Pre-WiMax Multiband Dual Radio User Manual
Contents
1. 2390 204 Me M LH 09 soU Du LTS sao 1921 16622 099 mo 79 PY TES o l O TOL SD 188 292 92 236 Zo 22 800 PACKETS 228 240 2 Ol PEPOE SRC o X x X X x 16 Firewall and port forwarding The advanced firewall and port forwarding section of the advanced gt scripts menu allows you restrict access to certain network services and forward tcp and udp ports across firewalls and nat systems The firewall and port forwarding configuration is a text file consisting of one command per line Comments can be added after the sign The firewall can act on packets based on the following criteria Source IP address cm LIT ee Services m mu routing EE configuration notes ip accounting Static arp Static eezee client 802 1d bridging pcmcia irq options dns server list connection tracking setup connection table size ntp and timezone setup remote syslog setup display system log e Destination IP address lt G42 3 F e Source TCP or UDP port number 3 scripts cbq firewall nat static arp Destination TCP or UDP port number i Whether the packet is coming in or out 2 advanced firewall and port forwarding e Whether the packet is traversing a specific 3 and static nat 12. networking configuration and is invaluable if you ever have to redesign your IP layout and some customers are not using DHCP virtual distribution system ivds set 002 1g virtual lan vlan setup bptp client setup dhcp client information si jji pu jji nl te Sips 2 pi y jji p n upin aS eeZee configuration will put a client onto the network even if they have hard coded their TCP IP settings 1 ip assignments 2 interface features To configure eeZee client configuration go to the interfaces menu select the wireless interface you want eeZee to function on and finally select configuration active lease view e Limit to one IP per MAC address should be checked x e he Gateway for eeZee clients is an IP tH D address that will be used as a default First ip for client use gateway Number of ips The First IP for client use is the starting range of IP addresses that wil be Interface wpcii assigned to individual users e The number of IP s is the amount of addresses that should be used for eeZee client NOTE The IP Addresses you enter in must not be used anywhere else on your network otherwise routing and assignment conflicts may occur Click OK to exit and enable eeZee client configuration outing advanced hotspot the Interface virtual distribution system vds set 802 1q virtual lan vlan setup From the inte
3. 54 Mbps 6 2437 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 802 11g Turbo OFDM 108 Mbps 7 2442 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 8 2447 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 9 2452 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 10 2457 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 11 2462 802 11b CCK 11 Mbps 802 119 OFDM 54 Mbps 36 5180 802 11a OFDM 54 Mbps 40 5200 802 11a OFDM 54 Mbps 42 Turbo 5210 802 11a Turbo OFDM 108 Mbps 44 5220 802 11a OFDM 54 Mbps 48 5240 802 11a OFDM 54 Mbps 50 Turbo 5250 802 11a Turbo OFDM 108 Mbps 52 5260 802 11a OFDM 54 Mbps 56 5280 802 11a OFDM 54 Mbps 58 Turbo 5290 802 11a Turbo OFDM 108 Mbps 60 5300 802 11a OFDM 54 Mbps 64 5320 802 11a OFDM 54 Mbps 149 5745 802 11a OFDM 54 Mbps 152 Turbo 5760 802 11a Turbo OFDM 108 Mbps 153 5765 802 11a OFDM 54 Mbps 157 5785 802 11 OFDM 54 Mbps 160 Turbo 5780 802 11 Turbo OFDM 108 Mbps 161 5805 802 11 OFDM 54 Mbps 165 5825 802 11 OFDM 54 Mbps 32 Regulatory Country Codes These two letter codes can be entered on the Atheros configuration dialog to enable certain bands for that country Country codes can be used on cards with Regulatory Type RT ALL COUNTRIES as shown in the regulatory information box NA NO COUNTRY SET AL ALBANIA DZ ALGERIA AR ARGENTINA AM ARMENIA AU AUSTRALIA AT AUSTRIA AZ AZERBAIJA
4. 6 DII TIIL90 00000000500000000 2000000000000 4 fa 11111110 00000000 00000000 00000000 254 0 0 0 2 A 8 DIIILILIJ000900000 000090000500000000 12552405040 1A 79 LIITILII I0000000 00000000400000000 255412984040 128 B 10 IEZIILLITISTIO00QODUOJIODOODOODIOUOOOUDOUDr 2552192 x04 64 B ud IITITIPTLIISJITIO00900 000090005400000000f 1205534224 50 2 XB 11111111 11110000 00000000 0900000000 255240200 16 B 33 IITITISITITTITTQOO 90000000500000000 22550249 5 040 8 B 14 IlIIXILDIITJLITISTUOOO0O0DOOQSO00000000 255 952 00 4 B 15 LIDBITIIIIHILITTIETOSJ000000005 00000000 25 5525 4 201 0 238 16 LITXIDLDPILLIDEIIDPELIIDUODODODOO0QQU0DOD 295 1 B FL PTT TPT TT T 22550455 0280 129 6 rig Shi Su Shah 1565000050 6000550 2559259219230 64 C ee l TT 251 b 2S 22525220730 22 25 720 LITITITJILITITILLITLDIXLDLOSOQQGOUOUDODOO 1250429934040 IG eC OOOO OOO 2299 2299 24 uU 9 C 22 T PTT Py bT OOOO OOOO 4 C 23 TITITITTITTTARDBITT S LITITTITOSOUOOO0UOD 2 45 24 T del 505920949930 525 T dy hee ST a hu P bhi b 2 OOOO OOO 22 9 92 010 9 226 i h Pl T de li OO 727 T AU 20522555224 28 VILED ALITE 31 pala ol T OS O 28067 On 0 24 T2 TP do toi 30 i D PA Ts We ea Ps HW Ke Ps ob kiq POOP hO O ON 52227 31 Fs ed Es i
5. X MM W W X W MM MM X X MM X X X Xx X X W W W X X X W KM X W X KM W X X 292 2199 557 NIE dod 5232 s 15519 s EET dod mE HE 99 201522 4210 3 aZ 1 add iy ale 22412 22 EASD 2 9 4240 5 291 S290 Pozar s two bit tm 4 brit gt gt mn OV O1 Pa O O O js redo OO F O O O O 3 53 cL O O O O O Younker s tables OOOO OOO C5 O O O O O O O O addressing FALA C O O O O O rnc D OOO C5 O O O O O O O O PPE O O O O O O O O Here s a table showing the relationship between the notation the byte notation and the corresponding binary numbers with a dot every eight digits for the 32 bit addresses I ve thrown in a count of how many Class A B C networks the larger networks encompass Notation Binary Byte Notation Class 0 00000000 00000000 00000000 00000000 0 0 0 0 256 A 1 L090000004000000900 00000000 00000000 1295000 128 A 2 11000000 00000000 00000000 00000000 192 0 0 0 64 A as L110000900 70000090005000000005000000001 229 0040 32 A 4 11110000 00000000 00000000 00000000 240 0 0 0 16 LIIII000000000004 00000000400000000 246505050 8 A
