ADSL 2/2+ Ethernet Modem

User Manual

VERSION 1.0

User Manual

Contents

About this Manual ...................................................................6

About the Router.......................................................................7

Requirements .....................................................................................7

Software ..........................................................................................................................7

Hardware.........................................................................................................................7

Package Contents ..............................................................................8

Device Design.....................................................................................9

Front Panel......................................................................................................................9

Back Panel ....................................................................................................................10

Getting Started.........................................................................11

Remove or Disable Conflicts ............................................................12

Internet Sharing, Proxy, and Security Applications .......................................................12

Configuring TCP/IP Settings .........................................................................................13

Configuring Internet Properties .....................................................................................13

Removing Temporary Internet Files ..............................................................................13

Hardware Setup................................................................................15

Bridge Connection.........................................................................................................15

Direct Connection..........................................................................................................17

Connecting to the Internet ................................................................19

About the Web Manager ....................................................21

Page 2 of 92

User Manual

Accessing the Web Manager............................................................21

Menus...............................................................................................22

Basic Menu....................................................................................................................23

Advanced Menu.............................................................................................................24

Help Menu .....................................................................................................................25

Basic Menu ..............................................................................26

Home ................................................................................................26

Connection Information .................................................................................................26

Router Information.........................................................................................................27

Local Network Information.............................................................................................27

Quick Start........................................................................................27

Advanced Menu.....................................................................28

WAN .................................................................................................29

New Connection ............................................................................................................29

ADSL Modulation...........................................................................................................35

Connection Scan ...........................................................................................................35

Quickstart ......................................................................................................................36

LAN...................................................................................................37

LAN Configuration .........................................................................................................37

LAN Clients....................................................................................................................42

Applications ......................................................................................43

Simple Network Management Protocol (SNMP) ...........................................................44

IGMP Proxy ...................................................................................................................45

TR-068 WAN Access.....................................................................................................47

DNS Proxy.....................................................................................................................48

Page 3 of 92

User Manual

Port Forwarding.............................................................................................................49

Bridge Filters .................................................................................................................52

Web Access Control......................................................................................................53

Quality of Service (QoS)...................................................................54

Egress ...........................................................................................................................56

Ingress...........................................................................................................................59

QoS Shaper Configuration ............................................................................................63

Policy Routing Configuration .........................................................................................67

Routing .............................................................................................70

Static Routing ................................................................................................................70

Routing Table ................................................................................................................71

Security.............................................................................................72

IP Filters ........................................................................................................................72

LAN Isolation .................................................................................................................74

Status................................................................................................75

Connection Status .........................................................................................................76

System Log....................................................................................................................77

Remote Log...................................................................................................................78

Network Statistics..........................................................................................................80

DHCP Clients ................................................................................................................81

QoS Status ....................................................................................................................82

Modem Status ...............................................................................................................83

Product Information .......................................................................................................84

Diagnostics .......................................................................................85

Ping Test .......................................................................................................................85

Full Modem Test............................................................................................................86

System Password.............................................................................87

Changing the System Password ...................................................................................87

Page 4 of 92

User Manual

Changing the Timeout Settings .....................................................................................88

Firmware Upgrade............................................................................89

Save Settings....................................................................................90

Restart Router ..................................................................................90

Restore to Default.............................................................................90

Help Menu..................................................................................91

Page 5 of 92

User Manual

About this Manual

This manual provides a description of the components, basic operation, and advanced configuration options of the router.

Scope

This manual provides the installation instructions, router components, and configuration information through the Web manager.

Target Audience

This manual is designed for users who are required to install and maintain the router. It assumes the user of this manual has basic knowledge and experience in configuring routers, computer networks, and computer systems.

Document Structure

The manual is divided into the following sections:

Chapter

6

7

4

5

1

2

3

About this manual

About the router

Getting Started

About the Web Manager

Basic Manu

Advanced Menu

Help Menu

About

Page 6 of 92

User Manual

About the Router

Congratulations on the purchase of your router. This router provides advanced features that allow you to converge your computer, Internet, and other network appliances into a single network through wired connection.

Requirements

Your computer must meet the following minimum requirements.

Software

Operating System:

Any operating system can be used

Browser:

Internet Explorer 4.0

Netscape Navigator 3.02

Hardware

233MHz processor

CD-ROM Drive

Ethernet network adapter

Page 7 of 92

User Manual

Package Contents

Package contents are listed below. For any missing items, please contact your dealer immediately.

Product contents vary for different models.

Modem

Ethernet Cable

Telephone Cable

Power Adapter

Installation CD

Quick Start Guide

Page 8 of 92

Device Design

Front Panel

The LEDs on the front panel gives you an idea about the power and connection status.

User Manual

A

B

C

Label

A POWER

B ETHERNET

C DSL

Action

Off

Steady light

Off

Steady light

Blinking light

Off

Blinking light

Steady light

Description

No power is supplied to the device

Connected to an AC power supply

No Ethernet connection

Connected to an Ethernet port

Transmitting/Receiving data

No DSL signal

Establishing DSL signal

DSL signal is established

Page 9 of 92

User Manual

Back Panel

The back panel provides ports to power up and connect the router into the network.

Back Panel

Label

DSL

ETHERNET

RESET

9V DC

ON/OFF

Used for…

Connecting the telephone cable

Connecting with a computer/device through Ethernet cable

Resetting the device. Press for 10 seconds to reset.

Connecting with the 9V power adapter

Switching the device on/off

Page 10 of 92

User Manual

Getting Started

Setting up the device is easy. The flowchart below provides an outline of the steps you need to complete the installation. There are brief descriptions beside each step to help you along. Detailed instructions are provided in the subsequent pages.

Page 11 of 92

User Manual

Remove or Disable Conflicts

To make sure the router installation moves on smoothly, you need to remove or disable conflicts that may interfere the installation. Probable conflicts may include:

Internet sharing applications

Proxy software

Security software

TCP/IP settings

Internet properties

Temporary Internet files

Internet Sharing, Proxy, and Security Applications

Internet sharing, proxy software, and firewall applications may interfere with the router installation.

These should be removed or disabled before you install and configure the router.

If you have any of the following or similar applications installed on your computer, remove or disable them according to the manufacturer’s instructions.

