How it Works
Modecom
Loading...
MC-4220
User Manual
156 pgs3.51 Mb0

Modecom MC-4220 User Manual

Download
Page 1
1
MODECOM
user’s manual
MC-4220
802.11n WLAN ADSL2+ Router
Page 2
www.modecom.eu
2
Contest
Introduction 5
Device Requirements 5 Using this Document 6 Special messages 6
Getting to know the device 6
Parts Check 6 Front Panel 7 Rear Panel 9
Connecting your device 10
Conguring Ethernet PCs 11 Connecting the Hardware 11
Easy Setup 12
WAN Conguration: 12
Getting Started with the Web pages 17
Accessing the Web pages 17 Testing your Setup 19 Default device settings 19
Overview 20
Internet access settings 21 About Wireless ADSL2+ Router 22
Wireless Network 22
Basic Settings 22 Advanced Settings 24 Security 26 Access Control 31 Allow Listed 32 WPS 34 Operations of AP - AP being an enrollee 37 Operations of AP - AP being a registrar 44
Internet Access 49
Types of Internet Access 50
Conguring your PPPoE DSL connection 50 Conguring your PPPoA DSL connection 52 Conguring your Bridged DSL connection 53 Conguring your 1483 MER by DHCP 54 Conguring your 1483 MER by Fixed IP 55 ATM Settings 56
ADSL Settings 57
Local Network Conguration 58
Changing the LAN IP address and subnet mask 58 Adding the Secondary LAN IP address and subnet mask 61
Page 3
3
DHCP Settings 63
DHCP Server Conguration 63 DHCP Relay Conguration 65 DHCP None Conguration 67
DNS Conguration 69
DHCP Server Conguration - Attain DNS Automatically 69 DHCP Server Conguration - Set DNS Manually 71
Overview of Dynamic DNS 73 Dynamic DNS Conguration – DynDNS.org 74
IP/Port Filtering 78
IP/Port Filtering 78
MAC Filtering 79
Conguring MAC ltering to Deny for outgoing access 79
Port Forwarding 81
Conguring Port Forwarding 81 Conguring custom applications 82
URL Blocking 89
Conguring URL Blocking of FQDN 89 Conguring URL Blocking of Keyword 91
Domain Blocking 93
Conguring Domain blocking 93
DMZ 95
Conguring DMZ 95
UPnP 97
Conguring UPnP 97 UPnP Control Point Software on Windows ME 99
UPnP Control Point Software on Windows XP with Firewall 99
RIP 101 ARP Table 103
ARP Table 103
Bridging 103
Bridging 103
Routing 104
Routing 104
SNMP 106
SNMP 106
Port Mapping 107
Port Mapping 107
IP QoS 109
IP QoS 109
Page 4
www.modecom.eu
4
Remote Access 110 Others 111 Diagnostic 111
Ping 111 ATM Loopback 113 ADSL 114 Diagnostic Test 115
Commit/Reboot 116
Commit/Reboot 116
Backup/Restore 117
Backup settings 117 Restore settings 118 Resetting to Defaults 118 Software Reset: 119
Password 120
Setting your username and password 120
Firmware Update 122
About rmware versions 122 Manually updating rmware 122
ACL Conguration 125
ACL Cong 125
Time Zone 127
SNTP Server and SNTP Client Conguration settings 127
TR-069 Cong 132
TR-069 Conguration 132
Statistics 133
Interfaces 133 ADSL 134
Conguring your Computers 135
Conguring Ethernet PCs 135 Assigning static Internet information to your PCs 138
IP Addresses, Network Masks, and Subnets 139
IP Addresses 139 Subnet masks 141
Troubleshooting 141
Troubleshooting Suggestions 142 Diagnosing Problem using IP Utilities 143
Glossary 145
Page 5
5
Introduction
Congratulations on becoming the owner of the Wireless ADSL2+ Router. You will
now be able to access the Internet using your high-speed DSL connection.
This User Guide will show you how to connect your Wireless ADSL2+ Router, and
how to customize its conguration to get the most out of your new product.
Features The list below contains the main features of the device and may be useful to us-
ers with knowledge of networking protocols. If you are not an experienced user, the
chapters throughout this guide will provide you with enough information to get the
most out of your device.
Features include:
Internal DSL modem for high-speed Internet access• 10/100Base-T Ethernet Router to provide Internet connectivity to all comput-
ers on your LAN Network address translation (NAT) functions to provide security for your LAN
Network conguration through DHCP Server and DHCP Client• Services including IP route and DNS conguration, RIP, and IP and DSL per-
formance monitoring
User-friendly conguration program accessed via a web browser• User-friendly conguration program accessed via EasySetup program
Device Requirements
In order to use the Wireless ADSL2+ Router, you must have the following:
DSL service up and running on your telephone line Instructions from your ISP on what type of Internet access you will be using, and the addresses needed to set up access
One or more computers each containing an Ethernet card (10Base-T/100Base-
T network interface card (NIC))
For system conguration using the supplied a. web-based program: a web • browser such as Internet Explorer v4 or later, or Netscape v4 or later. Note that version 4 of each browser is the minimum version requirement – for opti­mum display quality, use Internet Explorer v5, or Netscape v6.1 b. EasySetup program: Graphical User Interface
Note
You do not need to use a hub or switch in order to connect more than one Ethernet PC to your device. Instead, you can connect up to four Ethernet PCs directly to your device using the ports labeled Ethernet on the rear panel.
Page 6
www.modecom.eu
6
Using this Document
Notational conventions
Acronyms are dened the rst time they appear in the text and also in the • glossary. For brevity, the Wireless ADSL2+ Router is referred to as “the device”.
The term LAN refers to a group of Ethernet-connected computers at one site.
Typographical conventions
Italic• text is used for items you select from menus and drop-down lists and the names of displayed web pages. Bold• text is used for text strings that you type when prompted by the program, and to emphasize important points.
Special messages
This document uses the following icons to draw your attention to specic instruc-
tions or explanations.
Note
Provides clarifying or non-essential information on the current topic.
Denition
Explains terms or acronyms that may be unfamiliar to many readers. These terms are also included in the Glossary.
Warning
Provides messages of high importance, including messages relating to per-
sonal safety or system integrity.
Getting to know the device
Parts Check
In addition to this document, your package should arrive containing the following:
1. Wireless ADSL2+ Router
2. CD-ROM containing the online manual and Easy Setup software
3. Power Supply
4. Ethernet Cable
5. Standard Phone Cable
6. Quick Installation Guide
Page 7
7
Front Panel
The front panel contains lights called Light Emitting Diodes (LEDs) that indicate
the status of the unit.
FrontPanelandLEDs
Label
Color
Function
POWER
green
On: device is powered on Off: device is powered off
DSL
green
On: DSL link reaches showtime, which means that your
device has successfully connected to your ISP’s DSL
network. Off: DSL link not in showtime, your device has not suc­cessfully connected to your ISP’s DSL network. Blink: Data being transmitted
INTERNET
green
On: PPP link established and active, which means that
your device has successfully connected to your ISP’s
network. Off: No PPP link, your device has not successfully con­nected to your ISP’s network. Blink: PPP link established and active
LAN
4/3/2/1
green
On: LAN link established and active Off: No LAN link Blink: Valid Ethernet packet being transferred
WLAN
green
Press this button for 5 seconds to Disable or Enable Wireless LAN.
WPS
green
Press this button for 3 seconds to Enable WPS function.
Page 8
www.modecom.eu
8
Rear Panel
The rear panel contains a RestoreDefaults button, the ports for the unit’s data and
power connections.
RearPanelConnections
RightPanelConnections
Page 9
9
BottomSideforResetbuttonFigure1:
Label Function
LINE Connects the device to a telephone port in the wall of your home/
ofce for DSL communication
RESET Pressing this button restores the factory default conguration on
your device
LAN 4/3/2/1 Connects the device via Ethernet to up to four PCs on your LAN ANETENNA ANETENNA POWER Connects to the supplied power cable
ON/OFF SWITCH
Power on/off the device
WLAN Press this button for 5 seconds to Disable or Enable Wireless
LAN.
WPS Press this button for 3 seconds to Enable WPS function.
Connecting your device
This chapter provides basic instructions for connecting the Wireless ADSL2+
Router to a computer or LAN and to the Internet.
In addition to conguring the device, you need to congure the Internet properties
of your computer(s). For more details, see the following sections:
Page 10
www.modecom.eu
10
Conguring Ethernet PCs
This chapter assumes that you have already established a DSL service with your
Internet service provider (ISP). These instructions provide a basic conguration that should be compatible with your home or small ofce network setup. Refer to the sub­sequent chapters for additional conguration instructions.
Connecting the Hardware
This section describes how to connect the device to the wall phone port, the power
outlet and your computer(s) or network.
WARNING
Before you begin, turn the power off for all devices. These include your computer(s), your LAN hub/switch (if applicable), and the Wireless
ADSL2+ Router.
The diagram below illustrates the hardware connections. The layout of the ports on your device may vary from the layout shown. Refer to the steps that follow for specic instructions.
OverviewofHardwareConnections
Page 11
11
Step 1. Connect the Telephone cable to ADSL line
Connect one end of the provided phone cable to the port labeled LINE on the rear panel of the device. Connect the other end to your wall phone port.
Step 2. Connect the Ethernet cable
Connect either a LAN hub or Ethernet computers directly to the device via Ether­net cable(s).
Note that the cables do not need to be crossover cables.
Step 3. Attach the power connector
Connect the power adapter to the POWER connector on the back of the device and plug the adapter into a wall outlet or power strip. Turn on and boot up your computer(s) and any LAN devices such as hubs or switches.
Step 4. Power on the device
Press ON/OFF SWITCH to power on the device.
Step 5. Congure your Ethernet PCs
You must also congure the Internet properties on your Ethernet PCs. SeeCon- guringEthernetPCs.
Next step
After setting up and conguring the device and PCs, you can log on to the device
by following the instructions in Getting Started with the Web pages. The chapter includes a section called Testingyour Setup, which enables you to verify that the
device is working properly.
Easy Setup
For easy conguration, insert the CD into your CD-ROM drive.
The CD should auto-start and then click “Easy Setup”. If it does not start, click on Start -> Run and type in CD:\fscommand \vbpES.exe (where CD is the drive letter of your CD-ROM drive.)
