Huawei EA280-135 Users Manual

eA280 Series LTE CPE

User Guide

Issue 01

Date 2016-11-08

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2016. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice

The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base

Bantian, Longgang

Shenzhen 518129

People's Republic of China

Website: http://www.huawei.com

Email: support@huawei.com

	Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	i
		Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	About This Document

About This Document

Overview

This document describes the hardware, functions, installation, configuration, upgrade, operation and maintenance (OM) of the eA280 series customer premises equipment (LTE CPE).

Product Version

Product Name	Product Version
eA280-135	V100R001

Intended Audience

This document is intended for:

System engineers

Product engineers

Technical support engineers

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	ii
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	Contents

			Contents
About This Document....................................................................................................................			ii
1 Overview.........................................................................................................................................			1
1.1	Product Introduction.........................................................................................................................................		1
1.2 Application Scenarios.......................................................................................................................................			2
1.3	Hardware Specifications ..................................................................................................................................		3
1.4 Antenna Specifications.....................................................................................................................................			6
1.5	Software Specifications....................................................................................................................................		7
1.6	Product Security ...............................................................................................................................................		9
	1.6.1 Network Security ....................................................................................................................................		9
	1.6.2 Application Security..............................................................................................................................		10
1.7	Device Ports ...................................................................................................................................................		11
	1.7.1 Web Port................................................................................................................................................		11
	1.7.2 USB Port ...............................................................................................................................................		11
	1.7.3 TR-069 Port ..........................................................................................................................................		14
	1.7.4 Voice Interface ......................................................................................................................................		15
2 Hardware ......................................................................................................................................			16
2.1 eA280 Hardware ............................................................................................................................................			16
3 Getting Start.................................................................................................................................			20
3.1	Installing the Micro SIM Card	.......................................................................................................................	20
3.2	Connecting to the Power Adapter...................................................................................................................		21
4 Configuration Introduction.......................................................................................................			22
4.1	Logging In to the WebUI................................................................................................................................		22
4.2	NAT Settings ..................................................................................................................................................		22
4.3 DHCP Relay...................................................................................................................................................			23
4.4 VoIP................................................................................................................................................................			28
4.5	Profile Management .......................................................................................................................................		30
4.6 TR-069 Setting ...............................................................................................................................................			31
4.7	Security Settings.............................................................................................................................................		32
	4.7.1 Firewall Settings ...................................................................................................................................		32
	4.7.2 LAN IP Address Filtering .....................................................................................................................		32
	4.7.3 MAC Address Filtering.........................................................................................................................		33
Issue 01 (2016-11-08)		Huawei Proprietary and Confidential	iii
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide		Contents
	4.7.4 Domain Name Filtering ........................................................................................................................	33
5 Update Introduction ...................................................................................................................		34
5.1	Local Update ..................................................................................................................................................	34
5.2	Online Update ................................................................................................................................................	34
5.3 TR069 eSight Update .....................................................................................................................................		35
	5.3.1 Firmware Version..................................................................................................................................	35
	5.3.2 Upgrade Management ...........................................................................................................................	35
6 Maintenance.................................................................................................................................		37
6.1	Maintenance Preparation................................................................................................................................	37
6.2	Fault Diagnosis...............................................................................................................................................	37
7 FAQs ..............................................................................................................................................		39
7.1 What Do I Do If the WebUI Fails to Be Opened? ..........................................................................................		39
7.2 What Do I Do When the Power Indicator Is Not Working? ...........................................................................		39
7.3 What Do I Do When the Data Service Is Not Provided?................................................................................		40
8 Privacy and Security ...................................................................................................................		41
8.1	Privacy Policy ................................................................................................................................................	41
8.2	Security Maintenance.....................................................................................................................................	41
8.3	Performing Default Security Configuration ...................................................................................................	41
9 Acronyms and Abbreviations...................................................................................................		43

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	iv
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

1 Overview

About This Chapter

This chapter describes the functions, applications, product security and specifications of the product.

1.1 Product Introduction

HUAWEI eA280 is a piece of customer premises equipment (CPE) that functions as the long term evolution (LTE) wireless gateway. It implements the conversion between LTE wireless data and wired Ethernet data and supports data backhaul. The eA280 series can be used independently and deployed outdoors.

The eA280 V100R001 CPEs support LTE Release 11/12. The eA280 provides the following functions:

Data services

The eA280 series use LTE broadband technologies to support high-speed broadband network access, data backhaul, and video surveillance.

Voice services

The eA280 provides two telephone ports to which users can connect telephones to implement basic voice functions and supplement voice functions.

Security services

The eA280 series support the firewall and PIN password, which protects your computers when you access the Internet.

Firewall services

The eA280 series support the following firewall services:

−Firewall switch: enables or disables firewalls.

