The product you have purchased and the setup screen may appear slightly different from those
shown in this QIG. For more detailed information about this product, please refer to the User's
Manual on the CD-ROM.
Software and specifications subject to change without notice. Please visit our web site for the
update.
All rights reserved. Trademarks or registered trademarks are the property of their respective
holders
Edimax AC-M3000/AC-M1000
User’s Manual
Table of Contents
1.Before You S t art............................................................................................................................3
3.1.3Panel Function Descriptions .........................................................................................................................9
4.1.5LAN Port Roles...........................................................................................................................................30
4.2.2Black List Configuration.............................................................................................................................54
4.4.3Monitor IP List..........................................................................................................................................103
4.4.4Walled Garden List ...................................................................................................................................104
4.4.5Proxy Server Properties ............................................................................................................................105
4.4.8VPN T erm ination......................................................................................................................................107
This manual is for Hotspot owners, SMBs, or administrators in enterprises to set up network environment using
Edimax AC-M3000/AC-M1000. It contains step by step procedures and graphic examples to guide MIS staff or
individuals with slight network system knowledge to complete the installation.
Note: this manual is applicable to both AC-M3000 and AC-M1000. For a reference of differences between
AC-M3000 and AC-M1000, please see 2.3.3 – Comparison between AC-M3000 and AC-M1000.
1.2 Document Convention
yFor any caution or warning that requires special attention of readers, a highlight box with the eye-catchi ng ital ic
font is used as below:
Warning: For security purposes, you should immediately change the Administrator’s password.
Indicates that clicking this button will return to the homepage of this section.
Indicates that clicking this button will return to the previous page.
Indicates that clicking this button will apply all of your settings.
Indicates that clicking this button will clear all inputs before clicking Apply button.
3
Edimax AC-M3000/AC-M1000
User’s Manual
2. System Overview
2.1 Introduction of Edimax AC-M3000
Edimax AC-M3000 i s a Network Access Controller, specially designed for the small scaled wireless and wired
network management and access control. The major functional areas include user management, access control, AP
management, and security management.
2.2 System Concept
Edimax AC-M3000 dedicates to user authentication, authorization and management. The user account information
is stored in the local database or specified external databases server. User authentication is processed via the SSL
encrypted web interface. This interface is compatible to most desktop devices and palm computers. The following
figure is an example of Edimax AC-M3000 set to control a part of the company’s intranet. The whole managed
network includes the users in LAN and WLAN..
4
2.3 Specification
2.3.1 Hardware Specification
yGeneral
Form Factor: Mini-desktop
Dimensions (W x D x H): 243 mm x 150 mm x 45.5 mm
Weight: 1.4 Kg
Operating Temperature: 0 ~ 45 ℃
Storage Temperature: 0 ~ 65 ℃
Power: 110~220 VAC, 50/60 Hz
Ethernet Interfaces: 10 x Fast Ethernet (10/100 Mbps)
yConnectors & Display
WAN Ports: 2 x 10BASE-T/100BASE-TX RJ-45
LAN Ports: 8 x 10BASE-T/100BASE-TX RJ-45
Edimax AC-M3000/AC-M1000
User’s Manual
Console Port: 1 x RJ-11
LED Indicators: 1 x Power, 1 x Status, 2 x WAN, 8 x LAN
2.3.2 Technical Specification
yNetworking
Supports Router, NAT mode
Supports Static IP, DHCP, PPPoE on WAN interface
Configurable LAN ports authentication
Supports IP Plug and Play (IP PnP)
Built-in DHCP server and supports DHCP relay
Supports NAT:
1. IP/Port Destination Redirection
2. DMZ Server Mapping
3. Virtual Server Mapping
Supports static route
Supports SMTP redirection
Supports Wal l ed Garden (free surfing zone)
Supports MAC Address Pass-Through
y Standa rd 10/100BaseT network cables with RJ-45 connectors
y All PCs need to install the TCP/IP network protocol
3.1.2 Package Contents
The standard package of Edimax AC-M3000 includes:
yEdimax AC-M3000 x 1
Edimax AC-M3000/AC-M1000
User’s Manual
y CD-ROM x 1
y Quick Installation Guide x 1
y Power Adapter (DC 12V) x 1
y Cross Over Ethernet Cable x 1
y Console Cable x 1
Warning: It is highly recommended to use all the supplies in the p ackage inste ad of sub stituting any com ponents by
other suppliers to guarantee best performance.
