CradlePoint Mobile Broadband Router MBR1200 Manual

User Manual: MBR1200

Open the PDF directly: View PDF .
Page Count: 132

Download
Open PDF In Browser	View PDF

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Preface
CradlePoint reserves the right to revise this publication and to make changes in the content thereof without obligation to notify any person or
organization of any revisions or changes.

Manual Revisions
Revision

Date

Description

Author

1.0

May 19, 2010

Initial release for Firmware version 1.6.12

David Rush

1.1

June 7,2010

Minor edits

David Rush

Trademarks
CradlePoint and the CradlePoint logo are registered trademarks of CradlePoint, Inc. in the United States and other countries. All other company
or product names mentioned herein are trademarks or registered trademarks of their respective companies.
Copyright © 2010 by CradlePoint, Inc.
All rights reserved. This publication may not be reproduced, in whole or in part, without prior expressed written consent by CradlePoint, Inc.

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Table of Contents
1

INTRODUCTION .................................................................................... 3
1.1
1.2
1.3

ADVANCED TAB.................................................................................. 34
5.1
5.2
5.3
5.4
5.5
5.6
5.7

ACCESS CONTROL ................................................................................ 35
FAILOVER/LOAD BALANCE ..................................................................... 39
FIREWALL ........................................................................................... 42
GAMING ............................................................................................ 46
INBOUND FILTERS ................................................................................ 48
MAC ADDRESS FILTER .......................................................................... 50
NETWORK .......................................................................................... 52

INFO ................................................................................................. 73
GPS.................................................................................................. 74
SETTINGS ........................................................................................... 76
UPDATE ............................................................................................. 81

TOOLS TAB ......................................................................................... 82
7.1
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9
7.10
7.11
7.12
7.13

BASIC TAB .......................................................................................... 15
WIZARD (SETUP WIZARD) ..................................................................... 16
DHCP (DHCP SETTINGS) ..................................................................... 19
NETWORK .......................................................................................... 24
WAN CONFIGURATION ........................................................................ 26
WIRELESS (WI-FI) ............................................................................... 28

ROUTING ........................................................................................... 53
SPECIAL APPLICATIONS (APPLICATION RULES) ........................................... 55
TRAFFIC SHAPING ................................................................................ 57
VIRTUAL SERVER.................................................................................. 61
WEB FILTER (WEBSITE FILTER) ............................................................... 63
WIRELESS (WI-FI) ............................................................................... 65
WI-FI PROTECTED SETUP...................................................................... 67
WISH ............................................................................................... 70

MODEM TAB ...................................................................................... 72
6.1
6.2
6.3
6.4

WIRELESS SETUP USING A MOBILE BROADBAND (CELLULAR) DATA MODEM/S .. 8
WIRED CONNECTION USING CABLE/DSL INTERNET SERVICE .......................... 8
ESTABLISHING A WIRELESS INTERNET CONNECTION ...................................... 9
COMMON PROBLEMS ........................................................................... 11

ADMINISTRATIVE TABS AND SUB-MENUS .......................................... 14
4.1
4.2
4.3
4.4
4.5
4.6

PORTS ................................................................................................. 6
LEDS................................................................................................... 7

QUICK START ........................................................................................ 8
3.1
3.2
3.3
3.4

PACKAGE CONTENTS .............................................................................. 3
SYSTEM REQUIREMENTS ......................................................................... 3
MBR1200 OVERVIEW ........................................................................... 3

HARDWARE OVERVIEW........................................................................ 5
2.1
2.2

5.8
5.9
5.10
5.11
5.12
5.13
5.14
5.15

ADMIN (ADMINISTRATIVE SETTINGS). ...................................................... 83
DYNAMIC DNS ................................................................................... 85
EMAIL SETTINGS .................................................................................. 87
FIRMWARE ......................................................................................... 89
IPSEC VPN......................................................................................... 92
MANAGED SERVICES ............................................................................ 96
SCHEDULES......................................................................................... 97
SNMP .............................................................................................. 99
SYSLOG ............................................................................................ 100
SYSTEM (SYSTEM SETTINGS) ................................................................ 101
SYSTEM CHECK (PING TEST) ................................................................ 102
TIME ............................................................................................... 103
USER LOGIN ..................................................................................... 105

STATUS TAB ..................................................................................... 106

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.1
8.2
8.3
8.4
8.5
8.6
8.7
9

DEVICE INFO ..................................................................................... 107
ACTIVE SESSIONS ............................................................................... 110
LOGS ............................................................................................... 111
ROUTING ......................................................................................... 112
STATISTICS (TRAFFIC STATISTICS) .......................................................... 113
WIRELESS (WI-FI) ............................................................................. 114
WISH SESSIONS ................................................................................ 116

GLOSSARY ........................................................................................ 117

10
10.1
10.2
10.3

APPENDIX ..................................................................................... 128
REGULATORY INFORMATION ................................................................ 128
WARRANTY INFORMATION .................................................................. 128
SPECIFICATIONS ................................................................................. 129

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 2

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

1 INTRODUCTION
1.1 Package Contents







CradlePoint MBR1200 Mobile Broadband Router
AC power adapter (12V, 1.5A) WARNING: using a power adapter other than the one provided may damage the MBR1200 and will
void the warranty
Mounting Hardware
CAT5 Ethernet Cable
Quick Start Guide
Accessory Guide

1.2 System Requirements




Ethernet-based Cable/DSL modem and/or Broadband Data Modem with Active Subscription (USB, ExpressCard, PC Card), or
supported Phone with Active Tethered Data Plan Suggested
Windows 2000/XP/7, Mac OS X, or Linux Computer with Wi-Fi Adapter (802.11n Recommended)
Internet Explorer v6.0 or higher, Firefox v2.0 or higher, Safari v1.0 or higher.

1.3 MBR1200 Overview







1.3.1

Easy Setup and Maintenance
High Performance Internal 802.11n Antennas
10/100/1000 Ethernet WAN and LAN Ports
1
Cellular Redundancy Failover to 3G/4G
Works with USB, PC Card and ExpressCard Modems
Physical Modem Security Cap Available.

Always Connected
1

The CradlePoint MBR1200 is a robust 802.11n router with 3G/4G failover capabilities built for home, small business, branch office, temporary and
remote enterprise environments seeking to implement continuous, always-on connectivity. With its failover/failback capability, the MBR1200

Data Modem Not Included. This Product Requires an Activated Data Modem or Phone with Data Plan for Full Functionality. See your Cellular/3G/4G Service Provider for Details
on Coverage and Data Plan Options.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 3

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

automatically switches to a secondary connection (either wired or wireless) when your primary service is interrupted. Once your service is
restored, the MBR1200 will automatically failback to the primary connection - keeping your business online with minimal interruption to users.

1.3.2

Enterprise Power – Small Business Simple

Powered by WiPipe™ technology, the MBR1200 router includes many features found in expensive, enterprise-class routers at a fraction of the
cost. With minimal setup and maintenance, including our pre-installed software, it has “right out of the box” simplicity.
Standard on the MBR1200 are security features such as multiple Wi-Fi encryption modes (WEP and WPA/ WPA2 Personal and Enterprise) and
built-in firewall, which prevent unauthorized use of your connection. With no additional software to load, you‟ll be up and running in minutes.

1.3.3

VPN: Secure and Reliable

The high-performance MBR1200 has the capability to create, manage, and terminate multiple IPSec VPN sessions. It provides up to five
concurrent sessions, supporting transfer and tunnel modes and several Hash and Cipher algorithms. These encryption protocols protect your
communications from one private network to another from end-to-end.

Data Modem Not Included. This Product Requires an Activated Data Modem or Phone with Data Plan for Full Functionality. See you Cellular/3G/4G Service Provider for Details
on Coverage and Data Plan Options.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 4

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

2 HARDWARE OVERVIEW

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 5

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

2.1 Ports

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 6

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

2.2 LEDs

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 7

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3 QUICK START
3.1 Wireless Setup Using
(cellular) Data Modem/s1






Mobile

Broadband

Connect the Power Supply
Insert your ExpressCard, PC Card, or USB modem/s.
Establish a wireless internet connection as shown below.

3.2 Wired Connection
Service




Using

Cable/DSL

Internet

Connect the Power Supply
Insert one end of your Ethernet cable to the WAN port.
Insert the other end of the Ethernet cable into your Cable or DSL
modem. It may take a minute or two for the MBR1200 to
initialize.
Open your web browser.

You can now access the Internet.
For Failover/Failback Functionality, you must have an Active Data
Modem attached to the MBR1200.
CradlePoint recommends that Wi-Fi security be setup at this point. See
Setting Up Wireless Network Security

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 8

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3.3 Establishing a Wireless Internet Connection
3.3.1

Wireless Network Connection

On a Wi-Fi-enabled computer or device, open the View Wireless Networks window and click
on the MBR1200. Next, click on the Connect button in the bottom right corner of the window.
If more than one MBR1200 wireless router is visible, you can find the correct unit by checking
for its SSID. Your wireless router uses the SSID of MBR1200-xxx, where “xxx” is the last 3
digits of the router‟s MAC address. The MAC address can be found on the MBR1200 product
box or the bottom of the MBR1200 unit. Once you have completed your wireless connection
to the MBR1200 router, you should set up security on your wireless network by following the
procedures identified in the next step (recommended). You can connect directly onto the
Internet without security (not recommended) by skipping the next step.

3.3.2

Setting Up Wireless Network Security

Wi-Fi Security is highly recommended by CradlePoint. Wi-Fi Security is separate from the
User Login Page. Setting “Wi-Fi Security” on your router prevents users from connecting
their computers to your router unless they have you wireless security password.
Follow The Steps Below to Set the Wi-Fi Security:









Access your router Administration Login screen by opening a web browser window
and typing the IP address http://192.168.0.1 into the address bar.
Enter your Default Administrative Password. This password is the last 6 digits of
the MBR1200’s MAC address found on the side panel of the MBR1200 product box
or the bottom of the MBR1200.
After you enter the password, click the Log In button.
After you are logged in, click on the BASIC menu tab at the top of the setup window.
Next, click the Launch Setup Wizard button in the middle of the screen.
Follow the instructions in the Setup Wizard (Outlined in section 4.2 of this document:
Wizard) to complete the setup (Basic → Wizard).
After security setup has been completed, continue to the next Step to use your new
Security- Enabled Internet Connection.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 9

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3.3.3

Connect to the Internet

Using any device with a supported browser, open a browser window.
A default CradlePoint page will appear asking for a password.
Use the password you assigned in the Basic Wizard Setup. If you did not
change the password, or have not yet setup your wireless network security, use
the default password. The default password is the last six digits of the
MBR1200‟s MAC address. The MAC address can be found on the MBR1200
product box or the bottom of the MBR1200.
Enter the password and click the Login button.
After login, you will be able to click on a Remember Me button so that so that
the next time user device connects to the MBR1200, no password is needed.
Remember: This password is necessary to protect against unauthorized access
to your system.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 10

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3.4 Common Problems
This section contains a list of some of the most common issues faced by users of the MBR1200.
Please visit CradlePoint Knowledgebase at http://knowledgebase.cradlepoint.com/ for more help and answers to your other questions.

3.4.1

Your USB Modem or Phone Does Not Work With the Router



If your USB data modem or phone is not working with the router, check the list of supported devices to ensure you are using a supported
device and carrier. The device you‟re using must be supported on the carrier network providing your cellular service or it‟s considered an
unsupported device, even if it is supported on another carrier‟s network.
CradlePoint‟s supported device list changes regularly. We update our supported device list after a device is certified and approved. If the
device you have is NOT on the list, that means we do not support it at this time.
The SUPPORTED DEVICE list can be found at: cradlepoint.com/support/MBR1200



Sometimes a USB data modem needs to be updated or have other configurations set correctly in order to make a connection through the
router. If your USB Modem has not been updated recently, it is recommended that you do so if it is having trouble connecting to the
MBR1200. Simply insert your USB data modem into your PC and using the software provided by your cellular carrier, access the Internet.
Follow the directions provided to complete the update. Once you have updated your USB data modem, reconnect the cellular device to
your CradlePoint router and connect to the Internet.



