BDS NS5000A Users Manual

DosaLink – 540 Wireless LAN IEEE

802.11 a/b/g Access Point User’s Manual

Version E.1.1

Copyright statement
No part of this publication may be reproduced, stored in a retrieval system, or
transmitted in any form or by any means, whether electronic, mechanical, photocopying,
recording, or otherwise without the prior writing of the publisher.

User’s Manual 1/73
Ver. [E.1.1]

Table of Contents

1. Introduction.............................................................................................................4

2. Features.................................................................................................................... 5

3. Specifications ......................................................................................................... 6

4. Exterior view............................................................................................................ 7

5. Installing the Hardware.........................................................................................8

5.1. Before Installing............................................................................................. 8

5.2. Connecting the Cables.................................................................................9

5.3. Configuration Information...........................................................................9

5.4. Factory Default Setting................................................................................. 9

6. Configure the computer for sharing the Internet ........................................ 10

6.1. Configuration for Windows 2000 and XP .............................................. 10

6.1.1. Obtain an IP address automatically for DosaLink – 540........... 10

6.1.2. Confirm and Renew the IP address ................................................12

6.1.3. Assign the static IP address............................................................. 13

7. Communication between user’s PC and the DosaLink – 540.................. 15

8. Connect the Internet via the configuration window of DosaLink – 540 16

9. Configuration the DosaLink – 540...................................................................21

9.1. ADSL (PPPoE) users...................................................................................21

9.2. Cable and VDSL Users ............................................................................... 22

9.3. Static IP Users ..............................................................................................23

9.4. Remove all the Network related Programs ........................................... 24

10. Network Connection Status..............................................................................24

11. Description the Menu of DosaLink – 540.......................................................25

11.1. LAN Setup..................................................................................................25

11.2.

11.3. Access Control.........................................................................................27

11.4. Port Forwarding........................................................................................ 28

11.5. Static Routing ........................................................................................... 30

11.6. System........................................................................................................30

11.7. Wireless Setup.......................................................................................... 32

11.8. nESA Setup................................................................................................34

11.9. Advanced ................................................................................................... 36

11.10. Wireless Distribution System (WDS)..................................................37

11.11. MAC Filtering.............................................................................................38

11.12. IEEE 802.1x................................................................................................ 39

11.13. Wi-Fi Protected Access (WPA)/ WPA2 (IEEE 802.11i).................... 41

11.14. Virtual Local Area Networks (VLAN) ...................................................43

12. Factory Resetting.................................................................................................44

Server..........................................................................................................26

12.1. Resetting via the Web.............................................................................44

User’s Manual 2/73
Ver. [E.1.1]

12.2. Hardware Reset........................................................................................ 47

13. Configuration via Console................................................................................. 47

13.1. Connection................................................................................................. 47

13.2. Status.......................................................................................................... 49

13.3. LAN Setup..................................................................................................50

13.4. WAN Setup................................................................................................. 51

13.5. Server..........................................................................................................55

13.6. Access Control.........................................................................................57

13.7. Port Forwarding........................................................................................ 58

13.8. Static Routing ........................................................................................... 60

13.9. Wireless Setup.......................................................................................... 61

13.9.1. Primary Setup ...................................................................................62

13.9.2. Advanced Setup............................................................................... 65

13.9.3. WDS..................................................................................................... 66

13.9.4. MAC Filtering..................................................................................... 66

13.9.5. 802.1x.................................................................................................. 67

13.9.6. nESA Key Setup............................................................................... 69

13.9.7. VLAN.................................................................................................... 69

13.9.8. WPA/ WPA2 .......................................................................................70

Appendix I: Abbreviations and Acronyms............................................................ 72

User’s Manual 3/73
Ver. [E.1.1]

1. Introduction

Thank you for purchasing the DosaLink – 540 Wireless LAN Secure Access Point
(AP). This User’s Manual will help you to configure and operate the DosaLink – 540
Access Point.

The other bands exept ISM Band, 5150~5250MHz, shall be used at only Indoor.

The package you have received contains the following items:

- DosaLink – 540 Wireless LAN IEEE 802.11a/b/g Secure AP

- 2 Antennas connected to DosaLink – 540 AP

- AC-DC Power Adapter, Ethernet Cable, and Serial Cable

- CD containing the User’s Manual

Note: if any items are missing, please contact your vendor.

FCC Caution: To assure continued compliance, any changes or modifications
not expressly approved by the party responsible for compliance could void the
user’s authority to operate this equipment.

This device complies with Part 15 of the FCC Rules. Operation is subject to the
following two conditions: (1) This device may not cause harmful interference, and
(2) this device must accept any interference received, including interference that
may cause undesired operation.

FCC RF Exposure Requirements: (Accoding as FCC Part 15.407(f))

The compliance with RF exposure requirements has been demonstrated for both
fundamental and unwanted emissions
This equipment must be installed and operated in accordance with provided
instructions and the antenna(s) used for this transmitter must be installed to
provide a separation distance of at least 20cm from all persons and must not be
co-located or operating in conjunction 20cm wth any other antenna or transmitter.
End-users and installers must be provide with antenna installation instructions
and transmitter operating conditions for satisfying RF exposure compliance.

User’s Manual 4/73
Ver. [E.1.1]

2. Features

 Enhance security of your Wireless Local Area Network (WLAN) with the initiation of

the nDosa Enhanced Security Algorithm (nESA
solution is applied to WLAN.

 Introduce the novel security key management system - LinkAuthentica

managing the security key of WLAN networks.

 Simple installation and configuration:

- Supporting Secure Socket Layer (SSL) Web management (https://).

- Easy to control user interface and display.

- Easy to configure network with regard to user network environments (driving

Dynamic Host Configuration Protocol (DHCP) onto LAN interface).

- Enhanced security over wireless link (The nESA

 Supporting Network Address Translation (NAT)

- Minimize the lowering throughput due to NAT by using high speed processing.

TM

). The novel concept of security

TM

TM

is set as default).

– for

- Up to 253 users may be able to share the network simultaneously.

 Strong phased security functions:

- The Firewall functioning of NAT is able to block an intrusion from any untrusted
external networks.

- By utilizing the Demilitarized Zone (DMZ) function, it can be served actively for
requesting outside information.

- The security policies can be established by using the Internet Protocol (IP)
Filtering and Media Access Control (MAC) Filtering functions.

- Complete WLAN security solution by using Wired Equivalent Privacy (WEP), Wi­Fi Protected Access (WPA), IEEE 802.1x, nESA, and etc.

- Supporting IEEE 802.1x Extensible Authentication Protocol (EAP)-Message­Digest algorithm 5 (MD5)/ Transport Layer Security (TLS)/ Tunneled Transport
Layer Security (TTLS).

 Three 10/100 Mbps Ethernet Ports.

- Cable Auto Sensing (Auto-Medium Dependent Interface Crossover (MDIX))

 Supporting Point-to-Point Protocol over Ethernet (PPPoE).
 Supporting various Network Protocols.
 Supporting Wireless Distribution System (WDS) and Bridge functions.
 Supporting Simple Network Management Protocol (SNMP) V1, V2.

User’s Manual 5/73
Ver. [E.1.1]

3. Specifications

WAN Interface

- 10/100Base-TX Auto Negotiation 1 Port (RJ-45) Auto
MDIX

- IEEE802.3af Power Over Ethernet

LAN Interface

Wireless LAN Interface

Reset
LED Indicator
Operation Environment

- 10/100Base-Tx Auto Negotiation 3 Port (RJ-45) Auto
MDIX

- IEEE802.11a/b/g

- Transm it Power:

less than 30 dBm (2.4GHz),
less than 30 dBm (5725~5825 MHz)
less than 17 dBm (5150~5250 MHz)

- Indoor : 70m , Outdoor : 300m

- Transmit Speed:1/2/5.5/6/9/11/12/18/24/36/54Mbps

Auto & Manual Selectable

- Factory Default Value

- PWR, WAN, LAN1, LAN2, LAN3, DIAG, WLAN

- Ambient Operation Temperature: 0ºC to 40ºC

- Storage Temperature: -10ºC to 50ºC

- Maximum Altitude: 3000m

- Relative Humidity: 90% Non-Condensing

Power Requirement

Dimensions
Protocol

Security

Authentication

- DC 5V / 2A

- AC 90 ~ 260 V, 50 ~ 60Hz

- W [ 190 ] , H [ 30.6 ] , D [ 125.3 ]

