Eltek Technologies A7200 User Manual

Download

ELTEK A7200-G1

Wireless

Broadband Router

User Manual

V1.1

20140505

A7200-G1 User Manual

As our product undergoes continuous development the specifications are subject to change without prior notice

INDEX

1. Introduction .............................................................................................................................. 4

2. System Overview ..................................................................................................................... 4

2.1 General Description ............................................................................................................ 4

2.2 Specifications ..................................................................................................................... 5

3. Hardware Installation ............................................................................................................... 7

3.1 Hardware Requirements ..................................................................................................... 7

3.2 Hardware Setup Procedures .............................................................................................. 7

4. Software Configuration ............................................................................................................. 8

5. Setup ........................................................................................................................................ 9

5.1 WAN Configuration ............................................................................................................. 9

5.1.1 A TM Settings .............................................................................................................. 10

5.1.2 Settings ......................................................................................

5.2 LAN Configuration ............................................................................................................ 1 1

5.2.1 LAN Interface Setup ................................................................................................... 11

5.2.2 DHCP Mode ............................................................................................................... 11

5.2.3 DHCP Static Configuration ......................................................................................... 13

5.3 Wireless Configuration ..................................................................................................... 13

5.3.1 Basic Setting .............................................................................................................. 13

5.3.2 Wireless Security Setup ............................................................................................. 14

5.3.3 Wireless Multiple BSSID Setup .................................................................................. 15

5.3.4 Wireless Access Control ............................................................................................ 15

5.3.5 Wireless Advanced Settings....................................................................................... 16

5.3.6 WPS ( Wi-Fi Pprotected Setup) ................................................................................. 17

6. Advanced Setup ..................................................................................................................... 19

6.1 Route Setup ..................................................................................................................... 20

6.1.1 Static Route Setup ..................................................................................................... 20

6.1.2 RIP Configuration ....................................................................................................... 21

6.2 NAT Configuration ............................................................................................................ 21

6.2.1 DMZ Setup ................................................................................................................. 21

6.2.2 Virtual Server

............................................................................................................ 22

6.2.3 NAT ALG and Pass-Through ...................................................................................... 23

6.3 QoS .................................................................................................................................. 24

6.3.1 IP QoS ....................................................................................................................... 24

6.4 CWMP Setup .................................................................................................................... 25

6.4.1 TR-069 Configuration ................................................................................................. 25

6.5 Port Mapping Setup .......................................................................................................... 26

6.5.1 Port Mapping Configuration ....................................................................................... 26

6.6 Others ............................................................................................................................... 27

A7200-G1 User Manual

6.6.1 Bridge Setting ............................................................................................................ 27

6.6.2 Client Limit Configuration ........................................................................................... 27

6.6.3 Other Advanced Configuration ................................................................................... 27

7. Service Setup ......................................................................................................................... 28

7.1 IGMP Configuration .......................................................................................................... 28

7.1.1 IGMP Proxy Configuration ......................................................................................... 29

7.2 UPnP Setup ...................................................................................................................... 29

7.2.1 UPnP Configuration ................................................................................................... 30

7.3 SNMP Setup ..................................................................................................................... 30

7.3.1 SNMP Protocol Configuration .................................................................................... 30

7.4 DNS Setup ....................................................................................................................... 31

7.4.1 DNS Configuration ..................................................................................................... 31

7.5 Dynamic DNS ................................................................................................................... 32

7.5.1 Dynamic DNS ( DDNS) Configuration ........................................................................ 32

8. Firewall Setup ........................................................................................................................ 33

8.1 MAC Filtering .................................................................................................................... 33

8.2 IP/Port Filtering Setup ...................................................................................................... 33

8.2.1 IP/Port Filtering .......................................................................................................... 33

8.3 URL Filter ................................................................................................................ ......... 35

8.3.1 URL Blocking Configuration ....................................................................................... 35

8.4 ACL Setup ........................................................................................................................ 36

8.4.1 ACL Configuration ...................................................................................................... 36

8.5 DoS Setting ...................................................................................................................... 36

9. Maintenance Setup ................................................................................................................ 37

9.1 Upgrade ............................................................................................................................ 37

9.1.1 Upgrade Firmware ..................................................................................................... 37

9.1.2 Backup/Restore Settings ........................................................................................... 37

9.2 Password .......................................................................................................................... 38

9.2.1 User Account Configuration ....................................................................................... 38

9.3 Reboot .............................................................................................................................. 39

9.3.1 Commit/Reboot ..........................................................................................................

9.4 Time Setup ....................................................................................................................... 39

9.4.1 System Time Configuration ........................................................................................ 39

9.5 Log Setup ......................................................................................................................... 40

9.5.1 Log Setting ................................................................................................................. 40

9.6 Diagnostic Setup .............................................................................................................. 41

9.6.1 Ping Diagnostic .......................................................................................................... 41

9.6.2 Traceroute Diagnostic ................................................................................................ 41

9.6.3 OAM Fault Management – Connectivity Verification .................................................. 41

9.6.4 Diagnostic .............................................................................................................. 42

9.6.5 Diagnostic Test ........................................................................................................... 42

A7200-G1 User Manual

1. Introduction

The ELTEK A7200-G1 supports Annex A mode. It provides four 10/100 Base-T Ethernet ports for user. The device provides high-speed broadband connection to the Internet or Intranet for high-end users, such as net bars and office users.

It provides high performance access to the Internet, downstream up to 24 Mbps and upstream up to 1 Mbps. The device supports WLAN access to the Internet, such as WLAN AP or WLAN device. It complies with IEEE 802.11b/g, IEEE 802.11n specifications, WEP, WPA, and WPA2 security specifications.

You can configure the router by running the Setup Wizard in the CD-ROM provided in the package. The wizard provides quick setup for Internet and Wireless connection. When you start the Setup Wizard, Please follow the easy steps in Quick Installation Guide.

2. System Overview

2.1 General Description

Eltek A7200-G1/G2 is only a component of a hospital screen solution project. The A7200-G1/G2 is just built-into the screen from customer. Customer will later do the whole procedure for certification with their final product (such as hospital screen).

