Billion Electric Company BiPAC 7404VGOX, BiPAC 7404VGPX User Manual

Download

BiPAC 7404V(G)OX

BiPAC 7404V(G)PX

3G/VoIP/(802.11g) ADSL2+ (VPN)

Firewall Router

User Manual

Version release 5.53.s5.rc3

Last Revised Date 23-10-2008

Table of Contents

Chapter 1: Introduction ..................................................................... 1

Introduction to your Router ..................................................................1

Features ............................................................................................1

Chapter 2: Installing the Router .......................................................5

Important note for using this router .................................................... 5

Package Contents .................................................................................5

The Front LEDs. ................................................................................6

The Rear Ports ...................................................................................7

Cabling ................................................................................................8

Chapter 3: Basic Installation ...........................................................9

Connecting Your Router .....................................................................10

Network Conguration ........................................................................ 11

Factory Default Settings ..................................................................17

Information from your ISP ............................................................18

Conguring with your Web Browser .................................................19

Chapter 4: Conguration ...............................................................20

Status .....................................................................................................21

ADSL Status ......................................................................................21

3G Status ..........................................................................................21

ARP Table .........................................................................................22

DHCP Table .....................................................................................22

Routing Table ....................................................................................24

NAT Sessions ....................................................................................25

UPnP Portmap ..................................................................................25

PPTP Status ....................................................................................26

IPSec Status ..................................................................................... 27

L2TP Status .....................................................................................27

Email Status ...................................................................................... 28

VoIP Status .......................................................................................28

VoIP Call Log ....................................................................................28

Event Log .......................................................................................... 29

Error Log ...........................................................................................30

Diagnostic ......................................................................................... 30

Quick Start ............................................................................................31

Conguration ........................................................................................35

LAN - Local Area Network ................................................................. 36

Bridge Interface ................................................................................ 36

Ethernet ..........................................................................................37

IP Alias ...........................................................................................37

Ethernet Client Filter ..........................................................................38

Wireless ..........................................................................................40

Wireless Security ..............................................................................42

Wireless Client / MAC Address Filter ....................................................45

WPS ...............................................................................................46

Port Setting ....................................................................................47

DHCP Server .................................................................................. 48

WAN - Wide Area Network ................................................................49

WAN Interface ..................................................................................49

WAN Prole .....................................................................................51

ADSL Mode .....................................................................................61

System ..............................................................................................62

Time Zone ....................................................................................... 62

Remote Access .................................................................................63

Firmware Upgrade ............................................................................63

Backup / Restore ..............................................................................64

Restart Router ..................................................................................65

User Management .............................................................................66

Firewall and Access Control .............................................................. 68

General Settings ............................................................................... 69

Packet Filter ..................................................................................... 70

Intrusion Detection ............................................................................78

URL Filter ........................................................................................81

IM / P2P Blocking ..............................................................................84

Firewall Log .....................................................................................85

VPN - Virtual Private Networks (Only available for BiPAC 7404V(G)OX) 86

PPTP (Point-to-Point Tunneling Protocol) .............................................. 86

IPSec (IP Security Protocol) ................................................................95

L2TP (Layer Two Tunneling Protocol) .................................................104

VoIP - Voice over Internet Protocol ................................................. 116

SIP Device Parameters ................................................................... 117

SIP Accounts .................................................................................120

Phone Port ....................................................................................121

PSTN Dial Plan (Router with LINE port only) ........................................123

VoIP Dial Plan ...............................................................................127

Call Feature ..................................................................................130

Speed Dial .....................................................................................130

Ring & Tone ...................................................................................131

QoS - Quality of Service..................................................................133

Prioritization ..................................................................................133

Outbound IP Throttling (LAN to WAN) ................................................. 134

Inbound IP Throttling (WAN to LAN) ...................................................136

Virtual Server (known as Port Forwarding) .....................................142

Add Virtual Server ...........................................................................143

Edit DMZ Host ................................................................................145

Edit One-to-One NAT (Network Address Translation) ............................. 146

Time Schedule ................................................................................149

Advanced ........................................................................................ 152

Static Route ..................................................................................152

Dynamic DNS .................................................................................153

Check Email ...................................................................................154

Device Management .......................................................................155

IGMP ............................................................................................ 158

VLAN Bridge ..................................................................................158

Logout .................................................................................................. 159

Chapter 5: Troubleshooting ..........................................................160

Appendix: Product Support & Contact ........................................ 162

Chapter 1: Introduction

Introduction to your Router

Welcome to the 3G/VoIP/ (802.11g) ADSL2+(VPN) Firewall Router. The router is an “all-in-one”

ADSL router, combining an ADSL modem, ADSL router and Ethernet network switch functionalities, providing everything you need to get the machines on your network connected to the Internet over

your ADSL broadband connection. With features such as an ADSL Quick-Start wizard and DHCP Server, you can be online in no time at all and with a minimum of fuss and conguration, catering for rst-time users to the guru requiring advanced features and control over their Internet connection

and network.

Features

Express Internet Access

The router complies with ADSL worldwide standards. It supports downstream rate up to 12/24 Mbps with ADSL2/2+, 8Mbps with ADSL. Users enjoy not only high-speed ADSL services but also

broadband multimedia applications such as interactive gaming, video streaming and real-time

audio much easier and faster than ever. It is compliant with Multi-Mode standard (ANSI T1.413,

Issue 2; G.dmt (ITU G.992.1); G.lite (ITU G.992.2); G.hs (ITU G994.1); G.dmt.bis (ITU G.992.3); G.dmt.bis.plus (ITU G.992.5)).

3G-based Internet connection (requires an additional 3G USB modem), with automatic fail-over

to ensure an always-on Internet connection in the event that one of your Internet services fails.

Secure WLAN setup is simplied by the web browser-based conguration for easy access to the

Internet wherever a 3G connection is available - whether you're seated at your desk or taking a cross-country train trip.

