How it Works
Modecom
Loading...
MC-421
Quick Installation Manual
16 pgs322.56 Kb0
User Manual
125 pgs3.47 Mb0

Modecom MC-421 User Manual

Download
Page 1
1
MODECOM
user’s manual
MC-421
WLAN Router
Page 2
2
WLAN Router
MC-421
WLAN Router
Contents:
Introduction 3
Features 3
Parameters that you need to congure the Wireless Gateway 4
What the Internet/WAN access of your own Network now is 5
Internet/WAN access is the DHCP client 6
Internet/WAN access is the Static IP 6
Internet/WAN access is the PPPoE client 7
Congure the Obtain an IP Address automatically for LAN Card 8
Getting to know the device 11
Parts Check 11
Front Panel 11
Front Panel and LEDs 11
Rear and Right Panel 12
Connecting your device 13
Easy Setup 14
WAN Conguration: 14
DHCP Client 14
PPPoE Client 16
Fixed IP 17
Getting Started with the Web pages 18
Accessing the Web pages 18
Testing your Setup 19
Quick Setup 21
Operation Mode Setup 21
Wireless ISP 22
WAN Interface Setup 22
Static IP 23
DHCP Client 23
PPPoE 24
Wireless Basic Setup 24
AP (Access Point) 24
Main WDS station: 25
Repeater WDS stations: 25
WDS (Wireless Distribution System) only 26
AP (Access Point) + WDS (Wireless Distribution System) 26
Wireless Security Setup 27
Conguring WEP 64bit ASCII (5 characters) security 28
Conguring WEP 64bit Hex (10 characters) security 29
Conguring WEP 128bit ASCII (13 characters) security 29
Conguring WEP 128bit Hex (26 characters) security 30
Conguring WPA (TKIP) Passphrase security 31
Page 3
3
WLAN Router
Conguring WPA (TKIP) HEX (64 characters) security 31
Conguring WPA2 (AES) Passphrase security 32
Conguring WPA2 (AES) HEX (64 characters) security 32
Conguring WPA2 (Mixed) Passphrase security 33
Conguring WPA2 (Mixed) HEX (64 characters) security 33
Operation Mode 34
Wireless Network 34
Basic Settings 34
Advanced Settings 35
Security 36
WEP + Encryption Key 37
WEP + Use 802.1x Authentication 39
WPA/WPA2/WPA2 Mixed + Personal (Pre-Shared Key) 39
WPA/WPA2/WPA2 Mixed + Enterprise (RADIUS) 40
Access Control 42
Allow Listed 42
Deny Listed 43
WDS settings 43
Site Survey 48
WPS 51
Introduction of WPS 51
Supported WPS features 52
AP mode 52
AP as Enrollee 52
AP as Registrar 52
AP as Proxy 52
Infrastructure-Client mode 53
Instructions of AP’s and Client’s operations 53
Wireless Advanced Settings page 53
Operations of AP - AP being an enrollee 54
Operations of AP - AP being a registrar 59
Push Button method 61
Warning pop-up windows of AP 63
Un-supported mode in WPS 63
Un-supported security in WPS 64
LAN Interface 64
LAN Interface Setup 64
Changing the LAN IP address and subnet mask 65
Show Client 67
WAN Interface 67
Conguring Static IP connection 69
Conguring DHCP Client connection 71
Conguring PPPoE connection 73
Clone MAC Address 75
Port Filtering 77
Port ltering for TCP port 80 77
Port ltering for UDP port 53 78
Page 4
4
WLAN Router
IP Filtering 79
IP ltering for TCP with specied IP 80
IP ltering for UDP with specied IP 81
IP ltering for both TCP and UDP with specied IP 82
MAC Filtering 83
MAC ltering for specied MAC Address 83
Port Forwarding 84
Port Forwarding for TCP with specied IP 85
Port Forwarding for UDP with specied IP 86
URL Filtering 87
URL ltering for specied URL Address 87
DMZ 88
DMZ Host IP Address 88
Status 89
Statistics 90
Dynamic DNS 90
Congure DynDNS 92
Congure TZO 93
Time Zone Setting 94
Denial-of-Service 95
Log 97
Firmware Update 98
Manually updating rmware 98
Save/Reload Settings 99
Save Settings to File 99
Load Settings from File 100
Resetting to Defaults 100
Password 102
Logout 104
Logout 104
Conguring your Computers 105
Conguring Ethernet PCs 105
IP Addresses, Network Masks, and Subnets 108
IP Addresses 108
Subnet masks 109
UPnP Control Point Software on Windows ME/XP 110
UPnP Control Point Software on Windows ME 110
UPnP Control Point Software on Windows XP with Firewall 110
Troubleshooting 112
Troubleshooting Suggestions 112
Diagnosing Problem using IP Utilities 113
Glossary 115
Environment protection: 123
Page 5
5
WLAN Router
Introduction
Congratulations on becoming the owner of the Wireless Gateway. You will now be able to access the Internet using
your high-speed xDSL/Cable modem connection.
This User Guide will show you how to connect your Wireless Gateway, and how to customize its conguration to get
the most out of your new product.
Features
The list below contains the main features of the device and may be useful to users with knowledge of networking
protocols. If you are not an experienced user, the chapters throughout this guide will provide you with enough in-
formation to get the most out of your device.
Features include:
10/100Base-T Ethernet router to provide Internet connectivity to all computers on your LAN•
Network address translation (NAT) functions to provide security for your LAN•
Network conguration through DHCP Server and DHCP Client•
Services including IP route and DNS conguration, RIP, and IP•
IOP (Inter-Operability) with major soft-switch vendors•
SIP signaling supporting•
Supports remote software upgrades•
Plug & Play, Auto Conguration / Auto Provisioning•
User-friendly conguration program accessed via a web browser•
User-friendly conguration program accessed via EasySetup program•
The Wireless Gateway has the internal Ethernet switch allows for a direct connection to a 10/100BASE-T Ethernet
network via an RJ-45 interface, with LAN connectivity for both the Wireless Gateway and a co-located PC or other
Ethernet-based device.
Device Requirements
In order to use the Wireless Gateway, you must have the following:
One RJ-45 Broadband Internet connection via cable modem or xDSL modem
Instructions from your ISP on what type of Internet access you will be using, and the addresses needed to •
set up access
One or more computers each containing an Ethernet card (10Base-T/100Base-T network interface card •
(NIC))
TCP/IP protocol for each PC•
For system conguration using the supplied •
a. web-based program: a web browser such as Internet Explorer v4 or later, or Netscape v4 or later. Note that
version 4 of each browser is the minimum version requirement – for optimum display quality, use Internet
Explorer v5, or Netscape v6.1
b. EasySetup program: Graphical User Interface
Note
You do not need to use a hub or switch in order to connect more than one Ethernet PC to your device. Instead, you can connect up to four Ethernet PCs directly to your device using the ports labeled Ethernet on the rear panel.
Page 6
6
WLAN Router
Using this Document
Notational conventions
Acronyms are dened the rst time they appear in the text and also in the glossary.•
For brevity, the Wireless Gateway is referred to as “the device”.•
The term LAN refers to a group of Ethernet-connected computers at one site.•
Typographical conventions
Italic text is used for items you select from menus and drop-down lists and the names of displayed web pages.•
Bold text is used for text strings that you type when prompted by the program, and to emphasize important •
points.
Special messages
This document uses the following icons to draw your attention to specic instructions or explanations.
Note
Provides clarifying or non-essential information on the current topic.
Denition
Provides clarifying or non-essential information on the current topic.
WARNING
Provides clarifying or non-essential information on the current topic.
Parameters that you need to congure the Wireless Gateway
Following table is the parameters that you need to congure the Wireless Gateway.
If you cannot get the Internet/WAN access of your own network, it’s dicult to congure the Wireless Gateway cor-
rectly and have it work properly.
Parameters that you need to congure the Wireless Gateway
Internet/WAN Access of your own Network
DHCP Client
PPPoE Client
Static IP
Obtain an IP Address automatically
X
N/A
N/A
Username
N/A
1234
N/A
Password
N/A
1234
N/A
IP Address
N/A
N/A
192.168.10.110
Subnet Mask
N/A
N/A
255.255.255.0
Gateway
N/A
N/A
192.168.10.100
DNS Server IP
N/A
N/A
192.168.10.100
Note:
Username / Password which was given by Telecom or by your Internet Service Provider (ISP).
IP Address / Subnet Mask / Gateway / DNS Server IP which was given by your network administrator or by Telecom
or by your Internet Service Provider (ISP).
Page 7
7
WLAN Router
What the Internet/WAN access of your own Network now is
Now you could check what the Internet/WAN access of your network is to know how to congure the WAN port of
Wireless Gateway.
Please follow steps below to check what the Internet/WAN access if your own Network is DHCP Client, Static IP or
PPPoE Client.
Click Start -> Control Panel
Double click Network Connections
Page 8
8
WLAN Router
Internet/WAN access is the DHCP client
If you cannot see any Broadband Adapter in the Network Connections, your Internet/WAN access is DHCP Client
or Static IP.
Click Local Area Connection in LAN or High-Speed Internet and you could see string Assigned by DHCP in Details.
Internet/WAN access is the Static IP
If you cannot see any Broadband Adapter in the Network Connections, your Internet/WAN access is DHCP Client
or Static IP.
Click Local Area Connection in LAN or High-Speed Internet and you could see string Manually Congured in
Details.
Right click Local Area Connection and click Properties and then you could get the IP settings in detail and write
down the IP settings as follow:
IP Address: 192.168.10.110
Subnet mask: 255.255.255.0
Default gateway: 192.168.10.100
Page 9
9
WLAN Router
Preferred DNS server: 192.168.10.100
Alternate DNS Server: If you have it, please also write it down.
Internet/WAN access is the PPPoE client
If you can see any Broadband Adapter in the Network Connections, your Internet/WAN access is PPPoE Client.
Click Broadband Adapter in Broadband and you could see string Assigned by Service Provider in Details.
For PPPoE conguration on Wireless Gateway, you’ll need following information that you could get from your
Telecom, or by your Internet Service Provider.
Username of PPPoE: 1234 for example
Password of PPPoE: 1234 for example
Page 10
10
WLAN Router
Congure the Obtain an IP Address automatically for LAN Card
To congure the Wireless Gateway by Easy Setup utility or Web page, please follow steps below to congure your
LAN Card to obtain an IP Address automatically (DHCP Client).
If your LAN Card is congured to obtain an IP Address automatically (DHCP Client) already, just skip this chapter.
Click Start -> Control Panel
Double click Network Connections
Page 11
11
WLAN Router
Right click Local Area Connection and then click Properties
Click Internet Protocol [TCP/IP] and then click Properties
Page 12
12
WLAN Router
Select Obtain and IP Address automatically and then click OK
Click Close
Now you’ve already congured the LAN to obtain an IP Address automatically (DHCP Client), just follow reset steps
to nish the installation of Wireless Gateway.
