Huawei EA280-135 Users Manual

eA280 Series LTE CPE

User Guide

Issue 01 Date 2016-11-08

HUAWEI TECHNOLOGIES CO., LTD.

No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice

The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base

Bantian, Longgang Shenzhen 518129

People's Republic of China Website: http://www.huawei.com Email: support@huawei.com

Issue 01 (2016-11-08)

Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide About This Document

About This Document

Overview

This document describes the hardware, functions, installation, configuration, upgrade, operation and maintenance (OM) of the eA280 series customer premises equipment (LTE CPE).

Product Version

Product Name Product Version

eA280-135 V100R001

Intended Audience

This document is intended for:



System engineers



Product engineers



Technical support engineers

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide Contents

Contents

About This Document .................................................................................................................... ii

1 Overview ......................................................................................................................................... 1

1.1 Product Introduction ......................................................................................................................................... 1

1.2 Application Scenarios ....................................................................................................................................... 2

1.3 Hardware Specifications .................................................................................................................................. 3

1.4 Antenna Specifications ..................................................................................................................................... 6

1.5 Software Specifications .................................................................................................................................... 7

1.6 Product Security ............................................................................................................................................... 9

1.6.1 Network Security .................................................................................................................................... 9

1.6.2 Application Security .............................................................................................................................. 10

1.7 Device Ports ................................................................................................................................................... 11

1.7.1 Web Port ................................................................................................................................................ 11

1.7.2 USB Port ............................................................................................................................................... 11

1.7.3 TR-069 Port .......................................................................................................................................... 14

1.7.4 Voice Interface ...................................................................................................................................... 15

2 Hardware ...................................................................................................................................... 16

2.1 eA280 Hardware ............................................................................................................................................ 16

3 Getting Start ................................................................................................................................. 20

3.1 Installing the Micro SIM Card ....................................................................................................................... 20

3.2 Connecting to the Power Adapter ................................................................................................................... 21



4 Configuration Introduction....................................................................................................... 22

4.1 Logging In to the WebUI ................................................................................................................................ 22

4.2 NAT Settings .................................................................................................................................................. 22

4.3 DHCP Relay ................................................................................................................................................... 23

4.4 VoIP ................................................................................................................................................................ 28

4.5 Profile Management ....................................................................................................................................... 30

4.6 TR-069 Setting ............................................................................................................................................... 31

4.7 Security Settings ............................................................................................................................................. 32

4.7.1 Firewall Settings ................................................................................................................................... 32

4.7.2 LAN IP Address Filtering ..................................................................................................................... 32

4.7.3 MAC Address Filtering ......................................................................................................................... 33

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

iii



eA280 Series LTE CPE User Guide Contents

4.7.4 Domain Name Filtering ........................................................................................................................ 33



5 Update Introduction ................................................................................................................... 34

5.1 Local Update .................................................................................................................................................. 34

5.2 Online Update ................................................................................................................................................ 34

5.3 TR069 eSight Update ..................................................................................................................................... 35

5.3.1 Firmware Version .................................................................................................................................. 35

5.3.2 Upgrade Management ........................................................................................................................... 35

6 Maintenance ................................................................................................................................. 37

6.1 Maintenance Preparation ................................................................................................................................ 37

6.2 Fault Diagnosis ............................................................................................................................................... 37

7 FAQs .............................................................................................................................................. 39

7.1 What Do I Do If the WebUI Fails to Be Opened? .......................................................................................... 39

7.2 What Do I Do When the Power Indicator Is Not Working? ........................................................................... 39

7.3 What Do I Do When the Data Service Is Not Provided? ................................................................................ 40

8 Privacy and Security ................................................................................................................... 41

8.1 Privacy Policy ................................................................................................................................................ 41

8.2 Security Maintenance ..................................................................................................................................... 41

8.3 Performing Default Security Configuration ................................................................................................... 41



9 Acronyms and Abbreviations ................................................................................................... 43



Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

About This Chapter

This chapter describes the functions, applications, product security and specifications of the product.

1.1 Product Introduction

HUAWEI eA280 is a piece of customer premises equipment (CPE) that functions as the long term evolution (LTE) wireless gateway. It implements the conversion between LTE wireless data and wired Ethernet data and supports data backhaul. The eA280 series can be used independently and deployed outdoors.

The eA280 V100R001 CPEs support LTE Release 11/12. The eA280 provides the following functions:



Data services

The eA280 series use LTE broadband technologies to support high-speed broadband network access, data backhaul, and video surveillance.



