USRobotics USR9108 User Manual

Wireless MAXg ADSL Gateway
User Guide

Home Installation Configuration Help

Login Status Internet LAN Wireless Security Device Appendix

Wireless communication settings

These are the options available in the Wireless menu:

Setup



 Client List

AP Mode



第 1 頁，共 5 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

 Advanced Settings

Setup

The following page allows you to enable the wireless capability, hide the access point by not
broadcasting the network name, and set the wireless network name (SSID).

Option Description

Allow wireless
connections

Broadcast
network name

A checkbox that enables or disables the wireless LAN
interface. The default is to enable wireless
communications.

If you do not want the access point to be automatically
detected by a wireless client, clear this checkbox. If you
do this, the client cannot discover the access point. You
can still set up the connection by specifying the network
name (below), then entering this name in the wireless
client utility.

Enter a name for your wireless network here. SSID stands

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX06.125\wui_...

第 2 頁，共 5 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

for Service Set Identifier. This name must be between 1

Network name
(SSID)

MAC address

and 32 characters long. The default name is USR9108.

All wireless clients must either detect the gateway or be
configured with the correct SSID to access the Internet.

Displays the gateway's wireless MAC address. (You may
need this address if you're using WDS or multiple
gateways.) Click Apply to save changes.

Client List

This page displays all of the wireless clients associated with or connected to your wireless
gateway. A wireless client is a machine with a wireless adapter.

If you check or uncheck any of the Disable checkboxes, click Apply to save your changes. If
you discover an unauthorized wireless user connecting to your gateway, you can use the

Disable checkbox to remove it. This also adds the unauthorized system to the MAC filter

disallow list. Click Refresh to update the list to the most current status.

AP Mode

In this page, you can set up your gateway as either an access point (which connects wireless
machines to the Internet) or a bridge (which only exchanges data with another wireless
bridge). With an access point, wireless clients use infrastructure mode to communicate with
the gateway. In bridge mode, the gateway uses the Wireless Distribution System (WDS)
protocol to wirelessly communicate with the other wireless bridges.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX06.125\wui_...

第 3 頁，共 5 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

If you want to set up a bridge, one or both of the devices must know the other's WLAN MAC
address. Bridge Restrict can have one of these values:

 Enabled — restricts the gateway to communicating with bridges, and you enter the

WLAN MAC addresses of the other bridge(s) listed under Remote Bridges MAC
Address.

 Disabled — does not restrict the gateway to communicating with bridges. It can also

communicate with wireless clients.

Advanced Settings

This page is where you specify a number of advanced settings for wireless communications.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX06.125\wui_...

第 4 頁，共 5 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Note: After making any changes, click Apply to save.

Warning: The settings shown above are default settings. Changes made to these items can

cause wireless communication problems.

Field Description

AP isolation

Band

Channel

Rate

Multicast rate

Basic rate

Fragmentation
threshold

Enable this item if you do not want your wireless
machines to be able to communicate with each other.

This is the range of frequencies the gateway will use
to communicate with your wireless devices.

Drop-down menu that allows selection of specific
channel.

This drop-down list lets you specify the wireless
communication rate, which can be Auto (uses the
highest rate when possible, or else a lower rate) or a
fixed rate between 1 and 54 Mbps.

This drop-down list lets you specify the wireless
communication rate for multicast packets, which are
sent to more than one destination at a time. The
value can be Auto (uses the highest rate when
possible, or else a lower rate) or a fixed rate between
1 and 54 Mbps.

You have the option of supporting all rates listed in
Rate above or using the 1-, 2-Mbps rates, which
support only older 802.11b implementations.

A threshold, specified in bytes, that determines
whether packets will be fragmented and at what size.
On an 802.11 connection, packets that are larger the
fragmentation threshold are split into smaller units
suitable for the circuit size. Packets smaller than the
specified fragmentation threshold value are not
fragmented.

RTS threshold

Enter a value between 256 and 2346. If you
experience a high packet error rate, try to increase
this value slightly. Setting the fragmentation
threshold too low may result in poor performance.

This is number of bytes in the packet size beyond
which the gateway invokes its RTS/CTS (request to
send, clear to send) mechanism. Packets larger than
this threshold trigger the RTS/CTS mechanism, while
the gateway transmits smaller packets without using
RTS/CTS. The default setting of 2347, which is the
maximum, disables the RTS threshold mechanism.

A delivery traffic indication message (DTIM), also
known as a beacon, is a countdown informing
wireless clients of the next window for listening to
broadcast and multicast messages. When the

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX06.125\wui_...

