Smartrg SR506N User Manual

Download

501 SE Columbia Shores Boulevard, Suite 500

Vancouver, Washington 98661 USA

+1 360 859 1780 / smartrg.com

/ Gateway User Manual

Model: SR506n

Release 1.0 December 2016

Table of Contents

Introduction 4

Disclaimer 4 Copyright and Trademarks 4 Safety Warnings 4 FCC Information 5

Welcome! 6

Purpose & Scope 6 Intended Audience 6 Getting Assistance 6

Getting Familiar with your Gateway 7

LED Status Indicators 7 Connections 8 Buttons 9

On/Off Button 9 Reset Button 9 WPS Button 9 WiFi Button 9

Installing your SR506n Gateway 10 Logging in to your Gateway's UI 11 Device Info 12

Summary 12 WAN 13 Statistics 15

LAN 15 WAN Service 16 xTM 16 xDSL 17

References 21 Route 21 ARP 23 DHCP 24

Advanced Setup 25

Layer2 Interface 25

ATM Interface 25 PTM Interface 28 ETH Interface 30

WAN Service 31

PPP over Ethernet 31 IP over Ethernet 39 Bridging 48

LAN 51

IPv6 Autoconfig 55 Ethernet Config 56 NAT 58

Virtual Servers 58

Port Triggering 60

DMZ Host 62 Security 62

IP Filtering - Outgoing 63

IP Filtering - Incoming 64

MAC Filtering 66

Adding a MAC Filtering Rule 67

Parental Control 67

Time Restriction 68

URL Filter 69 Quality Of Service 70

QoS Config 70

Supported DSCP Values 71

QoS Queue Config 72

Wlan Queue 74 QoS Classification 74 QoS Port Shaping 78

Routing 80

Default Gateway 80 Static Route 80 Policy Routing 81 RIP (Routing Information Protocol) 82

DNS 83

DNS Server 84 Dynamic DNS 85 Static DNS 86

DSL 87 UPnP 89 DNS Proxy 90 Storage Service 90

Storage Device Info 90 User Accounts 91

Interface Grouping 92 IP Tunnel 94

IPv6inIPv4 94 IPv4inIPv6 95

IPSec 95

Advanced IKE Settings 98

Certificate 99

Local 99 Trusted CA 101

Multicast 102

Wireless 106

Basic 106 Security 109

Open and Shared Network Authentication 111

802.1X Network Authentication 112 WPA2 and Mixed WPA2/WPA Network Authentication 114 WPA2-PSK and Mixed WPA2/WPA-PSK Network Authentication 115

MAC Filter 117 Wireless Bridge 118 Advanced 119 Station Info 124

Diagnostics 125

Diagnostics 125 Ping Host 126 Trace Route to Host 127

Management 127

Settings 128

Backup 128 Update 128 Restore Default 129

System Log 130 Security Log 131 SNMP Agent 132 Management Server 133

TR-069 134 STUN Config 136

Internet Time 137

Table of Contents

Access Control 138

Accounts 138

Add an Account 138 Modify or Delete an Account 140

Default Passwords 141 Services 141 Passwords 143 Access List 144 Logout Timer 145

Update Software 146 Reboot 147

Logging Out 148 Q&A 149 Appendix A: Advanced Features 150

Connect-and-Surf (Automatic Broadband Connection Configuration) 150 Activation (Automatic ACS Connection Configuration) 150 TR-069 Remote Management: Automated Configuration Server Support 150

Appendix B: Gateway Feature Comparison 152 Appendix C: FCC Statements 154

FCC - Part 68 154

REN (RINGER EQUIVALENT NUMBERS)

STATEMENT 154

IC-CS03 statement 154

FCC Statement 155

FCC Radiation Exposure Statement 155

Canada Statement 155

5GHz 156

Revision History 157

Introduction

Disclaimer

SmartRG does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor patent rights of others. SmartRG further reserves the right to make changes to any products described herein without notice. This publication is subject to change without notice.

Any trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.

Copyright and Trademarks

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of SmartRG, Inc.

Safety Warnings

For your safety, be sure to read and follow all warning notices and instructions.

l To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.

l Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks.

ONLY qualified service personnel can service the device. Contact your vendor for further information.

l Use ONLY the dedicated power supply for your device. Connect the power cord or power adapter to the correct supply

voltage (110V AC in North America or 230V AC in Europe).

l Do NOT use the device if the power supply is damaged as it might cause electrocution.

l If the power supply is damaged, remove it from the power outlet.

l Do NOT attempt to repair the power supply. Contact your local vendor to order a new power supply.

l Place connecting cables carefully so that no one will step on them or stumble over them.

l Do NOT allow anything to rest on the power cord and do NOT locate the product where anyone can walk on the power cord.

l If you wall mount your device, make sure that no electrical, gas, or water pipes will be damaged.

l Do NOT install nor use your device during a thunderstorm. There may be a remote risk of electric shock from lightning.

l Do NOT expose your device to dampness, dust, or corrosive liquids.

l Do NOT use this product near water, for example, in a wet basement or near a swimming pool.

l Make sure to connect the cables to the correct ports.

l Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.

l Do NOT store things on the device.

l Connect ONLY suitable accessories to the device.

FCC Information

See Appendix C: FCC_Statements.

Welcome!

Thank you for purchasing this SmartRG product.

SmartRG proudly brings you the best, most innovative broadband gateways available. SmartRG enables service providers to monitor, manage, and monetize the connected home through the design and production of reliable and highly interoperable hardware and software solutions.

As an early innovator in TR-069 remote management technology, SmartRG offers the finest in managed broadband and home networking solutions. Our products leverage various broadband access technologies and are outfitted with highly customizable software, meeting diverse service provider requirements. Based in the USA, SmartRG provides local, proactive software development and customer support. In the rapidly evolving broadband market, SmartRG helps service providers keep their businesses on the cutting edge through its laser-focused product line, leveraging the very latest in broadband access and home networking technologies. SmartRG solutions enable service providers to improve their bottom line by reducing service costs and increasing customer satisfaction.

Learn more at www.SmartRG.com.

Purpose & Scope

The purpose and scope of this document is to provide SmartRG customers with installation, configuration and monitoring information for the SR506n CPE.

Intended Audience

This document is intended for Network Architects, NOC Administrators, Field Service Technicians, and other networking professionals responsible for deploying and managing broadband access networks. Readers of this manual are assumed to have a basic understanding of desktop computer operating systems, networking concepts and telecommunications.

Getting Assistance

Subscribers: If you require help with this product, please contact your service provider.

Service providers: If you require help with this product, please open a support request.

Getting Familiar with your Gateway

This section contains descriptions of the SR506n gateway's lights, ports, and buttons.

LED Status Indicators

Your SmartRG gateway has several indicator lights (LEDs) on its exterior. The LED indicators are described below (from left to right).

INDICATOR ACTION DESCRIPTION

Power Device is powered on and operating normally.

Software is syncing.

The device is powered off.

DSL DSL link is established.

The DSL line is training.

The device is powered off.

Internet Internet link is established.

Data is being transmitted.

Internet interface is disconnected.

Authentication has failed.

LAN 1-4 Ethernet interface is connected.

Data is being transmitted.

Ethernet interface is disconnected.

USB 3G or USB flash disk is connected.

Data is being transmitted.

No signal is detected.

Connections

1 2

Below is an illustration of the connectors located on the back of the SR506n gateway.

The buttons and ports located on the gateway are described below.

Feature Description

Top

WiFi Button used for enabling or disabling the 5 GHz wireless function.

WPS Button used for enabling or disabling the 2.4 GHz wireless function.

Rear panel

DSL The grey RJ11 port is used to connect your gateway to an Internet provider via a DSL service.

LAN 1 - 4 The yellow RJ45 ports can be used to connect client devices such as computers and printers to your gateway.

Power Use only the power supply included with your gateway. Intended for indoor use only.

On/Off Power switch.

Left side

USB Can transfer data, act as a printer interface, and handle a 3G accessory.

Reset The

Reset

button is a small hole in the gateway's enclosure with the actual button mounted behind the surface. This style of push-button prevents the gateway from being inadvertently reset during handling. Reset must be actuated with a paper clip or similar implement.

The Reset button is located on the left side of the unit. Press the button for at least 1 second and release. The factory default settings are restored.

Buttons

On/Off Button

The On/Off button is located on the back of the gateway and turns the gateway on and off.

Reset Button

The Reset button is a small hole in the gateway's enclosure with the actual button mounted behind the surface. This style of pushbutton prevents the gateway from being inadvertently reset during handling. Reset must be actuated with a paper clip or similar implement.

The Reset button is located on the backleft side of the unit.

This pin-hole sized reset button has three functions. The duration for which the button is held dictates which function is carried out.

Hold Duration Effect

Less than 6 seconds

6-20 seconds Performs the software equivalent to the

20 or more seconds Changes the POWER LED to red and the gateway enters CFE mode which is a state associated with performing

Performs a modem reset that is equivalent to the

Restore Defaults

firmware updates via Internet browser.

Reboot

function in the gateway software.

WPS Button

The WPS button is located on the top of the unit. It triggers WPS (Wi-Fi Protected Setup™) mode. WPS is a standard means for creating a secure connection between your gateway and various wireless client devices. It is designed to simplify the pairing process between devices.

If you have client devices that support WPS, use this button to automatically configure wireless security for your network. For specific instructions, refer to the Quick Start Guide included with your gateway. Also see the Wireless section of this manual.

WiFi Button

The WiFi button is located on the top of the unit and toggles the WiFi radio on and off.

To activate the WiFi radio, press and hold the WiFi button for 3-5 seconds and then release. Repeat this step to deactivate the WiFi radio.

Installing your SR506n Gateway

1. Plug the power adapter into the wall outlet and then connect the other end to the Power port of the gateway.

2. Connect the LAN port of the gateway to the network card of the PC using an Ethernet cable.

3. Turn on the unit by pressing the On/Off button on the side of the gateway.

Note: If you use 3G WAN service, connect the 3G USB data card to a USB port of the gateway. If you use the Ethernet uplink, connect to the WAN interface using an Ethernet cable. You cannot use the xDSL uplink, 3G WAN service, and Ethernet uplink all at the same time.

Your gateway is now automatically being set up to connect to the Internet. This process may take a few minutes to complete before you can begin using your Internet applications (browser, email, etc.).

If you are unable to connect to the Internet, confirm that all cable connections are in place and the router’s power is turned on.

Logging in to your Gateway's UI

To manually configure the SmartRG SR555acSR655ac gateway, access the gateway's embedded UI.

1. Open a Web browser on your computer.

2. Enter http://192.168.1.1 (the default IP address of the DSL gateway) in the address bar. The login page appears where you can access the gateway's GUI or view the system log. For more information about configuring system logs, see the System Log topic in this User Manual.

3. Click the Manage gateway (advanced) link at the top right of the page.

4. Enter the admin user name and password. The default admin username/password are admin/admin. The default username/password of the common user are user/user. It is recommended that you change these default values after logging in to the DSL gateway for the first time.

5. Click OK. The gateway interface appears, showing the Device Info summary page.

Device Info

In this section, you can view information about your gateway's setup, status or nature of its connection with the provider and with LAN devices. You cannot interact with or change the settings in this section.