Voice services

The eA280 provides two telephone ports to which users can connect telephones to implement basic voice functions and supplement voice functions.



Security services

The eA280 series support the firewall and PIN password, which protects your computers when you access the Internet.



Firewall services

The eA280 series support the following firewall services:

−

Firewall switch: enables or disables firewalls.

−

LAN Media access control (MAC) address filtering: prevents specified MAC addresses on a LAN from accessing the network.

−

LAN IP address filtering: prevents specified IP addresses on a LAN from accessing

the network.

−

URL filtering: prevents computers from accessing certain URLs.



Local and remote management and maintenance

Overview

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

The eA280 series can be locally configured in the local city to implement device management and network configuration, thereby ensuring stable operation of the device.

1.2 Application Scenarios

The eA280 series are mainly intended to provide users with wireless broadband data access services for wISP（Wireless Internet Service Provider） market.

The eA280 provides LTE-TDD and LTE-FDD band7 wireless routing and translating LTE wireless data into wired Ethernet data, and vice versa.

The eA280 can simultaneously set up wireless connections with 64 Wi-Fi devices (32 devices for 2.4 GHz and 32 for 5 GHz) and establish a local area network (LAN) by connecting to concentrators and switches.

Figure 1-1 eA280 connected to multiple devices

The eA280 provides one telephone interface. You can connect a telephone to achieve the basic voice capabilities.

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

Figure 1-2 eA280 connected to telephones (optional)

1.3 Hardware Specifications

Table 1-1 describes the technical specifications of the eA280.

Table 1-1 Technical specifications of the eA280

Item Description

Technical standards

Working bands eA280-135:LTE TDD (2570 MHz to 2620 MHz)

WAN: LTE 3GPP Release 11/12

LAN: IEEE 802.3/802.3u

IEEE 802.11b/g/n, 802.11a/n/ac



2.4 GHz (802.11b/g/n): 2.400 GHz to 2.4835 GHz



5 GHz (802.11a/n/ac): 5.150 GHz to 5.850 GHz

LTE TDD (2300 MHz to 2400 MHz)

LTE TDD (2496 MHz to 2690 MHz)

LTE FDD (2500 MHz to 2570 MHz (UL)/

2620 MHz to 2690 MHz (DL)

LTE TDD (3400 MHz to 3600 MHz)

LTE TDD (3600 MHz to 3800 MHz)

External ports One power port

One telephone port (RJ11), one phone number

Two LAN ports (RJ45)

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

Item Description

One USB 2.0 slave port (for local maintenance only)

One micro SIM card port

Buttons One PWR button

One WPS button

One reset button

LED indicators One PWR indicator

One Wi-Fi indicator

One SIM indicator

One LTE indicator

One STA indicator

Three signal strength indicators

Maximum transmit power

Receiving sensitivity

LTE LTE: conform to power class 3 definition

802.11b

802.11g

(16±3) @11 Mbps

(16±3) @6 Mbps

(16±3) @54 Mbps

802.11n

WLAN

802.11a/n/ac high band

(16±3) @2.4G MCS0 (16±3) @2.4G MCS7

(16±3)@MCS0

(16±3) @MCS7

(16±3) @MCS9

(16±3) @MCS0

802.11a/n/ac low band

(16±3) @MCS7 (16±3) @MCS9

LTE

WLAN

LTE: confirm to 3GPP requirements

802.11b

802.11g

802.11n HT20 (2.4 GHz)

-92 dBm@1 Mbps

-85 dBm@11 Mbps

-88 dBm@6 Mbps

-73 dBm@54 Mbps

-87 dBm@MCS0

-71 dBm@MCS7

802.11n HT40 (2.4 GHz)

802.11n HT20 (5 GHz)

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

-84 dBm@MCS0

-68 dBm@MCS7

-88 dBm@MCS0

-68 dBm@MCS7

eA280 Series LTE CPE User Guide 1 Overview

Item Description

802.11n HT40 (5 GHz)

802.11ac 20M (5 GHz)

-85 dBm@MCS0

-64 dBm@MCS7

-87 dBm@MCS0

-68 dBm@MCS7

-83 dBm@MCS0

802.11ac 40M (5 GHz)

-66 dBm@MCS7

-59 dBm@MCS9

-80 dBm@MCS0

-63 dBm@MCS7

-56 dBm@MCS9

Power

802.11ac 80M (5 GHz)

< 12 W

consumption

Power supply AC: 100 V to 240 V

DC: 12 V/2 A

Dimensions (D x

95 mm x 210 mm

Weight About 530 g (power adapter excluded)

Temperature Working temperature: 0°C to +40°C

Storage temperature: –20°C to +70°C

Humidity 5% to 95% RH

You are advised to deploy the device and power on it in three months after it is received or store it under following circumstance:



Temperature: –10°C to 35°C



Humidity: 30% RH to 85% RH

Storage environment should be equipped with temperature and humidity equipment and dehumidification equipment to monitor and adjust the temperature and humidity.

WLAN CH1-CH10 is unavailable when LTE works at band 40

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

1.4 Antenna Specifications

Table 1-2 Specifications of the LTE main antenna

Item Description

Frequency range 2300 MHz to 3800 MHz

Input impedance 50 Ω

Standing wave

< 2

ratio (SWR)

Efficiency > 50%

Gain 3 dBi

Polarization type Linear polarization

Direction Omni-directional

For FCC frequency range:

Frequency Range



LTE-FDD Band 7:2500-2570MHz(Tx), 2620-2690MHz(Rx) LTE-TDD Band 40: 2305-2320MHz&2345-2360MHz(T x/Rx)

LTE-TDD Band 41: 2500-2690MHz(Tx/Rx)

Table 1-3 WLAN 2.4 GHz antenna specifications

Item Description

Frequency 2.400 GHz to 2.4835 GHz

Input impedance 50 Ω

Standing wave ratio < 3

H side gain 2 dBi

Efficiency > 60%

Polarization Linear polarization

Table 1-4 WLAN 5 GHz antenna specifications

Item Description

Frequency 5150 MHz to 5850MHz

Input impedance 50 Ω

Standing wave ratio < 3

H side gain 2 dBi

Efficiency > 60%

Polarization Linear polarization

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

1.5 Software Specifications

Table 1-5 describes the software specifications of the eA280.

Table 1-5 Software specifications

Item Description

Gateway Supports the default route, namely, the route with the IP address

0.0.0.0.

Supports the Address Resolution Protocol (ARP).

Supports the Internet Control Message Protocol (ICMP).

Supports the domain name service (DNS).

NAT Supports network address translation (NAT ) and

Network Address and Port Translation (NAPT), which complies with RFC2663, RFC3022, and RFC3027.

Firewall

DHCP server



The default IP address of the DHCP server ranges from 192.168.1.2 to 192.168.1.254. The default gateway address is 192.168.1.1.



The default DHCP lease is 24 hours.



Enables and disables the DHCP server.



Configures DHCP server address pools.



Sets the lease time.



Supports static IP address reserving.



Supports DHCP relay.

Routing Behind

Supports routing Behind MS

UE direct

UE direct connect

connect



Firewall switch



LAN MAC address filtering



IP address filtering



URL filtering



Security Parameter Index (SIP) ALG



Demilitarized Zone (DMZ)



Port forwarding



Service access control



NAT（Network Address Translation）



Static Route



Dynamic Route

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

Item Description

LAN



Auto-negotiation between 10 /100 /1000 Mbit/s



MDI/MDIX auto-sensing



Compatible with IEEE 802.3/802.3u



If you connect to multiple hosts via Hub or switch, the number of

host devices sold under LTE CPE should not exceed 32

VoIP Supports G.729, G.711a, and G.711u.

Supports SIP (RFC3261).

Supports SDP (RFC2327).

Supports DNS.

Supports DTMF.

Supports SIP ALG.

Upgrade Supports TR-069 upgrade and local upgrade and online upgrade.

SIM Supports PIN management and SIM card authentication.

Supports soft SIM cards.

Frequency Lock Support frequency, cell lock in two ways.

Dial-up connection Supports automatic and manual connection.

Importing and exporting

Encrypts and backs up the current configuration, and then restores from a backup configuration.

configuration

WLAN Broadcasts and hides service set identifiers (SSIDs).

Complies with WLAN 2.4 GHz IEEE 802.11b/g/n and 5 GHz

802.11a/n/ac

Supports WPS.

Authentication Supports Open System authentication.

Supports encryption using wired equivalent privacy (WEP), Wi-Fi protected access pre-shared key (WPA-PSK), and WPA2-PSK keys.

Supports the Advanced Encryption Standard (AES) encryption algorithm.

Supports the TKIP and AES hybrid encryption algorithm.

MAC address authentication

Supports the MAC address authentication white list.

Supports the MAC address authentication blacklist.

Supports a maximum of 10 MAC address entries.

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

Item Description

Supports automatic transmission rate adjustment.