6. The forward command can be used to redirect traffic to another system This could be used to redirect clients to a caching proxy server to reduce bandwidth on your Internet feed or to have a service available to the Internet on a different port number not attached to the server itself Variables The not pronounced not not exclamation mark boolean operator can be used in conjunction with variables to setup flexible firewall and forwarding rules For example Multiband Radio is preconfigured to allow access from 127 0 0 1 the system s local address to the services using ports 791 801 admin ip 127 0 0 1 ie 64 124 65 19 or 64 124 65 0 24 for the entire class C Sadmin ip to any 791 in ldeny tcp from Sadmin ip to any 792 in ldeny tcp from Sadmin ip to any 793 in W LAN Device statistics ldeny tcp from admin ip to any 794 in System ARP Table ldeny tcp from ldeny tcp from Sadmin ip to any 795 in Active Routing Table CBO Report Firewall and NAT Report ldeny tcp from IP Accounting collection ldeny tcp from Results from previous IP Accounting Web based user management Sadmin_ip to any 800 in Sadmin_ip to any 801 in ldeny tcp from T Sadmin_ip to any 10000 in Instead of changing each and every one of these lines to give access to your account system you can simply change admin_ip to the IP address of the server Remote logging Multiband Radio supports
7. AS 1 706 Me eo O DOM a quedo ME Soke 2 AE ON qu Ke 06 DO qo qu SES b JD qb 223 C t a uL Pl DON OE qp qu quU pou QE QE sC do IN LO b qi 215 255 755 755 757 qud TW b h p h kl ppp 64 subnets LOW IP HI IP Mo cuc S WD e ES 7 x v0 PO OR SM UK dto qe 5 122 P qe Ub MES pO 100 ENS OR SS IAS LOU UO ONE Xk 24 2 225 271 X 30013065 2 0 Uo qu DNA 05 e 259 aao T pO qu ONE 3 44 OP QE qu gt debe HU qo qe SD EID Kg 00 250205209 4528 qu red oie X X X 64 362262726257 qb Qu S pae uu M SC dtu NV s TO Qe ZO UD OU N 290030200 ED DN db Xela AC gt 00 pO que eB MOS costo sco TT Xe LOS pee area a QNS P de No dea Er xax RS LL 10 NS ka Les 308015922 2 XKX e DAL 144 Mike 48 RO dO IE DoD Qo QUE x Kx 164 aT E gt M 21700 NS Ux DO qe Noo 51 22 Xk xk 204 pae QE LIG 220 NAI 224 XiX 2 29 Mi dO Ko o ZS6 gt ee XXe Xr 45 diode dE s 5 net mask LITLI 2200 X X X W X X W KM X W MM MM MH X MM WX X x W X X
8. PUL Dp Dee du ud um 32 TL ol TT TS As P oku Siak us bi 924 982219 9 5 5 Here s an example of how to get from the binary number 11000000 to the decimal number 192 11000000 gt 128 1 64 1 32 0 16 0 8 0 4 0 2 0 1 0 128 64 0 0 0 0 0 0 126 64 192 Another example 10000100 gt 128 1 64 0 32 0 16 0 8 0 4 1 2 0 1 0 0 128 128 4 132 0 0 4 0 using an arbitrarily chosen binary number 37
9. and password are entered the configuration screen will appear System Configuration file wireless interfaces routing advanced hotspot services system Network system Time System Uptime swap Memory System Memory m 4 53 Tan T H rt J p ct th ot spt g Qual Signal Noise Rate Freq Mode k u d A TAS PC Xi Hed pus 5260 ap rimode Alt xX Exit CPU Load 4 9 WRAP Edition v2 01 7 build 4636 This is the main display lt provides a heads up of the system s current status including memory usage CPU utilization active services and network usage The top of the screen has several menu options that are used to configure and manage the system You may navigate the menus using either your keyboard or a mouse If you are using an SSH program such as Putty For Windows or an X Term For Linux you can navigate the menu system using your mouse Several hot keys are also available in the main screen and throughout the Multiband Radio interface e F1 F10 will display list of users currently associated with each Wireless interface on your system For example pressing F2 would display associated users on the second Wireless NIC F9 brings up the kernel message log This displays low level information about the system and is useful for debugging e F10 will activate the file menu Using the keyboard Please note
10. be able to give you a hand Here are some commonly known issues and their resolutions Problems booting up with older motherboards or certain brands of PCMCIA adapter Some users have experienced difficulties using newer PCMCIA adapters in older systems or certain brands of PCMCIA adapter such as cards based on the Action PC750 adapter Multiband Radio has a special PCMCIA configuration that may alleviate these problems Care must be taken when adjusting these settings as you may render your system unbootable ili jhi ES I TD IEEE CHITI adapers that require special consideration Changes will take effect next reboot Pel Only IRGs Hay help some Actiontec PC750 adapters PCI amp ISA IRQs Older systems with PCI adapters The network is to slow If your network was working fine before the chances of a slowdown being caused by Multiband Radio are very slim We suggest you check that e You are using CBQ Bandwidth limiting to prevent one or a handful of users from using all of your available bandwidth e That any sporadic or marginal links to customers are resolved A customer with a marginal link may be causing your AP to re train to a slower speed affecting other users on the network o You may want to lock the speed of your AP to 5 Mbps to keep off users incapable of maintaining a strong enough link 30 Tables 802 11b Frequency Range 2 400 2500 MHz Center F
