Hitron CGNM-2250, CGNM-3552 User Manual

Download

Page 1

CGNM-2250

D3 WiFi Gateway

User’s Guide

Version 1.0 - 2014

Page 2

Hitron CGNM-2250 User’s Guide

About This User’s Guide

Intended Audience

This manual is intended for people who want to configure the CGNM-2250’s features via its Graphical User Interface (GUI).

How to Use this User’s Guide

This manual contains information on each the CGNM-2250’s GUI screens, and describes how to use its various features.

Use the CGNM-2250 Overview on page 13 to see an overview of the topics

covered in this manual.

Use the Table of Contents (page 5), List of Figures (page 9) and List of Tables

(page 11) to quickly find information about a particular GUI screen or topic.

Use the Index (page 119) to find information on a specific keyword.

Use the rest of this User’s Guide to see in-depth descriptions of the CGNM-

2250’s features.

List of Figures

Figure 1: Application Overview ...........................................................................13

Figure 2: Hardware Connections ........................................................................15

Figure 3: Power Adaptor .....................................................................................17

Figure 4: LEDs ....................................................................................................18

Figure 5: Login ....................................................................................................23

Figure 6: GUI Overview ......................................................................................24

Figure 7: The Setup Wizard Screen ....................................................................27

Figure 8: The Quick Wizard: Welcome Screen ...................................................28

Figure 9: The Quick Wizard: Setting Password Screen ......................................28

Figure 10: The Quick Wizard: Wireless Settings Screen ....................................29

Figure 11: The Setup Wizard: Summary Screen ................................................31

Figure 12: The Setup Wizard: Summary Screen ................................................31

Figure 13: The Status: Overview Screen ............................................................40

Figure 14: The Status: System Information Screen ............................................45

Figure 15: The Status: DOCSIS Provisioning Status Screen .............................46

Figure 16: The Status: DOCSIS WAN Screen ....................................................47

Figure 17: The Status: DOCSIS Event Screen ...................................................50

Figure 18: The Status: Wireless Screen .............................................................51

Figure 19: Wireless Client List ............................................................................53

Figure 20: The Basic: LAN Setup Screen ...........................................................57

Figure 21: The Basic: Gateway Function Screen ...............................................59

Figure 22: The Basic: Port Forwarding Screen ...................................................60

Figure 23: The Basic: Port Forwarding Add/Edit Screen ....................................62

Figure 24: The Basic: Port Triggering Screen .....................................................64

Figure 25: The Basic: Port Triggering Add/Edit Screen ......................................66

Figure 26: The Basic: DMZ Screen .....................................................................68

Figure 27: Connected Device Info ......................................................................68

Figure 28: The Basic: DNS Screen .....................................................................69

Figure 29: The Wireless: Basic Settings Screen (2.4G) .....................................75

Figure 30: The Wireless: Basic Settings Screen (5G) ........................................79

Figure 31: The Wireless: Basic Settings Screen (WPS) .....................................83

Figure 32: The Wireless: Access Control Screen ...............................................84

LIST OF FIGURES

Page 10

Hitron CGNM-2250 User’s Guide

Figure 33: The Wireless: Access Control Add/Edit Screen .................................86

Figure 34: The Admin: Management Screen ......................................................88

Figure 35: The Admin: Remote Management Screen ........................................90

Figure 36: The Admin: Diagnostics Screen ........................................................91

Figure 37: The Admin: Backup Screen ...............................................................92

Figure 38: The Admin: USB Storage Screen ......................................................93

Figure 39: The Admin: Device Reset Screen ......................................................94

Figure 40: The Security: Firewall Screen ............................................................97

Figure 41: The Security: Service Filter Screen ...................................................99

Figure 42: The Security: Service Filter Add/Edit Screen ...................................101

Figure 43: Additional Service Filtering Options .................................................102

Figure 44: The Security: Service Filter > Trust PC List Add/Edit Screen .........103

Figure 45: The Security: Device Filter Screen ..................................................105

Figure 46: The Security: Device Filter Add/Edit Screen ....................................107

Figure 47: Additional Service Filtering Options .................................................108

Figure 48: The Security: Keyword Filter Screen ...............................................109

Figure 49: Keyword Filter > Trust PC List Add/Edit Screen ..............................111

Figure 50: The Advanced > Switch Setup Screen ............................................112

Figure 51: The Advanced > DDNS Screen .......................................................114

LIST OF FIGURES

Page 11

Hitron CGNM-2250 User’s Guide

List of Tables

Table 1: Default Credentials ................................................................................4

Table 2: Hardware Connections ........................................................................16

Table 3: LEDs ....................................................................................................18

Table 4: GUI Overview .......................................................................................24

Table 5: The Setup Wizard Screen ....................................................................27

Table 6: The Setup Wizard: Setting Password Screen ......................................28

Table 7: The Setup Wizard: Wireless Settings Screen ......................................30

Table 8: Private IP Address Ranges ..................................................................34

Table 9: IP Address: Decimal and Binary ..........................................................34

Table 10: Subnet Mask: Decimal and Binary .....................................................35

Table 11: The Status: Overview Screen ............................................................42

Table 12: The Status: System Information Screen ............................................45

Table 13: The Status: DOCSIS WAN Screen ....................................................48

Table 14: The Status: DOCSIS Event Screen ...................................................50

Table 15: The Status: Wireless Status Screen ..................................................52

Table 16: The Basic: LAN Setup Screen ...........................................................57

Table 17: The Basic: Gateway Function Screen ................................................59

Table 18: The Basic: Port Forwarding Screen ...................................................60

Table 19: The Basic: Port Forwarding Add/Edit Screen ....................................62

Table 20: The Basic: Port Triggering Screen .....................................................64

Table 21: The Basic: Port Triggering Add/Edit Screen ......................................66

Table 22: The Basic: DMZ Screen .....................................................................68

Table 23: The Basic: DNS Screen .....................................................................69

Table 24: The Wireless: Basic Settings Screen (2.4G) ......................................76

Table 25: The Wireless: Basic Settings Screen (5G) .........................................79

Table 26: The Wireless: Basic Settings Screen (WPS) .....................................83

Table 27: The Wireless: Access Control Screen ...............................................84

Table 28: The Wireless: Access Control Add/Edit Screen .................................86

Table 29: The Admin: Management Screen ......................................................89

Table 30: The Admin: Remote Management Screen .........................................90

Table 31: The Admin: Diagnostics Screen .........................................................91

Table 32: The Admin: Backup Screen ...............................................................92

LIST OF TABLES

Page 12

Hitron CGNM-2250 User’s Guide

Table 33: The Admin: USB Storage Screen ......................................................93

Table 34: The Admin: Device Reset Screen ......................................................94

Table 35: The Security: Firewall Screen ............................................................98

Table 36: The Security: Service Filter Screen ...................................................99

Table 37: The Security: Service Filter Add/Edit Screen ...................................101

Table 38: The Security: Service Filter Add/Edit Trust Manage Device Screen 103

Table 39: The Security: Device Filter Screen ..................................................105

Table 40: The Security: Device Filter Add/Edit Screen ....................................107

Table 41: The Security: Keyword Filter Screen ...............................................109

Table 42: The Security: Keyword Filter Add/Edit Trust Manage Device Screen 111

Table 43: The Advanced > Switch Setup Screen ............................................113

Table 44: The Advanced > DDNS Screen .......................................................114

LIST OF TABLES

Page 13

Hitron CGNM-2250 User’s Guide

Introduction

This chapter introduces the CGNM-2250 and its GUI (Graphical User Interface).

1.1 CGNM-2250 Overview

Your CGNM-2250 is a NAT-capable cable modem and wireless access point that allows you to connect your computers, wireless devices, and other network devices to one another, and to the Internet via the cable connection.

The CGNM-2250 must be placed vertically on its stand, should not be

positioned in either wall-mount or horizontal.

Figure 1: Application Overview

INTRODUCTION

Page 14

Hitron CGNM-2250 User’s Guide

1.1.1 Key Features

The CGNM-2250 provides:

High-performance DOCSIS 3.0 (24-channel downstream, 8-channel upstream)

Internet connection to cable modem service via the CATV port (F-type RF connector) at speeds of up to 960 Mbps (megabits per second)

Full dual-stack IPv4/IPv6 support for routing and firewall (DSLite and 6RD)

Local Area Network connection via four 10/100/1000 Mbps Ethernet ports

Dynamic Host Configuration Protocol (DHCP) for devices on the LAN

LAN troubleshooting tools (Ping and Traceroute)

IEEE 802.11a/b/g/n/ac concurrent dual band (2.4GHz and 5GHz) wireless MIMO

(Multiple-In, Multiple-Out) networking, allowing speeds of up to 450Mbps+1300Mbps PHY data rate.

Wireless security: WEP, WPA-PSK and WPA2-PSK encryption, WiFi Protected

Setup (WPS) push-button and PIN configuration, MAC filtering,

Wired security: stateful inspection firewall with intrusion detection system, IP and

MAC filtering, port forwarding and port triggering, De-Militarized Zone (DMZ)

Settings backup and restore

Secure configuration interface, accessible by Web browser

1.2 Hardware Connections

This section describes the CGNM-2250’s physical ports and buttons.

INTRODUCTION

Page 15

Figure 2: Hardware Connections

Hitron CGNM-2250 User’s Guide

INTRODUCTION

Page 16

Hitron CGNM-2250 User’s Guide

Table 2: Hardware Connections

WPS Press this button to begin the WiFi Protected Setup

(WPS) Push-Button Configuration (PBC) procedure.

Press the PBC button on your wireless clients in the coverage area within two minutes to enable them to join the wireless network.

See WPS on page 73 for more information.

USB The CGNM-2250 provides two USB 2.0 host ports on

the rear, allowing you to plug in USB flash disks for mounting and sharing through the LAN interfaces via the Samba protocol (network neighborhood).

The CGNM-2250 supports the following Windows file systems:

FAT16

FAT32

NTFS

USB devices must not drain more than 500mA

from the USB port. USB devices requiring more than 500mA should be provided with their own power source(s).

Reset Use this button to reboot or reset your CGNM-2250.

Press the button and hold it for less than five seconds

to reboot the CGNM-2250. The CGNM-2250 restarts, using your existing settings.

Press the button and hold it for more than five

seconds to delete all user-configured settings and restart the CGNM-2250 using its factory default settings. See Factory Default Resetting the CGNM-

2250 on page 24 for more information on resetting

the CGNM-2250.

NOTE: Unless you previously backed-up the CGNM-

2250’s configuration settings prior to resetting the CGNM-2250, the settings cannot be recovered.

INTRODUCTION

Page 17

Hitron CGNM-2250 User’s Guide

Table 2: Hardware Connections

LAN1 Use these ports to connect your computers and other

LAN2

LAN3

LAN4

CABLE Use this to connect to the Internet and coax network via

POWER Use this to connect to the 12v/2A power adapter that

network devices, using Category 5 or 6 Ethernet cables with RJ45 connectors.

an F-type RF cable.

came with your CGNM-2250.

NEVER use another power adapter with your

CGNM-2250. Doing so could harm your CGNM-

2250.

Figure 3: Power Adaptor

1.3 LEDs

This section describes the CGNM-2250’s LEDs (lights).

INTRODUCTION

Page 18

Figure 4: LEDs

Hitron CGNM-2250 User’s Guide

Table 3: LEDs

LED STATUS DESCRIPTION

POWER Off The CGNM-2250 is not receiving power.

On The CGNM-2250 is receiving power.

INTRODUCTION

Page 19

Hitron CGNM-2250 User’s Guide

Table 3: LEDs

DS Green, blinking The CGNM-2250 is searching for a downstream

frequency on the CABLE connection.

