Home

Pepwave MAX User Manual

image

Contents

1. Pepwave MAX and Surf User Manual Wi Fi WAN settings can be configured at Advanced gt Wi Fi Settings or Advanced gt Wi Fi WAN or some models channel width at Rate Output Power Max v Wi Fi WAN Settings Available options are 20 40 MHz and 20 MHz Default is 20 40 MHz which allows both Channel Width widths to be used simultaneously Bit Rate This option allows you to select a specific bit rate for data transfer over the device s Wi Fi network By default Auto is selected This option is for specifying the transmission output power for the Wi Fi AP There are 4 relative power levels available Max High Mid and Low The actual output power Output Power will be bound by the regulatory limits of the selected country Note that selecting the Boost option may cause the MAX s radio output to exceed local regulatory limits Pepwave MAX and Surf User Manual 11 MediaFast Configuration MediaFast settings can be configured from the Network menu 11 1 Setting Up MediaFast Content Caching To access MediaFast content caching settings select Advanced gt Cache Control Cache Control Cache all Whitelist Blacklist ted com Video Audio Images OS Application Updates Cache Control Settings Domain Choose to Cache on all domains or enter domain names and then choose either Cache the specified domains only or Do not cache the specified domains Check these boxes to cache the l
2. 2012 02 28 7 MB 18 MB 25 MB 2012 02 27 32 MB 166 MB 198 MB 2012 02 26 8 MB 20 MB 28 MB 2012 02 25 8 MB 20 MB 28 MB 2012 02 24 11 MB 23 MB 34 MB 2012 02 23 24 MB 36 MB 60 MB 2012 02 22 25 MB 43 MB 68 MB 2012 02 21 25 MB 40 MB 65 MB 2012 02 20 17 MB 36 MB 53 MB 2012 02 19 6 MB 3 MB 9 MB 2012 02 18 6 MB 3 MB 9 MB ala ke Ma te M ir 77 MR 72 MR 150 MR All WAN Daily Bandwidth Usage Pepwave MAX and Surf User Manual 21 8 4 Monthly This page shows the monthly bandwidth usage for each WAN connection If you have enabled the Bandwidth Monitoring feature you can check the usage of each particular connection and view the information by Billing Cycle or by Calendar Month Click the first two rows to view the client bandwidth usage in the last two months This feature is not available if you have chosen to view the bandwidth of an individual WAN connection The scale of the graph can be set to display megabytes MB or gigabytes GB Connection All WAN H Scale 2 MB GB 20000 MB BB Download N Upload NA Total 10000 MB D Lee 2010 05 2010 06 2010 07 2010 08 2010 09 2010 10 2010 11 2010 12 2011 01 2011 01 01 to now 1 367 MB 1 081 MB 2010 12 01 to 2010 12 31 4059 MB 3 408 MB 2010 11 01 to 2010 11 30 4792 MB 4952 MB Download Upload 10 10 10 103 LAN Client 1 54 MB 1 412 51 MB 1 414 05 MB 192 168 50 150 LAN Client 490 46 MB 20 87 MB 511 33 MB 59 115 100 40 LAN Client 0 00 MB 141 63 MB 141 63 MB 203 186 47 43 LA
3. Pepwave MAX and Surf User Manual 12 2 The Pepwave Router Behind a NAT Router Pepwave routers support establishing SoeedFusion over WAN connections which are behind a NAT network address translation router To enable a WAN connection behind a NAT router to accept VPN connections you can configure the NAT router in front of the WAN connection to inbound port forward TCP port 32015 to the Pepwave router lf one or more WAN connections on Unit A can accept VPN connections by means of port forwarding or not while none of the WAN connections on the peer Unit B can do SO you should enter all of Unit A s public IP addresses or hostnames into Unit B s Remote IP Addresses Host Names field Leave the field in Unit A blank With this setting a SoeedFusion connection can be set up and all WAN connections on both sides will be utilized see the following diagram for an example of this setup in use pd ter 192 168 1 x my ee whe Router A One of the WANs connected to Router A is non NAT d 212 1 1 1 The rest of the WANs connected to Router A and all WANs connected to Router B are NAT d In this case the Peer IP Addresses Host Names field for Router B should be filled with all of Router As hostnames or public IP addresses i e 212 1 1 1 212 2 2 2 and 212 3 3 3 and the field in Router A can be left blank The two NAT routers on WAN1 and WAN3 connected to Router A should inbound port forward TCP port 32015 to Route
4. foobar com will match this criterion You may enter a wildcard at the end of a domain name to match any host with a name having the domain name in the middle If you enter foobar for example www foobar com www foobar co jp or foobar co uk will also match Placing wildcards in any other position is not supported NOTE if a server has one Internet IP address and multiple server names and if one of the names is defined here accesses to any one of the server names will also match this rule Protocol and Port This setting specifies the IP protocol and port of traffic that matches this rule Pepwave MAX and Surf User Manual This setting specifies the behavior of the Pepwave router for the custom rule One of the following values can be selected note that some Pepwave routers provide only some of these options Algorithm Weighted Balance Persistence Enforced Priority Overflow Least Used Lowest Latency The upcoming sections detail the listed algorithms This setting specifies whether to terminate existing IP sessions on a less preferred WAN connection in the event that a more preferred WAN connection is recovered This setting is Terminate applicable to the Weighted Persistence and Priority algorithms By default this setting is Sessions on Link disabled In this case existing IP sessions will not be terminated or affected when any other Recovery WAN connection is recovered When this setting is enabled ex
5. Name Password The parameter values are determined by and can be obtained from the ISP Confirm PPPoE Verify your password by entering it again in this field Password Service Name Service name is provided by the ISP Optional Note Leave this field blank unless it is provided by your ISP IP Address If your ISP provides a PPPoE IP address enter it here Optional Note Leave this field blank unless it is provided by your ISP Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results DNS Servers in the DNS servers being assigned by the WAN DHCP server to be used for outbound DNS lookups over the connection The DNS servers are obtained along with the WAN IP address assigned from the DHCP server When Use the following DNS server address es is selected you may enter custom DNS server addresses for this WAN Pepwave MAX and Surf User Manual connection into the DNS Server 1 and DNS Server 2 fields 9 1 4 L2TP Connection L2TP has all the compatibility and convenience of PPTP with greater security Combine this with IPsec for a good balance between ease of use and security Obtain DNS server address automatically 10 88 3 1 Use the following DNS server address es DNS Server 1 DNS Server 2 L2TP Settings L2TP User a mae Ent
6. OFF Port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 10 MAX BR1 2 IP55 4 10 1 Panel Appearance a Screw Holes Built In Software p__ for Wall Mounting Selectable 10dBi screws not included MIMO Directional and 4dBi Omni Wi Fi antennas Accessory Wall Pole Mount with Ball Joint for IP55 Outdoor Products SIM slots Flexible ball joint allows for high precision installation 2x 10 100M 1x 10 100M Ethernet LAN Ethernet WAN PoE Input To connect to 2 x SMA Cellular Antenna Connectors optional MAX BR1 IP55 BR 2 IP55 Requires 48V Pepwave Passive PoE input Available separately Available separately 4 10 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking Boot up error red Green Ready Pepwave MAX and Surf User Manual Wi Fi Indicators OFF Disabled Intermittent Wi Fi Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic OFF Disabled or no SIM card inserted Geluk ON Connecting or connected to network s ON 100 Mbps Green LED OFF 10 Mbps ON Port is connected without traffic Orange LED Blinking Data is transferring OFF Port is not connected Por
7. 1 1 Panel Appearance RP SMA Wi Fi RP SMA Wi Fi Antenna Connectors 4x 100 1000M Antenna Connectors for Wi Fi AP Ethernet LAN for Wi Fi WAN USB 2x 100 1000M 10V 30V DC WAN Port Ethernet WAN Terminal Block 10V 30V DC 3x USB Connector WAN Interfaces Pepwave MAX and Surf User Manual 4 1 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking Boot up error red Green Ready OFF Disconnected o Blinking slowly Connecting to network Wi Fi WAN o Blinking Connected to network with traffic ON Connected to network without traffic OFF Disabled Wi Fi AP Blinking slowly Enabled but no client connected Blinking Connected to network with traffic ON Client s connected to wireless network Green LED ON 10 100 1000 Mbps Blinking Data is transferring Orange LED OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 2 MAX HD2 4 2 1 Panel Appearance RP SMA Wi Fi RP SMA Wi Fi Antenna Connector 4y 100 1000 Antenna Connector f Or AM i F A H t h ern at L A N fi T Wi F Wi A N USB Jx 10 100 10V 30V DC WAN Port Ethernet WAN Terminal Block 1OV 30V DC SMA Cellular GPS Connector Antenna Connectors 2x Embedded 46 LTE 3G Modems Pepwave MAX and Surf User Manual 4 2 2 LED
8. 177 mm E ME ML LE EE TE c Redundant Dual Cellular SIM 12V 48V DC Card Slots Connectors 4 5 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Booting up or busy Saus Boot up error Green Ready Wi Fi AP and Wi Fi WAN Indicators E OFF Disabled Intermittent Vse Blinking slowly Connecting to wireless network s Cellular 2 Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Blinking Data is transferring No data is being transferred or port is not OFF connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 6 MAX Transit 4 6 1 Panel Appearance MAX TST MAX TST DUO Redundant SIM Card Slot 4 6 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Booting up or busy Status Boot up error Green Ready Wi Fi Indicators OFF Disabled intermittent Wi Fi Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Pepwave MAX and Surf User Manual 4 7 MAX BR1 4 7 1 Panel Appearance MAX BR1 LTE Version SMA Cellular RP SMA Wi Fi Antenna Connectors Antenna Connector SMA
9. 1800 bands covering essential requirements under article 3 2 of the R amp TTE directive 1999 5 EC EN 301 489 1 V1 9 2 2008 Electromagnetic compatibility and Radio Spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 1 Common technical requirements EN 301 489 7 V1 3 1 2005 ElectroMagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment ad services Part 7 Specific conditions for mobile and portable radio and ancillary equipment of digital cellular radio telecommunications systems GSM and DCS EN 301 489 17 V2 2 1 2012 Electromagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 17 Specific conditions for 2 4 GHz wideband transmission systems and 5 GHz high performance RLAN equipment EN 301 489 24 V1 5 1 2010 Electromagnetic compatibility and Radio Spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 24 Specific conditions for IMT 2000 CDMA Direct Spread UTRA for Mobile and portable UE radio and ancillary equipment CE O Cesky Jm no vyrobce t mto prohla uje e tento typ za zen je ve shod se Czech z kladn mi po adavky a dal mi p slu n mi ustanoven mi sm rnice 1999 5 ES Dansk Undertegnede fabrikantens navn erkl rer herved a
10. 48 GB E System reserved M Video Ed Audio HM Images H Application updates M Other 12 95 GB Today Last week Last manth 27 53 GB 122 74 MB Bandwidth Saved 2 94 GB 68 9 1 32 GB 9 4 141 54 GB 36 5 142 14 GB 36 0 1 Month 4 40 GB 2 12 GB 20 28 GB Total Bandwidth 4 27 GB 14 05 GB 388 00 GB 394 40 GB 1 Year 7 00 million 7 13 million Top Hit Top Usage Top Visited Top Missed Bandwidth Saved Total Bandwidth Accesses Web Domain more apple com 2 52 GB 92 0 2 74 GB 436 office net 28 64 MB 96 0 29 23 ME g2 canonical com 13 51 MB 100 13 51 MB 2 ubuntu cam 8 14 MB 25 0 32 60 MB 475 blogspot com 3 13 MB 22 3 14 04 MB 115 nextmedia com 2 85 MB 54 6 5 21 MB 326 File Category application 2 72 GB 82 8 3 28 GB 27752 image 144 71 MB 40 0 361 82 MB 14359 text 49 69 MB 11 6 429 80 MB 33252 video 36 57 MB 16 5 221 94 MB old font 2 27 MB 81 8 2 77 ME T9 Media Type more octet stream 2 52 GB 91 4 2 75 GB 695 png 105 31 MB 53 1 198 16 MB 3620 pkix erl 99 57 MB 83 2 119 72 MB 93 zip 55 20 MB 50 3 109 82 MB 12 mp4 36 57 MB 25 3 144 70 MB 46 jpeg 34 56 MB 24 2 142 67 MB 4798 plain 30 27 MB 15 9 190 47 MB 74153 Pepwave MAX and Surf User Manual 12 Bandwidth Bonding SpeedFusion PepVPN Bonded DSL Cable Leased Line ke Ge aa NA Bonded 3G Mobile Internet Office Pepwave bandwidth bonding SpeedFusion functionality securely
11. Action e Destination IP amp port With the value of Allow for the Action setting the matching traffic passes through the router to be routed to the destination If the value of the Action setting is set to Deny the matching traffic does not pass through the router and is discarded This setting specifies whether or not to log matched firewall events The logged messages are shown on the page Status gt Event Log A sample message is as follows Event Logging Pepwave MAX and Surf User Manual Aug 13 23 47 44 Denied CONN Ethernet WAN SRC 20 3 2 1 DST 192 168 1 20 LEN 48 PROTO TCP SPT 2260 DPT 80 e CONN The connection where the log entry refers to e SRC Source IP address e DST Destination IP address e LEN Packet length e PROTO Protocol e SPT Source port e DPT Destination port Click Save to store your changes To create an additional firewall rule click Add Rule and repeat the above steps To change a rule s priority simply drag and drop the rule e Hold the left mouse button on the rule e Move it to the desired position e Drop it by releasing the mouse button Tip If the default inbound rule is set to Allow for NAT enabled WANs no inbound Allow firewall rules will be required for inbound port forwarding and inbound NAT mapping rules However if the default inbound rule is set as Deny a corresponding Allow firewall rule will be required Pepwave MAX and Surf User Manual 18 1 2 Ap
12. Add a New Outbound Firewall Rule New Firewall Rule Any Address Allow O Deny Save Cancel Inbound firewall settings are located at Advanced gt Firewall gt Access Rules Inbound Firewall Rules Inbound Firewall Rules WDrag and drop rows to change rule order Protocol Source IP Destination IP Port Port Any Any Any Any Allow Add Rule Click Add Rule to display the following screen Add a New Inbound Firewall Rule New Firewall Rule 7 Any Address EI Any Address Y i Allow Deny Save Cancel Rules are matched from top to bottom If a connection matches any one of the upper rules the matching process will stop If none of the rules match the Default rule will be applied By default the Default rule is set as Allow for both outbound and inbound access Pepwave MAX and Surf User Manual Inbound Outbound Firewall Settings Rule Name This setting specifies a name for the firewall rule This setting specifies whether the firewall rule should take effect If the box is checked the firewall rule takes effect If the traffic matches the specified protocol IP port actions will be Enable taken by the Pepwave router based on the other parameters of the rule If the box is not checked the firewall rule does not take effect The Pepwave router will disregard the other parameters of the rule WAN Connection Select the WAN connection that this firewall rule should apply t
13. Advanced gt Port Forwarding Service IP Address es Server Protocol Add Service To define a new service click Add Service be oo OM Sevene ooo j TCP Protocol Selection Tool E Connection IP Address es m 10 88 3 158 Ere a 120 78 95 7 Port Forwarding Settings This setting specifies whether the inbound service takes effect When Enable is checked the Enable inbound service takes effect traffic is matched and actions are taken by the Pepwave router based on the other parameters of the rule When this setting is disabled the inbound service does not take effect the Pepwave router disregards the other parameters of the rule Service This setting identifies the service to the system administrator Valid values for this setting Name consist of only alphanumeric and underscore _ characters The IP Protocol setting along with the Port setting specifies the protocol of the service as TCP UDP ICMP or IP Traffic that is received by the Pepwave router via the specified protocol at the specified port s is forwarded to the LAN hosts specified by the Servers setting Please see below for details on the Port and Servers settings Alternatively the Protocol Selection Tool drop down menu can be used to automatically fill in the protocol and a single port number of common Internet services e g HTTP HTTPS etc After selecting an item from the Protocol Selection Tool drop down menu the protocol a
14. DC Button 48V Passive PoE Input LED Power Input SMA Cellular SMA GPS SMA Cellular Antenna Antenna Antenna Connectors Connector Connectors Redundant Cellular SIM Slots SS With 48V DC power all 3 Ethernet ports can act as 802 3af PoeE or 24V Passive PoE outputs Pepwave MAX and Surf User Manual 4 4 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking Boot up error red Green Ready Cellular WAN Indicators OFF Disabled intermittent Cellular 1 Blinking slowly Connecting to wireless network s Cellular2 Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Blinking Data is transferring Orange LED OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 5 MAX HD4 4 5 1 Panel Appearance RP SMA Wi Fi USB WAN RP SMA Wi Fi Antenna Connectors Interface Antenna Connectors Rugged enclosure ideal for demanding applications 8x 100 1000M 2x 100 1000M Ethernet LAN with Reset 19 inches Ethernet WAN 802 3af PoE Output LED Button 50 mm SMA GPS SMA AG LTE 12V 48V DC 4 Antenna Antenna Terminal Block 6 9 inches Connector Connectors 11 5 inches 292 mm
15. DNS Domain Name System EVDO Evolution Data Optimized HSDPA High Speed Downlink Packet Access HTTP Hyper Text Transfer Protocol ICMP Internet Control Message Protocol IP Internet Protocol LAN Local Area Network MAC Address Media Access Control Address MTU Maximum Transmission Unit MSS Maximum Segment Size NAT Network Address Translation PPPoE Point to Point Protocol over Ethernet QoS Quality of Service SNMP Simple Network Management Protocol TCP Transmission Control Protocol UDP User Datagram Protocol VPN Virtual Private Network VRRP Virtual Router Redundancy Protocol WAN Wide Area Network WINS Windows Internet Name Service WLAN Wireless Local Area Network Pepwave MAX and Surf User Manual 3 Product Features Pepwave routers enable all LAN users to share broadband Internet connections and they provide advanced features to enhance Internet access Below is a list of supported features on Pepwave routers Features vary by model For more information please see peplink com products 3 1 Supported Network Features 3 1 1 WAN e Ethernet WAN connection in full half duplex e Static IP support for PPPoE e Built in HSPA and EVDO cellular modems e USB mobile connection s e Wi Fi WAN connection e Network address translation NAT port address translation PAT e Inbound and outbound NAT mapping e IPsec NAT T and PPTP packet passthrough e MAC address clone and passthrough e Customizable MTU and MSS values e WAN conne
16. GFS Antenna Connector MAX BR1 Version Dual 10 100M 10V 30V SMA Cellular RP SMA Wi Fi Ethernet LAN DC Connector Antenna Connectors Antenna Connector Redundant Cellular SIM Slots 10V 30V DC 10 100M SMA GPS Terminal Block Ethernet WAN Antenna Connector 4 7 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking ae Boot up error Ready Wi Fi Indicators OFF Disabled intermittent Wi Fi Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Pepwave MAX and Surf User Manual Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s ON 100 Mbps Green LED OFF 10 Mbps ON Port is connected without traffic Orange LED Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 8 MAX BR1 Slim 4 8 1 Panel Appearance SMA GPS SMA Wi Fi Antenna Connector Antenna Connector Terminal Block 5V 2A FE LAN FE WAN Micro USB Input RP SMA Cellular Redundant Antenna Connector SIM Slots 4 8 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up
17. IP Address DHCP Server 1 DHCP Server 2 DHCP Option 82 DHCP Relay Settings Enable Check this box to turn on DHCP relay Click the Kd icon to disable DHCP relay Enter the IP addresses of one or two DHCP servers in the provided fields The DHCP DHCP Server IP servers entered here will receive relayed DHCP requests from the LAN For active passive Address DHCP server configurations enter active and passive DHCP server relay IP addresses in DHCP Server 1 and DHCP Server 2 DCHP Option 82 includes device information as relay agent for the attached client when DHCP Option forwarding DHCP requests from client to server This option also embeds the device s MAC 82 address and network name in circuit and remote IDs Check this box to enable DHCP Option 82 Once DHCP is set up configure LAN Physical Settings Static Route Settings WINS Server Settings and DNS Proxy Settings as noted above Pepwave MAX and Surf User Manual 8 2 Captive Portal The captive portal serves as gateway that clients have to pass if they wish to access the internet using your router To configure navigate to Network gt LAN gt Captive Portal Captive Portal Settings Enabe o vroeer LAN SEEN open access user Authentication O 30 mins 0 Unlimited N oes Daily at 00 00 1440 minutes after guota reached Domain Name IP Address NN Built in External URL http Captive Portal Settings Ena
18. Latency lms Drop Rate 0 0 pkt s 20 0 kbps P pkt 30 0 kbps 40 0 k 9 10 o 0 iene 10 v Fe AE 8 5 5 tag a 2 a 0 Total MB WAN 1 SS WAN 2 E WAN 3 When pressing the B button the following menu will appear Pepwave MAX and Surf User Manual i PepVPN Test ll Check the general TCP UDP throughput Fo PepVPN Analyzer Check the uplink performance of each tunnel Warning PepVPN Analyzer will temporarily interrupt VPN connectivity and will restore after test Close PepVPN Test Check the general TCP UDP throughput TCP UDP Upload Download 10 seconds 5 600 2 5 kbps Tx 5 3 kbps Drop rate 0 0 pkt s Latency n a Tx n a Drop rate n a Latency n a Tx n a Drop rate n a Latency 2 5 kbps Tx 5 3 kbps Drop rate 0 0 pkt s Latency Select the L2 protocol TCP UDP direction and duration and click the Start button to begin the general throughput test 0 1250 MB 1 00sec 1 0485 Mbps 1 0000 MB 1 00sec 8 3888 Mbps 1 3125 MB 1 00sec 11 0098 Mbps 3 0000 MB 1 00sec 25 1465 Mbps 5 6875 MB 1 00sec 47 7473 Mbps 6 0625 MB 1 00sec 50 8562 Mbps 4 9375 MB 1 00sec 41 4188 Mbps 4 5000 MB 1 00sec 37 7487 Mbps 5 0000 MB 1 00sec 41 9438 Mbps 5 6875 MB 1 00sec 47 7099 Mbps 37 3167 MB 10 05 sec 31 1504 Mbps 8 TX 9 RX 47 retrans 132 62 msRTT TEST DONE Pepwave MAX and Surf User Manual ap PepVPN An
19. Select an Outbound Policy High Application Compatibili Normal Application Compatibility Custom Save Cancel There are three main selections for the outbound traffic policy e High Application Compatibility e Normal Application Compatibility e Custom Note that some Pepwave routers provide only the Send All Traffic To setting here See Section 12 1 for details Outbound Policy Settings Outbound traffic from a source LAN device is routed through the same WAN connection regardless of the destination Internet IP address and protocol This option provides the High Pepwave MAX and Surf User Manual Application highest application compatibility Compatibility Normal Outbound traffic from a source LAN device to the same destination Internet IP address will Application be routed through the same WAN connection persistently regardless of protocol This C tibilit option provides high compatibility to most applications and users still benefit from WAN link ompatibihly load balancing when multiple Internet servers are accessed Custom Outbound traffic behavior can be managed by defining rules in a custom rule table A default rule can be defined for connections that cannot be matched with any of the rules The default policy is Normal Application Compatibility Tip Want to know more about creating outbound rules Visit our YouTube Channel for a video tutorial e pep IK Dashboard Setup Wizard Network System S
20. User Manual 14 2 2 Algorithm Persistence The configuration of persistent services is the solution to the few situations where link load distribution for Internet services is undesirable For example for security reasons many e banking and other secure websites terminate the session when the client computer s Internet IP address changes mid session In general different Internet IP addresses represent different computers The security concern is that an IP address change during a session may be the result of an unauthorized intrusion attempt Therefore to prevent damages from the potential intrusion the session is terminated upon the detection of an IP address change Pepwave routers can be configured to distribute data traffic across multiple WAN connections Also the Internet IP depends on the WAN connections over which communication actually takes place As a result a LAN client computer behind the Pepwave router may communicate using multiple Internet IP addresses For example a LAN client computer behind a Pepwave router with three WAN connections may communicate on the Internet using three different IP addresses With the persistence feature rules can be configured to enable client computers to persistently utilize the same WAN connections for e banking and other secure websites As a result a client computer will communicate using one IP address eliminating the issues mentioned above Persistence D By Source V By D
21. bridged with this local LAN Profiles to creating a Layer 2 PepVPN they will be connected and operate like a single LAN and any Bridge broadcast or multicast packets will be sent over the VPN Spanning Tree Protocol Click the box will enable STP for this layer 2 profile bridge Select Do not override if the LAN IP address and local DHCP server should remain Override IP unchanged after the Layer 2 PepVPN is up Pepwave MAX and Surf User Manual Address when bridge connected If you choose to override IP address when the VPN is connected the device will not act as a router and most Layer 3 routing functions will cease to work DHCP Server Settings 9 9 9 Days 0 Hours 0 Mins Z Assign WINS server Built in External Server IP Address Boot File Server Name DHCP Server Settings When this setting is enabled the DHCP server automatically assigns an IP address to DHCP Server each computer that is connected via LAN and configured to obtain an IP address via DHCP The Pepwave router s DHCP server can prevent IP address collision on the LAN IP Range amp These settings allocate a range of IP addresses that will be assigned to LAN computers by Subnet Mask _ the Pepwave router s DHCP server This setting specifies the length of time throughout which an IP address of a DHCP client Lease Time remains valid Upon expiration of the lease time the assigned IP address will no longe