Internet Sharing Applications

Microsoft Internet Sharing

Proxy Software

WinGate

Security Software

Symantec

Page 12 of 92

User Manual

Configuring TCP/IP Settings

Use the default TCP/IP settings to allow the router to provide a network address to the computer,

To set the TCP/IP properties:

2. Enter control ncpa.cpl and then click OK. This opens the Network Connections in your computer.

3. Right-click LAN and then select Properties. This opens the Local Area Connection

Properties dialog box.

4. Select Internet Protocol (TCP/IP) and then click Properties. This opens the Internet

Protocol (TCP/IP) dialog box.

Configuring Internet Properties

To set the Internet Properties:

Removing Temporary Internet Files

Temporary Internet files are files from Web sites that are stored in your computer. Delete these filed to purge the Internet cache and remove footprints left by the Web pages you visited.

Page 13 of 92

User Manual

To remove temporary Internet files:

Page 14 of 92

User Manual

Hardware Setup

When installing the router, the common practice is to have the router, the main computer, and phone jack in the same room. The room should also have enough electrical outlets to match your needs.

The following hardware setup samples depict two scenarios – Bridge Connection and Direct

Connection.

Bridge Connection

This device is preconfigured to function as a bridge connector between the Internet service and the local network. In this setup, the router acts as a dialer for a broadband router. To connect to the

Internet,

To setup a bridge connection:

1. Plug one end of the telephone cable from the POTS Splitter’s ADSL port and then plug the other end into the router’s DSL port

Page 15 of 92

User Manual

POTS Splitter

A phone line can carry phone call and Internet signals. When you enable the phone line for high speed Internet, the connection produces high-pitched tones when using the phone. Installing a

Plain Old Telephone Service (POTS) splitter separates the two signals and eliminates the noise.

To setup the telephone POTS Splitter:

1. Locate the phone jack in your house.

2. Insert the POTS Splitter into the phone jack.

3. Plug one end of the telephone cable from the POTS Splitter’s TEL port and then plug the other end into the telephone.

2. Plug one end of the Ethernet cable from the router’s ETHERNET port and then plug the other end into a broadband router’s WAN port.

3. Connect the computer into an available LAN Ethernet port in the broadband router. In this setup, the router merely acts as a dialer for the broadband router. Broadband routers, by itself, do not have the capability to connect to an ADSL service because it does not have a DSL port.

To connect to the Internet, use the connection settings of the broadband router.

Page 16 of 92

Direct Connection

When a computer is directly connected to the modem, you can use it to connect to the Internet.

User Manual

To setup a direct connection:

1. Plug one end of the telephone cable from the POTS Splitter’s ADSL port and then plug the other end into the router’s DSL port

POTS Splitter

A phone line can carry phone call and Internet signals. When you enable the phone line for high speed Internet, the connection produces high-pitched tones when using the phone. Installing a

Plain Old Telephone Service (POTS) splitter separates the two signals and eliminates the noise.

To setup the telephone POTS Splitter:

1. Locate the phone jack in your house.

2. Insert the POTS Splitter into the phone jack.

3. Plug one end of the telephone cable from the POTS Splitter’s TEL port and then plug the other end into the telephone.

Page 17 of 92

User Manual

2. Plug one end of the Ethernet cable from the router’s ETHERNET port and then plug the other end into the Ethernet port in your computer.

3. Connect the power adapter from the router’s 9V DC port into the electrical outlet and then press ON.

Page 18 of 92

User Manual

Connecting to the Internet

Use the Web Manager’s Quick Start to connect to the Internet.

Note: These connection settings only apply if your computer is directly connected to the router.

To connect to the Internet:

1. Open your browser.

2. Enter 192.168.1.1 in the address field and then press Enter. This opens the Log In page of

Web Manager.

3. Enter the Username and Password for the Web Manager. The default Username and

Password is admin.

Log In

5. From the Advanced Menu, click New Connection. This opens the New Connection page where you can enter your Internet account connection settings.

6. Enter your connection settings. Please ask your Internet Service Provider for the correct settings.

Page 19 of 92

User Manual

7. Click Connect. When the connection attempt is successful, the Basic Home page appears.

When the connection attempt is not successful, a message will ask you to verify the Username and Password.

Basic Home page

Page 20 of 92

User Manual

About the Web Manager

The Web Manager is used to configure the router settings.

Accessing the Web Manager

To access the Web Manager:

1. Open a browser.

2. Enter the router’s IP Address. The default IP Address is 192.168.1.1.

3. When authentication is enabled, the log in page will appear. In the login page, enter the

Username and Password. The default Username and Password is admin.

Page 21 of 92

User Manual

Menus

The web interface includes the following menus:

Basic Menu

Advanced Menu

Help Menu

Page 22 of 92

Basic Menu

The Basic Menu includes the Home and Quick Start links.

Basic Menu

User Manual

Page 23 of 92

User Manual

Advanced Menu

The Advanced Menu provides advanced configuration settings for existing connections. At least one

WAN connection must be configured before implementing advanced WAN configuration features. At least one LAN group must be defined before implementing advanced LAN configuration features.

Advanced Menu

Page 24 of 92

Help Menu

The Help Menu provides documentation about various router features.

User Manual

Help Menu

Page 25 of 92

User Manual

Basic Menu

The options for the Basic Menu include:

Home

Quick Start

Home

The Home page provides a one-page summary about the Connection Information, Router Information, and Local Network settings.

Basic Home

Connection Information

The Connection Information pane gives you an idea about the status of your Internet connection. This pane includes a Connect/Disconnect button. When clicked, the router makes an attempt to connect to the Internet using the parameters saved in the router.

Page 26 of 92

User Manual

Router Information

This pane provides all the necessary information to determine the model, firmware version, build,

Ethernet MAC Address, NAT status, and Firewall status.

Local Network Information

The Local Network pane displays the current IP address of the router. It also provides the DHCP status,

DHCP Range, and Ethernet status.

Quick Start

Quick Start gives you the ability to instantly connect to the Internet.