8
Edimax AC-M3000/AC-M1000
User’s Manual
3.1.3 Panel Function Descriptions
Front Panel
y LED: There are four kinds of LED, Power, Status, WAN and LAN, to indicate different status of the system.
y WAN1/WAN2: The two WAN ports are connected to a network which is not managed by the Edimax AC-M 3000
system, and this port can be used to connect the ATU-Router of the ADSL, the port of a cable modem, or a
switch or a hub on the LAN of a company.
yLAN1~LAN8: Clients’ machines connect to Edimax AC-M3000 via LAN ports. Each LAN po rt can be configured
to one of the two roles, controlled or uncontrolled. The differences of these two roles for a client connected to
are:
¾ Clients connected to the controlled port need to be authenticated to access network.
¾ Clients connected to uncontrolled port don’t need to be authenticated to access network and can access the
web management interface.
Rear Panel
y Reset: Press this button to restart the system.
y Console: The system can be configured via a serial console port. The administrator can use a terminal
emulation program such as Microsoft’s HyperTerminal to login to the configuration console interface to change
admin password or monitor system status, etc.
yDC+12V: The power adapter attaches here.
9
Edimax AC-M3000/AC-M1000
User’s Manual
3.1.4 Installation Steps
Please follow the following steps to install Edimax AC-M3000:
1. Connect the 12V power adapter to the power socket on the rear panel. The Po wer LED should be on to i ndicate
a proper connection.
2. Connect an Ethernet cable to the WAN1 Port on the front panel. Connect the other end of the Ethernet cable to
a ADSL m odem, a cable m odem or a switch/hub of the network. Th e LED of WAN1 port should be on to indicate
a proper connection.
3. Connect an Ethernet cable to one of the LAN5~LAN8 Ports on the front panel. Conne ct the other end of the
Ethernet cable to an administrator’s PC. The LED of the connected port should be on to indicate a proper
connection. (Note: The default role of these four ports is Uncontrolled Port.)
4. Connect an Ethernet cable to one of the LAN1~LAN4 Ports on the front panel. Conne ct the other end of the
Ethernet cable to a client PC, AP or switch in manag e d network. The LED of the connected port should be o n to
indicate a proper connection. (Note: The default role of these four ports is Controlled Port.)
Attention:
1. Edimax AC-M3000 supports Auto Sensing MDI/MDIX. You may use either straight through or cross over cable
to connect the Ethernet Port.
2. Usually a straight cable could be applied when Edimax AC-M3000 connects to an Access Point which supports
automatic crossover. If af ter the AP hardware resets, the Edimax AC-M3000 could not be able to connect to the
AP while connecting with a straight cable, the user have to pull out and plug-in the straight cable again. This
scenario does NOT occur while using a crossover cable.
After the hardware of Edimax AC-M3000 is inst alled completely, the system is ready to be configured in the following
sections.
10
Edimax AC-M3000/AC-M1000
User’s Manual
3.2 Software Configuration
3.2.1 Quick Configuration
There are two ways to configure the system: using Configuration Wizard or changing the setting by demands
manually. The Configuration Wizard has 6 steps providing a simple and easy way to guide you through the setup of
Edimax AC-M3000. Follow the procedures and instructions given by the Wizard to enter the required information
step by step. After saving and restarting Edimax AC-M3000, it is ready to use. There will be 6 steps as listed below:
1. Change Admin’s Password
2. Choose System’s Time Zone
3. Set System Information
4. Select the Connection Type for WAN Port
5. Set Authentication Methods
6. Save and Restart Edimax AC-M3000
Please follow the following steps to complete the quick configuration.
1. Use the network cable of the 10/100BaseT to connect a PC to the uncontrolled port, and then open a browser
(such as Microsoft IE 6.0 or Firefox). Next, enter the gateway IP address as the web management interface’s
URL, the default gateway IP address is https://192.168.2.254
page. Enter “admin”, the default username and “1234”, the default password, in the User Name and
Password field. Click Enter to log in.
. In the opened webpage, you will see the login
Caution: If you can’t get the login screen, the reasons may be: 1. The PC is set incorrectly so that the PC can’t
obtain the IP address automatically from the LAN port; 2. The IP address and the default gateway are not under the
same network segment. Please use default IP address such as 192.168.2.xx in your network and then try it again.
