Option Audio GlobeSurfer 3G Reference Manual

GlobeSurfer 3G

version 3.15.4 R2H

Reference Manual

Copyright © 2005, Option

All information about Option GlobeSurfer 3G may change without prior notice.
Information published in this user guide is accurate at the time of publication.
Although all security precautions were taken during the creation of this user guide
Option is not liable toward persons or organizations for losses or damages caused
either directly or indirectly due to instructions contained in this user guide.

All brands and registered brands are property of their respective owners. Services may
be changed, added, or deleted. For the newest firmware version of your Globesurfer
3G, visit www.option.com

Questions and answers regarding the GlobeSurfer 3G can be found on our Support
website:

http://support.option.com/support/faq.php

Technical questions can be posted after registering through our online Support Web
Form:

http://support.option.com/support/newticket.php

For registering please go to:

http://support.option.com/support/register.php

DOC-UM--12-2005

December, 2005

i

Contents

Table of Contents ii

1 Introduction to GlobeSurfer 3G 1

1.1 About This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . 2

1.2 Basic Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.3 Step 1 - Setting up LAN and WAN Connections . . . . . . . . . 3

1.3.1 LAN Connection . . . . . . . . . . . . . . . . . . . . . . . 3

1.3.2 WAN Connection . . . . . . . . . . . . . . . . . . . . . . . 4

1.4 Step 2 - PC Network Configuration . . . . . . . . . . . . . . . . . 4

1.4.1 Windows XP . . . . . . . . . . . . . . . . . . . . . . . . . 5

1.4.2 Windows 2000/98/Me . . . . . . . . . . . . . . . . . . . . 5

1.5 Step 3 - GlobeSurfer 3G Quick Setup . . . . . . . . . . . . . . . . 6

1.5.1 UMTS Setup . . . . . . . . . . . . . . . . . . . . . . . . . . 7

1.5.2 Wireless Setup . . . . . . . . . . . . . . . . . . . . . . . . . 8

1.5.2.1 Encryption . . . . . . . . . . . . . . . . . . . . . 8

1.5.3 Firewall Setup . . . . . . . . . . . . . . . . . . . . . . . . . 9

1.6 Additional Network Configuration . . . . . . . . . . . . . . . . . 9

1.7 Adding Computers to Your Network . . . . . . . . . . . . . . . . 10

2 GlobeSurfer 3G Management Console 11

2.1 Accessing the GlobeSurfer 3G Management Console . . . . . . . 11

2.2 Left Sidebar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.3 UMTS Connection Status . . . . . . . . . . . . . . . . . . . . . . . 13

2.4 Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.5 Managing Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

3 SMS Manager 15

3.1 Reading an SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

3.2 Creating an SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

3.2.1 Sent folder . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3.3 Archiving an SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3.4 SMS Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3.5 SMS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

