Senao Networks SR32108001 802.11b/g Router User Manual ESR 1221 UsersManual V1 2
Senao Networks, Inc. 802.11b/g Router ESR 1221 UsersManual V1 2
Manual
11b/g Wireless SOHO Router User’s Manual Version: 1.2 Table of Contents INTRODUCTION................................................................................................................................5 1.1 1.2 1.3 1.4 1.5 1.6 FEATURES & BENEFITS ...........................................................................................................5 PACKAGE CONTENTS...............................................................................................................6 WIRELESS SOHO ROUTER DESCRIPTION ................................................................................6 SYSTEM REQUIREMENTS .........................................................................................................7 APPLICATIONS .........................................................................................................................7 NETWORK CONFIGURATION ....................................................................................................8 a) b) UNDERSTANDING THE HARDWARE...........................................................................................9 2.1 2.2 Ad-hoc (peer-to-peer) Mode..........................................................................................................................8 Infrastructure Mode........................................................................................................................................8 HARDWARE INSTALLATION .....................................................................................................9 IP ADDRESS CONFIGURATION .................................................................................................9 WEB CONFIGURATION.................................................................................................................10 3.1 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 3.2.10 3.2.11 3.3 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4 3.4.1 3.4.2 3.4.3 3.4.3.1 3.4.4 3.4.5 3.4.6 3.4.7 3.4.7.1 3.4.7.1.1 3.4.7.1.2 3.4.7.1.3 3.5 3.5.1 3.5.2 3.5.3 LOGGING IN...........................................................................................................................10 MANAGEMENT ......................................................................................................................11 STATUS .................................................................................................................................11 STATISTICS ............................................................................................................................13 DYNAMIC DNS .....................................................................................................................13 TIME ZONE SETTING .............................................................................................................14 DENIAL OF SERVICE (DOS) ...................................................................................................15 LOG .......................................................................................................................................16 UPGRADE FIRMWARE ............................................................................................................17 SAVE CONFIGURATION TO A FILE ..........................................................................................17 RESTORE THE CONFIGURATION FROM A FILE ........................................................................18 RESTORE SETTINGS TO FACTORY DEFAULTS ........................................................................18 ADMINISTRATOR SETTINGS ...................................................................................................19 TCP/ IP SETTINGS .................................................................................................................19 LAN SETTINGS – STATIC IP ..................................................................................................20 LAN SETTINGS – DHCP CLIENT ...........................................................................................21 LAN SETTINGS – DHCP SERVER ..........................................................................................22 WAN SETTINGS – STATIC IP.................................................................................................23 WAN SETTINGS – DHCP CLIENT .........................................................................................24 WAN SETTINGS – PPPOE .....................................................................................................25 WAN SETTINGS – PPTP........................................................................................................26 WIRELESS..............................................................................................................................28 WIRELESS BASIC SETTINGS ...................................................................................................28 WIRELESS ADVANCED SETTINGS ..........................................................................................29 WIRELESS SECURITY .............................................................................................................31 WIRELESS SECURITY - DISABLED ..........................................................................................31 WIRELESS SECURITY - WEP..................................................................................................31 WIRELESS SECURITY – WPA / WPA2-MIXED.......................................................................33 WIRELESS ACCESS CONTROL ................................................................................................34 WDS (WIRELESS DISTRIBUTION SYSTEM) ............................................................................35 WDS SECURITY ....................................................................................................................36 WDS SECURITY - NONE ........................................................................................................36 WDS SECURITY – WEP 64/128 ............................................................................................36 WDS SECURITY – WPA (TKIP), WPA2 (AES) ....................................................................37 FIREWALL .............................................................................................................................39 PORT FILTERING....................................................................................................................39 IP FILTERING .........................................................................................................................40 MAC FILTERING ...................................................................................................................41 3.5.4 3.5.5 3.5.6 PORT FORWARDING...............................................................................................................42 URL FILTERING ....................................................................................................................43 DMZ .....................................................................................................................................44 APPENDIX A – SPECIFICATIONS..........................................................................................................45 APPENDIX B – FCC INTERFERENCE STATEMENT.........................................................................46 Revision History Version Date Notes 1.0 1.1 1.2 Jul 10, 2008 Aug 6, 2008 