- 1. USER MANUAL
- 2. iContents1 Introduction ........................................................................................................11.1 Application.............................................................................................11.2 Features ................................................................................................21.3 Wireless Specifications..........................................................................31.4 Compliance Certificates.........................................................................41.5 Standards Compatibility and Compliance..............................................41.6 Supported Encapsulation ......................................................................51.7 Environment Requirements...................................................................51.8 System Requirements ...........................................................................51.9 Safety Cautions .....................................................................................91.10 LED Status Description........................................................................101.10.1 Front Panel..........................................................................101.10.2 Rear Panel .......................................................................... 112 Hardware Installation .......................................................................................122.1 Choosing the Best Location for Wireless Operation............................122.2 Connecting the ADSL Router ..............................................................132.3 Factory Reset Button...........................................................................143 Introduction to Web Configuration....................................................................173.1 Preparation Before Login.....................................................................173.2 Logging In to the Modem.....................................................................183.2.1 First-Time Login........................................................................183.3 DSL Router Device Information...........................................................193.3.1 Summary of Device Information ...............................................193.3.2 WAN Interface Information .......................................................203.3.3 Statistics of LAN........................................................................213.3.4 Statistics of WAN ......................................................................213.3.5 Statistics of ATM .......................................................................213.3.6 Statistics of ADSL .....................................................................223.3.7 Route Table Information............................................................263.3.8 ARP Table Information..............................................................263.4 Advanced Setup ..................................................................................273.4.1 WAN Configuration ...................................................................273.4.2 LAN Configuration ....................................................................473.4.3 NAT...........................................................................................48
- 3. ii3.4.4 Security.....................................................................................573.4.5 Quality of Service......................................................................613.4.6 Routing .....................................................................................703.4.7 DNS ..........................................................................................733.4.8 DSL...........................................................................................753.4.9 Port Mapping ............................................................................763.4.10 IPSec...................................................................................813.4.11 Certificate ............................................................................823.5 Wireless...............................................................................................853.5.1 Wireless LAN Basics ................................................................863.5.2 Wireless – Basic .......................................................................893.5.3 Wireless – Security...................................................................903.5.4 Wireless - MAC Filter................................................................983.5.5 Wireless – Bridge......................................................................993.5.6 Wireless – Advanced ..............................................................1013.5.7 Wireless -- Authenticated Stations..........................................1043.6 Diagnostics........................................................................................1053.7 Management......................................................................................1053.7.1 Settings...................................................................................1053.7.2 System Log.............................................................................1063.7.3 SNMP Agent ...........................................................................1093.7.4 TR-069 Client.......................................................................... 1103.7.5 Access Control........................................................................ 1103.7.6 Update Software..................................................................... 1123.7.7 Save/Reboot........................................................................... 1124 Q&A................................................................................................................ 114
- 4. 11 IntroductionThe Router is a highly ADSL2+ Integrated Access Device and can support ADSLlink with downstream up to 24 Mbps and upstream up to 1 Mbps. It is designed toprovide a simple and cost-effective ADSL Internet connection for a private Ethernetor 802.11g/802.11b wireless network. The Router combines high-speed ADSLInternet connection, IP routing for the LAN and wireless connectivity in onepackage. It is usually preferred to provide high access performance applications forthe individual users, the SOHOs, and the small enterprises.The Router is easy to install and use. The Modem connects to an Ethernet LAN orcomputers via standard Ethernet ports. The ADSL connection is made usingordinary telephone line with standard connectors. Multiple workstations can benetworked and connected to the Internet by a single Wide Area Network (WAN)interface and single global IP address. The advanced security enhancements,packet filtering and port redirection, can help protect your network from potentiallydevastating intrusions by malicious agents from outside your network.Network and Router management is done through the web-based managementinterface that can be accessed through the local Ethernet using any web browser.You may also enable remote management to enable configuration of the Router viathe WAN interface.The embedded 802.11g wireless access point provides Internet access andconnectivity to the Ethernet for 802.11g and 802.11b wireless workstations. IEEE802.11g is fully compatible with IEEE 802.11b wireless devices. The 802.11gstandard supports data transfer with rate up to 54 Mbps. The wireless access pointof router supports common security protocols that are used for wireless LANincluding 64/128 bits WEP encryption, 802.1x, WPA and WPA2.1.1 ApplicationHome gatewaySOHOsSmall enterprisesTV over IP (IPTV)Higher data rate broadband sharingShared broadband internet access
- 5. 2Audio and video streaming and transferPC file and application sharingNetwork and online gaming1.2 FeaturesADSL2+ interface complied with G.dmt, G.lite, T1.413, G.992.3(ADSL/ADSL2), G.992.5(ADSL2+), Annex A, Annex L.Hardware ATM segmentation & reassembly engine with CBR, rt- VBR,nrt-VBR, UBR- with-PCR, UBR4 x 10/100BASE-T/TX Ethernet switch portsIEEE802.11 b/g compatible Wireless Access PointSupport 64/128-bit WEP, 802.1x, WPA, and WPA2 for wireless securityTelnet, HTTP Web Management, TFTP, FTP for Firmware UpgradeVPN Pass Through on L2TP, PPTP, IPSecTransparent Bridging among 10/100 Mbps Ethernet and 802.11g wirelessLANConfiguration file backup and restoreSimple web based status page displays a snapshot of your systemconfiguration, and links to the configuration pages.Support DHCP server/client/relaySupport self-learning bridge (IEEE 802.1D Transparent Bridging)Support 64 learning MAC addresses at leastSupport IP source and destination routingSupport address Filtering, UPnP, NAT, NAPT, DMZ, IP QoSSupporting up to 8 PVCsSupport ATM forum UNI3.0, 3.1 and 4.0 Permanent Virtual Circuits (PVCs)Support ITU-T i.610F4/F5 OAMCommand Line Interface via serial port, telnet, or sshDate/time update from SNTP Internet Time ServerThree level login including local admin, local user and remote technicalsupport accessService access control based on incoming interface: WAN or LANProtect DOS attacks from WAN/LAN: SYN flooding, IP surfing, ping of Death,fraggle,- UDP ECHO (port 7) , teardrop, land.PAP (RFC1334), CHAP (RFC1994), MSCHAP for PPP session.
- 6. 3Support auto channeling for wirelessSupport a main SSID and a guest SSID for wirelessSupport RTS/CTS, Segment function for wirelessSupport STA Mutual isolation for wirelessSupport SES for wirelesssupport WDS for wirelessSupport Hide SSID for wirelessSupport MAC Access/Deny List for wirelessWMM support for wirelessPRE 54M: -66 dBm@10%PER; 11M: -80 dBm@8%PER for wirelessIndustry standard and interoperable DSL interface1.3 Wireless SpecificationsItem DescriptionNetwork StandardIEEE 802.11bIEEE 802.11gFrequency Range 2.40 GHz~2.4835 GHz ISM BandModulation802.11b: DBPSK, DQPS, CCK802.11g: BPSK, QPSK, 16QAM, 64QAMRF Power20 dBm (Max). Typ. 18 dBm @Normal Temp Range,802.11g: Typ. 15 dBm @ Normal Temp RangeAccess UserQuantity1 Pcs~ 14 Pcs/AP (Proposal)Channels11 (US and Canada)13 (Europe and China)14 (Japan)AP CapacityAuto-sensingData Rate802.11.b: 1 Mbps, 2 Mbps, 5.5 Mbps,11 Mbps802.11g: 6 Mbps, 9 Mbps, 12 Mbps,18 Mbps, 24 Mbps, 36 Mbps, 48Mbps, 54 Mbps1 Mbps DBPSK @ 0.81 Mbps2 Mbps DQPSK @ 1.58 MbpsPayload Rate5.5 Mbps CCK @ 4.07 Mbps
- 7. 4Item Description6 Mbps BPSK @ 4.64 Mbps9 Mbps BPSK @ 6.55 Mbps11 Mbps CCK @ 7.18 Mbps12 Mbps BPSK @ 8.31 Mbps18 Mbps QPSK @ 11.5 Mbps24 Mbps 6QAM @ 14.18 Mbps36 Mbps 16QAM @ 18.31 Mbps48 Mbps 64QAM @ 23.25 Mbps54 Mbps 64QAM @ 26.12 MbpsSecurity 64-bit/128-bit WEP, 802.1x, WPA, WPA2User Isolation MAC LevelMAC FilterEth Interface MAC Filter: SupportVacancy MAC Filter: SupportAuthenticationDHCP Client & Static IP: Support802.1X and Radius Client: SupportDHCP Server: SupportRadio Cover RageOutdoor: 120m~400mIndoor: 35m~100mAntenna Type Internal Diversity with Connector. 2 dBi1.4 Compliance CertificatesFCC Class BCE Mark1.5 Standards Compatibility and ComplianceRFC 2684 multi-protocol Encapsulation over ATM Adaptation Layer 5RFC1483 Multi-protocol Encapsulation over ATM Adaptation Layer 5RFC2364 PPP over ATM ALL5 (PPPoA)RFC2516 PPP Over Ethernet (PPPoE)RFC1662 PPP in HDLC-like FramingRFC1332 PPP Internet Protocol Control Protocol
- 8. 5RFC1577/2225 Classical IP and ARP over ATM (IPoA)RFC1483RRFC894 A Standard for the Transmission of IP Datagrams over EthernetNetworksRFC1042 A standard for the Transmission of IP Datagrams over IEEE 802NetworksMER (a.k.a IP over Ethernet over AAL5)Support ALG (Application Level Gateways)ITU G.992.1 (G.dmt)ITU G.992.2 (G.lite)ITU G.994.1 (G.hs)ITU G.992.3 (ADSL2)ITU G.992.5 (ADSL2+)ANSI T1.413 issue 2IEEE802.3IEEE802.3uIEEE 802.11bIEEE 802.11g1.6 Supported EncapsulationRFC 1483 bridgeRFC 1483 RouterClassical IP over ATM (RFC 1577)PPP over ATM (RFC 2364)PPP over Ethernet (RFC 2516)1.7 Environment RequirementsOperating temperature: 0ºC~40ºC (32ºF to 104ºF)Storage temperature: -20ºC~70ºC (-4ºF to 158ºF)Operating humidity: 10%~95%, non-condensingStorage humidity: 5%~95%, non-condensing1.8 System RequirementsRecommended system requirements are as follows:
- 9. 6Pentium 233 MHZ or aboveMemory: 64 Mbps or above10M Base-T Ethernet or aboveWindows 9x, Windows 2000, Windows XP, Windows ME, Windows NTEthernet network interface cardThe following information is very helpful for your ADSL configuration. To keep arecord for reference, fill in the column as follows.Collect the following information from your ADSL service provider.Item Description EnterInformation inThis ColumnVPIMost users are not required to changethis setting. The virtual path identifier(VPI) is used in conjunction with thevirtual channel identifier (VCI) to identifythe data path between the network ofyour ADSL service provider and yourcomputer. If you set up the Router formultiple virtual connections, you need toconfigure the VPI and VCI as instructedby your ADSL service provider foradditional connections. You can changethis setting by accessing the WAN menuof the web management interface.VCIMost users are not required to changethis setting. The VCI used in conjunctionwith the VPI to identify the data pathbetween the network of your ADSLservice provider and your computer. Ifyou set up the Router for multiple virtualconnections, you need to configure theVPI and VCI as instructed by your ADSLservice provider for additionalconnections. You can change this settingby accessing the WAN menu of the webmanagement interface.
