BR-6218Mg
MIMO Wireless Broadband Router
User’s Manual
0
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4.3.2 802.1x only............................................................................................. 30
2.4.3.3 802.1x WEP Static key........................................................................... 31
2.4.3.5 WPA/WPA2 Radius................................................................................ 33
2.5 QoS.............................................................................................................. 35
2.5.2 Rate Policing QoS..................................................................................... 37
2.6 NAT.............................................................................................................. 39
2.6.4 UPnP Settings........................................................................................... 43
2.6.5 Static Routing............................................................................................ 44
2.7 Firewall......................................................................................................... 45
Status................................................................................................................. 51
3.2.5 New Connection Log................................................................................. 53
Appendix A......................................................................................................... 55
Glossary............................................................................................................. 56
2
Download from Www.Somanuals.com. All Manuals Search And Download.
Introduction
Congratulations on purchasing this Wireless Broadband Router. This Wireless Broadband Router is a cost-
effective IP Sharing Router that enables multiple users to share the Internet through an ADSL or cable
modem. Simply configure your Internet connection settings in the Wireless Broadband Router and plug your
PC to the LAN port and you're ready to share files and access the Internet. As your network grows, you can
connect another hub or switch to the router’s LAN ports, allowing you to easily expand your network. The
Wireless Broadband Router is embedded with a IEEE 802.11g/b MIMO access point that allows you to build
up a wireless LAN. The Wireless Broadband Router provides a total solution for the Small and Medium-sized
Business (SMB) and the Small Office/Home Office (SOHO) markets, giving you an instant network today,
and the flexibility to handle tomorrow's expansion and speed.
Features
•
•
•
•
•
•
•
•
•
High Internet Access throughput (up to 100M)
Allow multiple users to share a single Internet line
Supports up to 253 users
Internet Access via Cable or xDSL modem
Access Private LAN Servers from the Public Network
Equipped with four LAN ports (10/100M) and one WAN port (10/100M)
Provides IEEE 802.11g/b MIMO wireless LAN access point
Support DHCP (Server/Client) for easy setup
Support advance features such as: Special Applications, DMZ, Virtual Servers, Access Control,
Firewall.
•
Allow you to monitor the router’s status such as: DHCP Client Log, System Log, Security Log and
Device/Connection Status
•
•
Easy to use Web-based GUI for configuration and management purposes
Remote Management allows configuration and upgrades from a remote site (over the Internet)
Minimum Requirements
•
•
•
One External xDSL (ADSL) or Cable modem with an Ethernet port (RJ-45)
Network Interface Card (NIC) for each Personal Computer (PC)
PCs with a Web-Browser (Internet Explorer 4.0 or higher, or Netscape Navigator 4.7 or higher)
Package Content
•
•
•
•
•
One MIMO Broadband router unit
One Quick Installation Guide
One User Manual CD
One Power Adapter
Accessories
Note
The WAN “idle timeout” auto-disconnect function may not work due to abnormal activities of some network
application software, computer virus or hacker attacks from the Internet. For example, some software sends
network packets to the Internet in the background, even when you are not using the Internet. So please turn
off your computer when you are not using it. This function also may not work with some ISP. So please make
sure this function can work properly when you use this function in the first time, especially your ISP charge
you by time used.
3
Download from Www.Somanuals.com. All Manuals Search And Download.
Get to know the Broadband Router
Back Panel
The diagram (fig1.0) below shows the broadband router’s back panel. The router’s back panel is divided into
three sections, LAN, WAN and Reset:
Figure 1.0
1) Local Area Network (LAN)
The Broadband router’s 4 LAN ports are where you connect your LAN’s PCs, printer servers, hubs and
switches etc.
2) Wide Area Network (WAN)
The WAN port is the segment connected to your xDSL or Cable modem and is linked to the Internet.
3) Reset
The Reset button allows you to do one of two things.
1) If problems occur with your router, press the router’s reset button with a pencil tip (for less than 5
seconds) and the router will re-boot itself, keeping your original configurations.
2) If problems persist or you experience extreme problems or you forgot your password, press the
reset button for longer than 5 seconds and the router will reset itself to the factory default
settings (warning: your original configurations will be replaced with the factory default settings)
Front Panel
On the router’s front panel there are LED lights that inform you of the router’s current status. Below is an
explanation of each LED and its description.
4
Download from Www.Somanuals.com. All Manuals Search And Download.
LED
Light Status
ON
Description
PWR
Router’s power supply is on
WAN port 100Mbps is connected
WAN port 10Mbps is connected
WAN is connected
ON
WAN 10/100M
WAN LNK/ACT
Off
ON
Off
No WAN connection
Flashing
ON
WAN port is Activity (ACT)
LAN port 100Mbps is connected
LAN port 10Mbps is connected
LAN is connected
LAN 10/100M
(Port 1-4)
Off
ON
LAN LNK/ACT
(Port 1-4)
Off
No LAN connection
Flashing
ON
LAN port is Activity (ACT)
Wireless LAN has been activated
Wireless LAN is disabled
Wireless LAN is Activity (ACT)
WLAN-G
Off
Flashing
Setup Diagram
Figure 1.2 below shows a typical setup for a Local Area Network (LAN).
Figure 1.2
5
Download from Www.Somanuals.com. All Manuals Search And Download.
Getting started
This is a step-by-step instruction on how to start using the router and get connected to the Internet.
1) Setup your network as shown in the setup diagram above (fig 1.2).
2) You then need to set your LAN PC clients so that it can obtain an IP address automatically. All LAN
clients require an IP address. Just like an address, it allows LAN clients to find one another. (If you have
already configured your PC to obtain an IP automatically then proceed to step 3, page 11)
Configure your PC to obtain an IP address automatically
By default the broadband router’s DHCP is on, this means that you can obtain an IP address automatically
once you’ve configured your PC to obtain an IP address automatically. This section will show you how to
configure your PC’s so that it can obtain an IP address automatically for either Windows 95/98/Me, 2000 or
NT operating systems. For other operating systems (Macintosh, Sun, etc.), follow the manufacturer’s
instructions. The following is a step-by-step illustration on how to configure your PC to obtain an IP address
automatically for 2a) Windows 95/98/Me, 2b) Windows XP, 2c) Windows 2000 and 2d) Windows NT.
2a) Windows 95/98/Me
1: Click the Start button and select Settings, then click Control Panel. The Control Panel window will
appear.
2: Double-click Network icon. The Network window will appear.
3: Check your list of Network Components. If TCP/IP is not installed, click the Add button to install it now.
If TCP/IP is installed, go to step 6.
4: In the Network Component Type dialog box, select Protocol and click Add button.
5: In the Select Network Protocol dialog box, select Microsoft and TCP/IP and then click the OK button to
start installing the TCP/IP protocol. You may need your Windows CD to complete the installation.
6: After installing TCP/IP, go back to the Network dialog box. Select TCP/IP from the list of Network
Components and then click the Properties button.
7: Check each of the tabs and verify the following settings:
•
Bindings: Check Client for Microsoft Networks and File and printer sharing for Microsoft
Networks.
•
•
•
•
Gateway: All fields are blank.
DNS Configuration: Select Disable DNS.
WINS Configuration: Select Disable WINS Resolution.
IP Address: Select Obtain IP address automatically.
6
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Reboot the PC. Your PC will now obtain an IP address automatically from your
Broadband Router’s DHCP server.
Note: Please make sure that the Broadband router’s DHCP server is the only DHCP server available
on your LAN.
Once you’ve configured your PC to obtain an IP address automatically, please proceed to Step 3
2b) Windows XP
1: Click the Start button and select Settings, then click Network Connections. The Network
Connections window will appear.