802.11g Wireless AP with WPA Support (Wireless Router only)

With integrated 802.11g Wireless Access Point in the router, the device offers a quick and easy

access among wired network, wireless network and broadband connection (ADSL) with single

device simplicity, and as a result, mobility to the users. In addition to 54 Mbps 802.11g data rate, it also interoperates backward with existing 802.11b equipment. The Wireless Protected Access (WPA-PSK and WPA2-PSK) and Wireless Encryption Protocol (WEP) supported features enhance the security level of data protection and access control via Wireless LAN.

Fast Ethernet Switch

A 4-port 10/100Mbps fast Ethernet switch is built in with automatic switching between MDI and MDI-X for 10Base-T and 100Base-TX ports. An Ethernet straight or crossover cable can be used

directly for auto detection.

Multi-Protocol to Establish a Connection

It supports PPPoA (RFC 2364 - PPP over ATM Adaptation Layer 5), RFC 1483 encapsulation overATM (bridged or routed), PPP over Ethernet (RFC 2516), and IPoA (RFC1577) to establish a

connection with the ISP. The product also supports VC-based and LLC-based multiplexing.

Quick Installation Wizard

It supports a WEB GUI page to install this device quickly. With this wizard, end users can enter the information easily which they get from their ISP, then surf the Internet immediately.

Universal Plug and Play (UPnP) and UPnP NAT Traversal

This protocol is used to enable simple and robust connectivity among stand-alone devices and PCs from many different vendors. It makes network simple and affordable for users. UPnP

architecture leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices. With this feature enabled, users can now connect to Net meeting or MSN Messenger seamlessly.

Network Address Translation (NAT)

Allows multi-users to access outside resources such as the Internet simultaneously with one IP

address/one Internet access account. Many application layer gateway (ALG) are supported such as web browser, ICQ, FTP, Telnet, E-mail, News, Net2phone, Ping, NetMeeting, IP phone and

others.

SOHO Firewall Security with DoS and SPI

Along with the built-in NAT natural rewall feature, the router also provides advanced hacker pattern-ltering protection. It can automatically detect and block Denial of Service (DoS) attacks.

The router is built with Stateful Packet Inspection (SPI) to determine if a data packet is allowed through the rewall to the private LAN.

Domain Name System (DNS) Relay

It provides an easy way to map the domain name (a friendly name for users such as www.yahoo.

com) and IP address. When a local machine sets its DNS server with this router’s IP address, every DNS conversion request packet from the PC to this router will be forwarded to the real DNS

in the outside network.

Dynamic Domain Name System (DDNS)

The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname. This

dynamic IP address is the WAN IP address. For example, to use the service, you must rst apply for an account from a DDNS service like http://www.dyndns.org/. More than 5 DDNS servers are

supported.

Quality of Service (QoS)

QoS gives you full control over which types of outgoing data trafc should be given priority by

the router, ensuring important data like gaming packets, customer information, or management information move through the router ay lightning speed, even under heavy load. The QoS features

are congurable by source IP address, destination IP address, protocol, and port. You can throttle

the speed at which different types of outgoing data pass through the router, to ensure P2P users don’t saturate upload bandwidth, or ofce browsing doesn’t bring client web serving to a halt. In addition, or alternatively, you can simply change the priority of different types of upload data and let the router sort out the actual speeds.

Virtual Server (“port forwarding”)

Users can specify some services to be visible from outside users. The router can detect incoming

service requests and forward either a single port or a range of ports to the specic local computer to handle it. For example, a user can assign a PC in the LAN acting as a WEB server inside and

expose it to the outside network. Outside users can browse inside web servers directly while it is

protected by NAT. A DMZ host setting is also provided to a local computer exposed to the outside

network, Internet.

Rich Packet Filtering

Not only lters the packet based on IP address, but also based on Port numbers. It will filter packets from and to the Internet, and also provides a higher level of security control.

Dynamic Host Conguration Protocol (DHCP) Client and Server

In the WAN site, the DHCP client can get an IP address from the Internet Service Provider (ISP)

automatically. In the LAN site, the DHCP server can allocate a range of client IP addresses and distribute them including IP address, subnet mask as well as DNS IP address to local computers. It provides an easy way to manage the local IP network.

Static and RIP1/2 Routing

It has routing capability and supports easy static routing table or RIP1/2 routing protocol.

Simple Network Management Protocol (SNMP)

It is an easy way to remotely manage the router via SNMP.

Web based GUI

It supports web based GUI for conguration and management. It is user-friendly and comes with on-line help. It also supports remote management capability for remote users to congure and

manage this product.

Firmware Upgradeable

Device can be upgraded to the latest rmware through the WEB based GUI.

Rich Management Interfaces

It supports exible management interfaces with local console port, LAN port, and WAN port. Users can use terminal applications through the console port to congure and manage the device, or Telnet, WEB GUI, and SNMP through LAN or WAN ports to congure and manage the device.

Virtual Private Network (VPN) (BiPAC 7404V(G)OX only)

It allows user to make a tunnel with a remote site directly to secure the data transmission among

the connection. User can use embedded PPTP and L2TP client/server, IKE and IPSec which are

supported by this router to make a VPN connection or users can run the PPTP client in PC and the router already provides IPSec and PPTP pass through function to establish a VPN connection if the user likes to run the PPTP client in his local computer.

Chapter 2: Installing the Router

Important note for using this router

Package Contents

3G/VoIP/(802.11g) ADSL2+ (VPN) Firewall Router

CD-ROM containing the online manual

RJ-11 ADSL/telephone Cable

Ethernet (CAT-5) Cable

Console kit

Power adapter

A detachable antenna

Quick Start Guide

The Front LEDs.

LED Meaning

1 Power

Ethernet Port

1X — 4X

(RJ-45 connector)

3 USB

4 Wireless

Phone 1x-2x

(RJ-11 connector) Line

(Router with LINE port only)

VoIP 1x-2x

(RJ-11 connector)

Lit when power is ON. Lit red means system failure. Restart the device

or contact Billion for support.

