Grandstream Networks GWN7000 Enterprise Router & Wireless Access Point Manager User Manual YZZGWN7000 rev01
Grandstream Networks, Inc. Enterprise Router & Wireless Access Point Manager YZZGWN7000 rev01
Contents
- 1. User Manual
- 2. User manual
User Manual
Grandstream Networks, Inc.
GWN7000
Enterprise Router & Access Point Manager
User Manual
GWN7000 Enterprise Router & Access Point Manager
User Manual
COPYRIGHT
©2016 Grandstream Networks, Inc. http://www.grandstream.com
All rights reserved. Information in this document is subject to change without notice. Reproduction or
transmittal of the entire or any part, in any form or by any means, electronic or print, for any purpose
without the express written permission of Grandstream Networks, Inc. is not permitted.
The latest electronic version of this guide is available for download here:
http://www.grandstream.com/support
Grandstream is a registered trademark and Grandstream logo is trademark of Grandstream Networks, Inc.
in the United States, Europe and other countries.
CAUTION
Changes or modifications to this product not expressly approved by Grandstream, or operation of this
product in any way other than as detailed by this guide, could void your manufacturer warranty.
WARNING
Please do not use a different power adaptor with devices as it may cause damage to the products and void
the manufacturer warranty.
Page |1
GWN7000 Enterprise Router & Access Point Manager
User Manual
FCC Caution
Any Changes or modifications not expressly approved by the party responsible for compliance could void
the user's authority to operate the equipment.
This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1)
This device may not cause harmful interference, and (2) this device must accept any interference received,
including interference that may cause undesired operation.
Note: This equipment has been tested and found to comply with the limits for a Class B digital device,
pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against
harmful interference in a residential installation. This equipment generates uses and can radiate radio
frequency energy and, if not installed and used in accordance with the instructions, may cause harmful
interference to radio communications. However, there is no guarantee that interference will not occur in a
particular installation. If this equipment does cause harmful interference to radio or television reception,
which can be determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
- Reorient or relocate the receiving antenna.
- Increase the separation between the equipment and receiver.
- Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
- Consult the dealer or an experienced radio/TV technician for help.
CE Compliance:
Hereby㸪Grandstream declares that this device is in compliance with the essential requirements and other
relevant provisions of Directive 2014/30/EU.
Page |2
GWN7000 Enterprise Router & Access Point Manager
User Manual
GNU GPL INFORMATION
GWN7000 firmware contains third-party software licensed under the GNU General Public License (GPL).
Grandstream uses software under the specific terms of the GPL. Please see the GNU General Public
License (GPL) for the exact terms and conditions of the license.
Grandstream GNU GPL related source code can be downloaded from Grandstream web site from:
http://www.grandstream.com/sites/default/files/Resources/gwn7xxx_gpl.zip
Page |3
GWN7000 Enterprise Router & Access Point Manager
User Manual
DOCUMENT PURPOSE
This document describes how to configure the GWN7000 via CLI and Web GUI to fully manipulate router's
features. The intended audiences of this document are Network administrators. Please visit
http://www.grandstream.com/support to download the latest “GWN7000 User Manual”.
This guide covers following topics:
xProduct Overview
xInstallation
xGetting Started
xRouter Configuration
xSetting up a Wireless Network
xClients Configuration
xVPN
xUpgrading and Provisioning
xExperiencing the GWN7000 VPN Router
Page |8
GWN7000 Enterprise Router & Access Point Manager
User Manual
CHANGE LOG
This section documents significant changes from previous versions of the GWN7000 user manuals. Only
major new features or major document updates are listed here. Minor updates for corrections or editing are
not documented here.
FIRMWARE VERSION 1.0.0.8
xThis is the initial version.
Page |9
GWN7000 Enterprise Router & Access Point Manager
User Manual
WELCOME
The GWN7000 is a powerful enterprise-grade router and controller for wireless access points. Ideal for
enterprises, office buildings, retail stores, shopping centers, hospitals, hotels, convention centers and
more, the GWN7000 allows businesses to build comprehensive VPN networks with up to 500 wireless
access points that can be shared across many different physical locations. This enterprise router provides
reliable internet access with WAN port load balancing and dual WAN ports to offer a backup connection.