- 10. 7Item Description EnterInformation inThis ColumnConnectionandEncapsulationTypeThis is the method your ADSL serviceprovider uses to transmit data betweenthe Internet and your computer. Mostusers use the default PPPoE/PPPoAconnection type. The Setup Wizard canbe used to configure a PPPoE/PPPoAconnection type. You may need to specifyone of the following connection types:PPPoE LLC, PPPoA LLC and PPPoAVC-MUX. Other available connectionsand encapsulation combinations must beconfigured by using the Web manager.These include the Bridge Mode (1483Bridged IP LLC or 1483 Bridged IPVC-MUX), Static IP (Bridged IP LLC,1483 Bridged IP VC-MUX, 1483 RoutedIP LLC, 1483 Routed IP VC-MUX orIPoA), etc.UsernameThis is the user name used to log in to thenetwork of your ADSL service provider. Itis usually in the form of user@isp.com.Your ADSL service provider uses this toidentify your account.PasswordThis is the password used, in conjunctionwith the user name previously mentioned,to log in to the network of your ADSLservice provider. It is used to verify theidentity of your account.Necessary information about your DSL Router Residential Gateway is as follows.
- 11. 8Item Description EnterInformation inThis ColumnLAN IPaddressesfor theDSLRouterThis is the IP address you enter in theAddress field in the Web browser to accessthe configuration graphical user interface(GUI) of the gateway. The default IP addressis 192.168.1.1 and it is referred to as the“Management IP” address in this UserManual. You can change this to suit anydesired IP address scheme. This address isthe basic IP address used for DHCP serviceon the LAN when DHCP is enabled.LANSubnetMask forthe DSLRouterThis is the subnet mask used by the DSLRouter, and is used throughout your LAN.The default subnet mask is 255.255.255.0.You can change it later.UsernameThis is the user name used to access themanagement interface of the gateway, whenyou attempt to connect to the device througha web browser. The default username of theRouter is admin. It cannot be changed.PasswordThis is the password required when youaccess the management interface of thegateway. The default password is admin. Itcannot be changed.Necessary information about your LAN or computer is as follows.Item Description EnterInformation inThis ColumnEthernetNICIf your computer has an Ethernet NIC, you canconnect the DSL Router to this Ethernet portusing an Ethernet cable. You can also use theEthernet ports on the DSL Router to connect to
- 12. 9Item Description EnterInformation inThis Columnother computer or Ethernet devices.DHCPClientstatusBy default, your DSL Router ResidentialGateway is configured as a DHCP server. Thismeans that it can assign an IP address, asubnet mask, and a default gateway addressto computers on your LAN. The default rangeof IP addresses that the DSL Router assigns isfrom 192.168.1.2 to 192.168.1.254. You needto set your computer (or computers) to Obtainan IP address automatically (that is, to setcomputers as DHCP clients.)1.9 Safety CautionsFollow the announcements below to protect the device from risks and damagecaused by fire and electric power.Use volume labels to mark the type of power.Use the power adapter that is packed within the device package.Pay attention to the power load of the outlet or prolonged lines. Anoverburden power outlet or damaged lines and plugs may cause electricshock or fire accident. Check the power cords regularly. If you find anydamage, replace it at once.Proper space left for heat radiation is necessary to avoid any damagecaused by overheating to the device. The holes are designed for heatradiation to ensure that the device works normally. Do not cover these heatradiant holes.Do not put this device close to a place where a heat source exits or hightemperature occurs. Avoid the device from direct sunshine.Do not put this device close to a place where is over damp or watery. Do notspill any fluid on this device.
- 13. 10Do not connect this device to any PC or electronic product, unless ourcustomer engineer or your broadband provider instructs you to do this,because any wrong connection may cause any power or fire risk.Do not place this device on an unstable surface or support.1.10 LED Status Description1.10.1 Front PanelIndicator Status DescriptionOff The power is off.GreenThe power is on and the device operatesnormally.The power is self-testing.The device enters the console mode ofthe boot loader.RedThe self-testing of the power fails if theLED is always red.PowerBlink Red or Green Upgrading software.Off No signal is detected.Slow Blink Green The DSL line is transferring.Fast Blink Green The DSL line is training.ADSLGreen The DSL line connection is established.Off No Internet connectionGreenThe Internet connection is established.The users can access the Internet.Blink Green The Internet data is transmitting.InternetRedDevice attempts to become Internetconnected but fails (no DHCP response,no PPPoE response, PPPoEauthentication failed, no IP address fromIPCP, etc.)
- 14. 11Indicator Status DescriptionOff No Ethernet signal is detected.Blink GreenThe user data is passing throughEthernet port.LAN1/2/3/4Green Ethernet interface is ready to workOff No radio signal is detected.Blink GreenThe user data is passing through WLANport.WLANGreen WLAN interface is ready to work.1.10.2 Rear PanelInterface DescriptionWireless antenna.LineRJ-11 port, using the telephone line to connect the modemwith the ADSL cable or splitter.LAN 1~4RJ-45 port, connect the modem to a PC or other networkdevice. If you configure port mapping in the WEB page, theport of LANI can be bound with IPTV service.PowerPower supplied port, plug in for power adapter that the powerinput is 12V DC, 800 mA.ResetTo restore the factory default, keep the device powered onand push a needle into the hole. Press down the button about3 seconds and then release.WLAN Press the button to enable the WLAN service.On/Off Power switch.
- 15. 122 Hardware InstallationThe DSL Router has three separate interfaces, an Ethernet LAN, a wireless LANand an ADSL (WAN) interfaces. Place the Router in a location where it can beconnected to the various devices as well as to a power source. The Router shouldnot be located where it is exposed to moisture or excessive heat. Ensure thatcables and the power cord are placed safely out of the way so they do not create atripping hazard. As with any electrical appliance, observe common sense safetyprocedures.The Router can be placed on a shelf or desktop, ideally you should be able to seethe LED indicators in the front, as you may need to view them for troubleshooting.2.1 Choosing the Best Location for WirelessOperationMany environmental factors may affect the effective wireless function of the DSLRouter. If this is the first time that you set up a wireless network device, read thefollowing information.The access point can be placed on a shelf or desktop, ideally you should be able tosee the LED indicators in the front, as you may need to view them fortroubleshooting.Designed to go up to 100 meters indoors and up to 300 meters outdoors, wirelessLAN lets you access your network from anywhere you want. However, the numbersof walls, ceilings, or other objects that the wireless signals must pass through limitsignal range. Typical ranges vary depending on types of materials and backgroundRF noise in your home or business. For optimum range and signal strength, usethese basic guidelines.Keep the numbers of walls and ceilings to the minimum:The signal emitted from wireless LAN devices can penetrate through ceilingsand walls. However, each wall or ceiling can reduce the range of wirelessLAN devices from 1 ~ 30 miters. Position your wireless devices so that thenumber of walls or ceilings obstructing the signal path is minimized.Consider the direct line between access points and workstations:A wall that is 0.5 meters thick, at a 45-degree angle appears to be almost 1meter thick. At a 2-degree angle, it appears over 14 meters thick. Be careful
- 16. 13to position access points and client adapters so the signal can travel straightthrough (90º angle) a wall or ceiling for better reception.Building materials make difference:Buildings constructed using metal framing or doors can reduce effectiverange of the device. If possible, position wireless devices so that theirsignals can pass through drywall or open doorways. Avoid positioning themin the way that their signal must pass through metallic materials. Pouredconcrete walls are reinforced with steel while cinderblock walls generallyhave little or no structural steel.Position the antenna for best reception:Play around with the antenna position to see if signal strength improves.Some adapters or access points allow you to judge the strength of thesignal.Keep your product away (at least 1~2 meters) from electrical devices:Keep wireless devices away from electrical devices that generate RF noisesuch as microwave ovens, monitors, electric motors, etc.2.2 Connecting the ADSL RouterSee the following figure. Connect the DSL port of the DSL Router with atelephone cable.Connect the LAN port of the DSL Router to the network card of the PC via anEthernet cable.Plug one end of the power adapter to the wall outlet and connect the otherend to the PWR port of the DSL Router.The following figure displays the connection of the DSL Router, PC, andtelephones.
