Open iConnectAccess624W Technical Reference/users Manual

iiCCoonnnneeccttAAcccceessss662244W

TTeecchhnniiccaall RReeffeerreennccee // UUsseerr

Guuiidd

iConnectAccess624W

Copyright© 2005 OPEN Networks Pty Ltd. All rights reserved. The content of this manual is subject to change without notice. The information and messages contained herein are proprietary to OPEN Networks Pty Ltd. No part of this manual may be translated, transcribed, reproduced, in any form, or by any means without prior written permission by OPEN Networks Pty Ltd.

Disclaimer

For content and procedures available in this document, OPEN Networks Pty Ltd does not warrant or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed.

Rev.: 1.8 Date Released: September 30th, 2005

iConnectAccess624W

Table Of Contents

Document Conventions................................................................................6

Introduction...................................................................................................7

System Requirements...............................................................................7

Web Browser Support:.............................................................................. 7

Your iConnectAccess624W At A Glance ....................................................8

Ports And Buttons.....................................................................................8

Restore To Factory Defaults.......................................................................................9

Front LED Panel .....................................................................................10

Before You Begin........................................................................................11

Configuring Your Ethernet Network Card................................................11

For Windows® 98 Second Edition / Windows® Me....................................................11

For Windows® 2000 / Windows® XP..........................................................................12

Setting Up Your iConnectAccess624W.....................................................13

Default Settings.......................................................................................13

Log Into Your iConnectAccess624W ......................................................14

Setup Tab ....................................................................................................16

LAN Set Up.............................................................................................17

Accessing The LAN Configuration Screen................................................................17

Enabling DHCP.......................................................................................18

Management IP.........................................................................................................20

Ethernet Switch.......................................................................................24

Wide Area Network (WAN) Setup...........................................................26

Connection Types .....................................................................................................26

PPPoE Connection Type...........................................................................................27

PPPoA Connection Type...........................................................................................30

Static Connection Type.............................................................................................33

DHCP Connection Type............................................................................................36

Bridged Connection Type:.........................................................................................39

Classical IP Over ATM (CLIP) Connection ...............................................................42

Modify An Existing Connection ...............................................................44

Modem....................................................................................................45

Advanced Tab .............................................................................................47

UPnP.......................................................................................................48

SNTP ......................................................................................................50

SNMP......................................................................................................53

iConnectAccess624W

IP QoS ....................................................................................................55

Port Forwarding ......................................................................................59

Allow Incoming Ping................................................................................62

DMZ........................................................................................................62

Custom Port Forwarding.........................................................................64

IP Filters..................................................................................................66

LAN Clients.............................................................................................69

LAN Isolation...........................................................................................71

Bridge Filters...........................................................................................73

Multicast..................................................................................................76

Static Routing..........................................................................................78

Dynamic Routing.....................................................................................80

Access Control........................................................................................82

Wireless Tab................................................................................................84

Setup.......................................................................................................85

Wireless Configuration:...........................................................................87

Security...................................................................................................89

Management...........................................................................................96

Associated Stations...................................................................................................98

Multiple SSID...........................................................................................................100

Tools Tab...................................................................................................102

System Commands...............................................................................103

Remote Log ..........................................................................................104

User Management ................................................................................106

Update Gateway ...................................................................................108

Ping Test...............................................................................................109

Modem Test..........................................................................................110

Status.........................................................................................................111

Network Statistics .................................................................................112

To View Ethernet Statistics: ....................................................................................112

To View DSL Statistics:...........................................................................................113

To View Wireless Statistics:....................................................................................113

Connection Status.................................................................................114

DHCP Clients........................................................................................115

Modem Status.......................................................................................116

Product Information...............................................................................117

iConnectAccess624W

System Log...........................................................................................118

Log Out......................................................................................................119

Index ..........................................................................................................120

iConnectAccess624W

Document Conventions

OPEN Networks’ Technical References use the following style conventions:

Type Face Used For:

Bold Typeface

 GUI tabs;  GUI menu items;  Window and screen buttons

Italics

 Window, dialog and screen:  Titles;  Field names.

User-entered data

Data entered by the user

<Bold>

Computer keyboard commands

Also, different strategies are used to draw your attention to certain pieces of information. In order of how critical the information is to your system, these items are marked as Note, Tip or Warning. For example:

NOTE:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

TIP:

TIP: Ensure your computer is configured for DHCP mode and that proxies

are disabled in your browser. You must also ensure that JavaScript support is enabled in browser settings, so that the browser does not display a login redirection screen. Finally, if any screen other than the Login screen appears, you may need to delete your temporary Internet files. (ie, basically flush the cached web pages).

WARNING:

WARNING!

WARNING! If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

iConnectAccess624W

Introduction

Congratulations on the purchase of your OPEN iConnectAccess624W. Fully-featured, it is the perfect high-speed ADSL Modem WAN bridge/router, specifically designed to connect your PC or LAN to the Internet and directly connect to your local area network via a high speed 10/100 Mbps Ethernet port.

The iConnectAccess624W’s extensive routing and bridging functions rende r it a flexible and scaleable platform for multiple users to access the Internet. Features include port forwarding and VPN pass-through, along with the ability to enable public or private Intranet solutions through a single IP address, using its RIP v 1 / 2 routing engine or NAPT features.

The highest levels of security are implemented in the iConnectAccess624W, including Stateful Packet Inspection firewall and DMZ support for a full suite of security options against malicious intruders.

The iConnectAccess624W is fully compatible with all computers which support an Ethernet interface and are running a TCP/IP protocol stack. So, plug in the iConnectAccess624W (refer to the Quick Start Guide), configure it (per your ISP’s instructions) and enjoy fast Internet access as never before!

System Requirements

 Pentium® MMX 233MHz or greater computer, installed with the following:  CD-ROM drive;  Ethernet or wireless card installed in your computer with TCP/IP Protocol

(required only if you are connecting to the Ethernet port of your router);

 OS independent for Ethernet.

Web Browser Support:

 Microsoft Internet Explorer 4.0 (or later versions);

iConnectAccess624W

Your iConnectAccess624W At A Glance

The iConnectAccess624W has different ports and LEDs. The following list details these:

Ports And Buttons

DSL

The telephone cable connects from the line port of the iConnectAccess624W to the DSL port of your line filter. (ADSL Line)

RESET

This button resets your iConnectAccess624W to factory default settings. (All customized settings will be lost when you perform a reset.)

E1 – E4

The Ethernet cable connects from one of the four Ethernet ports of the iConnectAccess624W to the Ethernet LAN port of your computer.

The power cable connects from the DC port of the iConnectAccess624W to the mains power outlet. Remember to use only the power cable supplied with your iConnectAccess624W.



NOTE: As each of the cables is connected, the corresponding LED will light up on

the front of the iConnectAccess624W.

iConnectAccess624W

Restore To Factory Defaults

The Restore To Factory Defaults feature will reset the iConnectAccess624W to its factory default configuration.

To Restore Factory Defaults to The iConnectAccess624W:

Ensure that the iConnectAccess624W has been powered on for a minimum of 10 seconds.

 Use a blunt implement, such as a pencil or paperclip to press the reset

button for 10 seconds, then release it.



NOTE: During this time the reset is in progress. Do NOT power the

iConnectAccess624W off whilst it resets.

The iConnectAccess624W will be reset to its factory defaults and once the indicator lights have returned to green (non-blinking), the reset is complete.

iConnectAccess624W

Front LED Panel

The following table displays the LED Status of each of the iConnectAccess624W’s LEDs and the definitions of each:

ADSL Front Panel LED

LED Status Definition

Steadily Lit Up Power is supplied to the iConnectAccess624W.

POWER

Flickering N/A Steadily Lit Up

iConnectAccess624W Ethernet cable is properly connected to Computer Ethernet port.

E1 – E4

Flickering Ethernet is transmitting / receiving data. Steadily Lit Up The wireless access point is enabled. Off The wireless access point is disabled.

WIRELESS

Flickering N/A Steadily Lit Up ADSL connection is established.

DSL

Flickering

Router is trying to establish connection with ADSL Service Provider.

Steadily Lit Up

An Internet connection to iConnectAccess624W is established.

INTERNET

Flickering N/A

iConnectAccess624W

Before You Begin

Configuring Your Ethernet Network Card

Before you can use your iConnectAccess624W, you may need to configure the Ethernet ports on the modem.

Configuring Your Ethernet Network Card

For Windows® 98 Second Edition / Windows® Me



NOTE: Please note that these instructions may vary, depending on whether this is

the first time you are configuring your Ethernet Driver in Windows. Those below are for first time configurations.

step 1 From your Windows desktop, click Start > Settings > Control Panel. step 2 From the Control Panel window, double-click the Network icon. step 3 From the Network screen, highlight the Configuration tab to make it active. step 4 From the The following network components are installed area of the

window, select TCP/IP-> xxx where xxx refers to the model of the Ethernet card connected to your ADSL Modem, and click Properties.

step 5 From the TCP/IP Properties screen, click the IP Address tab to make it

active.

step 6 Highlight the Obtain an IP Address Automatically radio button, and click OK

to save the settings.

step 7 Ensure that the iConnectAccess624W is powered on. Restart your system

when prompted.

iConnectAccess624W

For Windows® 2000 / Windows® XP



NOTE: Please note that these instructions may vary, depending on whether this is

the first time you are configuring your Ethernet Driver in Windows. Those below are for first-time configurations.

Windows® 2000:

step 1 From your Windows desktop, click Start > Control Panel. step 2 From the Control Panel window, double-click the Network Connections icon. step 3 From the Network Connections window, right-click on the Local Area

Connection icon and select Properties.

step 4 Proceed from step 4 in the Windows XP Ethernet Driver Configuration

Procedure below.