WAN Conguration:
There are Four options of Protocol Modes on WAN Conguration: PPPoA VC­Mux, PPPoE LLC, 1483 Bridged IP LLC and 1483 MER LLC Mode.
PPPoE LLC / PPPoA VC-Mux
After selecting the Protocol : PPPoELLC/PPPoAVC-Mux: Enter VPI/VCI which was given by Telecom or by your Internet Service Pro- vider (ISP). Enter Username/Password which was given by Telecom or by your Internet Service Provider (ISP). Click Setup.
Page 12
www.modecom.eu
12
Easy setup conguration completed. Now you are ready to Surf the Internet!!!
Page 13
13
1483 Bridged IP LLC
After selecting the Protocol : 1483 Bridged IP LLC:• Enter VPI/VCI which was given by Telecom or by your Internet Service Pro- vider (ISP). Click Setup.
Easy setup conguration completed. Now you are ready to Surf the Internet!!!
Page 14
www.modecom.eu
14
1483 MER LLC Fixed IP
After selecting the Protocol : 1483 MER LLC:• Enter VPI/VCI which was given by Telecom or by your Internet Service Pro- vider (ISP). From the Type ratio, click FixedIP. Enter LocalIPAddress/SubnetMask/RemoteIPAddress which was given by Telecom or by your Internet Service Provider (ISP). Click Setup.
Easy setup conguration completed. Now you are ready to Surf the Internet!!!
Page 15
15
1483 MER LLC DHCP
After selecting the Protocol : 1483 MER LLC:• Enter VPI/VCI which was given by Telecom or by your Internet Service Pro- vider (ISP).
From the Type ratio, click DHCP. Click Setup.
Easy setup conguration completed. Now you are ready to Surf the Internet!!!
Page 16
www.modecom.eu
16
Getting Started with the Web pages
The Wireless ADSL2+ Router includes a series of Web pages that provide an
interface to the software installed on the device. It enables you to congure the de­vice settings to meet the needs of your network. You can access it through your web browser from any PC connected to the device via the LAN ports.
Accessing the Web pages
To access the Web pages, you need the following:• A PC or laptop connected to the LAN port on the device.• A web browser installed on the PC. The minimum browser version require-• ment is Internet Explorer v4 or Netscape v4. For the best display quality, use latest version of Internet Explorer, Netscape or Mozilla Firefox.From any of the
LAN computers, launch your web browser, type the following URL in the web
address (or location) box, and press [Enter] on your keyboard: http://10.0.0.2 The Status homepage for the web pages is displayed:
10.0.0.2
Homepage
Page 17
17
The rst time that you click on an entry from the left-hand menu, a login box is displayed. You must enter your username and password to access the pages.
A login screen is displayed:
•••••••••••••
Loginscreen
Enter your user name and password. The rst time you log into the program, use these defaults:
UserName: admin Password: administrator
Note
You can change the password at any time or you can congure your device so that you do not need to enter a password. See Password.
Click on OK. You are now ready to congure your device.
This is the rst page displayed each time you log in to the Web pages. This page contains links to the following pages:
Addressing; links to the Addressing page that controls your device’s network address. SeeAddressing. Internet Access; links to the InternetAccess page that controls how your de- vice connects to the Internet. See InternetAccess.
Note
If you receive an error message or the Welcome page is not displayed, see
Troubleshooting Suggestions.
Page 18
www.modecom.eu
18
Testing your Setup
Once you have connected your hardware and congured your PCs, any computer
on your LAN should be able to use the device’s DSL connection to access the Inter-
net.
To test the connection, turn on the device, wait for 30 seconds and then verify that
the LEDs are illuminated as follows:
Table 1. LED Indicators
LED
Behavior
POWER
Solid green to indicate that the device is turned on. If this light is not on, check the power cable attachment.
ETH
Flashing on/off while the device is booting. After about 10-15
seconds, solid green to indicate that the device can communicate
with your LAN.
Link
Flashing on/off while data is being transmitted. Solid green to
indicate that the device has successfully established a connec-
tion with your ISP.
INTERNET
Flashing on/off while data is being transferred. Solid green when a valid IP address has been assigned to the device by the ISP.
If the LEDs illuminate as expected, test your Internet connection from a LAN com­puter. To do this, open your web browser, and type the URL of any external website. The LED labeled INTERNET should blink rapidly and then appear solid as the device connects to the site.
If the LEDs do not illuminate as expected, you may need to congure your Internet access settings using the information provided by your ISP. For details, see Internet
Access. If the LEDs still do not illuminate as expected or the web page is not dis- played, seeTroubleshootingSuggestions or contact your ISP for assistance.
Default device settings
In addition to handling the DSL connection to your ISP, the DSL Modem can pro­vide a variety of services to your network. The device is precongured with default settings for use with a typical home or small ofce network.
The table below lists some of the most important default settings; these and other
features are described fully in the subsequent chapters. If you are familiar with net­work conguration, review these settings to verify that they meet the needs of your network. Follow the instructions to change them if necessary. If you are unfamiliar with these settings, try using the device without modication, or contact your ISP for assistance.
Page 19
19
WARNING
We strongly recommend that you contact your ISP prior to changing the
default conguration.
Option Default Setting Explanation/Instructions
LINEPortIPAd­dress
Unnumbered inter-
face:
10.0.0.2
Subnet mask:
255.255.255.255
This is the temporary public IP ad-
dress of the WAN port on the device.
It is an unnumbered interface that is replaced as soon as your ISP assigns
a ‘real’ IP address. SeeInternetAc­cess.
LANPort IPAddress
Assigned static IP
address:
10.0.0.2
Subnet mask:
255.255.255.0
This is the IP address of the LAN port
on the device. The LAN port connects the device to your Ethernet network.
Typically, you will not need to change
this address. See LAN.
DHCP(Dynamic HostConguration Protocol)
DHCP server enabled with the following pool of ad-
dresses:
10.0.0.33
through
10.0.0.254
The Wireless ADSL2+ Router main­tains a pool of private IP addresses for dynamic assignment to your LAN
computers. To use this service, you
must have set up your computers to accept IP information dynamically, as described inServices->DHCPSet-
tings.
NAT(NetworkAd­dressTranslation)
NAT enabled Your computers’ private IP addresses
(see DHCP above) will be translated to your public IP address whenever
the PCs access the Internet. See Ser­vices->Firewall.
Overview
The Overviewpage displays useful information about the setup of your device,
including:
details of the device’s Internet access settings version information about your device
To display this page:
From the left-hand menu, click on Status. The following page is displayed:
Page 20
www.modecom.eu
20
10.0.0.2
Overviewpage
The information displayed on this page is explained in detail in the following sec­tions.
Internet access settings
This section displays details of the settings that allow your device to access the
Internet. These details include:
Page 21
21
IP address and sub-
net mask:
The IP address and subnet mask assigned to your WAN
interface. This address is used temporarily until your ISP assigns a real IP address (via DHCP or PPP – see Inter­net Access.
Default gateway:
The address of the ISP server through which your Internet
connection will be routed.
DNS servers:
The Domain Name System (DNS) servers used by your
ISP to map domain names to IP addresses.
Your ISP assigns all of these settings. In most cases, you will not need to make changes to these settings in order for your Internet connection to work. If your ISP
does ask you to change any of these settings, follow the instructions for manually
conguring your device in InternetAccess.
About Wireless ADSL2+ Router
This section displays details of your device’s hardware and rmware versions. If
you need to contact your ISP’s support team, they may need to know which hard-
ware/rmware versions you are using in order to answer your query.
Your hardware version details contain information about the make and model of your device and its exact hardware components.
Your rmware version details contain information about the software program run­ning on your device. From time to time, MODECOM may update or add new features to this rmware. They then make the latest updated version available to you via the Internet. For details of how to update your rmware, see Admin -> UpgradeFirm- ware.
Wireless Network
This chapter assumes that you have already set up your Wireless PCs and in-
stalled a compatible Wireless card on your device. See ConguringWirelessPCs.
Basic Settings
This page contains all of the wireless basic settings. Most users will be able to congure the wireless portion and get it working properly using the setting on this screen.
The WirelessNetwork page allows you to congure the Wireless features of your device. To access the WirelessNetworkBasicSettings page:
From the left-hand Wirelessmenu, click on BasicSettings. The following page is displayed:
Page 22
www.modecom.eu
22
WirelessNetworkpage
Field Description Disable Wireless LAN Interface
Enable/Disable the Wireless LAN Interface.
Band Select the appropriate band from the list provided to corre-
spond with your network setting.
Mode Congure the Wireless LAN Interface to AP or AP + WDS
mode
SSID Specify the network name.
Each Wireless LAN network uses a unique Network Name to identify the network. This name is called the Service Set Identier (SSID). When you set up your wireless adapter, you specify the SSID. If you want to connect to an existing network, you must use the name for that network. If you are
setting up your own network you can make up your own
name and use it on each computer. The name can be up to 32 characters long and contain letters and numbers.
Channel Number Select the appropriate channel from the list provided to cor-
respond with your network settings. You shall assign a differ­ent channel for each AP to avoid signal interference.
Radio Power (mW) The maximum output power: 15mW, 30mW or 60mW.
Page 23
23
Function Button Description
Associated Clients
Show Active Wireless Client Table
This table shows the MAC address, transmission, receiption
packet counters and encrypted status for each associated
wireless client.
Apply Changes Click to save the rule entry to the conguration. Reset Discard your changes and reload all settings from ash memory.
Advanced Settings
These settings are only for more technically advanced users who have a sufcient knowledge about wireless LAN. These settings should not be changed unless you know what effect the changes will have on your Access Point. To access the Wireless NetworkAdvancedSettings page:
From the left-hand Wirelessmenu, click on AdvancedSettings. The following page is displayed:
Page 24
www.modecom.eu
24
Field Description
Authen­tication Type
Open System: Open System authentication is not required to be successful
while a client may decline to authenticate with any particular other client. Shared Key: Shared Key is only available if the WEP option is implement­ed. Shared Key authentication supports authentication of clients as either a
member of those who know a shared secret key or a member of those who
do not. IEEE 802.11 Shared Key authentication accomplishes this without the need to transmit the secret key in clear. Requiring the use of the WEP privacy mechanism. Auto: Auto is the default authentication algorithm. It will change its authen­tication type automatically to fulll client’s requirement.
