello BPDUs) by an AP that assumes itself that it’s the Root
AP.
Forwarding Delay:
Specify the time in seconds an AP spends in the listening and learning states (listening for configuration messages.)
Max Aging Time:
Specify the maximum age in seconds of stored configuration message information, after which it is judged as too old and are discarded.
Note: If an AP does not receive another configuration message after the Max Aging
Time, the system assumes that the link between itself and the Root AP has gone down and reconfigures the network accordingly.
After specifying the values, click Apply to apply changes.
61
SNMP Setup
SNMP (Simple Network Management Protocol) is a set of protocols that facilitates the exchange of management information between network devices. It enables network administrators to manage network performance, detect and solve network problems, and plan for network growth.
Follow these steps to setup SNMP.
SNMP Setup
1 Click SNMP Setup from the
System Tools menu.
2 the drop-down list, select Enable .
Read Password is set to public and Read/Write Password set to private by default.
4. Enter the SNMP EngineID .
5. Press .
Reboot .
You are recommended to change to a different password.
62
SNMP Trap
The SNMP Trap provides notification of significant network events through unsolicited SNMP messages. This results in substantial savings of network resources by eliminating the need for unnecessary SNMP requests.
Follow these steps to setup SNMP Trap.
SNMP Trap
1 Click SNMP Setup from the
CONFIGURATION menu.
2
1. Select whether to Enable or Disable the SNMP Trap.
2. Enter Trap Destination
IP Address or Name.
This is the IP address of the SNMP manager. the
This is used to authenticate messages and is included in every packet that is transmitted between the SNMP manager and agent.
63
Chapter 7: Enabling and Disabling Router
This chapter describes the switching capability of the unit to operate either as a router or access point.
Setting Up Router
By default, the unit is operating as a router.
The simple procedure to enable the router is described.
Enable Router
1
Click Enable Router from the
CONFIGURATION menu.
2
The Enable Router Function appears. Click on the Enable
Router button.
64
Setting Up Access Point
Follow these steps to disable the router and switch back as an access point.
Disable Router
1
Click WAN Setup from the
CONFIGURATION menu.
2 Click Disable Router.
3
The Disable Router Function screen appears. Click Disable Router again.
65
Chapter 8: Router Setup
This chapter describes the different features of your unit when it is set to operate as a router.
Broadband Internet
Using NAT
Routing
Remote Management
Parallel Broadband
DDNS (Dynamic Domain Name System) Setup
Features unsuitable for office network:
Universal Plug and Play
DNS (Domain Name System) Redirection
! NOTE: Universal Plug and Play and DNS Redirection features are not designed for operation in an office network.
To ensure proper functionality of the router, these features should not be activated when connected to an office network.
Broadband Internet
Setting up the router in your network enables you to share a single cable or
ADSL Internet account among multiple LAN clients.
As the router supports several types of broadband Internet connections and
WAN protocols, you should verify your broadband Internet subscription type to set up your router correctly.
66
WAN Setup
The configuration for each type of broadband Internet connection is shown in the following individual sections.
The system has to be restarted to effect changes in settings.
Start with these common steps to set the broadband connection type.
Changing the WAN Type
1
Click
2
3
WAN Setup
CONFIGURATION menu. from the
The setup page of the WAN type last implemented will be displayed.
As the router operates in Dynamic (DHCP)
Address Allocation mode by default, initially the WAN Dynamic Setup page will appear.
Clicking Change (which appears on the setup pages of all the WAN Types), displays the Select WAN Type page.
From Select WAN Type page, select the
WAN type to apply and click Apply .
The setup page of the selected WAN type displays.
67
Static IP
If you have subscribed to a specific IP address or to a fixed range of IP addresses from your ISP, follow these steps.
Static IP Configuration
1
Select Static IP Address from Select WAN
Type page and click Apply.
2
At the Static IP WAN Setup page: the , Network Mask , and
Gateway IP Address provided by your
ISP.
2. Click .
Reboot System to restart the system and let the changes take effect.
68
Dynamic IP
This is the default WAN Type of your router.
In this connection mode, your ISP will automatically assign its IP address.
This connection mode applies to most cable Internet subscribers, for instance:
Singapore Cable Vision subscribers.
@HOME Cable Service users.
Follow these steps to setup Dynamic IP.
Dynamic IP Configuration
1
Select Dynamic IP Address as WAN
Type.
2
At Dynamic IP WAN Setup page:
1. You can review the:
-
IP Address
-
Network Mask
-
Gateway IP Address
-
Primary DNS
-
Secondary DNS
The DHCP server of your ISP dynamically allocates these parameters.
Click Reboot System to allow the new
WAN type to take effect.
69
PPPoE
Select this connection type if you have subscribed to ADSL in a country utilising standard PPPoE for authentication, for instance:
If you are in Germany, which uses T-1 connection.
If you are a SingNet Broadband or Pacific Internet Broadband user in Singapore.
These are the parameters in the PPPoE setup.
PPPoE Parameter
Username
Password
On-Demand
Idle Timeout
Always-On
Factor
Description
This refers to your broadband account username.
This refers to your broadband account password.
If enabled, the router will automatically connect to the
ISP whenever a LAN client makes an Internet request.
This field is relevant only if On-Demand is enabled.
It allows you to specify an idle time allowed before the router automatically goes offline.
It will only reconnect when a LAN client makes an Internet request.
If the field is set to 0, this feature will be disabled, and the router will remain online unless disconnected by the ISP.
The default value is preset to 30 seconds.
If this feature is enabled, the router will remain permanently connected to the Internet.
This field is relevant only if Always-On is enabled and allows you to specify an offline time allowed, before the router automatically reconnects to the Internet.
The default value is preset to 30 seconds.
70
Follow these steps to setup PPPoE.
PPPoE Configuration
1
Select PPP over Ethernet from the Select WAN
Type menu.
2
At the PPPoE WAN Setup page:
1. Enter your broadband Internet account parameters in the relevant fields.
2. The Status section displays your connection settings such as:
IP Address
Network Mask
Gateway IP Address
Primary & Secondary DNS
3. If you are online, clicking Disconnect will disconnect your connection.
Apply .
5. Click button to restart the system and allow the WAN type changes to take effect.
To use Email Notification, please refer to
Chapter 8: Router Setup – Broadband Internet
Through the router – WAN Setup Email
Notification
71
PPTP
The Point-to-Point Tunneling Protocol (PPTP) enables the implementation of secure multi-protocol Virtual Private Networks (VPNs) through public networks, enabling secure remote access at lower cost.
Follow these steps to setup PPTP.
PPTP Configuration
To use Email Notification, please refer to Chapter 8:
Router Setup – Broadband
Internet Through the router –
WAN Setup Email Notification
2
1
Select PPTP as your WAN Type at Select WAN
Type page.
At the PPTP WAN Setup page:
1. Select whether to enable DHCP.
Client .
3. Enter Network Mask . the .
Username of your Internet account.
Password of your Internet account.
7. Enter the IP address of your VPN Server .
8. Enter value between 30-
3600 seconds. Entering 0 will disable this feature.
Status section gives you a summary of your connection settings such as:
• IP address
• Network Mask
• Gateway IP Address
10. If you are online, clicking Disconnect will disconnect your connection.
11. Click Apply .
12. Click button to restart the system and allow the changes to take effect.
72
L2TP
L2TP (Layer 2 Tunneling Protocol) is an extension to the PPP protocol used for Virtual Private Networks (VPNs) that supports multiple protocols and unregistered and privately administered IP addresses over the
Internet.
Follow these steps to setup L2TP
L2TP Configuration
2
1
Select L2TP as your WAN Type at Select WAN
Type page.
At the WAN L2TP Setup page:
1. Select whether to enable DHCP.
2. Enter Client .
3. Enter Network Mask .
4. Enter .
5. Enter the of your Internet account.
Password of your Internet account.
7. Enter the IP address of your VPN Server . an value between 30-
3600 seconds. Entering 0 will disable this feature.
Status section gives you a summary of your connection settings such as:
• IP address
• Network Mask
• Gateway IP Address
10. If you are online, clicking Disconnect will disconnect your connection.
13. Click
14. Click
.
Reboot button to restart the system and allow the changes to take effect.
73
Email Notification
This feature notifies you by email if there is a change in the WAN IP address.
Follow these steps to setup Email Notification.
Email Configuration
1
After applying WAN PPPoE Setup, WAN PPTP
Setup, or L2TP.
The WAN Setup screen of the WAN Type displays. (PPPoE shown in this example.
Click Email Notification.
2
Click Enable and enter the following fields:
Email address of Receiver:
The email will be sent to this address.
IP address of Email Server:
This is the IP address of the SMTP server through which the message would be sent out.
Note: It is recommended to use your ISP’s
SMTP server).
User Name:
This is the email account user’s name that should be entered if authentication is required.
Password:
This is the email account user’s password that should be entered if authentication is required.
74
Email address of Sender:
This is the email address that will appear as the sender.
Needs Authentication specifies whether the SMTP server requires authentication, and is not selected by default.
Click Apply.
75
Using NAT
NAT (Network Address Translation) functions by transforming the private
IP address of packets originating from hosts on your LAN so that they appear to be coming from a single public IP address, and by restoring the destination public IP address to the appropriate private IP address for packets entering the private network. The multiple PCs on your LAN would then appear as a single client to the WAN interface.
Enabling/Disabling NAT
NAT
1 Click NAT from the
CONFIGURATION menu.
2 The NAT Status radio button is enabled by default.
To change NAT Status :
1. Select the appropriate radio button.
Apply .
! NOTE: Disabling NAT will disable Internet Sharing.
Broadband Internet sharing requires this option to be
ENABLED.
76
When NAT is enabled, your LAN is not accessible to the WAN. However, implementing virtual servers allows you to host Internet servers such as web servers, FTP servers or Mail servers on your LAN, in spite of NAT.
To Setup a De-Militarised Zone Host
If NAT is enabled, a request from the client within the private network first goes to the access point. Upon receiving a request, the access point keeps track of which client is using which port number. Any reply from Internet goes to the access point first, the access point (from the port number in the reply packet) knows to which client to forward the reply. If the access point does not recognize the port number, it will discard the reply.
When using DMZ on a PC, any reply not recognized by the access point will be forwarded to the DMZ-enabled PC instead.
You may wish to set up a DMZ host if you intend to use a specialpurpose Internet Service such as an online game for which no port range information is available.
You can also host web pages or public information that can be served to the outside world, on the DMZ host.
77
DMZ
1 1. Click NAT from the
CONFIGURATION menu.
2. Ensure that NAT Status is set to Enable.
At the Advanced NAT Options section:
3. Click .
3 To disable DMZ:
3. In field enter 0.0.0.0
.
Apply .
2 the field, enter the IP address of the PC you wish to place within the DMZ.
Private IP Address is set to 0.0.0.0
by default.
Apply .
! NOTE:
The Static IP Address configuration is recommended for the DMZ host when DMZ is enabled, as the address may change if allocated by DHCP, causing improper functioning of the
DMZ.