Windows® XP:



NOTE: Instructions are based on the default Start menu option.

Connection icon that reflects the model of the Ethernet Card connected to your iConnectAccess624W, and click Properties.

step 4 Ensure that the Connect Using field indicates the model of the Ethernet Card

connected to your iConnectAccess624W.



NOTE: This is important especially if you have more than one Local Area

Connection icon displayed in the Network Connections window. Ensure that you have selected the correct one.

step 5 From the This connection uses the following items: area of the Properties

window, select Internet Protocol (TCP/IP) and click Properties.

step 6 From the General tab of the Internet Protocol (TCP/IP) Properties window,

highlight the Obtain an IP Address Automatically radio button, and click OK.

step 7 Click OK again to close the dialog. step 8 Ensure that your iConnectAccess624W is powered on. Restart your system

when prompted.

iConnectAccess624W

Setting Up Your iConnectAccess624W

This section will guide you through your iConnectAccess624W’s configuration via the web interface. The iConnectAccess624W is shipped with a standard PPP configuration.

Default Settings

The following table lists the default settings for your iConnectAccess624W. These settings may change depending on your ISP. Please check with your ISP for more information.

Setting Default Value

root

øP3N

Username

<blank>

Password

<blank>

Protocol

PPPoE

VPI

Quickstart

VCI

Server On Enabled Start IP

192.168.1.100

End IP

192.168.1.200

DHCP Configuration

Lease Time

604800 seconds (7 days)

IP Address

192.168.1.254

Management IP

Netmask

255.255.255.0

iConnectAccess624W

Log Into Your iConnectAccess624W

To Log Into Your iConnectAccess624W:

step 1 Open your web browser and enter

http://192.168.1.254 in the

Address bar, then press <Enter>. The following screen appears:

step 2 In the Log In screen, enter root (case sensitive) in the Username field and

in the Password field, enter ØP3N (zero, P three, N - case sensitive).

step 3 Click Log In.

TIP: Ensure that proxies are disabled in your browser.

You must also ensure that JavaScript support is enabled in browser settings, so that the browser does not display a login redirection screen. Finally, if any screen other than the Login screen appears, you may need to delete your temporary Internet files. (ie, basically flush the cached web pages).

step 4 Once you have logged in, the following screen appears:

The Home tab will allow you to access the other menus of the iConnectAccess624W’s web interface and displays some basic status information. It consists of the following menus that provide all the options you need to configure and operate your iConnectAccess624W:

iConnectAccess624W

Tab Function

Setup

Configuration of LAN and WAN Settings.

Advanced

Configuration of advanced options within the iConnectAccess624W such as security, routing and filtering.

Wireless

Configuration of wireless features.

Tools

Access tools and diagnostics to assist in debugging.

Status

Obtain the status of the iConnectAccess624W.

Help

View the extensive online help.

iConnectAccess624W

Setup Tab

The Setup screen consists of two set up subsections: LAN Setup and WAN Setup. From here you can select the LAN and WAN Settings you wish to configure by clicking the appropriate links from the menu list.

Its options include:

LAN Setup:

 LAN Configuration;  Ethernet Switch;

WAN Setup:

 New Connection;  Modem.

iConnectAccess624W

LAN Set Up

By default, your iConnectAccess624W has the DHCP server (LAN side) enabled. If you already have a DHCP server running on your network, you must disable one of them; if you connect a second DHCP server into the network, you will experience network errors and the network will not function normally.

Accessing The LAN Configuration Screen

Before configuring the IP settings for your LAN, you will need to select the Ethernet interface type to set up in the LAN Configuration screen.

To do this, from any web interface screen:

step 1 Click Setup, then LAN Configuration. The following screen appears:

step 2 Click Configure. The following screen appears.

step 3 Ensure the Use the following Static IP address radio button is highlighted,

and in the area beneath this field, enter a different IP Address in the IP Address field if required.

iConnectAccess624W

step 4 Enter the netmask in the Netmask field as required. step 5 Click Apply, then Tools. The following screen appears:

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:



NOTE: If you change this address from the default, you will need to reconnect

using your new IP Address.

Enabling DHCP

A static IP address must be set on the iConnectAccess624W if the DHCP server is to be enabled.

step 1 Follow steps 1 to 4 of the

Accessing The LAN Configuration Screen

procedure.

step 2 In the Enable DHCP Server area of the screen, highlight the Enable DHCP

Server radio button.

step 3 Enter the Start IP Address in the Start IP: field. This address is the

beginning of the range from which the DHCP Server starts issuing IP addresses.

step 4 Enter the End IP Address in the End IP Address field. This address is the

end of the range from which the DHCP Server issues IP addresses.

step 5 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the Enable DHCP Server area of the LAN Group 1 Configuration screen fields and their definitions:

Field Description

Unmanaged

Highlight this radio button if this LAN group does not require a management IP address.

Obtain an IP address automatically

Check this checkbox if another DHCP server is providing addressing for the iConnectAccess624W.

IP Address

This field will be populated when the iConnectAccess624W receives an IP Address from a DHCP Server.

Netmask

This field will be populated when the iConnectAccess624W receives an IP Address from a DHCP Server.

PPP IP Address

Check this checkbox if PPP is providing addressing.

Use the following Static IP Address

Highlight this radio button to use a static address for your router. This is the default setting.

IP Address

Enter a static IP address, the Default IP Address for the iConnectAccess624W is 192.168.1.254..

Netmask

Enter static the subnet mask; the Default Netmask for the iConnectAccess624W is 255.255.255.0.

Default Gateway

Enter the default gateway if specified by your ISP. Otherwise leave this field blank and it will be automatically populated when an ISP connection is made.

Hostname

This is the assigned hostname for the iConnectAccess624W. The Hostname can be any alphanumeric word that does not contain spaces. The default hostname is R624.

Domain

The Domain Name is used in conjunction with the

Hostname to uniquely identify the iConnectAccess624W.

Static Options Enable DHCP Server

Highlighting the Enable DHCP Server radio button turns on the DHCP server. This will need to be disabled if a DHCP server is already running on the LAN. The DHCP Server is set to on by default.

Start IP

This address is the beginning of the range from which the DHCP Server starts issuing IP addresses. You need to ensure the iConnectAccess624W Management IP address and any statically-defined addresses are not within the DHCP start and end address ranges. The default Start IP address is 192.168.1.100.

End IP

This is the end of the DHCP Server IP address range. The default End IP is 192.168.1.200

Lease Time

The Lease Time is the amount of time a LAN computer will hold the IP address. The client will automatically renew the address after this time has elapsed. If the LAN computer does not renew the address after the lease period the lease information will be removed from the DHCP database. This database can be viewed under Tools> DHCP Clients. The lease time is in units of seconds; the default value is 604800 seconds (7 days).

Enable DHCP Relay

Highlighting the Enable DHCP Relay radio button configures the iConnectAccess624W to forward the DHCP request to a remote DHCP server. Enter the remote DHCP server address in the Relay IP field.

Server and Relay Off

This will disable the iConnectAccess624W’s DHCP server and relay functionality.

Management IP

iConnectAccess624W

The Management IP area of the web interface allows you to configure the LAN IP Address details for the iConnectAccess624W. This is accessed through the LAN Group 1 Configuration screen.



NOTE: If you change this address from the default, you will need to reconnect

using your new IP Address.

To Change The iConnectAccess624W IP Address:

From any screen in the web interface,

step 1 Click the Setup tab, then LAN Configuration. step 2 From the LAN Configuration screen, click the Configure link beside the

required LAN Group interface (i.e. LAN group 1). The following screen appears:

step 3 Under IP Settings, highlight the Use the following Static IP address radio

button.

step 4 Enter the IP Address in the IP Address field as required. step 5 Enter the netmask in the Netmask field as required. step 6 The default gateway is automatically received from the ISP when a

connection is made. Leave this field blank unless instructed otherwise by your ISP.

step 7 Enter an alphanumeric Hostname in the Hostname field. step 8 Enter the Domain Name in the Domain Name field. This cannot contain

spaces.

step 9 Click Apply, then Tools. The following appears:

iConnectAccess624W

step 10 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:



NOTE: The Domain Name is used in conjunction with the Hostname to identify the

iConnectAccess624W uniquely. To access the iConnectAccess624W’s web pages you can type the IP 192.168.1.254 or mygateway.ar7 in the web browser. Using the Hostname in the browser requires the workstation to have its DNS server set to the iConnectAccess624W.

The following table lists the fields and definitions of the Use The Following Static IP Address area of the LAN Group 1 Configuration screen:

Field Description

IP Address

The Default IP Address for the iConnectAccess624W is 192.168.1.254. Its Subnet Mask is 255.255.255.0, and this allows you to support 254. If you

wish to support a larger number of devices, you can alter the Subnet Mask. However, if you do, remember the DHCP Server is defaulted to give out 101 IP Addresses.

Netmask

A mask used to determine the subnet to which an IP address belongs. This is the Subnet Mask that will be assigned to the Management interface of the iConnectAccess624W.

Default Gateway

The default gateway is a host to which local computers send data that is destined for a non-local machine. On the iConnectAccess624W, configure the default gateway address here to reach all computers that are not on the same local IP subnet.

The default gateway is the default route for all traffic that does not have a defined route. This field is automatically populated when a PPP session is established. Leave this field blank unless instructed otherwise by your ISP.

Hostname

This is the assigned hostname for the iConnectAccess624W. The Hostname can be any alphanumeric word that does not contain spaces. The Default value is mygateway1.

iConnectAccess624W

Field Description

Domain

The Domain Name is used in conjunction with the Hostname to uniquely identify the iConnectAccess624W. Domain Names always have 2 or more parts, separated by dots. The part on the left is the most specific, and the part on the right is the most general. Usually, all of the hosts on a given Network will have the same part as the right-hand portion of their Domain Names. The Default value is ar7.

iConnectAccess624W

Ethernet Switch

This screen is used to hard set the Ethernet Speed and duplexing options. It is recommended that that all ports be set to auto.