Thanks to robust network features, easy web-based configuration and real-time status monitoring tools,
the GWN7000 is the ideal router and wireless access point controller for large and multi-site deployments.
--------------------------------------------------------------------------------------------------------------------------------------------
Caution:
Changes or modifications to this product not expressly approved by Grandstream, or operation of this
product in any way other than as detailed by this User Manual, could void your manufacturer warranty.
Warning:
Please do not use a different power adaptor with the GWN7000 as it may cause damage to the products
and void the manufacturer warranty.
--------------------------------------------------------------------------------------------------------------------------------------------
Page |10
The GWN7000 is a powerful enterprise-grade router. Ideal for enterprises, office buildings, retail stores,
shopping centers, hospitals, hotels, convention centers and more. This enterprise router provides reliable
internet access with WAN port load balancing and dual WAN ports to offer a backup connection. Thanks to
robust network features, easy web-based configuration and real-time status monitoring tools, the
GWN7000 is the ideal router for large and multi-site deployments.
GWN7000 Enterprise Router & Access Point Manager
User Manual
PRODUCT OVERVIEW
TECHNICAL SPECIFICATIONS
Table 1: GWN7000 Technical Specifications
Network Interfaces x2 x autosensing 10/100/1000 Base-T WAN Ports
x1 x auto-sensing 10/100/1000 Base-T configurable NET Port
x4 x auto-sensing 10/100/1000 Base-T LAN Ports
WAN Features xDHCP
xStatic IP
xPPPoE
xLoad balance & failover
xRule based routing
LAN Features xDHCP server
xDNS Cache
xMultiple zones
xVLAN
Auxiliary Ports x2 x USB 2.0 ports
x1 x Reset Pinhole
Routing Performance Up to 1Mpps with packet size with 64-byte packet size
USB x3G/4G/LTE as WAN
xPrinter sharing
xFile sharing
Network Protocols xIPv4, IPv6 (pending), 802.1Q, 802.1p, 802.1x, LLDP
VPN xProtocols: PPTP, L2TP/IPSec, OpenVPN (Client, Server or pass
through)
xPerformance up to 300Mbps
LED 8 green-color LEDs for device tracking and status indication
Mounting Indoor wall mount, Desktop
QoS VLAN, TOS
Firewall NAT, DMZ, Port Forwarding, SPI, UPnP
DPI Yes (pending)
Access Points Up to 500 GWN76xx series APs
Management Web, CLI, SNMP (pending)
Power x802.3at PoE+
xOptional Power Supply: 12V/2A
xMax power consumption: 16W
Environmental xOperation: 0°C to 40°C
Page |11
GWN7000 Enterprise Router & Access Point Manager
User Manual
xStorage: -10°C to 60°C
xHumidity: 10% to 90% Non-condensing
Package Content xGWN7000 Enterprise Router
x12V/2A Power Adapter
xQuick Installation Guide
xGPL License
Compliance FCC, CE, IC
Page |12
GWN7000 Enterprise Router & Access Point Manager
User Manual
INSTALLATION
Before deploying and configuring the GWN7000, the device needs to be properly powered up and
connected to network. This section describes detailed information on installation, connection and warranty
policy of the GWN7000.
EQUIPMENT PACKAGING
Table 2: GWN7000 Equipment Packaging
Main Case Yes (1)
Power adaptor Yes (1)
Quick Installation Guide Yes (1)
GPL License Yes (1)
CONNECT YOUR GWN7000
Figure 1: GWN7000 Front View
Page |13
GWN7000 Enterprise Router & Access Point Manager
User Manual
Figure 2: GWN7000 Back View
To set up the GWN7000, follow the steps below:
1. Connect one end of an RJ-45 Ethernet cable into the WAN1 or/and WAN2 port(s) of the
GWN7000.