To ensure fully compatibility, the device was tested with all major AMs, and support standard 10/100 Mbps Base-T Ethernet interface Auto MDI/MDIx 10/100 Switch function allowing user easily to link to PC or other Switches/Hubs. The device is an idea solution for multi-users utilizing build-in channel mode (PPPoE/A, IPoA, IPoE), IP routing, NAT functionalities sharing the link. The device is also a perfect solution for the residential users, it supports the users with bridge mode in host based PPPoE Client.

A7200-G1 User Manual

2.2 Specifications

WLAN features

- Complies with IEEE 802.11b/g/n standards

- Backward compatible with 802.11b/g devices while operating at 802.11n data rate

One Transmit and one Receive path (1T1R)

- 802.11b/g Data rates : 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, and 54Mbps, 802.11n maximum

Data rates :72.2Mbps receive/transmit PHY rate using 20MHz bandwidth, 150Mbps receive/transmit PHY rate using 40MHz bandwid t h

- Burst-mode support for dramatically enhanced throughput

- DSSS with DBPSK and DQPSK, CCK modulations and demodulations supported with rate

compatible punctured convolution coding with coding rate of 1/2, 2/3, 3/4 and 5/6

- OFDM with BPSK, QPSK, 16QAM and 64QAM modulations and demodulations supported with long and short preamble

- Complies with WMM, 802.11e, and CCX specifications

- Complies with 802.11h, 802.11i, 802.11j specifications

- Hardware-based IEEE 802.11i encryption/decryption engine, including 64-bit/128-bit WEP,

TKIP, and AES

- Supports Wi-Fi alliance WPA and WPA2 security

Software features

- RFC-1483/2684 LLC/VC-Mux bridged/routed mode

- RFC-1577 Classical IP over ATM

- RFC-2516 PPPoE

- RFC-2364 PPPoA

- RFC-1661 PPP

- Bridge/Routing

o DHCP Client/Sever/Relay o IP routing : RIP v1/v2 o Static route o DNS Relay Agent o Dynamic DNS o IGMP Proxy o 802.1d Spanning-Tree Protocol o NAT (Network Address Translation) o NAPT port forwarding o DMZ support

A7200-G1 User Manual

- Security

o User authentication for PPP o PAP (Password Authentication Protocol) o CHAP (Challenge Authentication Protocol)

- Firewall

o IP/Port filtering o MAC filtering o

- ATM

o ITU-T 1.610 F4/F5 OAM send and receiver loop-back o ATM QoS : CBR, rt-VBR, nrt-VBR and UBR o Multiple PVC : support 8 PVCs

- Management

- Web-based configuration

- Telnet remote management

- SNMP v1/v2/Trap

- Diagnostic tool

- Firmware upgrade through FTP, TFTP and HTTP

- UPnP support

- ACL (Access Control List)

3. Hardware Inst allation

3.1 Hardware Requirements

DC15V Power Adapter RJ-45 Ethernet cable

3.2 Hardware Setup Procedures

Step3: Connect your notebook / desktop computer to the LAN port of the router. Step4: Power ON the router.

4. Sof t ware Configuration

The device is an wireless router. When you power on the device, the system will boot up. The system provides a PVC for bridge test by default. The default configurations for the system are listed below.

 LAN IP address: 192.168.10.1, Netmask: 255.255.255.0

User can change settings via WEB browser. The following sections describe the set up procedures. Please set your PC’s Ethernet port as follow:

 IP address: 192.168.10.XXX (e.g. 192.168.10.10)  Netmask: 255.255.255.0

Access the Web Console:

 Start your web browser.  Type the Ethernet IP address of the modem/router on the address bar of the browser. Default

IP address is 192.168.10.1.

 Enter Password in the dialog box when it appears. Default Username: admin Password:

mpnn01

This page displays the router’s current status and settings. This information is read-only except for the PPPoE/PPPoA channel for which user can connect/disconnect the channel on demand. Click the “Refresh” button to update the status

Function buttons in this page:

Connect / Disconnect The two buttons take effect only when PVC is configured as PPPoE/PPPoA mode. Click

Connect/Disconnect button to connect/disconnect the PPP dial up link.

5. Setup

5.1 WAN Configuration

There are three sub-menu for WAN configuration: [Channel Config], [ATM Settings] Channel Config modem/router supports 8 ATM Permanent Virtual Channels (PVCs). There are mainly three operations for each of the PVC channels: add, delete and modify. And there are several channel modes to be selected for each PVC channel. For each of the channel modes, the setting is quite different accordingly. Please refer to the section – Channel Mode Configuration for further details.

Function buttons in this page:

Add Click Add to complete the channel setup and add PVC channel into configuration.

Modify

Select an existing PVC channel by clicking the radio button at the Select column of the Current ATM VC Table before we can modify the PVC channel. After selecting PVC channel, we can modify the channel configuration at this page. Click Modify to complete the channel modification and apply to the configuration.

Delete

Select an existing PVC channel to be deleted by clicking the radio button at the Select column of the Current ATM VC Table. Click Delete to delete this PVC channel from configuration.

A7200-G1 User Manual

5.1.1 A TM Settings

The page is for ATM PVC QoS parameters setting. The device support 4 QoS mode —CBR/rt-VBR/nrtVBR/UBR. Fields in this page:

Field Description VPI

VCI

QoS

PCR

SCR

Virtual Path Identifier. This is read-only field and is selected on the Select column in the Current ATM VC Table.

Virtual Channel Identifier. This is read-only field and is selected on the Select column in the Current ATM VC Table. The VCI, together with VPI, is used to identify the next destination of a cell as it passes through the ATM switch.