Summary

When you log into the gateway interface, the Device Info summary page appears. This page displays details about the hardware and software associated with your gateway. In addition, the current status of the WAN connection (if present) is shown.

WAN

On this page, you can view information about the connection between your ISP and your gateway. The WAN interface can be DSL or Ethernet and supports a number of Layer 2 and above configuration options (explained later in this document).

In the left navigation bar, click Device Info > WAN. The following page appears.

The fields on this page are explained in the following table.

Field Name Description

Interface The connection interface (Layer 2 interface) through which the gateway handles the traffic.

Description The service description such ipoe_0_0_1, showing the type of WAN and its ID.

Type The service type. Options are PPPoE, IPoE, and Bridge.

VlanMuxId The VLAN ID. Options are Disabled or 0-4094.

IPv6 The state of IPv6. Options are Enabled and Disabled.

Igmp Pxy The IGMP proxy.

Igmp Src Enbl The IGMP source option is enabled for this connection.

MLD Pxy The MLD proxy.

MLD Src Enbl The MLD source option is enabled for this connection.

NAT The state of NAT. Options are Enabled and Disabled.

Firewall The state of the Firewall. Options are Enabled and Disabled.

Status The status of the WAN connection. Options are Disconnected, Unconfigured, Connecting, and

Connected.

IPv4 Address The obtained IPv4 address.

IPv6 Address The obtained IPv6 address.

Statistics

In this section, you can view network interface information for LAN, WAN Service, xTM and xDSL. All data is updated in 15-minute intervals.

LAN

On this page, you can view the received and transmitted bytes, packets, errors and drops for each LAN interface configured on your gateway. Data is provided for the total bytes, packets, errors and drops as well as bytes and packets for multicast transmissions, and packets for unicast and broadcast transmission. All local LAN Ethernet ports, Ethernet WAN ports and w10 (Wireless Interface) are included.

In the left navigation bar, click Device Info > Statistics. The Statistics - LAN page appears where you can view detailed information about the status of your LAN.

To reset the counters, click Reset Statistics near the bottom of the page.

The fields on this page are explained in the following table.

Field Name Description

Interface

Received&Transmitted

Bytes Number of packets in bytes.

Pkts Number of packets.

Errs Number of error packets.

Drops Number of dropped packets.

Available figured on your device), Wireless, and 2.4 Ghz and 5 Ghz.

LAN interfaces. The only avalable option is LAN1.

columns

Options are LAN1 - LAN4, WAN (if con-

WAN Service

On this page, you can view the received and transmitted bytes, packets, errors and drops for each WAN interface for your SmartRG Gateway. Data is provided for the total bytes, packets, errors and drops as well as bytes and packets for multicast transmissions, and packets for unicast and broadcast transmission. All WAN interfaces configured for your gateway are included.

In the left navigation bar, click Device Info > Statistics > WAN Service. The Statistics - WAN page appears where you can view detailed information about the status of your WAN.

To reset the counters, click Reset Statistics near the bottom of the page.

The fields on this page are explained in the following table.

Field Name Description

Interface Available WAN interfaces. Options are:

Description Service description. Options are:

Received&Transmitted

Bytes Number of packets in bytes.

Pkts Number of packets.

Errs Number of error packets.

Drops Number of dropped packets.

columns

pppoe,ipoe

atm,ptm

, and

bridge

eth

xTM

On this page, you can view the ATM/PTM statistics for your gateway. All WAN interfaces configured for your SmartRG gateway are included.

In the left navigation bar, click Device Info > Statistics > xTM. The Interface Statistics page appears.

To reset these counters, click Reset near the bottom of the page.

The fields on this page are explained in the following table.

Field Name Description

Port Number Statistics for Port 1, or both ports if Bonded.

In Octets Total quantity of received octets.

Out Octets Total quantity of transmitted octets.

In Packets Total quantity of received packets.

Out Packets Total quantity of transmitted packets.

In OAM Cells Total quantity of received OAM cells.

Out OAM Cells Total quantity of transmitted OAM cells.

In ASM Cells Total quantity of received ASM cells.

Out ASM Cells Total quantity of transmitted ASM cells.

In Packet Errors Total quantity of received packet errors.

In Cell Errors Total quantity of received cell errors.

xDSL

On this page, you can view the DSL statistics for your gateway. All xDSL (VDSL or ADSL) interfaces configured for your SmartRG gateway are included. The terms and their explanations are derived from the relevant ITU-T standards and referenced accordingly.

1. In the left navigation bar, click Device Info > Statistics > xDSL. The Statistics - xDSL page appears.

2. To run an xDSL Bit Error Rate (BER) test which determines the quality of the xDSL connection:

a. Scroll to the bottom of the page and click xDSL BER Test. The ADSL BER Test dialog box appears.

b. In the Tested Time field, select the duration in seconds and click Start. Options range from 1 second to 360 seconds.

The default is 20 seconds. The test transfers idle cells containing a known pattern and compares the received data with this known pattern.

Comparison errors are tabulated and displayed in the dialog box.

3. To reset the counters, click Reset Statistics at the bottom of the page.

The fields on this page are explained in the following table.

Field Name Description

Mode xDSL mode that the modem has trained under, such as ADSL2+, G.DMT, etc.

Traffic Type Connection type. Options are:

ATM

Status Status of the connection. Options are:Up,

PTM

and

Disabled,NoSignal

, and

Initializing

Link Power State Current link power management state (e.g., L0, L2, L3).

Downstream

Line Coding (Trellis) State of theTrellis Coded Modulation. Options areOnand

and

Upstream

columns

Off

SNR Margin (dB) The signal-to-noise ration margin (SNRM) is the maximum increase (in dB) of the received

noise power, such that the modem can still meet all of the target BERs over all the frame bearers. [2]

Attenuation (dB)

Output Power

The signal attenuation is defined as the difference in dB between the power received at the near-end and that transmitted from the far-end. [2]

Transmission power from the gateway to the DSL loop relative to one Milliwat (dBm).

(dBm)

Attainable Rate (Kbps)

The typically obtainable sync rate, i.e., the attainable net data rate that the receive PMS-TC and PMD functions are designed to support under the following conditions:

l Single frame bearer and single latency operation

l Signal-to-Noise Ratio Margin (SNRM) to be equal or above the SNR Target Margin

l BER not to exceed the highest BER configured for one (or more) latency paths

l Latency not to exceed the highest latency configured for one (or more) latency paths

l Accounting for all coding gains available (e.g., trellis coding, RS FEC) with latency

bound

Field Name Description

l Accounting for the loop characteristics at the instant of measurement [2]

PhyR Status Physical Layer Retransmission feature status. Options are

Inactive

G.inp Status The status of video data retrieval from the buffer. Options are

Inactive

and

Active

and

Active

Rate (Kbps) The current net data rate of the xDSL link. Net data rate is defined as the sum of all frame

bearer data rates over all latency paths. [2]

Downstream

B (# of bytes in Mux Data Frame)

M (# of Mux Data

and

Upstream

columns for DSL-specific fields only

The nominal number of bytes from frame bearer #n per Mux Data Frame at Reference Point A in the current latency path.

The number of Mux Data Frames per FEC Data Frame in the current latency path. Frames in FEC Data Frame

T (Mux Data Frames over sync bytes)

R (# of check bytes in FEC Data Frame)

S (ratio of FEC over

The ratio of the number of Mux Data Frames to the number of sync bytes in the current

latency path.

The number of Reed Solomon redundancy bytes per codeword in the current latency path.

This is also the number of redundancy bytes per FEC Data Frame in the current latency path.

The ratio of FEC over PMD Data Frame length. PMD Data Frame length)

L (# of bits in PMD

The number of bits from the latency path included per PMD. Data Frame)

D (interleaver

The interleaving depth in the current latency path, used to manager error correction. depth)

I (interleaver block

The block sizeused for interleaving data transmissions. size in bytes)

N (RS codeword

The size of the Reed-Solomon (RS) codeword used for managing error correction. size)

Delay (msec) The PMS-TC delay in milliseconds of the current latency path (or the lowest latency path

when running dual-latency paths).

INP (DMT symbol) The input level for DMT-managed DSL environments.

(End of DSL-specific field group)

OH Frames The number of xDSL OH Frames transmitted/received.

OH Frame Errors The number of xDSL OH Frames transmitted/received with errors.

RS Words The number of Reed-Solomon-based Forward Error Correction (FEC) codewords trans-

mitted/received.

RS Correctable Errors

RS Uncorrectable Errors

RS Codewords Received

RS Codewords Corrected

The number of Reed-Solomon-based FEC codewords received with errors that have been cor-

rected.

The number of Reed-Solomon-based FEC codewords received with errors that were not cor-

rectable.

Visible only for gateways connected via DSL

(

) Total number of Reed-Solomon Codewords

received.

Visible only for gateways connected via DSL

(

) Total number of Reed-Solomon Codewords cor-

rected.

Field Name Description

RS Codewords Uncorrected

HEC Errors A count of ATM HEC errors detected. As per ITU-T G.992.1 and G.992.3, a1-byte HEC is gen-

OCD Errors Total number of Out-of-Cell Delineation errors. ATM Cell delineation is the process which

LCD Errors Total number of Loss of Cell Delineation errors. An LCD Error is counted when at least one

Total Cells The total number of cells (OAM and Data cells) transmitted/received.

Data Cells The total number of data cells transmitted/received.

Bit Errors The total number of Idle Cell Bit Errors in the ATM Data Path. [3]

Total ES Total number of Errored Seconds. This parameter is a count of 1-second intervals with one or

Total SES Total number of Severely Errored Seconds. An SES is declared if, during a 1-second interval,

Total UAS

Visible only for gateways connected via DSL

(

Uncorrected

erated for each ATM cell header. Error detection is implemented as defined in ITU-T I.432.1

with the exception that any HEC error shall be considered as a multiple bit error, and there-

fore, HEC Error Correction is not performed. [1],[2]

allows identification of the cell boundaries. The HEC field is used to achieve cell delineation.

[4] An OCD Error is counted when the cell delineation process transitions from the SYNC state

to the HUNT state. [2]

OCD error is present in each of four consecutive overhead channel periods and SEF (Severely

Errored Frame) defect is present. [2]

more CRC-8 anomalies. [4]

there are 18 or more CRC-8 anomalies in one or more of the received bearer channels, or one

or more LOS (Loss of Signal) defects, or one or more SEF (Severely Errored Frame) defects, or

one or more LPR (Loss of Power) defects. [4]

Total number of Unavailable Seconds. This parameter is a count of 1-second intervals for

which the xDSL line is unavailable. The xDSL line becomes unavailable at the onset of 10 con-

tiguous SESs. These 10 SES’s shall be included in the unavailable time. Once unavailable, the

xDSL line becomes available at the onset of 10 contiguous seconds with no SESs. These 10

seconds with no SES’s shall be excluded from unavailable time. [4]

) Total number of Reed-Solomon Codewords

References

[1] ITU-T Recommendation G.992.1 (1999), Asymmetric digital subscriber line (ADSL) transceivers.

[2] ITU-T Recommendation G.992.3 (2005), Asymmetric digital subscriber line transceivers 2 (ADSL2).