Quick Start

Page 27 of 92

User Manual

Advanced Menu

The Advanced Menu provides advanced configuration options. These include:

WAN

LAN

Application

QoS

Routing

Security

Status

Diagnostics

System Password

Firmware Upgrade

Save Settings

Restart Router

Restore Default

Page 28 of 92

User Manual

WAN

Wide Area Network refers to the configurations you perform to establish an Internet connection. There are several types of WAN connections that require different settings.

New Connection

Your router supports the creation of new connections. If you have multiple virtual connections, you may need to utilize the static routing capabilities of the modem to pass data correctly.

WAN connection types include:

PPPoE Connection

PPPoA Connection

Static Connection

DHCP Connection

Bridge Connection

Page 29 of 92

User Manual

PPPoE Connection

PPPoE is a common WAN connection type used to connect to the Internet. PPP, or point-to-point protocol, is a method of establishing a network connection/session between network hosts. PPPoE is a protocol for encapsulating PPP frames in Ethernet frames and is described in RFC 2516. PPPoE provides the ability to connect to a network of hosts over a simple bridging access device to a remote access concentrator. With this model, each router uses its own PPP stack. Access control, billing, and type of service control can all be done on a per-user rather than per-site basis.

New PPPoE Connection Setup

Page 30 of 92

User Manual

PPPoA Connection

Another commonly used WAN connection type is PPPoA. PPPoA is also known as RFC 2364. It is a method of encapsulating PPP packets in ATM cells that are carried over the DSL line. PPP, or point-topoint protocol, is a method of establishing a network connection/session between network hosts. It usually provides a mechanism of authenticating users. Logical Link Control (LLC) and Virtual Circuit

(VC) are two different methods of encapsulating the PPP packet. Contact your service provider to determine which encapsulation is being used on your Internet connection.

New PPPoA Connection Setup

Page 31 of 92

User Manual

Static Connection

Static connection type is used whenever a known static IP address is assigned to the router. Additional addressing information such as the Subnet Mask and the Default Gateway must also be specified. Up to three Domain Name Server (DNS) addresses can be identified. These servers resolve the name of the computer to the IP address mapped to it and thus enable you to access other web servers by typing the symbolic name (host name).

New Static Connection Setup

Page 32 of 92

User Manual

DHCP Connection

DHCP allows the router to automatically obtain the IP address from the server. This option is commonly used when the IP is dynamically assigned and is not known prior to assignment.

New DHCP Connection Setup

Page 33 of 92

User Manual

Bridge Connection

A bridge connection does not assign any IP address to the WAN interface. NAT and firewall rules are not enabled. This connection method makes the router act as a bridge for passing packets between the

WAN interface and the LAN interface.

New Bridge Connection Setup

Page 34 of 92

User Manual

ADSL Modulation

ADSL Modulation allows you to select any combination of DSL training modes. Leave the default value if you are unsure or the service provider did not provide this information. In most cases, this screen should not be modified.

ADSL Modulation

Connection Scan

This feature helps users to detect the PVC settings provided by the service provider. Before the router can begin scanning the connection, the telephone line has to be plugged into the router.

To perform connections scan:

Page 35 of 92

User Manual

Quickstart

Click to open the Quickstart Setup page. Quickstart is the connection name of the default PPPoE WAN

Connection. In this page, you can change the connection details.

Quickstart

Page 36 of 92

User Manual

LAN

The router is preconfigured to automatically provide an IP address to each Ethernet device connected in the local area network (LAN). However, if you are familiar with your network setup, you can manually configure the LAN settings.

LAN Configuration

Your router’s default IP address and subnet mask are 192.168.1.1 and 255.255.255.0, respectively.

This subnet mask allows the router to support 254 users. If you want to support more users, you need to edit the subnet mask but remember that the DHCP server function can only provide up to 255 IP addresses. If you change your gateways’ IP address and you have DHCP enabled, the DHCP configuration must reside within the same subnet. The default gateway is the routing device used to forward all traffic that is not addressed to a station within the local subnet. Your ISP will provide you with the default gateway Address.

LAN Configuration

Page 37 of 92

User Manual

To configure the LAN groupings:

2. Select ETHERNET in LAN group 1 and then click < Remove. No packets will be sent to the

ETHERNET interface because it does not belong to any LAN group.

3. Select ETHERNET from Interfaces and then click Add > under LAN group 2. Just like in LAN group 1, Configure will appear in LAN group 2 to allow the definition of additional configurations.

4. To temporarily activate the settings, click Submit.

5. To make changes permanent, click Save Settings.

Page 38 of 92

User Manual

LAN Group Configuration

LAN Group Configuration allows you to configure settings for each LAN group. Notice that you can also view the status of advanced services that can be applied to a LAN group. Green indicates that the service is enabled, while red indicates that the service is disabled.

LAN Group Configuration

Category Field

Unmanaged

Obtain an IP address automatically

IP Address

PPP IP Address

Use the following Static IP address

Netmask

IP Address

IP Address

Netmask

Description

Unmanaged is a state when the LAN group is not configured and no IP address has been assigned to the bridge.

When this function is enabled, your router acts like a client and requests an IP address from the DHCP server on the LAN side.

You can retrieve/renew an IP address from the DHCP server using the Release and Renew buttons.

The subnet mask of your router.

Enables/disables PPP unnumbered feature.

The IP address should be different but within the same subnet as the WAN-side IP address.

This field enables you to change the IP address of the router.

The default IP address of the router (as shown) is 192.168.1.1.

The default subnet mask of your router is 255.255.255.0. This

Page 39 of 92

User Manual

Enable DHCP Server

Default Gateway The default gateway is the routing device used to forward all traffic that is not addressed to a station within the local subnet.

Your ISP provides you with the IP address of the default gateway.

Host Name subnet allows the router to support 254 users. If you want to support a larger number of users you can change the subnet mask.

The host name is used in conjunction with the domain name to uniquely identify the router. It can be any alphanumeric word that does not contain spaces.

Domain The domain name is used in conjunction with the host name to uniquely identify the router. To access the web pages of the router you can type 192.168.1.1 (the IP address) or mygateway1.ar7 (Host Name.Domain).

Enables/disables DHCP. By default, your router has the DHCP server (LAN side) enabled. If you already have a DHCP server running on your network, you must disable one of the two DHCP servers.