Quality of Service, a characteristic of data transmission that measures how accurately and how quickly a message or data is transferred from a source host to a destination host over a network. The four QoS options are: UBR (Unspecified Bit Rate): When UBR is selected, the SCR and MBS fields are disabled. CBR (Constant Bit Rate): When CBR is selected, the SCR and MBS fields are disabled. nrt-VBR (non-real-time Variable Bit Rate): When nrt-VBR is selected, the SCR and MBS fields are enabled. rt-VBR (real-time Variable Bit Rate): When rt-VBR is selected, the SCR and MBS fields are enabled.

Peak Cell Rate, measured in cells/sec, is the cell rate which the source may never exceed.

Sustained Cell Rate, measured in cells/sec, is the average cell rate over the duration of the connection.

MBS

Maximum Burst Size, a traffic parameter that specifies the maximum number of cells that can be transmitted at the peak cell rate.

Function buttons in this page:

Apply Changes

Set new PVC OoS mode for the selected PVC. New parameters will take effect after saving into flash memory and reboot the system. See section “Admin” for save details.

Undo Discard your settings.

A7200-G1 User Manual

5.2 LAN Configuration

Click Setup -> LAN to configure the LAN Settings.

5.2.1 LAN Interface Setup

Following page shows the current setting of LAN interface. You can set IP address, subnet mask, and IGMP Snooping for LAN interface in this page.

Fields in this page:

Field Description IP Address The IP address your LAN hosts use to identify the device’s LAN port. Subnet Mask LAN subnet mask. IGMP Snooping Enable/disable the IGMP snooping function for the multiple bridged LAN ports.

Function buttons in this page:

Apply Changes

Click to save the setting. New parameters will take effect after saving into flash memory and reboot the system. See section “Admin” for save details.

Modify Click to modify the setting.

5.2.2 DHCP Mode

You can configure your network and device to use the Dynamic Host Configuration Protocol (DHCP). This page provides DHCP instructions for implementing it on your network by selecting the role of DHCP protocol that this device wants to play. There are two different DHCP roles that this device can act as: DHCP Server and DHCP Relay. When acting as DHCP server, you can setup the server parameters at the DHCP Server page; while acting as DHCP Relay, you can setup the relay parameters at the DHCP Relay page.

A7200-G1 User Manual

5.2.2.1 DHCP Server Configuration

Fields in this page:

Field Description IP Pool Range Specify the lowest and highest addresses in the pool.

The Lease Time is the amount of time that a network user is allowed to maintain a network connection to the device using the current dynamic IP address. At the

Max Lease Time

end of the Lease Time, the lease is either renewed or a new IP is issued by the DHCP server. The amount of time is in units of seconds. The default value is 86400 seconds (1 day). The value –1 stands for the infinite lease.

Domain Name Subnet mask A mask used to determine what subnet an IP address belongs to.

Default gateway On a typical small home or office LAN, the existing routes that set up the default

DNS server It is used to select the way to obtain the IP addresses of the DNS servers.

A user-friendly name that refers to the group of hosts (subnet) that will be assigned addresses from this pool.

gateway for your LAN hosts and for the device provide the most appropriate path for all your Internet traffic

5.2.2.2 DHCP Relay Configuration

Some ISPs perform the DHCP server function for their customers’ home/small office network. In this case, you can configure this device to act as a DHCP relay agent. When a host on your network requests Internet access, the device contacts your ISP to obtain the IP configuration, and then forward that information to the host. You should set the DHCP mode to act as a DHCP relay.

Fields in this page:

Field Description

Relay Server

If you are using the other DHCP server to assign IP address to your hosts on the LAN. You can set the DHCP server ip address.

A7200-G1 User Manual

5.2.3 DHCP Static Configuration

Static DHCP is as useful feature which makes the DHCP server on your router always assign the same IP address to a unique MAC address assigned to NIC.

Static IP is a manual way of obtaining an IP address for your computer, where the IP address is pre-determined and always the same.

5.3 Wireless Configuration

Click Setup -> WLAN to configure the Wireless settings.

This section provides the wireless network settings for your WLAN interface. The wireless interface enables the wireless AP function for modem.

5.3.1 Basic Setting

This page contains all of the wireless basic settings. Most users will be able to configure the wireless portion and get it working properly using the setting on this screen.

Fields in this page:

Field Description

Disable Wireless LAN Interface Check it to disable the wireless function for modem.

Band

Mode The selections are: AP

SSID

Channel Number

Select the appropriate band from the list provided to correspond with your network setting.

The Service Set Identifier (SSID) or network name. It is case sensitive and must not exceed 32 characters, which may be any keyboard character. The mobile wireless stations shall select the same SSID to be able to communicate with your modem (or AP).

Select the appropriate channel from the list provided to correspond with your network settings. You shall assign a different channel for each AP to avoid signal interference.

Radio Power (mW) The maximum output power: 15mW, 30mW or 60mW. Channel Width 20MHz bandwidth : maximum Data rates = 72.2Mbps,

40MHz bandwidth : maximum Data rates = 150Mbps.

Associated Clients It will show the Wireless clients currently associated with the modem

A7200-G1 User Manual

5.3.2 Wireless Security Setup

This screen allows you to setup the wireless security. Turn on WEP or WPA by using encryption keys to prevent any unauthorized access to your WLAN.

Fields in this page:

Field Description

There are 4 types of security to be selected. To secure your WLAN, it’s strongly recommended to enable this feature.  WEP: Make sure that all wireless devices on your network are using the

same encryption level and key. Click Set WEP Key button to set the encryption key.

 WPA (TKIP): WPA uses Temporal Key Integrity Protocol (TKIP) for data

Encryption

Use 802.1x Authentication

WPA Authentication Mode

encryption. TKIP utilized a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers.

 WPA2 (AES): WPA2, also known as 802.11i, uses Advanced

Encryption Standard (AES) for data encryption. AES utilized a symmetric 128-bit block data encryption.

 WAP2 Mixed: The AP supports WPA (TKIP) and WPA2 (AES) for data

encryption. The actual selection of the encryption methods will depend on

the clients. Check it to enable 802.1x authentication. This option is selectable only when the “Encryption” is choose to either None or WEP. If the “Encryption” is WEP, you need to further select the WEP key length to be either WEP 64bits or WEP 128bits.