Green, steady The CGNM-2250 has successfully located and

locked onto a downstream frequency on the CABLE connection.

Blue, blinking The CGNM-2250 is ranging on the downstream

frequency.

Blue, steady Downstream frequency is locked or online with

channel bonding.

Off There is no downstream activity on the CABLE

connection.

US Green, blinking The CGNM-2250 is searching for an upstream

frequency on the CABLE connection.

Green, steady The CGNM-2250 has successfully located and

locked onto an upstream frequency on the CABLE connection.

Blue, blinking The CGNM-2250 is ranging on the upstream

frequency.

Blue, steady Upstream frequency is locked or online with

channel bonding.

Off There is no upstream activity on the CABLE

connection.

STATUS Blinking The CGNM-2250’s cable modem is registering with

the service provider’s CMTS.

On The CGNM-2250’s cable modem has successfully

registered with the service provider and is ready for data transfer.

LAN Off No device is connected to one of the LAN ports.

Green, blinking A device is connected to one of the LAN ports and

is transmitting or receiving data.

Green, steady A device is connected to one of the LAN ports but is

not transmitting or receiving data.

INTRODUCTION

Page 20

Table 3: LEDs

WIRELESS (2.4GHZ)

Hitron CGNM-2250 User’s Guide

Off The 2.4GHz wireless network is not enabled.

Green, steady The 2.4GHz wireless network is enabled, and no

data is being transmitted or received over the

2.4GHz wireless network.

Green, blinking The 2.4GHz wireless network is enabled, and data

is being transmitted or received over the 2.4GHz wireless network.

WIRELESS (5GHZ)

USB Off No USB device is connected to either USB port.

When you turn on the CGNM-2250, the LEDs light up in the following order:

Off The 5GHz wireless network is not enabled.

Green, steady The 5GHz wireless network is enabled, and no data

is being transmitted or received over the 5GHz wireless network.

Green, blinking The 5GHz wireless network is enabled, and data is

being transmitted or received over the 5GHz wireless network.

Green, steady A USB device is connected to one of the USB ports,

and is not transmitting or receiving data.

Green, blinking A USB device is connected to one of the USB ports,

and is transmitting or receiving data.

1 POWER

2 DS

3 US

4 STATUS

5 The LAN LED lights up as soon as there is activity on the LAN ports, the

WIRELESS LEDs light up once the wireless network is ready, and the USB LED lights up once

a connected device on either USB port is detected.

INTRODUCTION

Page 21

Hitron CGNM-2250 User’s Guide

1.4 IP Address Setup

Before you log into the CGNM-2250’s GUI, your computer’s IP address must be in the same subnet as the CGNM-2250. This allows your computer to communicate with the CGNM-2250.

NOTE: See IP Addresses and Subnets on page 33 for background information.

The CGNM-2250 has a built-in DHCP server that, when active, assigns IP addresses to computers on the LAN. When the DHCP server is active, you can get an IP address automatically. The DHCP server is active by default.

If your computer is configured to get an IP address automatically, or if you are not sure, try to log in to the CGNM-2250 (see

GUI Overview on page 23).

If the login screen displays, your computer is already configured correctly.

If the login screen does not display, either the CGNM-2250’s DHCP server is not

active or your computer is not configured correctly. Follow the procedure in

Manual IP Address Setup on page 21 and set your computer to get an IP

address automatically. Try to log in again. If you cannot log in, follow the manual IP address setup procedure again, and set a specific IP address as shown. Try to log in again.

NOTE: If you still cannot see the login screen, your CGNM-2250’s IP settings may

have been changed from their defaults. If you do not know the CGNM-2250’s new address, you should return it to its factory defaults. See Factory Default

Resetting the CGNM-2250 on page 24. Bear in mind that ALL user-

configured settings are lost.

1.4.1 Manual IP Address Setup

By default, your CGNM-2250’s local IP address is 192.168.0.1. If your CGNM-2250 is using the default IP address, you should set your computer’s IP address to be between 192.168.0.2 and 192.168.0.254.

NOTE: If your CGNM-2250 DHCP server is active, set your computer to get an IP

address automatically in step 5. The CGNM-2250 assigns an IP address to your computer. The DHCP server is active by default.

INTRODUCTION

Page 22

Hitron CGNM-2250 User’s Guide

Take the following steps to manually set up your computer’s IP address to connect to the CGNM-2250:

NOTE: This example uses Windows XP; the procedure for your operating system

may be different.

1 Click Start, then click Control Panel.

2 In the window that displays, double-click Network Connections.

3 Right-click your network connection (usually Local Area Connection) and click

Properties.

4 In the General tab’s This connection uses the following items list, scroll

down and select Internet Protocol (TCP/IP). Click Properties.

5 You can get an IP address automatically, or specify one manually:

If your CGNM-2250’s DHCP server is active, select Get an IP address

automatically.

If your CGNM-2250’s DHCP server is active, select Use the following IP

address. In the IP address field, enter a value between 192.168.0.2 and

192.168.0.254 (default). In the Subnet mask field, enter 255.255.255.0

(default).

NOTE: If your CGNM-2250 is not using the default IP address, enter an IP address

and subnet mask that places your computer in the same subnet as the CGNM-2250.

6 Click OK. The Internet Protocol (TCP/IP) window closes. In the Local Area

Connection Properties window, click OK.

Your computer now obtains an IP address from the CGNM-2250, or uses the IP address that you specified, and can communicate with the CGNM-2250.

1.5 Login into the CGNM-2250

Take the following steps to login into the CGNM-2250’s GUI.

INTRODUCTION

Page 23

Hitron CGNM-2250 User’s Guide

NOTE: You can login into the CGNM-2250’s GUI via the wireless interface.

However, it is strongly recommended that you configure the CGNM-2250 via a wired connection on the LAN.

1 Open a browser window.

2 Enter the CGNM-2250’s IP address (default 192.168.0.1) in the URL bar. The

Figure 5: Login

3 Enter the Username and Password. The default login username is cusadmin,

and the default password is password.

NOTE: The Username and Password are case-sensitive; “password” is not the same

as “Password”.

4 Click Login. The Overview screen displays (see The Overview Screen on page

39).

1.6 GUI Overview

This section describes the CGNM-2250’s GUI.

INTRODUCTION

Page 24

Figure 6: GUI Overview

Hitron CGNM-2250 User’s Guide

Table 4: GUI Overview

Primary Navigation Bar

Secondary Navigation Bar

Main Window Use this section to read information about your CGNM-2250’s

Use this section to move from one part of the GUI to another, select the language and your login account.

Use this section to move from one related screen to another.

configuration, and make configuration changes.

1.7 Factory Default Resetting the CGNM-2250

When you reset the CGNM-2250 to its factory defaults, all user-configured settings are lost, and the CGNM-2250 is returned to its initial configuration state.

There are two ways to reset the CGNM-2250:

INTRODUCTION

Page 25

Hitron CGNM-2250 User’s Guide

Press the RESET button on the CGNM-2250, and hold it in for 5 seconds or

longer.

Click Admin > Device Reset. In the screen that displays, click the Factory

Reset button.

After the operation, the CGNM-2250 turns off and on again, using its factory default settings.

NOTE: Depending on your CGNM-2250’s previous configuration, you may need to

re-configure your computer’s IP settings; see IP Address Setup on page 21.

INTRODUCTION

Page 26

Hitron CGNM-2250 User’s Guide

Setup Wizard

This chapter describes the CGNM-2250’s setup wizard, which displays when you click Setup Wizard in the toolbar. It contains the following sections:

Setup Wizard Overview on page 26

The Setup Wizard Screen on page 26

The Welcome Screen on page 27

The Setting Password Screen on page 28

The Wireless Settings Screen on page 29

The Summary Screen on page 30

2.1 Setup Wizard Overview

Your CGNM-2250 possess a setup wizard that allows you to rapidly configure its most important settings, including password and wireless settings.

2.2 The Setup Wizard Screen

This section describes the CGNM-2250’s Setup Wizard Screen.

SETUP WIZARD

Page 27

Figure 7: The Setup Wizard Screen

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 5: The Setup Wizard Screen

Quick Wizard Click to customize the CGNM-2250’s password and common

Wi-Fi settings.

Manage LAN Click to manage the CGNM-2250’s firewall settings. See The

LAN Setup Screen on page 56.

Manage Firewall Click to manage the CGNM-2250’s firewall settings. See The

Firewall Screen on page 96.

Manage Wireless Click to manage the CGNM-2250’s wireless settings. See The

Basic Settings Screen on page 74.

2.3 The Welcome Screen

This screen displays the welcome message of the Quick Wizard.

Click Quick Wizard. The following screen displays.

SETUP WIZARD

Page 28

Hitron CGNM-2250 User’s Guide

Figure 8: The Quick Wizard: Welcome Screen

2.4 The Setting Password Screen

Use this screen to customize the CGNM-2250’s password settings.

Click Next in the Quick Wizard: Welcome Screen. The following screen displays.

NOTE: It is strongly recommended that you change the CGNM-2250’s password

from its factory default.

Figure 9: The Quick Wizard: Setting Password Screen

The following table describes the labels in this screen.

Table 6: The Setup Wizard: Setting Password Screen

Old Password Enter the password with which you currently log into the

CGNM-2250 for this account.

SETUP WIZARD

Page 29

Hitron CGNM-2250 User’s Guide

Table 6: The Setup Wizard: Setting Password Screen (continued)

New Password Enter and re-enter the password you want to use to log

Confirm New Password

into the CGNM-2250 for this account.

Exit

Prev Click this to return to the previous screen.

Next Click this to continue to the next screen.

Click this to return the fields in this screen to their lastsaved values without saving your changes.

2.5 The Wireless Settings Screen

Use this screen to configure the CGNM-2250’s wireless settings.

Click Next in the Quick Wizard: Setting Password screen. The following screen displays.

Figure 10: The Quick Wizard: Wireless Settings Screen

SETUP WIZARD

Page 30

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 7: The Setup Wizard: Wireless Settings Screen

Primary SSID Enter the name that you want to use for your CGNM-

2250’s wireless network. This is the name that identifies your network, and to which wireless clients connect.

Security Type Use this field to apply security encryption to your

wireless network.

Select Open to use no wireless security. Anyone

can join the network.

Select Encrypted to require people who want to

access your wireless network to use a password. Then, enter the password you want to use in the Security Key field that displays.

Exit

Prev Click this to return to the previous screen.

Next Click this to continue to the next screen.

Click this to return the fields in this screen to their lastsaved values without saving your changes.

2.6 The Summary Screen

Use this screen to view the CGNM-2250’s settings.

Click Next in the Quick Wizard: Wireless Settings screen. The following screen displays.

SETUP WIZARD

Page 31

Hitron CGNM-2250 User’s Guide

Figure 11: The Setup Wizard: Summary Screen

If you are happy with the settings, click Finish. The following confirmation message displays.

Figure 12: The Setup Wizard: Summary Screen

NOTE: If you changed the Primary SSID Name or Wireless Secure Key, make

sure you keep a note of the new details.

Alternatively, click Prev to make further changes to the wizard’s fields.

SETUP WIZARD

Page 32

Hitron CGNM-2250 User’s Guide

Status

This chapter describes the screens that display when you click Status in the toolbar. It contains the following sections:

Status Overview on page 32

The Overview Screen on page 39

The System Information Screen on page 44

The DOCSIS Provisioning Screen on page 46

The DOCSIS WAN Screen on page 47

The DOCSIS Event Screen on page 49

The Wireless Screen on page 51

3.1 Status Overview

This section describes some of the concepts related to the Status screens.