Page 13
13
WLAN Router
Getting to know the device
Parts Check
In addition to this document, your package should arrive containing the following:
1. Wireless Gateway
2. Ethernet cable
3. CD-ROM containing the online manual
4. QIG
5. Power Adapter
Front Panel
The front panel contains lights called Light Emitting Diodes (LEDs) that indicate the status of the unit.
Front Panel and LEDs
Label Color Function
POWER green
On: device is powered on O: device is powered o
WLAN green
On: WLAN link established and active Blink: Valid Wireless packet being transferred
WPS green
O: WPS link isn’t established and active Blink: Valid WPS packet being transferred
WAN green
On: WAN link established and active O: No LAN link Blink: Valid Ethernet packet being transferred
LAN 1/2/3/4
green
On: LAN link established and active O: No LAN link Blink: Valid Ethernet packet being transferred
Page 14
14
WLAN Router
Rear and Right Panel
The rear panel contains a Restore Defaults button, the ports for the unit’s data and power connections.
Rear Panel Connections
Right Panel Connections
Label Function
ANETENNA ANETENNA
ON/OFF SWITCH Power on/o the device
POWER Connects to the supplied power cable
LAN 4/3/2/1 Connects the device via Ethernet to up to four PCs on your LAN
WAN Connects the device via Ethernet to xDSL / Cable Modem
RESET Pressing this button for 3 seconds to restores the factory default conguration on your
device
Page 15
15
WLAN Router
Label Function
WLAN Press this button for 5 seconds to Disable or Enable Wireless LAN.
WPS Press this button for 3 seconds to Enable WPS function.
Connecting your device
This chapter provides basic instructions for connecting the Wireless Gateway to a computer or LAN and to the
Internet.
In addition to conguring the device, you need to congure the Internet properties of your computer(s). For more
details, see the following sections:
Conguring Ethernet PCs
This chapter assumes that you have already established a DSL/Cable service with your Internet service provider
(ISP). These instructions provide a basic conguration that should be compatible with your home or small oce ne-
twork setup. Refer to the subsequent chapters for additional conguration instructions.
Connecting the Hardware
This section describes how to connect the device to the wall phone port, the power outlet and your computer(s)
or network.
WARNING
Before you begin, turn the power o for all devices. These include your computer(s), your LAN hub/switch (if applicable), and the Wireless Gateway.
The diagram below illustrates the hardware connections. The layout of the ports on your device may vary from the
layout shown. Refer to the steps that follow for specic instructions.
Overview of Hardware Connections
Page 16
16
WLAN Router
Step 1. Connect the Ethernet cable to WAN Port
Plug one end of the RJ-45 Ethernet cable into the WAN port and plug the other end into the Ethernet port of the
Internet service device, such as the cable modem or xDSL modem. Then connect the cable modem or xDSL modem
to the modem port of the splitter using a RJ-11 telephone line.
Step 2. Connect the Ethernet cable to LAN Port
Connect either a LAN hub or a single Ethernet computer directly to the device via Ethernet cable(s).
Note that the cables do not need to be crossover cables.
Step 3. Attach the power connector
Connect the power adapter to the Power connector on the back of the device and plug the adapter into a wall outlet
or power strip. Turn on and boot up your computer(s) and any LAN devices such as hubs or switches.
Step 4. Congure your Ethernet PCs
You must also congure the Internet properties on your Ethernet PCs. See Conguring Ethernet PCs.
Step 5. Install a Wireless card and connect Wireless PCs
You can attach a Wireless LAN that enables Wireless PCs to access the Internet via your device.
You must congure your Wireless computer(s) in order to access your device. For complete instructions, see
Conguring Wireless PCs.
Next step
After setting up and conguring the device and PCs, you can log on to the device by following the instructions in
Getting Started with the Web pages. The chapter includes a section called Testing your Setup, which enables you to
verify that the device is working properly.
Easy Setup
For easy conguration, insert the CD into your CD-ROM drive.
The CD should auto-start and then click “Easy Conguration”. If it does not start, click on Start -> Run and type in CD:\
fscommand\vbpES.exe (where CD is the drive letter of your CD-ROM drive.)
WAN Conguration:
There are Three options of Protocol Modes on WAN Conguration: DHCP Client, PPPoE Client and Fixed IP Mode.
DHCP Client
The default Internet access is: DHCP Client Mode
From the Protocol modes drop-down list, select DHCP Client Mode setting.
Click Setup, it will start to congure the router for a while. Follow the instructions of the Easy Setup utility which will
guide you to complete the conguration.
Page 17
17
WLAN Router
Easy setup conguration completed.
Now you are ready to Surf the Internet!!!
Page 18
18
WLAN Router
PPPoE Client
From the Protocol modes drop-down list, select PPPoE Client Mode setting.
Enter PPPoE Username and Password.
Click Setup, it will start to congure the router for a while. Follow the instructions of the Easy Setup utility which will
guide you to complete the conguration.
Easy setup conguration completed.
Now you are ready to Surf the Internet!!!
Page 19
19
WLAN Router
Fixed IP
From the Protocol modes drop-down list, select Fixed IP Mode setting.
Enter IP Address, Subnet Mask, Gateway, Primary DNS Server and Secondary DNS Server.
Click Setup, it will start to congure the router for a while. Follow the instructions of the Easy Setup utility which will
guide you to complete the conguration.
Easy setup conguration completed.
Now you are ready to Surf the Internet!!!
Page 20
20
WLAN Router
Getting Started with the Web pages
The Wireless Gateway includes a series of Web pages that provide an interface to the software installed on the de-
vice. It enables you to congure the device settings to meet the needs of your network. You can access it through
your web browser from any PC connected to the device via the LAN ports.
Accessing the Web pages
To access the Web pages, you need the following:
A PC or laptop connected to the LAN port on the device.
A web browser installed on the PC. The minimum browser version requirement is Internet Explorer v4 or Netscape
v4. For the best display quality, use latest version of Internet Explorer, Netscape or Mozilla Firefox.From any of the
LAN computers, launch your web browser, type the following URL in the web address (or location) box, and press
[Enter] on your keyboard:
http://10.0.0.2
The Status homepage for the web pages is displayed:
Homepage
Page 21
21
WLAN Router
The rst time that you click on an entry from the left-hand menu, a login box is displayed. You must enter your user-
name and password to access the pages.
A login screen is displayed:
Login screen
Enter your user name and password. The rst time you log into the program, use these defaults:
User Name: admin
Password: administrator
Note
You can change the password at any time or you can congure your device so that you do not need to enter a password. See Password.
Click on OK. You are now ready to congure your device.
This is the rst page displayed each time you log in to the Web pages.
Note
If you receive an error message or the Welcome page is not displayed, see Troubleshooting Suggestions.
Testing your Setup
Once you have connected your hardware and congured your PCs, any computer on your LAN should be able to use
the DSL /Cable connection to access the Internet.
To test the connection, turn on the device, wait for 30 seconds and then verify that the LEDs are illuminated as fol-
lows:
Page 22
22
WLAN Router
Table 1. LED Indicators
Label
Color
Function
POWER
green
On: device is powered on O: device is powered o
WLAN
green
On: WLAN link established and active Blink: Valid Wireless packet being transferred
WPS
green
O: WPS link isn’t established and active Blink: Valid WPS packet being transferred
WAN
green
On: WAN link established and active O: No LAN link Blink: Valid Ethernet packet being transferred
LAN 1/2/3/4
green
On: LAN link established and active O: No LAN link Blink: Valid Ethernet packet being transferred
If the LEDs illuminate as expected, test your Internet connection from a LAN computer. To do this, open your web
browser, and type the URL of any external website. The LED labeled WAN should blink rapidly and then appear solid
as the device connects to the site.
If the LEDs do not illuminate as expected, you may need to congure your Internet access settings using the infor-
mation provided by your ISP. For details, see Internet Access. If the LEDs still do not illuminate as expected or the
web page is not displayed, see Troubleshooting Suggestions or contact your ISP for assistance.
Default device settings
In addition to handling the xDSL / Cable modem connection to your ISP, the Wireless Gateway can provide a variety
of services to your network. The device is precongured with default settings for use with a typical home or small
oce network.
The table below lists some of the most important default settings; these and other features are described fully in the
subsequent chapters. If you are familiar with network conguration, review these settings to verify that they meet
the needs of your network. Follow the instructions to change them if necessary. If you are unfamiliar with these set-
tings, try using the device without modication, or contact your ISP for assistance.
WARNING
We strongly recommend that you contact your ISP prior to changing the default conguration.
Option Default Setting Explanation/Instructions
WAN Port IP Address DHCP Client This is the temporary public IP address of the WAN port on
the device. It is an unnumbered interface that is replaced as soon as your ISP assigns a ‘real’ IP address. See Network Settings -> WAN Interface.
LAN Port IP Address
Assigned static IP address:
10.0.0.2
Subnet mask:
255.255.255.0
This is the IP address of the LAN port on the device. The LAN port connects the device to your Ethernet network. Typically, you will not need to change this address. See Network Settings -> LAN Interface.
DHCP (Dynamic Host Conguration Protocol)
DHCP server enabled with the following pool of ad­dresses:
10.0.0.100 through
10.0.0.200
The Wireless Gateway maintains a pool of private IP ad­dresses for dynamic assignment to your LAN computers. To use this service, you must have set up your compu­ters to accept IP information dynamically, as described in Conguring Ethernet PCs.
Page 23
23
WLAN Router
Quick Setup
The Quick Setup page displays useful information about the setup of your device, including:
details of the device’s Internet access settings
details of the device’s VoIP settings
details of the device’s Wireless settings
To display this page:
From the left-hand menu, click on Quick Setup. The following page is displayed:
Quick Setup page
Operation Mode Setup
You can setup dierent modes to LAN and WLAN interface for NAT function.
Gateway
In this mode, the device is supposed to connect to internet via ADSL/Cable Modem. The NAT is enabled and PCs in
four LAN ports share the same IP to ISP through WAN port. The connection type can be setup in WAN page by using
PPPoE, DHCP client or static IP.
To change the Operation Mode:
From the left-hand menu, click on Quick Setup. The following page is displayed:
Click on the ratio of Gateway and then click on Next>>.
Page 24
24
WLAN Router
Wireless ISP
In this mode, all ethernet ports are bridged together and the wireless client will connect to ISP access point. The
NAT is enabled and PCs in ethernet ports share the same IP to ISP through wireless LAN. You must set the wireless
to client mode rst and connect to the ISP AP in Site-Survey page. The connection type can be setup in WAN page
by using PPPOE, DHCP client or static IP.
To change the Operation Mode:
From the left-hand menu, click on Quick Setup. The following page is displayed:
Click on the ratio of Wireless ISP and then click on Next>>.
WAN Interface Setup
This page is used to congure the parameters for Internet network which connects to the WAN port of your Access
Point. Here you may change the access method to static IP, DHCP, or PPPoE by click the item value of WAN Access
type.
To change the WAN Access Type:
From the WAN Access Type drop-down list, select Static IP, DHCP Client, or PPPoE setting determined by your
Network Administrator or ISP.
Click Next>>.