- 17. 14Figure 1 No Phone sets are Installed Before the SplitterFigure 2 Phone sets are Installed before the Splitter2.3 Factory Reset ButtonThe Router may be reset to the original factory default settings by depressing thereset button for a few seconds while the device is powered on. Use a ballpoint orpaperclip to gently push down the reset button. Remember that this wipes out anysettings stored in the flash memory, including user account information and LAN IPsettings. The device settings are restored to the following factory defaults: the IPaddress is 192.168.1.1, subnet mask is 255.255.255.0, user name formanagement is admin, and password is admin.
- 18. 173 Introduction to Web ConfigurationThe first time you setup the Router. It is recommended that you configure the WANconnection using a single computer, to ensure that both the computer and theRouter are not connected to the LAN. Once the WAN connection operates properly,you may continue to make changes to Router configuration, including IP settingsand DHCP setup. This chapter is concerned with using your computer to configurethe WAN connection. The following chapter describes the various menus used toconfigure and monitor the Router, including how to change IP settings and DHCPserver setup.3.1 Preparation Before LoginBefore accessing the Modem, ensure the communication between PC and Modemis normal. Check the communication as follows.Configure the IP address of the PC as 192.168.1.X (2~254), net mask as255. 255.255.0, gateway address as 192. 168.1.1 (for customized version,configure them according to the actual version).Enter arp -a in the DOS window to check whether the PC can read the MACaddress of the Modem.Ping the management IP address (192.168.1.1 by default) of the Modem.
- 19. 18If the PC can read the MAC address of the Modem and can ping through themanagement IP address of the Modem, that means the communication of the PCand the Modem is normal.Note: When you manage the Modem through Web, you must keep the Modempower on. Otherwise, the Modem may be damaged.3.2 Logging In to the ModemThe following description is a detail “How-To” user guide and is prepared for firsttime users.3.2.1 First-Time LoginWhen you log in to the DSL Router for the first time, the login wizard appears.Step 1 Open a Web browser on your computer.Step 2 Enter http://192.168.1.1 (DSL router default IP address) in the address bar.The login page appears.Step 3 Enter a user name and the password. The default username and password ofthe super user are admin and admin. The username and password ofthe common user are user and user. You need not enter the usernameand password again if you select the option Remember my password.It is recommended to change these default values after logging in to theDSL router for the first time.Step 4 Click OK to log in or click Cancel to exit the login page.
- 20. 19After logging in to the DSL router as a super user, you can query, configure, andmodify all configurations, and diagnose the system.You need to reboot the DSL router to enable your modification or configurationeffective in some cases, for example, after you modify the PVC configuration.Some modification, such as adding a static route, takes effect at once, and doesnot require modem reboot.3.3 DSL Router Device InformationClick Device Info and you can view the following information.SummaryWANStatisticsRouteARP3.3.1 Summary of Device InformationClick Summary and the following interface appears.
- 21. 20LAN IP Address: the management IP address.Default Gateway: In the bridging mode there is no gateway. In other modes,it is the address of the uplink equipment, for example, PPPOE/PPPOA.DNS Server: In the PPPoE / PPPoA mode, it is obtained from the uplinkequipment. In the bridging mode, there is no DNS Server address and youcan manually enter the information.3.3.2 WAN Interface InformationClick WAN and the following page appears. The WAN Info page displays thestatus and the connect or disconnect button, depending on the selected connectionmode.
- 22. 213.3.3 Statistics of LANChoose Statistics > LAN and the following page appears. You can queryinformation of packets recevied at the Ethernet and wireless interfaces. ClickReset Statistics to restore the values to zero and recount them.3.3.4 Statistics of WANClick Statistics > WAN and the following page appears. You can query informationof packets recevied at the WAN interfaces. Click Reset Statistics to restore thevalues to zero and recount them.3.3.5 Statistics of ATMClick Statistics > ATM and the following page appears. You can query informationof packets recevied at the ATM interfaces. Click Reset to restore the values to zeroand recount them.
- 23. 223.3.6 Statistics of ADSLClick Statistics > ADSL and the following page appears.If the DSL line is activated, the window shows as follows.
- 24. 23Click Reset Statistics at the bottom to restore the values to zero and recountthem.
- 25. 243.3.6.1 ADSL BER TestClick ADSL BER Test to perform a bit error rate (BER) test on the DSL line. Thetest page is as follows.The Tested Time (sec) can be 1, 5, 10, 20, 60, 120, 180, 240, 300, or 360. Selecta time and click Start. The following pages appear.
- 26. 25
- 27. 26Note: If the BER reaches e-5, you cannot access the Internet.3.3.7 Route Table InformationClick Route, and if the system is in the default configuration, the following pageappears.If the configuration of modem is as PPPoE/PPPoA dial-up, the page showsdifferent.3.3.8 ARP Table InformationClick ARP and the following page appears. You can query the MAC and IP addressinformation of the equipment attached to the modem.
- 28. 273.4 Advanced Setup3.4.1 WAN ConfigurationClick Advanced Setup > WAN, and the following page appears, so you can modifyand configure the WAN interface.Note: After a PVC is deleted or modified, the system must be rebooted. Otherwise,the modification does not take effect.Click Add, Edit, or Remove to configure WAN interface.Click Save/Reboot to save the modification, and reboot the modem to make themodification effective.The section shows you how to add PVC.3.4.1.1 PPPoE ConfigurationThis section describes the procedure for adding PVC 0/35 (PPPoE mode).Step 5 Click Add and the following page appears. In this page, you can modifyVPI/VCI, service categories, and QoS.
- 29. 28VPI: Virtual path between two points in an ATM network. Its valid value rangeis from 0 to 255.VCI: Virtual channel between two points in an ATM network. Its valid valuerange is from 32 to 65535 (1 to 31 are reserved for known protocols).Service Category: UBR Without PCR/UBR With PCR/CBR/Non RealtimeVBR/Realtime VBR.Enable Quality Of Service: Enable or disable QoS.In this example, PVC 0/35 is to be modified and the default values of servicecategory remain. In actual applications, you can modify them as required.After proper modifications, click Next and the following page appears.Step 6 In this page, you can modify the Internet connection type andencapsulation type.
- 30. 29Change the connection type of PVC 0/35 to PPP over Ethernet (PPPoE) and setthe Encapsulation Mode to LLC/SNAP-BRIDGING (according to the uplinkequipment).Enable the 802.1q VLAN tag value.Note: that 802.1q VLAN tagging is only available for PPPoE, MER, and Bridge.Click Next and the following page appears.Step 7 In this page, you can modify the PPP user name, PPP password,authentication method, and so on.
- 31. 30PPP Username: The correct user name that your ISP provides to you.PPP Password: The correct password that your ISP provides to you.PPPoE Service Name: If your ISP provides it to you, please enter it. If not, do notenter any information.Authentication Method: The value can be AUTO, PAP, CHAP, or MSCHAP.Usually, you can select AUTO.Dial on demand (with idle timeout timer): If this function is enabled, you need toenter the idle timeout time. Within the preset minutes, if the modem does not detectthe flow of the user continuously, the modem automatically stops the PPPOEconnection. Once it detects the flow (like access to a webpage), the modemrestarts the PPPOE dialup.If this function is disabled, the modem performs PPPOE dial-up all the time. ThePPPOE connnection does not stop, unless the modem is powered off and DSLAMor uplink equipment is abnormal.
- 32. 31PPP IP extension: If this function is enabled, the WAN IP address obtained by themodem through built-in dial-up can be directly assigned to the PC being attachedto the modem (at this time, the modem connects to only one PC). From the aspectof the PC user, the PC dials up to obtain an IP addres. But actually, the dial-up isdone by the modem.If this function is disabled, the modem itself obtains the WAN IP address.Use Static IP Address: If this function is disabled, the modem obtains an IPaddress assigned by an uplink equipment such as BAS, through PPPoE dial-up.Ifthis function is enabled, the modem uses this IP address as the WAN IP address.After entering the PPP user name and password, click Next and the following pageappears.In this page, you can modify the service name, and enable or disable the IGMPmulticast and WAN service.Enable IGMP Multicast: IGMP proxy. For example, if you wish that the PPPoEmode supports IPTV, enable this function.Enable WAN Service: Enable it, unless you do not want to active the PVC.Click Next and the following page appears.This page shows all the configuration. You can view the default values of NATenable and Firewall enable.
- 33. 32To save the settings, click Save. To make any modifications, click Back. After youclick Save, the following page appears.Note: You need to reboot the modem to activate this WAN interface and furtherconfigure services in this interface.3.4.1.2 PPPoA ConfigurationThis section describes the procedure for adding PVC 8/35 (PPPOA mode). ClickAdd and the following page appears. In this page, you can modify VPI/VCI, servicecategories, and QoS.
- 34. 33In this example, PVC 8/35 is to be modified and the default values of servicecategory remain. In actual applications, you can modify them as required.After proper modifications, click Next and the following page appears.In this page, you can modify the Internet Connection Type and Encapsulation Type.
- 35. 34Change the connection type of PVC 8/35 to PPP over ATM (PPPoA) and set theEncapsulation Mode to VC/MUX (according to the uplink equipment). Click Nextand the following page appears.In this page, you can modify the PPP Username, PPP Password, AuthenticationMethod, and so on.After entering the PPP user name and password, click Next and the following pageappears.In this page, you can modify the service name, and enable or disable the IGMPmulticast and WAN service.
- 36. 35Click Next and the following page appears.This page shows all the configuration. You can view the default values of NATenable and Firewall enable.To save the settings, click Save. To make any modifications, click Back.Note: You need to reboot the modem to activate this WAN interface and furtherconfigure services in this interface.
- 37. 363.4.1.3 MER ConfigurationThis section describes the procedure for adding PVC 8/35 (MER mode).Click Add and the following page appears. In this page, you can modify VPI/VCIs,service categories and QoS.In this example, PVC 8/35 is to be modified and the default values of servicecategory remain. In actual applications, you can modify them as required.After proper modifications, click Next and the following page appears.In this page, you can modify the Internet connection type and encapsulation type.Change the connection type of PVC 8/35 to MAC Encapsulation Routing (MER)and set the Encapsulation Mode to LLC/SNAP-BRIDGING (according to theuplink equipment).