2. The DMZ host is not invulnerable to malicious attacks from the Internet as DMZ exposes ALL of the host’s ports.
To Setup Port Forwarding
Port forwarding allows the router to redirect any incoming Internet request bearing a public IP address to a specific PC on your LAN, based on the incoming packet’s TCP/UDP port number.
Hence, using TCP port forwarding, you can hide your web-server behind the access point for added security, while UDP port forwarding lets you run a secure multiplayer game server.
The following diagram shows a router with a public IP address of
203.120.90.3 and a private IP address of 192.168.168.1. Using appropriate port forwarding settings, all incoming packets with port number 80 will be forwarded to the web server, known on the LAN as
192.168.168.5, while those with port number 21 can be directed to the
FTP server, which has a private IP address of 192.168.168.8.
79
Follow these steps to setup port forwarding.
Port Forwarding
1 1. Click NAT from the
CONFIGURATION menu.
2. Ensure NAT Status is set to Enable.
At the Advanced NAT Options section:
Port Forwarding .
80
3 For standard server applications
(HTTP/FTP/POP3/Netmeeting), go to Known Server :
1. Enter the Private IP
Address .
2. Pick the appropriate
Server Type .
3. Enter the range in the
From: and To: fields.
4. Click .
2
To set up Internet applications not included under Known Server , go to Custom Server :
1. Enter the Private IP
Address .
2. Define numbers to use.
3. Select the relevant
Protocol from the drop down list. the .
5. Enter fields. on .
The Port Forward Entries table displays the list of current port-based entries.
Click Add .
We entered a Private IP Address of
192.168.168.55
, defined ports 15 to 89 as the application Ports, selected UDP from the Protocol drop-down list and labeled the Server Type as LAN Game .
81
4
NAT Static Port Based Entries reflects the new entry.
To assign more servers in your LAN:
Add .
This will bring you back to Add
New NAT Port-Based Entry.
2. Repeat Step 3 above.
To delete table entries:
1. Select the entry to delete.
2. Click .
The table will refresh.
82
The following is a non-exhaustive list of well-known port numbers:
Application Port Number
Echo 7
Daytime 13
FTP 21
SMTP (Simple Mail Transfer, i.e., email) 25
Telnet 23
Time 37
Nameserver 42
Gopher 70
WWW (World Wide Web) 80
83
IP Forwarding
If you have subscribed to more than one IP address from your ISP, you may define Virtual Servers based on their IP address so that incoming
Internet requests are forwarded to specific computers within the private network.
Assuming you subscribe to the range of Public IP addresses 203.120.12.1 to 203.120.12.62 from your ISP and the PC hosting a server has a LAN IP address of 192.168.168.100:
To define the Internet Server as having an IP address of 203.120.12.62, you can set a NAT Static IP Address Entry such that Internet requests to
203.120.12.62 are forwarded to 192.168.168.100 regardless of the
TCP/UDP port.
Follow these steps to setup an IP-Forwarding Virtual Server.
IP Forwarding
1 1. Click NAT from the
CONFIGURATION menu.
2. Ensure is set to enable.
3. At Advanced NAT
Options:
Click IP Forwarding .
2 The NAT Static IP Address Entries table displays the list of current port-based entries.
Click Add .
84
3 the of your virtual server as identified in your LAN. the of the server, as known outside your LAN.
3. Click .
4 NAT Static IP Address Entries reflects your new entry.
To assign more servers in your LAN:
Add .
This will bring you back to Add
New NAT IP Address Entry.
2. Repeat Step 3 above.
To delete table entries:
1. Select the entry to delete.
2. Click .
The table will refresh.
!
NOTE: Please ensure that the public IP address specified to forward from is the correct IP address to which you have subscribed.
85
Routing
The router supports both static routing for manual routing table entry addition, and dynamic routing for automatic routing table update.
! NOTE: The default settings of the router allow broadband
Internet sharing so there is no need to configure any further routing information.
Improper routing settings might cause improper functioning.
The following diagram illustrates a wireless LAN having subnet
192.168.168.0 in which a router ( X ) with IP address 192.168.168.1 functions as Internet access point while a router ( Y ) with IP address
195.165.150.2 connects to a remote office, of subnet 195.165.150.0.
In this scenario, if client A wants to communicate with the remote client
D, when the router ( X ) sees the packets with the destination IP address of D, it will search for and send the routing table information to the router ( Y ) to route the packets to the specified destination.
X
Y
86
Static Routing
Follow these steps to add entries to your access point’s routing table for rerouting of IP packets to another network.
Static Routing
1 Click Routing from the
CONFIGURATION menu.
2 The IP Routing Table displays the list of current routing entries.
To add static route in the IP Routing
Table click Add .
3 1. Enter the Destination IP
Address of your new entry.
2. Enter the Gateway IP
Address .
Apply .
The new entry will appear in the IP Routing Table.
87
4 The IP Routing Table reflects the new entry.
To add more routes:
Add .
This will bring you back to Add IP
Route GUI.
2. Repeat Step 3 above.
To delete a route:
1. Select the entry to delete.
2. Click .
The table will refresh.
88
Telnet/SSH Setup
Telnet allows a computer to remotely connect to the CLI (Command
Line Interface) for control and monitoring.
SSH (Secure Shell Host) establishes a secure host connection to the CLI for control and monitoring.
89
Follow these steps to setup Telnet/SSH.
Telnet/SSH Setup
1 Click Telnet/SSH Setup from the
Device Access Management menu.
2
1. To enable Telnet Server:
Select Telnet Server
Enable and enter the Port
Number.
2. To enable SSH server:
Select SSH Server Enable and enter the Port
Number.
3. Click Apply .
90
TELNET CLI
Telnet CLI (Command Line Interface)
The user may connect to the CLI (Command Line Interface) via a
TELNET session to the default IP, 192.168.168.1. This section uses Microsoft
TELNET command for instruction. You may use any TELNET client.
Connecting to CLI (Command Line Interface) via TELNET
1. Connect to CLI (Command Line Interface) with the following command at DOS prompt. The TELNET application will then be launched and connected.
C:\WINDOWS\TELNET 192.168.168.1
At the login prompt, type in “password” (default password) and press the <ENTER> key, as shown in Figure 2.4c. You will then login to the CLI.
NOTE
Please refer to Appendix C for the list of commands available at the console.
91
SSH CLI
SSH CLI (Secure Shell Host Command Line Interface)
SSH is designed and created to provide the best security when accessing another computer remotely. Not only does it encrypt the session, it also provides better authentication facilities and features that increase the security of other protocols. It can use different forms of encryption and ciphers.
The first diagram below shows a telnet session.
The second diagram below shows how an encrypted connection like
SSH is not viewable on the network. The server still can read the information, but only after negotiating the encrypted session with the client.
92
SSH CLI has a command line interface like shown below for example.
NOTE
Please refer to Appendix D for the list of commands available at the console.
93
User Management
User Management
1 Click User Management from the
Device Access Management menu.
2
To add user:
1. Click Add button.
2. In Add User Entry Page, enter User
Name, Password, Confirm Password, specify whether to allow Telnet/SSH, and specify whether user is granted permission to Read Only or Read/Write.
3. Click Apply.
To Delete User:
1. Select which user to Delete.
2. Click Delete.
User Management list refreshes to update users.
94
Web Management Setup
HTTPS (SSL) is supported in addition to the standard HTTP.
HTTP (SSL) features additional authentication and encryption for secure communication.
Follow these steps to setup web management.
Web Management Setup
1 Make selection from the Device
Access Management menu .
2
1. Select whether to set web server to HTTP or HTTPS (SSL) mode.
2. Click .
95
3
Web service restarts automatically.
Web session logouts.
You may reconnect using the new web service using the relogin link displayed on the IP address or Web Mode changed page.
96
Remote Management
This feature is especially helpful for users who work away from the office or from home.
The user only requires Internet access to manage the network.
Remote Management
1 Click Remote Management from the Device Access Management menu.
2 1. Specify the number.
Note: Entering 0 would disable this feature. 80 is the default remote HTTP port. 443 is the default remote HTTPS port.
Apply .
3. Click Reboot to reboot the system to effect the changes.
To access the router from the Internet when Remote Management is enabled, open your Internet browser and enter the access point’s WAN
IP address, followed by a colon (:), and then followed by the HTTP port number.
For example: If your WAN IP address is 210.90.0.13 and you have set port
1111 for remote management, enter 210.90.0.13:1111
97
Universal Plug and Play (UPnP)
The following are issues that can arise when using NAT:
• Some network applications assume the IP address and port that the client has been assigned are global routable values that can be used on the Internet directly. Often, this is not the case as the client has been assigned a private IP address that can only be used on the
LAN.
•
•
Other network applications send requests using a socket on a port
“A” and expect to receive the reply from a different listening socket on port “Z”. When the NAT access point creates a port mapping for port “A”, it won't know that it has to match it with the reply packets addressed to port “Z”.
A number of network protocols assume they will always be able to use certain globally routable well-known ports. However there are several clients in the LAN and at any given time, only one client can be allowed to use a specific well-known port. In the meantime, the other clients will not be able to run any web service requiring the same well-known port.
NAT traversal techniques have been developed as a workaround to allow network-aware applications to discover that they are behind a
NAT-enabled device, to learn the external, globally-routable IP address and to configure port mappings to automatically forward packets from the external port of the NAT to the internal port used by the application
– without the user having to manually configure port mapping.
NAT traversal relies on the discovery and control protocols that are part of the Universal Plug and Play (UPnP) architecture. The UPnP specification is based on TCP/IP and Internet protocols that let devices discover the presence and services offered by other UPnP devices in the network. It also supports the following, which are essential for NAT traversal:
• Learning public IP address
•
•
•
Enumerating existing port mappings
Adding and removing port mappings
Assigning lease times to mappings
98
Although NAT traversal does not solve all NAT-related issues, it allows several applications to run behind NAT-enabled devices. It is recommended that you enable UPnP when running:
•
•
•
•
UPnP
Multi-player games
Peer-to-peer connections
Real-time communications
Remote Assistance
1 Click UPnP Configuration from the Configuration menu.
Universal Plug and Play (UPnP) is disabled by default.
2 1. Select the appropriate UPnP
Status .
2. Click .
3. Reboot the system for the new status to take effect.
99
Exclusive!
Parallel Broadband
The router is equipped with the exclusive Parallel Broadband technology, which features scalable Internet bandwidth, Load
Balancing, and Fail-Over Redundancy.
As there is no restriction to the type of broadband Internet account the router can connect to, your network can run with one router on Cable
Internet, with the rest connected to ADSL at the same time.
Load Balancing
A network built around multiple units arranged in cascade, and running under Parallel Broadband creates an aggregate bandwidth, and balances the Internet traffic generated by your private network over multiple broadband connections.
Fail-Over Redundancy
In the case of one of your broadband connections failing, the affected access point will automatically switch over to broadband channels that are operational so that there is no network disruption.
100
To Enable Parallel Broadband
Parallel Broadband can be implemented when:
More than one access point is interconnected (LAN port to LAN port) in your network.
Each access point is connected to a broadband Internet account.
Parallel Broadband
1 Click Parallel Broadband from the CONFIGURATION menu.
Parallel Broadband is disabled by default.