22. by the LAN host the connection will be re activated Health Check Settings Me Pepwave MAX and Surf User Manual Health Check Settings Heath Check This setting allows you to specify the health check method for the cellular connection Available Method options are Disabled Ping DNS Lookup HTTP and SmartCheck The default method is etno DNS Lookup See Section 9 4 for configuration details If a health check test cannot be completed within the specified amount of time the test will be Timeout treated as failed Health Check This is the time interval between each health check test Interval Health Check This is the number of consecutive check failures before treating a connection as down Retries Recovery This is the number of responses required after a health check failure before treating a Retries connection as up again Dynamic DNS Service Disabled Provider EE Dynamic DNS Settings This setting specifies the dynamic DNS service provider to be used for the WAN based on supported dynamic DNS service providers e changeip com Dynamic DNS e dyndns org Service pen Provider e tzo com e DNS O Matic Select Disabled to disable this feature See Section 9 5 for configuration details Pepwave MAX and Surf User Manual 9 3 Wi Fi WAN To access Wi Fi WAN settings click Network gt WAN gt Details WAN Connection Settings Default Auto Custom Valu
23. default IP address will be forwarded Check the corresponding box es to enable UPnP and or NAT PMP Enable these features only if you trust the computers connected to the LAN ports Enable When the options are enabled a table listing all the forwarded ports under these two protocols can be found at Status gt UPnP NAT PMP Pepwave MAX and Surf User Manual 16 NAT Mappings NAT mappings allow IP address mapping of all inbound and outbound NAT dt raffic to and from an internal client IP address Settings to configure NAT mappings are located at Advanced gt NAT Mappings LAN Clients Inbound Mappings Outbound Mappings 192 168123 WAN 1 10 88 3 158 Interface IP Use Interface IP only x To add a rule for NAT mappings click Add NAT Rule D IP Address Connection Outbound IP Address 10 88 3 158 Interface IP NAT Mapping Settings LAN NAT mapping rules can be defined for a single LAN IP Address an IP Range or an IP Client s Network This refers to the LAN host s private IP address The system maps this address to a Address number of public IP addresses specified below in order to facilitate inbound and outbound traffic This option is only available when IP Address is selected The IP range is a contiguous group of private IP addresses used by the LAN host The Range system maps these addresses to a number of public IP addresses specified below to facilitate outbound traffic
24. device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority t
25. during firmware upgrade process Do not attempt to upload a non firmware file or a firmware file that is not supported by Peplink Upgrading the Pepwave router with an invalid firmware file will damage the unit and may void the warranty Important Note If the firmware is rolled back from 5 x to 4 x the configurations will be lost Pepwave MAX and Surf User Manual 20 3 Time Time Settings enables the system clock of the Pepwave router to be synchronized with a specified time server Time settings are located at System gt Time Time Settings GMT 07 00 Krasnoyarsk Show all 0 peplink pool ntp org Default l Save Time Settings This specifies the time zone along with the corresponding Daylight Savings Time scheme Time Zone The Time Zone value affects the time stamps in the Pepwave router s event log and e mail notifications Check Show all to show all time zone options Time Server This setting specifies the NTP network time server to be utilized by the Pepwave router 20 4 Email Notification Email notification functionality provides a system administrator with up to date information on network status The settings for configuring email notifications are found at System gt Email Notification Email Notification Setup W Enable smtp mycompany com W Require authentication W Note any server certificate will be accepted ee om OI N EE EE
26. firmware partition Select the firmware you want to use to start up this device Firmware 1 6 2 1 build 2977 Running Firmware 2 6 2 1b01 build 2949 Pepwave MAX and Surf User Manual 20 11 Ping The ping test tool sends pings through a specified Ethernet interface or a SpeedFusion M VPN connection You can specify the number of pings in the field Number of times to a maximum number of 10 times Packet Size can be set to a maximum of 1472 bytes The ping utility is located at System gt Tools gt Ping illustrated below Connection Destination 10 10 10 1 Packet Size EP aial Start Stop PING 10 10 10 1 10 10 10 1 from 10 88 3 158 56 84 bytes of data 64 bytes from 10 10 10 1 icmp_req 1 ttl 62 time 27 6 ms 64 bytes from 10 10 10 1 icmp_req 2 ttl 62 time 26 5 ms 64 bytes from 10 10 10 1 icmp_req 3 ttl 62 time 28 9 ms 64 bytes from 10 10 10 1 icmp_req 4 ttl 62 time 28 3 ms 64 bytes from 10 10 10 1 icmp_req 5 ttl 62 time 27 7 ms 10 10 10 1 ping statistics 5 packets transmitted 5 received 0 packet loss time 4005ms rtt min avg max mdev 26 516 27 855 28 933 0 814 ms A system administrator can use the ping utility to manually check the connectivity of a particular LAN WAN connection Pepwave MAX and Surf User Manual 20 12 Traceroute Test The traceroute test tool traces the routing path to the destination through a particular Ethernet interface or a Soee
27. on the top right hand corner to activate Pepwave MAX and Surf User Manual Enable Web Access Protocol Management Port HTTP HTTPS TEEN Admin Username Admin Password Enable Web Access Protocol Management Port HTTP to HTTPS Redirection Admin User Name Admin Password Ed 443 EA 25db591396e0 Generate Web Administration Settings Check the box to allow the Pepwave router to manage the web admin access information of the AP These buttons specify the web access protocol used for accessing the web admin of the AP The two available options are HTTP and HTTPS This field specifies the management port used for accessing the device This option will be available if you have chosen HTTPS as the Web Access Protocol With this enabled any HTTP access to the web admin will redirect to HTTPS automatically This field specifies the administrator username of the web admin It is set as admin by default This field allows you to specify a new administrator password You may also click the Generate button and let the system generate a random password automatically Pepwave MAX and Surf User Manual Navigating to AP gt Settings on some Pepwave models displays a screen similar to the one shown below InControl management enabled Settings can now be configured on InControl Wi Fi Radio Settings Wi Fi AP Settings
28. one minute Refresh IP Subnet Source or Destination Y 255 255 255 255 32 Y Source or Destination Y TCP v 1 WAN 1 2 WAN 2 T1 Cellular 1 T2 Cellular 2 f VPN Total searched results 0 CO Total searched results 0 Transit Total searched results 0 This Active Sessions section displays the active inbound outbound sessions of each WAN connection on the Pepwave router A filter is available to sort active session information Enter a keyword in the field or check one of the WAN connection boxes for filtering Pepwave MAX and Surf User Manual 21 3 Client List The client list table is located at Status gt Client List It lists DHCP and online client IP addresses names retrieved from the DHCP reservation table or defined by users current download and upload rate and MAC address Clients can be imported into the DHCP reservation table by clicking the button on the right You can update the record after import by going to Network gt LAN Online Clients Only DHCP Clients Only Chent List Scale kbps Mbps If the PPTP server see Section 19 2 SoeedFusion see Section 12 1 or AP controller see Section 20 is enabled you may see the corresponding connection name listed in the Name field 21 4 WINS Client The WINS client list table is located at Status gt WINS Client WINS Client List 10 9 2 1 10 9 30 1 10 9 2 4 _Flush All The WINS client table lists the IP ad
29. or busy Status Blinking Aa Boot up error Ready Wi Fi Indicators OFF Disabled intermittent Wi Fi Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators OFF Disabled or no SIM card inserted Cellular ON Connecting or connected to network s Pepwave MAX and Surf User Manual LAN and Ethernet WAN Ports ON 100 Mbps Green LED OFF 10 Mbps ON Port is connected without traffic Orange LED Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 9 MAX BR1 ENT 4 9 1 Panel Appearance USB WAN 2x 10 100 1000M 10V 30V Dt SMA Cellular SMA GPS Aux SMA Cellular Interface Ethernet LAN Terminal Block Antenna Connector Antenna Connector Antenna Connector Reset 1x 10 100 1000M LED Button Ethernet Redundant Cellular SIM Slot WAN LAN 4 9 2 LED Indicators e The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking Boot up error red Green Ready Cellular Indicators OFF Disabled or no SIM card inserted llular Cellula ON Connecting or connected to network s LAN and Ethernet WAN Ports ON 100 Mbps Green LED OFF 10 Mbps ON Port is connected without traffic Orange LED Blinking Data is transferring
30. os ie tetera eats ee ee Ee GE Ge eed 18 4 7 MAX BRI ME EE OE OE OE OG EE OD 19 4 8 MAX BS UI ene EA EE Ee N Ge Ge EE re ED DE ie 21 4 9 MAXA Be 3 EE EE OE EE EE ETTA 23 4 10 MAXBR1 2IPSS ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee 24 Aid MASONTEEGS RE RE EE AE EE GE N ER AE IE ER Ge GR Ge EE De ER 26 Ad SURE SOON OE Ge Ie OE ee oe Ee ee ee Ee A Ee Re EE EE EE Ee ee 27 S INSTALLATION ies se he oe ee ee es ed ea Ge EE EG EG Ge ee 29 5 1 PREPARATION se ere ee Ee be ED nas EE EE EG GR GE Ee EG De 29 5 2 CONSTRUCTING THE NETWORK ooie soe se se ed ee se Ge ee Gn eie se ee ee oe ee GE ee ee Ge 30 5 3 CONFIGURING THE NETWORK ENVIRONMENT ee ese ee es ese ee es ese ee ee ee ee ee ee ee ee ee ee ee ee ee ee 31 O MOUNTING THE UNIT SE EG GE Ee EG NG EG GE GE OES De EG WEG Ge N Ee Ge Ge Ge ee OE ee Go 32 6 1 ETER ie id eee ne eS ON 32 6 2 IOI eee case eo otis pests E ee Ge SO Ee oe ei oe ses 32 6 3 IPG TINS TALIA TION GUIDE isis ie esse ie ee Re Ge Se Ge ee Ee we 32 7 CONNECTING TO THE WEB ADMIN INTERFACE ccccccccccccccccccccccccccccccccccccccccccecs 32 8 CONFIGURING THE LAN INTERFACE S cscsccscsccscscsscsssccsscccsccccsccssccssccceccccscessccesccees 35 8 1 BAEC SETTINGS es seen ER Ge OD ee cae ee GE EG ane oe EE Ee ee EE GE DE 35 8 2 CAPTIVE PORT esse ie de EE RE EE GE Ee Ge GE EE 45 9 CONFIGURING THE WAN INTERFACE S csccscsccscscsscessccsscccsccccsccscscsscccsccccscesccesecees 47 9 1 ETHERNET WAN ees ees n
31. soo O came o EE ouput Power ES G AE D O e cura merv E Wi Fi Radio Settings Operating Country This option sets the country whose regulations the Pepwave router follows Wi Fi Antenna Choose from the router s internal or optional external antennas if so equipped Important Note Per FCC regulations the country selection is not available on all models marketed in the US All US models are fixed to US channels only Wi Fi AP Settings This option allows you to specify whether 802 11b and or 802 11g client association Protocol requests will be accepted Available options are 802 11ng and 802 11na By default 802 11ng is selected Channel This option allows you to select which 802 11 RF channel will be used Channel 1 2 412 GHz is selected by default Auto 20 40 MHz and 20 MHz are available The default setting is Auto 20 40 MHz Channel Width which allows both widths to be used simultaneously This option is for specifying the transmission output power for the Wi Fi AP There are 4 Output Power relative power levels available Max High Mid and Low The actual output power will be bound by the regulatory limits of the selected country Beacon Rate This option is for setting the transmit bit rate for sending a beacon By default 1Mbps is Pepwave MAX and Surf User Manual selected This option is for setting the time interval between each beacon By default 100ms i
32. still require it In addition to standard DHCP options e g DNS server address gateway address subnet mask you can specify the value of additional extended DHCP options as defined in RFC Extended 2132 With these extended options enabled you can pass additional configuration DHCP Option information to LAN hosts To define an extended DHCP option click the Add button choose p the option to define and then enter its value For values that are in IP address list format you can enter one IP address per line in the provided text area input control Each option can be defined once only This setting reserves the assignment of fixed IP addresses for a list of computers on the LAN The computers to be assigned fixed IP addresses on the LAN are identified by their MAC addresses The fixed IP address assignment is displayed as a cross reference list DHCP between the computers names MAC addresses and fixed IP addresses Reservation Name an optional field allows you to specify a name to represent the device MAC addresses should be in the format of 00 AA BB CC DD EE Press to create a new record Press to remove a record Reserved clients information can be imported from the Client List located at Status gt Client List For more details please refer to Section Pepwave MAX and Surf User Manual 21 3 To configure DHCP relay first click the Hd button found next to the DHCP Server option to display the settings DHCP Server
33. the path between two sites over each WAN connection Failed WAN connections will not be used to route VPN traffic Health check packets are sent to the remote unit to detect any failure The more frequently checks are sent the shorter the detection time although more bandwidth will be consumed When Recommended default is selected a health check packet is sent every five Link Failure seconds and the expected detection time is 15 seconds Detection Time When Fast is selected a health check packet is sent every three seconds and the expected detection time is six seconds When Faster is selected a health check packet is sent every second and the expected detection time is two seconds When Extreme is selected a health check packet is sent every 0 1 second and the expected detection time is less than one second A Advanced feature please click the button on the top right hand corner to activate Important Note Peplink proprietary SoeedFusion uses TCP port 32015 and UDP port 4500 for establishing VPN connections If you have a firewall in front of your Pepwave devices you will need to add firewall rules for these ports and protocols to allow inbound and outbound traffic to pass through the firewall Pepwave MAX and Surf User Manual Tip Want to know more about VPN sub second session failover Visit our YouTube Channel for a video tutorial http youtu be T_LQgdpPSY88
34. typically determined by and can be obtained from the ISP Gateway Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS DNS Servers servers being assigned by the WAN DHCP server to be used for outbound DNS lookups over the connection The DNS servers are obtained along with the WAN IP address assigned from the DHCP server When Use the following DNS server address es is selected you may enter custom DNS server addresses for this WAN connection into the DNS Server 1 and DNS Server 2 fields Pepwave MAX and Surf User Manual 9 1 3 PPPoE Connection This connection method is suitable if your ISP provides a login ID password to connect via PPPOE Obtain DNS server address automatically 10 88 3 1 Use the following DNS server address es DNS Server 1 DNS Server 2 PPPoE Settings NAT allows substituting the real address in a packet with a mapped address that is Routing Mode routable on the destination network By clicking the help icon in this field you can display the IP Forwarding option if your network requires it IP Address Subnet Mask This information is obtained from the ISP automatically Default Gateway PPPoE User Enter the required information in these fields in order to connect via PPPoE to the ISP
35. 0 Firewall VIP 240 10 10 5 IP 210 10 10 2 Physical IP 210 10 10 4 I Local Area Network Please note that the drop in WAN cannot be configured as a LAN bypass port while it is configured for high availability Pepwave MAX and Surf User Manual 18 6 PPTP Server PPTP VPN Pepwave routers feature a built in PPTP server which enables remote computers to conveniently and securely access the local network PPTP server settings are located at Advanced gt Misc Settings gt PPTP Server Check the box to enable PPTP server functionality All connected PPTP sessions are displayed at Status gt Client List Please refer to Section 21 3 for details Note that available options vary by model PPTP Server 10 88 3 158 Interface IP Interface IP Wi Fi WAN Interface IP Cellular i Interface IP Cellular 2 Interface IP Interface IP EJI Username Password E Pepwave MAX and Surf User Manual PPTP Server Settings This setting is for specifying the WAN connection s and IP address es that the PPTP server should listen on Listen On This setting is for specifying the user database source for PPTP authentication Three sources can be selected Local User Accounts LDAP Server or RADIUS Server Local User Accounts User accounts are stored in the Pepwave router locally You can add modify delete accounts in the User Accounts table LDAP Server Authenticate with an external LDAP
36. 0 99 Mbps 0 12 Mbps Peak 121 78 Mbps 0 67 Mbps Stacked C Overall 61 kbps 75 kbps 136 kbps Pepwave MAX and Surf User Manual 21 8 2 Hourly This page shows the hourly bandwidth usage for all WAN connections with the option of viewing each individual connection Select the desired connection to check from the drop down menu MB GB 6000 MB Download Upload ad Total 5000 MB 4000 MB 3000 MB 2000 MB 1000 MB 13 00 5 047 MB 295 MB 5 342 MB 12 00 5 117 MB 439 MB 5 556 MB 11 00 2414 MB 526 MB 2 940 MB 10 00 2 470 MB 812 MB 3 282 MB 09 00 725 MB 488 MB 1 213 MB 08 00 64 MB 211 MB 275 MB 21 8 3 Daily Pepwave MAX and Surf User Manual This page shows the daily bandwidth usage for all WAN connections with the option of viewing each individual connection Select the connection to check from the drop down menu If you have enabled the Bandwidth Monitoring feature the Current Billing Cycle table for that WAN connection will be displayed Click on a date to view the client bandwidth usage of that specific date This feature is not available if you have selected to view the bandwidth usage of only a particular WAN connection The scale of the graph can be set to display megabytes MB or gigabytes GB Connection All WAN Scale MB GB E Dovmload N Upload MM Total 02 17 02 18 02 19 02 20 02 21 02 22 02 23 02 24 02 25 02 26 02 27 02 28
37. 2 TI OYZIOAEI2 ANAITH2ZEI2 KAI TI2 AOINE 2XETIKE2 AIATA EI2 TH OAHTIA2 1999 5 EK Par la presente nom du fabricant declare que l appareil type d appareil est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Con la presente nome del costruttore dichiara che questo tipo di apparecchio conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Ar so name of manufacturer izgatavotaja nosaukums deklar ka type of equipment iek rtas tips atbilst Direktivas 1999 5 EK b tiskaj m pras b m un citiem ar to saistitajiem noteikumiem iuo manufacturer name deklaruoja kad Sis equipment type atitinka esminius reikalavimus ir kitas 1999 5 EB Direktyvos nuostatas Hierbij verklaart naam van de fabrikant dat het toestel type van toestel in overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG Hawnhekk lisem tal manifattur jiddikjara li dan i l mudel tal prodott jikkonforma mal ti ijiet essenzjali u ma provvedimenti o rajn relevanti li hemm fid Dirrettiva 1999 5 EC Alul rott gy rt neve nyilatkozom hogy a tious megfelel a vonatkoz alapvet k vetelm nyeknek s az 1999 5 EC ir nyelv egy b eldirasainak Niniejszym nazwa producenta o wiadcza e nazwa wyrobu jest zgodny z zasadniczymi wymogami oraz pozosta ymi stosownymi postanowieniami
38. 509 is selected as the Peplink Balance s VPN authentication method as explained above To authenticate VPN connections using X 509 certificates copy and paste certificate details into these fields To get more information on a listed X 509 certificate click the Show Details link below the field When this option is enabled the router will allow multiple peers to run using the same remote ID Check this box to allow the local DHCP server to assign an IP address to the remote peer When NAT Mode is enabled all remote traffic over the VPN will be tagged with the assigned IP address using network address translation If NAT Mode is not enabled you can enter a remote peers WAN IP address or hostname s here If the remote uses more than one address enter only one of them here Multiple hostnames are allowed and can be separated by a space character or carriage return Dynamic DNS host names are also accepted This field is optional With this field filled the Peplink Balance will initiate connection to each of the remote IP addresses until it succeeds in making a connection If the field is empty the Peplink Balance will wait for connection from the remote peer Therefore at least one of the two VPN peers must specify this value Otherwise VPN connections cannot be established This field is used to specify a UDP port number for transporting outgoing VPN data If Default is selected UDP port 4500 will be used Port 32015 will be used if t
39. Dyrektywy 1999 5 EC Nome do fabricante declara que este tipo de equipamento est conforme com os requisitos essenciais e outras disposi es da Directiva 1999 5 CE Ime proizvajalca izjavlja da je ta tio opreme v skladu z bistvenimi zahtevami in ostalimi relevantnimi dolo ili direktive 1999 5 ES Meno v robcu t mto vyhlasuje e typ zariadeniajsplia z kladn po iadavky a v etky pr slu n ustanovenia Smernice 1999 5 ES Valmistaja manufacturer vakuuttaa t ten ett type of equipment laitteen tyyppimerkint tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen H rmed intygar f retag att denna utrustningstyp star verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG PEPWAVE Broadband Possibilities www pepwave com Contact Us Sales http www pepwave com contact sales Support http www pepwave com contact Business Development and Partnerships http www pepwave com partners channel
40. EP key encryption Authentication is not supported by this method The security level of this method is known to be weak Connection coming from the MAC addresses in this list will be either denied or accepted based the option selected in the previous field 18 12 _Default 18 12 Default Host Secret Authentication Port Accounting Port RADIUS Server Settings Enter the IP address of the primary RADIUS server and if applicable the secondary RADIUS server Enter the RADIUS shared secret for the primary server and if applicable the secondary RADIUS server In field enter the UDP authentication port s used by your RADIUS server s or click the Default button to enter 1812 In field enter the UDP accounting port s used by your RADIUS server s or click the Default button to enter 1813 Pepwave MAX and Surf User Manual 19 2 Settings On many Pepwave models the AP settings screen AP gt Settings looks similar to the example below AP Settings SSID Operating Country Preferred Frequency 5 GHz Protocol 5GHz Channel Bonding D 2 4 GHZ 5 GHz Integrated AP supports 2 4 GHZ only ic 7 PEPWAVE_8D1C United States v 2 4 GHZ 5 GHZ Integrated AP supports 2 4 GHZ only Channels 36 40 44 48 1 2 412 GHz LAN No VLAN ax 1Mbps Default 100ms Default AP Settings These buttons specify which wireless networks will use this AP prof
41. Ethernet cable connect a computer to one of the LAN ports on the Pepwave router Repeat with different cables for up to 4 computers to be connected 2 With another Ethernet cable or a USB modem Wi Fi antenna PC Card Express Card connect to one of the WAN ports on the Pepwave router Repeat the same procedure for other WAN ports 3 Connect the power adapter to the power connector on the rear panel of the Pepwave router and then plug it into a power outlet The following figure schematically illustrates the resulting configuration Embedded 3G Modem Ee on HD2 Satellite Wi Fi Receiver DSL Cable 3G Ethernet Modem JA Built in Wi Fi Access Point 4 Port Gigabit Ethernet Switch Pepwave MAX and Surf User Manual 5 3 Configuring the Network Environment To ensure that the Pepwave router works properly in the LAN environment and can access the Internet via WAN connections please refer to the following setup procedures e LAN configuration For basic configuration refer to Section 7 Connecting to the Web Admin Interface For advanced configuration go to Section 8 Configuring the LAN Interface s e WAN configuration For basic configuration refer to Section 7 Connecting to the Web Admin Interface For advanced configuration go to Section 8 2 Captive Portal Pepwave MAX and Surf User Manual 6 Mounting the Unit 6 1 Wall Mount The Pepwave MAX 700 HD2 On The Go can be wall mounted u
42. Health Check Settings This setting specifies the timeout in seconds for ping DNS lookup requests The default Timeout timeout is 5 seconds Health Check This setting specifies the time interval in seconds between ping or DNS lookup requests Interval The default health check interval is 5 seconds This setting specifies the number of consecutive ping DNS lookup timeouts after which the Health Check Pepwave router will treat the corresponding WAN connection as down Default health Retries retries is set to 3 Using the default Health Retries setting of 3 the corresponding WAN connection will be treated as down after three consecutive timeouts This setting specifies the number of consecutive successful ping DNS lookup responses Recovery that must be received before the Pepwave router treats a previously down WAN connection 5 as up again By default Recover Retries is set to 3 Using the default setting a WAN Retries connection that is treated as down will be considered as up again upon receiving three consecutive successful ping DNS lookup responses Automatic Public DNS Server Check on DNS Test Failure When the health check method is set to DNS Lookup and health checks fail the Pepwave router will automatically perform DNS lookups on public DNS servers If the tests are successful the WAN may not be down but rather the target DNS server malfunctioned You will see the following warning message on the main page Pepwave MAX and Sur