2: Double-click Local Area Connection icon. The Local Area Connection window will appear.
3: Check your list of Network Components. You should see Internet Protocol [TCP/IP] on your list.
Select it and click the Properties button.
4: In the Internet Protocol (TCP/IP) Properties window, select Obtain an IP address automatically and
Obtain DNS server address automatically as shown on the following screen.
5: Click OK to confirm the setting. Your PC will now obtain an IP address automatically from your
Broadband Router’s DHCP server.
Note: Please make sure that the Broadband router’s DHCP server is the only DHCP server available
on your LAN.
Once you’ve configured your PC to obtain an IP address automatically, please proceed to Step 3.
7
Download from Www.Somanuals.com. All Manuals Search And Download.
2c) Windows 2000
1: Click the Start button and select Settings, then click Control Panel. The Control Panel window will
appear.
2: Double-click Network and Dial-up Connections icon. In the Network and Dial-up Connection
window, double-click Local Area Connection icon. The Local Area Connection window will appear.
3: In the Local Area Connection window, click the Properties button.
4: Check your list of Network Components. You should see Internet Protocol [TCP/IP] on your list.
Select it and click the Properties button.
5: In the Internet Protocol (TCP/IP) Properties window, select Obtain an IP address automatically and
Obtain DNS server address automatically as shown on the following screen.
6: Click OK to confirm the setting. Your PC will now obtain an IP address automatically
from your Broadband Router’s DHCP server.
Note: Please make sure that the Broadband router’s DHCP server is the only DHCP server
available on your LAN.
Once you’ve configured your PC to obtain an IP address automatically, please proceed to Step 3.
8
Download from Www.Somanuals.com. All Manuals Search And Download.
2d) Windows NT
1: Click the Start button and select Settings, then click Control Panel. The Control Panel window will
appear.
2: Double-click Network icon. The Network window will appear. Select the Protocol tab from the
Network window.
3: Check if the TCP/IP Protocol is on your list of Network Protocols. If TCP/IP is not installed, click the
Add button to install it now. If TCP/IP is installed, go to step 5.
4: In the Select Network Protocol window, select the TCP/IP Protocol and click the Ok button to start
installing the TCP/IP protocol. You may need your Windows CD to complete the installation.
5: After you install TCP/IP, go back to the Network window. Select TCP/IP from the list of Network
Protocols and then click the Properties button.
6: Check each of the tabs and verify the following settings:
•
•
•
•
IP Address: Select Obtain an IP address from a DHCP server.
DNS: Let all fields are blank.
WINS: Let all fields are blank.
Routing: Let all fields are blank.
7: Click OK to confirm the setting. Your PC will now obtain an IP address automatically from your
Broadband Router’s DHCP server.
Note: Please make sure that the Broadband router’s DHCP server is the only DHCP server
available on your LAN.
Once you’ve configured your PC to obtain an IP address automatically, please proceed to Step 3.
9
Download from Www.Somanuals.com. All Manuals Search And Download.
3) Once you have configured your PCs to obtain an IP address automatically, the router’s DHCP server will
automatically give your LAN clients an IP address. By default the Broadband Router’s DHCP server is
enabled so that you can obtain an IP address automatically. To see if you have obtained an IP address,
see Appendix A.
Note: Please make sure that the Broadband router’s DHCP server is the only DHCP server available on
your LAN. If there is another DHCP on your network, then you’ll need to switch one of the DHCP servers
off. (To disable the Broadband router’s DHCP server see chapter 2 LAN Port)
4) Once your PC has obtained an IP address from your router, enter the default IP address 192.168.2.1
(broadband router’s IP address) into your PC’s web browser and press <enter>
5) The login screen below will appear. Enter the “User Name” and “Password” and then click <OK> to login.
Note: By default the user name is “admin” and the password is “1234”. For security reasons it is
recommended that you change the password as soon as possible (in General setup/system/password,
see chapter 2)
6) The HOME page screen below will appear. The Home Page is divided into four sections, Quick Setup
Wizard, General Setup, Status Information and Tools.
10
Download from Www.Somanuals.com. All Manuals Search And Download.
Menu
Description
Quick Setup Wizard Select your Internet connection type and then input the configurations needed to
(Chapter 1)
connect to your Internet Service Provider (ISP).
This section contains configurations for the Broadband router’s advance
functions such as: Address Mapping, Virtual Server, Access Control, Hacker
Attack Prevention, DMZ, Special applications and other functions to meet your
LAN requirements.
General Setup
(Chapter 2)
In this section you can see the Broadband router's system information, Internet
Connection, Device Status, System Log, Security Log and DHCP client
information.
Status Information
(Chapter 3)
This section contains the broadband router’s Tools - Tools include Configuration
tools, Firmware upgrade and Reset. Configuration tools allow you to Backup
(save), Restore, or Restore to Factory Default configuration for your Broadband
router. The Firmware upgrade tool allows you to upgrade your Broadband
router's firmware. The RESET tool allows you to reset your Broadband router.
Tools
(Chapter 4)
7) Click on Quick Setup Wizard (see chapter 1) to start configuring settings required by your ISP so that
you can start accessing the Internet. The other sections (General Setup, Status Information and Tools)
do not need to be configured unless you wish to implement/monitor more advance features/information.
Select the section (Quick Setup Wizard, General Setup, Status Information and Tools) you wish to configure
and proceed to the corresponding chapter. Use the selections on the web management’s top right hand
page (see below) to navigate around the web-based management User Interface.
11
Download from Www.Somanuals.com. All Manuals Search And Download.
Chapter 1
Quick Setup
The Quick Setup section is designed to get you using the broadband router as quickly as possible. In the
Quick Setup you are required to fill in only the information necessary to access the Internet. Once you click
on the Quick Setup Wizard in the HOME page, you should see the screen below.
Step 1) Time Zone
The Time Zone allows your router to base its time on the settings configured here, this will affect functions
such as Log entries and Firewall settings.
Parameter
Time Zone
Description
Select the time zone of the country you are currently in. The router will set its
time based on your selection.
NTP Server #
Time
You can manually assign three time server addresses here.
Here shows the time of current router setting.
Click on NEXT to proceed to the next page (step 2) WAN Settings.
12
Download from Www.Somanuals.com. All Manuals Search And Download.
Step 2) WAN Settings
In this section you have to select one of four types of connections that you will be using to connect your
broadband router’s WAN port to your ISP (see screen below).
Note: Different ISP’s require different methods of connecting to the Internet, please check with your ISP as
to the type of connection it requires.
Parameter
Dynamic IP
Description
Your ISP will automatically give you an IP address
Your ISP has given you an IP address already
Static IP Address
Your ISP requires you to use a Point-to-Point Protocol over Ethernet (PPPoE)
connection.
PPPoE
PPTP
L2TP
Your ISP requires you to use a Point-to-Point Tunneling Protocol (PPTP)
connection.
Your ISP requires you to use a Layer Two Tunneling Protocol (L2TP)
connection.
Click on one of the WAN type and then proceed to the manual’s relevant sub-section (1.1, 1.2, 1.3, 1.4, 1.5
or 1.6). Click on Back to return to the previous screen.
13
Download from Www.Somanuals.com. All Manuals Search And Download.
1.1 Dynamic IP
Choose Dynamic IP if your ISP will automatically give you an IP address. Some ISP’s may also require that
you fill in additional information such as MAC address (see screen below).
Note: The MAC address section is optional and you can skip this section if your ISP does not require these
settings for you to connect to the Internet.