- 38. 37Click Next and the following page appears.In this page, you can modify the WAN IP address, default gateway, and DNS serversettings.
- 39. 38Obtain an IP address automatically: The modem obtains a (WAN) IP addressautomatically and at this time it enables DHCP client functions. The WAN IPaddress is obtained from the uplink equipment like BAS and the uplink equipmentis required to enable the DHCP server functions.Use the following IP address: If you want to manually enter the WAN IP address,select this check box and enter the information in the field.WAN IP Address: Enter the IP address of the WAN interface provided by your ISP.WAN Subnet Mask: Enter the subnet mask concerned to the IP address of theWAN interface provided by your ISP.Obtain default gateway automatically: Obtain the IP address of the defaultgateway assigned by the uplink equipment such as BAS.Use the following default gateway: If you want to manually enter the IP addressof the default gateway, select this check box and enter the information in the fields.Use IP Address: Enter the gateway of the WAN interface provided by your ISP.Use WAN Interface: As to BAS equipment, it is the IP address of the downlinkinterface.Obtain DNS server address automatically: To obtain the IP address of the DNSserver assigned by the uplink equipment such as BAS.
- 40. 39Use the following DNS server addresses: If you want to manually enter the IPaddress of the DNS server, select this check box and enter the information in thefields.Primary DNS server: Enter the IP address of the primary DNS server.Secondary DNS server: Enter the IP address of the secondary DNS serverprovided by your ISP.After proper modifications, click Next and the following page appears.In this page, you can modify the service name, and enable or disable the NAT,firewall, IGMP multicast, and WAN service.Enable NAT: Select it to enable the NAT functions of the modem. If you do notwant to enable NAT and wish the modem user to access the Internet normally, youmust add a route on the uplink equipment. Otherwise, the access to the Internetfails. It is normal to enable NAT.Enable Firewall: Enable or disable IP filtering.Enable IGMP Multicast: IGMP proxy. For example, if you wish that the MER modesupports IPTV, enable this function.Enable WAN Service: Enable it, unless you do not want to active the PVC.Click Next and the following page appears.This page shows all the configuration.
- 41. 40
- 42. 41To save the settings, click Save. To make any modifications, click Back.Note: You need to reboot the modem to activate this WAN interface and furtherconfigure services in this interface.3.4.1.4 IPoA ConfigurationThis section describes the procedure for adding PVC 8/35 (IPoA mode).Click Add and the following page appears. In this page, you can modify VPI/VCIs,service categories, and QoS.In this example, PVC 8/35 is to be modified and the default values of servicecategory remain. In actual applications, you can modify them as required.After proper modifications, click Next and the following page appears.In this page, you can modify the Internet connection type and encapsulation type.Change the connection type of PVC 8/35 to IP over ATM (IPoA) and set theEncapsulation Mode to LLC/SNAP-ROUTING (according to the uplinkequipment).
- 43. 42Click Next and the following page appears.In this page, you can modify the WAN IP, default gateway, and DNS serversettings.
- 44. 43WAN IP Address: Enter the IP address of the WAN interface provided by your ISP.WAN Subnet Mask: Enter the subnet mask concerned to the IP address of theWAN interface provided by your ISP.Use the following default gateway: If you want to manually enter the IP addressof the default gateway, select this check box and enter the information in the fields.Use IP Address: Enter the gateway of the WAN interface provided by your ISP.Use WAN Interface: As to BAS equipment, it is the IP address of the downlinkinterface.Use the following DNS server addesses: If you want to manually enter the IPaddress of the DNS server, select this check box and enter the information in thefields.Primary DNS server: Enter the IP address of the primary DNS server.Secondary DNS server: Enter the IP address of the secondary DNS serverprovided by your ISP.After proper modifications, click Next and the following page appears.In this page, you can modify the service name, and enable or disable the NAT,firewall, IGMP multicast, and WAN service.
- 45. 44Enable NAT: Select it to enable the NAT functions of the modem. If you do notwant to enable NAT and wish the modem user to access the Internet normally, youmust add a route on the uplink equipment. Otherwise, the access to the Internetfails. Normally, NAT should be enabled.Enable Firewall: Enable or disable IP filtering.Enable IGMP Multicast: IGMP proxy. For example, if you wish that the IPoA modesupports IPTV, enable this function.Enable WAN Service: Enable it, unless you do not want to active the PVC.Click Next and the following page appears.This page shows all the configuration.
- 46. 45To save the settings, click Save. To make any modifications, click Back.Note: You need to reboot to the modem to activate this WAN interface and furtherconfigure services in this interface.3.4.1.5 Bridge ConfigurationThis section describes the procedure for adding PVC 8/35 (Bridge mode).Click Add, and the following page appears. In this page, you can modify VPI/VCIs,service categories, and QoS.In this example, PVC 8/35 is to be modified and the default values of servicecategory remain. In actual applications, you can modify them as required.After proper modifications, click Next and the following page appears.In this page, you can modify the Internet connection type and encapsulation type.
- 47. 46Click Next and the following page appears.In this page, you can modify the service name.Enable Bridge Service: Enable it, unless you do not want to active the PVC.Click Next and the following page appears.This page shows all the configuration.
- 48. 47To save the settings, click Save. To make any modifications, click Back.Note: You need to reboot the modem to activate this WAN interface and furtherconfigure services in this interface.3.4.2 LAN ConfigurationIn this interface, you can modify and configure IP Address and DHCP Server.
- 49. 483.4.3 NATNote: If the connection is Bridge PVC, you can not view the NAT item.3.4.3.1 OverviewSetting up the NAT FunctionThe DSL router is equipped with the network address translation (NAT)function. With address mapping, several users in the local network canaccess the Internet via one or more public IP addresses. All the local IPaddresses are assigned to the public IP address of the router by default.One of the characteristics of NAT is that data from the Internet is not allowedinto the local network unless it is explicitly requested by one of the PCs in thenetwork. Most Internet applications can run behind the NAT firewall without
- 50. 49any problems. For example, if you request Internet pages or send andreceive e-mails, the request for data from the Internet comes from a PC inthe local network, and so the router allows the data to pass through. Therouter opens one specific port for the application. A port in this context is aninternal PC address, via which the data is exchanged between the Internetand a client on a PC in the local network. Communicating via a port issubject to the rules of a particular protocol (TCP or UDP).If an external application tries to send a call to a PC in the local network, therouter blocks it. There is no open port via which the data could enter the localnetwork. Some applications, such as games on the Internet, require severallinks (that is. several ports), so that players can communicate with eachother. In addition, these applications must also be permitted to sendrequests from other users on the Internet to users in the local network.These applications cannot run if NAT is activated.Using port forwarding (the forwarding of requests to particular ports), therouter is forced to send requests from the Internet for a certain service, forexample, a game, to the appropriate port(s) on the PC on which the game isrunning. Port triggering is a special variant of port forwarding. Unlike portforwarding, the DSL router forwards the data from the port block to the PCwhich has previously sent data to the Internet via a certain port (trigger port).This means that approval for the data transfer is not tied to one specific PCin the network, but rather to the port numbers of the required Internet service.Where configuration is concerned, you must define a so-called trigger portfor the application and also the protocol (TCP or UDP) that this port uses.You then assign the public ports that are to be opened for the application tothis trigger port. The router checks all outgoing data for the port number andprotocol. If it identifies a match of port and protocol for a defined trigger port,then it opens the assigned public ports and notes the IP address of the PCthat sent the data. If data comes back from the Internet via one of thesepublic ports, the router allows it to pass through and directs it to theappropriate PC. A trigger event always comes from a PC within the localnetwork. If a trigger port is addressed from outside, the router simply ignoresit.Note:An application that is configured for port triggering can only be run by oneuser in the local network at a time.
- 51. 50After public ports are opened, they can be used by unauthorized persons togain access to a PC in the local network.When the DSL router is supplied, the NAT function is activated. For example,all IP addresses of PCs in the local network are converted to the public IPaddress of the router when accessing the Internet. You can use NAT settingsto configure the DSL router to carry out the following tasks.For functions described as follows, IP addresses of the PCs must remainunchanged. If the IP addresses of the PCs are assigned via the DHCPserver of the DSL router, you must disable DHCP server as the settings inthe local network menu entry for the lease time or assign static IP addressesfor the PCs.You can enable or disenable the NAT function. By default, the NAT function isenabled.3.4.3.2 NAT-Virtual Server SetupBy default, DSL router blocks all external users from connecting to orcommunicating with your network. Therefore, the system is safe from hackers whomay try to intrude into the network and damage it.However, you may want to expose your network to the Internet in limited andcontrolled ways in order to enable some applications to work from the LAN (forexample, game, voice, and chat applications) and to enable Internet access toservers in the home network. The port forwarding feature supports bothfunctionalities. This topic is also referred as Local Servers.The port forwarding page is used to define applications that require specialhandling by DSL router. All you need to do is to select the application protocol andthe local IP address of the computer that is using or providing the service. Ifrequired, you may add new protocols in addition to the most common onesprovided by DSL router.For example, if you wanted to use a file transfer protocol (FTP) application on oneof your PCs, you would simply select FTP from the list and enter the local IPaddress or host name of the designated computer. All FTP-related data arriving atDSL router from the Internet henceforth is forwarded to the specific computer.Similarly, you can grant Internet users access to servers inside your home network,by identifying each service and the PC that provide it. This is useful, for example, ifyou want to host a Web server inside your home network.