2 1. Enable the Parallel Broadband
Status.
2. Click .
3. Repeat this for the other access points in your network.
This would enable them to intercommunicate and reassign users to the access point with the smallest load, so that the users are distributed equally among the access points.
101
Static Address Translation
(Only supported by Wireless Routing Client and Gateway)
If you use a notebook for work at the office, it is probable that you also bring it home to connect to the Internet and retrieve emails or surf the web. Since it is most likely that your office’s and your home’s broadband-sharing network subnets are differently configured, you would have to struggle with reconfiguring your TCP/IP settings each time you use the notebook in a different place. The access point provides the Static Address Translation (SAT) feature to enable its users to bypass this hassle.
Let's say that the IP address of your notebook is set to 203.120.12.47 at the workplace but the access point that is connecting your home network to the Internet, is using an IP address of 192.168.168.1. You have enabled SAT on your router and want to access the Internet without changing the IP address of the notebook, as you have to use it at work again on the next day.
Since it is still set to the TCP/IP settings used in your office, the notebook will then try to contact the IP address of your office's gateway to the
Internet. When the access point finds that the notebook is trying to contact a device that lies in a different subnet from that of the home network, it would then inform the notebook that the gateway to the
Internet is in fact itself (Access Point).
Once the notebook has been informed that the gateway to the Internet is the access point, it will contact the latter (Access Point) to access the Internet, without any change to its TCP/IP settings required.
NOTE
For SAT to function properly:
1. The IP address of the notebook should belong to a different subnet from the LAN IP address of your access point.
2. The <Default Gateway> in the TCP/IP settings of your notebook should NOT be left blank.
102
1
Under the H o n . o m e U s e r r F e a t t u r r e s command menu, click on S t t a t t i i c A d d r r e s s
T T r r a n s l l a t t i i o
2
You may then choose to E n a b l l e or D i i s a b l l e
A p p l l y button. (Note:
SAT is disabled by default) e e Static Address
Translation here, followed by clicking the A
103
DNS Redirection
DNS Redirection allows you to redirect DNS requests to a local or closer
DNS server. This improves the response time and enables true plug-andplay accessibility, especially if your DNS server is behind a firewall or is situated on your private LAN.
DNS Redirection
1 Click DNS Redirection from the
Home User Features menu.
2 DNS redirection is disabled by default.
1. Set status to enable.
Apply .
104
Dynamic DNS Setup
It is difficult to remember the IP addresses used by computers to communicate on the Internet. It gets even more complicated when
ISPs change your public IP address regularly, as is the case when the
Internet connection type is Dynamic IP or PPPoE with Dynamic IP.
If you are doing some web hosting on your computer and are using
Dynamic IP, Internet users would have to keep up with the changing IP address before being able to access your computer.
When you sign up for an account with a Dynamic Domain Name
Service (DDNS) provider, the latter will register your unchanging domain name, e.g. MyName.Domain.com. You can configure your router to automatically contact your DDNS provider whenever the router detects that its public IP address has changed. The router would then log on to your account and update it with its latest public IP address.
If someone types in your address: MyName.Domain.com into their web browser, this request would go to the DDNS provider which would then re-direct that request to your computer, no matter what IP address it has been currently assigned by your ISP.
The Dynamic DNS service is ideal for a home website, file server, or just to keep a pointer back to the USB storage disk connected to your router so you can access those important documents while you are at work.
Dynamic DNS Setup
1 Click Dynamic DNS Setup from the Configuration menu.
2
On Enable/Disable Dynamic DNS page,
Dynamic DNS Status is disabled by default.
If you have already created a list earlier, click
Refresh to update the list.
105
3
To add a new Dynamic DNS to the list, click Add.
Choice DDNS Provider page displays.
There are two default providers that you can use.
The parameters are explained below:
Choice:
This allows you to select your preferred DDNS provider.
Provider Name:
This is the name of your preferred DDNS provider.
Register Now:
This allows you to go to the website of your preferred DDNS provider to register your account.
106
There are two predefined DDNS providers.
Please note that you need to be connected to the Internet to register your DDNS account.
To select 2MyDNS – Dynamic DNS Service Provider as DDNS Service
Provider
1
Under the Choice column in the Choice
DDNS Provider check the radio button for 2MyDNS – DNS Service Provider.
Click Next.
2
At the Dynamic DNS Add page: current WAN IP address. Enter your
DDNS account Username and
Password.
3
Optional: If you enable the wildcard service by selecting Yes, your hostname would be allowed multiple identities.
For example, if you register:
mydomain.2mydns.net users looking for www.mydomain.2mydns.net or ftp.mydomain.2mydns.net can still reach your hostname.
107
4
Optional: In the Mail Exchanger field, enter the Static WAN IP address of the mail server configured to handle email for your domain.
Select Backup Mail Exchanger to enable this service.
Click Add button to save the new addition.
5
Dynamic DNS list table displays the new domain.
6
It will appear as a hyperlink to the
Dynamic DNS Edit page.
From this page, you can update any of the parameters, delete the domain name, or reset all parameters.
108
To select DtDNS as DDNS Service Provider
1
Under the Choice column in the Choice
DDNS Provider check the radio button for DtDNS.
Click Next.
2
At the Dynamic DNS Add page:
1. Enter your Domain Name.
2. Select Auto Detect to detect your current WAN IP address. Enter your
DtDNS account Username and
Password.
3. Click Add.
3
Example: While the new domain name,
cool.3d-game.com is being added to the list, the message ‘Waiting in queue…” displays under the Update
Status column of the Dynamic DNS List table.
109
Chapter 9: Security Configuration
The Security Configuration chapter covers:
Firewall Configuration
Firewall Logs
Packet Filtering
URL Filtering
Multicast Filtering
The router makes use of Packet Filtering and Stateful Packet Inspection
(SPI) to examine each message entering or leaving your LAN and block those that do not satisfy your specified security criteria. Packet Filtering allows you to define security filter rules such that packets that make it through the filter rules are processed as per normal, while those that do not are discarded.
SPI compares the packet content to a database of trusted information instead of only checking the packet header, before letting it through.
Security Level
Depending on the amount of protection you require, you can determine the level of security to implement: Low, Medium, and High.
Log Information
The router allows you to keep a record of data packets that have been allowed and/or that have been refused through the firewall.
By customising the data traffic to record and reviewing the log files at regular intervals, you can monitor the system’s performance and identify irregularities.
The following lists the usual types of data packets encountered.
TCP (Transmission Control Protocol) packets are exchanged between hosts to establish a connection and exchange data.
UDP (User Datagram Protocol) packets are primarily used for broadcasting messages and in streaming audio/video information.
ICMP (Internet Control Message Protocol) packets pertaining to error or control information are exchanged between access points.
IGMP (Internet Group Management Protocol) packets are sent to establish host memberships such as multicast groups on the LAN.
110
Firewall Configuration
Follow these steps to configure the firewall.
Firewall Configuration
1 Click Firewall Configuration from the Security Configuration menu.
2
1. Enable the firewall. You can choose the Default Low, Default Medium, or
Default High security options for convenient setup.
2. Choose the type of network activity information to log for reference. Data activity arising from different types of protocol can be recorded.
3. The packet types selected in the
Accepted section will display in the firewall log if they are detected by the firewall. This also applies to the Denied section.
111
More firewall rules can be added for specific security purposes.
Rule Name
Disposition
Policy
: Enter a unique name to identify this firewall rule.
: This parameter determines whether the packets obeying the rule should be accepted or denied by the firewall.
Choose between Accept, or Deny.
Protocols : Users are allowed to select the type of data packet from: TCP, UDP,
ICMP, IGMP, or ALL.
Note: If users select either ICMP or IGMP, they are required to make
ICMP Types further selection on ICMP Types or IGMP Types respectively.
: This IP protocol is used to report errors in IP packet routing.
ICMP serves as a form of flow control, although the receiving and transmitting of ICMP messages is not guaranteed.
ICMP Packet Type Description
Echo request Determines whether an IP node (a host or a router) is available on the network.
Replies to an ICMP echo request. Echo reply
Destination unreachable
Source quench
Informs the host that a datagram cannot be delivered.
Informs the host to lower the rate at which it sends datagrams because of
112
IGMP Types
Redirect
Time exceeded congestion.
Informs the host of a preferred route.
Indicates that the Time-to-Live (TTL) of an
IP datagram has expired.
Parameter
Problem
Timestamp
Request
Informs that host that there is a problem in one the ICMP parameter.
Information that is from the ICMP data packet.
Information
Request
Information that is from the ICMP data packet.
Information Reply Information that is from the ICMP data packet.
: This IP protocol is used to establish host memberships in particular multicast groups on a single network. The mechanisms of the protocol allow a host to inform its local router, using Host
Membership Reports.
Host Membership
Report
Host Membership
Query
Leave Host
Message
Information that is from the IGMP data packet.
Information that is from the IGMP data packet.
Information that is from the ICMP data packet.
Source IP
Destination IP
: This parameter allows you to specify workstation(s) generating the data packets. Users can either set a single IP address or set a range of IP addresses.
: This parameter lets you specify the set of workstations that receive the data packets. Users can either set a single IP address or set a range of IP addresses.
Source Port : You can control requests for using a specific application by entering its port number here. Users can either set a single port number or a range of port numbers.
Destination Port : This parameter determines the application from the specified destination port. Users can either set a single port number or a range of port numbers.
Check Options : This parameter refers to the options in the packet header. The
113
Check TTL available selection options are abbreviated as follows:
SEC – Security
LSRR – Loose Source Routing
Timestamp – Timestamp
RR – Record Route
SID – Stream Identifier
SSRR – Strict Source Routing
RA – Router Alert
: This parameter would let you screen packets according to their
Time-To-Live (TTL) value available options are:
1. Equal
2. Less than
3. Greater than
4. Not equal
114
3
1. Rule Number ranges from 1 to
40.
Precedence is determined in ascending order such that rule
1 takes precedence over rule 2.
2. Select whether to Deny or to
Accept packets for the
Disposition Policy .
3. Pick the relevant Protocol .
4. For ICMP Types , select the checkboxes according to the
ICMP information for the gateway to discard/collect.
5. Similarly, section lets you choose which IGMP packets to discard/ record.
6. From Source IP Address dropdown list, select whether to apply the rule to:
A Range of IP addresses.
Define (From) which IP address
(To) which IP address, the rule applies.
A Single IP address.
You need only specify the source IP address in (From) .
Any IP address
Both (From) and (To) may be left blank.
7.
Destination IP Address .
8. At dropdown list, select either:
A Range of TCP ports
Define (From) which port (To) which port, the rule applies.
A Single TCP port
You need only specify the source port in the (From) .
Any IP port
Both (From) and (To) may be left blank.
115
9. Similarly, determine the
Destination Port .
Check Options .
11. packets of TTL Values Equal ,
Less , Greater , or Not Equal to the defined TTL value.
TTL value .
13. Click Apply to apply settings.
! NOTE: Up to 40 firewall rules can be defined, with precedence determined by the rule number.