2. Connect the other end of the Ethernet cable(s) into a DSL modem or router(s).
3. Connect the 12V DC power adapter into the power jack on the back of the GWN7000. Insert the
main plug of the power adapter into a surge-protected power outlet.
4. Wait for the GWN7000 to boot up and connect to internet/network. In the front of the GWN7000
the Power LED will be in solid green, and the WAN LED will flash in green.
5. Connect one of the LAN ports to your computer, the associated LED ports will flash in green.
6. (Optional) Connect LAN ports to your GWN7610 access points or/and other devices, the
associated LED ports will flash in green.
SAFETY COMPLIANCES
The GWN7000 VPN Router complies with FCC/CE and various safety standards. The GWN7000 power
adapter is compliant with the UL standard. Use the universal power adapter provided with the GWN7000
package only. The manufacturer’s warranty does not cover damages to the device caused by unsupported
power adapters.
WARRANTY
If the GWN7000 VPN Router was purchased from a reseller, please contact the company where the
device was purchased for replacement, repair or refund. If the device was purchased directly from
Grandstream, contact our Technical Support Team for a RMA (Return Materials Authorization) number
before the product is returned. Grandstream reserves the right to remedy warranty policy without prior
notification.
Page |14
GWN7000 Enterprise Router & Access Point Manager
User Manual
GETTING STARTED
The GWN7000 VPN Router provides an intuitive web GUI configuration interface for easy management in
addition to CLI Interface via SSH to give users access to all the configurations and options for GWN7000
VPN Router setup.
This section provides step-by-step instructions on how to read LED indicators, use CLI Interface and Web
GUI of the GWN7000.
LED INDICATORS
The front panel of the GWN7000 has LED indicators for power and interfaces activities, the table below
describes the LED indicators status.
Table 3: LED Indicators
LED Status Indication
POWER OFF GWN700 is powered off or abnormal power supply.
Solid green GWN7000 is powered on correctly.
WANs(1,2) Flashing green GWN7000 is connected as a client to another
network and data is transferring.
Solid green GWN7000 is connected as a client to another
network and there is no activity.
LANs(1,2,3,4,5) Flashing green A device is connected to the corresponding LAN
port and data is transferring.
Solid green A device is connected to the corresponding LAN
port and there is no activity.
Page |15
GWN7000 Enterprise Router & Access Point Manager
User Manual
USE THE WEB GUI
ACCESS WEB GUI
The GWN7000 embedded Web server responds to HTTPS GET/POST requests. Embedded HTML pages
allow users to configure the device through a Web browser such as Microsoft IE, Mozilla Firefox, Google
Chrome and etc.
Figure 3: GWN7000 Web GUI Login Page
To access the Web GUI:
1. Connect a computer to a LAN Port of the GWN7000.
2. Ensure the device is properly powered up, and the Power, LAN port LEDs light up in green.
3. Open a Web browser on the computer and enter the web GUI URL in the following format:
https://192.168.1.1
4. Enter the administrator’s login and password to access the Web Configuration Menu. The default
administrator's username and password are "admin" and "admin". It is highly recommended to change
the default password after login for the first time.
Page |17
GWN7000 Enterprise Router & Access Point Manager
User Manual
Figure 4: GWN7000 Home Menu
WEB GUI CONFIGURATIONS
There are 6 main sections in the Web GUI for users to view the connection status, configure and manage
the Router.
xStatus: Displays interface status.
xRouter: To configure WAN Ports settings, check general status of the Router, and Maintenance for
upgrade/provisioning
xDevices: To add Access points, discover automatically and pair by one click.
xClients: Shows the list of the clients connected to LAN ports of the GWN7000 and wireless clients
connected to zones via GWN7610 access points.
xVPN: To configure VPN tunnels.
xZone: To add and manage zones for the access points via VLANs.
WEB GUI LANGUAGES
Currently the GWN7000 series web GUI supports English and Simplified Chinese.
Page |18
GWN7000 Enterprise Router & Access Point Manager
User Manual
Users can select the displayed language at the upper right of the web GUI either before or after logging in.