3.1.1 DOCSIS

The Data Over Cable Service Interface Specification (DOCSIS) is a telecommunications standard that defines the provision of data services) Internet access) over a traditional cable TV (CATV) network.

Your CGNM-2250 supports DOCSIS version 3.0.

STATUS

Page 33

Hitron CGNM-2250 User’s Guide

3.1.2 IP Addresses and Subnets

Every computer on the Internet must have a unique Internet Protocol (IP) address. The IP address works much like a street address, in that it identifies a specific location to which information is transmitted. No two computers on a network can have the same IP address.

3.1.2.1 IP Address Format

IP addresses consist of four octets (8-bit numerical values) and are usually represented in decimal notation, for example 192.168.1.1. In decimal notation, this means that each octet has a minimum value of 0 and a maximum value of 255.

An IP address carries two basic pieces of information: the “network number” (the address of the network as a whole, analogous to a street name) and the “host ID” (analogous to a house number) which identifies the specific computer (or other network device).

3.1.2.2 IP Address Assignment

IP addresses can come from three places:

The Internet Assigned Numbers Agency (IANA)

Your Internet Service Provider

You (or your network devices)

IANA is responsible for IP address allocation on a global scale, and your ISP assigns IP addresses to its customers. You should never attempt to define your own IP addresses on a public network, but you are free to do so on a private network.

In the case of the CGNM-2250:

The public network (Wide Area Network or WAN) is the link between the cable

connector and your Internet Service Provider. Your CGNM-2250’s IP address on this network is assigned by your service provider.

STATUS

Page 34

Hitron CGNM-2250 User’s Guide

The private network (in routing mode - see Routing Mode on page 37) is your

Local Area Network (LAN) and Wireless Local Area Network (WLAN), if enabled. You are free to assign IP addresses to computers on the LAN and WLAN manually, or to allow the CGNM-2250 to assign them automatically via DHCP (Dynamic Host Configuration Protocol). IANA has reserved the following blocks of IP addresses to be used for private networks only:

Table 8: Private IP Address Ranges

FROM... ...TO

10.0.0.0 10.255.255.255

172.16.0.0 172.31.255.255

192.168.0.0 192.168.255.255

If you assign addresses manually, they must be within the CGNM-2250’s LAN subnet.

3.1.2.3 Subnets

A subnet (short for sub-network) is, as the name suggests, a separate section of a network, distinct from the main network of which it is a part. A subnet may contain all of the computers at one corporate local office, for example, while the main network includes several offices.

In order to define the extent of a subnet, and to differentiate it from the main network, a subnet mask is used. This “masks” the part of the IP address that refers to the main network, leaving the part of the IP address that refers to the sub-network.

Each subnet mask has 32 bits (binary digits), as does each IP address:

A binary value of 1 in the subnet mask indicates that the corresponding bit in the

IP address is part of the main network.

A binary value of 0 in the subnet mask indicates that the corresponding bit in the

IP address is part of the sub-network.

For example, the following table shows the IP address of a computer (192.168.1.1) expressed in decimal and binary (each cell in the table indicates one octet):

Table 9: IP Address: Decimal and Binary

192 168 0 1

11000000 10101000 00000000 00000001

STATUS

Page 35

Hitron CGNM-2250 User’s Guide

The following table shows a subnet mask that “masks” the first twenty-four bits of the IP address, in both its decimal and binary notation.

Table 10: Subnet Mask: Decimal and Binary

255 255 255 0

11111111 11111111 11111111 00000000

This shows that in this subnet, the first three octets (192.168.1, in the example IP address) define the main network, and the final octet (1, in the example IP address) defines the computer’s address on the subnet.

The decimal and binary notations give us the two common ways to write a subnet mask:

Decimal: the subnet mask is written in the same fashion as the IP address:

255.255.255.0, for example.

Binary: the subnet mask is indicated after the IP address (preceded by a forward

slash), specifying the number of binary digits that it masks. The subnet mask

255.255.255.0 masks the first twenty-four bits of the IP address, so it would be written as follows: 192.168.1.1/24.

3.1.3 DHCP

The Dynamic Host Configuration Protocol, or DHCP, defines the process by which IP addresses can be assigned to computers and other networking devices automatically, from another device on the network. This device is known as a DHCP server, and provides addresses to all the DHCP client devices.

In order to receive an IP address via DHCP, a computer must first request one from the DHCP server (this is a broadcast request, meaning that it is sent out to the whole network, rather than just one IP address). The DHCP server hears the requests, and responds by assigning an IP address to the computer that requested it.

If a computer is not configured to request an IP address via DHCP, you must configure an IP address manually if you want to access other computers and devices on the network. See

IP Address Setup on page 21 for more information.

By default, the CGNM-2250 is a DHCP client on the WAN (the CATV connection). It broadcasts an IP address over the cable network, and receives one from the service provider. By default, the CGNM-2250 is a DHCP server on the LAN; it provides IP addresses to computers on the LAN which request them.

STATUS

Page 36

Hitron CGNM-2250 User’s Guide

3.1.4 DHCP Lease

“DHCP lease” refers to the length of time for which a DHCP server allows a DHCP client to use an IP address. Usually, a DHCP client will request a DHCP lease renewal before the lease time is up, and can continue to use the IP address for an additional period. However, if the client does not request a renewal, the DHCP server stops allowing the client to use the IP address.

This is done to prevent IP addresses from being used up by computers that no longer require them, since the pool of available IP addresses is finite.

3.1.5 MAC Addresses

Every network device possesses a Media Access Control (MAC) address. This is a unique alphanumeric code, given to the device at the factory, which in most cases cannot be changed (although some devices are capable of “MAC spoofing”, where they impersonate another device’s MAC address).

MAC addresses are the most reliable way of identifying network devices, since IP addresses tend to change over time (whether manually altered, or updated via DHCP).

Each MAC address displays as six groups of two hexadecimal digits separated by colons (or, occasionally, dashes) for example 00:AA:FF:1A:B5:74.

NOTE: Each group of two hexadecimal digits is known as an “octet”, since it

represents eight bits.

Bear in mind that a MAC address does not precisely represent a computer on your network (or elsewhere), it represents a network device, which may be part of a computer (or other device). For example, if a single computer has an Ethernet card (to connect to your CGNM-2250 via one of the LAN ports) and also has a wireless card (to connect to your CGNM-2250 over the wireless interface) the MAC addresses of the two cards will be different. In the case of the CGNM-2250, each internal module (cable modem module, Ethernet module, wireless module, etc.) possesses its own MAC address.

STATUS

Page 37

Hitron CGNM-2250 User’s Guide

3.1.6 Routing Mode

When your CGNM-2250 is in routing mode, it acts as a gateway for computers on the LAN to access the Internet. The service provider assigns an IP address to the CGNM-2250 on the WAN, and all traffic for LAN computers is sent to that IP address. The CGNM-2250 assigns private IP addresses to LAN computers (when DHCP is active), and transmits the relevant traffic to each private IP address.

NOTE: When DHCP is not active on the CGNM-2250 in routing mode, each

computer on the LAN must be assigned an IP address in the CGNM-2250’s subnet manually.

When the CGNM-2250 is not in routing mode, the service provider assigns an IP address to each computer connected to the CGNM-2250 directly. The CGNM-2250 does not perform any routing operations, and traffic flows between the computers and the service provider.

Routing mode is not user-configurable; it is specified by the service provider in the CGNM-2250’s configuration file.

3.1.7 Configuration Files

The CGNM-2250’s configuration (or config) file is a document that the CGNM-2250 obtains automatically over the Internet from the service provider’s server, which specifies the settings that the CGNM-2250 should use. It contains a variety of settings that are not present in the user-configurable Graphical User Interface (GUI) and can be specified only by the service provider.

3.1.8 Downstream and Upstream Transmissions

The terms “downstream” and “upstream” refer to data traffic flows, and indicate the direction in which the traffic is traveling. “Downstream” refers to traffic from the service provider to the CGNM-2250, and “upstream” refers to traffic from the CGNM2250 to the service provider.

3.1.9 Cable Frequencies

Just like radio transmissions, data transmissions over the cable network must exist on different frequencies in order to avoid interference between signals.

STATUS

Page 38

Hitron CGNM-2250 User’s Guide

The data traffic band is separate from the TV band, and each data channel is separate from other data channels.

3.1.10 Modulation

Transmissions over the cable network are based on a strong, high frequency periodic waveform known as the “carrier wave.” This carrier wave is so called because it “carries” the data signal. The data signal itself is defined by variations in the carrier wave. The process of varying the carrier wave (in order to carry data signal information) is known as “modulation.” The data signal is thus known as the “modulating signal.”

Cable transmissions use a variety of methods to perform modulation (and the “decoding” of the received signal, or “demodulation”). The modulation methods defined in DOCSIS 3 are as follows:

QPSK: Quadrature Phase-Shift Keying

QAM: Quadrature Amplitude Modulation

QAM TCM: Trellis modulated Quadrature Amplitude Modulation

In many cases, a number precedes the modulation type (for example 16 QAM). This number refers to the complexity of modulation. The higher the number, the more data can be encoded in each symbol.

NOTE: In modulated signals, each distinct modulated character (for example, each

audible tone produced by a modem for transmission over telephone lines) is known as a symbol.

Since more information can be represented by a single character, a higher number indicates a higher data transfer rate.

3.1.11 TDMA, FDMA and SCDMA

Time Division Multiple Access (TDMA), Frequency Division Multiple Access (FDMA) and Synchronous Code Division Multiple Access (SCDMA) are channel access methods that allow multiple users to share the same frequency channel.

TDMA allows multiple users to share the same frequency channel by splitting

transmissions by time. Each user is allocated a number of time slots, and transmits during those time slots.

STATUS

Page 39

Hitron CGNM-2250 User’s Guide

FDMA allows multiple users to share the same frequency channel by assigning a

frequency band within the existing channel to each user.

SCDMA allows multiple users to share the same frequency channel by assigning

a unique orthogonal code to each user.

3.2 The Overview Screen

Use this screen to see general information about your CGNM-2250’s hardware, its software, and its connection to the Internet.

NOTE: Most of the information that displays in this screen is for troubleshooting

purposes only. However, you may need to use the MAC Address information when setting up your network.

Click Status > Overview. The following screen displays.

STATUS

Page 40

Figure 13: The Status: Overview Screen

Hitron CGNM-2250 User’s Guide

STATUS

Page 41

Hitron CGNM-2250 User’s Guide

STATUS

Page 42

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 11: The Status: Overview Screen

System Overview

Hardware Version This displays the version number of the CGNM-2250’s

physical hardware.

Software Version This displays the version number of the software that

controls the CGNM-2250.

Gateway Serial Number

System Time This displays the current date and time.

LAN Up Time

WAN Up Time

WAN IP This field displays the CGNM-2250’s IP address on the

WAN DNS This field displays the DNS server IP used by the WAN

Wireless Overview

(SSID) This displays the 2.4 GHz wireless network’s Service

Broadcast SSID This field displays Enabled when the 2.4 GHz wireless

Security Mode This displays the type of security the CGNM-2250’s 2.4

This displays a number that uniquely identifies the device.

This displays the time the LAN has been online.

This displays the time the WAN has been online.

WAN (Wide Area Network) interface.

side.

Set Identifier. This is the name of the wireless network, to which wireless clients connect.

network’s SSID is being broadcast, and displays Disabled when it is not.

GHz wireless network is currently using.

Security Key This displays the password for the CGNM-2250’s 2.4

GHz wireless network.

(SSID 5 GHz) This displays the 5 GHz wireless network’s Service Set

Identifier. This is the name of the wireless network, to which wireless clients connect.