If you are using 4G modem you need to set the WiMAX Realm. This can be done at the administrative page (login to IP address
http://192.168.0.1) and go to Modem → Settings. Under Modem Specific Settings use the WiMAX Realm Select to select your carrier.
Make sure you Save Settings.



Some wireless carriers provide multiple Access Point Names that a modem can connect to. If you wish to specify an APN, this can be
done at the administrative page (login to IP address http://192.168.0.1) and go to Modem → Settings. Enter the APN and Save Settings.
Some examples of APN are isp.cingular, ecp.tmobile.com and vpn.com. This APN will be set in the first profile position (see Modem
Diagnostics). The modem must be removed and reinserted for this change to take affect (or the router rebooted). This APN is associated
with the modem in the interface referred to in the Modem Interface drop down menu, so multiple APNs may be entered.



If the above issues have been resolved and you can connect to the router but not get internet through it using your modem you may need
to upgrade the router firmware. Use your computer (you may need to plug your modem directly into your computer if you don‟t have
another way to access the internet) to download the latest firmware for the router (found at: www.cradlepoint.com/support/mbr1200).
Then login to the router admin page and manually upload the firmware (directions can be found in this manual in section 7.4.2).



If you are still unable to access the Internet after following the above directions, contact CradlePoint Technical Support for further
assistance.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 11

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3.4.2

You are Connected to the Router but Cannot Connect to the Internet

The status LEDs of your router will give you an indication whether or not a proper connection is being made. See the LED STAT US definitions
below:
If the USB Data Modem LEDs are not illuminated, your modem is not connected and online. You may need to update firmware. Refer to “Your
USB Modem or Phone Does Not Work With The Router.”

If you are still not online after updating, call CradlePoint Technical Support for further assistance.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 12

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

3.4.3

My Wi-Fi-enabled Devices Can‟t Get Past the Login Page

Some electronic devices may experience problems handling the Internet Access User Login setting. Devices that commonly have trouble are, but
not limited to:







iPod Touch
iPhone
Wireless VoIP Phones
Wireless Printers
Most Wi-Fi-enabled Video Game Systems
Most Wi-Fi-enabled Devices that are not PCs or Macs

To Allow These Devices Access, follow the instructions below to disable the user login.





Access your router administration page by opening your browser and typing http://192.168.0.1 in the address bar.
Go to the TOOLS tab on the top navigation, then the USER LOGIN menu on the left panel.
Uncheck the REQUIRE USER LOGIN check box.
Scroll to the top of the page and click SAVE THE SETTINGS, which will save and reboot the router with your new configuration.

NOTE: Because the User Login page adds security and access control to others connected to your router, you may need to enable additional
security features such as WEP, WPA, or MAC Address Filtering (if you are not already doing so) when turning off the User Login Page. See the
“Setting Wi-Fi Security on your CradlePoint Router” section of this guide for details.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 13

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4 ADMINISTRATIVE TABS AND SUB-MENUS
The MBR1200 has a Web interface that provides a set of tabs and sub-menus for configuration and administration of all features. The interface is
organized with 6 tabs at the top of the screen.







Basic
Advanced
Modem
Tools
Status
Help

Within each of the 6 tabs, there are submenus along the left side of the web page that
you use to navigate to the specific
function/task you wish to manage.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 14

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.1 Basic Tab
The Basic tab provides access to the 5 sub-menus for administering the following function/tasks:






WIZARD
DHCP
NETWORK
WAN
WIRELESS (WI-FI)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 15

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.2 Wizard (Setup Wizard)
Use the Setup Wizard to execute the minimum recommended first steps to
set up the product. (NOTE: Before launching the Configuration Wizard, you
must have followed all the steps outlined in the Quick Start Guide included in
the product package)

4.2.1

Launch Setup Wizard.

Launch Setup Wizard. Click the Launch Setup Wizard button to start the
wizard.

4.2.2

Welcome to the Setup Wizard.

Next/Cancel. Click Next to start the Setup Wizard

4.2.3

Set your password and time zone.

Password. Enter a password for administrative access. Verify. Re-enter the
password. Time Zone. Click on the drop down menu and select the
appropriate time zone.
Verify. Re-enter the password
Time Zone. Click on the drop down menu and select the appropriate time
zone.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 16

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.2.4

Configure Wireless Security

Wireless (Wi-Fi) Network Name (SSID). Enter a name
for the wireless network. For security purposes, it is
highly recommended that you change the pre-configured
network name. NOTE: Be sure to write down the new
SSID and keep it in a safe place.
Require User Login. With the box checked, users will
be required to login before they can access the internet.
With the box unchecked, users will NOT be required to
login before they can access the internet.
WPS, Best, Better, Good, None. Choose one of four
levels of security, or none.
NOTE: The wireless adapters installed on the wireless
clients accessing the MBR1200 must be able to support
the security level you choose.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 17

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.2.5

Set Your Wireless Security Password.

Wireless Security Password. If you have selected one of the four
security levels, you will be prompted to enter a Wireless Security
Password. This is the password that wireless clients will use to access
the MBR1200 wireless network.
NOTE: Be sure to write down the password and keep it in a safe place.
If you chose None for security, you will not see the Set Your Wireless
Security Password screen and will be directed to the Setup
Complete screen.

4.2.6 Setup Complete.
This screen summarizes the wireless settings you have chosen.
NOTE: Make sure you write down this information and keep it in a safe
place. You will need some of this information to configure wireless
clients and other settings on the MBR1200.
Click Save. This will restart the router and enable the settings you
have selected.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 18

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.3 DHCP (DHCP Settings)
DHCP stands for Dynamic Host Configuration Protocol. The DHCP section is where you
configure the built-in DHCP Server to assign IP addresses to the computers and other
devices on your local area network (LAN).
Use the DHCP sub-menu to configure the built-in DHCP Server to assign IP addresses
to the computers and other devices on the local area network.

4.3.1

DHCP Server Settings

Enable DHCP Server. (Default: Enabled). Once your MBR1200 router is properly
configured and this option is enabled, the DHCP Server will manage the IP addresses
and other network configuration information for computers and other devices connected
to your Local Area Network. There is no need for you to do this yourself.
The computers (and other devices) connected to your LAN also need to have their
TCP/IP configuration set to "DHCP" or "Obtain an IP address automatically".
When you set Enable DHCP Server, the following options are displayed.
DHCP IP Address Range. (Default: 192.168.0.100-192.168.0.199). This option defines
the range of addresses available for the MBR1200 to assign to an internal network. If
there are any devices using static IP addresses, you must be sure the addresses do not
fall within the range defined here. A Static IP address is one that is entered in manually
on the device.
Example: The MBR1200 uses an IP address of 192.168.0.1. A computer designated as
a Web server has a static IP address of 192.168.0.3. Another computer is designated as
an FTP server with a static IP address of 192.168.0.4. The starting IP address for the
DHCP server needs to be 192.168.0.5 or above.
DHCP Lease Time. (Default: 1440 minutes [24 hours]). The amount of time a computer
may have an IP address before it is required to renew the lease. The initial lease
designates the amount of time before the lease expires. If the lease expires and the
address is no longer needed, then another tenant may use the address. Units are in
minutes, however a value of zero (0) means the lease never expires.
Always Broadcast. If all the computers on the LAN successfully obtain their IP
addresses from the router‟s DHCP server, this option can remain disabled. However, if

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 19

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

one of the computers on the LAN fails to obtain an IP address, it may have an old DHCP client that incorrectly turns off the broadcast flag of
DHCP packets. Enabling Always Broadcast will cause the router to always broadcast its responses to all clients, thereby working around the
problem (at the cost of increased broadcast traffic on the LAN).
NetBIOS Announcement. Check this box to allow the DHCP Server to
offer NetBIOS configuration settings to the LAN hosts. NetBIOS allows
LAN hosts to discover all other computers within the network, e.g. within
“Network Neighborhood.”
Learn BIOS from WAN. If NetBIOS advertisement is switched on, WINS
information will be learned from the WAN side, if available. Turn this
setting off to configure manually.
NetBIOS Scope. This is an advanced setting and is normally left blank.
This allows the configuration of a NetBIOS “domain” name under which
network hosts operate. This setting has no effect if the Learn NetBIOS
information from WAN is activated.
NetBIOS Node Type. Indicates how network hosts are to perform
NetBIOS name registration and discovery. This setting has no effect if the
Learn
NetBIOS information from WAN is activated.






Broadcast only. This setting is useful where there are no
WINS servers available, however, it is preferred you try
Mixed-Mode operation first.
Point-to-Point Mode. This setting indicates to use WINS
servers ONLY. This setting is useful to force all NetBIOS
operation to the configured WINS servers. You must have configured at least the primary WINS server IP to point to a working WINS
server.
Mixed-Mode (default). First broadcast operation is performed to register hosts and discover other hosts, if broadcast operation fails,
WINS servers are tried, if any. This mode favors broadcast operation which may be preferred if WINS servers are reachable by a
slow network link and the majority of network services such as servers and printers are local to the LAN.
Hybrid-State. First WINS servers are tried, if any, followed by local network broadcast. This is generally the preferred mode if you
have configured WINS servers.

Primary WINS IP Address. Configure the IP address of the preferred WINS server. WINS Servers store information regarding network hosts,
allowing hosts to „register‟ themselves as well as discover other available hosts, e.g. for use in “Network Neighborhood.” This setting has no effect
if the Learn NetBIOS information from WAN is activated.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 20

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Secondary WINS IP Address. Configure the IP address of the backup WINS server, if any. This setting has no effect if the Learn NetBIOS
information from WAN is activated.

4.3.2

Number of Dynamic DHCP Clients.

This section displays what devices are currently leasing IP addresses. The
DHCP Client table displays the number of clients that are receiving an IP
address from the router, the computer name, MAC address, and IP address
assigned to each computer. You can use the Revoke IP address option to
take away a leased IP address from a client. This feature is useful for freeing
up addresses when the client table is full or nearly full.

4.3.3

Add DHCP Reservation

Clients configured as DHCP can receive the same IP address all the time
using this feature. This is almost the same as if a device has a static IP
address except that it must still actually request an IP address from the
MBR1200. The MBR1200 will provide the device the same IP address all the
time. Servers on the network should either use a static IP address or this
option.
Enable. Specifies whether the entry will be active or inactive.
Computer Name. You can assign a name for each computer that is given a
reserved IP address. This may help you keep track of which computers are
assigned this way. Example: Game Server.
IP Address. The LAN address that you want to reserve.
MAC Address. To input the MAC address of your system, enter it manually or connect to the router‟s Web-Management interface from the system
and click the Copy Your PC’s MAC Address button.
A MAC address is usually located on a sticker on the bottom of a network device. The MAC address is comprised of twelve digits. Each pair of
hexadecimal digits are usually separated by dashes or colons such as 00-0D-88-11-22-33 or 00:0D:88:11:22:33. If your network device is a
computer and the network card is already located inside the computer, you can connect to the router from the computer and click the Copy Your
PC’s MAC Address button to enter the MAC address.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 21

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

As an alternative, you can locate a MAC address in a specific
operating system by following the steps below:




Windows 98/Windows Me. Go to the computer‟s Start
menu, select Run, type in winipcfg, and hit Enter. A
popup window will be displayed. Select the appropriate
adapter from the pull-down menu and you will see the
Adapter Address. This is the MAC address of the device.
Windows 2000/Windows XP/Windows 7. Go to the
computer‟s Start menu, select Programs, select
Accessories, and select Command Prompt. At the
command prompt, type in ipconfig /all and hit Enter.
The physical address displayed for the adapter connecting to the router is the MAC address.
Mac OS X. Go to the computer‟s Apple Menu, select System Preferences, select Network, and select the Ethernet Adapter connecting
to the router. Select the Ethernet button and the Ethernet ID will be listed. This is the same as the MAC.