[3] ITU-T Recommendation G.997.1 (2006), Physical layer management for digital subscriber line (DSL) transceivers.

[4] ITU-T Recommendation I.432.1 (1999), B-ISDN user-network interface – Physical layer specification: General characteristics.

Route

On this page, you can view the LAN and WAN route table information configured in your SmartRG Gateway for both IPv4 and IPv6 implementation.

In the left navigation bar, click Device Info > Route. The following page appears.

The fields on this page are explained in the following table.

Field Name Description

IPv4 & IPv6 route fields

Destination (Including IPv6

Destination IP addresses.

Route)

Gateway Gateway IP address.

Subnet Mask Subnet mask for the gateway.

Flag (Including IPv6 Route) Status of the flags. See detailed descriptions above the tables.

Metric (Including IPv6 Route) Number of hops required to reach the default gateway.

Service (Including IPv6 Route) Service type.

Interface (Including IPv6 Route) WAN/LAN interface.

IPv6 Route

only fields

Field Name Description

Destination Destination IP addresses.

Next Hop Next hop IP address.

ARP

On this page, you can view the host IP addresses and their hardware (MAC) addresses for each LAN Client connected to the gateway via a LAN Ethernet port or wireless LAN.

In the left navigation bar, click Device Info > ARP. The following page appears.

The fields on this page are explained in the following table.

Field Name

IP address The IP address of the host.

Flags Each entry in the ARP cache is marked with one of these flags. Options are: Complete, Permanent, and

HW Address

Device The system level interface by which the host is connected. Options are: br(n), atm(n), and ptm(n).

Description

Published.

The hardware (MAC) address of the host.

DHCP

The DHCP page displays a list of locally connected LAN hosts and their DHCP lease status, which are directly connected to the SmartRG Gateway via a LAN Ethernet port or Wireless LAN.

In the left navigation bar, select Device Info > DHCP. The following page appears.

The fields on this page are explained in the following table.

Field Name Description

Hostname The host name of each connected LAN device.

MAC Address The MAC Address for each connected LAN device.

IP Address The IP Address for each connected LAN device.

Expires In The time until the DHCP lease expires for each LAN device.

Advanced Setup

In this section, you can configure network interfaces, security, quality of service settings, and many other settings for your gateway and network.

Layer2 Interface

In this section, you can configure interfaces for ATM and PTM interfaces. Generally you can accept the settings configured by default. If your network is highly customized, you may need to modify some of the settings, such as Username and Password.

ATM Interface

On this page, you can configure Asynchronous Transfer Mode / Permanent Virtual Conduit (ATM/PVC) settings for your gateway. You can customize latency options, link type, encapsulation mode, and more.

Note: Devices (routers) on both ends of the connection must support ATM / PVC.

1. In the left navigation bar, click Advanced Setup > Layer2 Interface > ATM Interface and then click Add. The following page appears.

2. Modify the settings as desired, using the information provided in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

VPI Enter a Virtual Path Identifier. A VPI is an 8-bit identifier that uniquely identifies a network path

for ATM cell packets to reach its destination. A unique VPI number is required for each ATM path. This setting works with the VCI. Each individual DSL circuit must have a unique VPI/VCI combination. String limits are: 0-255.

VCI Enter a Virtual Channel Identifier. A VCI is a 16-bit identifier that has a unique channel. Options

are: 32-65535.

Select DSL Select the level of DSL latency. Options are:

Field Name Description

Latency

l Path0 Fast: No error correction and can provide lower latency on error free lines.

l Path1 Interleaved: Error checking that provides error free data which increases latency.

l Path0 and Path1: If you are not certain which method is best, you can select both.

Select Link Type Select the linking protocol. EoA is the most popular with PPPoA a close second (used with many

legacy ISPs). Options are:

l EoA: Ethernet over ATM.

l PPPoA: Point-to-Point Protocol over ATM.

l IPoA: Internet Protocol over ATM.

Encapsulation Mode

Select whether multiple protocols or only one protocol is carried per PVC (Permanent Virtual Circuit). Options are:

l LLC/ENCAPSULATION: (Available for PPOA only) Logical Link Control (LLC) encapsulation

protocols used with multiple PVCs

l LLC/SNAP-BRIDGING: LLC used to carry multiple protocols in a single PVC.

l LLC/SNAP-ROUTING: (Available for IPoA only) LLC used to carry one protocol per PVC.

l VC/MUX: Virtual Circuit Multiplexer creates a virtual connection used to carry one pro-

tocol per PVC.

Service Category Select the bit rate protocol. Options are:

l UBR without PCR: Unspecified Bit Rate with no Peak Cell Rate, flow control or time syn-

chronization between the traffic source and destination. Commonly used with applications that can tolerate data / packet loss.

l UBR with PCR: Same as above but with a Peak Cell Rate.

l CBR: Constant Bit Rate relies on timing synchronization to make the network traffic pre-

dictable. Used commonly in Video and Audio traffic network applications.

l Non Realtime VBR: Non Realtime Variable Bit Rate used for connections that transport

traffic at a Variable Rate. This category requires a guaranteed bandwidth and latency. It does not rely on timing synchronization between the destination and source.

l Realtime VBR: Realtime Variable Bit Rate. Same as the above option but relies on timing

and synchronization between the destination and source. This category is commonly used in networks with compressed video traffic.

Field Name Description

Minimum Cell Rate

Scheduler for Queues of Equal Precedence as the Default Queue

Minimum allowable rate (cells per second) at which cells can be sent on a ATM network. The default is -1 (no shaping).

The algorithm used to schedule the queue behavior. VC scheduling is different than the default queues. Options are:

l Weighted Round Robin: Packets are accessed in a round robin style. Classes can be

assigned.

l Weighted Fair Queuing: Packets are assigned to a specific queue.

l Default Queue Weight: The default weight of the specified queue. Options are 1-63.

l Default Queue Precedence: The precedence of the specified group. Options are 1-8.

l VC WRR Weight: The weight of the specified virtual channel queue. Options are 1-63.

l VC Precedence: The priority of the specified virtual channel queue. Options are 1-8.

PTM Interface

The SmartRG gateway's VDSL2 standards support Packet Transfer Mode (PTM). An alternative to ATM mode, PTM transports packets (IP, PPP, Ethernet, MPLS, and others) over DSL links. For more information, refer to the IEEE802.3ah standard for Ethernet in the First Mile (EFM). Some 500 series gateways have a PTM interface configured by default.

On this page, you can configure a PTM interface for your gateway.

1. In the left navigation bar, click Advanced Setup > Layer2 Interface > PTM Interface and then click Add. The following page appears.

2. Modify the settings as desired.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Weighted Round Robin Time slices are assigned to each process in equal portions and in circular order, hand-

ling all processes without priority (also known as cyclic executive).

Weighted Fair Queuing A data packet scheduling technique allowing different scheduling priorities to be

assigned to statistically multiplexed data flows. Since each data flow has its own queue, an ill-behaved flow (that sent larger packets or more packets per second than the others since it became active) will only affect itself and not other sessions.

Default Queue Weight Enter a default weight of the specified queue. Options are: 1-63.

Default Queue Pre-

Enter a precedence for the specified queue. Options are: 1-8.

cedence

Default Queue Minimum Rate

The default minimum rate at which traffic can pass through the queue. For no shaping, enter -1 (disabled). Options are: 1-0 Kbps.

Default Queue Shaping The shaping rate for the specified queue. Options are: 1-0 Kbps. The default is -1 (no

Field Name Description

Rate shaping).

Default Queue Shaping Burst Rate

The maximum rate at which traffic can pass through the queue. Options are 1600 or greater.

ETH Interface

On this page, you can configure an Ethernet interface for your gateway.

Note: If a WAN port is already configured, you must remove it before you can define a new one. The Add button does not appear until the existing port is removed. Modify or delete any WAN service that uses it. Then, return to this page and click the Remove checkbox and then click the Remove button.

1. In the left navigation bar, click Advanced Setup > Layer2 Interface > ETH Interface. If no WAN port is configured, the fol- lowing page appears.

2. Click Add.

3. If a WAN port is already configured or you clicked Add, the following page appears.

4. Select the LAN port you wish to act as a WAN port.

5. Click Apply/Save to commit your changes.

WAN Service

In this section, you can configure WAN services for:

l "PPP over Ethernet"

l "IP over Ethernet"

l Bridging

Instructions are provided for each variation.

PPP over Ethernet

There are several parts to configuring a PPP over Ethernet WAN service. You will progress through several pages to complete the configuration.

1. In the left navigation bar, click Advanced Setup > WAN Service and then click Add. The following page appears.

2. Select the Layer2 interface to use for the WAN service and click Next. The following page appears.

3. Select the PPP over Ethernet (PPPoE) WAN service type.

4. Modify the other settings as needed, using the information in the following table.

Field Name Description

Enter Service

Enter a name to describe this configuration.

Description

Internet Protocol Selection

Different scheduling priorities can be applied to statistically multiplexed data flows. Since each data flow has its own queue, an ill-behaved flow (which has sent larger packets or more packets per second than the others) will only punish itself and not other sessions. Options are IPv4 Only,

IPv4&IPv6 (Dual Stack), and IPv6 Only.

Note: When you select IPV4&IPV6 or IPV6, the subsequent options presented will change

accordingly.

Enter 802.1P Pri-

Options are 0 - 7. The default is 0.

ority

For tagged service, enter values in this field and the 802.1Q VLAN ID field.

For untagged service, enter -1 (disabled) in this field and the 802.1Q VLAN ID field.

Field Name Description

Enter 802.1Q

Options are 0 - 4094. The default is -1 (disabled).

VLAN ID

For tagged service, enter values in this field and the 802.1P Priority field.

For untagged service, enter -1 (disabled) in this field and the 802.1P Priority field.

Select VLAN TPID Select the TPID for this VLAN. Options are

Internet Pro-

Select the IP version. Options are

tocol Selection

5. Click Next. The following page appears.

0x8100,0x88A8

, and

0x9100

IPv4 Only,IPv4&IPv6 (Dual Stack)

, and

IPv6 Only

6. Modify the fields as needed.

The fields on this page are explained in the following table.

Field Name Description

PPP Username Enter the username required for authentication to the PPP server.

PPP Password Enter the password required for authentication to the PPP server.

PPPoE Service

Optional

(

) Enter a description for this service.

Name

Authentication Method

Select a means for authentication. Options are:

l AUTO: Attempt to automatically detect handshake protocol (listed below)s.

l PAP: Password Authentication Protocol (plaintext passwords).

l CHAP: Challenge Handshake Authentication Protocol. (MD5 hashing scheme on pass-

words).

l MSCHAP: Microsoft Challenge Handshake Authentication Protocol. (Microsoft encrypted

password authentication protocol).

LCP Keepalive

The frequency with which the keepalive packet is sent by the gateway to the PPP server.

Period

LCP Retry Threshold

Enter the number of additional attempted packets that the gateway will send (in the event that the PPP server does not respond to the Keepalive) before giving up and declaring the connection as Failed.

PPP IP Extension Select whether to forward all traffic to the advanced DMZ IP specified in the next field. When

you select this option, the NAT fields are hidden.