Parameter
Clone MAC
Description
Your ISP may require a particular MAC address in order for you to connect to
the Internet. This MAC address is the PC’s MAC address that your ISP had
originally connected your Internet connection to. Type in this MAC address in
this section or use the “Clone MAC Address” button to replace the WAN MAC
address with the MAC address of that PC (you have to be using that PC for the
Clone MAC Address button to work). To find out the PC’s MAC address see
Appendix A. (see Glossary for an explanation on MAC address)
Click <OK> when you have finished the configuration above. Congratulations! You have completed the
configuration for the Cable Modem connection. You can start using the router now, if you wish to use some
of the advance features supported by this router see chapter 2, 3, 4.
14
Download from Www.Somanuals.com. All Manuals Search And Download.
1.2 Static IP Address
Select Static IP Address if your ISP has given you a specific IP address for you to use. Your ISP should
provide all the information required in this section.
Parameter
IP Address
Description
This is the IP address that your ISP has given you.
Enter the Subnet Mask provided by your ISP
(e.g. 255.255.255.0)
Subnet Mask
Default Gateway
DNS
This is the ISP’s IP address gateway
This is the ISP’s DNS server IP address
Click <OK> when you have finished the configuration above. Congratulations! You have completed the
configuration for the Fixed-IP x DSL connection. You can start using the router now, if you wish to use some
of the advance features supported by this router see chapter 2, 3, 4.
1.3 PPPoE
Select PPPoE if your ISP requires the PPPoE protocol to connect you to the Internet. Your ISP should
provide all the information required in this section.
15
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Login ID
Description
Enter the Login ID provided by your ISP for the PPPoE connection
Enter the Password provided by your ISP for the PPPoE connection
Password
This is optional. Enter the Service name should your ISP requires it, otherwise
leave it blank.
Service Name
AC Name
MTU
This is optional. Enter the AC Name should your ISP requires it, otherwise
leave it blank.
This is optional. You can specify the maximum size of your transmission packet
to the Internet. Leave it as it is if you to not wish to set a maximum packet size.
If checked, gateway won’t dial this session until received a packet that
requested Internet access. If unchecked, gateway dials this session
immediately after system powered up.
Dial On Demand
Silent Timeout
If specified a non-zero value, gateway disconnects this session after specified
idle time.
If checked, gateway redials this session if session previously terminated by
ISP.
Auto Reconnect
Auth Type
Select PAP or CHAP for the authentication type requested by your ISP.
Click <OK> when you have finished the configuration above. Congratulations! You have completed the
configuration for the PPPoE connection. You can start using the router now, if you wish to use some of the
advance features supported by this router see chapter 2, 3, 4.
1.4 PPTP
Select PPTP if your ISP requires the PPTP protocol to connect you to the Internet. Your ISP should provide
all the information required in this section.
16
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Description
The ISP requires you to obtain an IP address by DHCP automatically before
connecting to the PPTP server.
Obtain an IP address
Use the following IP The ISP give you a static IP to be used to connect to the PPTP server.
address
This is the IP address that your ISP has given you to establish a PPTP
IP Address
connection.
Subnet Mask
Gateway
Enter the Subnet Mask provided by your ISP (e.g. 255.255.255.0)
Enter the IP address of the ISP Gateway
If your LAN has a PPTP gateway, then enter that PPTP gateway IP address
here. If you do not have a PPTP gateway then enter the ISP’s Gateway IP
address above
PPTP Server
Enter the User Name provided by your ISP for the PPTP connection.
Sometimes called a Connection ID
Login ID
Password
MTU
Enter the Password provided by your ISP for the PPTP connection
This is optional. You can specify the maximum size of your transmission packet
to the Internet. Leave it as it is if you to not wish to set a maximum packet size.
If specified a non-zero value, gateway disconnects this session after specified
idle time.
Silent Timeout
Dial On Demand
Auto Reconnect
If checked, gateway won’t dial this session until received a packet that
requested Internet access. If unchecked, gateway dials this session
immediately after system powered up.
If checked, gateway redials this session if session previously terminated by
ISP.
BEZEQ-ISRAEL
Auth Type
Select this item if you are using the service provided by BEZEQ in Israel.
Select PAP or CHAP for the authentication type requested by your ISP.
Click <OK> when you have finished the configuration above. Congratulations! You have completed the
configuration for the PPTP connection. You can start using the router now, if you wish to use some of the
advance features supported by this router see chapter 2, 3, 4.
17
Download from Www.Somanuals.com. All Manuals Search And Download.
1.5 L2TP
Select L2TP if your ISP requires the L2TP protocol to connect you to the Internet. Your ISP should provide
all the information required in this section.
Parameter
Description
The ISP requires you to obtain an IP address by DHCP automatically before
connecting to the L2TP server.
Obtain an IP address
Use the following IP The ISP gives you a static IP to be used to connect to the L2TP server.
address
This is the IP address that your ISP has given you to establish a L2TP
IP Address
connection.
Subnet Mask
Gateway
Enter the Subnet Mask provided by your ISP (e.g. 255.255.255.0)
Enter the IP address of the ISP Gateway
If your LAN has a L2TP Server, then enter that L2TP Server IP address here. If
you do not have a L2TP Server then enter the ISP’s Gateway IP address above
L2TP Server
Enter the User Name provided by your ISP for the PPTP connection.
Sometimes called a Connection ID
Login ID
Password
MTU
Enter the Password provided by your ISP for the PPTP connection
This is optional. You can specify the maximum size of your transmission packet
to the Internet. Leave it as it is if you to not wish to set a maximum packet size.
If specified a non-zero value, gateway disconnects this session after specified
idle time.
Silent Timeout
If checked, gateway won’t dial this session until received a packet that
requested Internet access. If unchecked, gateway dials this session immediately
after system powered up.
Dial On Demand
Auto Reconnect
Auth Type
If checked, gateway redials this session if session previously terminated by ISP.
Select PAP or CHAP for the authentication type requested by your ISP.
Click <OK> when you have finished the configuration above. Congratulations! You have completed the
configuration for the L2TP connection. You can start using the router now, if you wish to use some of the
advance features supported by this router see chapter 2, 3, 4.
18
Download from Www.Somanuals.com. All Manuals Search And Download.
Chapter 2
General Settings
Once you click on the General Setup button at the Home Page, you should see the screen below.
If you have already configured the Quick Setup Wizard you do NOT need to configure anything thing in the
General Setup screen for you to start using the Internet.
The General Setup contains advanced features that allow you to configure the router to meet your network’s
needs such as: Wireless, Address Mapping, Virtual Server, Access Control, Hacker Attack Prevention,
Special Applications, DMZ and other functions.
Below is a general description of what advance functions are available for this broadband router.
Menu
Description
This section allows you to set the Broadband router’s system Time Zone,
Password and Remote Management Administrator.
System
This section allows you to select the connection method in order to establish a
connection with your ISP (same as the Quick Setup Wizard section)
WAN
LAN
You can specify the LAN segment’s IP address, subnet Mask, enable/disable
DHCP and select an IP range for your LAN
Wireless
QoS
You can setup the wireless LAN’s SSID, WEP key, MAC filtering.
You can setup the QoS bandwidth control policy.
You can configure the Address Mapping, Virtual Server and Special
Applications functions in this section. This allows you to specify what
user/packet can pass your router’s NAT.
NAT
The Firewall section allows you to configure Access Control, Hacker Prevention
and DMZ.
Firewall
Select one of the above General Setup selections and proceed to the manual’s relevant sub-section
19
Download from Www.Somanuals.com. All Manuals Search And Download.
2.1 System
The system screen allows you to specify a time zone, to change the system password and to specify a
remote management user for the broadband router.
Parameter
Description
System Settings
Select the time zone of the country you are currently in. The router will set its
time based on your selection.
Time Zone
Allows you to select a password in order to access the web-based
management website.
Password Settings
Remote Management
You can specify a Host IP address that can perform remote management
functions.