- 52. 51When an Internet user points his/her browser to DSL router external IP address,the gateway forwards the incoming HTTP request to your Web server. With oneexternal IP address (DSL router main IP address), different applications can beassigned to your LAN computers, however each type of application is limited to useone computer.For example, you can define that FTP uses address X to reach computer A andTelnet also uses address X to reach computer A. But attempting to define FTP touse address X to reach both computer A and B fails. DSL router, therefore,provides the ability to add additional public IP addresses to port forwarding rules,which you must obtain from your ISP, and enter into the IP addresses pool. Then,you can define FTP to use address X to reach computer A and address Y to reachcomputer B.Additionally, port forwarding enables you to redirect traffic to a different port insteadof the one to which it was designated. For example, if you have a Web serverrunning on your PC on port 8080 and you want to grant access to this server to anyone who accesses DSL router via HTTP.To accomplish this, do as follows:Step 1 Define a port forwarding rule for the HTTP service, with the PC IP or hostname.Step 2 Specify 8080 in the Forward to Port field.All incoming HTTP traffic is forwarded to the PC running the Web server on port8080. When setting a port forwarding service, ensure that the port is not used byanother application, which may stop functioning. A common example is when usingSIP signaling in Voice over IP, the port used by the gateway VoIP application (5060)is the same port, on which port forwarding is set for LAN SIP agents.Note: Some applications, such as FTP, TFTP, PPTP and H323, require the supportof special specific application level gateway (ALG) modules in order towork inside the home network. Data packets associated with theseapplications contain information that allows them to be routed correctly. AnALG is needed to handle these packets and ensure that they reach theirintended destinations. DSL router is equipped with a robust list of ALGmodules in order to enable maximum functionality in the home network.The ALG is automatically assigned based on the destination port.Virtual servers are configured for this purpose.
- 53. 52Adding Port ForwardingStep 1 To set up virtual servers for a service, select Advanced Setup > NAT >Virtual Servers, and click Add.
- 54. 53Figure 3 Adding virtual serversStep 2 Select a service or enter a custom server.Step 3 Set Server IP Address.Step 4 Enter the server IP address of the computer that provides the service (theserver in the local host field). Note that unless an additional external IPaddress is added, only one LAN computer can be assigned to provide aspecific service or application.Step 5 Set External Port Start and External Port End.Step 6 Select Protocol.Step 7 Set Internal Port Start and Internal Port End.Step 8 Enter Remote IP.Step 9 Click Save/apply to apply the settings.If the application you require is not in the list, manually enter the information.Select the protocol for the service you are providing from the Protocol drop-downlist. Under External Port, enter the port number of the service you are providing. Inthe Internal Port field, enter the internal port number, to which service requests are
- 55. 54to be forwarded. In the Local IP Address field, enter the IP address of the PC thatprovides the service.ExampleThe Web server is configured to react to requests on port 8080. However, therequests from websites enter the Web server via port 80 (standard value). If youadd the PC to the forwarding table and define port 80 as the public port and port8080 as an internal port, all requests from the Internet are diverted to the servicewith port 80 on the Web server of the PC you have defined with port 8080.Deleting Port ForwardingStep 1 Select the Remove check box.Step 2 Click Remove to apply the settings.3.4.3.3 Port TriggeringIf you configure port triggering for a certain application, you need to determine aso-called trigger port and the protocol (TCP or UDP) that this port uses. You thenassign the public ports that are to be opened for the application to this trigger port.You can select known Internet services or manually assign ports or port blocks.Adding Port TriggeringStep 1 To set up port triggering for a service, select Advanced Settings > NAT >Port Triggering, and click Add.
- 56. 55Step 2 Select the required application from the Select an application drop-down list,or manually enter the information in the Custom application field.Trigger Port Start and Trigger Port End: enter the port that is to bemonitored for outgoing data traffic.Trigger Protocol: select the protocol that is to be monitored for outgoingdata traffic.Open Protocol: select the protocol that is to be allowed for incoming datatrafficOpen Port Start and Open Port End: enter the port that is to be opened forincoming traffic.Step 3 Click Save/Apply to apply the settings.Removing Port TriggeringStep 1 Select the Remove check box.Step 2 Click Save/Apply to apply the settings.
- 57. 563.4.3.4 DMZ HostFigure 4 DMZ hostThe demilitarized military zone (DMZ) host feature allows one local computer to beexposed to the Internet. This function is applicable for:Users who want to use a special-purpose Internet service, such as anon-line game or video conferencing program, that is not presented in the portforwarding list and for which no port range information is available.Users who are not concerned with security and wish to expose onecomputer to all services without restriction.Note: A DMZ host is not protected by the firewall and may be vulnerable to attack.This may also put other computers in the home network at risk. Hence,when designating a DMZ host, you must consider the security implicationsand protect it if necessary.You can set up a client in your local network as a so-called DMZ host. Your devicethen forwards all incoming data traffic from the Internet to this client. You can, forexample, operate your own Web server on one of the clients in your local networkand make it accessible to Internet users. As the exposed host, the local client is
- 58. 57directly visible to the Internet and therefore particularly vulnerable to attacks (forexample, hacker attacks). Enable this function only when necessary (for example,to operate a Web server) and when other functions (for example, port forwarding)are inadequate. In this case, you should take appropriate measures for the clientsconcerned.Note: Only one PC per public IP address can be set up as an exposed host.Adding a DMZ HostStep 1 To set up a PC as a DMZ host, select Advanced Setup > NAT > DMZ host.Figure 5 DMZ host configurationStep 2 Enter the local IP address of the PC that is to be enabled as an exposed host.Step 3 Click Save/Apply to apply the settings.Remove DMZ hostStep 1 Clear the DMZ Host Address.Step 2 Click Save/Apply to apply the settings.3.4.3.5 NAT – ALGClick ALG, the following page appears. In this interface, you can enable SIP ALG.3.4.4 SecurityClick Security > IP Filtering and the following interface appears. By default, thefirewall is enabled. The firewall is used to block document transmissions between
- 59. 58the Internet and your PC. It serves as a safety guard and permits only authorizeddocuments to be sent to the LAN.Note: If the modem is configured to bridge mode only, IP filtering is disabled andthe IP filtering interface does not appear.If the modem does not configure a PVC of Bridge mode, MAC filtering is disabledand the MAC Filtering interface does not appear.3.4.4.1 MAC Filtering SetupClick Security > MAC Filtering, and the following page apperas.MAC Filtering is only effective on ATM PVCs configured in Bridge mode.Forwarded means that all MAC layer frames are forwarded except those matchingwith any of the specified rules in the following table. Blocked means that all MAClayer frames are blocked except those matching with any of the specified rules inthe following table.
- 60. 59Click Change Policy and the following page apperas.Then you can change theMAC Filtering Global Policy from FORWARDED to BLOCKED.Read the warning information. Click Yes to change the MAC filtering global policyfrom Forwarded to Blocked. Click No to cancel.For example, to forbid the PC whose MAC address is 00:13:20:9E:0F:10 throughPPPoE dial-up, begin with the following page.Click Add to configure the interface as follows.
- 61. 60Click Save/Apply and the following page appears.3.4.4.2 Parental ControlClick Security>Parental Control and the following page appears.
- 62. 61Click Add and the following page appears.In this page, you can add time of day restriction to a special LAN device connectedto the Router. The Browsers MAC Address automatically displays the MACaddress of the LAN device where the browser is running. To restrict other LANdevice, click Other MAC Address and enter the MAC address of the another LANdevice. To obtain the MAC address of a Windows based PC, enter ipconfig /all inthe DoS window.3.4.5 Quality of ServiceMany communication and multimedia applications require large, high-speedbandwidths to transfer data between the local network and the internet. However,for many applications there is often only one internet connection available withlimited capacity. QoS divides this capacity between the different applications and
- 63. 62provides undelayed, continuous data transfer in situation where data packets withhigher priority are given preference.Click Quality of Service and the following page appears. Under Quality ofService, there are two network share modes: Queue Config and QoSClassification.Network QoS is an industry-wide set of standards and mechanisms for ensuringhigh-quality performance for critical applications. By using QoS mechanisms,network administrators can use existing resources efficiently and ensure therequired level of service without reactively expanding or over-provisioning theirnetworks.Traditionally, the concept of quality in networks meant that all network traffic wastreated equally. The result was that all network traffic received the network’s besteffort, with no guarantees for reliability, delay, variation in delay, or otherperformance characteristics. With best-effort delivery service, however, a singlebandwidth-intensive application can result in poor or unacceptable performance forall applications. The QoS concept of quality is one in which the requirements ofsome applications and users are more critical than others, which means that sometraffic needs preferential treatment.3.4.5.1 Enabling QoSIn this page, you can perform QoS queue management configuration. By default,the system enables QoS and sets a default DSCP mark to automatically markincoming traffic without reference to particular classifier.Select Advanced Setup > Quality of Service and the following page appears.
- 64. 63Select Enable QoS to enable QoS and set the default DSCP mark.Click Save/Apply to activate QoS.3.4.5.2 QoS-Queue ConfigurationThe queuing in packet QoS becomes effective only when packet is forwarded toQoS-enabled PVC. Packet forwarding is determined by IP routing or bridging, notunder control of the packet QoS.Click Queue Config, and the following page appears. In this page, you canconfigure QoS queue. A maximum of 24 entries can be configured.QoS Queue Configuration can allocate four queues. Each of the queues can beconfigured for a precedence value (Lower integer values for precedence implyhigher priority for this queue relative to others). The queue entry configured is usedby the classifier to place ingress packets appropriately.Note: Lower integer values for precedence imply higher priority for this queue
- 65. 64relative to others.For example, add a QoS queue entry and allocate it to a specific network interface(PVC 0/0/35). Set integer values for queue precedence to 1.Step 1 Click Add, and the following page appears.Policy Select: you can select Strict Priority Policy or WRR Policy.Queue Configuration Status: set to enable or disable a QoS queue.Queue: select a specific network interface. When you have already selecteda network interface, the specific network interface selected automaticallyallocates to the queue.Queue Precedence: select an integer value for queue precedence. Afteryou select an integer value, the queue entry appropriately places to ingresspackets. Lower integer values for precedence imply higher priority for thisqueue relative to others.Step 2 Add a QoS queue entry and assign it to a specific network interface(PVC 0/0/35), and set integer values for queue precedence to 1. See thefollowing figure:
- 66. 65Step 3 After proper modifications, click Save/Apply and the following pageappears. This configuration takes effective at once.To delete a certain queue, disable it, select it, and then click Remove.After the queue is configured, you can create several traffic class rules to classifythe upstream traffic.WRR (Weighted Round Robin): this is another QoS method. If you want to setWRR, you must disable the Strict-Priority Queue (PQ). The WRR is mutex to PQ.Only one QoS method can exist at the same time. Select WRR in QoS QueueConfiguration page. The following interface appears.For example, add a QoS queue entry and allocate it to a specific network interface(PVC 0/2/35). Set queue precedence to 2 and weight value to 30%.