Broadcast SSID This field displays Enabled when the 5 GHz wireless

network’s SSID is being broadcast, and displays Disabled when it is not.

Security Mode This displays the type of security the CGNM-2250’s 5

GHz wireless network is currently using.

Security Key This displays the password for the CGNM-2250’s 5 GHz

wireless network.

STATUS

Page 43

Hitron CGNM-2250 User’s Guide

Table 11: The Status: Overview Screen (continued)

Service Filter

Filter Status This displays Active when a Service Filter is Enabled.

Host Name This displays the name for the application for which you

want to create the rule.

Protocol This field displays the protocol or protocols to which this

filtering rule applies:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Port Range This displays the start and end port for which this

filtering rule applies.

Managed Time This displays the start (From) and end (To) of the time

period during which this rule applies, on the specified Managed Weekdays.

Managed Weekdays This displays the days of the week on which this rule

applies.

Trusted PC List

Device Name

IP Address

Status

Device Filter

Block Rules Status This displays the status of the devices listed.

This displays the name of the trust device connected.

This displays the IP address of the trust network device connected.

This displays whether or not the service filter rule is enabled to the trust device connected.

Allow All: ignore the Managed Devices list and let

all devices connect to the CGNM-2250.

Allow: permit only devices you added to the

Managed Devices list to access the CGNM-2250 and the network. All other devices are denied access.

Deny: permit all devices except those you added to

the Managed Devices list to access the CGNM2250 and the network. The specified devices are denied access.

Host Name This displays the name of each network device in the

list.

STATUS

Page 44

Hitron CGNM-2250 User’s Guide

Table 11: The Status: Overview Screen (continued)

MAC Address This displays the Media Access Control (MAC) address

of each network device in the list.

Managed Time This displays the start (From) and end (To) of the time

period during which the device is managed, on the specified Managed Weekdays.

Managed Weekdays This displays the days of the week on which the device

is managed.

Keyword Filter

Keywords Status This displays Active when a Keyword Filter is Enabled.

Keyword Enter the keyword that you want to block. The CGNM-

2250 examines both the page’s URL (Internet address) and its page content (text).

Blocked Time Use these fields to specify the period during which the

rule should be applied. Enter the start time in the From fields, using twenty-four hour notation, and enter the end time in the To fields.

Blocked Weekdays Use these fields to specify the times at which the

keyword should be blocked. A red background indicates that the rule will be applied (access will be blocked), and a green background indicates that the device will not be applied (access will not be blocked). Click a day to toggle the rule on or off for the relevant day.

Trusted PC List

Device Name

IP Address This displays the IP address of each network device

Rule Status This displays whether or not the keyword filter rule is

This displays the name of each network device connected.

connected.

enabled to the trust device connected.

3.3 The System Information Screen

Use this screen to see general information about your CGNM-2250’s hardware, its software, and its connection to the Internet.

NOTE: Most of the information that displays in this screen is for troubleshooting

purposes only. However, you may need to use the MAC Address information when setting up your network.

STATUS

Page 45

Hitron CGNM-2250 User’s Guide

Click Status > System Information. The following screen displays.

Figure 14: The Status: System Information Screen

The following table describes the labels in this screen.

Table 12: The Status: System Information Screen

Hardware Version This displays the version number of the CGNM-2250’s

physical hardware.

Software Version This displays the version number of the software that

controls the CGNM-2250.

Gateway Serial Number This displays a number that uniquely identifies the

device.

HFC MAC Address This displays the Media Access Control (MAC) address

of the CGNM-2250’s RF module. This is the module that connects to the Internet through the Cable connection.

System Time This displays the current date and time.

Time Zone

LAN Up Time

WAN IP This field displays the CGNM-2250’s IP address on the

WAN Receiving This displays the number of bytes that the WAN is

Use display the time zone when the ToD Function enabled.

This displays the time the LAN has been online.

WAN (Wide Area Network) interface.

receiving.

WAN Sending This displays the number of bytes that the WAN is

sending.

STATUS

Page 46

Hitron CGNM-2250 User’s Guide

Table 12: The Status: System Information Screen (continued)

Private LAN IP Address

LAN Receiving This displays the number of bytes that the LAN is

LAN Sending This displays the number of bytes that the LAN is

Use this field to define the IP address of the CGNM-2250 on the LAN.

receiving.

sending.

WAN Up Time

This displays the time the WAN has been online.

3.4 The DOCSIS Provisioning Screen

This screen displays the steps successfully taken to connect to the Internet over the Cable connection.

Use this screen for troubleshooting purposes to ensure that the CGNM-2250 has successfully connected to the Internet; if an error has occurred you can identify the stage at which the failure occurred.

Click Status > DOCSIS Provisioning. The following screen displays.

Figure 15: The Status: DOCSIS Provisioning Status Screen

For each step:

Process displays when the CGNM-2250 is attempting to complete a connection

step.

STATUS

Page 47

Hitron CGNM-2250 User’s Guide

Success displays when the CGNM-2250 has completed a connection step.

3.5 The DOCSIS WAN Screen

Use this screen to discover information about:

The nature of the upstream and downstream connection between the CGNM-

2250 and the device to which it is connected through the CABLE interface.

IP details of the CGNM-2250’s WAN connection.

Click Status > DOCSIS WAN. The following screen displays.

Figure 16: The Status: DOCSIS WAN Screen

STATUS

Page 48

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 13: The Status: DOCSIS WAN Screen

DOCSIS Overview

Network Access This displays whether or not your service provider

allows you to access the Internet over the CABLE connection.

Permitted displays if you can access the Internet.

Denied displays if you cannot access the Internet.

IP Address This displays the CGNM-2250’s WAN IP address. This

IP address is automatically assigned to the CGNM-

2250.

Subnet Mask This displays the CGNM-2250’s WAN subnet mask.

Gateway IP This displays the IP address of the device to which the

CGNM-2250 is connected over the CABLE interface.

DHCP Lease Time This displays the time that elapses before your device’s

IP address lease expires, and a new IP address is assigned to it by the DHCP server.

Downstream Overview

NOTE: The downstream signal is the signal transmitted to the CGNM-2250.

Port ID This displays the ID number of the downstream

connection’s port.

Frequency (MHz) This displays the actual frequency in Megahertz (MHz)

of each downstream data channel to which the CGNM2250 is connected.

Modulation This displays the type of modulation that each

downstream channel uses.

Signal Strength (dBmV)

Channel ID This displays the ID number of each channel on which

Signal Noise Ratio (dB)

This displays the power of the signal of each downstream data channel to which the CGNM-2250 is connected, in dBmV (decibels above/below 1 millivolt).

the downstream signal is transmitted.

This displays the Signal to Noise Ratio (SNR) of each downstream data channel to which the CGNM-2250 is connected, in dB (decibels).

Upstream Overview

NOTE: The upstream signal is the signal transmitted from the CGNM-2250.

STATUS

Page 49

Hitron CGNM-2250 User’s Guide

Table 13: The Status: DOCSIS WAN Screen (continued)

Port ID This displays the ID number of the upstream

connection’s port.

Frequency (MHz) This displays the actual frequency in Megahertz (MHz)

of each upstream data channel to which the CGNM2250 is connected.

Modulation This displays the type of modulation that each upstream

channel uses.

Signal Strength (dBmV)

Channel ID This displays the ID number of each channel on which

BandWidth This displays the BandWidth of each upstream channel

This displays the power of the signal of each upstream data channel to which the CGNM-2250 is connected, in dBmV (decibels above/below 1 millivolt).

the upstream signal is transmitted.

to which the CGNM-2250 is connected.

3.6 The DOCSIS Event Screen

Use this screen to discover information about:

The nature of the upstream and downstream connection between the CGNM-

2250 and the device to which it is connected through the CABLE interface.

IP details of the CGNM-2250’s WAN connection.

Click Status > DOCSIS Event. The following screen displays.

STATUS

Page 50

Hitron CGNM-2250 User’s Guide

Figure 17: The Status: DOCSIS Event Screen

The following table describes the labels in this screen.

Table 14: The Status: DOCSIS Event Screen

No. This displays the arbitrary, incremental index number

assigned to the DOCSIS event.

Time This displays the time and date of the DOCSIS event.

Type This displays the type of the DOCSIS event.

NOTE: The definitions of the type of DOCSIS event

follow DOCSIS’s specification accordingly.

Priority This displays the priority of the DOCSIS event.

NOTE: The definitions of the priority of DOCSIS event

follow DOCSIS’s specification accordingly.

Event This displays a description of the DOCSIS event.

STATUS

Page 51

Hitron CGNM-2250 User’s Guide

3.7 The Wireless Screen

Use this screen to view general information about the CGNM-2250’s WiFi-related settings. You can modify many of the fields in this screen using the Wireless > Basic Setting screen;

Click Status > Wireless. The following screen displays.

Figure 18: The Status: Wireless Screen

see The Basic Settings Screen on page 74

STATUS

Page 52

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 15: The Status: Wireless Status Screen

2.4GHz Wireless Status

Wireless Status This field displays ON when the CGNM-2250’s 2.4 GHz

wireless network is active, and displays OFF when it is inactive.

Wireless Mode This displays the type of 2.4 GHz wireless network that

the CGNM-2250 is using.

Wireless Channel This displays the wireless channel on which the CGNM-

2250’s 2.4 GHz wireless network is transmitting and receiving.

5GHz Wireless Status

Wireless Status (5GHz)

Wireless Mode (5GHz)

Wireless Channel (5GHz)

SSID Overview (2.4GHz)

(SSID) This displays the 2.4 GHz wireless network’s Service

Broadcast SSID This field displays Enabled when the 2.4 GHz wireless

WMM This field displays Enabled when the 2.4 GHz wireless

Security Mode This displays the type of security the CGNM-2250’s 2.4

This field displays ON when the CGNM-2250’s 5 GHz wireless network is active, and displays OFF when it is inactive.

This displays the type of 5 GHz wireless network that the CGNM-2250 is using.

This displays the wireless channel on which the CGNM2250’s 5 GHz wireless network is transmitting and receiving.

Set Identifier. This is the name of the wireless network, to which wireless clients connect.

network’s SSID is being broadcast, and displays Disabled when it is not.

network, and displays Disabled when it is not.

GHz wireless network is currently using.

Security Key This displays the password for the CGNM-2250’s 2.4

GHz wireless network.

SSID Overview (5GHz)

(SSID) This displays the 5 GHz wireless network’s Service Set

Identifier. This is the name of the wireless network, to which wireless clients connect.

STATUS

Page 53

Hitron CGNM-2250 User’s Guide

Table 15: The Status: Wireless Status Screen (continued)

Broadcast SSID This field displays Enabled when the 5 GHz wireless

network’s SSID is being broadcast, and displays Disabled when it is not.

WMM This field displays Enabled when the 5 GHz wireless

network, and displays Disabled when it is not.

Security Mode This displays the type of security the CGNM-2250’s 5

GHz wireless network is currently using.

Security Key This displays the password for the CGNM-2250’s 5 GHz

wireless network.

Wireless Client This displays the wireless client of the CGNM-2250’s

wireless network.

Figure 19: Wireless Client List

MAC

AID

RSSI

DateRate

PhyMode

Channel

BandWidth

This displays the MAC (Media Access Control) address of each wireless client connected to the device’s wireless network.

This displays the AID (Association ID) of each wireless client connected to the device’s wireless network.

This field display the Received Signal Strength Indication from each wireless client connected to the device’s wireless network.

This displays the transfer speed of each wireless client connected to the device’s wireless network.

This displays the Physical Mode (IEEE 802.11a,b,g or n) of each wireless client connected to the device’s wireless network.

This displays the wireless channel on which the device is connected.