Save/Update. Record the changes you have made.
Clear. Re-initialize this area of the screen, discarding any changes you have made.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.
Example: A DHCP reservation is used for making sure the router always gives a computer or device the same IP address. Let‟s say you have a
Wi-Fi printer that you want to access via the Internet. You can connect to the CradlePoint Router from the Wi-Fi printer designated in this section.
1.
2.
3.
4.

Enter a designated IP address somewhere between the Starting IP and Ending IP addresses.
Click the Copy Your PC’s MAC Address button and the MBR1200 will detect the MAC address of the device and enter it automatically.
The printer name can be entered in for reference but is not required.
Click the Save Settings button at the top of the page.

The IP address will now only be assigned to the designated Wi-Fi printer and it will always receive the same IP address as long as it uses the
same wireless adapter.
Default: No static DHCP clients.
NOTE: If you replace the wireless adapter in a computer that is using Static DHCP, you will need to click the Copy the PC‟s MAC Address button
again because every wireless adapter has a unique MAC address. The same goes for any network device. If you replace a network device such
as a print server, you will need to input the MAC address of the new print server into the Static DHCP configuration.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 22

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.3.4

DHCP Reservation List

The section shows the current DHCP Reservation List.
Certain required routes are predefined and cannot be
changed. Routes that you add can be changed by
clicking the Edit icon or can be deleted by clicking the
Delete icon. When you click the Edit icon, the item is highlighted, and the DHCP Reservation List section is activated for editing. Click the
Enable check box at the left to directly activate or de-activate the entry.
After you‟ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The
router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional
settings changes, click Continue. If you are finished with all configuration settings, click the Reboot the Device button.
Default: empty list.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 23

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.4 Network
Use the Basic Network sub-menu to establish the local IP
address for the router. These are the settings of the LAN
(Local Area Network) interface for the router. The router‟s
local network (LAN) settings are configured based on the
IP Address and Subnet Mask assigned in this sub-menu.
The IP address is also used to access this Web-based
management Interface. It is recommended that you use
the default settings if you do not have an existing
network.

4.4.1

Router Settings.

Router IP Address. The IP address of your router on the
local area network. Your local area network settings are
based on the address assigned here. For example,
192.168.0.1
Subnet Mask. The subnet mask of your router on the
local area network.
Local Domain Name. This entry is optional. Enter a
domain name for the local network. LAN computers will
assume this domain name when they get an address
from the router‟s built in DHCP server. So, for example, if
you enter mynetwork.net here, and you have a LAN
side laptop with a name of chris, that laptop will be
known as chris.mynetwork.net. NOTE: the entered
domain name can be overridden by the one obtained
from the router‟s upstream DHCP server.
Enable DNS Relay. When DNS Relay is enabled, the router plays the role of a DNS server. DNS requests sent to the router are forwarded to the
ISP‟s DNS server. This provides a constant DNS address that LAN computers can use, even when the router obtains a different DNS server
address from the ISP upon re-establishing the WAN connection. You should disable DNS relay if you implement a LAN-side DNS server as a
virtual server.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 24

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.4.2

RIP (Router Information Protocol).

RIP is used to broadcast routing information among routers.
Enable RIP. Enable RIP if required by the ISP, if the LAN has
multiple routers, or if the LAN has auto-IP devices. NOTE:
When you select the Enable RIP check box, these additional
features appear:
RIP Operating Mode. The MBR1200 router supports both
version 2 and version 1 of the RIP specification.




V1. Use if none of the routers supports Version 2.
V2 Broadcast. Use if some routers are capable of
Version 2, but some are only capable of Version 1.
V2 Multicast. Use if this is the only router on the
LAN or if all the routers support Version 2.

Router Metric. The additional cost of routing a packet through this router. The normal value for a simple network is 1. This metric is added to
routes learned from other routers; it is not added to static or system routes.
Act as Default Router. Make this router the preferred destination for packets that are not otherwise destined.
Accept WAN Updates. For security, disable this option unless required by the ISP.
RIP Password. RIP Version 2 supports the use of a password to limit access to routers through the RIP protocol. If the ISP or other LAN router
requires a RIP password, enter the password here.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 25

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.5 WAN Configuration
Use the WAN Configuration sub-menu to configure the network settings for
the Wired and Cellular Modem WAN.

4.5.1

Cellular Modem PPP Authentication (optional).

Enter your Cellular Service Provider information in these three fields only if
directed by your Cellular Service Provider.
Modem Interface. Modem interface is the physical port the modem is
connected to. Select the appropriate port to change its settings.
Username. If required by your ISP, enter the username provided to you by
your ISP. If not required by your ISP, leave this field blank.
Password. If required by your ISP, enter the password provided to you by
your ISP. If not required by your ISP, leave this field blank.
Verify Password. Re-enter the password.

4.5.2

Wired WAN Connection Type.

There are several connection types to choose from: Static IP, DHCP, PPPoE,
PPTP, L2TP. If you are unsure of your connection method, please contact
your Internet Service Provider. Note: If using the PPPoE option, you will need
to ensure that any PPPoE client software on your computers is removed or
disabled.
Internet Service Provider. The MBR1200 will automatically determine your
ISP. If it is not able to detect your ISP, choose your ISP from the drop down
menu. If your ISP is not listed, choose Not Listed or Don’t Know.
Internet Connection. If you select Not Listed or Don’t Know option, use the
Internet Connection drop down menu to identify the type of Internet
Connection you have.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 26

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.5.3

Dynamic (DHCP) Internet Connection Type.

You will not need to complete this section unless your ISP requires
you to.
Host Name. Enter the host name provided to you by your ISP.
Use Unicasting. Select the check box if advised to so by your ISP.
MTU. Enter the MTU provided to you by your ISP (default: 1500).
MAC Address. To input the MAC address of your system, enter it
manually or connect to the MBR1200‟s Web-Management interface
from the system and click the Clone Your PC’s MAC Address
button.

4.5.4

DNS Settings

Use the WAN Configuration sub-menu to configure the network
settings for the Wired and Cellular Modem WAN (the first connected
cellular handset or modem).
DNS Address. Select the Get Automatically from ISP/Cellular
Provider radio button to acquire a DNS Address automatically from
our ISP/Cellular Provider or select the Use the Following DNS
Servers radio button to specify DNS Servers. NOTE: You would
specify DNS Servers if you want Wi-Fi clients to access DNS
servers that you use for customized addressing or if you have a
local DNS server on your network.
Primary DNS Server. If you choose to use specify your DNS
Servers, then enter the IP address of the server you want as your Primary DNS Server in this field.
Secondary DNS Server. If you choose to use specify your DNS Servers, then enter the IP address of the server you want as your Secondary
DNS Server in this field.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 27

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.6 Wireless (WI-FI)
Use the Wireless (Wi-Fi) sub-menu configure the wireless settings for the
MBR1200. NOTE: changes made in this section may also need to be
duplicated on wireless clients that you want to connect to your wireless
network. Add Wireless Devices with WPS (WI-FI Protected Setup) Wizard
Add Wireless Device with WPS. This Wizard helps you add wireless
devices to the wireless network using the Wi-Fi Protected Setup protocol.
The wizard will prompt you to enter the PIN for the device, or ask you to
press the Configuration button on the device. If the device supports Wi-Fi
Protected Setup and has a configuration button, you can add it to the
network by pressing the Configuration button on the device and then the
WPS button on the router within 60 seconds. The WPS status LED on the
router will flash three times if the device has been successfully added to the
network.
There are several ways to add a wireless device to your network. Access to
the wireless network is controlled by a “registrar.” A registrar only allows
devices onto the wireless network if you have entered the PIN, or pressed a
Wi-Fi Protected Setup button on the device. The router acts as a registrar
for the network, although other devices may act as a registrar as well.

4.6.1

Wireless (WI-FI) Network Settings

Enable Wireless Radio. (Default: Enabled). When checked, wireless
connectivity is enabled.
Wireless Network Name. (Default: visible). The SSID name for the router.
Default: “MBR1200-xxx” where “xxx” is the last three digits of the
MBR1200‟s MAC address. The MAC address can be found on the product
label of the MBR1200.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 28

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

802.11 Mode. (Default [Mixed 802.11 b/g/n]). Select Wi-Fi
operating mode (802.11b/g/n, 802.11b/g, 802.11n, 802.11b,
802.11g).
Enable Auto Channel Scan. When the power is first turned on,
the MBR1200 will check the available wireless bands for the leastused channel.
Wireless Channel. (Default: randomly selected among channels
appropriate for 802.11 setting). Channel to transmit and receive.
Channels 1 through 11 are available for 802.11 b/g/n in the U.S.
Check if you employ channel planning in your building.
Transmission Rate. (Default: Best). By default the fastest
possible transmission rate will be selected. You have the option of
selecting the speed if necessary. Channel rates are doubled for MCS when Channel Width is set to 40 MHz.
Channel Width. The Auto 20/40 MHz option is usually best. The other options are available for special circumstances.
Visibility Status. Whether or not the SSID will be visible on the LAN. The Invisible option allows you to hide your wireless network. When this
option is set to Visible, your wireless network name is broadcast to anyone within the range of your signal. If you're not using encryption then they
could connect to your network. When Invisible mode is enabled, you must enter the Wireless Network Name (SSID) on the client manually to
connect to the network.

4.6.2

Wireless (WI-FI) Security Mode

Unless one of these encryption modes is selected, wireless
transmissions to and from your wireless network can be easily
intercepted and interpreted by unauthorized users.
Security Mode. (Default:WPA-Personal). The MBR1200 supports
three wireless security modes including: WEP, WPA-Personal,
and WPA-Enterprise. WEP is the original wireless encryption
standard, and is not considered as secure as WPA. WEP should
only be used if encryption is needed, but WPA encryption is not
supported by your client devices.
WPA provides a higher level of security, and is the recommended security setting for most users. WPA-Personal does not require an
authentication server. The WPA-Enterprise option requires an external RADIUS server for authentication.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 29

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.6.3

WEP

A method of encrypting data for wireless communication intended to provide
the same level of privacy as a wired network. WEP is not as secure as WPA
encryption. To gain access to a WEP network, you must know the key.
WEP Key Length. The key is a string of characters that you create. When
using WEP, you must determine the level of encryption. The type of
encryption determines the key length. 128-bit encryption requires a longer key
than 64- bit encryption. Keys are defined by entering in a string in HEX
(hexadecimal - using characters 0-9, A-F) or ASCII (American Standard Code
for Information Interchange - alphanumeric characters) format. ASCII format
is provided so you can enter a string that is easier to remember. The ASCII
string is converted to HEX for use over the network.
WEP Key 1, 2, 3 and 4. Four keys can be defined so that you can change
keys easily.
Default WEP Key. A default key is selected for use on the network.
Authentication. Open Key authentication involves supplying the correct SSID
to connect to the Access Point, with no key authentication performed. Shared
Key authentication involves the Access Point sending the client device a
challenge text packet that the client must then encrypt with the correct WEP
key and return to the Access Point. If the client has the wrong key or no key,
authentication fails and client will not connect to the Access Point.
Example:





64-bit hexadecimal keys are exactly 10 characters in length.
(12345678FA is a valid string of 10 characters for 64-bit encryption.)
128-bit hexadecimal keys are exactly 26 characters in length.
(12345678902551234567890255 is a valid string of 26 characters for
128-bit encryption.)
64-bit ASCII keys are up to 5 characters in length (DMODE is a valid string of 5 characters for 64-bit encryption.)
128-bit ASCII keys are up to 13 characters in length (2002HALOSWIN1 is a valid string of 13 characters for 128-bit encryption.)