Page 25
25
WLAN Router
Static IP
In this mode, the device is supposed to connect to internet via ADSL/Cable Modem. The NAT is enabled and PCs
in four LAN ports share the same IP to ISP through WAN port. The connection type can be setup in WAN page by
using static IP.
From the WAN Access Type drop-down list, select Static IP setting determined by your Network Administrator or
ISP.
Enter IP Address for example 192.168.1.10.
Enter Subnet Mask for example 255.255.255.0.
Enter Default Gateway for example 192.168.1.1.
Enter DNS for example 168.95.1.1.
Click Next>>.
DHCP Client
In this mode, the device is supposed to connect to internet via ADSL/Cable Modem. The NAT is enabled and PCs
in four LAN ports share the same IP to ISP through WAN port. The connection type can be setup in WAN page by
using static IP.
From the WAN Access Type drop-down list, select DHCP Client setting determined by your Network Administrator
or ISP.
Click Next>>.
Page 26
26
WLAN Router
PPPoE
In this mode, the device is supposed to connect to internet via ADSL/Cable Modem. The NAT is enabled and PCs
in four LAN ports share the same IP to ISP through WAN port. The connection type can be setup in WAN page by
using static IP.
From the WAN Access Type drop-down list, select PPPoE setting determined by your Network Administrator or ISP.
Enter User Name for example 1234.
Enter Password for example 1234.
Click Next>>.
Wireless Basic Setup
This page is used to congure the parameters for wireless LAN clients which may connect to your Access Point.
AP (Access Point)
Access Point is used to congure the parameters for wireless LAN clients who may connect to your Access Point.
From the Mode drop-down list, select AP setting.
Enter SSID for example AP_Router.
From the Channel Number drop-down list, select a Channel.
Click Next>>.
Page 27
27
WLAN Router
WDS (Wireless Distribution System)
WDS stands for Wireless Distribution System. It enables the access points (APs) to be connected wirelessly. Integrated
Access Device can also provide you services of WDS.
Note
Integrated Access Device that supports WDS does not support security systems like WEP, WPA or WPA­Enterprise on a WDS network.
Sometimes you want to establish a multi-access point wireless network in your home or oce, but you don’t have
Ethernet cabling running to the locations where you want to add the extra AP. After all, you may be using wireless
because you don’t have wires in place already.
One way to overcome this problem is to use a system built into Wireless Gateway that is known as Wireless
Distribution System (WDS).
WDS basically creates a mesh network by providing a mechanism for access points to “talk” to each other as well as
sending data to devices associated with them.
Note
WDS is based on some standardized 802.11 protocols, but there is no standardized way of implementing it that works across dierent AP and router vendors. So if you have a Wireless Gateway in one location and you want to create a WDS link to a other brand of router in another location (just to pick two brands at random), you probably won’t be able to get it to work. You have your best luck when you use equipment from the same manufacturer.
Note
When you use WDS as a repeater system, as described below, it eectively halves the data rate for clients con­nected to Integrated Wireless Gateway. That’s because every bit of data needs to be sent twice (data is rece­ived by the AP and then retransmitted).
To congure WDS, you need to modify some settings on each AP within the network. Your exact steps (and the ver-
biage used) will vary from vendor to vendor. Generally, you’ll see some settings like the following:
Main WDS station:
One of your WDS stations is the main base station for the WDS network. This AP is connected directly to your Internet
connection, or connected to your router via a wired connection. The main station is the bridge to your Internet con-
nection that all wireless trac eventually ows through.
Repeater WDS stations:
In a simple, two-AP WDS network, the other “unwired” AP is a repeater. The repeater receives data from the main
base station and relays the data to the wireless clients associated to the repeater station (and vice versa for data co-
ming from the clients). If you have more than two APs, remote APs may be repeaters, or they may be relays that pro-
vide an intermediate stopping point for data if the repeater is too far away from the main station to communicate.
When you congure your main or base WDS station, take note of the channel you’re set to and the ESSID or network
name of your network. If your AP has any kind of channel auto conguration function that changes channels based
on network conditions, be sure to disable this feature. If your main WDS station is also your network’s router, make
sure it’s set up to distribute IP addresses in the network.
Note
Write down or otherwise take note of the MAC addresses of all of your WDS stations — many conguration software systems require you to know these addresses to make the conguration settings work. Write down the wireless MAC address (it’s often on a sticker) and not the Ethernet MAC address.
Page 28
28
WLAN Router
Turn on the WDS functionality in your main station (it’s often labeled WDS, or may say something like Enable This
Base Station As a WDS Main Base Station — that’s the wording Apple uses for their AirPort Extreme products). When
you turn on this functionality, the conguration software may ask you to identify the remote repeater(s). Have the
MAC addresses of those repeaters handy in case you need them.
Depending upon how your software works, you may have to separately access the conguration software on the
remote repeater APs to turn on WDS. Here are a few things to remember:
You need to assign any other WDS stations to the same channel that your main base station is using. This is •
counterintuitive to many folks who have had the 802.11b/g “use channels 1, 6, and 11 and keep your APs on
dierent channels” mantra driven into their heads for a long time!
You set the ESSID of the remote location(s) using either a unique name or by using the same ESSID as you use •
for your main base station. (Whoa, our heads just exploded!) Using the same ESSID (a “roaming” network) is
pretty cool. You associate with one AP one time and then your PC or Mac can associate with any AP on your
WDS network without you having to do anything — it’s more seamless this way. But remember, you don’t
have to do this — you can give each AP a unique ESSID and just congure your computer to associate with
them according to your preference.
Make sure you turn o any routing or DHCP functionality in the remote repeater stations. All of this functio-•
nality should be performed in the main base station or the network’s main router.
WDS (Wireless Distribution System) only
From the Mode drop-down list, select WDS setting.
From the Channel Number drop-down list, select a Channel.
Click Next>>.
AP (Access Point) + WDS (Wireless Distribution System)
Access Point is used to congure the parameters for wireless LAN clients which may connect to your Access Point.
From the Mode drop-down list, select AP+WDS setting.
Enter SSID for example VoIP_Wireless.
From the Channel Number drop-down list, select a Channel.
Click Next>>.
Page 29
29
WLAN Router
Wireless Security Setup
This page allows you setup the wireless security. Turn on WEP or WPA by using Encryption Keys could prevent any
unauthorized access to your wireless network.
You can protect your wireless data from potential eavesdroppers by encrypting wireless data transmissions. An
eavesdropper might set up a compatible wireless adapter within range of your device and attempt to access your
network. Data encryption is the translation of data into a form that cannot be easily understood by unauthorized
users.
There are two methods of wireless security to choose from:
Wired Equivalent Privacy (WEP); data is encrypted into blocks of either 64 bits length or 128 bits length. The •
encrypted data can only be sent and received by users with access to a private network key. Each PC on your
wireless network must be manually congured with the same key as your device in order to allow wireless en-
crypted data transmissions. Eavesdroppers cannot access your network if they do not know your private key.
WEP is considered to be a low security option.
Wi-Fi Protected Access (WPA); provides a stronger data encryption method (called Temporal Key Integrity •
Protocol (TKIP)). It runs in a special, easy-to-set-up home mode called Pre-Shared Key (PSK) that allows you to
manually enter a pass phrase on all the devices in your wireless network. WPA data encryption is based on a
WPA master key. The master key is derived from the pass phrase and the network name (SSID) of the device.
To congure security, choose one of the following options:
If you do not want to use Wireless Network security, From the Encryption drop-down list, select None setting •
and then click Finished. None is the default setting, but you are strongly recommended to use wireless ne-
twork security on your device.
If you want to use WEP 64bit ASCII (5 characters) data encryption, follow the instructions in Conguring 64bit •
ASCII (5 characters) encryption.
Page 30
30
WLAN Router
If you want to use WEP 64bit Hex (10 characters) data encryption, follow the instructions in Conguring WEP •
64bit Hex (10 characters) security.
If you want to use WEP 128bit ASCII (5 characters) data encryption, follow the instructions in Conguring WEP •
128bit ASCII (5 characters) security.
If you want to use WEP 128bit Hex (10 characters) data encryption, follow the instructions in Conguring WEP •
128bit Hex (10 characters) security.
If you want to use WPA1 - Wi-Fi Protected Access 1 ( TKIP) Passphrase encryption, follow the instructions in •
Conguring WPA (TKIP) Passphrase security.
If you want to use WPA1 - Wi-Fi Protected Access 1 (TKIP) HEX (64 characters) encryption, follow the instruc-•
tions in Conguring WPA (TKIP) HEX (64 characters) security.
If you want to use WPA2 (AES) - Wi-Fi Protected Access 2 (AES) Passphrase encryption, follow the instructions •
in Conguring WPA2 (AES) Passphrase security.
If you want to use WPA2 (AES) - Wi-Fi Protected Access 2 (AES) HEX (64 characters) encryption, follow the in-•
structions in Conguring WPA2 (AES) HEX (64 characters) security.
If you want to use WPA2 Mixed- Wi-Fi Protected Access 2 (Mixed) Passphrase encryption, follow the instruc-•
tions in Conguring WPA2 (Mixed) Passphrase security.
If you want to use WPA2 Mixed- Wi-Fi Protected Access 2 (Mixed) HEX (64 characters) encryption, follow the •
instructions in Conguring WPA2 (Mixed) HEX (64 characters) security.
Conguring WEP 64bit ASCII (5 characters) security
The example set in this section is for 64bit encryption.
From the Encryption drop-down list, select WEP setting.
From the Key Length drop-down list, select 64-bit setting.
From the Key Format drop-down list, select ASCII (5 characters) setting.
From the Default Tx Key drop-down list, select Key 1, Key 2, Key 3 or Key 4 setting.
Type the Default Tx Key to Key 1, Key 2, Key 3, or Key 4. The Default Tx Key is realated to Encryption Key 1, Encryption
Key 2, Encryption Key 3 and Encryption Key 4.
Click Finished.
Page 31
31
WLAN Router
Change setting successfully! Please wait for a moment while rebooting.
Conguring WEP 64bit Hex (10 characters) security
The example set in this section is for 64bit encryption.
From the Encryption drop-down list, select WEP setting.
From the Key Length drop-down list, select 64-bit setting.
From the Key Format drop-down list, select Hex (10 characters) setting.
From the Default Tx Key drop-down list, select Key 1, Key 2, Key 3 or Key 4 setting.
Type the Default Tx Key to Key 1, Key 2, Key 3, or Key 4. The Default Tx Key is realated to Encryption Key 1, Encryption
Key 2, Encryption Key 3 and Encryption Key 4.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Conguring WEP 128bit ASCII (13 characters) security
The example set in this section is for 128bit encryption.
From the Encryption drop-down list, select WEP setting.
From the Key Length drop-down list, select 128-bit setting.
From the Key Format drop-down list, select ASCII (13 characters) setting.
From the Default Tx Key drop-down list, select Key 1, Key 2, Key 3 or Key 4 setting.
Type the Default Tx Key to Key 1, Key 2, Key 3, or Key 4. The Default Tx Key is realated to Encryption Key 1, Encryption
Key 2, Encryption Key 3 and Encryption Key 4.
Click Finished.