Select one of the above three system settings selections and proceed to the manual’s relevant sub-section
2.1.1 Time Zone
The Time Zone allows your router to reference or base its time on the settings configured here, which will
affect functions such as Log entries and Firewall settings.
20
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Time Zone
Description
Select the time zone of the country you are currently in. The router will set its
time based on your selection.
NTP Server #
Time
You can manually assign three time server addresses here.
Here shows the time of current router setting.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.1.2 Password Settings
You can change the password required to log into the broadband router's system web-based management.
By default, there is no password. So please assign a password to the Administrator as soon as possible, and
store it in a safe place. Passwords can contain 0 to 12 alphanumeric characters, and are case sensitive.
Parameter
Account
Description
Enter your account name to login to your Broadband router.
Enter your password
Password
Enter your password again for verification purposes
Confirmed Password Note: If you forget your password, you’ll have to reset the router to the factory
default (password is 1234) with the reset button (see router’s back panel)
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
21
Download from Www.Somanuals.com. All Manuals Search And Download.
2.1.3 Remote Management
The remote management function allows you to designate a host in the Internet the ability to configure the
Broadband router from a remote site. Enter the designated host IP Address in the Host IP Address field.
Parameter
IP Address
Description
Please specify the IP range to the Remote Management IP fields. All the
Internet IPs that inside this range can manage this router from WAN side.
To avoid conflict of virtual server at port 80, user can specify a different port in
Remote Management Port for WAN side access.
Port
Ping from WAN side is turned on by default and could be turned off if the Enable
checkbox is unchecked.
Ping from WAN side
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
22
Download from Www.Somanuals.com. All Manuals Search And Download.
2.2 WAN
Use the WAN Settings screen if you have already configured the Quick Setup Wizard section and you would
like to change your Internet connection type. The WAN Settings screen allows to specify the type of WAN
port connect you want to establish with your ISP. The WAN settings offer the following selections for the
router’s WAN port, Dynamic IP, Static IP Address, PPPoE, PPTP, L2TP and DDNS.
Parameter
Static IP
DHCP
Description
Your ISP has given you an IP address already
Your ISP will automatically give you an IP addres
Your ISP requires PPPoE connection.
PPPoE
Your ISP requires you to use a Point-to-Point Tunneling Protocol (PPTP)
connection.
PPTP
L2TP
Your ISP requires L2TP connection.
You can specify a DDNS server that you wish to use and configure the user
name and password provided by you DDNS service provider.
DDNS
Once you have made a selection, click <More Configuration> at the bottom of the screen and proceed to
the manual’s relevant sub-section
2.2.1 Static IP
Select Static IP address if your ISP has given you a specific IP address for you to use. Your ISP should
provide all the information required in this section. (See chapter 1 “Static IP Address” for more detail)
2.2.2 DHCP
Choose the DHCP selection if your ISP will automatically give you an IP address. Some ISP’s may also
require that you fill in additional information such as MAC address (see chapter 1 “Dynamic IP” for more
detail)
2.2.3 PPPoE (PPP over Ethernet)
Select PPPoE if your ISP requires the PPPoE protocol to connect you to the Internet. Your ISP should
provide all the information required in this section. (See chapter 1 “PPPoE” for more detail)
23
Download from Www.Somanuals.com. All Manuals Search And Download.
2.2.4 PPTP
Select PPTP if your ISP requires the PPTP protocol to connect you to the Internet. Your ISP should provide
all the information required in this section. (See chapter 1 “PPTP” for more detail)
2.2.5 L2TP
Select L2TP if your ISP requires the L2TP protocol to connect you to the Internet. Your ISP should provide
all the information required in this section. (See chapter 1 “L2TP” for more detail)
2.2.6 DDNS
DDNS allows you to map the static domain name to a dynamic IP address. You must get an account,
password and your static domain name from the DDNS service providers. This router supports DynDNS,
TZO and other common DDNS service providers.
Parameter
Service Type
Username
Password
Description
Select a DDNS service provider or select Disabled to disable DDNS function.
The account that your DDNS service provider assigned to you
The password you set for the DDNS service account above
Your static domain name that use DDNS
Host Name
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
24
Download from Www.Somanuals.com. All Manuals Search And Download.
2.3 LAN
The LAN Port screen below allows you to specify a private IP address for your router’s LAN ports as well as
a subnet mask for your LAN segment.
Parameter
IP address
Description
This is the router’s LAN port IP address (Your LAN clients default gateway IP
address)
IP Subnet Mask
Specify a Subnet Mask for your LAN segment
You can enable or disable the DHCP server. By enabling the DHCP server the
router will automatically give your LAN clients an IP address. If the DHCP is not
DHCP Server Status enabled then you’ll have to manually set your LAN client’s IP addresses; make
sure the LAN Client is in the same subnet as this broadband router if you want
the router to be your LAN client’s default gateway
You can select a particular IP address range for your DHCP server to issue IP
addresses to your LAN Clients.
IP Address Pool
WINS Server
You can specify the WINS server to assign to DHCP clients.
Provide Real DNS
Server
When check this box, DHCP server will provide WAN DNS server to DHCP
clients. Otherwise, DHCP server will provide itself as the DNS server.
Domain from upper
DHCP
Enable this to assign the domain name from WAN connection.
Static DHCP leases is for user to statically associate an IP address to a
specific MAC address.
Static DHCP leases
Dynamic DHCP Client Dynamic DHCP Client List shows all IP addresses already assigned and the
List corresponding LAN PC hostname and their MAC addresses.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
25
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4 Wireless
Wireless Access Point builds a wireless LAN and can let all PCs equipped with IEEE 802.11b or 801.11g
wireless network adaptor connect to your Intranet. It supports WEP and WPA2 encryption to enhance the
security of your wireless network.
2.4.1 Basic Settings
You can set parameters that are used for the wireless stations to connect to this router. The parameters
include Mode, ESSID, Channel Number and Associated Client.
AP Mode setting Page
26
Download from Www.Somanuals.com. All Manuals Search And Download.
AP Bridge-Point to Point mode setting page
AP Bridge-Point to Multi-Point mode setting page
27
Download from Www.Somanuals.com. All Manuals Search And Download.
AP Bridge-WDS mode setting page
Parameter
Description
Operation Mode
It allows you to set the AP to AP, Bridge or WDS mode.
It allows you to set the AP fix at 802.11b or 802.11g mode. You also can select
B+G mode to allow the AP select 802.11b and 802.11g connection
automatically.
RF Band
This is the name of the wireless LAN. All the devices in the same wireless LAN
should have the same ESSID.
SSID
The channel used by the wireless LAN. All devices in the same wireless LAN
should use the same channel.
Channel Number
If you want to bridge more than one networks together with wireless LAN, you
have to set this access point to “AP Bridge-Point to Point mode”, “AP Bridge-
Point to Multi-Point mode” or “AP Bridge-WDS mode”. You have to enter the
MAC addresses of other access points that join the bridging work.
MAC address
Set Security
Click the “Set Security” button, then a “WDS Security Settings” will pop up. You
can set the security parameters used to bridge access points together here
when your AP is in AP Bridge modes. You can refer to section 4.3 “Security
Settings” for how to set the parameters.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.4.2 Advanced Settings
You can set advanced wireless LAN parameters of this router. The parameters include Authentication Type,
Fragment Threshold, RTS Threshold, Beacon Interval, Preamble Type …… You should not change these
parameters unless you know what effect the changes will have on this router.
28
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Description
"Fragment Threshold" specifies the maximum size of packet during the
Fragment Threshold fragmentation of data to be transmitted. If you set this value too low, it will
result in bad performance.
