Freescale Semiconductor MPC8377EWLAN Wireless Router User Manual MPC8377EWLAN Wireless Router Software User s Guide

Freescale Semiconductor, Inc. Wireless Router MPC8377EWLAN Wireless Router Software User s Guide

Contents

software part

Download: Freescale Semiconductor MPC8377EWLAN Wireless Router User Manual MPC8377EWLAN Wireless Router Software User s Guide
Mirror Download [FCC.gov]Freescale Semiconductor MPC8377EWLAN Wireless Router User Manual MPC8377EWLAN Wireless Router Software User s Guide
Document ID1098087
Application IDalQCulCHxfUwCRd4vBRRdA==
Document Descriptionsoftware part
Short Term ConfidentialNo
Permanent ConfidentialNo
SupercedeNo
Document TypeUser Manual
Display FormatAdobe Acrobat PDF - pdf
Filesize240.6kB (3007561 bits)
Date Submitted2009-04-17 00:00:00
Date Available2009-04-18 00:00:00
Creation Date2009-03-19 11:20:06
Producing SoftwareAcrobat Distiller 8.0.0 (Windows)
Document Lastmod2009-03-19 11:21:23
Document TitleMPC8377EWLAN Wireless Router Software User's Guide
Document CreatorAcrobat PDFMaker 8.0 for Word
Document Author: Freescale Semiconductor Inc.

MPC8377EWLAN Wireless
Router
Software User’s Guide
Document Number: MPC8377EWLANSUG
Rev 1.1.2
03/2009
How to Reach Us:
Home Page:
www.freescale.com
Web Support:
http://www.freescale.com/support
USA/Europe or Locations Not Listed:
Freescale Semiconductor, Inc.
Technical Information Center, EL516
2100 East Elliot Road
Tempe, Arizona 85284
1-800-521-6274 or +1-480-768-2130
www.freescale.com/support
Europe, Middle East, and Africa:
Freescale Halbleiter Deutschland GmbH
Technical Information Center
Schatzbogen 7
81829 Muenchen, Germany
+44 1296 380 456 (English)
+46 8 52200080 (English)
+49 89 92103 559 (German)
+33 1 69 35 48 48 (French)
www.freescale.com/support
Japan:
Freescale Semiconductor Japan Ltd.
Headquarters
ARCO Tower 15F
1-8-1, Shimo-Meguro, Meguro-ku,
Tokyo 153-0064
Japan
0120 191014 or +81 3 5437 9125
support.japan@freescale.com
Asia/Pacific:
Freescale Semiconductor China Ltd.
Exchange Building 23F
No. 118 Jianguo Road
Chaoyang District
Beijing 100022
China
+86 10 5879 8000
support.asia@freescale.com
For Literature Requests Only:
Freescale Semiconductor Literature Distribution
Center
P.O. Box 5405
Denver, Colorado 80217
1-800-441-2447 or +1-303-675-2140
Fax: +1-303-675-2150
LDCForFreescaleSemiconductor@hibbertgroup.com
Information in this document is provided solely to enable system and software
implementers to use Freescale Semiconductor products. There are no express or
implied copyright licenses granted hereunder to design or fabricate any integrated
circuits or integrated circuits based on the information in this document.
Freescale Semiconductor reserves the right to make changes without further notice to
any products herein. Freescale Semiconductor makes no warranty, representation or
guarantee regarding the suitability of its products for any particular purpose, nor does
Freescale Semiconductor assume any liability arising out of the application or use of
any product or circuit, and specifically disclaims any and all liability, including without
limitation consequential or incidental damages. “Typical” parameters that may be
provided in Freescale Semiconductor data sheets and/or specifications can and do
vary in different applications and actual performance may vary over time. All operating
parameters, including “Typicals”, must be validated for each customer application by
customer’s technical experts. Freescale Semiconductor does not convey any license
under its patent rights nor the rights of others. Freescale Semiconductor products are
not designed, intended, or authorized for use as components in systems intended for
surgical implant into the body, or other applications intended to support or sustain life,
or for any other application in which the failure of the Freescale Semiconductor
product could create a situation where personal injury or death may occur. Should
Buyer purchase or use Freescale Semiconductor products for any such unintended or
unauthorized application, Buyer shall indemnify and hold Freescale Semiconductor
and its officers, employees, subsidiaries, affiliates, and distributors harmless against
all claims, costs, damages, and expenses, and reasonable attorney fees arising out of,
directly or indirectly, any claim of personal injury or death associated with such
unintended or unauthorized use, even if such claim alleges that Freescale
Semiconductor was negligent regarding the design or manufacture of the part.
Federal Communications Commission Radio Frequency Interference
Statement
This device complies with Part 15 of the FCC rules. Operation is subject to the
following two conditions:
(1) This device may not cause harmful interference and
(2) this device must accept any interference received, including interference that might
cause undesired operation.
Changes or modifications to this equipment not expressly approved by Freescale
could void the user’s authority to operate the equipment.
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference in a residential installation.
This equipment generates uses and can radiate radio frequency energy and, if not
installed and used in accordance with the instructions, may cause harmful interference
to radio communications. However, there is no guarantee that interference will not
occur in a particular installation. If this equipment does cause harmful interference to
radio or television reception, which can be determined by turning the equipment off
and on, the user is encouraged to try to correct the interference by one or more of the
following measures:
—Reorient or relocate the receiving antenna.
—Increase the separation between the equipment and receiver.
—Connect the equipment into an outlet on a circuit different from that to which the
receiver is connected.
—Consult the dealer or an experienced radio/TV technician for help.
Reminding
1. The installed antennas must not be located in a manner that
allows exposure of the general population at a distance of
less than 23cm.
2. Mount the antennas in a manner that prevents any personnel
from entering the area within 23cm from the central position
of the antenna.
This device has been designed to operate with the attached antennas,
and having a maximum gain of 2.5dBi. Antennas not identical as
that or having a gain greater than 2.5dBi are strictly prohibited
for use with this device. The required antenna impedance is 50 ohms.
To reduce potential radio interference to other users, the antenna
type and its gain should be so chosen that the equivalent
isotropically radiated power (e.i.r.p.) is not more than that
permitted for successful communication.
Freescale™ and the Freescale logo are trademarks of Freescale
Semiconductor, Inc. All other product or service names are the property of
their respective owners.
© Freescale Semiconductor, Inc. 2009. All rights reserved.