- 67. 66After proper modifications, click Save/Apply and the following page appears.The weighted round robin (WRR) queue schedule divides each port into severaloutput queues. Queues are scheduled in turn to ensure that each queue obtains acertain service time. WRR configures a weighted value (w3, w2, w1 and w0) foreach queue. The weighted value represents the proportion of the obtainedresources. For example, the weighted value of WRR queue schedule algorithm ofa 100M port is configured as 50, 30, 10 and 10 (corresponding to w3, w2, w1 andw0), so that the queue with minimum priority obtains a bandwidth of at least
- 68. 6710Mbps, which avoids the disadvantage that a message in queue with low priorityduring PQ schedule may not obtain service for a long time. WRR queue still hasanother advantage. Although the schedule of these queues are conducted in turn,each queue is not assigned with a fixed service time slice-if a certain queue is null,it is immediately changed to the next queue. In this way, the bandwidth resourcescan be fully utilized.3.4.5.3 QoS-QoS ClassificationSome applications require specific bandwidth to ensure its data be forwarded intime. QoS classification can creates traffic class rule to classify the upstream traffic.Assign queue which defines the precedence and the interface and optionallyoverwrite the IP header DSCP byte. After QoS classification, QoS divides capacitybetween different applications and provides undelayed, continuous data transferwhere data packet with higher priority is given preference. The follow figure showsQoS classification.Click QoS Classification and the following page appears. In this page, you canconfigure network traffic classes.Click Add and the following page appears.
- 69. 68Traffic Class Name: Enter a name of the class.Rule Order: Select order for queue.Rule Status: Enable or disable this traffic class rule.Assign Classification Queue: Select a classification queue.Assign Differentiated Service Code Point (DSCP) Mark: Select a markservice that modifies the original packet IP header if all rules defined withinthe classification class are matched. (CS-Mark IP Precedence, AF-AssuredForwarding, EF-Expedited Forwarding)Mark 802.1p if 802.1q is enabled: Select an 802.1p priority number thatserves as the 802.1p value.There are two sets of classification rules. Set-1 is based on different fields withinTCP/UDP/IP layer plus physical LAN port; Set-2 is based on MAC layer IEEE802.1p priority field.
- 70. 69Set-1 Rules contain the following:Physical LAN Port: Select one among Ethernet ports and wireless port.Protocol: Select one among TCP/UDP TCP UDP or ICMP protocols.Source IP AddressSource subnet maskUPD/TCP Source PortDestination IP AddressDestination Subnet MaskUPD/TCP destination port or a range of portsSource Mac AddressSource Mac MaskDestination Mac AddressDestination Mac MaskSet-2 Rules contain the following:802.1p Priority: the 802.1p header includes a 3-bit prioritization field, which allowspackets to be grouped into eight levels of priority (0-7), where level 7 is the highestone.QoS-DSCP SettingIn order to understand what is differentiated services code point (DSCP), youshould be familiar with the differentiated services model (Diffserv).Diffserv is a class of service (CoS) model that enhances best-effort Internetservices via differentiating traffic by users, service requirements and other criteria.Packets are specifically marked, allowing network nodes to provide different levelsof service,via priority queuing or bandwidth allocation, or by choosing dedicated routes forspecific traffic flows.As displayed in following diagram, the IPV4 packet has a TOS filed. Diffservdefines TOS field in IP packet headers referred to as DSCP. Hosts or routes thatpass traffic to a Diffserv-enabled network typically mark each transmitted packetwith an appropriate DSCP. The DSCP markings are used by Diffserv networkrouters to appropriately classify packets and to apply particular queue handing orscheduling behavior.
- 71. 70Layer 3 IPV4 packetVersion/lengthTOS(1word)lengthIDOffset/markTTLprotocolChecksumIP-SAIP-DAdataTOS filed-IP priority (TOS front 3 bit) or DSCP (front 6 bit)7 6 5 4 3 2 1 0IP priority UndefinedDSCP Flow controlQoS-802.1p SettingThe IEEE 802.1p priority marking method is a standard for prioritizing networktraffic at the data link/Mac sub-layer 802.1p traffic is simply classified and sent tothe destination, with no bandwidth reservations established.The follow diagram shows the structure of 802.1Q Frame. The 802.1Q headerincludes a 3-bit prioritization field, which allows packets to be grouped to begrouped into eight levels of priority (0-7), where level 7 is the highest one. Inaddition, DSL maps these eight levels to priority queues, where queue 1 has thehighest priority.Layer 2 802.Q framePreamble SFD DA SA mark(4word)Len/Etype(2 word)DATA FCSMarkTPID(0x8100) Priority(3bit) CFI (1bit) VLAN ID (12bit)3.4.6 RoutingClick Routing and the following page appears.
- 72. 713.4.6.1 Routing - Default GatewayIn this page, you can modify the default gateway settings.If you select Enable Automatic Assigned Default Gateway, this router canaccept the first received default gateway assignment from one of the PPPoA,PPPoE or MER/DHCP enabled PVC(s). If the check box is not selected, you needto enter the static default gateway and/or a WAN interface. Then, clickSave/Apply.Note: If the Automatic Assigned Default Gateway check box is changed from
- 73. 72deselected to selected, you need to reboot the router to obtain theautomatic assigned default gateway.3.4.6.2 Routing - Static RouteIn this interface, you can modify the static route settings.In this interface, you can query the preset static routes, delete an existing staticroute, or add a new static route. By default, the system has no static routeinformation.Destination: The IP address to which packets are transmitted.Subnetmask: The subnet mask of the destination IP address.Gateway: The gateway that the packets pass by during transmission.Interface: The interface that the packets pass through on the modem.Click Add and the following page appears.To add a static route rule, the configuration is as follows.
- 74. 73Click Save/Apply and the following page appears.In the route status interface, the following page appears.3.4.7 DNSNote: If the connection is Bridge PVC, you can not view the DNS item.3.4.7.1 DNS ServerIn this interface, you can modify the DNS server settings.
- 75. 74If select Enable Automatic Assigned DNS, this router accepts the first receivedDNS assignment from one of the PPPoA, PPPoE or MER/DHCP enabled PVC(s)during the connection establishment.If the checkbox is not selected, enter the primary and optional secondary DNSserver IP addresses. The interface is as follows.Click Save to save the new configuration.Note: You must reboot the router to make the new configuration effective.3.4.7.2 Dynamic DNSIn this interface, you can modify the Dynamic DNS settings.The Dynamic DNS service allows you to alias a dynamic IP address to a statichostname in any of the many domains, allowing your DSL router to be more easilyaccessed from various locations on the Internet.
- 76. 75Click Add to add dynamic DDNS.3.4.8 DSLIn this interface, you can modify the DSL settings.Select one you need. But the default setting can check G.dmt/ G.lite/ T1.413/ADSL2/Annexl/ ADSL2+/ Inner pair/ Bitswap. The modem can negotiate themodulation mode with the DSLAM.
- 77. 763.4.9 Port MappingPort Mapping supports multiple ports to PVC and bridging groups. Each groupperforms as an independent network. To support this feature, you must createmapping groups with appropriate LAN and WAN interfaces using the Add button.The Save/Apply button removes the grouping and adds the ungrouped interfacesto the Default group, or Enable/Disable the grouping. Only the default group hasthe IP interface and it can’t be removed.
- 78. 77In Port Mapping page, select the Enable virtual ports on check box and createthree virtual interfaces within the Router. Each virtual interface represents aphysical Ethernet port within the external Ethernet Switch.If you deselect the Enable virtual ports on check box, the modem fails torecognize virtual Ethernet ports within the Ethernet switch.3.4.9.1 Creating a Mapping GroupClick Add, and the following page appears.
- 79. 78Group Name: Enter a unique group name.Grouped Interfaces: The port belongs to this group.Available Interfaces: It shows the available Ethernet port which you canselect.Automatically Add Clients With the following DHCP Vendor IDs: If avendor ID is configured for a specific client device, reboot the client deviceattached to the modem to allow it to obtain an appropriate IP address (For
- 80. 79example, the vender ID of default DHCP client of Windows 2000/XP is MSFT5.0).Enter the Group name and select interfaces from the available interface list andadd it to the grouped interface list using the arrow buttons to create the requiredmapping of the ports. The group name must be unique.If you want to automatically add LAN clients to a PVC in the new group, add theDHCP vendor ID. DHCP clients that are configured with specified vendor IDs(DHCP option 60) block IP addresses from the local DHCP server.Note:These clients may obtain public IP addresses.Click Save/Apply to apply the changes immediately.Note:The selected interfaces are removed from their existing groups and added tothe new group.