When the packet size is smaller the RTS threshold, the wireless router will not
RTS Threshold
use the RTS/CTS mechanism to send this packet.
The interval of time that this wireless router broadcast a beacon. Beacon is
used to synchronize the wireless network.
Beacon Interval
The DTIM period you specify here indicates how often the clients served by this
DTIM Period
access point should check for buffered data still on the AP awaiting pickup.
The “Data Rate” is the rate this access point uses to transmit data packets. The
Max Data Rate
Preamble Type
access point will use the highest possible selected transmission rate to transmit
the data packets.
The “Long Preamble” can provide better wireless LAN compatibility while the
“Short Preamble” can provide better wireless LAN performance.
If you enable “Broadcast ESSID”, every wireless station located within the
coverage of this access point can discover this access point easily. If you are
building a public wireless network, enabling this feature is recommended.
Disabling “Broadcast ESSID” can provide better security.
Broadcast ESSID
CTS Protect
It is recommended to enable the protection mechanism. This mechanism can
decrease the rate of data collision between 802.11b and 802.11g wireless
stations. When the protection mode is enabled, the throughput of the AP will be
a little lower due to many of frame traffic should be transmitted.
You can adjust the wireless transmit power here. By reduce the tx power can
let the wireless signal only cover your working area.
Tx Power
Turbo Mode
By enable the turbo mode can enhance the throughput up to 35Mbps.
WMM stands for Wi-Fi Multimedia. It is a standard created to define quality of
service (QoS) in Wi-Fi networks. This adds prioritized capabilities to Wi-Fi
networks and optimizes their performance when multiple concurring
applications, each with different latency and throughput requirements, compete
for network resources.
WMM
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router.
29
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4.3 Security
This Router provides complete wireless LAN security functions, include WEP, IEEE 802.11x, IEEE 802.11x
with WEP, WPA with pre-shared key and WPA with RADIUS. With these security functions, you can prevent
your wireless LAN from illegal access. Please make sure your wireless stations use the same security
function.
2.4.3.1 WEP only
When you select 64-bit or128-bit WEP key, you have to enter WEP keys to encrypt data. You can generate
the key by yourself and enter it. You can enter four WEP keys and select one of them as default key. Then
the router can receive any packets encrypted by one of the four keys
Parameter
Method
Description
You can select the WEP key length for encryption, 64-bit or 128-bit. Larger WEP
key length will provide higher level of security, but the throughput will be lower.
When using shared key, user must input 10 hexadecimal digits for WEP64 and
26 digits for WEP128. All the four WEP keys are set identical.
Authentication
Key
The WEP keys are used to encrypt data transmitted in the wireless network. Fill
the text box by following the rules : 64-bit WEP: input 10-digit Hex values (in the
"A-F", "a-f" and "0-9" range) as the encryption keys. 128-bit WEP: input 26-digit
Hex values (in the "A-F", "a-f" and "0-9" range) as the encryption keys.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.4.3.2 802.1x only
IEEE 802.1x is an authentication protocol. Every user must use a valid account to login to this Access Point
before accessing the wireless LAN. The authentication is processed by a RADIUS server. This mode only
authenticates user by IEEE 802.1x, but it does not encryption the data during communication.
30
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Description
The service port of the external RADIUS server.
The IP address of external RADIUS server.
RADIUS Server Port
RADIUS Server IP
address
RADIUS Server Password The password used by external RADIUS server.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.4.3.3 802.1x WEP Static key
IEEE 802.1x is an authentication protocol. Every user must use a valid account to login to this Access Point
before accessing the wireless LAN. The authentication is processed by a RADIUS server. This mode also
uses WEP to encrypt the data during communication.
For the WEP settings, please refer to section 2.4.3.1 “WEP only”. For the 802.1x settings, please refer to
section 2.4.3.2 “802.1x only”.
31
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4.3.4 WPA/WPA2 Pre-shared key
Wi-Fi Protected Access (WPA) is an advanced security standard. You can use a pre-shared key to
authenticate wireless stations and encrypt data during communication. It uses TKIP or CCMP(AES) to
change the encryption key frequently. So the encryption key is not easy to be broken by hackers. This can
improve security very much.
Parameter
Description
TKIP can change the encryption key frequently to enhance the wireless LAN
security.
WPA(TKIP)
This use CCMP protocol to change encryption key frequently. AES can provide
high level encryption to enhance the wireless LAN security.
WPA2(AES)
Key Setting
The Pre-shared key is used to authenticate and encrypt data transmitted in the
wireless network. Fill the text box by following the rules below. At least 8
characters pass phrase as the pre-shared keys.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
32
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4.3.5 WPA/WPA2 Radius
Wi-Fi Protected Access (WPA) is an advanced security standard. You can use an external RADIUS server to
authenticate wireless stations and provide the session key to encrypt data during communication. It uses
TKIP or CCMP(AES) to change the encryption key frequently. This can improve security very much.
Parameter
Description
TKIP can change the encryption key frequently to enhance the wireless LAN
security.
WPA(TKIP)
This use CCMP protocol to change encryption key frequently. AES can provide
high level encryption to enhance the wireless LAN security.
WPA2(AES)
RADIUS Server IP
address
The IP address of external RADIUS server.
RADIUS Server Port The service port of the external RADIUS server.
RADIUS Server
Password
The password used by external RADIUS server.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
33
Download from Www.Somanuals.com. All Manuals Search And Download.
2.4.4 Access Control
This wireless router provides MAC Address Control, which prevents the unauthorized MAC Addresses from
accessing your wireless network.
Parameter
Description
Enable wireless access Enable wireless access control
control
Fill in the "MAC Address" and "Comment" of the wireless station to be added
and then click "Apply". Then this wireless station will be added into the Access
Control List. If you find any issues before adding it and want to retype again.
Just click "Reset" and both "MAC Address" and "Comment" fields will be
cleared.
Add MAC address into
the list
If you want to remove some MAC address from the Access Control List, select
Remove MAC address the MAC addresses you want to remove in the list and then click "Delete
from list
Selected". If you want remove all MAC addresses from the table, just click
"Delete All" button. Click "Reset" will clear your current selections.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
34
Download from Www.Somanuals.com. All Manuals Search And Download.
This router supports various types of QoS – Port-based QoS, Rate Policing QoS, and Guaranteed/Spare
Class QoS.
For Port based QoS, user can specify the High/Low queue priority for each Ethernet port and can apply total
rate limit to any port from 128Kbps to 32Mbps or at Full-rate(100Mbps). Flow control can also be
enabled/disabled on per-port basis.
For Application based QoS, user can specify a destination port number and associate it with a egress
priority(High or Low). For example, in Fig 35, if user config port 7297 with high priority, then user would
experience better service quality for such flows.
Parameter
Description
User can differentiate packet priority by L4 port number or by physical Ethernet
port number.
Port-based QoS
User can specify a L3/4 criterion and associate it with a maximum token
(packet rate or data rate based).
Rate Policing QoS
Guaranteed/Spare
Class QoS
Your ISP requires PPPoE connection.
35
Download from Www.Somanuals.com. All Manuals Search And Download.
2.5.1 Port-based QoS
For Application based QoS, user can specify a destination port number and associate it with a egress
priority(High or Low). For example, if user config port 7297 with high priority, then user would experience
better service quality for such flows.
For Port based QoS, user can specify the High/Low queue priority for each Ethernet port and can apply total
rate limit to any port from 128Kbps to 32Mbps or at Full-rate(100Mbps). Flow control can also be
enabled/disabled on per-port basis.
Parameter
Description
Enable QoS by
Application
Enable application-based QoS.
Set the priority of the specified protocol name or port number to higher or
lower priority.
Protocol/Specific Port#
Enable QoS by device Enable Port-based QoS.
port
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
36
Download from Www.Somanuals.com. All Manuals Search And Download.