Lit when one of LAN ports is connected to an Ethernet device.

Lit green when the speed of transmission hits 100Mbps; Lit orange when the speed of transmission hits 10Mbps.

Blink when data is being Transmitted / Received.

Lit when the router is connected to a USB device. Flash when data is received / transmitted.

Lit green when a wireless connection is established.

Flash when the device is sending/receiving data.

Lit green when phone is off hook.

Lit when the inbound and outbound calls are transmitted through PSTN.

After SIP registration is OK, the LED will lit green whenever phone 1

is off hook but will lit orange for phone 2.

Note: Orange light also means when both Phone 1 and 2 are registered OK at the same time.

8 DSL

9 Internet

Lit Green when the device is successfully connected to an ADSL

DSLAM. (“line sync”).

Lit red when WAN port fails to get IP address. Lit green when WAN port gets IP address successfully.

The Rear Ports

Port Meaning

Antenna

(Wireless Router only)

2 DSL

Line

(Router with LINE port only)

Phone

1X-2X (RJ-11 connector)

5 USB Connect the USB cable to this port.

Ethernet

1X — 4X

(RJ-45 connector)

7 WPS Push WPS button to trigger Wi-Fi Protected Setup function.

8 RESET

Connect the detachable antenna to this port.

Connect this port to the ADSL/telephone network with the RJ- 11 cable (telephone) provided.

Connect this port to the telephone jack on the wall with RJ-11 cable.

Connect this port to an analog phone set with RJ-11 cable.

Connect a UTP Ethernet cable (Cat-5 or Cat-5e) to one of

the LAN ports when connecting to a PC or an ofce/home network of 10Mbps or 100Mbps.

Caution: Port 4 can be either a LAN or Console port at a time but not both.

To be sure the device is being turned on press RESET button for:

1-3 seconds: quick reset the device.

6 seconds and above, power off, power on the device: restore to factory default settings. (Cannot login to the router or forgot your Username/Password. Press the button for more than 6 seconds).

Caution: After pressing the RESET button for more than 6 seconds, to be sure you power cycle the device again.

9 Power Connect it with the supplied power adapter.

10 Power Switch Power ON/OFF switch

Cabling

One of the most common causes of problem is bad cabling or ADSL line(s). Make sure that all connected devices are turned on. On the front panel of your router is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit. If they are not, verify if you are using the proper cables.

Make sure that all devices (e.g. telephones, fax machines, analogue modems) connected to the same telephone line as your router have a line lter connected between them and the wall outlet (unless

you are using a Central Splitter or Central Filter installed by a qualied and licensed electrician), and that all line lters are correctly installed in a right way. If line lter is not installed and connected properly, it may cause problem to your ADSL connection or may result in frequent disconnections.

Chapter 3: Basic Installation

The router can be congured through your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me/Vista,

etc. The product provides an easy and user-friendly interface for conguration.

Please check your PC network components. The TCP/IP protocol stack and Ethernet network

adapter must be installed. If not, please refer to your Windows-related or other operating system

manuals.

There are ways to connect the router, either through an external repeater hub or connect directly to your PCs. However, make sure that your PCs have an Ethernet interface installed properly prior to connecting the router device. You ought to congure your PCs to obtain an IP address through

a DHCP server or a xed IP address that must be in the same subnet as the router. The default IP

address of the router is 192.168.1.254 and the subnet mask is 255.255.255.0 (i.e. any attached PC must be in the same subnet, and have an IP address in the range of 192.168.1.1 to 192.168.1.253).

The best and easiest way is to congure the PC to get an IP address automatically from the router

using DHCP. If you encounter any problem accessing the router web interface it is advisable to

uninstall your rewall program on your PCs, as they can cause problems accessing the IP address

of the router. Users should make their own decisions on what is best to protect their network.

Please follow the following steps to congure your PC network environment.

Connecting Your Router

Connect this router to a 1. LAN (Local Area Network) and the ADSL/telephone (ADSL) net

work.

Power on the device.2.

Make sure the 3. Power LED lit steadily and that the LAN LED is lit.

Connect your router to the telephone jack on the wall with RJ-11 cable.4.

Connect the USB 2.0 cable.5.

Network Conguration

Conguring PC in Windows Vista

Go to Start. Click on Network.1.

Then click on Network and Sharing 2. Center at the top bar.

When the Network and Sharing 3. Center window pops up, select and click on Manage network connections on the left window column.

Select the Local Area Connection, 4. and right click the icon to select Properties.

Select Internet Protocol Version 4 5.

(TCP/IPv4) then click Properties.

In the TCP/IPv4 properties window, 6.

select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons. Then click OK to exit the setting.

Click OK again in the Local Area 7. Connection Properties window to

apply the new conguration.

Conguring PC in Windows XP

Go to Start > Control Panel (in Classic 1. View). In the Control Panel, double-click on Network Connections

Double-click Local Area Connection.2.

In the Local Area Connection Status 3. window, click Properties.

Select Internet Protocol (TCP/IP) and 4. click Properties.

Select the Obtain an IP address auto-5. matically and the Obtain DNS server address automatically radio buttons.

Click OK to nish the conguration.6.

Conguring PC in Windows 2000

Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on Network and Dial-up Connections.

Double-click Local Area Connection.2.

In the Local Area Connection Status 3. window click Properties.

Select Internet Protocol (TCP/IP) and 4. click Properties.

Select the Obtain an IP address auto-5. matically and the Obtain DNS server address automatically radio buttons.

Click OK to nish the conguration.6.

Conguring PC in Windows 95/98/Me

Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on

Network and choose the Conguration

tab.

Select TCP/IP > NE2000 Compatible, 2. or the name of your Network Interface Card (NIC) in your PC.

Select the Obtain an IP address auto-3. matically radio button.

Then select the DNS Congurationtab.4.

Select the Disable DNS radio button 5.

and click OK to nish the conguration.

Conguring PC in Windows NT4.0

Go to Start > Settings > Control Panel. 1. In the Control Panel, double-click on Network and choose the Protocols tab.

Select TCP/IP Protocol and click Prop-2. erties.

Select the Obtain an IP address from 3. a DHCP server radio button and click

OK.

Factory Default Settings

Before conguring your router, you need to know the following default settings.

Web Interface (Username and Password)

Username: admin Password: admin

The default username and password are “admin” and “admin” respectively.

Device LAN IP settings

IP Address: 192.168.1.254

Subnet Mask: 255.255.255.0

ISP setting in WAN site

PPPoE

DHCP server

DHCP server is enabled. Start IP Address: 192.168.1.100

IP pool counts: 100

LAN and WAN Port Addresses

The parameters of LAN and WAN ports are pre-set in the factory. The default values are shown in

the tale.

LAN Port WAN Port

IP address 192.168.1.254 Subnet Mask 255.255.255.0 DHCP server function Enabled

IP addresses for distribution to PCs

100 IP addresses continuing from 192.168.1.100 through

192.168.1.199

The PPPoE function is enabled to automatically get

the WAN port conguration

from the ISP.

Information from your ISP

Before conguring this device, you have to check with your ISP (Internet Service Provider) to nd

out what kind of service is provided such as DHCP (Obtain an IP Address Automatically, Static IP (Fixed IP Address) or PPPoE.

Gather the information as illustrated in the following table and keep it for reference.

VPI/VCI, VC / LLC-based multiplexing, Username, Password, Service

PPPoE(RFC2516)

PPPoA(RFC2684)

Name, and Domain Name System (DNS) IP address (it can be automatically assigned by your ISP when you connect or be set manually).

VPI/VCI, VC / LLC-based multiplexing, Username, Password and

Domain Name System (DNS) IP address (it can be automatically assigned by your ISP when you connect or be set manually).

MPoA(RFC1483/

RFC2684)

IPoA(RFC1577)

Pure Bridge VPI/VCI, VC / LLC-based multiplexing to use Bridged Mode.

VPI/VCI, VC / LLC-based multiplexing, IP address, Subnet mask,

Gateway address, and Domain Name System (DNS) IP address (it is a

xed IP address).

VPI/VCI, VC / LLC-based multiplexing, IP address, Subnet mask,

Gateway address, and Domain Name System (DNS) IP address (it is a

xed IP address).

Conguring with your Web Browser

Open your web browser, enter the IP address of your router, which by default is 192.168.1.254,

and click “Go”, a user name and password window prompt will appear. The default username and password are “admin” and “admin” respectively. (See Figure 3.14)

Figure 3.14: User name & Password Prompt Window

Congratulations! You are now successfully logon to the 3G/VoIP/(802.11g) ADSL2+ (VPN) Firewall Router!

Chapter 4: Conguration

At the conguration homepage, the left navigation column provides you the link to each conguration page. The category of each conguration page is listed as below.

Status

ADSL Table

3G Status

ARP Table

DHCP Table

Routing Table

NAT Sessions

UpnP Portmap

PPTP Status

IPSec Status

L2TP Status

Email Status

VoIP Status

VoIP Call Log

Event Log

Error Log

Diagnostic

Quick Start

Conguration

LAN

WAN

System Firewall VPN VoIP QoS Virtual Server Time Schedule Advanced

Language (provides user interface in English and French languages)

Status

ADSL Status

This section displays the ADSL overall status, which shows a number of helpful information such

as DSP rmware version.

3G Status

This section displays the 3G Card’s overall status, which shows you a number of helpful

information such as the current signal strength and statistics on current and total bytes transferred and received.

Status: The current status of the 3G card.

Signal Strength: The signal strength bar indicates current 3G signal strength.

Network Name: The network name that the device is connected to.

Card Name: The name of the 3G card.

Card Firmware: The current rmware for the 3G card.

Current TX Bytes / Packets: The statistics of transmission, count for this call.

Current RX Bytes / Packets: The statistics of receive, count for this call.

Total TX Bytes / Packets: The statistics of transmission, count from system ready

Total RX Bytes / Packets: The statistics of receive, count from system ready

ARP Table

This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Firewall – MAC Address Filter function. See the Firewall section of this manual for more information on this

feature.

IP Address: A list of IP addresses of devices on your LAN (Local Area Network).

MAC Address: The MAC (Media Access Control) addresses for each device on your LAN.

Interface: The interface name (on the router) that this IP Address connects to.

Static: Static status of the ARP table entry:

“no” for dynamically-generated ARP table entries.

“yes” for static ARP table entries added by the user.

DHCP Table

Leased: The DHCP assigned IP addresses information.

Expired: The expired IP addresses information.

Permanent: The xed host mapping information.

Leased Table

IP Address: The IP address that assigned to client.

MAC Address: The MAC address of client.

Client Host Name: The Host Name (Computer Name) of client.

Expiry: The current lease time of client.

Routing Table

Valid: It indicates a successful routing status.

Destination: The IP address of the destination network.

Netmask: The destination Netmask address.

Gateway/Interface: The IP address of the gateway or existing interface that this route will use.

Cost: The number of hops counted as the cost of the route.

RIP Routing Table

Destination: The IP address of the destination network.

Netmask: The destination Netmask address.

Gateway: The IP address of the gateway that this route will use.

Cost: The number of hops counted as the cost of the route.

NAT Sessions

This section lists all current NAT sessions between interface of types external (WAN) and internal

(LAN).

UPnP Portmap

The section lists all port-mapping established using UPnP (Universal Plug and Play. See Advanced

section of this manual for more details on UPnP and the router’s UPnP conguration options.

PPTP Status

This shows details of your congured PPTP VPN Connections.

Name: The name you assigned to the particular PPTP connection in your VPN conguration.

Type: The type of connection (dial-in/dial-out).

Enable: Whether the connection is currently enabled.

Active: Whether the connection is currently active.

Tunnel Connected: Whether the VPN Tunnel is currently connected.

Call Connected: If the Call for this VPN entry is currently connected.

Encryption: The encryption type used for this VPN connection.

IPSec Status

This shows details of your congured IPSec VPN Connections.

Name: The name you assigned to the particular VPN entry.

Active: Whether the VPN Connection is currently Active.

Connection State: Whether the VPN is Connected or Disconnected.

Statistics: Statistics for this VPN Connection.

Local Subnet: The local IP Address or Subnet used.

Remote Subnet: The Subnet of the remote site.

Remote Gateway: The Remote Gateway IP address.

SA: The Security Association for this VPN entry.

L2TP Status

This shows details of your congured L2TP VPN Connections.

Name: The name you assigned to the particular L2TP connection in your VPN conguration.

Type: The type of connection (dial-in/dial-out).

Enable: Whether the connection is currently enabled.

Active: Whether the connection is currently active.

Tunnel Connected: Whether the VPN Tunnel is currently connected.

Call Connected: If the Call for this VPN entry is currently connected.

Encryption: The encryption type used for this VPN connection.

Email Status

Details and status for the Email Account you have congured the router to check. Please see the

Advanced section of this manual for details on this function.

VoIP Status

VoIP Call Log

Event Log

This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Conguration – Firewall section of the interface.

Please see the Firewall section of this manual for more details on how to enable Firewall logging.

Error Log

Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window.

Diagnostic

It tests the connection to computer(s) which is connected to the LAN ports and also the WAN Internet connection. If PING www.google.com is shown FAIL and the rest is PASS, you ought to check your

PC’s DNS setting is correct.

Quick Start

Click Quick Start. Select the connect mode you want. There are 2 options to choose from: ADSL 1. or 3G. Select ADSL mode from the drop down menu and click Continue.

If your ADSL line is not ready, you need to check your ADSL line has been set or not.2.

If your ADSL line is ready, the screen appears ADSL Line is Ready. Choose Auto radio button 3.

and click Apply. It will automatically scan the recommended mode for you. Manually mode makes you to set the ADSL line by manual. (If you choose Manually, you will directly go to step

5.)

The list below has different mode applied for your choice. Choose 0/33/PPPoE(Recommended) 4. and click Apply.

Please enter “Username” and “Password” as supplied by your ISP(Internet Service Provider) 5. and click Apply to continue.

Pro le Port: Select the connection mode. There is ADSL.

Protocol: Select the protocol mode. The default mode is PPPoE.

VPI/VCI: Enter the VPI and VCI information provided by your ISP.

Username: Enter the username provided by your ISP.

Password: Enter the password provided by your ISP.

Service Name: This item is for identi cation purposes. If it is required, your ISP provides you the

information.

Authentication Protocol: Default is Auto. Your ISP advises on using Chap or Pap.

IP Address: Your WAN IP address. Leave this at 0.0.0.0 to obtain automatically an IP address

from your ISP.

Obtain DNS automatically: Click to activate DNS and to enable the system to automatically detect DNS.

Primary DNS / Secondary DNS: Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the netmask.

Congure the Wireless LAN setting.6.

WLAN Service: Default setting is set to Enable. If you want to use wireless, both 802.11g and

802.11b device in your network, you can select Enable.

ESSID: The ESSID is the unique name of a wireless access point (AP) to be distinguished from another. For security propose, change to a unique ID name to the AP which is already built-in to the router’s wireless interface. It is case sensitive and must not excess 32 characters. Make sure your wireless clients have exactly the ESSID as the device, in order to get connected to your network.

ESSID Broadcast: It is function in which transmits its ESSID to the air so that when wireless client searches for a network, router can then be discovered and recognized. Default setting is Enable.

Enable: When Enable is selected, you can allow anybody with a wireless client to be able to

locate the Access Point (AP) of your router.

Disable: Select Disable if you do not want broadcast your ESSID. When select Disable, no

one will be able to locate the Access Point (AP) of your router.

Regulation Domain: There are seven Regulation Domains for you to choose from, including North America (N.America), Europe, France, etc. The Channel ID will be different based on this setting.

Channel ID: Select the ID channel that you would like to use.

Security Mode: You can disable or enable with WPA or WEP for protecting wireless network. The

default mode of wireless security is Disable.

Set up VoIP. 7.

SIP: To use VoIP SIP as VoIP call signaling protocol. Default is set to Disable.

Region: This selection is a drop-down box, which allows user to select the country for which the

VoIP device must work. When a country is selected, the country parameters are automatically

loaded.

SIP Service Provider: This section allows you to select the service provider. When the selection

is done, respective parameters below are automatically displayed.

Phone Number: This parameter holds the registration ID of the user within the VoIP SIP registrar.

Username: If the username is same as the Phone Number, leave it blank. Otherwise, ll in the

space with your username given by your VoIP provider.

Password: This parameter holds the password used for authentication within VoIP SIP registrar.

Display Name: This parameter will be appeared on the Caller ID.

Wait for the conguration.8.

When ADSL is synchronic, it will appear “check”.9.

Conguration

When you click this item, the column will expand to display the sub-items that will allow you to further congure your ADSL router.

LAN, WAN, System, Firewall, VoIP, QoS, Virtual Server, Time Schedule and Advanced

The function of each conguration sub-item is described in the following sections.

LAN - Local Area Network

Here are the items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client

Filter, Wireless, Wireless Security, Wireless Client Filter, WPS, Port Setting and DHCP Server.

Bridge Interface

You can setup member ports for each VLAN group under Bridge Interface section. From the example,

two VLAN groups need to be created.

Ethernet: P1 (Port 1)

Ethernet1: P2, P3 and P4 (Port 2, 3, 4). Uncheck P2, P3, P4 from Ethernet VLAN port rst.

Note: You should setup each VLAN group with caution. Each Bridge Interface is arranged in this order.

Bridge Interface VLAN Port (Always starts with) ethernet P1 / P2 / P3 / P4 ethernet1 P2 / P3 / P4 ethernet2 P3 / P4 ethernet3 P4

Management Interface: To specify which VLAN group has possibility to do device management, like doing web management.

Note: NAT/NAPT can be applied to management interface only.

Ethernet

Primary IP Address

IP Address: The default IP on this router.

Subnet Mask: The default subnet mask on this router.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

IP Alias

This function creates multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote node. In this case, an internal router is not required.

IP Address: Specify an IP address on this virtual interface.

SubNetmask: Specify a subnet mask on this virtual interface.

Security Interface: Specify the rewall setting on this virtual interface.

Internal: The network is behind NAT. All trafc will do network address translation when sending

out to Internet if NAT is enabled.

External: There is no NAT on this IP interface and connected to the Internet directly. Mostly it will

be used when providing multiple public IP addresses by ISP. In this case, you can use public IP address in local network which gateway IP address point to the IP address on this interface.

DMZ: Specify this network to DMZ area. There is no NAT on this interface.

Ethernet Client Filter

The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage

your network control to accept trafc from specic authorized machines or can restrict unwanted

machine(s) to access your LAN.

There are no pre-dene Ethernet MAC address lter rules; you can add the lter rules to meet your requirements.

Ethernet Client Filter: Default setting is set Disable.

Allowed: check to authorize specic device accessing your LAN by insert the MAC Address

in the space provided or click the Candidate button. Make sure your PC’s MAC is listed.

Blocked: check to prevent unwanted device accessing your LAN by insert the MAC Address in the space provided or click the Candidate button. Make sure your PC’s MAC is not listed.

The maximum client is 16. The MAC addresses are 6 bytes long; they are presented only in

hexadecimal characters. The number 0 - 9 and letters a - f are acceptable.

Note: Follow the MAC Address Format xx:xx:xx:xx:xx:xx. Semicolon ( : ) must be included.

Candidates: automatically detects devices connected to the router through the Ethernet. .

Click the Candidate button to access the Active PC in LAN window.

Active PC in LAN: Active PC in LAN displays a list of individual Ethernet device’s IP Address &

MAC Address which connecting to the router.

You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table. The maximum Ethernet client is 16.

Wireless

Parameters

WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.11g

and 802.11b, device in your network, select Disable.

Mode: The default setting is 802.11b+g (Mixed mode). If you do not know or have both 11g and

11b devices in your network, then keep the default in mixed mode. From the drop-down manual, you can select 802.11g if you have only 11g card. If you have only 11b card, then select 802.11b.

ESSID: The ESSID is the unique name of a wireless access point (AP) to be distinguished from another. For security purpose, change the default wlan-ap to a unique ID name to the AP already built-in to the router’s wireless interface. It is case sensitive and must not excess 32 characters. Make sure your wireless clients have exactly the ESSID as the device, in order to get connected to your network.

Note: It is case sensitive and must not excess 32 characters.

ESSID Broadcast: It is function in which transmits its ESSID to the air so that when wireless client searches for a network, router can then be discovered and recognized. Default setting is

Enabled.

Disable: If you do not want broadcast your ESSID. Any client uses “any” wireless setting

cannot discover the Access Point (AP) of your router.

Enable: Any client that using the “any” setting can discover the Access Point (AP).

Regulation Domain: There are seven Regulation Domains for you to choose from, including

North America (N.America), Europe, France, etc. The Channel ID will be different based on this setting.

Channel ID: Select the wireless connection ID channel that you would like to use.

Note: Wireless performance may degrade if select ID channel is already being occupied by other AP(s).

TX PowerLevel: It is a function that enhances the wireless transmitting signal strength. User may adjust this power level from minimum 1 up to maximum 127.

Note: The Power Level maybe different in each access network user premises environment and choose the most suitable level for your network.

Connected: Representing in true or false. That it is the connection status between the system and the build-in wireless card.

AP MAC Address: It is a unique hardware address of the Access Point.

AP Firmware Version: The Access Point rmware version.

Wireless Distribution System (WDS)

It is a wireless access point mode that enables wireless link and communication with other access point. It is easy to be installed simply to dene peer’s MAC address of the connected AP. WDS takes advantages of cost saving and flexibility which no extra wireless client device is required to bridge between two access points and extending an existing wired or wireless infrastructure network to create a larger network. It can connect up to 4 wireless APs for extending cover range at the same time.

In addition, WDS enhances its link connection security in WEP mode, WEP key encryption must be the same for both access points.

WDS Service: The default setting is Disabled. Check Enable radio button to activate this function.

Peer WDS MAC Address:1. It is the associated AP’s MAC Address. It is important that your peer’s AP must include your MAC address in order to acknowledge and communicate with

each other.

Peer WDS MAC Address:2. It is the second associated AP’s MAC Address.

Peer WDS MAC Address:3. It is the third associated AP’s MAC Address.

Peer WDS MAC Address:4. It is the fourth associated AP’s MAC Address.

Note: For MAC Address, Semicolon ( : ) must be included.

Wireless Security

You can disable or enable with WPA or WEP for protecting wireless network.

The default mode of wireless security is disabled.

WPA-PSK / WPA2-PSK

Security Mode: You can disable or enable with WPA or WEP for protecting wireless network. The default mode of wireless security is Disable.

WPA Algorithms: There are two types of the WPA-PSK, WPA-PSK and WPA2-PSK. The WPA-

PSK adapts the TKIP (Temporal Key Integrity Protocol) encrypted algorithms, which incorporates Message Integrity Code (MIC) to provide protection against hackers. The WPA2-PSK adapts CCMP (Cipher Block Chaining Message Authentication Code Protocol) of the AES (Advanced

Encryption Security) algorithms.

WPA Shared Key: The key for network authentication. The input format is in character style and key size should be in the range between 8 and 63 characters.

Group Key Renewal: The period of renewal time for changing the security key automatically between wireless client and Access Point (AP). Default value is 600 seconds.

WEP

WEP Authentication: To prevent unauthorized wireless stations from accessing data transmitted

over the network, the router offers secure data encryption, known as WEP. If you require high

security for transmissions, there are two options to select from: Open System, Share key.

WEP Encryption: To prevent unauthorized wireless stations from accessing data transmitted over

the network, the router offers highly secure data encryption, known as WEP. If you require high security for transmissions, there are two alternatives to select from: WEP 64 and WEP 128. WEP 128 will offer increased security over WEP 64.

Passphrase: This is used to generate WEP keys automatically based upon the input string and a pre-dened algorithm in WEP64 or WEP128.

Default Used WEP Key: Select the encryption key ID; please refer to Key (1~4) below.

Key (1-4): Enter the key to encrypt wireless data. To allow encrypted data transmission, the WEP

Encryption Key values on all wireless stations must be the same as the router. There are four keys for your selection. The input format is in HEX style, 10 and 26 HEX codes are required for WEP64 and WEP128 respectively.

Wireless Client / MAC Address Filter

The MAC Address supports up to 16 wireless network machines and helps you manage your network

control to accept trafc from specic authorized machines or to restrict unwanted machine(s) to access your LAN.

There are no pre-dene MAC Address lter rules; you can add the lter rules to meet your requirements.

Wireless Client Filter: Default setting is set to Disable.

Allowed: To authorize specic device accessing your LAN by insert the MAC Address in the

space provided or click the Candidate button. Make sure your PC’s MAC is listed.

Blocked: To prevent unwanted device accessing the LAN by insert the MAC Address in the space provided or click the Candidate button. Make sure your PC’s MAC is not listed.

The maximum client is 16. The MAC addresses are 6 bytes long; they are presented only in hexadecimal characters. The number 0 - 9 and letters a - f are acceptable.

Note: Follow the MAC Address Format xx:xx:xx:xx:xx:xx. Semicolon ( : ) must be included.

Candidates: It automatically detects devices connected to the router through the Wireless feature.

Click the Candidate button to access the Associated Wireless Client window.

Associate Wireless Client: Displays a list of individual wireless device’s MAC Address that currently

connects to the router.

You can easily by checking the box next to the MAC address to be blocked or allowed. Then, Add to insert to the Wireless Client (MAC Address) Filter table. The maximum Wireless client is 16.

WPS

WPS feature is follow Wi-Fi Alliance WPS standard and it easily set up security-enabled WiFi networks in the home and small ofce environment. It is reduced by half the user steps to congure a network and supports two methods that are familiar to most consumers to congure a

network and enable security.

Port Setting

This section allows you to congure the settings for the router’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network.

Port # Connection Type: There are Six options to choose from: Auto, disable, 10M half-duplex, 10M full-duplex, 100M half-duplex, 100M full-duplex and Disable. Sometimes, there are Ethernet

compatibility problems with legacy Ethernet devices, and you can congure different types to solve compatibility issues. The default is Auto, which users should keep unless there are specic problems with PCs not being able to access your LAN.

IPv4 TOS priority Control (Advanced users): TOS, Type of Services, is the 2nd octet of an IP packet. Bits 6-7 of this octet are reserved and bit 0-5 are used to specify the priority of the packet.

This feature uses bits 0-5 to classify the packet’s priority. If the packet is high priority, it will ow rst and will not be constrained by the Rate Limit. Therefore, when this feature is enabled, the router’s Ethernet switch will check the 2nd octet of each IP packet. If the value in the TOS eld

matches the checked values in the table (0 to 63), this packet will be treated as high priority.

DHCP Server

You can disable or enable the DHCP (Dynamic Host Conguration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are congured to obtain IP addresses automatically.

To disable the router’s DHCP Server, check Disabled and click Next, then click Apply. When the DHCP Server is disabled you will need to manually assign a xed IP address to each PCs on your

network, and set the default gateway for each PCs to the IP address of the router (by default this is

192.168.1.254).

To congure the router’s DHCP Server, check DHCP Server and click Next. You can then congure

parameters of the DHCP Server including the IP pool (starting IP address and ending IP address to be allocated to PCs on your network), lease time for each assigned IP address (the period of time the IP address assigned will be valid), DNS IP address and the gateway IP address. These details

are sent to the DHCP client (i.e. your PC) when it requests an IP address from the DHCP server. Click Apply to enable this function. If you check “Use Router as a DNS Server”, the ADSL Router will perform the domain name lookup, nd the IP address from the outside network automatically and forward it back to the requesting PC in the LAN (your Local Area Network).

If you check DHCP Relay Agent and click Next, then you will have to enter the IP address of the DHCP server which will assign an IP address back to the DHCP client in the LAN. Use this function only if advised to do so by your network administrator or ISP.

Click Apply to enable this function.

WAN - Wide Area Network

WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and

the Internet. Here are the items within the WAN section: WAN Interface, WAN Prole and ADSL

Mode.

WAN Interface

WAN Connection-ADSL Mode

The default setting for Connection Mode is ADSL and for Protocol is PPPoE.

Main Port: User can select either ADSL or 3G mode.

Failover / Failback: Set Enable to trigger ADLS / 3G failover / failback function ready.

Backup Port: It links to backup port conguration page. It is necessary to congure it when

Failover/Failback be set.

Connectivity Decision: Set how many times of probing failed to switch backup port.

Failover Probe Cycle: Set the time duration for the Failover Probe Cycle to determine when the

router will switch to the backup connection (backup port) once the main connection (main port) fails.

Note: The time set is for each probe cycle, but the decision to change to the backup port is determined by Probe Cycle duration multiplied by connection Decision amount (e.g. From the image above it will be 12 seconds multiplied by 5 consecutive fails).

Failback Probe Cycle: Set the time duration for the Failback Probe Cycle to determine when the router will switch back to the main connection (main port) from the backup connection (backup port) once the main connection is communicating again.

Note: The time set is for each probe cycle, but the decision to change to the backup port is determined by Probe Cycle duration multiplied by Connection Decision amount (e.g. From ge above it will be 3 seconds multiplied by 5 consecutive fails).

Detect Rule:

Rule 1. ADSL Down

Rule 2. Ping Fail

No Ping: It will not send any ping packet to determine the connection. It means to disable the

ping fail detection.

Ping Gateway: It will send ping packet to gateway and wait response from gateway in every

“Probe Cycle”.

Ping Host: It will send ping packet to specic host and wait response in every “Probe Cycle”.

The host must be an IP address.

WAN Connection-3G Mode

In ADSL mode, as the ADSL is not available (failover/failback), it will switch to 3G mode for WAN Connection support. However, in 3G Mode ADSL cannot support WAN Connection when 3G Mode is unavailable.

WAN Prole

PPPoE Connection

PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP.

Prole Port: Select the prole port as ADSL.

Protocol: The ATM protocol will be used in the device.

Description: A given name for the connection.

VPI/VCI: Enter the information provided by your ISP.

ATM Class: The Quality of Service for ATM layer.

Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive). This is in the format of “username@ispname” instead of simply “username”.

Password: Enter the password provided by your ISP. You can input up to 128 alphanumeric characters (case sensitive).

Service Name: This item is for identication purposes. If it is required, your ISP provides you the information. Maximum input is 15 alphanumeric characters.

NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

IP (0.0.0.0:Auto): Your WAN IP address. Leave this at 0.0.0.0 to obtain automatically an IP address from your ISP.

Auth. Protocol: Default is Auto. Your ISP should advise you on whether to use Chap or Pap.

Connection:

Always on: If you want the router to establish a PPPoA session when starting up and to au-

tomatically re-establish the PPPoA session when disconnected by the ISP.

Connect on Demand: If you want to establish a PPPoA session only when there is a packet

requesting access to the Internet (i.e. when a program on your computer attempts to access

the Internet).

Idle Timeout: Auto-disconnect the broadband rewall gateway when there is no activity on the line for a predetermined period of time.

Detail: You can dene the destination port and packet type (TCP/UDP) without checking by timer. It allows you to set which outgoing trafc will not trigger and reset the idle timer.

MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specic

headers) that IP will attempt to send through the interface.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

TCP MSS Clamp: This option helps to discover the optimal MTU size automatically. Default is

enabled.

MAC Spoong: Some service providers require the conguring of this option. You must ll in the MAC address that specify by service provider when it is required. Default is disabled.

Obtain DNS: A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. DNS helps to nd the IP address for the specic domain name. Check the checkbox to obtain DNS automatically.

Primary DNS: Enter the primary DNS.

Secondary DNS: Enter the secondary DNS

PPPoA Connection

Prole Port: Select the prole port as ADSL.

Protocol: The ATM protocol will be used in the device..

Description: A given name for the connection.

VPI/VCI: Enter the information provided by your ISP.

ATM Class: The Quality of Service for ATM layer.

Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric

characters (case sensitive). This is in the format of “username@ispname” instead of simply “username”.

Password: Enter the password provided by your ISP. You can input up to 128 alphanumeric characters (case sensitive).

IP (0.0.0.0:Auto): Your WAN IP address. Leave this at 0.0.0.0 to obtain automatically an IP

address from your ISP.

Auth. Protocol: Default is Auto. Your ISP should advises you on whether to use Chap or Pap.

Connection:

Always on: If you want the router to establish a PPPoA session when starting up and to au-

tomatically re-establish the PPPoA session when disconnected by the ISP.

Connect on Demand: If you want to establish a PPPoA session only when there is a packet

requesting access to the Internet (i.e. when a program on your computer attempts to access

the Internet).

Idle Timeout: Auto-disconnect the broadband rewall gateway when there is no activity on the line for a predetermined period of time.

Detail: You can dene the destination port and packet type (TCP/UDP) without checking by timer. It allows you to set which outgoing trafc will not trigger and reset the idle timer.

MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specic

headers) that IP will attempt to send through the interface.

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

TCP MSS Clamp: This option helps to discover the optimal MTU size automatically. Default is

enabled.

Primary DNS: Enter the primary DNS.

Secondary DNS: Enter the secondary DNS.

MPoA Connection

Prole Port: Select the prole port as ADSL.

Protocol: The ATM protocol will be used in the device.

Description: A given name for the connection.

VPI/VCI: Enter the information provided by your ISP.

ATM Class: The Quality of Service for ATM layer.

NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet

through a single IP account, sharing a single IP address. If users on your LAN have public IP addresses and can access the Internet directly, the NAT function can be disabled.

Encap. mode: Choose whether you want the packets in WAN interface as bridged packet or routed packet.

MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specic

headers) that IP will attempt to send through the interface.

IP (0.0.0.0:Auto): Specify an IP address allowed to logon and access the router’s web server.

Note: IP 0.0.0.0 indicates all users who are connected to this router are allowed to logon the device and modify data.

Netmask: The default is 255.255.255.0. User can change it to other such as 255.255.255.128. Type the subnet mask assigned to you by your ISP (if given).

Gateway: Enter the IP address of the default gateway (if given).

RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function.

TCP MSS Clamp: This option helps to discover the optimal MTU size automatically. Default is

enabled.

MAC Spoong: Some service providers require the conguring of this option. You must ll in the MAC address that specify by service provider when it is required. Default is disabled.

Primary DNS: Enter the primary DNS.

Secondary DNS: Enter the secondary DNS.

IPoA Routed Connection