For example: If Rule 5 blocks all ICMP packets in your LAN, but
Rule 6 authorises ICMP-Redirect packets in the LAN, the ICMP
Redirect packets will still be blocked.
116
Firewall Logs
As described previously, from the Firewall Configuration page the data traffic to be logged by the router can be defined.
The Firewall Log also records any UDP flooding or SYN flooding attacks on your network.
Firewall Logs
1 Click Firewall Logs from the Security
Configuration menu.
2 1. A firewall log entry consists of:
Time at which the packet was detected by the firewall.
Action , which states whether the packet was accepted or denied.
Protocol type of the packet.
Source Address from which the packet originated
Destination Address to which the packet was intended.
Source Port from which the packet was initiated.
Destination Port to which the packet was meant for.
Any Information .
2. Click log records.
, to refresh the
117
Packet Filtering
With Packet Filtering enabled, the router examines all outgoing packets before deciding - according to predefined rules - whether to block them or to let them pass. The setting of rules to control the network user access should be done by the system administrators.
This is equivalent to Time-based Access Management and Internet
Application Filtering features as packet-filtering rules based on these 3 factors can be defined:
Source IP Address
Restrict Internet activity originating from a specific PC or group of
PCs.
TCP Port
Prevent certain applications such as FTP from passing through your access point.
Time Frame
Restrict Internet access to certain times.
For example: You can restrict Internet access from your children’s
PC to certain time frames, such as between 19H30 and 21H45.
The router thus provides a wide range of options in monitoring the traffic in your LAN.
As example, for the rule TCP Port 23 from any IP on any day at any time
(Port 23 is usually used by TELNET):
If sent is selected, all outgoing packets will be sent, except those belonging to TELNET sessions.
If discarded is selected, all outgoing packets will be blocked, except for those belonging to TELNET sessions.
118
Follow these steps to setup packet filtering.
Packet Filtering
1 Click Packet Filtering from the
Security Configuration menu.
2
Clicking Change select Packet Filter Type.
3
Select from three choices: Disabled,
Sent, Discarded, then click Apply.
The default is Disabled, allowing all packets to be sent.
`
4
Click Add.
The following steps guide you through the packet filter rules that can be defined on this page.
4a). Enter Rule Name of the new packet filtering rule. For example: BlockCS
119
4b). From the IP Address dropdown list, select whether to apply the rule to:
A Range of IP addresses.
Define (From) which IP address (To) which IP address, the rule applies.
A Single IP address.
You need only specify the source IP address in (From) .
Any IP address
Both (From) and (To) may be left blank.
4c). From the Destination Port dropdown list, select whether to apply the rules to:
A Range of IP addresses.
Define (From) which IP address (To) which IP address, the rule applies.
A Single IP address.
You need only specify the source IP address in (From) .
Any IP address
Both (From) and (To) may be left blank.
4d). From Day of the Week dropdown list, select whether the rule should apply to:
A Range of days
Define (From) which day (To) which day, the rule applies.
Any day
Both (From) and (To) may be left blank.
4e). From Time of the Day dropdown list, select whether to apply the rule to:
A Range of time
Define (From) what time (To) what time; the rule applies.
The format is HH:MM - where HH can take any value from 00 to 23, and
120
MM can take any value from 00 to
59.
Any time
Both (From) and (To) may be left blank.
Click Apply , to apply the new rule.
The Filtering Configuration table updates.
In this example, the rule BlockCS blocks any
IP address (any PCs within the network) from an application using port 27015 from
Monday to Friday, 7am to 6pm.
121
URL Filtering
The URL Filtering feature of the router makes it easy to block certain websites from LAN users.
URL Filtering
1 Click URL Filtering from the Security
Configuration menu.
Selecting Block
2
The URL Filter Type can be defined by clicking Change.
Select Block or Allow, then click
Apply.
The default is Disabled, allowing all websites to be accessed.
Click Add.
122
Selecting Allow
3
In Host Name, enter the web site address to be blocked.
For example: www.objectionablewebsites.com
Click Add to complete setup.
123
Multicast Filtering
This feature lets you allow or disallow streaming over the Internet, if you have registered to ISP services providing videos and TV channel streaming.
Multicast Filtering
1 Click Multicast from the Security
Configuration menu.
2 Enabling the filter disallows video streaming over the
Internet whereas disabling the filter would allow it.
Click Apply to complete setup.
Note: This feature is enabled by default.
If such services have been subscribed to, set this feature to
Disable.
124
Chapter 10: Web Interface Utilities
This chapter describes the use of:
The System Tools menu
The Help menu
Using the SYSTEM TOOLS Menu
Ping Utility
The Ping Utility works like the commonly used Ping.exe program in
Command Prompt.
It allows pinging of IP addresses or domain names.
Follow these steps to use the Ping Utility.
Ping Utility
1
Click Ping Utility from the System Tools menu.
2
Enter the Target Host IP Address or Domain
Name and click Start to begin pinging.
If an inavalid IP address or domain name is entered, the field will be reset to the default IP of
192.168.168.1
125
3
The Ping Utility pings the target with 10 packets of 56 bytes data and displays the results and statistics at the end.
Click Back to return to the previous
Ping Utility page.
126
Syslog
Syslog allows remote system logging.
You can setup Syslog with the following steps.
S t t e p 1 : :
Click on S y s l l o g from the S Y S T T E M T O O L S menu.
S t t e p 2 : :
Select to E n a b l l e S y s l o g .
S t t e p 3 :
Enter the R e m o t t e I I P A d d r r e s s o r r D o m a i i n N a m e
S t t e p 4 : :
Enter the R e m o t e P o r r t
S t t e p 5 : :
Click A p p l l y to make the changes.
127
To Identify Your System
If your network operates with several of the access points, a means of identifying each individual access point would be useful.
In certain cases your ISP might request identification before dynamically allocating an IP address. The System Name of the router can then serve as a DHCP Client ID during negotiations with the DHCP
Server of your ISP.
You can define the System Identity to be utilised as System Name, or as
DHCP Client ID.
Follow these steps to define a System Identity for your router.
System Identity
1 Click System Identity from the
System Tools menu.
2 1. In , enter the DHCP
Client ID assigned by your ISP.
2. In , fill in the name of a contact person.
3. Enter .
This entry can help in identification if there are multiple devices in your network or building.
4. Click Apply to effect the changes.
128
Setting the Time of Your System
Synchronising the clocks of the router and your workstation enables effective management and operation of the provided time-based functions.
! NOTE: The clock setting will be enabled if the unit is set to operate as a router.
Follow these steps to set your system’s clock.
System Clock Setup
1 Click System Clock Setup from the System Tools menu.
2 Choose the correct time zone and
Enable the Auto Time Setting (SNTP) using a timeserver such as
time.nist.gov
Click Apply.
129
To Upgrade the Firmware Version
The products are designed for upgradability.
Click About System from the HELP menu to check your current firmware version.
Firmware Upgrade
1 Click Firmware Upgrade from the System Tools menu.
!
2 Ensure that the latest firmware has been downloaded onto your local hard disk drive.
1. Enter the path and file name of the downloaded file in Upgrade
Firmware (path and file name) .
Alternatively, click Browse to locate the file.
2. Click .
3. Follow the instructions given during the upgrading process.
The router will prompt for reboot when process completes.
NOTE: The device might become unstable if firmware upgrade process is interrupted.
130
Settings Profile
A profile is the set of parameters with which the router is configured.
You may choose to:
Save your customised profile
Make a backup of a profile onto your hard disk
Restore a profile saved on file earlier
Return the access point to its default settings
Follow these steps to proceed.
Save or Reset Settings
1 Click Backup or Reset Settings from the System Tools menu.
2 To save current profile:
1. Click .
2. Restart system to ensure the right profile is being used.
To backup current settings onto hard disk drive:
Click Backup .
131
Backup
Browse
To return system to earlier configuration using backup file:
1. Click to search for backup file.
Or enter file path name in
Restore the Machine’s configuration (path and file name) .
Restore .
To discard ALL configurations made and restore the router to factory settings:
1. Click .
2. Click when confirmation menu displays.
3. The router will restart and reload default profile.
Note: Login password will revert to default.
132
To Reboot
Most changes in system settings require rebooting to take effect.
Follow these steps to reboot the router.
Reboot System
1 Click Reboot AP from the
System Tools menu.
2 You will be prompted to confirm reboot.
Click yes to reboot the router.
! NOTE: Reboot AP or Reboot Router is displayed under System
Tools depending on whether the unit is set as access point or router.
133
Change Your Login Password
The login password is required to access the web configuration interface, through which the router’s settings can be monitored
Follow these steps to change password.
Change Password
1 Click Change Password from the System Tools menu.
2
Note: Password is case-sensitive.
Current Password.
The default is password
2. Enter the new password in
New Password and Confirm
Password .
3. Click .
134
To Logout
Follow these steps to logout.
Logout
1 Click Logout from the System
Tools menu.
2 A login prompt displays.
To access the configuration interface again, click LOGIN!
135
Using the HELP Menu
To Get Technical Support
This page contains the contact information of technical support centres around the world.
Follow these steps to access the page:
Get Technical Support
1 Click Get Technical Support from the HELP menu.
2 If further information is required, please contact a Technical Support
Centre by email, mail, phone, or fax.
136
About Your System
The About System page displays a summary of system configuration information that might be required by support technicians during troubleshooting.
Follow these steps to view the settings.
About System
1
Click About System
HELP menu. from the
2
The System Information page displays a summary of the router’s setup parameters.
137
Chapter 11: Printer Server Setup
(For NP18 1A, 2B)
The router can also act as a network print server that is easy to operate. When its print server functionality is enabled, you can print from any wired or wireless computer on the network to the USB printer(s) connected to the router.
! NOTE: You need to install the printer driver software (provided by the printer manufacturer) onto all the PCs in the network that will share the USB printer.
In this chapter, the step-by-step procedures on using
LPR printer are described individually for Windows XP, 2000, 98, and ME users.
After connecting your USB printer to one of the USB ports of the router, turn on the printer. The corresponding USB LED will light up, indicating that the router has detected your printer. Ensure that the printer driver is already installed on your PC and open the web interface of the router:
Adding A Shared Printer Via LPR in Windows XP
For Windows XP Users
Under the HOME USER FEATURES command menu, click on Printer Server Setup.
1. Simply choose Enable or Disable for the Status of Printer Server.
2. Click on the Apply button.
3. When you connect the printer to the USB port of the router, the printer will be automatically displayed in the Printer List.
138
Next to add the printer to your PC:
1. Go to the Windows Start Menu; select Settings, then followed by
Control Panel.
2. Then Printers and
Faxes. Select the Add a printer and the Add Printer Wizard appears.
4. Check the radio button next to the
Local printer attached to this
computer and click Next> to proceed.
Please note that you should not select
Automatically detect and install my
Plug and Play printer.
Next to select the printer port for your PC:
1. Check the radio button next to
Create a new port.
2. Then Standard TCP/IP Port for the type of port you will be using.
3. Click on the Next> button to proceed.
139
4. When Add Standard TCP/IP
Printer Port Wizard appears, click on the Next> button to proceed.