2.5.2 Rate Policing QoS
This router supports Rate Policing QoS. User can specify a L3/4 criterion and associate it with a maximum
token (packet rate or data rate based). If a packet arrives and it matches to a rate policing entry, router
decreases entry’s allocated token by one (if pps based) or by packet length in bytes(if bps based). If
unfortunately the packet just run out of allocated tokens, then it would be dropped directly or logged to
software, depends on the setting of Drop Log field.
Parameter
Src/dst
Description
If you want to monitor the source IP of the packets, please select src IP.
Otherwise, please select dst IP.
IP Address
IP Mask
Specify the IP Address that you want to limit the transmit/receive rate.
If you want to limit a subnet, you can specify the subnet mask here.
Specify the protocol you want to monitor, it can be TCP / UDP / or IP only.
Protocol
Specify the port ranges that you want to monitor. To classify all TCP or UDP
packets within same IP address / mask (regardless of port number) as same
rate policy, set 0 to both Start Port and End Port.
Start / End Port
Rate / Unit /
isByteCount
Specify the rate, unit, and the type of the limitation.
Select the behavior when the flow is over limitation. You can just drop the
packets or drop packet and log it.
Drop Log
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
37
Download from Www.Somanuals.com. All Manuals Search And Download.
2.5.3 Guaranteed / Spare Class QoS
User can first specify maximum WAN total bandwidth and then set bandwidth allocation rules according to
two different classes: Guaranteed or Spared. Rules in Guaranteed class are guaranteed to have specified
percentage of WAN Total bandwidth. At any period of time, if the aggregated bandwidth used by flows in
guaranteed class doesn’t exceed total bandwidth, the spared bandwidth is then available for allocating to the
flows in Spared class, according to the percentage configured.
For example, 192.168.1.1 is guaranteed to have 50Mbps bandwidth if it needs and 192.168.1.2 has 25Mbps
guaranteed on demand. If for a period of time, the aggregated bandwidth used by both hosts is 40Mbps , so
only 40% WAN bandwidth is consumed by Guaranteed class flows, then all other hosts in 192.168.1.0 can
compete to use the spared 60Mbps WAN bandwidth. If there exists another LAN on gateway, say,
192.168.2.0/24, then they can only use the rested bandwidth consumed by guaranteed and spared class.
Parameter
Queue ID
Description
The Queue (Group) ID groups all the connections with the same Queue ID into
one rule and these connections share the same bandwidth in this rule.
If you want to monitor the source IP of the packets, please select src IP.
Otherwise, please select dst IP.
Src/Dst
IP Address
IP Mask
Specify the IP Address that you want to limit the transmit/receive rate.
If you want to limit a subnet, you can specify the subnet mask here.
Specify the protocol you want to monitor, it can be TCP / UDP / or IP only.
Protocol
Specify the port ranges that you want to monitor. To classify all TCP or UDP
packets within same IP address / mask (regardless of port number) as same
rate policy, set 0 to both Start Port and End Port.
Start / End Port
Bandwidth allocation Guaranteed or Spare.
policy
Percentage
Input the percentage of total bandwidth that this queue have.
Differentiated Services Code Point is a model in which traffic is treated by
intermediate systems with relative priorities based on the type of services. If
you want to mark this Queue to specified DSCP type, enable this option and
filled a value in the DSCP value field.
DSCP Marking
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
38
Download from Www.Somanuals.com. All Manuals Search And Download.
2.6 NAT
Network Address Translation (NAT) allows multiple users at your local site to access the Internet through a
single Public IP Address or multiple Public IP Addresses. NAT provides Firewall protection from hacker
attacks and has the flexibility to allow you to map Private IP Addresses to Public IP Addresses for key
services such as Websites and FTP.
Parameter
Description
You can have different services (e.g. email, FTP, Web etc.) going to different
service servers/clients in your LAN. The Virtual Server allows you to re-direct
a particular service port number (from the Internet/WAN Port) to a particular
LAN IP address and its service port number.
Virtual Server
Some applications require multiple connections, such as Internet games,
Special Applications video conferencing, Internet telephony and others. In this section you can
configure the router to support these types of applications.
You can select special applications that need “Application Layer Gateway” to
ALG Setting
support here.
It allows to Enable or Disable UPnP feature here. After you enable the UPnP
feature, all client systems that support UPnP, like Windows XP, can discover
this router automatically and access the Internet through this router without
any configuration. The NAT Traversal function provided by UPnP can let
UPnP Setting
applications that support UPnP smoothly connect to Internet sites without
any incompatibility problem due to the NAPT port translation.
Static Routing
You can disable NAT function and setup the routing rules manually.
Click on one of the five NAT selections and proceed to the manual's relevant sub-section.
39
Download from Www.Somanuals.com. All Manuals Search And Download.
2.6.1 Virtual Server
Use the Virtual Server function when you want different servers/clients in your LAN to handle different
service/Internet application type (e.g. Email, FTP, Web server etc.) from the Internet. Computers use
numbers called port numbers to recognize a particular service/Internet application type. The Virtual Server
allows you to re-direct a particular service port number (from the Internet/WAN Port) to a particular LAN
private IP address and its service port number. (See Glossary for an explanation on Port number)
Parameter
Description
Enter the service (service/Internet application) port number from the Internet that
will be re-directed to the above Private IP address host in your LAN
Note: Virtual Server function will have priority over the DMZ function if there is a
conflict between the Virtual Server and the DMZ settings.
WAN Port Range
This is the LAN client/host IP address that the Public Port number packet will be
sent to.
Server IP Address
Note: You need to give your LAN PC clients a fixed/static IP address for Virtual
Server to work properly.
This is the port number (of the above Private IP host) that the below Public Port
number will be changed to when the packet enters your LAN (to the LAN
Server/Client IP)
Server Port Range
Protocol
Select the port number protocol type (TCP, UDP).
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
Example: Virtual Server
The diagram below demonstrates one of the ways you can use the Virtual Server function. Use the Virtual
Server when you want the web server located in your private LAN to be accessible to Internet users. The
configuration below means that any request coming form the Internet to access your web server will be
translated to your LAN’s web server (192.168.2.2).
Note: For the virtual server to work properly Internet/remote users must know your global IP address. (For
websites you will need to have a fixed/static global/public IP address)
40
Download from Www.Somanuals.com. All Manuals Search And Download.
2.6.2 Special Applications
Some applications require multiple connections, such as Internet games, video conferencing, Internet
telephony and others. In this section you can configure the router to support multiple connections for these
types of applications.
41
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Name
Description
The description of this setting.
Incoming Type
Select the Inbound port protocol type: “TCP”, “UDP” or both
Enter the In-coming (Inbound) port or port range for this type of application
(e.g. 2300-2400, 47624)
Incoming Port Range Note: Individual port numbers are separated by a comma (e.g. 47624, 5775,
6541 etc.). To input a port range use a “dash” to separate the two port number
range (e.g. 2300-2400)
Trigger Type
Select whether the outbound port protocol is “TCP”, “UDP” or both.
Trigger Start/Finish
Range
This is the out-going (Outbound) range of port numbers for this particular
application
Enable
Enable the specified Special Application function.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
Example: Special Applications
If you need to run applications that require multiple connections, then specify the port (outbound) normally
associated with that application in the "Trigger Port" field. Then select the protocol type (TCP or UDP) and
enter the public ports associated with the trigger port to open them up for inbound traffic.
Example:
Incoming
Port
Range
Incoming
Type
Trigger
Start Port
Name
Trigger Type
Trigger Finish Port
Enable
MSN
Game
Zone
2300-2400,
47624
TCP
UDP
UDP
UDP
28800
6112
28800
6112
MSN Game Zone
Battle.net
Battle.net
6112
In the example above, when a user trigger’s port 28800 (outbound) for MSN Game Zone then the router will
allow incoming packets for ports 2300-2400 and 47624 to be directed to that user. Note: Only one LAN
client can use a particular special application at a time.
42
Download from Www.Somanuals.com. All Manuals Search And Download.
2.6.3 ALG Settings
You can select applications that need “Application Layer Gateway” to support.
Parameter
Enable
Description
You can select to enable “Application Layer Gateway”, then the router will let
that application correctly pass though the NAT gateway.
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.6.4 UPnP Settings
With UPnP, all PCs in you Intranet will discover this router automatically. So you do not have to do any
configuration for your PC and can access the Internet through this router easily.
43
Download from Www.Somanuals.com. All Manuals Search And Download.
Parameter
Description
You can Enable or Disable UPnP feature here. After you enable the UPnP
feature, all client systems that support UPnP, like Windows XP, can discover
this router automatically and access the Internet through this router without any
configuration. The NAT Traversal function provided by UPnP can let
applications that support UPnP smoothly connect to Internet sites without any
incompatibility problem due to the NAPT port translation.
UPnP Feature
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
2.6.5 Static Routing
This router provides Static Routing function when NAT is disabled. With Static Routing, the router can
forward packets according to your routing rules. The IP sharing function will not work any more in Static
Routing mode.
Note: The DMZ function of firewall will not work if static routing is enabled.
Parameter
Route
Description
The network address of destination LAN.
Route Mask
The subnet mask of destination LAN.
The next stop gateway of the path toward the destination LAN. This is the IP of
the neighbor router that this router should communicate with on the path to the
destination LAN.
Next Hop IP
Interface
The interface that go to the next hop (router).
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
44
Download from Www.Somanuals.com. All Manuals Search And Download.
2.7 Firewall
The Broadband router provides extensive firewall protection by restricting connection parameters, thus
limiting the risk of hacker attack, and defending against a wide array of common Internet attacks. However,
for applications that require unrestricted access to the Internet, you can configure a specific client/server as a
Demilitarized Zone (DMZ).
Note: To enable the Firewall settings select Enable and click Apply
Parameter
Access Control List
URL Filter
Description
Access Control List allows you to specify which hosts users can or cannot have
access to certain Internet applications
URL Filter allows you to specify which URLs can’t be accessed by users.
The Broadband router's firewall can block common hacker attacks and can log
the attack activities.
Anti-DoS
The DMZ Host function allows you to re-direct all packets going to your WAN
port IP address to a particular IP address in your LAN.
DMZ Host
Click on one of the firewall selections and proceed to the manual’s relevant sub-section
45
Download from Www.Somanuals.com. All Manuals Search And Download.
2.7.1 Access Control List
If you want to restrict users from accessing certain Internet applications/services (e.g. Internet websites,
email, FTP etc.), then this is the place to set that configuration. Access Control allows users to define the
traffic type permitted in your LAN. You can control which PC client can have access to these services.
Parameter
Policy
Description
User can choose to log or not to log packets which match any configured ACL.
Ingress means packets from LAN to Gateway and Egress means packets from
Gateway to WAN. Pay special attention to the “Egress, source IP/port” direction
group. The source IP address of an LAN-to-WAN packet will be already
changed to gateway’s public IP address. That means if you created a system-
wise egress rule, please specifying the Gateway WAN IP address as the
source IP.
Direction/IP
Specify the traffic type here. You can pick TCP for TCP traffic, UDP for UDP
traffic, or IP for all kind of IP traffic.
Type
Port
Specify the TCP/UDP port number for filtered traffic.
You can select a range of day and time that the specified PCs will not able to
access the Internet on these time period.
Day/Time
Enable
You can Enable/Disable some policies by check their enable checkbox.
You can now configure other advance sections or start using the router (with the advance settings in place)
46
Download from Www.Somanuals.com. All Manuals Search And Download.
Example: Access Control
In the example below, LAN client A can only access websites that use Port 80. However, LAN client B is able
to access websites and any other service that uses ports between 80 and 999.
47
Download from Www.Somanuals.com. All Manuals Search And Download.
2.7.2 URL Filter
You can block access to some Web sites from particular PCs by entering a full URL address or just keyword
of the Web site.
Parameter
Description
You can enter the full URL address or the keyword of the web site you want to
block.
URL String Pattern
Source IP Range
You can specify a range of LAN PCs that apply to the URL filter feature.
Enable URL Blocking Check the check box to Enable URL Blocking
You can now configure other advance sections or start using the router (with the advance settings in place)
48
Download from Www.Somanuals.com. All Manuals Search And Download.
2.7.3 Anti-DoS (Denial of Service)
The Broadband router's firewall can block common hacker attacks, including Denial of Service, Ping of Death,
Port Scan and Sync Flood. If Internet attacks occur the router can log the events.
Parameter
Description
DoS Prevention Enable Enables selected Anti-DoS features.
Ignore LAN-Side Check Skip DoS checks for all LAN WAN packets.
Whole system flood System-wide DoS threshold for SYN/FIN/UDP/ICMP flooding.
SYN/FIN/UDP/ICMP flooding threshold per host. Offending host would be
Per-source IP flood
blocked for 120 seconds (default) if Source IP Blocking is enabled.
Whole system FlowCnt System-wide Flow Count Control for TCP/UDP or both protocols.
Control
Per-source IP FlowCnt SYN/FIN/UDP/ICMP Flow Count Control per host. Offending host would be
Control
blocked for 120 seconds (default) if Source IP Blocking is enabled.
Port scan detection. Sensitivity could be Low or High.
System-wide Dos detection.
TcpUdpPortScan
All DoS items
Click <Apply> at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
49
Download from Www.Somanuals.com. All Manuals Search And Download.
2.7.4 DMZ
If you have a local client PC that cannot run an Internet application (e.g. Games) properly from behind the
NAT firewall, then you can open the client up to unrestricted two-way Internet access by defining a DMZ Host.
The DMZ function allows you to re-direct all packets going to your WAN port IP address to a particular IP
address in your LAN. The difference between the virtual server and the DMZ function is that the virtual server
re-directs a particular service/Internet application (e.g. FTP, websites) to a particular LAN client/server,
whereas DMZ re-directs all packets (regardless of services) going to your WAN IP address to a particular
LAN client/server.
Parameter
Description
Enable/disable DMZ
Note: If there is a conflict between the Virtual Server and the DMZ setting, then
Virtual Server function will have priority over the DMZ function.
DMZ Host Input the IP address of a particular host in your LAN that will receive
all the packets originally going to the WAN port/Public IP address above
Note: You need to give your LAN PC clients a fixed/static IP address for DMZ to
work properly.
Enable DMZ
General L4 protocol
forward
Check this to enable the general layer 4 protocol forwarding function.
ICMP forward
Check this to allow the ICMP packets forward to the DMZ host.
You can now configure other advance sections or start using the router (with the advance settings in place
50
Download from Www.Somanuals.com. All Manuals Search And Download.
Chapter 3
Status
The Status section allows you to monitor the current status of your router. You can use the Status page to
monitor: the connection status of the Broadband router's WAN/LAN interfaces, the current firmware and
hardware version numbers, any illegal attempts to access your network, and information on all DHCP client
PCs currently connected to your network.
Parameter
Status and Information Shows the router’s system information
This router supports five types of Log messages: System Log, ACL Log, URL
Description
Logs
filter, DoS Log and New connection Log.
Select one of the above five Status selections and proceed to the manual’s relevant sub-section
51
Download from Www.Somanuals.com. All Manuals Search And Download.