11. if you want to provide a new user signup page for example The client white list specifies MAC addresses of clients who will never be captured by the portal These addresses will have complete access through your hotspot regardless of whether they have a username and password Providing a new user signup link on the hotspot login page First add the IP address of the website that hosts the new user signup page For example if you your website IP address 192 168 5 100 then you would add 192 168 5 100 into the hotspot gt hotspot whitelists gt server whitelist setup screen Giving yourself free reign on the MAC address You might want to give yourself unfettered access to the hotspot s you are setting up Just add your MAC address to the client whitelist setup Each client listed will not be prompted for a hotspot login and will have unrestricted access to the ced BEBESHBEEN services network Add one MAC address per line Up to 255 are supported system 1 configuration radius setup 00 02 2D 32 54 A4 2 client whitelist setup 3 activate whitelistsa 26 Setting up eeZee configuration routing advanced hotspot eeZee configuration is a special option supported by Multiband Radio that enables clients to access the network regardless of their IP settings This is especially useful in hotspot environments where users may have any sort of
12. remote logging to syslog hosts sys og is a Unix and Unix flavoured logging daemon that comes with most variations of Unix including Linux and FreeBSD To configure Multiband Radio s syslog relay go into the services menu gt remote syslog and select configure service J Disabled Select Load service on boot so that logging will continue after you reboot the system See skis Sse bare 192 168 1 254 Enter the IP address of the remote syslog server Configuring syslogd Most Unix variants including Linux and FreeBSD ship with syslogd the system logging daemon You may wish to keep Multiband Radio logs separately from the rest of your main logs Most syslogd s can be configured to log messages from specific hosts Please consult the syslog conf man page that ships with your operating system A free syslog service for Windows is also available from http www winsyslog com en 18 Monitoring traffic Multiband Radio has several monitoring tools you can use to view the current activity over any network interface in the system Traffic Monitor The traffic monitor displays current TCP and UDP sessions on the particular interface mj 4 wmb romb netkrom com Connections 5ource Host Fort 168 1 AP E lo 2 168 1 1685 1 Active ICMP echo req 60 bytes from 10 0 ICMP echo rply 60 bytes from 192 ICMP echo req 60 bytes from 10 0 ICMP echo rply 60 byte
13. review me I ve never gotten it to work 27 Setting up a VPN Server USING PPTP eu PERF xa o UH Uo 28 Sello UP a PPPOE Servel pott 29 Trouble petunt te tS 30 Problems booting up with older motherboards or certain brands of PCMCIA adapter 30 THE NETWORK IS tO SIOW a e 30 PH 31 802 11b Frequency Range 2 400 2500 MHZ J J J 31 S802 TT Channels E aa saam kus 32 Regulatory Country Codes J Q SUE 33 Netmask uuu uuu suu unan asus kawi Rn 34 General Overview System Types Multiband Radio product line can be used for a variety of applications Features Acts as a Client unit which enables the end user to access the Internet connection from more than one machine with either standard or NAT IP addresses Acts as an AP Access Point unit which allows wireless connections and routing on the ISP side of the Internet service Acts as a Router with the following services Routing NAT DHCP Firewall and Bandwidth Control Each interface can contain up to 255 IP addresses with the ability to enable disable and add comments to each one One interface can be selected to be conf
14. 1 ip mapping network interface 4 activate script changes Allowing By default Multiband Radio is configured to allow traffic from anywhere to anywhere with a few exceptions You may find it necessary to restrict all traffic with only a few exceptions to one of your sub networks such as a commercial VPN customer or a sensitive accounting network The allow command is used to explicitly allow traffic through Some of Multiband Radio s built in services such as IP Accounting are configured to deny traffic If you wanted to allow your accounting server 192 168 1 3 to collect statistics you could add the line allow from 192 169 1 5 Co any 000 Denying This will specifically deny a certain type of traffic A popular and present in the default installation of Multiband Radio rule is to deny all TCP and UDP traffic destined ports 135 coming in from the Internet via snel ln Via net RPC port RPC port used by many worms used by many worms deny tcp from any to any 135 deny udp from any to any 135 Another common rule is dealing with a person on the Internet who is causing problems for one of your clients deny top irom 12 129 23 16 to I927 108 2 154 via Smet Logging Firewall logging can be done to a remote syslog server using the log command Example Logd toes from any to 152 165 S 31337 Would log all TCP packets going to the 192 168 3 1 network destined for port 31337 17 Forwarding
15. 12 Enhanced Features X Bursting X Compression A Hide 5510 B X InterB55 Relay X Fast Frame Network Type Operating Mode Station auto Access Point 802 11a 802 145 ELE gt gt ESSID BSS Channel Transmit Rate Country Code TX Power Override Network Type Operating Mode 108Mb Turbo The name of the Wireless Network The channel or frequency for this network card to operate on Refer to the Regulatory Information window for a list of channel numbers and their respective operating modes or refer to the 802 11 Channel List The speed in Mbps this card should operate at Specify auto to have the card select the best rate based on connection quality Specifies the regulatory region that the system is operating in Please refer to the Regulatory Country Codes table for a list of supported regions Override the card s default power output Valid values are 1 to 30 dBm Sets the card to act as either an Access Point or a Station which connects to an access point Ad Hoc is presently not supported This determines what protocols the card will operate in By default auto mode is enabled 11 Setting up as a Client CPE device When configuring Multiband Radio on a client or CPE device you should only need to change the following settings 1 The SSID should be set to the same name as the Access Point you are connecting to 2 he Network Type should be s
16. 255 255 255 128 25 100000060 2 subnets LOW 2 7 4 QN NN ES x qb UO p ds Netmask 255 255 2b55 19 V26 ClITTILTLTITTITITIJT TITTITTTITTLTXITOOSOQO0Q 4 subnets 25255 md om do OS Sot gt Netmask 255 25542009204 23 2121900000 9 subnets sC do NUI P pde X X X 64 sS A Sree be 96 Moke 1 x x x 128 Se QN quA SS Soke 260 E ON ara 0 NX XV 224 D qb Wb 220 Netmask 2552255 255 220 29 OLDITILZILLTIULITPELUITEITILPLITLSIDIXOOD 16 subnets Kis Lu qo miku K m u 1 6 Jo que Oe ul be dm quU Mara 1 s qo qu 3X 7364 5 04 P Eo qe PA QN SU Mem e NEP ES xx TTL Noct D TY Jo qu MINAS xoxo c leone Kak 150 a ce TE p Ob a VERI NO HE qo eR MESI x20 7204 19 2 De qu quA PN lt qo SESSEL P 1 QE NEUES Macc CULA B 2502255 55 55 25b 240 720 Cla Lids 11000 32 subnets X SC Xe LG Mg X 230030 2 4 DURO OD MS S 261552254522 5 dep di s X 36 x VD y qo EP 34 KXK AB as SIE OR QE 4 Xu e P que qub qM ES NOUO dois 96 SS ub NN ey de ta Bone xx dup Si dO IPS Secus po Op QNA Xa ecd Xk 1 36 13 X X x 144 SU ATEM ON OM SD NS UR 617 DI MO eA
17. N BH BAHRAIN BY BELARUS BE BELGIUM BZ BELIZE BO BOLVIA BR BRAZIL BN BRUNEI DARUSSALAM BG BULGARIA CA CANADA CL CHILE CN CHINA CO COLOMBIA CR COSTA RICA HR CROATIA CY CYPRUS CZ CZECH REPUBLIC DK DENMARK DO DOMINICAN REPUBLIC EC ECUADOR EG EGYPT SV EL SALVADOR EE ESTONIA FI FINLAND FR FRANCE GE GEORGIA DE GERMANY GR GREECE GT GUATEMALA JO JORDAN KZ KAZAKHSTAN KP NORTH KOREA KR KOREA REPUBLIC K2 KOREA REPUBLIC2 KW KUWAIT LV LATVIA LB LEBANON LI LIECHTENSTEIN LT LITHUANIA LU LUXEMBOURG MO MACAU MK MACEDONIA MY MALAYSIA MX MEXICO MC MONACO MA MOROCCO NL NETHERLANDS NZ NEW ZEALAND NO NORWAY OM OMAN PK PAKISTAN PA PANAMA PE PERU PH PHILIPPINES PL POLAND PT PORTUGAL PR PUERTO RICO QA QATAR RO ROMANIA RU RUSSIA SA SAUDI ARABIA SG SINGAPORE SK SLOVAK REPUBLIC SI SLOVENIA ZA SOUTH AFRICA ES SPAIN SE SWEDEN CH SWITZERLAND SY SYRIA TW TAIWAN TH THAILAND TT TRINIDAD amp TOBAGO TN TUNISIA TR TURKEY UA UKRAINE AE UNITED ARAB EMIRATES GB UNITED KINGDOM US UNITED STATES UY URUGUAY UZ UZBEKISTAN VE VENEZUELA VN VIET NAM YE YEMEN ZW ZIMBABWE 33 Netmask Table Ne tmask 255 255 2550 2247 41741717115 PET 151000000007 1 subnet LOW IP HI Netmagsk
18. Pre WiMax Multiband Dual Radio User Manual Website at http www netkrom com v1 13 Ene 06 Table of Contents General uu a m a Qa ai ee 4 i a Ce uhu E de CUR MU EUR 4 hioa 4 Quick Stan GOOG uu masmapi n M 5 5 IESE LOGIN eer 5 USING TNE Qusqu buka ayway 7 A note about making saving and activating changes 8 Changing the Admin PaSSW0I d uu uyu u uu u ua ahay aga mu 9 Updating M ltiband Radi asa 10 Wireless Network Configuration J 11 Setting up as a Client GPE devie a Saa iu 12 IP Address Configura ON sp uuu uu aa a 13 Assigning IP addresses to your users 14 DING ee 14 Statically assigning IP addresses using DHCP J J J 14 Configuring a DHCP Telay SerVIC uu u a Waa
19. a Aa a a Ea 14 NAT IP MasqQueradi g uu Rm 15 Configuring IP Masquerading and Forwarding J 15 IP AC60lII Iingu u 16 Firewall and Dort forwaldlg u ue 17 EM 17 meet 17 LOC ec 17 ula AVANO ees M 18 VaridDIGSu 18 FRONIOTS logg gx uuu 18 Sy un sau 18 au m W Sau ass 19 Tralie MONON Z EE 19 Traffic SUAS ICS d asa eel 20 UGD ICD sau aa aaa Saa 21 Packet Size COUNTS 22 Lan StationiYioBIlori nguy u uy y u ul Elo aaa 23 Selig uba HolsBOl unukuna Ea P 24 THe FIOTS DOU Men uu uu EE 25 Advanced Hotspot Feat CS ee 26 Providing a new user signup link on the hotspot login 26 Giving yourself free reign on the MAC address 2 222 26 Setting up eeZee configuration someone
20. et to nfrastructure or Station if you are using an Atheros device If you are connecting to an Ad Hoc network set the Network Type to Ad Hoc IBSS Please note that Ad Hoc is not supported with Atheros IP Address Configuration You will need to assign an IP address to each Network interface Ethernet and Wireless in your Multiband Radio system Your Internet Service Provider may have provided a range of addresses for you to use If you do not have IP addresses from your ISP you can also used addresses out of the Private Internet Address Space 10 0 0 0 10 255 255 255 10 8 prefix 172 16 0 0 172 31 255 255 172 16 12 prefix 192 168 0 0 192 168 255 255 192 168 16 prefix By default the first Ethernet adapter in your Multiband Radio system will be configured to use the following settings e IP Address 192 168 1 1 e Netmask 255 255 255 0 e Default Gateway none IP Address settings are configured from the interfaces main menu From the interfaces menu select the network interface to configure and then choose the ip assignments option A list of IP Addresses on the Network Interface will be displayed From here you may Create Remove Edit or Enable Disable an address e Addresses listed with beside them are Disabled This can occur for a variety of reasons o The Address is already in use by another system on the network o he address may be configured on another interface in the same Multiband Radio syste
21. eters o Domain Name foowireless net o Name Servers 192 168 1 254 and 192 168 1 253 o An address from 10 0 0 10 through 10 0 0 100 o A default router address of 10 0 0 1 13 Statically assigning IP addresses using DHCP Some customers may need a static IP address for example they may run an Email or Web server You can do so by adding a configuration block similar to host customers name foowireless net Your customer s MAC address hardware ethernet 00 4F 4E 0D 12 FF IP address to assign not part of dynamic IP group above rixed address 10 0 0 200 to the dhcp server s configuration file Configuring a DHCP relay service The DHCP relay service is used to forward DHCP requests from D your clients to a DHCP server somewhere else For example you may have a many access points that provide connectivity to D Load service on boot your clients but you run a single central DHCP server To configure the DHCP relay server select configure service stan HE merver Address from the dhcp relay server menu under services opecify Load service on boot to have the service start at bootup EN SN ies time and enter in the IP address of your DHCP server DS IEGIISSS NAT IP Masquerading All hosts on the Internet must use internet routable IP addresses This let s other hosts on the net send data back to you IP Masquerading provides a mechanism for relaying a packet from your private network ou
22. for the system is 192 168 1 1 You can interface with the device by connecting to your computer via the Ethernet port You will require a SSH client in order to access the user interface PuTTY a freeware SSH client is available for download via a link on our customer support page http www netkrom com putty exe Execute the putty program In the Host Name or IP address box type in the default IP address 192 168 1 1 Make sure that the SSH radio button is active Save your session and then click the Open button s PuTTY Configuration 3 Session Basic options for your Pu T T Y session Logging B Terminal Keyboard Specify your connection by hast name ar IP address Host Mame or address Port Bell Features E Window Appearance Behaviour Translation Protocol Raw OQ Telnet Rogn 9 SSH Load save or delete a stored session Saved Sessions Selection Colours 3 Connection Proxy Telnet B SSH Tunnels mg N Close window on exit Bugs O Aways Never 9 Only on clean exit Cancel The following instructions for the User Interface are for both methods of connection In order to make changes you will need to login to the device using admin as your username and 1234 as your password You will be able to change your password once you enter the configuration utility login as admin Sent username admin admin 192 168 1 1 s password Once the correct username
23. heir MAC 1 configuration radius setup mE a 4 edit hotzpot pages 5 restore factory hotspot pages hotspot session list The default CBQ rate is the speed at which your customers will be able to transfer data through the hotspot The session timeouts determine how long a user can stay idle for after which the user is logged out of the system and must re enter their username and password Maximum session time determines how long a user can stay logged in at a time The hotspot uses any radius server to authenticate users with and shares the same radius profile as the PPtP and PPPoE services If you don t already have a radius server on your network Multiband Radio has one built in See the chapter on User Management for more details routing advanced hotspot 202 19 virtual lan wlan setup phth client setup dhcp client information L 1 ip assignments l li gten ta pppoe 3 enable eezee client na 4 enable dhcp auto auth 5 enable dhep client Once you have configured the core hotspot system you must tell each network interface to listen to hotspot requests This is done from the interfaces gt interface name gt interface features menu 25 Advanced Hotspot Features The hotspot supports both server and client white lists A server white list specifies IP addresses that un authenticated users may visit This is particularly useful
24. igured by DHCP Bandwidth shaping based on IP and or Protocol with optional Auto Fallback Firewall scripting interface provides the ability to set up and protect your network in no time Up to 255 static routes are supported ability to enable disable and add a comment to each route Full support for the 802 1d Spanning Tree Protocol Ability to set up large amounts of static and dynamic NAT rules Support for 250 simultaneous wireless station associations Signal Strength Meter for easy client antenna alignment or signal level troubleshooting Ability to monitor both noise level and connection rate for each link to the AP Ability to monitor each client s MAC address and assign a name for easy tracking Monitor last used IP address so you can see in an instant what IP your customer is using RX and TX data transfer statistics for both Ethernet and Radio interfaces Remote firmware Upgrade DHCP server with the ability to group manage and assign IPs dynamically or statically DHCP Proxy to forward DHCP requests to a remote DHCP server SSH v2 server is provided to allow for remote configuration of the server Remote Report Viewing via telnet ports of system specific information Eezee configuration Captive Portal web login hotspot RIP OSPF and BGP4 routing PPPoE PPTP Tunneling protocols Radius server and authentication for PPPoE PPTP and Hotspot authentication Quick Start Guide User Interface First Login The factory default IP
25. l1 Port Number Total Packets Total Bytes Packets to or packets coming into the interface Bytes to or bytes coming into the interface Packets from or packets sent from the interface Bytes from or bytes sent from the interface The protocol display is particularly useful in diagnosing network problems that may be caused by excessive use of a particular protocol such as Kazza or another Peer to Peer application 21 Packet Size Counts This allows you to gauge the use of your system 1 general lots of small packets will result in lower system throughput The radios have a specification called packets per second and it does not matter whether the packet is small or the maximum size Therefore a system that is passing predominately small packets will pass less traffic than a system with large packets The packet size monitor displays counts based on size of packets traveling through the interface wmb romb netkrom COM u 1 We wei et 22 Lan Station monitoring The Lan Station monitor displays Packet IP packet and Byte counts To and From each station on the local area network Statistics are aggregated to each user s MAC address not IP address 2 wmb romb netkrom com a kuku ee F F Pun 1 Up Down PgUp PgDn scr 23 Setting up a Hotspot A captive portal i
26. m o You manually disabled the address En Dis able Ethernet Bridge Number 1 9 U disabled When editing or adding an address a dialog similar to the one below will be shown Enter the IP Address the Network Mask and an optional comment pu iri EM etwork Mask eg 255 255 255 0 Kr MZ MDC NER Assigning IP addresses to your users Using DHCP DHCP Dynamic Host Configuration Protocol is a system that hotspot BEBENSEESE system allows client systems to automatically configure themselves on a TCP IP network i dhcp server gt 1 bootup settings Multiband Radio ships with the ISC DHCP server The DHCP server is configured from the services gt dhcp server gt modify service activation The DHCP Server configuration is a text file A comprehensive list of configuration commands is available from http www bcwireless net misc dhcpd conf html 1 Set your domain name using the option domain name command 2 Setyour DNS servers using the option domain name servers command 3 Define the subnet s you wish to service with DHCP 4 Configure the DHCP parameters to be handed out to clients Example option domain name domain com option domain name servers 192 169 1 254 192 168 1 253 subnet 10 0 0 0 netmask 255 255 255 0 range IL0 0 0 10 20 020 00 option routers 10 0 0 1 by This configuration will automatically configure client computers to use the following param
27. on Mode Both Forward only Local only TCP Port to collect current IPs ININ X Himic HTTP ele dolre ee i ee ee jie eta Eleg 01 Limit to this number of IPS between collection periods ta help protect against possible Dos IP flood attacks Check off Enable IP Collections to enable accounting e Check off Format for easy reading to display the records in a human readable format e Set collection mode to Both if you want to account for all traffic Forward Only to display accounting for packets that are routed through your system or Local Only for traffic within your network e TCP port to collect current IP s is the TCP port number that Multiband Radio will display current accounting activity on e The TCP port to collect previous IP s is the TCP port that Multiband Radio will display older accounting data on e he Mimic HTTP option has Multiband Radio act as a web server Enabling this option allows you to view the summary using a web browser or a command line tool such as curl which can be used to integrate Multiband Radio s accounting into your existing system 15 Here is an example of Multiband Radio s IP Accounting output SOURCE DST zd gs 209022709 409 204 204 2045 205 204 204 10 204 49 2905 ao 49 JL cl 92529 p TOS Qu d r9 08 me PN DESTINATION 204 204 1522 204 204 204
28. ort Filtering that define which packets to let in and which not to You want to protect your internal network by filtering packets through a set of firewall filtering rules Configuring IP Masquerading and Forwarding The assumption being made from this point on is that you have your two network devices working properly Your inward facing NIC e g eth0 is connected to your internal LAN and you can ping the Multiband Radio from all the workstations on your home network Your outward facing NIC e g wpci1 is connected to your via a Station Server Multiband Radio or other AP device and you can ping the Multiband Radio from a location external to your local network In order to route or forward network packets from your inward facing device to your outward facing device and vice versa you must modify the configuration files under the Advances section in both the Nat and Static Nat and Advanced Firewall and Port Filtering sections following instructions included in those files IP Accounting Multiband Radio can keep track of the number of Bytes and Packets transmitted and received for hosts on your network IP Accounting will present you with a summary based on source and destination IP address that can be retrieved using an HTTP client or a custom tool that you have written yourself To configure IP Accounting select the ip accounting option from the advanced menu X Enable IP Collections 1 Format for easy reading Collecti
29. requency chart Channel ID FCC ETSI France Japan 1 2412 2412 2412 2 2417 2417 2417 3 2422 2422 2422 4 2427 2427 2427 5 2432 2432 2432 6 2437 2437 2437 7 2442 2442 2442 8 2447 2447 2447 9 2452 2452 2452 10 2457 2457 2457 2457 11 2462 2462 2462 2462 12 2467 2467 2467 13 2472 2472 2472 14 2484 Channel Selection As each DSSS channel is 22 Mhz wide the best channel selection without overlap would only give you 3 usable channels in most cases you can use 4 channels with overlap Best Channel Selection Possible Channel ID Center Bottom Top Width Frequency 1 2412 2401 2423 22 Mhz 6 2437 2426 2448 22 Mhz 11 2462 2451 2473 22 Mhz Usable Channel Selection Channel ID Center Bottom Top Width Frequency 1 2412 2401 2423 22 Mhz w Overlap 4 2427 2416 2438 22 Mhz w Overlap 7 2442 2431 2453 22 Mhz w Overlap 10 2457 2446 2468 22 Mhz w Overlap 31 802 11 Channel List This is a list of channels used by 802 11 a b and g devices These channels may be entered into the Atheros configuration page Channel Frequency Operating Mode Modulation 1 2412 802 11b CCK 11 Mbps 802 11g OFDM 54 Mbps 2 2417 802 11b CCK 11 Mbps 802 11g OFDM 54 Mbps 3 2422 802 11b CCK 11 Mbps 802 11g OFDM 54 Mbps 4 2427 802 11b CCK 11 Mbps 802 11g OFDM 54 Mbps 5 2432 802 11b CCK 11 Mbps 802 11g OFDM
30. rfaces menu select the wireless interface DDtp client setup to enable eeZee on go to interface features and select the enable eezee client option dhcp client information 1 etherl1 00 0D B8 02 FB 24 ips l bi l 1p assignments 1 listen to pppoe requests no 2 enable hotspot yes 4 enable dhcp auto auth o enable dhcp client no 27 Setting up a VPN Server using PPTP Ee isl ILA tail ze sy sin Enabled 10 1 Setting up a PPPoE server FJ i wmb romb netkrom com Seles file wireless interfaces routing advanced hotspot services system Access Concentrator Service Name PPPoE Bootup Enabled PPPOE Network system Ti Assign a default CBO rate to users System Up 1 Random ID T EGS IP Address Range 040 TES PPPoE Host IE itt IF 192 168 1 1 cl 5 Lasr IE From Gateway Device 192 166 1 Adjust MIU for VLANs MSS Clanp WESTEN CHAP X MS CHAP X MS CHAPv2 T Require MPPE Encryption I MPPE 40 MPPE 5S5 J 128 Auth Methods WRAP Edition v2 01 7 build 4636 29 Trouble shooting Are you running the latest stable release of Multiband Radio If your system is more than 6 months old please consider upgrading to the latest stable version before reporting a problem Likewise our support forums have many knowledgeable people who may
31. s from 192 ICMP echo req 60 bytes from 10 0 0 ICHP echo rply 60 bytes from 192 Bottom m O Elapsed time 0 01 44 on eth 0 2 on eth 0 44 on eth0 on eth 44 on eth0 0 2 on eth 0 r om h i cC Fa e e Pkts captured all interfaces 29 20 kbitas s Up Dn PgUp PgDn scroll M more TCP info W chg actv win 5 sort TCP X exit While in this screen you can Press W to toggle between Packet Byte count and current packet size and window size e Press S to sort by Packet and Byte count This is particularly useful for identifying which users are placing an extra load on your network In the picture above you see that the flow rate You see a connection between 192 168 1 23 and 192 168 1 44 with a constant packet size of 1767 19 Traffic Statistics The traffic statistics screen gives you an overall view of what protocols packet rates and throughput are going across a particular interface 25 wmb romb netkrom com 600 5 1 kbitz sec 0 packets sec ket 4 e c 2E rb TUA d n im 600 0 20 udp tcp monitor The UDP TCP Monitor displays a packet and byte count based on TCP and UDP port numbers You can sort the display by one of je wmb romb netkrom com E ET por fer t L Up Down PgUp PgDn scro
32. s a Web Browser based login system that forces your users to enter a Username and Password to gain access to the rest of your network in most cases a Captive portal is used to limit access to the Internet When a user associates to your wireless access point and tries to visit a website they are greeted with a login page similar to E Hotspot Login Microsoft Internet Explorer provided Compaq Address 1 204 50 0 178 url2d3d3LnMOvxIEb3Muvz98tL 2 Rv de25sb2Fkey5waHA Hotspot login Please enter your username and password to log in Ip 192 168 2 199 mac 00 02 2d 8b e4 77 If you are having problems logging in or have questions regarding your account status please do not hesitate to contact us Username Password head submit WEBSERVER Done dd Internet a Provided the user has a username and password with you they would simply enter in their information and the hotspot would allow them through to the Internet You could also provide a signup link by editing the hotspot login page to take them to a website with an account creation page for example 24 The Hotspot Menu The hotspot gt hotspot menu controls the system s hotspot core functionality including Enabling Disabling the iced ME services system hotspot system Assigning a default rate W lI to users e Session timeouts e Whether or not authenticate a user based on t
33. s and Settings Administrators Password Back Up Delete Modify Help Card Info Step 3 Select the AP that is going to be upgraded and select Firmware File to Upload to staros box click in the Firmware button A dialog box will appear Lookin Select the bin file to upgrade the AP C3 staros upgrade Radio system When the new firmware has been 5Pe jFmware files bin _ Cana uploaded you will see a message similar to Please select the Upgrade Firmware option to finish Step 4 The firmware will be uploaded to the Multiband hotspot services www Step 5 Login to the Multiband Radio system and select Upgrade 1 configure background color Firmware from the System menu You will be asked to confirm your decision of upgrading the existing software 2 update enter unlock key 3 change password Step 6 The software will perform a CRC check and automatically will update the firmware upgrade firmware Step 7 Reboot the machine for the new firmware to take effect 5 ssh client amp telnet client T mirror boot drive 10 Network Name B55 Wireless Network Configuration Atheros Wireless Mini PCI Modules ESSID 2 E Regulatory Information Channel Transmit Rate mbps Link Distance 0 35 miles Country Code g ie US Ix Power Override 0 30 dbm i Antenna i Antenna 52
34. selecting text with a mouse you will not see the selection until after the mouse button is let up e Whenever you make changes to Ethernet card setting Wireless card setting or any other settings routing DHCP NAT DNS etc you need to save and activate your changes before the services or settings will take effect A note about making saving and activating changes Any changes you make will not be made or saved immediately You must use the Activate Changes command located in the File Menu for changes to come into effect Likewise any changes you make will not be saved If the system is rebooted the changes will be lost You must Save Changes for your new settings to take effect the next time the system is rebooted All of these functions are located under the File Menu File Menu Save Changes Activate Changes Reboot Machine Exit Action This menu choice will save any changes that you have made t will NOT activate the changes This is handy for deferred activation during a maintenance window This menu choice saves and activates any changes that you have made This menu choice will ask if you wish to save any changes and then will reboot the system This menu choice will save any changes and then quit The changes are NOT activated on exiting Changing the Admin Password The admin password must be changed when you have logged in To do this select the System menu and choose Change Password ho
35. t to the Internet by encapsulating it in a packet with a valid public IP number Masquerading stuffs your local workstation s real private IP address inside the packet along with the rest of the packet s data and then puts a public IP address on the outside of the packet Hence your workstation s packet is said to masquerade as a packet with a valid IP address Private Inviard Facing Home Network Network Device Upstream Wireless Network Outward Facing Network Device When the Multiband Radio is being used as a CPE Customer Premise Equipment with the wireless card being the connection to the Internet via a Station Server Multiband Radio or other AP device The ethO device is inward facing to the home network and wlan0 device is outward facing to the Internet These two devices can be configured so that packets are permitted to flow or be forwarded from one device to the other However you don t want raw packets to be forwarded between the two network devices without intervention We want to process the packets as they pass through the router by using software that will masquerade our internal packets so they can travel to the Internet and then inspect the return packets and then relaying the packets to the correct PC on the home network 14 In addition you may want to inspect incoming packets for packets that shouldn t be coming in That is you may want to establish a set of rules under Advanced Firewall and P
36. tspot services 1 configure background color 2 update enter unlock key 4 upgrade firmware o ssh client 6 telnet client 7 mirror boot drive The software will ask for you to confirm the Change Password choice Once you confirm your choice you will be led through the steps of changing your password Please enter the old password Enter new password Again to verify Passwords changed press enter to continue Please be sure to save your changes under File menu Save Changes d Failing to change the admin password from the default of 1234 is a sure way of having someone tamper with your system Change it Updating Multiband Radio e New versions of Multiband Radio are released on a fairly regular basis To update the software you will need a copy of UtilStar available from http www netkrom com on the downloads page Step 1 Download the latest sis firmware update release from our website Step 2 Run UtilStar and fill the blanks with the appropriate parameters to establish connection with the wireless device Mu tiband Radio just do the following Edit 2 Preferences menu User Preferences Star 05 Devices File Locations Device Mame Save Frefences File prefs dat staros bos CAD ocuments and Settings ss amp dministrabar D a IP Address 192 1 Default Save Directory CAD ocuments and Settings ss amp dministrabar D n User Mame Delay admin 500 Putty Executable CAD acument
37. you may use a mouse to point click double click and select text but you can also navigate through the system faster by using these shortcuts e Alt differently colored letter will bring up the main menus e Menu options be selected by typing the red character o The arrow keys can also be used to select the appropriate menu choice 3 OULIDC LOLSDOU Services I configuration notes accounting Static arp Static eezee client 802 1d bridging pcmcia irq options dns server list connection tracking setup connection table size and timezone setup remote syslog setup display system log 1 IW LU CD 2 advanced firewall and port forwarding 3 nat and static nat 1 1 ip mapping 4 activate script changes Pressing ALT A 7 2 will bring up the advanced firewall and port forwarding screen e Esc key will close the active window and allow you to back out of menu choices e Enter key will choose the currently highlighted selection e When selecting text Ctrl K B will begin the text block You may use the arrow keys to move the selection area to the desired size e Ctrl C is the command for Copy is the command for Cut Ctrl V is the command for Paste and Ctrl Y is the command for delete line e When text is selected the key will delete the selected text e Because the user interface is text based when
Download Pdf Manuals
Related Search