−LAN Media access control (MAC) address filtering: prevents specified MAC addresses on a LAN from accessing the network.

−LAN IP address filtering: prevents specified IP addresses on a LAN from accessing the network.

−URL filtering: prevents computers from accessing certain URLs.

Local and remote management and maintenance

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	1
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

The eA280 series can be locally configured in the local city to implement device management and network configuration, thereby ensuring stable operation of the device.

1.2 Application Scenarios

The eA280 series are mainly intended to provide users with wireless broadband data access services for wISP Wireless Internet Service Provider market.

The eA280 provides LTE-TDD and LTE-FDD band7 wireless routing and translating LTE wireless data into wired Ethernet data, and vice versa.

The eA280 can simultaneously set up wireless connections with 64 Wi-Fi devices (32 devices for 2.4 GHz and 32 for 5 GHz) and establish a local area network (LAN) by connecting to concentrators and switches.

Figure 1-1 eA280 connected to multiple devices

The eA280 provides one telephone interface. You can connect a telephone to achieve the basic voice capabilities.

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	2
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

Figure 1-2 eA280 connected to telephones (optional)

1.3 Hardware Specifications

Table 1-1 describes the technical specifications of the eA280.

Table 1-1 Technical specifications of the eA280

	Item		Description
	Technical		WAN: LTE 3GPP Release 11/12
	standards
			LAN: IEEE 802.3/802.3u
			IEEE 802.11b/g/n, 802.11a/n/ac
	Working bands		eA280-135:LTE TDD (2570 MHz to 2620 MHz)
			LTE TDD (2300 MHz to 2400 MHz)
			LTE TDD (2496 MHz to 2690 MHz)
			LTE FDD (2500 MHz to 2570 MHz (UL)/
			2620 MHz to 2690 MHz (DL)
			LTE TDD (3400 MHz to 3600 MHz)
			LTE TDD (3600 MHz to 3800 MHz)
			 2.4 GHz (802.11b/g/n): 2.400 GHz to 2.4835 GHz
			 5 GHz (802.11a/n/ac): 5.150 GHz to 5.850 GHz
	External ports		One power port
			One telephone port (RJ11), one phone number
			Two LAN ports (RJ45)
Issue 01 (2016-11-08)		Huawei Proprietary and Confidential		3
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide						1 Overview
	Item		Description
			One USB 2.0 slave port (for local maintenance only)
			One micro SIM card port
	Buttons		One PWR button
			One WPS button
			One reset button
	LED indicators		One PWR indicator
			One Wi-Fi indicator
			One SIM indicator
			One LTE indicator
			One STA indicator
			Three signal strength indicators
			LTE	LTE: conform to power class 3 definition
				802.11b		(16±3) @11 Mbps
				802.11g		(16±3) @6 Mbps
						(16±3) @54 Mbps
	Maximum transmit			802.11n		(16±3) @2.4G MCS0
						(16±3) @2.4G MCS7
	power		WLAN
						(16±3)@MCS0
				802.11a/n/ac
						(16±3) @MCS7
				high band
						(16±3) @MCS9
				802.11a/n/ac		(16±3) @MCS0
						(16±3) @MCS7
				low band
						(16±3) @MCS9
			LTE	LTE: confirm to 3GPP requirements
				802.11b		-92 dBm@1 Mbps
						-85 dBm@11 Mbps
				802.11g		-88 dBm@6 Mbps
						-73 dBm@54 Mbps
	Receiving
				802.11n HT20		-87 dBm@MCS0
	sensitivity		WLAN
				(2.4 GHz)		-71 dBm@MCS7
				802.11n HT40		-84 dBm@MCS0
				(2.4 GHz)		-68 dBm@MCS7
				802.11n HT20 (5		-88 dBm@MCS0
				GHz)		-68 dBm@MCS7
Issue 01 (2016-11-08)		Huawei Proprietary and Confidential				4

Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide				1 Overview
	Item	Description
			802.11n HT40 (5	-85 dBm@MCS0
			GHz)	-64 dBm@MCS7
			802.11ac 20M (5	-87 dBm@MCS0
			GHz)	-68 dBm@MCS7
			802.11ac 40M (5	-83 dBm@MCS0
				-66 dBm@MCS7
			GHz)
				-59 dBm@MCS9
			802.11ac 80M (5	-80 dBm@MCS0
			GHz)	-63 dBm@MCS7
			802.11ac 80M (5	-56 dBm@MCS9
			GHz)
	Power	< 12 W
	consumption
	Power supply	AC: 100 V to 240 V
		DC: 12 V/2 A
	Dimensions (D x	95 mm x 210 mm
	H)
	Weight	About 530 g (power adapter excluded)
	Temperature	Working temperature: 0°C to +40°C
		Storage temperature: –20°C to +70°C
	Humidity	5% to 95% RH

You are advised to deploy the device and power on it in three months after it is received or store it under following circumstance:

Temperature: –10°C to 35°C

Humidity: 30% RH to 85% RH

Storage environment should be equipped with temperature and humidity equipment and dehumidification equipment to monitor and adjust the temperature and humidity.