Fragment Threshold
When transmitting a packet over a network medium, sometimes the packet
is broken into several segments, if the size of packet exceeds that allowed by the network medium. The Fragmentation Threshold denes the number of bytes used for the fragmentation boundary for directed messages. This value should remain at its default setting of 2346. It species the maxi­mum size for a packet before data is fragmented into multiple packets. If you experience a high packet error rate, you may slightly increases the “Fragment Threshold” value within the value range of 256 to 2346. Set­ting this value too low may result in poor network performance. Only minor modications of this value are recommended.
RTS Threshold
This value should remain at its default setting of 2347. Should you encoun­ter inconsistent data ow, only minor modications are recommended. If a
network packet is smaller than the preset “RTS threshold” size, the RTS/ CTS mechanism will not be enabled. The ADSL modem (or AP) sends Re­quest to Send (RTS) frames to a particular receiving station and negotiates
the sending of a data frame. After receiving an RTS, the wireless station
responds with a Clear to Send (CTS) frame to acknowledge the right to
begin transmission.
Beacon Interval
The Beacon Interval value indicates the frequency interval of the beacon. Enter a value between 20 and 1024. A beacon is a packet broadcast by the ADSL modem (or AP) to synchronize the wireless network. The default is
100.
Data Rate
The rate of data transmission should be set depending on the speed of your
wireless network. You should select from a range of transmission speeds,
or you can select Auto to have the ADSL modem (or AP) automatically use
the fastest possible data rate and enable the Auto-Fallback feature. Auto-
Fallback will negotiate the best possible connection speed between the AP
and a wireless client. The default setting is Auto.
Function Button Description
Apply Changes Click to save the rule entry to the conguration.
Page 25
25
Security
This page allows you setup the wireless security. Turn on WEP or WPA by using Encryption Keys could prevent any unauthorized access to your wireless network. To
access the WirelessNetworkSecuritypage:
From the left-hand Wireless menu, click on Security. The following page is dis-
played:
Field Description
Encryption There are 4 types of security to be selected. To secure your
WLAN, it’s strongly recommended to enable this feature. WEP: Make sure that all wireless devices on your network are using the same encryption level and key. Click Set WEP Key button to set the encryption key. WPA (TKIP): WPA uses Temporal Key Integrity Protocol (TKIP) for data encryption. TKIP utilized a stronger encryption method and incorporates Message Integrity Code (MIC) to provide pro­tection against hackers. WPA2 (AES): WPA2, also known as 802.11i, uses Advanced Encryption Standard (AES) for data encryption. AES utilized a symmetric 128-bit block data encryption. WAP2 Mixed: The AP supports WPA (TKIP) and WPA2 (AES) for data encryption. The actual selection of the encryption methods will depend on the clients.
Page 26
www.modecom.eu
26
Set WEP Key Congure the WEP Key Use 802.1x Au-
thentication
Check it to enable 802.1x authentication. This option is select­able only when the “Encryption” is choose to either None or WEP. If the “Encryption” is WEP, you need to further select the WEP key length to be either WEP 64bits or WEP 128bits.
WPA Authentica-
tion Mode
There are 2 types of authentication mode for WPA. WPA-RADIUS: WPA RADIUS uses an external RADIUS server to perform user authentication. To use WPA RADIUS, enter the
IP address of the RADIUS server, the RADIUS port (default is
1812) and the shared secret from the RADIUS server. Please
refer to “Authentication RADIUS Server” setting below for RA-
DIUS setting. The WPA algorithm is selected between TKIP and AES, please refer to “WPA cipher Suite” below. Pre-Shared Key: Pre-Shared Key authentication is based on a shared secret that is known only by the parties involved. To use WPA Pre-Shared Key, select key format and enter a pass­word in the “Pre-Shared Key Format” and “Pre-Shared Key” setting respectively. Please refer to “Pre-Shared Key Format” and “Pre-Shared Key” setting below.
Pre-Shared Key
Format
PassPhrase: Select this to enter the Pre-Shared Key secret as user-friendly textual secret. Hex (64 characters): Select this to enter the Pre-Shared Key secret as hexadecimal secret.
Pre-Shared Key Specify the shared secret used by this Pre-Shared Key. If the
“Pre-Shared Key Format” is specied as PassPhrase, then it indicates a passphrase of 8 to 63 bytes long; or if the “Pre­Shared Key Format” is specied as PassPhrase, then it indi­cates a 64-hexadecimal number.
Authentication RADIUS Server
If the WPA-RADIUS is selected at “WPA Authentication Mode”, the port (default is 1812), IP address and password of external RADIUS server are specied here.
Function Button Description
Apply Changes Click to save the rule entry to the conguration.
WEP + Encryption Key
WEP aims to provide security by encrypting data over radio waves so that it is pro­tected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed.
From the Encryption drop-down list, select WEPsetting.
Page 27
27
Click SetWEPKey button.
Enter your user name and password. The rst time you log into the program, • use these defaults:
UserName: admin
Password: administrator
From the KeyLengthdrop-down list, select 64-bit or 128-bitsetting. From the KeyFormat drop-down list, select ASCII(5characters), Hex(10char- acters),ASCII(13characters) or Hex(26characters)setting. From the DefaultTxKeydrop-down list, select akeyisusedforencryption.
Enter the EncryptionKey value depending on selected ASCII or Hexadecimal. Click ApplyChanges button.
Page 28
www.modecom.eu
28
Change setting successfully! Click on OK button to conrm and return.
WEP + Use 802.1x Authentication
WEP aims to provide security by encrypting data over radio waves so that it is pro­tected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed.
From the Encryption drop-down list, select WEPsetting.
Check the option of Use802.1xAuthentication. Click on the ratio of WEP64bits or WEP128bits.
Enter the Port, IPAddress and Password of RADIUS Server:
Change setting successfully! Click on OK button to conrm and return.
WPA/WPA2/WPA2 Mixed + Personal (Pre-Shared Key)
Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless
(Wi-Fi) computer networks. WPA is designed to work with all wireless network inter­face cards, but not necessarily with rst generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards. Both provide good security, with two signicant issues:
Either WPA or WPA2 must be enabled and chosen in preference to WEP. • WEP is usually presented as the rst security choice in most installation in­structions. In the “Personal” mode, the most likely choice for homes and small ofces, a
pass phrase is required that, for full security, must be longer than the typical 6
to 8 character passwords users are taught to employ.
1. From the Encryption drop-down list, select WPA(TKIP), WPA2(AES) or WPA2 Mixedsetting.
Page 29
29
2. Click on the ratio of Personal(Pre-SharedKey).
3. From the Pre-SharedKeyFormat drop-down list, select Passphrase or Hex (64 characters)setting.
4. Enter the Pre-SharedKey depending on selected Passphrase or Hex(64charac- ters).
5. Click on ApplyChanges button to conrm and return.
6. Change setting successfully! Click on OK button to conrm and return.
WPA/WPA2/WPA2 Mixed + Enterprise (RADIUS)
Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless
(Wi-Fi) computer networks. WPA is designed to work with all wireless network inter­face cards, but not necessarily with rst generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards. Both provide good security, with two signicant issues:
Either WPA or WPA2 must be enabled and chosen in preference to WEP. • WEP is usually presented as the rst security choice in most installation in­structions. In the “Personal” mode, the most likely choice for homes and small ofces, a
pass phrase is required that, for full security, must be longer than the typical 6
to 8 character passwords users are taught to employ.
Page 30
www.modecom.eu
30
From the Encryption drop-down list, select WPA,WPA2 or WPA2Mixedsetting.
Click on the ratio of Enterprise(RADIUS).
Enter the Port, IPAddress and Password of RADIUS Server:
10.0.0.1001812
Change setting successfully! Click on OK button to conrm and return.
Access Control
For security reason, using MAC ACL’s (MAC Address Access List) creates another level of difculty to hacking a network. A MAC ACL is created and distributed to AP so that only authorized NIC’s can connect to the network. While MAC address spoong
is a proven means to hacking a network this can be used in conjunction with addi-
tional security measures to increase the level of complexity of the network security decreasing the chance of a breach.
MAC addresses can be add/delete/edit from the ACL list depending on the MAC Access Policy.
If you choose ‘Allowed Listed’, only those clients whose wireless MAC addresses are in the access control list will be able to connect to your Access Point. When ‘Deny
Listed’ is selected, these wireless clients on the list will not be able to connect the
Access Point. To access the WirelessNetworkAccessControlpage:
From the left-hand Wirelessmenu, click on AccessControl. The following page is displayed:
Page 31
31
Allow Listed
1. If you choose ‘Allowed Listed’, only those clients whose wireless MAC address-
es are in the access control list will be able to connect to your Access Point.
2. From the Wireless Access Control Mode drop-down list, select Allowed Listed
setting.
3. Enter the MACAddress.
4. Click Add button.
5. Change setting successfully! Click on OK button to conrm and return.
Page 32
www.modecom.eu
32
6. The MAC Address that you created has been added in the Current Access
ControlList.
Deny Listed
When ‘Deny Listed’ is selected, these wireless clients on the list will not be able to
connect the Access Point.
1. From the Wireless Access Control Mode drop-down list, select Deny Listed
setting.
2. Enter the MACAddress.
3. Click Add button.
4.Change setting successfully! Click on OK button to conrm and return.
5. The MAC Address that you created has been added in the Current Access
ControlList.
Page 33
33
WPS
Introduction of WPS
Although home Wi-Fi networks have become more and more popular, users still
have trouble with the initial set up of network. This obstacle forces users to use the open security and increases the risk of eavesdropping. Therefore, WPS is designed
to ease set up of security-enabled Wi-Fi networks and subsequently network man-
agement (Wi-Fi Protected Setup Specication 1.0h.pdf, p. 8).
The largest difference between WPS-enabled devices and legacy devices is that users do not need the knowledge about SSID, channel and security settings, but they
could still surf in a security-enabled Wi-Fi network. For examples, in the initial net­work set up, if users want to use the PIN conguration, the only thing they need to do
is entering the device PIN into registrar, starting the PIN method on that device and
simply wait until the device joins the network. After the PIN method is started on both sides, a registration protocol will be initiated between the registrar and the enrollee.