5. Enter your router’s IP address in the
Printer Name or IP Address field.
Then the corresponding Port Name will be automatically entered.
6. Click on the Next> button to proceed.
7. Go to the Device Type section and select Custom. Next to the Custom radio button, click on the Settings button. This brings out the Configure
Standard TCP/IP Port Monitor window.
140
8. Go to the Protocol section and select LPR.
9. Next proceed to the LPR Settings section. In the Queue Name field, key in ‘usb0’. Please take note that
‘usb0’ is an example. The appropriate queue name should be derived from the URL of the printer that connects to the router.
10. Click on the Next> button to proceed.
11. After you have successfully configured the selected port, you will see the information display in this window. Click Finish to complete the port configuration.
Next to install the printer’s driver to your
PC:
1. If you cannot find the printer’s name in the list, click Have Disk…
Then you need to install the driver manually.
2. Click on the Next> button to proceed.
141
3. Then you will be prompted to choose whether to keep the existing driver or install a new driver.
However, it is recommended that you should choose to keep the existing driver.
4. Click on the Next> button to proceed.
5. Key in the printer’s name.
6. Click on the Next> button to proceed.
7. If you want to share the printer with other PC users, click the radio button next to Share name. Then key in the share name so that the users will find this name to access the shared printer. Otherwise if you choose not to share the printer, select do not share this printer.
8. Click on the Next> button to proceed.
142
9. It is recommended to test the printer. To print the test page, click
Yes. When you get the test print out, it means that the printer is successfully installed.
10. Click on the Next> button to proceed.
11. This window displays a summary of the settings of the printer that is successfully installed.
12. To exit the window, click Finish.
143
Adding A Shared Printer Via LPR in Windows 2000
For Windows 2000 Users
Under the HOME USER FEATURES command menu, click on Printer Server Setup.
1.
Simply choose Enable or Disable for the Status of Printer Server.
2.
Click on the Apply button.
3.
When you connect the printer the
USB port of the router, printer will be automatically displayed in the
Printer List.
Next to add the printer to your PC:
1. Go to the Windows Start Menu; select Settings, then followed by
Control Panel.
2. Then Printers and
Faxes. Select the Add a printer and the Add Printer Wizard appears.
144
5. Check the radio button next to the
Local printer attached to this
computer and click Next> to proceed.
Please note that you should not select the
Automatically detect and install my Plug and
Play printer.
Next to select the printer port for your PC:
1. Check the radio button next to the
Create a new port.
2. Then Standard TCP/IP Port for the type of port you will be using.
3. Click on the Next> button to proceed. the
Printer Port Wizard appears, click on the Next> button to proceed.
145
5. Enter your router’s IP address in the
Printer Name or IP Address field.
Then the corresponding Port Name will be automatically entered.
6. Click on the Next> button to proceed.
7. Go to the Device Type section and select Custom. Next to the Custom radio button, click on the Settings button. This brings out the Configure
Standard TCP/IP Port Monitor window.
8. Go to the Protocol section and select LPR.
9. Next proceed to the LPR Settings section. In the Queue Name field, key in ‘usb0’ Please take note that
‘usb0’ is an example. The appropriate queue name should be derived from the URL of the printer that connects to the router.
10. Click on the Next> button to proceed.
146
11. After you have successfully configured the selected port, you will see the information display in this window. Click Finish to complete the port configuration.
Next to install the printer’s driver to your
PC:
1. If you cannot find the printer’s name in the list, click Have Disk….
Then you need to install the driver manually.
2. Click on the Next> button to proceed.
3. Then you will be prompted to choose whether to keep the existing driver or install a new driver.
However, it is recommended that you should choose to keep the existing driver.
4. Click on the Next> button to proceed.
147
5. Key in the printer’s name, you can make it as the default name.
6. Click on the Next> button to proceed.
7. If you want to share the printer with other PC users, click the radio button next to Share name. Then key in the share name so that the users will find this name to access the shared printer. Otherwise if you choose not to share the printer, select Do not share this printer.
8. Click on the Next> button to proceed.
9. It is recommended to test the printer. To print the test page, click
Yes. When you get the test print out, it means that the printer is successfully installed.
10. Click on the Next> button to proceed.
148
11. This window displays a summary of the settings of the printer that is successfully installed.
12. To exit the window, click Finish.
149
Adding A Shared Printer Via LPR in Windows 98/ME
Before setting up the LPR printer server, you have to download the software of the LPR printer client from the website: http://www.columbia.edu/acis/access/printing/winME_files/instlpr.exe
Please note that the version of the downloaded software should be V3.4f.
Once the download is complete, you can install it to your PC before proceeding with the step-by-step instructions below:
For Windows 98 / ME Users
Under the HOME USER FEATURES command menu, click on Printer Server Setup.
Simply choose Enable or Disable for the
Status of Printer Server.
Click on the Apply button.
When you connect the printer to the USB port of the router, the printer will be automatically displayed in the Printer List.
Next to add the printer to your PC:
1. Go to the Windows Start Menu; select Settings, then followed by
Control Panel. Double-click Printers.
2. Double-click Add Printer.
150
Add Printer Wizard (shown on the left) appears.
Next> to proceed.
5. Click the radio button next to Local
Printer. Then click Next> to proceed.
Next to Install the printer’s driver to your PC:
1. Select the printer’s name available in the Manufacturers: and Printers: listboxes.
2. But if you cannot find the printer’s name in the list, click Have Disk….
151
the
Browse... to search for your printer’s driver and install it.
Open screen prompts you to select the file name of your printer’s driver. Then click OK to proceed.
When your printer’s driver is added to the
Printers list, click Next> to proceed.
152
6. Then you will be prompted to choose whether to keep the existing driver or install a new one.
But you are advised to keep the existing driver.
Next> to proceed.
LPT1 from the Available ports: list box that you want to use for your printer.
Next> to proceed.
10. Just leave the supplied fields intact as they are. Click Finish without editing anything unless required.
11. Wait for a while until the message
“Setup is complete” is prompted.
153
12. Right-click on the icon of the printer you have just installed to select
Properties.
13. At the Details tab of the printer’s properties screen, click Add Port.
14. The Add Port screen is displayed to let you select Others.
15. Below the Others radio button, highlight and select ACITS LPR
Remote Printing for the type of port.
To confirm the addition, click OK.
16. Then the ACITS LPR Remote Printing screen pops up.
154
17. At the Settings tab of the ACITS LPR
Remote Printing screen, key in the router’s IP address. Proceed to key in the printer/queue name. For example, ‘usb0’ is the name derived from the URL of the printer connected to the router. For example, http://192.168.168.27:631/ printers/usb0 .
18. To check if the selected printer is connected to the router or not, click Verify Printer Information.
19. At the Spool Settings screen, click the radio button next to Start printing after last page is spooled.
20. Then click the radio button next to
Disable bi-directional support for this printer.
21. Lastly, click OK to complete the printer setup.
155
Removing the Shared Printer from the Router
Removing Printer
To physically remove the network printer from the router safely,
Click on the Remove button and the system will prompt whether you really want to remove the USB device from the router.
Click Yes to confirm. You will then be able to safely disconnect your printer from the USB port of the router.
156
Chapter 12: USB Storage Disk Sharing
(For NP18 1A, 2B)
The router connects to your USB hard disk/flash disk to allow easy storage sharing in the network and across the Internet. Once your USB hard disk/flash disk is connected to your router, you can access the shared disk via FTP or
Windows networking.
! Note: The router lets you share entire drives instead of individual folders.
Enable FTP or Windows networking
Under the HOME USER FEATURES command menu, click on USB Storage Disk Sharing.
There are two ways you can choose to let the users access your USB storage disk: via FTP or Windows networking. If you wish to transfer data via FTP, enable the FTP Server option.
A. To enable FTP Server
Using your Web browser or FTP software, you can remotely access the USB disk connected to the router and upload/download files to and from it.
Allow Anonymous: Selecting Yes indicates that you allow users to access to your USB storage disk to upload and/or download files without having to key in a username and password. Otherwise, you can create an FTP account to allow only users with authorized username and password to FTP to your storage disk.
Allow Internet: Selecting Yes indicates that you allow FTP users to access your storage disk via the Internet. No indicates that only LAN access is allowed. FTP Port: This is the default
TCP port for FTP connection. You may choose another port number if port 21 is being used by another FTP server in the network.
B. To enable Windows File Server
You can easily access the USB storage disk by browsing for the router from a PC in the same Windows workgroup.
You are allowed to define three kinds of user access rights to your USB storage disk: read
and write, read or disable.
Read and write access let users view, create and delete files in the USB storage disk. For
Read access, users are not allowed to modify the disk contents. However, they still can see and open files. Selecting Disable prohibits users from accessing to your USB storage disk.
157
Allow Anonymous: Selecting Yes indicates that you allow users to access to your USB storage disk to upload and/or download files without having to key in a username and password. Otherwise, you can create a file server account to allow only users with authorized username and password to use the file server to access your storage disk.
Refer to page 88 for instructions on how to access your storage disk from Windows networking.
158
Advanced USB Disk Sharing Functions: Show Connections of Server
Under the Advanced USB Disk Sharing
Functions, click on Show connections to USB
storage disk.
This screen displays the number of users connected to the storage disks.
Available connections: It is the maximum number of connections that the router can handle.
Current: This column allows you to monitor the number of active connections established using FTP and Windows networking.
159
Advanced USB Disk Sharing Functions - FTP Server User Account List
Under the Advanced USB Disk Sharing
Functions, click on Manage FTP user account.
This screen will display the list of FTP user accounts.
After clicking on Add, the Add a new FTP
Account screen appears. This screen allows you to create FTP user accounts so that when you set Allow Anonymous to ‘No’, only authorized users who login with the correct username and password will be able to FTP to the USB disk connected to your router.
User name: You can create a username to log into the FTP server. For example, user1
New Password: You need this password to access to the FTP server.
Confirm Password: Re-type your password for confirmation. Click on the Add button to create the new FTP user account.
160
If you wish to delete an existing or current FTP user account, go to the FTP Account
Configuration page. Then click on the hyperlink next to its corresponding user name you have selected.
This screen below lets you click on the Delete button to delete the user account.
161
Advanced USB Disk Sharing Functions - File Server User Account List
Under the Advanced USB Disk Sharing
Functions, click on Manage file server user
account.
The File Server Account Configuration screen will display the list of users who are using the file server.
After clicking on Add, the Add a new File
Server Account screen appears. This screen allows you to create file server user accounts so that when you set Allow Anonymous to
‘No’, only authorized users who login with the correct username and password will be able to use the file server to access the USB disk connected to your router.
User name: You can create a username to log into the file server. For example, templar
New Password: You need this password to access to the file server.
Confirm Password: Re-type your password for confirmation. Click on the Add button to create the new file server user account.
162
If you wish to edit an account password or delete a user account, go to the File Server
Account Configuration page. Then click on the corresponding user name.
Modify the account password and press
Save or click on the Delete button to delete the user account.
163
Accessing Your USB Hard Disk Via FTP Server
Access via FTP Server
From your Internet Explorer address bar, type in ftp://192.168.168.1
, where 192.168.168.1 is the LAN IP address of your router (if you access locally) or its WAN IP address (if you access through Internet).