4 Network Connections 19

4.1 WAN UMTS Connection . . . . . . . . . . . . . . . . . . . . . . . 21

4.1.1 General Network Connection Parameters . . . . . . . . . 22

4.1.2 UMTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

4.1.3 PPP Authentication . . . . . . . . . . . . . . . . . . . . . . 23

4.1.4 Internet Protocol Settings . . . . . . . . . . . . . . . . . . 24

ii

4.1.5 DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . 24

4.1.6 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

4.1.7 Additional Network Connection Settings . . . . . . . . . 26

4.2 LAN Ethernet Connection . . . . . . . . . . . . . . . . . . . . . . 27

4.2.1 General Network Connection Parameters . . . . . . . . . 27

4.2.2 Internet Protocol . . . . . . . . . . . . . . . . . . . . . . . 28

4.2.3 DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . 29

4.2.4 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

4.2.5 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

4.2.6 Additional Network Connection Settings . . . . . . . . . 32

4.3 LAN Wireless Connection . . . . . . . . . . . . . . . . . . . . . . 33

4.3.1 Configuring Your Wireless Network . . . . . . . . . . . . 33

4.3.1.1 Configuring your GlobeSurfer 3G Wireless Con-

nection . . . . . . . . . . . . . . . . . . . . . . . 33

4.3.1.2 Configuring Your Wireless Windows XP Client 34

4.3.2 Securing Your Wireless Network . . . . . . . . . . . . . . 39

4.3.2.1 Securing Your Wireless Network with WPA . . 39

4.3.2.2 Connecting a Wireless Windows XP Client to

the Secured Wireless Network . . . . . . . . . . 41

4.3.3 Advanced Wireless Connection Settings . . . . . . . . . . 47

4.3.3.1 General Network Connection Parameters . . . 47

4.3.3.2 Wireless Access Point . . . . . . . . . . . . . . . 47

4.3.3.3 MAC filtering settings . . . . . . . . . . . . . . . 48

4.3.3.4 Advanced Wireless Options . . . . . . . . . . . 48

4.3.3.5 Wireless Security . . . . . . . . . . . . . . . . . 49

4.3.3.6 Internet Protocol . . . . . . . . . . . . . . . . . . 50

4.3.3.7 Additional Network Connection Settings . . . . 51

4.4 LAN Bridge Connection . . . . . . . . . . . . . . . . . . . . . . . 52

4.4.1 General Network Connection Parameters . . . . . . . . . 52

4.4.2 Internet Protocol . . . . . . . . . . . . . . . . . . . . . . . 53

4.4.3 Bridge Settings . . . . . . . . . . . . . . . . . . . . . . . . 54

4.4.4 DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . 54

4.4.5 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

4.4.6 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

4.4.7 Additional Network Connection Settings . . . . . . . . . 57

4.5 VPN PPTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

4.5.1 Creating a PPTP Client Connection . . . . . . . . . . . . 59

4.5.2 Creating a PPTP Server Connection . . . . . . . . . . . . 61

4.5.3 Configuring a PPTP Connection . . . . . . . . . . . . . . 64

4.5.3.1 General . . . . . . . . . . . . . . . . . . . . . . . 64

4.5.3.2 PPP Settings . . . . . . . . . . . . . . . . . . . . 65

4.5.3.3 PPP Authentication . . . . . . . . . . . . . . . . 65

4.5.3.4 PPP Encryption . . . . . . . . . . . . . . . . . . 66

4.5.3.5 Internet Protocol . . . . . . . . . . . . . . . . . . 66

4.5.3.6 DNS Server . . . . . . . . . . . . . . . . . . . . . 67

4.5.3.7 Routing . . . . . . . . . . . . . . . . . . . . . . . 68

4.5.3.8 Internet Connection Firewall . . . . . . . . . . . 69

4.6 VPN L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

4.6.1 Creating an L2TP Connection . . . . . . . . . . . . . . . . 70

4.6.2 Configuring an L2TP Connection . . . . . . . . . . . . . . 72

iii

4.6.2.1 General . . . . . . . . . . . . . . . . . . . . . . . 72

4.6.2.2 PPP Settings . . . . . . . . . . . . . . . . . . . . 73

4.6.2.3 PPP Authentication . . . . . . . . . . . . . . . . 74

4.6.2.4 PPP Encryption . . . . . . . . . . . . . . . . . . 74

4.6.2.5 PPP Compression . . . . . . . . . . . . . . . . . 75

4.6.2.6 Internet Protocol . . . . . . . . . . . . . . . . . . 75

4.6.2.7 DNS Server . . . . . . . . . . . . . . . . . . . . . 76

4.6.2.8 Routing . . . . . . . . . . . . . . . . . . . . . . . 77

4.6.2.9 Internet Connection Firewall . . . . . . . . . . . 78

4.7 VPN IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

4.7.1 IPsec Network-to-Host Scenario Connection . . . . . . . 79

4.7.1.1 Configuring IPsec on GlobeSurfer 3G . . . . . . 79

4.7.1.2 Configuring IPsec on the Windows Host . . . . 82

4.7.2 IPsec Network-to-Network Scenario Connection . . . . . 95

4.7.2.1 Network Configuration . . . . . . . . . . . . . . 95

4.7.2.1.1 LAN Interface Settings . . . . . . . . . 95

4.7.2.2 Network-to-Network with Pre-shared Secrets . 97

5 Security 102

5.1 General Security Level Settings . . . . . . . . . . . . . . . . . . . 104

5.2 Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