Typically, a registrar could be an access point or other device that is capable of man-
aging the network. An enrollee could be an access point or a station that will join the network. After the registration protocol has been done, the enrollee will receive SSID and security settings from the registrar and then join the network. In other words; if a
station attempts to join a network managed by an access point with built-in internal
registrar, users will need to enter station’s PIN into the web page of that access point.
If the device PIN is correct and valid and users start PIN on station, the access point
and the station will automatically exchange the encrypted information of the network settings under the management of AP’s internal registrar. The station then uses this
information to perform authentication algorithm, join the secure network, and transmit
data with the encryption algorithm. More details will be demonstrated in the following sections.
Supported WPS features
Currently, Wireless Gateway supports WPS features for AP mode, AP+WDS mode, Infrastructure-Client mode, and the wireless root interface of Universal Repeater mode.
Other modes such as WDS mode, Infrastructure-Adhoc mode, and the wire­less virtual interface of Universal Repeater mode are not implemented with WPS
features.
Page 34
www.modecom.eu
34
If those unsupported modes are enforced by users, WPS will be disabled.
Under the conguration of every WPS-supported mode, Wireless Gateway has Push Buttonmethod and PINmethod. For each method, Wireless Gateway offers different
security levels included in network credential, such as open security, WEP 64 bits, WEP 128 bits, WPA-Personal TKIP, WPA-Personal AES, WPA2-Personal TKIP, and WPA2-Personal AES. Users could choose either one of the methods at their conve­nience.
AP mode
For AP mode, Wireless Gateway supports three roles, registrar, proxy, and en­rollee in registration protocol. At different scenarios, Wireless Gateway will automati­cally switch to an appropriate role depending on the other device’s role or a specic conguration.
AP as Enrollee
If users know AP’s PIN and enter it into external registrar, the external registrar will congure AP with a new wireless prole such as new SSID and new security settings. The external registrar does this job either utilizing the in-band EAP (wireless) or out­of-band UPnP (Ethernet). During the WPS handshake, a wireless prole is encrypted and transmitted to AP. If the handshake is successfully done, AP will be re-initialized with the new wireless prole and wait for legacy stations or WPS stations to join its network.
AP as Registrar
Wireless Gateway also has a built-in internal registrar. Whenever users enter sta­tion’s PIN into AP’s webpage, click “Start PBC”, or push the physical button, AP will
switch to registrar automatically. If users apply the same method on station side
and the WPS handshake is successfully done, SSID and security settings will be
transmitted to that station without the risk of eavesdropping. And then the station will associate with AP in a security-enabled network.
AP as Proxy
At this state, AP is transparent to users. If users want to congure a station or
any device that is capable of being an enrollee, they have to enter device’s PIN
into an external registrar and choose an appropriate wireless prole. After the PIN is entered, the external registrar will inform AP this event. AP then conveys the encrypted wireless prole between the device and the external registrar. Finally, the device will use the wireless prole and associate with AP. However, the device may connect to other APs if the wireless prole does not belong to the proxy AP. Users must carefully choose the wireless prole or create a wireless prole on an external registrar.
Infrastructure-Client mode
In Infrastructure-Client mode, Wireless Gateway only supports enrollee’s role. If
users click “Start PIN”, click “Start PBC”, or press the physical button on Wireless
Gateway, it will start to seek WPS AP. Once users apply the same method on regis­trar side, Wireless Gateway will receive the wireless prole upon successfully doing the registration protocol. Then Wireless Gateway will associate with an AP.
Page 35
35
Instructions of AP’s and Client’s operations
At this state, AP is transparent to users. If users want to congure a station or any
device that is capable of being an enrollee, they have to enter device’s PIN into an
external registrar and choose an appropriate wireless prole. After the PIN is en­tered, the external registrar will inform AP this event. AP then conveys the encrypted wireless prole between the device and the external registrar. Finally, the device will use the wireless prole and associate with AP. However, the device may connect to other APs if the wireless prole does not belong to the proxy AP. Users must carefully choose the wireless prole or create a wireless prole on an external registrar.
This device supports Push Button method and PIN method for WPS. The following sub-paragraphs will describe the function of each item. The webpage is as below. To
access the WirelessNetworkWPSpage:
From the left-hand Wireless menu, click on WPS. The following page is dis-
played:
Field Description
Disable WPS Check to disable the Wi-Fi protected Setup. WPS Status When AP’s settings are factory default (out of box), it is set to open
security and un-congured state. “WPS Status” will display it as “UnCongured”. If it already shows “Congured”, some registrars such as Vista WCN will not congure AP. Users will need to go
to the “Backup/Restore” page and click “Reset” to reload factory
default settings.
Self-PIN Number “Self-PIN Number” is AP’s PIN. Whenever users want to change
AP’s PIN, they could click “Regenerate PIN” and then click “ Apply
Changes”. Moreover, if users want to make their own PIN, they
could enter four-digit PIN without checksum and then click “ Apply
Changes”. However, this would not be recommended since the registrar side needs to be supported with four-digit PIN.
Page 36
www.modecom.eu
36
Push Button
Conguration
“Self-PIN Number” is AP’s PIN. Whenever users want to change
AP’s PIN, they could click “Regenerate PIN” and then click “ Apply
Changes”. Moreover, if users want to make their own PIN, they
could enter four-digit PIN without checksum and then click “ Apply
Changes”. However, this would not be recommended since the registrar side needs to be supported with four-digit PIN.
Push Button
Conguration
Clicking this button will invoke the PBC method of WPS. It is only used when AP acts as a registrar.
Client PIN Number
It is only used when users want their station to join AP’s network. The length of PIN is limited to four or eight numeric digits. If users
enter eight-digit PIN with checksum error, there will be a warning
message popping up. If users insist on this PIN, AP will take it.
Function Button Description
Regenerate PIN Click to regenerate the Self-PIN Number. Start PBC Click to start the Push Button method of WPS. Apply Changes Click to commit changes. Reset It restores the original values. Start PIN Click to start the PIN method of WPS.
Operations of AP - AP being an enrollee
In this case, AP will be congured by any registrar either through in-band EAP or UPnP. Here, users do not need to do any action on AP side. They just need AP’s device PIN and enter it into registrar. An example from Vista WCN will be given.
1. From the left-hand Wireless->WPS menu. The following page is displayed:
2. Make sure AP is in un-congured state.
Page 37
37
3. Plug the Ethernet cable into AP’s LAN port and make sure the IP connection is
valid with Vista.
4. Make sure WCN is enabled. Users may need to enable it at the rst time. They
could open the “Control Panel”, click “Classic View“, open “Administrative Tools”,
double click “Services”, ”, a User Account Control pop up and click “Continue“, edit properties of “Windows Connect Now”, choose the “Startup type” with “Automatic”
and click “Start”.
5. If the previous steps are done, open Windows Explorer. Go to the Network sec-
tion.
6. Click on “Network discovery and le sharing are turned off. Network computers
and devices are not visible. Click to Change…“
Page 38
www.modecom.eu
38
7. Click on “Turn on network discovery and le sharing“
Page 39
39
8. Click on “No, make the network that I am connected to a private network“
9. AP’s icon will show up. Double click on it.
10. Users could also Click “Add a wireless device” if the icon is not there. Click
“next”.
Page 40
www.modecom.eu
40
11. Enter AP’s Self-PIN Number and click “next”.
12. Choose a name that people who connect to your network will recognize.
Page 41
41
13. Enter the Passphrase and then click Next.
14. A User Account Control screen pops up, click Continue.
15. AP is successfully congured by WCN.
Page 42
www.modecom.eu
42
16. Finally, AP will become congured (see WPS Status). The authentication al-
gorithm, encryption algorithm, and key assigned by WCN will be displayed below
“Current Key Info”.
17. The SSID eld of Wireless Basic Settings page will also be modied with the
value assigned by WCN.
Page 43
43
Operations of AP - AP being a registrar
AP mode
Whenever users enter station’s PIN into AP’s Wi-Fi Protected Setup page and click
“Start PIN”, AP will become a registrar. Users must start the PIN method on the sta­tion side within two minutes.
1. From the left-hand Wireless->WPS menu. The following page is displayed:
2. Make sure AP is in un-congured state.
3. Enter the Client PIN Number.
4. Click Start PIN.
5. Users must start the PIN method on the station side within two minutes.
6. Users must start the PIN method on the station side within two minutes.
Page 44
www.modecom.eu
44
7. If the device PIN is correct and the WPS handshake is successfully done on the
station side, User’s Wi-Fi Protected status will be shown as below.
Page 45
45
8. If the device PIN is correct and the WPS handshake is successfully done, AP’s
Wi-Fi Protected Setup page will be shown as below.
Other pages such as WirelessBasicSettingspage and WirelessSecuritySetup page will also be updated appropriately as described in previous sections. In this
case, AP is in un-congured state before the station initiates the WPS handshake. According to the WPS spec, AP will create a wireless prole with WPA2-mixed mode and a random-generated key upon successfully doing the WPS handshake. How­ever, AP will use the original wireless prole and give it to the station if AP is already in congured state. That means all settings of AP will not change. Hence, all WPS related pages keep the same.
Push Button method
Wireless Gateway supports a virtual button “Start PBC” on the Wi-Fi Protected Setuppage for Push Button method. If users push a virtual button “Start PBC”, AP
will initiate a WPS session and wait for any station to join. At this moment, AP will detect whether there is more than one station that starts the PBC method. When multiple PBC sessions occur, users should try PIN method.
After users push AP’s virtual button “Start PBC”, they must go to station side to
push its button within two minutes. If the WPS is successfully done, AP will give its wireless prole to that station. The station could use this prole to associate with AP.
1.From the left-hand Wireless->WPS menu. The following page is displayed:
2. Make sure AP is in un-congured state.
3. Click StartPBC.
Page 46
www.modecom.eu
46
4. Users must start the PBC method on the station side within two minutes.
5. Users must start the PBC method on the station side within two minutes.
Page 47
47
6. If the device PCB and the WPS handshake is successfully done on the station
side, User’s Wi-Fi Protected status will be shown as below.