Click on File, followed by Login As…. In the pop-up window that appears, key in your FTP username and password.
Alternatively,
You may also type in the following format: ftp://username:[email protected]:21 whereby ‘username’ and ‘password’ refer to your FTP account username and password;
‘192.168.168.1’ refers to the LAN IP address
(for local access) or the WAN IP address (for
Internet access) of your router; ‘21’ refers to the
FTP Port number in the FTP setup.
164
Accessing Your USB Hard Disk Via Windows File Server
Access via Windows File Server
Right-click the My Network Places icon on your desktop and select Search for
Computers....
Enter the NETBIOS name you have set up in the Computer Name: field and click on
Search Now button.
Once found, the system will display the device name, Workgroup name and also the server name in their respective fields.
Double click on the device name, router. If you have selected Allow Anonymous, the contents of the USB storage disk will appear.
Otherwise, you will need to enter your username and password to access the disk contents.
! Note: The Workgroup Name of both the router and the PC must be the same.
165
Using Windows File Server to Map to Network Drive
This section explains how to connect to the shared USB storage disk attached to the router and assign a drive letter to this connection so that you can directly access the disk using the My Computer icon.
Map Network Drive via Windows File Server
From your Windows Explorer, go to Tools and select Map Network Drive....
Alternatively, you may also right-click on the
My Computer from your desktop and select
Map Network Drive….
Next, enter \\192.168.88.22\sda1 , where
192.168.88.22 is the IP address of your router; sda1 is the share name assigned to your USB disk by the router.
166
To check your USB device share name, refer to USB Devices List as shown below. Notice that the router will define the Share
Name as sda or sdb, etc according to the order in which you have connected the disks to its USB ports. To map the network drive to your local drive, you need to add a ‘1’ behind the share name, such as ‘sda1’.
Click the Finish button to map the network drive.
167
Chapter 13: Webcam Setup and View
(For NP18 1A, 2B)
This chapter describes how you may configure the router to set up your webcam so that authorized users can view your webcam.
Configuring Internet Explorer Security
To be able to view the video stream from your webcam, you need to change the settings of your web browser to accept ActiveX controls.
Internet Explorer Security Settings
Open your Internet Explorer, go to Tools menu and select Internet Options….
From the Security Tab, select Custom
Level…. button.
Under ActiveX controls and plug-ins, ensure that all the sub-settings are configured to either Enable or Prompt. Then click on OK and close all the dialog boxes before proceeding.
Once these steps are completed, you are ready to view the webcam video! Once all security features have been activated, you will be able to view video from your webcam successfully. Remember to choose Yes if you are prompted to allow the Active-X interaction.
168
Configuring the Webcam Setup
To be able to configure the webcam setup, you have to enable it first.
Webcam User Setup
Under the HOME USER FEATURES command menu, click on Webcam Setup.
Status: To enable the Webcam Setup, check the radio button next to
Enable. Please note that the
Webcam Setup is disabled by default.
Webcam Port: This is the port where you connect your webcam to your router.
Active: Put a tick to allow user to view the webcam.
User Name: This is the name that you had created to access to view the webcam.
No of visits: This is the number of times the user has logged in to view the webcam.
Time of last visit: The time recorded your last visit to view the webcam.
Click on Add button to create new user. The
Add New User window appears.
169
Enter your Username. For example, ‘demo’.
Next enter the Password.
Click Add. Then the new user is added in the list.
Please note that ‘WEBCAM’ under Group is automatically entered after a new user has been successfully created.
170
Webcam List
Under the HOME USER FEATURES command menu, click on Webcam
Setup. Then go to Camera List.
If you have just connected your webcam to the router, and you see the empty Camera
List, click refresh.
Then you will see that this list shows the webcam(s) connected to the router.
To remove the webcam, simply click on the
Remove button.
171
Viewing the Webcam
If you see the message read: “Please change its status in Webcam
Setup”, it shows that you have not enabled the webcam setup. To enable it, refer to the previous section in configuring the webcam setup.
Webcam View
Under the HOME USER FEATURES command menu, click on Webcam
View.
Property Button
Click this button to adjust size, display parameters and filters of your screen.
Capture Button
Click this button to capture a still picture from the video feed. Right-click on the still picture and select “Save Picture As…” from the menu.
Clicking the Capture button again will allow you to refresh the still picture to a new instant.
Left/Up/Center/Down/Right Button
These buttons allow you to adjust the position of your webcam if you are using a tracker pod.
Webcam Pan/Tilt Button
This button allows you to adjust the position of your Quickcam Sphere/Orbit webcam.
172
Appendix A: Configuring your PC for network access
This section illustrates how to configure the TCP/IP settings of your computer so that it can communicate with the router or with other computers across your network.
We will consider:
Adding TCP/IP protocol for Windows 98/98SE/ME/2000
Configuring Dynamic IP Address Allocation for Windows
98/98SE/ME/2000
Configuring Static IP Address Allocation for Windows
98/98SE/ME/2000
Configuring Wireless Network Settings for Windows XP
Adding TCP/IP protocol for Microsoft Windows 98/98SE/ME/2000
By default, the TCP/IP protocol is installed and set to obtain an IP address automatically in Windows 98, 2K & XP.
However, if your PC does not have TCP/IP installed, the following will guide you through the TCP/IP installation procedure.
Adding TCP/IP protocol in Windows 98/98SE/ME/2000:
1 on .
Settings .
3. Click .
173
2 Double-click on the Network icon.
The Network Configuration screen shown on the left will appear.
3 Check your list of Network
Components in the Network window’s Configuration tab.
If TCP/IP is not installed:
1. Click on the Add button.
This will bring you to the screen shown on the right.
Protocol .
3. Click on the Add button.
On the next screen that appears:
4. Select from the
Manufacturers column.
5. Choose TCP/IP from the
Network Protocols column.
6. Click on the OK button.
! NOTE: Windows may ask you for the original Windows installation disk or for additional files. Check for the files at
C:\windows\options\cabs , or insert the Windows CDROM disc into the CDROM drive to search for the appropriate files.
174
Configuring Dynamic IP address allocation
Microsoft Windows 98/98SE/ME/2000
Follow these steps to configure your PC for dynamic IP address allocation.
Dynamic IP address allocation in Windows 98/98SE/ME/2000:
1 on .
Settings .
3. Click .
4. Double-click on the Network icon.
5. The configuration screen will appear as illustrated on the right.
2
1. In the Network window’s
Configuration tab, select the
TCP/IP component corresponding to your Ethernet adapter.
2. Click on the Properties button.
This will bring you to the screen shown on the left.
175
3 1. Click on the IP Address tab.
Obtain an IP address automatically radio button.
3. Click on the Gateway tab.
4. Verify that the Installed
Gateways list is blank.
5. Click on the OK button.
This will return you to the
Network dialog page.
6. Click on the OK button to close all windows and reboot your computer.
176
Configuring Static IP address allocation
Microsoft Windows 98/98SE/ME/2000
The following will help you configure your PC with static IP address allocation.
Static IP address allocation in Windows 98/98SE/ME/2000:
1 on .
Settings . on .
4. Double-click on the Network icon.
5. The Network Configuration screen shown on the right will appear.
2 1. In the Network window’s
Configuration tab, select the
TCP/IP component corresponding to your Ethernet adapter.
2. Click on the Properties button.
This will bring you to the screen shown on the left.
177
3 1. Click on the IP Address tab.
Specify an IP address radio button.
3. Fill in the IP Address field as
192.168.168.X
, where X can take any value from 2 to
254.
For illustration, we keyed in
192.168.168.45
as IP address. in
Subnet Mask .
as the
4 1. Click on the Gateway tab.
2. Key in the IP address of the router in the New Gateway field.
The default IP address of the router is 192.168.168.1 as we illustrate on the left.
3. Click on the Add button.
5 1. DNS
Configuration tab. the radio button.
3. Type in a unique identifying name in the Host field.
4. We illustrate on the left with
Serv_01 .
5. Key in the IP address of your
DNS server, as specified by your Internet Service
Provider in the DNS Server
Search Order field.
6. Click on the Add button.
178
Configuring Wireless Network Settings for Windows XP
It is usually recommended to configure the wireless client PC or notebook with automatic IP addressing.
These steps will guide you in configuring your wireless network settings.
Microsoft Windows XP:
1 1. Right-click on Wireless
Network Connection corresponding to the wireless Ethernet adapter that you wish to connect to the router.
2. Click
2
1. Click tab.
2. Click on the Add button.
3 1. Key in the SSID of the wireless network in the
Network name field.
Ensure that the ESSID entered is the same as that entered for the router as well as all other clients within the same wireless network.
2. Click on the OK button.
179
Appendix B: Troubleshooting
Solutions to Common Problems
In this section, we list suggested steps to rectify some common problems that may arise during the installation and operation of the router.
1. I want to know whether my PC is connected to the router and to the
Internet.
A. Open a Command Prompt
♦ For Windows 98/98SE/ME, please click the Start button and
Run. In the Open field within the Run dialog box, type in
command. Press the Enter key or click the OK button.
♦ For Windows 2000 and XP, please click the Start button and
Run. In the Open field within the Run dialog box, type in
cmd. Press the Enter key or click the OK button.
B. In the Command Prompt, type ping 192.168.168.1 and press the
Enter key.
♦ If you get a reply, the computer is communicating with the router.
♦ If you do NOT get a reply, please check the cables and ensure that the settings are correct before trying again.
C. In the Command Prompt, type ping www.yahoo.com
and press the Enter key.
♦ Obtaining a reply means that you are connected to the
Internet.
♦ Otherwise, you may want to ping another known host.
Getting no reply from any of the other hosts that you have tried, suggests that your connection may be having problems.
180
2. I am unable to surf the Internet.
A. Make sure that the Ethernet cable is properly connecting your
Cable/ADSL modem to the WAN port of the router, and verify whether the router has a valid IP address from the About System page. Then refer to suggested steps A, B & C to Problem 1 as described above, to verify the connectivity of the gateway.
B. Ensure that the WAN settings suit your broadband connection.
In case of doubt, you should contact your network administrator/ISP to enquire about your Internet connection type.
C. Power off your computer, the router and the Cable/ADSL modem. Turn on the Cable/ADSL modem then wait for 1 minute before turning on the router. Lastly, turn on your computer.
Verify whether you have been allocated an IP address and are able to surf the web.
3. I am a PPPoE and am not able to access Internet
A. Refer to Problem 1 follow the suggested steps described to verify your connectivity to the router.
B. If you are a PPPoE user, you will need to remove the proxy settings or the dial-up pop-up window.
C. Open your Web browser.
♦ For Microsoft Internet Explorer 5.0 or later versions
From the Tools menu bar, select Internet Options and then click on the Connections tab. Click on the LAN
Settings button. Uncheck any options from that dialog box. Press the OK button to return to the previous screen.
Click the radio box option never dial a connection to remove any dial-up pop-ups. Press the OK button to finish.
181
♦ For Netscape 4.7 or later versions
Start Netscape Navigator. From the Edit menu bar, select Preferences, then Advanced, and finally Proxies.