There are 2 types of authentication mode for WPA.  WPA-RADIUS: WPA RADIUS uses an external RADIUS server to perform

user authentication. To use WPA RADIUS, enter the IP address of the

RADIUS server, the RADIUS port (default is 1812) and the shared secret

from the RADIUS server. Please refer to “Authentication RADIUS Server”

setting below for RADIUS setting. The WPA algorithm is selected between

TKIP and AES, please refer to “WPA cipher Suite” below.  Pre-Shared Key: Pre-Shared Key authentication is based on a shared

secret that is known only by the parties involved. To use WPA Pre-Shared

Key, select key format and enter a password in the “Pre-Shared Key Format”

and “Pre-Shared Key” setting respectively. Please refer to “Pre-Shared Key

Format” and “Pre-Shared Key” setting below.

Pre-Shared Key Format

Pre-Shared Key

Authentication RADIUS Server

Function buttons in this page:

Apply Changes

Change the settings. New parameters will take effect after saving current config into flash memory and reboot the system.

 PassPhrase: Select this to enter the Pre-Shared Key secret as user-friendly

textual secret.  Hex (64 characters): Select this to enter the Pre-Shared Key secret as

hexadecimal secret. Specify the shared secret used by this Pre-Shared Key. If the “Pre-Shared Key

Format” is specified as PassPhrase, then it indicates a passphrase of 8 to 63 bytes long; or if the “Pre-Shared Key Format” is specified as Hex(64 c haracters), then it indicates a 64-hexadecimal number.

If the WPA-RADIUS is selected at “WPA Authentication Mode”, the port (default is 1812), IP address and password of external RADIUS server are specified here.

A7200-G1 User Manual

5.3.3 Wireless Multiple BSSID Setup

The SSID is a unique identifier that wireless networking devices use to establish and maintain wireless connectivity. You can configure up to 4 SSIDs on your AP router and assign different configuration settings to each SSID. All the SSIDs are active at the same time; that is, client devices can associate to the access point using any of the SSIDs. These are the settings you can assign to each SSID: Enable VAP0~4 SSID broadcast SSID Relay Blocking Authentication Type

5.3.4 Wireless Access Control

This page allows administrator to have access control by entering MAC address of client stations. MAC address can be added into access control list and only those clients whose wireless MAC address are in the access control list will be either allowed or denied to connect to the wireless AP as per the Access Control policy defined.

Fields in this page:

Field Description

Wireless Access Control Mode

MAC Address

The Selections are:

 Disable: Disable the wireless ACL feature.  Allow Listed: When this option is selected, no wireless clients except those

whose MAC addresses are in the current access control list will be able to

connect (to this device).  Deny Listed: When this option is selected, all wireless clients except those

whose MAC addresses are in the current access control list will be able to

connect (to this device).

Enter client MAC address and press “Add” button to add client MAC address into current access control list.

A7200-G1 User Manual

5.3.5 Wireless Advanced Settings

This page allows advanced users who have sufficient knowledge of wireless LAN to configure advanced settings. These setting shall not be changed unless you know exactly what will happen from the changes you made on your device. Fields in this page:

This value should remain at its default setting of 2346. It specifies the maximum size for a

Fragment Threshold

RTS Threshold

packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increases the “Fragment Threshold” value within the value range of 256 to 2346. Setting this value too low may result in po or network performance. Only minor modifications of this value are recommended.

This value should remain at its default setting of 2347. If you encounter inconsistent data flow, only minor modifications are recommended. If a network packet is smaller than the preset “RTS threshold” size, the RTS/CTS mechanism will not be enabled. The modem (or AP) sends Request to Send (RTS) frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the wireless station responds with a Clear to Send (CTS) frame to acknowledge the right to begin transmission.

Beacon Interval

Data Rate

Preamble Type

Broadcast SSID

Relay Blocking

Ethernet to Wireless Blocking

DTIM Interval

WIFI Multicast to Unicast

The Beacon Interval value indicates the frequency interval of the beacon. Enter a value between 20 and 1024. A beacon is a packet broadcast by the modem (or AP) to synchronize the wireless network. The default is 100.

The rate of data transmission should be set depending on the speed of your wireless network. You should select from a range of transmission spee ds, or you can select Auto to have the m odem (or AP) automatically use the fastest possible data rate and enable the Auto-Fallback feature. Auto-Fallback will negotiate the best possible connection speed between the AP and a wireless client. The default setting is Auto.

The Preamble Type defines the length of the CRC (Cyclic Redundancy Check) block for communication between the AP and mobile wireless stations. Make sure to select the appropriate preamble type. Note that high network traffic areas should use the short preamble type. CRC is a common technique for detecting data transmission errors.

If this option is enabled, clients can see the wireless network. This feature is intended to allow clients to dynamically discover and roam between W LANs; if this option is disabled, the device will hide its SSID. When this is done, the station cannot directly discover its WLAN and MUST be configured with the SSID. Note that in a home Wi-Fi network, roaming is largely unnecessary and the SSID broadcast feature serves no useful purpose. You should disable this feature to improve the security of your WLAN.

When Relay Blocking is enabled, wireless clients will not associate with other wireless clients.

When enabled, traffic between Ethernet and wireless interfaces are not allowed.

The DTIM Interval determines the number of AP beacons between each Delivery Traffic Indication Message (DTIM). This informs clients of the next window for listening to broadcast and multicast messages. When the AP has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Clients for that AP hear beacons and awaken to receive the broadcast and multicast messages For unicast transmissions, 802.11 implements layer2 acknowledgments and error checking to ensure frame delivery. Multicast traffic, on the other hand, has no link layer error or loss management in the 802.11 standard.

A7200-G1 User Manual

Aggregation Frame aggregation is a process of packing multiple MSDUs or MPDUs together to reduce the

overheads and average them over multiple frames, thus increasing the user level data rate.

Short GI Guard Intervals (GI) are used to ensure that distinct transmissions do not interfere with one

another. Short GI enable = 400ns, disable = 800ns.