DTIM interval

g

g

g

Beacon interval

第 5 頁，共 5 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

gateway has broadcast or multicast messages for its
clients, it sends its next DTIM message with this DTIM
interval value. The clients hear the beacons and
awaken as needed to receive the broadcast and
multicast messages.

The amount of time (in milliseconds) between beacon
transmissions, each of which identifies the presence
of an access point. By default, wireless clients
passively scan all radio channels, listening for
beacons coming from access points. Before a client
enters power-save mode, it needs the beacon interval
to determine when to wake up for the next beacon
(and learn whether the access point has any
messages for it). You can enter any value between 1
and 65535, but the recommended range is 1 - 1000.

MAXg is a feature in which two U.S. Robotics MAXg
devices can communicate with each other at twice the
normal rate.

+ is a technology that achieves higher throughput

54
with frame-bursting. With 54g+ enabled, aggregate
throughput (the sum of the individual throughput of

Acceleration

MAC address This is the gateway's WLAN MAC address.

54g mode

54g protection

WMM (Wi-Fi
multimedia)

WMM no­acknowledgement

Preamble

each network client) improves by up to 25% in

802.11g-only networks, and up to 75% in mixed
networks containing both 802.11g and 802.11b
equipment.

In this item, you can select either None, 54g+

(Xpress?, or MAXg (125 Mbps). If you are in
Bridge mode, MAXg (125 Mbps) is not supported.

Set this 54g+ mode to 54g Auto for the widest
compatibility, or to 54g Performance for the fastest
performance with 54g-certified equipment.

The 802.11g standards provide a protection method
so 802.11g and 802.11b devices can co-exist in the
same network without “speaking” at the same time.

Do not disable 54g protection if there is a possibility
that a 802.11b device will use your wireless network.
In Auto mode, the wireless devices use RTS/CTS to
improve 802.11g performance in mixed

802.11g/802.11b networks. Turn protection off to
maximize 802.11g throu

This item enables or disables Quality of Service
(QoS) processing of multimedia packets. In QoS,
some types of packets are
others.

No-acknowledgement refers to the acknowledge
policy used at the MAC level. Enabling no­acknowledge can result in more efficient throughput
but high error rates.

A preamble is a signal that synchronizes the timing
between two or more wireless devices, allowing all
wireless systems to recognise the start of
transmission.

hput under most conditions.

iven a higher priority than

© 2004-2005 U.S. Robotics Corporation.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX06.125\wui_...

Wireless MAXg ADSL Gateway
User Guide

Home Installation Configuration Help

Login Status Internet LAN Wireless Security Device Appendix

Security settings

These are the options available in the Security menu:

Wireless Security



 MAC Filter

Device Login



第 1 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

 Internet Access Control

IP Filtering - Outbound Filters



 IP Filtering - Inbound Filters

 Virtual Servers

 Port Triggering

 DMZ Host

Wireless security

The wireless security page allows you to configure the security features of your wireless
network.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 2 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

There are several security methods to choose from, depending on your needs and the
capabilities of your wireless machines.

 WEP open and WEP shared —WEP is an encryption scheme that is used to protect

your wireless data communications. WEP uses a combination of 64-bit keys or 128-bit
keys to provide access control to your network and encryption security for every data
transmission. To decode a data transmission, each wireless client on the network must
use an identical 64-bit or 128-bit key. WEP is an older wireless encryption method that
is not as hard to break as the more-recent WPA.

 802.1x — In 802.1x (also known as RADIUS), a separate machine called an

authentication server receives a user ID and password. It grants or denies access
based on whether the ID and password match any entries in its account list. You can
optionally enable WEP encryption with this option. Because it requires a separate
machine acting as the authentication server, 802.1x is most often used in business
enviroments.

 WPA with 802.1x (RADIUS) — WPA is a more recent encryption method that

addresses many of the weaknesses in WEP. Any client capable of WPA encryption
should use it instead of WEP. This option uses WPA and an authentication server.

WPA (PSK) — This is WPA encryption combined with a pre-shared key (PSK), which is



a text string known only to the gateway and authorized wireless clients. The gateway
rejects the login if the client's PSK does not match.

WPA2 with 802.1x (RADIUS) — WPA2 is a more advanced encryption method than



WPA. Because it is a more recent standard, some of your wireless devices might not be
able to use it. This option specifies WPA2 encryption and an authentication server.

 WPA2 (PSK) — This option uses WPA2 with a pre-shared key.

WPA2 and WPA with 802.1x (RADIUS) — This option supports an authentication



server and WPA2/WPA encryption for devices capable of one or the other standard. The
gateway automatically detects whether a particular device can use WPA2 or WPA.