5.3 Local Servers (Port Forwarding) . . . . . . . . . . . . . . . . . . . 110

5.4 DMZ Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

5.5 Port Triggering . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

5.6 Remote Administration . . . . . . . . . . . . . . . . . . . . . . . 117

5.7 IP-Hostname Filtering . . . . . . . . . . . . . . . . . . . . . . . . 119

5.8 Advanced Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . 122

5.8.1 Adding an Advanced Filtering Rule . . . . . . . . . . . . 123

5.9 Security Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

5.9.1 Security Log Settings . . . . . . . . . . . . . . . . . . . . . 130

5.10 User-defined Services . . . . . . . . . . . . . . . . . . . . . . . . . 132

5.11 Applying Corporate-Grade Security . . . . . . . . . . . . . . . . 134

6 Advanced 136

6.1 System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

6.1.1 System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

6.1.2 GlobeSurfer 3G Management Console Settings . . . . . . 139

6.1.3 Management Application Ports Settings . . . . . . . . . . 139

6.1.4 System Logging Settings . . . . . . . . . . . . . . . . . . . 140

6.1.5 Security Logging Settings . . . . . . . . . . . . . . . . . . 140

6.1.6 Outgoing Mail Server Settings . . . . . . . . . . . . . . . 140

6.1.7 HTTP interception . . . . . . . . . . . . . . . . . . . . . . 140

6.2 DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

6.2.1 Viewing and Modifying the DNS Table . . . . . . . . . . 141

6.3 Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

6.3.1 Using Dynamic DNS . . . . . . . . . . . . . . . . . . . . . 143

6.4 Network Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

6.5 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

6.5.1 DHCP Server Summary . . . . . . . . . . . . . . . . . . . 146

6.5.2 DHCP Server Settings . . . . . . . . . . . . . . . . . . . . 147

iv

6.5.3 DHCP Server Relay Settings . . . . . . . . . . . . . . . . 148

6.5.4 DHCP Connections . . . . . . . . . . . . . . . . . . . . . . 148

6.6 Network Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

6.7 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

6.7.1 Managing Routing Table Rules . . . . . . . . . . . . . . . 153

6.7.2 Multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . 154

6.8 Managing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

6.9 Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

6.9.1 Digital Certificates . . . . . . . . . . . . . . . . . . . . . . 157

6.9.2 X.509 Certificate Format . . . . . . . . . . . . . . . . . . . 157

6.9.3 Obtaining an X.509 Certificate . . . . . . . . . . . . . . . 158

6.9.4 Registering a CA’s Certificate . . . . . . . . . . . . . . . . 162

6.10 Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

6.11 Scheduler Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

6.12 Firmware Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . 166

6.12.1 Upgrading From a Local Computer . . . . . . . . . . . . 166

6.13 Point-to-Point Tunneling Protocol (PPTP) . . . . . . . . . . . . . 168

6.13.1 Managing Remote Users . . . . . . . . . . . . . . . . . . . 168

6.13.2 Advanced PPTP Server Settings . . . . . . . . . . . . . . 170

6.13.3 Advanced PPTP Client Settings . . . . . . . . . . . . . . . 170

6.14 IP Security (IPsec) . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

6.14.1 Technical Specifications . . . . . . . . . . . . . . . . . . . 172

6.14.2 Basic IPsec Connection Settings . . . . . . . . . . . . . . . 172

6.14.2.1 Key Management . . . . . . . . . . . . . . . . . 173

6.14.2.2 Log Settings . . . . . . . . . . . . . . . . . . . . 174

6.14.3 Advanced IPsec Connection Settings . . . . . . . . . . . . 174

6.15 Universal Plug and Play (UPnP) . . . . . . . . . . . . . . . . . . 177

6.16 Simple Network Management Protocol (SNMP) . . . . . . . . . 178

6.16.1 Configuring GlobeSurfer 3G’s SNMP Agent . . . . . . . 178

6.17 Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

6.17.1 Diagnosing Network Connectivity . . . . . . . . . . . . . 179

6.18 Advanced Remote Administration . . . . . . . . . . . . . . . . . 180

6.19 SIM Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

6.20 Unlock Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

6.21 Restoring Default Settings . . . . . . . . . . . . . . . . . . . . . . 184

6.22 Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

6.23 Technical Information . . . . . . . . . . . . . . . . . . . . . . . . 186

7 System Monitoring 187

7.1 Monitoring Connections . . . . . . . . . . . . . . . . . . . . . . . 188

7.2 Traffic Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

7.3 System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

7.4 System Up Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

A Glossary 192

v

List of Acronyms

3G Third Generation (mobile network)
ALG Application-Level Gateway
API Application Programming Interface