Assign ISP DNS,

SNTP

Start IP

End IP

Lease Time

Enable/disables the Assign ISP DNS, SNTP feature when the

DHCP server of your router has been enabled. To learn more, please refer to Assign ISP DNS, SNTP .

The Start IP Address is where the DHCP server starts issuing IP addresses. This value must be greater than the IP address value of the router. For example, if the IP address of the router is

192.168.1.1 (default), then the starting IP address must be

192.168.1.2 (or higher).

The End IP Address is where the DHCP server stops issuing IP addresses. The ending address cannot exceed a subnet limit of

254; hence the max value for the default gateway is

192.168.1.254. If the DHCP server runs out of DHCP addresses, users do not get access to network resources. If this happens, you can increase the Ending IP address (to the limit of 254) or reduce the lease time.

The Lease Time is the amount of time that a network user is allowed to maintain a network connection to the router using the current dynamic IP address. At the end of the Lease Time, the lease is either renewed or the DHCP server issues a new IP. The amount of time is in units of seconds. The default value is 3600 seconds (1 hour). The maximum value is 999999 seconds

(About 278 hours).

In addition to the DHCP server feature, the router supports the Enable DHCP Relay

Page 40 of 92

User Manual

Server and Relay Off

Relay IP

DHCP relay function. When the router is configured as DHCP server, it assigns the IP addresses to the LAN clients. When the gateway is configured as DHCP relay, it is responsible for forwarding the requests and responses negotiated between the

DHCP clients and the server.

The IP address of the DHCP relay server.

When the DHCP server and relay functions are turned off, the network administrator must carefully configure the IP address,

Subnet Mask, and DNS settings of every host on your network.

Do not assign the same IP address to more than one host. Also, your router must reside on the same subnet as all the other hosts.

Assign ISP DNS, SNTP

When you enable the DHCP server, the router dynamically assigns IP addresses to computers in the local network. The router provides its own LAN IP address (192.168.1.1) as both the gateway and the

DNS server.

The router has a choice of advertising its own IP address (192.168.1.1) as the DNS server or providing the DNS that was received from the WAN. This can be configured by enabling/disabling Assign ISP

DNS SNTP on the LAN Group Configuration page.

Note: ISP DNS, SNTP only applies when the DHCP server is enabled on the LAN Group

Configuration page.

Page 41 of 92

User Manual

LAN Clients

LAN Clients allows you to view and add computers in a LAN group. Each computer either has a dynamic or static (manually-configured) IP address.

You can add a static IP address (belonging to the router’s LAN subnet) using the LAN Clients page.

Any existing static entry falling within the DHCP server's range can be deleted.

LAN Clients

To add LAN Clients:

3. (Optional) You can convert the dynamic into a static entry by clicking Reserve

4. To temporarily implement the settings, click Submit.

5. To make changes permanent, click Save Settings.

Page 42 of 92

Applications

Applications include:

Simple Network Management Protocol

Internet Group Management Protocol (IGMP) Proxy

TR-068 WAN Access

DNS Proxy

Port Forwarding

Bridge Filters

Web Access Control

User Manual

Page 43 of 92

User Manual

Simple Network Management Protocol (SNMP)

SNMP (Simple Network Management Protocol) is a troubleshooting and management protocol, which uses the UDP protocol on port 161 to communicate between clients and servers. SNMP uses a manager MIB (management information base) agent solution to fulfill the network management needs.

The agent is a separate station that can request data from an SNMP agent in each of the different system in the network. The agent uses MIBs as dictionaries of manageable objects. Each SNMPmanaged device has at least one agent that can respond to the queries from the NMS. The SNMP agent supports GETS, SETS, and TRAPS for 4 groups with MIB-II: System, Interface, IP, and ICMP.

The SNMP agent supports three-community names authentication.

SNMP Management

To access SNMP:

From the Advanced Menu, select Application > SNMP.

Page 44 of 92

User Manual

IGMP Proxy

IP hosts use Internet group management protocol (IGMP) to report their multicast group memberships to neighboring routers. Similarly, multicast routers use IGMP to discover which of their hosts belong to multicast groups. Your router supports IGMP proxy that handles IGMP messages. When enabled, your router acts as a proxy for a LAN host making requests to join and leave multicast groups, or a multicast router sending multicast packets to multicast groups on the WAN side.

IGMP Proxy

Multicasting is a form of limited broadcast. UDP is used to send datagram’s to all hosts that belong to what is called a Host Group. A host group is a set of one or more hosts identified by a single IP destination address. The following statements apply to host groups:

Anyone can join or leave a host group at will.

There are no restrictions on a host’s location.

There are no restrictions on the number of members that may belong to a host group.

A host may belong to multiple host groups.

Non-group members may send UDP datagram’s to the host group.

Multicasting is useful when the same data needs to be sent to more than one device. For instance, if one device is responsible for acquiring data that many other devices need, then multicasting is a natural fit. Note that using multicasting as opposed to sending the same data to individual devices uses less network bandwidth. The multicast feature also enables you to receive multicast video streams from multicast servers.

Page 45 of 92

User Manual

The IGMP Proxy page allows you to enable multicast on available WAN and LAN connections. You can configure the WAN or LAN interface as one of the following:

Upstream The interface that IGMP requests from hosts are sent to the multicast router.

Downstream The interface data from the multicast router are sent to hosts in the multicast group database.

Ignore No IGMP request nor data multicast are forwarded.

You can perform one of the two options:

1. Configure one or more WAN interface as the upstream interface.

2. Configure one or more LAN interface as the upstream interface.

To configure the IGMP Proxy:

3. Configure the listed interfaces.

5. To make changes permanent, click Save Settings.

Page 46 of 92

User Manual

TR-068 WAN Access (Optional)

The TR-068 WAN Access page enables you to give temporary permission to someone (such as technical support staff) to be able to access your router from the WAN side. From the moment the account is enabled the user is expected to log in within 20 minutes, otherwise the account expires.

Once the user has logged in, if the session remains inactive for more than 20 minutes, the user will be logged out and the account expires.

Enable WAN Access Update

To create a temporary user account for remote access:

4. Enter a user name and password in the User Name and Password fields.

5. Enter a port number In the Port field.

7. To make changes permanent, click Save Settings.

Note: To access your router remotely, enter the WAN Router IP and Port Number in your browser.