Page 32
32
WLAN Router
Change setting successfully! Please wait for a moment while rebooting.
Conguring WEP 128bit Hex (26 characters) security
The example set in this section is for 128bit encryption.
From the Encryption drop-down list, select WEP setting.
From the Key Length drop-down list, select 128-bit setting.
From the Key Format drop-down list, select Hex (26 characters) setting.
From the Default Tx Key drop-down list, select Key 1, Key 2, Key 3 or Key 4 setting.
Type the Default Tx Key to Key 1, Key 2, Key 3, or Key 4. The Default Tx Key is realated to Encryption Key 1, Encryption
Key 2, Encryption Key 3 and Encryption Key 4.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Page 33
33
WLAN Router
Conguring WPA (TKIP) Passphrase security
The example set in this section is for WPA (TKIP) Passphrase encryption.
From the Encryption drop-down list, select WPA (TKIP) setting.
From the Pre-Shared Key Format drop-down list, select Passphrase setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Conguring WPA (TKIP) HEX (64 characters) security
The example set in this section is for WPA (TKIP) HEX (64 characters) encryption.
From the Encryption drop-down list, select WPA (TKIP) setting.
From the Pre-Shared Key Format drop-down list, select HEX (64 characters) setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Page 34
34
WLAN Router
Conguring WPA2 (AES) Passphrase security
The example set in this section is for WPA2 (AES) Passphrase encryption.
From the Encryption drop-down list, select WPA2 (AES) setting.
From the Pre-Shared Key Format drop-down list, select Passphrase setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Conguring WPA2 (AES) HEX (64 characters) security
The example set in this section is for WPA2 (AES) HEX (64 characters) encryption.
From the Encryption drop-down list, select WPA2 (AES) setting.
From the Pre-Shared Key Format drop-down list, select HEX (64 characters) setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Page 35
35
WLAN Router
Conguring WPA2 (Mixed) Passphrase security
The example set in this section is for WPA2 (Mixed) Passphrase encryption.
The WPA2 (Mixed) Passphrase encryption supports both WPA (TKIP) and WPA2 (AES).
From the Encryption drop-down list, select WPA2 (Mixed) setting.
From the Pre-Shared Key Format drop-down list, select Passphrase setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Conguring WPA2 (Mixed) HEX (64 characters) security
The example set in this section is for WPA2 (Mixed) HEX (64 characters) encryption.
The WPA2 (Mixed) HEX (64 characters) encryption supports both WPA (TKIP) and WPA2 (AES).
From the Encryption drop-down list, select WPA2 (Mixed) setting.
From the Pre-Shared Key Format drop-down list, select HEX (64 characters) setting.
Type the Pre-Shared Key.
Click Finished.
Change setting successfully! Please wait for a moment while rebooting.
Page 36
36
WLAN Router
Operation Mode
This chapter describes how to congure the way that your device connects to the Internet. There are Three options
of Operation Mode: Gateway, Bridge and Wireless ISP.
Setting Operation Mode
To change the Operation Mode:
From the left-hand Operation Mode menu. The following page is displayed:
Click on the ratio of Gateway, Bridge or Wireless ISP and then click on Apply to active it.
Wireless Network
This chapter assumes that you have already set up your Wireless PCs and installed a compatible Wireless card on
your device. See Conguring Wireless PCs.
Basic Settings
The Wireless Network page allows you to congure the Wireless features of your device. To access the Wireless
Network Basic Settings page:
From the left-hand Wireless menu, click on Basic Settings. The following page is displayed:
Page 37
37
WLAN Router
Wireless Network page
Field
Description
Disable Wireless LAN Interface
Enable/Disable the Wireless LAN Interface. Default: Disable
Band
Specify the WLAN Mode to 802.11b/g Mixed mode, 802.11b mode or 802.11g mode
Mode
Congure the Wireless LAN Interface to AP, Client, WDS or WDS + AP mode
Network Type
Congure the Network Type to Infrastructure or Ad hoc.
Field
Description
Disable Wireless LAN Interface
Enable/Disable the Wireless LAN Interface. Default: Disable
Band
Specify the WLAN Mode to 802.11b/g Mixed mode, 802.11b mode or 802.11g mode
Mode
Congure the Wireless LAN Interface to AP, Client, WDS or WDS + AP mode
Network Type
Congure the Network Type to Infrastructure or Ad hoc.
SSID
Specify the network name. Each Wireless LAN network uses a unique Network Name to identify the network. This name is called the Service Set Identier (SSID). When you set up your wireless adapter, you specify the SSID. If you want to connect to an existing network, you must use the name for that network. If you are setting up your own network you can make up your own name and use it on each computer. The name can be up to 20 characters long and contain letters and numbers.
Channel Number
Choose a Channel Number from the pull-down menu.
Associated Clients
Show Active Wireless Client Table This table shows the MAC address, transmission, receiption packet counters and encryp­ted status for each associated wireless client.
Enable Mac Clone (Single Ethernet Client)
Enable Mac Clone (Single Ethernet Client)
Enable Universal Repeater Mode
Acting as AP and client simultaneously
SSID of Extended Interface
When mode is set to “AP” and URM (Universal Repeater Mode ) is enabled, user should in­put SSID of another AP in the eld of “SSID of Extended Interface”. Please note, the chan­nel number should be set to the one, used by another AP because 8186 will share the same channel between AP and URM interface (called as extended interface hereafter).
Advanced Settings
These settings are only for more technically advanced users who have a sucient knowledge about wireless LAN.
These settings should not be changed unless you know what eect the changes will have on your Access Point. To
access the Wireless Network Advanced Settings page:
From the left-hand Wireless menu, click on Advanced Settings. The following page is displayed:
Page 38
38
WLAN Router
Field
Description
Authentication Type
Congure the Authentication Type to Open System, Shared Key or Auto
Fragment Threshold
When transmitting a packet over a network medium, sometimes the packet is bro­ken into several segments, if the size of packet exceeds that allowed by the ne­twork medium. The Fragmentation Threshold denes the number of bytes used for the fragmenta­tion boundary for directed messages.
RTS Threshold
RTS stands for “Request to Send”. This parameter controls what size data packet the low level RF protocol issues to an RTS packet. The default is 2347.
Beacon Interval
Choosing beacon period for improved response time for wireless http clients.
Data Rate
Select the Data Rate from the drop-down list
Preamble Type
Specify the Preamble type is short preamble or long preamble
Broadcast SSID
Broadcast or Hide SSID to your Network. Default: Enabled
IAPP
Disable or Enable IAPP
802.11g Protection
A protection mechanism prevents collisions among 802.11g nodes.
WMM
Enable/disable the Wi-Fi Multimedia (WMM) support.
RF Output Power
TX Power measurement.
Turbo Mode
Congure the Turbo Mode to Auto, Always or O Note: „Always” may have compatibility issue. „Auto” will only work with Realtek pro­duct.
Security
This page allows you setup the wireless security. Turn on WEP or WPA by using Encryption Keys could prevent any
unauthorized access to your wireless network. To access the Wireless Network Security page:
From the left-hand Wireless menu, click on Security. The following page is displayed:
Page 39
39
WLAN Router
Field
Description
Encryption
Congure the Encryption to None, WEP, WPA , WPA2 or WPA Mixed
Set WEP Key
Congure the WEP Key
Use 802.1x Authentication
Use 802.1x Authentication by WEP 64bits or WEP 128bits
WPA Authentication Mode
Congure the WPA Authentication Mode to Enterprise (RADIUS) or Personal (Pre­Shared Key)
WPA Cipher Suite
Congure the WPA Cipher Suite to TKIP and/or AES
WPA2 Cipher Suite
Congure the WPA2 Cipher Suite to TKIP and/or AES
Pre-Shared Key Format
Congure the Pre-Shared Key Format to Passphrase or HEX (64 characters)
Field
Description
Pre-Shared Key
Type the Pre-Shared Key
Enable Pre-Authentication
According to some of the preferred embodiments, a method for proactively esta­blishing a security association between a mobile node in a visiting network and an authentication agent in another network to which the mobile node can move inclu­des: negotiating pre-authentication using a ag in a message header that indicates whether the communication is for establishing a pre-authentication security asso­ciation; and one of the mobile node and the authentication agent initiating pre-au­thentication by transmitting a message with the ag set in its message header, and the other of the mobile node and the authentication agent responding with the ag set in its message header only if it supports the pre-authentication. Enable/di­sable pre-authentication support. Default: disable.
Authentication RADIUS Server
Port: Type the port number of RADIUS Server IP address: Type the IP address of RADIUS Server Password: Type the Password of RADIUS Server
WEP + Encryption Key
WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one
end point to another. However, it has been found that WEP is not as secure as once believed.
From the Encryption drop-down list, select WEP setting.
Page 40
40
WLAN Router
Click Set WEP Key button.
Enter your user name and password. The rst time you log into the program, use these defaults:
User Name: admin
Password: administrator
From the Key Length drop-down list, select 64-bit or 128-bit setting.
From the Key Format drop-down list, select ASCII (5 characters), Hex (10 characters), ASCII (13 characters) or Hex
(26 characters) setting.
From the Default Tx Key drop-down list, select a key is used for encryption.
Enter the Encryption Key value depending on selected ASCII or Hexadecimal.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
Page 41
41
WLAN Router
WEP + Use 802.1x Authentication
WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one
end point to another. However, it has been found that WEP is not as secure as once believed.
From the Encryption drop-down list, select WEP setting.
Check the option of Use 802.1x Authentication.
Click on the ratio of WEP 64bits or WEP 128bits.
Enter the Port, IP Address and Password of RADIUS Server:
Click OK button.
Change setting successfully! Click on OK button to conrm and return.
WPA/WPA2/WPA2 Mixed + Personal (Pre-Shared Key)
Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless (Wi-Fi)
computer networks. WPA is designed to work with all wireless network interface cards, but not necessarily with rst
generation wireless access points. WPA2 implements the full standard, but will not work with some older network
cards. Both provide good security, with two signicant issues:
Either WPA or WPA2 must be enabled and chosen in preference to WEP. WEP is usually presented as the rst security
choice in most installation instructions.
In the “Personal” mode, the most likely choice for homes and small oces, a pass phrase is required that, for full se-
curity, must be longer than the typical 6 to 8 character passwords users are taught to employ.
From the Encryption drop-down list, select WPA, WPA2 or WPA2 Mixed setting.
Page 42
42
WLAN Router
Click on the ratio of Personal (Pre-Shared Key).
Check the option of TKIP and/or AES in WPA Cipher Suite if your Encryption is WPA:
Check the option of TKIP and/or AES in WPA2 Cipher Suite if your Encryption is WPA2:
Check the option of TKIP and/or AES in WPA/WPA2 Cipher Suite if your Encryption is WPA2 Mixed:
From the Pre-Shared Key Format drop-down list, select Passphrase or Hex (64 characters) setting.
Enter the Pre-Shared Key depending on selected Passphrase or Hex (64 characters).
Click on Apply Changes button to conrm and return.
Change setting successfully! Click on OK button to conrm and return.