- IP, ARP, ICMP, UDP, TCP

- PPPoE, Telnet

- IP Static Routing & DHCP Server/Client/Relay

- nESA (256 bits)

- nESA with LinkAuthentica

- WEP (64/128 bits)

- WPA-PSK & WPA (TKIP/AES)

- WPA2-PSK & WPA2 (TKIP/AES)

- IEEE802.1x (MD5/TLS/TTLS)

User’s Manual 6/73
Ver. [E.1.1]

Wireless Function
Firewall

Management

4. Exterior view

- Point to Point/Point to Multipoint Bridge & WDS

- NAT

- MAC Filtering, IP Filtering

- SNMP V1/2, Wireless & Ethernet MIB

- HTTPS(SSL)

- WEB Base Configuration

- Console Base Configuration

Table 1 DosaLink – 540 Specifications

Figure 1 DosaLink - 540 Top Views

Indicates the status of the power

PWR

DIAG

• Off – the power is not connected

• On – the power is connected

Indicates the operation status of AP

• Off – Normal operation

• On – Malfunction status

User’s Manual 7/73
Ver. [E.1.1]

Indicates the connection status of Wide Area Network (WAN) Link

• Off – The physical connection is not completed

LAN

WAN

WLAN

Port1

Port2

Port3

• On – The physical connection is completed

• Blinking – The packets are sending and receiving with

normal connection

Indicates the connection status of Local Area Network (LAN) Link

• Off – The physical connection is not completed

• On – The physical connection is completed

• Blinking - The packets are sending and receiving with

normal connection

Indicates the connection status of WLAN

• Off – Malfunction

• On – Normal operation

• Blinking - The packets are sending and receiving with

normal connection

Table 2 Indications of the Front side LED

Figure 2 DosaLink - 540 Back View

5. Installing the Hardware

5.1. Before Installing

 The user’s MODEM should be plugged into the power after configuring the

DosaLink – 540.

 In the case of an Automatic connection MODEM among Asymmetric Digital

Subscriber Line (ADSL) MODEM users, “Cable, VDSL” should be selected in the
“WAN Setup” menu on the DosaLink – 540’s configuration window.

 The Au tomatic connection MODEM has built-in “user account” and “password”,

which are required to authenticate the PPPoE, so it may be a ble to connect to
the Internet without any connection program.

User’s Manual 8/73
Ver. [E.1.1]

5.2. Connecting the Cables

 Connecting LAN port(s) of the Ethernet to WAN port of the DosaLink – 540.

Since WAN port of the DosaLink -540 have built-in AUTO DI/MDI function, either
a direct cable or cross cable can be used.

 Connecting LAN port(s) of the DosaLink -540 to corresponding user’s PC.

LAN port of the DosaLink – 540 have built-in AUTO MDI/MDIX function, either a
direct cable or cross cable can be used.

Since

Figure 3 Example of connecting cables

5.3. Configuration Information

The following information is required for configuring the DosaLink -540:

 Type of broadband (ADSL, VDSL, Cable, Static IP).
 “User Name (Login Name)” and “Password” for ADSL user.
 In the case of a Static IP Address: IP Address, Subnet Mask, Gateway, DNS

Server Address, etc.

5.4. Factory Default Setting

 LAN interface IP: 192.168.1.1
 DHCP: Server
 Assigned IP Address of DHCP Server: 192.168.1.2 ~ 254
 WAN: Cable, VDSL/ Dynamic IP

User’s Manual 9/73
Ver. [E.1.1]

 SSID: nDOSA
 Channel: 6
 User ID: root
 User Password: admin
 Wireless Encryption: nESA with Default Key

6. Configuring the computer for sharing the Internet

 For sharing the Internet through the Dos aLink – 540, the computer should be

configured while the communication between the user’s PC and DosaLink – 540
is normal.

 Since LAN IP of the DosaLink – 540 is 192.168.1.1, the user’s PC should have

the following network IP address – 192.168.1.2 ~ 254 – for connecting to the
DosaLink – 540.

 There are two ways to assign IP Address to user’s PC. First, the user’s PC

obtains an IP address automatically from the Dosalink – 540 assigned IP address.
Second, the IP address can be assigned by the user. However, a static IP
address should be assigned for operating servers such as Web, FTP, etc.

 Configuring the user’s PC may vary depending on the Operating System (OS)

being utilized. This manual is written for users of Windows 2000 and XP.

6.1. Configuration for Windows 2000 and XP

6.1.1. Obtain an IP address automatically for DosaLink – 540

1. “Control Panel” => “Network Connections” => “Local Area Connection” =>
“General” => click “Properties”, and then Figure 4 pops up. In this “Local Area
Connection Properties” window, select “TCP/IP” and click “Properties”.

2. In the “Internet Protocol (TCP/IP) Properties” window, select “obtain an IP
address automatically” and “obtain DNS server address automatically” as
shown in Figure 5. Then, click “OK” to save the configuration.

User’s Manual 10/73
Ver. [E.1.1]

Figure 4 “Local Area Connection Properties” Window

Figure 5 “Internet Protocol (TCP/IP) Properties” Window

User’s Manual 11/73
Ver. [E.1.1]

6.1.2. Confirm and Renew the IP address

The saved configuration information may be confirmed by using the “ipconfig”
command in the DOS window.

1. Select “Start” => “Run” and input “cmd”. Then, click “OK” to execute the DOS
window.

Figure 6 “Run” Window

2. The IP address, Subnet Mask, and Gateway that are assigned automatically
should be confirmed with inputting the command “ipconfig” on the DOS
window. If it is normal, then the IP address should be assigned
“192.168.1.xxx” as shown in Figure 7.

Figure 7 DOS Window (“ipconfig”)

3. If the assigned IP address is outscope of “192.168.1.xxx, then it should be
renewed by “ipconfig /release” and “ipconfig /renew” commands as shown in
Figure 8.

User’s Manual 12/73
Ver. [E.1.1]

Figure 8 DOS WIndow (ipconfig / release & ipconfig / renew)

4. If the assigned IP address is an outscope of “192.168.1.xxx” or it has failed to
get an IP address even though the above steps for getting an IP address
were excuted, then the static IP address should be assigned by the user with
regard to the following section.

6.1.3. Assign the static IP address

This section explains how to assign the static IP address to the user’s PC when
the DosaLink – 540 cannot assign an IP address to the user’s PC or a server is
operating on the network.

1. “Control Panel” -> “Network Connections” -> “Local Area Connection” ->
“General” -> click “Properties”, and then Figure 9 pops up. In this “Local Area
Connection Properties” window, select “TCP/IP” and click “Properties”.

2. In the “Internet Protocol (TCP/IP) Properties” window, select “Use the
following IP address” and “Use the following DNS server addresses” as
shown in Figure 10. Then, input the correct addresses and click “OK” to save
the configuration.

User’s Manual 13/73
Ver. [E.1.1]

Figure 9 “Local Area Connection Properties” window

3. If several user’s PCs need to be assigned IP addresses, then the information
for Subnet Mask, Gateway, and DNS server should be the same and the IP
address should be selected between 192.168.1.2 and 192.168.1.254.

User’s Manual 14/73
Ver. [E.1.1]

Figure 10 “Internet Protocol (TCP/IP) Properties” window

7. Communication between user’s PC and the DosaLink – 540

 The communication between the user’s PC and the DosaLink - 540 should be

confirmed before configuring the PC by utilizing the configuration window of the
DosaLink – 540. For this purpose the “ping” command can be used.

 “Start” => “Run”, input “cmd” and press “OK”. The DOS window will be open.
 Once performed “ping 192.168.1.1”, should appear as shown as Figure 11. If it

does not appear, then the sequence should be performed again after pressing
“reset”, which is located on the back of the DosaLink -540, and rebooting the
user’s PC.

User’s Manual 15/73
Ver. [E.1.1]

Figure 11 “ping” in the DOS window

8. Connect the Internet via the configuration window of DosaLink – 540

1. First, run the web browser to connect to the Internet. However, it is not

connected to the Internet because the DosaLink – 540 is not con figured yet. On
the web browser’s m enu, select “tools” => “Internet optio ns...”.

Figure 12 “Internet Option”

2. To Delete the temporary Internet Files in the Internet options window click on

“Delete Cookies...” and “Delete Files...” Then select “Connections”.

User’s Manual 16/73
Ver. [E.1.1]

Figure 13 “Delete Cookies” & “Delete Files”

3. At “Dial-up and Virtual Private Network settings” menu, select “Never dial a

connection” then click “LAN Settings...” as shown in Figure 14.

User’s Manual 17/73
Ver. [E.1.1]

Figure 14 “Dial-up and Virtual Private Network settings”

4. In the “Local Area Network (LAN) Se ttings” window, remove the check mark s (V)
as shown in Figure 15 and select “OK” to save the configurations.

User’s Manual 18/73
Ver. [E.1.1]

Figure 15 “LAN Settings” window

5. After configuration enter https://192.168.1.1 into the “Address” window of web
browser as shown in Figure 16.

Figure 16 https://192.168.1.1

6. Since the SSL is implemented to enhance the security, if th e message as show n
in Figure 17 appears, then select “Yes”.

User’s Manual 19/73
Ver. [E.1.1]

Figure 17. SSL Message

7. The Default “ID” and “Password” to connec t to this web page, shown in Figure
18, are ‘root’ and ‘admin’, respectively.

Figure 18 Default User ID and Password

8. If i t connects, as shown in Figure 19, the ini tial page to manage the D osaLink –
540 wil appear.

User’s Manual 20/73
Ver. [E.1.1]

Figure 19 initial Page for DosaLink -540 Access Point

9. Configuration the DosaLink – 540

Since all configuration information is saved to the DosaLink – 540, automatically, it may
be necessary to configure only once from any user’s PC.

9.1. ADSL (PPPoE) users

In the case of the Automatic connection MODEM users among ADSL subscribers,
“Cable, VDSL” is selected for “Internet Service Type” in the “WAN Setup” menu.

1. Choose “ADSL (PPPoE)” for “Interne t Se rvic e Type” in the menu of “WA N Se tup” .

2. Input “User’s Name” and “Password”.

3. Click “Submit” to apply to the DosaLink – 540.

User’s Manual 21/73
Ver. [E.1.1]

4. Then, move to the “Status” menu and confirm and check the connection status.
Note) “MTU” means the maximum permissible packet size, which the default

value is 1440. This value may vary depending on the Internet Service Provider
(ISP).

Figure 20 Configuration Windows for ADSL Users

9.2. Cable and VDSL Users

1. The same as above, the Automatic connection MODEM users should select
“Cable, VDSL” for “Internet Service Type” in the “WAN Setup” menu as shown in
Figure 21.

2. Since most ISPs confirm the configured MAC address initially, as shown in
Figure 21, press “Clone” and the initial PC’s MAC address is appeared. Then,
click “Submit”.

“Restore” is for reconfiguring the factory default setting of user’s PC.

3. Click “Submit”, and the configuration is applied. Then, the PC will reboot with the
message on web browser.

User’s Manual 22/73
Ver. [E.1.1]

* After configuration, the status of the connection in the menu will be confirmed.

Figure 21 Configuration Windows for Cable & VDSL Users

9.3. Static IP Users

1. From the “WAN Setup” menu, select “Static IP”.

2. Input the IP address, Subnet Mask, Gateway, and DNS from your ISP.

3. Click “Submit”.

* After configuration, it will be confirmed by the “Status” window.

User’s Manual 23/73
Ver. [E.1.1]

Figure 22 Configuration window for Static IP Users

9.4. Remove all the Network related Programs(Daemons)

1. For configuring Dosalink-540 as simple Access Point like HUB device, select
“None”.

10. Network Connection Status

After configuration of “WAN Setup”, “LAN Se tup”, and “Wireless Setup”, theIP address
can be confirmed at the “Status” menu. As shown in Figure 23 below, the “WAN Setup
Status” indicates “Connected” and the addresses appear if it is connected to the Internet.

User’s Manual 24/73
Ver. [E.1.1]

Figure 23 Status Window

(1) Firmware & AP Name : Software Version for DosaLink – 540
(2) LAN Setup Status : LAN Setup Status
(3) WAN Setup Sta tus : Status of WAN Po rt and the Status for IP Add ress, Subnet

mask, and Gateway of WAN Port

(4) Wireless Setup Status : Wir eless Setup Status
(5) DNS : IP of DNS Server for WAN

11. DosaLink – 540 Menu Description

11.1. LAN Setup

1. The IP address and Subnet Mask’s range is configured in this menu. The
configured IP address is the Gateway of LAN Ports.

User’s Manual 25/73
Ver. [E.1.1]

2. If DHCP server is operating, then the IP address assigned to users connecting
the DosaLink – 540 should also be in the range of the con figured IP address in
this menu.

Figure 24 “LAN Setup” Window

11.2. Server

In this menu the related functions to DHCP and DNS are configured.
DHCP is the protocol that manages and assigns the IP address automatically. Thus, the

new IP address can be assigned to the user’s computer automatically w hen it connects
to the network, at anywhere in the network. However, in the case of using Web and FTP
servers, the static IP address should be used.

(1) In the menu of “DHCP Server”, select “Enable” or “Disable”.

 If “Disable” is selected, then the “DHCP Relay Agent” should be selected as

“Enable” so that the client adapters are able to be assigned the IP address for
the server that connects to the DosaLink – 540.

 If “Enable” is selected, then just configures “DHCP start and end Range” to

specify the range of the IP address.

(2) Configuration Domain Name Server (DNS)

 “Real”: Use the DNS Server that is assigned by DHCP client or PPP. All DNS

query messages are transmitted to one of the DNS servers that are found
dynamically.

 “Custom”: Use the configured DNS Sever. All DNS query messages are sent

to one of the DNS Servers that will be designated. The IP address of DNS
Server should be input.

User’s Manual 26/73
Ver. [E.1.1]

 “Proxy”: The Gateway IP address of device is the DNS’ IP address.

(3) DHCP Relay Agent is the function that assigns the IP address to Local LAN or

WLAN’s Client from the DHCP Server, which connects to WAN. If it is configured,
then the requested DHCP from the Local PC transmits to the DHCP server over
the WAN. For this operation, NAT can be disabled and user should choose
“Disable” for DHCP function.

 In the case of selecting “Enable”, the IP address for the DHCP should be

written into the menu as shown in Figure 25.

Figure 25 Configuration Window for “Server”

11.3. Access Control

This menu allows users to configure the access control to terminals that connect to the
DosaLink – 540. The configuration is established on the basis of the IP addresses that
are assigned to each terminal. This can be applied to a specific terminal for the access
control. It is able to restrict access of the output to a specific terminal from the DosaLink

User’s Manual 27/73
Ver. [E.1.1]

– 540, the input to the DosaLink – 540 from a specific terminal and the WAN or LAN
through the DosaLink – 540. In general, it is described as the function of IP Filtering.

Figure 26 Configuration Window for “Access Control”

(1) Host Name: A name for the terminal (PC) to be controlled. This is configured by

the user.

(2) Policy: Configure the Chain such as Input, Output, or Forward.
(3) Protocol: To restrict the specific protocols such as TCP and UDP. If it is

configured to “All”, then all protocols are blocked.

(4) Set the range for Source IP’s registration information Net Mask and Port of Input,

Output, and Forward in Policy.

(5) To register the information of Destination IP for the above (4).
(6) After the configuration above, click “Add”. It is then registered to the Access

Control Table. The user may confirm and delete the information that is registered
in the Access Control Table.

11.4. Port Forwarding

User’s Manual 28/73
Ver. [E.1.1]

To write the IP address of the PC to set the DMZ among the PCs that are connecting
to the LAN, select “Enable” and click “Submit”. To establish the DMZ that the
function operates as the same state, which does not utilize the firewall functionality of
the DosaLink – 540 by forwarding all the pac kets, connected to the of ficial IP that is
assigned to the DosaLink – 540 from the ou tside of the network, to the specific PC
that is connecting to the DosaLink – 540. If, at the specific PC, some special services
such as a Web Server and FTP Server are ab le to be operated by utilizing various
firewall functions that the DosaLink – 540 has, then it is possible for the external to
access to the DosaLink – 540 and impossible to access to the specific Programs of
PC that connects to the DosaLink – 540. In case that it is neces sary for the external
to forward to the specific program at the specific PC, the P ort Forwarding is used for
this purpose.

Figure 27 “Port Forwarding” Window

(1) Select “Enable” from the menu of “DMZ”. User can arbitrarily select the “Host

Name”.

(2) The IP address of the PC to be used as DMZ over the LAN is input. Then click

“Submit”. “Protocol” can be set to “TCP”, “UDP”, or “ALL”.

(3) To set the range of the specific Port Number, from the external.
(4) To input the IP address of the PC to which the specific Port is forwarding.
(5) To establish the range of Port Numbers to be used by the PC that is set in (4).
(6) Press “Add” to register the above setting into the “Port Forwarding Table”. If

“Reset” is pressed, the configuration is initialized.
* Click “Port Forwarding Table” to confirm the registered configuration.

User’s Manual 29/73
Ver. [E.1.1]

11.5.

Static Routing

Static Routing is the opposite of Dynamic Routing. It is the function that transfers the
data through the specific path. It is set in adva nce. The route can be configured with
regards to the IP address of the specific PC and the Gateway.

Figure 28 “Static Routing”

(1) To set the “Network Name” arbitrarily.
(2) To input the range of “Destination IP”, connecting to the intra network.
(3) To input “Subnetmask”.
(4) To input the “Gateway IP” of the “Destination IP” being used in the intra network.
(5) Press “Add”. Click “Reset” to initialize the configuration.

* Click the “Static Routing Table View” to confirm the registered configurstion.

11.6. System

This Menu offers various functions to manage the DosaLink – 540.

User’s Manual 30/73
Ver. [E.1.1]

Figure 29 “System” Window

(1) The “User ID” can not be modified and is used to connect to the configuration

window of DosaLink – 540.

(2) The “New Password”, used to modify the User Password, is used to connect to

the configuration window of DosaLink – 540. The default is “admin”.

(3) The “Factory Default” is used for resetting all the current configured values to the

initial values. When “Submit” is pressed, it is applied. The system should be
“Reboot”.

(4) The “System Rebooting” is to reboot the DosaLink – 540.
(5) The “Log Messages” shows the events that have occurred in the DosaLink – 540.

Its function can be helpful to manage the DosaLink – 540.

(6) The “System Firmware Upgrade” is used to upgrade the system software of

DosaLink – 540.

* Click “Browse”, and select the system software to be used for upgrading. Then,

press “Upgrade” to apply.

** The name of the system software should be “image.cramfs”.

User’s Manual 31/73
Ver. [E.1.1]

*** It takes about 3 min. to operate normally when upgrading. If “On/Off” power or
“Rebooting” of the DosaLink – 540 occurs while upgrading, it may cause fatal
damages to the DosaLink – 540.

(7) The “nESA EDATA UPLOAD” is used to modify the Data that is related the nESA

– the enhanced wireless security function is offered by the DosaLink – 540. The
uploaded “EDATA”, supporting the nESA, may not be deleted even if “Factory
Default” is applied.

** The file name of the “EDATA” should be “edata.str”.

11.7. Wireless Setup

This Menu guides users to set the basic wireless configuration for the DosaLink –

540. Users can establish and operate the WEP, the basic WLAN security of the IEEE

802.11 standards, in this menu.

Figure 30 Wireless Setup

User’s Manual 32/73
Ver. [E.1.1]

(1) The “AP Name” is for naming the DosaLink – 540. It can be any name the user

chooses to manage the AP.

(2) The “Operation Mode” is for defining the application of DosaLink – 540.

 Select “AP” for using DosaLink – 540 as the Access Point.
 If the DosaLink – 540 is used for the Wireless Bridge such as the Point-to-Point

(PtP) and Point-to-MultiPoint (PMP), then select either “Wireless Bridge (Master)”
or “Wireless Bridge (Slave)”. If it is connected to the Internet or upper layer
network, then select “Wireless Bridge (Master)”. If it is connected to the wireless
master bridge for relaying the network, then select “Wireless Bridge (Slave)”.

 In the case of Wireless Bridge, the “Using WDS” should be enabled and the MAC

Addresses of DosaLink – 540 to be connected should be registered in the Menu
of “WDS”. Therefore, the client adapters can not be connected to the DosaLink –
540 that is set to “Wireless Bridge”.

(3) The “Country Code” can not be modified from what is set in the DosaLink – 540.

 Frequencies for each country are different.

(4) The “SSID” is an abbreviation for Service Set Identifier. It is a 32 byte character

unique identifier attached to the header of packets sent over a WLAN. The “SSID”
between the DosaLink – 540 and the user’s PC should be the same.

 It should use the alphabet or the number. In case of the alphabet, it should be

distinguished between the lower and upper case.

(5) IEEE 802.11 Standards are selected in this menu – “Wireless Mode Selection”. For

instance, if “802.11g only” is selected, then its users only connect. In case of
selecting “802.11b+g mixed”, since the users of 802.11b are able to connect, it may
cause a slow transmission speed for the users of 802.11g. Also, if “802.11a only” is
selected, then its users only connect.

(6) The “Channel Select” menu is for channel selection methods of the DosaLink – 540.

 The DosaLink – 540 supports the selection of either “Manual” or “Auto” for the

method of channel selection.

 When “Manual” is selected, the channel in “Channel Number” is set. When “Auto”

is selected, the channel that has good signal strength and receiving sensitivity is
selected automatically from all possible channels. In the case of selecting “Auto”
of 802.11a standard, if the chosen channel in “Channel Number” is the one of
channels of 802.11a, then it will be selected automatically among the possible
channels of 802.11a.

(7) The “Channel Number” menu is only available when the “Channel Select” is set to

“Manual”.
 Channel 6 is the Factory Default value.

(8) The WEP can be selected in the “WEP” menu.

 If the WEP, an encryption to protect the data over the wireless area, is selected

“Enable”, then the user’s PC to connect to the DosaLink – 540 should also be set
with the same WEP information as in “Key length”, “Authentication Type” and
“KEY”(64bit, HEX or Passphrase).

User’s Manual 33/73
Ver. [E.1.1]

(9) When the WEP is “Enable”, the user can also select the key length of WEP

according to the following Table. (The encryption key can be made of the number (0
~ 9) and the alphabet (A ~ Z)).

Key Length

Number Code

ASII HEX

64 bits 5 Char. 13 Char.

128 bits 10 Char. 26 Char.

(10) The menu “Authentication Type” is three different types of authentication of the

wireless device.
 “Open System”: All users’ PCs, with the corresponding channel information, are

able to connect to the DosaLink – 540.

 “Shared Key System”: Only the users’ PCs with the corresponding channel

information and WEP key can connect to the DosaLink – 540.

 “Both System”: Is controlled automatically. All wireless equipment should be

using the same authentication method.

 The basic setting is “Open System”.

(11) There are 4 keys for the WEP.
(12) The stored WEP key should be selected.
(13) For configuring WEP with “Passphrase”, input narative sentence in the box of

“Passphrase” (ex: I am a boy). There is no required grammar of the sentence.

11.8. nESA Setup

The WLAN, communicating over a wireless medium, is vulnerable in nature. For that,
the IEEE802.11 Task Group (TG) has generated the various security solutions such
as WEP, WPA, WPA2, 802.1x, and etc. However, it has been reported that these
technologies are not enough to cure the weakness of WLAN. Its security vulnerability
has made users’ obstacles adapt to the WLAN system. To resolve the security issue
of WLAN is to hide the WLAN network from the outside and to encrypt all the data,
transmitted and received over the WLAN network.

The nDosa Enhanced Security Algorithm (nESA) developed by nDosa Technologies
Inc. is the only security solution that makes the WLAN network invisible. The
DosaLink – 540 is equipped with the nESA technology and this menu leads the user
to configure the nESA. All the information that is set in this menu should be
established at the user’s PC to be connected to the DosaLink – 540. In addition to
the nESA technology, there is the novel key management system, called
LinkAuthentica, for the enterprise users.

The features of LinkAuthentica are summarized as follows:

 The novel concept of the key management system for the nESA security keys

does not have the problems that the Pre-Shared key method has.

User’s Manual 34/73
Ver. [E.1.1]

 Each user on the same subnet is assigned a unique user key which is

different from the other users.

 Since each user’s key is not compatible with other users’, it is not a concern if

it is lost.

 Strong security and excellent flexibility can be offered to the user.
 LinkAuthentica is composed of two parts – Key Generator and Client

Manager.

- Key Generator: Generates the Master Key and the unique user key for
each user on the same subnet.

- Client Manager: The program, resides on the client adapter, generates a
Master Key by using the unique users keys that the Key Generator
generates and the user inherent information so that the client adapter can
be connected to the DosaLink – 540.

* The Master Key is not revealed outside or transmitted over the network.
* Please refer to the LinkAuthentica User Manual for more information.

Figure 31 nESA Set

(1) There are 4 different selections to operate the nESA in the menu “nESA

Key Type”.

 Disable: The nESA is not used.
 Default Key: It means the Factory Default. It is not necessary for theuser

to input the key.

 User Key: The user should input 64 Hex numbers for the nESA key into

“User Key” or “Passphrase”.

User’s Manual 35/73
Ver. [E.1.1]

 LinkAuthentica: This selection, the nESA Key Management System, is for

the enterprise customers.

(2) If the “User Key” is selected in the “nESA Key Type”, then the user should

input the key into this menu and click “Submit”.

(3) If the “LinkAuthentica” is selected in the “nESA Key Type”, then using

“Browser…” searches for the related key file (the file name should be
“linkA_AP.key”) and click “Upload”. And then click “Submit” toactivate the
key. The file “linkA_AP.key” can be generated by the LinkAuthentica Key
Generation program. Please refer to the LinkAuthentica User’s Manual for
more information.

(4) The menu, “Passphrase”, generates the key automatically with inputting a

user specific word or phrase. If the user wants to generate the WEP key
manually, then this menu should be blanked. First, input user specific
ASCII into the menu and click “Key_Generation, then it is generates the
key automatically and applies the key to the system. Second, click “Submit”
to activate the setting.

11.9. Advanced

Figure 32 Advanced

(1) The transmitting power of the system can be controlled in this menu, “Tx Power

Control”. There are 4 different steps to control – “AUTO, 100%, 70% and 50%”.

(2) The transmitting data rate can be controlled in the menu of “Tx Rate” at 1 ~ 54

Mbps and AUTO.

User’s Manual 36/73
Ver. [E.1.1]

(3) The permissible packet size over wireless medium is defined in this menu –

“Fragmentation Threshold”. The packet size of 2346 is recommended. If the
fragmentation packet error rate is high, a fragmentation threshold of between 256
and 2346 can be controlled gradually. If the “Fragmentation Threshold” is
established too low, then the communication performance may be poor.

(4) The frame size is set in this menu – “RTS Threshold”. There are two signals

(Request-to-send (RTS) and Clear-to-send (CTS)) to control the WLAN
communication. The recommended value is 2437. If the communication flow is
not smooth, then use this menu to control the “RTS Threshold” between 0 and

2437.

(5) The “Beacon Period” controls the interval of Beacon Frame that is generated

from the DosaLink – 540. The default value of 100 is recommended.

(6) The number of Beacon Interval in the Delivery Traffic Indication Message (DTIM)

is defined in this menu – “DTIM Interval”. It can be set between 1 and 255.

11.10. Wireless Distribution System (WDS)

The WDS function is established in this menu.
The WDS is the function that the DosaLink – 540, is connecting the Ethernet,

connects to the other DosaLink – 540, is not connecting the Ethernet, in the same
subnet so that the data traffic that is from the DosaLink of not connecting the
Ethernet relays to the DosaLink – 540 that is connecting to the Ethernet. It is
possible to set the links between six of the DosaLink – 540 in max. The user’s PC
can be connected to any DosaLink – 540 that connects in WDS. The wa ys to se t the
WDS between the DosaLink – 540s that are able to extend a WLAN network in the
same subnet are the Point-to-Point (PtP) and the Point-to-Multipoint (PMP).

(1) The menu of “WDS” is for the selection of use of the WDS. If the “Wireless

Bridge (Master or Slave)” is selected in the 10.7 – “Wireless Setup”, then it
should also activate the WDS.

(2) The “MAC Address 1 ~ 6” is for the MAC Ad dress of the Do saLink – 540s, which

may be connected by the DosaLink – 540 that is activated for WDS or Wireless
Bridge (Master or Slave).

User’s Manual 37/73
Ver. [E.1.1]

Figure 33 WDS

11.11. MAC Filtering

The user’s PC has its own unique MAC Addres s. Access to the DosaLink – 540 can
be controlled based on this information.

(1) The access control of DosaLink – 540 based on the MAC address of the user’s

PC is established in this menu – MAC Filtering.

 Disable: Do not use the MAC Filtering
 Accept: Only the user’s PC with a MAC address that is listed in the MAC

Filtering Table are able to access the DosaLink – 540.

 Deny: The user’s PC with a MAC address that is listed in the MAC Filtering

Table are denied access to the DosaLink – 540.

(2) The new MAC address that is registered to the MAC Filtering Table is set in this

“MAC Address” menu. The registered MAC addresses can be confirmed by
clicking the “MAC Filtering Table”.

User’s Manual 38/73
Ver. [E.1.1]

11.12. IEEE 802.1x

Figure 34 MAC Filtering

The IEEE 802.1x is the standard Port Access Protocol that authenticates the user via
the Radius Authentication Server. By using the information from the user’s PC
(Authenticator, ID, Password, etc.) it is authenticated to control access to a wireless
network. For these procedures, the Extensible Authentica tion Protocol (EAP) is use d
between the Radius Authentication Server and the user’s PC in the s tandard of IE EE

802.1x. The information from the user’s PC, passing through the EAP, can be
verified by the Radius Authentication Server. Depending upon its verification it
should decide to connect to a wireless network. Depending upon the types and
results of the authentication the Dynamic U nicast Session Key or Static Broadcast
Key which the IEEE 802.1x EAP packets contain is transferred to the authenticated
user’s PC. The Session Key can be different for each authenticated user’s PC. This
information can be utilized to encapsulate the data that are between the DosaLink –
540 and the authenticated user’s PC.

The DosaLink – 540 supports the following authentications:

• EAP-MD5 (Message Digest): This type of EAP authentication offers the basic

level of EAP. User ID and User Password of the user’s PC are used for
authentication. Since MD5 algorithm is used one-way harsh function, the
authentication between the user’s PC and the Radius Authentication Server
is processed one-way.

• EAP-TLS (Transport Layer Security): EAP-TLS provides for mutual

authentication based on the certificates between the user’s PC and the
Radius Authentication Server. The keys for authentication are generated
dynamically.

User’s Manual 39/73
Ver. [E.1.1]

• EAP-TTLS (Tunneled Transport Layer Security): EAP-TTLS is the protocol

that improved EAP-TLS. It provides for mutual authentication and generation
of dynamic user’s or sessions secret keys based on the certificates between
the user’s PC and the Radius Authentication Server via the encrypted
channel (or the tunnel). EAP-TTLS requires only the Radius server-side
certificates.

The DosaLink – 540 supports the Web Redirection.
When the user’s PC that connects to the DosaLink – 540 fails to authenticate, it

allows the user’s PC to point the specific WEB Site.

Figure 35 802.1x

(1) Select IEEE 802.1x authentication function in the menu of “802.1x”.
(2) Input an IP address of the Authentication server into the menu of “Authentication

Server IP1”. The Port number that associates with the Authentication Server
should be written into “Port”. The default value is 1812.

(3) The “Shared Secret” is a text string that serves as a password, registered at the

authentication server. It must be the same “Shared Secret” between the
authentication server and the DosaLink – 540.

User’s Manual 40/73
Ver. [E.1.1]

(4) An IP address of the accounting server should be written into the menu of

“Accounting Server IP1”. The Port number that is associated with the accounting
server should be input into this menu. The default value is 1813.

(5) The “Shared Secret” is a text string that serves as a password, registered at the

accounting server. It must be the same “Shared Secret” between the accounting
server and the DosaLink – 540.

(6) This menu is for the second authentication server, accounting server, port

numbers, and shared secrets. If there is not a second choice, then it may be
blanked.

(7) In the “RETRY_PRIMARY_INTERVAL” the time interval when it is requested to

connect to the second authentication server after failing to authenticate from the
first authentication server is established in the case of using a couple of
authentication servers.

(8) The time from failing to authenticate to requesting to reauthenticate is set in this

menu of “ACCT_INTERIM_INTERVAL”.

(9) WEB_REDIRECTION: Select to use the Web Redirection function in this menu.
(10) WEB_REDIRECTION_IP: Input the IP address of Web site that is to be

connected automatically when IEEE 802.1x authentication is failed.

 The function of Web Redirection is associated with MD5 of IEEE 802.1x.
 When the function of Web Redirection is activated, the message for re-booting

the DosaLink – 540 appears. Click “OK” to re-boot the DosaLink – 540. After this,
the function of Web Redirection can be used.

11.13. Wi-Fi Protected Access (WPA)/ WPA2 (IEEE 802.11i)

The DosaLink – 540 is offered the following two modes:

 WPA and WPA2: It is associated with IEEE 802.1x so that the user’s PC is

authenticated and its keys are distributed to the authenticated user’s PC. The
Radius Authetication Server is needed and either the EAP-TLS or the EAP­TTLS, are used to authent icate.

 WPA-PSK and WPA2-PSK: The Pre-Shared Key (PSK) mode is not used

that Radius Authentication Server and associated with IEEE 802.1x. The PSK
that is formed, either 256 bits – 64 hexadecimal or 32 alphanumeric
characters, is inputed directly by a user.

User’s Manual 41/73
Ver. [E.1.1]

Figure 36 WPA

(1) Select to use the WPA in the menu of “Using WPA”.
(2) The menu of “Authentication Type” selects to use either WPA-PSK or

WPA-EAP when the WPA is enabled.

(3) If the WPA-EAP is selected, then the Radius Server’s IP address, Port,

and Shared Secret are written into this menu – “Radius Server”.

(4) Select to use either “AES” or “TKIP” in this menu – “Cipher Suite”.
(5) Select to use either “Passphrase” or “Hexa” in the “Pre-Shared Key

Format” if the WPA-PSK is selected.

(6) Input the keys in format – “Pre-Shared Key”.

User’s Manual 42/73
Ver. [E.1.1]

 Input 8 – 63 characters if the “Passphrase” is selected.
 Input 64 chracters if the “Hexa” is selected.

(7) The menu of “Using RSN/WPA2” is for selecting to use of WPA2.
(8) This is same as (2).
(9) Select to use of the “Preauth” function.
(10) Establish the “Preauth Life Time”.
(11) This menu is same as (3).
(12) This menu is same as (4).
(13) This menu is same as (5).
(14) This menu is same as (6).
(15) Establish the “Rekey Time”.
(16) Set the “Rekey Packets”.
(17) Set the “Reauth Time”.

11.14. Virtual Local Area Networks (VLAN)

A virtual LAN (VLAN) is a method of creating independent logical networks within a
physical network. Several VLANs can co-exist within such a network. Th is helps to
reduce the broadcast domain.

A VLAN consists of network computers and dev ices that exist on the same do main.
They may actually be physically connected to different segments of a LAN. The
network administrator configures VLANs through software rather than hardware,
which makes them flexible.

The VLAN technology is applied to the WLAN networks by using the IEEE 802.1q
tagging protocol.

The DosaLink – 540 supports the Port base VLAN. For the purpose of using this
function, the wired network connecting to the Dos aLink – 540 should be segemented
by the VLAN and it should be consisted of switches, routers, DHCP Server, and
Radius Authentication Server that are supporting the network.

User’s Manual 43/73
Ver. [E.1.1]

Figure 37 VLAN

(1) Select to use the VLAN.
(2) The authenticated client’s VLAN ID value is set in this menu – “Authenticated

VLAN ID” (2 ~ 4095).

(3) The unauthenticated client’s VLAN ID value is set in this menu –

“Unauthenticated VLAN ID” (2 ~ 4095).

12. Factory Resetting

The Factory Resetting means to set the configuration of DosaLink – 540 as the initial
values.

 The most recent uploaded EDATA via “nESA EDATA UPLOAD” should be

maintained even though the Factory Resetting is performed.

12.1. Resetting via the Web

(1) Go to the configuration window of DosaLink – 540 (https://192.168.1.1). Refer

to the menu – “Connecting the Internet via the configuration window of
DosaLink – 540.

(2) Press the “Submit” of “Factory Default” in the below Figure 38.

User’s Manual 44/73
Ver. [E.1.1]

Figure 38 System

(3) When Fgure 39 appears, press “OK” to return the previous display.

 The DosaLink – 540 reboot after changing to the Factory Default.

User’s Manual 45/73
Ver. [E.1.1]

Figure 39 Result Page

(4) If the “Submit” of “System Reboot” in Figure 40 is pressed, then it has

completed the Factory Resetting with rebooting the DosaLink – 540.

User’s Manual 46/73
Ver. [E.1.1]

Figure 40 System

12.2. Hardware Reset

If the Reset Button, located in the back of DosaLink – 540, is pressed for 5 seconds,
then all the configuration values are back to the Factory Resetting. Approximately
one or two minutes is needed to reboot the DosaLink – 540 automatically.

13. Configuration via Console

Refer to “Menu Descriptions of DosaLink – 540” section for detailed descriptions of
the functions.

13.1. Connection

1. Connecting “telnet” in the Dos window.

User’s Manual 47/73
Ver. [E.1.1]

Figure 41 connecting telnet

2. Input “login ID” and “Password” (the defaults are “root” and “admin”, respectively).

Figure 42 Login

User’s Manual 48/73
Ver. [E.1.1]

3. This is the initial display of connecting Console.

1. Status: Shows the current configuration status of DosaLink – 540.

2. LAN Setup: Input the LAN IP address.

3. WAN Setup: Select the method to connect to WAN and configure it.

4. Sever: Select and set the DHCP Server and DHCP RELAY AGENT.

5. Access Control: Set the firewall functions by using the IP addresses.

6. Port Forwarding: Establish the DMZ and Port Forwarding functions.

7. Static Routing: Configure the communication paths.

8. System: Confirms modifying Password, Factory Resetting, etc.

9. Wireless Setup: Set the basic wireless configuration.

13.2. Status

Figure 43 Initial Display for connecting Console

User’s Manual 49/73
Ver. [E.1.1]

Figure 44 Status window

(1) F/W Version: Shows the Firmware Version of DosaLink – 540.
(2) LNA Status: The configured LAN IP, Subnetmask, and use of DHCP Server

are confirmed in this menu.

(3) WAN Status: Shows the status of WAN, WAN IP Address, Subnetmask,

Default Gateway.

(4) Wireless Status: Shows SSID, current Channel, nESA Key setting, etc.
(5) DNS: Shows the information for DNS.

13.3. LAN Setup

User’s Manual 50/73
Ver. [E.1.1]

Figure 45 LAN Setup

1. IP: LAN IP address is shown. It can be changed. If the IP address is modified, a
communication currently connected with the user’s PC is disconnected.

2. NetMask: The NetMask is set in this menu.

3. s. save: Register the newly configured information.

4. r. return: Back to the previous display.

13.4. WAN Setup

The connection method for WAN is selected and configured in the WAN Setup
(Default is “Cable/VDSL”).

User’s Manual 51/73
Ver. [E.1.1]

Figure 46 WAN Setup

 If PPPoE (ADSL) is used, then select 1. PPPoE Setup in Figure 47.

Figure 47 PPPoE Setup

1. Select “1”, which is “User Name” and input ID (User Name), is registered at ISP.

User’s Manual 52/73
Ver. [E.1.1]

Figure 48 PPPoE Setup

2. Select “2” – “Password” and input the Password that is registered at ISP.

3. The value of “MTU” may be modified as shown in figure 48 above.

4. Save the configured values.

 If Cable or VD SL is used, then select “2. Cable/VDSL Setup” from the “WAN

Setup”. If the DHCP server is operated, it is also established via “Cable/V D SL
Setup”. An ISP controls access to the network from clients based on the
client’s MAC Address. If it is needed, then the MAC clone function should b e
utilized to access the network.

User’s Manual 53/73
Ver. [E.1.1]

Figure 49 Cable/ VDSL Setup

(1) Select “MAC Address” and change the Mac address.

Figure 50 MAC Address

(2) If the previous MAC Address needs to be restored, then select

“Restore MAC Address”.

User’s Manual 54/73
Ver. [E.1.1]

 If the s tatic IP address is used, then select “3. Static Setup” from the “WAN

Setup”.

Figure 51 Static Setup

Input IP Address, NetMask, GateWay Address, and D NS Server IP which

(1)

are assigned to the DosaLink – 540.

13.5. Server

This is for setting the DHCP Server. The basic settings in this menu are the DHCP
Server Enable and DHCP RELAY AGENT Disable. Both the DHCP Sever and DHCP
RELAY AGENT are not to be set to “Enable” at the same time.

User’s Manual 55/73
Ver. [E.1.1]

Figure 52 Server Setup

(1) 1. DHCP Server Setup: Configure the DHCP Server.

Figure 53 DHCP Server Setup

(1) DHCP: Select to use the DHCP Server.
(2) Start Addr and End Addr: Specify the assigned range of IP for the DHCP

Server.

User’s Manual 56/73
Ver. [E.1.1]

(3) DNS Server: Configure DHCP Server

 The default is “Proxy” so that AP is operated as Proxy Server.

(4) DNS Addr1 and DNS Addr2: If the configuration of DNS Server is not Proxy,

then IP address should be input to DNS Server.

(5) DHCP Client Table: The registered information of DHCP Client Table may

be confirmed.

(2) 2. DHCP Relay Setup: Configure DHCP Relay Agent.

Figure 54 DHCP Relay Setup

(1) DHCP Relay: Select either “enable” or “disable”.
(2) DHCP Server: Input the IP address that connects to the WAN port of

DosaLink – 540.

* In case of selection of DHCP Relay, the “DHCP” of “DHCP Server” must be set

“Disable”.

13.6. Access Control

This is for setting the Firewall by using IP Filtering function.

User’s Manual 57/73
Ver. [E.1.1]

Figure 55 Access Control Setup

1) Host Name: Arbitrary Name (No space).

2) Policy: Select among Input/ Output/ Forward

3) Protocol: Select the specific protocols, for example TCP/UDP, to be

controlled. If it is configured to “All”, then all protocols are controlled.

4) Set the range for Source and Destination IP regis tration information, Net
Mask, Port of Input, Output, and Forward in the “Policy”.

 Source IP: 0.0.0.0 for every available IPs.
 Src NetMask: 0.0.0.0
 Src Start Port and Src End Port: The specified ranges for Port

can be assigned. If no address is input, then it is for all Ports.

 Destination IP: Is for WAN IP of AP.
 Dest NetMask: May not need any input.
 Dest Start Port and Dest End Port: May not need any input.

5) Print: Allows user to confirm and delete the information that is configured.

13.7. Port Forwarding

Configure the DMZ to the specific PC and the Port Forwarding to the specific Port.

User’s Manual 58/73
Ver. [E.1.1]

Figure 56 Port Forwarding Setup

1) DMZ Setup

Figure 57 DMZ Setup

(1) DMZ: Select either “enable” or “disable”.
(2) IP Address: Input the IP address of the user’s PC to be configured.

User’s Manual 59/73
Ver. [E.1.1]

2) Port Forward

Figure 58 Port Forward Setup window

(1) Host Name: Choose the name arbitrarily.
(2) Protocol: Can be set to TCP, UDP, or ALL.
(3) Dest Start Port/ Dest End Port: Set the range of the specific Port Number,

from the external.

(4) Internal IP: Input the IP address of PC to which the specific Port is

forwarding.

(5) Internal Start Port/ Internal Stop Port: Establish the range of Port Numbers

to be used by the PC that is set in (4).

(6) P: Confirm the information that is registered at the Port Forwarding Table.

13.8. Static Routing

User’s Manual 60/73
Ver. [E.1.1]

Figure 59 Static Routing Setup

1) Network Name: Set the “Network Name” arbitrarily.

2) Destination IP: Input the range of “Destination IP”, connecting to the intra

network.

3) Subnet Mask: Input “Subnet Mask”.

4) GateWay: Input the Gatway IP (WAN IP), as used in the intra network.

5) p: Confirm the registered configuration at the Static Routing Table.

13.9. Wireless Setup

This section outlines how to set the wireless configuration for the DosaLink – 540.

User’s Manual 61/73
Ver. [E.1.1]

Figure 60 Wireless Setup

1. Primary Setup: Set to the basic configuration for WLAN such as SSID, Channel,
WEP Key, nESA Key, etc.

2. Advanced Setup: Set to the advanced configuration for WLAN such as Tx Power,
Rate, Threshold values, etc.

3. WDS: Set to the communication path between one DosaLink – 540 and another
DosaLink – 540 via WDS configuration.

4. MAC Filtering: Can be controlled to access the Dos aLink – 540 based on the MAC
address of user’s PC.

5. 802.1x setup: Control access from user’s PC by associating with the Radius
Authentication Server.

6. VLAN Setup: Configure to cooperate with the wired network which VLAN is
structured.

13.9.1. Primary Setup

User’s Manual 62/73
Ver. [E.1.1]

Figure 61 Primary Setup

1. AP Name: For naming the DosaLink – 540. User can select any name that will be
easy to manage.

2. Operation Mode: Is for defining the application of DosaLink – 540. If the DosaLink –
540 is used as AP, then select AP. If the DosaLink – 540 is used for the Wireless
Bridge such as the Point-to-Point (PtP) and Point-to-MultiPoint (PMP), then select
either “Wireless Bridge (Master)” or “Wireless Bridge (Slave)”. If it is connected to the
Internet or upper layer network, then select “Wireless Bridge (Master)”. If it is
connected to the wireless master bridge for relaying the network, then select
“Wireless Bridge (Slave)”. In the case of the Wireless Bridge, the WDS should be
enabled and the MAC Addresses of DosaLink – 540 should be connected and
registered in the Menu of “WDS”. Thus, the client adapters can not connected to the
DosaLink – 540 that is set to “Wireless Bridge”.

3. Country Code: This can not be modified from what is set in the DosaLink – 540.
Each country’s frequency is different.

4. Wireless Mode: IEEE 802.11 Standards are selected in this menu – “Wireless Mode
Selection”. For instance, if “1” is selected, then 802.11g users only connec t. In case
of selecting “0”, since the us ers of 802.11b are able to connect, it may cause a slow
transmission speed for the users of 802.11g. If “2” is selected, then 802.11a users
only connect.

5. SSID: Is a 32 byte character unique identifier at tached to the header o f pa ckets sent
over a WLAN. The “SSID” between the DosaLink – 540 and the user’s PC sho uld be
the same. It should use the alphabet or the number. When using the alphabet, it
should be distinguished between the lower and upper case.

6. Channel Select: The “Channel Select” menu is for channel selection methods of the
DosaLink – 540. The DosaLink – 540 supports the selection of either “Manual” or

User’s Manual 63/73
Ver. [E.1.1]

“Auto” for the method of channel selection. When “Manual” is selected, the channel
in 7 Channel Number is set. When “Auto” is selected, the channel that has good
signal strength and receives sensitivity is selected automatically from all possible
channels. In the case of selecting “Auto” of 802.11a standard, if the chosen channel
in 7 Channel Number is one of the channels of 802.11a, then it can be selected
automatically among the possible channels of 802.11a.

7. Channel Number: The “Channel Number” is only available when the “Channel
Select” is set to “Manual”. The Channel 6 is the Factory Default value.

8. WEP Key Setup: If the WEP, an encryption to pro tect the da ta over the wireless are a,
is selected “Enable”, then the user’s PC to connect to the DosaLink – 540 should
also be set to WEP with the same information.

Figure 62 WEP Key Setup

(1) WEP Use: Select either “enable” or “disable”.
(2) WEP Key Length: When the WEP is selected “enable” in “WEP Use”, the

user can select the key length of WEP from the following Table. (The
encryption key can be made of numbers (0 ~ 9) and the alphabet (A ~ Z)).

Key Length

ASII HEX

64 bits 5 Char. 13 Char.

128 bits 10 Char. 26 Char.

(3) Authentication Type: There are three different types of authentication of the

wireless device.

Number Code

User’s Manual 64/73
Ver. [E.1.1]

 “Open System”: All users’ PCs with corresponding channel information,

are able to connect to the DosaLink – 540.

 “Shared Key System”: Only users’ PCs with corresponding channel

information and WEP key can connect to the DosaLink – 540.

 “Both System”: Is controlled automatically. All wireless equipment should

use the same authentication method.

 The basic setting is “Open System”.
(4) There are 4 keys for the WEP.
(5) The stored WEP key should be selected.

13.9.2. Advanced Setup

Figure 63 Wireless Advance Setup

(1) Tx Power Control: The transmitting power of the system can be controlled in this

menu, “Tx Power Control”. There are 4 different settings – “AUTO, 100%, 70% and
50%”.

(2) Tx Rate Control: The transmitting data rate can be controlled at 1 ~ 54 Mbps and

AUTO.

(3) Fragmentation Threshold: The permissible packet size over wireless medium is

defined. The packet size of 2346 is recommended. If the fragmentation packet error
rate is high, a fragmentation threshold between 256 and 2346 can be controlled
gradually. If the “Fragmentation Threshold” is established too low, then the
communication performance may be poor.

(4) RTS Threshold: The frame size is set in this menu – “RTS Threshold”. There are

two signals (Request-to-send (RTS) and Clear-to-send (CTS)) to control the WLAN

User’s Manual 65/73
Ver. [E.1.1]

communication. The recommended value is 2437. If the communication flow is not
smooth, then use this menu control to set the “RTS Threshold” between 0 and 2437.

(5) Beacon Period: The “Beacon Period” controls the interval of Beacon Frame that is

periodically generated from the DosaLink – 540. The default value of 100 is
recommended.

(6) DTIM Interval: The number of Beacon Interval in the DTIM is defined. It can be set

to between 1 and 255.

13.9.3. WDS

Figure 64 WDS Setup

(1) WDS Use: Select for use of the WDS. If the “Wireless Bridge (Master or Slave)” is

selected in the “Wireless Setup”, then it should also activate the WDS.

(2) Mac Address: The “MAC Address 1 ~ 6” is for the MAC Address of the DosaLink –

540, which may be connected by the DosaLink – 540 that is activated for WDS or
Wireless Bridge (Master or Slave).

13.9.4. MAC Filtering

User’s Manual 66/73
Ver. [E.1.1]

Figure 65 MAC Filtering Setup

(1) MAC Filtering: The access con trol of DosaLink – 540 based o n the MAC address of

the user’s PC is established in this menu.

 Disable: Do not use MAC Filtering
 Accept: The user’s PCs whose MAC addresses are listed in the MAC

Filtering Table are able to access the DosaLink – 540.

 Deny: The user’s PCs whose MAC addresses are listed in the MAC Filtering

Table are not able to access the DosaLink – 540.

(2) MAC Address: The new MAC address that is regis tered to the MAC Filtering Table is

set in this “MAC Address” menu.

(3) p: The registered MAC addresses can be confirmed.

13.9.5. 802.1x

User’s Manual 67/73
Ver. [E.1.1]

Figure 66 802.1x Setup

1. 802.1x: Select either “enable” or “disable” for the use of 802.1x authentication
function.

2. Authen Server: Input an IP address of the Authentication server.

3. Authen Port: The Port number that is a ssociated with the Authentication Server
should be input. The default value is 1812.

4. Authen Share: The “Shared Secret” is a text string that serves as a passwo rd,
registered at the authentication server. It must be the same “Shared Secret”
between the authentication server and the DosaLink – 540.

5. Account Server: Input an IP address of the accounting server.

6. Account Port: The Port number that is associated with the accounting server
should be input. The default value is 1813.

7. Account Share: The “Shared Secre t” is a text string that serves as a password,
registered at the accounting server. It must be the same “Shared Secret”
between the accounting server and the DosaLink – 540.

8. Retry Interval: The “Retry Interval” time is the amount of time after failing to
authenticate from the first authentication server that a connection to the second
authentication server is established in the event of using a couple of
authentication servers.

9. Acct Interval: Set to the time interval from failing to au thenticate to requesting to
reauthenticate.

10. Web Redir: Select to use the Web Redirection function.

11. Web Redir IP: Input the IP address of the Web site that is to be connected
automatically when IEEE 802.1x authentication is failed.

User’s Manual 68/73
Ver. [E.1.1]

 When the function of Web Redirection is activated, the message for re-

booting the DosaLink – 540 appears. Then, click “OK” to reboot the
DosaLink – 540. After this, the function of Web Redirection can be used.

13.9.6. nESA Key Setup

Figure 67 nESA Key Setup

1. TYPE: Set the Key for operating the nESA. The Key consists of 256 bits and uses a
Hexadecimal number.

 Disable: The nESA is not used.
 Default Key: It means the Factory Default. It is not necessary for the user to

input the key.

 User Key: The user should input 64 Hex numbers for the nESA key into “User

Key” or “Passphrase”.

 LinkAuthentica: This selection, the nESA Key Management System, is for the

enterprise customers.

2. KEY: If “User” or “Passphrase” is selected in the “TYPE”, then the user should input
the key value manually.

13.9.7. VLAN

1. VLAN: Select to use the VLAN.

User’s Manual 69/73
Ver. [E.1.1]

2. Unauthentication VLAN ID: Set the unauthentication client’s VLAN ID value (2 ~

4095).

3. Authentication VLAN ID: Set the authentication client’s VLAN ID value (2 ~ 4095).

Figure 68 VLAN Setup

13.9.8. WPA/ WPA2

1. WPA USE: Select either “enable” or “disable”.

2. WPA AUTH TYPE: Select to use either WPA-PSK or WPA-EAP when the
WPA is enabled.

3. WPA RADIUS IP: If the WPA-EAP is selected, then the Radius Server’s IP
address is input.

4. WPA RADIUS PORT: If the WPA-EAP is selected, then the Radius Server
Port is assigned.

5. WPA RADIUS SECRET: If the WPA-EAP is selected, then the Radius
Server’s Shared Secret is input.

6. WPA CIPHER SUITE: Select to use either “AES” or “TKIP”.

7. WPA KEY FORMAT: Select to use either “Passphrase” or “Hexa” in the “Pre­Shared Key Format” if the WPA-PSK is selected.

8. WPA PRE-SHARED KEY: Input the keys as set in “WPA KEY FORMAT”.

 Input 8 – 63 characters if the “Passphrase” is selected.
 Input 64 chracters if the “Hexa” is selected.

User’s Manual 70/73
Ver. [E.1.1]

9. RSN/WPA2 USE: Select to use WPA2.

Figure 69 WPA/ WPA2 Setup

(a) RSN AUTH TYPE: This is the same as 2.
(b) RSN PREAUTH: Select to use of this function.
(c) RSN PREAUTH LIFE TIME: Establish the “Preauth Life Time”.
(d) RSN RADIUS IP: If the WPA-EAP is selected, then the Radius Server’s IP

address is input.

(e) RSN RADIUS PORT: If the WPA-EAP is selected, then the Radius Server’s

Port is input.

(f) RSN RADIUS SECRET: If the WPA-EAP is selected, then the Radius

Server’s Shared Secret is input.
(g) RSN CIPHER SUITE: Sele ct to use either “AES” or “TKIP”.
(h) RSN KEY FORMAT: Se lect to use either “Passphrase” or “H exa” in the “Pre-

Shared Key Format” if the WPA2-PSK is selected.
(i) RSN PRE-SHARED KEY: If the WPA2-PSK is selected, then input the Pre-

Shared Key.
(j) REKEY TIME: Establish the Rekey Time.
(k) REKEY PACKETS: Set the Rekey Packets.
(l) REAUTH TIME: Set the Reauth Time.

User’s Manual 71/73
Ver. [E.1.1]

Appendix I: Abbreviations and Acronyms

ADSL Asymmetric Digital Subscriber Line
AES Advanced Encryption Standard
AP Access Point
CTS Clear-to-send
DHCP Dynamic Host Configuration Protocol
DMZ Demilitarized Zone
DTIM Delivery Traffic Indication Message
EAP Extensible Authentication Protocol
IP Internet Protocol
ISP Intenet Service Provider
LAN Local Area Network
MAC Media Access Control
MD5 Message-Digest algorithm 5
MDIX Medium Dependent Interface Crossover
NAT Network Address Translation

TM

nESA
OS Operating System
PMP Point-to-MultiPoint
PPPoE Point-to-Point Protocol over Ethernet
PSK Pre-Shared Key
PtP Point-to-Point
RTS Request-to-send
SNMP Simple Network Management Protocol
SSID Service Set Identifier
SSL Secure Socket Layer
TCP Transmission Control Protocol
TKIP Temporal Key Integrity Protocol
TLS Transport Layer Security
TTLS Tunneled Transport Layer Security

nDosa Enhanced Security Algorithm

UDP User Datagram Protocol
VLAN Virtual Local Area Network
VPN Virtual Private Network
WAN Wide Area Network

User’s Manual 72/73
Ver. [E.1.1]

WDS Wireless Distribution System
WEP Wired Equivalent Privacy
WLAN Wireless Local Area Network
WPA Wi-Fi Protected Access

User’s Manual 73/73
Ver. [E.1.1]