For example, http://10.10.10.5:51003.

Page 47 of 92

User Manual

DNS Proxy

DNS Proxy determines the primary Domain Name Server and secondary DNS to be used.

DNS Proxy

To select the DNS Server Priority:

Only Auto Discovered DNS Servers

Only User Configured DNS Servers

Auto Discovered then User Configured

User Configured then Auto Discovered

4. To make changes permanent, click Save Settings.

Page 48 of 92

User Manual

Port Forwarding

Port forwarding (or virtual server) allows you to direct incoming traffic to specific LAN hosts based on a protocol port number and protocol. Using the Port Forwarding page, you can provide local services (for example, web hosting) for people on the Internet or play Internet games. Port forwarding is configurable per LAN group.

Port Forwarding

A database of predefined port forwarding rules allows you to apply one or more rules to one or more members of a defined LAN group. You can view the rules associated with a predefined category and add the available rules for a given category. You can also create, edit, or delete your own port forwarding rules.

To configure port forwarding: add it using the LAN Client page, which is accessed by clicking New IP.

5. Select the available rules for a given category then click Add to apply the rule for this category.

Page 49 of 92

User Manual

If a rule is not in the list, you can create your own rule in the User category. To create a new rule, select User as the Category, and then click New. The Rule Management page opens.

Enter Rule Name, Protocol, Port Start, Port End, and Port Map, and then click Submit.

7. To make changes permanent, click Save Settings.

DMZ Settings

Setting a host on your local network as demilitarized zone (DMZ) forwards any network traffic that is not redirected to another host via the Port Forwarding feature to the IP address of the host. This opens the access to the DMZ host from the Internet. This function is disabled by default. By enabling DMZ, you add an extra layer of security protection for hosts behind the firewall.

DMZ Settings

Page 50 of 92

User Manual

To enable DMZ Settings:

8. To make changes permanent, click Save Settings.

Custom Port Forwarding

The Custom Port Forwarding page allows you to create up to 15 custom Port Forwarding entries to support specific services or applications, such as concurrent NAT/NAPT operation.

Custom Port Forwarding

Page 51 of 92

User Manual

Bridge Filters

The Bridge Filters allows you to enable, add, edit, or delete the filter rules. When bridge filtering is enabled, each frame is examined against every defined filter rule in sequence. When a match is found, the appropriate filtering action (allow or deny) is performed. Up to 20 filter rules are supported with bridge filtering.

Bridge Filters

To configure Bridge Filters:

1. From the Advanced Menu, select Application > Bridge Filters. This opens the Bridge Filters page.

3. To add a rule, enter Src MAC address, Src Port, Dest MAC address, Dest Port, Protocol, and Mode, then click Add.

Note: You can also edit a rule that you created using the Edit checkbox. You can delete using

Delete.

5. To make changes permanent, click Save Settings.

Page 52 of 92

User Manual

Web Access Control

The Web Access Control page allows you to access the router via the web from a remote location like your home or office.

Web Access Control

To configure Web Access:

4. Configure the following fields:

Remote Host IP

Remote Netmask

Redirect Port

5. Click Submit to temporarily activate the settings on the page. The WAN address is now added into the IP Access List. This allows you to access you router remotely.

6. To make changes permanent, click Save Settings.

Page 53 of 92

User Manual

Quality of Service (QoS)

Quality of service allows network administrators to configure the routers to meet the real time requirements for voice and video.

Different networks use different QoS markings like:

ToS network: ToS bits in the IP header

VLAN network: priority bits in the VLAN header

DSCP network: uses only 5 bits of the CoS

WLAN: WLAN QoS header.

The QoS framework is supported on all the above domains. How do you make them talk to each other?

How can you make sure the priority from one network is carried over to another network? Class of service (CoS) is introduced as the common language for the QoS mappings. When QoS is enabled, the router has full control over packets from the time they enter the router till they leave the router.

This is how it works: The domain mapping (ToS bits, priority bits, etc.) of a packet needs to be translated to CoS when the packet enters the router, and vice versa, the CoS of a packet needs to be translated back to the domain mapping when the packet leaves the router.

There are 6 types of CoS (in descending priority):

CoS1

CoS2

CoS3

CoS4

CoS5

CoS6

Page 54 of 92

User Manual

The rules are:

1. CoS1 has absolute priority and is used for expedited forwarding (EF) traffic. This is always serviced till completion.

2. CoS2-CoS5 is used for assured forwarding (AF) classes. They are serviced in a strict round robin manner using the following priority scheme:

CoS2 > CoS3 > CoS4 > CoS5

3. CoS6 is for best effort (BE) traffic. This is only serviced when there is no other class of service.

If QoS is not enabled on your router, all traffic will be treated as best effort.

There are some additional terms you should get familiarize with:

Ingress: Packets arriving into the router from a WAN/LAN interface.

Egress: Packets sent from the router to a WAN/LAN interface.

Trusted mode: Honors the domain mapping (ToS byte, WME, WLAN user priority).

Untrusted mode: Does not honor domain mapping. This is the default QoS setting.

Traffic Conditioning Agreement (TCA): The TCA needs to be defined for each interface: o Ingress mappings (Domain =>CoS) o Egress Mappings (CoS => Domain) o Untrusted mode (default)

Shaper

Page 55 of 92

Egress

Page 56 of 92

User Manual

Egress

For packets going out of the router, the markings (CoS) need to be translated to the mappings understood by the network domains. The reverse CoS and domain mapping is configured using the

Egress. To access Egress, select QoS > Egress from the Advanced Menu. There are three Egress modes:

No Egress mode

Layer 2

Layer 3

No Egress Mode

The default Egress page setting for all interfaces is No Egress. In this mode, the domain mapping of the packets are untouched.

User Manual

Layer 2

The Egress Layer 2 page allows you to map the CoS of an outgoing packet to user priority bits, which is honored by the VLAN network. Again, this feature is only configurable on the WAN interfaces as VLAN is only supported on the WAN side in the current release.

Layer 2

Field

Interface

Unclassified

Packet

Class of Service

User Priority

Description

Select the WAN interface to configure the QoS for outgoing packets; LAN interface cannot be selected as VLAN is currently supported on the WAN side only.