For the PC configuration on PC, please refer to 6. Appendix B – Network Configuration on PC.
11
Edimax AC-M3000/AC-M1000
User’s Manual
Edimax AC-M3000 supports three kinds of account interface. You can log in as admin, manager or operator. The
default username and password as follows.
Admin: The administrator can access all area of the Edimax AC-M3000.
User Name: admin
Password: 1234 Manager: The manager can access the area under User Authentication to manage the user account, but no
permission to change the settings of the profiles of Firewall, Specific Route and Schedule.
User Name: manager
Password: manager Operator: The operator can only access the area of Create On-demand User to create and print out the new
on-demand user accounts.
User Name: operator
Password: operator
2. After successfully logging into Edimax AC-M3000, enter the web management interface and see the welcome
page. There is a Logout button on the upper right corner to log out the system when finished.
3.Then, run the configuration wizard to complete the configuration. ClickSystem Configuration, the System
Configuration page will appear.
12
Edimax AC-M3000/AC-M1000
User’s Manual
4. Then, click on Configuration Wizard and click the Run Wizard to start the wizard.
13
5. Configuration Wizard
A welcome page that briefly introduces the 6 steps
will appear. Click Next to begin.
Edimax AC-M3000/AC-M1000
User’s Manual
yStep 1. Change Admin’s Password
Enter a new password for the admin account
and retype it in the Verify Password field
(twenty-character is the maximum and spaces
are not allowed).
Click Next to continue.
yStep 2. Choose System’s Time Zone
Select a proper time zone via the drop-down
menu.
Click Next to continue.
14
yStep 3. Set System Information
Home Page: Enter the URL to where the
users should be directed when they are
successfully authenticated.
NTP Server: Enter the IP address or the
domain name of an external time server for
Edimax AC-M3000 to do ti me
synchronization or use the default.
DNS Server: Enter a DNS Server provided
by the ISP (Internet Service Provider).
Contact the ISP if the DNS IP Address is
unknown.
Click Next to continue.
yStep 4. Select the Connection Type for WAN
Edimax AC-M3000/AC-M1000
User’s Manual
Port
There are three connection types of WAN1 po rt
supported in the wizard: Static IP Address, Dynamic IP Address and PPPoE Client.
Select a proper Internet connection type and
click Next to continue.
¾ Static IP Address: Set WAN Port’s Static
IP Address
Enter the “IP Address”, “Subnet Mask”
and “Default Gateway” provided by your
ISP or network administrator.
Click Next to continue.
¾Dynamic IP Address
If this option is selected, Edimax AC-M3000
will get an IP address for WAN1 from an
external DHCP server automatically.
Click Next to continue.
15
¾PPPoE Client: Set PPPoE Client’s Information
Enter the “Username” and “Password” provided
by the ISP.
Click Next to continue.
yStep 5. Set Authentication Methods
Enter an identified name as the postfix name in the
Postfix field (e.g. Local), select a policy to assign to,
Edimax AC-M3000/AC-M1000
User’s Manual
and choose an authentication method.
Click Next to continue. Different information needs
be provided for each kind of authentication method
respectively:
¾Local User: Add User
A new user can be added to the local user data
base. To add a user here, enter the Username
(e.g. test), Password (e.g. test), MAC (optional,
to specify a valid MAC address for this user)
and assign a policy (or use the default). Click
the ADD button to add this user ..
Attention: The policy selected in this step is
applied to this user only. Per-user policy
setting takes over the group policy setting at
precious step unless you select None here.
ClickNext to continue.
16
Edimax AC-M3000/AC-M1000
User’s Manual
¾POP3 User: POP3
Enter Domain Name/IP, Server Port of the
POP3 server provided by the ISP, and then
choose to enable SSL or not.
Click Next to continue.
¾RADIUS User: RADIUS
Enter the Domain Name/IP of the RADIUS
server, Authentication Port, Accounting
Port and Secret Key. Then choose to enable
the Accounting Service or not, and choose
the desired Authentication Method.
Click Next to continue.
¾LDAP User: LDAP
Enter the LDAP Server, Server Port, Base DN,
and Account Attribute of the LDAP server.
Click Next to continue.