5.3.6 WPS ( Wi-Fi Pprotected Setup)

Although home Wi-Fi networks have become more and more popular, users still have trouble with the initial set up of network. This obstacle forces users to use the open security and increases the risk of eavesdropping. Therefore, The Wi-Fi Protected Setup (WPS) is designed to ease set up of security-enabled Wi-Fi networks and subsequently network management.

The largest difference between WPS-enabled devices and legacy devices is that users do not need the knowledge about SSID, channel and security settings, but they could still surf in a security-enabled Wi-Fi network.

This device supports Push Button method and PIN method for WPS. The following subparagraphs will describe the function of each item. The webpage is shown below.

Fields in this page:

Field Description Disable WPS Check to disable the Wi-Fi protected Setup.

When AP’s settings are factory default (out of box), it is set to open security and un-configured state. “WPS Status” will display it as “UnConfigured”. If it already

WPS Status

Self-PIN Number

Push Button Configuration

Client PIN Number

shows “Configured”, some registrars such as Vista WCN will not configure AP. Users will need to go to the “Backup/Restore” page and click “Reset” to reload factory default settings.

“Self-PIN Number” is AP’s PIN. Whenever users want to change AP’s PIN, they could click “Regenerate PIN” and then click “ Apply Changes”. Moreover, if users want to make their own PIN, they could enter four-digit PIN without checksum and then click “ Apply Changes”. However, this would not be recommended since the registrar side needs to be supported with four-digit PIN.

Clicking this button will invoke the PBC method of WPS. It is only used when AP acts as a registrar.

It is only used when users want their station to join AP’s network. The length of PIN is limited to four or eight numeric digits. If users enter eight-digit PIN with checksum error, there will be a warning message popping up. If users insist on this PIN, AP will take it.

Function buttons in this page: Regenerate PIN

Click to regenerate the Self-PIN Number. Start PBC

Click to start the Push Button method of WPS. Apply Changes

Click to commit changes. Reset

It restores the original values. Start PIN

Click to start the PIN method of WPS.

A7200-G1 User Manual

6. Advanced Setup

The end user can configure the Advance Setup

Route Configuration

The Routing page enables you to define specific route for your Internet and network data. Most users do not need to define routes. On a typical small home or office LAN, the existing routes that set up the default gateways for your LAN hosts and for the device provide the most appropriate path for all your Internet traffic.

On your LAN hosts, a default gateway directs all Internet traffic to the LAN port(s) on the device. Your LAN hosts know their default gateway either because you assigned it to them when you modified your TCP/IP properties, or because you configured them to receive the information dynamically from a server whenever they access the Internet.

On the device itself, a default gateway is defined to direct all outbound Internet traffic to a route at your ISP. The default gateway is assigned either automatically by your ISP whenever the device negotiates an Internet access, or manually by user to setup through the configuration.

A7200-G1 User Manual

6.1 Route Setup

6.1.1 Static Route Setup

You may need to define routes if your home setup includes two or more networks or subnets, if you connect to two or more ISP services, or if you connect to a remote corporate LAN.

Fields in this page:

Field Description Enable Check to enable the selected route or route to be added.

Destination

The network IP address of the subnet. The destination can be specified as the IP address of a subnet or a specific host in the subnet. It can also be specified as all zeros to indicate that this route should be used for all destinations for which no other route is defined (this is the route that creates the default gateway).

Subnet Mask

Next Hop

Metric

Interface The WAN interface to which a static routing subnet is to be applied.

Function buttons in this page:

Add Route

Add a user-defined destination route.

The network mask of the destination subnet. The default gateway uses a mask of

0.0.0.0. The IP address of the next hop through which traffic will flow towards the

destination subnet. Defines the number of hops between network nodes that data packets travel. The

default value is 0, which means that the subnet is directly one hop away on the local LAN network.

Update

Update the selected destination route under the Static Route Table.

Delete Selected

Delete a selected destination route under the Static Route Table.

Show Routes

Click this button to view the device’s routing table.

A7200-G1 User Manual

6.1.2 RIP Configuration

RIP is an dynamic routing Internet protocol. Here you can set up to share routing table information with other routing devices on your LAN, at your ISP’s location, or on remote networks connected to your network via the line.

Most small home or office networks do not need to use RIP; they have only one router, such as the Router, and one path to an ISP. In these cases, there is no need to share routes, because all Internet data from the network is sent to the same ISP gateway.

You may want to configure RIP if any of the following circumstances apply to your network:

o Your home network setup includes an additional router or RIP-enabled router (other than

the Router). The Router and the router will need to communicate via RIP to share their routing tables.

o Your network connects via the line to a remote network, such as a corporate network. In

order for your LAN to learn the routes used within your corporate network, they should both be configured with RIP.

o Your ISP requests that you run RIP for communication with devices on their network.

Fields on the first setting block:

Field Description RIP Enable/Disable RIP feature.

6.2 NAT Configuration

In computer networking, network address translation (NAT) is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device.

6.2.1 DMZ Setup

A DMZ (Demilitarized Zone) allows a single computer on your LAN to expose ALL of its ports to the Internet. Enter the IP address of computer as a DMZ (Demilitarized

A7200-G1 User Manual

Fields in this page:

Field Description Enable DMZ Check this item to enable the DMZ feature.

Zone) host with unrestricted Internet access. When doing this, the DMZ host is no longer behind the firewall.

DMZ Host IP Address

6.2.2 Virtual Server

Fields in this page:

Field Description

IP address of the local host. This feature sets a local host to be exposed to the Internet.

Firewall keeps unwanted traffic from the Internet away from your LAN computers. Add a Virtual Server entry will create a tunnel through your firewall so that the computers on the Internet can communicate to one of the computers on your LAN on a single port.

Service Type Select a service from pull-down menu or User-defined Service Name. Protocol There are 2 options available: TCP, UDP.

WAN Setting There are 2 options available: create rules by interface or by IP address

WAN Interface

WAN Port

Local IP Address IP address of your local server that will be accessed by Internet.