Field Name Description

Advanced DMZ Specify the IP address and mask to which PPPoE traffic is forwarded.

Non DMZ IP Address

Non DMZ Net Mask

Use Static IPv4 Address

Use Static IPv6 Address

Enable IPv6 Unnumbered Model

Launch Dhcp6c for Address Assignment (IANA)

Launch Dhcp6c for Prefix Delegation (APD)

Retry PPP password on authentication error

If using the Advanced DMZ feature, you can enter a specific vendor ID that will be broadcast for the DHCP server to accept the device, e.g., 192.168.2.1.

If using the Advanced DMZ feature, you can enter a secondary LAN IP address for the gateway. The default is

255.255.255.0

Specify the IPv4 Address to apply for this WAN service.

Specify the IPv6 Address to apply for this WAN service.

Available only when IPv4&IPv6 (Dual Stack) is selected for the Interned Protocol field

(

) Select to allow your gateway to process IP packets without configuring a unique IP address. This works by “borrowing” an IP address from another interface.

Available only when IPv4&IPv6 (Dual Stack) is selected for the Interned Protocol field

(

) Select to launch the dhcp6c client deamon to request and configure IPv6 addresses and host network configuration information.

Available only when IPv4&IPv6 (Dual Stack) is selected for the Interned Protocol field

(

) Select to enable your DHCPv6 server to allow your gateway to ask for an IPv6 prefix (subnet) that it can then split up and delegate to the clients it serves. This option is selected by default.

Enter the maximum number of PPP authentication retries on failure. Options are 1 - 65536. Entering 65536 sets the maximum to unlimited.

Enable PPP Debug Mode

Bridge PPPoE Frames Between

Select to have the system put more PPP connection information into the system log of the device. This is for debugging errors and not for normal usage.

Select to enable PPPoE passthrough to relay PPPoE connections from behind the modem. Also known as Half-Bridged mode.

WAN and Local Ports

Enable Firewall Select to enable functions in the Security sub-menu.

Enable NAT Select to enable sharing the WAN interface across multiple devices on the LAN. Additional NAT

and PPPoE NAT features appear.

Enable Fullcone

(Appears when Enable NAT is selected) Click to enable what is known as one-to-one NAT.

NAT

Enable SIP ALG (Appears when Enable NAT is selected) Click to enable Session Initiation Protocol (SIP) pass-

Field Name Description

through NAT. Used for Voice over IP (VOIP) applications.

Enable IGMP Multicast Proxy

Enable IGMP

Click to enable Internet Group Membership Protocol (IGMP) multicast. Used by IPv4 hosts to report multicast group memberships to any neighboring multicast routers.

Select to enable this service to act as an IGMP multicast source.

Multicast Source

MTU sizes Enter the MTU (Maximum Transmission Unit) size for SmartRG gateways supporting a gigabit-cap-

able WAN interface. Options are 1370 - 1492 bytes. The default is 1492 bytes. Firmware v2.5.0.7 or later is required.

Use Base MAC Address on this

Use the SmartRG Devices Base (Primary) MAC address. When unchecked, a unique MAC is assigned for each service.

WAN interface

Enable MACClone

Appears when Use Base MAC Address is deselected

( close address.

) Enter the MAC address to be used as the

7. Click Next. The following page appears.

8. Select the interface used as a default gateway for the PPP service being created and click the arrows to move your selection from left to right or from right to left.

9. Click Next. The following page appears where you will select DNS Server settings.

10. Select the DNS Server Interface from Available WAN interfaces and click the arrows to move your selection from left to right or from right to left.

11. Alternatively, you can enter static DNS IP addresses in the Use the following Static DNS IP address section.

12. Click Next. The summary page appears indicating that your PPPoE WAN setup is complete.

13. Review the summary and either click Apply/Save to commit your changes or click Back to step through the pages in reverse order to make any necessary alterations.

IP over Ethernet

There are several parts to configuring a IP over Ethernet WAN service. You will progress through several pages to complete the configuration.

1. In the left navigation bar, click Advanced Setup > WAN Service and then click Add. The following page appears.

2. Select the Layer2 interface to use for the WAN service and click Next. The following page appears.

3. Select the IP over Ethernet WAN service type.

4. Modify the fields as needed.

The fields on this page are explained in the following table.

Field Name Description

Enter Service

(Optional) Enter a name to describe this configuration.

Description

Enter 802.1P Pri-

Options are 0 - 7. The default is -1 (disabled).

ority

For tagged service, enter values in this field and the 802.1Q VLAN ID field.

For untagged service, accept the default of -1 in this field and inthe 802.1Q VLAN ID field.

Enter 802.1Q VLANIDOptions are 0 - 4094. The default is -1 (disabled).

For tagged service, enter values in this field and the 802.1P Priority field.

For untagged service, accept the default of -1 in this field and in the 802.1P Priority field.

Select VLAN TPID Select the TPID for this VLAN. Options are

Internet Protocol Selection

This data packet scheduling technique allows different scheduling priorities to be applied to statistically multiplexed data flows. Since each data flow has its own queue, an ill-behaved

0x8100,0x88A8

flow (which has sent larger packets or more packets per second than the others since it became active) will only punish itself and not other sessions. Options are IPv4 Only, IPv4&IPv6

(Dual Stack), and IPv6 Only. The default is IPv4 Only.

Note: When selecting IPV4&IPV6 or IPV6, the subsequent options presented will change

accordingly.

, and

0x9100

5. Click Next. The following page appears.

6. Enter the relevant WAN IP Settings, using the information provided in the following table.

Field Name Description

Obtain an IP address auto-

Select when you want the ISP to automatically assign the WAN IP to the gateway.

matically

Option 60 Vendor ID (Optional) Broadcast a specific vendor ID for the DHCP server to accept the device.

Option 61 IAID (Optional) Interface Association Identifier (IAID). A unique identifier for an IA, chosen

by the client.

Field Name Description

Option 61 DUID (Optional) DHCP Unique Identifier (DUID) is used by the client to get an IP address from

the DHCP server.

Option 77 User ID (

Option 125 (

Option 50 Request IP Address

Option 51 Request Leased

Optional

options from the server.This option is disabled by default. To enable it, click

) Enter the user class ID that should be used to filter traffic.

) Select whether to enable local devices to automatically receive DHCP

Enabled

Select to request a specific IP address when sending messages. If the address is not available, the DHCP server assigns the next allowed IP address.

Select to request the maximum lease time defined for the client.

Time

Option 54 Request Server

Select to request the IP address of the source server.

Address

Use the following Static IP address

Select when you want to manually declare the static IP information provided by your ISP. The WAN address fields become available.

WAN IP Address Enter the static WAN IPV4 Address.

WAN Subnet Mask Enter the static subnet mask.

WAN gateway IP Address Enter the static gateway IP address.

Advanced DMZ (Optional) Select this option to enable Advanced DMZ on the WAN service. For more

information, see the knowledgebase on SmartRG Support site.

Non DMZ IP Address If using the Advanced DMZ feature, you can enter a specific vendor ID that will be

broadcast for the DHCP server to accept the device, e.g., 192.168.2.1.

Non DMZ Net Mask If using the Advanced DMZ feature, you can enter a secondary LAN IP address for the

gateway. The default is 255.255.255.0.

IPv6 settings

The following fields appear when either IPv6 Only or IPv4&IPv6 (Dual Stack) network protocols are selected on the WAN Service Configuration page.

Obtain IPv6 address automatically

Dhcpv6 Address Assign-

Enables the DHCPv6 Client on this WAN interface. Select this option when you want the ISP to automatically assign the WAN IP to the gateway.

Select this option for the CPE to receive WAN IP from ISP.

ment (IANA)

Dhcpv6 Prefix Delegation Select this option for the CPE to generate the WAN IP's prefix from the server's REST

Field Name Description

(IAPD) by MAC address.

Use the following Static IPv6 address

WAN IPv6 Address/Prefix Length

Specify the Next-Hop IPv6 address

Select this option to manually declare the v6 Static IP information provided by your ISP.

If entering a static IP address, enter the IP address / prefix length. If you do not specify a prefix length, the default of /64 is used.

Enter the IP address of the next WAN in the group. This address can be either a local link or a global unicast IPv6 address.

7. Click Next. The NAT settings page appears.

8. Click Next.

9. Modify the settings if desired. All settings are optional. Network Address Translation (NAT) allows you to share one Wide Area Network (WAN) IP address for multiple computers on

your Local Area Network (LAN). If you do not want to enable NAT (atypical) and wish the user of this gateway to access the Internet normally, you need to add a route on the uplink equipment. Failure to do so will cause access to the Internet to fail.

The fields on this page are explained in the following table.

FIELD NAME DESCRIPTION

Enable NAT Enable sharing the WAN interface across multiple devices on the LAN. Also enables the

functions in the NAT sub-menu and addition PPPoE NAT features to select.

Note: This option and its related options are not available when IPv6 is selected as the Internet protocol.

Enable Fullcone NAT (Appears when Enable NAT is selected) Enables what is known as one-to-one NAT.

Enable SIP ALG (Appears when Enable NAT is selected) Enables Session Initiation Protocol (SIP) pass-

through NAT. Used for Voice over IP (VOIP) applications.

Enable Firewall Select to enable functions in the Security sub-menu.

Enable IGMP Multicast Proxy

Enable IGMP Multicast Source

Use Base MAC Address on this WAN interface

Click to enable Internet Group Membership Protocol (IGMP) multicast. Used by IPv4 hosts to report multicast group memberships to any neighboring multicast routers.

Select to enable this service to act as an IGMP multicast source.

Use SmartRG Devices Base (Primary) MAC address. When unchecked, a unique MAC per service is assigned.

10. Click Next. The following page appears.

11. Select the interface used as a default gateway for the PPP service being created and click the arrows to move your selection from left to right or from right to left.

12. Click Next. The following page appears where you will select DNS Server settings.

13. Select the DNS Server Interface from available WAN interfaces and click the arrows to move your selection from left to right or from right to left.

14. Alternatively, you can enter static DNS IP addresses in the Use the following Static DNS IP address section.

15. If you selected IPv6 as the Internet protocol earlier, you can configure the same DNS server information in the following fields:

l Obtain IPv6 DNS info from a WAN interface: Select a WAN Interface.

l Use the following Static IPv6 DNS address: Enter the Primary IPv6 DNS server address and, if desired, enter a Sec-

ondary IPv6 DNS server address.

16. Click Next. The summary page appears.

17. Review the summary and either click Apply/Save to commit your changes or click Back to step through the pages in reverse order to make any necessary alterations.

Bridging

Before you can configure a bridge WAN service, you must create the related ATM interface.

1. In the left navigation bar, click Advanced Setup > WAN Service and then click Add. The following page appears.

2. Select an ATM interface for the WAN service and then click Next. The following page appears.

3. Select Bridging. The Multicast Source fields appear.

4. Modify the other fields as needed, using the information in the following table.

Field Name Description

Allow as IGMP Multicast

Select to enable this service to act as an IGMP multicast source.

Source

Allow as MLD Multicast

Select to enable this service to act as an MLD multicast source.