43. IP forwarding mode are not shown here Click Save to save the settings when configuration has been completed Important Note Inbound firewall rules override the Inbound Mappings settings Pepwave MAX and Surf User Manual 17 QoS 17 1 User Groups LAN and PPTP clients can be categorized into three user groups Manager Staff and Guest This menu allows you to define rules and assign client IP addresses or subnets to a user group You can apply different bandwidth and traffic prioritization policies on each user group in the Bandwidth Control and Application sections note that the options available here vary by model The table is automatically sorted by rule precedence The smaller and more specific subnets are put towards the top of the table and have higher precedence larger and less specific subnets are placed towards the bottom Click the Add button to define clients and their user group Click the button to remove the defined rule Two default rules are pre defined and put at the bottom They are All DHCP reservation clients and Everyone and they cannot be removed The All DHCP reservation client represents the LAN clients defined in the DHCP Reservation table on the LAN settings page Everyone represents all clients that are not defined in any rule above Click on a rule to change its group Add Edit User Group NN 7 M v EA Save Cancel Add Edit User Group From the drop d
44. Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy laius viral Boot up error Green Ready OFF Disabled Intermittent pa ira Blinking slowly Connecting to wireless network s Cellular 2 Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Green LED ON 10 100 1000 Mbps Blinking Data is transferring Orange LED OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 3 MAX HD2 IP67 4 3 1 Panel Appearance PEPWAVE Waterproof Air Vent La Ground Plate 2x Female N Type Wi Fi Status Antenna Connectors be aa kog das 2 Waterproof Ethernet Waterproof Console and WAN Power Connector The statuses indicated by the front panel LEDs are as follows Status Indicators OFF System initializing Red Booting up or busy Status Blinking Boot up error red Green Ready Pepwave MAX and Surf User Manual 4 4 MAX HD2 mini 4 4 1 Panel Appearance Rugged enclosure ideal for demanding applications 1 6 inches 40 mm 5 8 inches 147 mm F 5 0 inches 128 mm USB WAN Interface 2x 100 1000M Ethernet LAN with 802 3af PoE or 24V Passive PoE Output 12 48W DC Terminal Block 1x 100 1000M Reset Ethernet WAN LAN with 12V 48V
45. Lookup or HTTP The default method is Disabled See Section 9 4 for configuration details These fields are for specifying the target DNS servers where DNS lookups will be sent to for health check If the box Use first two DNS servers as Health Check DNS Servers is checked the first two PING Hosts DNS servers will be the DNS lookup targets for checking the connection healthiness If the box is not checked the field Host 1 must be filled and the field Host 2 is optional The connection is considered to be up if DNS responses are received from any one of the health check DNS servers regardless of whether the result is positive or negative If a health check test cannot be completed within the specified amount of time the test will Timeout be treated as failed Pepwave MAX and Surf User Manual Health Check This is the number of consecutive check failures before treating a connection as down Interval Health Check This is the number of consecutive check failures before treating a connection as down Retries Recovery This is the number of responses required after a health check failure before treating a Retries connection as up again Dynamic DNS Service Provider Bandwidth Allowance L Enable Monitor Port Speed MTU 440 Default WAN Port Section 3 This setting specifies the dynamic DNS service provider to be used for the WAN based on supported dynamic DNS service provi
46. MAX HD2 and HD2 IP67 automatically store up to seven days of GPS location data in GPS eXchange format GPX To review this data using third party applications click Status gt Device and then download your GPX file The Pepwave MAX BR1 HD2 and HD2 IP67 export real time location data in NMEA format through the LAN IP address at TCP port 60660 It is accessible from the LAN or over a SpeedFusion connection To access the data via a virtual serial port install a virtual serial port driver Visit http www peplink com index php view fag amp id 294 to download the driver Pepwave MAX and Surf User Manual 21 2 Active Sessions Information on active sessions can be found at Status gt Active Sessions gt Overview Overview Search Session data captured within one minute Refresh oo O O O TOI O TOI cod coc CoC SO 10 9 98 144 10 9 2 18 10 9 66 14 10 9 2 26 This screen displays the number of sessions initiated by each application Click on each service listing for additional information This screen also indicates the number of sessions initiated by each WAN port In addition you can see which clients are initiating the most sessions Pepwave MAX and Surf User Manual You can also perform a filtered search for specific sessions You can filter by subnet port protocol and interface To perform a search navigate to Status gt Active Sessions gt Search Overview Search Session data captured within
47. N CHEN os ei ee GE Ge Ee Ee GE SE Ee ER Ge Se OE Ee Ee ER De 155 21 5 UPRPNAT PMP osse esse Ee eet Se ese a eo Ge Dee Ee GE GE ee EG 156 21 6 SPEED USION STATUS wesie ee ee ER EE EE Ge Ge De ee Ge ee ie Ee ee Ee Ee EE 156 41 7 EVENT LOG RR sence Ee E A EG EG EE Ee EE DR N oe EE ee Ge ee 160 ZLS BANBWIDIEIS oos ves ee Ee GR EE DE ee ie n Ee Ge N RE N Re De N ie 160 APPENDIX A RESTORATION OF FACTORY DEFAULLTG cscscscsccscsceccccscscccsccscscccsscsces 166 APPENDIX B DECLARATION ie ises vise sees dese es ie an dei ds pie N oe geel gee pi eN ee dig de ie Gee de ie ie 167 Pepwave MAX and Surf User Manual 1 Introduction and Scope Pepwave routers provide link aggregation and load balancing across multiple WAN connections allowing a combination of technologies like 3G HSDPA EVDO 4G LTE Wi Fi external WiMAX dongle and satellite to be utilized to connect to the Internet This manual covers setting up Pepwave routers and provides an introduction to their features and usage Want to know more about Pepwave routers Visit our YouTube Channel for a video introduction http youtu be UCkVQThLKO4 Pepwave MAX and Surf User Manual 2 Glossary The following terms acronyms and abbreviations are frequently used in this manual Term Definition 3G 3rd Generation standards for wireless communications 4G 4th Generation standards for wireless communications DHCP Dynamic Host Configuration Protocol
48. N Client 0 00 MB 131 22 MB 131 22 MB ala ge a hd eS Ps MT All WAN Monthly Bandwidth Usage Pepwave MAX and Surf User Manual Ethernet WAN Billing Cycle Calendar Month MB GB 6000 ME WW Dovmlead N Upload 5000 MB EN Total 4000 MB 3000 MB 2000 MB 1000 MB D 2010 05 2010 06 2010 07 2010 08 2010 09 2010 10 2010 11 2010 12 2011 01 2011 01 01 to now 784 MB 595 MB 2010 12 01 to 2010 12 31 2 291 MB 2 103 MB 2010 11 01 to 2010 11 30 2 261 MB 2 696 MB Ethernet WAN Monthly Bandwidth Usage Tip By default the scale of data size is in MB 1GB equals 1024MB Pepwave MAX and Surf User Manual Appendix A Restoration of Factory Defaults To restore the factory default settings on a Pepwave router follow the steps below 1 Locate the reset button on the front or back panel of the Pepwave router 2 With a paper clip press the reset button and hold it for at least 10 seconds until the unit reboots itself After the Pepwave router finishes rebooting the factory default settings will be restored Important Note All previous configurations and bandwidth usage data will be lost after restoring factory default settings Regular backup of configuration settings is strongly recommended Pepwave MAX and Surf User Manual Appendix B Declaration 1 The device supports time division technology 2 Federal Communication Commission Interference Statement This
49. PEPWAVE Broadband Possibilities Pepwave MAX and Surf User Manual Pepwave Products MAX 700 HD2 HD2 IP67 HD2 mini HD4 Transit BR1 BR1 IP55 BR2 IP55 On The Go MAX HD2 HD4 with MediaFast Surf SOHO Peowave Firmware 6 2 2 September 2015 COPYRIGHT amp TRADEMARKS Specifications are subject to change without notice Copyright 2015 Pepwave Lid All Rights Reserved Pepwave and the Pepwave logo are trademarks of Pepwave Ltd Other brands or products mentioned may be trademarks or registered trademarks of their respective owners Pepwave MAX and Surf User Manual Table of Contents 1 INTRODUCTION AND SCOPE eeesssssssssesossssssssssssoscsssssssesosssssssssssssssssssssseossssssssssessssso 5 2 OLO SARTE 6 3 PRODUCT FEATURES nssssssssssssssssssssessccssossssseosssssssssssosssssssssesoscsssssssesosssssssssssssssssssssseoo 7 3 1 SUPPORTED NETWORK FEATURES ccecsececececcecececcacsceccccececcacececsacececcacececsacececeaceceeeacecees 7 3 2 OTHER SUPPORTED FEATURES seen snoei eie Ge ene Gee ee ee ee eg Gee Ge ee Ge Ge ee se ee ie bee 9 4 PEPWAVE MAX MOBILE ROUTER OVERVIEW cccccccccccccccccccccccccccccccccccccccccccccccccccecs 10 4 1 MAX OD ae See aur sneaisaereteae sence aaaaeestaseaedeaanssueataesenceasanencieseaeeavancadens 10 4 2 IPPC 8 N EO ER cueanune 12 4 3 MA EED PE 7 EG ER SE AAA Ro Se EE ED Re 14 4 4 MAX HD Z MIN RE RE EO Ee N OE N EE OE Er 15 45 MAX FD ER EE N RE EE RE 17 4 6 MIA TRANS
50. Pepwave routers can detect various application traffic tyoes by inspecting the packet content select an application by choosing a supported application or by defining a custom application manually The priority preference of supported applications is placed at the top of the table Custom applications are at the bottom Pepwave MAX and Surf User Manual 17 3 2 Prioritization for Custom Applications Click the Add button to define a custom application Click the button in the Action column to delete the custom application in the corresponding row When Supported Applications is selected the Pepwave router will inspect network traffic and prioritize the selected applications Alternatively you can select Custom Applications and define the application by providing the protocol scope port number and DSCP value File Sharing Transfer IM Miscellaneous Remote Access L o OK Cancel Security Tunneling VoIP 17 3 3 DSL Cable Optimization DSL cable based WAN connections have lower upload bandwidth and higher download bandwidth When a DSL cable circuit s uplink is congested the download bandwidth will be affected Users will not be able to download data at full speed until the uplink becomes less congested DSL Cable Optimization can relieve such an issue When it is enabled the download speed will become less affected by the upload traffic By default
51. SERVICE EORWAEDING see ee ee N ee bo ee Ge GE Ee ee EE GE GR 121 18 9 SERVICE PASSTHROBEE oe oe ee Ge oe GE ee EN N ee Ee ee 124 18 10 GPS EORWARDING asses Re ek oe Ge ee Ee EE Ee Ge EE Ge eo Ee GE Ge 125 ik dee Ko dd dT EE EE NE EE EE EN 126 Pepwave MAX and Surf User Manual do 1 WREE ES Ol erni E E AE E Ee RE EE 126 1 2 ETT a ETE E T ENS 130 Io TOEO a Cnr nye OR ER Ee AE ee ero 134 Z0 SYSTEM SETTINGS sees de se Si ee Ge GN GE eg Ge Eria 135 AD ADMIN SECURITY ss manie oe Ee GE ER EE GE RE Ee ED N BE n EE Ee ee 135 ONE EE O AEE AAE O ET OTA E 139 LO M e EE EE EE EE A E A 140 20 4 EMAIL NOTIFICATION suis os soe ede ee nEn E N 140 20 EVI NT EOC et a E E E TA 142 20 6 SNEIP ee E E OR OG ee ee 143 20 7 INCONTRO IS ie ei ee ona ee denne coe De ee RD oe EE ee Sen ie ee EE oe dd 145 ZO CONFIGURE TION EE NE OT AE EE OE EE N EE 146 20 9 FEATURE ADD ON es ies ee ei N Ge ee De ee ee ED ee ee 147 PDN BEBOET aa Ee Ge RE ie N Ee Ee TE 147 20 11 PING osse ee ae GE ae ee oe oe ee EE EE EE 148 20 12 TRACEROUTE TEST oes se E ee ee ee Ore be RE EE Ee EIE EG DE ee 149 20 LS PEP WEIN VEST oe ee E ee Ge GE ee EE RE EE 149 20 14 CLI COMMAND LINE INTERFACE SUPPORT ese ees see ee see ee ee ee ee ee ee ee ee ee ee ee ee ee 150 MERE TE TE EE ER ET AE EE N EE EE EE 151 PLL DV T oi RE cs nts ed ot EE ata ee sna Ee E EE 151 Al AETME ES TON oe pe ee ee Ee Ge n Doe Ee ee oe oe oe Ee 153 IR Si dd RE EE EE OH AO ET T 155 PA NAVI
52. Slave Router High Availability High Availability Master O Slave F Master Slave dl Master Serial Number 54BF 5WEY E37Q 192 168 1 1 192 168 1 1 255 255 255 0 255 255 255 0 High Availability Enable Checking this box specifies that the Pepwave router is part of a high availability configuration This number identifies a pair of Pepwave routers operating in a high availability configuration Group Number The two Pepwave routers in the pair must have the same Group Number value This setting specifies whether the Pepwave router operates in master or slave mode Click Preferred Role the corresponding radio button to set the role of the unit One of the units in the pair must be configured as the master and the other unit must be configured as the slave Resume Master Role This option is displayed when Master mode is selected in Preferred Role If this option is U enabled once the device has recovered from an outage it will take over and resume its Recovery Master role from the slave unit This option is displayed when Slave mode is selected in Preferred Role If this option is Configuration enabled and the Master Serial Number entered matches with the actual master unit s the Sync master unit will automatically transfer the configuration to this unit Please make sure the LAN IP Address and the Subnet Mask fields are set correctly in the LAN settings page You can refer to the Event Log for t
53. The Pepwave router will inspect and look for blocked domain names on all HTTP traffic Secure web HTTPS traffic is not supported 18 2 2 Exempted User Groups Check and select pre defined user group s who can be exempted from the access blocking rules User groups can be defined at Q0S gt User Groups section Please refer to Section 17 1 for details 18 2 3 Exempted Subnets With the subnet defined in the field clients on the particular subnet s can be exempted from the access blocking rules 18 3 OSPF amp RIPv2 The Peplink Balance supports OSPF and RIPv2 dynamic routing protocols Click the Network tab from the top bar and then click the OSPF amp RIPv2 item on the sidebar to reach the following menu Pepwave MAX and Surf User Manual OSPF LAN IP Address Custom Interfaces Area This field determines the ID of the router By default this is specified as the LAN IP address If you want to specify your own ID enter it in the Custom field Router ID This is an overview of the OSPFv2 areas you have defined Click on the area name to Area configure it To set a new area click Add To delete an existing area click OSPF Settings Broadcast Point to Point LAN 192 168 168 1 24 V167 192 168 167 1 24 WAN 1 10 91 137 1 24 WAN 2 10 91 138 1 24 WAN 3 10 91 139 1 24 OK Cancel OSPF Settings A ID Determine the name of your Area ID to apply to this group Machines linked to this gr
54. This option is only available when IP Range is selected The IP network refers to all private IP addresses and ranges managed by the LAN host Network The system maps these addresses to a number of public IP addresses specified below to facilitate outbound traffic This option is only available when IP Network is selected Pepwave MAX and Surf User Manual Inbound Mappings Outbound Mappings This setting specifies the WAN connections and corresponding WAN specific Internet IP addresses on which the system should bind Any access to the specified WAN connection s and IP address es will be forwarded to the LAN host This option is only available when IP Address is selected in the LAN Client s field Note that inbound mapping is not needed for WAN connections in drop in mode or IP forwarding mode Also note that each WAN IP address can be associated to one NAT mapping only This setting specifies the WAN IP addresses that should be used when an IP connection is made from a LAN host to the Internet Each LAN host in an IP range or IP network will be evenly mapped to one of each selected WAN s IP addresses for better IP address utilization in a persistent manner for better application compatibility Note that if you do not want to use a specific WAN for outgoing accesses you should still choose default here then customize the outbound access rule in the Outbound Policy section Also note that WAN connections in drop in mode or
55. able to enable bandwidth usage monitoring on this WAN connection for each Allowance _ billing cycle When this option is not enabled bandwidth usage of each month is still being Monitor tracked but no action will be taken If email notification is enabled you will be notified by email when usage hits 75 and 95 of the monthly allowance If Disconnect when usage hits 100 of monthly allowance is Action checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance It will not resume connection unless this option has been turned off or the usage has been reset when a new billing cycle starts Start Day This option allows you to define which day of the month each billing cycle begins Monthly This field is for defining the maximum bandwidth usage allowed for the WAN connection each Allowance month General Settings Remain connected Disconnected 2 3 minutes Time value is global A change will affect all WAN profiles General Settings This option allows you to choose whether to remain connected or disconnected when this WAN Standbv State connection is no longer in the highest priority and has entered the standby state When Remain y connected is chosen bringing up this WAN connection to active makes it immediately available for use Idle When Internet traffic is not detected within the user specified timeframe the modem will Disconnect automatically disconnect Once the traffic is resumed
56. alyzer Check the uplink performance of each tunnel The bandwidth bonding feature of Pep VPN occurs when multiple WAN lines from one end merge with multiple WAN lines from the other end For this to happen each WAN line needs to form a connection with all the WAN lines on the opposite end The function of the PepVPN analyzer is to report the throughput packet loss and latency of all possible combinations of connections Please note that the PepVPN Analyzer will temporarily interrupt VPN connectivity and will restore after test After clicking the icon the analyzer will require several minutes to perform its analysis depending the number of WAN links in the SoeedFusion Tunnel Once the test the complete the report will appear O indicates that specific WAN Tunnel is active for that particular test Tx Avg is the averaged throughput across the full 10 seconds time while Tx Max is the averaged throughput of the fastest 30 of time Pepwave MAX and Surf User Manual 21 7 Event Log Event log information is located at Status gt Event Log Device Event Log Feb 17 04 43 26 System Changes applied Feb 16 10 27 01 System Time synchronization successful Feb 16 10 26 25 WAN WAN 1 connected 10 88 3 158 Feb 16 10 26 01 WAN Priority changed Priority 1 WAN 1 WAN 2 Priority 2 Cellular 1 Cellular 2 Disabled Wi Fi WAN Feb 16 10 25 40 System Started up 6 2 0 build 2891 Feb 16 10 17 27 System Changes app
57. and WANS for failover 13 1 IPsec VPN Settings Many Pepwave products can make multiple IPsec VPN connections with Peplink Pepwave Cisco and Juniper routers Note that all LAN subnets and the subnets behind them must be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN with a selection of encryption standards such as 3DES AES 128 and AES 256 To configure IPsec VPN on Pepwave devices that Support it navigate to Advanced gt I Psec VPN NAT Traversal Enabled IPsec VPN Profiles Remote Networks No IPsec VPN Profile Defined 00O Pepwave MAX IPsec only supports network to network connection with Cisco Juniper or Pepwave MAX devices A NAT Traversal option and list of defined IPsec VPN profiles will be shown NAT Traversal should be enabled if your system is behind a NAT router Click the New Profile button to create new IPsec VPN profiles that make VPN connections to remote Pepwave Cisco or Juniper routers via available WAN connections To edit any of the profiles click on its associated connection name in the leftmost column IPsec VPN Profile Pepwave MAX and Surf User Manual Subnet Mask 255 255 255 0 24 Main Mode All WANs need to have Static IP Aggressive Mode Group 2 MODP 1024 Group 5 MODP 1536 seconds Default Group 2 MODP 1024 Group 5 MODP 1536 Name This field is for specifying a local name to represent this connection pro
58. and the following menu will appear Send All Traffic Send All Traffic To V VPN Connection 2 DNS Server 135 36 14 0 You could also specify a DNS server to resolve incoming DNS requests Outbound Policy PepVPN Outbound Custom Rules Some models allow you to set outbound policy and custom outbound rules from Advanced PepVPN See Section 14 for more information on outbound policy settings Pepwave MAX and Surf User Manual Destinaton Auto Add Rule PepVPN Local ID O MAX_HD2_8D1C Le PepVPN Local ID The local ID is a text string to identify this local unit when establishing a VPN connection When creating a profile on a remote unit this local ID must be entered in the remote unit s Remote ID field Click the icon to edit Local ID PepVPN Settings Default Custom High firmware 5 3 Latest firmware 6 2 Recommended Approx 15 secs Fast Approx 6 secs Faster Approx 2 secs Extreme Under 1 sec h checks and higher bandwidth overhead PepVPN Settings Handshake To designate a custom handshake port TCP click the custom radio button and enter the Port port number you wish to designate Backward Determine the level of backward compatibility needed for Pep VPN tunnels The use of the TT Latest setting is recommended as it will improve the performance and resilience of Compatibility SpeedFusion connections The bonded VPN can detect routing failures on
59. ar Settings By default the MAX router will automatically choose a network to connect to If you wish to use only certain networks click the o button beside the menu item This drop down menu allows restricting cellular to particular band Click the d button to enable the selection of specific bands Choose from PAP Only or CHAP Only to use those authentication methods exclusively Select Auto to automatically choose an authentication method This checkbox enables data roaming on this particular SIM card Please check your service provider s data roaming policy before proceeding This setting applies to 3G EDGE GPRS modems only It does not apply to EVDO EVDO Rev A modems This allows you to configure the APN settings of your connection If Auto is selected the mobile operator should be detected automatically The connected device will be configured and connection will be made automatically If there is any difficulty in making connection you may select Custom to enter your carrier s APN Login Password and Dial Number settings manually The correct values can be obtained from your carrier The default Pepwave MAX and Surf User Manual and recommended setting is Auto APN Login when Auto is selected the information in these fields will be filled automatically Select Password Custom to customize these parameters The parameter values are determined by and can be SIM PIN obtained from the ISP Bandwidth Check the box En
60. ation will be applied to the traffic routed Routing Mode over this WAN connection IP Forwarding is available when you click the link in the help text IP Address Subnet Enter the WAN IP address and subnet mask as well as the IP address of the default Mask Default gateway in these fields Gateway Hostname Enter a hostname for this WAN port if needed DNS Servers Select a DNS server for this port to use This port can either be automatically selected or manually designated Pepwave MAX and Surf User Manual Remain connected Disconnect E Gbps widt 2 IE Gbps Host Use first two DNS servers as PING Hosts OE OE WAN Port Section 2 This setting specifies the standby state of the WAN connection The available options are Standby State Remain connected and Disconnect The default state is Remain Connected Upstream This setting specifies the data bandwidth in the outbound direction from the LAN through the Bandwidth WAN interface This setting specifies the data bandwidth in the inbound direction from the WAN interface to Downstream the LAN This value is referenced as the default weight value when using the algorithm Bandwidth Least Used or the algorithm Persistence Auto in outbound policy with Managed by Custom Rules chosen see Section 14 2 This setting specifies the health check method for the WAN connection The value of method Health Check Method can be configured as Disabled Ping DNS
61. be enabled on one of the available Ethernet WAN ports On this screen you can choose which WAN will support IPv6 To enable IPv6 support on a WAN the WAN router must respond to stateless address auto configuration advertisements and DHCPv6 requests IPv6 clients on the LAN will acquire their IPv6 gateway and DNS server addresses from it The device will also acquire an IPv6 address for performing ping traceroute checks and accepting web admin accesses Note This feature is only available on the Pepwave MAX 700 HD2 and HD2 IP67 IPv6 9 1 1 DHCP Connection There are four possible connection methods 1 DHCP 2 Static IP 3 PPPoE 4 L2TP The DHCP connection method is suitable if the ISP provides an IP address automatically using DHCP e g satellite modem WiMAX modem cable Metro Ethernet etc Ts OOS N ees Obtain DNS server address automatically 10 88 3 1 Use the following DNS server address es DNS Server 1 DNS Server 2 DHCP Connection Settings NAT allows substituting the real address in a packet with a mapped address that is Routing Mode routable on the destination network By clicking the help icon in this field you can display the IP Forwarding option if your network requires it IP Address Subnet Mask This information is obtained from the ISP automatically Default Gateway Pepwave MAX and Surf User Manual Hostname If your service provider s DHCP server requires you to supply a host
62. ble Check Enable and then optionally select the LANs VLANs that will use the captive portal Hostname To customize the portal s form submission and redirection URL enter a new URL in this field To reset the URL to factory settings click Default Access Mode Click Open Access to allow clients to freely access your router Click User Authentication to force your clients to authenticate before accessing your router This authenticates your clients through a RADIUS server After selecting this option you will see the following fields RADIUS Server Y Se II Fill in the necessary information to complete your connection to the server and enable authentication RADIUS Server This authenticates your clients through a LDAP server Upon selecting this option you will see the following fields EEN OG EE Port 389 Default LDAP Server C Use DN Password to bind to LDAP Server Fill in the necessary information to complete your connection to the server and enable authentication Pepwave MAX and Surf User Manual Access Set a time and data cap to each user s Internet usage Quota P 9 This menu determines how your usage quota resets Setting it to Daily will reset it at a Quota Reset specified time every day Setting a number of minutes after quota reached establish a Time timer for each user that begins after the quota has been reached Allowed To whitelist a network enter the domain name IP address here an
63. cally or select A Data Rate Fixed and choose a rate from the displayed drop down menu Multicast Filter This setting enables the filtering of multicast network traffic to the wireless SSID This setting specifies the transmit rate to be used for sending multicast network traffic The selected Protocol and Channel Bonding settings will affect the rate Multicast Rate Pepwave MAX and Surf User Manual options and values available here A To allow the Pepwave router to listen to internet group management protocol IGMP IGMP Snooping network traffic select this option l If you use a distributed DHCP server relay environment you can enable this option to DHCP Option 82 provide additional information on the manner in which clients are physically connected to the network Network Priority Select from Gold Silver and Bronze to control the QoS priority of this wireless QoS network s traffic Layer 2 refers to the second layer in the ISO Open System Interconnect model When this option is enabled clients on the same VLAN SSID or subnet are isolated to that VLAN SSID or subnet which can enhance security Traffic is passed to upper communication layer s By default the setting is disabled Layer 2 Isolation Band steering allows the Pepwave router to steer AP clients from the 2 4GHz band to the 5GHz band for better usage of bandwidth To make steering mandatory select Enforce To cause the Pepwa
64. canning based on the scheduled time set and choose the most suitable channel automatically 2 4 GHz Protocol This section displays the 2 4GHz protocols your APs are using 2 4 GHz Channel There are three options 20 MHz 20 40 MHz and 40 MHz With this feature enabled the j Wi Fi system can use two channels at once Using two channels improves the performance of the Wi Fi connection Bonding This drop down menu selects the 802 11 channel to be utilized Available options are from 1 to 11 and from 1 to 13 for the North America region and Europe region 2 4 GHz Channel respectively Channel 14 is only available when the country is selected as Japan with protocol 802 11b If Auto is set the system will perform channel scanning based on the scheduled time set and choose the most suitable channel automatically This field specifies the VLAN ID to tag to management traffic such as AP to AP Management controller communication traffic The value is 0 by default meaning that no VLAN tagging VLAN ID will be applied NOTE change this value with caution as alterations may result in loss of connection to the AP controller With this option enabled the AP under this profile will transmit using additional power Power Boost Please note that using this option with several APs in close proximity will lead to increased interference This drop down menu determines the power at which the AP under this profile will broadcast When fixed settings are se
65. ce IP Interface IP Mobile Internet Interface IP Username Password admin Remote User Access Settings Enable Click the checkbox to enable Remote User Access VPN T Determine whether remote devices can connect to the Balance using L2TP with IPsec or ype PPTP For greater security we recommend you connect using L2TP with IPsec Enter your preshared key in the text field Please note that remote devices will need this preshared key to access the Balance Preshared Key This setting is for specifying the WAN IP addresses where the PPTP server of the router Listen On should listen on This setting allows you to define the PPTP User Accounts Click Add to input username and password to create an account After adding the user accounts you can click ona username to edit the account password Click the button X to delete the account in its User Accounts COesponding row Click the o button to switch to enters user accounts by pasting the information in CSV format Pepwave MAX and Surf User Manual Miscellaneous Settings The miscellaneous settings include configuration for high availability PPTP server service forwarding and service passthrough 18 5 High Availability Many Pepwave routers support high availability HA configurations via an open standard virtual router redundancy protocol VRRP RFC 3768 In an HA configuration two Pepwave routers provide redundancy and failover in a master sla
66. ce types Type TAIP ID for sending the data PV Position Velocity Solution and CP Compact Velocity optional Solution You can also optionally include an ID number in the TAIP ID field Pepwave MAX and Surf User Manual 19 AP Controller The AP controller acts as a centralized controller of Pepwave AP devices With this feature users can customize and manage multiple APs from a single Pepwave router interface Special Note Each Pepwave router can control a limited number of routers without additional cost To manage more a Full Edition license is required Please contact your Authorized Reseller or the Peplink Sales Team for more information and pricing details To configure navigate to the AP tab 19 1 Wireless SSID This menu is the first one that appears after clicking the AP tab This screen can also be reached by clicking AP gt Wireless SSID Note the appearance of this screen varies by model AP Controller Any Approved List One serial number per line AP Controller The AP controller for managing Pepwave APs can be enabled by checking this box When this option is enabled the AP controller will wait for management connections originating from AP APs over the LAN on TCP and UDP port 11753 It will also wait for captive portal connections Management on TCP port 443 An extended DHCP option CAPWAP Access Controller addresses field 138 will be added to the DHCP server A local DNS record AP Contr
67. ck to the client Select Enable if you want to enable TFTP passthrough support This field is for enabling the support of IPsec NAT T passthrough UDP ports 500 4500 IPsec NAT T and 10000 are monitored by default You may add more custom data ports that your IPsec system uses by checking Define custom ports If the VPN contains IPsec site to Pepwave MAX and Surf User Manual site VPN traffic check Route IPsec Site to Site VPN and choose the WAN connection to route the traffic to 18 10 GPS Forwarding Using the GPS forwarding feature some Pepwave routers can automatically send GPS reports to a specified server To set up GPS forwarding navigate to Advanced gt GPS Forwarding GPS Forwarding Server IF Address Host Name Report Interval Pde El a seconats JE GPRMC IF GPGGA F GPVTG I GPGSA I GPGSV GPS Forwarding Enable Check this box to turn on GPS forwarding Enter the name IP address of the server that will receive GPS data Also specify a port Server number protocol UDP or TCP and a report interval of between 1 and 10 seconds Click N to save these settings GPS Report Choose from NMEA or TAIP format for sending GPS reports Format NMEA Sentence if you ve chosen to send GPS reports in NMEA format select one or more sentence Type types for sending the data GPRMC GPGGA GPVTG GPGSA and GPGSV TAIP Sentence if you ve chosen to send GPS reports in TAIP format select one or more senten
68. connects your Pepwave router to another Pepwave or Peplink device Peplink Balance 210 310 380 580 710 1350 only Data voice or video communications between these locations are kept confidential across the public Internet Bandwidth bonding SpeedFusion is specifically designed for multi WAN environments Pepwave routers can aggregate all WAN connections bandwidth for routing SpeedFusion traffic Unless all the WAN connections of one site are down Pepwave routers can keep the VPN up and running VPN bandwidth bonding is supported in Firmware 5 1 or above All available bandwidth will be utilized to establish the VPN tunnel and all traffic will be load balanced at packet level across all links VPN bandwidth bonding is enabled by default 12 1 PepVPN To configure PepVPN and SpeedFusion navigate to Advanced gt SpeedFusion or Advanced gt PepVPN PepVPN with SpeedFusion InControl management enabled Settings can now be configured on InControl Remote ID Remote Address es New Profile Send All Traffic To No PepVPN profile selected Fi PepVPN Recommended Approx 15 secs Fast Approx 6 secs Faster Approx 2 secs J Extreme Under 1 sec Shorter detection time incurs more health checks and higher bandwidth overheac Pepwave MAX and Surf User Manual The local LAN subnet and subnets behind the LAN defined under Static Route on the LAN settings page will be advertised to the VPN All VPN member
69. cscececs 90 14 1 OUBOUKE POLICY su crea caste oe DS ee Ge ee ee can GE RE EE ee 90 14 2 CUSTOM RULES FOR OUTBOUND POLICY ccceccecececcecececcecececcccececeacececeacececeacececeacecees 91 15 INBOUND ACCESS sede DEd OES bi Ge GE be See Ge GN DE Ge OE Ge DE be SE Ge OG Ge DE Ge OE ere 100 15 1 PORT FORWARDING SERVICE iese see see ie SG ee Ge Ge ee ee ee ee ee NG Ge ee Ge ee eN se Ge oe Ge eed 100 16 NAT MAPPINGS cccccccccccccccsccccscncsscccccsecccscncsscccccsecccncncsscccccsecccncncsscecccsecccsencsscecseseccsses 103 17 OOS 105 47 1 EEERGROUPS ene ie ee ER EG Ge GE 105 17 2 BANBDWIDTHGEONTROI iese GE n ese we oe ee ee ee Ge Ge ee Ge Ee Go 106 AS ie ide EG EE EE EE OE EE EE NE OE EE 106 bod FIREWALLE EER EE E EE ETE EE EE EE EA OE NG EE 108 18 1 OUTBOUND AND INBOUND FIREWALL RULES ee ese ee ee ese ee ee ese ee ee ese ee ee ee ee ee ee ae ee ea ee ee 108 ja WEBBLOERNG RD NAE ee ee E ee ne GO ee EE Oe IE 113 183 OSEF ES RIPVI DEE IG ee ee Ge ER EE ee ie 113 124 REMGOTE LSERACCESS ee ees ee Ee Se SG ES ee Ge ee es ER De Ge Ge Se Ge ee Ge Gee Ee ie Ee de 115 MISCELLANEOUS SETTINGS essssssssssocssssssssssocssssssssssecssssosssssecesososssssseessssssssssoessssssssssessso 117 18 5 EIGHAVAIABIEIDE oes ed Ge Ge Ge oe ee Ge Ge Ge Ge Ge Ee Gee Ge N ee be ee Ge 117 1a 6 PPIESERVER oos AE sede oe ee eo SE ee GE ee ee EO ee Ee Ge ooi 120 18 7 CERTIFICATE MANAGER oe Ee ee ee Ee EG GE ac ee Ee Ge n Ee eo GEE EE san Ede RE ee ee 121 jas
70. ction health check e Dynamic DNS supported service providers changeip com dyndns org no ID org t20 com and DNS O Matic e Ping DNS lookup and HT TP based health check 3 1 2 LAN e Wi Fi AP e Ethernet LAN ports e DHCP server on LAN e Extended DHCP option support e Static routing rules e VLAN on LAN support 3 1 3 VPN e PepVPN with SpeedFusion e PepVPN performance analyzer e xX 509 certificate support e VPN load balancing and failover among selected WAN connections Pepwave MAX and Surf User Manual Bandwidth bonding and failover among selected WAN connections IPsec VPN for network to network connections works with Cisco and Juniper only Ability to route Internet traffic to a remote VPN peer Optional pre shared key setting SpeedFusion throughput ping and traceroute tests PPTP server PPTP and IPsec passthrough Firewall Outbound LAN to WAN firewall rules Inbound WAN to LAN firewall rules per WAN connection Intrusion detection and prevention Specification of NAT mappings Outbound firewall rules can be defined by destination domain name Captive Portal Splash screen of open networks login page for secure networks Customizable built in captive portal Supports linking to outside page for captive portal Outbound Policy Link load distribution per TCP UDP service Persistent routing for specified source and or destination IP addresses per TCP UDP service Traffic prioritization and DSL opti
71. d 14 2 6 Algorithm Least Used rd Least Used 7 WAN 1 WAN 2 Wi Fi WAN Cellular 1 Cellular 2 USB The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the most available download bandwidth The available download bandwidth of a WAN connection is calculated from the total download bandwidth specified on the WAN settings page and the current download usage The available bandwidth and WAN selection is determined every time an IP session is made 14 2 7 Algorithm Lowest Latency D Lowest Latency T B Note Use of Lowest Latency will incur additional network usage WAN 1 WAN 2 Wi Fi WAN Cellular 1 Cellular 2 USB The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the lowest latency Latency checking packets are issued periodically to a nearby router of each WAN connection to determine its latency value The latency of a WAN is the packet round trip time of the WAN connection Additional network usage may be incurred as a result Tip The roundtrip time of a 6M down 640k uplink can be higher than that of a 2M down 2M up link because the overall round trip time is lengthened by its slower upload bandwidth despite its higher downlink speed Therefore this algorithm is good for two scenarios e All WAN connections are symmetric or e A latency sensitive application mus
72. d Reload SIM Details T2 No SIM Card Detected Reload SIM Details Priority 3 Disabled Disabled Details LAN Interface Router IP Address 192 168 50 1 Wi Fi AP a amp PEPWAVE_8D1C C Device Information Pepwave MAX HD2 6 2 0 build 2891 1 day 16 hours 35 minutes 12 Throughput 0 0 Mbps 0 1 Mbps The Dashboard shows current WAN LAN and Wi Fi AP statuses Here you can change WAN connection priority and switch on off the Wi Fi AP For further information on setting up these connections please refer to Sections 8 and 9 Device Information displays details about the device including model name firmware version and uptime For further information please refer to Section 22 Pepwave MAX and Surf User Manual Important Note Configuration changes e g WAN LAN admin settings etc will take effect only after clicking the Save button at the bottom of each page The Apply Changes button causes the changes to be saved and applied Pepwave MAX and Surf User Manual 8 Configuring the LAN Interface s 8 1 Basic Settings LAN interface settings are located at Network gt LAN gt Basic Settings 9 IP Settings IP Address The IP address and subnet mask of the Pepwave router on the LAN Network Settings 9 Name NEEEEEEEEEEEEEEEEEEEEEEENEEEEEEEEEEEEEEEEEEEE WD EEE Inter viAN routing Po Captive Portai EE Network Settings Name Enter a name for the LAN VLAN ID Ent
73. d click TO Networks delete an existing network from the list of allowed networks click the X putton next to the listing Here you can choose between using the Pepwave router s built in captive portal and redirecting clients to a URL you define Splash Page The Portal Customization menu has two options Preview and Clicking Preview displays a pop up previewing the captive portal that your clients will see Clicking displays the following menu Portal Customization No image Use default Logo Image Choose File No file chosen NOTE Size max 512KB Supported images types JPEG PNG and GIF 4 http Pepwave MAX and Surf User Manual Portal Customization Logo Click the Choose File button to select a logo to use for the built in portal Image j Message If you have any additional messages for your users enter them in this field Terms amp If you would like to use your own set of terms and conditions please enter them here If Conditions left empty the built in portal will display the default terms and conditions Custom Landing Fill in this field to redirect clients to an external URL Page 9 Configuring the WAN Interface s WAN Interface settings are located at Network gt WAN To reorder WAN priority drag on the appropriate WAN by holding the left mouse button move it to the desired priority the first one would be the highest priority the second one would be lower priority and SO on a
74. dFusion connection The traceroute test utility is located at System gt Tools gt Traceroute WAN 1 64 233 189 99 A system administrator can use the traceroute utility to analyze the connection path of a LAN WAN connection 20 13 PepVPN Test The PepVPN Test tool can help to test the throughput between different VPN peers You can define the Test Type Direction and Duration of the test and press Go to perform the throughput test The VPN test utility is located at System gt Tools gt PepVPN Test illustrated as follows Pepwave MAX and Surf User Manual PepVPN Throughput Test va EET N var 01 cowed EN 20 14 CLI Command Line Interface Support The CLI command line interface can be accessed via SSH This field enables CLI support The below settings specify which TCP port and which interface s should accept remote SSH CLI access The user name and password used for remote SSH CLI access are the same as those used for web admin access Pepwave MAX and Surf User Manual 21 Status 21 1 Device System information is located at Status gt Device System Information MAX_HD2_8D1C Pepwave MAX HD2 2830 A48A 8D1C 6 2 0 build 2891 1017 Modem Support List max hd2 8dic 7 days 50 minutes Mon Feb 23 11 14 13 WET 2015 Download Turn on System Information Router Name This is the name specified in the Router Name field located at System gt Admin Security Model This sho
75. ders e changeip com Dynamic DNS e dyndns org Service omer Provider e tzo com e DNS O Matic Select Disabled to disable this feature See Section 9 5 for configuration details Bandwidth This option enables bandwidth usage monitoring on this WAN connection for each billing Allowance cycle When this setting is not enabled each month s bandwidth usage is tracked but no Monitor action will be taken This setting specifies port soeed and duplex configurations of the WAN port By default Auto is selected and the appropriate data speed is automatically detected by the Pepwave Port Speed router In the event of negotiation issues the port soeed can be manually specified You can also choose whether or not to advertise the speed to the peer by selecting the Advertise Speed checkbox This setting specifies the maximum transmission unit By default MTU is set to Custom MTU 1440 You may adjust the MTU value by editing the text field Click Default to restore the default MTU value Select Auto and the appropriate MTU value will be automatically detected Auto detection will run each time the WAN connection establishes Pepwave MAX and Surf User Manual Auto Custom Value lloo ia pp Bp 54 41 Default m cme G T VAN D IP Address Subnet Mask 255 255 255 0 24 Delete WAN Port Section 4 This setting should be configured based on the maximum payload size tha
76. dresses and names of WINS clients This option will only be available when you have enabled the WINS server navigation Network gt interfaces gt LAN The names of clients retrieved will be automatically matched into the Client List see previous section Click Flush All to flush all WINS client records WINS Client List _ Flush All Pepwave MAX and Surf User Manual 21 5 UPnP NAT PMP The table that shows the forwarded ports under UPnP and NAT PMP protocols is located at Status gt UPnP NAT PMP This section appears only if you have enabled UPnP NAT PMP as mentioned in Section 15 1 1 Forwarded Ports 3392 192 166 1 100 UPnP Application 031 11765 192 168 1 50 NAT PMP NAT PMP 58 3560 192 166 1 20 UPnP Application 013 256 192 166 1 30 UPnP Application 047 6945 192 168 1 70 NAT FMF NAT PMP 97 27549 192 168 1 40 UPnP Application 004 _Delete All Click to delete a single UPnP NAT PMP record in its corresponding row To delete all records click Delete All on the right hand side below the table Important Note UPnP NAT PMP records will be deleted immediately after clicking the button _ or Delete All without the need to click Save or Confirm 21 6 SpeedFusion Status Current SoeedFusion status information is located at Status gt SpeedFusion Details about SoeedFusion connection peers appears as below PepVPN with SpeedFusion Remote Peer Details E show disconnected pro
77. e 1S500 Default Wi Fi Connection Settings WAN Connection Enter a name to represent this WAN connection Name This setting specifies the state of the WAN connection while in standby The available Standby State options are Remain Connected hot standby and Disconnect cold standby This setting specifies the maximum transmission unit By default MTU is set to Custom MTU 1440 You may adjust the MTU value by editing the text field Click Default to restore the default MTU value Select Auto and the appropriate MTU value will be automatically detected The auto detection will run each time the WAN connection establishes Reply to ICMP ifthis setting is disabled the WAN connection will not respond to ICMP ping requests By PING default this setting is enabled Wi Fi WAN Settings 7 Wi Fi WAN Settings Determine whether the channel will be automatically selected If you select custom the following table will appear Scan Channels Channel Selection OK Cancel Pepwave MAX and Surf User Manual Roaming Checking this box will enable Wi Fi roaming Click the icon for additional options aa Thi ion i ify whether the Wi Fi WAN will d Any Open B Wane to specify whether the Wi Fi will connect to any open mode access Mode AP Bandwidth Allowance Monitor Email notification is currently disabled You can get notified when usage hits 75 95 of monthly allowance by enabling Email Notification Discon
78. e DNS proxy server will also forward DNS Include Google Public requests to Google s Public DNS Servers in addition to the DNS servers defined DNS Servers in each WAN This could increase the DNS service s availability This setting is disabled by default This table is for defining custom local DNS records A static local DNS record consists of a host name and IP address When looking up the host name from the Local DNS Records LAN to LAN IP of the Pepwave router the corresponding IP address will be returned Press to create anew record Press M to remove a record Check the box to enable the WINS server A list of WINS clients will be displayed at Network gt LAN gt DNS Proxy Settings gt DNS Resolvers This field specifies which DNS resolvers will receive forwarded DNS requests If no WAN VPN LAN A DNS resolver is selected all of the WAN s DNS resolvers will be selected DNS Resolvers If a SoeedFusion peer is selected you may enter the VPN peer s DNS resolver IP address es Queries will be forwarded to the selected connections resolvers If all of the selected connections are down queries will be forwarded to all resolvers on healthy WAN connections A Advanced feature please click the button on the top right hand corner to activate Finally if needed configure Bonjour forwarding Apple s zero configuration networking Pepwave MAX and Surf User Manual Enable Bonjour Service Bonjour Forwa
79. e ee Ge oe OR Ee ER Ee De GE EE be EE ee EG ER ee 48 9 2 BAIR VAI AN eE E EEEE EEEE 56 9 3 UR SA EE EE A A EAEE AAA OEE 61 9 4 WAN HEALTHC HECK AE EE EEEO EE E EEE ETE 68 Pepwave MAX and Surf User Manual 9 5 DYNAMIC DNS SETTINGS esse is eie ee Ee ee GE N GE GE ei GE ee GE GE GE EG GE 70 10 ADVANCED WI FI SETTINGS osse ss Ses sie Ge se Ge we od ed ed ee Ge Se ee Ge Ge Ne Ge ea ee Ge Ge ke re bg Ge Ge Ga di 72 11 MEDIAFAST CONFIGURATION cccccccccsecccsevccccccveccccsevecsccesscccsesesccsevesscceseseccesevesscces 75 11 1 SETTING UP MEDIAFAST CONTENT CACHING cececcccecececcecececcacececcacececcacececeucesecenceseuees 15 11 2 SCHEDULING CONTENT PREFETCHING cccccececcccccecsccecececcecececcacececeacececeacececeaceceueacenees 76 11 3 VIEWING MEDIAFAST STATISTICS cccecececcecsceccacececcccececcacececeacececeacececeacececeaceceueacecees 71 12 BANDWIDTH BONDING SPEEDFUSION PEPVPN ccccsccesccscceccecccsccsccecceccceccecceccens 78 2a EE EE EE turscattn gedaan ETE 78 12 2 THE PEPWAVE ROUTER BEHIND A NAT ROUTER ccccscecseccccecscccceacecesceacsceaceceaceceeceacess 84 12 3 SPEEDFUSION STATUS ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee 85 1i AR N RO TE OE ER OR OT EO EE OR EE EO EE AO 86 13 4 PSEC GPOSEFTINGS sees boo ee ee Ie io eo Ee oe Ge Ge Ge ee De GE 86 14 OUTBOUND POLICY MANAGEMENT cccccccccccccccccccccccccccccccccccccccccccccccccscccccccec
80. ecified WAN connection regardless of the health check status of the WAN connection Starting from Firmware 5 2 outbound traffic can be enforced to go through a specified SoeedFusion connection 14 2 4 Algorithm Priority This setting specifies the priority of the WAN connections used to route the specified network service The highest priority WAN connection available will always be used for routing the specified type of traffic A lower priority WAN connection will be used only when all higher priority connections have become unavailable T Hot In Use WAN WAN 1 VPN Connection 1 WAN WAN 2 WAN Wi Fi WAN WAN Cellular 1 WAN Cellular 2 WAN USB starting from Firmware 5 2 outbound traffic can be prioritized to go through SpeedFusion connection s By default VPN connections are not included in the priority list Configure multiple distribution rules to accommodate different kinds of services 14 2 5 Algorithm Overflow The traffic matching this rule will be routed through the healthy WAN connection that has the highest priority and is not in full load When this connection gets saturated new sessions will be routed to the next healthy WAN connection that is not in full load Pepwave MAX and Surf User Manual dl Overflow h WAN Wi Fi WAN Drag and drop to specify the order of WAN connections to be used for routing traffic Only the highest priority healthy connection that is not in full load will be use
81. ection with reference to the outbound policy and then forward them to the specified web proxy server and port number Redirected server settings for each WAN can be set here If forwarding is disabled for a WAN web proxy connections for the WAN will be simply forwarded to the connection s original destination 18 8 3 DNS Forwarding DNS Forwarding Setup D ri e Le When DNS forwarding is enabled all clients outgoing DNS requests will also be intercepted and forwarded to the built in DNS proxy server 18 8 4 Custom Service Forwarding Custom Service Forwarding Setup ee ma ET EE T After clicking the enable checkbox enter your TGP port for traific heading to the router and then specify the IP Address and Port of the server you wish to forward to the service to Pepwave MAX and Surf User Manual 18 9 Service Passthrough Service passthrough settings can be found at Advanced gt Misc Settings gt Service Passthrough Service Passthrough Support 13 Standard Mode Compatibility Mode Define custom signal ports i 2 J C e evar E Define custom control ports 1 2 J 2 Enable T Define custom ports 1 2 3 Route IPsec Site to Site VPN via WAN 1 Registered trademarks are copyrighted by their respective owner some Internet services need to be specially handled in a multi WAN environment Pepwave routers can handle these services such that Internet applications do not notice being behind a mu
82. ensure that the most recent download took as long as expected to complete A value that is too low might indicate an incomplete download or incorrectly specified download target while a value that is too long could mean a download with an incorrectly specified target or stop time Last Duration Result This field indicates whether downloads are in progress Z or complete Check this field to ensure that the most recent download file size is within the expected range A value that is too low might indicate an incomplete download or incorrectly specified Last Download download target while a value that is too long could mean a download with an incorrectly specified target or stop time This field is also useful for quickly seeing which downloads are consuming the most storage space To begin a scheduled download immediately click To cancel a scheduled download click B Actions z To edit a scheduled download click l To delete a scheduled download click x New Schedule To begin creating a new scheduled download click this button Pepwave MAX and Surf User Manual Clear Web To clear all cached content click this button Note that this action cannot be undone Cache Clear Statistics To clear all prefetch and status page statistics click this button 11 3 Viewing MediaFast Statistics To get details on storage and bandwidth usage select Status gt MediaFast Tue Feb 17 15 35 00 162 10 GB free Total 238
83. er NAT network address translation or IP Forwarding Click the button to enable IP forwarding Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS servers assigned DNS Servers by the PPPoE server to be used for outbound DNS lookups over the WAN connection The DNS servers are obtained along with the WAN IP address assigned from the PPPoE server When Use the following DNS server address es is selected you can enter custom DNS server addresses for this WAN connection into the DNS server 1 and DNS server 2 fields Pepwave MAX and Surf User Manual Cellular Settings Network Selection 3G 2G Authentication Data Roaming Operator Settings WCDMA HSDPA HSUPA HSPA 800 MHz WCDMA HSDPA HSUPA HSPA 850 MHz WCDMA HSDPA HSUPA HSPA 900 MHz WCDMA HSDPA HSUPA HSPA 1700 MHz WCDMA HSDPA HSUPA HSPA 1900 MHz WCDMA HSDPA HSUPA HSPA 2100 MHz GSM GPRS EDGE 850 MHz GSM GPRS EDGE 900 MHz GSM GPRS EDGE 1800 MHz GSM GPRS EDGE 1900 MHz Auto Custom id cll cll Enable Email notification is currently disabled You can get notified when usage hits 13 95 of monthly allowance by enabling Email Notification Cellul
84. er a number for your VLAN Inter VLAN Check this box to enable routing between virtual LANs routing Captive Portal Check this box to turn on captive portals Pepwave MAX and Surf User Manual Enable WAN Default Gateway DI Ihave other host s on WAN segment _ Host IP Address es WAN DNS Servers DNS server 1 DNS server 2 NOTE The DHCP Server Settings will be overwritten The following WAN 1 settings will be overwritten Connection Method MTU Health Check Additional Public IP and Dynamic DNS Settings The PPTP Server will be disabled Tip please review the DNS Forwarding setting under the Service Forwarding section Pepwave MAX and Surf User Manual Drop in Mode Settings Drop in mode eases the installation of Peplink routers on a live network between the Enable existing firewall and router such that no configuration changes are required on existing equipment Check the box to enable the drop in mode feature if available on your model WAN for Drop Select the WAN port to be used for drop in mode If WAN 1 with LAN Bypass is selected In Mode the high availability feature will be disabled automatically When this option is enabled the passthrough IP address will be used to connect to WAN hosts email notification remote syslog etc The Pepwave router will listen for this IP address when WAN hosts acces
85. er the required information in these fields in order to connect via L2TP to your ISP Name The parameter values are determined by and can be obtained from your ISP Password Confirm L2TP Verify your password by entering it again in this field Password OE d N Server IP L2TP server address is a parameter which is provided by your ISP Address Host Note Leave this field blank unless it is provided by your ISP Your ISP will also indicate whether the server IP address is Dynamic or Static Please click the appropriate value Address Type Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS servers assigned DNS Servers by the PPPoE server to be used for outbound DNS lookups over the WAN connection The DNS servers are obtained along with the WAN IP address assigned from the PPPoE server When Use the following DNS server address es is selected you can enter custom DNS server addresses for this WAN connection into the DNS server 1 and DNS server 2 fields Pepwave MAX and Surf User Manual 9 2 Cellular WAN WAN Connection Status Priority 1 Highest Connected Details Connected Details No SIM Card Detected Reload SIM Details O No SIM Card Detected Reload SIM Details Disabled O Disabled Deta
86. ervice providers e changeip com i e dyndns org Dynamic DNS e no ip org e tzo com e DNS O Matic Select Disabled to disable this feature Account Name This setting specifies the registered user name for the dynamic DNS service Pepwave MAX and Surf User Manual Email Address Password TZO Key This setting specifies the password for the dynamic DNS service This field allows you to specify a list of host names or domains to be associated with Hosts Domain the public Internet IP address of the WAN connection If you need to enter more than one host use a carriage return to separate them Important Note In order to use dynamic DNS services appropriate host name registration s and a valid account with a supported dynamic DNS service provider are required A dynamic DNS update is performed whenever a WAN s IP address changes e g the IP is changed after a DHCP IP refresh reconnection etc Due to dynamic DNS service providers policy a dynamic DNS host will automatically expire if the host record has not been updated for a long time Therefore the Pepwave router performs an update every 23 days even if a WAN s IP address has not changed Pepwave MAX and Surf User Manual 10 Advanced Wi Fi Settings Wi Fi settings can be configured at Advanced gt Wi Fi Settings or AP gt Settings on some models Note that menus displayed can vary by model Wi Fi Radio Settings Wi Fi Radio Settings T
87. es of user accounts available for accessing the web admin admin and user They represent two user levels the admin level has full administration access while the user level is read only The user level can access only the device s status information users cannot make any changes on the device Admin account Ul User account UI A web login session will be logged out automatically when it has been idle longer than the Web Session Timeout Before the session expires you may click the Logout button in the web admin to exit the session 0 hours 0 minutes signifies an unlimited session time This setting should be used only in special situations as it will lower the system security level if users do not log out before closing the browser The default is 4 hours O minutes For security reasons after logging in to the web admin Interface for the first time it is recommended to change the administrator password Configuring the administration interface to be accessible only from the LAN can further improve system security Administrative settings configuration is located at System gt Admin Security Pepwave MAX and Surf User Manual Router Name Admin User Name Admin Password Confirm Admin Password Read only User Name User Password Confirm User Password Web Session Timeout MAX_BR1_710D hostname max bri 710d admin ty Hours 0 Minutes Hide Characters Hide Charac
88. estination 2 EI WAN 1 10 WAN 2 10 Wi Fi WAN 10 Cellular 1 10 Cellular 2 10 USB 10 There are two persistent modes By Source and By Destination By Source The same WAN connection will be used for traffic matching the rule and originating from the same machine regardless of its destination This option will provide the highest level of application compatibility By Destination The same WAN connection will be used for traffic matching the rule originating from the same machine and going to the same destination This option can better distribute loads to WAN connections when there are only a few client machines The default mode is By Source When there are multiple client requests they can be distributed persistently to WAN connections with a weight If you choose Auto in Load Distribution the weights will be automatically adjusted according to each WAN s Downstream Bandwidth which is specified in the WAN settings page If you choose Custom you can customize the weight of each WAN manually by using the sliders Pepwave MAX and Surf User Manual 14 2 3 Algorithm Enforced This setting specifies the WAN connection usage to be applied on the specified IP protocol and port This setting is applicable only when Algorithm is set to Enforced g EI wan WAN 1 a WAN WAN 1 WAN 2 Wi Fi WAN Cellular 1 Save Cancel Cellular 2 USB VPN Connection 1 Matching traffic will be routed through the sp
89. f URL2 is also provided a health check will pass if either one of the tests passed Pepwave MAX and Surf User Manual Other Health Check Settings 2 5 second s 2 5 Y second s This setting specifies the timeout in seconds for ping DNS lookup requests The default Timeout timeout is 5 seconds Health Check This setting specifies the time interval in seconds between ping or DNS lookup requests Interval The default health check interval is 5 seconds This setting specifies the number of consecutive ping DNS lookup timeouts after which the Health Check Peplink Balance will treat the corresponding WAN connection as down Default health Retries retries is set to 3 Using the default Health Retries setting of 3 the corresponding WAN connection will be treated as down after three consecutive timeouts This setting specifies the number of consecutive successful ping DNS lookup responses Recovery that must be received before the Peplink Balance treats a previously down WAN connection i as up again By default Recover Retries is set to 3 Using the default setting a WAN Retries connection that is treated as down will be considered as up again upon receiving three consecutive successful ping DNS lookup responses Dynamic DNS Settings Dynamic DNS Settings This setting specifies the dynamic DNS service provider to be used for the WAN Supported providers are e changeip com Service Provider net e no ip org e tzo co
90. f User Manual Failed to receive DNS response from the health check DNS servers for WAN connection 3 But public DNS server lookup test via the WAN passed So please check the DNS server settings 9 5 Dynamic DNS Settings Pepwave routers are capable of registering the domain name relationships to dynamic DNS service providers Through registration with dynamic DNS service provider s the default public Internet IP address of each WAN connection can be associated with a host name With dynamic DNS service enabled for a WAN connection you can connect to your WAN s IP address from the external even if its IP address is dynamic You must register for an account from the listed dynamic DNS service providers before enabling this option If the WAN connection s IP address is a reserved private IP address i e behind a NAT router the public IP of each WAN will be automatically reported to the DNS service provider Either upon a change in IP addresses or every 23 days without link reconnection the Pepwave router will connect to the dynamic DNS service provider to perform an IP address update within the provider s records The settings for dynamic DNS service provider s and the association of hostname s are configured via Network gt WAN gt Details gt Dynamic DNS Service Provider Dynamic DNS Settings Dynamic DNS Settings This setting specifies the dynamic DNS service provider to be used for the WAN based on supported dynamic DNS s
91. file When this box is checked this IPsec VPN connection profile will be enabled Otherwise it Active will be disabled Connect Upon Disconnection Check this box and select a WAN to connect to this VPN automatically when the specified WAN is disconnected of Remote Gateway IP Enter the remote peer s public IP address For Aggressive Mode this is optional Address j j es j Host Name Local Enter the local LAN subnets here If you have defined static routes they will be shown Networks here Remote Enter the LAN and subnets that are located at the remote site here Networks Pepwave MAX and Surf User Manual Authentication Mode Force UDP Encapsulation Pre shared Key Remote Certificate pem encoded Local ID Remote ID Phase 1 IKE Proposal Phase 1 DH Group Phase 1 SA Lifetime Phase 2 ESP Proposal Phase 2 PFS Group Phase 2 SA Lifetime To access your VPN clients will need to authenticate by your choice of methods Choose between the Preshared Key and X 509 Certificate methods of authentication Choose Main Mode if both IPsec peers use static IP addresses Choose Aggressive Mode if one of the IPsec peers uses dynamic IP addresses For forced UDP encapsulation regardless of NAT traversal tick this checkbox This defines the peer authentication pre shared key used to authenticate this VPN connection The connection will be up only if the pre shared keys on each side match Avai
92. files ADAO FFFC 11F8 192 168 77 0 24 amp 3ED2 8F63 1824 380 5 NO NAT 192 168 3 0 24 Click on the corresponding peer name to explore the WAN connection s status and subnet information of each VPN peer Pepwave MAX and Surf User Manual Remote Peer ADAOQ FFFC 11F8 wani wan2 wAN 3 Total 3ED2 8F63 1824 O wani WAN O wan3 Total A lt 1 kbps 1 kbps lt 1 kbps 380 5 NO NAT Rx Rx Rx Rx lt 1 kbps lt 1 kbps lt 1 kbps 1 6 kbps 1 kbps Information 192 168 77 0 24 lt i1kbps Drop rate lt 1 kbps Drop rate lt 1 kbps Drop rate 1 1 kbps Drop rate 192 168 3 0 24 lt 1 kbps lt 1 kbps lt 1 kbps 1 kbps Drop rate Drop rate Drop rate Drop rate 0 0 pkt s 0 0 pkt s 0 0 pkt s 0 0 pkt s 0 0 pkt s 0 0 pkt s 0 0 pkt s 0 0 pkt s Latency Latency Latency aja Latency Latency Latency Click the button for a chart displaying real time throughput latency and drop rate information for each WAN connection ADAO FFFC 11F8 FH 40 0 kbps Total Rx Tx lt 1 kbps lt 1 kbps Drop Rate 0 0 pkt s 30 0 kbps GB WAN 1 Rx Tx lt 1 kbps lt 1 kbps 20 0 kbps Latency lms Drop Rate 0 0 pkt s d 10 0 kbps WAN 2 5 Rx Tx lt 1 kbps lt 1 kbps 2 Latency lms 2 0 Drop Rate 0 0 pkt s E H asin GB WAN 3 fe ee Rx Tx lt 1kbps lt 1 kbps
93. for Host 2 is optional Health Check if Include public DNS servers is selected and no response is received from all specified DNS Servers DNS servers DNS lookups will also be issued to some public DNS servers A WAN connection will be treated as down only if there is also no response received from the public DNS servers Connections will be considered as up if DNS responses are received from any one of the health check DNS servers regardless of a positive or negative result By default the first two DNS servers of the WAN connection are used as the health check DNS servers Pepwave MAX and Surf User Manual Health Check Method HTTP oge T nttp Matching String http Matching String HTTP connections will be issued to test connectivity with configurable URLs and strings to match WAN Settings gt WAN Edit gt Health Check Settings gt URL1 The URL will be retrieved when performing an HTTP health check When String to Match URL1 is left blank a health check will pass if the HTTP return code is between 200 and 299 Note HTTP redirection codes 301 or 302 are treated as failures When String to Match is filled a health check will pass if the HTTP return code is between 200 and 299 and if the HTTP response content contains the string URL 2 WAN Settings gt WAN Edit gt Health Check Settings gt URL2 If URL2 is also provided a health check will pass if either one of the tests passed SC OIE second s Other
94. he configuration synchronization status Master Serial t Configuration Sync is checked the serial number of the master unit is required here for Number the feature to work properly The HA pair must share the same Virtual IP The Virtual IP and the LAN Administration IP Virtual IP must be under the same network LAN Administration This setting specifies a LAN IP address to be used for accessing administration functionality IP This address should be unique within the LAN Subnet Mask This setting specifies the subnet mask of the LAN Pepwave MAX and Surf User Manual Important Note For Pepwave routers in NAT mode the virtual IP VIP should be set as the default gateway for all hosts on the LAN segment For example a firewall sitting behind the Pepwave router should set its default gateway as the virtual IP instead of the IP of the master router Internet ee Switch a WAN1 Master Active VRRP Group 20 VIP 192 168 10 1 Physical IP 192 168 10 2 WANT PL WAN2 DAR J Slave Backup VRRP Group 20 VIP 192 168 10 1 Physical IP 192 168 10 3 Switch Local Area Network 192 168 10 0 24 In drop in mode no other configuration needs to be set Internet T1 Router or gt Gateway provided by ISP IP 210 10 10 1 ise X p 7 B Switch di Master Active VRRP Group 20 WAN2 od 10 3 VIP 210 10 10 5 Physical IP 210 10 Switch WAN2 TN N Slave Backup VRRP Group 2
95. he configured servers via the respective ports Port Mapping v Service Port 80 Map to Port 88 Port Mapping traffic that is received by Pepwave router via the specified protocol at the specified port is forwarded via a different port to the servers specified by the Servers setting For example with IP Protocol set to TCP and Port set to Port Mapping Service Port 80 and Map to Port 88 TCP traffic on port 80 is forwarded to the configured servers via port 88 Please see below for details on the Servers setting O Range Mapping Service Ports 80 88 96 Map to Ports 88 Range Mapping traffic that is received by the Pepwave router via the specified protocol at the specified port range is forwarded via a different port to the servers specified by the Servers setting This setting specifies the WAN connections and Internet IP address es from which the service can be accessed This setting specifies the LAN IP address of the server that handles the requests for the service Pepwave MAX and Surf User Manual 15 1 1 UPnP NAT PMP Settings UPnP and NAT PMP are network protocols which allow a computer connected to the LAN port to automatically configure the router to allow parties on the WAN port to connect to itself That way the process of inbound port forwarding becomes automated When a computer creates a rule using these protocols the specified TCP UDP port of all WAN connections
96. he remote unit uses Firmware prior to version 5 4 or if port 4500 is unavailable If Custom is selected enter an outgoing port number from 1 to 65535 Define maximum download and upload speed to each individual peer This functionality requires the peer to use PepVPN version 4 0 0 or above Select the degree to which WAN Smoothing will be implemented across your WAN links A Advanced feature please click the button on the top right hand corner to activate Pepwave MAX and Surf User Manual To enable Layer 2 Bridging between PepVPN profiles navigate to Network gt LAN gt Basic Settings gt LAN Profile Name and refer to instructions in section 8 1 art tr VEUt off Suspension Time Priority kie a latency after Packet Loss WAN Connection Priority 1 Highest T 1 Highest 1 Highest 7 T WAN Connection Priority If your device supports it you can specify the priority of WAN connections to be used for making VPN connections WAN connections set to OFF will never be used Only available WAN WAN connections with the highest priority will be used Connection Priority To enable asymmetric connections connection mapping to remote WANs cut off latency and packet loss suspension time click the button Send All Traffic To No PepVPN profile selected Send All Traffic To L This feature allows you to redirect all traffic to a specified PepVPN connection Click the button to select your connection
97. hich the web admin interface can be accessed e LAN only e LAN WAN If LAN WAN is chosen the WAN Connection Access Settings form will be displayed Pepwave MAX and Surf User Manual WAN Connection Access Settings Any Allow access from the following IP subnets only Connection IP Address es 10 88 3 158 Interface IP WAN Connection Access Settings This field allows you to restrict web admin access only from defined IP subnets e Any Allow web admin accesses to be from anywhere without IP address restriction e Allow access from the following IP subnets only Restrict web admin access only from the defined IP subnets When this is chosen a text input area will be displayed Allowed beneath Source IP The allowed IP subnet addresses should be entered into this text area Each IP subnet Subnets must be in form of w x y z m where w x y z is an IP address e g 192 168 0 0 and mis the subnet mask in CIDR format which is between 0 and 32 inclusively For example 192 168 0 0 24 To define multiple subnets separate each IP subnet one in a line For example e 192 168 0 0 24 e 10 8 0 0 16 Allowed WAN This is to choose which WAN IP address es the web server should listen on IP Address es Pepwave MAX and Surf User Manual 20 2 Firmware Pepwave router firmware is upgradeable through the web admin interface Firmware upgrade functionality is located at System gt Firmware Firmware Upgrade Curre
98. his drop down menu specifies the national regional regulations which the Wi Fi radio should follow e f a North American region is selected RF channels 1 to 11 will be available and the maximum transmission power will be 26 dBm 400 mW e f European region is selected RF channels 1 to 13 will be available The maximum transmission power will be 20 dBm 100 mW NOTE Users are required to choose an option suitable to local laws and regulations Important Note Per FCC regulation the country selection is not available on all models marketed in the US All US models are fixed to US channels only Operating Country Wi Fi AP Settings aam o A EE o Wi Fi AP Settings This option allows you to specify whether 802 11b and or 802 11g client association Protocol requests will be accepted Available options are 802 11ng and 802 11na By default 802 11ng is selected Channel This option allows you to select which 802 11 RF channel will be utilized Channel 1 AUS 2 412 GHz is selected by default Available options are 20 MHz 40 MHz and Auto 20 40 MHz Default is Auto 20 40 MHz which allows both widths to be used simultaneously Channel Width This option is for specifying the transmission output power for the Wi Fi AP There are 4 Output Power relative power levels available Max High Mid and Low The actual output power will be bound by the regulatory limits of the selected country Pepwave MAX and Surf U
99. ible with InControl When this check box is checked the device s status information will be sent to the Peplink InControl system This device s usage data and configuration will be sent to the system if you enable the features in the system Alternately you could also privately host InControl Simply check the box beside the Privately Host InControl open and enter the IP Address of your InControl Host You can sign up for an InControl account at https incontrol2 peplink com You can register your devices under the account monitor their status see their usage reports and receive offline notifications Pepwave MAX and Surf User Manual 20 8 Configuration Backing up Pepwave router settings immediately after successful completion of initial setup is strongly recommended The functionality to download and upload Pepwave router settings is found at System gt Configuration Note that available options vary by model Restore Configuration to Factory Settings 2 Download Active Configurations 2 Upload Configurations Upload Configurations from High Availability Pair Configuration R r C bye The Restore Factory Settings button is to reset the configuration to factory default on iguration settings After clicking the button you will need to click the Apply Changes button on the to Factory top right corner to make the settings effective Settings Download Active Click Download to backup the cu
100. ile You can also select the frequencies at which each network will transmit Please note that the Pepwave router does not detect whether the AP is capable of transmitting at both frequencies Instructions to transmit at unsupported frequencies will be ignored by the AP This drop down menu specifies the national regional regulations which the AP should follow e fa North American region is selected RF channels 1 to 11 will be available and the maximum transmission power will be 26 dBm 400 mW e f European region is selected RF channels 1 to 13 will be available The maximum transmission power will be 20 dBm 100 mW NOTE Users are required to choose an option suitable to local laws and regulations Per FCC regulation the country selection is not available on all models marketed in US All US models are fixed to US channels only These buttons determine the frequency at which access points will attempt to broadcast This feature will only work for APs that can transmit at both 2 4GHz and 5GHz frequencies This section displays the 5 GHz protocols your APs are using There are three options 20 MHz 20 40 MHz and 40 MHz With this feature enabled the Wi Fi system can use two channels at once Using two channels improves the performance of the Wi Fi connection Pepwave MAX and Surf User Manual This drop down menu selects the 5 GHz 802 11 channel to be utilized If Auto is set the 5 GHz Channel system will perform channel s
101. ils To access cellular WAN settings click Network WAN Details Available on the Pepwave MAX BR1 HD2 and HD2 IP67 only Connection Details Cellular 1 Status A yy No sim Card Detected A100001F7 DC038 2701131807082412 08 8052FC8A 356144040031862 Cellular Status IMSI This is the International Mobile Subscriber Identity which uniquely identifies the SIM card This is applicable to 3G modems only Some Pepwave routers support both HSPA and EV DO For Sprint or Verizon Wireless EV DO MEID users a unique MEID identifier code in hexadecimal format is used by the carrier to associate the EV DO device with the user This information is presented in hex and decimal format ESN This serves the same purpose as MEID HEX but uses an older format IMEI This is the unique ID for identifying the modem in GSM HSPA mode Pepwave MAX and Surf User Manual WAN Connection Name Cellular 1 Default Network Mode HSPA V Sprint EV DO O Verizon Wireless EV DO Routing Mode DNS Servers Obtain DNS server address automatically O Use the following DNS server address es DNS Server 1 DNS Server 2 WAN Connection Settings WAN Connection Enter a name to represent this WAN connection Name Network Mode Users have to specify the network they are on accordingly This option allows you to select the routing method to be used in routing IP frames via the Routing Mode WAN connection The mode can be eith
102. is will open a window similar to the one shown below Pepwave MAX and Surf User Manual Create Wi Fi Connection Profile Wi Fi Connection Obtain an IP address automatically Static OK Cancel Wi Fi Connection Profile Settings Type Select whether the network will connect automatically or manually Network Name SSID Enter a name to represent this Wi Fi connection This option allows you to select which security policy is used for this wireless network Available options EEN v Hide Characters WPA WPA2 Personal Y Security ds o Anonymous User Credentials Other Pepwave MAX and Surf User Manual 9 4 WAN Health Check To ensure traffic is routed to healthy WAN connections only the Pepwave router can periodically check the health of each WAN connection The health check settings for each WAN connection can be independently configured via Network gt WAN gt Details Health Check Settings This setting specifies the health check method for the WAN connection This value can be Method configured as Disabled PING DNS Lookup or HTTP The default method is DNS Lookup For mobile Internet connections the value of Method can be configured as Disabled or SmartCheck Health Check Disabled Disabled h Health Check disabled Network problem cannot be detected When Disabled is chosen in the Method field the WAN connection will always be considered as up The connection will NOT be
103. isted content types or leave boxes unchecked to disable Content Type caching for the listed types Enter a file extension such as JPG or DOC Then enter a lifetime in days to specify how long files with that extension will be cached Add or delete entries using the controls on the right Cache Lifetime Settings Pepwave MAX and Surf User Manual 11 2 Scheduling Content Prefetching Content prefetching allows you to download content on a schedule that you define which can help to preserve network bandwidth during busy times and keep costs down To access MediaFast content prefetching settings select Advanced gt Prefetch Schedule Prefetch Schedule Course Progress Downloading 04 1106 00 04 0902 03 4 oB m Z X National Geog Ready 04 11 00 00 04 0900 00 00 01 JS 4 98 kB Hi eS x Syllabus Downloading 04 1106 00 04 0906 00 4 OB E x Vimeo Ready 04 11 00 00 04 09 02 03 00 01 JS 115 91 kB N ted Ready 04 11 00 00 04 0900 00 00 01 SY 62 26 kB amp X New Schedule Tools Clear Web Cache Clear Statistics Prefetch Schedule Settings Name This field displays the name given to the scheduled download Status Check the status of your scheduled download here Ne En Th fields display the d d ti f th d f th Time Last Run ese fields display the date and time of the next and most recent occurrences of the scheduled download Time Check this field to
104. isting IP sessions may be terminated when another WAN connection is recovered such that only the preferred healthy WAN connection s is used at any point in time Pepwave MAX and Surf User Manual 14 2 1 Algorithm Weighted Balance This setting specifies the ratio of WAN connection usage to be applied on the specified IP protocol and port This setting is applicable only when Algorithm is set to Weighted Balance Weighted Balance EMule Cue IG WAN 1 10 WAN 2 10 Wi Fi WAN 10 Cellular 1 10 7 S Cellular 2 10 USB 10 The amount of matching traffic that is distributed to a WAN connection is proportional to the weight of the WAN connection relative to the total weight Use the sliders to change each WAN s weight For example with the following weight settings e Ethernet WANT 10 e Ethernet WAN2 10 e Wi Fi WAN 10 e Cellular 1 10 e Cellular 2 10 e USB 10 Total weight is 60 10 10 10 10 10 10 Matching traffic distributed to Ethernet WAN1 is 16 7 10 60 x 100 Matching traffic distributed to Ethernet WAN 2 is 16 7 10 60 x 100 Matching traffic distributed to Wi Fi WAN is 16 7 10 60 x 100 Matching traffic distributed to Cellular 1 is 16 7 10 60 x 100 Matching traffic distributed to Cellular 2 is 16 7 10 60 x 100 Matching traffic distributed to USB is 16 7 10 60 x 100 Pepwave MAX and Surf
105. ked the first two DNS servers will be the DNS lookup targets for checking a connection s health If the box is not checked Host 1 must be filled while a value for Host 2 is optional Health Check include public DNS servers is selected and no response is received from all specified DNS Servers DNS servers DNS lookups will also be issued to some public DNS servers A WAN connection will be treated as down only if there is also no response received from the public DNS servers Connections will be considered as up if DNS responses are received from any one of the health check DNS servers regardless of a positive or negative result By default the first two DNS servers of the WAN connection are used as the health check DNS servers Health Check Method HTTP Pepwave MAX and Surf User Manual Matching String HTTP connections will be issued to test connectivity with configurable URLs and strings to match WAN Settings gt WAN Edit gt Health Check Settings gt URL1 The URL will be retrieved when performing an HTTP health check When String to Match URL1 is left blank a health check will pass if the HTTP return code is between 200 and 299 Note HTTP redirection codes 301 or 302 are treated as failures When String to Match is filled a health check will pass if the HTTP return code is between 200 and 299 and if the HTTP response content contains the string URL 2 WAN Settings gt WAN Edit gt Health Check Settings gt URL2 I
106. l be disabled When the device is not able to communicate with the external RADIUS server local accounts will be enabled again for emergency access Additional authentication options will be available once this box is checked This specifies the authentication protocol used Available options are MS CHAP v2 and PAP This specifies the access address and port of the external RADIUS server This field is for entering the secret key for accessing the RADIUS server This option specifies the time value for authentication timeout This specifies the access address and port of the external accounting server This field is for entering the secret key for accessing the accounting server This option is for specifying the network connection to be used for authentication Users can choose from LAN WAN and VPN connections The CLI command line interface can be accessed via SSH This field enables CLI support For additional information regarding CLI please refer to Section 20 14 This field determines the port on which clients can access CLI SSH This menu allows you to choose between granting access to LAN and WAN clients or to LAN clients only This option is for specifying the protocol s through which the web admin interface can be accessed e HTTP e HTTPS e HTTP HTTPS This field is for specifying the port number on which the web admin interface can be accessed This option is for specifying the network interfaces through w
107. lable only when X 509 Certificate is chosen as the Authentication method this field allows you to paste a valid X 509 certificate In Main Mode this field can be left blank In Aggressive Mode if Remote Gateway IP Address is filled on this end and the peer end this field can be left blank Otherwise this field is typically a U FQDN In Main Mode this field can be left blank In Aggressive Mode if Remote Gateway IP Address is filled on this end and the peer end this field can be left blank Otherwise this field is typically a U FQDN In Main Mode this allows setting up to six encryption standards in descending order of priority to be used in initial connection key negotiations In Aggressive Mode only one selection is permitted This is the Diffie Hellman group used within IKE This allows two parties to establish a shared secret over an insecure communications channel The larger the group number the higher the security Group 2 1024 bit is the default value Group 5 1536 bit is the alternative option This setting specifies the lifetime limit of this Phase 1 Security Association By default it is set at 3600 seconds In Main Mode this allows setting up to six encryption standards in descending order of priority to be used for the IP data that is being transferred In Aggressive Mode only one selection is permitted Perfect forward secrecy PFS ensures that if a key was compromised the attacker will be able to acces
108. lected the AP will broadcast at the specified power level regardless of context When Dynamic settings are selected the AP will adjust its power level based on its surrounding APs in order to maximize performance Output Power The Dynamic Auto setting will set the AP to do this automatically Otherwise the Dynamic Manual setting will set the AP to dynamically adjust only of instructed to do so If you have set Dynamic Manual you can go to AP gt Toolbox gt Auto Power Adj to give your AP further instructions This drop down menu provides the option to send beacons in different transmit bit rates A Beacon Rate The bit rates are 1Mbps 2Mbps 5 5Mbps 6Mbps and 11Mbps This drop down menu provides the option to set the time between each beacon send A Beacon Interval Available options are 100ms 250ms and 500ms DTIMA This field provides the option to set the freguency for beacon to include delivery traffic indication messages DTIM The interval unit is measured in milliseconds Slot Time This field provides the option to modify the unit wait time before it transmits The default value is 9us A This field provides the option to set the wait time to receive acknowledgement packet ACK Timeout before doing retransmission The default value is 48us Frame With this feature enabled throughput will be increased by sending two or more data Aggregation frames ina single transmission A Advanced feature Click the button
109. lied Feb 16 10 17 00 System Time synchronization successful Feb 16 10 19 23 WAN WAN 1 connected 10 88 3 158 Feb 16 10 18 58 WAN Priority changed Priority 1 WAN 1 WAN 2 Priority 2 Cellular 1 Cellular 2 Disabled Wi Fi WAN Feb 16 10 18 37 System Started up 6 2 0 201501210247 r12145 build End of log Clear Log The log section displays a list of events that has taken place on the Pepwave router Check Auto Refresh to refresh log entries automatically Click the Clear Log button to clear the log 21 8 Bandwidth This section shows bandwidth usage statistics and is located at Status gt Bandwidth Bandwidth usage at the LAN while the device is switched off e g LAN bypass is neither recorded nor shown Pepwave MAX and Surf User Manual 21 8 1 Real Time The Data transferred since installation table indicates how much network traffic has been processed by the device since the first bootup The Data transferred since last reboot table indicates how much network traffic has been processed by the device since the last bootup Data transferred since installation Sun Oct 10 05 56 02 PST 2010 All WAN Connections 216 68 GB 91 0 GB 308 38 GB Data transferred since last reboot Hide Details All WAN Connections 0 74 GB 0 63 GB WANI 0 67 GB 0 61 GB WAN2 0 07 GB 0 02 GB Aggregated Transfer 24 41 Mbps BH Cevnlosad N Upload 19 53 Mbps 14 65 Mbps 9 77 Mbps 4 88 Mbps Avg
110. lti WAN router Settings for service passthrough support are available here Service Passthrough Support Session initiation protocol aka SIP is a voice over IP protocol The Pepwave router can act as a SIP application layer gateway ALG which binds connections for the same SIP session to the same WAN connection and translate IP address in the SIP packets SIP correctly in NAT mode Such passthrough support is always enabled and there are two modes for selection Standard Mode and Compatibility Mode If your SIP server s signal port number is non standard you can check the box Define custom signal ports and input the port numbers to the text boxes H 323 With this option enabled protocols that provide audio visual communication sessions will be defined on any packet network and pass through the Pepwave router FTP sessions consist of two TCP connections one for control and one for data Ina multi WAN situation they must be routed to the same WAN connection Otherwise problems will arise in transferring files By default the Pepwave router monitors TCP FTP control connections on port 21 for any FTP connections and binds TCP connections of the same FTP session to the same WAN If you have an FTP server listening on a port number other than 21 you can check Define custom control ports and enter the port numbers in the text boxes The Pepwave router monitors outgoing TFTP connections and routes any incoming TFTP TFTP data packets ba
111. m e DNS O Matic Select Disabled to disable this feature User ID User Email This setting specifies the registered user name for the dynamic DNS service Password Pass This setting specifies the password for the dynamic DNS service Pepwave MAX and Surf User Manual TZO Key Update All Hosts Check this box to automatically update all hosts This setting specifies a list of hostnames or domains to be associated with the public Hosts Domain Internet IP address of the WAN connection Important Note In order to use dynamic DNS services appropriate hostname registration s as well as a valid account with a supported dynamic DNS service provider are required A dynamic DNS update is performed whenever a WAN s IP address is changed such as when an IP is changed after a DHCP IP refresh or reconnection Due to dynamic DNS service providers policies a dynamic DNS host expires automatically when the host record has not been not updated for a long time Therefore the Peplink Balance performs an update every 23 days even if a WAN s IP address did not change 9 3 1 Creating Wi Fi Connection Profiles You can manually create a profile to connect to a Wi Fi connection This is useful for creating a profile for connecting to hidden SSID access points Click Network gt WAN gt Details gt Create Profile to get started Network Name SSID Security Peplink WPA WPA2 Personal ES eplink Guest Th
112. mization Prioritize and route traffic to VPN tunnels with Priority and Enforced algorithms AP Controller Configure and manage Pepwave AP devices Review the status of connected APs QoS Quality of service for different applications and custom protocols User group classification for different service levels Bandwidth usage control and monitoring on group and user level Pepwave MAX and Surf User Manual Application prioritization for custom protocols and DSL cable optimization Other Supported Features User friendly web based administration interface HTTP and HTTPS support for web admin interface Configurable web administration port and administrator password Firmware upgrades configuration backups ping and traceroute via web admin interface Remote web based configuration via WAN and LAN interfaces Time server synchronization SNMP Email notification Read only user for web admin Shared IP drop in mode Authentication and accounting by RADIUS server for web admin Built in WINS servers syslog SIP passthrough PPTP packet passthrough Event log Active sessions Client list WINS client list UPnP NAT PMP Real time hourly daily and monthly bandwidth usage reports and charts IPv6 support Support USB tethering on Android 2 2 phones Not supported on MAX Surf On The Go Surf SOHO and BR1 variants Pepwave MAX and Surf User Manual 4 Pepwave MAX Mobile Router Overview 4 1 MAX 700 4
113. name value upon acquiring an IP address you may enter the value here If your service Optional provider does not provide you with the value you can safely bypass this option Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS servers being assigned by the WAN DHCP server to be used for outbound DNS lookups DNS Servers over the connection The DNS servers are obtained along with the WAN IP address assigned from the DHCP server When Use the following DNS server address es is selected you may enter custom DNS server addresses for this WAN connection into the DNS Server 1 and DNS Server 2 fields 9 1 2 Static IP Connection The static IP connection method is suitable if your ISP provides a static IP address to connect directly Use the following DNS server address es DNS Server 1 DNS Server 2 Static IP Settings NAT allows substituting the real address in a packet with a mapped address that is Routing Mode routable on the destination network By clicking the help icon in this field you can display the IP Forwarding option if your network requires it IP Address These settings allow you to specify the information required in order to communicate on me the Internet via a fixed Internet IP address The information is
114. nd drop it by releasing the mouse button WAN Connection Status Priority 1 Highest connected Details Connected Details T1 No SIM Card Detected Reload SIM Details T2 No SIM Card Detected Reload SIM Details Priority 3 O Disabled Details IPv6 Disabled Lo To disable a particular WAN connection drag on the appropriate WAN by holding the left mouse button move it the Disabled row and drop it by releasing the mouse button You can also set priorities on the Dashboard Click the Details button in the corresponding row to modify the connection setting Important Note Connection details will be changed and become effective immediately after clicking the Save and Apply button Pepwave MAX and Surf User Manual 9 1 Ethernet WAN From Network gt WAN choose a WAN connection and then click Details WAN Port ci O e wr o wring SSS 255 755 255 0 10 88 3 253 Use custom hostname Obtain DNS server address automatically 10 88 3 1 Use the following DNS server address es DNS Server 1 DNS Server 2 WAN Port Section 1 WAN Connection Enter a name to represent this WAN connection Name There are three possible connection methods for Ethernet WAN e DHCP Connection e Static IP Method e PPPoE The connection method and details are determined by and can be obtained from the ISP See the following sections for details on each connection method This field shows that NAT network address transl
115. nd port number remain manually modifiable IP Protocol Pepwave MAX and Surf User Manual Port Inbound IP Address es Server IP Address The Port setting specifies the port s that correspond to the service and can be configured to behave in one of the following manners Any Port Single Port Port Range Port Map and Range Mapping Port Any Port v Any Port all traffic that is received by the Pepwave router via the specified protocol is forwarded to the servers specified by the Servers setting For example with IP Protocol set to TCP and Port set to Any Port all TCP traffic is forwarded to the configured servers Port O Single Port v Service Port 80 Single Port traffic that is received by the Pepwave router via the specified protocol at the specified port is forwarded via the same port to the servers specified by the Servers setting For example with IP Protocol set to TCP and Port set to Single Port and Service Port 80 TCP traffic received on port 80 is forwarded to the configured servers via port 80 Port Port Range v Service Ports 80 88 Port Range traffic that is received by the Pepwave router via the specified protocol at the specified port range is forwarded via the same respective ports to the LAN hosts specified by the Servers setting For example with IP Protocol set to TCP and Port set to Port Range and Service Ports 80 88 TCP traffic received on ports 80 through 88 is forwarded to t
116. nect when usage hits 100 of monthly allowance Bandwidth Allowance Monitor it Error Reference source not found is enabled you will be notified by email when usage hits 75 and 95 of the monthly allowance If Disconnect when usage hits 100 of monthly allowance is checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance lt will not resume connection unless this option has been turned off or the usage has been reset when a new billing cycle starts Action Start Day This option allows you to define which day of the month each billing cycle begins Monthly This field is for defining the maximum bandwidth usage allowed for the WAN connection Allowance each month Health Check Settings DNS Lookup _ j Host 1 Host 2 Use first two DNS servers as Health Check DNS Servers Include public DNS servers second s Ed Health Check Settings Method This setting specifies the health check method for the WAN connection This value can be configured as Disabled PING DNS Lookup or HTTP The default method is DNS Pepwave MAX and Surf User Manual Lookup For mobile Internet connections the value of Method can be configured as Disabled or SmartCheck Health Check Disabled Health Check Method a Disabled W Health Check disabled Network problem cannot be detected When Disabled is chosen in the Method field the WAN connection will always be considered a
117. ng Status Booting up or busy Green Ready state LAN and Ethernet WAN Ports Green LED ON 10 100 Mbps Pepwave MAX and Surf User Manual Blinking Data is transferring Orange LED OFF No data is being transferred or port is not connected Port type Auto MDI MDI X ports Wi Fi Signal Off No connection Signal strength Wi Fi signal strength low medium and high Pepwave MAX and Surf User Manual 5 Installation The following section details connecting Pepwave routers to your network 5 1 Preparation Before installing your Pepwave router please prepare the following as appropriate for your installation e Atleast one Internet WAN access account and or Wi Fi access information e Depending on network connection type s one or more of the following e Ethernet WAN A 10 100 1000BaseT UTP cable with RJ45 connector e USB A USB modem e Embedded modem A SIM card for GSM HSPA service e Wi Fi WAN Wi Fi antennas e PC Card Express Card WAN A PC Card ExpressCard for the corresponding card slot e Acomputer installed with the TCP IP network protocol and a supported web browser Supported browsers include Microsoft Internet Explorer 8 0 or above Mozilla Firefox 10 0 or above Apple Safari 5 1 or above and Google Chrome 18 or above Pepwave MAX and Surf User Manual 5 2 Constructing the Network At a high level construct the network according to the following steps 1 With an
118. nt firmware version 6 2 1 Firmware check pending Check for Firmware Manual Firmware Upgrade Manual Upgrade There are two ways to upgrade the unit The first method is through an online download The second method is to upload a firmware file manually To perform an online download click on the Check for Firmware button The Pepwave router will check online for new firmware If new firmware is available the Pepwave router will automatically download the firmware The rest of the upgrade process will be automatically initiated You may also download a firmware image from the Peplink website and update the unit manually To update using a firmware image click Choose File to select the firmware file from the local computer and then click Manual Upgrade to send the firmware to the Pepwave router It will then automatically initiate the firmware upgrade process Please note that all Peplink devices can store two different firmware versions in two different partitions A firmware upgrade will always replace the inactive partition If you want to keep the inactive firmware you can simply reboot your device with the inactive firmware and then perform the firmware upgrade Important Note The firmware upgrade process may not necessarily preserve the previous configuration and the behavior varies on a case by case basis Consult the release notes for the particular firmware version before installing Do not disconnect the power
119. nter one IP address per line in the provided text area input control Each option can be defined once only This setting reserves the assignment of fixed IP addresses for a list of computers on the LAN The computers to be assigned fixed IP addresses on the LAN are identified by their MAC addresses The fixed IP address assignment is displayed as a cross reference list between the computers names MAC addresses and fixed IP addresses DHCP Name an optional field allows you to specify a name to represent the device MAC Reservation addresses should be in the format of 00 AA BB CC DD EE Press to create a new record Press to remove a record Reserved client information can be imported from the Client List located at Status gt Client List For more details please refer to Section 21 3 LAN Physical Settings LAN Physical Settings This is the port speed of the LAN interface It should be set to the same speed as the connected device to avoid port negotiation problems When a static speed is set you may Speed choose whether to advertise its speed to the peer device Auto is selected by default You can choose not to advertise the port speed if the port has difficulty negotiating with the peer device Static Route Settings Static Rout O Destination Network Subnet Mask Static Route Settings This table is for defining static routing rules for the LAN segment A static route consists of the network address subnet mask and ga
120. o Inbound This setting specifies the protocol to be matched Via a drop down menu the following protocols can be specified e TCP e UDP e ICMP Protocol s ic Alternatively the Protocol Selection Tool drop down menu can be used to automatically fill in the protocol and port number of common Internet services e g HTTP HTTPS etc After selecting an item from the Protocol Selection Tool drop down menu the protocol and port number remains manually modifiable This specifies the source IP address es and port number s to be matched for the firewall rule A single address or a network can be specified as the Source IP amp Port setting as indicated by the following screenshot Sou rce IP amp Single Address IP Port Single Port Y Port In addition a single port or a range of ports can be specified for the Source IP amp Port settings This specifies the destination IP address es and port number s to be matched for the firewall rule A single address or a network can be specified as the Destination IP amp Port Destination IP setting as indicated by the following screenshot amp Port Single Port Y Port EE In addition a single port or a range of ports can be specified for the Destination IP amp Port settings Single Address IP This setting specifies the action to be taken by the router upon encountering traffic that matches the both of the following e Source IP amp port
121. o operate this equipment This transmitter must not be co located or operating in conjunction with any other antenna or transmitter Operations in the 5 15 5 25GHz band are restricted to indoor usage only IMPORTANT NOTE FCC Radiation Exposure Statement for MAX700 HD2 HD2 IP67 BR1 This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator amp your body FCC Radiation Exposure Statement for MAX On The Go Pepwave MAX and Surf User Manual This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment 1 20cm minimum when the product is operated alone without co transmitting with a plug in 3G USB dongle device 2 65cm minimum when the product is operated with a plug in 3G USB device which has maximum of 7W ERP output power 3 For co transmission scenario which is not covered above please consult the RF technician or device supplier This transmitter must not be co located or operating in conjunction with any other antenna or transmitter The availability of some specific channels and or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination 3 CE Statement for Pepwave Routers Europe EU Declaration of Conformity This device complies with the essential requiremen
122. o the WAN s corresponding SMTP server SMTP Forwarding Setup ma Enable Forwarding SMTP Server SMTP Port Connection WEE WEE ETE CS eed ee ETE ENE eed ee pe E mee mee To enable the feature select Enable under SMTP Forwarding Setup Check Enable Forwarding for the WAN connection s that needs forwarding Under SMTP Server enter the ISP s e mail server host name or IP address Under SMTP Port enter the TCP port number for each WAN The Pepwave router will intercept SMTP connections Choose a WAN port according to the outbound policy and then forward the connection to the SMTP server if the chosen WAN has enabled forwarding If the forwarding is disabled for a WAN connection SMTP connections for the WAN will be simply be forwarded to the connection s original destination If you want to route all SMTP connections only to particular WAN connection s you should create a custom rule in outbound policy see Section 14 2 Pepwave MAX and Surf User Manual 18 8 2 Web Proxy Forwarding Web Proxy Forwarding Setup Web proxy Forwarding Enable Web Proxy Interception Settings Connection WAN Enable Forwarding Proxy Server IP Address Port o dd wan dd Del EE NEE aa N Ge Cellular 2 When this feature is enabled the Pepwave router will intercept all outgoing connections destined for the proxy server specified in Web Proxy Interception Settings choose a WAN conn
123. oller will be added to the local DNS proxy Access points to manage can be specified here If Any is selected the AP controller will Permitted AP manage any AP that reports to it If Approved List is selected only APs with serial numbers listed in the provided text box will be managed SSID Security Policy New SSID Pepwave MAX and Surf User Manual Current SSID information appears in the SSID section To edit an existing SSID click its name in the list To add a new SSID click Add Note that the following settings vary by model SSID wo oo vor ae oos SSID Settings MCS8 MCSO0 6M Feri aso a ooen No Encryption No Encryption Access Control Restricted Mode SS Save Cancel ke ea Settings SSID Settings SSID This setting specifies the SSID of the virtual AP to be scanned by Wi Fi clients Enable Select Yes to enable the virtual AP This setting specifies the VLAN ID to be tagged on all outgoing packets generated from this wireless network i e packets that travel from the Wi Fi segment through VLAN ID the Pepwave AP One unit to the Ethernet segment via the LAN port The default value of this setting is 0 which means VLAN tagging is disabled instead of tagged with zero This setting specifies whether or not Wi Fi clients can scan the SSID of this wireless Broadcast SSID network Broadcast SSID is enabled by default Select Auto to allow the Pepwave router to set the data rate automati
124. or each WAN can be specified Pepwave MAX and Surf User Manual after selecting Enable When this option is enabled all outgoing connections destined for the proxy server Web Proxy specified in Web Proxy Interception Settings will be intercepted These connections will be redirected to a specified web proxy server and port number Web proxy interception settings and proxy server settings for each WAN can be specified after selecting Enable Forwarding When this option is enabled all outgoing DNS lookups will be intercepted and redirected to the built in DNS name server If any LAN device is using the DNS name servers of a WAN connection you may want to enable this option to enhance the DNS DNS Forwarding availability without modifying the DNS server setting of the clients The built in DNS name server will distribute DNS lookups to corresponding DNS servers of all available WAN connections In this case DNS service will not be interrupted even if any WAN connection is down Custom Service When this option is enabled incoming connections from specified ports will be Forwarding intercepted and forwarded to a local server 18 8 1 SMTP Forwarding Some ISPs require their users to send e mails via the ISP s SMTP server All outgoing SMTP connections are blocked except those connecting to the ISP s Pepwave routers support intercepting and redirecting all outgoing SMTP connections destined for TCP port 25 via a WAN connection t
125. oup rea will send and receive related OSPF packets while unlinked machines will ignore it Link Type Choose the network type that this area will use Choose an authentication method if one is used from this drop down menu Available Authentication options are MD5 and Text Enter the authentication key next to the drop down menu Interfaces Determine which interfaces this area will use to listen to and deliver OSPF packets Pepwave MAX and Surf User Manual To access RIPv2 settings click RIPv 2 Settings x LAN 192 168 168 1 24 V167 192 168 167 1 24 WAN 1 10 91 137 1 24 WAN 2 10 91 138 1 24 WAN 3 10 91 139 1 24 OK Cancel RIPv2 Settings Authenticati Choose an authentication method if one is used from this drop down menu Available uthenucation options are MD5 and Text Enter the authentication key next to the drop down menu Interfaces Determine which interfaces this group will use to listen to and deliver RIPv2 packets 18 4 Remote User Access a Networks routed by a Peplink Balance can be remotely accessed via L2TP with IPsec or PPTP To configure this feature navigate to Network gt Remote User Access Pepwave MAX and Surf User Manual Remote User Access Settings ete CE L2TP with IPsec PPTP IPsec NAT Traversal will be enabled to ensure compatibility for most of the devices LL Let eT Hide Characters 2 Connection IP Address es 10 10 12 47 Interface IP Interfa
126. own menu choose whether you are going to define the client s by an IP Subnet IP Address or a Subnet If IP Address is selected enter a name defined in DHCP Address reservation table or a LAN client s IP address If Subnet is selected enter a subnet address and specify its subnet mask Group This field is to define which User Group the specified subnet IP address belongs to Once users have been assigned to a user group their internet traffic will be restricted by rules defined for that particular group Please refer to the following two sections for details Pepwave MAX and Surf User Manual 17 2 Bandwidth Control You can define a maximum download speed over all WAN connections and upload speed for each WAN connection that each individual Staff and Guest member can consume No limit can be imposed on individual Manager members By default download and upload bandwidth limits are set to unlimited set as 0 Individual Bandwidth Limit Download Upload Manager Unlimited Unlimited Staff 0 Mbps Y 0 Mbps Y 0 unlimited Guest 0 Mbps Y 0 Mbps Y 0 unlimited 17 3 Application 17 3 1 Application Prioritization On many Pepwave routers you can choose whether to apply the same prioritization settings to all user groups or customize the settings for each group Application Prioritization Apply same settings to all users Customize Three application priority levels can be set High Normal and Low
127. paces When this box is checked this VPN connection profile will be enabled Otherwise it will be Active disabled Encryption By default VPN traffic is encrypted with 256 bit AES If Off is selected on both sides of a Pepwave MAX and Surf User Manual Authentication Remote ID Pre shared Key Remote ID Remote Certificate Allow Shared Remote ID NAT Mode Remote IP Address Host Names Optional Data Port Bandwidth Limit WAN Smoothing VPN connection no encryption will be applied Select from By Remote ID Only Preshared Key or X 509 to specify the method the Peplink Balance will use to authenticate peers When selecting By Remote ID Only be sure to enter a unique peer ID number in the Remote ID field This optional field becomes available when Remote ID Pre shared Key is selected as the Peplink Balance s VPN Authentication method as explained above Pre shared Key defines the pre shared key used for this particular VPN connection The VPN connection s session key will be further protected by the pre shared key The connection will be up only if the pre shared keys on each side match When the peer is running firmware 5 0 this setting will be ignored Enter Remote IDs either by typing out each Remote ID and Pre shared Key or by pasting a CSV If you wish to paste a CSV click the d icon next to the Remote ID Preshared Key setting These optional fields become available when X
128. ply Firewall Rules to PepVpn Traffic A A When this option is enabled Outbound Firewall Rules will be applied to PepVPN traffic To turn on this feature click check the Enable check box and press the Save button 18 1 3 Intrusion Detection and DoS Prevention osanes TW Pepwave routers can detect and prevent intrusions and denial of service DoS attacks from the Internet To turn on this feature click check the Enable check box and press the Save button When this feature is enabled the Pepwave router will detect and prevent the following kinds of intrusions and denial of service attacks e Port scan o NMAP FIN URG PSH Xmas tree o Another Xmas tree o Null scan o SYN RST o SYN FIN e SYN flood prevention e Ping flood attack prevention Pepwave MAX and Surf User Manual 18 2 Web Blocking Exempted User Groups sot o EE comet Exempted Subnets 18 2 1 Web Blocking Enter an appropriate website address and the Pepwave router will block and disallow LAN PPTP SpeedFusion peer clients to access these websites Exceptions can be added using the instructions in Sections 18 2 2 and 18 2 3 You may enter a wildcard at the end of a domain name to block any web site with a host name having the domain name in the middle For example If you enter foobar www foobar com www foobar co jo and foobar co uk will be blocked Placing the wildcard in any other position is not supported
129. r A so that all WANs will be utilized in establishing the VPN Pepwave MAX and Surf User Manual 12 3 SpeedFusion Status SpeedFusion status is shown in the Dashboard The connection status of each connection profile is shown as below Established Established After clicking the Status button at the top right corner of the SpeedFusion M table you will be forwarded to Status gt SpeedFusion where you can view subnet and WAN connection information for each VPN peer Please refer to Section 21 6 for details IP Subnets Must Be Unique Among VPN Peers The entire interconnected SpeedFusion network is a single non NAT IP network Avoid duplicating subnets in your sites to prevent connectivity problems when accessing those subnets Pepwave MAX and Surf User Manual 13 IPsec VPN IPsec VPN functionality securely connects one or more branch offices to your company s main headquarters or to other branches Data voice and video communications between these locations are kept safe and confidential across the public Internet IPsec VPN on Pepwave routers is specially designed for multi WAN environments For instance if a user sets up multiple IPsec profiles for a multi WAN environment and WAN1 is connected and healthy IPsec traffic will go through this link However should unforeseen problems e g unplugged cables or ISP problems cause WAN1 to go down our IPsec implementation will make use of WAN2
130. r be valid and renewal of the IP address assignment will be required This option allows you to input the DNS server addresses to be offered to DHCP clients If DNS Servers Assign DNS server automatically is selected the Pepwave router s built in DNS server address i e LAN IP address will be offered This option allows you to optionally specify a Windows Internet Name Service WINS server You may choose to use the built in WINS server or external WINS servers When this unit is connected using SoeedFusion other VPN peers can share this unit s WINS Server built in WINS server by entering this unit s LAN IP address in their DHCP WINS Server setting Afterward all PC clients in the VPN can resolve the NetBIOS names of other clients in remote peers If you have enabled this option a list of WINS clients will be displayed at Status gt WINS Clients BOOTP Check this box to enable BOOTP on older networks that still require it In addition to standard DHCP options e g DNS server address gateway address subnet Extended mask you can specify the value of additional extended DHCP options as defined in RFC 2132 With these extended options enabled you can pass additional configuration DHCP Option information to LAN hosts To define an extended DHCP option click the Add button choose the option to define and Pepwave MAX and Surf User Manual enter its value For values that are in IP address list format you can e
131. rding Settings Enable Check this box to turn on Bonjour forwarding Bonjour Choose Service and Client networks from the drop down menus and then click to Service add the networks To delete an existing Bonjour listing click Pepwave MAX and Surf User Manual To enable VLAN configuration click the Hd button in the IP Settings section IP Settings To add a new LAN click the New LAN button To change LAN settings click the name of the LAN to change under the LAN heading VLAN Network LAN ser FEES The following settings are displayed when creating a new LAN or editing an existing LAN IP Settings EN 255 255 255 0 24 _ IP Address amp Enter the Pepwave router s IP address and subnet mask values to be used on the LAN Subnet Mask Network Settings Name Enter a name for the LAN VLAN ID Enter a number for your VLAN Inter VLAN Check this box to enable routing between virtual LANs routing Captive Portal Check this box to turn on captive portals Pepwave MAX and Surf User Manual DHCP Server Settings mesm O IPRense IERE Lease Time oo 1 Days 0 Hours 0 Mins PDC Assign DNS server automaticaly CN Assn wssns C EN a Im Pp CN Extended DHCP Option Cid Name MAC Address Statice DHCP Server Settings When this setting is enabled the Pepwave routers DHCP server automatically assigns an IP address to each computer that is connec
132. rrent active settings Configurations To restore or change settings based on a configuration file click Choose File to locate the Upload configuration file on the local computer and then click Upload The new settings can then Configurations be applied by clicking the Apply Changes button on the page header or you can cancel the procedure by pressing discard on the main page of the web admin interface Upload In a high availability HA configuration a Pepwave router can quickly load the configuration Configurations of its HA counterpart To do so click the Upload button After loading the settings from High Availability Pair configure the LAN IP address of the Pepwve router so that it is different from the HA counterpart Pepwave MAX and Surf User Manual 20 9 Feature Add ons Some Pepwave routers have features that can be activated upon purchase Once the purchase is complete you will receive an activation key Enter the key in the Activation Key field click Activate and then click Apply Changes 20 10 Reboot This page provides a reboot button for restarting the system For maximum reliability the Pepwave router can equip with two copies of firmware Each copy can be a different version You can select the firmware version you would like to reboot the device with The firmware marked with Running is the current system boot up firmware Please note that a firmware upgrade will always replace the inactive
133. s A Beacon Interval selecied This field allows you to set the frequency for the beacon to include a delivery traffic DTIM indication message The interval is measured in milliseconds The default value is set to 1 ms Slot Time4 This field is for specifying the wait time before the Surf SOHO transmits a packet By default this field is set to 9 us A This field is for setting the wait time to receive an acknowledgement packet before ACK Timeout performing a retransmission By default this field is set to 48 us Frame This option allows you to enable frame aggregation to increase transmission Aggregation throughput This setting allows choosing a short or long guard period interval for your A Guard Interval transmissions A Advanced feature please click the Ed button on the top right hand corner to activate 19 3 Toolbox Tools for managing firmware packs can be found at AP gt Toolbox Firmware Packs Check for Updates Manual Upload Default No cefault d Firmware Packs Here you can manage the firmware of your AP Clicking on will result in information regarding each firmware pack To receive new firmware packs you can click Check for Updates to download new packs or you can click Manual Upload to manually upload a firmware pack Click Default to define which firmware pack is default Pepwave MAX and Surf User Manual 20 System Settings 20 1 Admin Security There are two typ
134. s branch offices and headquarters will be able to route to local subnets Note that all LAN subnets and the subnets behind them must be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN using the 256 bit AES encryption standard To configure navigate to Advanced gt SpeedFusion or Advanced gt PepVPN and click the New Profile button to create a new VPN profile you may have to first save the displayed default profile in order to acesss the New Profile button Each profile specifies the settings for making VPN connection with one remote Pepwave or Peplink device Note that available settings vary by model 9 soon Dl ses RE neccen ese ie Remote ID Preshared Key a PepVPN Profile lf this field is empty this field on the remote unit must be filled 2 Default Custom wan Smoothing Coe A list of defined SpeedFusion connection profiles and a Link Failure Detection Time option will be shown Click the New Profile button to create a new VPN connection profile for making a VPN connection to a remote Peplink Balance via the available WAN connections Each profile is for making a VPN connection with one remote Peplink Balance PepVPN Profile Settings This field is for specifying a name to represent this profile The name can be any Name combination of alphanumeric characters 0 9 A Z a z underscores _ dashes and or non leading trailing s
135. s only the data protected by that key None Do not request for PFS when initiating connection However since there is no valid reason to refuse PFS the system will allow the connection to use PFS if requested by the remote peer This is the default value Group 2 1024 bit Diffie Hellman group The larger the group number the higher the security Group 5 1536 bit is the third option This setting specifies the lifetime limit of this Phase 2 Security Association By default it is set at 28800 seconds WAN Connection Priority WAN Connection Select the appropriate WAN connection from the drop down menu Pepwave MAX and Surf User Manual 14 Outbound Policy Management Pepwave routers can flexibly manage and load balance outbound traffic among WAN connections Important Note Outbound policy is applied only when more than one WAN connection is active The settings for managing and load balancing outbound traffic are located at Advanced gt Outbound Policy or Advanced gt PepVPN depending on the model Outbound Policy Rules WDrag and drop rows to change rule order Service Algorithm Source Destination Flite be Port Persistence Src Fiat TCP Auto Y 443 EED Add Rule 14 1 Outbound Policy Outbound policies for managing and load balancing outbound traffic are located at Network gt Outbound Policy gt or Advanced gt PepVPN gt Outbound Policy Outbound Policy
136. s services provided by the Pepwave router web admin Share Drop In access from the WAN DNS server requests etc IPA To connect to hosts on the LAN email notification remote syslog etc the default gateway address will be used The Pepwave router will listen for this IP address when LAN hosts access services provided by the Pepwave router web admin access from the WAN DNS proxy etc Access to this IP address will be passed through to the LAN port if this device is not serving Shared IP the service being accessed The shared IP address will be used in connecting to hosts on Address the WAN email notification remote syslog etc The device will also listen on the IP address when hosts on the WAN access services served on this device web admin access from the WAN DNS server etc Enter the WAN router s IP address in this field If there are more hosts in addition to the WAN Default router on the WAN segment check the have other host s on WAN segment box and Gateway enter the IP address of the hosts that need to access LAN devices or be accessed by others WAN DNS Enter the selected WAN s corresponding DNS server IP addresses Servers A Advanced feature please click the Ed button on the top right hand corner to activate Layer 2 PepVPN Bridging laa s eN oo Fm F N Do not override Static By DHCP As None Layer 2 PepVPN Bridging PepVPN The remote network of the selected PepVPN profiles will be
137. s up The connection will NOT be treated as down in the event of IP routing errors Health Check Method PING W Use first two DNS servers as PING Hosts ICMP ping packets will be issued to test the connectivity with a configurable target IP address or hostname A WAN connection is considered as up if ping responses are received from either one or both of the ping hosts This setting specifies IP addresses or hostnames with which connectivity is to be tested via ICMP ping If Use first two DNS servers as Ping Hosts is checked the target ping host PING Hosts willbe the first DNS server for the corresponding WAN connection Reliable ping hosts with a high uptime should be considered By default the first two DNS servers of the WAN connection are used as the ping hosts Health Check Method DNS Lookup Health Check Method IDNS Lookup 7 Health Check DNS Servers Host 1 Host 2 W Use first two DNS servers as Health Check DNS Servers U Include public DNS servers DNS lookups will be issued to test connectivity with target DNS servers The connection will be treated as up if DNS responses are received from one or both of the servers regardless of whether the result was positive or negative This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS Lookup If Use first two DNS servers as Health Check DNS Servers is chec
138. ser Manual SNMP Community Settings Community This setting specifies the SNMP community name Name Allowed Source Subnet Address This setting specifies a subnet from which access to the SNMP server is allowed Enter subnet address here e g 192 168 1 0 and select the appropriate subnet mask To define a user name for SNMPv3 click Add SNMP User in the SNMPv3 User Name SNMPv3 User SNMPlser SHA password DES privacypassword Save Cancel table upon which the following screen is displayed SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3 This setting specifies via a drop down menu one of the following valid authentication protocols Authentication e NONE Protocol e MD5 e SHA When MD5 or SHA is selected an entry field will appear for the password This setting specifies via a drop down menu one of the following valid privacy protocols Privacy Protocol e NONE e DES When DES is selected an entry field will appear for the password Pepwave MAX and Surf User Manual 20 7 InControl InControl Management Allow InControl Management Privately Host InControl EO de InControl is a cloud based service which allows you to manage all of your Peplink and Pepwave devices with one unified system With it you can generate reports gather statistics and configure your devices automatically All of this is now poss
139. ser Manual Advanced Wi Fi AP settings can be displayed by clicking the Ki on the top right hand corner of the Wi Fi AP Settings section which can be found at AP gt Settings Other models will display a separate section called Wi Fi AP Advanced Settings which can be found at Advanced gt Wi Fi Settings uE ges a E orm O ack Tmenin de Frame Aggregation Enable Guard Interval Short Long Wi Fi AP Advanced Settings A This option is for setting the transmit bit rate for sending a beacon By default 1Mbps is Beacon Rate HE A This option is for setting the time interval between each beacon By default 100ms is Beacon Interval Mee This field allows you to set the frequency for the beacon to include delivery traffic DTIM indication messages The interval is measured in milliseconds The default value is set to 1 ms Slot Time A This field is for specifying the unit wait time before transmitting a packet By default this field is set to 9 us A This field is for setting the wait time to receive an acknowledgement packet before ACK Timeout performing a retransmission By default this field is set to 48 us Frame Aggregation This option allows you to enable frame aggregation to increase transmission throughput Guard Interval This is where you opt for a short or long guard period interval for your transmissions A Advanced feature please click the Ed button on the top right hand corner to activate
140. server Remote Syslog Host This setting specifies the IP address or hostname of the remote syslog server The Pepwave router can also send push notifications to mobile devices that have our Mobile Router Utility installed Check the box to activate this feature Push Events peplink For more information on the Router Utility go to www peplink com products router utility PEPWAVE Pepwave MAX and Surf User Manual 20 6 SNMP SNMP or simple network management protocol is an open standard that can be used to collect information about the Pepwave router SNMP configuration is located at System gt SNMP SNMP Settings evi Wa gt o2 so OOOO O TE se EEN oo I EE EE EE I TE Community Name Allowed Source Network Access Mode Add SNMP Community SNMPv3 User Name Authentication Privacy Access Mode Add SNMP User SNMP Settings SNMP Device Name This field shows the router name defined at System gt Admin Security SNMP Port This option specifies the port which SNMP will use The default port is 161 SNMPv1 This option allows you to enable SNMP version 1 SNMPv2 This option allows you to enable SNMP version 2 SNMPv3 This option allows you to enable SNMP version 3 To add a community for either SNMPv1 or SNMPv2 click the Add SNMP Community button in the Community Name table upon which the following screen is displayed SNMP Community Save Cancel Pepwave MAX and Surf U
141. server This has been tested with Open LDAP servers where passwords are NTLM hashed Active Directory is not supported You can choose to use RADIUS to authenticate with a Windows server RADIUS Server Authenticate with an external RADIUS server This has been tested with Microsoft Windows Internet Authentication Service and FreeRADIUS servers where passwords are NTLM hashed or in plain text Authentication This Sema allows you to define PPTP user accounts Click Add to input username and password to create an account After adding the user accounts you can click on a username to edit the account password Click to delete the account in its corresponding row User Accounts 18 7 Certificate Manager Certificate Manager This section allows you to assign certificates for local VPN and web admin SSL The local keys will not be transferred to another device by any means 18 8 Service Forwarding service forwarding settings are located at Advanced gt Misc Settings gt Service Forwarding SMTP Forwarding Setup Enable W Web Proxy Forwarding Setup Enable ese O ra Custom Service Forwarding Setup DNS Forwarding Setup Enable Enable Service Forwarding When this option is enabled all outgoing SMTP connections destined for any host at SMTP Forwarding TCP port 25 will be intercepted These connections will be redirected to a specified SMTP server and port number SMTP server settings f
142. sing screws After adding the screw on the wall slide the MAX in the screw hole socket as indicated below Recommeneded screw specification M3 5 x 20mm head diameter 6mm head thickness 2 4mm The Pepwave MAX BR1 requires four screws for wall mounting 6 2 Car Mount The Pepwave MAX700 HD2 can be mounted in a vehicle using the included mounting brackets Place the mounting brackets by the two sides and screw them onto the device 6 3 IP67 Installation Guide Installation instructions for IP67 devices can be found here http download peplink com manual IP67_Installation_Guide pdf 7 Connecting to the Web Admin Interface Pepwave MAX and Surf User Manual 1 Start a web browser on a computer that is connected with the Pepwave router through the LAN 2 To connect to the router s web admin interface enter the following LAN IP address in the address field of the web browser htto 192 168 50 1 This is the default LAN IP address for Pepwave routers 3 Enter the following to access the web admin interface PEPWAVE Username admin UNM UUU Password admin eise This is the default username and password for Pepwave routers The admin and read only user passwords can be changed at System gt Admin Security Login 4 After successful login the Dashboard will be displayed WAN Connection Status O Priority 1 Highest Connected Details Connected Details 71 No SIM Card Detecte
143. ss the Pepwave router will use to send reports Recipient s This setting specifies the email address es to which the Pepwave router will send email Email Address notifications For multiple recipients separate each email addresses using the enter key After you have finished setting up email notifications you can click the Test Email Notification button to test the settings before saving After Test Email Notification is clicked you will see this screen to confirm the settings SMTP Server smtp mycompany com Sender s Email Address admin mycompany com Recipient s Email Address system mycompany com staff mycompany com Click Send Test Notification to confirm In a few seconds you will see a message with detailed test results ttings are not saved it will be saved after clicked the Pepwave MAX and Surf User Manual Test Result INFO Try email through connection 3 220 EEMTP gt EHLO balance z 250 smtp Hello balance 210 210 210 210 200 S1ZE 100000000 250 GBITHIME 250 PIPELINING 250 AUTH PLAIN LOGIN 2J0 STARTTLS se m m m LST 20 5 Event Log Event log functionality enables event logging at a specified remote syslog server The settings for configuring the remote system log can be found at System gt Event Log Remote Syslog Remote Syslog Host Push Events _ Event Log Settings Remote Syslog This setting specifies whether or not to log events at the specified remote syslog
144. system mycompany com staff mycompany com l Save Test Email Notification Email Notification Settings This setting specifies whether or not to enable email notification If Enable is checked the Email Pepwave router will send email messages to system administrators when the WAN status Notification changes or when new firmware is available If Enable is not checked email notification is disabled and the Pepwave router will not send email messages Pepwave MAX and Surf User Manual SMTP Server This setting specifies the SMTP server to be used for sending email If the server requires authentication check Require authentication Check the box to enable SMTPS When the box is checked SMTP Port will be changed to 465 automatically SSL Encryption This field is for specifying the SMTP port number By default this is set to 25 when SSL SMTP Port Encryption is checked the default port number will be set to 465 You may customize the port number by editing this field Click Default to restore the number to its default setting SMTP User B N This setting specifies the SMTP username and password while sending email These ame eee options are shown only if Require authentication is checked in the SMTP Server setting Password Confirm SMTP __ Sp This field allows you to verify and confirm the new administrator password Password Sender s Email Address This setting specifies the email addre
145. t Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 11 MAX On The Go 4 11 1 Panel Appearance integrated 1dBi Omni WiFi Antenna 10V 24VDC Reset RP SMA Wi Fi Connector Button Antenna Connector lx 10 100M 1x 10 100M Ethernet LAN Ethernet WAN 4x USB WAN Interfaces 4 11 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Cellular Indicators OFF Modem is not attached to the port Green Modem is attached to the port Wi Fi Indicators Wi Fi OFF Disconnected from AP di Al Connected to AP Status Indicators OFF System initializing Status Red Booting up or busy ar Ready LAN and Ethernet WAN Ports ON 100 Mbps OFF 10 Mbps ON Port is connected without traffic Orange LED AE i i Blinking Data is transferring Port Type Auto MDI MDI X ports Pepwave MAX and Surf User Manual 4 12 Surf SOHO 4 12 1 Panel Appearance Wi Fi Activity Indicator PEPWAVE surr sono Status Indicator 10 24V DC USB 4x 100 1000M 10 100M Wi Fi Reset Connector WAN Port Ethernet LAN Ethernet WAN Signal Strength Button Pp RP SMA Wi Fi Antenna Connectors 4 12 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Wi Fi and Status Indicators OFF Disabled Intermittent Blinking Enabled but no client connected Wi Fi ON Client s connected to wireless network rate Transferring data to wireless network inking OFF System initializi
146. t be routed through the lowest latency WAN regardless of the WAN s Pepwave MAX and Surf User Manual available bandwidth 14 2 8 Expert Mode Expert Mode is available on some Pepwave routers for use by advanced users To enable the feature click on the help EN EE IS Ee Glows You tO TINE TUNE MOW icon and click turn on Expert Mode the outbound traffic should be distributed to the WAN connections In Expert Mode a new special rule SpeedFusion M Routes is displayed in the Custom Rules table This rule represents all SoeedFusion routes learned from remote ane VPN peers By default this bar is on the top of all custom eee rules This position means that traffic for remote VPN Ed RE subnets will be routed to the corresponding VPN peer You PPF sttic tun on koer Mees can create custom Priority or Enforced rules and move them above the bar to override the SpeedFusion M routes Upon disabling Expert Mode all rules above the bar will be removed Y Eau Algorithm Source Destination Kore Persistence Src TCP ee Auto Any Any ee x PepVPN Routes Defaut Pepwave MAX and Surf User Manual 15 Inbound Access 15 1 Port Forwarding Service Pepwave routers can act as a firewall that blocks by default all inbound access from the Internet By using port forwarding Internet users can access servers behind the Pepwave router Inbound port forwarding rules can be defined at
147. t f lgende udstyr udstyrets Danish typebetegnelse overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Deutsch Hiermit erkl rt Name des Herstellers dass sich das Ger t Ger tetyp in German Ubereinstimmung mit den grundlegenden Anforderungen und den brigen einschl gigen Bestimmungen der Richtlinie 1999 5 EG befindet Eesti K esolevaga kinnitab tootja nimi name of manufacturer seadme seadme t p Estonian type of equipment vastavust direktiivi 1999 5 EU p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele English Hereby name of manufacturer declares that this type of equipment is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Pepwave MAX and Surf User Manual Espa ol Spanish EAANvIKA Greek Francais French Italiano Italian Latviski Latvian Lietuviy Lithuanian nl Nederlands Dutch Malti Maltese Magyar Hungarian IE Polski Polish Portugu s Portuguese L Slovensko Slovenian Slovensky Slovak ti Suomi Finnish Svenska Swedish Por medio de la presente nombre del fabricante declara que el clase de equipo cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE ME THN IIAPOY2A name of manufacturer AHAONEI OTI type of equipment LYMMOPOQONETAI MPO
148. t the local system Mss can handle The MSS maximum segment size is computed from the MTU minus 40 bytes for TCP over IPv4 If MTU is set to Auto the MSS will also be set automatically By default MSS is set to Auto Some service providers e g cable providers identify the clients MAC address and require MAC Address the client to always use the same MAC address to connect to the network In such cases change the WAN interface s MAC address to the original client PC s MAC address via this Clone field The default MAC address is a unique value assigned at the factory In most cases the default value is sufficient Clicking Default restores the MAC address to the default value VLAN Click the square if you wish to enable VLAN functionality and enable multiple broadcast domains Once you enable VLAN you will be able to enter a name for your network Reply to ICMP It this field is disabled the WAN connection will not respond to ICMP ping requests By PING default this is enabled Additional The IP Address list represents the list of fixed Internet IP addresses assigned by the ISP in Public IP the event that more than one Internet IP address is assigned to this WAN connection Enter the fixed Internet IP addresses and the corresponding subnet mask and then click the Address Down Arrow button to populate IP address entries to the IP Address List Pepwave MAX and Surf User Manual IPv6 Disabled ral IPv6 support can
149. tatus a is di Oo Add a New Custom Rule LAN SpeedFusion IPsec VPN Outbound Policy ree Ee EN OP Netw Severs OH P Network services O EE EN ry He gt DNS Settings NAT Mappings WLAN Controller Management m Wireless Networks a AP Profiles Qos User Groups Bandwidth Control Application http youtu be rKH4AS_bQnE 14 2 Custom Rules for Outbound Policy Click in the Outbound Policy form Choose Custom and press the Save button Outbound Policy Custom Rules Drag and drop rows to change rule order S ei Protocol oe Port Persistence Src ne IP Network TCP Auto i 192 168 50 0 24 443 Expert Mode Enabled Pepwave MAX and Surf User Manual The bottom most rule is Default Edit this rule to change the device s default manner of controlling outbound traffic for all connections that do not match any of the rules above it Under the Service heading click Default to change these settings To rearrange the priority of outbound rules drag and drop them into the desired sequence Default Rule Custom Auto Algorithm Load Distribution Weight HE WAN 1 10 WAN 2 10 Wi Fi WAN 10 Cellular 1 10 Cellular 2 10 USB 10 ay Enable Terminate Sessions on Link Recover
150. ted via LAN and configured to obtain an IP address via DHCP The Pepwave router s DHCP server can prevent IP address collisions DHCP Server nthe LAN To enable DHCP bridge relay please click the icon on this menu item IP Range amp These settings allocate a range of IP address that will be assigned to LAN computers by the Subnet Mask Pepwave router s DHCP server This setting specifies the length of time throughout which an IP address of a DHCP client Lease Time remains valid Upon expiration of Lease Time the assigned IP address will no longer be valid and the IP address assignment must be renewed This option allows you to input the DNS server addresses to be offered to DHCP clients If DNS Servers Assign DNS server automatically is selected the Pepwave router s built in DNS server address i e LAN IP address will be offered This option allows you to specify the Windows Internet Name Service WINS server You may choose to use the built in WINS server or external WINS servers When this unit is connected using SpeedFusion other VPN peers can share this unit s built in WINS server WINS Servers by entering this unit s LAN IP address in their DHCP WINS Servers setting Therefore all PC clients in the VPN can resolve the NetBIOS names of other clients in remote peers If you have enabled this option a list of WINS clients will be displayed at Status gt WINS Clients BOOTP Check this box to enable BOOTP on older networks that
151. ters Beae O Admin Settings This field allows you to define a name for this Pepwave router By default Router Name is set as MAX XXXX or Surf SOHO_XXXX where XXXX refers to the last 4 digits of the units serial number Admin User Name is set as admin by default but can be changed if desired This field allows you to specify a new administrator password This field allows you to verify and confirm the new administrator password Read only User Name is set as user by default but can be changed if desired This field allows you to specify a new user password Once the user password is set the read only user feature will be enabled This field allows you to verify and confirm the new user password This field specifies the number of hours and minutes that a web session can remain idle before the Pepwave router terminates its access to the web admin interface By default it is set to 4 hours Pepwave MAX and Surf User Manual Authentication by RADIUS Auth Protocol Auth Server Auth Server Secret Auth Timeout Accounting Server Accounting Server Secret Network Connection CLI SSH CLI SSH Port CLI SSH Access Security Web Admin Port Web Admin Access With this box is checked the web admin will authenticate using an external RADIUS server Authenticated users are treated as either admin with full read write permission or user with read only access Local admin and user accounts wil
152. teway address The address and subnet mask values are in w x y z format Static Route The local LAN subnet and subnets behind the LAN will be advertised to the VPN Remote routes sent over the VPN will also be accepted Any VPN member will be able to route to the local subnets Press t to create a new route Press x to remove a route WINS Server Settings WINS Server Settings Enable Check the box to enable the WINS server A list of WINS clients will be displayed at Status WINS Clients Pepwave MAX and Surf User Manual O Connection WAN 2 BEL Wi Fi WAN EE Cellular 1 es Cellular 2 EER s ENG R o E EA mi DNS Servers Preferred connections are shown with 4 DNS Proxy Settings To enable the DNS proxy feature check this box and then set up the feature at Enable Network gt LAN gt DNS Proxy Settings A DNS proxy server can be enabled to serve DNS requests originating from LAN PPTP SpeedFusion peers Requests are forwarded to the DNS servers resolvers defined for each WAN connection This field is to enable DNS caching on the built in DNS proxy server When the option is enabled queried DNS replies will be cached until the records TTL has DNS Caching been reached This feature can help improve DNS lookup time However it cannot return the most up to date result for those frequently updated DNS records By default DNS Caching is disabled When this option is enabled th
153. this feature is enabled Pepwave MAX and Surf User Manual 18 Firewall A firewall is a mechanism that selectively filters data traffic between the WAN side the Internet and the LAN side of the network It can protect the local network from potential hacker attacks access to offensive websites and or other inappropriate uses The firewall functionality of Pepwave routers supports the selective filtering of data traffic in both directions e Outbound LAN to WAN e Inbound WAN to LAN The firewall also supports the following functionality e Intrusion detection and DoS prevention e Web blocking With SpeedFusion enabled the firewall rules also apply to VPN tunneled traffic Outbound Firewall Rules Drag and drop rows to change rule order tabi IP Destination IP Protocol Port Policy a a Inbound Firewall Rules WDrag and drop rows to change rule order Source IP ee re IP Protocol Port Add Rule Apply Firewall Rules to PepVPN Traffic Enabled Intrusion Detection and DoS Prevention 18 1 Outbound and Inbound Firewall Rules 18 1 1 Access Rules The outbound firewall settings are located at Advanced gt Firewall gt Access Rules gt Outbound Firewall Rules Outbound Firewall Rules WDrag and drop rows to change rule order 2 skel IP Destination IP Protocol Port ay ry gee Add Rule Pepwave MAX and Surf User Manual Click Add Rule to display the following screen
154. treated as down in the event of IP routing errors Health Check Method PING Host 2 Use first two DNS servers as PING Hosts ICMP ping packets will be issued to test the connectivity with a configurable target IP address or hostname A WAN connection is considered as up if ping responses are received from either one or both of the ping hosts This setting specifies IP addresses or hostnames with which connectivity is to be tested via ICMP ping If Use first two DNS servers as Ping Hosts is checked the target ping host PING Hosts willbe the first DNS server for the corresponding WAN connection Reliable ping hosts with a high uptime should be considered By default the first two DNS servers of the WAN connection are used as the ping hosts Health Check Method DNS Lookup Host 2 v Use first two DNS servers as Health Check DNS Servers Include public DNS servers DNS lookups will be issued to test connectivity with target DNS servers The connection will be treated as up if DNS responses are received from one or both of the servers regardless of whether the result was positive or negative This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS lookup If Use first two DNS servers as Health Check DNS Servers is checked the first two DNS servers will be the DNS lookup targets for checking a connection s health If the box is not checked Host 1 must be filled while a value
155. ts of the R amp TTE Directive 1999 5 EC The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the R amp TTE Directive 1999 5 EC EN 60950 1 2006 A11 2009 A1 2010 A12 2011 Safety of Information Technology Equipment EN50385 2002 Article 3 1 a Product standard to demonstrate the compliance of radio base stations and fixed terminal stations for wireless telecommunication systems with the basic restrictions or the reference levels related to human exposure to radio frequency electromagnetic fields 1 10MHz 40 GHz General public EN 300 328 V1 7 1 2006 Electromagnetic compatibility and Radio spectrum Matters ERM Wideband Transmission systems Data transmission equipment operating in the 2 4 GHz ISM band and using spread spectrum modulation techniques Harmonized EN covering essential requirements under article 3 2 of the R amp TTE Directive EN 301 908 1 V5 2 1 2011 Electromagnetic compatibility and Radio spectrum Matters ERM Base Stations BS Repeaters and User Equipment UE for IMT 2000 Third Generation cellular networks Part 1 Harmonized EN for IMT 2000 introduction and common requirements covering essential requirements of article 3 2 of the R amp T TE Directive Pepwave MAX and Surf User Manual EN 301 511 V9 0 2 2003 Global System for Mobile communications GSM Harmonized standard for mobile stations in the GSM 900 and DCS
156. ve arrangement In the event that the master unit is down the slave unit becomes active High availability will be disabled automatically where there is a drop in connection configured on a LAN bypass port Internet T Co s gt ADSL Cable Modem nouer Y Master Slave wig gt J Local Area Network In the diagram the WAN ports of each Pepwave router connect to the router and to the modem Both Pepwave routers connect to the same LAN switch via a LAN port An elaboration on the technical details of the implementation of the virtual router redundancy protocol VRRP RFC 3768 by Pepwave routers follows e In an HA configuration the two Pepwave routers communicate with each other using VRRP over the LAN e The two Pepwave routers broadcast heartbeat signals to the LAN at a frequency of one heartbeat signal per second e Inthe event that no heartbeat signal from the master Pepwave router is received in 3 seconds or longer since the last heartbeat signal the slave Pepwave router becomes active e The slave Pepwave router initiates the WAN connections and binds to a previously configured LAN IP address e At a subsequent point when the master Pepwave router recovers it will once again become active Pepwave MAX and Surf User Manual You can configure high availability at Advanced gt Misc Settings gt High Availability Interface for Master Router Interface for
157. ve router to preferentially choose steering select Prefer The default for this setting is Disable A Advanced feature Click the Ed button on the top right hand corner to activate Band Steering Security Settings a i asse 808 ee ae Hide Characters Security Settings Security This setting configures the wireless authentication and encryption methods Available options are Open No Encryption WPA WPA2 Personal WPA WPA2 Enterprise Policy and Static WEP Access Control Access Control The settings allow administrator to control access using MAC address filtering Available options are None Deny all except listed Accept all except listed and RADIUS MAC Authentication Restricted Mode When WPA WPA 2 Enterprise is configured RADIUS based 802 1 x authentication is enabled Under this configuration the Shared Key option should be disabled When using this method select the appropriate version using the V1 V2 controls The security level of this method is known to be very high Pepwave MAX and Surf User Manual MAC Address List When WPA WPA2 Personal is configured a shared key is used for data encryption and authentication When using this configuration the Shared Key option should be enabled Key length must be between eight and 63 characters inclusive The security level of this method is known to be high The configuration of Static WEP parameters enables pre shared W
158. ws the model name and number of this device Product Code If your model uses a product code it will appear here Hardware ie This shows the hardware version of this device Revision Serial Number This shows the serial number of this device Firmware This shows the firmware version this device is currently running Pep VPN This shows the current PepVPN version Version modem This sh th d t ion F list of ted mod lick Mod Support is shows the modem support version For a list of supported modems click Modem s Support List Version Host Name The host name assigned to the Pepwave router appears here Uptime This shows the length of time since the device has been rebooted System Time This shows the current system time Diagnostic Report The Download link is for exporting a diagnostic report file required for system investigation Pepwave MAX and Surf User Manual Remote Click Turn on to enable remote assistance Assistance The second table shows the MAC address of each LAN WAN interface connected To view your device s End User License Agreement EULA click Important Note If you encounter issues and would like to contact the Pepwave Support Team http www pepwave com contact please download the diagnostic report file and attach it along with a description of your issue In Firmware 5 1 or before the diagnostic report file can be obtained at System gt Reboot 21 1 1 GPS Data The
159. y Save Cancel By default Auto is selected as the Default Rule You can select Custom to change the algorithm to be used Please refer to the upcoming sections for the details on the available algorithms To create a custom rule click Add Rule at the bottom of the table Note that some Pepwave routers display this button at Advanced gt PepVPN gt PepVPN Outbound Custom Rules Pepwave MAX and Surf User Manual Add a New Custom Rule T 1 I Til Domain Name WAN 2 10 Wi Fi WAN 10 Cellular 1 10 Cellular 2 10 USE 10 Save Cancel New Custom Rule Settings Service Name This setting specifies the name of the outbound traffic rule This setting specifies whether the outbound traffic rule takes effect When Enable is Enable checked the rule takes effect traffic is matched and actions are taken by the Pepwave router based on the other parameters of the rule When Enable is unchecked the rule does not take effect the Pepwave router disregards the other parameters of the rule This setting specifies the source IP address IP network or MAC address for traffic that r Source matches the rule This setting specifies the destination IP address IP network or domain name for traffic that matches the rule Domain Name A Any IP Address ean P Network Domain Name Destination lf Domain Name is chosen and a domain name such as foobar com is entered any Outgoing accesses to foobar com and

Download Pdf Manuals

image

Related Search

Related Contents

FCC - Yepzon  AL-88c - User`s manual  EnerGenie EGM-PWM  Eden WTDI  Manual en Español-English  Mode d`emploi pour les interrupteurs de sécurité NZ.VZ  Kicker 2007 MX700.5 Owner's Manual  ドレスアップシート 取付・取扱説明書  Instruction Manual for BPA-11  homeLYnk User Guide - Schneider Electric  

Copyright © All rights reserved.
Failed to retrieve file