WLAN CH1-CH10 is unavailable when LTE works at band 40

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	5
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide						1 Overview
1.4 Antenna Specifications
	Table 1-2 Specifications of the LTE main antenna
	Item			Description
	Frequency range			2300 MHz to 3800 MHz
	Input impedance			50 Ω
	Standing wave			< 2
	ratio (SWR)
	Efficiency			> 50%
	Gain			3 dBi
	Polarization type			Linear polarization
	Direction			Omni-directional
	For FCC frequency range:
						LTE-FDD Band 7:2500-2570MHz(Tx), 2620-2690MHz(Rx)
		Frequency Range				LTE-TDD Band 40: 2305-2320MHz&2345-2360MHz(Tx/Rx)
						LTE-TDD Band 41: 2500-2690MHz(Tx/Rx)
	Table 1-3 WLAN 2.4 GHz antenna specifications
	Item				Description
	Frequency				2.400 GHz to 2.4835 GHz
	Input impedance				50 Ω
	Standing wave ratio				< 3
	H side gain				2 dBi
	Efficiency				> 60%
	Polarization				Linear polarization
	Table 1-4 WLAN 5 GHz antenna specifications
	Item				Description
	Frequency				5150 MHz to 5850MHz
	Input impedance				50 Ω
	Standing wave ratio				< 3
	H side gain				2 dBi
	Efficiency				> 60%
	Polarization				Linear polarization
Issue 01 (2016-11-08)			Huawei Proprietary and Confidential				6
		Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

1.5 Software Specifications

Table 1-5 describes the software specifications of the eA280.

Table 1-5 Software specifications

Item	Description
Gateway	Supports the default route, namely, the route with the IP address
	0.0.0.0.
	Supports the Address Resolution Protocol (ARP).
	Supports the Internet Control Message Protocol (ICMP).
	Supports the domain name service (DNS).
	NAT		Supports network address translation (NAT ) and
			Network Address and Port Translation (NAPT),
			which complies with RFC2663, RFC3022, and
			RFC3027.
	DHCP server			The default IP address of the DHCP server
				ranges from 192.168.1.2 to 192.168.1.254. The
				default gateway address is 192.168.1.1.
				The default DHCP lease is 24 hours.
				Enables and disables the DHCP server.
				Configures DHCP server address pools.
				Sets the lease time.
				Supports static IP address reserving.
				Supports DHCP relay.
	Routing Behind		Supports routing Behind MS
	MS
	UE direct		UE direct connect
	connect
Firewall		Firewall switch
		LAN MAC address filtering
		IP address filtering
		URL filtering
		Security Parameter Index (SIP) ALG
		Demilitarized Zone (DMZ)
		Port forwarding
		Service access control
		NAT Network Address Translation
		Static Route
		Dynamic Route

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	7
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide					1 Overview
	Item		Description
	LAN			Auto-negotiation between 10 /100 /1000 Mbit/s
				MDI/MDIX auto-sensing
				Compatible with IEEE 802.3/802.3u
				If you connect to multiple hosts via Hub or switch, the number of
				host devices sold under LTE CPE should not exceed 32
	VoIP		Supports G.729, G.711a, and G.711u.
			Supports SIP (RFC3261).
			Supports SDP (RFC2327).
			Supports DNS.
			Supports DTMF.
			Supports SIP ALG.
	Upgrade		Supports TR-069 upgrade and local upgrade and online upgrade.
	SIM		Supports PIN management and SIM card authentication.
			Supports soft SIM cards.
	Frequency Lock		Support frequency, cell lock in two ways.
	Dial-up connection		Supports automatic and manual connection.
	Importing and		Encrypts and backs up the current configuration, and then restores
	exporting		from a backup configuration.
	configuration
	WLAN		Broadcasts and hides service set identifiers (SSIDs).
			Complies with WLAN 2.4 GHz IEEE 802.11b/g/n and 5 GHz
				802.11a/n/ac
			Supports WPS.
			Authentication		Supports Open System authentication.
					Supports encryption using wired equivalent
					privacy (WEP), Wi-Fi protected access pre-shared
					key (WPA-PSK), and WPA2-PSK keys.
					Supports the Advanced Encryption Standard
					(AES) encryption algorithm.
					Supports the TKIP and AES hybrid encryption
					algorithm.
			MAC address		Supports the MAC address authentication white
			authentication		list.
					Supports the MAC address authentication
					blacklist.
					Supports a maximum of 10 MAC address entries.
Issue 01 (2016-11-08)		Huawei Proprietary and Confidential				8
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide			1 Overview
	Item	Description
		Supports automatic transmission rate adjustment.
		Station	Supports station status queries.
		management
			Supports a maximum of 32 connected stations at
			2.4 GHz.
			Supports a maximum of 32 connected stations at 5
			GHz.