 WPA2 AND WPA (PSK) — This has WPA2 or WPA encryption based on client abilities,

as well as a pre-shared key.

After making changes, click Apply to save.

MAC Filter

All network interface cards are built with a unique 48-bit MAC address. When MAC address

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 3 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

filtering is enabled, you can restrict the wireless devices that are allowed to connect to your
gateway by their respective MAC addresses. You could also grant access to any wireless
device whose MAC address is on its "allow" list.

These are the values for the MAC restrict mode:

 Allow all — Allow any wireless device to access your local network, which amounts to

turning off MAC filtering.

 Allow these — Let only the devices with the MAC addresses in the MAC filter list have

access to your wireless network.

 Deny these — Exclude only the devices with the MAC addresses in the MAC filter list

from accessing your wireless network. Allow access to any other MAC addresses.

Below the MAC restrict mode is a table showing all MAC addresses that the restrict mode
applies to. You can add up to 60 addresses to the list. For an example of adding MAC
addresses to the list and otherwise configuring MAC filtering, please see the Tutorials
section of this User Guide.

If you wish to delete an entry from the list, select the appropriate MAC restrict mode,
select the Remove checkbox for the entry you want to delete, and click the Remove button.

Device Login

You can use this page to change the password for the admin, support and user accounts.
(Their default passwords are admin, support, and user respectively.) Simply select an
account in the User name drop-down list, then enter the current and new passwords for the
account. Enter the new password a second time to confirm it. Then click Apply to save the
new password.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 4 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Internet Access Control

You can use the Internet Access Control page to create a parental control rule that keeps
certain network devices off the Internet for specific time periods. The rules can block access
for a defined time period on certain days of the week.

Note: If you want to use this feature, you must configure the gateway to synchronize its

time with at least one Internet time-of-day server. See Time
information.

This is the Internet Access Control page when there are no filters defined:

synchronization for more

Click Add to define an Internet access filter, and enter its settings in the following page. In
addition to the rule name, each rule you define has the MAC address of the machine to block,
the time period to block it for, and a list of days that the time-period block is enforced.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 5 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Caution: If you want to set up access control for a machine other than the one you're

currently using, select Other network device and enter that device's MAC address.

After configuring the Internet access filter, click Save to save it. Here's what it might look
like if you wanted to keep children off the Internet during after-school study hours:

IP Filtering - Outbound Filters

The gateway's firewall can block internal users or applications from accessing the Internet.
There are two ways to accomplish this:

Using the TCP/UDP port numbers to block internal users or applications (a technique



called port filtering).

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 6 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Using a combination of the source or destination port, protocol or source/destination IP



address to block a specific machine from accessing the Internet. This is also known as
address filtering. The outbound filter page allows you to block outgoing packet types
using either TCP, UDP, or a combination of both from specific ports.

For a tutorial on how to use the outbound filter page to keep a computer from accessing the
Internet, please click here

This is the outbound filtering page before adding a filter:

.

To remove an existing filter definition from the outbound filter table (the first screen shown
above), check the Remove checkbox for the filter and click the Remove button.

The following page appears after you click Add.

When you are done entering values for your filter, click Apply to save the filter.

These are the fields on the second page above (the page labeled Add IP Filter and
Outgoing), where you define a filter that specifies a set of conditions for which to block
access for one or more local machines.

Item Description
Filter name Enter a name for the filter here.
Protocol Select TCP, UDP, a combination of TPC & UDP, or ICMP.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 7 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Source IP
address

Source
subnet mask

Source port

Destination
IP address

Destination
subnet mask

Destination
port

Enter the IP address that you do not want to let access the
Internet or the destination address.

Enter the subnet mask for the source IP address.

Enter the source port number, or range of ports, for which
you want to block access.

Enter the IP address you do not want the source IP address
to have access to.

Enter the subnet mask for the destination IP address.

Enter the destination port number, or range of port
numbers, you want to block access.

IP Filtering - Inbound Filters

This page allows incoming packets to reach their intended destinations by specifying rules for
unblocking certain incoming packets. You could use it any time you want to allow restricted
access to a machine, or you could configure unlimited access to a particular system (for
example if one of your local machines is a Web server).

Click on Add to create a new inbound filter.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

This table describes the fields in this Add IP Filter page:

Field Description
Filter name Enter a name for your inbound filter here.
Protocol Selects TCP, UDP, or a combination of TCP/UDP.