Some locally generated packets might not have been classified and thus do not have a CoS value, such as PPP control packet and ARP packet. You can define the CoS for all unclassified outgoing packets on layer 2 using this field, which will then pick up the user priority bits based on the mapping rules you create. The selections are (in the order of descending priority): CoS1, CoS2,

CoS3, CoS4, CoS5, and CoS6. The default value is CoS1 (recommended).

The selections are (in the order of descending priority): CoS1, CoS2, CoS3, CoS4, CoS5, and

CoS6.

The selections are 0, 1, 2, 3, 4, 5, 6, and 7.

Page 57 of 92

User Manual

Layer 3

Egress Layer 3 enables you to map CoS to ToS so that the priority marking of outgoing packets can be carried over to the IP network.

Layer 3

Field

Interface

Default Non-IP

Class of Service

Translated TOS

Description

Select the WAN interface to configure the QoS for outgoing packets; LAN interface cannot be selected as VLAN is currently supported on the WAN side only.

Locally generated packets (such as ARP packets) do not have a CoS marking. You can define the

CoS for all unclassified outgoing packets on layer 3 using this field. The selections are in the order of descending priority): CoS1, CoS2, CoS3, CoS4, CoS5, and CoS6. The default value is CoS1

(recommended).

The selections are (in the order of descending priority): CoS1, CoS2, CoS3, CoS4, CoS5, and

CoS6.

The Type of Service field takes values from 1 to 255. The selections are 0, 1, 2, 3, 4, 5, 6, and 7.

Page 58 of 92

User Manual

Ingress

Ingress enables you to configure QoS for packets as soon as they come into the router. The domain mappings are converted to CoS (the common language) so that the priority marking is carried over.

There are four Ingress modes:

Untrusted mode

Layer 2

Layer 3

Static

Untrusted Mode

Untrusted is the default Ingress page setting for all interfaces. In this mode, no domain mapping is honored in the router. All packets are treated as CoS6 (best effort).

Untrusted mode

Page 59 of 92

User Manual

Layer 2

Layer 2 allows you to map an incoming packet with VLAN priority to CoS. This feature is only configurable on the WAN interfaces as VLAN is only supported on the WAN side in the current software release.

Layer 2

Field

Interface

Class of Service

User Priority

Description

Select the WAN interface here to configure the CoS for incoming traffic. Only WAN interface can be selected as VLAN is currently supported only on the WAN side.

The selections are (in the order of descending priority): CoS1, CoS2, CoS3, CoS4, CoS5, and

CoS6.

The selections are 0, 1, 2, 3, 4, 5, 6, and 7.

To access Ingress Layer 2:

From the Advanced Menu, select QoS > Ingress.

Page 60 of 92

User Manual

Layer 3

The Layer 3 page allows you to map ToS bits of incoming packets from the IP network to CoS for each

WAN/LAN interface.

Layer 3

Field

Interface

Class of Service

ToS

Default Non-IP

Description

For both WAN and LAN interfaces, you can configure QoS for layer 3 (IP) data traffic.

This CoS field allows you to map incoming layer 3 WAN/LAN packets to one of the following CoS

(in the order of descending priority): CoS1, CoS2, CoS3, CoS4, CoS5, and CoS6.

The Type of Service field takes values from 0 to 255.

A static CoS can be assigned to all layer 3 incoming packets (per interface) that do not have an IP header, such as PPP control packets and ARP packets. The default is CoS1 (recommended).

To access Ingress Layer 3:

From the Advanced Menu, select QoS > Ingress.

Page 61 of 92

User Manual

Static

The Ingress - Static page enables you to configure a static CoS for all packets received on a WAN or

LAN interface.

Static

To access Ingress Layer 3:

From the Advanced Menu, select QoS > Ingress.

Page 62 of 92

User Manual

QoS Shaper Configuration

The Shaper Configuration page is accessed by selecting Shaper on the Advanced main page. Three shaper algorithms are supported:

HTB

Low Latency Queue Discipline

PRIOWRR

QoS Shaper Configuration

Note: Egress TCA is required if shaper is configured for that interface.

Field

Interface

Max Rate

HTB Queue

Discipline

Low Latency

Queue Discipline

Description

The selections are WAN/LAN interfaces except WLAN, which does not support Shaper feature.

This field needs to be selected before shaper configuration.

This field is applicable for the HTB Queue Discipline and Low Latency Queue Discipline, both are rate-based shaping algorithms.

The hierarchical token bucket queue discipline is a rate-based shaping algorithm. This algorithm rate shapes the traffic of a class over a specific interface. All CoSx traffic uses a specific rate to which data will be shaped. For example: If CoS1 is configured to 100Kbps then even if 300Kbps of

CoS1 data is being transmitted to the interface only 100Kbps will be sent out.

This is similar to the above algorithm except that CoS1 is not rate limited. So in the example above

CoS1 data is not rate limited to 100Kbps but instead all 300Kbps is transmitted. The side effect is that a misconfigured stream can potentially take all bandwidth.

Page 63 of 92

User Manual

PRIOWRR This is a priority based weighted round robin algorithm operating on CoS2-CoS6. CoS1 queues have the highest priority and are not controlled by the WRR algorithm.

Of the three shaping algorithms available on the Shaper Configuration page, only one can be enabled at a time. An example of each configuration is given as follows.

Example 1: HTB Queue Discipline Enabled

In the example below, HTB Queue Discipline is enabled. The PPPoE1 connection has a total of 300

Kbps of bandwidth, of which 100 Kbps is given to CoS1 and another 100 Kbps is given to CoS2. When there is no CoS1 or CoS2 packet, CoS6 packets have the whole 300 Kbps of bandwidth.

HTB Queue Discipline enabled

Page 64 of 92

User Manual

Example 2: Low Latency Queue Discipline Enabled

In this second example, Low Latency Queue Discipline is enabled. CoS1 is not rate controlled (hence the field is disabled). CoS2 takes 100 Kbps when there are no CoS1 packets. CoS6 has 300 Kbps when there is no CoS1 or CoS2 packets. This is similar to the HTB queue discipline as they are both rate-based algorithm, except that CoS1 is handled differently.