LAN Open Port

Select the WAN interface on which the Virtual Server rule is to be applied.

The destination port number that is made open for this application on the WAN-side

The destination port number that is made open for this application on the LAN-side.

Function buttons for the setting block:

A7200-G1 User Manual

Apply Changes

Click to save the rule entry to the configuration.

Function buttons for the Current Table: Delete Selected Delete the selected rules from the table. You can click Delete button from the Current virtual serve forwarding table.

Disable

Without deleting the rule you can make specific virtual server entry in the table as inactive. You can click Disable to de-activate the entry.

6.2.3 NAT ALG and Pass-Through

An application-level gateway (also known as ALG or application layer gateway) consists of a security component that augments a firewall or NAT employed in a computer network. It allows customized NAT traversal filters to be plugged into the gateway to support address and port translation for certain application layer "control/data" protocols such as IPSec, L2TP, PPTP, FTP, SI P, RTSP etc. In order for these protocols to work through NAT or a firewall, either the application has to know about an address/port number combination that allows incoming packets, or the NAT has to monitor the control traffic and open up port mappings (firewall pinhole) dynamically as required. Legitimate application data can thus be passed through the security checks of the firewall or NAT that would have otherwise restricted the traffic for not meeting its limited filter criteria.

A7200-G1 User Manual

6.3 QoS

6.3.1 IP QoS

The device provides a control mechanism that can provide different priority to different users or data flows. The QoS is enforced by the QoS rules in the QoS table. A QoS rule contains two configuration blocks: Traffic Classification and Action. The Traffic Classification enables you to classify packets on the basis of various fields in the packet and perhaps the physical ingress port. The Action enables you to assign the strict priority level and mark some fields in the packet that matches the Traffic Classification rule. You can configure any or all field as needed in these two QoS blocks for a QoS rule.

Fields on the first setting block of this page:

Field Description IP QoS Enable/Disable the IP QoS function. Source IP The IP address of the traffic source. Source Netmask The source IP Netmask. This field is required if the source IP has been entered. Destination IP The IP address of the traffic destination.

Destination Netmask

Protocol

Source Port

Destination Port

Physical Port

The destination IP Netmask. This field is required if the destination IP has been entered.

The selections are TCP, UDP, ICMP and the blank for none. This field is required if the source port or destination port has been entered.

The source port of the selected protocol. You cannot configure this field without entering the protocol first.

The destination port of the selected protocol. You cannot configure this field without entering the protocol first.

The incoming ports. The selections include LAN ports, wireless port, and the blank for not applicable.

Fields on the second setting block of this page:

Field Description Outbound Priority

IP Precedence

IP Type of Service

The priority level for the traffic that matches this classification rule. The possible selections are (in the descending priority): p0, p1, p2, p3.

Select this field to mark the IP precedence bits in the packet that match this classification rule.

Select this field to mark the IP TOS bits in the packet that match this classification rule.

A7200-G1 User Manual

Select this field to mark the 3-bit user-priority field in the 802.1p header of the

802.1p

packet that matches this classification rule. Note that this 802.1p marking is workable on a given PVC channel only if the VLAN tag is enabled in this PVC channel.

6.4 CWMP Setup

6.4.1 TR-069 Configuration

TR-069 is a protocol for communication between a CPE and Auto-Configuration Server (ACS). The CPE TR-069 configuration should be well defined to be able to communicate with the remote ACS.

Fields in this page:

ACS Field Description URL ACS URL. For example, http://10.0.0.1:80 https://10.0.0.1:443 User Name The username the device should use when connecting to the ACS. Password The password the device should use when connecting to the ACS.

When this field is enabled, the devic e will send an Inform RPC to the ACS

Periodic Inform Enable

Periodic Inform Interval Time interval in second to send Inform RPC.

server at the system startup, and will continue to send it periodically at an interval defined in Periodic Inform Interval field; When this field is disabled, the device will only send Inform RPC to the ACS server once at the system startup.

Connection Request Field Description User Name The username the remote ACS should use when connecting to this device. Password The password the remote ACS should use when connecting to this device.

The path of the device ConnectionRequestURL. The device

Path

Port The port of the device ConnectionRequestURL.

ConnectionRequestURL should be configured based on the Device_IP, Path and Port as follows: http://Device_IP:Port/Path

A7200-G1 User Manual

6.5 Port Mapping Setup

The device provides multiple interface groups. Up to five interface groups are supported including one default group. The LAN and WAN interfaces could be included. Traffic coming from one interface of a group can only be flowed to the interfaces in the same interface group. Thus, the device can isolate traffic from group to group for some application. By default, all the interfaces (LAN and WAN) belong to the default group, and the other four groups are all empty. It is possible to assign any interface to any group but only one group.

6.5.1 Port Mapping Configuration

Fields in this page:

Field Description

Enabled/Disabled

“Interface groups

Radio buttons to enable/disable the interface group feature. If disabled, all interfaces belong to the default group.

To manipulate a mapping group:

 Select a group from the table.  Select interfaces from the available/grouped interface list and add it to the

grouped/available interface list using the arrow buttons to manipulate the required mapping of the ports.

 Click “Apply Changes” button to save the changes.

A7200-G1 User Manual

6.6 Others

6.6.1 Bridge Setting

You can enable/disable Spanning Tree Protocol and set MAC address aging time in this page.

Fields in this page:

Field Description

Set the Ethernet address ageing time, in seconds. After [Ageing Time] seconds of

Ageing Time

802.1d Spanning Tree Enable/disable the spanning tree protocol

not having seen a frame coming from a certain address, the bridge will time out (delete) that address from Forwarding DataBase (fdb).

6.6.2 Client Limit Configuration

This page is used to configure the capability of force how many devices can access to Internet!

6.6.3 Other Advanced Configuration

Here you can set other miscellaneous advanced settings.