This displays the bandwidth (20/40MHz) of each wireless client connected to the device’s wireless network.

STATUS

Page 54

Hitron CGNM-2250 User’s Guide

Basic

This chapter describes the screens that display when you click Basic in the toolbar. It contains the following sections:

Basic Overview on page 54

The LAN Setup Screen on page 56

The Gateway Function Screen on page 59

The Port Forwarding Screen on page 60

The Port Triggering Screen on page 64

The DMZ Screen on page 67

The DNS Screen on page 69

4.1 Basic Overview

This section describes some of the concepts related to the Basic screens.

4.1.1 WAN and LAN

A Local Area Network (LAN) is a network of computers and other devices that usually occupies a small physical area (a single building, for example). Your CGNM-2250’s LAN consists of all the computers and other networking devices connected to the LAN 1~4 ports. This is your private network (in routing mode - see page 37).

Routing Mode on

BASIC

Page 55

Hitron CGNM-2250 User’s Guide

The LAN is a separate network from the Wide Area Network (WAN). In the case of the CGNM-2250, the WAN refers to all computers and other devices available on the cable connection.

By default, computers on the WAN cannot identify individual computers on the LAN; they can see only the CGNM-2250. The CGNM-2250 handles routing to and from individual computers on the LAN.

4.1.2 LAN IP Addresses and Subnets

IP addresses on the LAN are controlled either by the CGNM-2250’s built-in DHCP server (see assign IP addresses to your computers).

For more information about IP addresses and subnets in general, see The LAN Setup

Screen on page 56.

The LAN Setup Screen on page 56), or by you (when you manually

4.1.3 DNS and Domain Suffix

A domain is a location on a network, for instance example.com. On the Internet, domain names are mapped to the IP addresses to which they should refer by the Domain Name System. This allows you to enter “www.example.com” into your browser and reach the correct place on the Internet even if the IP address of the website’s server has changed.

Similarly, the CGNM-2250 allows you to define a Domain Suffix to the LAN. When you enter the domain suffix into your browser, you can reach the CGNM-2250 no matter what IP address it has on the LAN.

4.1.4 Debugging (Ping and Traceroute)

The CGNM-2250 provides a couple of tools to allow you to perform network diagnostics on the LAN:

Ping: this tool allows you to enter an IP address and see if a computer (or other

network device) responds with that address on the network. The name comes from the pulse that submarine SONAR emits when scanning for underwater objects, since the process is rather similar. You can use this tool to see if an IP address is in use, or to discover if a device (whose IP address you know) is working properly.

BASIC

Page 56

Hitron CGNM-2250 User’s Guide

Traceroute: this tool allows you to see the route taken by data packets to get

from the CGNM-2250 to the destination you specify. You can use this tool to solve routing problems, or identify firewalls that may be blocking your access to a computer or service.

4.1.5 Port Forwarding

Port forwarding allows a computer on your LAN to receive specific communications from the WAN. Typically, this is used to allow certain applications (such as gaming) through the firewall, for a specific computer on the LAN. Port forwarding is also commonly used for running a public HTTP server from a private network.

You can set up a port forwarding rule for each application for which you want to open ports in the firewall. When the CGNM-2250 receives incoming traffic from the WAN with a destination port that matches a port forwarding rule, it forwards the traffic to the LAN IP address and port number specified in the port forwarding rule.

NOTE: For information on the ports you need to open for a particular application,

consult that application’s documentation.

4.1.6 Port Triggering

Port triggering is a means of automating port forwarding. The CGNM-2250 scans outgoing traffic (from the LAN to the WAN) to see if any of the traffic’s destination ports match those specified in the port triggering rules you configure. If any of the ports match, the CGNM-2250 automatically opens the incoming ports specified in the rule, in anticipation of incoming traffic.

4.1.7 DMZ

In networking, the De-Militarized Zone (DMZ) is a part of your LAN that has been isolated from the rest of the LAN, and opened up to the WAN. The term comes from the military designation for a piece of territory, usually located between two opposing forces, that is isolated from both and occupied by neither.

4.2 The LAN Setup Screen

Use this screen to:

BASIC

Page 57

Hitron CGNM-2250 User’s Guide

View information about the CGNM-2250’s connection to the WAN

Configure the CGNM-2250’s LAN IP address, subnet mask and domain suffix

Configure the CGNM-2250’s internal DHCP server

Define how the CGNM-2250 assigns IP addresses on the LAN

See information about the network devices connected to the CGNM-2250 on the

LAN.

Click Basic > LAN Setup. The following screen displays.

Figure 20: The Basic: LAN Setup Screen

The following table describes the labels in this screen.

Table 16: The Basic: LAN Setup Screen

Private LAN Setting

Private LAN IP Address

Use this field to define the IP address of the CGNM2250 on the LAN.

BASIC

Page 58

Hitron CGNM-2250 User’s Guide

Table 16: The Basic: LAN Setup Screen (continued)

Subnet Mask Use this field to define the LAN subnet. Use dotted

decimal notation (for example, 255.255.255.0).

LAN DHCP Status Use this field to configure whether or not the CGNM-

2250’s DHCP server is active.

 To turn the DHCP server on, click Enabled.

 To turn the DHCP server off, click Disabled.

Lease Time This displays the time that elapses before your device’s

IP address lease expires, and a new IP address is assigned to it by the DHCP server.

DHCP Start IP Use this field to specify the IP address at which the

CGNM-2250 begins assigning IP addresses to devices on the LAN (when DHCP is enabled).

DHCP End IP Use this field to specify the IP address at which the

CGNM-2250 stops assigning IP addresses to devices on the LAN (when DHCP is enabled).

NOTE: Devices requesting IP addresses once the

DHCP pool is exhausted are not assigned an IP address.

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

Connected Devices

Host Name This displays the name of each network device

connected on the LAN.

IP Address This displays the IP address of each network device

connected on the LAN.

MAC Address This displays the Media Access Control (MAC) address

of each network device connected on the LAN.

Type This displays whether the device’s IP address was

assigned by DHCP (DHCP-IP), or self-assigned.

Interface This displays whether the device is connected on the

LAN (Ethernet) or the WLAN (Wireless(x), where x denotes the wireless mode; b, g or n).

BASIC

Page 59

Hitron CGNM-2250 User’s Guide

Table 16: The Basic: LAN Setup Screen (continued)

Status This displays Active when a device is connected.

Renew Click this to obtain the connected device’s information

again.

4.3 The Gateway Function Screen

Use this screen to configure gateway function. You can turn port triggering on or off and configure new and existing port triggering rules.

Click Basic > Gateway Function. The following screen displays.

Figure 21: The Basic: Gateway Function Screen

The following table describes the labels in this screen.

Table 17: The Basic: Gateway Function Screen

Residential Gateway Function

UPNP Use this field to turn UPNP on or off.

Save Changes Click this to save your changes to the fields in this screen.

Help Click this to see information about the fields in this screen.

Use this field to turn gateway function on or off.

Select Enabled to turn gateway function on.

Select Disabled to turn gateway function off.

Select Enabled to turn UPNP on.

Select Disabled to turn UPNP off.

BASIC

Page 60

Hitron CGNM-2250 User’s Guide

4.4 The Port Forwarding Screen

Use this screen to configure port triggering. You can turn port triggering on or off and configure new and existing port triggering rules.

Click Basic > Port Forwarding. The following screen displays.

Figure 22: The Basic: Port Forwarding Screen

The following table describes the labels in this screen.

Table 18: The Basic: Port Forwarding Screen

All Port Forwarding Rules Use this field to turn port forwarding on or off.

Select Enabled to turn all port forwarding rules on.

Select Disabled to turn all port forwarding rules off.

Port Forwarding Rules

Application Name This displays the name you assigned to the rule when

you created it.

Public This field displays the incoming port range. These are

the ports on which the CGNM-2250 received traffic from the originating host on the WAN.

Private This field displays the port range to which the CGNM-

2250 forwards traffic to the device on the LAN.

BASIC

Page 61

Hitron CGNM-2250 User’s Guide

Table 18: The Basic: Port Forwarding Screen (continued)

Protocol This field displays the protocol or protocols to which this

rule applies:

 Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Transmission Control Protocol and User Datagram

Protocol (TCP/UDP)

Generic Routing Encapsulation (GRE)

Encapsulating Security Protocol (ESP)

Local IP Address This displays the IP address of the computer on the LAN

to which traffic conforming to the rule’s conditions is forwarded.

Remote IP Address This displays the IP address range on the WAN from

which traffic is forwarded (if configured).

Status Use this field to turn port forwarding rule on or off.

Manage Use this field to Edit a port forwarding rule. Port

forwarding must first be set to Enabled. See Adding or

Editing a Port Forwarding Rule on page 61 for

information on the screen that displays.

Action Use this field to Delete a port forwarding rule. The

deleted rule’s information cannot be retrieved.

Add Rule Click this to define a new port forwarding rule. Port

forwarding must first be set to Enabled. See Adding or

Editing a Port Forwarding Rule on page 61 for

information on the screen that displays.

Save Changes Click this to save your changes to the fields in this

screen.

Help Click this to see information about the fields in this

screen.

4.4.1 Adding or Editing a Port Forwarding Rule

To add a new port forwarding rule, click Add Rule in the Basic > Port

Forwarding screen.

To edit an existing port forwarding rule, click Manage in the Basic > Port

Forwarding screen.

BASIC

Page 62

Hitron CGNM-2250 User’s Guide

NOTE: Ensure that Enabled is selected in the Basic > Port Forwarding screen in

order to add or edit port forwarding rules.

The following screen displays.

Figure 23: The Basic: Port Forwarding Add/Edit Screen

The following table describes the labels in this screen.

Table 19: The Basic: Port Forwarding Add/Edit Screen

Common Application Use this field to select the application for which you want

to create a port forwarding rule, if desired.

Application Name Enter a name for the application for which you want to

create the rule.

NOTE: This name is arbitrary, and does not affect

functionality in any way.

BASIC

Page 63

Hitron CGNM-2250 User’s Guide

Table 19: The Basic: Port Forwarding Add/Edit Screen

Protocol Use this field to specify whether the CGNM-2250 should

forward traffic via:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Transmission Control Protocol and User Datagram

Protocol (TCP/UDP)

Generic Routing Encapsulation (GRE)

Encapsulating Security Protocol (ESP)

NOTE: If in doubt, leave this field at its default (TCP/

UDP).

Public Port Range Use these fields to specify the incoming port range.

These are the ports on which the CGNM-2250 receives traffic from the originating host on the WAN.

Enter the start port number in the first field, and the end port number in the second field.

To specify only a single port, enter its number in both fields.

Private Port Range Use these fields to specify the ports to which the

received traffic should be forwarded.

Enter the start port number in the first field. The number of ports must match that specified in the Public Port Range, so the CGNM-2250 completes the second field automatically.

Local IP Address Use this field to enter the IP address of the computer on

the LAN to which you want to forward the traffic.

Remote IP Use this field to configure the IP address range on the

WAN from which traffic is forwarded.

Remote IP Range

Rule Status Use this field to turn port forwarding rule on or off.

Apply Click this to save your changes to the fields in this

screen.

Close Click this to return to the Port Forwarding screen

without saving your changes to the port forwarding rule.

BASIC

Page 64

Hitron CGNM-2250 User’s Guide

4.5 The Port Triggering Screen

Use this screen to configure port triggering. You can turn port triggering on or off and configure new and existing port triggering rules.

Click Basic > Port Triggering. The following screen displays.

Figure 24: The Basic: Port Triggering Screen

The following table describes the labels in this screen.

Table 20: The Basic: Port Triggering Screen

All Port Triggering Rules Use this field to turn all port triggering rules on or off.