Low Latency Queue Discipline enabled

Page 65 of 92

User Manual

Example 3: PRIOWRR Enabled

In this third example, PRIOWRR is enabled. Since PRIOWRR operates only on the number of packets being transmitted, the max rate field has been disabled. Only percentage can be assigned to the CoS2

- CoS6. CoS1 is not rate controlled (hence the field is not displayed). When there are no CoS1 packets,

CoS2, CoS3, CoS4 each has 10 percent, and CoS6 has 70 percent. This is similarly to the Low Latency

Queue discipline, except that one is packet-based, and the other is rate-based.

PRIOWRR enabled

Page 66 of 92

Policy Routing Configuration

The Policy Routing Configuration enables you to configure policy routing and QoS.

User Manual

Policy Routing Configuration

Field Description

Ingress Inter face The incoming traffic interface for a Policy Routing rule. Selections include LAN interfaces, WAN interfaces, Locally generated (traffic), and not applicable. Examples of Locally generated traffic are: voice packets, packets generated by applications such as DNS, DHCP, etc.

Destination

Interface

DiffServ Code

Point

The outgoing traffic interfaces for a Policy Routing rule. Selections include LAN Interfaces and

WAN interfaces.

The diffServ code point (DSCP) field value ranges from 1 to 255. This field cannot be configured alone, additional fields like IP, Source MAC, and/or Ingress Interface should be configured.

Class of Service

Source IP

Mask

Destination IP

Mask

Protocol

The selections are (in the order of priority): CoS1, CoS2, CoS3, CoS4, CoS5, CoS6, and N/A.

The IP address of the traffic source.

The source IP Netmask. This field is required if the source IP has been entered.

The IP address of the traffic destination.

The Netmask of the destination. This field is required if the destination IP has been entered.

The selections are TCP, UDP, ICMP, Specify, and none. If you choose Specify, you need to enter the protocol number in the box next to the Protocol field. This field cannot be configured alone, additional fields like IP, Source MAC, and/or Ingress Interface should be configured. This field is also required if the source port or destination port has been entered.

Source Port

Destination Port

The source protocol port. You cannot configure this field without entering the protocol first.

The destination protocol port or port range. You cannot configure this field without entering the

Page 67 of 92

User Manual

Source MAC

Local Routing

MAC protocol first.

The MAC address of the traffic source.

This field is enabled only when Locally Generated is selected in the Ingress Interface field. The mark for DNS traffic generated by different applications are described below:

Dynamic DNS: 0xE1

Dynamic Proxy: 0xE2

Web Server: 0xE3

MSNTP: 0xE4

DHCP Server: 0xE5

IP tables Utility: 0xE6

PPP Deamon: 0xE7

IP Route: 0xE8

ATM Library: 0xE9

NET Tools: 0xEA

RIP: 0xEB

RIP v2: 0xEC

UPNP: 0xEE

Busybox Utility: 0xEF

Configuration Manager: 0xF0

DropBear Utility: 0xF1

Voice: 0

Currently routing algorithms make decision based on destination address, i.e. only Destination IP address and subnet mask is supported. The Policy Routing page enables you to route packets on the basis of various fields in the packet.

Page 68 of 92

The following fields can be configured for Policy Routing:

Destination IP address/mask

Source IP address/mask

Source MAC address

Protocol (TCP, UDP, ICMP, etc)

Source port

Destination port

Incoming interface

DSCP

User Manual

Page 69 of 92

User Manual

Routing

Routing options include:

Static Routing

Routing Table

Static Routing

If the router is connected to more than one network, you may need to set up a static route between them. A static route is a pre-defined pathway that network information must travel to reach a specific host or network. You can use static routing to allow different IP domain users to access the Internet through the router.

Static Routing

The New Destination IP is the address of the remote LAN network or host to which you want to assign a static route. Enter the IP address of the host for which you wish to create a static route here. For a standard Class C IP domain, the network address is the first three fields of the New Destination IP, while the last field should be 0. The Subnet Mask identifies which portion of an IP address is the network portion, and which portion is the host portion. For a full Class C Subnet, the Subnet Mask is

255.255.255.0. The Gateway IP address should be the IP address of the gateway device that allows for contact between the Gateway and the remote network or host.

Page 70 of 92

User Manual

Routing Table

Routing Table displays the information used by routers when making packet-forwarding decisions.

Packets are routed according to the packet's destination IP address.

Routing Table

Page 71 of 92

IP Filters

Page 72 of 92

User Manual

Security

Security options include:

IP Filters

LAN Isolation

IP Filters

IP filtering allows you to block specific applications/services based on the IP address of the LAN device.

In this page, you can block specific traffic (for example, block web access) or any traffic from a host on your local network.

A database of predefined IP filters allows you to apply one or more filtering rules to one or more members of a defined LAN group. You can view the rules associated with a predefined filter and add the available rules for a given category. You can also create, edit, or delete your own IP filter rules.

User Manual

To configure IP Filters:

3. Select a LAN IP. If the desired LAN IP is not available in the LAN IP drop-down menu, click

New IP to add an IP.

4. Select Available Rules and then move them into Applied Rules.

To select a rule, select a Category then select an available rule based on the selected

Category. Click View to view the rule settings.

If a rule is not in the list, you can create your own rule. Select User, and then click New. The

Rule Management page opens for you to create new rules. Enter Rule Name, Protocol, Port

Start, Port End, Port Map, and then click Apply.

6. To temporarily implement the changes, click Submit.

7. To make the change permanent, click Save Settings.

Page 73 of 92

User Manual

LAN Isolation

LAN isolation allows you to disable the flow of packets between two LAN groups. This allows you to secure information in private portions of the LAN from other publicly accessible LAN segments.

LAN Isolation

To enable LAN Isolation:

2. Check an option.

3. To temporarily implement the changes, click Submit.

4. To make changes permanent, click Save Settings.

Page 74 of 92

User Manual

Status

This chapter provides information about monitoring the router status and viewing product information.

Your router allows you to view the following status and product information:

Connection Status

System Log

Remote Log

Network Statistics

DHCP Clients

QoS Status

Modem Status

Product Information

Page 75 of 92

User Manual

Connection Status

Connection Status displays the type of protocol, the WAN IP address, the connection state and the duration of your Internet connection. To view the Connection Status from the Advanced Menu, select

Status > Connection Status.