WPA/WPA2/WPA2 Mixed + Enterprise (RADIUS)
Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless (Wi-Fi) computer networks. WPA is
designed to work with all wireless network interface cards, but not necessarily with rst generation wireless access
points. WPA2 implements the full standard, but will not work with some older network cards. Both provide good
security, with two signicant issues:
Either WPA or WPA2 must be enabled and chosen in preference to WEP. WEP is usually presented as the rst security
choice in most installation instructions.
Page 43
43
WLAN Router
In the “Personal” mode, the most likely choice for homes and small oces, a pass phrase is required that, for full se-
curity, must be longer than the typical 6 to 8 character passwords users are taught to employ.
From the Encryption drop-down list, select WPA, WPA2 or WPA2 Mixed setting.
Click on the ratio of Enterprise (RADIUS).
Check the option of TKIP and/or AES in WPA Cipher Suite if your Encryption is WPA:
Check the option of TKIP and/or AES in WPA2 Cipher Suite if your Encryption is WPA2:
Check the option of TKIP and/or AES in WPA/WPA2 Cipher Suite if your Encryption is WPA2 Mixed:
Enter the Port, IP Address and Password of RADIUS Server:
Click OK button.
Change setting successfully! Click on OK button to conrm and return.
Page 44
44
WLAN Router
Access Control
For security reason, using MAC ACL’s (MAC Address Access List) creates another level of diculty to hacking a ne-
twork. A MAC ACL is created and distributed to AP so that only authorized NIC’s can connect to the network. While
MAC address spoong is a proven means to hacking a network this can be used in conjunction with additional secu-
rity measures to increase the level of complexity of the network security decreasing the chance of a breach.
MAC addresses can be add/delete/edit from the ACL list depending on the MAC Access Policy.
If you choose ‘Allowed Listed’, only those clients whose wireless MAC addresses are in the access control list will be
able to connect to your Access Point. When ‘Deny Listed’ is selected, these wireless clients on the list will not be able
to connect the Access Point. To access the Wireless Network Access Control page:
From the left-hand Wireless menu, click on Access Control. The following page is displayed:
Allow Listed
If you choose ‘Allowed Listed’, only those clients whose wireless MAC addresses are in the access control list will be
able to connect to your Access Point.
From the Wireless Access Control Mode drop-down list, select Allowed Listed setting.
Enter the MAC Address.
Enter the Comment.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
The MAC Address that you created has been added in the Current Access Control List.
Page 45
45
WLAN Router
Deny Listed
When ‘Deny Listed’ is selected, these wireless clients on the list will not be able to connect the Access Point.
From the Wireless Access Control Mode drop-down list, select Deny Listed setting.
Enter the MAC Address.
Enter the Comment.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
The MAC Address that you created has been added in the Current Access Control List.
WDS settings
Wireless Distribution System uses wireless media to communicate with other APs, like the Ethernet does. To do this,
you must set these APs in the same channel and set MAC address of other APs which you want to communicate with
in the table and then enable the WDS. To access the Wireless Network WDS settings page:
From the left-hand Wireless menu, click on WDS settings. The following page is displayed:
Page 46
46
WLAN Router
Congure WDS (Wireless Distribution System) only
From the left-hand Wireless menu, click on Basic Settings.
From the Mode drop-down list, select WDS.
From the Channel Number drop-down list, select a Channel.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
From the left-hand Wireless menu, click on WDS settings.
Check on the option Enable WDS.
Enter the MAC Address.
Enter the Comment.
Click the Set Security.
This page allows you setup the wireless security for WDS. When enabled, you must make sure each WDS device has
adopted the same encryption algorithm and Key.
Congure each eld with the Encryption that you selected.
Page 47
47
WLAN Router
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
Click Close button to close and exit the WDS Security Setup.
Click Apply Changes button.
Page 48
48
WLAN Router
Change setting successfully! Click on OK button to conrm and return.
The MAC Address that you created has been added in the Current Access Control List.
Congure AP (Access Point) + WDS (Wireless Distribution System)
From the left-hand Wireless menu, click on Basic Settings.
From the Mode drop-down list, select AP+WDS.
Enter SSID for example AP_Router.
From the Channel Number drop-down list, select a Channel.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
From the left-hand Wireless menu, click on WDS settings.
Check on the option Enable WDS.
Enter the MAC Address.
Enter the Comment.
Page 49
49
WLAN Router
Click the Set Security.
This page allows you setup the wireless security for WDS. When enabled, you must make sure each WDS device has
adopted the same encryption algorithm and Key.
Congure each eld with the Encryption that you selected.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
Click Close button to close and exit the WDS Security Setup.
Page 50
50
WLAN Router
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
The MAC Address that you created has been added in the Current Access Control List.
Site Survey
This page provides tool to scan the wireless network. If any Access Point or IBSS is found, you could choose to con-
nect it manually when client mode is enabled. To access the Wireless Network WDS settings page:
From the left-hand Wireless menu, click on Site Survey. The following page is displayed:
Congure Wireless ISP + Wireless client + Site Survey
From the left-hand Operation Mode menu, click on Wireless ISP Settings.
Click Apply Changes button.
Page 51
51
WLAN Router
Change setting successfully! Click on OK button to conrm and return.
From the left-hand Wireless menu, click on Basic Settings.
From the Mode drop-down list, select Client.
Enter SSID of the AP that you want to connect to for example AP_Router. If you don’t know what the SSID of the AP
that you want to connect to, please skip this step.
Click Apply Changes button.
Change setting successfully! Click on OK button to conrm and return.
Page 52
52
WLAN Router
From the left-hand Wireless menu, click on Site Survey.
Click Refresh button.
Now you could see the APs that scanned by the Wireless Gateway were listed below.
Click on the ratio of AP’s SSID under the item Select that you want the Wireless Gateway to connect to.
Click Connect button.
Connect successfully! Click on OK button to conrm and return.
Page 53
53
WLAN Router
WPS
This page allows you to change the setting for WPS (Wi-Fi Protected Setup). Using this feature could let your wire-
less client automatically syncronize its setting and connect to the Access Point in a minute without any hassle. To
access the Wireless Network WPS page:
From the left-hand Wireless menu, click on WPS. The following page is displayed:
Field
Description
Disable WPS
Checking this box and clicking “Apply Changes” will disable Wi-Fi Protected Setup. WPS is turned on by default.
WPS Status
When AP’s settings are factory default (out of box), it is set to open securi­ty and un-congured state. It will be displayed by “WPS Status”. If it already shows “Congured”, some registrars such as Vista WCN will not congure AP. Users will need to go to the “Save/Reload Settings” page and click “Reset” to reload factory default settings.
Self-PIN Number
“Self-PIN Number” is AP’s PIN. Whenever users want to change AP’s PIN, they could click “Regenerate PIN” and then click “ Apply Changes”. Moreover, if users want to make their own PIN, they could enter four digit PIN without checksum and then click “ Apply Changes”. However, this would not be re­commended since the registrar side needs to be supported with four digit PIN.
Push Button Conguration
Clicking this button will invoke the PBC method of WPS. It is only used when AP acts as a registrar.
Field
Description
Apply Changes
Whenever users want to enable/disable WPS or change AP’s PIN, they need to apply this button to commit changes.
Reset
It restores the original values of “Self-PIN Number” and “Client PIN Number”.
Client PIN Number
It is only used when users want their station to join AP’s network. The length of PIN is limited to four or eight numeric digits. If users enter eight digit PIN with checksum error, there will be a warning message popping up. If users insist on this PIN, AP will take it.
Introduction of WPS
Although home Wi-Fi networks have become more and more popular, users still have trouble with the initial set up
of network. This obstacle forces users to use the open security and increases the risk of eavesdropping. Therefore,
WPS is designed to ease set up of security-enabled Wi-Fi networks and subsequently network management (Wi-Fi
Protected Setup Specication 1.0h.pdf, p. 8).
The largest dierence between WPS-enabled devices and legacy devices is that users do not need the knowledge abo-
ut SSID, channel and security settings, but they could still surf in a security-enabled Wi-Fi network. For examples, in the
initial network set up, if users want to use the PIN conguration, the only thing they need to do is entering the device
Page 54
54
WLAN Router
PIN into registrar, starting the PIN method on that device and simply wait until the device joins the network. After the
PIN method is started on both sides, a registration protocol will be initiated between the registrar and the enrollee.
Typically, a registrar could be an access point or other device that is capable of managing the network. An enrollee co-
uld be an access point or a station that will join the network. After the registration protocol has been done, the enrollee
will receive SSID and security settings from the registrar and then join the network. In other words; if a station attempts
to join a network managed by an access point with built-in internal registrar, users will need to enter station’s PIN into
the web page of that access point. If the device PIN is correct and valid and users start PIN on station, the access point
and the station will automatically exchange the encrypted information of the network settings under the management
of AP’s internal registrar. The station then uses this information to perform authentication algorithm, join the secure ne-
twork, and transmit data with the encryption algorithm. More details will be demonstrated in the following sections.
Supported WPS features
Currently, Wireless Gateway supports WPS features for AP mode, AP+WDS mode, Infrastructure-Client mode, and
the wireless root interface of Universal Repeater mode.
Other modes such as WDS mode, Infrastructure-Adhoc mode, and the wireless virtual interface of Universal Repeater
mode are not implemented with WPS features.
If those unsupported modes are enforced by users, WPS will be disabled. Under the conguration of every WPS-
supported mode, Wireless Gateway has Push Button method and PIN method. For each method, Wireless Gateway
oers dierent security levels included in network credential, such as open security, WEP 64 bits, WEP 128 bits, WPA-
Personal TKIP, WPA-Personal AES, WPA2-Personal TKIP, and WPA2-Personal AES. Users could choose either one of the
methods at their convenience.
AP mode
For AP mode, Wireless Gateway supports three roles, registrar, proxy, and enrollee in registration protocol. At die-
rent scenarios, Wireless Gateway will automatically switch to an appropriate role depending on the other device’s
role or a specic conguration.
AP as Enrollee
If users know AP’s PIN and enter it into external registrar, the external registrar will congure AP with a new wireless
prole such as new SSID and new security settings. The external registrar does this job either utilizing the in-band
EAP (wireless) or out-of-band UPnP (Ethernet). During the WPS handshake, a wireless prole is encrypted and trans-
mitted to AP. If the handshake is successfully done, AP will be re-initialized with the new wireless prole and wait for
legacy stations or WPS stations to join its network.
AP as Registrar
Wireless Gateway also has a built-in internal registrar. Whenever users enter station’s PIN into AP’s webpage, click
“Start PBC”, or push the physical button, AP will switch to registrar automatically. If users apply the same method on
station side and the WPS handshake is successfully done, SSID and security settings will be transmitted to that sta-
tion without the risk of eavesdropping. And then the station will associate with AP in a security-enabled network.
AP as Proxy
At this state, AP is transparent to users. If users want to congure a station or any device that is capable of being an
enrollee, they have to enter device’s PIN into an external registrar and choose an appropriate wireless prole. After
Page 55
55
WLAN Router
the PIN is entered, the external registrar will inform AP this event. AP then conveys the encrypted wireless prole
between the device and the external registrar. Finally, the device will use the wireless prole and associate with AP.
However, the device may connect to other APs if the wireless prole does not belong to the proxy AP. Users must
carefully choose the wireless prole or create a wireless prole on an external registrar.
Infrastructure-Client mode
In Infrastructure-Client mode, Wireless Gateway only supports enrollee’s role. If users click “Start PIN”, click “Start
PBC”, or press the physical button on Wireless Gateway, it will start to seek WPS AP. Once users apply the same me-
thod on registrar side, Wireless Gateway will receive the wireless prole upon successfully doing the registration
protocol. Then Wireless Gateway will associate with an AP.
Instructions of AP’s and Client’s operations
At this state, AP is transparent to users. If users want to congure a station or any device that is capable of being an
enrollee, they have to enter device’s PIN into an external registrar and choose an appropriate wireless prole. After
the PIN is entered, the external registrar will inform AP this event. AP then conveys the encrypted wireless prole
between the device and the external registrar. Finally, the device will use the wireless prole and associate with AP.
However, the device may connect to other APs if the wireless prole does not belong to the proxy AP. Users must
carefully choose the wireless prole or create a wireless prole on an external registrar.
Wireless Advanced Settings page
Users need to make sure the “Broadcast SSID” le is set to “Enabled”. Otherwise, it might prevent WPS from working
properly.
Page 56
56
WLAN Router
Operations of AP - AP being an enrollee
In this case, AP will be congured by any registrar either through in-band EAP or UPnP. Here, users do not need to
do any action on AP side. They just need AP’s device PIN and enter it into registrar. An example from Vista WCN will
be given.
From the left-hand Wireless -> WPS menu. The following page is displayed:
Make sure AP is in un-congured state.
Plug the Ethernet cable into AP’s LAN port and make sure the IP connection is valid with Vista.
Make sure WCN is enabled. Users may need to enable it at the rst time. They could open the “Control Panel”,
click “Classic View“, open “Administrative Tools”, double click “Services”, ”, a User Account Control pop up and click
“Continue“, edit properties of “Windows Connect Now”, choose the “Startup type” with “Automatic” and click “Start”.
If the previous steps are done, open Windows Explorer. Go to the Network section.
Click on “Network discovery and le sharing are turned o. Network computers and devices are not visible. Click to
Change…“
Page 57
57
WLAN Router
Click on “Turn on network discovery and le sharing“
Click on “No, make the network that I am connected to a private network“
Page 58
58
WLAN Router
AP’s icon will show up. Double click on it.
AP’s icon will show up. Double click on it.
Users could also Click “Add a wireless device” if the icon is not there. Click “next”.
Page 59
59
WLAN Router
Enter AP’s Self-PIN Number and click “next”.
Choose a name that people who connect to your network will recognize.
Enter the Passphrase and then click Next.
Page 60
60
WLAN Router
A User Account Control screen pops up, click Continue.
AP is successfully congured by WCN.
Finally, AP will become congured (see WPS Status). The authentication algorithm, encryption algorithm, and key
assigned by WCN will be displayed below “Current Key Info”.
The SSID eld of Wireless Basic Settings page will also be modied with the value assigned by WCN.
Page 61
61
WLAN Router
If users try to modify the SSID at this moment, there will be a warning message popping up that informs the risk of
this action. The reason is that users may not know whether the SSID is already given to a station. Changing the SSID
will result in the link between AP and stations to be broken. If users insist on this action, AP will take their decision.
The security settings on the Wireless Security Page will be modied by WCN, too. The warning message will show up
if users try to modify the security settings. The reason is the same as we explained in the previous section.
Operations of AP - AP being a registrar
AP mode
Whenever users enter station’s PIN into AP’s Wi-Fi Protected Setup page and click “Start PIN”, AP will become a regi-
strar. Users must start the PIN method on the station side within two minutes.
From the left-hand Wireless -> WPS menu. The following page is displayed:
Make sure AP is in un-congured state.
Enter the Client PIN Number.
Click Start PIN.
Page 62
62
WLAN Router
Users must start the PIN method on the station side within two minutes.
Users must start the PIN method on the station side within two minutes.
If the device PIN is correct and the WPS handshake is successfully done on the station side, User’s Wi-Fi Protected
status will be shown as below.
Page 63
63
WLAN Router
If the device PIN is correct and the WPS handshake is successfully done, AP’s Wi-Fi Protected Setup page will be
shown as below.
Other pages such as Wireless Basic Settings page and Wireless Security Setup page will also be updated appropriately as
described in previous sections. In this case, AP is in un-congured state before the station initiates the WPS handshake.
According to the WPS spec, AP will create a wireless prole with WPA2-mixed mode and a random-generated key upon
successfully doing the WPS handshake. However, AP will use the original wireless prole and give it to the station if AP is
already in congured state. That means all settings of AP will not change. Hence, all WPS related pages keep the same.
Push Button method
Wireless Gateway supports a virtual button “Start PBC” on the Wi-Fi Protected Setup page for Push Button method. If
users push a virtual button “Start PBC”, AP will initiate a WPS session and wait for any station to join. At this moment,
AP will detect whether there is more than one station that starts the PBC method. When multiple PBC sessions oc-
cur, users should try PIN method.
After users push AP’s virtual button “Start PBC”, they must go to station side to push its button within two minutes.
If the WPS is successfully done, AP will give its wireless prole to that station. The station could use this prole to
associate with AP.
From the left-hand Wireless -> WPS menu. The following page is displayed:
Make sure AP is in un-congured state.
Click Start PBC.
Page 64
64
WLAN Router
Users must start the PBC method on the station side within two minutes.
Users must start the PBC method on the station side within two minutes.
If the device PCB and the WPS handshake is successfully done on the station side, User’s Wi-Fi Protected status will
be shown as below.
If the device PIN is correct and the WPS handshake is successfully done, AP’s Wi-Fi Protected Setup page will be
shown as below.
Page 65
65
WLAN Router
Other pages such as Wireless Basic Settings page and Wireless Security Setup page will also be updated appropria-
tely as described in previous sections. In this case, AP is in un-congured state before the station initiates the WPS
handshake. According to the WPS spec, AP will create a wireless prole with WPA2-mixed mode and a random-ge-
nerated key upon successfully doing the WPS handshake. However, AP will use the original wireless prole and give
it to the station if AP is already in congured state. That means all settings of AP will not change. Hence, all WPS re-
lated pages keep the same.
Warning pop-up windows of AP
When users try to operate on AP not appropriately, AP will give a warning message to them. All kinds of pop-up win-
dows will be demonstrated in this section.
Un-supported mode in WPS
If users select any mode that is not supported with WPS, there will be a pop-up warning window as the following. If
users click “Yes”, WPS will be disabled.
Page 66
66
WLAN Router
Un-supported security in WPS
If users try to select an unsupported type of security such as RADIUS support, a warning message will be given. If
users enforce this security, WPS will be disabled. Please see below.
LAN Interface
This chapter is to congure the parameters for local area network which connects to the LAN port of your Access
Point. Here you may change the setting for IP address, subnet mask, DHCP, etc...
Note
You should only change the addressing details if your ISP asks you to, or if you are familiar with network con­guration. In most cases, you will not need to make any changes to this conguration.
LAN Interface Setup
To check the conguration of LAN Interface:
From the left-hand Network Settings -> LAN Interface menu. The following page is displayed:
Page 67
67
WLAN Router
Field Description
IP Address
The LAN IP address Default: 10.0.0.2
Subnet Mask
The LAN netmask Default: 255.255.255.0
Default Gateway
The LAN Gateway Default: 0.0.0.0
DHCP
DHCP Type: Disable, DHCP Client or Server Default: DHCP Server
DHCP Client Range
Specify the starting/ending IP address of the IP address pool. Default Start IP: 10.0.0.100 Default Ending IP: 10.0.0.200
Show Client
DHCP client computers/devices connected to the device will have their in­formation displayed in the DHCP Client List table. The table will show the IP Address, MAC Address, and Expired Time of the DHCP lease for each client computer/device.
Domain Name
A domain name is a user-friendly name used in place of its associated IP ad­dress. Domain names must be unique; their assignment is controlled by the Internet Corporation for Assigned Names and Numbers (ICANN). Domain na­mes are a key element of URLs, which identify a specic le at a web site.
802.1d Spanning Tree Enable or Disable Spanning Tree
Clone MAC Address
MAC Spoong on LAN Default: 000000000000
Changing the LAN IP address and subnet mask
To check the conguration of LAN Interface:
From the left-hand Network Settings -> LAN Interface menu. The following page is displayed:
Type IP Address and Change default LAN port IP address.
Click in the IP Address and Subnet Mask box and type a new IP Address and Subnet Mask.
Change the default DHCP Client Range.
Click Apply Changes.
Page 68
68
WLAN Router
The primary IP address is being changed to 192.168.2.2 netmask 255.255.255.0. Please go to http://192.168.2.2 to
continue. Your browser communicates with the web server via the LAN connection, and changing the IP address
may disrupt this.
You may also need to renew your DHCP lease:
Windows 95/98
a. Select Run... from the Start menu.
b. Enter winipcfg and click OK.
c. Select your ethernet adaptor from the pull-down menu
d. Click Release All and then Renew All.
e. Exit the winipcfg dialog.
Windows NT/Windows 2000/Windows XP
a. Bring up a command window.
b. Type ipcong /release in the command window.
c. Type ipcong /renew.
d. Type exit to close the command window.
Linux
a. Bring up a shell.
b. Type pump -r to release the lease.
c. Type pump to renew the lease.
Note
If you change the LAN IP address of the device while connected through your Web browser, you will be discon­nected. You must open a new connection by entering your new LAN IP address as the URL.
Page 69
69
WLAN Router
Show Client
To the IP Address, MAC Address, and Expired Time of the DHCP lease for each client computer/device:
From the left-hand Network Settings -> LAN Interface menu. The following page is displayed:
Click on Show Client button. The following page is displayed:
WAN Interface
This chapter describes how to congure the way that your device connects to the Internet. Your ISP determines
what type of Internet access you should use and provides you with any information that you need in order to con-
gure the Internet access to your device.
Wireless Gateway supports four methods of obtaining the WAN IP address:
Option
Description
Static IP
Choose this option if you are a leased line user with a xed IP address.
DHCP Client
Choose this option if you are connected to the Internet through a Cable modem line.
PPPoE
Choose this option if you are connected to the Internet through a DSL line
Page 70
70
WLAN Router
From the left-hand Network Settings -> WAN Interface menu. The following page is displayed:
Option
Description
WAN Access Type
Static IP
Choose this option if you are a leased line user with a xed IP ad­dress.
DHCP Client
Choose this option if you are connected to the Internet through a Cable modem line.