Select Enabled to turn all port triggering rules on.

Select Disabled to turn all port triggering rules off.

Port Triggering Rules

Application Name This displays the arbitrary name you assigned to the

rule when you created it.

Trigger This displays the range of outgoing ports. When the

CGNM-2250 detects activity (outgoing traffic) on these ports from computers on the LAN, it automatically opens the Target ports.

Target This displays the range of triggered ports. These ports

are opened automatically when the CGNM-2250 detects activity on the Trigger ports from computers on the LAN.

Protocol This displays the protocol of the port triggering rule

(TCP, UDP or Both).

Timeout (ms) This displays the time (in milliseconds) after the CGNM-

2250 opens the Target ports that it should close them.

BASIC

Page 65

Hitron CGNM-2250 User’s Guide

Table 20: The Basic: Port Triggering Screen (continued)

Twoway Status Usually a port triggering rule works for two IP

addresses; when a rule is enabled, other IPs will also be allowed to use the rule as a trigger.

Status Use this field to turn the rule On or Off.

Manage Use this field to Edit a port triggering rule.

Action Use this field to Delete a port triggering rule.

Add Rule Click this to define a new port triggering rule. Port

triggering must first be set to Enabled. See Adding or

Editing a Port Triggering Rule on page 65 for

information on the screen that displays.

Save Changes Click this to save your changes to the fields in this

screen.

Help Click this to see information about the fields in this

screen.

4.5.1 Adding or Editing a Port Triggering Rule

To add a new port triggering rule, click Add Rule in the Basic > Port Triggering

screen.

To edit an existing port triggering rule, click Manage in the Basic > Port

Triggering screen.

NOTE: Ensure that Enabled is selected in the Basic > Port Triggering screen in

order to add or edit port triggering rules.

The following screen displays.

BASIC

Page 66

Hitron CGNM-2250 User’s Guide

Figure 25: The Basic: Port Triggering Add/Edit Screen

The following table describes the labels in this screen.

Table 21: The Basic: Port Triggering Add/Edit Screen

Application Name Enter a name for the application for which you want to

create the rule.

NOTE: This name is arbitrary, and does not affect

functionality in any way.

Trigger Port Range Use these fields to specify the trigger ports. When the

CGNM-2250 detects activity on any of these ports originating from a computer on the LAN, it automatically opens the Target ports in expectation of incoming traffic.

Enter the start port number in the first field, and the end port number in the second field.

To specify only a single port, enter its number in both fields.

BASIC

Page 67

Hitron CGNM-2250 User’s Guide

Table 21: The Basic: Port Triggering Add/Edit Screen

Target Port Range Use these fields to specify the target ports. The CGNM-

2250 opens these ports in expectation of incoming traffic whenever it detects activity on any of the Trigger ports. The incoming traffic is forwarded to these ports on the computer connected to the LAN.

Enter the start port number in the first field, and the end port number in the second field.

To specify only a single port, enter its number in both fields.

Protocol Use this field to specify whether the CGNM-2250 should

activate this trigger when it detects activity via:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Transmission Control Protocol and User Datagram

Protocol (Both)

NOTE: If in doubt, leave this field at its default (Both).

Timeout (ms) Enter the time (in milliseconds) after the CGNM-2250

opens the Target ports that it should close them.

Apply Click this to save your changes to the fields in this

screen.

Close Click this to return to the screen without saving your

changes to the port forwarding rule.

4.6 The DMZ Screen

Use this screen to configure your network’s Demilitarized Zone (DMZ).

NOTE: Only one device can be on the DMZ at a time.

Click Basic > DMZ. The following screen displays.

BASIC

Page 68

Hitron CGNM-2250 User’s Guide

Figure 26: The Basic: DMZ Screen

The following table describes the labels in this screen.

Table 22: The Basic: DMZ Screen

Enable DMZ Use this field to turn the DMZ on or off.

Select Enabled to turn the DMZ on.

Select Disabled to turn the DMZ off. Computers that

were previously in the DMZ are now on the LAN.

DMZ Host Enter the IP address of the computer that you want to

add to the DMZ.

Connected Devices Click this to see a list of the computers currently

connected to the CGNM-2250 on the LAN.

Figure 27: Connected Device Info

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

BASIC

Page 69

Hitron CGNM-2250 User’s Guide

4.7 The DNS Screen

Use this screen to configure your LAN DNS settings.

Click Basic > DNS. The following screen displays.

Figure 28: The Basic: DNS Screen

The following table describes the labels in this screen.

Table 23: The Basic: DNS Screen

LAN DNS Obtain Use this field to obtain the DNS automatically or

manually.

Select Auto to obtain the DNS automatically.

Select Manual to obtain the DNS manually.

LAN DNS Proxy Status Use this field to turn the DNS Proxy on or off.

Select Enabled to turn the DNS Proxy on.

Select Disabled to turn the DNS Proxy off.

Domain Suffix

Use this field to define the domain that you can enter into a Web browser (instead of an IP address) to reach the CGNM-2250 on the LAN.

BASIC

Page 70

Hitron CGNM-2250 User’s Guide

Table 23: The Basic: DNS Screen (continued)

Proxy Hostname1 Enter the Hostname of the computer that you want to

add to the DNS manually.

Proxy Hostname2 Enter the Hostname of the computer that you want to

add to the DNS manually.

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

BASIC

Page 71

Hitron CGNM-2250 User’s Guide

Wireless

This chapter describes the screens that display when you click Wireless in the toolbar. It contains the following sections:

Wireless Overview on page 71

The Basic Settings Screen on page 74

The Access Control Screen on page 84

5.1 Wireless Overview

This section describes some of the concepts related to the Wireless screens.

5.1.1 Wireless Networking Basics

Your CGNM-2250’s wireless network is part of the Local Area Network (LAN), known as the Wireless LAN (WLAN). The WLAN is a network of radio links between the CGNM-2250 and the other computers and devices that connect to it.

5.1.2 Architecture

The wireless network consists of two types of device: access points (APs) and clients.

The access point controls the network, providing a wireless connection to each

client.

The wireless clients connect to the access point in order to receive a wireless

connection to the WAN and the wired LAN.

WIRELESS

Page 72

Hitron CGNM-2250 User’s Guide

The CGNM-2250 is the access point, and the computers you connect to the CGNM2250 are the wireless clients.

5.1.3 Wireless Standards

The way in which wireless devices communicate with one another is standardized by the Institute of Electrical and Electronics Engineers (IEEE). The IEEE standards pertaining to wireless LANs are identified by their 802.11 designation. There are a variety of WLAN standards, but the CGNM-2250 supports the following (in order of adoption - old to new - and data transfer speeds - low to high):

IEEE 802.11b

IEEE 802.11g

IEEE 802.11n

5.1.4 Service Sets and SSIDs

Each wireless network, including all the devices that comprise it, is known as a Service Set.

NOTE: Depending on its capabilities and configuration, a single wireless access

point may control multiple Service Sets; this is often done to provide different service or security levels to different clients.

Each Service Set is identified by a Service Set IDentifier (SSID). This is the name of the network. Wireless clients must know the SSID in order to be able to connect to the AP. You can configure the CGNM-2250 to broadcast the SSID (in which case, any client who scans the airwaves can discover the SSID), or to “hide” the SSID (in which case it is not broadcast, and only users who already know the SSID can connect).

WIRELESS

Page 73

Hitron CGNM-2250 User’s Guide

5.1.5 Wireless Security

Radio is inherently an insecure medium, since it can be intercepted by anybody in the coverage area with a radio receiver. Therefore, a variety of techniques exist to control authentication (identifying who should be allowed to join the network) and encryption (signal scrambling so that only authenticated users can decode the transmitted data). The sophistication of each security method varies, as does its effectiveness. The CGNM-2250 supports the following wireless security protocols (in order of effectiveness):

WEP (the Wired Equivalency Protocol): this protocol uses a series of “keys” or

data strings to authenticate the wireless client with the AP, and to encrypt data sent over the wireless link. WEP is a deprecated protocol, and should only be used when it is the only security standard supported by the wireless clients. WEP provides only a nominal level of security, since widely-available software exists that can break it in a matter of minutes.

WPA-PSK (WiFi Protected Access - Pre-Shared Key): WPA was created to

solve the inadequacies of WEP. There are two types of WPA: the “enterprise” version (known simply as WPA) requires the use of a central authentication database server, whereas the “personal” version (supported by the CGNM-

2250) allows users to authenticate using a “pre-shared key” or password instead. While WPA provides good security, it is still vulnerable to “brute force” password-guessing attempts (in which an attacker simply barrages the AP with join requests using different passwords), so for optimal security it is advised that you use a random password of thirteen characters or more, containing no “dictionary” words.

WPA2-PSK: WPA2 is an improvement on WPA. The primary difference is that

WPA uses the Temporal Key Integrity Protocol (TKIP) encryption standard (which has been shown to have certain possible weaknesses), whereas WPA2 uses the stronger Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP), which has received the US government’s seal of approval for communications up to the Top Secret security level. Since WPA2-PSK uses the same pre-shared key mechanism as WPA-PSK, the same caveat against using insecure or simple passwords applies.

5.1.5.1 WPS

WiFi-Protected Setup (WPS) is a standardized method of allowing wireless devices to quickly and easily join wireless networks, while maintaining a good level of security. The CGNM-2250 provides two methods of WPS authentication:

WIRELESS

Page 74

Hitron CGNM-2250 User’s Guide

Push-Button Configuration (PBC): when the user presses the PBC button on

the AP (either a physical button, or a virtual button in the GUI), any user of a wireless client that supports WPS can press the corresponding PBC button on the client within two minutes to join the network.

Personal Identification Number (PIN) Configuration: all WPS-capable

devices possess a PIN (usually to be found printed on a sticker on the device’s housing). When you configure another device to use the same PIN, the two devices authenticate with one another.

Once authenticated, devices that have joined a network via WPS use the WPA2 security standard.

5.1.6 WMM

WiFi MultiMedia (WMM) is a Quality of Service (QoS) enhancement that allows prioritization of certain types of data over the wireless network. WMM provides four data type classifications (in priority order; highest to lowest):

Voice

Video

Best effort

Background

If you wish to improve the performance of voice and video (at the expense of other, less time-sensitive applications such as Internet browsing and FTP transfers), you can enable WMM. You can also edit the WMM QoS parameters, but are disadvised to do so unless you have an extremely good reason to make the changes.

5.2 The Basic Settings Screen

Use this screen to configure your CGNM-2250’s basic 2.4GHz and 5GHz wireless settings. You can turn the wireless modules on or off, select the wireless mode and channel, and configure the wireless networks’ SSID settings.

The CGNM-2250 has separate concurrent dual band 2.4GHz and 5GHz wireless networks:

WIRELESS

Page 75

Hitron CGNM-2250 User’s Guide

To configure the CGNM-2250’s 2.4GHz wireless network, click Wireless >

Basic Settings, then click the 2.4G tab. See 2.4G Settings on page 75 for

information on the screen that displays.

To configure the CGNM-2250’s 5GHz wireless network, click Wireless > Basic

Settings, then click the 5G tab. See 5G Settings on page 78 for information on

the screen that displays.

5.2.1 2.4G Settings

Use this screen to configure the CGNM-2250’s 2.4GHz wireless network.

Click Wireless > Basic Settings, then click the 2.4G tab. The following screen displays.

Figure 29: The Wireless: Basic Settings Screen (2.4G)

WIRELESS

Page 76

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 24: The Wireless: Basic Settings Screen (2.4G)

Basic Settings

Wireless Enabled Use this field to turn the 2.4GHz wireless network on or

off.

Select ON to enable the wireless network.