1.6 Product Security

eA280 security includes network security and application security. Application security includes wireless security and OM security.

1.6.1 Network Security

eA280 network security uses Secure Sockets Layer (SSL) and Hypertext Transfer Protocol Secure (HTTPS).

SSL

The SSL protocol is a security connection technology for the server and client. It provides a confidential, trusted, and identity-authenticating connection to two application layers. SSL is regarded as a standard security measure and has been widely applied to web services.

Station management

Supports station status queries.

Supports a maximum of 32 connected stations at

2.4 GHz.

Supports a maximum of 32 connected stations at 5 GHz.

HTTPS



Identity authentication

Identity authentication checks whether a communication individual is the expected object. SSL authenticates servers and clients based on digital certificates and user/password. Clients and servers have their own identifiers. The identifiers are numbered by the public key. To verify that a user is legitimate, SSL requires digital authentication during data exchange in the SSL handshake procedure.



Connection confidentiality

Data is encrypted before transmission to prevent data from being hacked by malicious users. SSL uses encryption algorithms to ensure the connection confidentiality.



Data integrity

Any tampering on data during transmission can be detected. SSL establishes a secure channel between the client and the server so that all the SSL data can reach the destination intact.

For the eA280, the OM TCP applications can use SSL. HTTP over SSL is generally called HTTPS. HTTPS is used for connections between the NMS/WebUI and eA280. SSL also uses the digital certificate mechanism.

HTTPS provides secure HTTP channels. HTTPS is HTTP to which SSL is added, and SSL ensures the security of HTTPS.

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

1.6.2 Application Security

eA280 application security includes wireless security and OM security.

Wireless Security

eA280 wireless security includes authentication, air-interface data encryption, and integrity protection.

OM Security

OM security includes user authentication, access control, OM system security, and software digital signature.

User Authentication and Access Control

User authentication and access control are implemented for users to be served by the eA280. The objective of authentication is to identify users and grant the users with proper permission. The objective of access control is to specify and restrict the operations to be performed and the resources to be accessed by the users.

OM System Security

OM system security includes software integrity check.

In the original procedure for releasing and using the software, the software integrity is ensured by using cyclic redundancy check (CRC). CRC can only prevent data loss during transmissions. If data is tampered with during transmissions, a forged CRC value will be regarded as valid by the CRC. Therefore, the receive end cannot rely on the CRC to ensure the consistency between the received data and the original data, adversely affecting the reliability and security for the software.

Software integrity protection implements the Hash algorithm or adds a digital signature to software (including mediation layers and configuration files) when releasing software, and then uploads software to the target server or device. When a target device downloads, loads, or runs software, the target device performs the Hash check or authenticates the digital signature. By doing so, software integrity protection ensures end-to-end software reliability and integrity.

Software integrity protection helps detect viruses or malicious tampering in a timely manner, preventing insecure or virus-infected software from running on the device.

Digital Signature of Software

A digital signature of software is used to identify the software source. It ensures the integrity and reliability of software.

When software is released, its digital signature is delivered with the software package. After the software package is downloaded to an NE, the NE verifies the digital signature of the software package before using it. If the digital signature passes the verification, the software is intact and reliable. If the verification fails, the software package is invalid and cannot be used. Figure 1-3 illustrates the principles of a software digital signature.

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

eA280 Series LTE CPE User Guide 1 Overview

Figure 1-3 Digital signature of software



Before a software package is released, all files in the software package are signed with digital signatures. That is, after a message digest is calculated for all files in the software package, the message digest is digitally signed using a private key.



After a software package with a digital signature is loaded to an NE through a media such as the software release platform, the NE first verifies the digital signature of the software package. That is, the NE uses a public key to decrypt the digital signature and obtain the original message digest. Then, the NE recalculates the message digest and compares the new message digest with the original one.

−

The public key used to decrypt digital signatures is stored in the secure storage area of an NE and cannot be queried or exported.

1.7 Device Ports

If the two message digests are the same, the software package passes the verification and can be used.

If the two message digests are different, the software package fails the verification and cannot be used.

1.7.1 Web Port

You can log in to the LTE CPE WebUI over HTTPS to manage the LTE CPE, including configuring and querying settings, exporting running logs, querying device logs, importing and exporting the configuration, restarting and updating the LTE CPE, and restoring the LTE CPE to its default settings. For details, see the WebUI online help.



The default WebUI login user name and password are admin and admin, respectively.

NOTE

Issue 01 (2016-11-08) Huawei Proprietary and Confidential

+ 35 hidden pages