Source

Enter Service Descrip-

(Optional) Enter a name to describe this configuration.

tion

Enter 802.1P Priority

Options are 0 - 7. The default is -1 (disabled).

For tagged service, enter values in this field and the 802.1Q VLAN ID field.

For untagged service, accept the default of -1 in this field and in the 802.1Q VLAN ID field.

Enter 802.1Q VLAN ID

Options are 0 - 4094. The default is -1 (disabled).

Field Name Description

For tagged service, enter values in this field and the 802.1P Priority field.

For untagged service, enter -1 (disabled) in this field and in the 802.1P Priority field.

Select VLAN TPID (

5. Click Next. The summary page appears indicating that your Bridging WAN setup is complete.

Optional

) Select the TPID for this VLAN. Options are

0x8100,0x88A8

, and

0x9100

6. Review the summary and either click Apply/Save to commit your changes or click Back to step through the pages in reverse order to make any necessary alterations.

LAN

On the Local Area Network (LAN) Setup page, you can configure the router’s local IP addresses, subnet mask, DHCP behavior and other related LAN side settings for your gateway.

1. In the left navigation bar, click Advanced Setup > LAN. The following page appears.

2. Customize the fields as desired.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

GroupName Select an interface group from the list of available groups (defined on the Interface Group-

ing page).

IP Address Enter the LAN IP address by which LAN devices will connect to this gateway.

Subnet Mask Enter the Subnet mask to be used by LAN devices connecting to this gateway.

Enable IGMP Snooping Enables your gateway to listen to IGMP network traffic between hosts and routers. By listen-

ing to these conversations, the gateway maintains a map of which links need which IP multicast streams.

Standard Mode Allows multicast traffic will flood to all bridge ports when there is no client subscribed to

any multicast group.

Blocking Mode Blocks multicast data traffic, preventing it from flooding to all bridge ports when no client

subscriptions to a multicast group are present.

Enable IGMP LAN to

Allows multicast traffic between LANs.

LAN Multicast

Enable LAN Side Fire-

Enables the restriction of traffic between LAN hosts.

wall

Disable DHCP Server Prevents the DHCP functionality of your gateway from automatically assigning LAN

IPaddresses to host devices as they connect with the gateway.

Enable DHCP Server Allows the DHCP functionality of your gateway to automatically assign LAN IP addresses to

host devices as they connect with the gateway. Fill in the next three fields to configure this action.

Start IP Address (Becomes editable when Enable DHCP Server is selected) Enter the beginning of the class

C, IP address range to be assigned by the DHCP server.

End IP Address (Becomes editable when Enable DHCP Server is selected) Enter the end of the class C, IP

address range to be assigned by the DHCP server.

Leased Time (hour) (Becomes editable when Enable DHCP Server is selected) Enter the number of hours for

which an IP address will be leased.

Static IP Lease List Specify a literal, static IP address to be associated with a specific MAC Address of one of

your LAN host devices.

1. Click Add Entries.

2. Enter the MAC address and IP address and click Apply/Save.

3. Repeat this step to create any additional entries that you need up to 32.

Field Name Description

Automatically create static IP leases from the following OUIs

Configure DHCP Options

For LAN hosts, IP addresses can be assigned manually or by using DHCP. Click Add OUI. Enter the OUI and click Apply/Save. Repeat these steps to create any additional entries that you need.

section

Option 66 For devices that require access to a TFTP server (device configuration name files are in .cnf

file format), which enables the device to communicate with other infrastructure, select this option to specify the name of the TFTP server.

Option 150 A Cisco proprietary methodology for pointing to one or two TFTP servers.

Configure the second IP address and subnet mask for LAN

When you select this option, the IP Address and Subnet Mask fields appear where you can enter a second IP address and Subnet mask to support a second, simultaneous LAN, i.e., the primary LAN might be defined as 192.168.0.1 and this secondary LAN defined as 192.168.2.1.

interface

IPv6 Autoconfig

On this page, you can configure your gateway's IPv6 environment.

1. In the left navigation bar, click Advanced Setup > LAN > IPv6 Autoconfig . The following page appears.

2. Modify the fields as needed, using the information in the table below.

3. Click Save/Apply to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Interface Address IPV6 address to assign as the gateways Local LAN IPV6 address and prefix length. Prefix length is required.

IPv6 LAN Applications

Enable DHCP v6 Server

Enable DHCP Server - This option is selected by default. Click to stop inheriting IPV6 address assignments from the WAN IPV6 inter-

section

Enable the DHCP v6 feature on the LAN.

Field Name Description

Stateless face.

Enable DHCP Server Stateful

DHCPv6 server given by the LAN IPV6 network as configured with additional options. Zero compression is not supported. Make sure to enter zeros between the colons, that is, do not use shorthand notation (::2). Options are:

l Start interface ID: Enter the beginning IPv6 available addresses for DHCP to assign to LAN devices.

l End interface ID: Enter the ending IPv6 available addresses for DHCP to assign to LAN devices.

l Leased Time (hour): Amount of time before a new IPv6 lease is requested by the LAN client.

Enable RADVD (Optional) This option is enabled by default. It enables Router Advertisement Daemon (RADVD) service that

sends router advertisements to LAN clients. Clear the check box to disable RADVD. Options are:

l Enable ULA Prefix Advertisement: Check this option to enable unique local address (ULA) advert-

isement on the LAN. When you select this option, the Randomly Generate option is selected and the gateway can generate a random IPv6 prefix.

l Statically Configure Prefix: Select this option to configure the IPv6 prefix, and enter values in the

Preferred Life Time and Valid Life Time fields (in hours). The default value for these fields is -1 (no

limit).

Enable MLD Snooping (Optional) This option is enabled by default. It enables Multicast Listener Discovery (MLD) snooping to man-

age IPV6 multicast traffic. Options are:

l Standard Mode: Multicast traffic will flood to all bridge ports when no client subscribes to a mul-

ticast group even if IGMP snooping is enabled.

l Blocking Mode: The multicast data traffic will be blocked and not flood to all bridge ports when

there are no client subscriptions to any multicast group. This is the default.

Enable MLD LAN to LAN Multicast

Optional

(

) This option is enabled by default. It enables LAN-to-LAN Multicast until the first WAN service is

connected. Options are

Disable

and

Enable

Ethernet Config

On the Ethernet Port Configuration page, you can set the speed and duplex mode for each of the Ethernet ports.

1. In the left navigation bar, click Advanced Setup > Ethernet Config . The following page appears.

2. In the Configure column, select an option (Auto, 100 Full, 100 Half, 10 Full or 10 Half) for the Ethernet port on your gateway.

These options represent 100 megabits or 10 megabits using half or full duplex transmission protocols. When you have a specific device with a known limited transmission speed capability, select one of the latter four options. If you select Auto, your gateway will automatically select an appropriate setting based on Ethernet auto negotiation with the NIC of the LAN host.

Note: For 1000 BaseT connections, always select Auto.

3. Click Save/Apply to commit your changes.

NAT

In this section, you can configure the settings for Network Address Translation including setting up virtual servers, port triggering and DMZ host. There is seldom need to customize these settings as the default settings manage the related features sufficiently for most environments.

Virtual Servers

Virtual Servers (more commonly known as port forwards) is a technique used to facilitate communications by external hosts with services provided within a private local area network.

On this page, you can configure the virtual server settings for your gateway.

1. In the left navigation bar, select Advanced Setup > NAT. The following page appears.

2. To add a virtual server, click Add. The following page appears.

3. Customize the fields to create your port forwarding entry, using the information provided in the table below.

4. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Use Interface Select the WAN interface to which this NAT rule will apply.

Select a Service Select from a list of application that typically require port forwards configured. The port ranges

and protocol fields will be pre-populated.

Custom Service If your application does not appear in the Select a Service list, you can enter a unique name for

the application in this field.

Field Name Description

Server IP Address

External Port Start

External Port End

Protocol Select the protocol to be used with this range of ports. Options are: TCP, UDP, or TCP/UDP.

Internal Port Start

Internal Port End Enter the last internal port for this server.

Enter the IP address of the LAN client where the service is hosted.

Enter the first external port for this server.

Enter the last external port for this server.

Enter the first internal port for this server.

Port Triggering

Some applications require that specific ports in the gateway's firewall be opened for access by remote parties. The Port Trigger feature dynamically opens up the open ports in the firewall when an application on the LAN initiates a TCP/UDP connection to a remote party using the triggering ports. The gateway allows the remote party from the WAN side to establish new connections back to the application on the LAN side using the Open Ports.

1. In the left navigation bar, click Advanced Setup > NAT > Port Triggering and then click Add. The following page appears.

2. Customize the fields as needed for the firewall pinholes you wish to establish. A maximum 96 entries can be configured.

3. Click Apply/Save to commit your changes. If the selected service configures multiple servers, the same number of entries are added to the table of the NAT - Virtual Servers Setup page.

The fields on this page are explained in the following table.

Field Name Description

Use Interface Select the interface for which the port triggering rule will apply.

Select a Service Select the application which requires a port trigger entry. The starting and ending IP

addresses and port numbers that are configured for the service are populated into the table at the bottom of the page.

Custom Service If the application you want does not appear in the selection list, enter a unique name for

the application for which you are creating a port trigger entry. This is a free-form text field.

Trigger Port Start Enter the starting number of the range of available outgoing trigger ports. Options are: 1 -

65535.

Field Name Description

Trigger Port End Enter the end number of the range of available outgoing trigger ports. Options are: 1 -

65535.

Trigger Protocol Select the protocol required by the application that will be using the ports in the specified

range. Options are: TCP, UDP, and TCP/UDP.

Open Port Start Enter the starting number of the range of available incoming ports. Options are: 1 - 65535.

Open Port End Enter the end number of the range of available incoming ports. Options are: 1 - 65535.

Open Protocol Select the protocol for the open port. Options are: TCP, UDP, and TCP/UDP.

DMZ Host

The Broadband Router will forward IP packets from the WAN that do not belong to any of the applications configured in the Virtual Servers table to the DMZ host computer. If you want to route all internet traffic to a specific LAN device with no filtering or security, add the IP address of that device to this page.

1. In the left navigation bar, click Advanced Setup > NAT > DMZ Host. The following page appears.

2. Enter the DMZ Host IP Address.

3. Click Apply/Save to commit your change.

Security

In this section, you can configure filtering for IP and MAC addresses.

IP Filtering - Outgoing

On this page, you can add an outgoing filter when refusal of data transmitted from the LAN to the WAN is desired.

1. In the left navigation bar, click Advanced Setup > Security > IP Filtering and then click Add. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit the completed entry.

The fields on this page are explained in the following table.

Field Name Description

Filter Name Enter a descriptive name for this filter.

IP Version For the filter to be configured and effective for IPV6 , the gateway must be installed on a net-

work that is either a IPV6-only network (with that protocol enabled) or is both IPV4 and IPV6 dual protocol enabled/configured. Options are IPv4 and IPv6. The default is IPv4.

If you select IPV6, both the Source and Destination IP address must be specified in IPV6 format. The following is an IPV6-compliant, hexadecimal address: 2001:0DB8:AC10:FE01:0000:0000:0000:0001.

Protocol Select the protocol profile for the filter you are defining. TCP/UDP is most commonly used. The

options are TCP/UDP, TCP, UDP, and ICMP.

Source IP Enter the source IP address of a LAN side host for which you wish to filter/block outgoing traffic

Field Name Description

address [/prefix length]

Source Port (port or port:port)

Destination IP address

Destination Port (port or port:port)

for the specified protocol(s).

Note: This address can be a particular address or a block of IP addresses on a network subnet. This is done by appending the associated routing "/prefix" length decimal value (preceded with the slash) to the addresses. A valid decimal routing prefix is required for defining the subnet mask per CIDR notation.

Set the outgoing host port (or range of ports) for the above host (or range of hosts defined by optional routing "/prefix" subnet mask) to define the ports profile for which egress traffic will be filtered from reaching the specified destination(s).

Enter the destination IP address of a LAN side host for which you wish to filter/block outgoing traffic for the specified protocol(s).

Note: This address can be a particular address or a block of IP address on a network subnet. This is done by appending the associated routing "/prefix" length decimal value (preceded with the slash) to the addresses. A valid decimal routing prefix is required for defining the subnet mask per CIDR notation.

Set the destination host port (or range of ports) for the above host (or range of hosts) to define the destination port profile for which the filtered host egress traffic will be filtered from reaching the otherwise intended destination(s), e.g., to block the traffic to those ports on, say, a computer external to the local network.

IP Filtering - Incoming

On this page, you can add an incoming filter when refusal of data from the WAN to the LAN is desired.

1. In the left navigation bar, click Advanced Setup > Security > IP Filtering > Incoming and then click Add. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Filter Name Enter a descriptive name for this filter.

IP Version Select the IP version for this filter. Options are

IPv4

and

IPv6

. The default is

Protocol Select the protocol to be associated with this incoming filter. Options are:

TCP/UDP,TCP,UDP

, or

ICMP

Source IP address [/prefix length] Enter the source IP address for rule. For IPv6, enter the prefix as well.

Source Port (port or port:port) Enter source port number or range (xxxxx:yyyyy).

Destination IP address [/prefix

Enter the destination IP address for rule. For IPv6, enter the prefix as well.

length]

Destination Port (port or port:port) Enter destination port number or range (xxxxx:yyyyy).

WAN Interfaces Click to apply this rule to all WAN interfaces or only certain types. Options

Select All

are

or the interfaces defined for your network.

MAC Filtering

Your SmartRG gateway can block or forward packets based on the originating device. This MAC filtering feature is available only in Bridge mode. For other modes, similar functionality is available via IP Filtering.

On this page, you can manage MAC filtering for your gateway.

1. In the left navigation bar, click Advanced Setup > Security > MAC Filtering. The following page appears.

2. To modify policy settings:

a. Review the information on the page.

b. Once you understand the consequences of changing the policy, click the Change checkbox, and then click Change

Policy. The policy is switched to FORWARD or BLOCKED.

3. To add a rule, follow the instructions in "MAC Filtering".

4. To remove a rule, click the Remove checkbox next to the rule and click the Remove button.

5. When your changes are completed, click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Interface The interface associated with an established policy rule.

Policy The current/active policy type that is in place. Options are

FORWARD

and

BLOCKED

Adding a MAC Filtering Rule

You cannot edit rules but you can add new ones and then remove the obsolete ones.

1. On the MAC Filtering page, click Add. The following page appears.

2. Fill in the fields, using the information provided in the following table.

3. Click Save/Apply to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Protocol Type Select the protocol associated with the device at the destination MAC address. Options are

Destination MAC Address

Source MAC Address

Frame Direction Select the incoming/outgoing packet interface. Options are

WAN Interfaces Select the interface to which the filter should be applied.

PPPoE,IPv4,IPv6,AppleTalk,IPX,NetBEUI

Enter the MAC address of the hardware you wish to associate with this filter.

Enter the MAC address of the device that is originating requests intended for the device associated with the

N=>WAN

Destination MAC Address

. The default is

LAN<=>WAN

, and

IGMP

LAN<=>WAN,WAN=>LAN

, and

LAN-

Parental Control

In this section, you can configure the Parental Control features of your SmartRG gateway to restrict Internet access to certain hours and to certain URLS.

Time Restriction

On this page, you can restrict Internet access to particular days and specific times for each device that accesses your gateway.

1. In the left navigation bar, click Advanced Setup > Parental Control and then click Add. The following page appears.

2. Fill in the fields using the information in the table below.

3. Click Apply/Save.

The fields on this page are explained in the following table.

Field Name Description

User Name Enter a descriptive name for this restriction.

Browser's MAC Address This option is selected by default. The MAC address of the connected device is shown.

Other MAC Address Select this option to restrict access to another device. Enter the MAC address of that

device.

Note: You can view a list of the connected devices and MAC addresses on the Device

Info > ARP page.

Field Name Description

Days of the week Select the days (Mon - Sun) for which the restrictions apply.

Start Time Blocking / End Time Blocking

Enter the range of time that the devices listed above are restricted from access to the Internet. Use 24-hour clock notation (00:00 - 24:00).

URL Filter

The other side of the Parental Controls coin is URL filtering. On this page, you can exclude and include URLs as desired. Each list can include up to 100 addresses.

Note: Only one Exclude list and one Include list are supported for each gateway. Unique lists are not supported for connecting

devices.

1. In the left navigation bar, click Advanced Setup > Parental Control > Url Filter.

2. To block a URL:

a. Next to URL List Type, select Exclude.

b. Click Add. The following page appears.

c. Click Apply/Save to save your settings. You are returned to the Url Filter page.

3. To create a list of URLs to allow, next to URL List Type, select Include and repeat the above steps.

The fields on this page are explained in the following table.

Field Name Description

URL Address Enter the URL address to be included in the list.

Port Number (

Optional

) Enter the port number associated with the URL. The default is80.

Quality Of Service

Quality of Service (QoS) enables prioritization of Internet content to help ensure the best possible performance. This is particularly useful for streaming video and audio content with minimized potential for drop-outs. QoS becomes significant when the sum of all traffic (audio, vid"QoS Classification"data) exceeds the capacity of the line.

In this section, you can configure QoS settings including traffic queues, classifications (rules) and port shaping.

Note: Before proceeding, make sure that the necessary WAN service has been configured with the appropriate Priority setting.

QoS Config

On this page, you can enable QoS and set the DSCP Mark classification.

The maximum number of queues that can be configured vary by mode, as shown below.

Mode Maximum # of queues

ATM 16

Ethernet 4 per interface

PTM 8

Note: Queues for Wireless (e.g., WMM Voice Priority) are shown only when wireless is enabled. If the WMM Advertise function on the Wireless Basic Setup page is disabled, assigning classifications to wireless traffic has no effect.

1. In the left navigation bar, click Advanced Setup > Quality Of Service > QoS Config. The following page appears.

2. If the Enable QoS checkbox is not checked, click it to select it.

Warning: If this option is already enabled and you clear the checkbox, QoS will be disabled for ALL interfaces.

3. In the Select Default DSCP Mark field, select the Differentiated Services Code Point (DSCP) Mark classification value to be used. The default is No Change(-1). For a list of supported values, see "Supported DSCP Values".

4. Click Apply/Save to save your settings.

Supported DSCP Values

The DSCP marking QoS Queue Management Configuration marking on ingress packets is based on the selection you make in the Select

Default DSCP Mark field. The selected default marking is applied automatically to all incoming packets without reference to a par-

ticular classification.

Note: A default DSCP mark value of Default(000000) will mark all egress packets that do NOT match any classification.

The following values are supported. For more information about commonly used DSCP values, refer to RFC 2475.

No Change(-1) CS1(001000) AF32(011100) CS4(100000)

Auto Marking(-2) AF23(010110) AF31(011010) EF(101110)

Default(000000) AF22(010100) CS3(011000) CS5(101000)

AF13(001110) AF21(010010) AF43(100110) CS6(110000)

AF12(001100) CS2(010000) AF42(100100)

AF11(001010) AF33(011110) AF41(100010)

QoS Queue Config

On this page, you can configure a queue and add it to a Layer2 interface.

1. In the left navigation bar, click Advanced Setup > Quality Of Service > QoS Queue Config and then click Add. The following page appears.

2. In the Name field, type a descriptive name for this queue.

3. In the Interface field, select the Layer 2 interface to be associated for this queue. Additional fields appear.

4. Fill in the fields, using the information provided in the table below. Note: For Dynamic WAN interfaces, the Queue Priority settings appear twice - once for ATM WAN QoS configuration and once for PTM WAN QoS configuration.

5. Click Apply/Save to save your settings.

The fields on this page are explained in the following table.

Field Name Description

Enable Select to enable or disable this queue configured on the selected interface. This option is

enabled by default.

Note: Only one queue can be defined for any one interface/precedence pair, resulting in a maximum of three queues per interface.

Queue Priority

Queue Precedence/

settings

Select the priority value to be associated with the new queue. Options vary by interface type and include 1(SP - 4(SP), 1(WRR/WFQ) - 7(WRR/WFQ), and 8(WRR).

Precedence

Note: The lower the value, the higher the priority.

Scheduler Algorithm

(Not applicable for ETH interfaces) Select an algorithm for applying queue data priority. Options are:

l Weighted Round Robin: Applies a fair round robin scheme weighting that is effective

for networks with fixed packet sizes, e.g., ATM networks.

l Weighted Fair Queuing: Applies a fair queue weighting scheme by allowing different

sessions to have different service shares for improved data packet flow in networks with variable packet sizes, e.g., PTM/IP networks.

Queue Weight (

Not applicable for ETH interfaces

) Enter a weight for prioritizing this queue. Options are1-

Minimum Rate (Applicable for PTM and Dynamic WAN interfaces only) Enter the minimum shaping rate for

packets in QoS queues. Options are 1 - 100000 Kbps.

To specify no minimum rate, enter -1.

Shaping Rate (Applicable for PTM and Dynamic WAN interfaces only) Enter the shaping rate for packets in

QoS queues. Options are 1 - 100000 Kbps.

To specify no shaping, enter -1 .

Shaping Burst Size (Applicable for PTM and Dynamic WAN interfaces only) Enter the shaping burst size to be

applied to packets in the defined queue. Options are 1600 bytes or greater.

PTMPriority

DSL Latency

( face. Options are

Low

and

High

(Not applicable for ETH or Dynamic WAN interfaces) Select the level of DSL latency. Options

) Select the priority for the PTM inter-

Applicable for PTM and Dynamic WAN interfaces only

are:

atm, ptm

l Path0 (Fast): No error correction and can provide lower latency on error free lines.

l Path1 (Interleaved): Error checking that provides error free data which increases

latency.

Note: If you are not sure which option to select, you can select both.

Wlan Queue

On this page, you can view the WLAN queues defined for your network.

In the left navigation bar, click Advanced Setup > Quality Of Service > QoS Queue > Wlan Queue. The following page appears.

QoS Classification

On this page, you can create traffic class rules for classifying the ingress traffic into a priority queue. You can also mark the DSCP or Ethernet priority of the packet.

1. In the left navigation bar, click Advanced Setup > Quality Of Service > QoS Classification and then click Add. The following page appears. A maximum of 32 entries can be configured.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Traffic Class Name Enter a descriptive name for this rule. This is a free-form text field.

Rule Order Select whether this rule is processed last in the list of classification rules. The only

option is Last.

Rule Status Select whether this rule is active or inactive. Options are Disable and Enable.The

Field Name Description

default is Enable.

Specify Classification Criteria section

Ingress Interface Select an interface for incoming data. Options are

LAN,WAN,Local

and any interface

already configured for your gateway.

Ether Type Select the Ethernet interface type for this classification. Options are IP, ARP, IPV6,

PPPoE_DISC, pPPoE_SES, 8865, 8866, and 8021Q.

802.1P priority (For Ether Type of 8021Q only) This value is inserted into the Ethernet frame and used to differentiate traffic. Lower values assign higher priorities. Options are: 1 - 7.

Source MAC Address Source MAC Mask

Destination MAC Address Destination MAC Mask

(Not applicable for Ether Type of 8021Q) Enter the source MAC Address and Source MAC Mask for this classification.

(Not applicable for Ether Type of 8021Q) Enter the destination MAC Address and des- tination MAC Mask for this classification.

Source IP Address[Mask] (Not applicable for Ether Type of 8021Q) (Optional) Enter the source IP address and

subnet mask for this classification, or select a DHCP option from the drop-down list and enter the address and mask for that server.

Destination IP Address [Mask]

Differentiated Service Code Point (DSCP) Check

(Optional) (Not applicable for Ether Type of 8021Q) Enter the destination IP address and subnet mask for this classification.

(Optional) (Not applicable for Ether Type of 8021Q) Select the desired DSCP code for marking incoming data.

Protocol (Optional) (Not applicable for Ether Type of 8021Q) Enter the Protocol specified for

this classification.

Specify Class Queue (Not applicable for Ether Type of 8021Q) Select from the available queues.

Note: Make sure to select a queue that is configured for the interface that you selected. If you select a queue that is not configured for the selected interface, any packets classified into that queue are processed by the default queue for the interface.

Specify Classification Results

section

Specify Egress Interface Select the egress interface for this rule. Options are the interfaces already configured.

Specify Egress Queue Select the egress queue for this rule. Options are the queues already configured.

Mark Applied Dif-

Select the desired DSCP code for marking classification results.

ferentiated Service Code Point

Field Name Description

802.1P priority This value is inserted into the Ethernet frame and used to differentiate traffic. Lower values assign higher priorities. Options are: 1 - 7.

Set Rate Limit Enter the data traffic rate limit (in Kbps) applied for this classification.

QoS Port Shaping

QoS Port Shaping facilitates setting a fixed rate (Kbps) for each of the Ethernet ports.

1. In the left navigation bar, click Advanced Setup > Quality Of Service > QoS Port Shaping. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Interface Each entry in this column represents one of the Ethernet LAN ports on the gateway.

Type Each entry in this column identifies the function for which each physical port is con-

figured on the gateway.

Shaping Rate (Kbps) Enter the data rate for packets on the specified Interface. Options are: 1 - 1,000,000

Kbps. The default is -1 (no shaping).

Burst Size (bytes) Enter the burst size to be applied to packets in the defined queue. Options are 1600

bytes or greater.

If you enter a value of -1 (disabled) in the Shaping Rate field, the value in this field is ignored.

Egress Shaping Rate (Kbps)

Egress Burst Size (bytes

Enter the data rate for packets on the specified Interface. Options are:1Kbps. The default is-1(no shaping).

Enter the burst size to be applied to packets in the defined queue. Options are 1600

1,000,000

Field Name Description

bytes or greater. The default is 0 (no size limit).

If you enter a value of -1 (disabled) in the Egress Shaping Rate field, the value in this field is ignored.

Ingress Policing Rate (Kbps)

Enter data rate for policing incoming packets in the defined queue. The default is-1(no policing).

Routing

In this section, you can configure default gateways, static routing, policy routing and RIP settings.

Default Gateway

On this page, you can configure the default gateway interface list to establish access priority, that is, interfaces are accessed in the order listed in the Selected Default Gateway Interfaces column.

Note: You must configure the IPv6 interface before attempting to assign it as the default gateway interface.

1. In the left navigation bar, select Advanced Setup > Routing. The following page appears.

2. Select the interfaces that you want used as default gateway interfaces. Click the arrows to move your selection between the columns. Move the highest priority interface first, followed by the next highest priority interface, and so on.

3. (Optional) In the Selected WAN Interface field, select an IPv6 interface. The default is NO CONFIGURED INTERFACE.

4. Click Apply/Save to commit your changes.

Static Route

On this page, you can configure static routes for your network. A static route is a manually configured, fixed route for IP data. You can enter a maximum of 32 entries.

1. In the left navigation bar, click Advanced Setup > Routing > Static Route and then click Add. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

IP Version Select the IP version associated with the static route you wish to create. Options are:

Destination IP address/ prefix length

Interface Select the WAN Interface for this route. This list filtered by the selected IP version.

Gateway IP Address Enter the destination IP address for this route. If needed, include the /prefix length.

Metric (

IPv6

and

Enter the destination network address / subnet mask for route.

Optional

0).

) Establishes traffic priority/weighting. Must be equal to or greater than

IPv4

zero(>

Policy Routing

Policy routing makes somewhat automated routing choices based on policies defined by a network administrator. For example, a network administrator might want to deviate from standard routing based on destination markers in the packet and, instead, forward a packet based on the source address.

On this page, you can configure similar policies.

1. In the left navigation bar, click Advanced Setup > Routing > Policy Routing and then click Add. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Policy Name Enter a descriptive name for this entry to the policy routing table.

Physical LANPort Select a physical port on the gateway.

Source IP Enter the IP address for the source of this policy route.

Use Interface Select the WAN Interface for this policy route.

Default Gateway IP Enter the IP address of the default gateway.

RIP (Routing Information Protocol)

RIP is a type of distance-vector routing protocol, which leverages hop count as a metric for routing. RIP puts a limit on the number of hops (maximum of 15) allowed in order to prevent routing loops. This can sometimes limit the size of networks where RIP can be successfully employed.

Note: This feature applies only to IPoE configurations.

On this page, you can configure the RIP settings.

1. In the left navigation bar, click Advanced Setup > Routing > RIP, and then click Add. The following page appears.

2. Fill in the fields, using the information in the table below.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Interface Displays a list of available WAN interfaces. Complete the line item(s) associated with the inter-

face where you wish to employ RIP.

Version Select the version of Routing Interface Protocol you desire. Reference RFC 1058 and RFC 1453 for

detailed information on RIP versions. Options are: 1, 2, and Both.

Operation Select the operation mode. Options are:

l Active: This mode listens and advertises routes.

l Passive: This mode listens only. It does not advertise routes.

Enabled Select to employ RIP on the displayed interface.

DNS

In this section, you can configure a DNS server, dynamic DNS and static DNS.

DNS Server

On this page, you can input the Domain Name Server (DNS) information supplied by your service provider.

1. In the left navigation bar, click Advanced Setup > DNS. The following page appears.

2. (Optional) Select DNS Server interfaces by moving them from left to right or right to left by clicking the arrows. The options for obtaining the DNS information from a WAN interface are selected by default.

3. To use a static DNS IP address, click Use the following Static DNS IP address and enter the primary DNS IP address. If applicable, enter a secondary DNS IP address.

4. (Optional) In the WAN Interface selected field, select a different WAN interface. The Obtain IPv6 DNS info from a WAN interface option is selected by default.

5. To use a static DNS IPv6 address, click Use the following Static IPv6 DNS address and enter the primary DNS IP address. If applicable, enter a secondary DNS IP address.

6. Click Apply/Save to commit changes.

Dynamic DNS

Dynamic DNS (DDNS) automatically updates a name server in the DNS with the active DNS configuration of its configured hostnames, addresses or other data. Often this update occurs in real time. On this page, you can configure the settings for this feature.

1. In the left navigation bar, click Advanced Setup > DNS > Dynamic DNS and then click Add. The following page appears.

2. Modify the settings, using the information provided in the following table.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

D-DNS provider Select a dynamic Domain Name Server provider.

Hostname Enter the hostname of the dynamic DNS server.

Interface Select the gateway WAN interface whose traffic will be pointed at the specified Dynamic DNS

provider.

Field Name Description

Username Enter the username for the dynamic DNS server .

Password Enter the password for the dynamic DNS server.

Static DNS

The Static DNS service allows you to resolve DNS queries on the Broadband Router by adding a static host name to the IP Address mappings. On this page, you can configure up to 10 static DNS entries.

1. In the left navigation bar, click Advanced Setup > DNS > Static DNS and then click Add. The following page appears.

2. Modify the settings, using the information provided in the following table.

3. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

Hostname Enter the hostname of the client computer.

Interface Enter the IP address of the DNS server client uses to assist in resolving domain names.

DSL

On this page, you can configure settings for the DSL interface.

Caution: Altering these settings unnecessarily can result in the gateway being unable to attain DSL synchronization.

1. In the left navigation bar, click Advanced Setup -> DSL. The following page appears.

2. Modify the settings as needed.

3. Click Apply/Save to commit your changes.

The modulation settings are described in the table below.

Modulation Data Transmission Rate Max Downstream

(Mbps)

G.Dmt ITU-T G.992.1 standard.

G.lite ITU-T G.991.2 standard.

T1.413 ANSI T1.413 Issue 2 standard.

ADSL2 ITU-T G.992.3 standard.

12 1.3

4 0.5

8 1.0

12 1.0

Max Upstream (Mbps)

AnnexL Annex L of ITU-T G.992.3 standard which supports longer loops

but with reduced transmission rates.

ADSL2+ ITU-T G.992.5 standard.

AnnexM Annex L of ITU-T G.992.5 standard which supports extended

28 1.0

24 3

upstream bandwidth.

VDSL2 ITU-T G.993.2 standard.

100 60

The following table explains the maximum transaction power for each profile supported for SRG gateways.

Parameter 8a 8b 8c 8d 12a 12b 17a

Max DS Tx Power (dBm) +17.5 +20.5 +11.5 +14.5

Max US Tx Power (dBm) +14.5

Min bidirectional net data rate 50Mbps 68Mbps 100Mbps

Other Settings

Field Name Description

Inner Pair/Outer Pair

Capability

The RJ11 connector has four contacts. The center pair of pins is DSL1. The outer pins are the contacts for DSL2. Select which pair should be used.

l Bitswap Enable: Enables adaptive handshaking functionality.

l SRA Enable: Enables Seamless Rate Adaptation.

l PhyR Enable: Enables Physical Layer Retransmission.

Other Settings

Field Name Description

l ADSL PTM Mode Enable: Enables Asymmetric Digital Subscriber Line in Packet Transfer

Mode.

l Stinger® Mode Enable: Enables communication with Stinger type equipment.

Inventory Management

Select whether to use the gateway serial number as the EOC serial number in your inventory management database.

UPnP

On this page, you can enable UPnP when 3rd party devices on your LAN support this Universal Plug and Play standard. Common client devices include gaming consoles, IP cameras, printers and others. This feature is enabled by default.

1. In the left navigation bar, select Advanced Setup > UPnP. The following page appears.

2. To disable this option, click Enable UPnP to clear the box.

3. Click Apply/Save to commit your changes.

DNS Proxy

On this page, you can configure the DNS proxy settings. A DNS proxy improves domain look-up performance for clients by creating a historical cache of look-ups.

1. In the left navigation bar, click Advanced Setup > DNS Proxy. The following page appears.

2. If not already selected, click Enable DNS Proxy. The Host name and Domain Name fields appear.

3. Enter the host name of the broadband router and the domain name of the LAN network.

4. Click Apply/Save to commit your changes.

Storage Service

In this section, you can view information about the storage devices connected to the gateway and manage the user accounts that can access them.

Storage Device Info

On this page, you can view information about storage devices that connect to the gateway and manage the related user accounts.

In the left navigation menu, click Advanced Setup > Storage Service. The following page appears, showing information about the connected storage device.

User Accounts

On this page, you can manage user accounts for the storage devices.

1. In the left navigation menu, click Advanced Setup > Storage Service > User Accounts. The following page appears.

2. To add a new account:

a. Click Add. the following page appears.

b. Enter a user name and enter the password twice. Spaces are not allowed in the password.

Note: The volumeName field is not currently used.

c. Click Apply/Save to save your settings. You are returned to the User Accounts page.

3. To remove a user account, click the Remove checkbox next to the account entry and then click the Remove button. The list refreshes to show your changes were applied.

Interface Grouping

You can create an interface group to map local interfaces to WAN interfaces. A typical application for this feature is assigning IPTV STBs to a WAN interface.

1. In the left navigation bar, click Advanced Setup > Interface Grouping and then click Add (below the table). The following page appears.

2. To create a new interface group, enter a unique Group Name, then proceed with either step 3 (dynamic) or step 4 (static) below.

3. If this new grouped interface is to share the WAN interface, click Shared WAN Interface. Not selecting this option this will cause the WAN interface you select to be removed from any other interface groups. Important: If a vendor ID is configured for a specific client device, make sure to reboot the client device attached to the gateway to allow it to obtain an appropriate IP address.

4. Map the ports for the WAN or LAN interface:

a. Select an interface from the applicable Available Interface list.

b. Add it to the Grouped Interface list by clicking the arrow to create the required mapping of the ports. Hold down the

Shift key to select multiple interfaces. Note: Depending on the WAN interface configuration, these clients may obtain public IP addresses.

5. To automatically add LAN clients (such as set-top boxes) to a WAN Interface in the new group, enter the DHCP vendor ID string. You can add up to 16 vendor IDs. When you configure a DHCP vendor ID string, any DHCP client request that includes this vendor ID is denied an IP address from the local DHCP server (DHCP option 60).

6. Click Apply/Save. Your changes take effect immediately.

7. To remove a grouping, on the Interface Grouping list page, select the grouping and click Remove. You can only remove groupings that you create.

IP Tunnel

IP Tunneling is typically used as a means to establish a path between two independent networks. Your SmartRG gateway supports connecting islands of IPv6 networks across the IPv4 internet or IPv4 in IPv6 as well.

On this page, you can configure IP tunnel settings.

Note: For IPv6inIPv4, only 6rd configuration is supported. For IPv4inIPv6, only DS-Lite configuration is supported.

IPv6inIPv4

On this page, you can configure the IPv6inIP4 settings.

1. In the left navigation bar, click Advanced Setup > IP Tunnel > IPv6inIPv4 and then click Add. The following page appears.

2. Enter a descriptive Tunnel Name.

Skip the Mechanism field. Currently, only the 6RD mechanism is supported.

3. Select the WAN and LAN interfaces associated with the tunnel you wish to establish.

4. Do one of the following:

a. To configure the LAN interface settings manually, enter values located below the Manual button.

l IPv4 Mask Length: Options are 0 - 32.

l 6rd Prefix with Prefix Length: prefix/length, such as: 2002::/64.

l Border Relay IPv4 Address: Enter the IP address for the IPv6 relay server.

b. To configure these settings automatically, select Automatic. The fields below the buttons are hidden.

5. Click Apply/Save to commit your changes.

IPv4inIPv6

On this page, you can configure the IPv4inIP6 settings.

1. In the left navigation bar, click Advanced Setup > IP Tunnel > IPv6inIPv4 and then click Add. The following page appears.

Note: Currently, only the DS-Lite Mechanism is supported. Consult RFC6333 for further information regarding DS-Lite.

2. Enter a descriptive Tunnel Name.

3. Select the LAN and WAN interfaces associated with the tunnel you wish to establish.

4. Under Associated LAN Interface, enter the appropriate value for AFTR (Address Family Transition Router). To configure this setting automatically, select Automatic. The AFTR field is hidden.

5. Click Apply/Save to commit your changes.

IPSec

Internet Protocol Security is a protocol for securing communications by packet level encryption and authentication.

On this page, you can enable and remove IPSec connections, or edit existing connections.

1. In the left navigation bar, click Advanced Setup > IP Sec and then click Add New Connection. The following page appears.

2. Complete the fields, using the information provided in the following table.

3. If desired, click Advanced IKE Settings to select Phase 1 and Phase 2 specific parameters. For detailed information about these settings, see "Advanced IKE Settings".

4. Click Apply/Save to commit your changes.

The fields on this page are explained in the following table.

Field Name Description

IPSec Connection Name Enter a descriptive name for this connection

IP Version Select the IP version associated with your infrastructure. Options are IPv4 and

IPv6.

Tunnel Mode Select the encapsulation method to be used. Options are:

l AH: Use this mode to encapsulate a packet with AH and IP headers. For

authentication, the entire packet is signed.

l ESP: Use this mode to encapsulate a packet with ESP and IP headers. An

ESP trailer is added to the packet for authentication and integrity.

Local Gateway Interface Select the WAN connection to be associated with this tunnel.

Remote IPSec Gateway Address Enter the WAN IP for this tunnel.

Tunnel Access From Local IP Addresses

Select IP information for site A and B. Options are:

l Subnet: Allows access to the entire LAN.

l Single Address: For single host, select this option.

IP Address for VPN Enter the IP address used for local access.

Mask or Prefix Length Enter the subnet mask or prefix length for IP address entered for local access.

255.255.255.0

Tunnel Access From Remote IP Addresses

The default is

Select IP information for site A and B. Options are:

l Subnet: Allows access to the entire LAN.

l Single Address: Allows access to a single host.

IP Address for VPN Enter the IP address used for remote access.

Mask or Prefix Length Enter the subnet mask or prefix length for IP address entered for remote access.

The default is

255.255.255.0

Key Exchange Method Select the key-exchange method to be used for IPSec. Options are:

l Auto(IKE): This method uses the negotiated key-exchange method for

IPSec. This is the default and recommended for best results.

l Manual: This method requires that you configure the details.

Authentication Method Select the method by which the remote end will authenticate.

l Pre-Shared Key: A key is distributed to authorized users for logging into

the system. Enter the key in the Pre-Shared Key field.

l Certificate (X.509): A certificate is used for authentication. Select the

certificate file in the Certificates field that appears.

Perfect Forward Secrecy Select whether a session key is derived from a set of long-term keys is com-

Field Name Description

promised if one of the long-term keys in the set is compromised.

l Enable: Prevents long-term key from being compromised.

l Disable: Permits long-term keys to be compromised.

The following fields appear below

Advanced Settings

when

Manual

is selected in the

Key Exchange Method

Encryption Algorithm Select the encryption algorithm. Options are DES, 3DES and AES.

Encryption Key Enter the hex value for the selected encryption algorithm.

Authentication Algorithm Select the authentication algorithm. Options are

MD5

and

SHA1

Authentication Key Enter the hex value for the selected authentication algorithm.

SPI Enter the hex value for the service provider interface (SPI). The default is

Advanced IKE Settings

You can configure advanced IKE settings if desired.

1. On the IPSec Settings page, click Show Advanced Settings to display the Phase 1 and Phase 2 fields.

2. Fill in the fields, using the information in the table below.

Field Name Description

Mode Select a mode. Options are Main and Aggressive.

field.

101

Encryption Algorithm Select the encryption algorithm. Options are DES, 3DES , AES -128, AES-192, and

AES-256.

Integrity Algorithm Select the integrity algorithm. Options are MD5 and SHA1.

Select Diffie-Hellman Group

Select the D-H group. Options are 768bit - 8192bit. The default is 1024bit.

for Key Exchange

Key Life Time Enter the number of seconds that a key is valid. The default is 3600 seconds.

3. Click Apply/Save to commit your changes.

Certificate

In this section, you can configure certificates for the gateway. You can use Local and Trusted CA certificates on this gateway.

Local

Local certificates are used to identify the gateway to other users. On this page, you can create a new certificate request and have it signed by a certificate authority, or you can import an existing certificate.

For additional info regarding Public Key Infrastructure (PKI), refer to ITU-T X.509.

1. In the left navigation bar, click Advanced Setup > Certificate > Local and then click Create Certificate Request. The fol- lowing page appears.

2. Complete the fields, using the information in the table below. For more information about certificates, refer to the ITU X.509 standard.

3. Click Apply to complete the request.

Field Name Description

Certificate Name Enter a description of the intended use of the certificate.

Common Name Enter the IPaddress (in dotted decimal notation), domain name or email address in the field

provided. The domain name or email address is for identification purposes and is a free-form text field.

Field Name Description

Organization Name A free form text field. Typically, this is the name of the company creating the request.

Country/Region Select the country or region in which this certificate will be employed.

4. To import a certificate and the corresponding private key, on the Advanced Setup > Local Certificates page, click Import Cer-

tificate. The following page appears.

5. In the Certificate Name field, type "cpecert".

6. Paste the Certificate details between the BEGIN and END markers.

Smartrg SR506N User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Introduction

Disclaimer

Copyright and Trademarks

Safety Warnings

FCC Information

Welcome!

Purpose & Scope

Intended Audience

Getting Assistance

Getting Familiar with your Gateway

LED Status Indicators

Connections

Buttons

On/Off Button

Reset Button

WPS Button

WiFi Button

Installing your SR506n Gateway

Logging in to your Gateway's UI

Device Info

Summary

Statistics

WAN Service

xDSL

References

Route

DHCP

Advanced Setup

Layer2 Interface

ATM Interface

PTM Interface

ETH Interface

WAN Service

PPP over Ethernet

IP over Ethernet

Bridging

IPv6 Autoconfig

Ethernet Config

Virtual Servers

Port Triggering

DMZ Host

Security

IP Filtering - Outgoing

IP Filtering - Incoming

MAC Filtering

Adding a MAC Filtering Rule

Parental Control

Time Restriction

URL Filter

Quality Of Service

QoS Config

Supported DSCP Values

QoS Queue Config

Wlan Queue

QoS Classification

QoS Port Shaping

Routing

Default Gateway

Static Route

Policy Routing

RIP (Routing Information Protocol)

DNS Server

Dynamic DNS

Static DNS

UPnP

DNS Proxy

Storage Service

Storage Device Info

User Accounts

Interface Grouping

IP Tunnel

IPv6inIPv4

IPv4inIPv6

IPSec

Advanced IKE Settings

Certificate