Select OFF to disable the wireless network.

Wireless Mode Select the type of 2.4GHz wireless network that you

want to use:

802.11 B/G Mixed: use IEEE 802.11b and 802.11n

802.11 11N Only: use IEEE 802.11n

802.11 B/G/N Mixed: use IEEE 802.11b, 802.11g

and 802.11n

802.11 G/N Mixed: use IEEE 802.11g and 802.11n

NOTE: Only wireless clients that support the network

protocol you select can connect to the wireless network. If in doubt, use 11B/G/N (default).

Wireless Channel Select the 2.4GHz wireless channel that you want to

use, or select Auto to have the CGNM-2250 select the optimum channel to use.

NOTE: Use the Auto setting unless you have a specific

reason to do otherwise.

WPS Enabled Use this field to turn Wifi Protected Setup (WPS) on or

off on the 2.4GHz network.

Select ON to enable WPS.

Deselect OFF to disable WPS.

Multiple SSID Settings

Primary SSID Click this to view settings for the main 2.4GHz SSID.

Network Name (SSID) Enter the name that you want to use for this SSID. This

is the name that identifies your network, and to which wireless clients connect.

NOTE: It is suggested that you change the SSID from

its default, for security reasons.

WIRELESS

Page 77

Hitron CGNM-2250 User’s Guide

Table 24: The Wireless: Basic Settings Screen (2.4G) (continued)

Enable Use this field to enable or disable the SSID.

Select ON to enable the SSID.

Deselect OFF to disable the SSID.

Broadcast SSID Use this field to make this SSID visible or invisible to

other wireless devices.

Select ON if you want your network name (SSID) to

be public. Anyone with a wireless device in the coverage area can discover the SSID, and attempt to connect to the network.

Select OFF if you do not want the CGNM-2250 to

broadcast the network name (SSID) to all wireless devices in the coverage area. Anyone who wants to connect to the network must know the SSID.

WMM (QoS) Use this field to apply WiFi MultiMedia (WMM) Quality of

Service (QoS) settings to this SSID.

Select ON to enable WMM QoS on this SSID.

Select OFF to disable WMM QoS on this SSID.

Security Mode Select the type of security that you want to use.

Select Open to use no security. Anyone in the

coverage area can enter your network.

Select WEP to use the Wired Equivalent Privacy

security protocol.

Select WPA to use the WiFi Protected Access

(Personal) security protocol.

Select WPA2 to use the WiFi Protected Access 2

(Personal) security protocol.

Select WPA/WPA2 to use both the WPA and the

WPA2 security protocols; clients that support WPA2 connect using this protocol, whereas those that support only WPA connect using this protocol.

NOTE: Due to inherent security vulnerabilities, it is

suggested that you use WEP only if it is the only security protocol your wireless clients support. Under almost all circumstances, you should use one of the WPA options.

WIRELESS

Page 78

Hitron CGNM-2250 User’s Guide

Table 24: The Wireless: Basic Settings Screen (2.4G) (continued)

Auth Mode Select the type of security authentication the device

should use.

Encryption Mode

Pass Phrase Enter the security key or password that you want to use

Select the type of encryption you want to use. The options that display depend on the Security Mode you selected.

WEP:

Select WEP64 to use a ten-digit security key.

Select WEP128 to use a twenty-six-digit security

key.

WPA, WPA2 and WPA/WPA2:

Select TKIP to use the Temporal Key Integrity

Protocol.

Select AES to use the Advanced Encryption

Standard.

Select TKIP/AES to allow clients using either

encryption type to connect to the CGNM-2250.

for your wireless network. You will need to enter this key into your wireless clients in order to allow them to connect to the network.

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

5.2.2 5G Settings

Use this screen to configure the CGNM-2250’s 5GHz wireless network.

Click Wireless > Basic Settings, then click the 5G tab. The following screen displays.

WIRELESS

Page 79

Hitron CGNM-2250 User’s Guide

Figure 30: The Wireless: Basic Settings Screen (5G)

The following table describes the labels in this screen.

Table 25: The Wireless: Basic Settings Screen (5G)

Basic Settings

Wireless Enabled Use this field to turn the 5GHz wireless network on or

off.

Select ON to enable the wireless network.

Select OFF to disable the wireless network.

WIRELESS

Page 80

Hitron CGNM-2250 User’s Guide

Table 25: The Wireless: Basic Settings Screen (5G) (continued)

Wireless Mode Select the type of 5GHz wireless network that you want

to use:

802.11n 5g: use IEEE 802.11n 5GHz.

NOTE: At the time of writing IEEE 802.11n is the only

5GHz network type available.

NOTE: Only wireless clients that support the network

protocol you select can connect to the wireless network.

Channel Bandwidth Select the 5GHz wireless channel bandwidth that you want

to use.

Wireless Channel Select the 5GHz wireless channel that you want to use,

or select Auto to have the CGNM-2250 select the optimum channel to use.

NOTE: Use the Auto setting unless you have a specific

reason to do otherwise.

WPS Enabled Use this field to turn WiFi Protected Setup (WPS) on or

off on the 5GHz network.

Select ON to enable WPS.

Deselect OFF to disable WPS.

Multiple SSID Settings

Multiple SSID Click this to view settings for the main 5GHz SSID.

Network Name (SSID) Enter the name that you want to use for this SSID. This

is the name that identifies your network, and to which wireless clients connect.

NOTE: It is suggested that you change the SSID from

its default, for security reasons.

Enable Use this field to enable or disable the SSID.

Select ON to enable the SSID.

Deselect OFF to disable the SSID.

WIRELESS

Page 81

Hitron CGNM-2250 User’s Guide

Table 25: The Wireless: Basic Settings Screen (5G) (continued)

Broadcast SSID Use this field to make this SSID visible or invisible to

other wireless devices.

Select ON if you want your network name (SSID) to

be public. Anyone with a wireless device in the coverage area can discover the SSID, and attempt to connect to the network.

Select OFF if you do not want the CGNM-2250 to

broadcast the network name (SSID) to all wireless devices in the coverage area. Anyone who wants to connect to the network must know the SSID.

WMM (QoS) Use this field to apply WiFi MultiMedia (WMM) Quality of

Service (QoS) settings to this SSID.

Select ON to enable WMM QoS on this SSID.

Select OFF to disable WMM QoS on this SSID.

Security Mode Select the type of security that you want to use.

Select Open to use no security. Anyone in the

coverage area can enter your network.

Select WEP to use the Wired Equivalent Privacy

security protocol.

Select WPA to use the WiFi Protected Access

(Personal) security protocol.

Select WPA2 to use the WiFi Protected Access 2

(Personal) security protocol.

Select WPA/WPA2 to use both the WPA and the

WPA2 security protocols; clients that support WPA2 connect using this protocol, whereas those that support only WPA connect using this protocol.

NOTE: Due to inherent security vulnerabilities, it is

suggested that you use WEP only if it is the only security protocol your wireless clients support. Under almost all circumstances, you should use one of the WPA options.

Auth Mode Select the type of security authentication the device

should use.

WIRELESS

Page 82

Hitron CGNM-2250 User’s Guide

Table 25: The Wireless: Basic Settings Screen (5G) (continued)

Encryption Mode

Select the type of encryption you want to use. The options that display depend on the Security Mode you selected.

WEP:

Select WEP64 to use a ten-digit security key.

Select WEP128 to use a twenty-six-digit security

key.

WPA, WPA2 and WPA/WPA2:

Select TKIP to use the Temporal Key Integrity

Protocol.

Select AES to use the Advanced Encryption

Standard.

Select TKIP/AES to allow clients using either encryption type to connect to the CGNM-2250.

Pass Phrase Enter the security key or password that you want to use

for your wireless network. You will need to enter this key into your wireless clients in order to allow them to connect to the network.

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

5.2.3 WPS

Use this screen to manage WiFi Protected Setup (WPS).

NOTE: It is strongly recommended that you set up security on your network;

otherwise, anyone in the radio coverage area can access your network.

Click Wireless > Basic Settings, then click the WPS tab. The following screen displays.

WIRELESS

Page 83

Hitron CGNM-2250 User’s Guide

Figure 31: The Wireless: Basic Settings Screen (WPS)

The following table describes the labels in this screen.

Table 26: The Wireless: Basic Settings Screen (WPS)

WPS Settings

WPS Method Use these buttons to run WiFi Protected Setup (WPS):

Click the PBC button and then Push Button to begin

the Push-Button Configuration process. You must then press the PBC button on your client wireless devices within two minutes in order to register them on your wireless network.

Click the PIN button to begin the PIN configuration

process. In the screen that displays, enter the WPS PIN that you want to use for the CGNM-2250, or the WPS PIN of the client device you want to add to the network.

WPS Status This displays whether or not the CGNM-2250 is using

WiFi Protected Setup.

WPS Configure Status

WPS Configure Status (5G)

Help Click this to see information about the fields in this

This displays the WiFi Protected Setup configuration for the wireless network.

This displays the WiFi Protected Setup configuration for the 5G wireless network.

screen.

WIRELESS

Page 84

Hitron CGNM-2250 User’s Guide

5.3 The Access Control Screen

Use this screen to configure Media Access Control (MAC) address filtering on the wireless network.

NOTE: To configure MAC address filtering on the wired LAN, see The Device Filter

Screen on page 100.

You can set the CGNM-2250 to allow only certain devices to access the CGNM-2250 and the network wirelessly, or to deny certain devices access.

Click Wireless > Access Control. The following screen displays.

Figure 32: The Wireless: Access Control Screen

The following table describes the labels in this screen.

Table 27: The Wireless: Access Control Screen

Connected Devices

Host Name This displays the name of each network device that has

connected to the CGNM-2250 on the wireless network.

IP Address This displays the IP address of each network device that

has connected to the CGNM-2250 on the wireless network.

MAC Address This displays the MAC address of each network device

that has connected to the CGNM-2250 on the wireless network.

WIRELESS

Page 85

Hitron CGNM-2250 User’s Guide

Table 27: The Wireless: Access Control Screen (continued)

Type This displays whether the device’s IP address was

assigned by DHCP (DHCP-IP), or self-assigned.

Interface This displays the name of the interface on which the

relevant device is connected.

Status This displays if the device filter is active or not.

Action Click Manage to make changes to the device’s filtering

status; see Adding or Editing a Managed Device on page 86 for information on the screen that displays.

Managed Devices

Block Rules Use these buttons to control the action to be taken for

the devices listed:

Select Allow All to ignore the Devices list and let

all devices connect wirelessly to the CGNM-2250.

Select Allow to permit only devices you added to

the Devices list to access the CGNM-2250 and the network wirelessly. All other devices are denied access.

Select Deny to permit all devices except those you

added to the Devices list to access the CGNM2250 and the network wirelessly. The specified devices are denied access.

Host Name This field displays the name of the wireless device.

MAC Address This field displays the device’s MAC (Media Access

Control) address.

Action Click Manage to make changes to the device’s filtering

status; see Adding or Editing a Managed Device on page 86 for information on the screen that displays.

Save Changes Click this to save your changes to the fields in this

screen.

Add Managed Device Click this to add a new service filtering rule (see Adding or

Editing a Managed Device on page 86

Help Click this to see information about the fields in this

screen.

WIRELESS

Page 86

Hitron CGNM-2250 User’s Guide

5.3.1 Adding or Editing a Managed Device

To add a new managed device, click Add Managed Device in the Wireless >

Access Control screen.

To edit an existing managed device, locate the device in the Wireless > Access

Control screen and click its Manage button.

The following screen displays.

Figure 33: The Wireless: Access Control Add/Edit Screen

The following table describes the labels in this screen.