- 81. 803.4.9.2 Editing an Existing GroupGroup Name: Enter a unique group name.Grouped Interfaces: The port belongs to this group.Available Interfaces: It shows the available Ethernet port which you canselect.Automatically Add Clients With the following DHCP Vendor IDs: If avendor ID is configured for a specific client device, reboot the client deviceattached to the modem to allow it to obtain an appropriate IP address. For
- 82. 81example, the vender ID of the default DHCP client on Windows 2000/XP isMSFT 5.0.To edit port mapping configuration, do as follows:To add interfaces to the grouped list, select the interfaces from availableinterface list. Use the left arrow button to move the selected interfaces to thegrouped list.To remove the interfaces, select the interface from the grouped list and clickthe right arrow button.Note:If you add the DHCP vendor ID (option 60) string, the clients automatically denyan IP address by the local DHCP server and may obtain public IP address.Click Save/Apply to apply the changes immediately.Note:Selected interfaces are removed from their existing groups and added to thenew group.3.4.10 IPSecClick IPSec, and the following page appears.Click Add New Connection to add a new IPSec connection.
- 83. 82You can click Show Advance Settings to view some advance parameters andmodify them to match the other side of this connection.Click Save/Apply to save this connection, then you can check the checkbox ofenable column to enable this IPSec connection. And the communication isestablished.3.4.11 Certificate3.4.11.1 Local CertificatesClick Certificate > Local and the following page appears.Local certificates are used by peers to verify your identity. It can store maximum 4certificates.
- 84. 83Click Create Certificate Request and the following page appears.To generate a certificate signing request, you need to include Common Name,Organization Name, State/Province Name, and the 2-letter Country Code for thecertificate.If click Import Certificate, the following page appears. Then you can entercertificate name, paste certificate content and private key.
- 85. 843.4.11.2 Trusted CA CertificatesClick Certificate > Trusted CA and the following page appears. CA certificates areused by you to verify certificates of peers. It can store maximum 4 certificates.Click Import Certificate and the following page appears. Then you can entercertificate name, paste certificate content.
- 86. 853.5 WirelessThis section introduces the wireless LAN and some basic configurations. WirelessLAN can be as simple as two computers with wireless LAN cards communicating ina peer-to-peer network or as complex as a number of computers with wireless LANcards communicating through access points (AP) that bridge network traffic to thewired LAN.The Modem Wi-Fi® certified IEEE 802.11g compliant wireless access point allowsmultiple computers to connect wirelessly to your local network over the ModemWireless LAN environment. The Modem is backward compatible with IEEE802.11b, which means 802.11b and 802.11g devices can coexist in the samewireless network. The Wireless Distribution System (WDS) on your Modem allowsyou to extend the range of your wireless network. To be able to use WDS, you willneed to introduce an additional WDS-enabled access point into your wirelessnetwork. To be able to connect the computers, make sure that a wireless clientadapter (WLAN client) is installed on each computer you want to connect via theWLAN.
- 87. 863.5.1 Wireless LAN BasicsSome basic understanding of 802.11b/g wireless technology and terminology isuseful when you are setting up the Router or any wireless access point. If you arenot familiar with wireless networks please take a few minutes to learn the basics.3.5.1.1 Wireless client requirementsAll wireless client adapters compliant to 802.11g and/or 802.11b can communicatewith the Modem (W) LAN environment. However, be aware that only 802.11gcompliant wireless clients are able to gain full profit of the 54 Mb/s (Max) bandwidthdelivered by the Modem. It is highly recommended to use only wireless clientadapters that are Wi-Fi™ certified to ensure smooth interoperability with theModem’s WLAN.3.5.1.2 Radio TransmissionWireless LAN or WLAN devices use electromagnetic waves within a broad,unlicensed range of the radio spectrum to transmit and receive radio signals. Whena wireless access point is present, it becomes a base station for the WLAN nodesin its broadcast range. WLAN nodes transmit digital data using FM (frequencymodulation) radio signals. WLAN devices generate a carrier wave and modulatethis signal using various techniques. Digital data is superimposed onto the carriersignal. This radio signal carries data to WLAN devices within range of thetransmitting device. The antennae of WLAN devices listen for and receive thesignal. The signal is demodulated and the transmitted data extracted. Thetransmission method used by the access point is called Direct Sequence SpreadSpectrum (DSSS) and operates in a range of the radio spectrum between 2.4GHzand 2.5GHz for transmission. See the expert technical specifications for moredetails on wireless operation.3.5.1.3 AntennasDirect the external antenna to allow optimization of the wireless link. If for examplethe antenna is erect, wireless links in the horizontal plane are favored. Please notethat the antenna characteristics are influenced by the environment, that is, byreflections of the radio signal against walls or ceilings. It is advisable to use thereceived signal strength as indicated by the wireless client manager to optimize theantenna position for the link to a given client. Concrete walls weaken the radiosignal and thus affect the connection.
- 88. 873.5.1.4 RangeRange should not be a problem in most homes or small offices. If you experiencelow or no signal strength in some areas, consider positioning the Router in alocation between the WLAN devices that maintains a roughly equal straight-linedistance to all devices that need to access the Router through the wirelessinterface. Adding more 802.11g access points to rooms where the signal is weakcan improve signal strength. Read the section about placement of the Router titledLocation in the next chapter, Hardware Installation, for more information.3.5.1.5 SSIDWireless networks use an SSID (Service Set Identifier) to allow wireless devices toroam within the range of the network. Wireless devices that wish to communicatewith each other must use the same SSID. Several access points can be set upusing the same SSID so that wireless stations can move from one location toanother without losing connection to the wireless network. The Modem operates inInfrastructure mode. It controls network access on the wireless interface in itsbroadcast area. It will allow access to the wireless network to devices using thecorrect SSID after a negotiation process takes place. By default the Modembroadcasts its SSID so that any wireless station in range can learn the SSID andask permission to associate with it. Many wireless adapters are able to survey orscan the wireless environment for access points. An access point in Infrastructuremode allows wireless devices to survey that network and select an access pointwith which to associate. You may disable SSID broadcasting the wireless menu ofweb management.3.5.1.6 Radio channelsThe 802.11g standard allows several WLAN networks using different radiochannels to be co-located. The Modem supports multiple radio channels and isable to select the best radio channel at each startup. You can choose to set thechannels automatically or manually.The different channels overlap. To avoid interference with another access point,make sure that the separation (in terms of frequency) is as high as possible. It isrecommended to keep at least 3 channels between 2 different access points.The Modem supports all channels allowed for wireless networking. However,depending on local regulations, the number of channels actually allowed to beused may be additionally restricted, as shown in the table below.
- 89. 88Regulatory Domain Allowed Radio ChannelsChina 1 to 13Europe 1 to 13Israel 5 to 8Japan 1 to 14Jordan 10 to 13Thailand 1 to 14USA / Canada 1 to 113.5.1.7 Wireless SecurityVarious security options are available on the Modem including open or WEP,802.1x, WPA, WPA-PSK, WPA2 and WPA2-PSK. Authentication may use an opensystem or a shared key. For details on these methods and how to use them, pleaseread the wireless LAN configuration information in Section 3.5.3 (Wireless SecurityConfiguration).3.5.1.8 About 802.11g Wireless802.11b is an IEEE standard, operating at 2,4 GHz at a speed of up to 11 Mb/s.802.11g, a newer IEEE standard also operating at 2,4 GHz, gives you up to 54Mb/s speed, more security and better performance.Todays 11-megabits-per-second 802.11b wireless networks are fine for broadbandInternet access (which typically tops out at about 1 mbps) but rather slow for largeinternal file transfers or streaming video. However, 54-mbps, corporate-oriented802.11a is expensive and because its radio uses the 5-GHz band and 802.11buses the 2.4 GHz band, upgrading to an 802.11a network means either scrapping802.11b gear or buying even-pricier hardware that can support both standards.But 802.11g promises the same speed as 802.11a and the ability to coexist with802.11b equipment on one network, since it too uses the 2.4-GHz band. 802.11g isan extension to 802.11b, the basis of many wireless LANs in existence today.802.11g will broaden 802.11bs data rates to 54 Mbps within the 2.4 GHz bandusing OFDM (orthogonal frequency division multiplexing) technology. Because ofbackward compatibility, an 802.11b radio card will interface directly with an 802.11gaccess point (and vice versa) at 11 Mbps or lower depending on range. You shouldbe able to upgrade the newer 802.11b access points to be 802.11g compliant viarelatively easy firmware upgrades.
- 90. 89Similar to 802.11b, 802.11g operates in the 2.4GHz band, and the transmittedsignal uses approximately 30MHz, which is one third of the band. This limits thenumber of non-overlapping 802.11g access points to three, which is the same as802.11b.Note: Maximum wireless signal rate based on IEEE Standard 802.11gspecifications is 54 Mbps. But actual data throughput varies dependingon.network conditions and environmental factors, including volume ofnetwork traffic, building materials and construction, and network overheadwill cause lower actual data throughput rate.3.5.1.9 Access Point and Wireless FidelThe Wi-Fi certification ensures that your Modem will interoperate with any Wi-Ficertified 802.11g and 802.11b compliant wireless device.The Modem Wireless LAN Access Point (AP) behaves as a networking huballowing to wirelessly interconnect several devices to the local (W) LAN and toprovide access to the Internet.3.5.2 Wireless – BasicThis page allows you to configure basic features of the wireless LAN interface. Youcan enable or disable the wireless LAN interface, hide the network from activescans, set the wireless network name (also known as SSID) and restrict thechannel set based on country requirements.Following is a description of the different options:Enable Wireless: If you want to make wireless be available, you have tocheck this box first. Otherwise, the Hide Access Point SSID, Country, EnableWireless Guest Network, and Guest SSID box will not be displayed.Hide Access Point: Check this box if you want to hide any access point foryour router, so a station cannot obtain the SSID through passive scanning.SSID: The SSID (Service Set Identification) is the unique name sharedamong all devices in a wireless network. The SSID must be identical for alldevices in the wireless network.Country: The channel will adjust according to nations to adapt to eachnations frequency provision.