APN Access Point Name
CA Certificate Authority
DHCP Dynamic Host Configuration Protocol
DMZ Demilitarized Zone
DNS Domain Name System
DSL Digital Subscriber Line
FTP File Transfer Protocol
HTTP HyperText Transport Protocol
IAD Integrated Access Device
ICMP Internet Control Message Protocol
IGMP Internet Group Multicast Protocol
IP Internet Protocol
IPsec IP Security
LAN Local Area Network
MAC Media Access Control
MTU Maximum Transmission Unit
NAPT Network Address Port Translation
OAM Operations and Maintenance
OEM Original Equipment Manufacturer
PDA Personal Digital Assistant
POP3 Post Office Protocol 3
PPP Point-to-Point Protocol
PPTP Point-to-Point Tunneling Protocol
PUK Pin Unlocking Key
RG Residential Gateway
RIP Routing Information Protocol
SMS Short Message Service
SMSC Short Message Service Center
SIM Security Identity Module
SNMP Simple Network Management Protocol
SPI Stateful Packet Inspection
TCP Transmission Control Protocol
TFTP Trivial File Transfer Protocol
UDP User Datagram Protocol
UMTS Universal Mobile Telephony System
UPnP Universal Plug and Play

vi

URL Universal Resource Locator
VPN Virtual Private Network
WAN Wide Area Network
WEP Wireless Encryption Protocol
WLAN Wireless Local Area Network
WPA Wireless Protected Access

vii

1

Introduction to GlobeSurfer 3G

Welcome to the third generation wireless network. By combining a wireless
router following the 802.11 b/g WLAN standard with a 3G UMTS Gateway
the GlobeSurfer 3G presents a new style of wireless freedom.

The GlobeSurfer 3G is a 802.11b/g wireless router and Internet gateway that
provides Internet access for homes and small offices over the 3G UMTS net­work. By connecting laptops and stationary computers with either WLAN or
Ethernet to the GlobeSurfer 3G you will get Internet access with a speed similar
to a fixed DSL connection. And while sharing the wireless Internet connection
you will also be able to share the resources of the local computers connected to
the GlobeSurfer 3G.

GlobeSurfer 3G is easy to install and use. Yet it provides advanced network­ing functions and security functions that can be configured with a web-based
management interface. Its small attractive design and powerful built-in func­tionality makes your Internet surfing easy and secure in any location with 3G
access and a power outlet.

Some of the attractive features of the GlobeSurfer 3G:

• WAN - UMTS uplink and downlink

• Small attractive design with informative display

• Sends and receives SMS

• WLAN according to 802.11 b/g for maximum compatibility

• Ethernet connection for stationary computers

• Built-in firewall to protect against hacker attacks

• Wireless LAN Security: WEP, WPA, 802.1x

• VPN (Virtual Private Network): IPsec, PPTP, L2TP

1

Figure 1.1: The GlobeSurfer 3G

• Web-based management console makes configuration intuitive

• System statistics and monitoring for the advanced users

• Remote upgrade to stay in touch with the future

1.1 About This Manual

This manual describes configuration and operation of the GlobeSurfer 3G. It
is intended as a complement to the GlobeSurfer 3G User Guide to provide ref­erence information for the advanced user of the GlobeSurfer 3G. It is assumed
that the hardware installation of the GlobeSurfer 3G has been done when the
Reference Manual is read.

This version of the manual is valid for GlobeSurfer 3G version 3.15.4 R2H.
Other product versions with customer specific functions not described in this
manual, may be available.

2

Figure 1.2: Hardware Configuration

1.2 Basic Setup

Connecting your computer or local network to the GlobeSurfer 3G is a simple
procedure, varying slightly depending on your operating system. The setup is
designed to seamlessly integrate GlobeSurfer 3G with your computer or local
network.

The Windows default network settings will in most cases make the setup pro­cedure described below unnecessary. For example, the default DHCP setting
in Windows is client, requiring no further modification.

However, it is advised to follow the setup procedure described below to verify
that all communication parameters are valid and that the physical cable con­nections are correct.

The basic setup procedure consists of three consecutive configuration steps
(Please refer to figure 1.2):

1. Setting up LAN and WAN connections [1.3]

2. PC network configuration [1.4]

3. GlobeSurfer 3G Quick Setup [1.5]

1.3 Step 1 - Setting up LAN and WAN Connections

1.3.1 LAN Connection

Your computer can connect to the GlobeSurfer 3G either with a fixed cable
connection or with a wireless connection.

If you want to use a fixed connection, connect a standard Ethernet RJ-45 cable
(Category 5) between the LAN socket on the GlobeSurfer 3G and the corre­sponding Ethernet LAN port of your PC network card. Consult the GlobeSurfer
3G User Guide for more information about the LAN port.

3

If you want to use a wireless connection, according to the 802.11 b/g WLAN
standard, follow the instructions from the supplier of your WLAN adapter
card, or your PC if the WLAN adapter is built into the PC.

1.3.2 WAN Connection

Setting up the WAN connection requires that a SIM card is inserted correctly
into the SIM slot of the GlobeSurfer 3G. See the User Guide for instructions on
how to insert the SIM card. With the SIM card in place you configure the WAN
connection through the Quick Setup of the GlobeSurfer 3G (see section 1.5. The
first time you login to the GlobeSurfer 3G you will have to enter a PIN code.
The PIN code is received from your ISP, but normally provided separately from
the SIM card for security reasons.

1.4 Step 2 - PC Network Configuration

The GlobeSurfer 3G provides a DHCP server, which means that each computer
connected to the LAN can obtain its network addresses – IP address and DNS
server IP addresses – automatically from the GlobeSurfer 3G. This is the de­fault setting in Windows and valid in most cases. Alternatively, each network
interface on the LAN PCs can be configured with a statically defined IP ad­dress and DNS address. If this is the case you must receive valid addresses
from your network operator and configure your PC and the GlobeSurfer 3G
accordingly. Then refer to section 4.2.

Figure 1.3 displays the TCP/IP Properties dialog box as it appears in Windows
XP. These properties are available on all operating systems but are accessed
slightly differently on each operating system.

4

Figure 1.3: IP and DNS Configuration

1.4.1 Windows XP

1. Access Network Connections from the Control Panel.

2. Right-click on the Ethernet connection icon, and select Properties.

3. Under the General tab, select the Internet Protocol (TCP/IP) component,
and click the Properties button.

4. The Internet Protocol (TCP/IP) properties window will be displayed (see
figure 1.3).

(a) Select the Obtain an IP address automatically radio button.

(b) Select the Obtain DNS server address automatically radio button.

(c) Click OK to save the settings.

1.4.2 Windows 2000/98/Me

1. Access Network and Dialing Connections from the Control Panel.

5

2. Right-click on the Ethernet connection icon, and select Properties to dis­play the connection’s properties.

3. Select the Internet Protocol (TCP/IP) component, and click the Properties
button.

4. The Internet Protocol (TCP/IP) properties will be displayed.

(a) Select the Obtain an IP address automatically radio button.

(b) Select the Obtain DNS server address automatically radio button.

1.5 Step 3 - GlobeSurfer 3G Quick Setup

The GlobeSurfer 3G management console allows you to control various GlobeSurfer
3G system parameters. The interface is accessed through a web browser:

1. Start a web browser on your PC.

2. Enter the address 192.168.1.1 to display the GlobeSurfer 3G management
console. When first logging on to the management console, the welcome
screen will appear (see figure 1.4), enabling you to place a shortcut to this
screen in your Favorites folder. Click OK to continue. The Login Setup
screen will appear (see figure 2.1).

Figure 1.4: Welcome to GlobeSurfer 3G

3. To configure your login settings, enter a user name and password. To
verify correctness retype the password, and click OK to login to the man­agement console. For security reasons it is strongly recommended that
you change the default user name and specify a password. However,
make sure you remember your new user name and password, since this
is the only way you will be able to login to the GlobeSurfer 3G from now
on.

6

Figure 1.5: Login Settings

4. Quick setup helps you to quickly set the most important settings of your
GlobeSurfer 3G. The Quick setup page is launched automatically when
you log on to GlobeSurfer 3G for the first time (see figure

1.6). Alterna-

tively, click the Quick setup icon on the left sidebar. The following sections
describe the various configuration parameters of Quick setup. Once you
have filled the Quick setup sections as described below, click the OK but­ton to configure your GlobeSurfer 3G.

Figure 1.6: Quick Setup

1.5.1 UMTS Setup

Check or change the following settings on the Quick setup screen to configure
the UMTS connection:

• Access point name: Enter the access point name as provided by your
Internet Service Provider (ISP), or accept the name already set.

7

• Connect automatically: To automatically set up a UMTS connection when
data is about to be sent or received, select Automatically. If Manually is se­lected, you must press the Connect button on the GlobeSurfer 3G each
time a connection is required.

• Inactivity timeout: There is normally no need to change the default value
of 10 minutes. Set it to zero (0) if you don’t want the UMTS connection to
disconnect automatically at all. The maximum value is 1440 minutes (24
h). The inactivity timeout is not affected by incoming traffic.

1.5.2 Wireless Setup

The following settings are the most important to set up for the local Wireless
LAN:

• SSID: The Service Set Identifier (SSID) is the name of the specific wire­less network. Enter a name that you want to use as an identifier of your
specific local wireless network (maximum 32 characters).

• SSID broadcast: When this checkbox is set to Enabled the GlobeSurfer 3G
will broadcast the SSID on your wireless network. This will allow unau­thorized devices from detecting your SSID and attempting to connect
to your network. De-select the checkbox to disable broadcasting of the
SSID. Disabling SSID broadcast will hide the name of the network from
other wireless devices. This provides a very basic form of security. Other
devices will still be able to connect, provided that they are supplied with
the SSID. A recommendation is to install your wireless network with this
feature enabled and then disable it once you have set up the GlobeSurfer
3G and any wireless clients.

• Encryption: With No encryption selected, anyone with a Wireless PC can
eavesdrop on your network. No encryption should only be used during
installation of your network to simplify the setup procedure. Select WEP
encryption or WPA encryption once your local wireless network has been
set up. See below for instructions on how to set the encryption type.

1.5.2.1 Encryption

The GlobeSurfer 3G supports two types of encryption:

• WEP: Wireless Equivalent Privacy (WEP) is a 64 bit or 128 bit encryption
method with user configurable fixed keys. However, only 40/104 bits are
effectively used.

• WPA: Wi-Fi Protected Access (WPA) is a 256 bit encryption method with
keys that change over time.

Note: WPA provides a higher level of security, provided by its longer key and
dynamic changes made to the key over time. Use WPA with any clients that
support it. If you enable encryption on the GlobeSurfer 3G, you must configure
your wireless PCs to use exactly the same encryption type and keys, otherwise
the devices will not understand each other. The encryption secures the wire­less communication between GlobeSurfer 3G and its wireless clients. Enabling

8

encryption has no security effect on data transmitted through wired (Ethernet)
connections.

• Configuring WEP:

There are two levels of WEP encryption available, 64 bit and 128 bit. Se­lect the desired level. Enter the pre-shared key in either hexadecimal
(0-9, A-F) format, 10 or 26 characters, or plain text (ASCII) format, 5 or 13
characters.

• Configuring WPA:

With WPA there is only one level of encryption available. Enter the pre­shared key, either as a 256 bit series of hexadecimal digits (64 characters)
or as a plain text (ASCII) pass-phrase (at least 8 characters).

Note: A plain text string is much easier to remember than hex keys, but it may
be easier to crack. Also note that the ASCII-text format may not be supported
by all wireless devices, since different manufacturers have developed different
ways of converting plain text. If you are experiencing difficulty, the hex key
format is supported by most vendors.

1.5.3 Firewall Setup

The GlobeSurfer 3G firewall has three pre-defined levels of security. As default
the typical security is set, which blocks all traffic that has been initiated by an
external (Internet) source, and allows all traffic that has been initiated from
your local network.

Note: It is the origin of the request, not subsequent responses to this request, that
determines whether the incoming or outgoing traffic is allowed or blocked.

To learn more about how to configure your firewall security parameters, please
refer to Section 5. If you wish to apply corporate-grade security to your net­work refer to Section 5.11.

1.6 Additional Network Configuration

GlobeSurfer 3G does not require further configuration in order to start work­ing. After the setup described in this chapter, you can immediately start using
the GlobeSurfer 3G to:

• Build a local network by connecting additional PCs and network devices
to the GlobeSurfer 3G.

• Share the Internet connection among multiple users and between all of
the computers connected to your local network.

• Share resources like file servers, printers, etc. between computers in the
local network.

• Control network parameters to, for example, set up Virtual Private Net­works, LAN bridges and configure the security settings.

• View network status, traffic statistics, system log and more.

9

Advanced users can fully configure and control the GlobeSurfer 3G via the
web-based management console. Chapter 2 serves as an introduction to the
management console; in-depth module-specific information is available through­out chapters 4 – 7.

1.7 Adding Computers to Your Network

Any computers with a 802.11b/g wireless adapter will be able to connect to
the WLAN created with the GlobeSurfer 3G. To connect additional computers
without a wireless adapter to your GlobeSurfer 3G, connect a hub or switch
to the LAN port, and then connect the computers to the hub or switch. Make
sure to configure all computers to automatically obtain a network address as
described above.

10

2

GlobeSurfer 3G Management

Console

The GlobeSurfer 3G management console described here allows you to control
various GlobeSurfer 3G system parameters, using a user-friendly graphical in­terface. The management console includes a quick setup screen, a graphical
network map, network configuration, security configuration, authentication
with multiple-user support, connection monitoring and more.

2.1 Accessing the GlobeSurfer 3G Management Con­sole

To access the management console:

1. Launch a Web-browser on a PC in the LAN or WLAN.

2. Type the IP address of the GlobeSurfer 3G or a name as provided by the
supplier in the address bar (Internet Explorer) or location bar (Netscape
Navigator). The default IP address is 192.168.1.1, and default name is
http://umts-gateway.my-domain.

3. Enter your username and password to log on to the web-based manage­ment console. Note: for security reasons, you should change these set­tings after the initial login as explained in Section 1.5. The default user
name is admin, and the default password is none.

11

Figure 2.1: First Time Login

Your session will automatically time-out after a few minutes of inactivity. If
you try to operate the management console after the session has expired the
Login screen will appear and you will have to reenter your user name and pass­word before proceeding. This feature helps to prevent unauthorized users from
accessing the management console and changing the GlobeSurfer 3G settings.

2.2 Left Sidebar

The GlobeSurfer 3G management console screens have been grouped into sev­eral subject areas and may be accessed by clicking on the appropriate icon in
the left sidebar.

The subject areas are:

Connection status: Display the status of the
UMTS connection (see Section 2.2)

SMS: Send, receive and maintain SMS messages
(see Chapter

3)

Quick setup: Quickly configure your
GlobeSurfer 3G (see Section 1.5)

Network connections: Create and configure net­work connections (see Chapter 4)

Security: Configure the Firewall and regulate
communication between the Internet and the lo­cal network (see Chapter 5)

Advanced: Control system parameters (DHCP
server, DNS) and perform administrative func­tions, including changing password, setting date
and time and upgrading the system (see Chap­ter 6)

12

System monitoring: View network status, traffic
statistics and the system log (see Chapter 7)

Logout: Log out from GlobeSurfer 3G

2.3 UMTS Connection Status

The Connection status screen shows the status of the UMTS connection and pro­vides a button to manually connect and disconnect. To connect automatically
as required, for example when an Internet address is entered in the browser,
select the radio button Automatically.

The following additional information is provided:

• Current connection time: the duration of the current connection.

• Total connection time: the cumulated duration of all connections.

• Bytes received: the amount of data received in bytes.

• Bytes sent: the amount of data sent in bytes.

The information in Connection status can be refreshed and updated manually
by clicking Refresh. You can also set Connection status to update automatically
by clicking Automatic refresh on once.

View UMTS connection status.

Figure 2.2: UMTS Connection Status

13

2.4 Getting Help

The help icon on the upper right side of the management console may be used
to get on-line help about the settings you see on each particular screen.

View help information about each specific man­agement console screen.

2.5 Managing Tables

Tables are used throughout the GlobeSurfer 3G management console. They
handle user-defined entries relating to elements such as network connections,
local servers, restrictions and configurable parameters. The principles outlined
in this section apply to all tables in the management console.

Figure 2.3: Typical Table Structure

Figure 2.3 illustrates a typical table. Each row defines an entry in the table.
The following icons located in the Action column enable adding, editing and
deleting table entries:

Click the Add icon to add an entry of the same type as on that row.

Click the Edit icon to edit the entry on that row.

Click the Delete icon to remove the entry on that row.

In many tables the last row includes a link that allows adding a new entry to
the table.

14

3

SMS Manager

The SMS Manager is used for sending, receiving and managing your SMS mes­sages. Using the SMS Manager is just like using the SMS functions on a mobile
phone, but with the convenience of a full size PC screen and keyboard.

Access the SMS Manager by clicking SMS in the
left sidebar.

The display of the GlobeSurfer 3G shows an envelope symbol when a new SMS
message is received.

3.1 Reading an SMS

1. When starting the SMS Manager the Inbox tab of the SMS Manager is
displayed (see figure 3.1). The inbox displays all received SMS messages
in a table. Unread SMS messages are shown in bold.

Figure 3.1: SMS Manager Inbox

2. Click the SMS in the table that you want to read. The complete message
text is shown.

15

Figure 3.2: Reading an SMS

3. When you have read the SMS you can click any of the buttons underneath
to:

• Reply to the sender. You will then be moved to the SMS create

screen with the received text displayed and the phone number of
the sender already filled in (see Section 3.2).

• Delete the SMS. Note: The SMS is deleted immediately without con­firmation and is not possible to restore.

• Archive the SMS (see Section 3.3).

• Forward the SMS. You will be moved to SMS Create with the re­ceived text displayed (see Section 3.3).

3.2 Creating an SMS

1. Select the SMS create tab of the SMS Manager.

2. Type your message text in the SMS message field. The Characters left field

shows how many characters you can type before the size limit is reached.

3. Enter the phone number of the receiver in the Phone numbers field. Ad-

ditional numbers can be separated with a comma. Maximum 10 numbers
are allowed. The phone number should be formated like +49176123456789
for international and like 0176123456789 for national numbers.

4. Select the Flash SMS checkbox if you want the SMS to be shown in full on

the receiver’s display immediately when received (not supported by all
mobile terminals).

5. Click the Send button when ready. Or click the Save as template button to

save the message as a template for future use.

16

Figure 3.3: Creating an SMS

3.2.1 Sent folder

The SMS is put in the Sent folder whether it was successfully sent or not.

3.3 Archiving an SMS

The SMS archive is a storage area for SMS messages that you want to save. The
total maximum number of SMS messages in the Sent, Outbox, Archive and
Templates folders is 100.

1. Select the SMS that you want to store, either from the Inbox or from the
Sent folder.

2. Click the Archive button below the open SMS. The message is moved to
the archive.

3. Select the Archive tab and check that the message has been added to the
archive table.

Figure 3.4: The SMS archive

3.4 SMS Templates

Templates can be used when you write messages with similar contents. Then
create an SMS with the standard text and save it as a template.

17

• To create a new template:

1. Select the SMS Create tab to create a new message to use as a tem-

plate (see Section 3.2).

2. Click the Save as template button when ready.

• To use an existing template:

1. Select the Templates tab, and then click the message that you want to

use.

Figure 3.5: SMS Templates

You are then moved to the SMS create tab to change the text and to
enter the phone number of the receiver, as required.

2. Click the Send button when ready.

3.5 SMS Settings

The only specific SMS Manager setting you can do is to set the number to the
Short Message Service Center (SMSC number). This number is normally pre­configured by your ISP and stored in the SIM card.

Click the Settings tab to display the SMSC number. Enter the new number and
click OK.

Figure 3.6: SMS Manager Settings

18

4

Network Connections

The Network connections screen enables you to configure the various parameters
of each LAN, WAN and VPN connection. The following sections describe the
network connection screens to configure:

• WAN - Connecting via UMTS to the Internet

– UMTS connection (see Section 4.1).

• LAN - Creating a local network

– Ethernet connection (see Section 4.2).

– Wireless connection (see Section 4.3).

– LAN bridge connection (see Section 4.4).

• VPN - Creating a secured connection

– PPTP (see Section 4.5).

– LT2P (see Section 4.6)

– IPsec (see Section 4.7).

19

1. Click the Network connections icon on the sidebar. (see figure 4.1).

Figure 4.1: Network connections – Advanced

2. Click your connection entry in the network connections table to view the
connection properties.

3. Click New connection to start a wizard to create a new connection type.

20

4.1 WAN UMTS Connection

The UMTS connection connects the GlobeSurfer 3G to the Internet and other
networks through the 3G/UMTS mobile telecommunications standard. The
WAN UMTS properties screen displays a summary of the connection properties.

Figure 4.2: WAN UMTS Properties

Clicking on the Settings button at the bottom-right of the connection’s Proper­ties window, will open its Configuration window.

21

Figure 4.3: WAN UMTS Configuration

4.1.1 General Network Connection Parameters

MTU MTU is the Maximum Transmission Unit. It specifies the largest packet

size permitted for Internet transmission. The setting Manual, allows you
to enter the largest packet size that will be transmitted. To have the
GlobeSurfer 3G select the best MTU for your Internet connection, select
Automatic.

4.1.2 UMTS

• Access point name: Enter the access point name as provided by your
Internet Service Provider (ISP), or accept the name already set.

• Connect automatically: To automatically set up a UMTS connection when
data is about to be sent or received, select Automatically. If Manually is
selected, you must press the Connect button on the GlobeSurfer 3G to
connect each time a connection is required.

• Inactivity timeout: There is normally no need to change the default value
of 10 minutes. Set it to zero (0) if you don’t want the UMTS connection to
disconnect automatically at all. The inactivity timeout is not affected by
incoming traffic.

22