Table 28: The Wireless: Access Control Add/Edit Screen

Host Name Enter the name of the wireless device.

MAC Address Enter the device’s MAC (Media Access Control)

address.

Device Managed Use this field to define whether the device should have

its access privileges filtered or not.

Click Yes to filter the device’s access privileges.

Click No not to filter the device’s access privileges.

Apply Click this to save your changes to the fields in this

screen.

Close Click this to return to the Wireless Access Control

screen without saving your changes to the rule.

WIRELESS

Page 87

Hitron CGNM-2250 User’s Guide

Admin

This chapter describes the screens that display when you click Admin in the toolbar. It contains the following sections:

Admin Overview on page 87

The Management Screen on page 88

The Remote Management Screen on page 89

The Diagnostics Screen on page 91

The Backup Screen on page 92

The USB Storage Screen on page 93

The Device Reset Screen on page 94

6.1 Admin Overview

This section describes some of the concepts related to the Admin screens.

6.1.1 Debugging (Ping and Traceroute)

The CGNM-2250 provides a couple of tools to allow you to perform network diagnostics on the LAN:

ADMIN

Page 88

Hitron CGNM-2250 User’s Guide

Ping: this tool allows you to enter an IP address and see if a computer (or other

Traceroute: this tool allows you to see the route taken by data packets to get

from the CGNM-2250 to the destination you specify. You can use this tool to solve routing problems, or identify firewalls that may be blocking your access to a computer or service.

6.2 The Management Screen

Use this screen to make changes to the CGNM-2250’s login credentials (username and password).

NOTE: If you forget your password, you will need to reset the CGNM-2250 to its

factory defaults.

Click Admin > Management. The following screen displays.

Figure 34: The Admin: Management Screen

ADMIN

Page 89

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 29: The Admin: Management Screen

Username If your CGNM-2250 supports multiple user accounts,

select the account you want to modify from the list.

Old Password Enter the password with which you currently log into the

CGNM-2250 for this account.

New Password Enter and re-enter the password you want to use to log

Confirm New Password

Idle Time Use this to set your CGNM-2250’s idle time

Save Changes Click this to save your changes to the fields in this

Cancel Click this to return the fields in this screen to their last-

into the CGNM-2250 for this account.

screen.

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

6.3 The Remote Management Screen

Use this screen to back up your CGNM-2250’s settings to your computer, to load settings from a backup you created earlier, to reboot your CGNM-2250, or to return it to its factory default settings.

Click Admin > Remote Management. The following screen displays.

ADMIN

Page 90

Hitron CGNM-2250 User’s Guide

Figure 35: The Admin: Remote Management Screen

The following table describes the labels in this screen.

Table 30: The Admin: Remote Management Screen

Remote Management

Protocol Use this field to enable/disable remote control protocols

and ports on CGNM.

 HyperText Transfer Protocol (HTTP)

HyperText Transfer Protocol Secure (HTTPS)

Telnet

ON/OFF Use this field to enable/disable each protocol.

Port Use this field to specify which port to use with each

protocol.

Remote IP Range

Remote Range Allow All

IP Start Use this field to enter the start IP.

IP End Use this field to enter the end IP.

This function allows you to grant access to a certain range of IP addresses or all IP addresses.

Action

Save Changes Click this to save your changes to the fields in this

Use this field to Delete a port forwarding rule. The deleted rule’s information cannot be retrieved.

screen.

ADMIN

Page 91

Hitron CGNM-2250 User’s Guide

Table 30: The Admin: Remote Management Screen (continued)

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

6.4 The Diagnostics Screen

Use this screen to perform ping and traceroute tests on IP addresses or URLs.

Click Admin > Diagnostics. The following screen displays.

Figure 36: The Admin: Diagnostics Screen

The following table describes the labels in this screen.

Table 31: The Admin: Diagnostics Screen

Destination (IP or Domain)

Ping Select the type of test that you want to run on the

Traceroute

Result This field displays a report of the test most recently

Enter the IP address or URL that you want to test.

Destination that you specified.

performed.

ADMIN

Page 92

Hitron CGNM-2250 User’s Guide

Table 31: The Admin: Diagnostics Screen (continued)

Apply Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

6.5 The Backup Screen

Use this screen to back up your CGNM-2250’s settings to your computer, to load settings from a backup you created earlier, to reboot your CGNM-2250, or to return it to its factory default settings.

Click Admin > Backup. The following screen displays.

Figure 37: The Admin: Backup Screen

The following table describes the labels in this screen.

Table 32: The Admin: Backup Screen

Back Up Your Settings Locally

Restore Settings From a Local File

Click this to create a backup of all your CGNM-2250’s settings on your computer.

Use these fields to return your CGNM-2250’s settings to those specified in a backup that you created earlier.

Click Browse to select a backup, then click Restore to return your CGNM-2250’s settings to those specified in the backup.

ADMIN

Page 93

Hitron CGNM-2250 User’s Guide

Table 32: The Admin: Backup Screen (continued)

Reboot Device Click Reboot to restart your CGNM-2250.

Restore Factory Default Settings

Click Factory to return your CGNM-2250 to its factory default settings.

When you do this, all your user-configured settings are lost, and cannot be retrieved.

6.6 The USB Storage Screen

Use this screen to configure your CGNM-2250’s USB settings.

Click Admin >USB Storage. The following screen displays.

Figure 38: The Admin: USB Storage Screen

The following table describes the labels in this screen.

Table 33: The Admin: USB Storage Screen

Shared Status

Disk

Action Click Eject to remove the shared disk.

Use this field to select whether the shared status of USB be active or not.

Select Enabled to activate the shared status.

Select Disabled to deactivate the

This displays the arbitrary identification number assigned to the shared disk.

This displays the network path of the shared disk.

shared status.

ADMIN

Page 94

Hitron CGNM-2250 User’s Guide

Table 33: The Admin: USB Storage Screen (continued)

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

6.7 The Device Reset Screen

Use this screen to back up your CGNM-2250’s settings to your computer, to load settings from a backup you created earlier, to reboot your CGNM-2250, or to return it to its factory default settings.

Click Admin > Device Reset. The following screen displays.

Figure 39: The Admin: Device Reset Screen

The following table describes the labels in this screen.

Table 34: The Admin: Device Reset Screen

Reboot Device Click Reboot to restart your CGNM-2250.

Restore Factory Default Settings

Click Factory Reset to return your CGNM-2250 to its factory default settings.

When you do this, all your user-configured settings are lost, and cannot be retrieved.

Help Click this to see information about the fields in this screen.

ADMIN

Page 95

Hitron CGNM-2250 User’s Guide

Security

This chapter describes the screens that display when you click Security in the toolbar. It contains the following sections:

Security Overview on page 95

The Firewall Screen on page 96

The Service Filter Screen on page 99

The Device Filter Screen on page 104

The Keyword Filter Screen on page 108

7.1 Security Overview

This section describes some of the concepts related to the Security screens.

7.1.1 Firewall

The term “firewall” comes from a construction technique designed to prevent the spread of fire from one room to another. Similarly, your CGNM-2250’s firewall prevents intrusion attempts and other undesirable activity originating from the WAN, keeping the computers on your LAN safe. You can also use filtering techniques to specify the computers and other devices you want to allow on the LAN, and prevent certain traffic from going from the LAN to the WAN.

SECURITY

Page 96

Hitron CGNM-2250 User’s Guide

7.1.2 Device Filtering

Every networking device has a unique Media Access Control (MAC) address that uniquely identifies it on the network. When you enable MAC address filtering on the CGNM-2250’s firewall, you can set up a list of devices, identified by their MAC addresses, and then specify whether you want to:

Deny the devices on the list access to the CGNM-2250 and the network (in

which case all other devices can access the network)

Allow the devices on the list to access the network (in which case no other

devices can access the network).

7.1.3 Service Filtering

Service filtering is a way of preventing users on the LAN from connecting with devices on the WAN via specific services, protocols or applications. It achieves this by permitting or denying traffic from the LAN to pass to the WAN, based on the target port.

7.2 The Firewall Screen

Use this screen to turn firewall features on or off and to allow or permit certain applications and protocols. You can select the level of firewall protection from predefined options, or create a custom protection profile.

NOTE: To block specific ports, use the Service Filter screen (see The Service Filter

Screen on page 99).

Click Security > Firewall. The following screen displays.

SECURITY

Page 97

Figure 40: The Security: Firewall Screen

Hitron CGNM-2250 User’s Guide

SECURITY

Page 98

Hitron CGNM-2250 User’s Guide

The following table describes the labels in this screen.

Table 35: The Security: Firewall Screen

Firewall Level Select the level of firewall protection that you want to

apply to your LAN. Details about the protection level display beneath the buttons.

(Security Level) These fields describe the specific protocols and

applications that are permitted or denied by the firewall security level you select.

When you select Custom in the Firewall Level field, additional fields display that allow you to toggle specific features on or off:

Entire Firewall: select ON to enable firewall

security protection, or select OFF to disable it (not recommended).

HTTP: use this field to Allow or Deny HyperText

Transfer Protocol traffic.

ICMP: use this field to Allow or Deny Internet

Control Message Protocol traffic.

Multicast: use this field to Allow or Deny multicast

traffic (sent to multiple devices at once).

P2P: use this field to Allow or Deny peer-to-peer

traffic (such as BitTorrent).

Ident: use this field to Allow or Deny Identification

protocol traffic. The Identification protocol allows remote hosts to request identifying information about users of a device.

Save Changes Click this to save your changes to the fields in this

screen.

Cancel Click this to return the fields in this screen to their last-

saved values without saving your changes.

Help Click this to see information about the fields in this

screen.

SECURITY

Page 99

Hitron CGNM-2250 User’s Guide

7.3 The Service Filter Screen

Use this screen to configure service filtering. You can turn service filtering on or off and configure new and existing service filtering rules.

Click Security > Service Filter. The following screen displays.

Figure 41: The Security: Service Filter Screen

The following table describes the labels in this screen.

Table 36: The Security: Service Filter Screen

Managed Services

Filter Enabled Use this field to turn service filtering on or off.

Select Enabled to turn service filtering on.

Select Disabled to turn service filtering off.

Host Name This displays the name you assigned to the filtering rule

when you created it.

Protocol This field displays the protocol or protocols to which this

filtering rule applies:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

SECURITY

Page 100

Hitron CGNM-2250 User’s Guide

Table 36: The Security: Service Filter Screen (continued)

Port Range This displays the start and end port for which this

filtering rule applies.

Managed Weekdays This displays the days of the week on which this rule

applies.

Managed Time This displays the start (From) and end (To) of the time

period during which this rule applies, on the specified Managed Weekdays.

Status This displays the status of a service filter rule.

Manage Click Manage to make changes to a port blocking rule

(see Adding or Editing a Service Filter Rule on page

101).

Action Click Delete to remove the existing service filter from the

list.

NOTE: The deleted rule’s information cannot be

retrieved.

Add Managed Service Click this to add a new service filtering rule (see Adding

or Editing a Service Filter Rule on page 101).

Save Changes Click this to save your changes to the fields in this

screen.

Help Click this to see information about the fields in this

screen.

Trust PC List

Host Name This displays the name of the trust device connected.

IP Address This displays the IP address of the trust network device

connected.

Status This displays whether or not the service filter rule is

enabled to the trust device connected.

Manage

Action Click Delete to remove the existing trust device from the

Click Manage to make changes to the trust device’s service filter status

on page 103).

list.

(see Adding or Editing a Trust PC List

Add Trust Device

Save Changes Click this to save your changes to the fields in this screen.

Help Click this to see information about the fields in this screen.

100

Click this to add a new Trust Device.

Editing a Trust PC List on page 103).

(see Adding or

SECURITY