Make sure that the direct connection to the Internet option is selected.
Close all windows to finish.
4. I want to reset the default login password of the router.
A. Power up the router
B. Depress the Reset button situated at the back of the device and hold it for 5 seconds before releasing it.
5. I want to set the router to its factory default settings.
A. Power up the router.
B. Depress the Reset button situated at the back of the device and hold it for 8 seconds before releasing it.
6. My laptop is not able to access the router.
A. In the Command Prompt, type ping 192.168.168.1 and press the
Enter key.
♦ If you get a reply, your laptop is communicating with the router.
♦ If you do NOT get a reply, please go through the following steps.
B. Ensure whether your wireless card and driver have been properly installed.
♦ Open the Control Panel. Double-click the System icon.
Inside the Device Manager window, expand the Network
Adapters listing and verify whether the name of your wireless card is listed.
If it does not, power down your laptop. Remove the wireless card from its slot and re-insert it, ensuring that it properly fits into the slot. Reboot your computer.
If it does, click on it and press the Properties button.
Check whether Device Status displays this message
182
“This device is working properly”. If it does not, you will need to uninstall and re-install the software driver.
C. Verify whether your router and your laptop and/or other wireless clients have been configured with the same SSID, which is the case-sensitive name of the wireless network that you are trying to access, and the same WEP settings.
D. Check whether your router and your laptop are using the same frequency band.
♦ If you have set up the router in the 2.4GHz frequency band, your laptop should be able to support either IEEE 802.11b or
IEEE 802.11g wireless standards.
♦ If you have set up the router in the 5GHz frequency band, your laptop should be able to support IEEE 802.11a wireless standards.
7. My network contains several routers but they are unable to connect to each other.
If you are running the Parallel Broadband feature:
Although they may belong to different SSIDs, the routers MUST operate in the same frequency band.
183
Appendix C CLI Commands
Get Operation List
SYNTAX
Get tasks
Get sysinfo
Get aplist
Get athstats
Get brinfo
Get brmacshow
Get bssinfo.
Get channel
Get chanlist
Get ieee80211stats
Get routeshow
Get stalist
Get linkinfo
Get macstats
Get opmode
Get wmode
DESCRIPTION
Display all active process/tasks.
Display system information.
Display list of access points discovered.
Display wireless driver information.
Display bridge and interfaces information.
Display bridge learned MAC address list.
Display current radio information.
Display current wireless channel number.
Display current domain wireless channels.
Display ieee80211 protocol statistics.
Display the routing table information.
Display a list of currently associated stations.
Display client link information (Client mode only)
Display a list of currently learnt wireless device MAC addresses.
Display current wireless operation mode.
Display wireless mode (a/b/g)
Set Operation List
SYNTAX
Set factorydefault
Restart
Save Configuration
SYNTAX
Commit
DESCRIPTION
Set factorydefault – restore configuration to factory default.
Do a warm reboot.
DESCRIPTION
Save current configuration to flash.
Most commands require rebooting to take effect after saving.
Long Range
Check for recommended values from long distant option setup page.
SYNTAX
Set outdoor <enable/disable>
Set distance <value>
Set acktimeout <value>
Set ctstimeout <value>
DESCRIPTION
Enable outdoor for long-range connection.
Set the connection distant (value in decimal)
Set the ACK timeout (value in decimal)
Set the CTS timeout (value in decimal)
Set the Slot timeout (value in decimal) Set slottimeout <value>
TX Power
SYNTAX
Set txpower <string>
DESCRIPTION
(Default full) auto, 1, 2, 3, 4,..., 17, full, min
184
TX Rate
SYNTAX
Set txrate <string>
DESCRIPTION
Values are: (default auto)
(802.11a)-- 6, 9, 12, 18, 24, 36, 48, 54, auto
(802.11b/g mixed)-- 1, 2, 5,5, 11, 6, 9, 12, 18, 24, 36, 48, 54, auto
(802.11b-only)-- 1, 2, 5.5, 11, auto
Wireless Mode
SYNTAX
Set wirelessmode <string>
Set key <keyindex> default
DESCRIPTION
Supported strings are: auto, 11a, 11b, 11g, pureg, superg, supera
Set autochannelselect Enable/disable
Set radio_off_eth_down enable/disable
Enable or disable smart channel select during power up.
Enable or disable auto turn off radio when Ethernet port connection link is lost.
WEP Key
Must first, set a key entry type then proceed to set the key index, size and value.
SYNTAX
Set key <keyindex> <keysize> <keyvalue>
DESCRIPTION
Set keyentrymethod hex/ascii
Set default key.
Add or Delete User
SYNTAX
Set user < [-r|-w] > <password> username
Set user –d username
Country Code
SYNTAX
Set countrycode <iso.name>
Set countrycode <2 letter string>
DESCRIPTION
To add a user.
To delete user.
DESCRIPTION
List of countries:
{0, "NA" },
{CTRY_ALBANIA, "AL" },
{CTRY_ALGERIA, "DZ" },
{CTRY_ARGENTINA, "AR" },
{CTRY_ARMENIA, "AM" },
{CTRY_AUSTRALIA, "AU" },
{CTRY_AUSTRIA, "AT" },
{CTRY_AZERBAIJAN, "AZ" },
{CTRY_BAHRAIN, "BH" },
{CTRY_BELARUS, "BY" },
{CTRY_BELGIUM, "BE" },
{CTRY_BELIZE, "BZ" },
{CTRY_BOLIVIA, "BO" },
{CTRY_BRAZIL, "BR" },
{CTRY_BRUNEI_DARUSSALAM,
{CTRY_BULGARIA, "BG" },
{CTRY_CANADA, "CA" },
{CTRY_CHILE, "CL" },
{CTRY_CHINA, "CN" },
{CTRY_COLOMBIA, "CO" },
{CTRY_COSTA_RICA, "CR" },
{CTRY_CROATIA, "HR" },
{CTRY_CYPRUS, "CY" },
{CTRY_CZECH, "CZ" },
{CTRY_DENMARK, "DK" },
{CTRY_DOMINICAN_REPUBLIC, "DO" },
{CTRY_ECUADOR, "EC" },
{CTRY_EGYPT, "EG" },
{CTRY_EL_SALVADOR, "SV" },
{CTRY_ESTONIA, "EE" },
{CTRY_FINLAND, "FI" },
185
{CTRY_FRANCE, "FR" },
{CTRY_FRANCE2, "F2" },
{CTRY_GEORGIA, "GE" },
{CTRY_GERMANY, "DE" },
{CTRY_GREECE, "GR" },
{CTRY_GUATEMALA, "GT" },
{CTRY_HONDURAS, "HN" },
{CTRY_HONG_KONG, "HK" },
{CTRY_HUNGARY, "HU" },
{CTRY_ICELAND, "IS" },
{CTRY_INDIA, "IN" },
{CTRY_INDONESIA, "ID" },
{CTRY_IRAN, "IR" },
{CTRY_IRELAND, "IE" },
{CTRY_ISRAEL, "IL" },
{CTRY_ITALY, "IT" },
{CTRY_JAPAN, "JP" },
{CTRY_JAPAN1, "J1" },
{CTRY_JAPAN2, "J2" },
{CTRY_JAPAN3, "J3" },
{CTRY_JAPAN4, "J4" },
{CTRY_JAPAN5, "J5" },
{CTRY_JAPAN6, "J6" },
{CTRY_JORDAN, "JO" },
{CTRY_KAZAKHSTAN, "KZ" },
{CTRY_KOREA_NORTH, "KP" },
{CTRY_KOREA_ROC, "KR" },
{CTRY_KOREA_ROC2, "K2" },
{CTRY_KOREA_ROC3, "K3" },
{CTRY_KUWAIT, "KW" },
{CTRY_LATVIA, "LV" },
{CTRY_LEBANON, "LB" },
{CTRY_LIECHTENSTEIN,
{CTRY_LITHUANIA, "LT" },
{CTRY_LUXEMBOURG, "LU" },
{CTRY_MACAU, "MO" },
{CTRY_MACEDONIA, "MK" },
{CTRY_MALAYSIA, "MY" },
{CTRY_MALTA, "MT" },
{CTRY_MEXICO, "MX" },
{CTRY_MONACO, "MC" },
{CTRY_MOROCCO, "MA" },
{CTRY_NETHERLANDS, "NL" },
{CTRY_NEW_ZEALAND, "NZ" },
{CTRY_NORWAY, "NO" },
{CTRY_OMAN, "OM" },
{CTRY_PAKISTAN, "PK" },
{CTRY_PANAMA, "PA" },
{CTRY_PERU, "PE" },
{CTRY_PHILIPPINES, "PH" },
{CTRY_POLAND, "PL" },
{CTRY_PORTUGAL, "PT" },
{CTRY_PUERTO_RICO, "PR"
{CTRY_QATAR, "QA" },
{CTRY_ROMANIA, "RO" },
{CTRY_RUSSIA, "RU" },
{CTRY_SAUDI_ARABIA, "SA" },
{CTRY_SINGAPORE, "SG" },
{CTRY_SLOVAKIA, "SK" },
{CTRY_SLOVENIA, "SI" },
{CTRY_SOUTH_AFRICA, "ZA" },
{CTRY_SPAIN, "ES" },
{CTRY_SWEDEN, "SE" },
{CTRY_SWITZERLAND, "CH" },
{CTRY_SYRIA, "SY" },
{CTRY_TAIWAN, "TW" },
{CTRY_THAILAND, "TH" },
{CTRY_TRINIDAD_Y_TOBAGO, "TT" },
186
Channel
SYNTAX
Set channel <value>
SSID
SYNTAX
Set ssid <string>
Closed System
SYNTAX
Set hidessid enable/disable
Per Node
SYNTAX
Set apbridge enable/disable
RTS, Fragment, and Beacon Interval
SYNTAX
Set rts <value
Set fragment <value>
Set beaconintval <value>
Set dtim <value>
DESCRIPTION
(Value in decimal)
{CTRY_TUNISIA, "TN" },
{CTRY_TURKEY, "TR" },
{CTRY_UKRAINE, "UA" },
{CTRY_UAE, "AE" },
{CTRY_UNITED_KINGDOM, "GB" },
{CTRY_UNITED_STATES, "US" },
{CTRY_URUGUAY, "UY" },
{CTRY_UZBEKISTAN, "UZ" },
{CTRY_VENEZUELA, "VE" },
{CTRY_VIET_NAM, "VN" },
{CTRY_YEMEN, "YE" },
{CTRY_ZIMBABWE, "ZW" },
DESCRIPTION
(Not More than 32 characters)
DESCRIPTION
Enable or disable broadcasting of SSID.
DESCRIPTION
Enable or disable isolation of wireless client.
DESCRIPTION
(Value in decimal, default 2312, range 1 to 2312)
(Value in decimal, default 2346, range, 256 to 2346)
(Value in decimal, default 1, range 1 to 1000)
Data Beacon Rate (value in decimal, default 1, range 1 to 16384)
187
WLAN State
SYNTAX
Get wlanstate
Set wlanstate enable/disable
Reset Button
SYNTAX
Get buttonpassreset
Set buttonpassreset enable/disable
DESCRIPTION
Display whether status of current wireless operation is Enabled or
Disabled.