17
¾NT Domain User: NT Domain
When NT Domain authentication method
is selected, enter the Server IP Address,
and choose to enable/disable
Transparent Login.
If “Transparent Login” is selected, users
will be logged in Edimax AC-M3000’s NT
Domain active directory and authenticated
automatically when they log into their
Windows OS domain.
Click Next to continue.
yStep 6. Save and Restart Edimax
AC-M3000
Edimax AC-M3000/AC-M1000
User’s Manual
Click Restart to save the current setting and
restart Edimax AC-M3000. The Setup Wizard
is completed now.
ySetup Wi zard. During Edimax AC-M3000 restart,
a “Restarting now. Please wait for a moment…” message will appear on the screen.
Please do not interrupt Edimax AC-M3000 until
the message has disappeared. This indicates
that a completed and successful restart process
is finished.
18
Edimax AC-M3000/AC-M1000
Caution: During each step of the wizard, if you want to go back to modify the setting, please click the Back button to
go back to the previous step.
User’s Manual
3.2.2 User Login Portal Page
To login from the login portal page via the controlled port, the user has to be authenticated by the username and
password. The administrator also can verify if the configuration of Edimax AC-M3000 has been done properly.
1. First, connect a client’s device (for example, a PC)
to the controlled port of Edimax AC-M 3000, and
set the device to obtain an IP address
automatically. After the client obtains the IP
address, open an Internet browser. Try to launch
any website and then the default User Login
Page will appear. Enter a valid User Name and
Password (e.g. test@local for the username and
test for the password). Click Submit button.
2. Login succeed page will appear if Edimax AC-M3000 has
been installed and configured successfully. Now, clients
can access the network or surf on the Internet.
19
3. When an on-demand user logs in successfully, the following
Login Successfully page will appear. There is an extra line
showing “Remaining usage” and a “Redeem” button on the
button.
yRemaining usage: Show the remaining time or data volume
that the on-demand user can use to surf Internet.
Edimax AC-M3000/AC-M1000
User’s Manual
yRedeem: When the remaining time
or data size is insufficient, the client
has to pay for adding credit to the
counter, and then, the clie nt will get
a new username and password.
After clicking the Redeem button, a
Redeem Page will appear. Please
enter the new username and
password obtained and click Enter
button. The total available time or
data size will be shown up after
adding credit.
20
Edimax AC-M3000/AC-M1000
User’s Manual
4. Web Interface Configuration
This chapter will guide you through further detailed settings. The following table is the UI and functions of Edimax
AC-M3000.
OPTION
FUNCTION
System
Configuration
Configuration
Wizard
System
Information
WAN1
Configuration
WAN2 &
Failover
LAN Port Roles
Controlled
Configuration
Uncontrolled
Configuration
User
Authentication
Authentication
Configuration
Black List
Configuration
Policy
Configuration
Additional
Configuration
AP
Management
AP List
AP Discovery Privilege List
Manual
Configuration
Template
Settings
Firmware
Management
AP Upgrade Dynamic DNS
IP Mobility
Network
Configuration
Network
Address
Translation
Monitor IP List
Walled Garden
List
Proxy Server
Properties
Utilities Status
Change
System Status
Password
Backup/Restore
Interface Status
Settings
Firmware
Current Users
Upgrade
Restart Traffic History
Notification
Configuration
VPN
Termination
Caution: After finishing the configuration of the settings, please click Apply and pay attention to see if a restart
message appears on the screen. If such message appears, system must be restarted to allow the settings to take
effect. All on-line users will be disconnected during restart.
21
Edimax AC-M3000/AC-M1000
User’s Manual
4.1 System Configuration
This section includes the following functions: Configuration Wizard, System Information, WAN1 Configuration,
WAN2 & Failover, LAN Port Role s, Controlled Configuration and Uncontrolled Configuration.
4.1.1 Configuration Wizard
There are two ways to configure the system: using Configuration Wizard or changing the setting by demands
manually. The Configuration Wizard has 6 steps providing a simple and easy way to go through the basic setup of
Edimax AC-M3000 and is served as Quick Configuration. Please refer to 3.2.1 Quick Configuration for the
introduction and description of Configuration Wizard.