PPPoE
Choose this option if you are connected to the Internet through a DSL line
Host Name
The name of the DHCP host
IP Address
Check with your ISP provider
Subnet Mask
Check with your ISP provider
Default Gateway
Check with your ISP provider
User Name
User name for PPPoE registration recognized by the Internet se­rvice provider
Password
Password for PPPoE registration recognized by the Internet servi­ce provider
Service Name
Service Name for PPPoE registration recognized by the Internet service provider
Connection Type
Continuous
The connection is always on
Connect on Demand
Enter the minutes after which the session must be disconnected, if no activity takes place
Manual
Manually connect
Idle Time
Enter the minutes after which the session must be disconnected
WAN Physical
Dynamic IP or Static IP for PPP Connection
MTU Size
Specify the network MTU rate
Attain DNS Automatically
Obtain DNS server address automatically
DNS 1 (Primary DNS Server)
Check with your ISP provider
DNS 2 (Secondary DNS Server)
Check with your ISP provider
DNS 3 (Third DNS Server)
Check with your ISP provider
Clone MAC Address
Clone MAC lets the device identify itself as another computer or device
Page 71
71
WLAN Router
Option
Description
Enable uPNP
Enable or Disable uPNP
Enable Ping Access on WAN
Enable or Disable Ping Access on WAN
Enable Web Server Access on WAN
Enable or Disable Web Server Access on WAN
Enable IPsec pass through on VPN connection
Enable or Disable IPsec pass through on VPN connection
Enable PPTP pass through on VPN connection
Enable or Disable PPTP pass through on VPN connection
Enable L2TP pass through on VPN connection
Enable or Disable L2TP pass through on VPN connection
Conguring Static IP connection
If you are a leased line user with a xed IP address, enter in the IP address, subnet mask, gateway address, and DNS
(domain name server) address(es) provided to you by your ISP.
If your ISP wants you to connect to the Internet using Static IP, follow the instructions below.
From the left-hand Network Settings -> WAN Interface menu. The following page is displayed:
From the WAN Access Type drop-down list, select Static IP setting.
Enter WAN IP Address, WAN Subnet Mask, Default Gateway and DNS which was given by Telecom or by your Internet
Service Provider (ISP).
Click Apply Changes.
Click OK.
From the left-hand Management -> Status menu. The following page is displayed:
If you could see the Attain IP Protocol is shown Fixed IP, you can have the Internet Access right now.
Page 72
72
WLAN Router
Page 73
73
WLAN Router
Conguring DHCP Client connection
Dynamic Host Conguration Protocol (DHCP), Dynamic IP (Get WAN IP Address automatically). If you are connected
to the Internet through a Cable modem line, then a dynamic IP will be assigned.
If your ISP wants you to connect to the Internet using DHCP Client, follow the instructions below.
From the left-hand Network Settings -> WAN Interface menu. The following page is displayed:
From the WAN Access Type drop-down list, select DHCP Client setting.
Click Apply Changes.
Click OK.
From the left-hand Management -> Status menu. The following page is displayed:
If you could see the Attain IP Protocol is shown DHCP, you can have the Internet Access right now.
Page 74
74
WLAN Router
Page 75
75
WLAN Router
Conguring PPPoE connection
If your ISP’s Internet service uses PPPoE you need to set up a PPP login account. The rst time that you login to the
Internet, your ISP will ask you to enter a username and password so they can check that you are a legitimate, regi-
stered Internet service user. Your device stores these authentication details, so you will not have to enter this user-
name and password every time you login.
If your ISP wants you to connect to the Internet using PPP, follow the instructions below.
From the left-hand Network Settings -> WAN Interface menu. The following page is displayed:
From the WAN Access Type drop-down list, select PPPoE setting.
Enter User Name/Password provided by your ISP. Type them in the relevant boxes.
Click Apply Changes.
Click OK.
Page 76
76
WLAN Router
From the left-hand Management -> Status menu. The following page is displayed:
If you could see the Attain IP Protocol is shown PPPoE Connected, you can have the Internet Access right now.
Page 77
77
WLAN Router
Clone MAC Address
Some particularly ISPs do not want you to have a home network and have a DSL/Cable modem that allows only 1
MAC to talk on the internet. If you change network cards, you have to call them up to change the MAC. The Wireless
Gateway can it’s MAC to computer’s one that was originally set up for such an ISP.
This page allows you to enable or disable Clone MAC Address option.
From the left-hand Network Settings -> WAN Interface menu. The following page is displayed:
Enter the MAC for example 0123456789ab that you want to be instead of in the Clone MAC Address eld.
If you enter 12 digits of 0 in the Clone MAC Address eld, it’ll disable Clone MAC Address function.
Click Apply Changes.
Click OK.
Page 78
78
WLAN Router
From the left-hand Management -> Status menu. The following page is displayed:
If you could see the WAN Conguration -> MAC Address is changed to the one that you congured.
Page 79
79
WLAN Router
Port Filtering
Entries in Current Filter Table are used to restrict certain ports and types of data packets from your local network to
Internet through the Gateway. Use of such lters can be helpful in securing or restricting your local network.
From the left-hand Firewall -> Port Filtering menu. The following page is displayed:
Option
Description
Enable Port Filtering
Enable/Disable the WAN packet lter. Default setting is Disable.
Port Range
Enter the port range to be ltered for both Outbound and Inbound packet
Protocol
Select the Protocol to be ltered for both Outbound and Inbound packet Both: To lter both TCP and UDP protocol TCP: To lter only TCP protocol UDP: lter only UDP protocol
Comment
Fill in the note for manager what the purpose of certain port ltering rule
Current Filter Table
The Port Filters that was created is listed here
Note
You must ensure that the single port or range specied does not overlap with a port or range for an existing common or custom application. Check the common port ranges listed in Conguring NAT Security.
Port ltering for TCP port 80
Please follow example below to deny the TCP port 80 for both Outbound and Inbound packet.
From the left-hand Firewall -> Port Filtering menu. The following page is displayed:
Page 80
80
WLAN Router
Check the option Enable Port Filtering to enable the port ltering.
Enter 80 and 80 in Port Range eld.
From the Protocol drop-down list, select TCP setting.
Enter HTTP in Comment eld.
Click Apply Changes.
Now the port lter that you created has been added and listed in the Current Filter Table.
Now the TCP port for both Outbound and Inbound packet has been denied.
Now you cannot visit any web site due to the TCP port 80 has been blocked by the Port Filtering rule that created.
Port ltering for UDP port 53
Please follow example below to deny the UDP port 53 for both Outbound and Inbound packet.
From the left-hand Firewall -> Port Filtering menu. The following page is displayed:
Check the option Enable Port Filtering to enable the port ltering.
Enter 53 and 53 in Port Range eld.
From the Protocol drop-down list, select UDP setting.
Enter DNS Resolve in Comment eld.
Click Apply Changes.
Now the port lter that you created has been added and listed in the Current Filter Table.
Page 81
81
WLAN Router
Now the UDP port 80 for both Outbound and Inbound packet has been denied.
Now you cannot visit any web site by domain due to the UDP port 53 has been blocked by the Port Filtering rule
that created.
You can enter the IP Address of that web site to visit.
IP Filtering
Entries in this table are used to restrict certain types of data packets from your local network to Internet through the
Gateway. Use of such lters can be helpful in securing or restricting your local network.
The IP lter feature enables you to create rules that control the forwarding of incoming and outgoing data betwe-
en the LAN and WAN side.
You can create IP lter rules to block attempts by certain computers on your LAN to access certain types of data or
Internet locations. You can also block accesses to your LAN computers from the WAN side.
When you dene an IP lter rule and enable the feature, you instruct the ADSL/Ethernet router to examine data
packets to determine whether they meet criteria set forth in the rule. The criteria can include the network or in-
ternet protocol, the packet carries, the direction in which it is traveling (for example, from the LAN to the WAN and
vice versa).
If the packet matches the criteria established in a rule, the packet can either be accepted (forwarded towards its de-
stination), or denied (discarded), depending on the action specied in the rule.
The IP Filter Conguration page provides the capability to enable/disable the IP lter feature and the IP Filter rule
entries for all currently established rules.
From the left-hand Firewall -> IP Filtering menu. The following page is displayed:
Page 82
82
WLAN Router
IP ltering for TCP with specied IP
Please follow example below to deny the TCP protocol for specied IP.
From the left-hand Firewall -> IP Filtering menu. The following page is displayed:
Check the option Enable IP Filtering to enable the IP Filtering.
Enter the IP Address that you want to be denied in Loal IP Address eld.
From the Protocol drop-down list, select TCP setting.
Enter any comment in Comment eld.
Click Apply Changes.
Now the IP Filter that you created has been added and listed in the Current Filter Table.
Now the TCP protocol for both Outbound and Inbound packet has been denied.
Now The Local IP Address for example 10.0.0.102 that listed in the Current Filter Table cannot visit any application
that use TCP protocol for example web site due to the Protocol TCP has been blocked by the IP Filtering rule that
created.
Page 83
83
WLAN Router
IP ltering for UDP with specied IP
Please follow example below to deny the UDP protocol for specied IP.
From the left-hand Firewall -> IP Filtering menu. The following page is displayed:
Check the option Enable IP Filtering to enable the IP Filtering.
Enter the IP Address that you want to be denied in Loal IP Address eld.
From the Protocol drop-down list, select UDP setting.
Enter any comment in Comment eld.
Click Apply Changes.
Now the IP Filter that you created has been added and listed in the Current Filter Table.
Now the UDP protocol for both Outbound and Inbound packet has been denied.
Now The Local IP Address for example 10.0.0.102 that listed in the Current Filter Table cannot visit any application
that use UDP protocol for example TFTP Service due to the Protocol UDP has been blocked by the IP Filtering rule
that created.
Page 84
84
WLAN Router
IP ltering for both TCP and UDP with specied IP
Please follow example below to deny the both TCP and UDP protocol for specied IP.
From the left-hand Firewall -> IP Filtering menu. The following page is displayed:
Check the option Enable IP Filtering to enable the IP Filtering.
Enter the IP Address that you want to be denied in Loal IP Address eld.
From the Protocol drop-down list, select Both setting.
Enter any comment in Comment eld.
Click Apply Changes.
Now the IP Filter that you created has been added and listed in the Current Filter Table.
Now the TCP and UDP protocol for both Outbound and Inbound packet has been denied.
Page 85
85
WLAN Router
MAC Filtering
Entries in this table are used to restrict certain types of data packets from your local network to Internet through the
Wireless Gateway. Use of such lters can be helpful in securing or restricting your local network.
From the left-hand Firewall -> MAC Filtering menu. The following page is displayed:
MAC ltering for specied MAC Address
Please follow example below to deny the specied MAC Address has the Internet Access.
From the left-hand Firewall -> MAC Filtering menu. The following page is displayed:
Check the option Enable MAC Filtering to enable the MAC Filtering.
Enter the MAC Address that you want to be denied in MAC Address eld.
Enter any comment in Comment eld.
Click Apply Changes.
Page 86
86
WLAN Router
Now the MAC Filter that you created has been added and listed in the Current Filter Table.
Now the MAC Address in the Current Filter Table cannot have the Internet Access.
Port Forwarding
Entries in this table allow you to automatically redirect common network services to a specic machine behind the
NAT rewall. These settings are only necessary if you wish to host some sort of server like a web server or mail server
on the private local network behind your Gateway’s NAT rewall.