Set to Disable to turn off wireless operation.
Set to Enable to turn back on wireless operation.
Note:
When executing this command, please ensure that you are not connected on wireless with device or you will be disconnected from the device and network.
The wireless operation can only be Enabled from the Ethernet port or
UTP cable connection to device.
DESCRIPTION
Display the status of Reset Button operation.
If status is (Enabled), resetting of password by pressing Reset Button is allowed.
If status is (Disabled), resetting of password by pressing Reset Button is not allowed.
Set to Disable to prevent resetting of password by pressing Reset button.
Set to Enable to allow resetting of password by pressing Reset button.
188
Appendix D: Glossary of Terms
List of commonly used terms
10Base-T
100Base-Tx
802.11b
802.11g
Bit
Broadcasting
Browser
CAT 5
Database
Data Packet
DHCP
DMZ
DNS
Driver
An IEEE Ethernet standard for 10Mbps data transmission using unshielded twisted pair wires.
An IEEE Ethernet standard for 100Mbps data transmission using two pairs of Category 5 UTP wire.
An IEEE standard for wireless networking standard specifying a maximum data transmission rate of 11Mbps using DSSS modulation and an operating frequency of 2.4GHz.
An IEEE standard for wireless networking standard specifying a data transfer rate of 54Mbps using ODFM modulation and an operating frequency of 2.4GHz, as well as backward compatibility with the
802.11b devices.
Short for "Binary Digit." It uses 0 and 1 as the value for the binary numbering system. It is also the smallest form of data.
To simultaneously send the same message to all network members.
The browser is a general name given to applications designed to view and interact with HTML pages on the World Wide Web.
It is a standard developed by the Electronics Industries Association that specifies network cabling which consists for twisted pairs of copper wire with a sustainable data rate of 100Mbps.
A database is a collection of information that is organized so that the contents may be easily accessed/managed.
In an IP network, packet switching is the method employed to transmit data and the smallest chunk of data is called a packet (packet size can vary).
Dynamic Host Configuration Protocol. It is a protocol that allows the network administrator to centrally manage and assign IP addresses to devices in the network.
De-Militarized Zone hosting allows the administrator to expose a private
IP address onto the Internet. It is used for a PC/Server assigned with a
Static IP address and requiring multiple TCP/IP ports to be opened.
Domain Name System translates Internet domain names to IP addresses, giving meaningful and easy-to-remember names to otherwise arcane IP addresses.
A piece of software developed to interface a piece of hardware with its immediate upper-layer software (i.e. operating system) so that it can be recognized and operated.
189
DSSS
Dynamic IP Address
Encryption
Ethernet
Fast Ethernet
Firewall
Firmware
FTP
Full Duplex
Gateway
Half Duplex
HTTP
ICMP
IGMP
Direct Sequence Spread Spectrum is a modulation scheme employed by the 802.11b standard that uses a chipping code (redundant bit) during its transmission to reject interference.
It is an IP address that is dynamically allocated or assigned to a client device within a TCP/IP network, typically by a DHCP server.
Encryption is a security method applying specific algorithms to make sure that all the data from one computer is encoded into a form that only the other intended party will be able to decode and view the information.
An IEEE standard network protocol that specifies how data is transmitted over a common medium. It uses CSMA/CD, which stands for Carrier Sense Multiple Access with Collision Detection. It has a defined data rate of 10Mbps.
An IEEE standard extended from 10Base-T Ethernet to support 100Mbps data rate.
It is a software layer that controls network access from within and without so that any undesired activity by malicious or snooping parties may be prevented.
It is a software code written and saved within the read-only memory
(ROM) or programmable read-only memory (PROM). The firmware that is written on the ROM/PROM is retained even when the device is powered off.
File Transfer Protocol. It is a protocol designed to transfer files over a
TCP/IP network.
It defines the ability of a device to transmit data simultaneously in both upstream and downstream directions over a single line.
A gateway is a device that interconnects networks.
It defines the ability of a device to transmit in one direction at a time over a single line.
HyperText Transport Protocol is a common protocol used to connect servers on the World Wide Web, with its primary function being to establish a connection with a web server and transmit HTML pages to the client’s browser.
Internet Control Message Protocol is a message control and error reporting protocol between a host server and a gateway to the
Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the IP software and are not directly apparent to the application user.
Internet Group Management Protocol is the standard for IP multicasting on the Internet. It is used to establish host memberships in particular multicast groups on a single network. The mechanisms of the protocol allow a host to inform its local router, using Host Membership
Reports, that it wants to receive messages addressed to a specific
190
IEEE
IP Address
IPSec
ISP
LAN
Latency
MAC Address
Mbps
Multicasting
NAT
OFDM
Packet Filtering
Parallel Broadband
Ping
PPPoE multicast group. All hosts conforming to level 2 of the IP multicasting specification require IGMP.
It is the Institute of Electrical and Electronic Engineers. The IEEE is a professional technical body promoting the development and application of technology.
At the moment, IP address is a 32-bit binary digit that defines each sender or receiver of information across an IP network.
Internet Protocol Security. It is a suite of protocols used to implement secure exchange of packets at the IP layer.
Internet Service Provider. It is a company that provides individuals or corporations with Internet access and other related services.
Local Area Network is a group of computers and devices sharing a common communication medium within a small geographical area.
Latency is a time-delay.
MAC is the abbreviation for Media Access Control. The MAC address is a unique number assigned by the manufacturer to any Ethernet networking device, such as a network adapter or router. It allows a network to identify the hardware. Unlike IP addresses, this number is permanent and is therefore a valuable identifier.
Mega bits per second. It is a unit of measurement for data transmission indicating a million bits per second.
To transmit a single message to a select group of network recipients.
Network Address Translations multiplexes multiple private IP addresses for the LAN to a single public IP address on the Internet.
Orthogonal Frequency Division Multiplexing. It is a modulation scheme employed by the IEEE 802.11g standard, which combines numerous signals of different frequencies to form a single signal for transmission over a medium.
This is a means of discarding unwanted network traffic based on its originating IP addresses or the type of packet/data transmitted.
This exclusive feature enables the connection of multiple broadband routers to a single network.
Packet Internet Groper is a utility used to determine whether a particular IP address is available online. It works by sending out a packet and waiting for a response from the recipient.
Point-to-Point Protocol over Ethernet is a method for the encapsulation of PPP packets over Ethernet frames.
191
PPTP
Preamble
Unicasting
URL
UTP
VPN
WAN
RJ-45
Short Slot Time
SNMP
Subnet Mask
TCP
Throughput
UConfig
UDP
Point-to-Point Tunneling Protocol supports the creation of Virtual Private
Networks by ensuring that messages transmitted from one VPN node to another are secure. Users can use PPTP to dial in to their corporate network via the Internet.
A preamble is a signal used in network communications to synchronize the transmission timing between two or more systems. Proper timing ensures that all systems are interpreting the start of the information transfer correctly. While a short preamble improves throughput, a long preamble ensures compatibility.
A connector used for Ethernet devices that holds up to eight wires.
A reduced short slot time decreases backoff, or the length of waiting time before sending a packet on the LAN, thus improving throughput.
Simple Network Management Protocol is a monitoring and controlling protocol. SNMP devices/applications report network activity within to a workstation console so that it may be monitored and controlled.
Subnet masking is a method of splitting IP networks into subgroups.
Transmission Control Protocol enables two hosts to establish a connection and exchange streams of data, guaranteeing delivery of data and that packets will be delivered in the same order in which they were sent.
It is the measurable amount of data moved from one place to another within a given time period.
uConfig is a unique feature that provides the ability to directly access web-configurable Ethernet devices without the need to know absolute IP addresses. This feature is standard on all the devices that feature web-based configuration.
User Datagram Protocol is a connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP provides a direct way to send and receive datagrams over an IP network and is used primarily for broadcasting messages over a network.
Communication that takes place over a network between a single sender and a single receiver.
Uniform Resource Locator is the address that defines the location of a file on the World Wide Web.
Unshielded Twisted Pair is the most common kind of copper wiring designed to reduce crosstalk between copper wires.
Virtual Private Network is a secure means to join remote networks using comprehensive authentication and encryption. They may be
“virtually” joined even across a public network like the Internet by using secure protocols like IPSec amongst others.
Wide Area Network. It is a communication network that extends over a large geographical area.
192
WEP
WLAN
Wired Equivalent Privacy is a wireless data privacy encryption protocol based on a 64-bit or 128-bit shared key algorithm.
Wireless Local Area Network is a group of computers and associated devices that communicate with each other wirelessly.
193
Appendix E: Technical Specifications
Industrial Standards
WAN Interface
WAN Type
LAN Interface
Wireless Security
IP Protocol Set
VPN Tunneling
IP Addressing
Built-in-DHCP Server
DHCP Reservation
NAT Firewall
Technical Specification
Wired:
•
•
•
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-Tx
IEEE 802.3x Flow Control
Wireless:
•
•
IEEE 802.11a
IEEE 802.11b
• IEEE 802.11g
1x Auto MDI/MDI-X RJ45 Ethernet Port for external Cable/ADSL modem
• Static IP
•
•
•
•
Dynamic IP
PPP over Ethernet (PPPoE)
PPTP
L2TP
Integrated 4-port 10/100Mbps Switch
•
•
•
•
•
•
•
WPA Personal
WPA Enterprise
WPA2-Personal
WPA2-Enterprise
WPA-Auto-Personal
WPA-Auto-Enterprise
64/128-bit WEP
• 802.1 x Authentication
Dynamic IP Addressing, Static IP
Addressing, DHCP server, PPPoE, NAT, TCP,
UDP, IP, IPCP, PPTP, PAP, CHAP, SNTP,
SNMP, L2TP
Site-to-Site VPN Tunneling
All Classful/Classless subnets
Yes
Yes
Yes
194
Stateful Packet Inspection
(SP I) Firewall
Yes
Universal Plug and Play
Dynamic DNS Service
(Subscribe service)
Time-based Access
Yes
Yes
Yes
Control
Broadband Internet Sharing Yes
Yes Support for Watchdog
Timer
Load-Balancing/Fail-Over
Internet Connectivity
Virtual Server
Parallel Broadband
IP Packet Filtering
URL Filtering
IP Routing
VPN Client Pass-Through
Management and
Monitoring
IP and Port Forwarding, De-Militarized
Zone hosting
Time-based, TCP Port, Source IP Filtering
Yes
Static and Dynamic Routing Entry
PPTP, IPSec
SNMP, Web-based Configuration
Interface, uConfig
Profile Backup and Restore Yes
Firmware Upgradeable Yes
Power Requirements •
•
Voltage: 5VDC
Current Rating: 3A
Physical and Environment Temperature:
•
•
Operating: 0°C to 55°C
Storage: -20°C to 75°C
Physical Dimension
Humidity:
• Operating: 10% to 80% RH
• Storage: 5% to 90% rh
31mm x 160mm x 170mm
(H x W x D)
195
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement