advertisement
▼
Scroll to page 2
of 96
ESR6650 3G Wireless Router Ultra Speed (IEEE 802.11 b/g) User Manual TABLE OF CONTENTS 1. INTRODUCTION .............................................................................................................................................. 1 1.1. 1.2. 1.3. 1.4. 2. SUMMARY ............................................................................................................................... 1 KEY FEATURES ....................................................................................................................... 2 PACKAGE CONTENTS .............................................................................................................. 3 PRODUCT LAYOUT .................................................................................................................. 4 INSTALLATION ................................................................................................................................................ 6 2.1. 2.2. 2.3. 2.4. 2.5. 2.6. NETWORK + SYSTEM REQUIREMENTS .................................................................................... 6 WALL MOUNTING ................................................................................................................... 6 ESR6650 PLACEMENT ............................................................................................................ 7 SETUP LAN & 3G (WAN) ...................................................................................................... 8 PC NETWORK ADAPTER SETUP (WINDOWS XP)....................................................................... 9 BRING UP ESR6650 .............................................................................................................. 11 3. SMART WIZARD ............................................................................................................................................ 12 4. INITIAL SETUP ESR6650 .............................................................................................................................. 15 5. AP ROUTER MODE ....................................................................................................................................... 17 5.1. 5.2. 5.3. 5.4. 5.5. 5.6. 5.7. 6. SYSTEM ................................................................................................................................ 17 WIZARD ................................................................................................................................ 26 INTERNET .......................................................................................................................... 27 WIRELESS SETTINGS ............................................................................................................. 33 FIREWALL SETTINGS ............................................................................................................. 46 ADVANCED SETTINGS ........................................................................................................... 54 TOOLS SETTINGS ................................................................................................................ 66 REPEATER MODE ......................................................................................................................................... 75 6.1. 6.2. 6.3. SYSTEM ................................................................................................................................ 76 WIRELESS ............................................................................................................................. 81 TOOLS ................................................................................................................................... 84 APPENDIX A – FCC INTERFERENCE STATEMENT ....................................................................................... 92 APPENDIX B – IC INTERFERENCE STATEMENT ........................................................................................... 92 Revision History Version Date Notes 1.0 January 16, 2009 Initial 1. Introduction 1.1. Summary Congratulations on your purchase of ESR6650 3G Wireless Router. ESR6650 is compatible with the most popular 3G standards and 802.11g & 802.11b gadgets. ESR6650 is not only a Wireless Access Point, but also doubles as a 4-port full-duplex Switch that connects your wired-Ethernet devices together at incredible speeds. At 150Mbps wireless transmission rate, Access Point built into the Router uses advanced MIMO (Multi-Input, Multi-Output) technology to transmit multiple steams of data in a single wireless channel giving you seamless access to multimedia content. Robust RF signal travels farther, eliminates dead spots and extends network range. For data protection and privacy, ESR6650 encodes all wireless transmissions with WEP, WPA, and WPA2 encryption. With inbuilt DHCP Server & powerful SPI firewall ESR6650 protects your computers against intruders and most known Internet attacks but provides safe VPN pass-through. With incredible speed and QoS function, ESR6650 is ideal for media-centric applications like streaming video, gaming, and VoIP telephony to run multiple media-intense data streams through the network at the same time, with no degradation in performance. 1 1.2. Key Features Features 3G Data Card Support Advantages Allows user to share 3G network among multiple users. It supports WCDMA (HSDPA), CDMA2000 and TD-SCDMA. Incredible Data Rate up to 150Mbps** Heavy data payloads such as MPEG video streaming IEEE 802.11b/g Compliant Fully Interoperable with IEEE 802.11b / IEEE 802.11g compliant devices with legacy protection Four 10/100 Mbps Fast Switch Ports Scalability, extend your network. (Auto-Crossover) Firewall supports, DMZ, MAC Filter, IP Avoids the attacks of Hackers or Filter, URL Filter, ICMP Blocking, SPI, Viruses from Internet Port Mapping, Port Forwarding, Port Trigger Support 802.1x Authenticator, 802.11i Provide mutual authentication (WPA/WPA2, AES), VPN pass-through (Client and dynamic encryption keys to enhance security WDS (Wireless Distribution System) Make wireless AP and Bridge mode simultaneously as a wireless repeater Multiple SSID Easy management of users of various groups. ** Theoretical wireless signal rate based on IEEE standard of 802.11a, b, g, n chipset used. Actual throughput may vary. Network conditions and environmental factors lower actual throughput rate. All specifications are subject to change without notice. 1.3. Package Contents Open the package carefully, and make sure that none of the items listed below are missing. Do not discard the packing materials, in case of return; the unit must be shipped back in its original package. 1. SOHO Router 2. 100V or 240V Power Adapter 3. 2dBi 2.4GHz SMA Upgradable Antennas x 1 pcs 4. Quick Install Guide 5. CAT 5 UTP Cable 6. CD (User’s Manual) 3 1.4. Product Layout 4 LED Description Power 1 ( On-> red Test/reset default->blink) 3G 1 ( Link-> green on, traffic->blink) WAN 1 ( Link-> blue on, traffic->blink) Internet 1 ( Link-> blue on, traffic->blink) WLAN 1 ( Link-> blue on, traffic->blink) LAN1 1 ( Link-> blue on, traffic->blink) Interface Description Reset Push this button to restart the system Press this button and hold for 10 seconds to reset to default. WPS Push this button once to start WPS. DC IN Power connector, connects to DC 12V Power Adapter LAN1 & 2 Local Area Network (LAN) ports 1 and 2 USB USB socket for 3G data card WAN WAN port for ADSL / Cable Modem 5 2. Installation 2.1. Network + System Requirements To begin using the ESR6650, make sure you meet the following as minimum requirements: PC/Notebook. Operating System – Microsoft Windows 98SE/ME/XP/2000/VISTA 1 Free Ethernet port. WiFi card/USB dongle (802.11b/g/n) – optional. Internet o 3G data card or o ADSL or Cable modem with an Ethernet port (RJ-45). PC with a Web-Browser (Internet Explorer, Safari, Firefox, Opera etc.) Few Ethernet compatible CAT5 cables. 2.2. Wall Mounting You can mount the device on the wall. There are two mounting points on the bottom of the device. Please find a proper spot where two nails can be applied. The distance between the two nails is 89mm. Finally, carefully mount the device onto the wall and make sure the nails are firmly locked on the mount points. 2.3. ESR6650 Placement You can place ESR6650 on a desk or other flat surface, or you can mount it on a wall. For optimal performance, place your Wireless Router in the center of your office (or your home) in a location that is away from any potential source of interference, such as a metal wall or microwave oven. This location must be close to a power connection and your ADSL/Cable modem. If the antennas are not positioned correctly, performance loss can occur. 7 2.4. Setup LAN & 3G (WAN) LAN connection: Connect Ethernet cable between your PC/Notebook LAN port & one of the 2 available LAN ports on ESR6650. 3G connection: Plug-in your 3G data card into USB port if you would like to access Internet through 3G network. Contact your ISP if you have any questions concerning the access account and password. ADSL (Cable Modem): Connect Ethernet cable between WAN ports of your ADSL/CABLE modem & WAN port of ESR6650. Make sure your ADSL/CABLE modem is working well. Contact your ISP if you have any questions concerning the access account and password. 2.5. PC Network Adapter setup (Windows XP) • Enter [Start Menu] select [Control panel] select [Network]. • Select [Local Area Connection]) icon=>select [properties] 9 • Select [Internet Protocol (TCP/IP)] =>Click [Properties]. • Select the [General] tab. ESR6650 supports [DHCP] function, please select both [Obtain an IP address automatically] and [Obtain DNS server address automatically]. 10 2.6. Bring up ESR6650 Connect the supplied power-adapter to the power inlet port and connect it to a wall outlet. Then, ESR6650 automatically enters the self-test phase. During self-test phase, Power LED will blink briefly, and then will be lit continuously to indicate that this product is in normal operation. 3. Smart Wizard Click <Next> to enter mode selection. Select the mode that ESR6650 is going to be and set its configurations. AP Repeater mode does not enable WAN interface, Setup Wizard will skip WAN Configuration. Click <Next> to automatically detect your Internet Network settings. You could choose your service type or select Others to setup WAN configurations manually. Smart Wizard has detected DHCP client. Configure the host name and MAC address of ESR6650. Click Next to proceed. Smart Wizard has finished setting up WAN Configuration. Click <Next> to proceed. 13 Enter the name for your wireless network (SSID) and security key Click <Next> to proceed To apply the entire configuration, click <Reboot>. NOTE: After Wireless settings are applied, you need to connect from your WLAN client with the security settings you just finished configuring. Remember the type of security & security key. 14 4. Initial Setup ESR6650 ESR6650 uses web-interface for configuration to be accessed through your web browser, such as Internet Explorer or Firefox. - LOGIN Procedure 1. OPEN your browser (e.g. Internet Explorer). 2. Type http://192.168.0.1 in address bar and hit [Enter] button on your keyboard. 15 3. Click <OK> to navigate into ESR6650 configuration home page. 4. You will see the home page of ESR6650 as follows. 16 5. AP Router Mode 5.1. System - Status This page allows you to monitor the current status of your router. System: You can see the Uptime, hardware information, serial number as well as firmware version information. WAN Settings: This section displays whether the WAN port is connected to a Cable/DSL connection. It also displays the router’s WAN IP address, Subnet Mask, ISP Gateway, MAC address and the Primary DNS. LAN Settings: This section displays the Router LAN port’s current information. It also shows whether the DHCP Server function is enabled / disabled. WLAN Settings: This section displays the current WLAN configuration settings. Wireless configuration details such as SSID, Security settings, BSSID, Channel number and mode of operation are briefly shown. - LAN The LAN Tabs reveals LAN settings which can be altered at will. If you are an entry level user, try accessing a website from your browser. If you can access website without a glitch, just do not change any of these settings. Click <Apply> at the bottom of this screen to save the changed configurations. 18 LAN IP IP address: 192.168.0.1. It is the router’s LAN IP address (the “Default Gateway” IP address of your LAN clients). It can be changed based on your own choice. IP Subnet Mask: 255.255.255.0 Specify a Subnet Mask for your LAN segment. 802.1d Spanning Tree: This is disabled by default. If 802.1d Spanning Tree function is enabled, this router will use the spanning tree protocol to prevent network loops. DHCP Server DHCP Server: This can enable or disable the Dynamic Pool setting. Lease time: This is the lease time of each assigned IP address. 19 Start IP: This is the beginning of the IP pool for DHCP client hosts. End IP:. This is the end of the IP pool for DHCP client hosts Domain name: The Domain Name for the existing or customized network. 20 - DHCP View the current LAN clients which are assigned with an IP Address by the DHCP-server. This page shows all DHCP clients (LAN PCs) currently connected to your network. The table shows the assigned IP address, MAC address and expiration time for each DHCP leased client. Use the <Refresh> button to update the available information. Hit <Refresh> to get the updated table. You can check “Enable Static DHCP IP“. It is possible to add more static DHCP IPs. They are listed in the table “Current Static DHCP Table“. IP address can be deleted at will. Click <Apply> button to save the changed configuration. - Schedule This page allows users to set up schedule function for Firewall and Power Saving . Edit schedule options to allow configuration of firewall and power savings services. Fill in the schedule and select type of service. Click <Apply> to keep the settings. The schedule table lists the pre-schedule service-runs. You can select any of the schedule record using the check box. 23 - Event Log View operation event log. This page shows the current system log of the Router. It displays any event occurred after system start up. At the bottom of the page, the system log can be saved <Save> to a local file for further processing or the system log can be cleared <Clear> or it can be refreshed <Refresh> to get the most updated information. When the system is powered down, the system log will be cleared if not saved to a local file. - Monitor Show histogram for network connection on WAN, LAN & WLAN. Auto refresh keeps information updated frequently. - Language This Wireless Router support multiple language of web pages, You could select your native language here. 5.2. Wizard Click Wizard to configure the Router. Setup wizard will now be displayed; check that the modem is connected and click <Next>. The details please refer to Smart Wizard <Page 13>. 26 5.3. INTERNET ESR6650 supports both 3G and ADSL for Internet access. Please note that 3G (USB interface) network by default is the preferred Internet option. Therefore, in case you have both 3G and ADSL connection setup, ESR6650 will automatically use 3G for Internet access. Please note that inserting 3G data card will switch off ADSL connection immediately. If you prefer to use ADSL for Internet access, do not insert 3G data card into the USB socket. Your 3G data card may take more than 20 seconds to initiate and respond to ESR6650. Please be patient and pay attention to the 3G LED on the top panel. Green Light on 3G LED signifies that your 3G card is ready. - Status This page shows the current Internet connection type and status - Dynamic IP Use the MAC address when registering for Internet service, and do not change it unless required by your ISP. If your ISP used the MAC address of the Ethernet card as an identifier, connect only the PC with the registered MAC address to the Router and click the <Clone MAC Address> button. This will replace the current MAC address with the already registered Ethernet card MAC address. Host Name: This is optional. MAC address: The default value is set to the WAN’s physical interface of the Router. - Static IP If your ISP Provider has assigned a fixed IP address, enter the assigned IP address, Subnet mask, Default Gateway IP address, and Primary DNS and Secondary DNS (if available) of your ISP provider. - Point-to-Point over Ethernet Protocol (PPPoE) Login / Password: Enter the PPPoE username and password assigned by your ISP Provider. Service Name: This is normally optional. Maximum Transmission Unit (MTU): This is the maximum size of the packets. Type: Enable the Automatic Connection option to automatically re-establish the connection when an application attempts to access the Internet again. Idle Timeout (available only under Automatic Connection): This is a maximum period of time for which the Internet connection is maintained during inactivity. If the connection is inactive for longer than the Maximum Idle Time, it will be dropped. - Point-to-Point Tunneling Protocol (PPTP) PPTP allows the secure connection over the Internet by simply dialing in a local point provided by your ISP provider. The following screen allows client PCs to establish a normal PPTP session and provides hassle-free configuration of the PPTP client on each client PC. Click <Apply> to save configuration and connect to ISP provider. - 3G Network Pin Code: Enter the Pin code required by the ISP. APN Code: Enter APN if ISP requires it. Dial Number: Enter phone number if ISP requires it. User Name: Enter 3G network account / username Password: Enter 3G network account password MTU: Enter the MTU value if required. Authentication Type: Select whether ISP uses PAP or CHAP authentication method. Type: Keep Connection: Keep connection with or without the presence of traffic. Automatic Connection: Connect when traffic is detected. Manual Connection: Connect only on user’s demand (see status) Idle Timeout: Disconnect from 3G network if there’s no traffic in the specified timeout period. Note: You may need 3G account detail and configuration pre-requisite from your local ISP. 5.4. Wireless Settings - Basic In basic setting page, you can set wireless Radio, Mode, Band, SSID, and Channel. Radio: You can turn on/off wireless radio. If wireless Radio is off, you cannot associate with AP through wireless. Mode: In this device, we support three operation modes which are AP router and AP route with WDS. If you choose AP Router Mode, you can select AP or WDS function in the drop-down menu. Band: You can select the wireless standards running on your network environment. 2.4 GHz(B): If all your clients are 802.11b, select this one. 2.4 GHz(N): If all your clients are 802.11n, select this one. 2.4 GHz(B+G): Either 802.11b or 802.11g wireless devices are in your environment. 2.4 GHz(G): If all your clients are 802.11g, select this one. 2.4 GHz(B+G+N): Either 802.11b, 802.11g, or 802.11n wireless devices are in your environment. Enable ESSID: We support 4 multiple SSIDs in this device. Please select how many SSIDs you would like to use in your network environment. ESSID1~4: ESSID is the name of your wireless network. It might be a unique name to identify this wireless device in the Wireless LAN. It is case sensitive and up to 32 printable characters. You might change the default ESSID for added security. Auto Channel: Device will search all valid channels, then select a cleanest channel and change to this channel if you enable this function. Depend on this function is enabled or not, you will see different items below Auto Channel. Channel: If Auto Channel is disabled, you should choose a static channel and AP will use this channel to communicate with other clients. Check Channel Time: If Auto Channel is enabled, you can choose a period from the dropdown menu. AP will change to a clean channel periodically. 34 - WDS with AP Router Wireless Distribution System, a system that enables the wireless interconnection of access point, allows a wireless network to be extended using multiple APs without a wired backbone to link them. Each WDS AP needs same channel and encryption type settings. MAC address 1~4: Please enter the MAC address(es) of the neighboring APs which participate in WDS. There can be maximum of 4 devices now. Set Security: WDS Security depends on your AP security settings. Note: it does not support mixed mode such as WPA-PSK/WPA2-PSK Mixed mode. - Advanced This tab allows you to set the advanced wireless options. You should not change these parameters unless you know what effect the changes will have on the router. Fragment Threshold: This specifies the maximum size of a packet during the fragmentation of data to be transmitted. If you set this value too low, it will result in bad performance. RTS Threshold: When the packet size is smaller than the RTS threshold, the wireless router will not use the RTS/CTS mechanism to send this packet. Beacon Interval: This is the interval of time that this wireless router broadcasts a beacon. A Beacon is used to synchronize the wireless network. DTIM Period: Enter a value between 1 and 255 for the Delivery Traffic Indication Message (DTIM). A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages. 36 Data Rate: The “Data Rate” is the rate that this access point uses to transmit data packets. The access point will use the highest possible selected transmission rate to transmit the data packets. N Data Rate: The “Data Rate” is the rate that this access point uses to transmit data packets for N compliant wireless nodes. Highest to lowest data rate can be fixed. Channel Bandwidth: This is the range of frequencies that will be used. Preamble Type: The “Long Preamble” can provide better wireless LAN compatibility while the “Short Preamble” can provide better wireless LAN performance. CTS Protection: It is recommended to enable the protection mechanism. This mechanism can decrease the rate of data collision between 802.11b and 802.11g wireless stations. When the protection mode is enabled, the throughput of the AP will be a little lower due to a lot of frame-network that is transmitted. TX Power: This can be set to a bare minimum or maximum power. 37 - Security This Access Point provides complete wireless LAN security functions, included are WEP, IEEE 802.1x, IEEE 802.1x with WEP, WPA with pre-shared key and WPA with RADIUS. With these security functions, you can prevent your wireless LAN from illegal access. Please make sure your wireless stations use the same security function, and are setup with the same security key. ESSID Selection: This Router support multiple ESSID, you could select and set up the wanted ESSID. Broadcast ESSID: If you enabled “Broadcast ESSID”, every wireless station located within the coverage of this AP can discover this AP easily. If you are building a public wireless network, enabling this feature is recommended. Disabling “Broadcast ESSID” can provide better security. WMM: Wi-Fi MultiMedia if enabled supports QoS for experiencing better audio, video and voice in applications. Encryption: When you choose to disable encryption, it is very insecure to operate ESR6650. Enable 802.1x Authentication IEEE 802.1x is an authentication protocol. Every user must use a valid account to login to this Access Point before accessing the wireless LAN. The authentication is processed by a RADIUS server. This mode only authenticates users by IEEE 802.1x, but it does not encrypt the data during communication. WEP Encryption When you select 64-bit or 128-bit WEP key, you have to enter WEP keys to encrypt data. You can generate the key by yourself and enter it. You can enter four WEP keys and select one of them as a default key. Then AP can receive any packet encrypted by one of the four keys. 39 Authentication Type: There are two authentication types: "Open System" and "Shared Key". Both AP and wireless client must be configured with the same authentication type. Key Length: You can select the WEP key length for encryption, 64-bit or 128-bit. The larger the key will be the higher level of security is used, but the throughput will be lower. Key Type: You may select ASCII Characters (alphanumeric format) or Hexadecimal Digits (in the "A-F", "a-f" and "0-9" range) to be the WEP Key. Default Key: It’s the key used to encrypt data. Key1 - Key4: The WEP keys are used to encrypt data transmitted in the wireless network. Use the following rules to setup a WEP key on the device. 64-bit WEP: input 10-digits Hex values (in the "A-F", "a-f" and "0-9" range) or 5-digit ASCII character as the encryption keys. 128-bit WEP: input 26-digit Hex values (in the "A-F", "a-f" and "0-9" range) or 13-digit ASCII characters as the encryption keys. Click <Apply> at the bottom of the screen to save the above configurations. WPA Pre-Shared Key Encryption Wi-Fi Protected Access (WPA) is an advanced security standard. You can use a preshared key to authenticate wireless stations and encrypt data during communication. It uses TKIP or CCMP (AES) to change the encryption key frequently. So the encryption key is not easy to be cracked by hackers. This is the best security available. 40 WPA-Radius Encryption Wi-Fi Protected Access (WPA) is an advanced security standard. You can use an external RADIUS server to authenticate wireless stations and provide the session key to encrypt data during communication. It uses TKIP or CCMP (AES) to change the encryption key frequently. Press <Apply> button when you are done. 41 - MAC Address Filtering This wireless router supports MAC Address Control, which prevents unauthorized clients from accessing your wireless network. Enable wireless access control: Enable the wireless access control function Adding an address into the list Enter the "MAC Address" and "Description" of the wireless station to be added and then click <Add>. The wireless station will now be added into the "MAC Address Filtering Table" below. If you are having any difficulties filling in the fields, just click "Reset" and both "MAC Address" and "Description" fields will be cleared. Remove an address from the list If you want to remove a MAC address from the "MAC Address Filtering Table", select the MAC address that you want to remove in the list and then click "Delete Selected". If you want to remove all the MAC addresses from the list, just click the <Delete All> button. Click <Reset> will clear your current selections. Click <Apply> at the bottom of the screen to save the above configurations. - Wi-Fi Protected Setup (WPS) 42 WPS is the simplest way to establish a connection between the wireless clients and the wireless router. You don’t have to select the encryption mode and fill in a long encryption passphrase every time when you try to setup a wireless connection. You only need to press a button on both wireless client and wireless router, and the WPS will do the rest for you. The wireless router supports two types of WPS: WPS via Push Button and WPS via PIN code. If you want to use the Push Button, you have to push a specific button on the wireless client or in the utility of the wireless client to start the WPS mode, and switch the wireless router to WPS mode. You can simply push the WPS button of the wireless router, or click the ‘Start to Process’ button in the web configuration interface. If you want to use the PIN code, you have to know the PIN code of the wireless client and switch it to WPS mode, then fill-in the PIN code of the wireless client through the web configuration interface of the wireless router. WPS: Check the box to enable WPS function and uncheck it to disable the WPS function. WPS Current Status: If the wireless security (encryption) function of this wireless router is properly set, you’ll see a ‘Configured’ message here. Otherwise, you’ll see ‘UnConfigured’. Self Pin Code: This is the WPS PIN code of the wireless router. You may need this information when connecting to other WPS-enabled wireless devices. SSID: This is the network broadcast name (SSID) of the router. 43 Authentication Mode: It shows the active authentication mode for the wireless connection. Passphrase Key: It shows the passphrase key that is randomly generated by the wireless router during the WPS process. You may need this information when using a device which doesn’t support WPS. Interface: If device is set to repeater mode, you can choose “Client” interface to connect with other AP by using WPS, otherwise you may choose “AP” interface to do WPS with other clients. WPS via Push Button: Press the button to start the WPS process. The router will wait for the WPS request from the wireless devices within 2 minutes. WPS via PIN: You can fill-in the PIN code of the wireless device and press the button to start the WPS process. The router will wait for the WPS request from the wireless device within 2 minutes. 44 - Client List This WLAN Client Table shows the Wireless client associate to this Wireless Router. - Policy The Router can allow you to set up the Wireless Access Policy. WAN Connection: Allow Wireless Client on specific SSID to access WAN port. Communication between Wireless clients: Allow Wireless Client to communicate with other Wireless Client on specific SSID. Communication between Wireless clients and wired clients: Allow Wireless Client to communicate with other Wireless Client on specific SSID and Wired Client on the switch. Or Wireless Client will allow to access WAN port only 5.5. Firewall Settings The Router provides extensive firewall protection by restricting connection parameters, thus limiting the risk of hacker attacks, and defending against a wide array of common Internet attacks. However, for applications that require unrestricted access to the Internet, you can configure a specific client/server as a Demilitarized Zone (DMZ). Note: To enable the Firewall settings select Enable and click Apply - Advanced You can allow the VPN packets to pass through this Router. - Demilitarized Zone (DMZ) If you have a client PC that cannot run an Internet application (e.g. Games) properly behind the NAT firewall, then you can open up the firewall restrictions to unrestricted twoway Internet access by defining a DMZ Host. The DMZ function allows you to re-direct all packets going to your WAN port IP address to a particular IP address in your LAN. The difference between the virtual server and the DMZ function is that the virtual server re-directs a particular service/Internet application (e.g. FTP, websites) to a particular LAN client/server, whereas DMZ re-directs all packets (regardless of services) from your WAN IP address to a particular LAN client/server. Enable DMZ: Enable/disable DMZ LAN IP Address: Fill-in the IP address of a particular host in your LAN Network or select a PC from the list on the right that will receive all the packets originally from the WAN port/Public IP address. Click <Apply> at the bottom of the screen to save the above configurations. 47 - Denial of Service (DoS) The Router's firewall can block common hacker attacks, including Denial of Service, Ping of Death, Port Scan and Sync Flood. If Internet attacks occur the router can log the events. Ping of Death: Protections from Ping of Death attack. Discard Ping From WAN: The router’s WAN port will not respond to any Ping requests Port Scan: Protects the router from Port Scans. Sync Flood: Protects the router from Sync Flood attack. - MAC Filter If you want to restrict users from accessing certain Internet applications / services (e.g. Internet websites, email, FTP etc.), and then this is the place to set that configuration. MAC Filter allows users to define the traffic type permitted in your LAN. You can control which PC client can have access to these services. Enable MAC Filtering: Check to enable or disable MAC Filtering. Deny: If you select “Deny” then all clients will be allowed to access Internet except the clients in the list below. Allow: If you select “Allow” then all clients will be denied to access Internet except the PCs in the list below. 49 Add PC MAC Address Fill in “LAN MAC Address” and <Description> of the PC that is allowed / denied to access the Internet, and then click <Add>. If you find any typo before adding it and want to retype again, just click <Reset> and the fields will be cleared. Remove PC MAC Address If you want to remove some PC from the "MAC Filtering Table", select the PC you want to remove in the table and then click <Delete Selected>. If you want to remove all PCs from the table, just click the <Delete All> button. If you want to clear the selection and re-select again, just click <Reset>. Click <Apply> at the bottom of the screen to save the above configurations. 50 - IP Filter Enable IP Filtering: Check to enable or uncheck to disable IP Filtering. Deny: If you select “Deny” then all clients will be allowed to access Internet except for the clients in the list below. Allow: If you select “Allow” then all clients will be denied to access Internet except for the PCs in the list below. Add PC IP Address You can click <Add> PC to add an access control rule for users by an IP address or IP address range. Remove PC IP Address If you want to remove some PC IP from the <IP Filtering Table>, select the PC you want to remove in the table and then click <Delete Selected>. If you want to remove all PCs from the table, just click the <Delete All> button. Click <Apply> at the bottom of the screen to save the above configurations. 51 - URL Filter You can block access to some Web sites from particular PCs by entering a full URL address or just keywords of the Web site. Enable URL Blocking: Enable or disable URL Blocking Add URL Keyword Fill in “URL/Keyword” and then click <Add>. You can enter the full URL address or the keyword of the web site you want to block. If you happen to make a mistake and want to retype again, just click "Reset" and the field will be cleared. 52 Remove URL Keyword If you want to remove some URL keywords from the "Current URL Blocking Table", select the URL keyword you want to remove in the table and then click <Delete Selected>. If you want remove all URL keywords from the table, click <Delete All> button. If you want to clear the selection and re-select again, just click <Reset>. Click <Apply> at the bottom of the screen to save the above configurations 53 5.6. Advanced Settings - Network Address Translation (NAT) Network Address Translation (NAT) allows multiple users at your local site to access the Internet through a single Public IP Address or multiple Public IP Addresses. NAT provides Firewall protection from hacker attacks and has the flexibility to allow you to map Private IP Addresses to Public IP Addresses for key services such as Websites and FTP. Select Disable to disable the NAT function. - Port Mapping Port Mapping allows you to re-direct a particular range of service port numbers (from the Internet / WAN Port) to a particular LAN IP address. It helps you to host servers behind the router NAT firewall. 54 Enable Port Mapping: Enable or disable port mapping function. Description: description of this setting. Local IP: This is the local IP of the server behind the NAT firewall. Protocol: This is the protocol type to be forwarded. You can choose to forward “TCP” or “UDP” packets only, or select “BOTH” to forward both “TCP” and “UDP” packets. Port Range: The range of ports to be forward to the private IP. Add Port Mapping Fill in the "Local IP", “Protocol”, “Port Range” and "Description" of the setting to be added and then click "Add". Then this Port Mapping setting will be added into the "Current Port Mapping Table" below. If you find any typo before adding it and want to retype again, just click <Reset> and the fields will be cleared. Remove Port Mapping 55 If you want to remove a Port Mapping setting from the "Current Port Mapping Table", select the Port Mapping setting that you want to remove in the table and then click D<Delete Selected>. If you want to remove all Port Mapping settings from the table, click <Delete All> button. Click <Reset> will clear your current selections. Click <Apply> at the bottom of the screen to save the above configurations. - Port Forwarding (Virtual Server) Use the Port Forwarding (Virtual Server) function when you want different servers/clients in your LAN to handle different service/Internet application type (e.g. Email, FTP, Web server etc.) from the Internet. Computers use numbers called port numbers to recognize a particular service/Internet application type. The Virtual Server allows you to re-direct a particular service port number (from the Internet/WAN Port) to a particular LAN private IP address (See Glossary for an explanation on Port number). 56 Enable Port Forwarding: Enable or disable Port Forwarding. Description: The description of this setting. Local IP / Local Port: This is the LAN Client/Host IP address and Port number that the Public Port number packet will be sent to. Protocol: Select the port number protocol type (TCP, UDP or both). If you are unsure, then leave it to the default “both” setting. Public Port enters the service (service/Internet application) port number from the Internet that will be re-directed to the above Private IP address host in your LAN Network. Public Port: Port number will be changed to Local Port when the packet enters your LAN Network. Add Port Forwarding Fill in the "Description" , "Local IP", "Local Port", "Protocol" and “Public Port” of the setting to be added and then click <Add> button. Then this Virtual Server setting will be added into the "Current Port Forwarding Table" below. If you find any typo before adding it and want to retype again, just click <Reset> and the fields will be cleared. Remove Port Forwarding If you want to remove Port Forwarding settings from the "Current Port Forwarding Table", select the Port Forwarding settings you want to remove in the table and then click "Delete Selected". If you want to remove all Port Forwarding settings from the table, just click the <Delete All> button. Click <Reset> will clear your current selections. Click <Apply> at the bottom of the screen to save the above configurations. 57 - Port Triggering (Special Applications) Some applications require multiple connections, such as Internet games, video Conferencing, Internet telephony and others. In this section you can configure the router to support multiple connections for these types of applications. Enable Trigger Port: Enable or disable the Port Trigger function. Trigger Port: This is the outgoing (Outbound) range of port numbers for this particular application. Trigger Type: Select whether the outbound port protocol is “TCP”, “UDP” or “BOTH”. Public Port: Enter the In-coming (Inbound) port or port range for this type of application (e.g. 2300-2400, 47624) Public Type: Select the Inbound port protocol type: “TCP”, “UDP” or “BOTH” Popular Applications: This section lists the more popular applications that require multiple connections. Select an application from the Popular Applications selection. Once you have selected an application, select a location 58 (1-5) in the “Add” selection box and then click the <Add> button. This will automatically list the Public Ports required for this popular application in the location (1-5) you specified. Add Port Triggering Fill in the "Trigger Port", "Trigger Type”, “Public Port”, "Public Type", "Public Port" and "Description" of the setting to be added and then Click <Add>. The Port Triggering setting will be added into the "Current Trigger-Port Table" below. If you happen to make a mistake, just click <Reset> and the fields will be cleared. Remove Port Triggering If you want to remove Special Application settings from the "Current Trigger-Port Table", select the Port Triggering settings you want to remove in the table and then click <Delete Selected>. If you want remove all Port Triggering settings from the table, just click the <Delete All> button. Click <Reset> will clear your current selections. - Application Layer Gateway (ALG) You can select applications that need ALG support. The router will let the selected application to correctly pass through the NAT gateway. 59 - UPNP With UPnP, all PCs in you Intranet will discover this router automatically. So, you don’t have to configure your PC and it can easily access the Internet through this router. Enable/Disable UPnP: You can enable or Disable the UPnP feature here. After you enable the UPnP feature, all client systems that support UPnP, like Windows XP, can discover this router automatically and access the Internet through this router without having to configure anything. The NAT Traversal function provided by UPnP can let applications that support UPnP connect to the internet without having to configure the virtual server sections. 60 61 - Quality of Service (QoS) QoS can let you classify Internet application traffic by source/destination IP address and port number. You can assign priority for each type of application and reserve bandwidth for it. The packets of applications with higher priority will always go first. Lower priority applications will get bandwidth after higher priority applications get enough bandwidth. This can let you have a better experience in using critical real time services like Internet phone, video conference …etc. All the applications not specified by you are classified as rule “Others”. Priority Queue This can put the packets of specific protocols in High/Low Queue. The packets in High Queue will process first. Unlimited Priority Queue: The LAN IP address will not be bounded in the QoS limitation. High/Low Priority Queue: This can put the packets in the protocol and port range to High/Low QoS Queue. Bandwidth Allocation: This can reserve / limit the throughput of specific protocols and port range. You can set the upper bound and Lower bound. Type: Specify the direction of packets. Upload, download or both. IP range: Specify the IP address range. You could also fill one IP address Protocol: Specify the packet type. The default ALL will put all packets in the QoS priority Queue. Port range: Specify the Port range. You could also fill one Port. 63 Policy: Specify the policy the QoS, Min option will reserve the selected data rate in QoS queue. Max option will limit the selected data rate in QoS queue. Rate: The data rate of QoS queue. Disabled: This could turn off QoS feature. 64 - Routing You can set enable Static Routing to let the router forward packets by your routing policy. Destination LAN IP: Specify the destination LAN IP address of static routing rule. Subnet Mask: Specify the Subnet Mask of static routing rule. Default Gateway: Specify the default gateway of static routing rule. Hops: Specify the Max Hops number of static routing rule. Interface: Specify the Interface of static routing rule. 5.7. TOOLS Settings - Admin You can change the password required to log into the Router's system web-based management. By default, the password is: admin. Passwords can contain 0 to 12 alphanumeric characters, and are case sensitive. Old Password: Fill in the current password to allow changing to a new password. New Password: Enter your new password and type it again in Repeat New Password for verification purposes Remote management This allows you to designate a host in the Internet the ability to configure the Router from a remote site. Enter the designated host IP Address in the Host IP Address field. Host Address: This is the IP address of the host in the Internet that will have management/configuration access to the Router from a remote site. If the Host Address is left 0.0.0.0 this means anyone can access the router’s web-based configuration from a remote location, providing they know the password. Port: The port number of the remote management web interface. Enabled: Check to enable the remote management function. Click <Apply> at the bottom of the screen to save the above configurations. - Time 67 The Time Zone allows your router to reference or base its time on the settings configured here, which will affect functions such as Log entries and Firewall settings. Time Setup: Synchronize with the NTP server Time Zone: Select the time zone of the country you are currently in. The router will set its time based on your selection. NTP Time Server: The router can set up external NTP Time Server. Daylight Savings: The router can also take Daylight Savings into account. If you wish to use this function, you must select the Daylight Savings Time period and check/tick the enable box to enable your daylight saving configuration. Click <Apply> at the bottom of the screen to save the above configurations. Synchronize with PC You could synchronize timer with your Local PC time. 68 PC Date and Time: This field would display the PC date and time. Daylight Savings: The router can also take Daylight Savings into account. If you wish to use this function, you must select the Daylight Savings Time period and check/tick the enable box to enable your daylight saving configuration. Click <Apply> at the bottom of the screen to save the above configurations. 69 - DDNS DDNS allows you to map the static domain name to a dynamic IP address. You must get an account, password and your static domain name from the DDNS service providers. This router supports DynDNS, TZO and other common DDNS service providers. Enable/Disable DDNS: Enable or disable the DDNS function of this router Server Address: Select a DDNS service provider Host Name: Fill in your static domain name that uses DDNS. Username: The account that your DDNS service provider assigned to you. Password: The password you set for the DDNS service account above Click <Apply> at the bottom of the screen to save the above configurations. - Power Saving power in WLAN mode can be enabled / disabled in this page. - Diagnosis This page could let you diagnosis your current network status. - Firmware This page allows you to upgrade the router’s firmware. To upgrade the firmware of your Router, you need to download the firmware file to your local hard disk, and enter that file name and path in the appropriate field on this page. You can also use the Browse button to find the firmware file on your PC. Once you’ve selected the new firmware file, click <Apply> at the bottom of the screen to start the upgrade process - Back-up This page allows you to save the current router configurations. When you save the configurations, you also can re-load the saved configurations into the router through the Restore Settings. If extreme problems occur you can use the Restore to Factory Defaults to set all configurations to its original default settings. Backup Settings: This can save the Router current configuration to a file named "config.bin" on your PC. You can also use the <Upload> button to restore the saved configuration to the Router. Alternatively, you can use the "Restore to Factory Defaults" tool to force the Router to perform a power reset and restore the original factory settings. - Reset You can reset the Router when system stops responding correctly or stop functions. 6. Repeater Mode Repeater mode has limited settings compared to the AP mode. Choose “Repeater mode” on the top right corner of the configuration page. System restarts and connects to the IP address http://192.168..0.1 You will see the configuration homepage under “REPEATER” mode now. 75 6.1. System - Status System status section allows you to monitor the current status of your router. You can see the Uptime, hardware information, serial number as well as firmware version information. LAN Settings: This page displays the Router LAN port’s current LAN & WLAN information. WLAN Settings: Wireless configuration details such as SSID, Security settings, BSSID, Channel number, mode of operation are briefly shown. - LAN The LAN Tabs reveals LAN settings which can be altered at will. If you are an entry level user, try accessing a website from your browser. If you can access website without a glitch, just do not change any of these settings. Click <Apply> at the bottom of this screen to save the changed configurations. IP address: It is the router’s LAN IP address (Your LAN clients default gateway IP address). It can be changed based on your own choice. IP Subnet Mask: Specify a Subnet Mask for your LAN segment. 802.1d Spanning Tree: This is disabled by default. If 802.1d Spanning Tree function is enabled, this router will use the spanning tree protocol to prevent network loops. - Schedule Add schedule, edit schedule options allow configuration of power savings services. Fill in the schedule and select type of service. Click <Apply> to implement the settings. 77 The schedule table lists the pre-schedule service-runs. You can select any of them using the check box. 78 - Event Log View operation log of ESR6650. This page shows the current system log of the Router. It displays any event occurred after system start up. At the bottom of the page, the system log can be saved <Save> to a local file for further processing or the system log can be cleared <Clear> or it can be refreshed <Refresh> to get the most updated information. When the system is powered down, the system log will disappear if not saved to a local file. - Monitor 79 Show the network packets histogram for network connection on WAN, LAN & WLAN. Auto refresh keeps information updated frequently. - Language This Wireless Router support multiple language of web pages, you could select your native language here. 80 6.2. Wireless -Basic You can set parameters that are used for the wireless stations to connect to this router. The parameters include Mode, ESSID, Channel Number and Associated Client. Radio: Enable or Disable Wireless function Band: Allows you to set the AP fixed at 802.11b, 802.11g or 802.11n mode. You can also select B+G mode to allow 802.11b and 802.11g clients at the same time. Enable ESSID: You can specify the maximum ESSID number. ESSID1~3: Allow you to specify ESSID of WLAN. Site Survey: You can scan the current Wireless Access Point and connect on it. -Client List This WLAN Client Table shows the Wireless client associate to this Wireless Router. -Policy 82 The Router can allow you to set up the Wireless Access Policy. Communication between Wireless clients: Allow Wireless Client to communicate with other Wireless Client on specific SSID. Communication between Wireless clients and wired clients: Allow Wireless Client to communicate with other Wireless Client on specific SSID and Wired Client on the switch. 83 6.3. Tools - Admin You can change the password required to log into the Router's system web-based management. By default, the password is: admin. Passwords can contain 0 to 12 alphanumeric characters, and are case sensitive. Old Password: Fill in the current password to allow changing to a new password. New Password: Enter your new password and in Repeat New Password for verification purposes Click <Apply> at the bottom of the screen to save the above configurations Remote management This allows you to designate a host in the Internet the ability to configure the Router from a remote site. Enter the designated host IP Address in the Host IP Address field. Host Address: This is the IP address of the host in the Internet that will have management/configuration access to the Router from a remote site. If the Host Address is left 0.0.0.0 this means anyone can access the router’s web-based configuration from a remote location, providing they know the password. Port: The port number of the remote management web interface. Enabled: Check to enable the remote management function. Click <Apply> at the bottom of the screen to save the above configurations. - Time 85 The Time Zone allows your router to reference or base its time on the settings configured here, which will affect functions such as Event Log entries and Schedule settings. Time Setup: Synchronize with the NTP server Time Zone: Select the time zone of the country you are currently in. The router will set its time based on your selection. NTP Time Server: This accept local the IP Address of Local NTP Time Server Address. Daylight Savings: The router can also take Daylight Savings into account. If you wish to use this function, you must select the Daylight Savings Time period and check/tick the enable box to enable your daylight saving configuration. Click <Apply> at the bottom of the screen to save the above configurations Synchronize with PC You could synchronize timer with your Local PC time. 86 PC Date and Time: This field would display the PC date and time. Daylight Savings: The router can also take Daylight Savings into account. If you wish to use this function, you must select the Daylight Savings Time period and check/tick the enable box to enable your daylight saving configuration. Click <Apply> at the bottom of the screen to save the above configurations. - Power Saving power in WLAN mode can be enabled / disabled in this page. 87 - Diagnosis This page could let you diagnosis your current network status. - Firmware This page allows you to upgrade the router’s firmware. To upgrade the firmware of your Router, you need to download the firmware file to your local hard disk, and enter that file name and path in the appropriate field on this page. You can also use the Browse button to find the firmware file on your PC. 88 Once you’ve selected the new firmware file, click <Apply> at the bottom of the screen to start the upgrade process 89 - Back-up The page allows you to save (Backup) the router’s current configuration settings. When you save the configuration setting (Backup) you can re-load the saved configuration into the router through the Restore selection. If extreme problems occur you can use the Restore to Factory Defaults selection, this will set all configurations to its original default settings (e.g. when you first purchased the router). Backup Settings: This can save the Router current configuration to a file named "config.bin" on your PC. You can also use the <Upload> button to restore the saved configuration to the Router. Alternatively, you can use the "Restore to Factory Defaults" to force the Router to perform a power reset and restore the original factory settings. - Reset You can reset the Router when system stops responding correctly or stop functions. 90 91 Appendix A – FCC Interference Statement Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures: Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. IMPORTANT NOTE: FCC Radiation Exposure Statement: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. We declare that the product is limited in CH1~CH11 by specified firmware controlled in the USA. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. Appendix B – IC Interference Statement Industry Canada statement: 92 This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. IMPORTANT NOTE: Radiation Exposure Statement: This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. This device has been designed to operate with an antenna having a maximum gain of 2 dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada. The required antenna impedance is 50 ohms. 93
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
Download PDF
advertisement