To Modify the Ethernet Switch Configuration

From any screen in the web interface,

step 1 Click the Setup tab, then Ethernet Switch. The following screen appears:

step 2 From the Physical Port1 drop-down list, select the ethernet port for which

you wish to change the hardware setting. The options are: Auto, 10\Half Duplex, 10\Full Duplex, 100\Half Duplex and 100\Full Duplex.

step 3 Edit each Ethernet port as required. step 4 Click Apply, then Tools. The following screen appears:

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W



NOTE: The Fallback column in this screen displays the speed and duplexing that has

been negotiated on the port.

iConnectAccess624W

Wide Area Network (WAN) Setup

Before the router will pass any data between the LAN and WAN interfaces, the WAN side of the iConnectAccess624W must be configured. Depending on your ISP, you will need some (or all) of the information outlined below before you can properly configure the WAN.

The following table lists all DSL requirements:

DSL Requirement Comment

VPI and VCI

The VPI (Virtual Path Identifier) and the VCI (Virtual Channel Identifier) define the virtual path settings for the ADSL connection between you and your ISP. By default, these settings are pre-configured for 8/35 in your iConnectAccess624W.

Training Mode

The default is MMODE, and this enables your iConnectAccess624W to tune into the ADSL services in Australia automatically. Do not change this parameter.

PPPoA / PPPoE Requirement

Username

Your username is required for authentication to your ISP.

Password

Your username is required for authentication to your ISP.

Static Type Requirement

DSL Fixed Internet IP Address Subnet Mask Default Gateway Primary DNS IP Address

Connection Types

As multiple users can use the iConnectAccess624W, different profiles must be set up for different connections. The iConnectAccess624W supports the following connection types:

 PPPoE;  PPPoA;  Bridged;  Static;  DHCP;  CLIP.

Your iConnectAccess624W can support up to 8 unique virtual connections. If you have multiple virtual connections, you may need to utilize the static and dynamic routing capabilities of the router to pass data correctly.

iConnectAccess624W

PPPoE Connection Type

Computers connected to the Internet via ADSL do so through an Ethernet link. As such, plain TCP/IP has been used, with no additional protocols. PPP (Point-to-Point Protocol) provides secure login, and traffic metering among other advanced features. PPPoE (PPP over Ethernet) was designed to bring the security and metering benefits of PPP to Ethernet connections such as DSL.

PPPoE allows ADSL users to be authenticated by the ISP’s Radius authentication systems. Most broadband connections are Ethernet, hence Point-to-Point Protocol over Ethernet. It also allows for ISPs to provide multiple services over multiple PPP sessions, ie, rated services, broadband specific content (movies, etc.), metered services, etc.

To Configure PPPoE:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select PPPoE. The following screen is

displayed:

step 4 Enter a unique name for your PPPoE connection in the Name field. The

name must not have spaces and cannot begin with numbers.

step 5 Check the NAT and Firewall checkboxes beside the Options field. step 6 Enter your ISP provided username and password in the Username and

Password fields.

step 7 Enter the ISP provided VPI and VCI settings. step 8 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the PPPoE Connection type fields and describes each of the options:

Field Description

NAT

Network Address Translation is a feature that enables you to use private IP addresses on your computer or your LAN. This is set to Enabled by default for standard operation.

Firewall

Select to enable firewalling on this connection. This is set to Enabled by default for standard operation.

Username

The Username for your ISP account.

Password

The Password for your ISP account.

Idle Timeout

This specifies that the PPPoE connection should disconnect if the link detects no activity for x seconds. If you wish to ensure the link remains always connected, enter 0 in this field. This option will only be available when the On-Demand option is checked.

Keep Alive

When the On-Demand option is disabled, this value specifies the time to wait without connection to your provider before terminating the connection. If you wish

to ensure the link remains always active, enter 0 in this field. This is set to

10 by

default.

Authentication

This defines the authentication protocol for your ISP. This is set to Auto by default.

On-Demand

If selected, this enables on-demand connectivity to the Internet. Your Internet connection is activated when traffic is generated from LAN clients. This is unchecked by default.

Default Gateway

This sets the route for this connection as the default gateway in the routing table.

Debug

Check this checkbox to enable PPP connection debugging facilities.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL connection between you and your ISP. The value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

This field defines QoS at the ATM layer. Three different Quality Of Service options are available in the iConnectAccess624W: UBR, CBR and VBR. The QoS selected here must be supported by your ISP. By default this is set to UBR.

Connect

Click Connect to authenticate to your ISP via PPPoE and connect to the Internet.

Disconnect

Click Disconnect to break your Internet connection.

iConnectAccess624W

PPPoA Connection Type

PPPOA or PPPoA, Point-to-Point Protocol (PPP) over ATM, is a network protocol for encapsulating PPP frames in ATM AAL5. It used mainly with ADSL services and is compliant with RFC 2364. PPP over ATM adaptation layer 5 (AAL5) – PPPoA uses AAL5 as the framed protocol, which supports both PVC and SVC.

It offers standard PPP features such as authentication, encryption, and compression.

To Configure PPPoA:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select PPPoA. The following screen appears:

step 3 Enter a unique name for the PPPoA connection in the Name field. The

name must not have spaces and cannot begin with numbers.

step 4 Check the NAT and Firewall checkboxes beside the Options field. step 5 Select the encapsulation type (LLC or VC) by highlighting the appropriate

radio button. This is provided by your ISP.

step 6 Enter your ISP username and password in the Username and Password

fields.

step 7 Enter the VPI and VCI settings as supplied by your ISP. step 8 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the PPPoA Connection Setup screen fields and describes each of the options:

Field Description

NAT

Network Address Translation is a feature that enables you to use private IP addresses on your computer or LAN. This is set to Enabled by default for standard operation.

Firewall

Select to enable firewalling on this connection. This is set to Enabled by default for standard operation.

LLC and VC are two different methods of encapsulating multiple sessions. This is set to LLC by default.

LLC

With LLC encapsulation, a link control header is added to the Ethernet packet that identifies the protocol type (Ethernet). This allows multiple protocols to be transmitted over the ATM Virtual Circuit.

Encapsulation

With VC Multiplexing, no link control header is needed as the ATM Virtual Circuit is assumed to be carrying a single protocol.

Username

The username for your ISP account.

Password

The password for your ISP account.

Idle Timeout

On-Demand option is checked.

Keep Alive

When the On-Demand option is disabled, this value specifies the time to wait without connection to your provider before terminating the connection. If you wish to ensure the link remains always active, enter 0 in this field. This is set to 10 by default.

Authentication

This defines the authentication protocol for your ISP. This is set to Auto by default.

On-Demand

If selected, this enables on-demand connectivity to the Internet. Your Internet connection is activated when traffic is generated from LAN clients. This is unchecked by default.

Default Gateway

Check this checkbox to make this the default connection.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL connection between you and your ISP. The VPI value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

Connect

Click Connect to authenticate your ISP details via PPPoA and connect to the Internet.

Disconnect Click Disconnect to break your Internet connection.

iConnectAccess624W

Static Connection Type

A Static Connection type is used whenever an ISP provides a static IP address. The accompanying information such as the Subnet Mask and the Gateway should also be provided by the ISP. Up to three Domain Name Server (DNS) addresses can be specified. These servers would enable you to have access to other web servers.

Static Connection Configuration:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select Static. The following screen is

displayed:

step 3 Enter a unique name for your static connection in the Name field. The name

must not have spaces and cannot begin with numbers.

step 4 You can also enable Network Address Translation (NA T ) and the Firewall

options. If you are unsure, leave these in the default mode.

step 5 Select the encapsulation type (LLC or VC) by highlighting the appropriate

radio button. If you are unsure leave the setting as default.

step 6 Enter the VPI and VCI settings as provided by your DSL service provider /

ISP.

step 7 In the IP Address field, enter your assigned IP address based on the

information provided by your ISP.

step 8 In the Mask field enter the Subnet Mask based on the details provided by

your ISP.

step 9 In the Default GW field enter the Default Gateway based on the information

provided by your ISP.

step 10 In the DNS 1, 2 and 3 fields, enter the Domain Name Services (DNS) values

based on the information provided by your ISP.

step 11 In the Mode field, highlight the required connection type radio button as

appropriate. The options are Bridged and Routed.

iConnectAccess624W

step 12 Click Apply, then Tools. The following screen appears:

step 13 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the Static Connection Setup screen fields and their definitions:

Field Description

NAT

Network Address Translation is a feature that enables you to use private IP addresses on your PC or your LAN. This is set to Enabled by default for standard operation.

Firewall

Select to enable firewalling on this connection. This is set to Enabled by default for standard operation.

LLC and VC are two different methods of encapsulating multiple sessions. This is set to LLC by default.

LLC

Encapsulation

With VC Multiplexing, no link control header is needed as the ATM Virtual Circuit is assumed to be carrying a single protocol

IP Address

This is the static IP that will be assigned to the WAN interface of the iConnectAccess624W. This will be provided by your ISP.

Mask

A mask used to determine to which the subnet an IP address belongs. This is the Subnet Mask that will be assigned to the WAN interface of the iConnectAccess624W. This will be provided by your ISP.

Default Gateway

DNS 1 – DNS 3

DNS service is used to translate a Domain Name into a corresponding IP address. The DNS server name should be obtained from your ISP.

Mode

Routed or Bridged mode can be selected here.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL

iConnectAccess624W

Field Description

connection between you and your ISP. The VPI value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

Defines QoS at the ATM layer. Three different Quality Of Service options are available in the iConnectAccess624W: UBR, CBR and VBR. The QoS selected here must be supported by your ISP. By default this is set to UBR.

iConnectAccess624W

DHCP Connection Type

Dynamic Host Configuration Protocol (DHCP) allows the iConnectAccess624W to obtain an IP address automatically from the server. With dynamic addressing, a device may have a different IP address every time it connects to the network. This is not commonly used in Australia. Before configuration, please check with your ISP to ensure that this mode is supported.

To Configure DHCP Connection:



NOTE: If you need to use the VPI and VCI values in an existing connection, you will

need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select DHCP. The following screen is

displayed:

step 3 Enter a unique name for the DHCP Connection in the Name field. The

name must not have spaces and cannot begin with numbers.

step 4 In the Options area of the screen, leave the NAT and Firewall checkboxes

as default.

step 5 Select the encapsulation type (LLC or VC) by highlighting the appropriate

radio button. If you are unsure leave the setting as default.

step 6 Enter the VPI and VCI settings as provided by your ISP. step 7 If your DSL line is connected and your ISP supports DHCP, click the Renew

button to retrieve an IP address, Subnet mask, and Gateway address.



NOTE: You can renew the DHCP address at any time by clicking Renew. However,

in most cases you will never need to use this button as the process runs automatically.

step 8 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the DHCP Connection Setup screen fields and their definitions:

Field Description

NAT

Network Address Translation is a feature that enables you to use private IP

addresses on your computer or your LAN. This is set to Enabled by default for standard operation.

Firewall

Select to enable firewalling on this connection. This is set to Enabled by default for standard operation.

LLC and VC are two different methods of encapsulating multiple sessions. This is set to LLC by default.

LLC

Encapsulation

With VC Multiplexing, no link control header is needed as the ATM Virtual Circuit is assumed to be carrying a single protocol.

Renew

Sometimes it becomes necessary to get a new IP address or update DHCP options sent by a DHCP server, for example when moving a laptop from one network to another. Pressing this button will renew the DHCP lease.

Release

Clicking this button will release the current network settings from the iConnectAccess624W.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL connection between you and your ISP. The VPI value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

iConnectAccess624W

Bridged Connection Type:

In Bridged mode, Ethernet frames are bridged over ATM Virtual Circuits. The Ethernet frames are encapsulated using either LLC Encapsulation or VC Multiplexing. Since the Ethernet packets are bridged, the router’s only functionality is to pass the Ethernet packets to and from the Internet Service Provider and the local network. The IP addresses of the local network are assigned by your ISP either statically or dynamically.

In this setting, NAT and firewall rules are disabled. This connection method makes the iConnectAccess624W act as a transparent hub, and passes packets across from the WAN interface to the LAN interface transparently.

If your ISP provides a bridged service, this is the type that you should select.

To Configure The iConnectAccess624W As A Bridge:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open the connection and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select Bridge. The following screen is

displayed:

step 3 Enter a unique name for the DHCP Connection in the Name field. The

name must not have spaces and cannot begin with numbers.

step 4 Select the encapsulation type (LLC or VC) by highlighting the appropriate

radio button. If you are unsure leave the setting as default.

step 5 Enter the VPI and VCI settings as supplied to you by your ISP. step 6 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 7 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

step 8 When the Browser will try connecting the gateway in a few secs message

box appears, click OK.



NOTE: If DHCP is enabled, the following warning message may appear.

step 9 Click OK and follow the instructions in the DHCP Configuration to disable

the DHCP server.

iConnectAccess624W

The following table lists the Bridged Connection Setup screen fields and their definitions:

Field Description

LLC and VC are two different methods of encapsulating multiple sessions. This is set to LLC by default.

LLC

Encapsulation

With VC Multiplexing, no link control header is needed as the ATM Virtual Circuit is assumed to be carrying a single protocol.

Select LAN

Select the LAN Group (as defined in the LAN Configuration screen) of which the bridge connection will be part.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL connection between you and your ISP. The VPI value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

iConnectAccess624W

Classical IP Over ATM (CLIP) Connection

Classical IP over ATM (CLIP), (defined in RFC1577) provides the ability to transmit IP packets over an ATM network, CLIP support will encapsulate IP in an AAL5 packet data unit (PDU) frame using RFC1577and it utilizes an ATM aware version of the ARP protocol.

To Configure CLIP Connection:



NOTE: If you need to use the VPI and VCI values in an existing connection, you

will need to open it and edit the setting. It is not possible to have more than one connection using the same VPI/VCI values.

From any screen in the web interface,

step 1 Click the Setup tab, then New Connection. step 2 From the Type drop-down list, select CLIP. The following screen is

displayed:

step 3 Enter a unique name for the CLIP connection in the Name field. The name

must not have spaces and cannot begin with numbers.

step 4 Leave the NAT and Firewall options as the default settings. step 5 Enter the CLIP Settings, including IP Address, Mask and Default Gateway

as provided by your ISP.

step 6 Leave the ARP Server address as the default, unless advised by your ISP. step 7 Enter the VPI and VCI settings as provided by your ISP.

step 8 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the CLIP Settings screen fields and their definitions:

Field Description

NAT

Network Address Translation is a feature that enables you to use private

IP addresses on your computer or your LAN. This is set to Enabled by default for standard operation.

Firewall

Select to enable firewalling on this connection. This is set to Enabled by default for standard operation.

IP Address

The CLIP Server IP Address.

Mask

The CLIP Server subnet mask.

ARP Server

The ARP Server IP Address.

Default Gateway

The Default Gateway IP Address.

VPI

The VPI (Virtual Path Identifier) defines the virtual path settings for the ADSL connection between you and your ISP. The VPI value entered here must be supported by your ISP.

VCI

The VCI (Virtual Channel Identifier) defines the virtual channel settings for the ADSL connection between you and your ISP. The VCI value entered here must be supported by your ISP.

QoS

iConnectAccess624W

Modify An Existing Connection

To Modify An Existing Connection:

From any screen in the web interface, Click the Setup tab, then click the connection you wish to modify. Edit as applicable and click Apply, Tools, then System Commands. Finally click the

Save All button, then OK when the confirmation message appears to make the changes permanent. If you are deleting the entry, click Delete.

The following table lists the Connection Setup buttons and their definitions:

Field Description

Apply

Applies the changes made to the connection.

Delete

Deletes the connection.

Cancel

Cancels the changes made to the connection before applying.

iConnectAccess624W

Modem

To Configure The ADSL Modulation Type:

From any screen in the web interface,

step 1 Click the Setup tab, then Modem. The following screen appears:

step 2 Highlight the required modulation type radio button. Set the modulation type

to G.DMT.



NOTE: The iConnectAccess624W is pre-configured to detect the ADSL

modulation type automatically. In most cases, this screen should not be modified.

step 3 Click Apply, then Tools. The following screen appears:

step 4 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the Modem screen fields and their definitions:

Field Description

MMODE

Multi-Mode (the modulation is automatically detected)

T1413

ANSI T1.413-1998

GDMT

G.DMT (G.992.1)

GLITE

G.lite (G.992.2)

ADSL2

Supports speeds up to 12Mbps

ADSL2Plus

Supports speeds up to 24Mbps

iConnectAccess624W

Advanced Tab

The iConnectAccess624W supports a host of advanced networki ng and routing features including the set up of your LAN and WAN interfaces, security, port configuration, user management, restarting the modem / router, and plug and play capability.

iConnectAccess624W

UPnP

Universal Plug and Play is a networking architecture that provides compatibility among networking equipment, software and peripherals such as games co nsoles, digital cameras, and other systems that connect by TCP/IP. It can be supported on any operating system, and boasts device-driver independence and zero-configuration networking.

To Enable UPnP:



NOTE: Before enabling UPnP, ensure that you have a WAN connection

configured.

From any screen in the web interface,

step 1 Click the Advanced tab, then UPnP. The following screen appears:

step 2 Check the Enable UPnP checkbox. step 3 Select the required WAN Connection by highlighting the appropriate item

from the drop-down list.

step 4 From the LAN Connection drop-down list, select the LAN connection as

appropriate.

step 5 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the UPnP screen fields and their definitions:

Field Description

Enable UPNP

Universal Plug and Play (UPnP) is a standard that uses Internet and Web protocols to enable the iConnectAccess624W to be plugged into a network and automatically know about each other. With UPnP enabled, when a user plugs the iConnectAccess624W into the network, the device will configure itself, acquire a TCP/IP address, and use a discovery protocol based on the Internet's Hypertext Transfer Protocol (HTTP) to announce its presence on the network to other devices. This is set to

Disabled by default in the iConnectAccess624W.

WAN Connection

Select the WAN connection from the drop-down list of configured WAN connections.

LAN Connection

Select the LAN connection from the drop-down list of available LAN Group connections.



NOTE: UPnP can only be enabled on a saved Configuration File.

iConnectAccess624W

SNTP

Simple Time Network Protocol ensures that computer clock times can be synchronised in a network of computers to the millisecond.

To Configure SNTP:

From any screen in the web interface,

step 1 Click the Advanced tab, then SNTP. The following screen appears:

step 2 Click the Enable SNTP checkbox. step 3 Enter the primary SNTP Server address as required in the Primary SNTP

Server field.

step 4 Repeat this step for the Secondary and Tertiary SNTP Server addresses as

required.

step 5 Enter a timeout limit (in seconds) in the Timeout field. step 6 Enter a Polling Interval limit (in minutes) in the Polling Interval field. step 7 Enter the number of times to retry connecting to the server in the Retry

Count field.

step 8 From the Time Zone drop-down list, select the time zone in which the router

is operating.

step 9 Check the Day Light checkbox to activate daylight savings time. step 9 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 10 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the SNTP screen fields and their definitions:

Field Description

Enable SNTP

Check this checkbox to enable the 624W to synchronise its system time to an external time source.

Primary SNTP Server

The IP Address or fully qualified name of the time source.

Secondary SNTP Server

The IP Address or fully qualified name of a backup time source.

Tertiary SNTP Server

The IP Address or fully qualified name of a backup time source.

Timeout

Time in seconds that the iConnectAcess624W will wait for an SNTP server to respond.

Polling Interval

Polling period in minutes that the iConnectAccess624W checks time with the SNTP server.

Retry Count

The number of retries before a backup server is polled.

Time Zone

Select the time zone in which your network is operating from this drop-down list.

Day Light

Check the Day Light checkbox to activate daylight savings time.

iConnectAccess624W

SNMP

SNMP stands for Simple Network Management Protocol. It is used to monitor the state of the network remotely, collecting information about Internet traffic events and device status and storing these in a database. For example, SNMP can be used to monitor the amount of traffic passing through the network.

To Configure SNMP:

From any screen in the web interface,

step 1 Click the Advanced tab, then SNMP. The following screen appears:

step 2 Check the Enable SNMP Agent and SNMP Traps checkboxes. step 3 Enter a name for the device in the Name field. step 4 Enter the vendor’s location in the Location field. step 5 Enter a contact for the vendor in the Contact field. step 6 Enter a community name in the Name field in the Community area of the

screen, for Read-Only access. The default is Public.

step 7 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the SNMP Management screen fields and their definitions:

Field Description

Enable SNMP Agent

Check this checkbox to enable SNMP (Simple Network Management Protocol) on this device. Enter the SNMP settings in the Community area of the screen.

Enable SNMP Traps

Check this checkbox to enable the SNMP trap service. Enter the SNMP trap settings in the Traps area of the screen.

SNMP Management (Name, Location, Contact)

Enter details specific for this device in the Name, Location and Contact fields.

Community Name and Access Rights

The SNMP Read-Only Community string is like a User-ID or Password that allows access to the router’s statistics.

SNMP Read-Write Community String allows a remote device to read information from a device, and to modify settings on that device. If using SNMP Read-Write do not leave this password at the default.

Traps Destination IP

Enter the Destination Address of the host to receive the SNMP traps.

Trap Community

Enter the Community name in this field. This should match the community name on the server receiving the traps.

Trap Version

Select the version of SNMP to use from this drop-down list.

iConnectAccess624W

IP QoS

Before attempting to configure IP QoS, you will need a good understanding of the TCP/IP protocol and ports.

The IP Quality Of Service (QoS) queues data streams to ensure that basic connectivity is maintained when running multiple services over one connection. For example, if you are using a peer-to-peer file-sharing program whilst simultaneously pe rforming normal web browsing, you can configure QoS to limit the resources dedicated to the peer-to-peer session to ensure web browser connectivity. IP QoS is often critical to maintain VoIP session quality.

IP QoS services in the iConnectAccess624W are applicable to the output device (LAN side). This means that the IP QoS is associated with any transmitted traffic from the iConnectAccess624W. Each output device has three priority queues associated with transmit data. The High priority queue has strict priority over medium and low priority queues. The Medium and Low priority queues are serviced on a round robin priority basis according to the configured weights (WRR), after the High priority queue has been completely serviced.



NOTE: If IP QoS is enabled and no rules are defined, a default rule is added

which is hidden. The default rule places all traffic to be transmitted in the Low priority queue.

To Configure IP QoS:

From any screen in the web interface,

step 1

Click the Advanced tab, then IP QoS. The following screen appears:

step 2 Select a WAN connection to enable IP QoS for the modem’s upstream

traffic, or choose a LAN connection (Ethernet and USB Bridged) for the downstream traffic, from the Choose a connection drop-down list.

iConnectAccess624W

step 3 Select a percentage from the Low priority weight drop-down list. step 4 Select a percentage from the Medium priority weight drop-down list. step 5 If you wish to enable IP QoS, check the Enable IPQoS checkbox. step 6 If you wish to enable trusted mode, check the Trusted Mode checkbox.

step 7 Click Apply, then Tools. The following screen appears:

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the IP QoS screen fields and their definitions:

Field Description

Choose a Connection

This lists the connection names that are configured on the iConnectAccess624W. Select a WAN or LAN connection here.

Low Priority Weight / Medium Priority Weight

These two fields allow you to select the weights of the Medium and Low Priority queues in increments of 10 percent, so that the sum of the weights is 100 percent.

Enable IP QoS

Check /uncheck this checkbox to enable / disable IP QoS for the selected connection.

Trusted Mode

The iConnectAccess624W has two primary modes of operation: Trusted and Untrusted.

Trusted: In Trusted mode, all the rules will be applied first, regardless of the Type Of Service (TOS) bit setting. (After the rules have been exhausted, the existing TOS bit settings will be honoured.)

Untrusted: Untrusted Mode matches first against all rules, as in Trusted Mode. If there is no match, then a default rule will be used. The queuing priority of the default rule is Low.

iConnectAccess624W

To Define IP QoS Traffic Rules:

The IP QoS page appears when you click the Add button in the QoS Setup screen. When setting rules, each rule is a matching criterion that identifies the application traffic to be transmitted by the iConnectAccess624W using one of the three priority queues – High, Medium or Low.

From the IP QoS screen,

step 1 Click Add to define the IP QoS traffic rules. The following screen appears:

step 2 Enter a rule name in the Rule Name field. step 3 Identify the traffic by source and destination addressing, source/destination

port number, protocol and/or physical port.

step 4 Select the protocol from the Protocol drop-down list. The options are: TCP,

UDP, ICMP or ANY.

step 5 Select the priority queue in which the identified traffic will be placed, from the

Traffic Priority drop-down list. The options are: Low, Medium, or High.

step 6 If you wish to set the TOS bit, select it from the TOS Marking list. step 7 Click Apply, then Tools. The following screen appears:

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the IP QoS Traffic Rule screen fields and their definitions:

Field Description

Rule Name

This lists the connection names that are configured in the iConnectAccess624W.

Source IP

The IP address of the device that is the sending the information.

Source Netmask

The Network Mask of the device that is sending the information.

Source Start Port /Source End Port

The port number/port range of device that is sending the information on. The port range must be between 1 – 65535.

Destination IP

The IP address of the device that is the receiving the information.

Destination Netmask

The Network Mask of the device that is receiving the information.

Destination Start Port Destination End Port

Use this field to classify QoS traffic by the destination port. A range can be entered for a serial on continuous ports.

Protocol

Select the protocol for your traffic. The options are: TCP, UDP, ICMP or ANY.

Traffic Priority

This is the priority for the source traffic. The options are: Low, Medium or High for the selected traffic.

Physical Port

Select only if traffic on this port is to be prioritised.

Normal Service TOS Marking

The additional TOS marking field allows you to assign a Type Of Service (TOS) value to this traffic. The values for the TOS marking are: No

Change, Normal Service, Minimise Monetary Cost, Maximise Reliability, Maximise Throughput and Minimise Delay.

iConnectAccess624W

Port Forwarding

Using the Port Forwarding page, you can provide local services (for example web hosting) for people on the Internet, or play Internet games. When users send this type of request to your network via the Internet, the iConnectAccess624W will forward those requests to the appropriate computer. Port Forwarding can be used with DHCP-assigned addresses but remember that a DHCP address is dynamic (not static). For example, if you were configuring a Netmeeting server, you would want to assign this server a static IP address so that the IP address is not reassigned. Also remember that if an Internet user is trying to access an Internet application, they must use the WAN IP address. Port forwarding will translate the WAN IP address into a LAN IP address.

Configuring Port Forwarding is a two-part process. Firstly you must ensure that you have a LAN IP Address configured, and once you have completed this, you can then configure Port Forwarding.

To Configure Port Forwarding:

From any screen in the web interface,

step 1

Click the Advanced tab, then Port Forwarding. The following screen

appears:

step 2 From the WAN connection drop-down list, select the connection type for

which you wish to add the firewall rule.

step 3 From the LAN IP drop-down list, select the IP address for which you wish to

apply the rule. If you wish to add a new LAN IP address, highlight the user category and click New IP button, and follow the instructions in

To Add A

LAN Client:



NOTE: It is recommended that Static IP Addresses rather than DHCP IP

Addresses be used for Port Forwarding.

step 4 In the Category area of the screen, highlight the appropriate category radio

button. The Available Rules area displays common Internet services within the selected category. Rules for each service can be viewed by clicking the View button.

step 5 To add a rule for this connection, highlight the service / application from the

Available Rules window, then click Add. The rule then appears in the Applied Rules area of the screen.

iConnectAccess624W

step 6 Click Apply, then Tools. The following screen appears:

step 7 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the Port Forward screen fields and their definitions:

Field Description

WAN Connection

Select a defined WAN connection.

Allow Incoming Ping

Ping is a protocol used mainly for monitoring the connectivity between IP devices. Enabling this feature allows remote devices to use Ping to check connectivity to your device. You may need to enable this for monitoring purposes. This is set to Disabled by default for standard operation.

Select LAN Group

Select the LAN Group of which the computer the port to be forwarded is a member. LAN Groups can be managed under Setup > LAN

Configuration.

LAN IP

This is the IP address to which the selected Ports are forwarded. It is recommended that you use a static IP address. You will need to define this in the LAN Clients screen.

New IP

Shortcut to the LAN Client page. Static addresses not listed under LAN IP drop-down list can be added here.

Custom Port Forwarding

Link to Custom Port Forwarding screen.

DMZ

Link to the DMZ screen.

Category/Available Rules

A number of pre-defined categories and rules are available here. E.g.: Web servers specifies the following port forwarding profile:

iConnectAccess624W

Field Description

To view the details of a pre-defined rule, click View.

Applied Rules

This specifies the applied Port Forwarding rule for the selected WAN Connection and the LAN IP.

Custom Rules

You can specify custom Port Forwarding rules by clicking the Custom Rule link.

iConnectAccess624W

Allow Incoming Ping

Enabling the Incoming Internet Control Message Protocol (ICMP) Ping will allow Echo requests to come into the gateway. The gateway will respond with an ICMP Echo response message. The option allows the DSL provider or ISP to determine the following:

 The status of the network;  Tracking and isolating hardware and software problems;  Testing, measuring, and managing networks.

DMZ

Setting a computer (on your local network) as a De-Militarised Zone (DMZ) forwards any network traffic that is not redirected to another computer via the port-forwarding feature to the computer's IP address. This opens access to the DMZ computer from the Internet.

To Configure A DMZ:

step 1 From the Port Forwarding screen, click the DMZ link. The following

appears:

step 2 Check the Enable DMZ checkbox. step 3 From the Select your WAN Connection drop-down list, select the connection

type for which you wish to add the DMZ.

step 4 From the Select LAN Group: drop-down list, select the LAN group for which

you wish to enable the DMZ.



NOTE: It is recommended that Static IP Addresses rather than DHCP IP

Addresses be used for the DMZ host.

step 5 Select the DMZ Host IP Address from the Select a LAN IP Address drop-

down list. If your IP Address is not listed, click LAN Clients, and follow instructions in

To Add A LAN Client:

step 6 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 7 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the DMZ Settings screen fields and their definitions:

Field Description

Enable DMZ

Enables/Disables DMZ feature.

Select your WAN Connection

List of connections defined in the WAN Setup.

Select LAN Group

Select the LAN Group for which you wish to enable the DMZ from the drop-down list.

Select a LAN IP Address

Host computer to act as the DMZ.

LAN Clients

Shortcut to the LAN Client page. Static addresses that are not listed under the LAN IP drop-down list can be added here.

iConnectAccess624W

Custom Port Forwarding

You will only need to use Custom Port Forwarding when specifying IP Subnets or IP Addresses not listed under LAN Clients. Otherwise custom rules can be defined in the User Category of the Available Rules, and then mapped to the appropriate WAN connection and LAN IP.

step 1 From the Port Forwarding screen, click Custom Port Forwarding to define

Port Forwarding rules. The following screen appears:

step 2 From the Connection: drop-down list, select the connection name for which

you wish to configure port forwarding.

step 3 Enter a unique name for the rule in the Application field. step 4 Identify the traffic by source and destination address and ports.



Use the IP Address 0.0.0.0 with a netmask of 0.0.0.0 in the Source Address if your IP Address is dynamically-assigned.

step 5 Select the protocol from the Protocol drop-down list. The options are: TCP,

UDP, ICMP or ANY.

step 6 Enter the destination IP Address and Netmask of the server to which the

traffic is being forwarded.

step 7 Enter the destination port on which the server will respond, in the

Destination Port Map field.

step 8 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the Custom Port Forwarding screen fields and their definitions:

Field Description

Connection

The name of the connection on which you wish to customise Port Forwarding.

Enable

Check this checkbox to enable the customisation.

Application

Enter a unique name for the rule in this field.

Protocol

Select the protocol for your traffic. The options are: TCP, UDP, ICMP or ANY.

Source IP

The IP address of the interface forwarding the traffic or 0.0.0.0 if the address is dynamically-assigned.

Source Netmask

The Network Mask of the interface forwarding the traffic or 0.0.0.0 if the address is dynamically assigned.

Destination IP

The IP address of the device that is receiving the traffic.

Destination Netmask

The Network Mask of the device that is receiving the traffic.

Destination Start Port Destination End Port

The destination port number or port range that is to be translated.

Destination Port Map

The destination port number to which traffic is translated.

iConnectAccess624W

IP Filters

IP Filters allow you to block network access based on a user’s computer IP Address on the local LAN. You can use this option to block specific traffic (eg, to block web access) or any traffic from a computer on your local network. If the traffic type is set to Any, all network traffic from that computer will be blocked. You can also add / edit / delete IP Filter rules without using the pre-defined rules. Click User, then New to access this interface.

You will only need to use Custom IP Filters when specifying IP subnets or IP address not listed under LAN Clients. Otherwise new filters can be defined in the User Category of the Available Rules, and then mapped to the appropriate WAN connection and LAN IP.

To Configure IP Filtering:

From any screen in the web interface,

step 1

Click the Advanced tab, then IP Filters. The following screen appears:

step 2 From the Select LAN Group drop-down list, select the LAN Group for which

you wish to add the rule.

step 3 From the LAN IP drop-down list, select the IP Address for which you wish to

apply the rule. If your IP address is not listed, click the New IP button, and following the instructions in

To Add A LAN Client:.



NOTE: It is recommended that Static IP Addresses rather than DHCP IP

Addresses be used for IP Filtering.

step 4 In the Category area of the screen, highlight the appropriate radio button for

the category. The Available Rules area displays common Internet services within the category selected. Rules for each service can be viewed by clicking the View button.

step 5 To add a rule for this connection, highlight the service or application from the

Available Rules window, then click Add. The rule then appears in the Applied Rules area of the screen.

step 6 Click Apply, then Tools. The following screen appears:

iConnectAccess624W

step 7 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the IP Filtering screen fields and their definitions:

Field Description

Select LAN Group

Select the LAN Group of the computer to which IP Filtering is being applied. LAN Groups can be managed under Setup > LAN Configuration.

LAN IP

This is the server IP address to which Ports are forwarded. It is recommended that you use a static IP address for Server. This address will need to be defined in the LAN Clients screen.

New IP

Shortcut to the LAN Client page. Static addresses that are not listed under the LAN IP drop-down list can be added here.

Block All Traffic

This option blocks all IP traffic from the specified LAN IP Address.

Block Outgoing Ping

This option blocks ICMP traffic from the specified LAN IP Address.

Customer IP Filters

Use this link to create filtering rules that are not predefined.

Category/Available Rules

A number of pre-defined categories and rules are available here. E.g.: Web servers specifies the following port forwarding profile:

To view the details of a pre-defined rule, click View.

Applied Rules

This specifies the applied IP filtering rule for the selected LAN IP Address.

Custom Rules

You can specify custom IP Filtering rules by clicking the Custom Rule button.

iConnectAccess624W

LAN Clients

If DHCP is used, all current DHCP clients are automatically registered in the LAN Client database as a dynamic address. However, if a Static IP Address is used on a LAN device and wish to apply IP rules to this address, you must add its IP address to the LAN Clients list. Once the IP address has been added, it appears in the Static Addresses list.

To Add A LAN Client:

From any screen in the web interface,

step 1 Click Advanced, then LAN Clients. The following screen appears:

step 2 From the Select LAN Connection drop-down list, select the LAN group for

which you wish to apply the LAN Client.

step 3 To add the LAN Client Address, enter the LAN IP Address in the Enter IP

Address field.

step 4 Enter the LAN’s hostname in the Hostname field if required. step 5 Enter the MAC address of the LAN Client in the MAC Address field.

step 6 Click Apply, then Tools. The following screen appears:

step 7 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W



NOTE: Once the IP Address has been added you are now able to apply Port

Forwarding and Access Control rules to it.

The following table lists the LAN Clients screen fields and their definitions:

Field Description

Select LAN Connection

The LAN group to which you are adding the new LAN client.

Enter IP Address

IP address of the server/host that you want to use for port forwarding or access control must be defined here.

Hostname

An optional hostname can be assigned to the above address.

MAC Address

Enter the MAC Address of the LAN Client here. This field is optional.

iConnectAccess624W

LAN Isolation

If an interface is added to each LAN group in the LAN configuration, then the communications between the two groups can be disabled. Both groups will still have access to the Internet.

To Block Traffic from one LAN to another:

From any screen in the web interface,

step 1 Click Advanced, then LAN Isolation. The following screen appears:

step 2 If you wish to disable traffic between LAN groups, check the Disable traffic

between LAN group 1 and LAN group 2, Disable traffic between LAN group 2 and LAN group 3 or Disable traffic between LAN group 3 and LAN group 1

checkboxes as required.

step 3 Click Apply, then Tools. The following appears:

step 4 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

Bridge Filters

The Bridge filtering mechanism enables users to define rules which allow/deny frames through the iConnectAccess624W, based on source and destination MAC address and/or frame type. The user should note that the bridge filter will only examine frames from interfaces that are part of the bridge itself. Twenty filter rules are supported with bridge filtering.

The User Interface for Bridge Filter sallows the following functionality: Adding/Editing/Deleting filter rules; Enabling filter rules.

To Enable Bridge Address Filters:

The Enable Bridge Filters button allows the user to enable or disable Bridge filtering. It can be checked / unchecked during any editing operation. It can also be set/unset independently by just clicking the Apply button.

From any screen in the web interface,

step 1 Click Advanced, then Bridge Filters. The following screen appears:

step 2 Check the Enable Bridge Filters checkbox, and click Apply. You can now

select the bridge filter management interface from the Bridge Filter Management Interface drop-down list.

step 3 If more than one LAN group as b een created, Select the LAN group the filter

rules are to be applied to.

step 4 Enter the source MAC address in the Src MAC field. step 5 Select the source port in the Src Port drop-down list. step 6 Enter the destination MAC address in the Dest MAC field. step 7 Select the destination port in the Dest Port drop-down list.



NOTE: Entering 0s in the Source or Destination fields means ALL MAC addresses

are matched.

step 8 Select the protocol to be filtered from the Protocol drop-down list. step 9 Select the mode with desired filtering type from the Mode drop-down list.

The options are Allow or Deny.

iConnectAccess624W

step 10 Click Add. step 11 Click Apply, then Tools. The following appears:

step 12 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:



NOTE: A maximum of 20 MAC Filter Rules can be defined and saved.

To Edit An Existing Filter Rule:

 From the Bridge Filters screen, highlight the Edit radio button for the

rule to be edited, from the list of existing filter rules. The rule appears in the Enable Bridge Filters area of the screen.

 Make the required change / s to the MAC Address, Protocol and

Mode types, and click Apply, Tools, then System Commands. Click

the Save All button, and confirm the save by clicking OK when the confirmation message appears.

To Delete Filter Rule(s):

 Check the Delete checkbox beside the filter rule / s to be deleted.



NOTE: Multiple deletions are possible by using the <Shift> key and clicking the

Delete checkboxes. The Select All checkbox can be used to delete all filter rules quickly.

 Click Apply, Tools, then System Commands..  Click the Save All button, and confirm the save by clicking OK when

the confirmation message appears.

iConnectAccess624W

Hidden MAC Filter Rules:

The MAC filter table contains 3 hidden rules, which are entered automatically by the system to ensure you do not "lock" yourself out of the system. These include:

 Any ARP frames are permitted to pass through the system.  All IPv4 frames with the destination MAC address of the bridge are

permitted to pass through.

 All IPv4 frames with the source MAC address of the bridge are

permitted to pass through.



NOTE: To locate the MAC Address of a Windows-based machine, type

ipconfig /all at a DOS prompt.

iConnectAccess624W

Multicast

Multicasting is a form of limited broadcast. UDP is used to send datagrams to all hosts that belong to what is called a "host group." A host group is a set of one or more hosts identified by the same destination IP address. The following statements apply to host groups.

 Anyone can join or leave a host group at will;  There are no restrictions on a host's location;  There are no restrictions on the number of members that may belong to a

host group;

 A host may belong to multiple host groups;  Non-group members may send UDP datagrams to the host group.

Multicasting is useful when data needs to be sent to more than one other device. For instance, if one device is responsible for acquiring data that many other devices need, then multicasting is a natural fit. Note that using multicasting as opposed to sending the same data to individual devices uses less network bandwidth.

To Enable Multicasting:

From any screen in the web interface,

step 1 Click the Advanced tab, then Multicast. The following screen appears:

step 2 Check and / or highlight the Enable IGMP Multicast checkbox. step 3 From the Available Connections area of the scre en, highlight the Select

radio button for the connection required.

step 4 Click Apply, then Tools. The following appears:

iConnectAccess624W

step 5 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the Multicast screen fields and their definitions:

Field Description

Enable IGMP Multicast

Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Multicast Protocol) is a session-layer (layer-3) protocol used to establish membership in a Multicast group. Checking this will enable the iConnectAccess624W to receive multicast traffic.

Select Available Connections

Select the connection type here.

iConnectAccess624W

Static Routing

If the iConnectAccess624W is connected to more than one network, you may need to set up a static route between them. A static route is a pre-defined pathway down which network information must travel to reach a specific host or network.

To Enable Static Routing:

From any screen in the web interface,

step 1 Click the Advanced tab, then Static Routing. The following screen

appears:

step 2 From the Choose a connection drop-down list, select a connection type. step 3 Enter the new destination IP for the remote LAN network or host to which

you wish to assign a static route in the New Destination IP field.

step 4 Enter a subnet mask in the Mask field. step 5 Enter the IP address of the new device to connect with the remote network

or host in the Gateway field.

step 6 Enter a metric in the Metric field. step 7 Click Apply, then Tools. The following appears:

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the Static Routing screen fields and their definitions:

Field Description

Choose a Connection

Choose the connection profile from the drop-down list.

New Destination IP

This is the destination network or Host IP address to be routed via another gateway.

Mask

Enter the subnet mask for the destination network. Use

255.255.255.255 for a host route.

Gateway

This is the IP address of the next hop router in the path to the destination network. The iConnectAccess624W examines the destination address in the packet header and passes the packet along to this gateway if the address is within the specified range. A packet may go through 30 or more routers in its travels from one host computer to another.

Metric

Enter the metric value to be assigned to this static route. If you are unsure enter the value 1.

iConnectAccess624W

Dynamic Routing

Using Routing Information Protocol (RIP), dynamic routing allows the iConnectAccess624W to adjust to physical changes in the network automatically. It determines the route through which the packets travel based on the fewest number of hops between the source and destination. RIP protocol regularly broadcasts routing information to other Routers on the network.

To Enable Dynamic Routing:

From any screen in the web interface,

step 1 Click the Advanced tab, then Dynamic Routing. The following screen

appears:

step 2 Check the Enable RIP checkbox. step 3 From the Protocol drop-down list, select the RIP version as appropriate. step 4 Check / Uncheck the Enable Password checkbox as appropriate. step 5 If you have checked the Enable Password checkbox, enter a password in

the Password field.

step 6 Select the direction from the Direction drop-down list. step 7 Click Apply, then Tools. The following appears:

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

The following table lists the Dynamic Routing screen fields and their definitions:

Field Description

Enable RIP

This enables RIP routing on the iConnectAccess624W router.

Protocol

There are two versions of RIP. RIP version 1 (v1) is defined in RFC

1058. RIP version 2 (v2) is defined in RFC 1723. Select between RIPv1, RIPv2 and RIPv1 compatible.

The protocol is dependent upon the entire network. Most networks support RIP v1. If RIP v1 is selected, routing data will be sent in RIP v1 format. If RIP V2 is selected, routing data will be sent in RIP v2 format using subnet broadcasting. If RIP V1-Compatible is selected, routing data will be sent in RIP v2 format using multicasting.

Direction

The direction determines the means through which RIP routes will be updated.

Selecting In means that the iConnectAccess624W will only incorporate received RIP information. Selecting Out means that the iConnectAccess624W will only send out RIP information.

Selecting Both means that the iConnectAccess624W will incorporate received RIP information and send out updated RIP information.

Enable Password

Simple password authentication for RIPv2 was defined in RFC 1723. If you intend to use password authentication you must enable your password here.

Password

Type the RIPv2 authentication password here. Ensure that all routers are configured with this password for RIPv2 to work.

iConnectAccess624W

Access Control

The iConnectAccess624W’s Access Control management feature opens access from the Internet (WAN) or (LAN) to the router’s management ports (Web, Telnet, SSH, FTP, TFTP, SNMP). Note that there are security risks associated with this action, and for this reason, remote management is restricted to computers on the network that are specified in the IP Access Control List. (This holds up to 16 IP Addresses.)

The Access Control List (ACL) provides a global enable / disable. If the ACL is disabled, the default behaviour (ie, Deny for WAN, and Accept for LAN, is enabled for all IP addresses) is enforced. If no IP Addresses are specified in the ACL, the ACL will act as if it is disabled until the first IP Address is added.



NOTE: You must ensure that you add your own IP Address to the IP Access List,

otherwise you could lock yourself out of the router. Should this occur and the setting is saved, you will need to perform a factory default reset, using the reset button.

To Enable Access Control:

From any screen in the web interface,

step 1 Click the Advanced tab, then Access Control. The following screen

appears:

step 2 Check the Enable Access Control checkbox. step 3 Select the services you wish to enable on the LAN and WAN sides. . step 4 Enter the IP Address of the LAN device you are currently managing the

iConnectAccess624W from in the New IP field.

step 5 Check the Add checkbox. The following warning message will appear.

Click OK to continue.

iConnectAccess624W

step 6 Enter any other management host IP address that you required in the New

IP field.

step 7 Check the Add checkbox. step 8 Click Apply, then Tools. The following appears:

step 9 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

The following table lists the Access Control screen fields and their definitions:

Field Description

Enable Access Control

Global Enable / Disable that enables or disables the ACL.

Service Name (WAN / LAN)

Services that can be opened on the LAN and WAN sides of the iConnectAccess624W. The options are: Telnet, Web, FTP, TFTP, Secure Shell (SSH), SNMP. Select as many as required.

IP Access List

A list of allowed IP Addresses.

New IP Address

Specify the new management host IP Address.

Add

Once you have specified the new management host IP Address, check the Add checkbox to add it.

Delete

Highlight the existing host IP Address and check the Delete checkbox.

iConnectAccess624W

Wireless Tab

The iConnectAccess624W allows you to configure many wireless properties inclu ding basic parameters, advanced features, security and management function s.

iConnectAccess624W

Setup

The Setup screen allows you to configure the basics to get your iConnectAccess624W working.

To Configure Basic Settings For Wireless:

From any screen in the web interface,

step 1 Click the Wireless tab, then Setup. The following screen appears:

step 2 Check the Enable AP checkbox to activate your wireless access point. The

wireless LED on the iConnectAccess624W lights up when the AP is enabled.

step 3 In the SSID field, enter a unique name (Service Set Identifier) for your

wireless network. The default is set to WLAN-AP-624W.

step 4 Check the Hidden SSID checkbox to hide the Service Set Identifier, if you

wish to hide your SSID.

step 5 Change the default channel if you have having wireless communication

problems. Channel 1 is the default setting.

step 6 Leave the wireless LAN mode as Mixed. Mixed is the default setting. step 7 Click Apply, then Tools. The following appears:

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

step 9 Click the Restart Access Point link to ensure all changes take effect.

The following table lists the Setup screen fields and their definitions:

Field Description

Enable AP

Check this checkbox to activate the access point. Disabling the AP will disable the wireless functionality. Only do this if you have no wireless clients. The default setting is Enabled.

SSID

The SSID is a unique name shared among all points in your wireless network. The default name is wlan-ap-624w. All network devices must share the same SSID in order to communicate successfully.

Hidden SSID

For additional security, check the Hidden SSID checkbox to hide the Service Set Identifier.

Channel B/G

Select the transmission range for the access point. Mixed

802.11b supported rate and 802.11g supported rate.

b only

802.11b supported rate only

b +

802.11b supported rate and 22 Mbps PBCC rate.

11g only

802.11g supported rate only.

b / g Mode

The default is Mixed Mode.

Reserved for proprietary clients.

User Isolation

Reserved for proprietary clients.

iConnectAccess624W

Wireless Configuration:

The Configuration screen allows you to configure the more advanced wireless features of the iConnectAccess624W. You will need to be familiar with Wireless technology before changing any of the advanced wireless settings.

To access the Wireless Configuration screen: Click the Wireless tab, then Configuration. The following screen appears:

iConnectAccess624W

The following table lists the Wireless Configuration screen fields and their definitions:

Field Description

Beacon Period

The Beacon Period is the period of time between beacon transmissions. Before a station enters Power Save mode, the stations require the beacon period to know when to wake up to receive the beacon (and learn whether there are buffered frames at the Access Point.) The default setting is 200.

DTIM Period

Delivery Traffic Indication Message. This is a countdown field for informing clients of the next window for listening to broadcast and multicast messages. When the Access Point has buffered a broadcast or multicast message for associated clients, it sends the next DTIM with a DTIM Period Value. The Access Point client awakens the broadcast and multicast messages. The default setting is 2.

RTS Threshold

The Request To Send (RTS) is a control frame sent from the transmitting station to the receiving station requesting permission to transmit. Should you encounter inconsistent data flow, only minor modifications of this value are recommended. The default setting is

2347.

Frag Threshold

This is the fragmentation mechanism used for improving the efficiency when high traffic flows along in the wireless network. The value can be set from 256 to 4096. Packets exceeding the 2346 byte setting will be fragmented before transmission. The default setting is 2346.



NOTE:

If the packet size is equal to or less than the threshold, the access point will not use fragmentation. If the threshold is set too low, this may result in poor performance.

Power Level

If you wish to have a shorter range signal for your antenna for security reasons, the distance can be limited by setting this to a lower percentage. The options are: Full, 50%, 25%, 12% or 6%.

Country String

Select the country in which the wireless network is operating from the drop-down list.

iConnectAccess624W

Security

Wireless security provides some protection against unauthorized access to your iConnectAccess624W and wireless LAN transmissions. Hiding the SSID means your network name is not visible to random scanning. Entering MAC Access Lists means the connection device MAC Address must match the address in the MAC Access List. WPA and WEP encrypt the data transmissions.

To Configure WEP Wireless Security:

From any screen in the web interface,

step 1 Click the Wireless tab, then Security. The following screen appears:

step 2 In the Select a Wireless Security level area, highlight the WEP radio button.

The following screen appears:

step 3 Check the Enable WEP Wireless Security checkbox. step 4 From the Authentication Type drop-down list, select the authentication type

as appropriate. The options are: Open, Shared or Both.

step 5 Highlight the encryption key you wish to select from the Select area of the

screen.

step 6 From the Cipher drop-down list, select the encryption key length. The

options are 64, 128 or 256 bits.

iConnectAccess624W

step 7 In the Encryption Key field, enter the encryption key, ensuring the key length

matches the Cipher. The following appears:



NOTE: If the key does not match the required Cipher, it will not be saved when

Apply is selected.

step 8 Click OK, Apply, then Tools. The following appears:

step 9 Click System Commands, then Save All.

step 10 Click OK, then from the Wireless Se curity screen, click the Restart Access

Point link at the bottom of the page. The System Commands page appears.

step 11 Click the Restart Access Point button to restart the router.

iConnectAccess624W

The following table lists the WEP Wireless Security fields and their definitions:

Field Description

Select a Basic Wireless Security Level

Select either no wireless security, or Wired Equivalent Privacy. WEP is the basic security protocol for all 802.1x wireless networks.

Enable WEP Wireless Security

Enables / Disables WEP security. There are three authentication types:

Open

If Open is selected, the associated station should be set at the same Authentication type as the Access Point.

Shared

If Shared is selected, there must be a key to be shared between the Access Point and the associated station.

Authentication Type

Both

Open or Shared will be selected automatically depending on the setting of the Access Point’s clients.

Select

Radio button highlighting the appropriate encryption key.

Encryption Key

Set the Key Value according to the WEP Cipher you select.

If 64 bits is selected, 10 Hex characters are required. If 128 bits is selected, 26 Hex characters are required. If 256 bits is selected, 58 Hex characters are required.

Cipher

You can select one of 64, 128, or 256 bits.

iConnectAccess624W

To Configure 802.1x Wireless Security:

From any screen in the web interface,

step 1 Click the Wireless tab, then Security. The following screen appears:

step 2 In the Select a Wireless Security level area, highlight the 802.1x radio

button. The following screen appears:

step 3 In the Server IP Address field, enter the IP address of the Radius server. step 4 In the Port field, enter the Port of the Radius server. step 5 In the Secret field, enter the secret code for the Radius server. step 6 In the Group Key Interval field, enter the Group Key Interval for the Radius

server.

step 7 Click Apply, then Tools. The following appears:

iConnectAccess624W

step 8 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

step 9 Click the Restart Access Point link to ensure all changes take effect.

The following table lists the 802.1x Wireless Security screen fields and their definitions:

Field Description

802.1x

Highlight the 802.1x radio button to select this as the security standard for your wireless modem / router.

Server IP Address (Radius)

The IP Address of the Radius server.

Port

Enter the Radius Server’s port number. The default is 1812.

Secret

Enter the secret phrase shared between the modem / router and the RADIUS Server.

Group Key Interval

Please enter the value to determine the length of time it should take to change the Group Keys. The default is 3600 seconds.

iConnectAccess624W

To Configure WPA Wireless Security:

From any screen in the web interface,

step 1 Click the Wireless tab, then Security. The following screen appears:

step 2 In the Select an Advanced Wireless Security level area, highlight the WPA

radio button. The following screen appears:

step 3 In the Group Key Interval field, enter the Group Key Interval. step 4 Either highlight

a) the 802.1x radio button, or b) the PSK String radio button.

step 4a If you highlighted the 802.1x radio button,

step i In the Server IP Address field, enter the IP address for the server. step ii In the Port field, enter the Port for the server. step iii In the Secret field, enter the secret field for this standard.

step 4b If you highlighted the PSK String radio button,

step i In the String field, enter the string for the Pre-Shared Key.

step 5 Click Apply, then Tools. The following appears:

iConnectAccess624W

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

step 7 Click the Restart Access Point link to ensure all changes take effect.

The following table lists the WPA Advanced Wireless Security screen fields and their definitions:

Field Definition

Group Key Interval

Please enter the value to determine the length of time it should take to change the Group Keys. The default is 3600 seconds.

802.1x Server IP Address

The IP Address of the 802.1x Server.

(802.1x) Port

Enter the Port for the 802.1x Server.

(802.1x) Secret

Enter the secret phrase / word to be assigned for the 802.1x Server.

PSK String

Highlight this radio button to enable the use of a Pre-Shared Key string.

String

Enter the Pre-Shared Key string in this field. This should be from 8-63 characters in length.

iConnectAccess624W

Management

To Enable The Access List:

From any screen in the web interface,

step 1 Click the Wireless tab, then Management. The following screen appears:

step 2 In the Access List area of the screen, check the Enable Access List

checkbox to activate the Access List. The Allow radio button is automatically highlighted. Only addresses entered in the MAC Address field will be granted access to the wireless network.

step 3 Highlight the Ban radio button if you wish to create a list of addresses you do

not want to allow access to the wireless network.

step 4 In the Mac Address field, enter the Mac address of the device for which you

wish to allow / ban access, and click the Add button. The added MAC Address will appear in the Mac Address area beneath the Add button.

step 5 Click Apply, then Tools. The following appears:

step 6 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

iConnectAccess624W

step 7 Click the Restart Access Point link to ensure all changes take effect.

The following table lists the Access List fields of the Wireless Manage ment screen and their definitions:

Field Description

Enable Access List

Enables / disables the Access List.

Allow / Ban

Select whether the list will be Banned or Allowed MAC Addresses.

Mac Address

Enter the Mac Address of the devices for which you wish to Allow / Ban access.

Add

Click the Add button to add a device’s Mac Address and allow /ban association with the wireless network.

iConnectAccess624W

Associated Stations

From any screen in the web interface,

step 1 Click the Wireless tab, then Management. step 2 Click the Associated Stations button. The following screen appears:

step 3 If you wish to ban any of the associated stations listed, highlight the Ban

Station radio button in the Associated Stations area, and click Apply.

step 4 Click Apply, then Tools. The following appears:

step 5 Click System Commands, then Save All. Click OK to confirm the save

when the following appears:

step 6 Click the Restart Access Point link to ensure all changes take effect.

iConnectAccess624W

The following table lists the Associated Stations screen fields and their definitions:

Field Description

Ban Station

Highlight this radio button if you wish to ban association of the station listed.

Mac Address

The MAC Address of the associated station.

State

The state indicates the current state between the associated station and the wireless network.

SSID

The SSID for the associated station.

Active Rate

The current data transmitting / receiving rate.

iConnectAccess624W

100

Multiple SSID

This feature is not available when wireless security features are enabled.

To Enable Multiple SSIDs:

From any screen in the web interface,

step 1 Click the Wireless tab, then Management. step 2 Click the Multiple SSID button. The following warning message appears.

Click OK if you wish to continue.

step 3 In the Multiple SSID area of the screen, check the Enable Multiple SSID

checkbox.

step 4 In the SSID: field, enter the SSID for your wireless modem and click Add.

The added SSID appears in the area beneath the Delete, Key and SSID fields.

step 5 Click Apply, then Tools. The following appears:

Open iConnectAccess624W Technical Reference/users Manual

Specifications and Main Features

Frequently Asked Questions

User Manual