7. If the device PIN is correct and the WPS handshake is successfully done, AP’s
Wi-Fi Protected Setup page will be shown as below.
Page 48
www.modecom.eu
48
Other pages such as WirelessBasicSettingspage and WirelessSecuritySetup page will also be updated appropriately as described in previous sections. In this
case, AP is in un-congured state before the station initiates the WPS handshake. According to the WPS spec, AP will create a wireless prole with WPA2-mixed mode and a random-generated key upon successfully doing the WPS handshake. How­ever, AP will use the original wireless prole and give it to the station if AP is already in congured state. That means all settings of AP will not change. Hence, all WPS related pages keep the same.
Internet Access
This chapter describes how to congure the way that your device connects to the Internet. Your ISP determines what type of Internet access you should use and pro­vides you with any information that you need in order to congure the Internet access to your device.
Your device needs the following address information in order to access the Inter­net:
ATM PVC
To congure ATM PVC, enter the VPI and VCI provided by ISP. Select the Service Type Index, Service Category and enter the following information:
Peak Cell Rate Sustainable Cell Rate
Maximum Burst Size
Connection Type
To congure the connection type, select the protocol and encapsulation type as indicated by ISP. Supported Protocol types are:
RFC1483 Bridged• RFC1483 MER• PPPoEPPPoA• RFC1483 Routed• Supported Encapsulation types are:• VCMUX
LLC/SNAP
WAN IP Settings
To congure WAN IP settings, enter the information as indi­cated by ISP. Enable/Disable the Access Concentrator option. Either enter the WAN IP or select the option to automatically obtain IP address. Check as applicable the following two options:
Enable NATAdd default Route
Page 49
49
Broadband User­name and Pass­word
To congure Broadband Username and Password, enter the user name and password details. Also set the session estab­lishment condition as one of the following:
Continuous• Connect on demand. Enter the minutes after which the • session must be disconnected, if no activity takes place. Manual. Enter the minutes after which the session must • be disconnected, if no activity takes place.
In most cases, you will not need to congure your device with these addresses because your ISP is likely to use an Internet access type which automatically assigns
addresses to your device. For more information, see TypesofInternetAccess.
Types of Internet Access
The types of Internet access available are as follows:
PPP Internet access – your device uses a Point to Point Protocol (PPP) to • carry data between your ISP and your computer. To use PPP Internet access, you must enter a PPP login username and password the rst time to log on.
The IP addresses required to access your ISP’s Internet service are automati-
cally congured.
Your device supports PPPoE (over Ethernet).
PPP Internet access – your device uses a Point to Point Protocol (PPP) to • carry data between your ISP and your computer. To use PPP Internet access, you must enter a PPP login username and password the rst time to log on.
The IP addresses required to access your ISP’s Internet service are automati-
cally congured.
Your device supports PPPoA (over ATM).
Bridged Internet access – your device uses a Bridge mode with your PP-• PoE Client Software to carry data between your ISP and your computer. To use Bridged Internet access with your PPPoE Client Software, you must enter a PPP login username and password the rst time to log on. The IP
addresses required to access your ISP’s Internet service are automatically
congured.
Your device supports RFC 1483 Bridged Mode).
Conguring your PPPoE DSL connection
If your ISP’s Internet service uses PPPoE you need to set up a PPP login account. The rst time that you login to the Internet, your ISP will ask you to enter a username
and password so they can check that you are a legitimate, registered Internet service
user. Your device stores these authentication details, so you will not have to enter this username and password every time you login.
Page 50
www.modecom.eu
50
Your ISP may also tell you to set unique path and circuit numbers (called VPI and VCI) in order to connect your device to the ISP’s Internet service. In most cases, your device will use default settings, so you may not need to enter these values.
Note
Your ISP will provide you with the login details and VPI/VCI values necessary to set up a PPP login account.
If your ISP wants you to connect to the Internet using PPP, follow the instructions
below.
1. From the left-hand WANmenu, click on ChannelCong. The following page is
displayed:
2. Enter VCI and VPI setting determined by your ISP.
3. Select the Encapsulation determined by your ISP.
4. From the ChannelMode drop-down list, select PPPoE setting.
5. Enter User Name/Password provided by your ISP. Type them in the relevant
boxes.
6. If you are happy with your settings, click Add
Page 51
51
7. Your conguration is complete.
8. Now you are ready to Surf the Internet !!!
Conguring your PPPoA DSL connection
If your ISP’s Internet service uses PPPoA you need to set up a PPP login account. The rst time that you login to the Internet, your ISP will ask you to enter a username
and password so they can check that you are a legitimate, registered Internet service
user. Your device stores these authentication details, so you will not have to enter this username and password every time you login.
Your ISP may also tell you to set unique path and circuit numbers (called VPI and VCI) in order to connect your device to the ISP’s Internet service. In most cases, your device will use default settings, so you may not need to enter these values.
Note
Your ISP will provide you with the login details and VPI/VCI values necessary to set up a PPP login account.
If your ISP wants you to connect to the Internet using PPP, follow the instructions
below.
From the left-hand WANmenu, click on ChannelCong. The following page is displayed: Enter VCI and VPI setting determined by your ISP.• Select the Encapsulation determined by your ISP.From the ChannelMode drop-down list, select PPPoE setting. Enter UserName/Password provided by your ISP. Type them in the relevant boxes. If you are happy with your settings, click Add
Page 52
www.modecom.eu
52
Your conguration is complete.• Now you are ready to Surf the Internet !!!
Conguring your Bridged DSL connection
From the left-hand WANmenu, click on ChannelCong. The following page is displayed: Enter VCI and VPI setting determined by your ISP.• Select the Encapsulation determined by your ISP.
From the ChannelMode drop-down list, select 1483Bridged setting. If you are happy with your settings, click Add
Page 53
53
Now you can load your PPPoE Client Software onto your PC.• Now you can load your PPPoE Client Software with username and password which determined by your ISP onto your PC.
Conguring your 1483 MER by DHCP
From the left-hand WANmenu, click on ChannelCong. The following page is displayed: Enter VCI and VPI setting determined by your ISP.• Select the Encapsulation determined by your ISP.
From the ChannelMode drop-down list, select 1483MER setting. From the Type ratio, click DHCP. If you are happy with your settings, click Add
Your conguration is complete.• Now you are ready to Surf the Internet !!!
Page 54
www.modecom.eu
54
Conguring your 1483 MER by Fixed IP
From the left-hand WANmenu, click on ChannelCong. The following page is displayed: Enter VCI and VPI setting determined by your ISP.• Select the Encapsulation determined by your ISP.
From the ChannelMode drop-down list, select 1483MER setting. From the Type ratio, click FixedIP.
Enter Local IP Address, Subnet Mask and Remote IPAddress which was given by Telecom or by your Internet Service Provider (ISP). If you are happy with your settings, click Add
Your conguration is complete.• Now you are ready to Surf the Internet !!!
Page 55
55
ATM Settings
The page is for ATM PVC QoS parameters setting. The DSL device support 4 • QoS mode —CBR/rt-VBR/nrt-VBR/UBR. From the left-hand WANmenu, click on ChannelCong. The following page is displayed:
Field Description
VPI Virtual Path Identier. This is read-only eld and is selected on
the Select column in the Current ATM VC Table.
VCI Virtual Channel Identier. This is read-only eld and is se-
lected on the Select column in the Current ATM VC Table. The VCI, together with VPI, is used to identify the next destination of a cell as it passes through to the ATM switch.
Page 56
www.modecom.eu
56
QoS Quality of Server, a characteristic of data transmission that
measures how accurately and how quickly a message or data is transferred from a source host to a destination host over a
network. The four QoS options are:
−UBR (Unspecied Bit Rate): When UBR is selected, the SCR and MBS elds are disabled.
−CBR (Constant Bit Rate): When CBR is selected, the SCR and MBS elds are disabled.
−nrt-VBR (non-real-time Variable Bit Rate): When nrt-VBR is selected, the SCR and MBS elds are enabled.
−rt-VBR (real-time Variable Bit Rate): When rt-VBR is selected, the SCR and MBS elds are enabled.
PCR Peak Cell Rate, measured in cells/sec., is the cell rate which
the source may never exceed.
SCR Sustained Cell Rate, measured in cells/sec., is the average cell
rate over the duration of the connection.
MBS Maximum Burst Size, a trafc parameter that species the
maximum number of cells that can be transmitted at the peak cell rate.
Function Button Description
Apply Changes Set new PVC OoS mode for the selected PVC. New parameters
will take effect after save into ash memory and reboot the system. See section “Admin” for save details.
Undo Discard your settings.
ADSL Settings
The ADSL setting page allows you to select any combination of DSL training
modes.
From the left-hand WAN menu, click on ADSL Settings. The following page is displayed:
Page 57
57
Field Description
ADSL modula­tion
Choose prefered xdsl standard protocols. G.lite : G.992.2 Annex A G.dmt : G.992.1 Annex A T1.413 : T1.413 issue #2 ADSL2 : G.992.3 Annex A
ADSL2+ : G.992.5 Annex A AnnexL Option Enable/Disable ADSL2/ADSL2+ Annex L capability. AnnexM Option Enable/Disable ADSL2/ADSL2+ Annex M capability. ADSL Capability “Bitswap Enable” : Enable/Disable bitswap capability.
“SRA Enable” : Enable/Disable SRA (seamless rate adapta-
tion) capability.
Function Button Description
Tone Mask Choose tones to be masked. Mased tones will not carry any data. Apply Changes Click to save the setting to the conguration and the modem will
be retrained.
Page 58
www.modecom.eu
58
Local Network Conguration
The Addressing page displays information about your LAN IP address and allows
you to change the address and subnet mask assigned to your device.
Note
You should only change the addressing details if your ISP asks you to, or if you are familiar with network conguration. In most cases, you will not need to make any changes to this conguration.
Changing the LAN IP address and subnet mask
From the left-hand LAN menu, click on LAN. The following page is displayed:
10.0.0.2
From the left-hand Services menu, click on DHCPSettings.
10.0.0.2
10.0.0.33
10.0.0.2
10.0.0.254
Change the IPPoolRange and then click ApplyChanges button.
Page 59
59
10.0.0.2
10.0.0.4 10.0.0.5
10.0.0.2
Change setting successfully! Click OK button.
From the left-hand LAN menu, click on LAN. Type a new IP Address and Subnet Mask. Click Apply Changes.
The primary IP address is being changed to 10.0.0.2 netmask 255.255.255.0. Then Please go to http://10.0.0.2 to continue. Your browser communicates with the web server via the LAN connection, and changing the IP address may disrupt this.
You may also need to renew your DHCP lease:
Windows 95/98
Page 60
www.modecom.eu
60
a. Select Run... from the Start menu.
b. Enter winipcfg and click OK.
c. Select your ethernet adaptor from the pull-down menu
d. Click Release All and then Renew All.
e. Exit the winipcfg dialog.
Windows NT/Windows 2000/Windows XP
a. Bring up a command window.
b. Type ipcong/release in the command window.
c. Type ipcong/renew.
d. Type exit to close the command window.
Linux
a. Bring up a shell.
b. Type pump -r to release the lease.
c. Type pump to renew the lease.
Note
If you change the LAN IP address of the device while connected through your
Web browser, you will be disconnected. You must open a new connection by entering your new LAN IP address as the URL.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
Page 61
61
The System is Restarting ...
Adding the Secondary LAN IP address and subnet mask
From the left-hand LAN menu, click on LAN. Check on SecondaryIP.
Type the Secondary IP Address and Subnet Mask.Click Apply Changes.
10.0.0.2
10.0.0.4
Change setting successfully! Click OK button.
Page 62
www.modecom.eu
62
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
DHCP Settings
You can congure your network and DSL device to use the Dynamic Host Congu­ration Protocol (DHCP). This page provides DHCP instructions for implementing it on your network by selecting the role of DHCP protocol that this device wants to play.
Page 63
63
There are two different DHCP roles that this device can act as: DHCP Serve and DHCP Relay. When acting as DHCP server, you can setup the server parameters at
the DHCP Server page; while acting as DHCP Relay, you can setup the relay at the DHCP Relay page.
DHCP Server Conguration
From the left-hand Services menu, click on DHCPSettings. From Services check ratio, click on DHCPServerMode.
Type a new IP Pool Range, Subnet Mask, Max Lease Time, Domain Name • and Gateway Address. Click on ApplyChanges.
10.0.0.2
10.0.0.2
10.0.0.64 10.0.0.254
Field Description
IP Pool Range Specify the lowest and highest addresses in the pool. Max Lease Time The Lease Time is the amount of time that a network user is
allowed to maintain a network connection to the device using
the current dynamic IP address. At the end of the Lease Time,
the lease is either renewed or a new IP is issued by the DHCP
server. The amount of time is in units of seconds. The default value is 86400 seconds (1 day). The value –1 stands for the innite lease.
Domain Name A user-friendly name that refers to the group of hosts (subnet)
that will be assigned addresses from this pool.
Function Button Description
Show Client This shows the assigned IP address, MAC address and time
expired for each DHCP leased client.
Page 64
www.modecom.eu
64
Apply Changes Set new DHCP server conguration. New parameters will take
effect after save into ash memory and reboot the system. See section “Admin” for save details.
Undo Discard your changes.
Change setting successfully! Click OK button.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
Page 65
65
DHCP Relay Conguration
From the left-hand Services menu, click on DHCPSettings. From Services check ratio, click on DHCPRelayMode.
Type DHCP server IP Addresses for DHCP Relay.Click on ApplyChanges.
Field Description
DHCP Server Address
Specify the IP address of your ISP’s DHCP server. Requests
for IP information from your LAN will be passed to the default
gateway, which should route the request appropriately.
Function Button Description
Apply Changes Set new DHCP server conguration. New parameters will take
effect after save into ash memory and reboot the system. See section “Admin” for save details.
Page 66
www.modecom.eu
66
Change setting successfully! Click OK button.
You need to renew your DHCP lease:
Windows 95/98
a. Select Run... from the Start menu.
b. Enter winipcfg and click OK.
c. Select your ethernet adaptor from the pull-down menu
d. Click Release All and then Renew All.
e. Exit the winipcfg dialog.
Windows NT/Windows 2000/Windows XP
a. Bring up a command window.
b. Type ipcong/release in the command window.
c. Type ipcong/renew.
d. Type exit to close the command window.
Linux
a. Bring up a shell.
b. Type pump -r to release the lease.
c. Type pump to renew the lease.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
Page 67
67
The System is Restarting ...
DHCP None Conguration
From the left-hand Services menu, click on DHCPSettings. From Services check ratio, click on NoneMode. Click on ApplyChanges.
Function Button Description
Apply Changes Set new DHCP server conguration. New parameters
will take effect after save into ash memory and reboot the system. See section “Admin” for save details.
Change setting successfully! Click OK button.
Page 68
www.modecom.eu
68
You need to renew your DHCP lease:
Windows 95/98
a. Select Run... from the Start menu.
b. Enter winipcfg and click OK.
c. Select your ethernet adaptor from the pull-down menu
d. Click Release All and then Renew All.
e. Exit the winipcfg dialog.
Windows NT/Windows 2000/Windows XP
a. Bring up a command window.
b. Type ipcong/release in the command window.
c. Type ipcong/renew.
d. Type exit to close the command window.
Linux
a. Bring up a shell.
b. Type pump -r to release the lease.
c. Type pump to renew the lease.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
Page 69
69
The System is Restarting ...
DNS Conguration
There are two submenus for the DNS Conguration: DNS Server and Dynamic DNS
DHCP Server Conguration - Attain DNS Automatically
From the left-hand Services menu, click on DNS->DNSServer. From check ratio, click on AttainDNSAutomatically. Click on ApplyChanges.
Page 70
www.modecom.eu
70
Field Description
Attain DNS Automatically
Select this item if you want to use the DNS servers obtained by the WAN interface via the auto-
conguration mechanism.
Set DNS
Manually
Select this item to congure up to three DNS IP addresses.
Function Button Description
Apply Changes Set new DNS relay conguration. New parameters will
take effect after save into ash memory and reboot the system. See section “Admin” for save details.
Reset Selected Discard your changes.
Change setting successfully! Click OK button.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
Page 71
71
DHCP Server Conguration - Set DNS Manually
From the left-hand Services menu, click on DNS->DNSServer. From check ratio, click on AttainSetDNSManually.
Enter the IP Address of DNS.Click on ApplyChanges.
Field Description
Attain DNS Automatically
Select this item if you want to use the DNS servers obtained by
the WAN interface via the auto-conguration mechanism.
Set DNS
Manually
Select this item to congure up to three DNS IP addresses.
Function Button Description
Apply Changes Set new DNS relay conguration. New parameters will take effect
after save into ash memory and reboot the system. See section “Admin” for save details.
Reset Selected Discard your changes.
Change setting successfully! Click OK button.
Page 72
www.modecom.eu
72
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
Overview of Dynamic DNS
If some host has a dynamic IP address that keeps changing frequently, it is difcult
to keep updating the IP record that is associated with the domain name of this host in
the zone les. This will result in non-accessibility of this host on the Internet. Dynamic
DNS service allows to keep mapping of a dynamic IP address of such host to a static
hostname. Dynamic DNS services are provided by many websites. The host needs
Page 73
73
to register with some website and get a domain name. When the IP address of the
host changes, it just needs to send a message to the website that’s providing dynam-
ic DNS service to this host. For this to work, an automated update client needs to be implemented. These update clients send update messages to the servers whenever there is some change in the IP address of that host. Then, the server updates the entries for that host and replies back with some return code.
Above Figure explains one such scenario in which a host gets a dynamic IP ad­dress for itself from a DHCP server. As the host has registered with one of the dy-
namic DNS service providers on the Internet, it sends an update message to the ser-
vice provider with host name and changed IP address. The service provider updates the new IP address of the host in the zone les that have entry for that host name and replies back with some return code. The return code communicates the success or failure of the update message. This process is repeated every time the host’s IP address changes.
If the dynamic DNS service provider is notied of the same IP address again and again, then it considers it an abuse and might block the host name. To avoid this
scenario, the IP address that was successfully updated to the ISP is stored on the
unit. Whenever we receive an IP address change notication, the new IP address is compared with the IP address that was stored on the last update. If they differ, then only an update request is sent. However, when the system comes up there is no way
of knowing what was the IP address on last successful update before the system
went down. You need to give the command “system cong save“ periodically to save this IP address on Flash.
Registering With Dynamic DNS Service Provider
Currently, Wireless ADSL2+ Router supports two Dynamic DNS service providers,
www.tzo.com and www.dyndns.com. To use their Dynamic DNS service, you rst need to visit the Web site of a service provider and register. While registering, you need to provide your username, password, and hostname as mandatory parameters. A service provider may also prompt you to ll some optional parameters.
Page 74
www.modecom.eu
74
Conguring IP Interfaces
You need to create a Dynamic DNS interface per IP interface and can only create one Dynamic DNS interface service on one IP interface. For more information on creating IP interfaces, refer to section Creating IP interfaces.
Note
www.dyndns.org provides three kinds of services - Dynamic DNS, Custom DNS and Static DNS. You can create different domains in these systems. Custom
DNS service is a full DNS solution for newly purchased domains or domains you already own. A web-based interface provides complete control over resource re­cords and your entire domain, including support for dynamic IPs and automated
updates. Static DNS service points a DNS hostname in some domain owned by dyndns.org to the user’s ISP-assigned static or pseudo-static IP address. DynDNS service points a xed hostname in some domain owned by dyndns. org to the user’s ISP-assigned dynamic IP address. This allows more frequent update of IP addresses, than allowed by Static DNS.
Dynamic DNS Conguration – DynDNS.org
From the left-hand Services menu, click on DNS->DynamicDNS. Check the Enable check box. From DDNSprovider drop-down list, select DynDNS.org.
Enter the Hostname. Enter the Username. Enter the Password. Click Add button.
Field Description
Enable Check this item to enable this registration account for the DNS server.
DDNS provider There are two DDNS providers to be selected in order to register your
device with: DynDNS and TZO. A charge may occurs depends on the service you select.
Page 75
75
Hostname Domain name to be registered with the DDNS server. Username User-name assigned by the DDNS service provider. Password Password assigned by the DDNS service provider.
Function Button Description
Add Click Add to add this registration into the conguration. Modify Click Modify to modify this registration into the conguration.
Remove Select an existing DDNS registration by clicking the radio button
at the Select column of the Dynamic DNS Table. Click Remove
button to remove the selected registration from the conguration.
Congure Dynamic DNS setting successfully!
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
Dynamic DNS Conguration – TZO
From the left-hand Services menu, click on DNS->DynamicDNS. Check the Enable check box. From DDNSprovider drop-down list, select TZO.
Page 76
www.modecom.eu
76
Enter the Hostname, Emailand Password. Click Add button.
Field Description
Enable Check this item to enable this registration account for the DNS
server.
DDNS provider There are two DDNS providers to be selected in order to register
your device with: DynDNS and TZO. A charge may occurs
depends on the service you select. Hostname Domain name to be registered with the DDNS server. Email Email that applied for the DDNS service provider. Key Key assigned by the DDNS service provider.
Function Button Description
Add Click Add to add this registration into the conguration. Modify Click Modify to modify this registration into the conguration.
Remove Select an existing DDNS registration by clicking the radio button
at the Select column of the Dynamic DNS Table. Click Remove
button to remove the selected registration from the conguration.
Congure Dynamic DNS setting successfully!
Page 77
77
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Commit/Rebootpage
Click on OK.
The System is Restarting ...
IP/Port Filtering
Firewall contains several features that are used to deny or allow trafc from pass-
ing through the device.
The IP/Port ltering feature allows you to deny/allow specic services or applica-
tions in the forwarding path.
Page 78
www.modecom.eu
78
IP/Port Filtering
From the left-hand Services menu, click on Firewall->IP/PortFiltering.
Fieldsontherstsetting
block
Description
Outgoing Default Action Specify the default action on the LAN to WAN
forwarding path.
Incoming Default Action Specify the default action on the WAN to LAN
forwarding path.
Function Button Description
Apply Changes Click to save the setting of default actions to the conguration.
Fields on the second setting block
Description
Rule Action Deny or allow trafc when matching this rule. Direction Trafc forwarding direction. Protocol There are 3 options available: TCP, UDP and ICMP. Source IP Address The source IP address assigned to the trafc on which
ltering is applied.
Source Subnet Mask Subnet-mask of the source IP.
Source Port Starting and ending source port numbers. Destination IP Address The destination IP address assigned to the trafc on
which ltering is applied. Destination Subnet Mask Subnet-mask of the destination IP. Destination Port Starting and ending destination port numbers.
Function Button Description
Apply Changes Click to save the rule entry to the conguration.
Page 79
79
Delete Selected Delete selected ltering rules from the lter table. You can click the
checkbox at the Select column to select the ltering rule.
Delete All Delete all ltering rules from the lter table.
MAC Filtering
The MAC ltering feature allows you to dene rules to allow or deny frames through the device based on source MAC address, destination MAC address, and trafc direction.
Conguring MAC ltering to Deny for outgoing access
From the left-hand Services menu, click on Firewall->MACFiltering. From the Direction drop-down list, select Outing setting From the RuleAction check ratio, select Deny
Enter the MAC Address that you want to deny for outgoing access in the
SourceMACAddress
Click Add
Congure MAC ltering setting successfully!
Fieldsontherstsetting
block
Description
Outgoing Default Action Specify the default action on the LAN to WAN bridging/
forwarding path.
Page 80
www.modecom.eu
80
Incoming Default Action Specify the default action on the WAN to LAN bridging/
forwarding path.
Function Button Description
Apply Changes Click to change the setting of default actions to the conguration.
Fields on the second setting block
Description
Rule Action Deny or allow trafc when matching this rule. Direction Trafc bridging/forwarding direction.
Source MAC Address The source MAC address. It must be xxxxxxxxxxxx
format. Blanks can be used in the MAC address space and are considered as don’t care.
Destination MAC Address The destination MAC address. It must be
xxxxxxxxxxxx format. Blanks can be used in the MAC address space and are considered as don’t care.
Function Button Description
Delete Selected Delete selected ltering rules from the lter table. You can click the
checkbox at the Select column to select the ltering rule.
Delete All Delete all ltering rules from the lter table.
From the left-hand Adminmenu, click on Commit/Reboot. The following page
is displayed:
Click on OK.
The System is Restarting ...
Page 81
81
Port Forwarding
Your device has built in advanced Security features that protect your network by blocking unwanted trafc from the Internet.
If you simply want to connect from your local network to the Internet, you do not
need to make any changes to the default Security conguration. You only need to edit the conguration if you wish to do one or both of the following:
allow Internet users to browse the user pages on your local network (for ex-
ample, by providing an FTP or HTTP server) play certain games which require accessibility from the Internet
This chapter describes how to congure Security to suit the needs of your net­work.
By default, the IP addresses of your LAN PCs are hidden from the Internet. All
data sent from your LAN PCs to a PC on the Internet appears to come from the IP
address of your device.
In this way, details about your LAN PCs remain private. This security feature is called PortForwarding.
Conguring Port Forwarding
Certain network games, chat or le sharing software do not work with your default Port Forwarding setting. Your device knows the port, protocol and trigger information
needed to allow access to the common applications listed below, but by default, ac-
cess to them is disabled.
Application
TCP port number
UDP port number
Trigger re­quired?
E-mail
110, 25
N/A
false
News
119
N/A
false
MSN Messenger
1863
N/A
false
Yahoo! Instant Messenger
5050 5055
5100
N/A
false
AOL Instant Messenger
5190
N/A
false
Page 82
www.modecom.eu
82
Application
TCP port number
UDP port number
Trigger re­quired?
Internet Relay Chat (IRC)
194
194
false
Netmeeting (h323)
1720
N/A
true
N/A
1719
true
1731
522
N/A
false Real Audio
544 7070
544 6770
false
Ping
N/A (ICMP)
N/A (ICMP)
false
Web connections (HTTP, HTTPS)
80, 443
N/A
false
DialPad
51210
N/A
true
N/A
51200 51201
true FTP
21
N/A
false
Telnet
23
N/A
false
Secure shell (SSH)
22
N/A
false
Windows Media Services
1755
1755
false
Gnutella
6346
N/A
false
Kazaa
1214
N/A
false
Windows Terminal Server
3389
N/A
false
DNS
N/A53false
PPTP
1723
1723
false
Internet Key Exchange
N/A
500
false
LDAP
389
N/A
false
GRE
N/A (GRE)
N/A (GRE)
false
Databeam (T.120)
1503
N/A
false
You can enable access to a common application from a specic PC on your network.
If you want to allow access to an application that is not included on the above list of common applications, you can create and enable a custom application.
Conguring custom applications
If you want to enable access to an application that does not appear on your de-
vice’s default list of common applications you can create a custom application.
In order to create a custom application, you must know:
the protocol used by the application (e.g., TCP, UDP and so on)
the primary port or range of ports used by the application whether the application requires a trigger, and if so, the secondary port or range of ports used by the application the address translation type used by the trigger
Your application provider or games manufacturer should provide you with these details.
Port Forwarding for FTP
In this example conguration, a custom application called FTPServer using TCP port 21 is created.
Page 83
83
From the left-hand Services menu, click on Port Forwarding. The following page is displayed:
From the PortForwarding check ratio, check on Enable Click ApplyChanges
Type the Local IP Address for your FTP Server.• Enter the range of Local Port for your FTP Server.
Select any from the Interface drop-down list. Click Apply
10.0.0.33
Page 84
www.modecom.eu
84
Fieldsontherst
setting block
Description
Enable Port Forwarding Check this item to enable the port-forwarding feature. Protocol There are 3 options available: TCP, UDP and Both. Enable Check this item to enable this entry.
Local IP Address IP address of your local server that will be accessed by
Internet.
Port The destination port number that is made open for this
application on the LAN-side.
Remote IP Address The source IP address from which the incoming trafc is
allowed. Leave blank for all.
External Port The destination port number that is made open for this
application on the WAN-side
Interface Select the WAN interface on which the port-forwarding
rule is to be applied.
Function Button Description
Apply Changes Click to change the setting of default actions to the conguration. Delete Selected Delete the selected port forwarding rules from the forwarding
table. You can click the checkbox at the Select column to select the forwarding rule.
Delete All Delete all forwarding rules from the forwarding table.
10.0.0.33
Congure Port Forwarding setting successfully!
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
Page 85
85
The System is Restarting ...
Port Forwarding for HTTP
In this example conguration, a custom application called HTTPServer using TCP port 80 is created.
From the left-hand Services menu, click on Port Forwarding. The following page is displayed:
Page 86
www.modecom.eu
86
From the PortForwarding check ratio, check on Enable Click ApplyChanges
Type the Local IP Address for your HTTP Server.• Enter the range of Local Port for your HTTP Server.
Select any from the Interface drop-down list. Click Apply
10.0.0.33 80
80
Fieldsontherst
setting block
Description
Enable Port
Forwarding
Check this item to enable the port-forwarding feature.
Protocol There are 3 options available: TCP, UDP and Both. Enable Check this item to enable this entry.
Local IP Address IP address of your local server that will be accessed by Internet. Port The destination port number that is made open for this
application on the LAN-side.
Remote IP Address The source IP address from which the incoming trafc is
allowed. Leave blank for all.
External Port The destination port number that is made open for this
application on the WAN-side
Interface Select the WAN interface on which the port-forwarding rule is to
be applied.
Function Button Description
Apply Changes Click to change the setting of default actions to the conguration. Delete Selected Delete the selected port forwarding rules from the forwarding
table. You can click the checkbox at the Select column to select the forwarding rule.
Delete All Delete all forwarding rules from the forwarding table.
Page 87
87
Congure Port Forwarding setting successfully!
10.0.0.33
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
The System is Restarting ...
Deleting custom applications
From the left-hand Services menu, click on PortForwarding. Check on the Select check box. Click DeleteSelected.
10.0.0.33
Page 88
www.modecom.eu
88
Click DeleteSelected.
The Port Forwarding setting has been deleted completely.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
The System is Restarting...
Page 89
89
URL Blocking
The URL Blocking is the web ltering solution. The rewall includes the ability to block access to specic web URLs based on string matches. This can allow large numbers of URLs to be blocked by specifying only a FQDN (such as tw.yahoo.com).
The URL Blocking enforce a Web usage policy to control content downloaded from,
and uploaded to, the Web.
Conguring URL Blocking of FQDN
From the left-hand 1. Services menu, click on Firewall->URLBlocking. The
following page is displayed:
Fieldsontherstsetting
block
Description
URL Blocking capability Check this item to enable the URL Blocking feature. FQDN A fullyqualieddomainname (or FQDN) is an
unambiguous domain name that species the node’s
position in the DNS tree hierarchy absolutely, such as
tw.yahoo.com. The FQDN will be blocked to access.
Keyword The ltered keyword such as yahoo. If the URL
includes this keyword, the URL will be blocked to
access.
Page 90
www.modecom.eu
90
Function Button Description
Apply Changes Click to disable/enable the URL Blocking capability
Add FQDN Add FQDN into URL Blocking table.
Delete Selected
FQDN
Delete the selected FQDN from the URL Blocking table. You can click the checkbox at the Select column to select the Blocked FQDN.
Add Filtered
Keyword
Add ltered keyword into Keyword Filtering table.
Delete Selected
Keyword
Delete the selected keyword from the keyword Filtering table. You can click the checkbox at the Select column to select the ltered keyword.
From the URLBlocking check ratio, check on Enable Click ApplyChanges
Type the FQDN in the FQDN eld.Click Add
Congure URL Blocking of FQDN setting successfully!
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Page 91
91
Click on OK.
Conguring URL Blocking of Keyword
From the left-hand Services menu, click on Firewall->URLBlocking. The fol- lowing page is displayed:
Page 92
www.modecom.eu
92
Fieldsontherst
setting block
Description
URL Blocking capability Check this item to enable the URL Blocking feature. FQDN A fullyqualieddomainname (or FQDN) is an
unambiguous domain name that species the node’s
position in the DNS tree hierarchy absolutely, such as
tw.yahoo.com. The FQDN will be blocked to access.
Keyword The ltered keyword such as yahoo. If the URL includes
this keyword, the URL will be blocked to access.
Function Button Description
Apply Changes Click to disable/enable the URL Blocking capability
Add FQDN Add FQDN into URL Blocking table.
Delete Selected
FQDN
Delete the selected FQDN from the URL Blocking table. You can click the checkbox at the Select column to select the Blocked FQDN.
Add Filtered
Keyword
Add ltered keyword into Keyword Filtering table.
Delete Selected
Keyword
Delete the selected keyword from the keyword Filtering table. You can click the checkbox at the Select column to select the ltered keyword.
From the URLBlocking check ratio, check on Enable Click ApplyChanges
Type the Keyword in the Keyword eld.Click Add
Page 93
93
Congure URL Blocking of Keyword setting successfully!
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
Domain Blocking
The rewall includes the ability to block access to specic domain based on string matches. For example, if the URL of Taiwan Yahoo web site is “tw.yahoo.com” and you enter “yahoo.com”, the rewall will block all the DNS queries with “yahoo.com” string. So the Host will be blocked to access all the URLs belong to “yahoo.com” domain. That means you can protect your computer, your house, your ofce and
anything else that uses DNS from being able to service domains that you don’t want
to load.
Conguring Domain blocking
From the left-hand Services menu, click on Firewall->Domainblocking. The fol­lowing page is displayed:
Page 94
www.modecom.eu
94
Fieldsontherstsetting
block
Description
Domain Blocking capability Check this item to enable the Domain Blocking feature. FQDN Domain
Function Button Description
Apply Changes Click to disable/enable the Domain Block capability Add Domain Add domain into Domain Block table. Delete Selected
Domain
Delete the selected domain from the Domain Block table. You can click the checkbox at the Select column to select the Blocked domain.
From the URLBlocking check ratio, check on Enable Click ApplyChanges
Type the Keyword in the Keyword eld.Click Add
Congure Domain Blocking setting successfully!
Page 95
95
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
DMZ
A demilitarized zone (DMZ) is a host or small network that acts as neutral ground between the inside and outside network. It contains information that is useful to users of both the inside and outside network. For example, a company may wish to provide software patches to customers via an FTP server. However, it does not want FTP ac­cess to any hosts other than the FTP server. This is achieved by creating a DMZ net­work which is less restrictive than the internal network.Users attached to the outside network can access the DMZ, but they cannot access any other company data.
Conguring DMZ
From the left-hand Services menu, click on Firewall->Domainblocking. The following page is displayed:
Page 96
www.modecom.eu
96
Fieldsontherstsetting
block
Description
Enable DMZ Check this item to enable the DMZ feature. DMZ Host IP Address IP address of the local host. This feature sets a local
host to be exposed to the Internet.
Function Button Description
Apply Changes Click to change the setting to the conguration.
From the DMZHost check ratio, check on Enable Type the IP Address in the DMZHostIPAddress eld. Click ApplyChanges
10.0.0.33
Congure DMZ Host setting successfully! Click OK.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
Page 97
97
UPnP
UPnP is an architecture for pervasive peer-to-peer network connectivity of intel-
ligent appliances, Wireless devices, and PCs of all form factors. It is designed to bring easy-to-use, exible, standards-based connectivity to ad-hoc or unmanaged
networks whether in the home, in a small business, public spaces, or attached to the
Internet. UPnP is a distributed, open networking architecture that leverages TCP/IP and the Web technologies to enable seamless proximity networking in addition to control and data transfer among networked devices in the home, ofce, and public spaces.
UPnP is more than just a simple extension of the plug and play peripheral model. It is designed to support zero-conguration, “invisible” networking, and automatic dis­covery for a breadth of device categories from a wide range of vendors. This means
a device can dynamically join a network, obtain an IP address, convey its capabili-
ties, and learn about the presence and capabilities of other devices. DHCP and DNS servers are optional and are used only if available on the network. Finally, a device
can leave a network smoothly and automatically without leaving any unwanted state
behind.
The DSL device supports a control point for Universal Plug and Play (UPnP) ver-
sion 1.0, and supports two key features: NAT Traversal and DeviceIdentication. This feature requires one active WAN interface. In addition, the host should support this feature. In the presence of multiple WAN interfaces, select an interface on which the incoming trafc is present.
With NAT Traversal, when an UPnP command is received to open ports in NAT, the application translates the request into system commands to open the ports in
NAT and the rewall. The interface to open the ports on is given to UPnP when it starts up and is part of the conguration of the application.
For Device Identication, the application will send a description of the DSL device as a control point back to the host making the request.
From the web page you can enable or disable UPnP.
Conguring UPnP
From the left-hand Services menu, click on UPnP. The following page is dis­played:
Page 98
www.modecom.eu
98
Fieldsontherstsetting
block
Description
UPnP Daemon Enable/disable UPnP feature. Binded WAN Interface Select WAN interface that will use UPnP from the drop-
down lists.
Function Button Description
Apply Changes Click to save the setting to the conguration.
From the UPnP check ratio, check on Enable Select a WAN Interface from the WANInterface drop-down list. Click ApplyChanges
Congure DMZ Host setting successfully! Click OK.
From the left-hand Adminmenu, click on Commit/Reboot. The following page is displayed:
Click on OK.
Page 99
99
UPnP Control Point Software on Windows ME
To install the control point software on Windows ME:
1. In the Control Panel, select “Add/Remove Programs”.
2. In the “Add/Remove Programs Properties” dialog box, select the “Windows Set-
up” tab. In the “Components” list, double click on the “Communications” entry.
3. In the “Communications” dialog box, scroll down the “Components” list to dis-
play the UPnP entry. Select the entry, click “OK”.
4. Click “OK” to nish the “Add/Remove Programs” dialog.
5. Reboot your system.
Once you have installed the UPnP software and you have rebooted (and your net­work includes the IGD system), you should be able to see the IGD controlled device
on your network.
UPnP Control Point Software on Windows XP with Firewall
On Windows XP versions earlier than SP2, Firewall support is provided by the
Windows XP Internet Connection Firewall. You cannot use the Windows XP Internet
Connection Firewall support on a system that you intend to use as a UPnP control point. If this feature is enabled, although the control point system may display con­trolled devices in the list of network devices, the control point system cannot par-
ticipate in UPnP communication. (This restriction also applies to controlled devices running on Windows XP systems earlier than SP2.)
On Windows XP SP2 and later, Firewall support is provided by Windows Firewall.
Unlike earlier versions, Windows XP SP2 can be used on a system that you intend
to use as a UPnP control point.
To turn off the Firewall capability on any version of Windows XP, follow the steps
below:
1. In the Control Panel, select “Network and Internet Connections”.
2. In the “Network and Internet Connections” dialog box, select “Network Connec-
tions”.
3. In the “Network Connections” dialog box, right-click on the local area connection
entry for your network; this will display a menu. Select the “Properties” menu entry.
4. In the “Local Area Connection Properties” dialog box, select the “Advanced” tab.
Disable the Internet Connection Firewall by de-selecting the entry with the following
label:
“Protect my computer and network by limiting or preventing access to the com-
puter from the Internet”.
5. Click “OK”.
SSDP requirements
You must have SSDP Discovery Service enabled on your Windows XP system to use the UPnP Control point software.
Page 100
www.modecom.eu
100
SSDP Discovery Service is enabled on a default installation of Windows XP. To
check if it is enabled on your system, look in Control Panel > Administrative Tools >
Services).
Installation procedure
To install the Control point software on Windows XP, follow the steps below:
1. In the Control Panel, select “Add/Remove Programs”.
2. In the “Add or Remove Programs” dialog box, click the “Add / Remove Windows
Components” button.
3. In the “Windows Component Wizard” dialog box, scroll down the list to display the “Networking Services” entry. Highlight (select) the entry, and click on the “Details” button.
4. The “Networking Services” window is displayed.
The subcomponents shown in the Networking Services window will be different
depending on if you are using Windows XP, Windows XP (SP1), or Windows XP (SP2).
If you are using Windows XP SP2, the Networking Services window will display the
following list of sub-components:
5. Select the following entries from the “Networking Services” window and then click “OK”:
If you are using Windows XP, select:
• “Universal Plug and Play”.
If you are using Windows XP SP1, select:
• “Internet Gateway Device discovery and Control Client”.
• “Universal Plug and Play”.
If you are using Windows XP SP2, select:
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use