3.1 Status and Information
The Status and Information section allows you to view the router’s system information
Parameter
Information
Description
You can see the router’s system information such as the router’s: System
Information, LAN Information, WAN Information, and Wireless Information.
3.2 Logs
This router supports five types of Log messages: System Log, ACL Log, URL filter, DoS Log and New
connection Log. You can Enable or Disable each of these Logs.
3.2.1 System Log
52
Download from Www.Somanuals.com. All Manuals Search And Download.
Chapter 4
Tool
This page includes the basic configuration tools, such as Configuration Tools (save or restore configuration
settings), Firmware Upgrade (upgrade system firmware) and Reset.
Parameter
Description
This shows your current firmware version.
Firmware Version
This tool allows you to upgrade the Broadband router’s system firmware. To
upgrade the firmware of your Broadband router, you need to download the
firmware file to your local hard disk, and enter that file name and path in the
appropriate field on this page. You can also use the Browse button to find the
firmware file on your PC.
Firmware Upgrade
Factory Default
You can use the "Factory Defaults" tool to force the Broadband router to
perform a power reset and restore the original factory settings.
In the event that the system stops responding correctly or in some way stops
functioning, you can perform a reset. Your settings will not be changed. To
perform the reset, click on the System Restart button. You will be asked to
confirm your decision. The reset will be complete when the power light stops
blinking. Once the reset process is complete you may start using the router
again.
System Restart
Select one of the above three Tools Settings selection and proceed to the manual’s relevant sub-section
54
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix A
How to Manually find your PC’s IP and MAC address
1) In Window’s open the Command Prompt program
2) Type Ipconfig /all and <enter>
•
•
•
Your PC’s IP address is the one entitled IP address (192.168.1.77)
The router’s IP address is the one entitled Default Gateway (192.168.1.254)
Your PC’s MAC Address is the one entitled Physical Address (00-50-FC-FE-02-DB)
55
Download from Www.Somanuals.com. All Manuals Search And Download.
Glossary
Default Gateway (Router): Every non-router IP device needs to configure a default gateway’s IP address.
When the device sends out an IP packet, if the destination is not on the same network, the device has to
send the packet to its default gateway, which will then send it out towards the destination.
DHCP: Dynamic Host Configuration Protocol. This protocol automatically gives every computer on your
home network an IP address.
DNS Server IP Address: DNS stands for Domain Name System, which allows Internet servers to have a
DNS server keeps a database of Internet servers and their respective domain names and IP addresses, so
that when a domain name is requested (as in typing "Broadbandrouter.com" into your Internet browser), the
user is sent to the proper IP address. The DNS server IP address used by the computers on your home
network is the location of the DNS server your ISP has assigned to you.
DSL Modem: DSL stands for Digital Subscriber Line. A DSL modem uses your existing phone lines to
transmit data at high speeds.
Ethernet: A standard for computer networks. Ethernet networks are connected by special cables and hubs,
and move data around at up to 10/100 million bits per second (Mbps).
Idle Timeout: Idle Timeout is designed so that after there is no traffic to the Internet for a pre-configured
amount of time, the connection will automatically be disconnected.
IP Address and Network (Subnet) Mask: IP stands for Internet Protocol. An IP address consists of a series
of four numbers separated by periods, that identifies a single, unique Internet computer host in an IP network.
Example: 192.168.2.1. It consists of 2 portions: the IP network address, and the host identifier.
The IP address is a 32-bit binary pattern, which can be represented as four cascaded decimal numbers
separated by “.”: aaa.aaa.aaa.aaa, where each “aaa” can be anything from 000 to 255, or as four cascaded
binary numbers separated by “.”: bbbbbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb, where each “b” can either be 0
or 1.
A network mask is also a 32-bit binary pattern, and consists of consecutive leading
1’s followed by consecutive trailing 0’s, such as
11111111.11111111.11111111.00000000. Therefore sometimes a network mask can also be described
simply as “x” number of leading 1’s.
When both are represented side by side in their binary forms, all bits in the IP address that correspond to 1’s
in the network mask become part of the IP network address, and the remaining bits correspond to the host
ID.
For example, if the IP address for a device is, in its binary form,
11011001.10110000.10010000.00000111, and if its network mask is,
11111111.11111111.11110000.00000000
It means the device’s network address is
11011001.10110000.10010000.00000000, and its host ID is,
00000000.00000000.00000000.00000111. This is a convenient and efficient method for routers to route IP
packets to their destination.
ISP Gateway Address: (see ISP for definition). The ISP Gateway Address is an IP address for the Internet
router located at the ISP's office.
ISP: Internet Service Provider. An ISP is a business that provides connectivity to the Internet for individuals
and other businesses or organizations.
LAN: Local Area Network. A LAN is a group of computers and devices connected together in a relatively
small area (such as a house or an office). Your home network is considered a LAN.
MAC Address: MAC stands for Media Access Control. A MAC address is the hardware address of a device
connected to a network. The MAC address is a unique identifier for a device with an Ethernet interface. It is
56
Download from Www.Somanuals.com. All Manuals Search And Download.
comprised of two parts: 3 bytes of data that corresponds to the Manufacturer ID (unique for each
manufacturer), plus 3 bytes that are often used as the product’s serial number.
NAT: Network Address Translation. This process allows all of the computers on your home network to use
one IP address. Using the broadband router’s NAT capability, you can access the Internet from any
computer on your home network without having to purchase more IP addresses from your ISP.
Port: Network Clients (LAN PC) uses port numbers to distinguish one network application/protocol over
another. Below is a list of common applications and protocol/port numbers:
Application
Telnet
Protocol Port Number
TCP
TCP
TCP
TCP
TCP
UCP
UDP
TCP
TCP
TCP
UDP
23
21
FTP
SMTP
25
POP3
110
1720
161
162
80
H.323
SNMP
SNMP Trap
HTTP
PPTP
1723
5631
5632
PC Anywhere
PC Anywhere
PPPoE: Point-to-Point Protocol over Ethernet. Point-to-Point Protocol is a secure data transmission method
originally created for dial-up connections; PPPoE is for Ethernet connections. PPPoE relies on two widely
accepted standards, Ethernet and the Point-to-Point Protocol. It is a communications protocol for transmitting
information over Ethernet between different manufacturers
Protocol: A protocol is a set of rules for interaction agreed upon between multiple parties so that when they
interface with each other based on such a protocol, the interpretation of their behavior is well defined and
can be made objectively, without confusion or misunderstanding.
Router: A router is an intelligent network device that forwards packets between different networks based on
network layer address information such as IP addresses.
Subnet Mask: A subnet mask, which may be a part of the TCP/IP information provided by your ISP, is a set
of four numbers (e.g. 255.255.255.0) configured like an IP address. It is used to create IP address numbers
used only within a particular network (as opposed to valid IP address numbers recognized by the Internet,
which must be assigned by InterNIC).
TCP/IP, UDP: Transmission Control Protocol/Internet Protocol (TCP/IP) and Unreliable Datagram Protocol
(UDP). TCP/IP is the standard protocol for data transmission over the Internet. Both TCP and UDP are
transport layer protocol. TCP performs proper error detection and error recovery, and thus is reliable. UDP
on the other hand is not reliable. They both run on top of the IP (Internet Protocol), a network layer protocol.
WAN: Wide Area Network. A network that connects computers located in geographically separate areas (e.g.
different buildings, cities, countries). The Internet is a wide area network.
Web-based management Graphical User Interface (GUI): Many devices support a graphical user interface
that is based on the web browser. This means the user can use the familiar Netscape or Microsoft Internet
Explorer to Control/configure or monitor the device being managed.
57
Download from Www.Somanuals.com. All Manuals Search And Download.
|