Figure 5: GWN7000 Web GUI Language
Figure 6: GWN7000 Web GUI Language
Page |19
GWN7000 Enterprise Router & Access Point Manager
User Manual
SAVE AND APPLY CHANGES
When clicking on "Save" button after configuring or changing any option on the web GUI pages. A
message mentioning the number of changes will appear on the upper menu (See Figure 7).
Figure 7: Save Changes
Figure 8: View Changes
Users need to click on that message to view changed configuration (See Figure 8), and click on "OK"
button to apply changes.
Page |20
GWN7000 Enterprise Router & Access Point Manager
User Manual
ROUTER CONFIGURATION
This section explains configurations for network settings, user privileges, and router parameters on the
GWN7000 via Web GUI.
STATUS
INTERFACE STATUS AND DASHBOARD
The Interface status shows the connection stability for WAN Ports, access points and status for LAN, USB
ports and VPN tunnel.
Figure 9: Status Page
ROUTER STATUS
Beside Interface status, users can also view Device status to check MAC address, Part Number, Firmware
version and Uptime for the Router.
Page |21
GWN7000 Enterprise Router & Access Point Manager
User Manual
WAN status shows the uptime, current throughput, aggregate usage, and IP addresses for each WAN port.
Router’s Status can be accessed from Web GUI->Router->Status.
Figure 10: Router's Status
WAN PORTS
The GWN7000 has 2 WAN ports configured as DHCP clients by default to be connected with DSL modem
or routers, Users can also set static IPv4/IPv6 address, and configure PPPoE for each WAN port.
Connect to GWN7000’s Web GUI from a computer connected to a LAN port and go to Router->Port page
to configure WAN settings.
WAN PORTS CONFIGURATION SETTINGS
Please refer to the following table for basic network configuration parameters on WAN ports for GWN7000.
Table 4: GWN7000 WEB GUI -> Router ->Port -> WAN Port(1,2)
WAN Address Type
Select "DHCP", "Static" or "PPPoE" mode on the WAN interfaces of GWN7000.
The default setting is "DHCP".
xDHCP
When selected on a WAN port, it will act as a DHCP client and acquire an IP
automatically from the DHCP server.
xStatic
When selected the user will have to set a static IPv4 address, Subnet Mask
Page |22
GWN7000 Enterprise Router & Access Point Manager
User Manual
and IPv4 Gateway, or set IPv6 address, Prefix and Prefix Length if Enable
IPv6 is checked.
xPPPoE
When selected the user will have to set the PPPoE account and password,
PPPoE Keep alive interval and Inter-Key Timeout in seconds.
Preferred DNS Enter the preferred DNS server address. If Preferred DNS is set, GWN7000 will
use it in priority.
Alternate DNS Enter the Alternate DNS server address. If Preferred DNS is set, GWN7000 will
use it in when the Preferred DNS fails.
GLOBAL SETTINGS
This sections describes global settings tab for WAN Ports, that will be used for enabling/disabling Failover
and Load Balancing on WAN ports.
The following table shows the configuration parameters for WAN Ports global settings
Table 5: GWN7000 WEB GUI->Router->Port->Global Settings
Failover Enabled If checked failover will be enabled for both WAN ports, forbid login after x
attempts ? Default is disabled.
Load Balance
Enabled
If checked Load Balance will be used on both ports to optimize the ressource
utilization. Please note that for this feature to work, WAN ports should be
connected to different networks. Default is disabled.
Page |23
GWN7000 Enterprise Router & Access Point Manager
User Manual
Figure 11: WAN Ports Global Settings
CONNECTING DEVICES TO LAN PORTS
GWN7000 VPN Router with its DHCP server enabled on LAN ports level, will assign automatically an IP
address to the devices connected to its LAN ports like a computer or GWN7610 access points.
Please make sure that the device is configured as DHCP client so it can take an address, the GWN7000 will
assign 192.168.1.x/24 address to its clients connected to its LAN ports.
DHCP settings on LAN
(Lease time, set static IP for devices, addresses range, IPv4/IPv6 type to assign like Zone and WAN ?)