1.6 Product Security

eA280 security includes network security and application security. Application security includes wireless security and OM security.

1.6.1 Network Security

eA280 network security uses Secure Sockets Layer (SSL) and Hypertext Transfer Protocol Secure (HTTPS).

SSL

The SSL protocol is a security connection technology for the server and client. It provides a confidential, trusted, and identity-authenticating connection to two application layers. SSL is regarded as a standard security measure and has been widely applied to web services.

Identity authentication

Identity authentication checks whether a communication individual is the expected object. SSL authenticates servers and clients based on digital certificates and user/password. Clients and servers have their own identifiers. The identifiers are numbered by the public key. To verify that a user is legitimate, SSL requires digital authentication during data exchange in the SSL handshake procedure.

Connection confidentiality

Data is encrypted before transmission to prevent data from being hacked by malicious users. SSL uses encryption algorithms to ensure the connection confidentiality.

Data integrity

Any tampering on data during transmission can be detected. SSL establishes a secure channel between the client and the server so that all the SSL data can reach the destination intact.

HTTPS

For the eA280, the OM TCP applications can use SSL. HTTP over SSL is generally called HTTPS. HTTPS is used for connections between the NMS/WebUI and eA280. SSL also uses the digital certificate mechanism.

HTTPS provides secure HTTP channels. HTTPS is HTTP to which SSL is added, and SSL ensures the security of HTTPS.

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	9
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

1.6.2 Application Security

eA280 application security includes wireless security and OM security.

Wireless Security

eA280 wireless security includes authentication, air-interface data encryption, and integrity protection.

OM Security

OM security includes user authentication, access control, OM system security, and software digital signature.

User Authentication and Access Control

User authentication and access control are implemented for users to be served by the eA280. The objective of authentication is to identify users and grant the users with proper permission. The objective of access control is to specify and restrict the operations to be performed and the resources to be accessed by the users.

OM System Security

OM system security includes software integrity check.

In the original procedure for releasing and using the software, the software integrity is ensured by using cyclic redundancy check (CRC). CRC can only prevent data loss during transmissions. If data is tampered with during transmissions, a forged CRC value will be regarded as valid by the CRC. Therefore, the receive end cannot rely on the CRC to ensure the consistency between the received data and the original data, adversely affecting the reliability and security for the software.

Software integrity protection implements the Hash algorithm or adds a digital signature to software (including mediation layers and configuration files) when releasing software, and then uploads software to the target server or device. When a target device downloads, loads, or runs software, the target device performs the Hash check or authenticates the digital signature. By doing so, software integrity protection ensures end-to-end software reliability and integrity.

Software integrity protection helps detect viruses or malicious tampering in a timely manner, preventing insecure or virus-infected software from running on the device.

Digital Signature of Software

A digital signature of software is used to identify the software source. It ensures the integrity and reliability of software.

When software is released, its digital signature is delivered with the software package. After the software package is downloaded to an NE, the NE verifies the digital signature of the software package before using it. If the digital signature passes the verification, the software is intact and reliable. If the verification fails, the software package is invalid and cannot be used. Figure 1-3 illustrates the principles of a software digital signature.

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	10
	Copyright © Huawei Technologies Co., Ltd.

eA280 Series LTE CPE
User Guide	1 Overview

Figure 1-3 Digital signature of software

Before a software package is released, all files in the software package are signed with digital signatures. That is, after a message digest is calculated for all files in the software package, the message digest is digitally signed using a private key.

After a software package with a digital signature is loaded to an NE through a media such as the software release platform, the NE first verifies the digital signature of the software package. That is, the NE uses a public key to decrypt the digital signature and obtain the original message digest. Then, the NE recalculates the message digest and compares the new message digest with the original one.

−If the two message digests are the same, the software package passes the verification and can be used.

−If the two message digests are different, the software package fails the verification and cannot be used.

The public key used to decrypt digital signatures is stored in the secure storage area of an NE and cannot be queried or exported.

1.7 Device Ports

1.7.1 Web Port

You can log in to the LTE CPE WebUI over HTTPS to manage the LTE CPE, including configuring and querying settings, exporting running logs, querying device logs, importing and exporting the configuration, restarting and updating the LTE CPE, and restoring the LTE CPE to its default settings. For details, see the WebUI online help.

The default WebUI login user name and password are admin and admin, respectively.

NOTE

Issue 01 (2016-11-08)	Huawei Proprietary and Confidential	11
	Copyright © Huawei Technologies Co., Ltd.