Contents
About This Book............................................................................................................ 6
Audience................................................................................................................................................. 6
Definitions, Acronyms, and Abbreviations.............................................................................................. 6
Package Contents .............................................................................................. 8
Introduction to the Interface .............................................................................. 8
2.1
Hovering the Cursor at an Option ................................................................................................ 8
2.2
Clicking an Option and Opening a Submenu............................................................................... 8
2.3
Saving and Applying Changes to Settings................................................................................... 9
Connecting and Configuring the MPC8377EWLAN Wireless Router............. 9
3.1
Connecting the MPC8377EWLAN Wireless Router (Wired Computing)................................... 10
3.1.1
Using the Power Adapter ...................................................................................................... 10
3.1.2
Using the Power over Ethernet (POE).................................................................................. 11
3.2
Connecting the MPC8377EWLAN Wireless Router (Wireless Computing) .............................. 11
3.3
Setting Up the IP Address.......................................................................................................... 11
3.3.1
Setting up the IP Address Automatically............................................................................... 11
3.3.2
Setting up the IP Address Manually...................................................................................... 14
3.4
Configuring the MCP8377EWLAN Wireless Router .................................................................. 15
3.4.1
Logging In to the Router Home Page ................................................................................... 15
3.4.2
Setting up the Network.......................................................................................................... 16
3.5
Changing the Operation Mode................................................................................................... 26
3.5.1
Configuring for Access Point (AP) Mode .............................................................................. 27
3.5.2
Configuring for WDS (Bridge) ............................................................................................... 28
3.5.3
Configuring for Repeater Mode ............................................................................................ 30
3.5.4
Configuring for AP Client Mode ............................................................................................ 32
3.6
Selecting DynDNS Settings ....................................................................................................... 34
3.7
Firewalls ..................................................................................................................................... 35
3.7.1
Forwarding Configuration ..................................................................................................... 35
3.7.2
Incoming Ports ...................................................................................................................... 36
3.7.3
Port Forwarding .................................................................................................................... 36
MPC8377EWLAN Wireless Router SW User’s Guide
4
Selecting or Changing System Items ............................................................. 37
4.1
Settings ...................................................................................................................................... 37
4.2
Password ................................................................................................................................... 38
4.3
SNMP ......................................................................................................................................... 38
4.4
Firmware Upgrade ..................................................................................................................... 40
4.5
Reboot........................................................................................................................................ 40
Status ................................................................................................................ 40
5.1
System ....................................................................................................................................... 41
5.1.1
RAM Usage........................................................................................................................... 41
5.1.2
Tracked Connections ............................................................................................................ 41
5.1.3
Mount Usage......................................................................................................................... 41
5.2
Modules...................................................................................................................................... 42
5.3
Interfaces.................................................................................................................................... 42
5.4
DHCP Clients ............................................................................................................................. 44
5.5
Netstat ........................................................................................................................................ 45
5.6
Conntrack ................................................................................................................................... 45
5.7
Iptables....................................................................................................................................... 46
5.8
USB ............................................................................................................................................ 47
5.9
PPPoE........................................................................................................................................ 48
5.10 Diagnostics................................................................................................................................. 48
VPN .................................................................................................................... 49
6.1
IPSec.......................................................................................................................................... 50
6.1.1
Keying Mode – IKE Config.................................................................................................... 51
6.1.2
Manual .................................................................................................................................. 53
6.2
PPTP .......................................................................................................................................... 55
Managing Storage, Samba, and File Editing in NAS ..................................... 55
7.1
Disk Management ...................................................................................................................... 56
7.2
Format Disk ................................................................................................................................ 56
7.2.1
Mount Disk ............................................................................................................................ 57
7.2.2
Unmount Disk ....................................................................................................................... 57
7.3
RAID Management..................................................................................................................... 58
7.3.1
Create RAID0........................................................................................................................ 59
MPC8377EWLAN Wireless Router SW User’s Guide
7.3.2
Create RAID1........................................................................................................................ 60
7.3.3
Format RAID ......................................................................................................................... 61
7.3.4
Recovery ............................................................................................................................... 62
7.3.5
Mount .................................................................................................................................... 62
7.3.6
Unmount................................................................................................................................ 63
7.3.7
Stop....................................................................................................................................... 64
7.4
Samba Management.................................................................................................................. 65
7.5
File Editor ................................................................................................................................... 66
Intrusion Detection Systems ........................................................................... 67
8.1
IDS (Intrusion Detection Systems)............................................................................................. 67
8.1.1
Snort...................................................................................................................................... 68
8.1.2
Snort Rules ........................................................................................................................... 68
8.2
Alert (IDS Alert Event)................................................................................................................ 68
8.3
Packets (Download Alert Packets)............................................................................................. 69
Intrusion Prevention Systems ......................................................................... 70
9.1
Configuration (IPS Configuration) .............................................................................................. 71
9.1.1
10
IPS Configuration.................................................................................................................. 71
9.2
IPS P2P/IM (Peer to Peer, Instant Messaging) ......................................................................... 71
9.3
Information ................................................................................................................................. 72
Logout ............................................................................................................... 73
MPC8377EWLAN Wireless Router SW User’s Guide
About This Book
This manual provides information about the MPC8377EWLAN wireless router software. It contains
information on how to connect and configure MPC8377EWLAN wireless router.
Audience
The audience for this software manual is the user who wants to become familiar with the
MPC8377EWLAN wireless router and who is trying to connect and configure MPC8377EWLAN
wireless router. It is assumed that user has basic computer and Internet skills.
Definitions, Acronyms, and Abbreviations
The following list defines the acronyms and abbreviations used in this document.
Abbreviations
Description
ADSL
Asymmetric Digital Subscriber Line
AP
Access Point
BSSID
Basic Service Set Identifier
DHCP
Dynamic Host Configuration Protocol
DNS
Domain Name System
DynDNS
Dynamic Domain Name System
IPS
Intrusion Prevention System
IPSec
Internet Protocol Security
ISP
Internet Service Provider
LAN
Local Area Network
MAC
Media Access Control
POE
Power over Ethernet
PPPOA
Point to Point Protocol over ATM
PPPOE
Point to Point Protocol over Ethernet
PPTP
Point to Point Tunneling Protocol
PSK
Pre-Shared Key
RADIUS
Remote Authentication Dial-In User Service
RAID
Redundant Array of Inexpensive Disks
SSID
Service Set Identifier
SNMP
Simple Network Management Protocol
TCP/IP
Transmission Control Protocol-Internet Protocol
MPC8377EWLAN Wireless Router SW User’s Guide
VPN
Virtual Private Network
WAN
Wide Area Network
WDS
Wireless Distribution System
WEP
Wired Equipment Privacy
WPA
Wi-Fi Protected Access
WWAN
Wireless-Wide-Area-Network
MPC8377EWLAN Wireless Router SW User’s Guide
1 Package Contents
The package should contain all the items listed in Table 1-1. MPC8377EWLAN is a secure wireless
router, one-application build in the Reference Design Solution platform enabled by near-market ready,
with BOM-optimized hardware and open-source software support. Check your package for the following
contents:
Table 1-1 Package Content
Items
Quantity
MPC8377EWLAN router
Power adapter
External antennas
Wireless card (part of router)
CAT-5 Ethernet cable
UART cable
Documentation CD
2 Introduction to the Interface
This section introduces various parts of the interface that you will see after you have logged in and are
ready to configure the router. Refer to Section 3.4 Configuring the MCP8377EWLAN Wireless Router.
2.1 Hovering the Cursor at an Option
This section explains navigating the options near the top of the page. When you place your cursor over an
option, the option becomes bold, with yellow background. Figure 2-1shows an example of an option
(Network) being highlighted when a cursor is placed on it.
Figure 2-1. Option Cursor Hover
2.2 Clicking an Option and Opening a Submenu
When you click an option: Network, in this case—the option’s submenu appears below the row of the
primary options (See Figure 2-2). Submenu options will also change to highlighted yellow background
with bold text when you place the cursor over them.
MPC8377EWLAN Wireless Router SW User’s Guide
Figure 2-2. Option Example Selection—Network
2.3 Saving and Applying Changes to Settings
When you change a setting, scroll to the bottom of the webpage to see Save Changes and Apply
Changes options. Click Save Changes and then Apply Changes to establish your new settings
(Figure 2-3). Other options you can select are reviewing and cancelling the changes.
NOTE
Figures might or might not show the save/apply option. For each
page you change, scroll to the bottom and select change option(s)
as applicable.
Figure 2-3. Save then Apply
NOTE
Figures need not necessarily reflect the most current system
information and software version.
3 Connecting and Configuring the MPC8377EWLAN
Wireless Router
This section describes the parameters for your Internet connection and your wireless local area network
(WLAN) connection. Details about the connectivity settings, as well as instructions on how to log into the
router for further configuration is provided.
Before using MPC8377EWLAN Wireless Router, please ensure that the basic settings to guarantee that it
will work in your environment. The MPC8377EWLAN wireless router can be configured to meet various
usage scenarios. Some of the factory default settings may suit your usage; however, others may need
changing. The recommended sequence for configuration is
Step 1. Configure the IP,
Step 2. Connect the computer to 8377 EWLAN
Step 3. Configure the router, and then
Step 4. Power on the unit.
Configuring MPC8377EWLAN wireless router is done through a web browser. You need a PC connected
to the MPC8377EWLAN wireless router (either directly or through a hub) and running a web browser as
MPC8377EWLAN Wireless Router SW User’s Guide
a configuration terminal. Verify the TCP/IP settings. Normally, the TCP/IP setting should be on the IP
subnet of the MPC8377EWLAN wireless router.
NOTE
Before you start, you should use a wired connection for initial
configuration, which will avoid possible setup problem due to
wireless uncertainty.
3.1 Connecting the MPC8377EWLAN Wireless Router (Wired
Computing)
This section explains the wiring setup for the computer connected to the Internet. The MPC8377EWLAN
wireless router has the capability to support usage of power adapter (48 V power supply) and POE (Power
over Ethernet).
3.1.1 Using the Power Adapter
There must be at least two RJ-45 cables in the MPC8377EWLAN wireless router wiring connection while
using a power adapter. Table 3-1 lists the cable connections, and Figure 3-1 depicts them below.
Table 3-1. Cable Connections, Power Adapter
Cable
Cable #
From
To
Router, WAN port
ADSL or computer modem, Ethernet
Router, LAN port
Your computer port
Figure 3-1. Cable Connection Layout, Power Adapter
MPC8377EWLAN Wireless Router SW User’s Guide
10
3.1.2 Using the Power over Ethernet (POE)
There must be at least three RJ-45 cables in the MPC8377EWLAN wireless router wiring connection
while using POE. Table 3-2 lists the cable connections, and Figure 3-2 depicts them.
Table 3-2. Cable Connections, Power Over Ethernet
Cable
Cable #
From
To
Router, WAN port
POE, PWR-LAN-OUT
Router, LAN port
Your computer, Ethernet
POE, LAN-IN
ADSL or computer modem, Ethernet
Figure 3-2. Cable Connection Layout, Power Over Ethernet
3.2 Connecting the MPC8377EWLAN Wireless Router
(Wireless Computing)
This section explains wiring setup for the computer that has wireless connection to the Internet. The
information is similar to the information in Section 3.1 titled Connecting the MPC8377EWLAN Wireless
Router (Wired Computing), except, connecting your computer’s LAN port to an Ethernet cable, find the
SSID FSL_AP1 (or equivalent), and connect to it. Section 3.4.2.7 Wireless User explains the wireless
interface setup, with Figure 3-18 showing SSID setting as FSL_AP1.
3.3 Setting Up the IP Address
This section explains MPC8377EWLAN wireless router capability to automatic and manual setup of the
IP address. The IP address setup procedures shown in this document are for Microsoft Windows PCs.
3.3.1 Setting up the IP Address Automatically
The MPC8377EWLAN wireless router incorporates a DHCP server, hence it is to set your PC to get its IP
address automatically and the correct IP address, gateway, DNS can be obtained. Perform the following
steps to set your IP address automatically:
1. Right-click My Network Places desktop icon and then click Properties (Figure 3-3). (Or you can
open Windows Explorer window, then right click My Network Places.)
MPC8377EWLAN Wireless Router SW User’s Guide
11
Figure 3-3. My Network Places > Properties
2. In the Network Connections window, select one of the following options
⎯ If you are using a wired connection, right-click Local Area Connection > Properties (Figure
3-4).
Figure 3-4. Network Connections, Wired
⎯ If you are using a wireless connection, right click Wireless Network Connection >
Properties (Figure 3-5).
MPC8377EWLAN Wireless Router SW User’s Guide
12
Figure 3-5. Network Connections, Wireless
3. For wired connection, the following steps apply:
a. In the Local Area Connection Properties window > General tab, scroll down to Internet
Protocol (TCP/IP) (Figure 3-6) then double click it to open the Internet Protocol (TCP/IP)
Properties window (Figure 3-7).
Figure 3-6. Local Area Connection Properties
b. In the General tab (Figure 3-7), perform the following steps:
1.) Click Obtain an IP address automatically.
MPC8377EWLAN Wireless Router SW User’s Guide
13
2.) Click DNS address automatically.
3.) Click OK to close Internet Protocol (TCP/IP) Properties window and return to the Local
Area Connection Properties window.
Figure 3-7. Setting Up the IP Address Automatically
c.
At the Local Area Connection Properties window, click OK to close it.
4. For wireless connection, perform step 3 similar to those of wired connection. (The window titles
are different.)
3.3.2 Setting up the IP Address Manually
If you want to set your IP address manually, the settings must be set during the same session. The
procedure is similar to that of setting up the address automatically. Perform the steps from Section 3.3.1
Setting up the IP Address Automatically until you reach the Internet Protocol (TCP/IP) Properties
window. Figure 3-8 shows the general settings. Perform the following steps:
1. Click Use the following IP address.
a. In the IP address, type 192.168.1.xxx, where xxx can be any number between 2 and 254.
b. In the Subnet Mask, type 255.255.255.0.
c. In the Default gateway, type 192.168.1.1, this is the MPC8377EWLAN wireless router IP
address.
2. Click Use the following DNS server addresses.
a. In the Preferred DNS server, type 192.168.1.1, this is the MPC8377EWLAN wireless router
IP address or your own.
b. In the Alternate DNS server, leave blank. (See Figure 3-8)
3. Click OK.
MPC8377EWLAN Wireless Router SW User’s Guide
14
Figure 3-8. Setting Up the IP Address Manually
3.4 Configuring the MCP8377EWLAN Wireless Router
This section explains how to configure your router. The steps consist of opening a browser, going to a
website, logging in, and then configuring the router for user equipment.
3.4.1 Logging In to the Router Home Page
Perform the following steps to log in to the router home page:
1. Open an Internet browser.
2. Type http://192.168.1.1 in the address bar, then press Enter or click the go-to link (Figure 3-9).
Figure 3-9. IP Address in Web Browser
3. In the login window, type admin for both User name and Password, then click OK (Figure 3-10).
MPC8377EWLAN Wireless Router SW User’s Guide
15
Figure 3-10. Login
The MCP8377EWLAN wireless router home page appears (Figure 3-11), with default page Info >
System. (For information about the interface, refer to Section 2 titled Introduction to the Interface.)
Figure 3-11. MPC8377EWLAN Wireless Router Home Page
3.4.2 Setting up the Network
The MPC377EWLAN wireless router supports six types of ISP services—static IP address, PPPOE,
PPTP, DHCP, PPPOA, and WWAN. Since each service has its own protocols and standards, during the
setup process, there are different identity settings demanded by MPC8377EWLAN wireless router.
At the MPC8377EWLAN wireless router home page, click Network, select the correct connection type,
and then follow instructions for the individual sections.
MPC8377EWLAN Wireless Router SW User’s Guide
16
3.4.2.1 Cable User (Static IP)
If you are receiving services from cable or other ISP assigning IP address automatically, select one of the
following (Figure 3-12), for which you can type the static IP address:
•
•
LAN Configuration > Connection Type > Static IP
WAN Configuration > Connection Type > Static IP
Figure 3-12. Network Setup—Static IP Address (LAN or WAN)
Options include the following:
•
•
•
•
LAN DNS Servers (field and Add button). Also, for any LAN server IP shown (if existing), there is
a Remove link option.
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WAN Configuration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
MPC8377EWLAN Wireless Router SW User’s Guide
17
3.4.2.2 DHCP User
If you are a DHCP service user, select one of the following (Figure 3-13):
•
•
LAN Configuration > Connection Type > DHCP
WAN Configuration > Connection Type > DHCP
Figure 3-13. Network Setup—DHCP (LAN or WAN)
Options include the following:
•
•
•
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WAN Configuration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
3.4.2.3 PPPOE User
If you are a PPPOE service user, select one of the following (Figure 3-14), for which you must type the
Username and Password provided by your ISP:
•
•
LAN Configuration > Connection Type > PPPOE
WAN Configuration > Connection Type > PPPOE
MPC8377EWLAN Wireless Router SW User’s Guide
18
Figure 3-14. Network Setup—PPPOE (LAN or WAN)
Options include the following:
•
•
•
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WAN Configuration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
3.4.2.4 PPPOA User
If you are a PPPOA service user, select one of the following (Figure 3-15), for which you must type the
Username and Password provided by your ISP:
•
•
LAN Configuration > Connection Type > PPPOA
WAN Configuration > Connection Type > PPPOA
MPC8377EWLAN Wireless Router SW User’s Guide
19
Figure 3-15. Network Setup—PPPOE (LAN or WAN)
Options include the following:
•
•
•
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WAN Configuration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
3.4.2.5 PPTP User
If you are a PPTP service user, select one of the following (Figure 3-16), for which you must type the
Username and Password provided by your ISP:
•
•
LAN Configuration > Connection Type > PPTP
WAN Configuration > Connection Type > PPTP
MPC8377EWLAN Wireless Router SW User’s Guide
20
Figure 3-16. Network Setup—PPTP (LAN or WAN)
Options include the following:
•
•
•
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WAN Configuration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
3.4.2.6 WWAN User
If you are a WWAN service user, select one of the following (Figure 3-17), for which you must type the
Username and Password provided by your ISP:
MPC8377EWLAN Wireless Router SW User’s Guide
21
•
•
LAN Configuration > Connection Type > WWAN
WAN Configuration > Connection Type > WWAN
Figure 3-17. Network Setup—WWAN (LAN or WAN)
After selecting LAN or WAN configuration, also select the secondary Connection Type (UMTS first,
UMTS only, GPRS only) from the drop-down list. Make other selections and fill other fields as
appropriate.
Options include the following:
•
•
•
Remove Network LAN, which removes selection options for LAN Configuration.
Remove Network WAN, which removes selection options for WANConfiguration.
Add Network (field and Add Network button). Also, for any WAN server IP shown (if existing),
there is a Remove link option.
MPC8377EWLAN Wireless Router SW User’s Guide
22
3.4.2.7 Wireless User
The MPC8377EWLAN wireless router supports 802.11b/g/n, you can choose the right criteria which are
suitable for your wireless connection. The router supports two wireless cards at the same time. The
configuration steps for both the wireless cards are same. After configuring for the first card, you can
perform the same steps for the second card.
After setting the connection type in the Network Configuration tab page, set up your wireless interface.
Click Wireless to enter the Wireless configuration page (Figure 3-18).
Figure 3-18. Network > Wireless, RA0 Section Shown
Provide an SSID, which is a unique identifier attached to packets sent over WLAN. Because an SSID
distinguishes WLAN from each other, access points and wireless devices trying to connect to a WLAN
must use the same SSID.
If you want to protect transmitted data, a middle (WEP) or high (WPA, WPA2) security level is
recommended.
•
•
Medium—Only users with same WEP key have permission to connect to this access point and to
transmit data using 64bits or 128bits WEP key encryption.
High—Only users with the same WPA/WPA2 pre-shared key have permission to connect to this
access point and to transmit data using TKIP encryption.
3.4.2.8 Wireless Encryption Settings
This section explains settings for three families of wireless encryption:
•
WEP. WEP is the abbreviation for Wired Equipment Privacy.
MPC8377EWLAN Wireless Router SW User’s Guide
23
•
•
WPA (PSK), WPA2 (PSK), WPA+WPA2 (PSK). WPA is the abbreviation for Wi-Fi Protected
Access. PSK is the abbreviation for -Pre-Shared Key.
WPA (RADIUS), WPA2 (RADIUS), WPA/WPA2 (RADIUS). RADIUS is the abbreviation for
Remote Authentication Dial-In User Service.
NOTE
In this section, a pair of break lines in a figure indicates a gap
between the top of a screen page and the information of interest
farther down.
3.4.2.8.1 WEP Encryption
WEP is an encryption method used to protect your data during wireless communications. These settings
must be identical to your existing wireless network’s WEP settings. You can choose between 64-bit and
128-bit encryption, and select a key to be the active key. Figure 3-19 shows example settings for WEP.
Figure 3-19. Wireless Encryption Setting—WEP, RA0 Section Shown
3.4.2.8.2 WPA Encryption
If your network supports WPA/WPA2-PSK security, it is highly recommended that you use those
encryptions. WPA and WPA2 are more secure than WEP. Select WPA (PSK), WPA2 (PSK), or
MPC8377EWLAN Wireless Router SW User’s Guide
24
WPA+WPA2 (PSK) from the dropdown menu and type the key in the WPA PSK field. Figure 3-20
shows example settings for WPA (PSK).
Figure 3-20. Wireless Encryption Setting—WPA-(PSK), RA0 Section Shown
3.4.2.8.3 WPA (RADIUS) Encryption
If your network uses a Remote Authentication Dial-in User Service (RADIUS) server for authentication,
select WPA (RADIUS) or WPA2 (RADIUS) or WPA+WPA2 (RADIUS) from the drop-down menu.
Type the IP address of your radius server in the RADIUS IP Address field, type the authentication port
number of your radius server in the RADIUS Port field, and type the key for your radius server in the
RADIUS Server Key field. Figure 3-21 shows example settings for WPA (RADIUS).
MPC8377EWLAN Wireless Router SW User’s Guide
25
Figure 3-21. Wireless Encryption Setting—WPA-(RADIUS), RA0 Section Shown
3.4.2.9 MAC (Media Access Control) Filter
MAC filtering is security access control method, in which the 48-bit address assigned to each network
card is used to determine access to the network. At the MAC Filter drop-down list, you can control which
PCs are permitted or denied communication with the access point depending on their MAC address. See
section 5.3 Interfaces for the addresses that apply to your unit.
Figure 3-22 shows a partial view of the configuration page and example settings for MAC Filter. (If there
is an existing MAC address, it has a Remove link option.)
Figure 3-22. MAC Filter
3.5 Changing the Operation Mode
This section explains four types of operation modes: Access Point, WDS (Bridge), Repeater, AP Client.
MPC8377EWLAN Wireless Router SW User’s Guide
26
3.5.1 Configuring for Access Point (AP) Mode
The Access Point mode is the most basic of multi-function modes. It acts as a central hub as depicted in
Figure 3-23.
Figure 3-23. Access Point Mode
Configure as shown in Figure 3-24.
Figure 3-24. Access Point Mode Configuration, RA0 Section Shown
MPC8377EWLAN Wireless Router SW User’s Guide
27
3.5.2 Configuring for WDS (Bridge)
In Wireless Distribution System (WDS) mode, remote access points connect to each other to provide a
wireless bridge between LANs. See Figure 3-25 for depiction.
Figure 3-25. WDS Layout
1. Perform the following steps in the Wireless Configuration page (Figure 3-26) for both routers.
(Navigation: Network > Wireless, if necessary.)
a. From the Channel drop-down list, set the two MPC8377EWLAN wireless routers to the same
channel.
b. From the Mode drop-down list, select WDS (Bridge).
c. Copy the MAC address of the remote MPC8377EWLAN wireless router and paste it in the
local router’s WDS BSSID fields.
MPC8377EWLAN Wireless Router SW User’s Guide
28
Figure 3-26. Setting the Same Channel, RA0 Section Shown
2. Click DHCP (Dynamic Host Configuration Protocol) to enter the DHCP configuration page, then
at the DHCP (server) option, click Off (Figure 3-27).
MPC8377EWLAN Wireless Router SW User’s Guide
29
Figure 3-27. DHCP
3.5.3 Configuring for Repeater Mode
A repeater’s function is to extend the wireless coverage of another wireless access point or router. For a
repeater to work, the remote wireless access point router must also support the WDS/Repeater function.
See Figure 3-28 for depiction.
MPC8377EWLAN Wireless Router SW User’s Guide
30
Figure 3-28. Repeater Mode
Perform the following steps in the Wireless Configuration page Figure 3-29. (Navigation: Network >
Wireless, if necessary.)
1. From the Channel drop-down list, select a channel to match the other EWLAN channel. (The
channel setting must be the same for both EWLANs.)
2. From the Mode drop-down list, select Repeater.
3. In the SSID field, type the AP’s SSID.
4. In the WDS [n] BSSID fields, type the other WDS AP’s BSSIDs. (Format: xx:xx:xx:xx:xx:xx)
5. From the Encryption Type drop-down list, select the AP’s encryption.
MPC8377EWLAN Wireless Router SW User’s Guide
31
Figure 3-29. Repeater Mode Configuration, RA0 Section Shown
3.5.4 Configuring for AP Client Mode
An AP-Client can extend the wireless coverage of another wireless AP or router. However, AP-Client
does not require the remote device to have WDS function. It can work with almost any wireless device.
See Figure 3-30 for depiction.
Figure 3-30. AP Client Mode
Perform the following steps in the Wireless Configuration page Figure 3-31. (Navigation: Network >
Wireless, if necessary.)
1. From the Mode drop-down list, select AP Client.
MPC8377EWLAN Wireless Router SW User’s Guide
32
2. In the SSID field, type the SSID of the AP client unit.
3. From the Encryption Type drop-down list, select the Encryption Type of the AP client unit.
4. In the AP’s SSID field, type the AP’s SSID field of the AP client unit.
5. In the AP’s BSSID 335 field, type the AP’s BSSID (MAC address) field of the client unit.
6. From the AP’s Auth Mode drop-down list, select the AP’s Auth Mode of the AP client unit.
Figure 3-31. AP Client Mode Configuration
Figure 3-32 depicts an AP Client mode as follows: Two 8377 units are required. The SSID information
used at the local 8377 AP Client is the same SSID information as the one used for the remote MPC8377,
enabling them so that they can link together.
MPC8377EWLAN Wireless Router SW User’s Guide
33
Figure 3-32. AP Client Mode Layout
3.6 Selecting DynDNS Settings
Dynamic-DNS (Dynamic Domain Name System, also known as DDNS) allows a user to export a host
name to the Internet through a DDNS server provider. Each time the MPC8377EWLAN wireless router
connects to the Internet and gets an IP address from the ISP, this function updates your IP address to the
DDNS service provider automatically. Any user on the Internet can access it through a predefined name
registered in DDNS service provider.
Click DynDNS to enter the DynDNS Settings page (Figure 3-33), then perform the following steps:
1. Under the DynDNS section, click Enable for Dynamic DNS Update.
2. From the Service Type drop-down list, select dyndns.
3. Under the Account section, in the User Name text box type the user name.
4. In the Password text box, type the password.
5. Under the Host section, in the Host Name text box, type the host name.
Figure 3-33. DynDNS Settings
MPC8377EWLAN Wireless Router SW User’s Guide
34
3.7 Firewalls
Firewall prevents unauthorized access to or from a private network. You can configure
MPC8377EWLAN as Firewall to prevent unauthorized Internet users accessing your private networks
connected to the Internet.
Click Network > Firewall to open the Firewall configuration page (Figure 3-34).
Figure 3-34. Firewall Configuration
3.7.1 Forwarding Configuration
The forwarding configuration should be set when the package traffic function is effect between ethernet
ports. You can add rules from LAN to WAN or from WAN to LAN under Forwarding Configuration
section. (See Figure 3-34) For example, to forward internet packets from one network to another, follow
the process given below:
1. Add Rule Allow traffic originating from WAN to LAN and Allow traffic originating from LAN
to LAN.
2. In the Ports Forwarding column, add PC1 IP address in Source IP, add PC2 IP address in To
IP Address and Port number (set as 69).
3. Setup a tftp sever on PC2 and a tftp client on PC1( fill PC2’s IP address in the Host IP column).
Both of there ports of tftp are set as 69.
4. Use the tftp software; PC1 can transfer any file to PC2 successfully.
MPC8377EWLAN Wireless Router SW User’s Guide
35
3.7.2 Incoming Ports
The Incoming Port screen allows you to customize incoming ports. (Figure 3-35) The incoming ports
configuration should be set when the client on board is using TCP (or other protocol) port XXX, the
incoming package data via port XXX would to be allowed.
Figure 3-35 Incoming Ports
Table 3-3 describes each of the Incoming ports option.
Table 3-3 Incoming Ports
Options
Description
Name
Enter the name of the port.
Protocol
Select the protocol used for this application from
the drop-down list. You can select TCP, UDP or
Both as a protocol.
Source IP
Enter the source IP.
Destination IP
Enter the destination IP.
Port
Enter the port address.
Remove Rule
Click this link to remove the rule.
3.7.3 Port Forwarding
Sometimes referred to as port mapping, It is the act of forwarding a network port from one network node
to another. This technique can allow an external user to reach a port on a private IP address (inside a
LAN) from the outside via a NAT-enabled router.
Figure 3-36 Port Forwarding
Table 3-4 describes each of the Incoming ports option.
MPC8377EWLAN Wireless Router SW User’s Guide
36
Table 3-4 Port Forwarding
Options
Description
Name
Enter the name of the port.
Protocol
Select the protocol used for this application from
the drop-down list. You can select TCP, UDP or
Both as a protocol.
Source IP
Enter the source IP.
Destination IP
Enter the destination IP.
To IP Address
Enter the IP address.
Port
Enter the port address.
Remove Rule
Click this link to remove the rule.
Click Save Changes to apply your changes.
4 Selecting or Changing System Items
This section explains selecting or changing system items as follows: Settings, Password, Firmware
Upgrade, and Reboot. Click System (Figure 4-1), then proceed with the respective sections.
Figure 4-1. System
4.1 Settings
Click Settings. Figure 4-2 depicts the System > Settings window. Type the host name and select your
time zone or closest region.
MPC8377EWLAN Wireless Router SW User’s Guide
37
Figure 4-2. System Settings
4.2 Password
Click Password. Figure 4-3 depicts the System > Password window. Type the new login password in
both the New Password and Confirm Password fields. This is the password used for logging into the
web configuration page.
Figure 4-3. Password
4.3 SNMP
The Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health
and welfare of network equipment (example, routers), computer equipment and even devices like UPS.
MPC8377EWLAN Wireless Router SW User’s Guide
38
Click SNMP. Figure 4-34 depicts the System > SNMP window, Configure the Simple Network
Management Protocol settings. You can use management software to read or write information from or to
the device.
Figure 4-4 SNMP Settings
Table 4-1 describes each SNMP setting options in detail.
Table 4-1 SNMP Settings
Options
Description
SNMP Public Community Name
SNMP Public Source
It identifies a group of devices and management
systems that can read configure information of
system by SNMP “Get” commands.
It identifies the IP address, hostname or network
mask for management systems that can read
information by this 'public' community.
SNMP Private Community Name
It identifies a group of devices and management
systems that can modify configure information of
system by SNMP “Set” commands
SNMP Private Source
It identifies the IP address, hostname or network
mask for management systems that can modify
information by this 'private' community
It identifies the community string to be used when
sending traps by SNMP "Trap" commands.
It defines the IP address for management systems
that can receive trap package from this device..
It identifies the Port number for management
systems that can receive trap package from this
SNMP Trap Community Name
SNMP Trap To HostIp
SNMP Trap To Port
MPC8377EWLAN Wireless Router SW User’s Guide
39
device at this port.
4.4 Firmware Upgrade
Click Upgrade. Figure 4-5 depicts the System > Firmware Upgrade window. Click Browse to locate
the new firmware, then click Upgrade to change the firmware.
NOTE
Upgrading firmware may take a few minutes. Do not turn off the
power nor invoke any resets, such as pressing the reset button).
Figure 4-5. Firmware Upgrade
Click Save Changes, if certain. (There are also the following options: Apply Changes, Clear Changes,
Review Changes.)
4.5 Reboot
Click Reboot. Figure 4-6 depicts the System > Reboot window. Click Yes, really reboot now button to
reboot the router.
Figure 4-6. Reboot
5 Status
This section explains viewing the unit’s status. Click Status (Figure 4-1), then proceed with the
respective sections.
Figure 5-1. System
MPC8377EWLAN Wireless Router SW User’s Guide
40
5.1 System
This section describes the status of device. (Figure 5-2)
Figure 5-2 Device Status
5.1.1 RAM Usage
This section displays the current RAM usage. It also tells the total available RAM and percentage of used
RAM. (Figure 5-2)
5.1.2 Tracked Connections
This section displays the number of connections in your router's conntrack table (Figure 5-2). You can
click the View Conntrack Table link to jump to Conntrack Table page.
5.1.3 Mount Usage
This section displays the total amount of space and used on the file systems mounted to your router
(Figure 5-2).
MPC8377EWLAN Wireless Router SW User’s Guide
41
5.2 Modules
Click Modules. Figure 5-3 displays information about kernel modules. It displays all the loaded modules
and provide information about module name, size, count, state, address and used by.
Figure 5-3 Kernel Modules
5.3 Interfaces
Click Interfaces. Figure 5-4 depicts the Status > Interfaces window and various interface settings.
MPC8377EWLAN Wireless Router SW User’s Guide
42
Figure 5-4. Reboot
Table 5-1 describes each of the section of Interfaces page.
Table 5-1 Interfaces
Option
Description
WAN
WAN stands for Wide Area Network and is usually
the upstream connection to the internet.
DNS Server
It displays the DNS server details.
LOOPBACK
A loopback interface is a type of 'circuit less IP
address' or 'virtual IP' address, as the IP address is not
associated with any one particular interface (or
circuit) on the host or router. Any traffic sent by
computer program on the loopback network is
addressed to the same computer.
WLAN 1
WLAN stands for Wireless Local Area Network. It
displays WLAN 1 details.
RAW Information
It displays the raw information. (Figure 5-5)
MPC8377EWLAN Wireless Router SW User’s Guide
43
Click the Show raw statistics button, to view the Raw Information page at the bottom of the page.
(Figure 5-5)
Figure 5-5 Raw Information
5.4 DHCP Clients
Click DHCP Clients. Figure 5-6 displays the DHCP leases.
Figure 5-6 DHCP Clients
MPC8377EWLAN Wireless Router SW User’s Guide
44
DHCP leases are assigned to network clients that request an IP address from the DHCP server of the
router. Clients, who have requested their IP lease before this router, was rebooted and may not be listed
until they request a renewal of their lease.
5.5 Netstat
Click Netstat. Figure 5-7 displays the detailed information about Ethernet/Wireless physical connections,
routing table, router listening ports and connections to the routers.
Figure 5-7 Netstat
5.6 Conntrack
Click Conntrack. Figure 5-8 displays conntrack table.
MPC8377EWLAN Wireless Router SW User’s Guide
45
Figure 5-8 Conntrack
1. Insert a string to include or exclude in the Text to Filter text box. You can also type the regular
expression constants like: 00:[[:digit:]]{2}:[[:digit:]]{2} or debug|.err
2. From the Filter Mode drop-down list, select Include or Exclude option.
3. Click Remove Filter button to remove the filter option that you have selected.
4. Click Filter Records button to filter the records.
5.7 Iptables
Click Iptables. Figure 5-9 displays iptables status.
MPC8377EWLAN Wireless Router SW User’s Guide
46
Figure 5-9 Iptables
5.8 USB
Click USB. Figure 5-10 displays the information about all the connected devices (excluding system hubs)
and mounted USB/SCSI devices.
MPC8377EWLAN Wireless Router SW User’s Guide
47
Figure 5-10 USB
Warning!
You must umount the device before unplug.
5.9 PPPoE
Click PPPoE. Figure 5-11 displays the PPPoE status.
Figure 5-11 PPPoE
5.10 Diagnostics
Click Diagnostics. Figure 5-12 displays the network utilities options to ping and trace route.
MPC8377EWLAN Wireless Router SW User’s Guide
48
Figure 5-12 Diagnostics
6 VPN
Virtual Private Network (VPN) is a security measure that creates a secure connection between two remote
locations. There are two basic ways to create a VPN connection:
•
•
VPN Router to VPN Router
Computer (using VPN client software) to VPN Router
VPN Router to VPN Router:
For example, at home, a telecommuter uses his VPN router to connect to the Internet. He configures his
router with office VPN settings. When he connects to his office's router, the two routers create a VPN
tunnel, encrypting and decrypting data. As VPN utilize the Internet, distance is not a factor. Using the
VPN, the telecommuter now has a secure connection to the central office's network, as if he is physically
connected.
Computer (using VPN client software) to VPN Router:
For example, a traveling businessperson from her hotel room dials up her ISP. Her notebook computer
has VPN client software, which is configured with her office's IP address. She accesses the VPN client
software and connects to the VPN Router at the central office. Using the VPN, the businessperson now
has a secure connection to the central office's network, as if she is physically connected.
Now, configure following settings to create VPN tunnels.
Click VPN (Figure 6-1) and then proceed with the respective sections.
MPC8377EWLAN Wireless Router SW User’s Guide
49
Figure 6-1. VPN > IPSec page
6.1 IPSec
The VPN Router can create one or multiple tunnels (or secure channel) that each connect between two
endpoints, so that the transmitted data or information between these endpoints is secure.
Virtual Private Network (VPN) is a security measure that creates a secure connection between two remote
locations. Configure these settings so the Gateway will create VPN tunnels.
Click VPN > IPSec to open the IPSec page (Figure 6-1).
The table below explains each of the option present in IPSec page.
Function
Description
Name
Enter name of tunnel, The name should be unique.
Local Security Gateway Type
Select IP only or IP + domain from the Local Security
Gateway Type drop-down list. Incase, you select IP
Only, then only the specific IP Address will be able to
access the tunnel.
MPC8377EWLAN Wireless Router SW User’s Guide
50
Local IP
Enter the Local IP address.
Local Mask
Enter the mask to determine the IP addresses on the
local network.
Peer IP
Enter the peer IP address of tunnel.
Remote Security Gateway Type
Select IP only or IP + domain from the Remote
Security Gateway Type drop-down list. Incase, you
select IP Only, then only the specific IP Address will
be able to access the tunnel.
Destination IP
Enter the destination IP address.
Destination Mask
Enter the mask to determine the IP addresses on the
Destination network.
Keying Mode
Select the keying mode from the Keying Mode dropdown list. You can select Manual or Preshared Key
mode. See section 6.1.1 Keying Mode for details.
6.1.1 Keying Mode – IKE Config
The router supports both IKE with Preshared Key (automatic) and Manual key management. When
choosing automatic key management, IKE (Internet Key Exchange) protocols are used to negotiate key
material for SA. If manual key management is selected, no key negotiation is needed. The manual key
management is used for small static environments or for troubleshooting purpose. Notice that both sides
must use the same Key Management method.
6.1.1.1 IKE with Preshared Key
Select IKE with preshared key from Keying mode drop-down list. The options changes in the
application page as shown in Figure 6-2 below:
MPC8377EWLAN Wireless Router SW User’s Guide
51
Figure 6-2 IKE with Preshared Key
Table 6-1 describes the IKE with preshared key options for phase 1 and phase 2.
Table 6-1 Phase 1 and Phase 2
Function
Description
Phase 1
Encryption
The encryption method determines the length of
the key used to encrypt or decrypt the ESP packets.
It supports 3DES. Notice that both sides of the
VPN tunnel must use the same Encryption method.
Authentication
Authentication determines a method to authenticate
the ESP packets. You can select MD5 or SHA1.
Both sides of the VPN tunnel must use the same
authentication method.
Group
This is for Diffie-Hellman key negotiation. There
are 3 groups available for ISAKMP SA
establishment, 768-bit, 1024-bit, 1536-bit. They
represent different bits used in Diffie-Hellman
mode operation768-bit Group isn’t support.
Lifetime (in sec)
Specifies the lifetime of the IKE generated key.
Phase 2:
Encryption
The encryption method determines the length of
the key used to encrypt or decrypt ESP packets. It
MPC8377EWLAN Wireless Router SW User’s Guide
52
supports 3DES. Notice that both sides of the VPN
tunnel must use the same encryption method.
Authentication
Authentication determines a method to authenticate
the ESP packets. You can select MD5 or SHA1.
Both sides of the VPN tunnel must use the same
authentication method.
Group
This is for Diffie-Hellman key negotiation. There
are 3 groups available for ISAKMP SA
establishment; 768-bit, 1024-bit, 1536-bit. It
represents different bits used in Diffie-Hellman
mode operation. 768-bit Group isn’t support.
Preshared Key
IKE uses the Pre-shared Key field to authenticate
the remote IKE peer. Only character values are
acceptable in this field. Both sides must use the
same Pre-shared Key.
Lifetime (in sec)
Specifies the lifetime of the IKE generated key.
6.1.2 Manual
Select Manual from Keying mode drop-down list. The options changes in the application page as shown
in Figure 6-3 below:
Figure 6-3 Manual Keying Mode
Table 6-2 describes the Manual keying mode.
MPC8377EWLAN Wireless Router SW User’s Guide
53
Table 6-2 Manual Keying Mode
Function
Description
Inbound/Outbound SPI
The SPI (Security Parameter Index) is carried in
the ESP header. Its range is 256 -65535. Each
tunnel must have an unique Inbound SPI and
Outbound SPI. Notice that Inbound SPI must
match the other router's Outbound SPI.
Inbound/ Outbound
Encryption Type
The Encryption method determines the length of
the key used to encrypt or decrypt ESP packets. It
supports 3DES. Notice that both sides of the VPN
tunnel must use the same encryption method.
Inbound/ Outbound
Encryption Key
You should input 24 char, 8 char make up of a
group, and the char of group should not be the
same.
Inbound/ Outbound
Authentication Type
Authentication determines a method to authenticate
the ESP packets. You can select MD5 or SHA1.
Both sides of the VPN tunnel must use the same
authentication method
Inbound/ Outbound
Authentication Key
This is an authentication Key. You should enter 16
char.
NOTE
Before establishing a VPN tunnel, the tunnel between local
network and remote network must be connected. You should add a
forward rule from LAN interface to WAN interface at Firewall tab
as shown in Figure 6.4 below:
Figure 6-4 Firewall tab
MPC8377EWLAN Wireless Router SW User’s Guide
54
6.2 PPTP
Click VPN > PPTP to open the PPTP page (Figure 6-5).
Perform the following steps:
1. Enter the user name.
2. Enter the password.
3. Enter the IP Address.
4. Click Add to add the configuration
5. Click Save Changes to save the configuration data.
Figure 6-5 VPN > PPTP VPN User page
7 Managing Storage, Samba, and File Editing in NAS
This section explains managing storage and other related items in Network-Attached Storage (NAS):
Disk, RAID (Redundant Array of Independent Disks), Samba, File Editor. Click NAS (Figure 7-1), then
proceed with the respective sections.
MPC8377EWLAN Wireless Router SW User’s Guide
55
Figure 7-1. NAS
7.1 Disk Management
Click Disk. Figure 7-2 depicts the NAS > Disk Management window.
Figure 7-2. Disk Management
To add a new disk, click New. Figure 7-3 depicts the NAS > Disk Management > New window. Type in
fields or select from drop-down lists as appropriate.
Figure 7-3. Add New Disk
The Action Command drop-down list includes the following possible actions besides No Action:
Format, Mount, and Umount.
7.2 Format Disk
CAUTION
If you select Format, all data on the disk will be lost.
Perform the following steps, as depicted in Figure 7-4:
1. From the Disk devices drop-down list, select the device.
MPC8377EWLAN Wireless Router SW User’s Guide
56
2. From the Action Command drop-down list, select Format.
Figure 7-4. Format Disk
7.2.1 Mount Disk
Perform the following steps, as depicted in Figure 7-5.
1. In the Mount point field, type the address you want to mount. For example, /home.
2. From the Action Command drop-down list, select Mount.
Figure 7-5. Mount Disk
7.2.2 Unmount Disk
Perform the following steps, as depicted in Figure 7-6.
1. In the Mount point field, type the address where your disk is mounted.
2. From the Action Command drop-down list, select Umount.
MPC8377EWLAN Wireless Router SW User’s Guide
57
Figure 7-6. Unmount Disk
7.3 RAID Management
Click RAID. Figure 7-7 depicts the NAS > RAID Management window.
Figure 7-7. RAID Management
To add a new disk, click New. Figure 7-8 depicts the NAS > RAID Management > New window. Type
in fields or select from drop-down lists as appropriate. The (Table 7-1) below explains each of the option
present in RAID management window in detail.
Table 7-1 RAID Management
Option
Description
Raid Name
Enter the RAID name.
RAID devices
These are all the RAID devices attached to the system.
RAID type
These are all the RAID devices supported.
Members of this volume
These are all the members of the volume. Uncheck to
remove.
MPC8377EWLAN Wireless Router SW User’s Guide
58
File system
These are the entire file systems (FS) supported. “Other”
represents other file systems
Mount point
This is the mount point of this RAID device.
Action Command
Caution: If you choose Create/Format, then all data is
deleted from the disk.
Figure 7-8. Add New RAID
NOTE
Before using RAID management, make sure that you have selected
RAID in the File system drop-down list (Figure 7-9).
Figure 7-9. RAID File System Selection
7.3.1 Create RAID0
This procedure creates the software RAID0. Perform the following steps, as depicted in Figure 7-10:
MPC8377EWLAN Wireless Router SW User’s Guide
59
1. In the Raid Name text box, type the name.
2. From the Raid type drop-down list, select RAID 0.
3. Click Add Member. (You must have two disks on the 8377.)
4. From the Action Command drop-down list, select Create.
Figure 7-10. Create RAID0
7.3.2 Create RAID1
This procedure creates the software RAID1. Perform the following steps, as depicted in Figure 7-11:
1. In the Raid Name text box, type the name.
2. From the Raid type drop-down list, select RAID 1.
3. Click Add Member. (You must have two disks on the 8377.)
4. From the Action Command drop-down list, select Create.
MPC8377EWLAN Wireless Router SW User’s Guide
60
Figure 7-11. Create RAID1
7.3.3 Format RAID
After creating software RAID0/1, format the RAID to one file system of your choosing. Perform the
following steps as depicted in Figure 7-12:
1. From the Raid devices drop-down list, select the device.
2. From the Action Command drop-down list, select Format.
Figure 7-12. Format RAID
MPC8377EWLAN Wireless Router SW User’s Guide
61
7.3.4 Recovery
If one disk is out of service, and a new disk is added or any other reason that makes the state of RAID
abnormal, you can choose this command to recover the RAID. Perform the following steps as depicted in
Figure 7-13:
1. From the Raid devices drop-down list, select the device.
2. From the Action Command drop-down list, select Recover.
Figure 7-13. RAID Recovery
7.3.5 Mount
To mount the RAID to one folder, such as /home, perform the following steps as shown in Figure 7-14:
1. In the Mount point field, type the address you want to mount. For example, /home.
2. From the Action Command drop-down list, select Mount.
MPC8377EWLAN Wireless Router SW User’s Guide
62
Figure 7-14. Mount RAID
7.3.6 Unmount
To unmount RAID, perform the following steps as shown in Figure 7-15:
1. In the Mount point field, type the address where your disk is mounted.
2. From the Action Command drop-down list, select Umount.
MPC8377EWLAN Wireless Router SW User’s Guide
63
Figure 7-15. Unmount RAID
7.3.7 Stop
Make sure your disk is not operational at this time and un-mounted already before you stop RAID
management. Perform the following steps as depicted in Figure 7-16.
1. From the Action Command drop-down list, select Stop.
MPC8377EWLAN Wireless Router SW User’s Guide
64
Figure 7-16 Stop
7.4 Samba Management
Samba is free, open source software that allows a UNIX server to act as a file server to Windows clients.
It runs under Linux, FreeBSD, and other UNIX variants. Click Samba. Figure 7-17 depicts the NAS >
Samba Management window.
MPC8377EWLAN Wireless Router SW User’s Guide
65
Figure 7-17. Samba Management, Shares No. 1 Section Shown
NOTE
You can access all the shares by using the Samba service. You can
edit, remove, or add one share.
7.5 File Editor
The file editor makes it possible to browse, and operate files through the web (Http/Https). Click File
Editor. (Figure 7-18) depicts the NAS > File Editor window.
MPC8377EWLAN Wireless Router SW User’s Guide
66
Figure 7-18. File Editor
8 Intrusion Detection Systems
This section explains detection of electronic intrusion attempts. Click IDS (Figure 8-1), then proceed with
the respective sections.
Figure 8-1. IDS
8.1 IDS (Intrusion Detection Systems)
Click IDS. Figure 8-2 depicts the IDS > Intrusion Detection Systems window.
MPC8377EWLAN Wireless Router SW User’s Guide
67
Figure 8-2. IDS, Snort
8.1.1 Snort
Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious
behavior through protocol analysis, content searching, and various pre-processors. Snort uses a flexible
rule-based language to describe traffic that it should collect or pass a modular detection engine. Perform
the following steps as shown in Figure 8-2:
1. Under Snort section, in the Snort, click Enable to turn on the IDS function.
2. From the Interface Name drop-down list, select eth0 (WAN port).
3. In the Send Log by syslog, click Enable.
8.1.2 Snort Rules
The snort rules define the detect type. Perform the following steps to set snort rules.
1. Under Snort Rules section in the Port Scan Detection, click Enable.
2. In the DoS Detection, click Enable.
3. In the DDos Scan, click Enable.
4. In the Bad-traffic, click Enable.
5. In the FTP, click Enable.
6. In the Telnet, click Enable.
7. In the Netbios, click Enable.
8.2 Alert (IDS Alert Event)
Click Alert. Figure 8-3 shows a log of intrusion alerts.
MPC8377EWLAN Wireless Router SW User’s Guide
68
Figure 8-3. Alert
8.3 Packets (Download Alert Packets)
Click Packets. When intrusion occurs, you can save the packet from EWLAN to your PC by clicking
Download (Figure 8-4).
To download alert packet, follow the steps given below:
1. Enter the file name in the Name this packet text box. For example, “xx.cap”.
2. Click Download and save the file to the local PC.
MPC8377EWLAN Wireless Router SW User’s Guide
69
Figure 8-4. IDS Alert Packets
9 Intrusion Prevention Systems
This section explains configuring the unit to detect electronic intrusion attempts. IPS is an advanced
technology to protect your network from malicious attacks. IPS works together with your SPI Firewall, IP
Based Access List (IP ACL), Network Address Port Translation (NAPT), and Virtual Private Network
(VPN) to achieve the highest amount of securities.
IPS works by providing real-time detection and prevention as an in-line module in a router. The WirelessN Security Router has hardware-based acceleration for real-time pattern matching for malicious attacks. It
actively filters and drops malicious TCP/UDP/ICMP/IGMP packets and can reset TCP connections. This
protects your client PCs and servers running various operating systems including Windows, Linux, and
Solaris from network worm attacks. However, this system does not prevent viruses attached emails.
The P2P (peer to peer) and IM (instant messaging) control allows the system administrator to prevent
network users from using those protocols to communicate with people over the Internet. This helps the
administrators to set up company policies on how to use their Internet bandwidth wisely.
Click IPS (Figure 9-1), then proceed with the respective sections.
Figure 9-1. IPS
MPC8377EWLAN Wireless Router SW User’s Guide
70
9.1 Configuration (IPS Configuration)
Click Configuration. Figure 9-2 shows IPS Configuration.
Figure 9-2. IPS Configuration
9.1.1 IPS Configuration
The Wireless Router support advanced Intrusion Prevention System (IPS) is an integral part of the selfdefending strategy. It allows you to stay current on the latest threats to identify, classify, and stop
malicious and damaging traffic in real-time.
Perform the following steps as depicted in Figure 9-2.
1. Enable/disable IPS Function.
2. Click Save Changes button to save the changes.
9.2 IPS P2P/IM (Peer to Peer, Instant Messaging)
Click P2P/IM. Block/unblock various categories of peer-to-peer, instant-messaging connections, and
remote logins. Click Submit in the appropriate categories. See Figure 9-3.
MPC8377EWLAN Wireless Router SW User’s Guide
71
Figure 9-3. IPS P2P/IM
Table 9-1 explains each option given in the IPS > P2P/IM page.
Table 9-1 IPS > P2P/IM Options
Option
Description
IPS P2P/IM
Allow access to web interface
(HTTPS) from the Internet
You can block or unblock access to
web interface (HTTPS) from the
Internet.
Allow shell access (SSH) from the
Internet
You can block or unblock shell
access (SSH) from the Internet.
Allow access to external DNS servers
You can block or unblock access to
external DNS servers.
Peer to Peer (P2P)
Block eDonkey/eMule/Overnet
Check this option to block
eDonkey/eMule/Overnet.
9.3 Information
Click Information to read about IPS support (Figure 9-4).
MPC8377EWLAN Wireless Router SW User’s Guide
72
Figure 9-4. IPS Information
10 Logout
Click Logout to logout from the web page. (Figure 10-1)
Figure 10-1. IPS Information
NOTE
You must close the web browser to logout.
It is not possible to logout automatically until you close the web browser. Your web browser caches the
basic httpd authentication. Therefore, you must close the web browser. With Firefox, clear private data to
force it to forget the credentials you have supplied.
MPC8377EWLAN Wireless Router SW User’s Guide
73

Source Exif Data:
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.4
Linearized                      : No
Tagged PDF                      : Yes
XMP Toolkit                     : Adobe XMP Core 4.0-c316 44.253921, Sun Oct 01 2006 17:14:39
Producer                        : Acrobat Distiller 8.0.0 (Windows)
Tag Email Subject               : For today's meeting ... Draft ... Modification SWUG docs enclosed
Tag Author Email Display Name   : Hill Wanda-RWH01C
Tag Author Email                : RWH01C@freescale.com
Tag Ad Hoc Review Cycle ID      : 1547789121
Company                         : Freescale Semiconductor
Source Modified                 : D:20090319031658
Create Date                     : 2009:03:19 11:20:06+08:00
Creator Tool                    : Acrobat PDFMaker 8.0 for Word
Modify Date                     : 2009:03:19 11:21:23+08:00
Metadata Date                   : 2009:03:19 11:21:23+08:00
Document ID                     : uuid:1b33e9b7-7eba-46be-bdcc-f2a8d64d0402
Instance ID                     : uuid:884e3893-9e43-499e-aaab-94b198d88301
Subject                         : 89
Format                          : application/pdf
Creator                         : Freescale Semiconductor Inc.
Title                           : MPC8377EWLAN Wireless Router Software User's Guide
Page Count                      : 73
Page Layout                     : OneColumn
Author                          : Freescale Semiconductor Inc.
EXIF Metadata provided by EXIF.tools
FCC ID Filing: RUNMPC8377EWLAN

Navigation menu