Your device has built in advanced Security features that protect your network by blocking unwanted trac from
the Internet.
If you simply want to connect from your local network to the Internet, you do not need to make any changes to
the default Security conguration. You only need to edit the conguration if you wish to do one or both of the fol-
lowing:
allow Internet users to browse the user pages on your local network (for example, by providing an FTP or •
HTTP server)
play certain games which require accessibility from the Internet•
This chapter describes how to congure Security to suit the needs of your network.
By default, the IP addresses of your LAN PCs are hidden from the Internet. All data sent from your LAN PCs to a PC
on the Internet appears to come from the IP address of your device.
In this way, details about your LAN PCs remain private. This security feature is called Port Forwarding.
From the left-hand Firewall -> Port Forwarding menu. The following page is displayed:
Page 87
87
WLAN Router
Port Forwarding for TCP with specied IP
Please follow example below to congure the Port Forwarding to Specied IP with TCP.
From the left-hand Firewall -> Port Forwarding menu. The following page is displayed:
Check the option Enable Port Forwarding to enable the Enable Port Forwarding.
Enter the IP Address that the port you want to be forwarded in IP Address eld.
From the Protocol drop-down list, select TCP setting.
Enter any comment in Comment eld.
Click Apply Changes.
Now the IP Address and port range that you created has been added and listed in the Current Filter Table.
Now the port range of the IP Address in the Current Filter Table can be access from Internet by TCP protocol.
Page 88
88
WLAN Router
Port Forwarding for UDP with specied IP
Please follow example below to congure the Port Forwarding to Specied IP with UDP.
From the left-hand Firewall -> Port Forwarding menu. The following page is displayed:
Check the option Enable Port Forwarding to enable the Enable Port Forwarding.
Enter the IP Address that the port you want to be forwarded in IP Address eld.
From the Protocol drop-down list, select UDP setting.
Enter any comment in Comment eld.
Click Apply Changes.
Now the IP Address and port range that you created has been added and listed in the Current Filter Table.
Now the port range of the IP Address in the Current Filter Table can be access from Internet by UDP protocol.
Page 89
89
WLAN Router
URL Filtering
URL lter is used to deny LAN users from accessing the internet. Block those URLs which contain keywords listed
below.
From the left-hand Firewall -> URL Filtering menu. The following page is displayed:
URL ltering for specied URL Address
Please follow example below to deny LAN users from accessing the Internet.
From the left-hand Firewall -> URL Filtering menu. The following page is displayed:
Check the option Enable URL Filtering to enable the URL Filtering.
Enter the URL Address that you want to be denied for LAN user.
Click Apply Changes.
Page 90
90
WLAN Router
Now the URL Filter that you created has been added and listed in the Current Filter Table.
Now the URL Address in the Current Filter Table cannot be visited.
DMZ
A Demilitarized Zone is used to provide Internet services without sacricing unauthorized access to its local private
network. Typically, the DMZ host contains devices accessible to Internet trac, such as Web (HTTP ) servers, FTP se-
rvers, SMTP (e-mail) servers and DNS servers.
From the left-hand Firewall -> DMZ menu. The following page is displayed:
DMZ Host IP Address
Please follow example below to congure the DMZ to Host IP Address.
From the left-hand Firewall -> DMZ menu. The following page is displayed:
Check the option Enable DMZ to enable the Enable DMZ.
Enter the IP Address that to be the DMZ Host in DMZ Host IP Address eld.
Click Apply Changes.
Page 91
91
WLAN Router
Click OK.
Status
This page displays the current information for the device. It will display the LAN, WAN, and system rmware informa-
tion. This page will display dierent information, according to WAN setting (Static IP, DHCP, or PPPoE).
From the left-hand Management -> Status menu. The following page is displayed:
Page 92
92
WLAN Router
Statistics
This page shows the packet counters for transmission and reception regarding to wireless and Ethernet networks.
From the left-hand Management -> Statistics menu. The following page is displayed:
Dynamic DNS
When you want your internal server to be accessed by using DNS name rather than using the dynamic IP address,
you can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static hostname.
This chapter provides you an overview of the Dynamic DNS feature of the modem and conguration details rela-
ted to it.
Overview
If some host has a dynamic IP address that keeps changing frequently, it is dicult to keep updating the IP record
that is associated with the domain name of this host in the zone les. This will result in non-accessibility of this host
on the Internet. Dynamic DNS service allows to keep mapping of a dynamic IP address of such host to a static host-
name. Dynamic DNS services are provided by many websites. The host needs to register with some website and
get a domain name. When the IP address of the host changes, it just needs to send a message to the website that’s
providing dynamic DNS service to this host. For this to work, an automated update client needs to be implemented.
These update clients send update messages to the servers whenever there is some change in the IP address of that
host. Then, the server updates the entries for that host and replies back with some return code.
Page 93
93
WLAN Router
Above Figure explains one such scenario in which a host gets a dynamic IP address for itself from a DHCP server. As
the host has registered with one of the dynamic DNS service providers on the Internet, it sends an update message
to the service provider with host name and changed IP address. The service provider updates the new IP address
of the host in the zone les that have entry for that host name and replies back with some return code. The return
code communicates the success or failure of the update message. This process is repeated every time the host’s IP
address changes.
If the dynamic DNS service provider is notied of the same IP address again and again, then it considers it an abu-
se and might block the host name. To avoid this scenario, the IP address that was successfully updated to the ISP is
stored on the unit. Whenever we receive an IP address change notication, the new IP address is compared with the
IP address that was stored on the last update. If they dier, then only an update request is sent. However, when the
system comes up there is no way of knowing what was the IP address on last successful update before the system
went down. You need to give the command “system cong save“ periodically to save this IP address on Flash.
Registering With Dynamic DNS Service Provider
Currently, Wireless Gateway supports two Dynamic DNS service providers, www.tzo.com and www.dyndns.com. To
use their Dynamic DNS service, you rst need to visit the Web site of a service provider and register. While registe-
ring, you need to provide your username, password, and hostname as mandatory parameters. A service provider
may also prompt you to ll some optional parameters.
Conguring IP Interfaces
You need to create a Dynamic DNS interface per IP interface and can only create one Dynamic DNS interface service
on one IP interface. For more information on creating IP interfaces, refer to section Creating IP interfaces.
Note
www.dyndns.org provides three kinds of services - Dynamic DNS, Custom DNS and Static DNS. You can cre­ate dierent domains in these systems. Custom DNS service is a full DNS solution for newly purchased do­mains or domains you already own. A web-based interface provides complete control over resource records and your entire domain, including support for dynamic IPs and automated updates. Static DNS service po­ints a DNS hostname in some domain owned by dyndns.org to the user’s ISP-assigned static or pseudo-sta­tic IP address. DynDNS service points a xed hostname in some domain owned by dyndns.org to the user’s ISP-assigned dy­namic IP address. This allows more frequent update of IP addresses, than allowed by Static DNS.
From the left-hand Management -> DDNS menu. The following page is displayed:
Page 94
94
WLAN Router
Congure DynDNS
From the left-hand Management -> DDNS menu. The following page is displayed:
Click on Enable DDNS
Select the DynDNS from the Service Provider drop-down list.
Type your own unique User Name, Password and Domain Name which you applied from www.dyndns.com in the
relevant boxes. They can be any combination of letters or numbers with a maximum of 20 characters.
Click Apply Changes.
Click OK.
Page 95
95
WLAN Router
Congure TZO
From the left-hand Management -> DDNS menu. The following page is displayed:
Click on Enable DDNS
Select the TZO from the Service Provider drop-down list.
Type your own unique Email, Key and Domain Name which you applied from http://www.tzo.com/
MainPageWebClient/clientsignup.html in the relevant boxes. They can be any combination of letters or numbers
with a maximum of 20 characters.
Click Apply Changes.
Click OK.
Page 96
96
WLAN Router
Time Zone Setting
Certain systems may not have a date or time mechanism or may be using inaccurate time/day information. the
Simple Network Time Protocol feature provides a way to synchronize the device’s own time of day setting with a re-
mote time server as described in RFC 2030 (SNTP) and RFC 1305 (NTP).
SNTP Server and SNTP Client Conguration settings
From the left-hand Management menu, click on Time Zone Setting. The following page is displayed:
From the Time Zone Select drop-down list, select Your Own Time Zone.
Check the option Enable NTP client update.
From the NTP server drop-down list, select a NTP Server. Or you can add server to the SNTP association list using IP
address. Adding a server to the association list automatically starts the synchronization process.
Click Apply Changes.
Click OK.
Page 97
97
WLAN Router
Denial-of-Service
A “denial-of-service” (DoS) attack is characterized by an explicit attempt by hackers to prevent legitimate users of a
service from using that service.
Denial-of-Service
From the left-hand Management menu, click on Denial-of-Service. The following page is displayed:
Check the option Enable NTP client update.
Check the option of each Service.
Check the option Enable Source IP Blocking.
Click Apply Changes.
Page 98
98
WLAN Router
Click OK.
Page 99
99
WLAN Router
Log
This page can be used to set remote log server and show the system log.
System Log
From the left-hand Management menu, click on Log. The following page is displayed:
Option
Description
Enable Log
Enable/Disable the feature. Default: Disable
system all
All system logs will be recorded in the system log
wireless
The wireless logs will be recorded in the system log
DoS
The DoS logs will be recorded in the system log
Enable Remote Log
Enable: Send the system log to remote log server. To do this, make sure a secure syslog server is available. Default: Disable
Log Server IP Address
Enter the IP Address of remote log server.
Check the option Enable Log.
Check the option system all, wireless or DoS.
Check the option Enable Remote Log if you
Enter the IP Address in the Log Server IP Address eld.
Click Apply Changes.
Click OK.
Page 100
100
WLAN Router
Firmware Update
The Firmware Update page allows you to:
check if an updated rmware version is available from [Provider].
download an updated rmware version and install it on your device.
manually download the latest rmware version from [Provider]’s website and manually update your rmware. See
Manually updating rmware.
About rmware versions
Firmware is a software program. It is stored as read-only memory on your device. [Provider] is continually improving
this rmware by adding new features to it, and these features are saved in later versions of the rmware.
Your device can check whether there are later rmware versions available. If there is a later version, you can down-
load it via the Internet and install it on your device.
Note
If there is a rmware update available you are strongly advised to install it on your device to ensure that you take full advantage of any new feature developments.
Manually updating rmware
You can manually download the latest rmware version from [Provider]’s website to your PC’s le directory.
Once you have downloaded the latest rmware version to your PC, you can manually select and install it as fol-
lows:
From the left-hand Management menu, click on Upgrade Firmware Upgrade. The following page is displayed:
Click on the Browse… button.
(Note that if you are using certain browsers (such as Opera 7) the Browse button is labeled Choose.)
Use the Choose le box to navigate to the relevant directory where the rmware version is saved.
Once you have selected the le to be installed, click Open. The le’s directory path is displayed in the New Firmware
Image: text box.
Click Upgrade >. The device checks that the selected le contains an updated version of rmware. A status screen
pops up, please wait for a while…….
Firmware update has been update complete. The following page is displayed:
Click OK.
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use