- 91. 90Click Save/Apply to save the basic wireless options and make the modificationeffect.3.5.3 Wireless – SecurityThis page allows you can configure security features of the wireless LAN interface.You can set the network authentication method, selecting data encryption, specifywhether a network key is required to authenticate to this wireless network andspecify the encryption strength.WSC Setup: Wi-Fi Simple Config (WSC) is a new method for setting up residentialWi-Fi (802.11) networks with equal emphasis on security and ease-of-use.This device is equipped with 802.1X and WPA/WPA2, the latest security standard.It also supports the legacy security standard, that is, WEP. By default, wirelesssecurity is disabled and authentication is open. Before enabling the security,consider your network size, complexity, and existing authentication infrastructureand then determine which solution applies to it.Following is a description of the different options:Select SSID: Select the wireless LAN of SSID to configure security features.Network Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be open.WEP Encryption: Disable WEP Encryption.The data is not encrypted when it is transferred from the device to the client station.This is the default option.
- 92. 91Click Save/Apply to save the wireless security options and make the modificationeffect.64-bit WEPNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be open or shared.WEP Encryption: Enable WEP Encryption.Encryption Strength: click the desired Data Security level to be 64-bit.Current Network Key: Select one of network key that you set on the Keyboxes as default one.Network Key 1 to 4: Enter 5 ASCII characters or 10 hexadecimal digits for64-bit encryption keys to fill out WEP keys box. The system allows you totype in 4 kinds of the WEP key.Click Save/Apply to save the wireless security options and make the modificationeffect.
- 93. 92128-bit WEPNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be open or shared.WEP Encryption: Enable WEP Encryption.Encryption Strength: Click the desired Data Security level to be 128-bit.Current Network Key: Select one of network key that you set on the Keyboxes as default one.Network Key 1 to 4: Enter 13 ASCII characters or 26 hexadecimal digits for128-bit encryption keys to fill out WEP keys box. The system allows you totype in 4 kinds of the WEP key.Click Save/Apply to save the wireless security options and make the modificationeffect.
- 94. 93802.1x AuthenticationNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be 802.1x.Radius Server IP Address: Enter the IP Address of the authentication server.Radius Port: Enter the port number of the authentication server. The defaultport number is 1812.Radius Key: Enter the same key as the Radius server’s.WEP Encryption: Enable WEP Encryption. This is defaultEncryption Strength: click the desired Data Security level to be 64-bit or128-bit.Current Network Key: Select one of network key that you set on the Keyboxes as default one.Network Key 1 to 4: Enter 5 ASCII characters or 10 hexadecimal digits for64-bit encryption keys or enter 13 ASCII characters or 26 hexadecimal digitsfor 128-bit encryption keys to fill out WEP keys box. The system allows youto type in 4 kinds of the WEP key.Click Save/Apply to save the wireless security options and make the modificationeffect.WPA AuthenticationNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be WPA.
- 95. 94WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.Radius Server IP Adress: Enter the IP Address of the authentication server.Radius Port: Enter the port number of the authentication server. The defaultport number is 1812.Radius Key: Enter the same key as the Radius server’s.WPA Encryption: Select TKIP, AES or TKIP + AES. The TKIP is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.Click Save/Apply to save the wireless security options and make the modificationeffect.WPA2 AuthenticationNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be WPA2.WPA2 Preauthentication: Selec Enable or Disenable.Network Re-auth Interval: Specifies the timer of re-authentication betweenthe server and the client.WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.RADIUS Server IP Adress: Enter the IP Address of the authenticationserver.RADIUS Port: Enter the port number of the authentication server. Thedefault port number is 1812.RADIUS Key: Enter the same key as the Radius server’s.
- 96. 95WPA Encryption: Select TKIP, AES or TKIP + AES. The AES is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.Click Save/Apply to save the wireless security options and make the modificationeffect.Mixed WPA2/WPA AuthenticationThis authentication mode means AP auto adjust to use WPA2 or WPA according towireless clients.Network Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be Mixed WPA2/WPA.WPA2 Preauthentication: Selec Enable or Disenable.Network Re-auth Interval: Specifies the timer of re-authentication betweenthe server and the client.WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.Radius Server IP Adress: Enter the IP Address of the authenticationserver.Radius Port: Enter the port number of the authentication server. The defaultport number is 1812.Radius Key: Enter the same key as the Radius server’s.WPA Encryption: Select TKIP, AES or TKIP + AES. The AES is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.
- 97. 96Click Save/Apply to save the wireless security options and make the modificationeffect.WPA-PSK AuthenticationNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be Mixed WPA-PSK.WPA Pre-Shared Key: Enter the pre-shared key for WPA. Client stationsmust use the same key in order to connect with this device. Check the tablebelow for instructions when entering the key.Format MinimumcharactersMaximumCharactersASCII 8 63Hexadecimal 8 64WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.WPA Encryption: Select TKIP, AES or TKIP + AES. The TKIP is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.Click Save/Apply to save the wireless security options and make the modificationeffect.
- 98. 97WPA2-PSK AuthenticationNetwork Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be Mixed WPA2-PSK.WPA Pre-Shared Key: Enter the pre-shared key for WPA. Client stationsmust use the same key in order to connect with this device. Check the tablebelow for instructions when entering the key.Format MinimumcharactersMaximumCharactersASCII 8 63Hexadecimal 8 64WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.WPA Encryption: Select TKIP, AES or TKIP + AES. The AES is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.Click Save/Apply to save the wireless security options and make the modificationeffect.
- 99. 98Mixed WPA2/WPA-PSK AuthenticationThis authentication mode means AP auto adjust to use WPA2-PSK or WPA-PSKaccording to wireless clients.Network Authentication: Select the authentication mode for the selectedwireless LAN of SSID to be Mixed WPA2/WPA-PSK.WPA Pre-Shared Key: Enter the pre-shared key for WPA. Client stationsmust use the same key in order to connect with this device. Check the tablebelow for instructions when entering the key.Format MinimumcharactersMaximumCharactersASCII 8 63Hexadecimal 8 64WPA Group Rekey Interval: Specifies the timer the WPA key must change. Ifthe value set 0, no need to change. The change is done automaticallybetween the server and the client.WPA Encryption: Select TKIP, AES or TKIP + AES. The AES is default. TheTKIP + AES encryption mode means AP auto adjust to use TKIP or AESaccording to wireless clients.Click Save/Apply to save the wireless security options and make the modificationeffect.3.5.4 Wireless - MAC FilterThe web page allows you to create a list of MAC addresses that are banned orallowed association with the wireless access point.MAC Restrict Mode: The function can be turn on/off, Check Disabled todisable this function. Vice versa, to enable the function. After enabling thefunction, you can filter wireless users according to their MAC address, either
- 100. 99allowing or denying access. Check Allow to make any wireless MACaddress in the Wireless Access Control List can be linked to. And CheckDeny to banned any wireless MAC address in the Wireless Access ControlList to be linked to.Add a MAC Access Control: To add a new MAC address to your wirelessMAC address filters, click Add to show next page. Type in the MAC Addressin the entry field provided. Click Save/Apply to add the MAC address to thelist. The MAC address appears listed in the table below.Remove a MAC Access Control: Select the Remove checkbox in the rightcolumn of the list for the MAC address to be removed and click Remove.3.5.5 Wireless – BridgeThis page allows you to configure wireless bridge features of the wireless LANinterface.The Wireless Distribution System (WDS) allows you to extend the range of yourwireless network by introducing one or more WDS-enabled devices into yourwireless network. You can only establish WDS links with WDS-enabled devices.
- 101. 100AP Mode: Select Access Point’s functionality to be Access Point or pureWireless Bridge. You can select Wireless Bridge (also known as WirelessDistribution System) to disables access point functionality. Selecting AccessPoint enables access point functionality and Wireless bridge functionality willstill be available and wireless stations will be able to associate to the AP.Bridge Restrict: Select Disabled in Bridge Restrict which disables wirelessbridge restriction. Any wireless bridge will be granted access. SelectingEnabled or Enabled (Scan) enables wireless bridge restriction. Only thosebridges selected in Remote Bridges are granted access.You can manually enter Remote Bridges MAC Address to the list. You can also doit automatically in the following steps:Step 1 In the Bridge Restrict list, click Enabled (Scan).Step 2 Click Refresh to update the remote bridges.The router waits for a few seconds to update. And then lists the results in theAccessible Access Points table.Step 3 Check on the box in the left column of the list for selecting the AccessPoint to which you want to establish a WDS connection.Step 4 Click Save/Apply.You must configure all Bridges Access Point with:The same encryption and authentication mode as Open, Shared, WEP,WPA-PSK or WPA2-PSK.The same fixed channel.Click Save/Apply to configure the wireless bridge options and make themodification effect.
- 102. 1013.5.6 Wireless – AdvancedThis page allows you to configure advanced features of the wireless LAN interface.You can select a particular channel on which to operate, force the transmission rateto a particular speed, set the fragmentation threshold, set the RTS threshold, setthe wakeup interval for clients in power-save mode, set the beacon interval for theaccess point, set XPress mode and set whether short or long preambles are used.
- 103. 102Band: Select 802.11b/g using wireless frequency band range. The radiofrequency remains at 2.437 GHz.Channel: Fill in the appropriate channel to correspond with your networksettings. 11 is the default channel. All devices in your wireless network mustuse the same channel in order to work correctly. This router supports autochanneling functionality.Auto Channel Timer(min): Specifies the timer of auto channelling.54g™ Rate: Select the transmission rate for the network. The rate of datatransmission should be set depending on the speed of your wireless network.You can select from a range of transmission speeds, or you can select Autoto have the Router automatically use the fastest possible data rate andenable the Auto-Fallback feature. Auto-Fallback will negotiate the bestpossible connection speed between the Router and a wireless client. Thedefault value is Auto.Multicast Rate: Select the multicast transmission rate for the network. Therate of data transmission should be set depending on the speed of yourwireless network. You can select from a range of transmission speeds, oryou can select Auto to have the Router automatically use the fastestpossible data rate and enable the Auto-Fallback feature. Auto-Fallback willnegotiate the best possible connection speed between the Router and awireless client. The default value is Auto.Basic Rate: Select the basic transmission rate ability for the AP.
0 comments:
Post a Comment