Source IP
address

Source
subnet mask

Source port Enter a source port number, or a range of port numbers.
Destination

IP address
Destination

subnet mask
Destination

port

Enter the external IP address you want to allow access to
your internal address that appears in the Destination IP
address field.

Enter a subnet mask for the source IP address.

Enter the internal IP address you want to provide access to.

Enter a subnet mask for the destination IP address.

Enter the destination port number, or range of port
numbers, you want to allow access (for the destination IP).

第 8 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

After setting up your filter, click Apply to save it.

Virtual Servers

A virtual server allows you to direct incoming traffic from the Internet (identified by protocol
and external port) to an internal server with a private IP address on the LAN. If you need to
convert an external port you need to enter an internal port.

Click here

delete a virtual server, check the Remove checkbox for the appropriate line in the table and
click Remove.

to go to a tutorial showing you how to set up a virtual server. If you want to

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 9 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Note: If you set up a DMZ host, all packets for addresses other than those specified in this

page go to a designated DMZ machine.

Port Triggering

Port triggering is similar to a virtual server, except that it creates a dynamic or temporary
hole in the firewall. Port triggering is more secure than a virtual server, but it does not
support simultaneous use of the same ports by multiple systems. It allows remote systems
access through the gateway's firewall.

Click Add to set up port triggering for an Internet application. In the next page (shown
below), select the application name, which fills in the settings in the table below. If the
application you want is not in the list, select Custom application and fill in the table
parameters below. (See the application's documentation to find out what the settings should
be.) Click Apply to save the port trigger.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

第 10 頁，共 10 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

Note: A port trigger is available to a single active session. It cannot simultaneously support

same-port triggers to multiple clients.

DMZ Host

The de-militarized zone (DMZ) option is for forwarding IP packets from the Internet that are
not meant for any of the applications configured in the virtual server
are forwarded to a designated DMZ host computer. While a virtual server can only forward
(redirect) a limited number of services (ports), DMZ hosting allows all the services (ports)
running on the DMZ host to be accessible externally.

This is the DMZ Host page.

table. These packets

To configure the DMZ, simply enter the IP address of the computer that will function as the
DMZ host. Click Apply to save the DMZ address. To deactivate the DMZ feature, clear DMZ
host IP address and click Apply.

© 2004-2005 U.S. Robotics Corporation.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX25.500\wui_...

Wireless MAXg ADSL Gateway
User Guide

Home Installation Configuration Help

Login Status Internet LAN Wireless Security Device Appendix

Device settings

These are the options available in the Device menu:

Time



 Print Server

Back Up Settings



第 1 頁，共 8 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

 Restore Settings

Restart



 Upgrade

 Restore Defaults

 Diagnostics

 SNMP

Time

The gateway can synchronize its internal clock with time servers on the Internet. In this
page, you can configure how it does this.

To synchronize with the Internet time server(s), specify one or two servers by either
selecting them from a list or entering their IP addresses. Then select your time zone in the
Time zone offset and click Save.

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX08.296\wui_...

Item Description

Automatically
synchronize...

Time server 1

Time server 2

Time zone
offset

Enable this field if you want the
gateway to automatically
synchronise its internal time.

Select a primary time server for
the gateway to query. To use a
server that is not in the list, enter
its IP address in the box to the
right.

You can optionally specify a
second time server to query.

Select your time zone here — the
number of hours you are offset

from Greenwich mean time.

Print Server

第 2 頁，共 8 頁U.S. Robotics Wireless MAXg ADSL Gateway User Guide

A USB printer can be connected to the gateway and used as a network printer if you are
using an operating system that supports printing to an Internet Printing Protocol (IPP)-based
printer. Windows XP and 2000 have built-in support for this function, but other Windows
users will need to download either a Microsoft patch for their version of Windows or a third­party application. Refer to the documentation for your version of Windows for more
information. Other operating systems will need to either already support IPP-based printing
or download a third party application for their operating system.

Start by enabling the print server and entering the printer name, make and model. Then click
Save.

Now perform the following steps to install and set up the printer:

1. Connect the printer to the gateway. Plug the square end of a USB cable into the USB
port on your printer. Plug the thin rectangular end of the USB cable into the USB port
on the gateway. Connect the power supply to your printer and turn your printer on.

2. Set up your printer. Launch a Web browser. Go to the Web user interface by opening
the http://192.168.1.1 address (if you have changed this address, use the new
address).

3. Perform the following steps to set up your printer. You will need to do this on every
computer that is connected to your network that you want to be able to access the

2005/7/4file://C:\Documents%20and%20Settings\ivonne\Local%20Settings\Temp\Rar$EX08.296\wui_...