NOTE: if you enter fewer characters in the WEP key than required, the remainder of the key is automatically padded with zeros.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 30

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.6.4

WPA (Personal)

WPA-Personal is one variant of Wi-Fi Protected Access (WPA)
– security standards published by the Wi-Fi Alliance. The WPA
Mode further refines the variant that the router should employ.
The WPA-Personal option uses Wi-Fi Protected Access with a
Pre-Shared Key (PSK).
WPA Mode. WPA is the older standard; select this option if the
clients that will be used with the router only support the older
standard. WPA2 is the newer implementation of the stronger
IEEE 802.11i security standard. With the WPA2 option, the
router tries WPA2 first, but falls back to WPA if the client only
supports WPA. With the WPA2 Only option, the router
associates only with clients that also support WPA2 security.
Cipher Type. The encryption algorithm used to secure the data
communication. TKIP (Temporal Key Integrity Protocol)
provides per-packet key generation and is based on WEP. AES
(Advanced Encryption Standard) is a very secure block based
encryption. With the TKIP and AES option, the router
negotiates the cipher type with the client, and uses AES when
available.
Group Key Update Interval. The amount of time before the
group key used for broadcast and multicast data is changed.
Pre-Shared Key. The key is entered as a pass-phrase of up to
63 alphanumeric characters in ASCII (American Standard Code
for Information Interchange) format at both ends of the wireless
connection. It cannot be shorter than eight characters, although for proper security it needs to be of ample length and should not be a commonly
known phrase. This phrase is used to generate session keys that are unique for each wireless client.
NOTE: Be sure to write down the Pre-Shared Key and keep it in a safe place.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 31

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

4.6.5

WPA (Enterprise)

The WPA-Enterprise is one variant of Wi-Fi Protected Access (WPA) – security
standards published by the Wi-Fi Alliance. The WPA Mode further refines the
variant that the router should employ.
The WPA-Enterprise option works with a RADIUS Server to authenticate
wireless clients. Wireless clients should have established the necessary
credentials before attempting to authenticate to the Server through this
Gateway. Furthermore, it may be necessary to configure the RADIUS Server to
allow this gateway to authenticate users.
WPA Mode. WPA is the older standard; select this option if the clients that will
be used with the router only support the older standard. WPA2 is the newer
implementation of the stronger IEEE 802.11i security standard. With the WPA2
option, the router tries WPA2 first, but falls back to WPA if the client only
supports WPA. With the WPA2 Only option, the router associates only with
clients that also support WPA2 security.
Cipher Type. The encryption algorithm used to secure the data communication.
TKIP (Temporal Key Integrity Protocol) provides per-packet key generation and
is based on WEP. AES (Advanced Encryption Standard) is a very secure block
based encryption. With the TKIP and AES option, the router negotiates the
cipher type with the client, and uses AES when available.
Group Key Update Interval. The amount of time before the group key used for
broadcast and multicast data is changed.

4.6.6

EAD (802.1X)

Authentication Timeout. Amount of time before a client will be required to reauthenticate.
RADIUS Server IP Address. The IP address of the authentication server.
RADIUS Server Port. The port number used to connect to the authentication
server.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 32

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

RADIUS Server Shared Secret. A pass-phrase that must match with the authentication server.
MAC Address Authentication. If this check box is selected, the user must connect from the same computer whenever logging into the wireless
network.
Clicking on the <> button to access the following functions:
Timeout. The time between periodic updates to the Dynamic DNS, if the dynamic IP
address has not change. The timeout period is entered in hours. NOTE: this option will automatically disable if Username and Password or keys
are incorrect.
External IP. This allows you to specify the IP that should be sent to the DynDNS server, and a time frame in which it should time out and send the
information again. Thus, if you pick a time out of 6 hours, the IP will send a new update every 6 hours. (continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 85

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

NOTE. If a dynamic DNS update fails for any reason (for example, when incorrect parameters are entered), the router automatically disables the
Dynamic DNS feature and records the failure in the log.
NOTE: After configuring the router for dynamic DNS, you can open a browser and navigate to the URL for your domain (for example
http://www.mydomain.info) and the router will attempt to forward the request to port 80 on your LAN. If, however, you do this from a LAN-side
computer and there is no virtual server defined for port 80, the router will return the router's configuration home page. Refer to the
Advanced → Virtual Server configuration page to set up a virtual server.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 86

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.3 Email Settings
Use the Email sub-menu to send the system log files, router alert messages, and
firmware update notification to your email account or any email account you specify.

7.3.1

Enable

Enable Email Notification. When this option is enabled, router activity logs are
emailed to a designated email address.

7.3.2

Email Settings

From Email Address. This email address will appear as the sender when you
receive a log file or firmware upgrade notification via email.
To Email Address. Enter the email address where you want the email sent.
SMTP Server Address. Enter the SMTP server address for sending email.
SMTP Server Port. Enter the SMTP server port for sending email.
Enable Authentication. If your SMTP server requires authentication, select this
option.
Account Name. Enter your account for sending email.
Password. Enter the password associated with the account.
Verify Password. Re-type the password associated with the account.
When you are done editing the settings, you must click the Save Settings button at
the top of the page to make the changes effective and permanent.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 87

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.3.3

Email Log When Full or on Schedule

On Log Full. When this option is selected, logs will be sent via email when the
log is full.
On Schedule. Selecting this option will send the logs via email according to
schedule.
Schedule. This option is enabled when On Schedule is selected. You can select
a schedule from the list of defined schedules. To create a schedule, go to the Tools → Schedules sub-menu. NOTE: Normally email is sent at the
start time defined for a schedule, and the schedule end time is not used. However, rebooting the router during the schedule period will cause
additional emails to be sent.
Details. The text field description of the inbound filter you want to select. When you populate a new inbound filter rule, you attribute to it a
descriptor, which is what is shown here.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 88

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.4 Firmware
Use the Firmware Upgrade sub-menu to update your router to the latest firmware to
improve functionality and performance. To check for the latest firmware, click the
Check Online Now button. If you would like to be notified when new firmware is
released, place a check-mark in the box next to Email Notification of Newer
Firmware Version. NOTE: You must enter a destination email address in the Tools
→ E-mail submenu in order to receive email notifications of firmware updates.

7.4.1

Firmware Information

This section displays the Current Firmware Version and the Latest Firmware
Version. To check for the latest version, click the Check Online Now for Latest
Firmware Version button. To verify the latest firmware version, the MBR1200
checks the Internet.

7.4.2

Manually Upgrade Firmware

Upload Firmware. To update the firmware, follow these steps:
1. Click the Browse button to locate the update file on your computer.
2. Once you have found the file to be used, click the Upload button to start
the firmware update process.
3. Wait for the router to reboot.
4. Confirm updated firmware revision on the Status → Device Info
submenu.

7.4.3

Manually Upgrade WIMAX Modem Driver File

Upload WiMAX Modem Driver File. To update the driver follow these steps:
1. Click the Browse button to locate the update file on your computer.
2. Once you have found the file to be used, click the Upload button to start the
driver update process.
3. Wait for the modem to reboot.
4. Confirm updated firmware revision on the Tools → Firmware submenu.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 89

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.4.4

Firmware Upgrade Notification Options

Automatically Check Online for Latest Firmware Version. When this option is
enabled, your router will check online periodically to see if there is a newer version of firmware available. When new firmware is available, you will
see an additional button that initiates a one button update. Simply click the button to download and update the router in one click.
Email Notification of Newer Firmware Version. When a newer version of firmware is available, a notice will be set to the email address listed
under the Tools → Email sub-menu.

7.4.5

Firmware Update Notes

When a new firmware update file is loaded into the router, the following checks are made to insure that the new file is correct.
1. Before the new firmware update is loaded into its permanent location (the NVRAM), it is first downloaded into a temporary (RAM) area for
checking.
2. The downloaded file is first checked against a checksum to insure that the entire file has been downloaded and no data errors have
occurred.
3. Each firmware file is encoded with a special product identification, which must match the current code in the router. If the two identifiers
match the update is allowed to proceed. If either of these checks fail, the firmware update file is rejected and a failure message given to
the user.
4. After the new firmware file passes both of these checks, the code is written to the permanent location (NVRAM). Power to the unit must be
maintained during this critical step; do not turn off unit. As the router writes the new code into the permanent location (NVRAM), the user is
presented with a screen on the browser which counts down for 60 seconds. After the 60-second countdown, the unit automatically reboots
and reinitializes.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 90

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.4.6

Firmware Update via the USB

The MBR1200 supports software upgrades via the USB port. A USB storage device (thumb drive) is preloaded with the new software .bin file.
Requirements:





CradlePoint MBR1200 Binary firmware file (i.e. u_mbr1200_2010_03_23.bin) From: http://www.cradlepoint.com/support/mbr1200
4G Modem Binary firmware file (i.e. u_ modem _5_2_206.bin) From: http://www.cradlepoint.com/support/mbr1200
CradlePoint MBR1200
USB “Thumb drive” mass storage device formatted FAT or FAT32.

Router Firmware Update – USB Procedure:








Remove the date code from the binary file. Example: u_mbr1200_2010_01_22.bin to u_mbr1200.bin.
Copy the u_mbr1200.bin file to the USB Thumb Drive. This must be in the root not in a folder.
Power on a MBR1200 and wait for the WLAN and POWER lights to go solid green.
Plug-in the USB Thumb Drive into the USB port on the MBR1200
The EC light will come on and blink while it is reading the binary file off the USB Thumb Drive
When the EC light goes solid for 3 seconds or more, pull the USB thumb drive.
At this point, the router will read the file, error check it and will load it. The router will reboot itself and will be running the new firmware

NOTE: If the file is corrupt, the MBR1200 will reboot and will not load the new firmware. It is recommend that when you are doing these en
mass, the first few are manually checked by logging into the router with a computer and going to http://192.168.0.1, login with the default
password, and then check the “Status” tab which will show the current router firmware version. The default password is the last 6 character of
the MAC address, which is located on a sticker on the bottom.
Modem File Update – USB Procedure:








Remove the date code from the binary file. Example: u_modem_2009_11_16 to u_ modem.bin.
Copy the u_modem.bin file to the USB Thumb Drive. This must be in the root not in a folder.
Power on a MBR1200 and wait for the WLAN and POWER lights to go solid green.
Plug-in the USB Thumb Drive into the USB port on the MBR1200
The EC light will come on and blink while it is reading the binary file off the USB Thumb Drive
When the EC light goes solid for 3 seconds or more, pull the USB thumb drive.
At this point, the router will read the file, error check it and will load it. The router will reboot itself and will be running the new firmware

NOTE: If the file is corrupt, the MBR1200 will reboot and will not load the modem file. It is recommend that when you are doing these en
mass, the first few are manually checked by logging into the router with a computer and going to http://192.168.0.1, login with the default
password, and then check the “Status” tab which will show the current router firmware version. The default password is the last 6 character of
the MAC address, which is located on a sticker on the bottom.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 91

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.5 IPsec VPN
Use the IPsec sub-menus to set policies that are used to
create a secure connection to a private network or allow
others to connect in a very secure way.

7.5.1

Add IPsec Policy

In this section you can add and edit IPSec policies to connect
via private networks. Please note that the policies must
match between routers when creating a connection. In other
words, while the names of the policies can be different, the
Hash, Cipher, Group, Timeouts, Pre-shared keys, or manual
settings must correspond for a successful connection.
Name. Add a name to identify the polity and distinguish one
policy from another.
VPN Tunnel. Tunnel mode allows a remote network to
appear as though it is a part of the local network. All
machines behind the remote LAN will be visible to the local
network. Transport mode, enabled by un-checking the VPN
Tunnel check box, creates an encrypted connection
terminating at the remote network‟s router. Inbound
connections are then forwarded to the appropriate machine
on the remote LAN. Please note: Transport mode requires
the additional step of a configured port forward policy. Only
data sent and received across networks with an IPSec policy
will be encrypted for both Tunnel and Transport.
Log messages related to IPSec VPN can be found on the
Status → Logs page. To reduce the number of log
messages generated by IPSec negotiations un-check the
Firewall & Security checkbox in the Log Options section.
Remote Gateway. While this can be the WAN IP of the
remote network it is recommended you use a dynamic DNS account host name. You can configure your DynDNS settings in the Tools →
Dynamic DNS page. By using the remote router‟s dynamic DNS host name when configuring your IPSec policy updates of the remote WAN IP
are compensated for while connecting to a VPN. (continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 92

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Remote Network. This is the address of the remote LAN. The network IP
addresses of the local and remote network must not be the same. Set, for
example the local IP to 192.168.0.1 (default CradlePoint LAN IP) and the
remote network to 192.168.30.1. In this case the IP specified in your policy
for Remote Network should be 192.168.30.0. For CradlePoint routers, this IP
can be configured in the Basic → Network page.
Remote Submask. This is the corresponding subnet mask of the remote
network.
Local Network. As with the Remote Network configuration description
above, this is the local network's IP address, which should be different from
the Remote Network's LAN IP address. If your local IP is 192.168.0.1 the
value specified in your policy for Local Network should be 192.168.0.0.
Local Submask. This is the corresponding subnet mask of the local network.
Hash Algorithm. The hash is used to compare, authenticate, and validate
that data across the VPN arrives in its intended form and to derive keys used
by IPSec. This section is used for both phase 1 and phase 2 of the IKE key
negotiation. While the default configuration is MD5, for increased security SHA algorithms are recommended.
Cipher Algorithm. The cipher is used to encrypt messages used by IPsec. This selection is used for both Phase 1 and Phase 2 of the IKE key
negotiation. The default cipher is AES.
DH Group. The DH (Diffie-Hellman) Group is a property of IKE. It is used to determine the length of prime numbers associated with key
generation. The strength of the key generated is partially determined by the strength of the DH Group. Group 5, for instance, has greater strength
than Group 2. Mismatched group settings between policies when creating a VPN will cause your connection to the remote network to fail.
Phase 1 Key Lifetime. The lifetime of the generated keys of Phase 1 of the IPSec negotiation from IKE.
Phase 2 Key Lifetime. The lifetime of the generated keys of Phase 2 of the IPSec negotiation from IKE.
Pre-Shared Key. A secret password used to derive keys, which both parties will have to know.
Save Policy. Adds a new policy to the IPSec Policy List. After adding the policy to the list you will need to save the settings at the top of this page
before the policy will take effect.
Clear Form. While adding or updating a policy, the Clear Form button can be selected to reset the values to their default states.
Advanced. Shows you a menu to configure advanced settings.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent. (continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 93

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.5.2

IPSEC Advanced Section

This section includes advanced features to affect how IKE will behave. You can manually
configure your IPSec policies rather than using those in the main section of this page.
Some of these features can be used if you are having difficulties with IKE, using the
CradlePoint IPSec VPN feature alongside a Linksys router, or working with legacy
hardware. However, this section is meant for advanced users and should only be
changed if you know what you are doing or a system administrator directs you to change
something.
Aggressive Mode. Enables Aggressive Mode phase 1 negotiation in IKE. The IKE
protocol has 2 modes of negotiating phase 1 - Identity Protection (main mode) and
Aggressive. In Identity Protection mode, IKE separates the key information from the
identities allowing for the identities of peers to be secure at the expense of extra packet
exchanges. In Aggressive Mode, IKE tries to combine as much information into fewer
packets while maintaining security. Un-checking this option tells IKE to use Identity
Protection mode instead of Aggressive. Disabling Aggressive mode may be required for
using IPSec alongside certain Linksys routers.
ESP Only. Enables ESP Only mode for IPSec. IPSec utilizes two protocols to secure
communication through an IPSec tunnel: ESP and AH. Both protocols can be used
together or separately.
If you are using any legacy hardware, which may expect AH, disable this feature.
Enabling this option tells IPSec to only use the ESP protocol when securing the data.
Only using ESP reduces the packet overhead but does not reduce security.
Perfect Forward Security (PFS). Enabling this feature will require IKE to generate a new
set of keys in Phase 2 rather than using the same key generated in Phase 1. Additionally, the new keys generated in Phase 2 (with this option
enabled) are exchanged in an encrypted session. Enabling this feature affords the policy greater security.
Dead Peer Detection. Defines how the router will detect when one end of the IPSec session loses connection while a policy is in use.
Connection Idle Time allows you to configure how long the router will allow an IPSec session to be idle before beginning to send Dead Peer
Detection (DPD) packets to the peer machine. You can adjust the delay between these DPD packets to send as quickly as every 2 seconds up
to 30 seconds apart. Additionally, you can specify the Max number of DPD requests to send at the time interval mentioned above.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 94

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Manual (No automatic key exchange). Select this to enable Manual Key Exchange. This feature is useful if you experience difficulties with IKE
or simply prefer not to use the form above for creating an IPSec policy. In those cases where you opt to use manual configuration instead, be sure
you first generate both the local and remote values on one router then communicate the remote values as the remote network‟s local values and
vice versa, so that the data here is exactly swapped in the remote router‟s IPSec settings. To populate the key fields simply select the Generate
key to the right for AH, ESP, or Both
Authentication Header (AH) / Encapsulation Security Payload (ESP) Mode. Allows you to pick the mode AH/ESP should operate in for this
policy – Transport or Tunnel. See VPN Tunnel description above for details.
AH/ESP SPI. These are hexadecimal numbers used to uniquely identify different IPsec tunnels between peers at the protocol level.
AH/ESP HMAC. These are the keys used by the AH/ESP protocol to authenticate the IP header protocol and the message payload.
ESP Keys. These are the keys used to encrypt and decrypt the messages being passed between peers.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

7.5.3

IPSEC Policy List

This section shows the currently defined IPsec Policies. An
entry can be changed by clicking the Edit icon or can be
deleted by clicking the Delete icon. When you click the Edit
icon, the Edit IPsec Policy section is activated for editing.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 95

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.6 Managed Services
Use the Managed Services sub-menus to securely control your
routers from anywhere on the Internet. You can manage their
configuration, change their f/w, monitor their status and view their
stored logs from any Internet-connected web browser. When this
feature is enabled the router will automatically attempt to contact the
management server whenever its WAN link comes up. All session
management is done over the WAN link using an SSL-secured
connection.
In order for the router to establish a session it must be registered
with the server. Contact CradlePoint for details on how to create an
account.
Enable Managed Services. Tell the router to attempt to establish a
management session over the active WAN link.
Ethernet Only. A management session can involve non-trivial
amounts of data transfer, especially for f/w upgrades. Since many modem plans impose data limits you may want to disable managed services
when the modem is the primary WAN interface. By checking this box you ensure that the router will only establish a management session when
Ethernet is the primary WAN link.
Session Retry. If a router is not yet registered with the server it will periodically retry to establish a session. This setting controls how long it will
wait between retry attempts.
Registration URL. If you have contacted Cradlepoint about registering your router, you may have received an email with a URL link. Paste that
link here, and the next time your router fails to start a session it will register via this link.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 96

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.7 Schedules
Use the Schedules sub-menu to create schedules employed to enforce rules. For
example, if you want to restrict web access to Mon-Fri from 3 PM to 8 PM you
could create a schedule selecting Mon, Tue, Wed, Thu, and Fri and enter a Start
Time of 3 PM and End Time of 8 PM.
The schedules your create in this submenu are used in the other submenus that
allow you to apply a time-based schedule, including





7.7.1

Virtual Server
Special Applications
Gaming
Parental Controls

Add Schedule Rule

Name. Name the schedule, such as Weekday rule.
Day(s). Place a check mark in the All Week radio button to select all seven days
of the week or place a check mark in the Select Day(s) radio button, then put a
check mark in the boxes next to the days of the week that you want your schedule
to be in effect.
All Day. Select this option if you want your schedule in effect all 24 hours for the selected day(s).
Start Time. If you don‟t use the All Day option, then enter the Start Time, which consists of two fields. Enter the hour of the Start Time in the first
field and enter the minute of the Start Time in the second field. Email events only require a Start Time (an End Time is not required for email
events).
End Time. Enter the End Time, which like the Start Time function, which consists of two fields. Enter the hour of the End Time in the first field
and enter the minute of the End Time in the second field. Entering an End Time is required for most rules (but not for email events).
Save/Update. Record the changes you have made.
Clear. Re-initialize this area of the screen, discarding any changes you have made.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 97

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.7.2

Schedule Rules List.

This list displays all of the currently defined schedules. An entry can
be changed by clicking the Edit icon or can be deleted by clicking
the Delete icon. When you click the Edit icon, the item populates
the Edit Schedule Rule and is activated for editing.
Update. Record the changes you have made.
The router must reboot before new settings will take effect. You will
be prompted to Reboot the Device or Continue. If you need to
make additional settings changes, click Continue. If you are
finished with all configuration settings, click the Reboot the Device
button.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 98

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.8 SNMP
Use the Simple Network Management Protocol (SNMP) Settings submenu to enable or disable the SNMP protocol over either the LAN, WAN,
or both interfaces. For security, you can also set the community names for
both Get and Set SNMP requests. SNMP version 1 is currently
implemented. The supported MIB is the standard RFC 1213 MIB as
maintained by the IETF. Additional Cellular-router MIB elements are
available through CradlePoint's WIPIPE-MIB.
Enable on LAN. Enable SNMP on the local LAN ports so that a local
device can manage the router.
Enable on WAN. Enable SNMP on the external WAN port so that an
external device can manage the router.
Get Community Name. Variable length string which allows access to
read-only data within this community group. The community names should
never be "public" or "private". Community names are a maximum of 15 characters long. Names should contain at least one number and one
capital letter. Access to the community name should be limited to the Administrator of realms.
Set Community Name. Variable length string which allows access to read and write data within this community group. The community names
should never be "public" or "private". Community names are a maximum of 15 characters long. Names should contain at least one number and
one capital letter. Access to the community name should be limited to the Administrator of realms.
SNMP WAN Inbound Filter. If SNMP is enabled on the WAN port you can create a filter that allows or denies specific IP ranges to connect to the
SNMP server.
Details. This shows the details of the selected Inbound Filter rule.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 99

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.9 Syslog
Use the SYSLOG sub-menu to enable archive of log files to a
Syslog Server.
Enable Logging to Syslog Server. (Default: off) Enable this option
if you have a syslog server currently running on the LAN and wish to
send log messages to it.
Syslog Server IP Address. Enter the LAN IP address of the Syslog
Server.
When you are done editing the settings, you must click the Save
Settings button at the top of the page to make the changes
effective and permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 100

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.10 System (System Settings)
Use the System Settings sub-menu to control to Reboot the Device
function or to restore the router to the factory default settings.
WARNING: Restoring the unit to the factory default settings will
overwrite and erase any custom settings you have implemented that
change the original factory default settings.

7.10.1 System Settings
Save Configuration. Click to save configuration information to a file
on a local hard drive or any other target you choose.
Restore Configuration from File. Reads all configuration information
from a Save Configuration file.
Restore to Factory Defaults. This option will restore all configuration
settings back to the factory defaults. Any settings that have not been
saved will be lost. If you want to save your router configuration
settings, you can do so from the Tools → Admin sub-menu.
Reboot the Device. This will restart the router. Useful for restarting when you are not near the device. When you click the Reboot the Device
button, you will be prompted to Save Configuration, which saves the configuration as described in Save to Local Hard Drive. This option
preserves any custom settings you have implemented.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 101

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.11 System Check (Ping Test)
Use the System Check sub-menu as a diagnostic tool to check
connectivity from the router to another computer. This function can
be used to verify a working connection across the WAN network or
the local network. NOTE: the ping target must be configured to
respond to ICMP ping requests.

7.11.1 Ping Test
Host Name or IP Address. Enter either the IP address of the target
computer or enter its fully qualified domain name.



Ping. Start Pinging the specified host
Stop. The host is pinged repeatedly until you click the Stop button.

7.11.2 Ping Result
Displays the results of the ping test. The ping test is an ICMP echo protocol. It‟s used to test response and path to a remote computer system,
i.e., a ping to a URL “www.xxxxx.com” will tell you if there is a path and if the remote computer is responding. NOTE: Not all devices respond to
pings.
Example:


Host Name or IP Address:

www.whitehouse.gov


Ping Result

Please wait, resolving www.whitehouse.gov....
Resolved to 205.161.7.102.
Response from 205.161.7.102 received in 7 milliseconds.
Response from 205.161.7.102 received in 6 milliseconds.
Response from 205.161.7.102 received in 7 milliseconds.
User stopped ping.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 102

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.12 Time
Use the Time Configuration sub-menu to configure, update, and
maintain the correct time on the internal system clock. The time
can be configured manually or a network time server can be
selected and the time updated via the Network Time Protocol
(NTP).

7.12.1 Time Configuration.
Current Router Time. Displays the day, date and local time used
by the MBR1200.
Time Zone. Select the local time zone.
Enable Daylight Saving. Check this option to adjust for daylight
savings time.
Daylight Saving Offset. Select the time offset for daylight savings
time.
Daylight Savings Dates. Set the month, week, day of week and
time for the MBR1200 to switch to/from Daylight Savings Time.

7.12.2 Automatic Time Configuration
Enabling this option allows the MBR1200 to contact network time
servers to automatically adjust the MBR1200 clock. If you are
using schedules or logs, this is the best way to ensure that the
schedules and logs are accurate.
Enable NTP Server. Select this option if you want the router‟s
clock synchronized to a Time Sever over the Internet.
NTP Server Used. Select a Time Server for synchronization. You
can type in the address of a time server or select one from the
drop down menu.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 103

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.12.3 Set the Date and Time Manually
If you do not have the NTP Server option in effect, you can either
manually set the time for your router here or you can click the Copy
Your Computer’s Time Settings button to copy the time from the
computer you are using.
NOTE: Be sure the computer‟s time is set correctly.
WARNING: If the router loses power for any reason, it cannot keep its
clock running and will not have the correct time when it is started
again. To maintain the correct time for schedules and logs, either you
must enter the correct time after you restart the router or you must enable the NTP Server option.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 104

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

7.13 User Login
Use the User Login sub-menu to configure, update, and maintain a customized
login page for other users to see when they log into the router.

7.13.1 User Login Settings
Require User Login. Select this option to enable or disable user login.

7.13.2 Internet Access Password
Password. Enter the password required for internet access.
Verify Password. Verify password required for internet access.

7.13.3 Customize Billboard
Enable Custom Billboard. Select this option if you want to provide the router
with a new customized user login page.
Custom Billboard. Enter HTML into this section to create a customized user
login page.
Preview. Select this button to preview the customized user login in the preview
panel.
Load Default. Select this button to load a default or example customized user
login.
NOTE. HTML links entered into customized bounce page will not be able to
retrieve information on the WAN side of the router.

7.13.4 Preview Custom Billboard
This area will show a preview of the customized user login.
When you are done editing the settings, you must click the Save Settings button
at the top of the page to make the changes effective and permanent.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 105

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8 STATUS TAB
The Status tab provides information about the current configuration settings of
the MBR1200 router via 7 sub-menus:








Device Info
Active Sessions
Logs
Routing
Statistics
Wireless (Wi-Fi)
WISH Sessions

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 106

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.1 Device Info
The Device Information sub-menu displays your Router settings. Options cannot be changed from this submenu. They can only be monitored.
NOTE: Some browsers have limitations that make it impossible to update the WAN status display when the
status changes. Some browsers require that you refresh the display to obtain updated status. Some browsers
report an error condition when trying to obtain WAN status.

8.1.1

General

Time. Displays the time and date that the router is set to.
Firmware Version. Displays the currently loaded firmware version.

8.1.2

WAN (Primary and Secondary Interface(s))

The information displayed will be for the currently active WAN connection. To change the failover priorities of
the various WAN connections or to manually connect or disconnect a WAN connection go to the Advanced
→ Failover sub-menu. If the connection is DHCP, clicking the DHCP Release button unassigns the router‟s
IP address. The router will not respond to IP messages from the WAN side until you click the DHCP Renew
button or power-up the router again. Clicking the DHCP Renew button requests a new IP address from the
ISP‟s server.
If the connection is via a modem, clicking the Disconnect button will cause the modem to hang up, and it will
not dial again (regardless of the Reconnect Mode from the Global Settings section of the Modem Settings
page) unless you re-plug it or click the Connect button.
Port. USB1, USB2, USB3, PC Card, Express Card or Ethernet.
Signal Strength. (USB, PC Card, Express Card only). Strength of wireless signal.
Connection Type. The Internet connection type that is being used.
Traffic Shaping. Traffic Shaping is Active or Inactive.
Cable Status. (Ethernet Only). Connected or not.
Network Status. Network is Connected, Establishing, Suspended, or Established.
Connection Uptime. Amount of time the connection has been successfully connected.
Authentication & Security. Type of Authentication & Security in place. (continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 107

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

MAC Address. The MAC address that is seen over the Internet.
IP Address. The IP address being used on the WAN port.
Subnet Mask. The subnet mask used on the WAN port.
Default Gateway. The default gateway of the WAN port.
Primary DNS Server. The Primary DNS Server address.
Secondary DNS Server. The Secondary DNS Server address.

8.1.3

LAN

This area of the screen reflects configuration settings from the Basic → Network sub-menu.
MAC Address. The MAC address displayed for your wired network. It is the factory-assigned
identifier of the LAN ports.
IP Address. IP Address of the router.
Subnet Mask. Subnet of the router.
DHCP Server. DHCP Server is Enabled or Disabled.

8.1.4

Wireless (Wi-Fi) LAN

This area of the screen reflects configuration settings from the Basic → Wireless page, the
Advanced → WISH page and the Advanced → Wi-Fi Protected Setup page. The MAC
Address is the factory-assigned identifier of the wireless card.
Wireless Radio. Wi-Fi is Enabled or Disabled.
WISH. WISH is Active or Inactive.
MAC Address. MAC address of the router.
Network Name (SSID). Network Name of the router.
Channel. Wi-Fi channel that the router is broadcasting on.
Turbo Mode. Turbo Mode is Enabled or Disabled.
Security Mode. WEP, WPA, WPA2, etc.
Wi-Fi Protected Setup. Wi-Fi Protected Setup is Enabled or Configured.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 108

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.1.5

Current DHCP Reservation

This area of the screen continually updates to show all DHCP enabled
computers and devices connected to the LAN side of your router. The
detection "range" is limited to the address range as configured in DHCP
Server. Computers that have an address outside of this range will not
show. If the DHCP Client (i.e. a computer configured to Automatically
obtain an address) supplies a Host Name then that will also be shown.
Any computer or device that has a static IP address that lies within the
detection "range" may show, however its host name will not.

8.1.6

IGMP Multicast memberships

If IGMP is enabled, this area of the screen shows all multicast groups of
which any LAN devices are members.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 109

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.2 Active Sessions
The Active Session sub-menu displays the full details of active sessions to
your router. An Internet session is a conversation between a program or
application on a LAN-side computer and a program or application on a WAN
side computer.
Local. The IP address and, where appropriate, port number of the local
application.
NAT. The port number of the LAN-side application as viewed by the WAN side
application.
Internet. The IP address and, where appropriate, port number of the application on the Internet.
Protocol. The communications protocol used for the conversation.
State. State for sessions that use the TCP protocol.









NO: None -- This entry is used as a placeholder for a future connection that may occur.
SS: SYN Sent -- One of the systems is attempting to start a connection.
EST: Established -- The connection is passing data.
FW: FIN Wait -- The client system has requested that the connection be stopped.
CW: Close Wait -- The server system has requested that the connection be stopped.
TW: Time Wait -- Waiting for a short time while a connection that was in FIN Wait is fully closed.
LA: Last ACK -- Waiting for a short time while a connection that was in Close Wait is fully closed.
CL: Closed -- The connection is no longer active but the session is being tracked in case there are any retransmitted packets still pending.

Dir. The direction of initiation of the conversation:



Out. Initiated from LAN to WAN.
In. Initiated from WAN to LAN.

Priority. The preference given to outbound packets of this conversation by the QoS Engine logic. Smaller numbers represent higher priority.
Time Out. The number of seconds of idle time until the router considers the session terminated. The initial value of Time Out depends on the type
and state of the connection.




300 seconds. UDP connections.
240 seconds. Reset or closed TCP connections. The connection does not close instantly so that lingering packets can pass or the
connection can be re-established.
7800 seconds. Established or closing TCP connections.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 110

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.3 Logs
The Logs sub-menu allows you to view the router logs. The router
automatically logs (records) events of possible interest in its internal
memory. If there isn‟t enough internal memory for all events, logs of
older events are deleted but logs of the latest events are retained. You
can decide what types of events you want to view and the level of the
events to view. This router also has external Syslog Server support so
you can send the log files to a computer on your network that is
running a Syslog utility.

8.3.1

Log Options

What to View. You can select the types of messages that you want to
display from the log:





Firewall & Security
System
Router Status
IPSec VPN

View Levels. You can choose from three levels of message
importance:




Critical
Warning
Informational

Apply Log Settings Now. Filters the log results so that only the
selected options appear.

8.3.2

Log Details

Refresh. Updates the log details on the screen so it displays any recent activity.
Clear. Clears all of the log contents.
Email Now. This option will send a copy of the router log to the email address configured in the Tools → Email sub-menu.
Save Log. This option will save the router to a log file on your computer.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 111

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.4 Routing
The routing section displays all of the routing details configured for your
router.
A value of 0.0.0.0 for gateway means there is no next hop, and the IP
address is directly connected to the router on the interface specified: LAN or
WAN. A value of 0.0.0.0 in both the destination IP and netmask means that
this is the default route.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 112

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.5 Statistics (Traffic Statistics)
The Statistics (Traffic Statistics) sub-menu displays basic statistics for the
LAN, WAN and Wireless network interfaces.

8.5.1

Traffic Statistics

Refresh Statistics. Updates the screen with the latest router statistics.
Clear Statistics. Clears all of the values on the screen.

8.5.2

Wireless (Wi-Fi), LAN and WAN Statistics

Kbytes Sent. The number of packets transmitted to the local area network.
Kbytes Received. The number of packets received from the local area
network.
TX Packets Dropped. The number of transmit packets not sent.
RX Packets Dropped. The number of receive packets not dropped.
Collisions. The number of collision packets on the LAN.
Errors. The number of packets received with errors on the LAN.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 113

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.6 Wireless (Wi-Fi)
The Wireless (Wi-Fi) sub-menu displays the number of wireless
clients that are connected to the router, the MAC address of each
system connecting wirelessly, and the IP address of each system
connecting wirelessly. Control buttons allow the administrator to
allow or deny access for each of the listed computers. If Require
User Login has not been enabled (Basic → Wizard sub-menu),
then the control buttons are not available on this submenu.

8.6.1

Number of Wireless Clients

This lists the client computers that are currently connected to the
WLAN access point.
MAC Address. The Ethernet ID (MAC address) of the wireless
client.
IP Address. The LAN-side IP address of the client.
Mode. The transmission standard being used by the client. Values
are 802.11a, 802.11b, 802.11g, or 802.11n.
Rate. The actual transmission rate of the client in megabits per
second.
Signal. This is a relative measure of signal quality. The value is
expressed as a percentage of theoretical best quality. Signal quality
can be reduced by distance, by interference from other radiofrequency sources (such as cordless telephones or neighboring
wireless networks), and by obstacles between the router and the
wireless device.
If Require User Login is enabled then you can also control internet
access privileges for the attached wireless clients.
(continued)

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 114

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.6.2

Clients Allowed Access to the Internet

The control icons allow the administrator to grant access to the client
computers. Access grants provide the same access as if a client went
through the user login.




8.6.3

Client allowed temporarily. Will have access until
disconnected from the Wi-Fi network
Client allowed permanently. Same as the Remember Me
function in the user login process. Will have access each time connected to the Wi-Fi network.
Client is not allowed. This client computer is denied access to the Wi-Fi network.

Remembered Clients

Once a Wi-Fi client has successfully logged into the Internet access side of the router, the MBR1200 can “remember” that Wi-Fi client by
remembering its MAC address, eliminating the need to login each time. NOTE: Remembered Clients are “forgotten” if you reset the MBR1200 to
its factory default.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 115

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

8.7 WISH Sessions
The WISH Sessions sub-menu displays full details of active local wireless
sessions through your router when WISH has been enabled. A WISH session is
a conversation between a program or application on a wirelessly connected
LAN-side computer and another computer, however connected.
Originator. The IP address and, where appropriate, port number of the
computer that originated a network connection.
Target. The IP address and, where appropriate, port number of the computer to
which a network connection has been made.
Protocol. The communications protocol used for the conversation.
State. State for sessions that use the TCP protocol.









NO: None -- This entry is used as a placeholder for a future connection
that may occur.
SS: SYN Sent -- One of the systems is attempting to start a connection.
EST: Established -- the connection is passing data.
FW: FIN Wait -- The client system has requested that the connection be stopped.
CW: Close Wait -- the server system has requested that the connection be stopped.
TW: Time Wait -- Waiting for a short time while a connection that was in FIN Wait is fully closed.
LA: Last ACK -- Waiting for a short time while a connection that was in Close Wait is fully closed.
CL: Closed -- The connection is no longer active but the session is being tracked in case there are any retransmitted packets still pending.

Priority. The priority of the message flow is entered here. Four priorities are defined:





BK: Background (least urgent).
BE: Best Effort.
VI: Video.
VO: Voice (most urgent).

Time Out. The number of seconds of idle time until the router considers the session terminated. The initial value of Time Out depends on the type
and state of the connection.




PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 116

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

9 GLOSSARY
802.11

AppleTalk

A family of specifications for wireless local area networks (WLANs)
developed by a working group of the Institute of Electrical and
Electronics Engineers (IEEE).

A set of Local Area Network protocols developed by Apple for their
computer systems.

Access Control List

AppleTalk Address Resolution Protocol

ACL. This is a database of network devices that are allowed to
access resources on the network.

AARP. Used to map the MAC addresses of Apple computers to their
AppleTalk network addresses, so that conversions can be made in
both directions.

Access Point

Application layer

AP. Device that allows wireless clients to connect to it and access
the network.

7th Layer of the OSI model. Provides services to applications to
ensure that they can communicate properly with other applications
on a network.

ActiveX
A Microsoft specification for the interaction of software components.

ASCII
American Standard Code for Information Interchange. This system of
characters is most commonly used for text files.

Ad-hoc network
Peer-to-Peer network between wireless clients.
Address Resolution Protocol
ARP. Used to map MAC addresses to IP addresses so that
conversions can be made in both directions.
ADSL

Attenuation
The loss in strength of digital and analog signals. The loss is greater
when the signal is being transmitted over long distances.
Authentication

Asymmetric Digital Subscriber Line.

To provide credentials, like a Password, in order to verify that the
person or device is really who they are claiming to be.

Advanced Encryption Standard

Automatic Private IP Addressing

AES. Government encryption standard.

APIPA. An IP address that a Windows computer will assign itself
when it is configured to obtain an IP address automatically but no
DHCP server is available on the network.

Alphanumeric
Characters A-Z and 0-9.

Backward Compatible

Antenna
Used to transmit and receive RF signals.

The ability for new devices to communicate and interact with older
legacy devices to guarantee interoperability.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 117

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Bandwidth

Browser

The maximum amount of bytes or bits per second that can be
transmitted to and from a network device.

A program that allows you to access resources on the web and
provides them to you graphically.

Basic Input/Output System

Cable modem

BIOS. A program that the processor of a computer uses to startup
the system once it is turned on.

A device that allows you to connect a computer up to a coaxial cable
and receive Internet access from your Cable provider.

Baud

CardBus

Data transmission speed.

A newer version of the PC Card or PCMCIA interface. It supports a
32- bit data path, DMA, and consumes less voltage.

Beacon
A data frame by which one of the stations in a Wi-Fi network
periodically broadcasts network control data to other wireless
stations.
Bit rate

CAT 5
Category 5. Used for 10/100 Mbps or 1Gbps Ethernet connections.
Client
A program or user that requests data from a server.

The amount of bits that pass in given amount of time.
Bit/sec

Collision

Bits per second.

When do two devices on the same Ethernet network try and transmit
data at the exact same time.

BOOTP

Bootstrap Protocol. Allows for computers to be booted up and given
an IP address with no user intervention.

Information that is stored on the hard drive of your computer that
holds your preferences to the site that gave your computer the
cookie.

Bottleneck
A time during processes when something causes the process to
slowdown or stop all together.
Broadband
A wide band of frequencies available for transmitting data.

Data
Information that has been translated into binary so that it can be
processed or moved to another device.
Data Encryption Standard
Uses a randomly selected 56-bit key that must be known by both the
sender and the receiver when information is exchanged.

Broadcast
Transmitting data in all directions at once.

Data-Link layer
The second layer of the OSI model. Controls the movement of data
on the physical link of a network.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 118

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Database

Digital certificate

Organizes information so that it can be managed updated, as well as
easily accessed by users or applications.

An electronic method of providing credentials to a server in order to
have access to it or a network.

DB-25

Direct Sequence Spread Spectrum

A 25-pin male connector for attaching External modems or RS-232
serial devices.

DSSS: Modulation technique used by 802.11b wireless devices.

DB-9

“Demilitarized Zone”. A computer that logically sits in a “no-mansland” between the LAN and the WAN. The DMZ computer trades
some of the protection of the router‟s security mechanisms for the
convenience of being directly addressable from the Internet.

A 9-pin connector for RS-232 connections
dBd
Decibels related to dipole antenna.
dBi

DMZ

DNS
Domain Name System: Translates Domain Names to IP addresses.

Decibels relative to isotropic radiator.
dBm

Domain name
A name that is associated with an IP address.

Decibels relative to one milliwatt.
Decrypt

Download

To unscramble an encrypted message back into plain text.

To send a request from one computer to another and have the file
transmitted back to the requesting computer.

Default

DSL

A predetermined value or setting that is used by a program when no
user input has been entered for this value or setting.

Digital Subscriber Line. High bandwidth Internet connection over
telephone lines.

Demilitarized zone

Duplex

DMZ: A single computer or group of computers that can be accessed
by both users on the Internet as well as users on the Local Network,
but that is not protected by the same security as the Local Network.

Sending and Receiving data transmissions at the same time.

DHCP

Dynamic DNS is provided by companies to allow users with Dynamic
IP addresses to obtain a Domain Name that will always be linked to
their changing IP address. The IP address is updated by either client
software running on a computer or by a router that supports Dynamic
DNS, whenever the IP address changes.

Dynamic Host Configuration Protocol: Used to automatically assign
IP addresses from a predefined pool of addresses to computers or
devices that request them.

Dynamic DNS service

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 119

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Dynamic IP address

Fragmentation

IP address that is assigned by a DHCP server and that may change.
Cable Internet providers usually use this method to assign IP
addresses to their customers.

Breaking up data into smaller pieces to make it easier to store.
FTP

EAP

File Transfer Protocol. Easiest way to transfer files between
computers on the Internet.

Extensible Authentication Protocol.

Full-duplex

Sending and Receiving data at the same time.

Electronic Mail is a computer-stored message that is transmitted
over the Internet.

Gain
The amount an amplifier boosts the wireless signal.

Encryption
Converting data into cyphertext so that it cannot be easily read.

Gateway
A device that connects your network to another, like the Internet.

Ethernet
The most widely used technology for Local Area Networks.

Gbps
Gigabits per second.

Fiber optic
A way of sending data through light impulses over glass or plastic
wire or fiber.
File server
A computer on a network that stores data so that the other
computers on the network can all access it.

Gigabit Ethernet
Transmission technology that provides a data rate of 1 billion bits per
second.
GUI
Graphical user interface.

File sharing

H.323

Allowing data from computers on a network to be accessed by other
computers on the network with different levels of access rights.

A standard that provides consistency of voice and video
transmissions and compatibility for video conferencing devices.

Firewall

Half-duplex

A device that protects resources of the Local Area Network from
unauthorized users outside of the local network.

Data cannot be transmitted and received at the same time.

Firmware

Transforming a string of characters into a shorter string with a
predefined length.

Programming that is inserted into a hardware device that tells it how
to function.

Hashing

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 120

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Hexadecimal

Infrastructure

Characters 0-9 and A-F.

In terms of a wireless network, this is when wireless clients use an
Access Point to gain access to the network.

Hop
The action of data packets being transmitted from one router to
another.
Host

Internet
A system of worldwide networks which use TCP/IP to allow for
resources to be accessed from computers around the world.
Internet Explorer

Computer on a network.

A World Wide Web browser created and provided by Microsoft.

HTTP
Hypertext Transfer Protocol is used to transfer files from HTTP
servers (web servers) to HTTP clients (web browsers).
HTTPS
HTTP over SSL is used to encrypt and decrypt HTTP transmissions.

Internet Protocol
The method of transferring data from one computer to another on the
Internet.
Internet Protocol Security
IPsec provides security at the packet processing layer of network
communication.

Hub
A networking device that connects multiple devices together.
ICMP

Internet Service Provider
An ISP provides access to the Internet to individuals or companies.

Internet Control Message Protocol.
IEEE

Intranet
A private network.

Institute of Electrical and Electronics Engineers.
IGMP
Internet Group Management Protocol is used to make sure that
computers can report their multicast group membership to adjacent
routers.

Intrusion Detection
A type of security that scans a network to detect attacks coming from
inside and outside of the network.
IP
Internet Protocol.

IIS
Internet Information Server is a WEB server and FTP server
provided by Microsoft.
IKE

IP address
A 32-bit number, when talking about Internet Protocol Version 4, that
identifies each computer that transmits data on the Internet or on an
Intranet.

Internet Key Exchange is used to ensure security for VPN
connections.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 121

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

IPsec

Local Area Network

Internet Protocol Security.

LAN. A group of computers in a building that usually access files
from a server.

IPX
Internetwork Packet Exchange is a networking protocol developed by
Novell to enable their Netware clients and servers to communicate.
ISP

LPR/LPD
“Line Printer Requestor”/”Line Printer Daemon”. A TCP/IP protocol
for transmitting streams of printer data.
MAC Address

Internet Service Provider.
Java

A unique hardware ID assigned to every Ethernet adapter by the
manufacturer.

A programming language used to create programs and applets for
web pages.

Mbps

Kbps

Megabits per second.
MDI

Kilobits per second.

Medium Dependent Interface is an Ethernet port for a connection to
a straight-through cable.

Kbyte
Kilobyte.

MDIX

L2TP
Layer 2 Tunneling Protocol.

Medium Dependent Interface Crossover is an Ethernet port for a
connection to a crossover cable.

LAN

MIB

Local Area Network.

Management Information Base is a set of objects that can be
managed by using SNMP.

Latency
The amount of time that it takes a packet to get from the one point to
another on a network. Also referred to as delay.

Modem

Light Emitting Diode.

A device that Modulates digital signals from a computer to an analog
signal in order to transmit the signal over phone lines. It also
Demodulates the analog signals coming from the phone lines to
digital signals for your computer.

Legacy

MPPE

Older devices or technology.

Microsoft Point-to-Point Encryption is
transmissions over PPTP connections.

LED

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

used

secure

data

PAGE 122

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

MTU

OFDM

Maximum Transmission Unit is the largest packet that can be
transmitted on a packet-based network like the Internet.

Orthogonal Frequency-Division Multiplexing is the modulation
technique for both 802.11a and 802.11g.

Multicast

OSI

Sending data from one device to many devices on a network.

Open Systems Interconnection is the reference model for how data
should travel between two devices on a network.

NAT
Network Address Translation allows many private IP addresses to
connect to the Internet, or another network, through one IP address.

OSPF

NetBIOS Extended User Interface is a Local Area Network
communication protocol. This is an updated version of NetBIOS.

Open Shortest Path First is a routing protocol that is used more than
RIP in larger scale networks because only changes to the routing
table are sent to all the other routers in the network as opposed to
sending the entire routing table at a regular interval, which is how
RIP functions.

NetBIOS

Password

Network Basic Input/Output System.

A sequence of characters that is used to authenticate requests to
resources on a network.

NetBEUI

Netmask
Determines what portion of an IP address designates the Network
and which part designates the Host.
Network Interface Card
NIC. A card installed in a computer or built onto the motherboard that
allows the computer to connect to a network.
Network Layer
The third layer of the OSI model which handles the routing of traffic
on a network.
Network Time Protocol
Used to synchronize the time of all the computers in a network.
NIC

Personal Area Network
The interconnection of networking devices within a range of 10
meters.
Physical layer
The first layer of the OSI model. Provides the hardware means of
transmitting electrical signals on a data carrier.
Ping
A utility program that verifies that a given Internet address exists and
can receive messages. The utility sends a control packet to the given
address and waits for a response.
PoE

Network Interface Card.

Power over Ethernet is the means of transmitting electricity over the
unused pairs in a category 5 Ethernet cable.

NTP

POP3

Network Time Protocol.

Post Office Protocol 3 is used for receiving email.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 123

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Port

Repeater

A logical channel endpoint in a network. A computer might have only
one physical channel (its Ethernet channel) but can have multiple
ports (logical channels) each identified by a number.

Retransmits the signal of an Access Point in order to extend its
coverage.

PPP
Point-to-Point Protocol is used for two computers to communicate
with each over a serial interface, like a phone line.
PPPoE

RIP
Routing Information Protocol is used to synchronize the routing table
of all the routers on a network.
RJ-11
The most commonly used connection method for telephones.

Point-to-Point Protocol over Ethernet is used to connect multiple
computers to a remote server over Ethernet.

RJ-45
The most commonly used connection method for Ethernet.

PPTP
Point-to-Point Tunneling Protocol is used for creating VPN tunnels
over the Internet between two networks.
Preamble
Used to synchronize communication timing between devices on a
network.

RS-232C
The interface for serial communication between computers and other
related devices.
RSA
Algorithm used for encryption and authentication.

QoS

Server

Quality of Service.

A computer on a network that provides services and resources to
other computers on the network.

RADIUS
Remote Authentication Dial-In User Service allows for remote users
to dial into a central server and be authenticated in order to access
resources on a network.

Session key
An encryption and decryption key that is generated for every
communication session between two computers.

Reboot

Session layer

To restart a computer and reload it‟s operating software or firmware
from nonvolatile storage.

The fifth layer of the OSI model which coordinates the connection
and communication between applications on both ends.

Rendezvous

Simple Mail Transfer Protocol

Apple‟s version of UPnP, which allows for devices on a network to
discover each other and be connected without the need to configure
any settings.

Used for sending and receiving email.

Simple Network Management Protocol
Governs the management and monitoring of network devices.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 124

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

SIP

TCP

Session Initiation Protocol. A standard protocol for initiating a user
session that involves multimedia content, such as voice or chat.

Transmission Control Protocol.

SMTP

TCP Raw
A TCP/IP protocol for transmitting streams of printer data.

Simple Mail Transfer Protocol.
SNMP

TCP/IP
Transmission Control Protocol/Internet Protocol.

Simple Network Management Protocol.
SOHO

TFTP

Small Office/Home Office.

Trivial File Transfer Protocol is a utility used for transferring files that
is simpler to use than FTP but with less features.

SPI

Throughput

Stateful Packet Inspection.

The amount of data that can be transferred in a given time period.

SSH

Traceroute

Secure Shell is a command line interface that allows for secure
connections to remote computers.

A utility displays the routes between you computer and specific
destination.

SSID

UDP

Service Set Identifier is a name for a wireless network.

User Datagram Protocol.

Stateful Packet Inspection

Unicast

A feature of a firewall that monitors outgoing and incoming traffic to
make sure that only valid responses to outgoing requests are
allowed to pass though the firewall.

Communication between a single sender and receiver.
Universal Plug and Play

Subnet mask

UPnP. A standard that allows network devices to discover each other
and configure themselves to be a part of the network.

Determines what portion of an IP address designates the Network
and which part designates the Host.

Update
To install a more recent version of a software or firmware product.

Syslog
System Logger -- a distributed logging interface for collecting in one
place the logs from different sources. Originally written for UNIX, it is
now available for other operating systems, including Windows.

Upgrade
To install a more recent version of a software or firmware product.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 125

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

Upload

WCN

To send a request from one computer to another and have a file
transmitted from the requesting computer to the other.

Windows Connect Now. A Microsoft method for configuring and
bootstrapping wireless networking hardware (access points) and
wireless clients, including PCs and other devices.

UPnP

WDS

Universal Plug and Play.
URL

Wireless Distribution System. A system
interconnection of access points wirelessly.

Uniform Resource Locator is a unique address for files accessible on
the Internet.

Web browser

USB

A utility that allows you to view content and interact with all of the
information on the World Wide Web.

Universal Serial Bus.

that

enables

the

WEP

UTP
Unshielded Twisted Pair.

Wired Equivalent Privacy is security for wireless networks that is
supposed to be comparable to that of a wired network.

Virtual Private Network

Wi-Fi

VPN: A secure tunnel over the Internet to connect remote offices or
users to their company‟s network.

Wireless Fidelity. Used to describe any of the 802.11 wireless
networking specifications.

VLAN

Wi-Fi Protected Access

Virtual LAN.
Voice over IP

An updated version of security for wireless networks that provides
authentication as well as encryption.

Sending voice information over the Internet as opposed to the PSTN

Wide Area Network

VoIP

The larger network that your LAN is connected to, which may be the
Internet itself, or a regional or corporate network.

Voice over IP.

Wireless (Wi-Fi) LAN

Wake on LAN
Allows you to power up a computer though it‟s Network Interface
Card.
WAN
Wide Area Network.

Connecting to a Local Area Network over one of the 802.11 wireless
standards.
Wireless ISP
WISP. A company that provides a broadband Internet connection
over a wireless connection.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 126

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

WISP
Wireless Internet Service Provider.
WLAN
Wireless Local Area Network.
WPA
Wi-Fi Protected Access. A Wi-Fi security enhancement that provides
improved data encryption, relative to WEP.
xDSL
A generic term for the family of digital subscriber line (DSL)
technologies, such as ADSL, HDSL, RADSL, and SDSL.
Yagi antenna
A directional antenna used to concentrate wireless signals on a
specific
location.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 127

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

10 APPENDIX
10.1 Regulatory Information
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits
are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can
radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio
communications. This device must accept any interference received, including interference that may cause undesired operation. However, there is
no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television
reception, which can be determined by turning the equipment off and on, the user is encouraged to try and correct the interference by one or more
of the following measures:





Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Consult the dealer or an experienced radio or television technician for help.

Changes or modifications not expressly approved by CradlePoint, Inc. could void the user‟s authority to operate the product.
Radio Frequency Interference Requirement - Canada
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.

10.2 Warranty Information
CradlePoint, Inc. warrants this product against defects in materials and workmanship to the original purchases (or the first purchaser in the case of resale by an authorized distributor)
for a period of one (1) year from the date of shipment. This warranty is limited to a repair or replacement of the product, at CradlePoint‟s discretion.
Within thirty (30) days of receipt should the product fail for any reason other than damage due to customer negligence, purchaser may return the product to the point of purchase for a
full refund of the purchase price.
If the purchaser wishes to upgrade or convert to another CradlePoint, Inc. product within the thirty (30) day period, purchaser may return the product and apply the full purchase price
toward the purchase of the other product. Any other return will be subject to CradlePoint, Inc.‟s existing return policy.
IN NO EVENT SHALL CRADLEPOINT‟S LIABILITY EXCEED THE PRICE PAID FOR THE PRODUCT FROM DIRECT, INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL
DAMAGES RESULTING FROM THE USE OF THE PRODUCT, ITS USER INTERFACE SOFTWARE, OR ITS DOCUMENTATION.
CradlePoint makes no warranty or representation, expressed, implied, or statutory, with respect to its products or the contents or use of this documentation and all user interface
software, and specifically disclaims its quality, performance, merchantability, or fitness for any particular purpose. CradlePoint reserves the right to revise or update its products,
software, or documentation without obligation to notify any individual or entity.

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 128

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

10.3 Specifications
MODEL NAME
MBR1200 Failsafe Gigabit Broadband N Router
WAN / INTERNET
3G/4G via Five Modem Ports (3 USB 2.0, 1 ExpressCard, 1 PC
Card); One Ethernet Port (10/100/1000); One LAN Ethernet Port reconfigurable to WAN for redundancy
LAN
WiFi 802.11 b/g/n, Four Ethernet Ports (10/100/1000)

DETAILS







ANTENNAS
internal WiFi antennas (300+ yards range), external antenna ports
for optional antennas providing additional distance and performance



BUTTONS / SWITCHES
WiFi On/Off Switch, WPS Button (WiFi Protected Setup), Modem
Signal Strength, Reset, and Power Switch



LED INDICATORS
Power, Ethernet LAN (1-4), Ethernet WAN, 3G/4G WAN, 3G/4G
Modem Status (5), WPS (WiFi Protected Setup), Signal Strength
DIMENSIONS
9” x 5.1” x 1.57” ( 230mm x 130mm x 40mm )
CERTIFICATIONS
FCC, IC, CE, WiFi Alliance









2.412 to 2.484 GHz WIFi Frequency Band Operation
Compliant with IEEE 802.3 and 3u Standards
Supports OFDM and CCK Modulation
Supports Cable/DSL modems with Dynamic IP, Static IP,
PPPoE, PPTP, or L2TP Connection Types
Traffic Control, Port Forwarding, Virtual Server (max 32
servers) and DMZ
Compatible with HSPA, EVDO, & WiMAX Cellular Network
Devices
Easy Management via HTTP and Remote Management via
HTTP and SNMP
Create, Manage, and Terminate Up To 5 IPSec VPN
Sessions
Supported VPN Implementations: MBR1x00 to MBR1x00,
1
MBR1x00 to Cisco/Linksys Routers , MBR1x00 to Linux
2
Systems
Tunnel (default) and Transfer (a.k.a. Transport) Modes
Hash Algorithms (hardware accelerated) - MD5, SHA128,
SHA256, SHA384, SHA512
Cipher Algorithms (hardware accelerated) - AES, 3DES,
DES
Keying - automatic using IKE 1.0 or Manual
3
Authentication Method: Pre-Shared Key

1 Tested against a Cisco 5500 running IKE Microcode: CNlite-MC-IPSEC-Admin-3.03 IPSec
Microcode: CNlite-MC-IPSECm-MAIN-2.03
2 Tested with Linux Kernel: 2.6.18 - 2.6.25; IKE (Racoon): 0.7.0 and 0.7.1

OPERATING TEMPERATURE
o
o
0 C to 50 C

3 No Stream Compression, LT2TP or PPTP Support

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 129

CRADLEPOINT MBR1200 | USER MANUAL Firmware ver. 1.6.12

PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES

PAGE 130

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : No
Page Count                      : 132
Language                        : en-US
Tagged PDF                      : Yes
Title                           : CradlePoint Mobile Broadband Router
Author                          : Phil Magnuson
Creator                         : Microsoft® Office Word 2007
Create Date                     : 2010:06:07 23:26:45
Modify Date                     : 2010:06:07 23:26:45
Producer                        : Microsoft® Office Word 2007

EXIF Metadata provided by EXIF.tools

CradlePoint Mobile Broadband Router MBR1200 Manual

Navigation menu

Versions of this User Manual:

Views

Navigation