Half Bridge:

When the PPP Half Bridge is enabled the WAN IP address from the ISP is passed straight through the modem to the local client PC. Only one PC is able to access the Internet using half bridge mode as NAT is disabled. Half bridge mode can only be used when a single IP address has been assigned by the ISP, it is not suitable for services that provide multiple IP addresses. Half bridge mode is used when the use of NAT or NAPT is not desired and there is a single computer attached to the modem. When the halfbridged modem is used in conjunction with a router handling DHCP, only then multiple computers can connect to the Internet.

A7200-G1 User Manual

7. Service Setup

7.1 IGMP Configuration

Multicasting is useful when the same data needs to be sent to more than one hosts. Using multicasting as opposed to sending the same data to the individual hosts uses less network bandwidth. The multicast feature also enables you to receive multicast video stream from multicast servers.

IP hosts use Internet Group Management Protocol (IGMP) to report their multicast group memberships to neighboring routers. Similarly, multicast routers use IGMP to discover which of their hosts belong to multicast groups. This device supports IGMP proxy that handles IGMP messages. When enabled, this device acts as a proxy for a LAN host making requests to join and leave multicast groups, or a multicast router sending multicast packets to multicast group on the WAN side.

When a host wishes to join a multicast group, it sends IGMP REPORT message to the device’s IGMP downstream interface. The proxy sets up a multicast route for the interface and host requesting the video content. It then forwards the Join to the upstream multicast router. The multicast IP traffic will then be forwarded to the requesting host. On a leave, the proxy removes the route and then forwards the leave to the upstream multicast router.

A7200-G1 User Manual

7.1.1 IGMP Proxy Configuration

The IGMP Proxy page allows you to enable multicast on WAN and LAN interfaces. The LAN interface is always served as downstream IGMP proxy, and you can configure one of the available WAN interfaces as the upstream IGMP proxy.

Upstream: The interfaces that IGMP requests from hosts are sent to the multicast router. Downstream: The interface data from the multicast router are sent to hosts in the multicast group

database.

Fields in this page:

Field Description IGMP Proxy Enable/Disable IGMP proxy feature Proxy Interface The upstream WAN interface is selected here.

7.2 UPnP Setup

The device supports a control point for Universal Plug and Play (UPnP) version 1.0, and

supports two key features: NAT Traversal and Device Identification. This feature requires one active WAN interface. In addition, the host should support this feature. In the presence of multiple WAN interfaces, select an interface on which the incoming traffic is present.

With NAT Traversal, when an UPnP command is received to open ports in NAT, the application

translates the request into system commands to open the ports in NAT and the firewall. The interface to open the ports is given to UPnP when it starts up and is part of the configuration of the application.

A7200-G1 User Manual

For Device Identification, the application will send a description of the device as a control point back to the host making the request.

7.2.1 UPnP Configuration

Fields in this page:

Field Description UPnP Daemon Enable/Disable UPnP feature. Binded WAN Interface Select WAN interface that will use UPnP from the drop-down lists.

7.3 SNMP Setup

Simple Network Management Protocol (SNMP) is a troubleshooting and management protocol that uses the UDP protocol on port 161 to communicate between clients and servers. The device can be managed locally or remotely by SNMP protocol.

7.3.1 SNMP Protocol Configuration

Fields in this page:

Field Description System Description System description of the device. System Contact Contact person and/or contact information for the device. System Name An administratively assigned name for the device. System Location The physical location of the device.

System Object ID

Trap IP Address Destination IP address of the SNMP trap. Community name (read-

only) Community name (write-

only)

Vendor objects identifier. The vendor’s authoritative identification of the network management subsystem contained in the entity.

Name of the read-only community. This read-only community allows read operation to all objects in the MIB.

Name of the write-only community. This write-only community allows write operation to the objects defines as read-writable in the MIB.

A7200-G1 User Manual

7.4 DNS Setup

7.4.1 DNS Configuration

This page is used to select the way to obtain the IP addresses of the DNS servers.

Fields in this page:

Field Description Attain DNS Automatically Set DNS Manually Select this item to configure up to three DNS IP addresses.

Select this item if you want to use the DNS servers obtained by the WAN interface via the auto-configuration mechanism.

7.5 Dynamic DNS

Each time your device connects to the Internet, your ISP assigns a different IP address to your device. In order for you or other users to access your device from the WAN-side, you need to manually track the IP that is currently used. The Dynamic DNS feature allows you to register your device with a DNS server and access your device each time using the same host name. The Dynamic DNS page allows you to enable/disable the Dynamic DNS feature.

7.5.1 Dynamic DNS ( DDNS) Configuration

On the Dynamic DNS page, configure the following fields:

Field Description Enable Check this item to enable this registration account for the DNS server.

There are two DDNS providers to be selected in order to register your

DDNS provider

device with: DynDNS and TZO. A charge may occur depends on the service you select.

Hostname Domain name to be registered with the DDNS server. Interface Username User-name assigned by the DDNS service provider.

Password Password assigned by the DDNS service provider.

This field defaults to your device’s WAN interface over which your device will be accessed.

8. Firewall Setup

Firewall contains several features that are used to deny or allow traffic from passing through the device.

8.1 MAC Filtering

The MAC filtering feature allows you to define rules to allow or deny frames through the device based on source MAC address, destination MAC address, and traffic direction.

Fields on the first setting block:

Field Description Outgoing Default Action Specify the default action on the LAN to WAN bridging/forwarding path. Incoming Default Action Specify the default action on the WAN to LAN bridging/forwarding path.

Fields on the second setting block:

Field Description Rule Action Deny or allow traffic when matching this rule. Direction Traffic bridging/forwarding direction.

Source MAC Address

Destination MAC Address

The source MAC address. It must be xxxxxxxxxxxx format. Blanks can be used in the MAC address space and are considered as don’t care. The destination MAC address. It must be xxxxxxxxxxxx format. Blanks can be used in the MAC address space and are considered as don’t care.

8.2 IP/Port Filtering Setup

8.2.1 IP/Port Filtering

The IP/Port filtering feature allows you to deny/allow specific services or applications in the forwarding path.