22
Edimax AC-M3000/AC-M1000
User’s Manual
4.1.2 System Information
Most of the major system information about Edimax AC-M3000 can be set here. Please refer to the following
description for each field:
23
Edimax AC-M3000/AC-M1000
User’s Manual
y System Name: Set the name of the system or use the default.
y Device Name: FQDN (Fully-Qualified Domain Name). This is used as the domain name used in login p age. For
example, if Device Name=ashop.com, the URL of login page will be https://ashop.com/loginpages/login.shtml
yHome Page: Enter the website of a Web Server to be the homepage. When users log in successfully, they will
be directed to the homepage set. Usually, the homepage is the company’s we bsite, such as
http://www.yahoo.com. Regardl ess of the original webpage set in the clients’ computers, they will be redirect to
this page after login.
yAccess History IP: Specify an IP address of the administrator’s computer or to get history information of
Edimax AC-M3000 with fix format URLs.
Traffic Hist o ry :https://10.2.3.213/status/history/2005-02-17
yRemote Management IP: Set the IP addresses within a range which are able to connect to the web
management interface via WAN and/or controlled port. For example, 10.2.3.0/24 means that as long as you are
within the IP address range of 10.2.3.0/24, you can reach the administration page of Edimax AC-M3 000. If the IP
range bit number is omitted, 32 is used to specify a single IP address.
ySNMP: Edimax AC-M3000 supports SNMPv2. If the function is enabled, it is able to assign the Manager IP
address and the SNMP community name used to access the management information base (MIB) of the
system.
yUser Logon SSL: Enable this function to activate https (encryption) or disable this function to activate http (non
encryption) user login page.
yTime: Edimax AC-M3000 supports NTP communication protocol to synchronize the system time with remote
time servers. Please specify the time zone and IP address of at least one NTP server in the system
configuration interface for adjusting the system time automatically. (Universal Time is Greenwich Mean Time,
GMT). Time can also be set manually when selecting “Set Device Date and Time”. Please enter the date and
24
time into these fields.
Edimax AC-M3000/AC-M1000
User’s Manual
4.1.3 WAN1 Configuration
There are 4 connection types for the WAN1 Port: Static IP Address, Dynamic IP Address, PPPoE Client and
PPTP Client.
25
Edimax AC-M3000/AC-M1000
User’s Manual
yStatic IP Address: Manually specifying the IP address of the WAN1 Port is applicable for the network
environment where the DHCP service is unavailable. The fields with red asterisks are required to be filled in.
IP Address: the IP address of the WAN1 port.
Subnet Mask: the subnet mask of the WAN1 port.
Default Gateway: the gateway of the W A N1 port.
Preferred DNS Server: The primary DNS Server of the WAN1 port.
Alternate DNS Server: The substitute DNS Server of the WAN1 port. This is not required.
yDynamic IP address: It is only applicable for the network environment where the DHCP Server is available in
the network. Click the Renew button to get an IP address.
yPPPoE Client: This is the common connection type for ADSL. When selecting PPPoE to connect to the network,
please enter the Username, Password, MTU and CLAMPMSS. There is a Dial on Demand function under
PPPoE. If this function is enabled, a Maximum Idle Time can be set. When the idle time is reached, the system
will automatically disconnect itself
26
Edimax AC-M3000/AC-M1000
User’s Manual
yPPTP Client: Point to Point T unnelin g Protocol is a service th at applies to bro adband co nnect ion u sed mai nly in
Europe and Israel. Select Static to specify the IP address of the PPTP Client manually or sele ct DHCP to get the
IP address automatically. The fields with red asterisks are required to be filled in. There is a Dial on Demand
function under PPTP. If this function is enabled, a Maximum Idle Time can be set. When the idle time is
reached, the system will automatically disconnect itself
27
Edimax AC-M3000/AC-M1000
User’s Manual
4.1.4 WAN2 & Failover
Except selecting None to disable WAN2 port, there are 2 connection types for the WAN2 port: Static IP Address
and Dynamic IP Address. The probe target supports up to three URLs. Check “Warning of Internet Disconnection” to work with the WAN Failover function. When Warning of Internet Disconnection is enabled,
the system will check the three URLs to detect the WAN ports connection status.
yNone: The WAN2 Port is disabled. The probe target of up to three URLs can still be entered. Check “Warning
of Internet Disconnection” to detect the WAN1 port connection status.
28
Loading...
+ 128 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.