Connection Status

Page 76 of 92

User Manual

System Log

System Log displays the router log. Depending on the severity level, the information log will generate log reports to a remote host if remote logging is enabled. To view the System Log from the Advanced

Menu, select Status > System Log.

System Log

Page 77 of 92

User Manual

Remote Log

Remote Log allows you to forward all logged information to one (or more) remote computer. The type of information forwarded to the remote computer depends on the Log level. Each log message belongs to a certain log level, which indicates the severity of the event.

When you configure remote logging, you must specify a severity level. Log messages that are rated at that level or higher are sent to the log server and can be viewed using the server log application, which can be downloaded from the web.

Remote Log Settings

To enable remote logging:

Page 78 of 92

Panic System panic or other condition that causes the router to stop functioning.

Alert Conditions that require immediate correction, such as a corrupted system database.

Critical Critical conditions such as hard drive errors.

Error Error conditions that generally have less serious consequences than errors in the emergency, alert, and critical levels.

Warning Conditions that warrant monitoring.

Notice (Default) Conditions that are not errors but might warrant special handling.

User Manual

Info Events or non-error conditions of interest.

Debug Software debugging message. Specify this level only when directed by a technical support representative.

5. Click Submit. The IP address will appear in the Select a logging destination drop- down menu.

6. To make changes permanent, click Save Settings.

Note: When you select a log level, all log information within this severity level and levels above

(meaning, more severe levels) will be sent to the remote host.

To disable a remote log:

1. Select the IP address to be deleted from the Select a logging destination drop-down menu.

3. To temporarily implement the changes, click Submit.

4. To make changes permanent, click Save Settings.

Page 79 of 92

DSL

Page 80 of 92

User Manual

Network Statistics

The Ethernet and DSL line statuses are displayed in this page. To view the Network Statistics from the

Advanced Menu, select Status > Network Statistics. There are three categories for Network

Statistics. These include Ethernet and DSL.

Ethernet

User Manual

DHCP Clients

DHCP Clients displays the MAC address, IP address, host name, and lease time. To view the DHCP

Clients from the Advanced Menu, select Status > DHCP Clients. The DHCP Clients are displayed according to LAN Group.

DHCP Clients

Page 81 of 92

User Manual

QoS Status

This page displays the Quality of Service and the packet statistics. To view the QoS Status from the

Advanced Menu, select Status > QoS Status.

QoS Status

Page 82 of 92

User Manual

Modem Status

This page displays the model status. To view the Modem Status from the Advanced Menu, select

Status > Modem Status.

Modem Status

Page 83 of 92

User Manual

Product Information

This page displays the product information and software versions. To view the Product Information from the Advanced Menu, select Status > Product Information.

Product Information

Page 84 of 92

User Manual

Diagnostics

Diagnostic Test is used for investigating whether the router is properly connected to the WAN Network.

This test may take a few seconds to complete. To perform the test, select your connection from the list and click Test. Before running this test, make sure you have a valid DSL link.

Diagnostics

To run diagnostic test:

2. Click Test. The test status will appear after running the diagnostic test. If a test failed, click

Help to get the solution.

Ping Test

Once you have your router configured, it is a good idea to make sure you can ping the network. If you can ping an IP on the WAN side successfully, you should be able to surf the Internet.

To perform a ping test:

3. Change or leave the default settings for the following fields:

IP address to ping

Packet size

Number of echo request

Page 85 of 92

User Manual

The ping results are displayed in the page. If the ping test was successful, it means that the

TCP/IP protocol is up and running. If the Ping test failed, you should restart the router.

Full Modem Test

This test is used to check if your modem is properly connected to the network.

To perform a Full Modem test:

3. Select your connection and then click Test.

Page 86 of 92

User Manual

System Password

Anyone who can access the web interface can be considered an Administrator. To restrict access to the web interface, you need to set the System Password.

System Password

Changing the System Password

To change the System Password:

1. From the Advanced Menu, select System Password. This opens the System Password page.

3. Enter your password.

4. Reenter your password in the Confirm Password text box.

5. To temporarily implement the settings, click Submit.

6. To make changes permanent, click Save Settings.

Note: Remember your account information. If you forget the User Name and System Password, you will need to reset the router to its default settings. To reset, press RESET at the router’s back panel for 10 seconds.

Page 87 of 92

User Manual

Changing the Timeout Settings

To change the timeout settings:

3. Enter the number of minutes in the Idle Timeout text field.

4. To temporarily implement the settings, click Submit.

5. To make changes permanent, click Save Settings.

Page 88 of 92

User Manual

Firmware Upgrade

When updating the firmware, make sure you are using the correct file. Once the upgrade is complete the router will reboot. You will need to log back into the router after the firmware upgrade is completed.

Firmware upgrade

To update the firmware:

1. From the Advanced Menu, select Firmware Upgrade. This opens the Firmware Upgrade page.

3. Click Update Gateway. The update may take a few minutes. Make sure that the power is not turned off during the update process.

Page 89 of 92

User Manual

Save Settings

Select to apply configuration changes permanently.

Restart Router

Select to restart the router.

Restore to Default

Select to reset the router to its factory default settings.

Page 90 of 92

User Manual

Help Menu

To access Help, select the Help Menu. The Help Menu provides documentation for topics that include:

PPP Connection

LAN Configuration

LAN Clients

Firewall

Bridge Filters

UPnP (Universal Plug and Play)

RIP (Routing Information Protocol)

QoS (Quality of Service)

Page 91 of 92

User Manual

Safety Precautions

Do not open, service, or change any component.

Only qualified technical specialists are allowed to service the equipment.

Observe safety precautions to avoid electric shock.

Check voltage before connecting to the power supply. Connecting to the wrong voltage will damage the equipment.

Reminder: Product warranty does not apply to damage caused by lightning, power surges, or wrong voltage usage.

Copyright © 2007. All rights reserved.

No part of this document may be reproduced, republished, or retransmitted in any form or by any means whatsoever, whether electronically or mechanically, including, but not limited to, by way of photocopying, recording, information recording, or through retrieval systems without the express written permission of the owner. Product specifications contained in this document are subject to change without notice. All other company or product names mentioned are used for identification purposes only and may be trademarks of their respective owners.

Page 92 of 92