USER MANAGEMENT
The GWN7000 has two users level (Administrator and user) privileges ? user’s username
Page |24
GWN7000 Enterprise Router & Access Point Manager
User Manual
Figure 12: Admin and User
TIME&DATE SETTINGS
The GWN7000 supports configuring date and time settings format as well as configuring it with multiple NTP
servers via WAN (how many ?).
Connect to the GWN7000 Web GUI and go to Router->Maintenance. User can change the Date Display
Format, three options are possible YYYY/MM/DD, MM/DD/YYYY and DD/MM/YYYY
Page |25
GWN7000 Enterprise Router & Access Point Manager
User Manual
CONFIGURING NTP SERVER
Figure 13: Add an NTP server
DEVICE ROLE(MASTER/SLAVE)
Figure 14: Master Slave
Page |26
GWN7000 Enterprise Router & Access Point Manager
User Manual
VPN
OVERVIEW
Only VPN client, No Server ?
VPN allows the GWN7000 to be connected to a remote VPN server using PPTP, L2TP and OpenVPN
protocols, users can access VPN page from the GWN7000 Web GUI -> VPN.
xTo add a VPN tunnel users need to click on
xTo edit a VPN tunnel users need to click on
xTo delete a VPN tunnel users need to click on
Refer to the below tables depending on which VPN type has been selected.
1.1.1.4 OpenVPN
Table 12: OpenVPN
Enabled If checked the VPN tunnel will be enabled.
VPN Name Set the VPN’s name.
Zone Set the Zone that will be using the VPN tunnel.
NAT Enable If checked NAT will be enabled.
Port Forwarding Rules
Port Trigger Rules
OpenVPN Mode
Local Host Set the local host IP address. Default is 0.0.0.0
Remote OpenVPN Server:Port Set the remote OpenVPN server’s IP/FQDN and its port.
Protocol Select UDP or TCP for protocol.
Device Type Select TUN or TAP for the virtual network kernel device.
Allow Peer to Change IP If checked, a device using the tunnel will still take control of the session if
its IP changes.
LZO Compression Select Adaptive, Yes or No for LZO compression speed.
Fragment Set the fragment value.
Mssfix Set Mssfix value. Default is 1450.
Inactive Timeout Set the inactivity timeout value (in unit) for restarting the connection.
CA Certificate Click on to upload CA certificate.
Page |37
GWN7000 Enterprise Router & Access Point Manager
User Manual
Client Certificate Click on to upload client certificate.
Client Private Key Click on to upload private key.
1.1.1.5 L2TP
Table 13: L2TP
Enabled If checked the VPN tunnel will be enabled.
VPN Name Set the VPN’s name.
Zone Set the Zone that will be using the VPN tunnel.
NAT Enable If checked NAT will be enabled.
Port Forwarding Rules
Port Trigger Rules
1.1.1.6 PPTP
Table 14: PPTP
Enabled If checked the VPN tunnel will be enabled.
VPN Name Set the VPN’s name.
Zone Set the Zone that will be using the VPN tunnel.
NAT Enable If checked NAT will be enabled.
Port Forwarding Rules
Port Trigger Rules
Remote PPTP Server Set the remote PPTP server’s IP/FQDN.
Username Set the client’s username.
Password Set the client’s password.
Use Tunnel as Default Route If checked the VPN will be used as default tunnel for all connected
devices to the zone.
Use DNS from Server If checked, all connected devices to the zone will be using DNS
from the PPTP server.
Number of Attempts to Reconnect Set the number of attempts to reconnect to the server if it fails.
Use Built-in IPv6-managment If checked the tunnel will be used IPv6 addressing.
Page |38
GWN7000 Enterprise Router & Access Point Manager
User Manual
UPGRADING AND PROVISIONING
UPGRADING FIRMWARE
The GWN7000 can be upgraded to a new firmware version remotely or locally. This section describes how
to upgrade your GWN7000 via network or local upload.
UPGRADING VIA WEB GUI
The GWN7000 can be upgraded via TFTP/HTTP/HTTPS by configuring the URL/IP Address for the
TFTP/HTTP/HTTPS server and selecting a download method. Configure a valid URL for TFTP, HTTP or
HTTPS; the server name can be FQDN or IP address.
Examples of valid URLs:
firmware.grandstream.com/BETA
192.168.5.87
The upgrading configuration can be accessed via Web GUI->Router->Maintenance.
Table 15: Network Upgrade Configuration
Upgrade Via Allow users to choose the firmware upgrade method: TFTP, HTTP
or HTTPS.
Firmware Server Define the server path for the firmware server.
Check Update on Boot If checked, the device will check if there is a firmware from the
configured firmware server at boot.
Automatic Upgrade check interval(m) Set the value for automatic upgrade check in minutes.
Upgrade Now
Click on button to begin the upgrade. Note that the
device will reboot after downloading the firmware.
UPGRADING VIA CLI
--------------------------------------------------------------------------------------------------------------------------------------------
Note:
Please do not interrupt or power cycle the GWN7000 during upgrading process.
Page |39
GWN7000 Enterprise Router & Access Point Manager
User Manual
--------------------------------------------------------------------------------------------------------------------------------------------
Service providers should maintain their own firmware upgrade servers. For users who do not have
TFTP/HTTP/HTTPS server, some free windows version TFTP servers are available for download from
http://www.solarwinds.com/products/freetools/free_tftp_server.aspx
http://tftpd32.jounin.net
Please check our website at http://www.grandstream.com/support/firmware for latest firmware.
Instructions for local firmware upgrade via TFTP:
1. Unzip the firmware files and put all of them in the root directory of the TFTP server;
2. Connect the PC running the TFTP server and the GWN7000 to the same LAN segment;
3. Launch the TFTP server and go to the File menu->Configure->Security to change the TFTP server's
default setting from "Receive Only" to "Transmit Only" for the firmware upgrade;
4. Start the TFTP server and configure the TFTP server in the GWN7000 web configuration interface;
5. Configure the Firmware Server to the IP address of the PC;
6. Update the changes and reboot the GWN7000.
End users can also choose to download a free HTTP server from http://httpd.apache.org/ or use
Microsoft IIS web server.
PROVISIONING AND BACKUP
The GWN7000 configuration can be backed up locally or via network. The backup file will be used to
restore the configuration on GWN7000 when necessary.
DOWNLOAD CONFIGURATION
Users can download the GWN7000 configurations for restore purpose under Web GUI->Router->
Maintenance
Click on to download locally the configuration file.
Page |40
GWN7000 Enterprise Router & Access Point Manager
User Manual
CONFIGURATION SERVER
Users can download and provision the GWN7000 by putting the config file on a TFTP/HTTP or HTTPS
server, and set Config Server to the TFTP/HTTP or HTTPS server used in order for the GWN7000 to be
provisioned with that config server file.
RESET AND REBOOT
Users could perform a reboot under Web GUI->Router->Maintenance by clicking on
button.
Factory Reset
SYSLOG
On the GWN7000, users could dump the syslog information to a remote server under Web GUI
->Router->Maintenance. Enter the syslog server hostname or IP address and select the level for the
syslog information. Five levels of syslog are available: None, Debug, Info, Warning, and Error.
Page |41
GWN7000 Enterprise Router & Access Point Manager
User Manual
EXPERIENCING THE GWN7000 VPN ROUTER
Please visit our website: http://www.grandstream.com to receive the most up- to-date updates on firmware
releases, additional features, FAQs, documentation and news on new products.
We encourage you to browse our product related documentation, FAQs and User and Developer Forum
for answers to your general questions. If you have purchased our products through a Grandstream
Certified Partner or Reseller, please contact them directly for immediate support.
Our technical support staff is trained and ready to answer all of your questions. Contact a technical support
member or submit a trouble ticket online to receive in-depth support.
Thank you again for purchasing Grandstream GWN7000 Enterprise Router, it will be sure to bring
convenience and color to both your business and personal life
Page |42
END OF USER’S MANUAL