Fields on the first setting block:

Field Description Outgoing Default Action Specify the default action on the LAN to WAN forwarding path. Incoming Default Action Specify the default action on the WAN to LAN forwarding path.

Fields on the second setting block:

Field Description

A7200-G1 User Manual

Rule Action Deny or allow traffic when matching this rule. Direction Traffic forwarding direction. Protocol There are 3 options available: TCP, UDP and ICMP.

Source IP Address

Source Subnet Mask Subnet-mask of the source IP. Source Port Starting and ending source port numbers.

Destination IP Address

Destination Subnet Mask Subnet-mask of the destination IP. Destination Port Starting and ending destination port numbers.

The source IP address assigned to the traffic on which filtering is applied.

The destination IP address assigned to the traffic on which filtering is applied.

8.3 URL Filter

The URL Blocking is the web filtering solution. The firewall has the ability to block access to specific web URLs based on string matches. This can allow large numbers of URLs to be blocked by specifying only a FQDN (such as tw.yahoo.com). The URL Blocking enforces a Web usage policy to control content downloaded from, and uploaded to the Web.

8.3.1 URL Blocking Configuration

Fields in this page:

Field Description URL Blocking capability Check this item to enable the URL Blocking feature.

Keyword

The filtered keyword such as yahoo. If the URL includes this keyword, the yahoo URL’s will be blocked to access.

8.4 ACL Setup

The Access Control List (ACL) is a list of permissions for a packet to be matched. The list specifies who is allowed to access this device. If ACL is enabled, all hosts cannot access this device except for the hosts with IP address in the ACL table.

8.4.1 ACL Configuration

1. LAN – You can enable LAN ACS Switch to allow/block the PC to access the Modem.

2. WAN – You can enable web(http)/telenet/ftp/tftp/snmp/ping for WAN access.

8.5 DoS Setting

A denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. Such attacks usually lead to a server overload. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Enable DoS Prevention to detect and prevent denial of service attacks through automatic rate filtering or rules to protect legitimate users during the DoS attacks.

A7200-G1 User Manual

9. Maintenance Setup

9.1 Upgrade

9.1.1 Upgrade Firmware

To upgrade the firmware on the device:

 Click the Browse button to select the firmware file.  Confirm your selection.  Click the Upload button to start upgrading.

IMPORTANT!

Do not turn off your device or press the Reset button while this procedure is in progress.

9.1.2 Backup/Restore Settings

A7200-G1 User Manual

This page allows you to backup and restore your configuration into and from file on your host PC.

9.2 Password

The first time you log into the system, you use the default password. There are two-level for login: admin and user. The admin and user password configuration allows you to change the password for administrator and user.

9.2.1 User Account Configuration

Fields in this page:

Field Description User Name Selection of user levels are: admin and user. Old Password Enter the old password for this selected login. New Password Enter the new password here. Confirmed Password Enter the new password here again to confirm.

Privilege Selection of privilege levels are: root or user.

9.3 Reboot

Restart the router.

9.3.1 Commit/Reboot

Function buttons in this page:

1. Save Current Configuration >> Save changes.

2. Factory Default Configuration >> Restore router to factory default settings.

3. Commit Changes >> Save the changes into flash memory.

4. Reset >> Clear the changes from the setting.

5. Reboot >> Restart the modem.

9.4 Time Setup

Select a Network Time Server for synchronization. You can type in the address of a time server. If you have trouble using one server, enter another. Or, you can set the time manually.

9.4.1 System Time Configuration

Fields in this page:

A7200-G1 User Manual

Field Description

System Time

Time Zone Select The time zone in which the devic e resides. State Enable the SNTP client to update the system clock.

Server

NTP Start Start to check the GMT time

The current time of the specified time zone. You can set the current time by yourself or configured by SNTP.

The IP address or the host name of the SNTP server. You can select from the list or set it manually.

9.5 Log Setup

You can setup the system log file.

9.5.1 Log Setting

This page shows the system log.

A7200-G1 User Manual

9.6 Diagnostic Setup

The device supports some useful diagnostic tools.

9.6.1 Ping Diagnostic

Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. In the process it measures the time from transmission to reception (round-trip time) and records any packet loss.

9.6.2 T r aceroute Di agnostic

Traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network.

9.6.4 OAM Fault Management – Connectivity Verification

In order to isolate the ATM interface problems, you can use ATM OAM loopback cells to verify connectivity between VP/VC endpoints, as well as segment endpoints within the VP/VC.

OAM F4 cells operate at the VP level. They use the same VPI as the user cells, however, they use two different reserved VCIs, as follows: VCI=3 Segment OAM F4 cells. VCI=4 End-to-End OAM F4 cells.

OAM F5 cells operate at the VC level. They use the same VPI and VCI as the user cells. To distinguish between data and OAM cells, the PTI field is used as follows: PTI=100 Segment OAM F5 cells processed by the next segment. PTI=101 End-to-End OAM F5 cells which are only processed by end stations terminating an ATM link.

A7200-G1 User Manual

9.6.5 Diagnostic

This page shows the diagnostic result. Click “Start” button to start the diagnostic.

9.6.6 Diagnostic Test

The Diagnostic Test page shows the test results for the connectivity of the physical layer and protocol layer for both LAN and WAN sides.

Fields in this page:

Field Description Select the Internet

Connection

The available WAN side interfaces are listed. You have to select one for the WAN interface configured and run the Diagnostic test.

A7200-G1 User Manual

FCC Caution.

§ 15.19 Labelling requirements.

This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

§ 15.21 Information to user.

Any Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

§ 15.105 Information to the user. Note: This equipment has been tested and found to comply with the limits for a Class B digital

device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

-Reorient or relocate the receiving antenna.

-Increase the separation between the equipment and receiver.

-Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

-Consult the dealer or an experienced radio/TV technician for help.

The A7200-G1 module is designed to comply with the FCC statement. FCC ID is 2AB3KA7200. The host system using A7200-G1, should have label indicated FCC ID 2AB3KA7200.

RF warning for Mobile device: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body.

Eltek Technologies A7200 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual