User Manual (9.5M pdf)
Contents
1. IPSec Connection Name Inew connection Device Info Advanced Setup Remote IPSec Gateway Address 192 168 1 1 WAN tace LAN Tunnel access from local IP addresses Subnet Y NAT IP Address for VPN 1192 168 1 2 Security IP Subnetmask 255 255 255 0 Quality of Service ae Routing 2 DNS Tunnel access from remote IP addresses Subnet v DSL IP Address for YPN 192 168 1 5 ad ere IP Subnetmask 255 255 255 0 Port Mapping IPSec E Key Exchange Method Auto IKE w Certificate i ee Local Authentication Method Pre Shared Key wal Trusted CA Pre Shared Key key Wireless Perfect Forward Secrecy Disable vw Voice Figure2 9 6 IPSec Configure example This is a dynamic page It will change itself by showing and hiding options when different types or connections are chosen User can select automatic key exchange or manual key exchange pre shared key authentication or certificate authentication etc When automatic key exchange method is used click Show Advanced Settings will show more options Pre Shared Key Perfect Forward Secrecy Dis able w Device Info Advanced Setup Advanced IKE Settings WAN Phase 1 LAN meea Mode Main v NAT ie Encryption Algorithm 3DES v Security E A integrity Algoritnn NDS Quality of Service mts de dado caliadadd Ws vy Routing Select Diffie Hellman Gr2. request reque reos OS oe Es 146 50 946651 10 11 102 2 192 168 1 2553 ICMP Echo ping reply 152 51 943790 192 1658 1 253 AL AU ICMP Echo ping request 153 51 944210 10 11 102 56 10 11 102 z2 ICMP Echo ping request 154 51 966610 10 11 102 2 10 11 102 36 ICMP Echo tpingi reply 155 51 966798 10 11 102 2 192 165 1 2553 ICMP Echo tpingi reply 158 52 944283 192 168 1 253 TNA Ae ICMP Echo ping request 159 52 9444725 10 11 102 536 10 11 102 2 ICMP Echo ping request 160 52 966883 10 11 102 2 10 11 102 36 ICMP Echo tpingi reply 181 52 967071 Se E EAS 192 165 1 2553 ICMP Echo tpingi reply 174 55 683850 10 11 102 2 10 11 102 36 ICMP Destination unreachable Ch 175 55 6841309 10 11 102 2 1042 168 1 253 ICMP Destination unreachable Ch 183 57 810334 10 11 102 2 10 11 102 36 ICMP Destination unreachable cp 184 57 810588 10 11 102 2 192 168 1 253 ICMP Destination unreachable Ch y PE EES gt E Ethernet II Skta E PPP pvercEthernet sess1on oo 14 OO 23 1f ff O2 00 6l 5f 20 El En en File Untitled 35 KB 0 P 351 D 52 M 0 Tos 31 00 OO 21 45 66 24 Da 63 64 65 fa 74d 75 fo 0g ab 66 Fo DST id Frame 144 82 bytes on wire 82 bytes captured OOPS 107 20 06 580 eb 5e 88 54 3b 86 00 00 08 00 48 Se 69 a 6b c 62 63 64 65 00 14 78 40d 08 31l BEE as Es Ed a abcdef gh ijkTmn opqrstuv wabodet q figure 7 the packet transmitted from PVC
3. O UUL ee kK e Wo 1P2 _VelP1 WLAN 5 LANI LANZ LAR LANI LAN4 SWITCH Power on off switch Plug in for power adaptor LAN interface for connecting to computer or LAN Switch USB host Connect other USB device to supply some added value application Modem Reset button Press to reset the hardware and the modem will auto restart This action will recover the modem s default configuration WLAN Security Easy Setup First short press to create a WPS network and WPS led is on other short press enable WPS WPS button client to register and WPS led is blink Long press hold for 5sec to disable this function when WPS led is on ADSL connector for connecting to ADSL LINE l telephone line 2 Hardware Installation The DSL Router maintains three separate interfaces an Ethernet LAN a wireless LAN and an ADSL WAN interface Place the Router in a location where it can be connected to the various devices as well as to a power source The Router should not be located where it will be exposed to moisture or excessive heat Make sure the cables and power cord are placed safely out of the way so they do not create a tripping hazard As with any electrical appliance observe common sense safety procedures The Router can be placed on a shelf or desktop ideally you should be able to see the LED indicators on the front if you need to view them for troubleshooting 2 1 Choosing the Best Location for Wirel
4. 4 6 2 Web Page Introduction Once you have logged in web page navigate to VoIP page from left menu tree Here you can set some parameters you need to register SIP endpoints place a call or some advanced feature The VoIP page doesn t contains a Save or Apply button but you can save your settings permanently by clicking Stop SIP client or Start SIP client 4 6 2 1 SIP Basic Setting Access the SIP Basic setting by clicking the SIP Basic Setting tab under the Voice menu The SIP Basic Setting screen appears 1t shows as figure 1 2 138 com INVITE bobmbilo a A M Way Me id Stream 200 OK 180 Ringing lt 00 OR SP Voice SIP configuration Enter the SIP parameters and click Start Stop to save the parameters and start stop the voice application Device Info Quick Setup Interface name bro Bridge y Advanced Setup E Locale selection usa United States Wireless Voice Preferred codec list none y none Y none y fnone y none y none y SIP Basic Setting SIP Advanced Setting Preferred ptime fo SIP Debug Setting Usb Storage SIP domain name Diagnostics ss ie FT Use SIP Proxy C Use SIP Outbound Proxy Authentication LineDisabled Extension Display Name oo Password Name AA 2 E rr E Stop SIP client Figure 3 3 7 SIP Basic Setting Web Page SIP Basic Setting web page enable you to set some parameters such as Preferred co
5. Save Apply Figure2 8 8 5 QoS Queue Config Queue Configuration Status Enable or Disable to configure a Qos queue entry Queue select a specific network interface When you have already selected a network interface the specific network interface selected will automatically allocate to the queue Queue Precedence select a integer value for queue precedence when you have already selected a integer value the queue entry will place to ingress packets apporiately Lower integer values for precedence imply higher priority for this queue relative to others Step2 add a Qos queue entry and assign it to a specific network interface PVC 0 8 81 set integer values for queue precedence is 2 Show following interface Device Info Quick Setup Advanced Setup WAN LAN Quality of Service Queue Config QoS Classification Routing DSL Print Server Port Mapping Certificate Wireless Yoice Diagnostics Management QoS Queue Configuration The screen allows you to configure a QoS queue entry and assign it to a specific network interface Each interface with QoS enabled will be allocated three queues by default Each of the queues can be configured for a specific precedence The queue entry configured here will be used by the classifier to place ingress packets appropriately Note Lower integer values for precedence imply higher priority for this queue relative to others Click Save Apply to save and activate the filter Queue Co
6. Service Category IP Address Service State 21 NAT Firewall IGMP QOS WAN Setup Summary Make sure that the settings below match the settings provided by your ISP Device Info Quick Setup PORT YPI VCE 0 8 35 Advanced Setup Connection Type PPPoE Wireless Service Name pppoe_0_8_35_1 Voice gt s Service Category UBR Diagnostics ay Management IP Address Automatically Assigned Service State Enabled NAT Enabled Firewall Enabled IGMP Multicast Disabled Quality Of Service Disabled Click Save Reboot to save these settings and reboot router Click Back to make any modifications NOTE The configuration process takes about 1 minute to complete and your DSL Router will reboot Figure 2 2 2 5 5 WAN setup summary Click Save to save these settings And you can click Back to make any modifications After you click Save Reboot 1t show the following interface NOTE You need to reboot to activate this WAN interface and further configure services over this interface and it will take about two minutes to done with it DSL Router Reboot The DSL Router has been configured and is rebooting Device Info Close the DSL Router Configuration window and wait for 2 minutes before reopening your web browser If necessary reconfigure your PC s IP address to match your new configuration Quick Setup Advanced Setup Wireless Voice Diagnostics Management
7. Routing DNS DSL Print Server Destination Port port or port port WAN Interfaces Configured in Routing mode and with firewall enabled only Select at least one or multiple WAN interfaces displayed below to apply this rule Port Mapping V Select All Y br_0_8_35 ppp_0_8_35_1 Certificate Wireless Voice Diagnostics Management Save Apply Figure2 8 7 4 Incoming IP Filtering Add Setup example Click Save apply to show below Incoming IP Filtering Setup By default all incoming IP traffic from the WAN is blocked when the firewall is enabled However some IP traffic can be ACCEPTED Device Info by setting up filters Advanced Setup WAN Choose Add or Remove to configure incoming IP filters LAN NAT Filter Name YPI YCI Protocol Source Address Mask Source Port Dest Address Mask Dest Port Remove Security incoming ALL TCP UDP 10 10 10 10 255 255 0 0 IP Filtering Outgoing Add Incoming Parental Control Quality of Service Routing DNS DSL Print Server Port Mapping Certificate Wireless Voice Diagnostics WManagement Figure2 8 7 5 Incoming IP Filtering Config Complete 4 4 4 3 MAC Filtering Setup May be you want manage Layer 2 MAC address to block or permit a computer within the home network when you enable MAC filter rules the MODEM serves as a firewall which work at layer 2 Click Security gt MAC Filtering to show the following interface Note MAC Filtering is only
8. Welcome to the Found New Hardware Wizard This wizard helps you install software for Texas Instruments COC Ethernet ANDIS Adapter pn be If your hardware came with an installation CD l or Floppy disk insert it now what do vou want the wizard to do 2 Install the software automatically Recommended O Install fram a list or specific location Advanced Click Next ta continue The dialog prompted Please wait while the wizard searches Hardware Update Wizard Please wait while the wizard searches Texas Instruments COC Ethernet ANDIS Adapter The USB driver has be searched by the Windows 11 Please wait while the wizard installs the software TI USE Remote NDIS Network Device Ignore the windows warning for has not passed Windows Logo testing Windows XP Click lt Continue Anyway gt Hardware Installation The software you are installing for this hardware TI USE Remote NDIS Network Device has not passed Windows Logo testing to verity its compatibility with Windows lt P Tell me why this testing ls important Continuing your installation of this software may impair or destabilize the correct operation of pour system either immediately or in the future Microsoft strongly recommends that you stop this installation now and contact the hardware vendor for software that has passed Windows Logo testing ee ae STOP Installation Click the button lt Finish gt to complete the US
9. button to remove a connection e Click the Add New Connection button to add a new connection e Click the Edit button to edit a existing connection 4 4 11 4 1 IPSec Setting Parameters gt IPSec Connection Name Enter a name for the new connection gt Remote IPSec Gateway Address the remote modem which you want to connection IP Gateway of WAN side gt Tunnel access from local IP addresses if you select single Address it allow only one PC from local to connect remote hosts with IPSEC mode And you must input the PC s IP address in 104 4th item If you select subnet 1t allow more than one PC from local to connect remote hosts with IPSEC mode Notice these PCs must in the same subnet you must input the subnet address in 4th item And input the subnet mask in the IP Subnet mask which will hide when you choose single Address gt IP Address for VPN the PC s IP address if you select single Address the subnet address if you choose subnet gt Tunnel access from remote IP addresses same with the third item but it means remote modem gt Key Exchange for VPN You can select the encrypt mode Auto IKE and manual The Auto IKE will set the encrypt auto the other need you set the encrypt manual 4 4 11 4 2 The example to configure IPSec The following screen is used to edit configurations when adding or editing an PSec connection IPSec Settings
10. interface select PPP over ATM PPPoA and VC MUX as the encapsulation and then click Next 5 In the PPP User name and Password interface enter the user name and password provided by 49 8 your ISP And then click Next In the Enable IGMP Multicast and WAN Service interface keep the default configuration unchanged and then click Next Check the network configurations and make sure that all settings agree with the data provided by your ISP and then click Save Click Save Reboot to apply the changes and reboot the system You can also modify the PVC 8 35 If you need to modify the LAN IP address and DHCP server information you can do it in LAN in Advanced Setup After the dial up is successful the IP address that the MODEM obtains at the WAN side port ppp_8_35_1 Query Device Info gt Route and the route table is as follows Destination Gateway Subnet Mask Flag Metric Service Interface 10 28 106 200 0 0 0 0 255 255 255 255 UH 10 pppoa_8_35_1 ppp_8_35_1 192 166 1 0 0 0 0 0 255 255 255 0 U 0 br 0 0 0 0 10 28 106 200 0 0 0 0 UG O pppoa_8_35_1 ppp_8_35_1 Note After the built in PPPOA dial up is successful the created WAN side port is ppp_8_35_1 4 4 1 6 Add MER PVC Click Add to add a certain piece of PVC The following descriptions are given by an example of adding PVC 8 35 MER mode Click Add
11. ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type interface select PPP over Ethernet PPPoE and LLC SNAP BRIDGING as the encapsulation and then click Next 5 In the PPP User name and Password interface enter the user name and password provided by your ISP And then click Next 6 In the Enable IGMP Multicast and WAN Service interface keep the default configuration unchanged and then click Next 7 Check the network configurations and make sure that all settings agree with the data provided by your ISP and then click Save 8 Click Save Reboot to apply the changes and reboot the system You can also modify the PVC 8 35 If you need to modify the LAN IP address and DHCP server information you can do it in LAN in Advanced Setup After the dial up is successful the IP address that the MODEM obtains at the WAN side port ppp_8_35_1 Query Device Info gt Route and the route table is as follows Destination Gateway Subnet Mask Flag Metric Service Interface 10 28 106 200 0 0 0 0 255 255 255 255 UH 0 pppoe_8 351 ppp 8 35 1 192 168 1 0 0 0 0 0 edad 2 LJ 0 bro 0 0 0 0 10 28 106 200 0 0 0 0 UE o pppoe 8 351 ppp 8 35 1 4 4 1 3 PPPoE PVC IP Extension Mode Dynamic Default Private IF Public IF 192 168 1 1 as igned bw BRAS hemet PPPoE IP E tenst on Mio de kh RADI
12. DSL Port Mapping Bridging Certificate Wireless saci Encapsulation Mode Dia tic dns LLC SNAP BRIDGING v Management Enable 802 1q Figure 2 4 6 PPP over Ethernet PPPoE Enable 802 1q If enable it input the 802 1q VLAN tag value Note that 802 1q VLAN tagging is only available for PPPoE MER and Bridge Click Next to show the following interface 3 In this interface you can modify the PPP Username PPP Password Authentication Method and so on name and password that your ISP has provided to you Device Info PPP Username we EEA SOM PPP Password se WAN PPPoE Service Name LAN de a NAT Authentication Method AUTO Security Quality of Service O Dial on demand with idle timeout timer Routing Inactivity Timeout minutes 1 4320 0 DNS DSL C PPP IP extension Print Server Advanced DMZ Port Mapping Certificate Mon DMZ IP Address Wireless Non DMZ Net Mask 255 255 25 Voice Diagnostics C Use Static IP Address Management IP Address 0 0 0 0 Retry PPP password on authentication error Figure 2 4 7 PPP information and others funtion page PPP Username the correct user name that your ISP has provided to you PPP Password the correct password that your ISP has provided to you PPPoE Service Name If your ISP provided it to you please input it Unless don t input anything Authentication Method AUT
13. File Edit View SHMP Action Tools Window Help Remote SMHMP agent 192 168 1 1 El El 43 MIB Tree FE ecitt H E iso Query results Welcome to MG SOFT MIB Browser Professional Edition 4 Trap received from 12T 0 0 1 ry SHE v1 can bee Es Figure 3 6 7 MIB Browser s main operation interface Click view menu item then select SNMP Protocol preferences sub menu item as figure 3 159 EE RI Md a AA File Edit View SHMF Action Tools Window Help P R MIE Mode Properties Ctrl D reer E MIE Browser Preferences Ctrltk Buen MIE SHME Protocol Preferences Ctrl M Ctr1 U Remote SNI fs Sump Agent Profiles l 192 168 1 1 A w Toolbar pasai Status Line qa MIB E tw Zoom Query Tab a E Query results Welcome to MG SOFT MIB Browser Professional Edition 4 Trap received from 127 0 0 1 Pomp ca RL Figure 3 6 7 SNMP Protocol preferences Show figure 3 6 8 as following SHEP Protocol Preferences E x SNMP protocol version ere C SAMPy2e C SNMPy3 General Get Bulk settings iY Use GetEulk lo Non repeaters fi 0 Mas repetitions SNMPY3 security ser secuiti name Read community ADSL Set community ADSL Timeout z 15 Retranamitz 2 Secun Evel Fort number 1161 Add to agent profiles Esad user prole Edit veer x Figure 3 6 8 read community and set community Select SMP protoc
14. IF Address Retry PPP password on authentication error Enable PPP Debug Mode Figure 2 2 2 1 2 PPP information and others funtion page Your Internet Service Provider ISP should provide you with the following information PPP Username PPP Password Authentication Method You can also select another service function as below Dial on demand with idle timeout timer PPP IP extension Use Static IP Address Retry PPP password on authentication error Enable PPP Debug Mode D We click Next button enter wan and gmp function information config page If you want to use IGMP service on pppoa pvc we must select Enable IGMP Multicast box 19 Enable IGMP Multicast and WAN Service Enable IGMP Multicast Enable WAN Service Service Marne pppoa O_O 53_1 Figure 2 2 2 1 3 PPPoA IGMP and WAN service page 4 2 1 4 Internet Connection Type PPP over Ethernet PPPoE A From Figure 2 2 1 config PVC and Qos of Pvc From Figure 2 2 2 Select PPP over Ethernet PPPoE from the Connection Type box and It s Encapsulation Type from the Encapsulation Mode combo box Connection Type Select the type of network protocol and encapsulation mode over the 502 19 VLAN tagging is only available for PPPoE MER and Bridging O PPP over ATM PPPoA MAC Encapsulation Routing MER IP over ATM IPoA Bridging Encapsulation Mode LLCO SNAP BRIDGING Figure 2 2 2 2 1 PPP over E
15. IP Address tab select the Obtain an IP address automatically radio button d From the DNS tab verify that no DNS server is defined in the DNS Service Search Order box and no suffix 1s defined in the Domain Suffix Search Order box Linux a Login into the system as a super user by entering su at the prompt b Type ifconfig to display the network devices and allocated IP addresses c Type pump 1 lt dev gt where lt dev gt is the network device name d Type ifconfig again to view the new allocated IP address e Make sure no firewall is active on device lt dev gt 4 Web based Management This chapter describes how to use DSL router Web based management which allows you to configure and control all of DSL router features and system parameters using a user friendly graphical interface This user friendly approach is also implemented in the WBM s documentation structure which is based directly on the WBM s structure You will find it easy to correspondingly navigate through both the WBM and 1ts documentation Device Info Board ID SESS SS Software Version 1123_092007 3 10L 02 sip alla2pB022g d20h Summary WAN Bootloader CFE Yersion 1 0 37 10 3 Statistics Wireless Driver Version 4 150 10 5 cpe2 0 Route ARP This information reflects the current status of your DSL connection DHCP Line Rate Upstream kbps Quick Setup Advanced Setup Line Rate Downstream Kbps Wireless LAN I
16. Jack Eso dl Telephone ZA LINE PG o no i O 3 Phone 5 Fig 2 1 2 3 Factory Reset Button The Router may be reset to the original factory default settings by depressing the reset button for a few seconds while the device is powered on Use a ballpoint or paperclip to gently push down the reset button Remember that this will wipe out any settings stored in flash memory including user account information and LAN IP settings The device settings will be restored to the factory default IP address 192 168 1 1 and the subnet mask 1s 255 255 255 0 the default management Username is admin and the default Password is admin 2 4 USB Installation To connect the DSL gateway to the PC s USB port perform the following e Connect the USB cable to the USB port on the DSL gateway The cable has two different 10 connectors you may have to try both connectors and the connector is keyed so try different orientations e Connect the other end of the USB cable into the PC s USB port e For the USB installation on Windows XP once the PC powers up a message tips shows Found new hardware on the system tray Found New Hardware Texas Instruments COC Ethernet RADIS Adapter Then a dialog window Found New Hardware Wizard pop up Select Install the software automatically Recommended and insert the Manual and Driver CD Rom Click lt Next gt the windows will search CD Rom for the best USB driver Found Hew Hardware Wizard
17. Print Server Certificate Port Mapping IPSec Certificate Local Trusted CA Wireless RS BEGIN RSA PRIVATE KEY lt insert private key here gt O O as END RSA PRIVATE KEY Usb Storage A A Figure3 1 3 Import Certificate 4 4 12 3 Trusted CA Certificates Click Certificate gt Trusted CA to show the interface CA certificates are used by you to verify peers certificates Maximum 4 certificates can be stored 108 Trusted CA Certificate Authority Certificates Add View or Remove certificates from this page CA certificates are used by you to verify peers certificates Device Info Maximum 4 certificates can be stored Advanced Setup WAN LAN Name Subject Type Action NAT Security Import Certificate Quality of Service Routing DNS DSL Print Server Port Mapping IPSec Certificate Stteeesenesesenesesssesscasenscsaassnsereseseeseneaasessessesssenesssesseeses E Wireless Yoice Figure3 1 4 Trusted CA certificates Click Import Certificate CA certificate can only be imported The screen for importing is shown below Import CA certificate Enter certificate name and paste certificate content Device Info Certificate Name Advanced Setup WAN ff ns BEGIN CERTIFICATE LAN lt insert certificate here gt NAT Security Routing DNS DSL Port Mapping Certificate Certificate Local Trusted CA Wireless Diagnos
18. Routing DNS DSL Port Mapping Certificate Wireless Add IP Filter Outgoing The screen allows you to create a filter rule to identify outgoing IP traffic by specifying a new filter name and at least one conditio below All of the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and activate the filter Filter Name Protocol v Source IP address Source Subnet Mask Source Port port or port port Destination IP address Destination Subnet Mask Destination Port port or port port Save Apply Figure2 8 6 8 Outgoing IP Filtering Add Setup Filter Name Protocol Source IP address Source subnet mask Source port Destination IP address Enter the name of outgoing filter rule select one among TCP UDP TCP UDP or ICMP protocols Enter a ip address when you have set ip address the outgoing packet protocol selected packet will block UPD TCP source port or a range of ports destination ip default no set Destination subnet mask Destination port UPD TCP destination port or a range of ports There is a examples to introduce how to configure the outgoing IP Filtering The topology is as follows PC1 192 165 1 10 Internet PC2 192 168 1 11 Request Figure2 8 6 9 Outgoing IP filer application O I need to block a whose IP address is 192 168 1 10 All outgoing UDP TCP packet from that PC1 192 168 1 10 is dis
19. There are three levels account ftpadmin account has the biggest authority it can view download and upload files Ftpuser account can view and download files anonymous account only has the view authority Allow FTP Server Device Info Allow the internet access Advanced Setup Wireless FTP Listening Port 25 default 21 Voice Max Connections for the same ip 180 0 means no restrict Usb Storage pes ated FTP Account Management Management Allow ftpadmin View Download Upload gt Password eecccecees Confirmed peecccccce O Allow ftpuser View Download Password Confirmed o E O Allow anonymous View ack save Figure 3 5 6 FTP Server Config Note After click save button you need to reboot the modem to activate this setting 4 7 1 2 Ftp client Setting Local Path When you insert USB storage it will show the USB storage information to us and you can select which storage to store Username The account name which is setted in the FTP Server Configure WEB UI Password The same with above Port The same with above Remote URL It is the remote FTP address where you are going to download files When we download files we store it to Local Path 152 The following 1s the example how to configure the setting service state FTP Server Off FTP Server Config USB Download Local Path No USB Storage Device sgdown Refresh Device Info Advanced Setu
20. WINXP WINME WINNT Ethernet Network Interface Card Please collect the following information This information will be very helpful for your ADSL configuration To keep a record for reference you can fill in the column as below Information you will need from your ADSL service provider Most users will not be required to change this Record info setting The Virtual Path Identifier VPI is used in conjunction with the Virtual Channel Identifier VCD to identify the data path between your ADSL service provider s network and your computer If you are setting up the Router for multiple virtual connections you will need to configure the VPI and VCI as instructed by your ADSL service provider for the additional connections This setting can be changed in the WAN menu of the web management interface VCI Most users will not be required to change this setting The Virtual Channel Identifier VCT used in conjunction with the VPI to identify the data path between your ADSL service provider s network and your computer If you are setting up the Router for multiple virtual connections you will need to configure the VPI and VCI as instructed by your ADSL service provider for the additional connections This setting can be changed in the WAN menu of the web management interface Connection and This is the method your ADSL service provider Encapsulation Type uses to transport data between the Internet and your computer Most users wi
21. an appropriate IP address for example the windows 2000 XP default DHCP client s vender ID is MSFT 5 0 1 To add interfaces to the grouped list select the interfaces from available interface list 2 Use the left arrow button to move the selected interfaces to the grouped list Device Info 3 To remove the interfaces select the interface from the grouped list and click the right arrow button Advanced Setup 4 To automatically add LAN clients to the specified group PWC edit the list sical Note that by adding the DHCP vendor ID OPTION 60 string The clients will be automatically denied an IP addres LAN by the local DHCP server and may obtain public IP address NAT Security Note that the selected interfaces will be removed from their existing groups and added to the Quality of Service Dw E sa 5 Click Save Apply button to make the changes effective immediately Routing DNS Note that the selected interfaces will be removed from their existing groups and added to the DSL Print Server Group Name 11 Port Mapping IPSec Certificate Grouped Interfaces Available Interfaces Wireless TENETI Voice ENET2 Usb Storage Diagnostics Management Figure2 9 4 Edit Port Mapping Configuration Edit Port Mapping Configuration Step1 To add interfaces to the grouped list select the interfaces from available interface list Step2 Use the left arrow button to move the selected interfaces to the grouped list Step3 To remove
22. and protocol If it identifies a match of port and protocol for a defined trigger port then it will open the assigned public ports and notes the IP address of the PC that sent the data If data comes back from the Internet via one of these public ports the router allows it through and directs it to the appropriate PC A trigger event always comes from a PC within the local network If a trigger port is addressed from outside the router simply ignores it Note An application that is configured for port triggering can only be run by one user in the local network at a time As long as the public ports are open they can be used by unauthorised persons to gain access to a PC in the local network When the DSL Router is supplied the NAT function Network Address Translation is activated 1 e all IP addresses of PCs in the local network are converted to the router s public IP address when accessing the Internet You can use the NAT settings to configure the DSL Router to carry out the following tasks Note For the functions described below the IP addresses of the PCs must remain unchanged If the IP addresses of the PCs are assigned via the DHCP server of the DSL Router you must select Never expires see page79 as the settings in the Local Network menu entry for the Lease time or assign static IP addresses for the PCs You can activate or deactivate the NAT function by default the NAT function is activated 67 4 4 3 2 NAT V
23. available you have to check those boxes in the table below In the current software version three virtual access points can be configured Guest AP Configuration The configuration is the same as the main SSID Service Set Identification has the unique name the limit of clients and so on Wireless Basic This page allows you to configure basic features of the wireless LAN interface You can enable or disable the wireless LAN interface hide the networl Device Info from active scans set the wireless network name also known as SSID and restrict the channel set based on country requirements Quick Setup Click Apply to configure the basic wireless options Advanced Setup Wireless y Enable Wireless Basic Hide Access Point Security MAC Filter Wireless Bridge Clients Isolation Disable WMM Advertise Advanced SSID Broadcom Station Info BSSID 00 73 07 20 E6 5D Yoice Usb Storage Country UNITED STATES Diagnostics Max Clients 128 Management Wireless Guest Virtual Access Points Disable Isolate Wax Enabled SSID Hidden _ WIM a BSSID Clients Clients Advertise Guest 128 N A Guestl 128 N A Guest2 128 N A Figure3 1 6 Wireless Basic Click Save Apply to save the basic wireless options and make the change take effect 116 4 5 3 2 Wireless Security This page allows you can configure security features of the wireless LAN interface You can sets the network authentication method selec
24. button to find the right version file and press Update Firmware to do the update Device Info Advanced Setup Wireless Diagnostics Management Settings System Log SNMP Agent Internet Time Access Control Update Software Save Reboot Tools Update Software Step 1 Obtain an updated software image file from your ISP Step 2 Enter the path to the image file location in the box below or click the Browse button to locate the image file Step 3 Click the Update Software button once to upload the new image file NOTE The update process takes about 2 minutes to complete and your DSL Router will reboot Software File Name Update Software Figure 3 7 8 Update Software page NOTE Do not turn off your MODEM during firmware updates When the update is finished the MODEM will reboot automatically Do not turn off your MODEM either before the reboot is over You must guarantee the update software is right and accurate It is strictly forbidden to use other software for updates After update software it is suggested to restore the MODEM to the factory defaults and configure it again 4 9 8 Save Reboot Click Save Reboot to show the following interface Click the Save Reboot button to save and reboot the router 166 Click the button below to save and reboot the router Device Info Save Reboot Advanced Setup Wireless Diagnostics Management Settings System Log SNMP Agent Internet Time
25. following PVC 8 35 Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup YPI CI Con ID Category Service Interface Protocol Igmp QoS VYilanid State Remove Edit 1 35 1 UBR br_1_35 nas_1 35 Bridge N A Disabled N A Enabled Security Routing Remove Save Reboot DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 5 9 MER Config In this interface you can modify VPI VCIls service categories and QoS 50 ATM PYC Configuration This screen allows you to configure an ATM PYC identifier VPI and YCD and select a service category Otherwise choose an existing interface by selecting the checkbox to enable it Device Info Advanced Setup VPI 0 255 8 WAN CI 32 65535 35 LAN Security A eee ee Routing DNS DSL a Enable Quality Of Service Certificate Wireless Enabling packet level QoS for a PWC improves performance for selected classes of applications QoS cannot be set for CBR and Diagnostics Realtime VBR QoS consumes system resources therefore the number of PVCs will be reduced Use Advanced Setup Quality Management of Service to assign priorities for the applications Enable Quality Of Service Figure 2 5 10 PVC and it s Qos config page VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid value
26. from the DHCP server on DSL router Each Leases item include info as below Hostname MAC Address IP Address Expires In How many times the Device Leases the IP Address for the MAC Address Device Info DHCP Leases Hostname MAC Address IP Address Expires In Device Info Summary WAN Statistics Lfee7cOGedb24af 00 14 78 9C 0F 4C 192 169 1 12 23 hours 59 minutes 53 seconds a Advanced Setup Wireless Yoice Usb Storage Diagnostics Management Figure 2 3 10 DHCP Leases List 4 4 Advanced Setup Click Advanced Setup to enter the advanced system setup interface there many items as below WAN Wide area network interface LAN Local area network interface NAT Network Address Translate Security Quality of Service Routing DNS DSL Print Server 36 Port Papping IPSec Certificate Advance Setup is DSL Router s config center Advanced Setup WAN LAN MAT Security Quality of Service Routing DNS DSL Print Server Port Mapping IPSec Certificate Figure 2 4 Advance Setup menu 4 4 1 WAN CONFIGRATION Click Advance Setup gt WAN there maybe two circumstances appears In this Interface you can do Add Edit Remove Save Reboot Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced S
27. infrared and so on you do not need to use this wizard Click Cancel to close the wizard and then plug the printers cable into your computer or point the printertoward your computers infrared port and tum the printer on Windows will automatically install the printer for you i you have a Plug and Play printer that connects i To continue click Next Step2 Select Network Printer and click Next dd Printer Weard Local or Network Printer The wizard needs to know which type of printer to set up Select the option that describes the printer you want to use Local printer attached to this computer To set up a network printer that is not attached to a print server use the Local printer option Step3 Select Connect to a printer on the Internet type http 192 168 1 1 631 printers hp3845 and click Next The printer name hp3845 must be the same name entered in the ADSL modem WEB UI printer server setting as in step 1 99 Add Printer Wizard Specify a Printer fou dont know the name or address of the printer you can search for a printer that meets your needs What printer do you want to connect to O Find a printer in the directory Connect to this printer orto browse for a printer select this option and click Next Mame Example server printer 2 Connect to a printer on the Intemet or on a home or office network URL tp 192 168 1 1 631 pnnters
28. you can modify them depending on your practices After proper modifications click Next to show the following interface O In this interface you can modify Internet Connection Type and Encapsulation Type Connection Type Select the type of network protocol and encapsulation mode over the ATM PC that your ISP has instructed you to use Note that Device Info 802 1q VLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPOA LAN NAT PPP over Ethernet PPPoE PARNY MAC Encapsulation Routing MER Routing DNS IP over ATM IPoA DSL Port Mapping Bridging Certificate Wireless Encapsulation Mode Diagnostics g LLC SNAP BRIDGING Management Enable 802 1q Figure 2 6 9 Internet Connection Type and Encapsulation Type page Change the connection type of PVC 8 35 to IP over ATM IPoA Select IP over ATM IPOA and LLC SNAP ROUTING depending on the uplink equipment generally LEC SNAP ROUTING as Encapsulation Mode S6 Connection Type Select the type of network protocol and encapsulation mode over the ATM PWC that your ISP has instructed you to use Note that Device Info 802 1q VLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPOA LAN NAT PPP over Ethernet PPPoE ay MAC Encapsulation Routing MER Routing DNS 9 IP over ATM IPoA DSL Port Mapping Bridging Cert
29. 2 2 1 config PVC and Qos of Pvc B From Figure 2 2 2 Select IP over ATM IPoA from the Connection Type box and It s Encapsulation Type from the Encapsulation Mode combo box Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC tha 802 19 VLAN tagging is only available for PPPoE MER and Bridging PPP over ATM PPPoA O PPP over Ethernet PPPoE MAC Encapsulation Routing MER IP over ATM IPoA Bridging Encapsulation Mode LLC SNAP ROUTING e Figure 2 2 2 4 1 IP over ATM IPoA C We click Next button enter WAN IP information config page 24 WAN IP Settings Enter information provided to you by your SP to configure the WAN IP settings Notice DHCP is not supported in IPoA mode Changing the default gateway or the DNS effects the whole system with static values will disable the automatic assignment from other WAN connection E Use the following default gateway Use WAN Interface ipoa_0_0_35 ipa_O 0 35 LJ Use the following DNS server addresses Secondary ONS server fs Figure 2 2 2 4 2 WAN IP config page Your Internet Service Provider ISP should provide you with the following You can also select another service function as below Use the following IP address static wan ip Use the following default gateway static gateway ip Use the following DNS server addresses static DNS server ip D We click Next button enter wan a
30. 6 6 Outgoing IP Filtering Setup overview 4 4 4 1 Outgoing IP Filtering Setup When Outgoing IP Filtering rules setup being enable on the MODEM the various security functions for the local network will enable at the same time You can protect the network against hacker attacks and block individual PC s access to selected services or internet sites Click Security gt IP Filtering gt Outgoing to show the following interface By default all outgoing IP traffic from LAN is allowed but some IP traffic can be BLOCKED by setting up filters Outgoing IP Filtering Setup By default all outgoing IP traffic from LAN is allowed but some IP traffic can be BLOCKED by setting up filters Device Info Advanced Setup Choose Add or Remove to configure outgoing IP filters i Filter Name Protocol Source Address Mask Source Port Dest Address Mask Dest Port Remove NAT Security Add IP Filtering Incoming Figure2 8 6 7 Outgoing IP Filtering Config Click Add to enter the related interface defining the IP filtering rule as follows The screen allows you to create a filter rule to identify outgoing IP traffic by specifying a new filter name and at least one condition below All of the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and activate the filter 73 Device Info Advanced Setup NAT Security IP Filtering Incoming Parental Control
31. 63 Hexadecimal 8 sd C4 WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the client WPA Encryption Select TKIP AES or TKIP AES The AES is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect 123 Device Info Advanced Setup Wireless Earle Security MAC Filer Wireless Bridge Adivanced Station Info Help Voke Usb Storage Cisco dica Minaqemeni Uroadcon_wrj Mixed FPASOPA PSE TRIPHAES WSE Add Cieni Figure 3 2 6 Wireless Security Mixed WPA2 WPA PSK Authentication o Mixed WPA2 WPA Authentication This authentication mode means AP auto adjust to use WPA2 PSK or WPA PSK according to wireless clients Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be Mixed WPA2 WPA WPA Pre Shared Key Enter the pre shared key for WPA Client stations must use the same key in order to connect with this device Check the table below for instructions when entering the key ASCII EA 0 Hexadecimal 8 OH WPA2 Preauthentication Selec Enable or Disenable Network Re auth Interval Specifies the timer of re authentication between the server and the chent WPA Gr
32. A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages o Beacon Interval A beacon is a packet of information that is sent from a connected device to all other devices where it announces its availability and readiness A beacon interval is a period of time sent with the beacon before sending the beacon again The beacon interval may be adjusted in milliseconds ms Default 100 is recommended o XPress Technology Select Enable or Disable This is a special accelerating technology for IEEE802 11g The defaule is Disabled Oo 34g Mode Compatible with IEEE 802 11b IEEE 802 11g Select a Standards from the drop down list box Its default setting 1s 54g Auto The drop down list box includes below mode 802 11b Only Only stations that are configured in 802 11b mode can associate If you select it the rate of transmission will only has selected value 1Mbps 2Mbps 5 5Mbps 11Mbps For other selections the rate of transmission will has lots of selected value 1Mbps 2Mbps 5 5Mbps 6Mbps 9Mbps 11Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps 54g LRS This is a special compatibility mode for 802 11b g and is in fact designed for older types of b clients Use this mode if you are experiencing problems with wireless clients that connect to the Gawv5 4U4 A3 Access Point If you select it the preamble type will be disabled which can t be set 54g Auto Only stations that ar
33. DNS service provider the information about the host and the install the client software on the host which can update the service provider with the IP address and the domain name information 4 4 7 2 2 CONFIGURATION The DDNS feature in Linux reference software requires to be configured in the menuconfig to include the support for this feature Once the software support is configured to be built for a profile this feature can be configured using the WEB Ul as gt Choose the Advanced Setup from the WEB UI choose the DNS menu item under Advanced Setup and select the Dynamic DNS menu item under DNS 95 Dynamic DNS The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname in any of the many domains allowing yo Device Info DSL router to be more easily accessed from various locations on the Internet Advanced Setup WAN LAN NAT Security Routing DNS DNS Server Dynamic DNS DSL Choose Add or Remove to configure Dynamic DNS Hostname Username Service Interface Remove Figure2 8 9 9 Dynamic DNS Configuration overview gt Click the Add button to configure a new host information Add dynamic DDNS Device Info This page allows you to add a Dynamic DNS address from DynDNS org or TZO Advanced Setup WAN D DNS provider DynDNS org LAN NAT Security Hosname Interface pppoe_8_35_1 ppp_8_35_1 x Routing DNS DNS Server Password Dynamic DNS DSL Port Ma
34. DSCP Mark the correcponding DSCP byte in the IP Device Info Advanced Setup header of the upstream packet is overwritten by the selected value WAN LAN Assign Classification Queue PVC 0 8 358Prece 18Queue 9 vo Security Assign Differentiated Services Code Point DSCP Mark Fe Quality of Service Mark 802 1p if 802 1q is enabled x Queue Config Specify Traffic Classification Rules QoS Classification aa Enter the following conditions either for IP level SET 1 or for IEEE 802 1p SET 2 Routing DSL SET 1 Print Server Physical LAN Port v Port Mapping Protocol M Certificate Differentiated Services Code Point DSCP Check Wireless IP Address M Voice Source Subnet Mask Diagnostics es UDP TCP Source Port port or port port Management Destination IP Address Destination Subnet Mask UDP TCP Destination Port port or port port Source MAC Address Source MAC Mask Destination MAC Address Destination MAC Mask SET 2 802 1p Priority 2 y v Figure2 8 9 2 QoS 802 1p setting 86 After proper modifications click Save Apply to show the following interface Quality of Service Setup Choose Add or Remove to configure network traffic classes Device Info Advanced Setup If you disable WMM function in Wireless Page classification related to wireless will not take effects WAN MARK TRAFFIC CLASSIFICATION RULES ource Destination LAN Class DSC
35. Figure 2 2 2 5 6 DSL Router Reboot 4 2 5 Quick Setup Completed DSL router does not require further configuration in order to start working After the setup described in this chapter you can immediately start using your gateway to Share a broadband connection among multiple users HTTP FTP Telnet NetMeeting and between all of the computers connected to your home network Build a home network by connecting additional PCs and network devices to the gateway Control network parameters including DHCP DNS and WAN settings View network status traffic statistics system log and more Allow access from the Internet to games and other services provided by computers in the home network Prohibit computers in the home network from accessing selected services on the Internet 28 Block access to specific Internet Web sites from your home network To learn about how to configure your Firewall security parameters please refer to section 7 3 If you wish to apply corporate grade security to your network please refer to section 7 3 11 If your gateway 1s equipped with multiple LAN ports you can connect additional devices directly to the gateway Otherwise connect a hub or switch to the LAN port to which you can connect additional devices In both cases configure newly connected devices to automatically obtain IP address as described above 4 3 DSL Router Device information Click Device Info It should view the informat
36. Figure 2 8 4 DHCP Server The DSL ROUTE has a DHCP server for which the factory setting is active Consequently the IP 65 addresses of the PCs are automatically assigned by the DSL Router O Disable DHCP Server Enable DHCP Server Start IP Address 1192 168 1 2 End IF Address 192 168 1 254 Subnet Mask 255 255 255 0 ss __ Leased Time hour i24 Note If the DHCP server for the DSL Router is activated you can configure the network setting on the PC so that the option Obtain an IP address automat ically is set up Further information about this can be found in the section entitled If you deactivate the DHCP server you will have to assign a static IP address for the PCs that use the network settings gt To activate the DHCP server select On gt Ifthe DHCP server is active you can define a Lease time The Lease time determines the period for which the PCs retain the IP addresses assigned to them without chang ing them Note If you select Never expires the IP addresses are never changed Activate this option if you want to make NAT or firewall settings using the IP addresses of the PCs otherwise you have to assign static IP addresses to these PCs gt Define the range of IP addresses the DSL Router WLAN dsl should use to auto matically assign IP addresses to the PCs Define the First issued IP address and the Last issued IP address 4 4 2 5 Configure the second IP Add
37. Host Config gt Enter the Local IP address of the PC that is to be enabled as an Exposed Host gt Apply the settings by clicking Save Apply Remove DMZ host Clear the DMZ Host Address Apply setting by click Save Apply 4 4 4 Security Security 1s a important function of DSL it protects the resources of a private network from users from other networks Also the item prevent unauthorized internet users form accessing private networks connected to the internet All messages entering or leaving the intranet 1 e the local network to which you are connected must pass through the security examines which examines each message and blocks those that do not meet the specified security criteria There are three basic types of security techniques IP packet filtering The system examines each packet entering or leaving the network and accepts or rejects it based on user defined rules Packet filtering is fairly effective and transparent to users but it is difficult to configure O Crruit level gatway implementation This process applies security mechanisms when a TCP or UDP connection is established Once the connect has been made packets can flow between the hosts without further checking O MAC frame filtering The system examines each frame entering or leaving the network form layer 2 And accord to user defined rules accepts and rejects frame A security management program can be configured one of two basic ways o A default
38. IGMP and WAN service page Enable NAT Select it to enable the NAT functions of the MODEM If you are not to enable NAT and intend the user of the MODEM to access the Internet normally you must add a route on the uplink equipment otherwise the access to the Internet will fail Normally it is required to enable NAT Enable Firewall enable disable IP filtering IGMP Multicast IGMP proxy For example if you need IPoA mode support IPTV please enable it WAN Service Please enable it unless you don t need to active the PVC Click Next to show the following interface O In this interface it show the all configuration WAN Setup Summary Make sure that the settings below match the settings provided by your ISP Device Info Advanced Setup YPI VOI 5735 WAN Connection Type IPoA LAN z Service Name poa_8_35 NAT Service Category UER Security gory Routing IP Address 10 28 105 28 DNS Service State Enabled DSL NAT Enabled Port Mapping Firewall Enabled Certificate P IGMP Multicast Disabled Wireless Diagnostics Quality Of Service Disabled Management Click Save to save these settings Click Back to make any modifications MOTE You need to reboot to activate this WAN interface and further configure services over this interface Figure 2 7 3 IPOA Setup Summary Click Save to save these settings And you can click Back to make any modifications After you click Save it show the follow
39. Info YPI 0 255 8 Advanced Setup WAN YCL 32 65535 35 LAN NAT Service Category UBR Without PCR Security Routing DNS DSL es Enable Quality Of Service Certificate Wireless Enabling packet level QoS for a PVC improves performance for selected classes of applications QoS cannot be set for CBR and Realtime YBR QoS consumes system resources therefore the number of PVCs will be reduced Use Advanced Setup Quality of Service to assign priorities for the applications Diagnostics Management Enable Quality Of Service Figure 2 7 6 Internet Connection Type and Encapsulation Type page VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid 60 value is from 0 to 255 VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Service Category UBR Without PCR UBR With PCR CBR Non Realtime VBR Realtime VBR Enable Quality Of Service enable disable In this example PVC 8 35 is required to modify so service category and QoS will remain default values In actual applications you can modify them depending on your practices After proper modifications click Next to show the following interface O In this interface you can modify Internet Connection Type and Encapsulation Type Connection Type Select the type of network protocol and encapsulation mode over the A
40. Interop C Enable Music Server Figure CHP2 1 SIP Advanced Setting 4 6 2 2 1 Advanced Feature Setting __ Forwarding Call forwarding Forwarding all Call forwarding if Line Call waiting number when busy calls no answer LI L LI p Een B O a Figure 3 4 10 Advanced Feature Setting Forwarding number Set the number to forward a call This number can also be set through dialing 74 lt NUM gt on the phone key pad Refer to section 1 3 11 for more details Call forwarding when busy Enable Call forwarding when busy feature When this box is checked incoming calls will be forwarded when the specific line is busy It has the same effect as dialing 72 on the phone pad Forwarding all calls Enable Call forwarding all feature When this box is checked incoming calls will be forwarded unconditionally Dialing 73 can also accomplish this aim Call forwarding if no answer Enable Call forwarding no answer When this box is checked incoming calls will be forwarded when it s not answered in 18s Dialing 71 also makes it s Call waiting Enable Call waiting feature on this line 4 6 2 2 2 Enable MWI subscription Enable Mil subscription MWI stands for Message Waiting Indicator When set this enabled DSL ROUTER will send a SIP SUBSCRIBE message to proxy asking for a notification when its voicemail status changes When its status do changes proxy will send a NOTIFY message to gateway cau
41. MER A From Figure 2 2 1 config PVC and Qos of Pvc B From Figure 2 2 2 Select MAC Encapsulation Routing MER from the Connection Type box and It s Encapsulation Type from the Encapsulation Mode combo box Connection Type Select the type of network protocol and encapsulation mode over thi 802 19 VLAN tagging is only available for PPPOE MER and Bridging PPP over ATM PPPOA PPP over Ethernet PPPoE MAC Encapsulation Routing MER IP over ATM Poa Bridging Encapsulation Mode LLO SNAP BRIDGING Figure 2 2 2 3 1 MAC Encapsulation Routing MER C We click Next button enter WAN IP information config page 22 WAN IP Settings Enter information provided to you by your ISP to configure the WAN IP settings Notice DHCP can be enabled for PYC in MER mode or IP over Ethernet as WAN interface if Obtain an IP address automatically chosen Changing the default gateway or the DNS effects the whole system Configuring them with static values will disable the automatic assignment from DHCP or other WAN connection If you configure static default gateway over this PE in MER mode you must enter the IP address of the remote gateway in the Use IP address The Use WAN interface is optional Obtain an IP address automatically Use the following IP address WARK IP Address WAN Subnet Mask Advanced DM Obtain default gateway automatically oeno Use the following defau
42. Management Protocol TR 064 LAN Side DSL CPE Configuration Remote Update System Statistics and Monitoring DSL router is targeted at the following platforms DSL modems Wireless access points and bridge 3 2 Setup Connecting your computer or home network to the DSL router 1s a simple procedure varying slightly depending on your operating system This chapter will help you to seamlessly integrate DSL router with your computer or home network The Windows default network settings dictate that in most cases the setup procedure described below will be unnecessary For example the default DHCP setting in Windows 2000 is client requiring no further modification However it is advised to follow the setup procedure described below to verify that all communication parameters are valid and that the physical cable connections are correct The setup procedure consists of three consecutive configuration stages LAN Connection y WAN Connection O PC Network Configuration LJ i lt A internet DSL O DSL Quick Setup Figure 1 1 Hardware Configuration a Setting up WAN and LAN connections 1 2 1 b PC network configuration 1 2 2 c DSL router Quick Setup via the Web based management 13 3 2 1 Setting up WAN and LAN connections WAN Connection Y our connection to the Internet by DSL ADSL VDSL modem connect its DSL socket to the wall socket using a telephone cable If it has an Ethernet socket
43. Mask The DMZ Host Subnet Mask it is build upon the DMZ Host IP Address Use Static IP Address If disabled it the MODEM through PPPOA dial up to obtain an IP address assigned by an uplink equipment such as BAS If enable it the MODEM use this IP as the WAN IP address After input the PPP Username and PPP Password click Next to show the following interface O In this interface you can modify the Service name and enable disable the IGMP Multicast WAN Service 47 Enable IGMP Multicast and WAN Service Device Info Enable IGMP Multicast C Advanced Setup rT OWAN OOOO O O Enable WeM service EAT Service Marne pppoa_8_35_1 MAT Security Routing DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 5 6 PPPoA IGMP and WAN service page IGMP Multicast IGMP proxy For example if you need PPPoA mode support IPTV please enable it WAN Service Please enable it unless you don t need to active the PVC Click Next to show the following interface O In this interface it show the all configuration You can see some default values NAT enable Firewall enable WAN Setup Summary Make sure that the settings below match the settings provided by your ISP Device Info Advanced Setup WPI YEI 0 35 OO OWAN A Connection Type PFPoA LAN Service Name pppoa_8_35_2 NAT SOLE Service Category UER Routing IP Address Automatically Assigned DNS Service State Enabled DSL NA
44. Of the two payload transfer protocols ESP and AH the former is most widely used and suitable for NAT operation IPsec supports two encryption modes Transport and Tunnel Transport mode encrypts only the data portion payload of each packet but leaves the header untouched The more secure Tunnel mode encrypts both the header and the payload On the receiving side an IPSec compliant device decrypts each packet For IPsec to work the sending and receiving devices must share a public key This is accomplished through a protocol known as Internet Security Association and Key Management Protocol Oakley ISAKMP Oakley which allows the receiver to obtain a public key and authenticate the sender using digital certificates 4 4 11 1 VPNs Virtual Private Networks A virtual private network VPN provides a secure connection between a sender and a receiver over a public non secure network such as the Internet A secure connection is generally associated with private networks A private network is a network that is owned or at least controlled via leased lines by an organization Using the techniques discussed later in this chapter a VPN can transform the characteristics of a public non secure network into those of a private secure network VPNs reduce remote access costs by using public network resources Compared to other solutions including private networks a VPN is inexpensive VPNs are not new In fact they have been used in telephone netw
45. Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be Mixed WPA2 PSK WPA Pre Shared Key Enter the pre shared key for WPA Client stations must use the same key in order to connect with this device Check the table below for instructions when entering the key Maximum Characters ASCII pe Hexadecimal 8 OH WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the client WPA Encryption Select TKIP AES or TKIP AES The AES is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect 122 Figure 3 2 5 Wireless Security WPA2 PSK Authentication o Mixed WPA2 WPA PSK Authentication This authentication mode means AP auto adjust to use WPA2 PSK or WPA PSK according to wireless clients Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be Mixed WPA2 WPA PSK WPA Pre Shared Key Enter the pre shared key for WPA Client stations must use the same key in order to connect with this device Check the table below for instructions when entering the key Maximum Characters ASCII EA 0c
46. Qos Classification Conifg Traffic Class Name Enter a name of the class Rule Order select order for queue Rule Status Enable or disable this traffic class rule Assign Classfication Queue select a classification queue Assign Differentiated Service Code Point DSCP Mark select a mark service that will modify the original packet IP header if all the rules defined within the classification class are matched CS Mark IP Precedence AF Assured Forwarding EF Expedited Forwarding Mark 802 1p if 802 1q is enabled select a 802 1p priority number that will serve as the 802 1p value There are two sets of classification rules Set 1 is based on different fields within TCP UDP IP layer plus physical LAN port Set 2 is based on MAC layer IEEE 802 1p priority field Set 1 Rules contain the following Physical LAN port select one among usb port Ethernet ports and wireless port Protocol select one among TCP UDP TCP UDP or ICMP protocols Source IP address Source subnet mask UPD TCP source port or a range of ports Destination IP address Destination subnet mask UPD TCP destination port or a range of ports 84 Source Mac address Source Mac mask Destination Mac address Destination Mac Mask Set 2 Rules contain the following 802 1p priority The 802 1p header includes a 3 bit prioritization field which allows packets to be grouped into eight levels of priority 0 7 where level 7 is the highest one 4 4 5 3 1 Qos DSCP setting In order to
47. Radius server s WPA Encryption Select TKIP AES or TKIP AES The TKIP is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect Voice Usb Storage Diagnostics Managemert Figure3 2 1 Wireless Security WPA Authentication o WPA2 Authentication Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be WPA2 WPA2 Preauthentication Selec Enable or Disenable Network Re auth Interval Specifies the timer of re authentication between the server and the client WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the client Radius Server IP Adress Enter the IP Address of the authentication server Radius Port Enter the port number of the authentication server The default port number is 1812 Radius Key Enter the same key as the Radius server s WPA Encryption Select TKIP AES or TKIP AES The AES is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect 120 PIEN Sent EEM Pie Ppa A ii th i j r Device Info Ca r
48. SNAP BRIDGING w Figure 2 2 2 Internet Connection Type and Encapsulation Type page For example Change the connection type of PVC 0 35 to bridge Select bridging and LLC SNAP BRIDGING depending on the uplink equipment generally LLC SNAP BRIDGING as Encapsulation Mode 4 2 1 3 Internet Connection Type PPP over ATM PPPoA A From Figure 2 2 1 config PVC and Qos of Pvc B From Figure 2 2 2 Select PPP over ATM PPPoA from the Connection Type box and It s Encapsulation Type from the Encapsulation Mode combo box Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that 802 1g VLAN tagging is only available for PPPoE MER and Bridging PPP over ATM PPPOA gt PPP over Ethernet PPPoE O Mac Encapsulation Routing IER O IP over ATM IPoa4 O Bridging Encapsulation Mode VCZ MUR nal Figure 2 2 2 1 1 PPP over ATM PPPoA C We click Next button enter PPP information config page 18 PPP Username and Password PPP usually requires that you have a User name and password to establish your name and password that your ISF has provided to you PPP sername i PPP Password Authentication Method AUTO EE Dial on demand with idle timeout timer Inactivity Timeout minutes 1 4320 o PRP IP extension Advanced DMZ Mon DMZ IF Address Non DMZ Net Mask Use Static IF Address
49. Support Antenna Type Internal Diversity with Connector 2dBi 1 4 Compliance Certificates FCC Class B CE Mark 15 Standards Compatibility and Compliance RFC 2684 multiprotocol Encapsulation over ATM Adaptation Layer 5 RFC1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 RFC2364 PPP over ATM ALL5 PPPOA RFC2516 PPP Over Ethernet PPPoE RFC1662 PPP in HDLC like Framing RFC1332 PPP Internet Protocol Control Protocol RFC1577 2223 Classical IP and ARP over ATM IPoA RFC1483R RFC894 A Standard for the Transmission of IP Datagrams over Ethernet Networks RFC1042 A standard for the Transmission of IP Datagrams over IEEE 802 Networks MER a k a IP over Ethernet over AALS Support ALG Application Level Gateways ITU G 992 1 G dmt ITU G 992 2 G lite ITU G 994 1 G hs ITU G 992 3 ADSL2 ITU G 992 5 ADSL2 ANSI T1 413 issue 2 IEEE802 3 IEEE802 3u IEEE 802 11b IEEE 802 118 RFC3261 SIP for VoIP 1 6 Encapsulation Supports RFC 1483 bridge RFC 1483 Router Classical IP over ATM RFC 1577 PPP over ATM RFC 2364 PPP over Ethernet RFC 2516 1 7 Environment Operating temperature 0 C to 40 C 32 F to 104 F Storage temperature 20 C to 70 C 4 F to 158 F Operating Humidity 10 95 no freezing Storage humidity 5 95 no freezing 1 8 System requirements Recommended system requirements are e Pentium 233MHZ or above Memory 64MB or above 10M Base T Ethernet or above WIN9X WIN2000
50. Tees oo o0 SAA MES a we oa 56 T T PEE ARA see ea 61 63 abcdef qhaijklmn 71 ea opgrstuy wabcdefg a File Untitled 2136 by P 24D 16M 0 Figure 8 the packet transmitted from PVC 8 35 4 4 7 DNS Short for Domain Name System or Service or Server an Internet service that translates domain names into IP addresses Because domain names are alphabetic they re easier to remember The Internet however is really based on IP addresses Every time you use a domain name therefore a DNS service must translate the name into the corresponding IP address For example the domain name www example com might translate to 198 105 232 4 The DNS system is in fact its own network If one DNS server doesn t know how to translate a particular domain name it asks another one and so on until the correct IP address is returned 4 4 7 1 DNS Server In this interface you can modify the DNS server settings DNS Server Configuration If Enable Automatic Assigned DNS checkbox is selected this router will accept the first received DNS assignment from one of th Device Info PPPoA PPPoE or MER DHCP enabled PYC s during the connection establishment If the checkbox is not selected enter the prim Advanced Setup and optional secondary DNS server IP addresses Click Save button to save the new configuration You must reboot the router t WAN make the new configuration effective LAN NAT y Enable Automatic Assigned DNS Security Rout
51. This interface contains the following informations of every wan connection VPI VCI VLAN Connection ID Category Service Interface Protocol IGMP Qos State Status IP address WAN Info x WPI WCI Con ID Category Service Interface Protocol Igmp QoS State Status IP Address Device Info 8 35 1 UBR pppoe_8_35_1 ppp_8 35 1 PPPoE Disabled Disabled Enabled Up 10 28 106 143 Summary WAN Statistics Route ARP DHCP Advanced Setup Wireless Diagnostics Management Figure 2 3 2 WAN interface info 30 4 3 3 Statistics In this page It include four parts information Statistics of LAN Statistics of WAN Statistics of ATM Statistics of ADSL 4 3 4 Statistics of LAN Click Statistics gt LAN to show the following interface You can query information on packets recevied at the Ethernet USB and Wireless interfaces Click Reset Statistics to return the values to zero and recount them Lan side interface included Ethernet USB and wireless device each device you can view info as below Interface Received Bytes Bytes of Received Pkts Packets of Received Errs Errors packets of Received Drops Drops packets of Received Transmitted Bytes Bytes of Received Pkts Packets of Received Errs Errors packets of Received Drops Drops packets of Received Statistics LAN Interface Received Transmitted Device Info Bytes Pkts Errs Drops Bytes Pkt
52. UPD TCP source port or a range of ports Destination IP address destination 1p default no set Destination subnet mask Destination port UPD TCP destination port or a range of ports Wan interfaces You can select wan interfaces and PVC There are a example to introduce how to configure the incoming IP Filtering PC1 192 168 1 10 Application server Remote Adminstrator P 10 10 10 10 Figure 1 2 incoming IP filer application Request O I need to permit a PC whose IP address is 10 10 10 10 All Incoming TCP UDP packet traffic from that PC 10 10 10 10 1s allowed Oo Block all IP traffic from other PC Stepl By default all incoming IP traffic from internet is blocked so all the IP packet come for the internet are blocked Setp2 The detailed configuration steps are as follows 76 Add IP Filter Incoming The screen allows you to create a filter rule to identify incoming IP traffic by specifying a new filter name and at least one condition Device Info below All of the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and Advanced Setup activate the filter WAN LAN Filter Name incoming NAT E Protocol TCP UDP X Security 5 Source IP address 10 10 10 10 IP Filtering AA Outgoing Source Subnet Mask 255 255 0 0 Incoming Source Port port or port port Parental Control Destination IP address Quality of Service Destination Subnet Mask
53. add NAT Virtual Servers Select the service name and enter the server IP address and click Save Apply to forward IP packets for this service to the specified server NOTE The Internal Port End cannot be changed It is the same as External Port End normally and will be the same as the Internal Port Start Device Info or External Port End if either one is modified Advanced Setup Remaining number of entries that can be configured 32 WAN Server Name LAN gt z Selecta Service Select One v NAT z dl y O Custom Server Virtual Servers E dl Port Triggering Server IP Address 192 168 1 a DMZ Host Security Quality of Service Routing DNS DSL v MA Print Server te m Port Mapping r 7 E Certificate z A TCP v Wireless Voice TCP 7 o Usb Storage cp Diagnostics 7 z E Management z TER v i TCP w TCP 7 TP W TCP v Save Apply Figure 2 8 6 1 Add virtual Servers Select a service or custom your server Set Server IP address Enter the Set Server IP address of the computer that will provide the service the server in the Local Host field Note that unless an additional external IP address has been added only one LAN computer can be assigned to provide a specific service or application Set External port star
54. and intend the user of the MODEM to access the Internet normally you must add a route on the uplink equipment otherwise the access to the Internet will fail Normally 1t 1s required to enable NAT Enable Firewall enable disable IP filtering IGMP Multicast IGMP proxy For example if you need MER mode support IPTV please enable it WAN Service Please enable it unless you don t need to active the PVC Click Next to show the following interface O In this interface it show the all configuration WAN Setup Summary Make sure that the settings below match the settings provided by your ISP Device Info Advanced Setup YPI VCI 8 35 OO OWAN O O O OO O Connection Type MER LAN 7 Service Name mer_8 35 MAT Service Category UBR Security gory Routing IP Address Automatically Assigned DNS Service State Enabled DSL NAT Enabled Part alle Firewall Enabled Certificate 3 i IGMP Multicast Disabled Wireless Diagnostics Quality Of Service Disabled Management Click Save to save these settings Click Back to make any modifications MOTE You need to reboot to activate this WAN interface and further configure services over this interface Figure 2 6 5 MER Setup Summary 53 Click Save to save these settings And you can click Back to make any modifications After you click Save it show the following interface NOTE You need to reboot to activate this WAN interface and further configure s
55. and the PC that will provide it This is useful for example if you want to host a Web server inside your home network When an Internet user points his her browser to DSL router external IP address the gateway will forward the incoming HTTP request to your Web server With one external IP address DSL router main IP address different applications can be assigned to your LAN computers however each type of application is limited to use one computer For example you can de net hat FTP will use address X to reach computer A and Telnet will also use address X to reach computer A but attempting to define FTP to use address X to reach both computer A and B will fail DSL router therefore provides the ability to add additional public IP addresses to port forwarding rules which you must obtain from your ISP and enter into the NT IP Addresses Pool see section 7 3 7 You will then be able to define FTP to use address X to reach computer A and address Y to reach computer B Additionally port forwarding enables you to redirect traffic to a different port instead of the one to which it was designated Lets say that you have a Web server running on your PC on port 8080 and you want to grant access to this server to any one who accesses DSL router via HTTP To accomplish this do the following gt De fine a port forwarding rule for the HTTP service with the PC IP or host name gt Specify 8080 in the Forward to Port field All incoming HTTP traffic will n
56. another will cause all defined rules to be REMOVED AUTOMATICALLY Device Info You will need to create new rules for the new policy Advanced Setup WAN LAN Security Parental Control Are you sure you want to change MAC Filtering Global Policy from FORWARDED to BLOCKED Routing DSL Port Mapping Certificate Figure2 8 7 7 MAC Filtering Change Policy Click add to add MAC filter rules The interface show below Add MAC Filter Create a filter to identify the MAC layer frames by specifying at least one condition below If multiple conditions are specified all of Device Info them take effect Click Apply to save and activate the filter Advanced Setup WAN Protocol Type fo LAN Destination MAC Address Ei Source MAC Address Parental Control Frame Direction LAN lt gt WAN v Routing O DSL WAN Interfaces Configured in Bridge mode only Port Mapping Certificate ly Select All Wireless Y br_1_35 nas_1_35 Diagnostics Management Figure2 8 7 8 MAC Filtering Add Config Protocol Type select one among PPPoE IPV4 IPV6 AppleTalk IPX NETBEUI or ICMP protocols Destination MAC Address Source MAC Address Frame Direction the direction of transmit frame you can select LAN gt WAN from lan to wan WAN gt LAN from wan to lan LAN gt WAN WAN Interface select a wan interface 4 4 4 3 1 MAC Filtering Global Policy FORWARDED Let me show you how to forbid the PC which has the 00 13 20 9E 0F
57. as good compared to other codecs such as the G 711 If you specify none of the codecs using the default value showed as figure 1 5 the DSL ROUTER will choose the codec automatically 4 6 2 1 4 Preferred ptime Preferred ptime 20 Figure 3 4 1 Preferred ptime This item provides for you to set the Packetization Time PT The PT is the length of the digital voice segment that each packet holds The default is 20 millisecond packets If selecting 10 millisecond packets enhances the voice quality as less information is lost due to packet loss but doubles the load on the network traffic 4 6 2 1 5 SIP domain name SIF domain name Figure 3 4 2 SIP domain name Fill in the SIP domain name or SIP server s IP address If set to domain name make sure it must be resolvable to SIP server s IP address 4 6 2 1 6 Use SIP Proxy Use SIP Proxy Figure 3 4 3 Use SIP Proxy Select the check box if you DSL ROUTER uses a SIP proxy SIP Proxy allows other parties to call DSL ROUTER through it When this item is checked the following fields appear SIP Proxy SIP Proxy port 5060 Figure 3 4 4 SIP Proxy Parameters SIP Proxy Specify the proxy s IP address SIP Proxy port The port that this proxy is listening on Default port value is 5060 4 6 2 1 7 Use SIP Outbound Proxy Use SIP Outbound Proxy Figure 3 4 5 Use SIP Outbound Proxy Some network service providers require the use of an outbound proxy This is an additi
58. associate to the AP o Bridge Restrict Select Disabled in Bridge Restrict which disables wireless bridge restriction Any wireless bridge will be granted access Selecting Enabled or Enabled Scan enables wireless bridge restriction Only those bridges selected in Remote Bridges will be granted access You can manually input Remote Bridges MAC Address to the list Also you can do it automatically Proceed as follows O In the Bridge Restrict list click Enabled Scan o Click Refresh to update the remote bridges The Gawv5 4U4 A3 will Wait for few seconds to update And then lists the results in the Accessible Access Points table O Check on the box in the left column of the list for selecting the Access Point to which you want to establish a WDS connection eo Click Save Apply You must configure all Bridges Access Point with O The same encryption and authentication mode as Open Shared WEP WPA PSK or WPA2 PSK O The same fixed channel Click Save Apply to configure the wireless bridge options and make the change take effect 126 Device Info Quick Setup Advanced Setup Wireless Basic Security MAC Filter Wireless Bridge Advanced Station Info Voice Usb Storage Diagnostics Management AP Mode LX KH KK KK XK UX Bridge Restrict A Remote Bridges MAC Address Access Point Y SSID 23bd82515811 default Broadcom Broadcom Figure3 2 10 Wireless Br
59. both can talk directly Alice seizes here phone keys in Bob s number in SIP URL format Assuming Bob is using a SIP enabled IP phone with IP address 100 100 100 1 Bob s SIP URL should be something like bob 100 100 100 1 After Alice presses DIAL button on her phone a SIP INVITE message is sent to Bob s IP phone directly Once Bob s IP phone receives this message it rings and meanwhile replies with another SIP message to Alice then Alice will hear a ring back tone Bob knows a incoming call is available and off hook his phone At this time a 2 way voice connection is created and both party are able to hear and talk with each other In this example Bob first on hooks his phone producing an ACK message sent back to Alice The arrival of this message will terminate the voice connection making Alice hear a busy tone on her side 135 INVITE 180 Ringina BO 200 OK o ACK Je Wa y Media Stream BYE 200 OK 4 6 1 2 3 Call Flow in Proxy Mode In proxy mode every user agent takes use of proxy to relay its SIP message Proxy may query a location database server about a SIP URL Depending on the result it may relay the request to a next hop proxy or send it to the destination peer In this flow Alice is located in atlanta com She is going to place a call to Bob whose SIP URL is bob biloxi com Alice s user agent passes the INVITE message to its proxy atlanta com From the request URL in SIP mes
60. effective on ATM PVCs configured in Bridge mode If the ATM PVCs is configured in other routing mode such as PPPoE mode the MAC Filtering Setup will not appears in the Security option FORWARDED means that all MAC layer frames will be FORWARDED except those matching with any of the specified rules in the following table BLOCKED means that all MAC layer frames will be BLOCKED except those matching with any of the specified rules in the following table Lt MAC Filtering Setup MAC Filtering Global Policy FORWARDED Device Info Advanced Setup Change Policy WAN LAN MAC Filtering is only effective on ATM PYCs configured in Bridge mode FORWARDED means that all MAC layer frames will be Security FORWARDED except those matching with any of the specified rules in the following table BLOCKED means that all MAC layer E frames will be BLOCKED except those matching with any of the specified rules in the following table MAC Filtering pa Parental Control Choose Add or Remove to configure MAC filtering rules Routing DSL Port Mapping PI CI Protocol Destination MAC Source MAC Frame Direction Remove Certificate Wireless Diagnostics Management Figure2 8 7 6 MAC Filtering Setup overview Click Change Policy to show the following interface Then you can change the MAC Filtering Global Policy from FORWARDED to BLOCKED Change MAC Filtering Global Policy WARNING Changing from one global policy to
61. hp 3844 Example http serverprinters myprinter printer RETO TE Step 4 Click Have Disk insert printer driver CD Add Printer Wizard Select the manufacturer and model of your printer f your printer came with an installation disk click Have Disk f your printer is not listed consult your printer documentation for a compatible printer Manutacturer Agta Alps Apollo Apple iria e SO0SF v52 3 Sy AGFA AccuSet 8005F v2013 108 Cancel Step 5 Select driver file directory on CD ROM and click OK 100 Install From Disk ES Insert the manufacturers installation disk and then make sure that the corect drive is selected below Copy manufacturers files from Da x 4 4 10 Port Mapping Port Mapping supports multiple ports to PVC and bridging groups Each group will perform as an independent network To support this feature you must create mapping groups with appropriate LAN and WAN interfaces using the Add button The Remove button will remove the grouping and add the ungrouped interfaces to the Default group Only the default group has IP interface Selecting the Enable virtual ports button in WEB UI Port Mapping page will create three virtual interfaces within the Linux system Each virtual interface represents a physical Ethernet port within the external Ethernet Switch The WEB UI will display four Ethernet ports ENET1 ENET2 ENET3 and ENET4 ENET1 ENET2 and
62. hybrid 802 11a b network gear but these products merely implement the two standards side by side each connected devices must use one or the other Use this chart below to get some quick information to help you differentiate between the available wireless networking standards Standard 2an een Security Pros Cons amp More Info Rate Scheme Up to WEP amp This specification has been extended into TEEE802 11 WPA 802 11b the FHSS or DSSS Products that adhere to this standard are considered Wi Fi Certified Eight available channels Less potential for RF interference than 802 11b and 802 11g Better than IEEE 802 11a in the OFDM ie 802 11b at supporting multimedia voice Wi Fi SGHz video and large image applications in densely band populated user environments Relatively shorter range than 802 11b Not interoperable with 802 11b Products that adhere to this standard are considered Wi Fi Certified Not interoperable with 802 1la Requires fewer IEEE e access points than 802 11a for coverage of 802 11b A the DSSS with WEP amp large areas Offers high speed access to data Wi Fi 2 AGH CCK WPA at up to 300 feet from base station 14 ban d channels available in the 2 4GHz band only 11 of which can be used in the U S due to FCC regulations with only three non overlapping channels Products that adhere to this standard are Up to considered Wi Fi Certified May replace OFDM abo
63. in the same wireless network The Wireless Distribution System WDS on your Gawv5 4U4 A3 allows you to extend the range of your wireless network To be able to use WDS you will need to introduce an additional WDS enabled access point into your wireless network To be able to connect the computers make sure that a wireless client adapter WLAN client is installed on each computer you want to connect via the WLAN 110 4 5 2 Wireless LAN Basics Some basic understanding of 802 11b g wireless technology and terminology is useful when you are setting up the Router or any wireless access point If you are not familiar with wireless networks please take a few minutes to learn the basics 4 5 2 1 Basic terms Before introducing the terms Let us see a typical wireless network topology PCMCIA cora ACCESS TIEI PEHINI z Figure3 A typical wireless network topology In the graphic few terms should be understood AP Short for Access Point a hardware device or a computer s software that acts as a communication hub for users of a wireless device to connect to a wired LAN APs are important for providing heightened wireless security and for extending the physical range of service a wireless user has access to STA Any device that contains an IEEE 802 11 conformant medium access control MAC and physical layer PHY interface to the wireless medium WM SSID Wireless networks use an SSID Service Set Identifier to allow wirele
64. include PVC you will see a Quick Setup web page which will include some basic configuration that is needed by ATM PVC the following introductions will guide you through the steps 16 necessary to configure your DSL Router According to your Internet service providers ISP instructions specify the following parameters VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid value is from 0 to 255 VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Enable Quality Of Service Enabling QoS for a PVC improves performance for selected classes of applications However since QoS also consumes system resources the number of PVCs will be reduced consequently Use Advanced Setup Quality of Service to assign priorities for the applications Quick Setup This Quick Setup will guide you through the steps necessary to configure your DSL Router Device Info ATM PYC Configuration Advanced Setu R A P The Virtual Path Identifier VPI and Virtual Channel Identifier CD are needed for setting up the ATM PWC Do not change VPI Wireless CI numbers unless your ISP instructs you otherwise Yoice y raed PORT 0 3 10 Diagnostics y Management VPI 0 255 lO Or 32 65535 35 Enable Quality Of Service Enabling QoS for a P C improves performance for selected classes
65. information to generate secret keys shared between two parties ISAKMP negotiation is divided into two phases In the first phase ISAKMP SA Security Association is established between two entities to protect further negotiation traffic The second phase SA is used for some security protocol The key exchange protocol must gt Generate a set of secret keys shared between the intiator and the responder gt Authenticate the identity of the initiator and the responder gt Ensure independence of the sets of keys generated This property is also known as PFS Perfect Forward Secrecy gt Key exchange protocol must be scalable Once the keys are generated and shared there must be some meta parameters agreed between the parties to use the keys The following are the meta parameters to use the keys gt Cryptographic algorithms and parameters to the cryptographic algorithms to be used with the keys gt How to apply the cryptographic algorithms and keys 103 gt Key lifetime and refreshment policy 4 4 11 3 IKE Internet Key Exchange The Internet Key Exchange IKE protocol is a key management protocol standard which is used in conjunction with the IPSec standard IPSec is an IP security feature that provides robust authentication and encryption of IP packets IPSec can be configured without IKE but IKE enhances IPSec by providing additional features flexibility and ease of configuration for the IPSec standard IKE is a hyb
66. is from 0 to 255 VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Service Category UBR Without PCR UBR With PCR CBR Non Realtime VBR Realtime VBR Enable Quality Of Service enable disable In this example PVC 8 35 is required to modify so service category and QoS will remain default values In actual applications you can modify them depending on your practices After proper modifications click Next to show the following interface O In this interface you can modify Internet Connection Type and Encapsulation Type Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that your ISP has instructed you to use Note that Device Info 802 19 VLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPOA LAN NAT PPP over Ethernet PPPOE aay MAC Encapsulation Routing MER Routing DNS IP over ATM IPod DSL Port Mapping Bridging Certificate liliana Encapsulation Mode Diagnostics LLC SNAP BRIDGING Management Enable 802 1q Next Figure 2 6 1 Internet Connection Type and Encapsulation Type page Change the connection type of PVC 8 35 to MAC Encapsulation Routing MER Select MAC Encapsulation Routing MER and LLC SNAP BRIDGING depending on the uplink equipment generally LLC SNAP BRIDGING as Encap
67. network in LAN side of DSL ROUTER depending on interface selection on VoIP configuration page In this example we use Asterisk which is available on http www asterisk org Make sure both DSL ROUTER and soft phone should be able to reach SIP server A ping command on DSL ROUTER console and user PC can achieve this gt A 4 6 4 1 1 Configure SIP server In this example Asterisk acts as a registrar and a proxy It accepts registration from VoIP network binding the peer s SIP URL with its location such as IP address For call request from various peers Asterisk first checks if it s authorized If not it simply denies it And for incoming calls requesting other extensions belonging to it Asterisk will find the corresponding location and relay the SIP message to it First make sure Asterisk 1s configured with user information Note that some other SIP server don t need you to configure this in advance so in that case simply skip this step Asterisk SIP configuration file is located in etc asterisk sip conf A sample configuration is shown below with brief semicolon separated explanation in the right bindport 5060 Service port bindaddr 192 168 1 237 binding IP address other configuration line omitted here 148 1001 extension type friend secret 1001 password host dynamic canreinvite no context sip you must configure corresponding context sip in extensions conf This samp
68. not match any classification rules Queue Config QoS Classification Y Enable QoS Routing DSL Print Server Select Default DSCP Mark No Change 1 y Port Mapping Certificate Wireless Save Apply Voice Diagnostics Management Figure2 8 8 3 QOS queue management configuration Choose Enable QOS can enable QOS and the system can set default DSCP mark Click save Apply to active QOS 4 4 5 2 QOS Queue Config The queueing in packet QOS will become effective only when packet is forwarded to QoS enabled PVC Packet forwarding is determined by IP routing or bridging not under control of the packet Qos Click Queue Config to pop up an interface as below In this interface you can config QOS Queue A maximum 24 entries can be configured Qos Queue Configuration can allocated three queues Each of the queues can be configured for a precedence value Lower integer values for precedence imply higher priority for this queue relative to others The queue entry configured here will be used by the classifier to place ingress packets appropriately QoS Queue Configuration A maximum 24 entries can be configured If you disable WMM function in Wireless Page queues related to wireless will not take effects E Interfacename Description Precedence Queue Key Enable Remove Device Info Quick Setup wireless WMM Voice Priority 1 1 Advanced Setup q wireless WWMM Yoice Priority 2 2 WAN LAN wireless WMM Video Priorit
69. of applications However since QoS also consumes system resources the number of PVCs will be reduced consequently Use Advanced Setup Quality of Service to assign priorities fc the applications Enable Quality Of Service Figure 2 2 1 PVC and it s Qos config page For example PVC 0 35 is required to modify so QoS will remain default values In actual applications you can modify them depending on your ISP told you 4 2 1 2 Select Internet Connection Type and Encapsulation Type You can selecting your connection type from the following list each connect type has it s Encapsulation Type PPP over ATM PPPoA PPPoA Encapsulation Mode VC MUX LLC ENCAPSULATION PPP over Ethernet PPPoE PPPoE Encapsulation Mode LLC SNAP BRIDGING VC MUX MAC Encapsulation Routing MER MER Encapsulation Mode LLC SNAP BRIDGING VC MUX IP over ATM IPoA IPoA Encapsulation Mode LLC SNAP ROUTING VC MUX Bridging Bridging Encapsulation Mode LLC SNAP BRIDGING VC MUX 17 Connection Type Select the type of network protocol and encapsulation mode over the ATM PVC that your ISP has instructed you to use Note that Device Info 802 1q VLAN tagging is only available for PPPoE MER and Bridging Quick Setup Advanced Setup PPP over ATM PPPoA Wireless A PPP over Ethernet PPPoE Yoice Diagnostics is i O MAC Encapsulation Routing MER Management IP over ATM Pod Bridging Encapsulation ode LLC
70. on the VoIP network In initial setup faxing behaves like a normal call After DSL ROUTER detects the fax tone it switch to T38 mode and use it as the transmit approach 4 6 3 16 Pass through Faxing If T38 support is not enabled faxing will use normal voice codec as its coding approach So this mode looks much like normal phone calls 4 6 3 17 PSTN to VoIP call For incoming PSTN call DSL ROUTER can route it to local FXS attached analog phones or other VoIP extension depending on the setting In Voice SIP Advanced Setting there are four schemes in Incoming PSTN call routing drop list Auto PSTN Call switch to idle line DSL ROUTER will automatically select the idle line for incoming PSTN call Line1 PSTN Call switch to Line1 PSTN call will be routed to line 1 If it s busy PSTN call will fail Line2 PSTN Call switch to Line2 PSTN call will be routed to line 2 VoIP PSTN Call switch to VoIP call PSTN call will be routed to VoIP extension which is filled in PSTN Call Routing Data 147 4 6 4 Configuration Example 4 6 4 1 VoIP Call This section describes how to setup a basic VoIP call with DSL ROUTER To make a 2 way call we need the help of another party Here we use X Lite which is downloadable on http www xten com The overall diagram is shown below Besides 2 peers GWGW gateway and X Lite soft phone running on user PC there should be a SIP server exists on Internet or local
71. options and make the change take effect Device info Aihe Setup Wireloss Basic Security MAC Filter WEL Sai AP Wirt Brick Achrarced k Station infa Help Voice Uds Sterge BL al at AD Diagnostics anial Setup A Management Ero ade TR TFI 7 Mixed IPAL FA Disabled TEIFVAES Figure3 2 3 Wireless Security Mixed WPA2 WPA Authentication 121 o WPA PSK Authentication Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be Mixed WPA PSK WPA Pre Shared Key Enter the pre shared key for WPA Client stations must use the same key in order to connect with this device Check the table below for instructions when entering the key Format Minimum characters Maximum Characters ASCII B8 o y y 6 Hexadecimal 8 sd C4 WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the chent WPA Encryption Select TKIP AES or TKIP AES The TKIP is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect Deske Init j ma un E in O Setup Security MAC Fiber WAD Jakid Chert Figure3 2 4 Wireless Security WPA PSK Authentication o WPA2 PSK Authentication
72. provided by your ISP and then click Save 8 Click Save Reboot to apply the changes and reboot the system You can also modify the PVC 8 35 If you need to modify the LAN IP address and DHCP server information you can do it in LAN in Advance After the configuration is done the MODEM WAN side interface is ipa_8_35 If Enable NAT is disabled during the configuration you must configure the route on the BRAS otherwise you cannot access your ISP In applications Enable NAT must be checked 4 4 1 10 Add Bridge PVC Click Add to add a certain piece of PVC The following descriptions are given by an example of adding PVC 8 35 IPoA mode eo Click Add following PVC 8 35 Wide Area Network WAN Setup Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN PI YCI Con ID Category Service Interface Protocol Igmp QoS VYianid State Remove Edit tabs 1 35 1 UBR br_1 35 nas_1 35 Bridge N A Disabled N A Enabled m NAT Security Routing Asd paxobrabock DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 7 5 Bridge Config O In this interface you can modify VPI VCIs service categories and QoS ATM PYC Configuration This screen allows you to configure an ATM PYC identifier PI and CD and select a service category Otherwise choose an existing interface by selecting the checkbox to enable it Device
73. server detected Jan 1 01 38 26 Jan 1 01 38 26 daemon crit rito pppdl 6 28 PPP session established Jan 10 1 01 38 27 3 27 daemonlerr lerr pppal628 Couldn t increase MRU to 1500 lan 1 01 38 27 1 01 38 27 daemon lerr pppd 628 Couldn t increase MRU to 1500 crit pppadl628 FFF LCP UP rit lbppd 628 Received Received valid IP address from server Connection UP Jan 1 01 38 27 Jan 1 01 38 27 daernon icrit Jan 1 01 38 27 Jan 1 01 38 27 daemon icrit Han 11 1 01 aaa das mor pe Jan 1 01 38 33 dae mon err user T69c Unable to retrieve attributes in scratch PAD erro user Stored Parameter Attribute data is corrupt or missing Figure 3 6 5 view system event logs Click Refresh to refresh the system event logs or Close to exit from this interface 4 9 3 SNMP Client 4 9 3 1 SNMP Protocol The Simple Network Management Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devices It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol suite SNMP enables network administrators to manage network performance find and solve network problems and plan for network growth Two versions of SNMP exist SNMP version 1 SNMPv1 and SNMP version 2 SNMPv2 Both versions have a number of features in common but SNMPv2 offers enhancements such as additional 156 protocol operations Figure 1 illustrates a ba
74. that your ISP has instructed you to use Note that 802 1q VLAN tagging is only available for PPPoE MER and Bridging prvveeseees 2 PPP over Ethernet PPPoE MAC Encapsulation Routing MER 2 IP over ATM IPo gt Bridging Encapsulation Mode C MUX X Figure 2 5 5 PPP over AIM PPPOA Click Next to show the following interface O In this interface you can modify the PPP Username PPP Password Authentication Method and SO on 46 name and password that your ISP has provided to you Device Info PPP Username we Advanced Setup PPP Password WAN PPPoE Service Name LAN EE Authentication Method AUTO vi NAT Security Quality of Service C Dial on demand with idle timeout timer Routing Inactivity Timeout minutes 1 4320 lO DNS DSL E PPP IP extension dd Advanced DMZ Port Mapping 3 Non DMZ IP Address Certificate dd Wireless Mon DMZ Net Mask Yoice Diagnostics C Use Static IP Address Management IP Address 0 0 0 0 Fl Retry PPP password on authentication error Figure 2 5 6 PPP information and others funtion page PPP Username the correct user name that your ISP has provided to you PPP Password the correct password that your ISP has provided to you Authentication Method AUTO PAP CHAP MSCHAP Usually select AUTO will be OK Dial on demand with idle timeout timer If enable it you need to input the idle timeout time Within the preset minutes if the M
75. the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and activate the filter 75 And you must select at least one or multiple WAN interfaces to apply this rule Add IP Filter Incoming The screen allows you to create a filter rule to identify incoming IP traffic by specifying a new filter name and at least one conditic Device Info below All of the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and Advanced Setup activate the filter WAN LAN Filter Name NAT e it Protocol v ecurity IP Filtering Source IP address Dutgoing Source Subnet Mask Source Port port or port port Parental Control Destination IP address Routing Destination Subnet Mask ia Destination Port port tiport lestination Port port or port port DSL de WAN Interfaces Configured in Routing mode and with firewall enabled only Certificate Select at least one or multiple WAN interfaces displayed below to apply this rule Wireless Diagnostics Y Select All Management Y pppoe_8 35 2 ppp_8_35_1 Figure2 8 7 3 Incoming IP Filtering Add Setup Filter Name Enter the name of incoming filter rule Protocol select one among TCP UDP TCP UDP or ICMP protocols Source IP address Enter a ip address when you have set ip address the incoming packet protocol selected packet will allow Source subnet mask Source port
76. this option and the line corresponding you checked will be disable You can not use it to initiate or accept any call Extension This is telephone s VoIP user ID used for identification to initiate and accept calls Display Name A free text description which will be displayed to remote parties as your caller ID Authentication Name The login name used for authentication with the SIP proxy Password The password used for authentication with the SIP proxy NOTE if you have entered changed the parameters on the web site you must click Start Sop to save the parameters and Start Stop the voice application 4 6 2 2 SIP Advanced Setting The advanced setting page contains those parameters that are not usually used If you need advanced feature such as FAX and MOH Music on Hold you can configure it here 141 Voice SIP Advanced configuration _ Forwarding Call forwarding Forwarding all Callforwardingif Line SM ME end i Call waiting Devika Thie number wi en busy calls no answer 1 Advanced Setup i l O O a Wireless a O O O Voice Enable MWI subscription de Enable T38 support SIP Advanced Setting Registration Expire Ear SIP Debug Setting Timeout 3600 Usb Storage Dialpan Setting Oa Dtmf Relay setting Voice Band Management SIP Transport protocol TLS TiO STR an Auto PSTN Call switch to idle line Routing L Enable SIP tag matching Uncheck for Yonage
77. to hosts with dynamically assigned IP addresses by a Dynamic Host Control Protocol DHCP server and updates the nameserver with the new information about the host or the network This 1s particularly useful to broadband users hosting internet services such as File Transfer Protocol FTP Hyper Text Transfer Protocol HTTP and Simple Mail Transfer Protocol SMTP on their local hosts connected to the broadband network at home Dynamic DNS allows access to such hosts connected to the broadband networks using a domain name to exchange files send receive email with highly personalized email addresses and host a website The primary requirement in such case 1s for the domain name to be associated with the ever changing IP address of the host or the network For more details about dynamic DNS please refer to RFC 2136 To provide such support for the feature described above a client is installed in the host serving the internet traffic directed to the domain The client updates the IP address of the host whenever the host renegotiates the IP address for any reason The BCM963xx Linux reference software provides support for dynamic DNS allows the users to configure the following dynamic DNS servers for DDNS service gt DynDNS org A free DNS service for hosts with dynamic IP addresses gt TZO A service provider providing dynamic and static DNS services for a fee To use one of the providers mentioned above requires the users to register with the dynamic
78. wall or ceiling for better reception e Building Materials make a difference Buildings constructed using metal framing or doors can reduce effective range of the device If possible position wireless devices so that their signal can pass through drywall or open doorways avoid positioning them so that their signal must pass through metallic materials Poured concrete walls are reinforced with steel while cinderblock walls generally have little or no structural steel e Position the antenna for best reception Play around with the antenna position to see if signal strength improves Some adapters or access points allow the user to judge the strength of the signal e Keep your product away at least 1 2 meters from electrical devices Positions wireless devices away from electrical devices that generate RF noise such as microwave ovens monitors electric motors etc 2 2 ADSL Router s connection e As illustrated below Connect the DSL port of the DSL Router with telephone cable e Connect the LAN port of the DSL Router to the network card of the PC via a Ethernet line e Plug the power adapter to the wall outlet and then connect the other end of it to the PWR port of the DSL Router Connection 1 Fig 2 1 displays the application diagram for the connection of the DSL Router PC and telephones VolrPt LANZ LAN LAN4 ONO o2 COJO a on FTA Telephone Line m gt 5 gt FD s o Telephone PHONE MODEM 11 eer Power
79. with security and wish to expose one computer to all services without restriction note A DMZ host is not protected by the rewall and may be vulnerable to attack Designating a DMZ host may also put other computer sin the home net work at risk When designnating a DMZ host you must consider the security implications and protect it if necessary You can set up a client in your local network to be a so called DMZ host Your device will then forward all incoming data traffic from the Internet to this client You can then for example operate your own Web server on one of the clients in your local network and make it accessible to Internet users As the exposed host the local client is directly visible to the Internet and therefore particularly vulnerable to attacks e g hacker attacks Only activate this function if it is absolutely necessary e g to operate a Web server and other functions e g port forwarding are not adequate In this case you should take appropriate measures for the clients concerned Note Only one PC per public IP address can be set up as an Exposed Host Add an DMZ host gt Toset up a PC as an DMZ host select DMZ Host from the Advanced Setup gt NAT DMZ host 71 Device Info Advanced Setup WAN LAN NAT Virtual Servers Port Triggering DMZ Host Security Quality of Service Routing DNS DSL Print Server Port Mapper Certificate Wireless Voice Usb Storage Diagnostics Management Figure2 8 6 4 DMZ
80. 0 32 step4 Delete ENT1 bind with PVC 0 32 then bind ENT1 with PVC 8 35 at PC ping wan side default gateway in this example it s 10 11 102 2 run catch packet softwar then we can see the data transmitted from PVC 8 35 as figure 8 93 lx Eile Edit View Go Capture Analize Statistics Help Bes S Her o FL QQQ PHHRX Filter icmp request 000000 ping 2 0 000300 is Fee oe TEREE z Coping re 3 0 022931 10 11 102 2 10 11 102 164 ICMP Echo ping reply 4 0 023162 dd oe al Eo a Ela Seed Meee ICMP Echo ping reply 5 1 001345 192 168 1 253 10 11 102 2 ICMP Echo ping request 6 1 001758 10 11 102 164 zB pre ne es ICMP Echo ping request 7 1 023660 UL La 10 11 102 164 ICMP Echo ping reply 5 1 023857 TO oe 192 168 1 253 ICMP Echo ping reply 13 2 001766 197 168 1 253 EOL TO ICMP Echo ping request 14 2 001689 10 11 102 164 10 LL es 2 ICMP Echo ping request 1 esas 10011 102 2 10 11 10 164 ICMP Echo ping reply 16 2 024020 10 11 102 2 192 166 1 253 ICMP Echo Cping reply 17 3 001239 192 168 1 253 a es Kes PE ICMP Echo ping request 18 3 001658 10 11 102 164 0 SLL oe 2 ICMP Echo ping request LoS Oe SF FO LO bos ae 10 11 102 164 ICMP Echo ping reply 0 3 023963 10 11 102 2 16 168 1 253 ICMP Echo ping reply 5 E Frame 2 82 bytes on wire 82 bytes captured E Ethernet II sre GO 73 1 07 20 e6 5F Ost 00 14 78 4d 568 31 lH PPP over Ethernet session ES A
81. 1 to the metric value indicated in the update and enters the network in the routing table The IP address of the sender is used as the next hop Rowling RIP Confiqguralson Device Indo Advanced Setup WAN LAN MAT Security Quality of Service Feiti Delsul Galeway Statie Route RIP Print Server Port Mapping Certificate Wirth Vion Usb Storage Diarias tica earners Figure2 8 9 6 RIP Configuration 89 4 4 6 3 4 RIP configuration gt To activate RIP for the device select the Enabled radio button for Global RIP Mode gt To configure an individual interface select the desired RIP version and operation followed by placing a check in the Enabled checkbox for the interface Click the Save Apply button to save the configuration and to start or stop RIP based on the Global RIP mode selected 4 4 6 4 Policy Route In this the Policy is that route IP packet base on the rule defined by network administrator As a example we can define the policy that the packets from network A sended out from path X the others sended out from path Y or that the packets s TOS value is A sended out from path F the others sended out from path K The policy route is introduced into the linux form the version 2 1 kernel When compare with tradition route arithmetic the policy route mainly introduced the concept of multi route table and rule 4 4 6 4 1 Multi route table The tradition route arithmetic use only one route table For so
82. 10 MAC address transmit PPPoE frame to internet 78 Click add to configure as the interface below Add MAC Filter Create a filter to identify the MAC layer frames by specifying at least one condition below If multiple conditions are specified all o Device Info them take effect Click Apply to save and activate the filter Advanced Setup WAN Protocol Type PPPoE v LAN Destination MAC Address Security gt Source MAC Address 00 13 20 9E 0F 10 Parental Control Frame Direction LAN lt gt WAN y Routing DSL WAN Interfaces Configured in Bridge mode only Port Mapping Certificate W Select All Wireless Y br_1_35 nas_1_35 Diagnostics Management _ Save Apply Figure2 8 7 9 MAC Filtering Add Config example click Save Apply to show below MAC Filtering Setup MAC Filtering Global Policy FORWARDED Device Info Advanced Setup Change Policy WAN LAN MAC Filtering is only effective on ATM PYCs configured in Bridge mode FORWARDED means that all MAC layer frames will be Security FORWARDED except those matching with any of the specified rules in the following table BLOCKED means that all MAC layer Aia frames will be BLOCKED except those matching with any of the specified rules in the following table Parental Control Choose Add or Remove to configure MAC filtering rules Routing DSL YPI CI Protocol Destination MAC Source MAC Frame Direction Remove E ALL PPPOE 00 13 20 9e 0f 10 LAN lt gt
83. 26 A Ded WAC CSS Merite SCD sh tauren OP nO e ar EE 21 AZ AWAN ScUp SUMINI A A E E a AN 27 AZ SOUICK SELUP Comple E ds bae o LO 28 4 3 DSL ROUTER DEVICE INFORMATION ccsseccsssccccescccnsccessceccescscuscsenscsecsseecescsenscsescenescseuscsenscss 29 A Sl Summary of Device AIM a a elas 29 AZ WAIN Interlace A e La lien 30 WAS J SS A ek a alah a Died a A AA a ah ad 31 ESAS CNO LAN tic 31 AD DUALISELE SHOE WAN sata uds 31 AO SUALISELC SHOR AT Maoa dot 32 ES EAS ESO ADS E A E acter ea AA TO 33 ASES ROUTS ADS 1M OM AO Ad ta Ud 35 FIRAR CADIS O a AN E A E TE 35 A FIODH CP IPF Eases O a e a a ere ad UNOS 36 AAV ANCE Ds SE UID o e le do 36 AA WAIN EC ONETGR ALTON e tee ra odo 37 AAD ANECA Ura OM psec stiotaiespacewsk a a Gua encase nna a aaatae 63 4 4 3 NAT Network Address Translati0D oococoocccnocnnoconiccnonoconoconoconncnnoconoronarcnnoconorcnnnconoconorons 67 A A lates ie Suan euacma alin 72 ARO QUA Ol SEL VIC Ona ropita siii senil atlas 80 AO NOUS tenio manencestumematanencmasun E atte piba escrita 87 a SA N one II IA A II O II E E 94 1E E D ao BAE A EE II E AAE AON E II A EN EE 96 A SS o A II A ne me EA 97 BA VOOR NEA A o ee 101 A 102 AA A fesueuteasanks 106 a OIE E S o E E E E EE sarge ache EAN EEE A lp E EEEE EE 109 0 i DRE E eA ee ae A EEEE A E TT 109 AZ eles LAN DO E E eea a aet 111 4 5 3 Configure Wireless Connection io 115 o EEAO Example E E EEN E E E E ETTE T EEEE 131 AN ON TEAVAD E oia dit adi 133 AO LONE i
84. 8 1 10 255 255 255 0 Security IP Filtering Incoming Parental Control Figure2 8 7 1 Outgoing IP Filtering Config Complete 4 4 4 2 Incoming IP Filtering Setup The incoming IP filter is used to block and permit IP packet transmisstion from internet By default incoming IP filter block all incoming packet from internet When incoming IP Filtering rules setup being enable on the MODEM you can permit remote individual PC to access various local network Service Click Security gt IP Filtering gt Incoming to show the following interface By default all incoming IP traffic from the WAN is blocked when the firewall 1s enabled However some IP traffic can be ACCEPTED by setting up filters Incoming IP Filtering Setup By default all incoming IP traffic from the WAN is blocked when the firewall is enabled However some IP traffic can be ACCEPTED Device Info by setting up filters Advanced Setup Choose Add or Remove to configure incoming IP filters WAN LAN NRT Filter Name YPI CI Protocol Source Address Mask Source Port Dest Address Mask Dest Port Remove Security IP Filtering Add Outgoing Parental Control Routing Figure2 8 7 2 Incoming IP Filtering Config Click Add to enter the related interface defining the IP filtering rule as follows The screen allows you to create a filter rule to identify incoming IP traffic by specifying a new filter name and at least one condition below All of
85. 9 4 1 Protocol Components TR 69 is one of the CPE WAN Management Protocol It comprises several components that are unique to this protocol and makes use of several standard protocols The protocol stack defined by the CPE WAN Management Protocol is shown in 441 RIRE 5 HY 1 A brief description of each layer is provided in Table 1 CPEACS Management Application RPC Methods SOAP soLTLs TERP Table 1 1 Protocol layer summary CPE ACS Application The application uses the CPE WAN Management Protocol on the CPE and ACS respectively The application is locally defined and not specified as part of the CPE WAN Management Protocol 162 RPC Methods The specific RPC methods that are defined by the CPE WAN Management Protocol These methods are specified in ix AREAS This includes the definition of the CPE Parameters accessible by an ACS via the Parameter related RPC Methods The specific Parameters defined for an Internet Gateway Device are specified in SOAP A standard XML based syntax used here to encode remote procedure calls Specifically SOAP 1 1 HTTP HTTP 1 1 as specified in SSL TLS The standard Internet transport layer security protocols Specifically either SSL 3 0 Secure Socket Layer as defined in or TLS 1 0 Transport Layer Security as defined in Use of SSL TLS is RECOMMENDED but is not required TCP IP Standard TCP IP 4 9 4 2 TR 069 Client configuration The CPE WAN Management Protocol is
86. Access Control Update Software Savye Reboot Figure 3 7 9 Router Save reboot page 167
87. B driver installation Found Hew Hardware Wizard Completing the Found New Hardware Wizard The wizard has finished installing the software for HE TLUSB Remote NDIS Network Device Click Finish to close the wizard 12 3 Introduction 3 1 About DSL router DSL router is a scalable suite of software infrastructure and technologies that Original Equipment Manufacturers OEMs require in order to bring Residential Gateways Internet Access Devices ADs to market DSL router leverages a wide range of compelling broadband based applications and services and includes an operating system drivers and remote management capabilities DSL router delivers a set of highly integrated solutions required for the home and small of company such as Optimized Linux 2 6 Operating System IP Routing and Bridging Asynchronous Transfer Mode ATM and Digital Subscriber Line DSL support Point to Point Protocol PPP Network Port Address Translation NAT PAT Quality of Service QoS Wireless LAN Security WPA 802 1x RADIUS client Virtual Private Network VPN IPSec Secure Socket Layer Virtual Private Network SSL VPN Universal Plug and Play File Server for Network Attached Storage NAS devices Print Server Web Filtering Carrier Grade Voice over IP VoIP SIP MGCP RTP Management and Control Web based Management WBM Simple Network Management Protocol SNMP Command Line Interface CLI TR O69WAN
88. Control Update Software Save Reboot Figure 3 6 1 Restore Default Settings 4 9 2 System Log Click System Log to show the following interface The system log dialog allows you to view the system log and configure the system log options 154 System Log The System Log dialog allows you to view the System Log and configure the System Log options Device Info Click View System Log to view the System Log Advanced Setup Wireless Click Configure System Log to configure the System Log options Diagnostics Management SNMP Agent Internet Time Access Control Update Software Savye Reboot Figure 3 6 2 System Log overview Click Configure System Log to show the following interface You can enable or disable the system log and then select the log level display level and mode and click Apply to end your configurations System Log Configuration If the log mode is enabled the system will begin to log all the selected events For the Log Level all events above or equal to the selected level will be logged For the Display Level all logged events above or equal to the selected level will be displayed If the selected mode is Remote or Both events will be sent to the specified IP address and UDP port of the remote syslog server If the selected mode is Local or Both events will be recorded in the local memory Select the desired values and click Save Apply to configure the system log op
89. EANN 1 35 1 UBR br_1 35 nas 135 Bridge N A Disabled N A Enabled J NAT Security Routing Asd DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 5 2 PPPoA Config O In this interface you can modify VPI VCIs service categories and QoS ATM PYC Configuration This screen allows you to configure an ATM PYC identifier VPI and YCD and select a service category Otherwise choose an existing interface by selecting the checkbox to enable it Device Info Advanced Setup WAN CI 32 65535 35 LAN NAT Service Category UBR Without PCR Security Routing DNS DSL Fore Moppng Enable Quality Of Service Certificate Wireless Enabling packet level QoS for a PYC improves performance for selected classes of applications QoS cannot be set for CBR and Realtime BR QoS consumes system resources therefore the number of PWCs will be reduced Use Advanced Setup Qualit Diagnostics p Y of Service to assign priorities for the applications Management Enable Quality Of Service Figure 2 5 3 PVC and it s Qos config page VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid value is from 0 to 255 VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Service Category UBR Without PCR UBR With PCR CBR Non Realtime VBR Realtime VBR E
90. ENET3 represent Ethernet port ID 0 1 and 2 within the Ethernet Switch ENET4 represents the Ethernet MAC PHY MDI port De selecting the Enable virtual ports button will disable the system capability to recognize individual Ethernet port within the Ethernet switch The WEB UI will display two Ethernet ports ENET 1 3 and ENET4 The ENET 1 3 represents the Ethernet MAC MII port The ENET4 represents the BCM634x Ethernet MAC PHY MDI port 4 4 10 1 Create a new mapping group Group Name Enter a unique group name Grouped Interfaces The port belongs to this group Available Interfaces It shows the available Ethernet port which you can select Automatically Add Clients With the following DHCP Vendor IDs If a vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow it to obtain an appropriate IP address for example the windows 2000 XP default DHCP client s vender ID is MSFT 5 0 ALU ESS E Vendor ID Sting a DHCP server Note that these clients may obtain public IP addresses Device Info 3 Click Save Apply button to make the changes effective immediately Advanced Setu p Note that the selected interfaces will be removed from their existing groups and added to the new group LAN IMPORTANT If a vendor ID is configured for a specific client device please REBOOT the client device attached to t NAT modem to allow it to obtain an appropriate IP address Security
91. ER provides Chapter 1 1 gives the overview of DSL ROUTER VOIP solution Chapter 1 2 introduces the web page configuration including SIP Basic Setting and SIP Advanced Setting Chapter 1 3 shows how to manipulate use DSL ROUTER s call function such as redial response function such as call forward call waiting and so on Chapter1 4 shows you some configuration examples so let you use DSL ROUTER s VoIP function quickly and easily 4 6 1 1 SIP Entities DSL ROUTER s VoIP solution use SIP Session Initiation Protocol to create modify terminate calls SIP is an Internet application layer protocol that runs in User Agent and Server Systems for controling multimedia sessions between users who may move from one location to another and use terminal devices with various media capabilities For more details about SIP please see RFC3261 In order to form concepts of SIP terminology of SIP is displayed blow and chart 1 1 shows their application POTS Plain old telephone service The traditional telephones we use in home are POTS User Agent UA It includes UA Client UAC UA Server UAS UAC originates calls and UAS listens for incoming calls DSL ROUTER can server as UAS and UAC SIP Proxy routes call requests If we create a call to invite our friends or relatives through SIP our call is routed through SIP Proxy for only it knows your friends or relatives POTS s position SIP Registrar maintains mappings from names use
92. Linel PSTN Call switch to Linel Line PSTN Call switch to Line Yoip PSTN Call switch to voip call Select the way incoming PSTN calls to be routed It has following items Auto PSTN Call switch to idle line DSL ROUTER will automatically select the idle line for incoming PSTN call Linel PSTN Call switch to Linel PSTN call will be routed to line 1 If it s busy PSTN call will fail Line2 PSTN Call switch to Line2 PSTN call will be routed to line 2 VoIP PSTN Call switch to VoIP call PSTN call will be routed to VoIP extension which is filled in PSTN Call Routing Data 4 6 2 2 9 Enable SIP tag matching Enable SIP tag matching Uncheck for Vonage Interop Enable the checking of the to tag in SIP message Enabling this feature may impose more strict checking on SIP messages If you place DSL ROUTER in a Vonage network using the Vonage server make sure to uncheck it 4 6 2 2 10 Enable Music Server Enable Music Server Music Server 0 0 0 0 MUSIC Server port 0 When set enabled the holding party will act like a coordinator and trigger the music server to stream music to the hold party This is done by sending an INVITE without SDP to music server and acknowledging server s response with an ACK message containing the SDP of the hold party Music server then streams music to hold party Fill Music server area with server s IP address and specify the port in Music se
93. M Quality of Service Routing DNS DSL Print Server Signing Request Port Mapping IPSec Certificate Local Trusted CA Wireless Voice Load Signed Certificate Figure3 1 1 generated certificate request Usb Storage The certificate request needs to be submitted to a certificate authority which would sign the request Then the signed certificate needs to be loaded into modem Click Load Certificate button from the previous screen or from the base screen will bring up the load certificate page Paste the signed certificate and click apply and a new certificate 1s created 107 Paste signed certificate Device Info Certificate Name mwcertificate Advanced Setup ff BEGIN CERTIFICATE WAN lt insert certificate here gt LAN NAT Security Quality of Service Routing DNS DSL Print Server Certificate Port Mapping IPSec Certificate Local Trusted CA Wireless Voice Usb Storage Figure3 1 2 Load Certificate 4 4 12 2 Import Existing Local Certificate To import existing certificate click Import Certificate button and paste both certificate and corresponding private key Import certificate Enter certificate name paste certificate content and private key Device Info Advanced Setup Certificate Name WAN fa BEGIN CERTIFICATE LAN lt insert certificate here gt NAT Security Quality of Service Routing DNS DSL
94. Network and Guest SSID box will not be displayed Hide Access Point Check this box if you want to hide any access point for your router so a station cannot obtain the SSID through passive scanning Clients Isolation When many clients connect to the same access point they can access each other If you want to disable the access between clients which connect the same access point you can check this box Disable WMM Advertise WMM is short for wi fi multimedia which can provide high performance multimedia voice video data transfers SSID The SSID is the network name shared among all points in a wireless network The SSID must be identical for all points in the wireless network It is case sensitive and must not exceed 32 characters use any of the characters on the keyboard Make sure this setting is the same for all points in your wireless network For added security you should change the default SSID to a unique name Country The name of the country with which your gateway is configured This parameter further specifies your wireless connection For example The channel will adjust according to nations to adapt to each nation s frequency provision Max Clients Specifies maximum wireless client stations to be enble to link with AP Once the clients exceed the max vlaue all other clients will be refused The value range is between six and ten Wireless Guest Virtual Access Points If you want to make Guest Virtual network function be
95. O PAP CHAP MSCHAP Usually select AUTO will be OK Dial on demand with idle timeout timer If enable it you need to input the idle timeout time Within the preset minutes if the MODEM doesn t detect the flow of the user continuously the MODEM will automatically disconnect the PPPOE connection Once it detects the flow like access to a webpage the MODEM will restart the PPPOE dial up 40 If disable it the MODEM will perform PPPOE dial up all the time Unless the MODEM is powered off and DSLAM or uplink equipment are abnormal the PPPOE connnection will not broken PPP IP extension After PPP IP extension is enabled the WAN IP address obtained by the MODEM through built in dial up can be directly assigned to the PC being attached with the MODEM at this time the MODEM has only one PC From the view of the PC user this is even with that the PC dials up to obtain an IP addres But actually the dial up is done by the MODEM If disable it the MODEM obtain the WAN IP address itself Advanced DMZ This is the virtual server configuration option The DMZ Host feature allows one local computer to be exposed to the internet to be this feature the other computer can easily enter the DMZ Host a DMZ host is not protected by the firewall and may be vulnerable to attack Designating a DMZ host may also put other computers in the home network at risk When designating a DMZ host you must consider the security implications and protect it 1f
96. ODEM doesn t detect the flow of the user continuously the MODEM will automatically disconnect the PPPOA connection Once it detects the flow like access to a webpage the MODEM will restart the PPPOA dial up If disable it the MODEM will perform PPPOA dial up all the time Unless the MODEM is powered off and DSLAM or uplink equipment are abnormal the PPPOA connnection will not broken PPP IP extension After PPP IP extension is enabled the WAN IP address obtained by the MODEM through built in dial up can be directly assigned to the PC being attached with the MODEM at this time the MODEM has only one PC From the view of the PC user this is even with that the PC dials up to obtain an IP addres But actually the dial up is done by the MODEM If disable it the MODEM obtain the WAN IP address itself Advanced DMZ This is the virtual server configuration option The DMZ Host feature allows one local computer to be exposed to the internet to be this feature the other computer can easily enter the DMZ Host a DMZ host is not protected by the firewall and may be vulnerable to attack Designating a DMZ host may also put other computers in the home network at risk When designating a DMZ host you must consider the security implications and protect it if necessary 1 If you want to setup DMZ Host you should enable the PPP IP extension at first 2 Non DMZ IP Address The DMZ Host IP Address you can modify it by hand 3 Non DMZ Net
97. P Address 192 168 1 1 ES Default Gateway Usb Storage R y E a Primary DNS Server 192 168 1 1 Diagnostics Secondary ONS Server 192 168 1 1 Management Figure 2 1 Web based Management Home Page 4 1 Logging on the MODEM The following introductions are prepared for the first time users it is a detail How To user guide 4 1 1 First Time Logging When logging into DSL router for the first time the logging wizard is the first screen to appear a Launch a Web browser on your computer b Browse to http 192 168 1 1 DSL router default IP address The logging page appears c Enter a username and password The default super username and password are both set to admin the common username and password are both user you don t need to input the username and password again if select the option Remember my password It is recommended to change these default values after first time logging into the DSL router d Click OK to login or click Cancel to exit this login interface 15 OSL Router User name admin Password Figure 2 1 1 Web based Management Login authentication page After logging into the DSL router by a super username you can query configure modify all configurations and diagnose the system too You need to reboot the DSL router to enable your modification or configuration effective sometimes e g you modified the PVC configuration some modification can take effecti
98. P QUERY STARTED 1 sysDescr 0 octet string Software Version 3 10L 02 sip all 53 6F 66 74 77 61 72 65 20 56 65 72 73 69 5F 6 20 33 2E 31 30 4C 2E 30 32 2E 73 69 70 2E 61 2 sysObjectID 0 object identifier enterprises 16972 3 sysUpT ime O timeticks O days 00h 39m 59s 46th 239946 4 sysContact 0 octet string China Communications Standards Association 43 68 69 6E 61 20 43 6F 6D 6D 75 6 69 63 61 74 69 6F 6E 73 20 53 74 61 6E 64 6 5 sysName 0 octet string UNKNOWN 55 4E 4B 4E 4F 57 4E hex 6 sysLocation 0 octet string UNKNOWN 55 4E 4B 4E 4F 57 4E hex 7 sysServices 0 integer 72 8 sysORLastChange 0 timeticks O days 00h 00m 00s 00th 0 9 sysORID 1 object identifier snmpMIB 10 sysORDescr 1 octet string The MIB module for SNMP v2 entities 54 68 65 20 4D 49 42 20 6D 6F 64 75 6C 65 20 66 6F 72 20 53 4E 4D 50 76 32 20 65 6E 1111 sysORUpTime 1 timeticks O days 00h 00m 00s 00th 0 12 ifNumber 0 integer 8 13 iflndex 10000 integer 10000 10000 14 ifindex 30000 integer 30000 30000 15 ifindex 30001 integer 30001 30001 16 iflndex 30002 integer 30002 30002 17 ifindex 30003 integer 30003 30003 18 ifindex 40000 integer 40000 40000 13 iflndex 110000 integer 110000 110000 20 ifindex 140000 integer 140000 140000 of ha b AA m AA AAA AA o PA a a AAA Query agent 192 168 1 1 finished ocak Figure3 6 10 Query results 4 9 4 TR 69 Client Management 4
99. P Queue 802 1P Lan Source Source Dest Dest 3 Security Name Mark ID Mark Port ad DERE Addr Mask Port Addr Mask Port MAR Man a eid E Addr Mask Addr Mask Quality of Service Queue Config 8 81 9 Bea ICMP CSS o a a QoS Classification Routing 8 35 3 2 2 DSL Print Server Add Save Apply Port Mapping Certificate Wireless Yoice Diagnostics Management Figure2 8 9 3 QoS 802 1p setting Complete click Save Apply This configuration will take effective at once 4 4 6 Routing 4 4 6 1 Routing Default Gateway In this interface you can modify the Default Gateway settings If Enable Automatic Assigned Default Gateway checkbox is selected this router will accept the first received default gateway assignment from one of the PPPoA PPPoE or MER DHCP enabled PVC s If the checkbox is not selected enter the static default gateway AND OR a WAN interface Click Save Apply button to save it NOTE If changing the Automatic Assigned Default Gateway from unselected to selected You must reboot the router to get the automatic assigned default gateway gt If you want to use a default gateway please click ENABLE Automactic Assigned DefaultGateway box to show the following interface Routing Default Gateway If Enable Automatic Assigned Default Gateway checkbox is selected this router will accept the first received default gateway assignment from one of the PPPoA PPPoE or MER DHCP enabled P
100. PS technology This technology is fairly new so not every vendor will support the WPS technology 4 5 2 4 Wireless Client requirements 4 5 2 4 1 Radio Transmission Wireless LAN or WLAN devices use electromagnetic waves within a broad unlicensed range of the radio spectrum to transmit and receive radio signals When a wireless access point is present it becomes a base station for the WLAN nodes in its broadcast range WLAN nodes transmit digital data using FM frequency modulation radio signals WLAN devices generate a carrier wave and modulate this signal using various techniques Digital data is superimposed onto the carrier signal This radio signal carries data to WLAN devices within range of the transmitting device The antennae of WLAN devices listen for and receive the signal The signal 1s demodulated and the transmitted data extracted The transmission method used by the access point is called Direct Sequence Spread Spectrum DSSS and operates in a range of the radio spectrum between 2 4GHz and 2 5GHz for transmission See the expert technical specifications for more details on wireless operation 4 5 2 4 2 Antennas Direct the external antenna to allow optimization of the wireless link If for example the antenna is erect wireless links in the horizontal plane are favoured Please note that the antenna characteristics are influenced by the environment that is by reflections of the radio signal against walls or ceilings It is advisa
101. Quality of Service Group Name 11 Routing Grouped Interfaces Available Interfaces DNS DSL ENMETI ENET3 Print Server ENET2 ENET4 yi Port Mapping ireless IPSec Certificate Wireless Voice Usb Storage Diagnostics Management Automatically Add Figure2 9 3 Port Mapping configuration 101 Step1 Enter the Group name and select interfaces from the available interface list and add it to the grouped interface list using the arrow buttons to create the required mapping of the ports The group name must be unique Step2 If you like to automatically add LAN clients to a PVC in the new group add the DHCP vendor ID string By configuring a DHCP vendor ID string any DHCP client request with the specified vendor ID DHCP option 60 will be denied an IP address from the local DHCP server Note that these clients may obtain public IP addresses Step3 Click Save Apply button to make the changes effective immediately Note That the selected interfaces will be removed from their existing groups and added to the new group 4 4 10 2 Edit a existing group Group Name Enter a unique group name Grouped Interfaces The port belongs to this group Available Interfaces It shows the available Ethernet port which you can select Automatically Add Clients With the following DHCP Vendor IDs If a vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow it to obtain
102. Residential Gateway Contents 1 INTRODUCTIONS ccccccsscccscccccsccccsccccccsccccccccsccccsccccssccccscccccsccccscscceccccceccccsccccecsccescccecscceccceees 4 KEA PECTIN aaa S 4 12 EE ATREA A A TE A E E E A A 4 ko WIRELESS SPEC saknei naa AA A E EE AT 4 LA COMPETANCE CERTIFICATE S untada ala dia 5 1 5 STANDARDS COMPATIBILITY AND COMPLIANCE ccoocccnoccnnnccnnnocnnnaccnnnccnonocnnnorcnnaronnnrcnnnocnonacannnrcnnnicnns 5 16 ENGAPSULATION SUPPORTS usd ala dla 6 ENVIRONMENT sida lalala dia 6 SO YS TEM REQUIREMENTS iaa 6 LISA ETY GAU NON ds A ase nic E E 8 LIOLED STATUS DESCRIPTION chrec sanre ae EA EA pelen saci oesel dem tuenecese epee 8 LIOTLED Stane Des capullo ales 8 A A A 9 2 HARDWARE INSTALLATION said ii 9 2 1 CHOOSING THE BEST LOCATION FOR WIRELESS OPERATION cocccnoccnnccnnoconoccnncconaconorcnnaconaconaccnnacanos 9 D2 AOE ROUTERS CONNECTION Sri dai 10 DOB ACTORY RESET BUTTON st da tia 10 AOS Be INSPA LISA TION dada tia 10 3 INTRODUCTION a A A AA AA EA E S 13 ABOUT ROUTER e NU o os NU 13 O RPI eR SOR aR et SP RE erie 13 5 2 Setting Up WAN and LAN CONE CONS ai 14 SIA PCN WOR CODE CU MAA A tise ae 14 4 WEB BASED MANAGEMENT cscccssscccscccccccccscccccsccccsccccscsccssccccscccccsccccssccccsccccsccccscccceccceees 15 A OGGING ON THE MODEM tadas 15 Ak kPt Cs AP O O O 15 A QUICK SETUP cidos 16 Ailes NN AUN AE AC CS e ei e 16 Bio Mor IN Mern ace CUP APARENTE OPERA O o e a ch iouenueseieesesoanees
103. S to control managed devices The NMS changes the values of variables stored within managed devices The trap command is used by managed devices to asynchronously report events to the NMS When certain types of events occur a managed device sends a trap to the NMS Traversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables such as a routing table 4 9 3 2 Configure Click SNMP Agent sub menu item under Management menu item show figure 3 as following SNMP Configuration Simple Network Management Protocol SNMP allows a management application to retrieve statistics and status from the SNMP agent in this device Device Info Quick Setup Select the desired values and click Apply to configure the SNMP options Advanced Setu p SNMP Agent Disable Enable Wireless Voice Read Community Diagnostics Set Community Management Settings System Name System Log System Location SNMP Agent System Contact e tae Trap Manager IP 0 0 0 0 Access Control Update Software Save Reboot Figure 3 6 6 SNMP Config Click Enable button to open SNMP function input the configuration that your ISP has provided to you Then click Save Apply 4 9 3 3 Simple Test Use MIB Browser tool to test SNMP function MIB Browser s main operation interface 158 SI EIE Prorser Professional Edition
104. Save button only saves the LAN Device Info saves the LAN configuration data and reboots the router to make the new configuration effective Advanced Setup WAN IP Address 1192 168 1 1 i LAN Subnet Mask 255 255 255 0 NAT Security Enable UPnP Quality of Service sa Routing A DNS Standard Mode DSL Blocking Mode Print Server Disable DHCP Server Port Mapping O Enable DHCP Server estonia Start IP Address 192 168 1 2 Wireless i End IP Address 192 168 1 254 Yoice l Usb Storage Subnet Mask 2595 299 295 0 Diagnostics Leased Time hour 24 Management Configure the second IP Address and Subnet Mask for LAN interface IP Address Subnet Mask Save Reboot Figure 2 8 1 LAN configuration setup 4 4 2 1 Defining the private IP address for the DSL Router On this screen you can change the device s IP address The preset IP address is 192 168 1 1 This is the Private IP address of the DSL Router This is the address under which the device can be reached in the 63 local network It can be freely assigned from the block of available addresses The IP address under which the DSL ROUTE WLAN dsl can be reached from outside is assigned by the Internet service provider gt If you want to assign a different IP address to the DSL Router enter it in the fields next to IP address gt Adjust the Subnet mask if necessary We recommend that you use an address from a block that is reserved for private u
105. T Enabled PORE Piappng Firewall Enabled Certificate 7 i IGMP Multicast Disabled Wireless Diagnostics Quality Of Service Disabled Management Click Save to save these settings Click Back to make any modifications MOTE You need to reboot to activate this WAN interface and further configure services over this interface Figure 2 5 7 PPPoA Setup Summary Click Save to save these settings And you can click Back to make any modifications After you click Save it show the following interface NOTE You need to reboot to activate this WAN interface and further configure services over this interface 48 Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup Con YPI CI ID Category Service Interface Protocol Igmp QoS Yilanid State Remove Edit 1 35 1 UBR br 1 35 nas_135 Bridge N A Disabled N A Enabled Security Routing 8 35 1 UBR pppoa_8_35_2 ppp_8_35_1 PPPoA Disabled Disabled N A Enabled DNS DSL Add Remove Port Mapping Save Reboot Certificate Wireless Diagnostics Management Figure 2 5 8 PPPoA Setup Complete 4 4 1 5 PPPoA PVC Network Application Dynamic Public IP 192 168 1 3 192 168 1 1 assigned by BRAS 10 28 106 200 Pook 10 28 1060 ar E Tr r E n l i Ps 4 ISF a a a Ps a BRAS a Pers 192 168 1 2
106. TM PWC that your ISP has instructed you to use Note that Device Info 802 19 VLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPOA LAN NAT PPP over Ethernet PPPOE IRONIEN MAC Encapsulation Routing MER Routing DNS IP over ATM IPo4 DSL rm Port Mapping 0 Bridging Certificate Wireles liso Encapsulation Mode Diagnostics ae LLC SNAP BRIDGING Management Enable 802 1q Figure 2 7 7 Bridge Enable 802 1q If enable it input the 802 1q VLAN tag value Note that 802 1q VLAN tagging is only available for PPPoE MER and Bridge Click Next to show the following interface O In this interface you can modify the Service name Unselect the check box below to disable this WAN service Device Info Advanced Setup WAN Enable Bridge Service y Service Name br_8_35 Security Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 7 8 Bridge service page WAN Service Please enable it unless you don t need to active the PVC Click Next to show the following interface O In this interface it show the all configuration 61 WAN Setup Summary Make sure that the settings below match the settings provided by your ISP Device Info Advanced Setup VPI CI 8 35 WAN Connection Type Bridge N n sei Service Name br_8 35 NAT i Service Category UBR Security e od Routing IP Address Mot Applicable DNS Se
107. US Semer PPP over Ethernet Descriptions In this example the MODEM is connected to the DSLAM through PVC 8 35 the PPPOE is located between the WAN interface of the MODEM and BRAS The encapsulation of the downlink interface of BRAS is PPP OVER ETHERNET the authentication is AUTO the IP address is 10 28 106 200 the 43 IP Pool is 10 28 106 and the IP address of the uplink interface is 10 61 92 157 The WAN interface of the MODEM obtains the IP address that is dynamically assigned by BRAS through its built in PPPOE dial up The MODEM will assign this public IP address to the PC configured as Obtain an IP address automatically attached to it in the DHCP mode At this time NAT will have no effect From the point view of the user the MODEM seems working in the Briding mode In some cases this function is named ZIPB Zero Installation PPP Bridge Mode as well Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type interface select PPP over Ethernet PPPoE and LLC SNAP BRIDGING as the encapsulation and then click Next 5 In the PPP User name and Password interface enter the user name and password provided by your ISP IMPORTENT Selec
108. WAN O Certificate Wireless id renos Diagnostics Remove Management Figure2 8 7 10 MAC Filtering Add Config Complete 4 4 4 3 2 MAC Filtering Global Policy BLOCKED Let me show you how to permit the PC who has the 00 13 20 9E 0F 10 MAC address transmit PPPoE frame to internet Click add to configure as the interface below Add MAC Filter Create a filter to identify the MAC layer frames by specifying at least one condition below If multiple conditions are specified all of Device Info them take effect Click Apply to save and activate the filter Advanced Setup WAN Protocol Type PPPoE v LAN Destination MAC Address Security 2 Source MAC Address 00 13 20 9E 0F 10 MAC Filtering Parental Control Frame Direction LAN lt gt WAN y Quality of Service Routing DSL Print Server WAN Interfaces Configured in Bridge mode only Y Select All M br_0 8 35 fnas_0 8 35 1 Port Mapping Certificate Wireless Save Apply Voice Diagnostics Management Figure2 8 8 1 MAC Filtering BLOCKED Add Config 79 click Save Apply to show below MAC Filtering Setup MAC Filtering Global Policy BLOCKED Device Info Advanced Setup Change Palicy WAN LAN MAC Filtering is only effective on 4TM PWCs configured in Bridge mode FORWARDED means that all MAC layer frames will be Security FORWARDED except those matching with any of the specified rules in the following table BLOCKED means that all MAC la
109. YC s If the checkbox is not selected enter the static default gateway AND OR a WAN interface Click Save Apply button to save it Device Info Advanced Setup WAN LAN Security NOTE If changing the Automatic Assigned Default Gateway from unselected to selected You must reboot the router to get the automatic assigned default gateway Routing Default Gateway Static Route DSL Port Mapping Y Use Default Gateway IP Address 10 28 106 200 Certificate O Use Interface v Wireless Diagnostics Management Figure2 8 9 4 Default Gateway Use Default Gateway gt Select Enable automatic Assigned Default Gateway box Custom DSL router Default Gateway gt Close Enable automatic Assigned Default Gateway box 87 gt Entry Use Default Gateway IP Address gt Entry Use Interface The interface that the packets pass through on the MODEM gt Apply setting by click Save Apply 4 4 6 2 Static Routes Networking devices forward packets using route information that is either manually configured or dynamically learned using a routing protocol Static routes are manually configured and define an explicit path between two networking devices Unlike a dynamic routing protocol static routes are not automatically updated and must be manually reconfigured if the network topology changes The benefits of using static routes include security and resource efficiency Static routes use less bandwidth than dynamic routing protocols and n
110. age Look at this screen is it familiar with us yeah It is the same as Quick Setup to learn more about the configuration please turn to page 31 Have configured the modem If we have configured the modem click WAN will turn into the following interface Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN WPI WCI Con ID Category Service Interface Protocol Igmp QoS VYianid State Remove Edit ENN 1 35 1 UBR br135 nas 135 Bridge N A Disabled N A Enabled J NAT cota DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 4 3 PPPoE Config 1 Select Edit you can modify the existent PVC s parameter 2 Select Add you can add a more one ATM PVC 3 Choose Remove you can delete the PVC don t forget select the Remove check box 4 Select Save Reboot Choose Save Reboot to apply the changes and reboot the system Note After a PVC is deleted or modified the system must be rebooted or the modification will not be effective Now we only show you how to add PVC 4 4 1 1 Add PPPoE PVC Click Add to add a certain piece of PVC The following descriptions are given by an example of adding PVC 8 35 PPPOE mode 38 1 Click Add to turn into the following interface In this interface you can modify VPI VCI servic
111. agnostics O SRA Enable Management Save Apply Advanced Settings Figure2 9 1 DSL modulation settings 4 4 9 Print Server A network printer is a printer on which you can print your documents without it being connected to your pc The advantage of this is that you only need this printer once in your network All PCs for which it is released can access it and work with it In most cases a printer of this type is connected to another PC in the network This does indeed offer the advantage referred to above but it has serious disadvantages gt The printer can only be used by others if the PC to which it is connected is switched on gt The print job you send to the PC on which the printer depends reduces the performance of this PC To facilitate this option you must first set up a printer port on each PC that is to use the network printer A printer port is an interface on the PC that forwards the print job to an IP address within the network Once you have set up this port you must install the printer driver 4 4 9 1 Configuring Print Server on DSL Server Following are the steps to enable the on board Printer Server Step1 Enable Print Server from Modem Web GUI Step2 Check Enable on board printer server and key in Printer name Make and model Note The Printer name can be any text string up to 40 characters The Make and model can be any text string up to 128 characters 97 Print Server sett
112. al met DISAN Oi CUNY ESUAT Advanced Setup Click Apply to configure tho basic wirke opi Wireless Brit i mwb Wiroles Security Hiko acces Pol MAL Filter A i I 1 r Wirths Brick Advanced Diada ko LANDA Archer bis Station info phan Voice ES Li UPASI Usb Storage Dir Lis Cont CHTHA Management gia S Mires Goat Wir b ss Pois Isuke Denthe M Erahimi 5510 Hidden AI Asc Chas Cher Aahar liar Guest 13 Cuil 125 GUEST lid sare Apy Figure 3 3 6 Wireless Basic property setting 4 Click the Save Apply button to save the setting 4 5 4 1 2 Configuring a Wireless Windows XP Client If your PC has wireless capabilities Windows XP will automatically recognize this and create a wireless connection for you You can view this connection under Window s Network Connections 1 Open your Network Connections window from Window s Control Panel Network Connections File Edit View Favorites Tools Advanced Help Fid Back ae ES HD Search MS Folders Es Address O Network Connections Internet Connection a Internet Connection 7 Conrnectra internet Connection T tp Linksys Wireless G USB Metwo _ Realtek R1L8139 810x Family Fast Ethernet NIC 3 a Open LAN E Realtek RTL8139 810x Farnil Figure 27 Network Connection 2 Double click the wireless connection icon The Wireless Network Connection screen will appear displaying all available wireless networks in your vicinity If your gateway 1s
113. all will be 146 forwarded c Press 70 will disable call forwarding busy 4 6 3 13 Call forwarding all If this feature enabled incoming calls will be forwarded to third party without any reason It involves two steps setting the forwarding number and enable the feature a Dial 74 lt NUM gt P to set forwarding number where NUM is the number of the party whom the call is forwarded to Note 1f we have already set forwarding number before this step can be omitted b Press 73 to enable call forwarding all That is all incoming alls will be forwarded to the third party C Press 75 will disable call forwarding all but let call forwarding no answer and call forwarding busy unchanged d Press 70 will disable all call forwarding function 4 6 3 14 3 Way conference 3 way conference enables you to invite a third party to a call and every person in the conference is able to hear others voice a Assume you are in connection with a first party Press FALSPP to put the first party on hold Dial a third party After the third party answers the call press FLASH again to invite the first party oA fo o Now all three parties are in a 3 way conference 4 6 3 15 T38 Faxing To make T38 faxing enable T38 support on the web After that connect a fax machine to a FXS port of DSL ROUTER Now you can treat it as a normal phone and is able to send or receive fax to or from other fax machines
114. allowed eo Allow all outgoing traffic packet from PC2 192 168 1 11 Configuration Stepl By default all outgoing IP traffic from LAN is allowed so allow all the IP packet come for the PC2 Setp2 The detailed configuration steps are as follows 74 Add IP Filter Outgoing The screen allows you to create a filter rule to identify outgoing IP traffic by specifying a new filter name and at least one condition below All of the specified conditions in this filter rule must be satisfied for the rule to take effect Click Save Apply to save and activate the filter Device Info Advanced Setup WAN ilter Name ilter LAN Filter Name Filter 1 NAT 4 Protocol TCP UDP X Security Source IP address 192 168 1 10 IP Filtering Source Subnet Mask 239923 255 0 Incoming Source Port port or port port Parental Control Destination IP address Routing DNS DSL Port Mapping Destination Subnet Mask Destination Port port or port port Certificate Figure2 8 6 10 Outgoing IP Filtering Add Setup example Wireless Click Save apply to show below Outgoing IP Filtering Setup By default all outgoing IP traffic from LAN is allowed but some IP traffic can be BLOCKED by setting up filters Device Info Advanced Setup Choose Add or Remove to configure outgoing IP filters WAN LAN Filter Name Protocol Source Address Mask Source Port Dest Address Mask Dest Port Remove NAT Filter1 TCP UDP 192 16
115. an external application tries to send a call to a PC in the local network the router will block it There is no open port via which the data could enter the local network Some applications such as games on the Internet require several links 1 e several ports so that the players can communicate with each other In addition these applications must also be permitted to send requests from other users on the Internet to users in the local network These applications cannot be run 1f Network Address Translation NAT has been activated gt Using port forwarding the forwarding of requests to particular ports the router is forced to send requests from the Internet for a certain service e g a game to the appropriate port s on the PC on which the game is running Port triggering is a special variant of port forwarding Unlike port forwarding the DSL Router forwards the data from the port block to the PC which has previously sent data to the Internet via a certain port trigger port This means that approval for the data transfer is not tied to one specific PC in the network but rather to the port numbers of the required Internet service Where configuration is concerned this means You have to define a so called trigger port for the application and also the protocol TCP or UDP that this port uses You then assign the public ports that are to be opened for the application to this trigger port u The router checks all outgoing data for the port number
116. appropnete IP settings Obtain an IP address automatically C Use the following IP address 5 Obtain INS server address automatically O Use the following DNS server addresses Figure 1 2 IP and DNS Configuration Windows XP a Access Network Connections from the Control Panel b Right click the Ethernet connection icon and select Properties c Under the General tab select the Internet Protocol TCP IP component and press the Properties button d The Internet Protocol TCP IP properties window will be displayed see figure 1 2 a Select the Obtain an IP address automatically radio button b Select the Obtain DNS server address automatically radio button c Click OK to save the settings Windows 2000 98 Me a Access Network and Dialing Connections from the Control Panel b Right click the Ethernet connection icon and select Properties to display the connection s properties 14 c Select the Internet Protocol TCP IP component and press the Properties button d The Internet Protocol TCP IP properties will be displayed a Select the Obtain an IP address automatically radio button b Select the Obtain DNS server address automatically radio button c Click OK to save the settings Windows NT a Access Network from the Control Panel b From the Protocol tab select the Internet Protocol TCP IP component and press the Properties button c From the
117. ara ch hor Wil Puchi Setiap wireless Earle Security SE Sebup AP PAU Filter This will ovens ie Gemting selling Wireless Erdge Advanced E Staltion Into Miir lish Storage MAMIA Setup AF Dlagnostics fanal Setup Al Minacpermend ill Brosdena_wyj Hobwork Aulhorkeation Wras Disabled lb Figure3 2 2 Wireless Security WPA2 Authentication o Mixed WPA2 WPA Authentication This authentication mode means AP auto adjust to use WPA2 or WPA according to wireless clients Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be Mixed WPA2 WPA WPA2 Preauthentication Selec Enable or Disenable Network Re auth Interval Specifies the timer of re authentication between the server and the client WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the client Radius Server IP Adress Enter the IP Address of the authentication server Radius Port Enter the port number of the authentication server The default port number is 1812 Radius Key Enter the same key as the Radius server s WPA Encryption Select TKIP AES or TKIP AES The AES is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security
118. are automatically configured Configurable as a DHCP Server on Your Network Compatible with virtually all standard Internet applications Industry standard and interoperable DSL interface Support Virtual Server IP Filter DMZ Host and Much More Simple web based status page displays a snapshot of system configuration and links to the configuration pages Downloadable flash software upgrades Support for up to 16 Permanent Virtual Circuits PVC Support for up to 8 PPPOE sessions Support SNMP v2 RIP vI amp RIP v2 NAT WLAN with High Speed Data Transfer Rates of up to 54Mbps Compatible with IEEE 802 11b g 2 4GHz Compliant Equipment 1 3 Wireless Spec IEEE 802 11b Network Standard IEEE 802 119 Frequency Range 2 40G 2 4835Ghz ISM Band 802 11b Modulation DBPSK DQPSK CCK 802 118 BPSK QPSK 16QAM 64QAM RF Power 20dBm Max Typ 18 dBm Normal Temp Range 802 11g Typ 15 dBm Normal Temp Range AP Capacity sian ee ere 50 80Pcs AP Proposal 11 US and Canada Channels 13 Europe and China 14 Japan IMbps 2Mbps 5 5Mbps 11Mbps for 802 11 b 6 Mbps 9 Mbps 12 Mbps 18 Mbps 24 Mbps 36 Mbps 48 Mbps 34 Mbps for 802 11b 1Mbps dead Auto sensing Data Rate 64 bit 128 bit WEP 800 1x WPA WPA2 MAC Level MAC Filter MAC Filter Vacancy MAC DHCP Client amp Static IP Authentication 802 1X and S dl Radius Client ppo DHCP Server Radio Cover Rage Outdoor 120 400 m Indoor 35 100
119. below figure After return to main window a Logged in message indicates the soft phone is successfully registered 149 Figure 3 5 2 Soft phone configure 4 6 4 1 4 Test VoIP call Seize the phone attached to DSL ROUTER dial the number of soft phone 1002 Soft phone should rings with calling party s number information shown on it s LCD Answer the call on soft pone will create a 2 way VoIP calling At this point your VoIP call is successful 4 6 4 2 PSTN to VoIP Call With the function of the FXO interface on DSL ROUTER PSTN calls to FXO number can be routed to FXS legs on the gateway or to extensions on VoIP network VoIP calls if their numbers match PSTN dial plan will be routed to PSTN network too However in current implementation we can t change PSTN dial plan on the fly so it s unable to call PSTN number freely In below figure the telephone line connected to FXO interface is assigned with number 2001 In web page PSTN calls are configured routed to VoIP extension 1002 So if a PSTN party 2002 calls 2001 this call will be forwarded to 1002 150 T E X y A sy p a i ss 1 m Dr i ER i i i i a p ee e y RH PSTN network T jate d Number 1602 VoIP network ds J E LE l LL rai X Lite Soft phone imning an nar AL ig A J A Lil AE L ag J a i a fe 01 ptt a Number 1001 Analog phone attached to Moden Figure 3 5 3 PSTN to VoIP Call topol
120. ble to use the received signal strength as indicated by the wireless client manager to optimize the 114 antenna position for the link to a given client Concrete walls weaken the radio signal and thus affect the connection 4 5 2 4 3 Range Range should not be a problem in most homes or small offices If you experience low or no signal strength in some areas consider positioning the Router in a location between the WLAN devices that maintains a roughly equal straight line distance to all devices that need to access the Router through the wireless interface Adding more 802 11g access points to rooms where the signal is weak can improve signal strength Read the section about placement of the Router titled Location in the next chapter Hardware Installation for more information 4 5 2 4 4 Radio channels The 802 11g standard allows several WLAN networks using different radio channels to be co located The Gawv5 4U4 A3 supports multiple radio channels and is able to select the best radio channel at each startup You can choose to set the channels automatically or manually The different channels overlap To avoid interference with another access point make sure that the separation in terms of frequency is as high as possible It is recommended to keep at least 3 channels between 2 different access points The Gawv5 4U4 A3 supports all channels allowed for wireless networking However depending on local regulations the number of channels act
121. ce category and QoS will remain default values In actual applications you can modify them depending on your practices After proper modifications click Next to show the following interface 2 In this interface you can modify Internet Connection Type and Encapsulation Type Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that your ISP has instructed you to use Note that Device Info 802 19 VLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPoA LAN NAT PPP over Ethernet PPPoE pd MAC Encapsulation Routing MER Routing DNS IP over ATM IPoA DSL Port Mapping Bridging Certificate silane Encapsulation Mode Diagnostics a LLC SNAP BRIDGING Management Enable 802 1q Next Figure 2 4 5 Internet Connection Type and Encapsulation Type page Change the connection type of PVC 8 35 to PPP over ATM PPPoE Select PPP over ATM PPPoE and LLC SNAP BRIDGING depending on the uplink equipment 39 generally LLC SNAP BRIDGING as Encapsulation Mode Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that your ISP has instructed you to use Note tha 802 1q VLAN tagging is only available for PPPoE MER and Bridging Device Info Advanced Setup WAN PPP over ATM PPPoA doo MAC Encapsulation Routing MER Routing DNS gt IP over ATM IPoA
122. ck up the handset on the phone b Now you hear the dial tone Dial the extension of remote party c To end the dialing wait for digit timeout or just press immediately d After remote party answers the call you re in voice connection 4 6 3 3 Anonymous call Anonymous call won t send the caller ID to remote party This is useful if you don t want others know whom you are a Pick up the handset on the phone b Dial 83 to enable anonymous call c Hook on the handset and dial another extension as you like Now your caller ID information is blocked d To enable caller ID transmission again dial 84 on the key pad 4 6 3 4 Do not disturb DND If DND enabled all incoming calls will be rejected DND is useful if you don t want others to bother you Pick up the handset on the phone Dial 86 to enable DND function Hook on the phone Now your phone will reject all incoming calls To disable DND press 87 on the key pad 4 6 3 5 Redial For outgoing calls DSL ROUTER will remember the number you dial Next time when you want to dial that person DSL ROUTER provide you the redial functionality oo Ff a To re dial the latest dialed person press 68 on the key pad b Now you have made the call as if you just dialed the whole number 4 6 3 6 Call return For incoming calls DSL ROUTER remembers the number of calling party a To return a call press 69 b N
123. connected and active you will see wireless connection Note that the connection s status is Not connected and denned as Unsecured wireless network 132 au Wireless Metwork Connection par Choose a wireless network SL Refresh mebwork list Click an ibero in hhe list below Eo connect to a wireless network in range oe bo gat mora nformation A Set up a wireless network 19 john_smith Not connected 7 for a home or smal office t Unsecured wireless n bework angii Related Tasks J Leam about wireless networking Le Change the order of preferred nebworks Eg Change advanced Settings Figure 28 Wireless Connection 3 Click the connection once to mark it and then press the Connect button at the bottom of the screen After the connection is established its status will change to Connected y john_smith Connected dr F Unsecured wireless network anil An icon will appear in the notification area announcing the successful initiation of the wireless connection i Wireless Connection One or more wireless networks are available To see a list of available networks click here 4 Once the client connects to the access point 1t will get a 1p address by dhcp protocol see Figure below Connection specific Suffix IP Address a a 192 168 1 4 255 255 255 868 192 168 1 1 Subnet Mask Default Gateway 4 6 Voice available 4 6 1 Overview DSL ROUTER s Voice over IP VoIP solution allo
124. creen creates a traffic class rule to classify the upstream traffic assign queue which defines the precedence and the interface Device Info and optionally overwrite the IP header DSCP byte 4 rule consists of a class name and at least one condition below All of the Quick Setup specified conditions in this classification rule must be satisfied for the rule to take effect Click Save Apply to save and activate the rule Advanced Setup WAN s Traffic Class Name LAN l k Rule Order y Quality of Service Rule Status M Queue Config QoS Classification Assign ATM Priority and or DSCP Mark for the class Routing If non blank value is selected for Assign Differentiated Services Code Point DSCP Mark the correcponding DSCP byte in the IP DSL header of the upstream packet is overwritten by the selected value Print Server Port Mapping Assign Classification Queue fo Certificate Assign Differentiated Services Code Point DSCP Mark SSS as Wireless Mark 802 1p if 802 1q is enabled y Voice Specify Traffic Classification Rules Diagnostics Enter the following conditions either for IP level SET 1 or for IEEE 802 1p SET 2 Management SET 1 Physical LAN Port Protocol v Differentiated Services Code Point DSCP Check v IP Address vw Source Subnet Mask UDP TCP Source Port port or port port Destination IP Address Destination Subnet Mask Figure2 8 8 9
125. d by BRAS 136 1 1 1 Pool 136 1 1 0 The E i A ISP 4 A a Md BRAS Jl DSLAM Bei AA 1921681 2 RADIUS PPP over Ethernet ii Descriptions 42 In this example the MODEM is connected to the DSLAM through PVC 8 35 and the access mode is the built in PPPOE NAT The encapsulation of the BRAS downlink port is PPP OVER ETHERNET the authentication is AUTO the IP address is 10 28 106 200 the IP Pool is 10 28 106 and the IP address of uplink port is 10 61 92 157 The IP of the WAN port on the MODEM is assigned by BRAS through the built in PPPOE dial up dynamically The PC that the MODEM 1s attached 1s assigned with a private IP address within the same segment with the management IP of the MODEM The NAT functions of the MODEM will be enabled and the private PC address will be translated to the public address 10 28 106 2 254 assigned by BRAS dynamically for accessing ISP The IP address of the PC can be fixed as in this example or assigned through DHCP Server of the MODEM If it is assigned by DHCP Server the DHCP functions of the MODEM must be enabled The IP address of the DHCP address pool is 192 168 1 2 254 The functions are enabled by default and at the same time the PC is configured to obtain IP and DNS addresses dynamically Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the
126. d data in the fields Use IP Address Input the gateway of the WAN interface provided by your ISP Use WAN Interface As to BAS equipment it is the IP address of the downlink interface 52 Obtain DNS server address automatically To obtain the IP address of the DNS server assigned by the uplink equipment such as BAS Use the following DNS server addesses If you want to input the IP address of the DNS server by yourself click this entry and then input related data in the fields Primary DNS server Input the IP address of the primary DNS server here Secondary DNS server Input the IP address of the secondary DNS server provided by your ISP here After correctly modifications click Next to show the following interface O In this interface you can modify the Service name and enable disable the NAT Firewal IGMP Multicast WAN Service Network Address Translation Settings Network Address Translation NAT allows you to share one Wide Area Network WAN IP address for multiple computers on your Device Info Local Area Network LAN Advanced Setup WAN Enable NAT y LAN NAT Security Routing Enable IGMP Multicast and WAN Service DNS DSL Enable IGMP Multicast Enable Firewall Y Port Mapping Enable WAN Service V Certificate Wireless Service Name mer_8_35 Diagnostics Management Figure 2 6 4 MER IGMP and WAN service page Enable NAT Select it to enable the NAT functions of the MODEM If you are not to enable NAT
127. dec list Preferred ptime SIP domain name and so on The followings will show you how to configure the SIP Basic Setting Web Page step by step 4 6 2 1 1 Interface name Interface name bro Bridge Figure 3 3 8 Interface Name This item provides for you to choose the way which DSL ROUTER s VoIP connect to SIP Proxy There are two ways br0 Bridge PPPOE If you do not configure the Wan tab under the Advanced Setup menu there is only brO Bridge you can choose Default value is brO Bridge The method which you would like choose please consult your Internet Service Provider ISP 4 6 2 1 2 Locale selection Locale selection USA United States y Figure 3 3 9 Locale selection This item provides for you to choose country where your locale in The different country use different standards used by DSL ROUTER VoIP module such as ring tone standard Locale selection default value is USA 4 6 2 1 3 Preferred code list Preferred codec list none none none none none none Figure 3 3 10 Preferred codec list This item provides for you to specify the priority of codec and the priority of codec declined from left to right 139 Codecs define the method of relaying voice data Different codecs have different characteristics such as data compression and voice quality For Example G 723 is a codec that uses compression so it 1s good for use where bandwidth is limited but its voice quality is not
128. deny policy Oo A defaulte allow policy A default deny approach to security is by far the more secure but due to the difficulty inconfiguring and managing a network in that fashion many networks instead use the default allow approach Let s assume for the moment that your security management program utilizes a default deny policy and you only have certain services enabled that you want people to be able to use from the Internet NOTE The security is like a firewall T2 Figure2 8 6 5 the Security application Click Security gt IP Filtering to show the following interface By default the firewall is enabled The firewall is used to block document transmissions between the Internet and your PC It serves as a safety guard and only permits authorized documents to be sent into the LAN Note If the modem configured bridge mode only the IP Filtering will disabled and the IP filtering interface will disappear And if the modem configured no Bridge mode PVC the MAC Filtering will disabled and the MAC Filtering interface will disappear Outgoing IP Filtering Setup By default all outgoing IP traffic from LAN is allowed but some IP traffic can be BLOCKED by setting up filters Device Info Advanced Setup Choose Add or Remove to configure outgoing IP filters WAN LAN Filter Name Protocol Source Address Mask Source Port Dest Address Mask Dest Port Remove NAT Add IP Filtering Parental Control Routing Figure2 8
129. destination network address gt Entry subtnet Mask gt Enable Use Gateway IP Address and entry IP address gt Select use interface gt Apply setting by click Save Apply Remove static route gt Select remove box on table gt Apply setting by click remove 88 4 4 6 3 RIP 4 4 6 3 1 Background The Routing Information Protocol or RIP as it is more commonly called is one of the most enduring of all routing protocols RIP is also one of the more easily confused protocols because a variety of RIP like routing protocols proliferated some of which even used the same name RIP and the myriad RIP like protocols were based on the same set of algorithms that use distance vectors to mathematically compare routes to identify the best path to any given destination address These algorithms emerged from academic research that dates back to 1957 Today s open standard version of RIP sometimes referred to as IP RIP is formally defined in two documents Request For Comments RFC 1058 and Internet Standard STD 56 As IP based networks became both more numerous and greater in size it became apparent to the Internet Engineering Task Force IETF that RIP needed to be updated Consequently the IETF released RFC 1388 in January 1993 which was then superceded in November 1994 by RFC 1723 which describes RIP 2 the second version of RIP These RFCs described an extension of RIP s capabilities but did not attempt to obsolete the previous
130. dging service page 4 2 2 LAN Inerface Setup In Lan interface setup page 26 Device Setup Configure the DSL Router IP Address and Subnet Mask for LAN interface Device Info Quick Setup IP Address 1192 1681 1 Advanced Setup Subnet Mask 255 255 255 0 Wireless Voice O Disable DHCP Server Diagnostics Enable DHCP Server Management Start IP Address 192 168 1 2 End IP Address 192 168 1 254 Subnet Mask 255 255 255 0 Leased Time hour 24 O configure the second IP Address and Subnet Mask for LAN interface Figure 2 2 2 5 3 LAN Interface Setup 4 2 3 Wireless Interface Setup Enable Wireless Check or uncheck this box to enable or disable the wireless connection SSID The SSID is the network name shared among all points in a wireless network The SSID must be identical for all points in the wireless network It is case sensitive and must not exceed 32 characters use any of the characters on the keyboard Make sure this setting is the same for all points in your wireless network Wireless Setup Device Info Quick Setup Enter the wireless network name also known as SSID Advanced Setup SSID Broadco m Wireless Yoice Next Diagnostics Management Figure 2 2 2 5 4 Wireless Setup 4 2 4 WAN Setup Summary When In WAN setup summary phase The property of the PVC added can view VPI VCI Connection Type Service Name
131. e categories and Qos ATM PYC Configuration This screen allows you to configure an ATM PYC identifier PORT and VPI and VCI and select a service category Otherwise choose an existing interface by selecting the checkbox to enable it Device Info PORT 0 3 lo Quick Setup i VPI 0 255 0 Advanced Setup WAN VCI 32 65535 35 LAN Quality of Service VLAN Mux Enable Multiple Protocols Over a Single PWC Routing DSL Print Server Service Category UBR Without PCR w Port Mapping Enable Quality Of Service Certificate Enabling packet level QoS for a PWC improves performance for selected classes of applications QoS cannot be set for CBR anc Realtime BR QoS consumes system resources therefore the number of PYCs will be reduced Use Advanced Setup Qual of Service to assign priorities for the applications Wireless Voice Diagnostics Management Enable Quality Of Service J Figure 2 4 4 PVC and it s Qos config page VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid value is from 0 to 255 o VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Service Category UBR Without PCR UBR With PCR CBR Non Realtime VBR Realtime VBR o Enable Quality Of Service enable disable In this example PVC 8 35 is required to modify so servi
132. e Rate At the lower part of this interface there is a Reset Statistics button Click it to return values to zero and recount 4 3 7 1 ADSL BER Test Click ADSL BER Test to do a Bit Error Rate Test on the DSL line The tes t interface is as follows ADSL BER Test Start The ADSL Bit Error Rate BER test determines the quality of the ADSL connection The test is done by transferring idle cells containing a known pattern and comparing the received data with this known pattern to check for any errors Select the test duration below and click Start Tested Time sec Figure 2 3 7 1 ADSL BER Test The Tested Time sec has the following choices 1 5 10 20 60 120 180 240 300 and 360 Select a time and then click Start to pop up the following interfaces in sequence ce bags EE E ar ADSL BER Test Running The ADSL BER test is in progress The connection speed is 25391 Kbps The test will run for 20 seconds Click Stop to terminate the test Internet Figure 2 3 7 1 ADSL BER Test Running Page 34 ADSL BER Test Result The ADSL BER test completed successfully Test Time sec 20 Total Transterred Ox000000001B69B580 Bits Total Error Bits oxdooo000000000000 Error Ratio 0 008 00 Figure 2 3 7 1 ADSL BER Test Result Note If the error ratio reaches up to e 5 the user will not be able to access the Internet 4 3 8 Route table in
133. e WMM No Acknowledgement Select whether ACK in WMM packet By default the Ack Policy for each access category 1s set to Disable meaning that an acknowledge packet is returned for every packet received This provides a more reliable transmission but increases traffic load which decreases performance To disable the acknowledgement can be useful for Voice for example where speed of transmission is important and packet loss is tolerable to a certain degree o WMM APSD APSD is short for automatic power save delivery Selecting enable will make it has very low power consumption WMM Power Save is an improvement to the 802 1le amendment adding advanced power management functionality to WMM Click Save Apply to configure the advanced wireless options and make the change take effect 4 5 3 6 Queue Config This page allows you to configure WMM W1 Fi Multimedia features of the wireless LAN interface Wi Fi Multimedia WMM is a Wi Fi Alliance certification based on the IEEE 802 1 1le draft standard It provides basic Quality of Service QoS features to IEEE 802 11 networks In the Queue Config web page the queue about wireless which have eight predefined queues can t be edited see figure QoS Queue Configuration A maximum 24 entries can be configured If you disable WMM function in Wireless Page queues related to wireless will not take effects i Interfacename Description Precedence Queue Key Enable Remove Device Info Adva
134. e configured in 802 11b g mode can associate 54g Perfomance Only stations that are configured in 802 11g mode can associate It 1s the same as 54g LRS if you select it the preamble type will be disabled which can t be set o 54g Protection The 802 11g standards provide a protection method so 802 11g and 802 11b devices can co exist in the same network without speaking at the same time Do not disable 54g Protection if there is a possibility that a 802 11b device may need to use your wireless network In Auto Mode the wireless device will use RTS CTS to improve 802 11g performance in mixed 802 11g 802 11b networks Turn protection off to maximize 802 11g throughput under most conditions 128 Preamble Type Preambles are a sequence of binary bits that help the receivers synchronize and ready for receipt of a data transmission Some older wireless systems like 802 11b implementation use shorter preambles If you are having difficulty connecting to an older 802 11b device try using a short preamble You can select short preamble on if the 54g mode is set to 802 11b Only in the 54g Mode field Transmit Power Adjust the transmission range here This tool can be helpful for security purposes if you wish to limit the transmission range eo WMM W1 Fi Multimedia Select whether WMM is enable or disabled Before you disable WMM you should understand that all qos queues traffic classes relate to wireless will not take effects
135. e iproute select route path base on the mark Warning thr PRI of the policy route is higher whih static route and rip route 4 4 6 4 4 Configure Before config policy route need enbale port mapping fuction after enable port mapping function select the menuitem Advanced Setup Routing Policy Route inturn will display the page as figure 1 90 Routing Policy Route LA maximum 32 entries can be configured Lan Interface wan Interface Remove Agd Remove Device Info Advanced Setup AA LAN MAT Security Quality of Service Routing Default Gateway Static Route RIP DNS OSL Print Server Port Mapping Certificate Wireless oice Usb Storage Diagnostics Management Figurel the confige page of policy route Click the button add will display the page as figure 2 Routing Policy Route Add Select the lan interface and WAN interface then click Save Apply to add the entry to the Device Info routing table Advanced Setup WAN LAN NAT Lan Interface ENET1 gt Security Wan Interface ppp_0_0_32_1 Quality of Service Routing Save Apply Default Gateway Static Route RIP Policy Route DNS DSL Print Server Port Mapping Certificate Wireless Yoice Usb Storage Diagnostics Management figure 2 the add page of policy route gt The Lan interface have four option ENET1 present the first lan interface ENET2 present the second lan interface analogy in tur
136. eate a new certificate request have it signed by a certificate authority and load the signed certificate O Import an existing signed certificate directly 4 4 12 1 Create New Local Certificate Certificate name Creates an SSL certificate in the specified certificate repository administrator s or domain s repository by using a private key file and a corresponding certificate file Common Name The common name is the fully qualified domain name or FQDN used for DNS lookups of your server for example www mydomain com Browsers use this information to identify your Web site Some browsers will refuse to establish a secure connection with your site 1f the server name does not match the common name in the certificate Please do not include the protocol specifier http or any port numbers or pathnames in the common name Do not use wildcard characters such as or and do not use an IP address Organization Name The name of the organization to which the entity belongs such as the name of a company State Province Name This is the name of the state or province where your organization s head office 1s located Please enter the full name of the state or province Country Region Name This is the two letter ISO abbreviation for your country for example GB for the United Kingdom Follow the following steps to create a new certificate Click Create Certificate Request enter necessary information 106 Create nev certificate re
137. ece RADIUS Se fryer PPP over ATM Descriptions In this example the MODEM is connected to the DSLAM through PVC 8 35 and the access mode is the built in PPPOA NAT The encapsulation of the BRAS downlink port is PPP OVER ATM the authentication is AUTO the IP address is 10 28 106 200 the IP Pool is 10 28 106 and the IP address of uplink port is 10 61 92 157 The IP of the WAN port on the MODEM is assigned by BRAS through the built in PPPOA dial up dynamically The PC that the MODEM is attached is assigned with a private IP address within the same segment with the management IP of the MODEM The NAT functions of the MODEM will be enabled and the private PC address will be translated to the public address 10 28 106 2 254 assigned by BRAS dynamically for accessing ISP The IP address of the PC can be fixed as in this example or assigned through DHCP Server of the MODEM If it is assigned by DHCP Server the DHCP functions of the MODEM must be enabled The IP address of the DHCP address pool is 192 168 1 2 254 The functions are enabled by default and at the same time the PC is configured to obtain IP and DNS addresses dynamically Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type
138. ed 802 11b gear can incur interference from microwave ovens cordless phones and other appliances using the same 2 4 GHz range However by installing 802 11b gear a reasonable distance from other appliances interference can easily be avoided In 2002 and 2003 WLAN products supporting a newer standard called 802 g emerged on the market 802 11g attempts to combine the best of both 802 11a and 802 11b 802 11g supports bandwidth up to 54 Mbps and it uses the 2 4 Ghz frequency for greater range 802 11g 1s backwards compatible with 802 11b meaning that 802 11g access points will work with 802 11b wireless network adapters and vice versa While 802 11b was in development IEEE created a second extension to the original 802 11 standard called 802 11a Because 802 11b gained in popularity much faster than did 802 11a some folks believe that 802 11a was created after 802 11b In fact 802 1la was created at the same time Due to its higher cost 802 11ais usually found on business networks whereas 802 11b better serves the home market 802 11a supports bandwidth up to 54 Mbps and signals in a regulated frequency spectrum around 5 GHz This higher frequency compared to 802 11b shortens the range of 802 11a networks The higher frequency also means 802 11a signals have more difficulty penetrating walls and other obstructions Because 802 11a and 802 11b utilize different frequencies the two technologies are incompatible with each other Some vendors offer
139. ement Figure 2 6 7 IPoA Config O In this interface you can modify VPI VCIs service categories and QoS 55 ATM PYC Configuration This screen allows you to configure an ATM PVC identifier PI and WCI and select a service category Otherwise choose an existing interface by selecting the checkbox to enable it Device Info Advanced Setup WAN WCI 32 65535 35 LAN NAT Service Category UBR Without PCR Security Routing DNS DSL Port Mapping Enable Quality Of Service Certificate Wireless Enabling packet level QoS for a PWC improves performance for selected classes of applications QoS cannot be set for CBR and Diagnostics Realtime VBR QoS consumes system resources therefore the number of PVCs will be reduced Use Advanced Setup Quality of Service to assign priorities for the applications Management Enable Quality Of Service Back Figure 2 6 8 PVC and it s Qos config page VPI Virtual Path Identifier The virtual path between two points in an ATM network and its valid value is from O to 255 VCI Virtual Channel Identifier The virtual channel between two points in an ATM network ranging from 32 to 65535 1 to 31 are reserved for known protocols Service Category UBR Without PCR UBR With PCR CBR Non Realtime VBR Realtime VBR Enable Quality Of Service enable disable In this example PVC 8 35 is required to modify so service category and QoS will remain default values In actual applications
140. enabled LAN Subnet Mask for This is the subnet mask used by the DSL Router and the DSL Router will be used throughout your LAN The default subnet mask is 255 255 255 0 This can be changed later Username This is the Username needed access the gateway s management interface When you attempt to connect to the device through a web browser you will be prompted to enter this Username The default Username for the Router is admin The user cannot change this Password This is the Password you will be prompted to enter when you access the gateway s management interface The default Password is admin The user may change this Information you will need about your LAN or computer Ethernet NIC If your computer has an Ethernet NIC you can Record info connect the DSL Router to this Ethernet port using an Ethernet cable You can also use the Ethernet ports on the DSL Router to connect to other computer or Ethernet devices DHCP Client status Your DSL Router Residential Gateway is configured by default to be a DHCP server This means that it can assign an IP address subnet mask and a default gateway address to computers on your LAN The default range of IP addresses the DSL Router will assign are from 192 168 1 2 to 192 168 1 254 Your computer or computers needs to be configured to Obtain an IP address automatically that is they need to be configured pf as DHCP clients 1 9 Safety Cautions Follow these announce
141. ervices over this interface Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN CANN 1 35 1 UBR br1 35 nas_1 35 Bridge N A Disabled N A Enabled NAT Security 8 35 1 UBR mer_8 35 nas_8_35 MER Disabled Disabled N A Enabled Routing DNS DSL Port Mapping VPI VCI Con ID Category Service Interface Protocol Igmp QoS lanid State Remove Edit Save Reboot Certificate Wireless Diagnostics Management Figure 2 6 6 MER Setup Complete 4 4 1 7 MER PVC Network Application 192 165 1 2 Dynamic Public IP 10 23 1081 A Accioned by ERAS DHCP DHCP 10 28 108 0 Serer x 192 468 1 1 i my A Descriptions In this example the MODEM is connected to the DSLAM through PVC 8 35 and the access mode is the MER NAT The downlink interface of BRAS is encapsulated in 1483B the IP address is 10 28 108 1 and the DHCP Server is enabled the address pool is 10 28 108 2 254 the IP address of the uplink interface is 10 61 92 157 the WAN IP address of the MODEM is automatically obtained through DHCP the PC attached to the MODEM is assigned with a private IP address within the same segment as the management IP address 192 168 1 1 the NAT functions of the MODEM is enabled and the private address of the PC is translated into the public address 10 28 108 2 254 dynamically assigned by BRAS for acc
142. ess Diagnostics Management Settings System Log SNMP Agent Internet Time Access Control Services Passwords Update Software Save Reboot Figure3 7 6 Access Control IP Addresses 165 4 9 6 3 Access Control Passwords Click Access Control gt Passwords to show the following interface In the interface you can Device Info Advanced Setup Wireless Diagnostics Management Settings System Log SNMP Agent Internet Time Access Control Services IP Addresses Update Software Save Reboot modify the accounts passwords Access Control Passwords Access to your DSL router is controlled through three user accounts admin support and user The user name admin has unrestricted access to change and view configuration of your DSL Router The user name support is used to allow an ISP technician to access your DSL Router for maintenance and to run diagnostics The user name user can access the DSL Router view configuration settings and statistics as well as update the router s software Use the fields below to enter up to 16 characters and click Apply to change or create passwords Note Password cannot contain a space Username Old Password New Password Confirm Password Save Apply Figure3 7 7 Password modify page 4 9 7 Update Software Click Update Firmware to show the following interface In this interface you can update the MODEM Firmware Click the Browse
143. ess Operation Many environmental factors can affect the effective wireless function of the DSL Router If this is your first time setting up a wireless network device read and consider the points listed below The access point can be placed on a shelf or desktop ideally you should be able to see the LED indicators on the front if you need to view them for troubleshooting Designed to go up to 100 meters indoors and up to 300 meters outdoors Wireless LAN lets you access your network from anywhere you want However the number of walls ceilings or other objects that the wireless signals must pass through can limit signal range Typical ranges vary depending on the types of materials and background RF noise in your home or business For optimum range and signal strength use these basic guidelines e Keep the number of walls and ceilings to a minimum The signal emitted from Wireless LAN devices can penetrate through ceilings and walls However each wall or ceiling can reduce the range of Wireless LAN devices from to 30M Position your wireless devices so that the number of walls or ceilings obstructing the signal path is minimized e Consider the direct line between access points and workstations A wall that is 0 5 meters thick at a 45 degree angle appears to be almost 1 meter thick At a 2 degree angle it is over 14 meters thick Be careful to position access points and client adapters so the signal can travel straight through 90 angle a
144. essing the ISP The IP address of the PC can be fixed as in this example or assigned through DHCP Server of the MODEM If it is assigned by the DHCP Server the DHCP functions of the MODEM must be enabled The IP address of the DHCP address pool is 192 168 1 2 254 The functions are enabled by default and at the same time the PC is configured to obtain IP and DNS addresses dynamically Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type interface select MAC Encapsulation Routing MER and LLC SNAP BRIDGING as the encapsulation and then click Next 54 5 In the WAN IP Settings interface select Obtain an IP address automatically Obtain default gateway automatically and Obtain a DNS server address automatically And then click Next Note The WAN IP address default gateway and DNS server address can be configured manually 6 In the Network Address Translation Settings interface enable the NAT and firewall And the other keep the default configuration unchanged Then click Next 7 Check the network configurations and make sure that all settings agree with the data provided by your ISP and then click Save 8 C
145. etup WAN En 1 35 1 UBR br_135 nas_135 Bridge N A Disabled N A Enabled F NAT Security DNS DSL Port Mapping WPI WCI Con ID Category Service Interface Protocol Igmp QoS lanid State Remove Edit Certificate Wireless Diagnostics Management Figure 2 4 1 WAN Config Select Add then it will turn into the following configure screen ADD PVC VLAN OF PVC Quality Of Service PVC Service category ADD PPPoE PVC PPP IP extension ADD PPPOA PVC 37 ADD MER PVC ADD BRIDGE PVC ADD IPOA PVC ATM PYC Configuration Device Info This screen allows you to configure an 47M PVC identifier PORT and VPI and YCI and select a service Category Otherwise Quick Setup choose an existing interface by selecting the checkbox to enable it Advanced Setup WAN PORT 0 3 LAN VPI 0 255 Quality of Service VCI 32 65535 35 Routing DSL Print Server VLAN Mux Enable Multiple Protocols Over a Single PWC Port Mapping Certificate service Category UBR Without PCR w Wireless Enable Quality Of Service Yoice Diagnostics Enabling packet level QoS for a PVC improves performance for selected classes of applications QoS cannot be set for CBR and Management Realtime YBR QoS consumes system resources therefore the number of PyCs will be reduced Use Advanced Setup Qualit of Service to assign priorities for the applications Enable Quality Of Service Figure 2 4 2 PVC and it s Qos config p
146. f WAN 0 0 32 Off 1 UBR pppoe_0_ 0 32 1 ppp_0 0 32 1 PPPoE Disabled Disabled Enabled Up 10 11 102 36 Statistics o s 35 Off 1 UBR pppoe_0_ 8 35_1 ppp_0_8_35_1 PPPoE Disabled Disabled Enabled Up 10 11 102 164 Route ARP DHCP Advanced Setup Wireless Voice Usb Storage Diagnostics Management figure 5 two PPPoE PVC dial succeed Remember two PPPoE PVC obtain IP address enable port mirror function the aim is than can catch packet transmit from PVC at the PC Step2 In the browser window open http 192 168 1 1 engdebug cmd as figure 6 92 Engineering Debugging Features feature to MONITOR ANY interface Current Support is WAN LF side port traffic per direction W OUT amp MIRROR the Monitored traffic onto the selected ports Current configuration is displayed Choose the configuration Choose Apply the changes to saveapply the configuration dynamically Entry NoMonitor Port Direction MirrorFlowTypeMirrorPortEnabled 2 wano WANO q pesa Ema mo ee oe e a RE Save Anply figure 6 enable port mirror function step3 Delete all policy route configure only config ENET1 bind with PVC 0 32 at PC ping the wan side default gateway in this example it s 10 11 102 2 run catch packet softwar then we can see the data transmitted from PVC 0 32 as figure 7 ice Untitled Ethereal Bile Edit view ED Capture Analyze statistics sus a 5U SB 072 aaa e DEX
147. f the remote gateway in the LAN Use IP address The Use WAN interface is optional NAT Security Obtain an IP address automatically Routing Use the following IP address DNS WAN IP Address DSL WAN Subnet Mask Port Mapping Certificate Obtain default gateway automatically Wireless Use the following default gateway Diagnostics Use IP Address Management E Use WAN Interface Obtain DNS server addresses automatically Use the following DNS server addresses Primary DNS server Secondary DNS server Figure 2 6 3 MER WAN IP config page Obtain an IP address automatically The MODEM will obtain a WAN IP address automatically and at this time it will enable DHCP Client functions The WAN IP address is obtained from the uplink equipment like BAS and the uplink equipment is required to enable the DHCP Server functions Use the following IP address If you want to input the WAN ip address by yourself Check this entry and then input related data in the field WAN IP Address Input the IP address of the WAN interface provided by your ISP WAN Subnet Mask Input the subnet mask concerned to the IP address of the WAN interface provided by your ISP Obtain Default Gateway automatically To obtain the IP address of the default gateway assigned by the uplink equipment such as BAS Use the following Default Gateway If you want to input the IP address of the default gateway by yourself click this entry and then input relate
148. fect WAN Link Power State 0 Statistics LAN DownstreamUpstream WAN SNR Margin dB 19 2 9 0 AIM Attenuation dB 3 0 1 5 ADSL Output Power dBm 9 3 13 1 Attainable Rate Kbps L6536 11224 Rute Rate Kbps 5516 1127 ARP MSGc number of bytes in overhead channel message 65 113 DHCP B number of bytes in Mux Data Frame 240 13 Advanced Setup M number of Mux Data Frames in FEC Data Frame 1 16 ireless ux Data Frames over sync bytes Wirel Mux Data Fi ync byt Voice R number of check bytes in FEC Data Frame 14 114 Usb Storage 5 ratio of FEC over PMD Data Frame length 0 3018 6 3046 Diagnostics L number of bits in PMD Data Frame 6759 B02 Management D interleaver depth 64 Delay msec 4 12 Super Frame Errors D D RS Words 43453762 077652 RS Correctable Errors 433 D NOP HEC Errors Do 4735 OCD Errors p Do LCD Errors D Total Cells 1197305500 2239090243 Data Cells 58 285860 p Bit Errors 198366 Total ES D 5674970 Total SES 0 5674953 Total UAS 18 5674913 ADSL BER Test Reset Statistics Figure 2 3 7 Statistics of ADSL You will see the following information pertinent to the ADSL line in the page Mode GDMT G LITE T1 413 ADSL 2 ADSL 2 READSL2 Line Coding Trallis on etc Status Link Down No Defect Training Link Power State LO L1 L2 Rate Kbps Upstream Line Rate Downstream Lin
149. for the Wide Area Network WAN connect 1t to the external modem you have or to the Ethernet socket you might have using an Ethernet cable LAN Connection Your computer can connect to the gateway in various forms Ethernet Wireless etc each requiring a different physical connection if any in case of Wireless The most common type of connection 1s Ethernet with most platforms featuring four such ports Use an Ethernet cable to connect between an Ethernet port on your DSL router and your computer s network card Please refer to the accompanying Installation Guides for additional information 3 2 2 PC Network Configuration Each network interface on the PC should either be configured with a statically defined IP address and DNS address or should be instructed to automatically obtain an IP address using the Network DHCP server DSL router provides a DHCP server on its LAN and it is recommended to configure your LAN to obtain its IP and DNS server IP automatically This configuration principle is identical but performed differently on each operating system Figure 1 2 displays the TCP IP Properties dialog box as it appears in Windows XP Following are TCP IP configuration instructions for all supported operating systems Internet Protocol TCP IP Properties p General Atenate Configuration You can get F settings assigned automaticaly f your network supports this capability Othenwise you need to ask your network administrator for the
150. formation Click Route You can view the route table information Each route item in route table has info as below Destination Gateway Subnet Mask Flag Metric Service Interface Device Info Route Flags U up reject G gateway H host R reinstate Device Info D dynamic redirect M modified redirect Summary WAN Statistics ARP DHCP Advanced Setup Destination Gateway Subnet Mask Flag Metric Service Interface 10 28 106 200 0 0 0 0 255 255 255 255 UH oO pppoe 8 35 1 ppp 8 35 41 192 165 1 0 0 0 0 0 200 200 233 0 Ll 0 bro 0 0 0 0 10 28 106 200 0 0 0 0 UG Jo pppoe_8 35 1 ppp 8 35 1 Wireless Diagnostics Management Figure 2 3 8 route table 4 3 9 ARP table information Click ARP to show the following interface You can query the MAC and IP addresses information of the equipment attached to the MODEM Each arp item has information as below IP address Flags HW address 35 Device Device Info ARP IP address Flags HW Address Device Device Info Summary 192 168 1 22 Complete 00 13 20 CF 6C 7 bro WAN Statistics Route DHCP Advanced Setup Wireless Diagnostics Management Figure 2 3 9 ARP table 4 3 10 DHCP IP Leases information Click DHCP to show the following interface You can query the IP addresses assignment to which MAC Address in DSL router s LAN side Through Ethernet and Wireless can obtain the IP Address
151. gn and use Ports on a PC This poses a security risk 4 4 2 3 Enable IGMP Snooping 10 11 102 35 gt 192 168 1 2 10 11 102 35 Le Sc Diable IGMP Snooping DSL Router 192 166 1 2 192 168 1 3 192 165 1 4 192 166 1 5 Figure 2 8 2 Diable IGMP Snooping 64 10 11 102 35 gt 192 168 1 2 A 4 eke 2 ee ce Enable IGMP Snooping 10 11 102 35 DSL Router LAN IP Address 192 165 1 1 192 168 1 2 192 165 1 3 192 168 1 4 192 165 1 5 Figure 2 8 3 Enable IGMP Snooping Internet Group Management Protocol IGMP is an Internet Protocol that enables an Internet computer to inform neighbouring routers that it is a member of a multicast group With multicasting a computer can send content on the Internet to several other computers that have registered an interest in the first computer s content Multicasting can for example be used for multimedia programs for media streaming to recipients that have set up multicast group membership Ol Enable IGMP Snooping Standard Mode O Blocking Mode Note If IGMP Snooping function 1s actice DSL Router capability will improve 4 4 2 4 Configuring the DHCP server c1nternet a gt gt i 10 11 102 35 DSL Router LAN 1F 192 168 1 1 DHCP Server start 192 168 1 2 End 192 165 1 254 aa yt N eee we a TER i E E A a A G 192 168 1 2 192 168 1 3 192 168 1 4 1932 168 1 5
152. gure3 7 2 Internet Time overview After enable Automatically synchronize with Internet time servers the interface show below Enter proper configurations then click Save Apply Time settings This page allows you to the modem s time configuration Device Info Zeeceeeened Advanced Setup Wireless First NTP time server clock fmt he net i Diagnostics Management Second NTP time server None hd Settings System Log SNMP Agent Internet Time Access Control Time zone offset GMT 12 00 International Date Line West v Save Apply Update Software Save Reboot Figure3 7 3 Internet Time Setup 4 9 6 Access Control 4 9 6 1 Access Control Services Click Access Control gt Services to show the following interface In the interface you can enable disable the FTP HTTP ICMP SSH TELNET and TFTP services And the LAN side and WAN side can have different configurations 164 Access Control Services Service Control List SCL enables or disables services from being used Deyice Info Advanced Setup Wireless Services LAN WAN Diagnostics A ES FTP O Enable E Enable Setti i Fi es HTTP V Enable Enable System Log SNMP Agent ICMP Enable Enable Internet Time ES pre hecess Control SP ea Best i E ervices TELNET Y Enable E Enable IP Addresses Passwords TFTP Y Enable 5 Enable Update Software Save Reboot Save Appl
153. he same key as the Radius server s WEP Encryption Enable WEP Encryption This is default Encryption Strength click the desired Data Security level to be 64 bit or 128 bit Current Network Key Select one of network key that you set on the Key boxes as default one Network Key 1 to 4 Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys or enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys to fill out WEP keys box The system allows you to type in 4 kinds of the WEP key Click Save Apply to save the wireless security options and make the change take effect A SA wee wore ma 4 a Hg AR jf Device Info Advanced Setup Wireless Raske Security MAC Miter Wireless Bridge Adwanced n Station Info Hel Yatt Leb Storage Diagnostics Management Manual Set ip AP Figure3 1 10 Wireless Security 802 1x Authentication 119 o WPA Authentication Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be WPA WPA Group Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the client Radius Server IP Adress Enter the IP Address of the authentication server Radius Port Enter the port number of the authentication server The default port number is 1812 Radius Key Enter the same key as the
154. hree part info AIM Interface Statistics In Octets Out Octets In Errors In Unknown In Hec Errors In Invalid Vpi Vci Errors In Port Not Enable Errors In PTI Errors In Idle Cells In Circuit Type Errors In OAM RM CRC Errors In GFC Errors AALS Interface Statistics In Octets Out Octets In Ucast Pkts Out Ucast Pkts In Errors Out Errors In Discards Out Discards AALS VCC Statistics VPI VCI CRC Errors SAR Timeouts 32 Oversized SDUs Short Packet Errors Length Errors ATM Interface Statistics In Out In In In Hec In Invalid In Port In PTI In InCircuit In 0AM In GFC Octets Octets Errors Unknown Errors VBEVEE MOL Eres Errors ue Type RMERL Errors Device Info Errors Errors Cells Errors Errors Falis 16464 8256 0 0 o 0 o 0 0 0 0 0 WAN Statistics AALS5 Interface Statistics LAN In Octets Out Octets In Ucast Pkts Out Ucast Pkts In Errors Out Errors In Discards Out Discards WAN 16464 8256 144 T7 0 0 0 0 ADSL AALS YCC Statistics Route YPI VCI CRC Errors SAR Timeouts Oversized SDUs Short Packet Errors Length Errors ARP DHCP 8 35 0 0 0 0 a Advanced Setup Wireless Reset sal Diagnostics Management Figure 2 3 6 Statistics of ATM 4 3 7 Statistics of ADSL Click Statistics gt ADSL to show the following interface If the DSL line is activated the following window will show Statistics ADSL ode ADSL2 Device Info Line Coding Trellis On Summary Status No De
155. idge 4 5 3 5 Wireless Advanced BSSID 00 74 04 17 C4 22 00 08 5C 7C 13 B1 00 73 07 20 E6 5D 00 73 07 20 E6 13 Refresh This page allows you to configure advanced features of the wireless LAN interface You can select a particular channel on which to operate force the transmission rate to a particular speed set the fragmentation threshold set the RTS threshold set the wakeup interval for clients in power save mode set the beacon interval for the access point set XPress mode and set whether short or long preambles are used Device Info Quick Setup Advanced Setup Wireless Basic Security MAC Filter Wireless Bridge Advanced Station Info Voice Usb Storage Diagnostics Management Wireless Advanced This page allows you to configure advanced features of the wireless LAN interface You can select a particular channel on which to operate force the transmission rate to a particular speed set the fragmentation threshold set the RTS threshold set the wakeup interval for clients in power save mode set the beacon interval for the access point set XPress mode and set whether short or long preambles are used Click Apply to configure the advanced wireless options Band Channel Auto Channel Timer min 3549 Rate Multicast Rate Basic Rate Fragmentation Threshold RTS Threshold DTIM Interval Beacon Interval XPressM Technology S4g Mode 549 Protect
156. ificate Wireless Encapsulation Mode Diagnostics 7 LLC SNAP ROUTING Management as Figure 2 6 10 IP over ATM IPoA Click Next to show the following interface O In this interface you can modify the WAN IP Default Gateway and DNS Server settings WAN IP Settings Enter information provided to you by your ISP to configure the WAN IP settings Device Info See oe Notice DHCP is not supported in IPo4 mode Changing the default gateway or the DNS effects the whole system Configuring them WAN with static values will disable the automatic assignment from other WAN connection LAN o Mar IP Address 10 28 105 28 NAT i WAN Subnet Mask 255 0 0 0 Security N Subnet Mash Routing DNS Use the following default gateway DSL Use IP Address Use WAN Interface mer_8_35 nas_8_35 v Port Mapping Certificate y Wiret Use the following DNS server addresses ireless Primary DNS server Diagnostics Management Secondary DNS server Figure 2 7 1 PoA WAN IP Setting WAN IP Address Input the IP address of the WAN interface provided by your ISP WAN Subnet Mask Input the subnet mask concerned to the IP address of the WAN interface provided by your ISP Obtain Default Gateway automatically To obtain the IP address of the default gateway assigned by the uplink equipment such as BAS Use the following Default Gateway If you want to input the IP address of the default gateway by yourself click this entry and the
157. ing MO Dynamic DNS DSL ci Save Port Mapping Figure2 8 9 7 DNS Server Configuration overview If Enable Automatic Assigned DNS checkbox is selected this router will accept the first received DNS assignment from one of the PPPoA PPPoE or MER DHCP enabled PVC s during the 94 connection establishment If the checkbox is not selected enter the primary and optional secondary DNS server IP addresses The interface 1s below DNS Server Configuration If Enable Automatic Assigned DNS checkbox is selected this router will accept the first received DNS assignment from one of t Device Info PPPoA PPPOE or MER DHCP enabled PWC s during the connection establishment If the checkbox is not selected enter the Advanced Setup primary and optional secondary DNS server IP addresses Click Save button to save the new configuration You must reboot the WAN router to make the new configuration effective LAN NAT C Enable Automatic Assigned DNS Security Quality of Service RANTE i Primary DNS server 10 25 100 2 Routing DNS DNS Server Dynamic DNS DSL Print Server Secondary DNS server 110 28 100 7 Port Mapping Certificate Wireless Yoice Figure2 8 9 8 DNS Server Add Configuration Click Save button to save the new configuration NOTE You must reboot the router to make the new configuration effective 4 4 7 2 Dynamic DOMAIN NAME SERVICE DDNS 4 4 7 2 1 OVERVIEW Dynamic DNS allows binding of domain names
158. ing interface NOTE You need to reboot to activate this WAN interface and further configure services over this interface 58 Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN LAN NAT Security YPI CI Con ID Category Service Interface Protocol Igmp QoS VYilanid State Remove Edit 1 35 1 UBR br135 nas_135 Bridge N A Disabled N A Enabled 8 35 1 UBR ipoa_8 35 ipa8 35 IPoA Disabled Disabled N A Enabled Add Remove Save Reboot Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 7 4 PoA Setup Complete 4 4 1 9 IPoA PVC network application 192 168 1 2 JON 20 14 4 1 Es 192 168 4 1 20 1 1 2 oats ami 192 468 4 2 Y Hub BOaL A E DELAH ERAS PCs IP over ATM Descriptions In this example the MODEM is connected to the DSLAM through PVC 8 35 and the access mode is the IPOA NAT The downlink interface of BRAS is encapsulated in 1483R the IP address is 20 1 1 1 the IP address of the uplink interface is 10 61 92 157 the WAN IP address of the MODEM is assigned as 20 1 1 2 the PC attached to the MODEM is assigned with a private IP address within the same segment as the management IP address 192 168 1 1 the NAT functions of the MODEM is enabled and the private address of the PC is translated into the public add
159. ings This page allows you to enable disable printer support Device Info Advanced Setup Enable on board print server WAN i LAN Printer name hp3845 NAT Make and model Hp DeskJet 3845 Security Quality of Service DNS DSL Print Server Port Mapping IPSec Certificate Wireless Voice Usb Storage Diagnostics Management Figure2 9 2 Print Server Config 4 4 9 2 Configuring Print Server on the Windows Host The configuring sequence Step1 Click on Add a printer from Control Panel of the Win XP computer and click Next A pe Printers and Faxes File Edit View Favorites Tools Help Back d pa Search We Folders ER Address S Printers and Faxes E Mame Documents Status Comments Location Printer Tasks ES a Adobe PDF o Ready My Documents A E ls Add a printer o E o Ready Ga MM Fax Print Driver 0 Ready gt Set up Faxing Start the Add Printer Wizard which helps you install a printer Ready 80184 1 Hsin Chu Level 8 50164 1 AE i T A Ready 80194 1 Hsin Chu Level 8 50194 1 See Also 2 Troubleshoot printing g Get help with printing Other Places ES Control Panel 3 Scanners and Cameras E My Documents 2 My Pictures Y My Computer Details 98 Add Printer Wizard Welcome to the Add Printer Wizard This wizard helps you install a printer or make printer connections through a USB port or any other hot pluggable port such as IEEE 1394
160. ion Preamble Type Transmit Power WWMM CAI FI Multimedia WMM No Acknowledgement WWMM APSD 2 4GHz dE Auto x duto yv Current 11 D ef alt 2346 2347 1 100 Disabled 54g Auto Auto long v Auto y Disabled Enabled Save Apply Figure3 3 1 Wireless Advanced Band Select 802 11b g using wireless frequency band range The radio frequency will remain at 2 437GHz Channel Fill in the appropriate channel to correspond with your network settings 11 is the default channel All devices in your wireless network must use the same channel in order to work correctly This router supports auto channelling functionalty Auto Channel Timer min Specifies the timer of auto channelling 54g Rate Select the transmission rate for the network The rate of data transmission should be set depending on the speed of your wireless network You can select from a range of transmission speeds or you can select Auto to have the Router automatically use the fastest possible data rate 127 and enable the Auto Fallback feature Auto Fallback will negotiate the best possible connection speed between the Router and a wireless client The default value is Auto o Multicast Rate Select the multicast transmission rate for the network The rate of data transmission should be set depending on the speed of your wireless network You can select from a range of tran
161. ion as below Summary WAN Statistics Route ARP DHCP Summary WAN Statistics Route ARP DHCP Figure 2 3 Device Information Menu 4 3 1 Summary of Device information This interface contains the following information Board ID Software Version Bootloader CFE Version Wireless Driver Version Upstream Line Rate Downstream Line Rate LAN IP Address The management IP address Default Gateway No gateway in a pure bridging mode under other modes such as PPPOE PPPOA it is the address of the uplink equipment DNS Server address Obtained from the uplink equipment in PPPOE PPPOA mode No DNS Server address in a pure bridging mode or input them manually 29 Device Info Board ID 06348GWW 10 Software Version 3 D6L 06 42pB02195 d19d Summary WAN Bootloader CFE Version 1 0 37 6 8 Statistics Wireless Driver Version 3 131 35 4 cpe2 0 Route ARP This information reflects the current status of your DSL connection DHCP Advanced Setup Line Rate Upstream Kbps Wireless Line Rate Downstream Kbps Diagnostics LAN IP Address 192 168 1 1 Management Default Gateway Primary DNS Server 192 168 1 1 Secondary DNS Server 192 168 1 1 Figure 2 3 1 summary of Device information 4 3 2 WAN Interface information Click WAN to show the following interface depend on the selected connection mode the Summary screen shows the status and also the connect or disconnect button
162. irtual Servers Setup In 1ts default state DSL router blocks all external users from connecting to or communicating with your net work Therefore the system 1s safe from hackers who may try to intrude on the network and damage 1t However you may want to expose your network to the Internet in certain limited and controlled ways in order to enable some applications to work from the LAN game voice and chat applications for example and to enable Internet access to servers in the home network The Port Forwarding feature supports both of these functionalities If you are familiar with networking terminology and concepts you may have encountered this topic referred to as Local Servers The Port Forwarding screen lets you define the applications that require special handling by DSL router All you have to do is select the application protocol and the local IP address of the computer that will be using or providing the service If required you may add new protocols in addition to the most common ones provided by DSL router For example if you wanted to use a File Transfer Protocol FTP application on one of your PCs you would simply select FTP from the list and enter the local IP address or host name of the designated computer All FTP related data arriving at DSL router from the Internet will henceforth be forwarded to the specific computer Similarly you can grant Internet users access to servers inside your home network by identifying each service
163. le configuration file only contains the information for 1001 To add other extension simply add similar section in SIP conf Before rushing to next step make sure Asterisk 1s running 4 6 4 1 2 Configure DSL ROUTER SIP DSL ROUTER s SIP configuration page is shown below Domain proxy and registrar must be set to Asterisk s IP and they are the same Extension and authentication credential must be the same as what you set in SIP server After basic filling 1s complete just press the buttons below to re run SIP module to make these settings take effect Voice SIP configuration Enter the SIP parameters and click Start Stop to save the parameters and start stop the voice application yp A E E y ar o Interface name _ppp_0_8_35_1 pppoe_0_8_35_1 Locale selection USA United States w Preferred codec list none none v none v none none none v Preferred ptime 20 SIP domain name 192 168 1 237 Use SIP Proxy SIP Proxy 192 168 1 237 SIP Proxy port 5060 C Use SIP Outbound Proxy Use SIP Registrar SIP Registrar 192 168 1 237 SIP Registrar port 5060 Authentication LineDisabled Extension Display Name AS Password Name 1 a 1001 1001 1001 esse 2 i Start SIP client Figure 3 5 1 Voice SIP configuration 4 6 4 1 3 Configure the soft phone Soft phone is configured with extension 1002 The configuration window is shown in
164. le to classify the upstream traffic Assign queue which defines the precedence and the interface and optionally overwrite the IP header DSCP byte After Qos classification Qos divides capacity between the different applications and provides undelayed continuous data transfer where data packet with higher priority are given preference The follow diagram show how Qos classify the QOS classify dispose Allocate queue Flow control The input DSCP COs AP pronty packet s Figure 1 1 name picture Click Qos Classification to pop up an interface as below In this interface you can configure network traffic classes 83 a Quality of Service Setup Choose Add or Remove to configure network traffic classes Device Info Quick Setup If you disable WMM function in Wireless Page classification related to wireless will not take effects Advanced Setup MARK TRAFFIC CLASSIFICATION RULES S Destination AN Class DSCP Queue 802 1P Lan Protocol DSCP Source Source Dest Dest cae ss 802 1P Orde LAN Name Mark ID Mark Port Addr Mask Port Addr Mask Port j Quality of Service Addr Mask Addr Mask Queue Config add Save Appl QoS Classification d aveyApply Routing DSL Print Server Port Mapping Certificate Wireless Voice Diagnostics Management Figure2 8 8 8 Qos Classification Conifg overview Click Add to show the following interface ee is Add Network Traffic Class Rule The s
165. less LAN of SSID to be open or shared WEP Encryption Enable WEP Encryption Encryption Strength click the desired Data Security level to be 64 bit Current Network Key Select one of network key that you set on the Key boxes as default one Network Key 1 to 4 Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys to fill out WEP keys box The system allows you to type in 4 kinds of the WEP key Click Save Apply to save the wireless security options and make the change take effect 117 Device Info mia A Gite T Advanced Setup Winns Dasi Securliy MAC Filer Wireless Bridge Aranda Talim Info a Wice Usb Storage Diagnostics Mino Enabled HM bit Figure3 1 8 Wireless Security 64 bit WEP o 128 bit WEP Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be open or shared WEP Encryption Enable WEP Encryption Encryption Strength click the desired Data Security level to be 128 bit Current Network Key Select one of network key that you set on the Key boxes as default one Network Key 1 to 4 Enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys to fill out WEP keys box The system allows you to type in 4 kinds of the WEP key Click Save Apply to save the wireless security options and make the change take effect Device belo fubeancad Setup MWincless iasi Sec
166. let the third party answer the transferred call and then hook on the transferring party It more gentle than blind transfer a Assume you have already been in a voice connection with a first party Press FLASH to hold the first party Dial a third party After the third party answers the call hook on your phone oe Oo Ff Now the first party takes over the call and is in connection with the third party 4 6 3 11 Call forwarding no answer If this feature enabled incoming calls will be forwarded to third party when you doesn t answer them It involves two steps setting the forwarding number and enable the feature a Dial 74 lt NUM gt to set forwarding number where NUM is the number of the party whom the call is forwarded to b Dial 71 to enable call forwarding no answer That is when our phone doesn t answer incoming call this call will be forwarded c Press 70 will disable call forwarding no answer 4 6 3 12 Call forwarding busy If this feature enabled incoming calls will be forwarded to third party when you busy It involves two steps setting the forwarding number and enable the feature a Dial 74 lt NUM gt to set forwarding number where NUM is the number of the party whom the call is forwarded to Note if we have already set forwarding number before this step can be omitted b Press 72 to enable call forwarding busy That is when our phone gets busy this c
167. lick Save Reboot to apply the changes and reboot the system You can also modify the PVC 8 35 If you need to modify the LAN IP address and DHCP server information you can do it in LAN in Advanced Setup After the configuration is done the IP address that the MODEM obtains at the WAN side port nas_8_35 Query Device Info gt Route and the routing table is as follows Destination Gateway Subnet Mask Flag Metric Service Interface 192 166 1 0 0 0 0 0 299 295 255 0 U O bro 10 28 108 0 0 0 0 0 299 295 255 0 U O mer_8_35 has_8_35 0 0 0 0 10 28 108 1 0 0 0 0 UG 0 mer_8_39 as_8_35 If Enable NAT is disabled during the configuration you must configure the route on the BRAS otherwise you cannot access your ISP In applications Enable NAT must be checked 4 4 1 8 Add IPoA PVC Click Add to add a certain piece of PVC The following descriptions are given by an example of adding PVC 8 35 IPoA mode O Click Add following PVC 8 35 Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN PI YCI Con ID Category Service Interface Protocol Igmp QoS Vianid State Remove Edit tal 1 35 1 UBR br_1_35 nas_1 35 Bridge N A Disabled N A Enabled NAT od Remove Save Reboot DNS DSL Port Mapping Certificate Wireless Diagnostics Manag
168. ll use the default PPPoE PPPOA connection type The Setup Wizard can be used to configure a PPPoE PPPoA connection type You may need to specify one of the following connection types PPPoE LLC PPPoA LLC or PPPoA VC MUX The other available connection and encapsulation combinations must be configured using the web manager These include Bridge Mode 1483 Bridged IP LLC or 1483 Bridged IP VC MUX and Static IP Bridged IP LLC 1483 Bridged IP VC MUX 1483 Routed IP LLC 1483 Routed IP VC MUX or IPoA etc Username This is the Username used to log on to your ADSL service provider s network It is commonly in the form user isp com Your ADSL service provider uses this to identify your account Password This is the Password used in conjunction with the Username above to log on to your ADSL service provider s network This is used to verify the identity of your account Information you will need about your DSL Router Residential Gateway LAN IP addresses for the This is the IP address you will enter into the Address Record DSL Router field of your web browser to access the gateway s info here configuration graphical user interface GUI using a web browser The default IP address is 192 168 1 1 and 1t 1s referred to as the Management IP address in this User s Manual This may be changed to suit any IP address scheme the user desires This address will be the base IP address used for DHCP service on the LAN when DHCP is
169. lt gateway Use IF Address Lise WAN Interface Obtain DNS server addresses automatically Use the following DNS server addresses Secondary ONS server fs Figure 2 2 2 3 2 WAN IP config page Your Internet Service Provider ISP should provide you with the following You can also select another service function as below Obtain an IP address automatically use dhcp to obtain wan ip Use the following IP address use static wan ip Advanced DMZ Obtain default gateway automatically use dhcp to obtain gateway ip Use the following default gateway use static gateway ip Obtain DNS server addresses automatically use dhcp to obtain DNS server ip Use the following DNS server addresses use static DNS server ip D We click Next button enter wan and gmp function information config page If you want to use IGMP service on MER pvc we must select Enable IGMP Multicast box In MER mode There are some functions Enable NAT Enable Fullcone NAT Enable Firewall 23 Metwork Address Translation Settings Network Address Translation WAT allows you to share one Wide Area Network An Local rea Network LAN Enable MAT Enable Fullcone WAT Enable Firewall Enable IGMP Multicast and WAN Service Enable IGMP Multicast Enable WAN Service service Mame mer_0 0 35 Figure 2 2 2 3 3 MER IGMP and WAN service page 4 2 1 6 Internet Connection Type IP over ATM IPoA A From Figure
170. me cese we need use multi route table Suppose the subnet connect with internet by a router that is of two lines the one line is of fast speed the other line 1s of slow speed Lost of users in the subnet have no special requirement for the speed so they could use the slow line but some special users have rigor requirement for the speed so they must use the fast line If we use one route table it can t reach the aim Route data packet base on sourec address or other parameter use mutl route table for mutli user s requirement so it can boost the router s performance 4 4 6 4 2 Rule Rule is the key concept in the policy route we can describe rule use nation language as a example we can specify these rule Rule one All the packets from 192 16 152 24 use route table 10 the PRI is 1500 Rule two All the packets use route table 253 the PRI is 32767 We can know that the rule contain three element Which packet would apply such rule What action would be adopt for the packet accord with such rule as use which table Which PRI of such rule higher PRI s rule prior match the value more little the PRI more highter 4 4 6 4 3 Principle The policy route provided in the release 3 10L02 mainly bind the lan interface whih wan interface just the packet come in from one lan interface can be transmit from one PVC by specify First at the second layer use ebtables mark the packet come in from lan interface then at the third layer us
171. ments below to protect the device from risks and damage caused by fire and electric power e Use volume labels to mark the type of power e Use the power adapter which is packed within the device package e Pay attention to the power load of the outlet or prolonged lines A overburden power outlet or damaged lines and plugs may cause electric shock or fire accident Check the power cords regularly If you find any damage replace it at once e Proper space left for heat radiation is necessary to avoid any damage caused by overheating to the device The long and thin holes on the Access Point are designed for heat radiation to make sure the device works normally Don t cover these heat radiant holes e Do not put this device close to a place where a heat source exits or high temperature occurs Avoid the device from direct sunshine e Do not put this device close to a place where is over damp or watery Do not spill any fluid on this device e Do not connect this device to any PC or electronic product unless our customer engineer or your broadband provider instructs you to do this because any wrong connection may cause any power or fire risk e Do not place this device on an unstable surface or support 1 10 LED Status Description 1 10 1 LED Status Description G G G GO G O G G Power DSL Internet 4 3 2 1 USB1 USB2 WLAN VolP1 VolP2 L Ethernet WLAN aa cn VoIP available C DSL 1 10 2 Rear panel
172. n ENET4 present the fourth lan interface gt The Wan interface is the route PVC configed by user contain PPPOE PPPOA MER IPOA etc gt Select the lan interface and wan interface click button save apply save configure as figure 3 91 Routing Policy Route A maximum 32 entries can be configured Lan Interface wan Interface Remove EMET 1 lbpp_o_0_a2 1 Device Info Advanced Setup MAA EMNETZ pop Oo e 35 1 LAP NAT Agda Rernore Security Quality of Service Routing Default Gateway Static Route RIP Policy Route DAIS DSL Print Server Port Wapping Certificate Wireless WOCE Usb Storage Diagnostics Management figure 3 the configure page of policy route If want to delete the route rule select the checkbox button Remove then click button Remove Warning one lan interface can bind with onw wan route PVC if the lan interface is binded it will tip add error 4 4 6 4 5 Test The test network topology adopted as figure 4 figure4 the test network topology Warning PC should directly connect with CPE by reticle moreover at the CPE side the reticle should insert into the first interface Step 1 First config two PPPoE PVC reset CPE then two PVC should dial succeed as figure 5 WAN Info 3 LAN Con 5 Device Info Port WPI WCI Mux 1D Category Service Interface Protocol Igmp Qos State Status IP Address Summary
173. n input related data in the fields Otherwise to obtain the IP address of the default gateway assigned by the uplink equipment such as BAS Use IP Address Input the gateway of the WAN interface provided by your ISP Use WAN Interface As to BAS equipment it is the IP address of the downlink interface Obtain DNS server address automatically To obtain the IP address of the DNS server assigned by the uplink equipment such as BAS Use the following DNS server addesses If you want to input the IP address of the DNS server by yourself click this entry and then input related data in the fields Primary DNS server Input the IP address of the primary DNS server here Secondary DNS server Input the IP address of the secondary DNS server provided by your ISP here 57 After correctly modifications click Next to show the following interface O In this interface you can modify the Service name and enable disable the NAT Firewal IGMP Multicast WAN Service Network Address Translation Settings Network Address Translation NAT allows you to share one Wide Area Network WAN IP address for multiple computers on your Device Info Local Area Network LAN Advanced Setup WAN Enable NAT Y ia Enable Firewall y NAT Security Routing Enable IGMP Multicast and WAN Service DNS DSL Enable IGMP Multicast Port Mapping Enable WAN Service Y Certificate Wireless service Name ipoa_8_35 Diagnostics Management Figure 2 7 2 PoA
174. nable Quality Of Service enable disable In this example PVC 8 35 is required to modify so service category and QoS will remain default values In actual applications you can modify them depending on your practices After proper modifications click Next to show the following interface O In this interface you can modify Internet Connection Type and Encapsulation Type 45 Device Info Advanced Setup WAN LAN NAT Security Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that your ISP has instructed you to use Note that 802 19 VLAN tagging is only available for PPPoE MER and Bridging D PPP over ATM PPPoA gt PPP over Ethernet PPPoE MAC Encapsulation Routing MER IP over ATM IPoA Bridging Encapsulation Mode LLC SNAP BRIDGING v Enable 802 1q O Figure 2 5 4 Internet Connection Type and Encapsulation Type page Change the connection type of PVC 8 35 to PPP over ATM PPPoA Select PPP over ATM PPPoA and VC MUX depending on the uplink equipment generally VC MUX as Encapsulation Mode Device Info Advanced Setup WAN LAN NAT Security Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC
175. nced Setup wireless WMM voice Priority 1 1 WAN wireless WWMM Yoice Priority 2 2 LAN NAT wireless WWMM ideo Priority Security wireless WWMM ideo Priority 4 4 Quality of Service Queue Config wireless wM Best Effort QoS Classification wireless WMM Background 6 6 Routing DNS wireless WWMM Background 7 7 DSL wireless WMM Best Effort Print Server Port Mappmig dd Remove Save Reboot Certificate Wireless Voice Usb Storage Diagnostics Management Figure3 3 2 Wireless Queue Config From the figure we can see that Background Best Effort Video and Voice are access categories for packet prioritization Upon enabling WMM the highest priority is given to Voice packets decreasing towards Background packets which receive the lowest priority 4 5 3 7 Qos Classification WMM or Wi Fi MultiMedia enhances QoS at wireless driver level It provides a mechanism to prioritize wireless data traffic to and from the associated WMM capable stations Network traffic 129 classes is automatically assigned according to DSCP in TCP IP header Extended Wireless QoS Classification can choose Add QoS Entry or Remove QoS Entry to configure In the Add Edit Wireless Quality of Service Rule WEB interface you can edit a rule consists of a class name Wireless Transmit Priority and at least one condition as Protocol Source IP Address Source Subnet Mask UDP TCP Source Port port or port port Destination IP Address Destinati
176. nd gmp function information config page If you want to use IGMP service on ipoa pvc we must select Enable IGMP Multicast box In MER mode There are some functions Enable NAT Enable Fullcone NAT Enable Firewall Network Address Translation Settings Network Address Translation NAT allows you to share one Vide Area Network WANS Local Area Network LAM Enable WAT Enable Fullcone WAT Enable Firewall Enable IGMP Multicast and WAN Service Enable IGMP Multicast Enable WAN Service Service Mame Ipoa_O_ O35 Figure 2 2 2 4 3 IPOA IGMP and WAN service page 25 4 2 1 7 Internet Connection Type Bridging A From Figure 2 2 1 config PVC and Qos of Pvc B From Figure 2 2 2 Select IP over ATM IPoA from the Connection Type box and It s Encapsulation Type from the Encapsulation Mode combo box Connection Type Select the type of network protocol and encapsulation mode over the ATM PYC that your ISP has instructed y 802 19 VLAN tagging is only available for PPPoE MER and Bridging PPP over ATM PPPOA PPP over Ethernet PPPOE MAC Encapsulation Routing MER IP over ATM IPod O Bridging Encapsulation Mode LLC SNAP BRIDG ING Figure 2 2 2 5 1 Bridging C We click Next button enter wan a function information config page Unselect the check box below to disable this WAWN service Enable Bridge Service Service Mame b0 0 35 Figure 2 2 2 5 2 Bri
177. necessary 1 If you want to setup DMZ Host you should enable the PPP IP extension at first 2 Non DMZ IP Address The DMZ Host IP Address you can modify it by hand 3 Non DMZ Net Mask The DMZ Host Subnet Mask it is build upon the DMZ Host IP Address Use Static IP Address If disabled it the MODEM through PPPOE dial up to obtain an IP address assigned by an uplink equipment such as BAS If enable it the MODEM use this IP as the WAN IP address After input the PPP Username and PPP Password click Next to show the following interface O In this interface you can modify the Service name and enable disable the IGMP Multicast WAN Service Enable IGMP Multicast and WAN Service Dewees Tato Enable IGMP Multicast Advanced Setup WAN Enable WAN Service W LAN Service Name pppoe_8 35 1 NAT Security Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 4 8 PPPoE IGMP and WAN service page IGMP Multicast IGMP proxy For example if you need PPPoE mode support IPTV please enable it WAN Service Please enable it unless you don t need to active the PVC Click Next to show the following interface O In this interface it show the all configuration You can see some default values NAT enable Firewall enable 41 Device Info Advanced Setup WAN WAN Setup Summary Make sure that the settings below match the settings provided by your ISP VPI VCI Co
178. nfiguration Status Enable Queue PVC 0 8 81 Y Queue Precedence 2 Figure2 8 8 6 QoS Queue Config example After proper modifications click Save Apply to show the following interface This configuration will take effective at once 82 QoS Queue Configuration A maximum 24 entries can be configured If you disable WMM function in Wireless Page queues related to wireless will not take effects z Interfacename Description Precedence Queue Key Enable Remove Device Info Quick Setup irele WWMM Voice Priority 1 1 Advanced Setup z A irele WMM Voice Priority 2 2 WAN LAN wireless MM Video Priority 3 Quality of Service irele MIM Video Priority 4 4 Queue Config QoS Classification wireless WWMM Best Effort 5 5 Routing irele WMM Background 6 6 DSL Print Server irele WMM Background 7 7 Port Mapping wirele WMM Best Effort 8 8 Certificate Wireless R Y Voice l a 10 7 Diagnostics Management g Aca Remove Save Reboot Figure2 8 8 7 QoS Queue Config Complete If you want to delete a certain queue you can disable this queue and choose this queue last click Remove botton to delete it After the queue config is already configured you can creates serval traffic class rule to classify the upstream traffic 4 4 5 3 QoS QoS Classification Some application require that specific bandwiths ensure its data be forward in the time Qos classification can creates traffic class ru
179. ning their networks Traditionally the concept of quality in networks meant that all network traffic was treated equally The result was that all network traffic received the network s best effort with no guarantees for reliability delay variation in delay or other performance characteristics With best effort delivery service however a single bandwidth intensive application can result in poor or unacceptable performance for all applications The QoS concept of quality 1s one in which the requirements of some applications and users are more critical than others which means that some traffic needs preferential treatment im Figure 4 4 5 Quality of Service 80 4 4 5 1 Enable QOS In this interface you can do QOS queue management configuration By default the system 1s enable QOS and set a default DSCP mark to automatically mark incoming traffic without reference to particular classifier Click Advance Setup gt Quality of Classification to show following interface QoS Queue Management Configuration If Enable QoS checkbox is selected choose a default DSCP mark to automatically mark incoming traffic without reference to a Device Info particular classifier Click Save Apply button to save it Advanced Setup WAN LAN Security Note If Enable Qos checkbox is not selected all QoS will be disabled for all interfaces Quality of Service Note The default DSCP mark is used to mark all egress packets that do
180. nnection Type R 8 35 PPPOE LAN z T Service Name pppoe_8_35_1 NAT Service Category UBR Security gory Routing IP Address Automatically Assigned DNS Service State Enabled DSL NAT Enabled et pene Firewall Enabled Certificate a i IGMP Multicast Disabled Wireless Diagnostics Quality Of Service Disabled Management Click Save to save these settings Click Back to make any modifications NOTE You need to reboot to activate this WAN interface and further configure services over this interface Figure 2 4 9 PPPoE Setup Summary Click Save to save these settings And you can click Back to make any modifications After you click Save it show the following interface NOTE You need to reboot to activate this WAN interface and further configure services over this interface Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN Con Y PI CI 1 Category Service Interface Protocol Igmp QoS Yilanid State Remove Edit LAN NAT 1 35 1 UBR br_1_35 nas_1 35 Bridge Ns Disabled N A Enabled HO Security Routing 8 35 1 UBR pppoe_8_35_1 ppp_8 351 PPPOE Disabled Disabled N A Enabled DNS Port Mapping Certificate Wireless Diagnostics Management Figure 2 4 10 PPPoE Setup Complete 4 4 1 2 PPPoE PVC Network Application Dynamic Public IP 192 168 1 3 19946844 assigne
181. o CPU cycles are used to calculate and communicate routes The main disadvantage to using static routes is the lack of automatic reconfiguration if the network topology changes Static routes can be redistributed into dynamic routing protocols but routes generated by dynamic routing protocols cannot be redistributed into the static routing table No algorithm exists to prevent the configuration of routing loops that use static routes Static routes are useful for smaller networks with only one path to an outside network and to provide security for a larger network for certain types of traffic or links to other networks that need more control In general most networks use dynamic routing protocols to communicate between networking devices but may have one or two static routes configured for special cases Routing Static Route Add Enter the destination network address subnet mask gateway AND OR available WAN interface then click Save Apply to add the entry to the routing Device Info table Advanced Setup Destination Network Address 10 11 102 4 NAT Subnet Mask 255 255 0 0 Security Quality of Service MJ use Gateway IP Address 192 168 1 2 Routing Y Use Interface pppoe_0_8_35_1 ppp_0_8_35_1 v Default Gateway Static Route RIP DNS DSL Print Server Port Mapping Certificate Wireless Voice Usb Storage Diagnostics Management Figure2 8 9 5 Static routes Add Config Add static route gt Entry
182. oc equal to the selected level will be displayed If the selected mode is Remote or Both events will be sent to the specified IP address and UDP port of the PINO Both events will be recorded in the local memory Advanced Setup Wireless Select the desired values and click Save Apply to configure the system log options Diagnostics Management Log Disable 1 Enable Settings gt Log Level Debugging y SNMP Agent Display Level Ex ror gt Internet Time Mode Access Control AO aaga Update Software Server U t Save Reboot erver UDP Port 51 Save Apply Figure 3 6 4 System Log Config2 After operations under Configure System Log click View System Log to query the system logs In this example the View System Log 1s a system default one Note The log and display of the system events are above the set level If you intend to record all information you need to set the levels as Debugging System Log Date Time Facility y Severity Message ss Dan 1 01 36 08 1 01 38 08 33 08 huser crit ban 1 01 38 16 1 01 38 16 luser crit ban 1 01 38 20 1 01 38 20 luser crit kernel ADSL G 994 training ADSL 6 994 training Gee E ADSL 6 992 started kernel ADSL 6 992 channel analysis lan 1 01 38 24 user crit k kernel ADSL G 992 message exchange lan 1 01 38 25 1 01 38 25 user crit Ea ADSL link up interleaved us 1146 ds 25505 Jan 1 01 38 26 Jan 1 01 38 26 daernon Eat pppd 628 PPP
183. of BRAS is encapsulated as 1483B the IP address is 10 28 108 1 the IP address of the uplink interface is 10 61 92 157 The PC attached to the MODEM is assigned a public IP address and the gateway is 10 28 108 1 Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type interface select Bridging and LLC SNAP BRIDGING as the encapsulation and then click Next 5 In the Unselect the check box below to disable this WAN service interface keep the default configuration unchanged and then click Next 6 Check the network configurations and make sure that all settings agree with the data provided by your ISP and then click Save 7 Click Save Reboot to apply the changes and reboot the system You can also modify the PVC 8 35 If you need to modify the LAN IP address you can do it in LAN of Advance Note In the pure Bridging mode there is no interface at the WAN side of the MODEM 4 4 1 12 Remove Pvc 4 4 2 LAN configuration You can use the LAN configuration to define an IP address for the DSL Router and configure the DHCP server Local Area Network LAN Setup Configure the DSL Router IP Address and Subnet Mask for LAN interface
184. ogy 4 6 4 2 1 Configure DSL ROUTER SIP In SIP configuration page set PSTN call routing rule and route data as follows ARE Voip FSIN Call switch to voip call Ml Routing PSTN Call Routing Data 1002 Figure 3 5 4 Configure DSL Router SIP Stop and start SIP call client to make the change take effect 4 6 4 2 2 Test PSTN to VoIP call As the figured depicted if PSTN user 2002 dials 2001 1002 soft phone will get the call 4 7 Usb Storage We Access the Usb Storage device on DSL router We must use FTP Protocol to operate usb device There are two functions in this chapter FTP Server function Lan side PC can logon to operate USB file FTP Client function Can download file from internet to USB 151 ftp Server 192 165 1 3 RADIUS USE Server Figure 3 5 5 Usb Storage topology 4 7 1 FTP Server Configure FTP FTP File Transfer Protocol is a protocol for exchanging files on the Internet The standard Internet protocol for downloading or transferring files from one computer to another You can use this standard for example to offer files for downloading or to receive files from other users 4 7 1 1 Setting Parameters and configure example FTP Listening Port The default FTP Listening Port is 21 here the user can modify the port value Max Connections for the same IP It means the max connections the user going to set note that 0 means no restrict It connects automatically FTP Account Management
185. ol version for SNMPvl at the read community and set community inputbox input the string as the same with figure 3 6 8 then click OK button 160 At Remote SNMP agent inputbox input the CPE s ip address as 192 168 1 1 then click SNMP menu item select the contact sub menu item If connect to CPE successful in the Query result will output the result as figure 3 6 10 A SAI MI A IEA Ug aloj x File Edit View SMF Action Tools Window Help Quey MIB Pina Remote SMMP agent 192 168 1 1 El gt Split f Vertical E ql MIB Tree FE ecitt 153 iso Query results Welcome to MG SOFT MIB Browser Professional Edition Remote address 192 168 1 1 port 161 transport IP UDP Local address 192 168 1 253 port 3109 transport IP UDP Protocol version SNMP Yy1 1 syeUpTime O timeticks O days D0h 21m 16 19th 127619 Remote SHP agent 192 168 1 1 contact Ssmi ae Figure3 6 9 MIB operation Under SNMP menu item there is walk menu item exec the walk operation if success in the Query results output as figure 3 6 10 161 MG SOFT HIB Browser Professional Edition loj xj File Edit View SHMP Action Tools Window Help alza Guay me Pino Tesanonaconaconacnnd Remote SNMP agent m Split 192 168 1 1 Bl El I Vertical MIB tree y MIB Tree H E coit H 6 iso Query results SNM
186. on Subnet Mask and UDP TCP Destination Port port or port port All of the specified conditions in this classification rule must be satisfied for the rule to take effect Click Save Apply to save and activate the rule Device Indo fabsaincod Er WAN LAN MAT Security Aid etwat Traic Cass Euis tup julio of Service Assign ATH Priority and or OP Mark Tor the clara Quese Gontiq Dos Classification OSL Print Soracr Port Mapping Specify Traffic GloscHicatlon Rulez Certificate Wired Vue Lid Thorage Diarios lic ATEO Enter the following conditlone cither for P lewel BET 1 or for IEEE Y02 1p SET 2 IF Address aay AIN t f ail i Dimic Trifcr Advanced Setup AN LAN MAT Securily Quality of Service Quasar eati QoS Classification Ficmabinny OFS DSL Prini Server Port Mapping Cerlificabe Wireless H RH Usb Storage Diagnostics Management In the last click Figure 3 3 3 Wireless Qos Classification ADD Quality of service Setup for Piero lo conde obarik trait i yota tinabi WERI fonction in Wires Page choessilicalion related Lo wires will ool Galo els MARK TRARRE CLASSICA ON RULES Source Destination Chass DGLP Queue GUI Lan Source Source Lest Dest i A Protocol DECA MAL MAL 80 18 Order Enable Disable Remove Edit Name Mark ID mark Port Addr Mask Port Addr Mask Port Addr Mask Addr Mask Figure 3 3 4 Wireless Qos Classification Save Apply to configure the wireless QOS op
187. onal proxy through which all outgoing calls are directed In some cases the outbound proxy is placed alongside the firewall and is the only way to let SIP traffic pass from the internal network to the Internet When this item is checked the following fields become visible 140 SIP Outbound Proxy 0 0 0 0 SIP Outbound Proxy port jo Figure 3 4 6 SIP Outbound Proxy parameters SIP Outbound Proxy The Outbound Proxy s IP address SIP Outbound Proxy port The port that the Outbound Proxy is listening on Both of them default value are as showed in figure 2 1 4 6 2 1 8 Use SIP Registrar Figure 3 4 7 Use SIP Registrar Select this option to register with the proxy You can register your USER ID on the SIP Registrar SIP Registrar works with SIP Proxy allowing other parties to call DSL ROUTER through it When this item is checked the following field becomes visible SIP Registrar SIP Registrar port 5060 Figure 3 4 8 Use SIP Registrar Parameters SIP Registrar The SIP Registrar s IP address SIP Registrar port The port that SIP Registrar is listening on Default value is 5060 4 6 2 1 9 Line Settings ee l Authentication LineDisabled Extension Display Name i Password Tame ae ISS FE TE E 2 E o A O O Figure 3 4 9 Line Settings There are five options you can checked or filled in Line Disabled Line number is a telephone port in DSL ROUTER to which you can connect a standard POTS telephone If you checked
188. one end point to another WEP was the encryption scheme considered to be the initial standard for first generation wireless networking devices However it has been found that WEP is not as secure as once believed WEP is used at the two lowest layers of the OSI model the data link and physical layers it therefore does not offer end to end security WEP s major weakness is its use of static encryption keys When you set up a router with a WEP encryption key that one key is used by every device on your network to encrypt every packet that s transmitted But the fact that packets are encrypted doesn t prevent them from being intercepted and due to some esoteric technical flaws it s entirely possible for an eavesdropper to intercept enough WEP encrypted packets to eventually deduce what the key is 2 WPA is short for Wi Fi Protected Access it debuted to address many of WEP s shortcomings It includes two improvements over WEP Improved data encryption through the temporal key integrity protocol TKIP TKIP scrambles the keys using a hashing algorithm and by adding an integrity checking feature ensures that the keys haven t been tampered with User authentication which is generally missing in WEP through the extensible authentication protocol EAP WEP regulates access to a wireless network based on a computer s hardware specific MAC address which is relatively simple to be sniffed out and stolen EAP is built on a more secure public key enc
189. orks for years and have become more prevalent since the development of the intelligent network Frame relay networks which have been around for some time are VPNs Virtual private networks are only new to IP networks such as the Internet Therefore some authors use the terms Internet VPN and virtual private data network to distinguish the VPN described in this chapter from other VPNs In this book the term VPN refers to Internet VPN The goal of a VPN is to provide a secure passage for users data over the non secure Internet It enables companies to use the Internet as the virtual backbone for their corporate networks by allowing them to create secure virtual links between their corporate office and branch or remote offices via the Internet The cost benefits of VPN service have prompted corporations to move more of their data from private WANS to Internet based VPNs 4 4 11 2 ISAKMP ISAKMP Short for Internet Security Association Key Management Protocol is a definition of a high level abstract framework for point to point two party asymmetric key management protocols Being asymmetric one party assumes the role of initiator which begins the exchange of protocol messages by sending the first message The second is the responder which replies to the first message from the initiator ISAKMP makes a distinction between a key exchange and key management when the key is rolled to the next one Key exchange is mainly concerned with exchanging
190. otocol TCP or UDP that this port uses You then assign the public ports that are to be opened for the application to this trigger port You can select known Internet services or assign ports or port blocks manually Add port Triggering To set up port triggering for a service select Port Triggering from the Advanced Settings Dnet gt port Triggering add NAT Port Triggering Some applications such as games video conferencing remote access applications and others require that specific ports in the Router s firewall be opened Device Info for access by the applications You can configure the port settings from this screen by selecting an existing application or creating your own Custom Advanced Setup application and click Save Apply to add it WAN LAN NAT Virtual Servers Remaining number of entries that can be configured 32 Application Name elect an appi ation Port Triggering DIVIZ Host Security Quality of Service Trigger Port Start Trigger Port End Trigger Protocol Open Port Start Open Port EndOpen Protocol Routing 356 13568 UDP v 13100 3999 TCP UDP v DNS TCP v TCP v DSL Print Server TCP v TCP v Port Mapping TCP v TCP v Certificate TCP z E z Wireless gt TCP v TCP v Voice Usb Storage TCP v TCP v Diagnostics TCP a TCP a Management Figure2 8 6 2 Port Triggering gt Select the required application from the applications list If the application you require is not in the list you mu
191. oup Rekey Interval Specifies the timer the WPA key must change If the value set 0 no need to change The change is done automatically between the server and the chent Radius Server IP Adress Enter the IP Address of the authentication server Radius Port Enter the port number of the authentication server The default port number is 1812 Radius Key Enter the same key as the Radius server s WPA Encryption Select TKIP AES or TKIP AES The AES is default The TKIP AES encryption mode means AP auto adjust to use TKIP or AES according to wireless clients Click Save Apply to save the wireless security options and make the change take effect 124 Miralo Ser urity Device Info Advanced Setup vrir Dask Security MAC Filter Wireless Brite Achar StL A Pus h button e Plt Conta Station Inin Help Voice lsh Storage Whi Reta AH Parn Stigi AP Diagn tins es Manarpermerrl Mroadeoa_ yj Hired WPA UPA x Disabled TELIPHARS Figure3 2 7 Wireless Security Mixed WPA2 WPA Authentication WPS Authentication There are 2 primary methods used in the Wi Fi Protected Setup 1 PIN entry a mandatory method of setup for all WPS certified devices 2 Push button configuration PBC an actual push button on the hardware or through a simulated push button in the software This is an optional method on wireless client If you are using the PIN method you will need a Registrar access point wireless route
192. oup for Key Exchange 1024bit w DNS Key Life Time 3600 Seconds DSL Print Server Phase 2 Port Mapping Encryption Algorithm 3DES v IPSec Integrity Algorithm MDS a Select Diffie Hellman Group for Key Exchange 1024bit meen Key Life Time 3600 Seconds Voice Usb Storage Diagnostics Manaaement Figure2 9 7 automatic key exchange advanced settings 105 4 4 12 Certificate To use Certificate user interface choose Certificate under Advanced Setup menu There are two menu items under Certificate menu Local and CA For either type of certificate the base screen shows a list of certificates stored in modem Local Certificates Add View or Remove certificates from this page Local certificates are used by peers to verify your identity Device Info Maximum 4 certificates can be stored Advanced Setup WAN LAN Name In Use Subject Type Action NAT Security Create Certificate Request Import Certificate Quality of Service Routing DNS DSL Print Server Port Mapping IPSec Certificate Trusted CA Wireless Voice Usb Storage Figure2 9 8 Local Certificate overview In the menu Local means local certificates Trusted CA means trusted Certificate Authority certificates Local certificates preserve the identity of the modem CA certificates are used by the modem to very certificates from other hosts Local certificates can be created by two ways O Cr
193. ow be forwarded to the PC running the Web server on port 8080 When setting a port forwarding service you must ensure that the port is not already in use by another application which may stop functioning A common example is when using SIP signaling in Voice over IP the port used by the gateway VoIP application 5060 is the same port on which port forwarding is set for LAN SIP agents Note Some applications such as FTP TFTP PPTP and H323 require the support of special specific Application Level Gateway ALG modules in order to work inside the home network Data packets associated with these applications contain information that allows them to be routed correctly An ALG is needed to handle these packets and ensure that they reach their intended destinations DSL router is equipped with a robust list of ALG modules in order to enable maximum functionality in the home network The ALG is automatically assigned based on the destination port Virtual Servers is configured for this purpose 68 El i 4 1 F A a 192 188 1 1 LAN IP Address ISL MODEM 192 168 141 190 203 70 212 52 192 168 1 20 Web Server WAR IP Address FTP Server Miterhietr http 1 203 70 212 52 Ftp 1203 70 212 52 Remote PC using Remote PC using Web Server FTP Server Figure 2 8 6 Virtual Servers Add Port Forwarding gt To set up Virtual Servers for a service select Virtual Servers from the Advanced Setup NAT Virtual Servers Setup
194. ow you have made the call as if you have dialed the whole number 4 6 3 7 Call hold Call hold enable you put a call to a pending state and pick it in future 145 a Assuming you are in a voice connection you can press FLASH to hold current call b Now you can call another party or press FLASH again to return to first call 4 6 3 8 Call waiting Enabling call waiting will allow third party to call in when you re in a voice connection a Pick up the phone attached to DSL ROUTER b Press 61 to enable call waiting function c Assuming you re in a voice connection when another call comes in DSL ROUTER will stream a call waiting tone to your phone indicating another call is available d Press FLASH will switch to this call and the initial call will put to hold automatically e Press FLASH multi times will switch between these two calls back and forth f Pressing 60 will disable call waiting function 4 6 3 9 Blind transfer Bind transfer will transfer the current call to a third party blindly regardless of whether the transfer is successfully or not a Assume you have already been in a voice connection Press FLASH to hold the first party Dial a third party Before the third party answers the call hook on your phone oe Oo o Now the first party takes over the call and is in connection with the third party 4 6 3 10 Consultative transfer Consultative transfer will
195. p Wireless Yoice Usb Storage Diagnostics Management Username Password EX Port 21 Remote URL tp Ftp tues com test zip Download Figure 3 5 7 Ftp client Setting 4 8 Diagnostics Click Diagnostics to show the interface Your modem is capable of testing your DSL connection The individual tests are listed below If a test displays a fail status click Rerun Diagnostic Tests at the bottom of this page to make sure the fail status is consistent If the test continues to fail click Help and follow the troubleshooting procedures pppoe_8_35_1 Diagnostics Your modem is capable of testing your DSL connection The individual tests are listed below If a test displays a Fail status click Rerun Diagnostic T Device Info consistent If the test continues to Fail click Help and follow the troubleshooting procedures Advanced Setup Wirelaek Test the connection to your local network Test your ENET4 Connection FAIL Help Management Test your ENET3 Connection PASS Help Test your ENET2 Connection FAIL Help Test your ENET1 Connection FAIL Help Test your USB Connection DOWN Help Test your Wireless Connection PASS Help Test the connection to your DSL service provider Test ADSL Synchronization FAIL Help Test ATM DAM F5 segment ping FAIL Help Test ATM DAM F5 end to end ping FAIL Help Test the connection to your Internet service provider Test PPP server connection FAIL Help Test authentication wi
196. pping DynDNS Settings Username Certificate Wireless Save Apply Diagnostics Management Figure2 8 9 10 Dynamic DNS Add Configuration D DNS provider Dynamic DNS provider s website Hostname This is the domain name which can be modified Interface The interface that the packets pass through on the MODEM Username This is the Username needed access the DDNS s management interface Password This is the Password you will be prompted to enter when you access the DDNS s management interface gt Select the service provider for the DDNS service provide the hostname and the interface to use when sending the DDNS updates Also enter the service provider specific registration information and click Save Apply to use the feature 4 4 8 DSL In this interface you can check the DSL settings Mostly the user just need to remain this factory default setting Our modem support these modulations GDmt Glite T1 413 ADSL2 AnnexL ADSL2 and AnnexM The MODEM will negotiate the modulation mode with the DSLAM 96 Select the modulation below G Dmt Enabled Device Info G lite Enabled Advanced Setup 11 413 Enabled WAN LAN ADSL2 Enabled NAT AnnexL Enabled EY ADSL2 Enabled Quality of Service F 4nnexM Enabled Routing Pilea file a cc l Select the phone line pair below AAA AAA Print Server Inner pair Port Mapping Outer pair Certificate Wireless Capability Yoice Bitswap Enable Di
197. proposed as the protocol to be used on the ACS Southbound Interface between an Auto Configuration Server ACS this protocol may be used to manage other types of CPE as well including stand alone routers and LAN side client devices as also shown in 4 RARAS 2 l ACS Northbound Scope of Interface CPE WAN Management Protocol Service ALS southbound Interface Configuration han ager Hi UAT MIIN HTT Regional Bro adb and Managed CPE LAN Device 4 9 4 3 TR 069 Client configuration Click Management gt TR 069Client to show the TR 069 Client configuration page TR 069 client Configuration WAN Management Protocol TR 069 allows a Auto Configuration Server ACS to perform auto configuration provision collection and diagnostics to this device Device Info Advanced Setup Select the desired values and click Apply to configure the TR 069 client options Wireless z 5 Inform Disable Enable Yoice Diagnostics oga wy Inform Interval 300 Management Fi ACS URL Settings System Log ACS User Name ad min TR 069 Client ACS Password p Internet Time Access Control Display SOAP messages on serial console Disable O Enable Update Software Save Reboot Connection Request Authentication Connection Request User Name admin Connection Request Password e GetRPCMethods Figure3 7 1 Tr 069 Client configuration 163 Inform IF the Enable option i
198. quest To generate a certificate signing request you need to include Common Name Organization Name State Province Name and the Device Info letter Country Code for the certificate Advanced Setup WAN Certificate Name mycertificate LAN Common Name twsz com NAT Organization Name tw Security State Province Name Guang Dong Quality of Service Country Region Name CN China v Routing DNS DSL Print Server Port Mapping IPSec Certificate Local Trusted CA Wireless Voice lish Stnrane Figure2 9 9 create new certificate request Wait several seconds the generated certificate request will be shown 0a e signed certificate IS device Name mycertificate Device Info Type request Advanced Setup Subject CN twsz com O tw ST Guang Dong C CN WAN A laa BEGIN CERTIFICATE REQUEST LAN MITB TCB6wIBADECMREwDwYDYQQDEwWh0d3N6LnNybTELMARGA 1DECHhMCdHcxEzAR NAT BgNVBAgTCkd1YWhnIERvbmexC zAJ BeNVBAYTALNOMIGEMAIGCS gG SIbSDQEBAQUA E it 44GNADCBiQKBgQDQNE 14FSHaWBko4Wd1BkKnFh5mTTf9K9WA0EwEngs1DBBINTLZ ecurity 12g0 RG 8k6Yk92DK3e0eWd4HWqr1KC Ow1CXhbQfyDOCQCOFfmbE 5yswbuwOlni neSgt dpxoP VDOK1ZIW1F ob TKGwWbbkWeNG55nt qizphah 3ujBv bjTTQIDAQAB oAAWwDQYT Koz IhvcNAQEEBQAD g YEAOYC9q4 I TxFRPtnUIPskQNbDt clakiejFOATt Hvbwt ZGFKf 1yFT2fBV43kXuV7F8w3L0tzb0TopD 023jp3svW4e03TTxyw2sb8W 6 iWpipF uo F2pJAcLDTG5u0 o0TR53S12yeBjYGXZ TvI3sVBmuUdM210T5a7b03X T8mwPL
199. r to initiate the registration between a new device and an active access point wireless router Note The PBC method may also need a Registrar when used in a special case where the PIN is all zeros In order to use wps authentication you must ensure netcard support the function if 1t support you don t need to do any configuration Only need to do is to press the wps button to enable the wps function 4 5 3 3 Wireless MAC Filter The web page allows you to create a list of MAC addresses that are banned or allowed association with the wireless access point eo MAC Restrict Mode The function can be turn on off Check on Disabled to disable this function Vice versa to enable the function After enabling the function you can filter wireless users according to their MAC address either allowing or denying access Check on Allow to make any wireless MAC address in the Wireless Access Control List can be linked to And Check on Deny to banned any wireless MAC address in the Wireless Access Control List to be linked to Wireless MAC Filter Select SSID Broadcom v Device Info Quick Setup Advanced Setup MAC Restrict Mode Disabled Allow Deny Wireless Basic Reais a MAY rana MAC Address Remove MAC Filter Wireless Bridge Advanced Station Info Voice Usb Storage Diagnostics Management Figure 3 2 8 Wireless MAC filter 125 Add a MAC Access Control To add a new MAC address to your wireless MAC address filter
200. r ID to addresses How can an invite call identify you from so many users who use SIP to communication The secrete is your user ID which you have registered on the SIP Registrar SIP Proxy uses user ID routes the coming call to your POTS NOTE SIP Server has SIP Proxy s and SIP Registrar s function usually sg E Reg UA a A a SIP Registrar o istrar d Internet POTS Ed ee i 3 roxy i HE IP P my z STP Frox Y SIP Server SIP Server 4 6 1 2 SIP Call Flows 4 6 1 2 1 Registration SIP user agent sends a REGISTER message to registrar server containing 1ts SIP URL and location Registrar server stores the binding of the two in its database named location database When other request provides a SIP URL and queries this database for the corresponding location location database server will respond with the IP address 134 Location database a 100 100 100 1 5060 SIP User Store thelbinding SN A in location database M Pea r E z i i Q LE J Y z P aA m R Mg eit Ez Se 5 A a a E E MS REGISTER pig ame a i 3licetmatlanta fom j e alicetmatanta com aliceitatianta com T 100 100 100 1 5060 aN a l e E T pa uo Pr Oxy ae a me Es UU0 UR E A z Registrar Figurel Registration 4 6 1 2 2 Simple Call Flow Sometimes SIP user agents know the exact location of each other and they are configured without proxy In this case
201. ress 139 1 1 2 254 dynamically assigned by BRAS for accessing the ISP The IP address of the PC can be fixed as in this example or assigned through DHCP Server of the MODEM If it is assigned by DHCP Server the DHCP functions of the MODEM must be enabled The IP address of the DHCP address pool is 192 168 1 2 254 The functions are enabled by default and at the same time the PC is configured to obtain IP and DNS addresses dynamically Setting 1 Activate your browser and input 192 168 1 1 in the address column to login the MODEM 2 Click Advanced Setup gt WAN then click add 3 In the ATM PVC Configuration interface configure VPI VCI as 8 35 and then click Next 4 In the Connection Type interface select IP over ATM IPoA and LLC SNAP ROUTING as the encapsulation and then click Next 5 In the WAN Settings interface input the IP address subnet mask and DNS server address provided by your ISP Don t select Use the following default gateway And then click Next WAN IP Address 20 1 1 2 WAN Subnet Mask 233 233 233 0 Primary DNS server 168 95 1 1 59 Secondary DNS server 168 95 192 1 6 In the Network Address Translation Settings interface enable the NAT and firewall And the other keep the default configuration unchanged Then click Next 7 Check the network configurations and make sure that all settings agree with the data
202. ress and Subnet Mask for lan interface x c1ANternet a 10 11 102 35 DSL Router LAN IF Addres 192 168 1 1 Second IF Address 192 168 2 1 192 166 1 2 192 160 1 3 192 168 2 z 192 165 2 3 Figure 2 8 5 Second IP Address This point explain in Defining the private IP address for the DSL Router 66 4 4 3 NAT Network Address Translation 4 4 3 1 Overview Setting up the NAT function gt The DSL Router comes equipped with the NAT Network Address Translation function With address mapping several users in the local network can access the Internet via one or more public IP addresses All the local IP addresses are assigned to the router s public IP address by default gt One of the characteristics of NAT is that data from the Internet is not allowed into the local network unless 1t has been explicitly requested by one of the PCs in the network Most Internet applications can run behind the NAT firewall without any problems For example 1f you request Internet pages or send and receive e mails the request for data from the Internet comes from a PC in the local network and so the router allows the data through The router opens precisely one port for the application A port in this context is an internal PC address via which the data is exchanged between the Internet and a client on a PC in the local network Communicating via a port is subject to the rules of a particular protocol TCP or UDP gt If
203. rid protocol which implements the OAKLEY key exchange and SKEME key exchange inside the Internet Security Association and Key Management Protocol ISAKMP framework ISAKMP OAKLEY and SKEME are security protocols implemented by IKE o OAKLEY Describes a specific mechanism for exchanging keys through the definition of various key exchange modes Most of the IKE key exchange process is based on OAKLEY SKEME Describes a different key exchange mechanism than OAKLEY IKE uses some features from SKEME including its method of public key encryption and its fast re keying feature 4 4 11 4 Howto use and configure the IPSec To use IPSec user interface choose IPSec under Advanced Setup menu The base screen will be shown IPSec Tunnel Mode Connections Add edit or remove IPSec tunnel mode connections from this page Device Info Advanced Setup Enable Connection Name Remote Gateway Local Addresses Remote Addresses WAN F new connection 192 168 1 1 192 168 1 2 192 168 1 5 Remove LAN NAT Security Add New Connection Quality of Service Routing DNS DSL Print Server Port Mapping IPSec Certificate Wireless Voice Usb Storage Diagnostics Figure2 9 5 IPSec Tunnel Mode Connections The table shows current connections User can control the following items in the base IPSec page e Click the check box under Enable column to enable or disable the connection e Click the Remove
204. rit Mark Mi P Mask ddr P y Name Mark ID lark ort Addr Mask Port Addr Mask Port Addr Mask Addr Mask Quality of Service ses a ENET f aa Queue Config 8 81 9 1 4 ICMP css 1 S y QoS Classification Routing E DAL APPIy Print Server Port Mapping Certificate Wireless Voice Diagnostics Management Figure2 8 9 1Qos Classification Conifg Complete click Save Apply This configuration will take effective at once 4 4 5 3 2 Qos 802 1p setting The IEEE802 1p priority marking method is a standard for prioritizing network traffic at the data link Mac sub layer 802 1p traffic is simply classified and sent to the destination with no bandwidth reservations established The follow diagram show the structure of 802 1Q Frame The 802 1Q header includes a 3 bit prioritization field which allows packets to be grouped to be grouped into eight levels of priority 0 7 where level 7 is the highest one In addition DSL maps these eight levels to priority queues where queue has the highest priority Layer 2 802 0 frame Preamble SFD DA SA mark Len Etype 4 2word word mark TPID 0x8100 Priority 3bit CFI 1bit VLAN ID 12bit For example Mark the frame of 802 1p that queued to Queue 9 on vlaue 2 After set in the following interface Enable z Assign ATM Priority and or DSCP Mark for the class If non blank value is selected for Assign Differentiated Services Code Point
205. rver port 4 6 3 VoIP functionality This section will guide you how to use the functionality of DSL ROUTER in more detail Some features involve 2 or 3 parties In that case note that all 3 parties have to be successfully registered 4 6 3 1 Registering Before using any VoIP functionality DSL ROUTER has to register itself to a registrar DSL ROUTER also has to be configured with a proxy which relays VoIP signaling to next hop In fact many implementations integrate these two into one server so in many case registrar and proxy refer to the same IP a Select the right interface to use for registering depending on where Proxy Registrar 144 resides If use WAN link make sure it s already up b Fill SIP domain name with SIP proxy s IP address or domain name Note if we use domain name it must be resolvable to proxy s IP address c Mark Use SIP Registrar box and fill below IP Port field with the right value Fill the extension information Extension Display Name Authentication Name and Password Authentication Name and Password must be pre configured in registrar database e Click Stop SIP client Gf VoIP application has been started already then Start SIP client to make above settings take effect f VoIP LED should light on indicating SIP client is successfully registered 4 6 3 2 Placing a call This section depicts how to place a basic VoIP call a Pi
206. rvice State Enabled DSL NAT Enabled Pore apo Firewall Enabled Certificate z IGMP Multicast Not Applicable Wireless Diagnostics Quality Of Service Disabled Management Click Save to save these settings Click Back to make any modifications NOTE You need to reboot to activate this WAN interface and further configure services over this interface Figure 2 7 9 Bridge Setup Summary Click Save to save these settings And you can click Back to make any modifications After you click Save it show the following interface Wide Area Network WAN Setup C Device Info C Advanced Setup WAN LAN NAT Security PI YCI Con ID Category Service Interface Protocol Igmp QoS Vlanid State Remove Edit 1 35 1 UBR br135 nas 135 Bridge N A Disabled N A Enabled J co un 00 a 1 UBR br_8 35 nas 835 Bridge N A Disabled N A Enabled J Routing DNS DSL Port Mapping Certificate Wireless Diagnostics Management Figure 2 7 10 Bridge Setup Complete NOTE You need to reboot to activate this WAN interface and further configure services over this interface 4 4 1 11 Bridge PVC Network Application Default Private IP 132 165 1 1 Bridge 10 28 1081 i Mode 1 paa fo 10 20 105 3 10 20 1006 1 gt 1463 bndge 62 Descriptions In this example the MODEM is connected to the DSLAM through PVC 8 35 and the access mode is pure Bridging The uplink interface
207. ryption system to ensure that only authorized network users can access the network To encrypt a network with WPA Personal PSK you provide your router not with an encryption key but rather with a plain English passphrase between 8 and 63 characters long Using a technology called TKIP for Temporal Key Integrity Protocol that passphrase along with the network SSID is used to generate unique encryption keys for each wireless client And those encryption keys are constantly changed Although WEP also supports passphrases it does so only as a way to more easily create static keys which are usually comprised of the hex characters 0 9 and A F 3 The 802 1X standard is designed to enhance the security of wireless local area networks WLANs that follow the IEEE 802 11 standard 802 1X provides an authentication framework for wireless LANs allowing a user to be authenticated by a central authority The actual algorithm that is used to determine whether a user is authentic is left open and multiple algorithms are possible 802 1 X uses an existing protocol the Extensible Authentication Protocol EAP RFC 2284 that works on Ethernet Token Ring or wireless LANs for message exchange during the authentication process In a wireless LAN with 802 1X a user known as the supplicant requests access to an access point known as the authenticator The access point forces the user actually the user s client software into an unauthorized state that allow
208. s click on the Add button to show next page Type in the MAC Address in the entry field provided Click the Save Apply button to add the MAC address to the list The MAC address will appear listed in the table below Wireless MAC Filter Enter the MAC address as 90030300 30 90C30 and click Apply to add the MAC address to the wireless MAC address filters Device Info Advanced Setup MAC Address Wireless Basic Security Wireless Bridge Advanced Quality of Service SecureEasySetup Station Info Diagnostics Management Figure 3 2 9 Wireless MAC filter ADD Remove a MAC Access Control Check on the remove box in the right column of the list for the MAC address to be removed and then click Remove button 4 5 3 4 Wireless Bridge This page allows you to configure wireless bridge features of the wireless LAN interface The Wireless Distribution System WDS allows you to extend the range of your wireless network by introducing one or more WDS enabled devices into your wireless network You can only establish WDS links with WDS enabled devices o AP Mode Select Access Point s functionality to be Access Point or pure Wireless Bridge You can select Wireless Bridge also known as Wireless Distribution System to disables access point functionality Selecting Access Point enables access point functionality and Wireless bridge functionality will still be available and wireless stations will be able to
209. s Errs Drops Summary Ethernet 272937 2247 0 0 1049991 12448 10 0 USB 0 0 O 0 o 0 0 0 Wireless 0 0 O 0 32429 143 18 j Reset Statistics Route ARP DHCP Advanced Setup Wireless Diagnostics Management Figure 2 3 4 Statistics of LAN 4 3 5 Statistics of WAN Click Statistics gt WAN to show the following interface You can query information on packets recevied at the WAN interfaces Click Reset Statistics to return the values to zero and recount them Informations as below Service VPI VCI Protocol Interface Received Bytes Bytes of Received Pkts Packets of Received 31 Errs Errors packets of Received Drops Drops packets of Received Transmitted Bytes Bytes of Received Pkts Packets of Received Errs Errors packets of Received Drops Drops packets of Received Statistics WAN Service PL CIProtocol Interface Received Transmitted Device Info Bytes Pkts Errs Drops Bytes Pkts Errs Drops Summary pppoe 8 35 1 8 35 PPPoE ppp 8 35 1 1254 18 0 O0 1014 18 0 oOo WAN Statistics LAN Reset Statistics ATM ADSL Route ARP DHCP Advanced Setup Wireless Diagnostics Management Figure 2 3 5 Statistics of WAN 4 3 6 Statistics of ATM Click Statistics gt ATM to show the following interface You can query information on packets recevied at the ATM interfaces Click Reset to return the values to zero and recount them There are t
210. s network with a network name SSID and strong WPA data encryption and authentication Wi Fi Protected Setup is designed to support various Wi Fi certified 802 11 products ranging from access points wireless adapters Wi Fi phones and other consumer electronics devices Advantages of WPS 1 WPS automatically configures the network name SSID and WPA security key for the access point and the WPS enabled client devices on a network You do not need to know the SSID and security keys or pass phrases when connecting WPS enabled devices 2 No one can guess or figure out your security keys or pass phrase because the keys will be randomly generated No predictable pass phrases or long sequences of hexadecimal to enter Information and network credentials are securely exchanged over the air using the Extensible Authentication Protocol EAP one of the authentication protocols used in WPA2 3 WPS has been integrated and supported in Windows Vista currently Windows Vista only work in Registrar mode Disadvantages of WPS 1 It does not support Ad Hoc mode or network where wireless devices are communicated directly to each other without an access point All of the Wi Fi devices on the network must be WPS certified or WPS compatible otherwise you will not be able to take advantage of the ease of securing the network 2 Difficult to add a non WPS client device to the network because of the long sequences of hexadecimal characters generated by the W
211. s selected the CPE will accept the commands from ACS the CPE will not accept the commands from ACS when the Disable option is selected Inform Interval How many seconds does the CPE inform the ACS to connect ACS URL input the ACS URL ACS User Name The ACS user name is that the TR 069 Service provide to you ACS Password The ACS password is that the TR 069 Service provide to you Display SOAP messages on serial console When select Enable option the SOAP information will display on the serial console when select disable 1t will not Connection Request Authentication If this checkbox is selected you need to input the Connection Request User Name and the Connection Request Password or you needn t to input e Connection Request User Name the connection user name that the TR 069 Service provide to you e Connection Request Password the Connection Request Password that the TR 069 Service provide to you e When Click Save Apply the configuration will save and apply 4 9 5 Internet Time Click the Internet Time the interface show you In this page the MODEM can synchronize with Internet time servers Time settings This page allows you to the modem s time configuration Device Info Automatically synchronize with Internet time servers Advanced Setup naucany Sy i Wireless Diagnostics Management Settings System Log SNMP Agent Access Control Save pply Update Software Save Reboot Fi
212. s the client to send only an EAP start message The access point returns an EAP message requesting the user s identity The client returns the identity which is then forwarded by the access point to the authentication server which uses an algorithm to authenticate the user and then returns an accept or reject message back to the access point Assuming an accept was received the access point changes the client s state to authorized and normal traffic can now take place The authentication server may use the Remote Authentication Dial In User Service RADIUS 113 although 802 1X does not specify it 4 WPS is short for Wi Fi Protected Setup was introduced and developed by the Wi Fi Alliance http www wi fi org to help standardize and simplify ways of setting up and configuring security on a wireless network Traditionally users would have to manually create a wireless network name SSID then manually enter a creative yet predictable security key on both the access point and the client to prevent unwanted access to their wireless network This whole process requires the users to have the background knowledge of the Wi Fi devices and the ability to make the necessary configuration changes WPS was introduced to relieve and remove all of the guess work of securing a wireless network by typing a short PIN numeric code or pushing a button Push Button Configuration or PBC On a new wireless network WPS will automatically configure a wireles
213. sage Alice s proxy determines the next hop is proxy biloxi com and passes this message to it Finally bob s phone rings also this triggers a message passed back to Alice s user agent producing a ring back tone in Alice s phone Once Bob hooks up his phone a 2 way voice stream 1s created 136 Proxy of Proxy of Alice atlanta com biloxi com Bob des a ca a e a EH alice atlanta com gt bobm biloxi com oy A on es E l i A LA a i 7 on nw i as m F d E st 1 i a INVITE ooo INVITE INVITE o 180 Ringing 180 Ringing 180 Ringing i _ _ _ 200 OK 200 OK 00 OK LE e A ACK 12 Way Media Stream 4 6 1 2 4 Call Flow in Redirect Mode In this flow Alice calls Bob at bob Oatlanta com Alice s user agent sends the SIP message to its proxy but gets a 302 message indicating Bob now is resided in another location Also this response also guides Alice how to reach its new location bob biloxi com This time Alice knows the correct location of Bob and the call flow 1s like the ones in previous section 137 Proxy of Proxy of Alice biloxi Bob 350 an JOX COM La a atlanta com alice atlanta com ai bob biloxi com ar r i a Lj i I ey a INVITE bobi atlarta com E 302 Moved Temporarily 29 er INVITE bob ibilox bob biloxi cam _ gt ACK 180 Ringing lt 200 OK E ACK E
214. se This address block is 192 168 1 1 192 168 255 254 IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Note New settings can only be made after the DSL Router has been rebooted If necessary reconfigure the IP address on your PC including one that is statically assigned so that it matches the new configuration 4 4 2 2 Enable UPNP Universal Plug and Play PCs with UPnP Universal Plug amp Play can offer their own network services and automatically use services offered in the network Enable UPnP Note The PC must have WindowsME or WindowsXP as its operating system Check whether the UPnP function has been installed in the PC s operating system It may be necessary to retrospectively install the UPnP components even on systems with WindowsXP or WindowsME Please consult your PC s user guide As soon as you have installed UPnP in the operating system of a PC and activated it on the router applications on this PC e g Microsoft Messenger can communicate via the Internet without you needing to expressly authorise it In this case the router automatically implements port forwarding thereby facilitating communication via the Internet The task bar on the PC on which UPnP is installed contains an icon for the DSL Router In systems with WindowsXP the icon is also shown undernetwork connections Click this icon to open the user interface of the DSL Router Note When the UPnP function is active system applications can assi
215. sic network managed by SNMP Figure 1 SNMP Facilitates the Exchange of Network Information Between Devices An SNMP managed network consists of three key components managed devices agents and network management systems NMSs A managed device is a network node that contains an SNMP agent and that resides on a managed network Managed devices collect and store management information and make this information available to NMSs using SNMP Managed devices sometimes called network elements can be routers and access servers switches and bridges hubs computer hosts or printers An agent is a network management software module that resides in a managed device An agent has local knowledge of management information and translates that information into a form compatible with SNMP An NMS executes applications that monitor and control managed devices NMSs provide the bulk of the processing and memory resources required for network management One or more NMSs must exist on any managed network Management entity e mm r Managed devices 157 Figure 2 An SNMP Managed Network Consists of Managed Devices Agents and NMSs Managed devices are monitored and controlled using four basic SNMP commands read write trap and traversal operations The read command is used by an NMS to monitor managed devices The NMS examines different variables that are maintained by managed devices The write command is used by an NM
216. sing a MWI tone streamed to user s handset 142 4 6 2 2 3 Enable T38 support Enable T38 support Checking this box will enable T38 support When doing a fax transmission on DSL ROUTER after fax tone been detected fax transmission will switch to T38 mode 4 6 2 2 4 Registration Expire Timeout Registration Expire 3800 Timeout It s the interval DSL ROUTER will initiate a new registration since last one It s also known as registration assurance timer Gateway uses this mechanism to keep its binding record updated 4 6 2 2 5 Dial Plan Setting Set the VoIP dial plan If user dialed number matches it the number will be processed by DSL ROUTER immediately 4 6 2 2 6 Dtmf Relay setting Dtmf Relay setting Voice Band Sip Info RFC 833 Voice Band SE CSS SSE SIP Transport protocol Set DTMF transmit method which can be following values SIP Info Use SIP INFO message to transmit DTMF digits RFC2833 Use RTP packet to encapsulate DTMF events as specified in RFC 2833 Voice Band DTMF events will be mixed with user voice in RTP packet 4 6 2 2 7 SIP Transport protocol SIF Transport protocol Select the transport protocol to use for SIP signaling Note SIP proxy and registrar need to support the protocol you choose 143 4 6 2 2 8 Incoming PSTN Call Routing Incoming PSTN Call Routing Auto PSTN Call zwit ch to idle line Auto PSTN Call switch to idle line
217. smission speeds or you can select Auto to have the Router automatically use the fastest possible data rate and enable the Auto Fallback feature Auto Fallback will negotiate the best possible connection speed between the Router and a wireless client The default value is Auto Basic Rate Select the basic transmission rate ability for the AP Oo Fragmention Threshold Packets that are larger than this threshold are fragmented into multiple packets Try to increase the fragmentation threshold 1f you encounter high packet error rates Do not set the threshold too low since this can result in reduced networking performance o RTS Threshold This value should remain at its default setting of 2347 Should you encounter inconsistent data flow only minor reductions are recommended Should you encounter inconsistent data flow only minor reduction of the default value 2347 1s recommended If a network packet is smaller than the preset RTS threshold size the RTS CTS mechanism will not be enabled The Router sends Request to Send RTS frames to a particular receiving station and negotiates the sending of a data frame After receiving an RTS the wireless station responds with a Clear to Send CTS frame to acknowledge the right to begin transmission The RTS Threshold value should remain at its default value of 2347 eo DTIM Interval Delivery Traffic Indication Message Enter a value between 1 and 255 for the Delivery Traffic Indication Message DTIM
218. ss devices to roam within the range of the network Wireless devices that wish to communicate with each other must use the same SSID Several access points can be set up using the same SSID so that wireless stations can move from one location to another without losing connection to the wireless network The Gawv5 4U4 A3 operates in Infrastructure mode It controls network access on the wireless interface in its broadcast area It will allow access to the wireless network to devices using the correct SSID after a negotiation process takes place By default the Gawv5 4U4 A3 broadcasts its SSID so that any wireless station in range can learn the SSID and ask permission to associate with it Many wireless adapters are able to survey or scan the wireless environment for access points An access point in Infrastructure mode allows wireless devices to survey that network and select an access point with which to associate You may disable SSID broadcasting in the web manager s wireless menu 4 5 2 2 Wireless Standard Wireless Standard include 802 11a 802 11b 802 11g and 802 11n 802 11b IEEE expanded on the original 802 11 standard in July 1999 creating the 802 b specification 802 11b supports bandwidth up to 11 Mbps comparable to traditional Ethernet 802 11b 111 uses the same unregulated radio signaling frequency 2 4 GHz as the original 802 11 standard Vendors often prefer using these frequencies to lower their production costs Being unregulat
219. st enter the relevant data on the screen custom application gt Trigger port start and Trigger port end Enter the port that is to be monitored for outgoing data traffic trigger protocol Select the protocol that is to be monitored for outgoing data traffic Open Protocol Select the protocol that is to be allowed for incoming data traffic Open port start and Open port end Enter the port that 1s to be opened for incoming traffic VV V Note You can use a single port number several port numbers separated by commas port blocks consisting of two port numbers separated by a dash or any combina tion of these for example 80 90 140 180 gt Apply the settings by clicking save apply 70 Remove port Triggering Check remove box Apply setting by click Save Apply 4 4 3 4 DMZ Host http 10 11 102 34 10 11 102 35 cin terncet sa DSL Router LAN IF WAH IP Address Address 192 166 1 1 10 11 102 34 a h 2 a ba a i a i i i d F r 7 E i z P z i r E h E h n i a 192 166 1 4 IMZ Host 132 168 1 5 197 166 1 2 gees 168 1 Figure2 8 6 3 DMZ Host The DMZ Demilitarized Host featureallows one local computer to be exposed to the Internet You wish to use a special purpose Internet service such as an on line game or video conferencing Program that is not present in the Port Forwarding list and for which no port range information is available You are not concerned
220. sulation Mode 51 Connection Type Select the type of network protocol and encapsulation mode over the ATM PC that your ISP has instructed you to use Note that Device Info 802 1q YLAN tagging is only available for PPPoE MER and Bridging Advanced Setup WAN PPP over ATM PPPOA LAN NAT PPP over Ethernet PPPoE Securit eeseccoos Y MAC Encapsulation Routing MER Routing Fessessese dali IP over ATM IPoA DSL Port Mapping Bridging Certificate Wireless Encapsulation Mode Diagnostics os a LLC SNAP BRIDGING Management Enable 802 1q Figure 2 6 2 MAC Encapsulation Routing MER Enable 802 1q If enable it input the 802 1q VLAN tag value Note that 802 1q VLAN tagging is only available for PPPoE MER and Bridge Click Next to show the following interface O In this interface you can modify the WAN IP address Default Gateway and DNS Server settings WAN IP Settings Enter information provided to you by your ISP to configure the WAN IP settings Device Info Notice DHCP can be enabled for PVC in MER mode or IP over Ethernet as WAN interface if Obtain an IP address automatically e chosen Changing the default gateway or the DNS effects the whole system Configuring them with static values will disable the automatic assignment from DHCP or other WAN connection Advanced Setup WAN a A p E If you configure static default gateway over this PVC in MER mode you must enter the IP address o
221. t Enable PPP IP extension And then click Next 6 In the Enable IGMP Multicast and WAN Service interface keep the default configuration unchanged and then click Next 7 Check the network configurations and make sure that all settings agree with the data provided by your ISP and then click Save 8 Click Save Reboot to apply the changes and reboot the system If you need to modify the LAN IP address you can do it in LAN of Advance After the PPPOE dialup which is built in the MODEM is successful the IP address 10 28 106 82 is obtained Enter Device Info gt WAN Show below WAN Info PI CI Con ID Category Service Interface Protocol Igmp QoS State Status IP Address Device Info 1 UBR pppoe 8 351 ppp 8 35 1 PPPoE Disabled Disabled Enabled Up 10 28 106 82 Summary Statistics Route ARP DHCP Advanced Setup Wireless Diagnostics Management Figure 2 5 1 WAN PPPoE Info 4 4 1 4 Add PPPoA PVC Click Add to add a certain piece of PVC The following descriptions are given by an example of adding PVC 8 35 PPPOA mode eo Click Add following PVC 8 35 44 Wide Area Network WAN Setup Choose Add Edit or Remove to configure WAN interfaces Device Info Choose Save Reboot to apply the changes and reboot the system Advanced Setup WAN WPI VCI Con ID Category Service Interface Protocol Igmp QoS VYianid State Remove Edit
222. t external port end Select protocol Set Internal port start and internal port end Entry Remote 1p Click OK to apply the settings YYY VVVVV If the application you require is not in the list you must manually enter the relevant data on the screen Select the protocol for the service you are providing from the Protocol list Under Public port enter the port number of the service you are providing In the Local port field enter the internal port number to which service requests are to be forwarded In the Local IP address field enter the IP address of the PC that provides the service Example the Web server has been configured to react to requests on port 8080 However the requests 69 from websites enter the Web server via port 80 standard value If you add the PC to the forwarding table and define port 80 as the public port and port 8080 as an internal port all requests from the Internet are diverted to the service with the port number 80 on the Web server of the PC you have defined with port 8080 Note You can use a single port number several port numbers separated by commas port blocks consisting of two port numbers separated by a dash or any combination of these for example 80 90 140 180 Del Port Forwarding gt Click remove box gt Click remove to apply the settings 4 4 3 3 Port Triggering If you configure port triggering for a certain application you need to determine a so called trigger port and the pr
223. ta ita aidiad 133 4 02 Wed Pade TT OCUCHON ad tacidiad 138 KO YNOF LUNCH AMY adas 144 4 04 COMMS ULATION Example aaa 148 A USB FORAGE il litis 151 Adal ETE CNCE CON SUE ta ti dida 152 AS DIAGNOSTIE Sais lides 153 EO MANAGEMEN olla oo 154 APD o O RR 154 ALO SM O des 154 DD Mo JO Ud C ien ess O OL O PO A eee ates 156 O A aT EN 162 kI SMALE TIN GU ME POP cna A Na OPE EE E 164 NC COMO siesta A a eek ee ee calc aa eases 164 ho Ja Goa A 166 FI ANC RE DOO POR O O O EU O GE a lias oleae ct San adeh wanleens 166 1 Introductions The DSL Router is a Highly integrated ADSL2 Integrated Access Device which is an advanced all in one gateways incorporating VolP available Ethernet Switch and Wireless home networking Access Point complied with the EEE802 11b g standards It is usually prefered to provide high access performance applications for the individual users the SOHO the small enterprise and so on 1 1 Applications Home gateway SOHO Applications The small enterprise Appllications Voice over IP available TV over IP IPTV Higher data rate broadband sharing Shared broadband internet access Audio and video streaming and transfer PC file and application sharing Network and online gaming 1 2 Features Four 10 100 Ethernet ports 1x USB 2 0 host port Friendly GUI for web configuration Support IPSec for Virtual Private Network VPN Several popular games are already pre configured Just enable the game and the port settings
224. th ISP PASS Help Test the assigned IP address FAIL Help Ping default gateway FAIL Help Ping primary Domain Name Server PASS Help Next Connection Rerun Diagnostic Tests Test With OAM F4 Figure 3 5 8 Diagnostics page 153 4 9 Management 4 9 1 Settings 4 9 1 1 Settings Backup Click the Backup Settings backup the DSL router configurations Settings Backup Backup DSL router configurations You may save your router configurations to a file on your PC Deyice Info Advanced Setup Wireless Backup Settings Diagnostics Management Backup Update Restore Default Figure 3 5 9 Backup Config 4 9 1 2 Settings Update Click the Browsing button select the correct update configure settings file Then click the Update Settings to update the Modem settings Tools Update Settings Update DSL router settings You may update your router settings using your saved Files Device Info ii Advanced Setup Settings File Mame juli Wireless Management Settings Backup ee Restore Default System Log Figure 3 5 10 Update Settings 4 9 1 3 Settings Restore Default Click Restore Default Settings to restore DSL router settings to the factory defaults Tools Restore Default Settings Restore DSL router settings to the factory defaults Device Info Advanced Setup Diagnostics Management Settings Backup Update System Log SNMP Agent Internet Time Access
225. the interfaces select the interface from the grouped list and click the right arrow button Step4 To automatically add LAN clients to the specified group PVC edit the list Note That by adding the DHCP vendor ID OPTION 60 string The clients will be automatically denied an IP address by the local DHCP server and may obtain public IP address Note That the selected interfaces will be removed from their existing groups and added to the 5 Click Save Apply button to make the changes effective immediately Note That the selected interfaces will be removed from their existing groups and added to the 4 4 11 IPsec IPSec Internet Protocol Security Associations allows creation of secure tunnels in the IP Internet Protocol layer Secure tunnels are used to construct VPNs Virtual Private Networks over the internet The IPSec protocol design includes ISAKMP Internet Security Association Key Management Protocol 102 framework and IKE Internet Key Exchange protocol is the primary protocol to generate and maintain IPSec SAs Security Associations which are the basic building blocks of VPNs Virtual Private Networks over the internet IKE uses cryptography extensively However for our purpose we will assume that cryptography is a module to generate a key and use it to encrypt or decrypt the payload Once the SAs are established the payload is transferred using IPSec ESP Encapsulating Security Payload or AH Authentication Header protocols
226. thernet PPPoE C We click Next button enter PPP information config page 20 PPP Username and Password PPP usually requires that you have a User name and password to establish your name and password that your ISF has provided to you PPP sername i PPP Password Authentication Method AUTO EE Dial on demand with idle timeout timer Inactivity Timeout minutes 1 4320 o PRP IP extension Advanced DMZ Mon DMZ IF Address Non DMZ Net Mask Use Static IF Address IF Address Retry PPP password on authentication error Enable PPP Debug Mode Figure 2 2 2 2 2 PPP information and others funtion page Your Internet Service Provider ISP should provide you with the following information PPP Username PPP Password Authentication Method You can also select another service function as below Dial on demand with idle timeout timer PPP IP extension Use Static IP Address Retry PPP password on authentication error Enable PPP Debug Mode D We click Next button enter wan and gmp function information config page If you want to use IGMP service on pppoa pvc we must select Enable IGMP Multicast box 21 Enable IGMP Multicast and WAN Service Enable IGMP Multicast 7 Enable WAN Service Service Mame popoe_0_0 35 1 Figure 2 2 2 2 3 PPPoE IGMP and WAN service page 4 2 1 5 Internet Connection Type MAC Encapsulation Routing
227. tics Management Figure3 1 5 Import CA Certificate 4 5 Wireless 4 5 1 Overview 4 5 1 1 What is wireless network There are two types of wireless network set ups Client Mode infrastructure and Ad Hoc Mode peer to peer Client Mode is an 802 11 networking framework in which devices communicates with each other by first going through a wireless router or access point Wireless devices can communicate with each other or can communicate with a wired network Generally a majority of small businesses and home users operate in Client Mode because they require access to the wired LAN usually from broadband or cable Internet providers in order to use services such as file servers or printers 109 A ta a el atl i EL Pol P a J 4 7 l e y 5 5 Wireless Infrastructure Network Figure 1 Client Model Ad Hoc sometimes referred to as peer to peer is a type of wireless network allowing a wireless adapter or other Ethernet ready device to connect directly to another wireless adapter or Ethernet ready device a a g 4 3 Wireless Ad hoc Network Figure 2 Ad Hoc Model 4 5 1 2 About our product The Gawv5 4U4 A3 Wi Fi certified IEEE 802 11g compliant wireless access point allows multiple computers to connect wirelessly to your local network over the Gawv5 4U4 A3 Wireless LAN environment The Gawv5 4U4 A3 is backward compatible with IEEE 802 11b which means 802 11b and 802 11g devices can coexist
228. ting data encryption specify whether a network key 1s required to authenticate to this wireless network and specify the encryption strength This device is equipped with 802 1X and WPA WPA2 Wi Fi Protected Access the latest security standard It also supports the legacy security standard WEP Wired Equivalent Privacy By default wireless security is disabled and authentication is open Before enabling the security consider your network size complexity and existing authentication infrastructure and then determine which solution applies to it Following is a description of the different options o Select SSID Select the wireless LAN of SSID to configure security features o No Encryption Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be open WEP Encryption Disable WEP Encryption The data is not encrypted when it is transferred from the device to the client station This is the default option MAC Filter Wireless Bridge l Adwanced p al i tion P fiance Station Info ola Usb Storage Diagnostics Maap Manual Setup AP Enabled Bl bit Figure3 1 7 Wirless security No Encryption Click Save Apply to save the wireless security options and make the change take effect o 64 bit WEP Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wire
229. tions Log Disable Enable logtevet pe Display Level Error i Mode Local iw Save Apply Both the log level and display level have eight choices The default log level is Debugging and the default display level is Error The mode options are Local Remote and Both The default one is Local System Log Configuration If the log mode is enabled the system will begin to log all the selected events For the Log Level all events above or equal to the selected equal to the selected level will be displayed If the selected mode is Remote or Both events will be sent to the specified IP address and UL Device Info Both events will be recorded in the local memory Advanced Setup Wireless Select the desired values and click Save Apply to configure the system log options Diagnostics Management Log Disable Enable Settings s Log Level Debugging System Log SNMP Agent Display Level Errors Internet Time Mode Access Control Update Software Save Reboot Informational Debugging Save Apply Figure 3 6 3 System Log Config If you select Remote or Both all events will be transmitted to the specified UDP port of the 155 specified log server System Log Configuration If the log mode is enabled the system will begin to log all the selected events For the Log Level all events above or equal to the selected level will be l
230. tions and make the change take effect 4 5 3 8 Wireless Authenticated Stations This page shows authenticated wireless stations and their status about Association and authentication 130 Wireless Authenticated Stations This page shows authenticated wireless stations and their status Device Info Quick Setup BSSID Associated Authorized Advanced Setup Wireless Basic Security MAC Filter Wireless Bridge Advanced Quality of Service SecureEasysetup Station Info Diagnostics Management Figure 3 3 5 Wireless Authenticated Stations 4 5 4 Configuration Example 4 5 4 1 Howto connect STA to AP This section will give a simple configuration example it familiarize you with wireless configuration and how to connect a wireless pc to the network The topology below will be used a an Ce Figure 25 Topology for STA connect to AP 4 5 4 1 1 Configuring wireless connection 1 Open the wireless basic web page the LAN Wireless Access Point Properties screen appears see figure26 2 Check the Enable Wireless boxes 3 Change the default SSID to john_smith make it be unique name After setting the web page appears see figure 26 131 Wireless Basic This page allows you to configure basic Baires of the wireless LAM interface You can enable or deabia the wireless LAN interface hida the neteork from acta scans Bet te Devine Info WIKIES netwitrk nara A60 koi as SAL a a restrict ta charr
231. tream packet is overwritten by the selected value Security n e a Assign Classification Queue PVC 0 8 356Prece 1 amp Queue 9 y Quality of Service e man _ NN z Assign Differentiated Services Code Point DSCP Mark x Queue Config LESS EEN Mark 802 1p if 802 19 is enabled z QoS Classification Routing Specify Traffic Classification Rules DSL Enter the following conditions either for IP level SET 1 or for IEEE 802 ip SET 2 Print Server Port Mapping a Physical LAN Port ENET 1 4 y Certificate z Protocol ICMP v Wireless 7 gt s Differentiated Services Code Point DSCP Check ICS5 101000 x Yoice Diagnostics HP pease Management Source Subnet Mask UDP TCP Source Port port or port port Destination IP Address Destination Subnet Mask UDP TCP Destination Port port or port port Source MAC Address Source MAC Mask Destination MAC Address Destination MAC Mask ANETTE Figure2 8 8 10 Qos DSCP setting Conifg example After proper modifications click Save Apply to show the following interface 85 SE Quality of Service Setup Choose Add or Remove to configure network traffic classes Device Info Advanced Setup If you disable WMM function in Wireless Page classification related to wireless will not take effects WAN MARK TRAFFIC CLASSIFICATION RULES S Destinati LAN Class DSCP Queue 802 1P Lan Protocol DSCP Source Source Dest Dest seen ele on 802 1P Orde Secu
232. ually allowed to be used may be additionally restricted as shown in the table below Regulatory Domain Allowed Radio Channels China 1 to 13 Europe 1 to 13 Israel 5 to 8 Japan 1 to 14 Jordan 10 to 13 Thailand 1 to 14 USA Canada 1 to 11 4 5 2 5 Wireless Distribution System The WL series of APs use wireless ports to interconnect BSS areas WDS is commonly used in areas requiring multiple APs where wiring 1s not possible or costly and for providing back up paths between APs The number of ports on an AP available for the WDS is dependent on the AP model The 520wl for example allows up to six WDS links The same frequency channels must be used on each end of a WDS link The same PC card that supports a BSS area can be used for a WDS link The packet flow through the WDS is very similar to the standard DS except it uses the wireless ports instead of the Ethernet port 4 5 3 Configure Wireless Connection 4 5 3 1 Wireless Basic This page allows you to configure basic features of the wireless LAN interface You can enable or disable the wireless LAN interface hide the network from active scans set the wireless network name 115 also known as SSID and restrict the channel set based on country requirements Following is a description of the different options Enable Wireless If you want to make wireless be available you have to check this box first Otherwise the Hide Access Point SSID Country Enable Wireless Guest
233. understand what is Differentiated Services Code Point DSCP one must first be familiarized with the Differentiated Services model Differentiated Services Diffserv is a Class of Service COS model that enhances best effort Internet services by differentiating traffic by users service requirements and other criteria Packets are specifically marked allowing network nodes to provide different levels of service Via priority queuing or bandwidth allocation or by choosing dedicated routes for specific traffic flows Display by follow diagram In the IPV4 packet have a TOS filed Diffserv defines TOS field in IP packet headers refered to as DSCP Hosts or routes passing traffic to a Diffserv enabled network will typically mark each transmitted packet with an appropriate DSCP The DSCP markings are used by Diffserv network routers to appropriately calssify packets and to apply particular queue handing or scheduling behavior Layer 3 IPV4 packet For example marking each transmitted ICMP packet which passing traffic to 8 81class with an appropriate DSCP CS5 After set in the following interface Traffic Class Name 8 81 Rule Order Last x Rule Status Enable Device Info Advanced Setup Assign ATM Priority and or DSCP Mark for the class WAN If non blank value is selected for Assign Differentiated Services Code Point DSCP Mark the correcponding DSCP byte in the IP LAN header of the ups
234. urity IE loe Wireless Dre Aula Station info bici Pue lsh Storage Diagn Aanagerrent Enabled ZB bit Figure3 1 9 Wireless Security 128 bit WEP Before introducing the following authentications you need to understand the radius server RADIUS server is short for A Remote Authentication Dial in User Service server which is most commonly a third party server used for authentication of wireless clients who wish to connect to an access point The wireless client contacts an access point a RADIUS client which in turn communicates with the RADIUS server The RADIUS server performs the authentication by verifying 118 the client s credentials to determine whether the device is authorized to connect to the access point s LAN If the RADIUS server accepts the client it responds by exchanging data with the access point including security keys for subsequent encrypted sessions A typical topology which adopt the radius server see figure DUS Ss Wired Wireless Clients Wired Wireless Clients Figure 8 adopting radius server authenction topology eo 802 1x Authentication Please refer to below for details of configuration Network Authentication Select the authentication mode for the selected wireless LAN of SSID to be 802 1x Radius Server IP Adress Enter the IP Address of the authentication server Radius Port Enter the port number of the authentication server The default port number is 1812 Radius Key Enter t
235. ve 20Mbps DSSS WEP amp with CCK WPA 802 11b Improved security enhancements IEEE 54Mbps over 802 11 Compatible with 802 11b 14 802 11 in the Wi Fi 2 4GHz channels available in the 2 4GHz band only 11 of which can be used in the U S due to FCC regulations with only three band below 20Mbps 112 non overlapping channels Note Maximum wireless signal rate based on IEEE Standard 802 11g specifications is 54 Mbps But actual data throughput will vary Network conditions and environmental factors including volume of network traffic building materials and construction and network overhead will cause lower actual data throughput rate 4 5 2 3 Wireless Security Various security options are available on the Gawv5 4U4 A3 including open or WEP 802 1x WPA WPA PSK WPA2 and WPA2 PSK In the following some authentications will be introduced For details on these methods and how to use them please read the wireless LAN configuration information in Section 1 3 2 Wireless Security Configuration 1 WEP is short for Wired Equivalent Privacy or Wireless Encryption Protocol WEP is part of the IEEE 802 11 wireless networking standard and was designed to provide the same level of security as that of a wired LAN Because wireless networks broadcast messages using radio they are susceptible to eavesdropping WEP provides security by encrypting data over radio waves so that it is protected as it is transmitted from
236. ve at once without the MODEM being rebooted such as adding a static route See detailed descriptions below 4 2 Quick Setup When we enter into Quick Setup page It mainly include three functions to do WAN Interface setup LAN Interface setup Wireless Interface setup Quick Setup enables speedy and accurate configuration of your Internet connection and other important parameters The following sections describe these various configuration parameters Whether you configure these parameters or use the default ones click Next to enable your Internet connection When subscribing to a broadband service you should be aware of the method by which you are connected to the Internet Your physical WAN device can be either Ethernet DSL or both Technical information regarding the properties of your Internet connection should be provided by your Internet Service Provider ISP For example your ISP should inform you whether you are connected to the Internet using a static or dynamic IP address or what protocols such as PPPOA or PPPoE you will be using to communicate over the Internet 4 2 1 WAN Interface Setup In WAN Interface Setup phase We mainly setup a PVC and the property of this PVC VPI VCI Qos Internet Connection Type Encapsulation Type IGMP service NAT 4 2 1 1 Setup VPI VCI and QoS After logging into the DSL router When we were not config any PVC at privious time and we have not default settings
237. version of RIP RIP 2 enabled RIP messages to carry more information which permitted the use of a simple authentication mechanism to secure table updates More importantly RIP 2 supported subnet masks a critical feature that was not available in RIP This chapter summarizes the basic capabilities and features associated with RIP Topics include the routing update process RIP routing metrics routing stability and routing timers 4 4 6 3 2 Routing Updates RIP sends routing update messages at regular intervals and when the network topology changes When a router receives a routing update that includes changes to an entry it updates its routing table to reflect the new route The metric value for the path is increased by 1 and the sender is indicated as the next hop RIP routers maintain only the best route the route with the lowest metric value to a destination After updating its routing table the router immediately begins transmitting routing updates to inform other network routers of the change These updates are sent independently of the regularly scheduled updates that RIP routers send 4 4 6 3 3 RIP Routing Metric RIP uses a single routing metric hop count to measure the distance between the source and a destination network Each hop in a path from source to destination 1s assigned a hop count value which is typically 1 When a router receives a routing update that contains a new or changed destination network entry the router adds
238. ws you to connect two or more parties over a single broadband connection providing the benefits and quality of digital voice and other advanced features These parties include IP phone analog phone attached an ATA Analog Telephone Adapter and telephone on PSTN network With a PBX Private Branch eXchange or a signaling gateway you can even connect to VoIP phones armed with other protocols than SIP DSL ROUTER enables you to place and receive calls over the Internet using a standard telephone set connected to SIP Proxy or other devices which have include the same functions as SIP Proxy With proper dial plan setting calls on DSL ROUTER may be routed to PSTN network or VoIP network depending on what digits you dial 133 DSL ROUTER provides 2 FXS interfaces and 1 FXO interface FXO is connected to telephone line through which you dial up to Internet Normally the telephone line is multiplexed with both telephone signal and data signal If not filtered out by a splitter before entering FXO interface the incoming PSTN calls will be routed to FXS connected analog phone or other VoIP user You can use up to 2 analog phones each connected to one FXS interface The two are called endpoint and act as a independent role as IP phones To configure VoIP account for each endpoint please refer to SIP Basic Setting page In order to use the DSL ROUTER s VoIP function the first thing to do is to add some parameters through web pages that DSL ROUT
239. y Figure3 7 4 Access Control Services Setup 4 9 6 2 Access Control IP Addresses Click Access Control gt IP Addresses to show the following interface Access Control IP Address The IP Address Access Control mode if enabled permits access to local management services from IP addresses contained in the Access Control List If the Access validate IP addresses for incoming packets The services are the system applications listed in the Service Control List Device Info Advanced Setu f j Access Control Mode Disable Enable Wireless Diagnostics Management el IP Address Remove Settings System Log Internet Time Access Control Services IP Addresses Passwords Update Software Saye Reboot Figure3 7 5 Access Control IP Addresses overview If enabled permits access to local management services from IP addresses contained in the Access Control List If the Access Control mode is disabled the system will not validate IP addresses for incoming packets The services are the system applications listed in the Service Control List Click add to show the following interface In the interface input the IP address of the management station permitted to access the local management services and click Save Apply Access Control Enter the IP address of the management station permitted to access the local management services and click Savwe Apply Device Info Advanced Setup IP Address Wirel
240. y 3 3 Quality af Service wireless WMM Video Priority 4 4 Queue Config QoS Classification wireless WMM Best Effort 5 5 Routing wireless WWMM Background 6 6 DSL wir 0 Brink Goaior ss WMM Background 7 Fi Port Mapping wireless WMM Best Effort 8 8 Certificate Wireless PWC 0 8 35 1 9 J El Voice Management Figure2 8 8 4 QoS Queue Config overview NOTE Lower integer values for precedence imply higher priority for this queue relative to others For exampe add a Qos queue entry and allocate it to a specific network interface PVC 0 8 81 Set 81 integer values for queue precedence is 2 Step 1 Click add bottom to show following interface Device Info Quick Setup Advanced Setup WAN LAN Quality of Service Queue Config QoS Classification Routing DSL Print Server Port Mapping Certificate Wireless Voice Diagnostics Management QoS Queue Configuration The screen allows you to configure a QoS queue entry and assign it to a specific network interface Each interface with QoS enabled will be allocated three queues by default Each of the queues can be configured for a specific precedence The queue entry configured here will be used by the classifier to place ingress packets appropriately Note Lower integer values for precedence imply higher priority for this queue relative to others Click Save Apply to save and activate the filter Queue Configuration Status y Queue Queue Precedence X
241. yer frames will be BLOCKED except those matching with any of the specified rules in the following table MAC Filtering 7 Parental Control Choose Add or Remove to configure MAC filtering rules Quality of Service Routing WPI YCI Protocol Destination MAC Source MAC Frame Direction Remove si ALL PPPOE 00 13 20 9e 0f 10 LAN lt gt WAN Print Server Port Mappin ee dd Remove Certificate Wireless Yoice Diagnostics Management Figure2 8 8 2 MAC Filtering BLOCKED Add Config Complete 4 4 5 Quality of Service Many communication and multimedia applications require large high speed bandwidths to transfer data between the local network and the internet However for many applications there is often only one internet connection available with limited capacity QOS Quality of Service divides this capacity between the different applications and provides underlayed continuous data transfer where data packets with higher priority are given preference Click Quality of Service to show the following interface Under Quality of Servcie there are two network share mode Queue Config Qos Classification Quality of Service QoS for networks 1s an industry wide set of standards and mechanisms for ensuring high quality performance for critical applications By using QoS mechanisms network administrators can use existing resources efficiently and ensure the required level of service without reactively expanding or over provisio
Download Pdf Manuals
Related Search