Aug 11, 2008 Initial Version 1 Introduction The Wireless SOHO Router operates seamlessly in the 2.4 GHz frequency spectrum supporting the 802.11b (2.4GHz, 11Mbps) and the newer, faster 802.11g (2.4GHz, 54Mbpswireless standard. High output power and high sensitivity can extend range and coverage to reduce the roaming between APs to get more stability wireless connection. It also can reduce the expense of equipment in the same environment. To protect your wireless connectivity, this device can encrypt all wireless transmissions through 64/128-bit WEP data encryption and also supports WPA2/WPA/802.1x for powerful security authentication. The MAC addresses filter lets you select exactly which stations should have access to your network. This chapter describes the features & benefits, package contents, applications, and network configuration. Features & Benefits Features Benefits High Speed Data Rate Up to 54Mbps Capable of handling heavy data payloads such as MPEG video streaming IEEE 802.11b/g Compliant Fully Interoperable with IEEE 802.11b/IEEE802.11g compliant devices with legacy protection NAT Router WEP/WPA/WPA2/ IEEE 802.1x support Multiple computer Internet Access, also act as natural firewall Securing network from malicious access Hide SSID DHCP Avoid free-rider stealing your bandwidth Simplify network configuration and management MAC address filtering Ensures secure network connection UPnP(Universal Plug and Play) Firewall with SPI (Stateful Packet Inspection) Friendly to special application e.g. instant messenger, VoIP Set up application server (FTP, Web, Email, …) on LAN WLAN/LAN-to-WAN access control (allow/disallow), prevent users from access unwanted content Prevent malicious access from Internet DoS (Denial of Service) protection Prevent from well-known DoS attack Built-in 4-port Switch automatically detects cable type Web-based configuration Easy local connectivity Firmware change via the Web-based configuration screen System log Allow easy upgrade/restore/dump system configuration via web interface Logging critical event according to network manager’s criteria Port forwarding Access control Simple and intuitive network management Package Contents Open the package carefully, and make sure that none of the items listed below are missing. Do not discard the packing materials, in case of return; the unit must be shipped in its original package. One Wireless SOHO Router One Power Adapter One CAT5 UTP Cable One CD-ROM with User’s Manual and Install Wizard One Quick Guide Wireless SOHO Router Description Top Panel Rear Panel Step Label LAN Ports (1 – 4) WAN Port DC Connector Description Use an Ethernet cable to connect each port to a computer on your Local Area Network (LAN). Use an Ethernet cable to connect this port to your WAN router. Use the power cable and connect the adapter to the power Connection / Activity LED WAN LED WLAN LED Power LED socket on the wall, and the DC inlet into the DC connector. This LED will light up once an Ethernet cable is connected to one of the LAN ports or the WAN port. This LED will light up once an Ethernet cable is connected to WAN (Internet) port. This LED will light up once the RF (wireless LAN) feature is enabled This LED will light up once the power cable is connected to the DC connector. System Requirements The following are the minimum system requirements in order configure the device. PC/AT compatible computer with a Ethernet interface. Operating system that supports HTTP web-browser Applications The wireless LAN products are easy to install and highly efficient. The following list describes some of the many applications made possible through the power and flexibility of wireless LANs: a) Difficult-to-wire environments There are many situations where wires cannot be laid easily. Historic buildings, older buildings, open areas and across busy streets make the installation of LANs either impossible or very expensive. b) Temporary workgroups Consider situations in parks, athletic arenas, exhibition centers, disasterrecovery, temporary offices and construction sites where one wants a temporary WLAN established and removed. c) The ability to access real-time information Doctors/nurses, point-of-sale employees, and warehouse workers can access real-time information while dealing with patients, serving customers and processing information. d) Frequently changed environments Show rooms, meeting rooms, retail stores, and manufacturing sites where frequently rearrange the workplace. e) Small Office and Home Office (SOHO) networks SOHO users need a cost-effective, easy and quick installation of a small network. f) Wireless extensions to Ethernet networks Network managers in dynamic environments can minimize the overhead caused by moves, extensions to networks, and other changes with wireless LANs. g) Wired LAN backup Network managers implement wireless LANs to provide backup for missioncritical applications running on wired networks. h) Training/Educational facilities Training sites at corporations and students at universities use wireless connectivity to ease access to information, information exchanges, and learning. Network Configuration To better understand how the wireless LAN products work together to create a wireless network, it might be helpful to depict a few of the possible wireless LAN PC card network configurations. The wireless LAN products can be configured as: a) Ad-hoc (or peer-to-peer) for departmental or SOHO LANs. b) Infrastructure for enterprise LANs. a) Ad-hoc (peer-to-peer) Mode This is the simplest network configuration with several computers equipped with the PC Cards that form a wireless network whenever they are within range of one another. In ad-hoc mode, each client is peer-topeer, would only have access to the resources of the other client and does not require an access point. This is the easiest and least expensive way for the SOHO to set up a wireless network. The image below depicts a network in ad-hoc mode. b) Infrastructure Mode The infrastructure mode requires the use of an access point (AP). In this mode, all wireless communication between two computers has to be via the AP. It doesn’t matter if the AP is stand-alone or wired to an Ethernet network. If used in stand-alone, the AP can extend the range of independent wireless LANs by acting as a repeater, which effectively doubles the distance between wireless stations. The image below depicts a network in infrastructure mode. 2 Understanding the Hardware Hardware Installation 1. Place the unit in an appropriate location after conducting a site survey. 2. Plug one end of the Ethernet cable into the LAN port of the device and another end into your PC/Notebook. 3. Plug one end of another Ethernet cable to WAN port of the device and the other end into you cable/DSL modem (Internet) 4. Insert the DC-inlet of the power adapter into the port labeled “DC-IN” and the other end into the power socket on the wall. This diagram depicts the hardware configuration PC Ethernet WLAN Router Ethernet AC/DC cable Cable / DSL Modem Power Outlet IP Address Configuration This device can be configured as a Bridge/Router or Access Point. The default IP address of the device is 192.168.1.1 In order to log into this device, you must first configure the TCP/IP settings of your PC/Notebook. 1. In the control panel, double click Network Connections and then double click on the connection of your Network Interface Card (NIC). You will then see the following screen. 2. Select Internet Protocol (TCP/IP) and then click on the Properties button. This will allow you to configure the TCP/IP settings of your PC/Notebook. 3. Select Use the following IP Address radio button and then enter the IP address and subnet mask. Ensure that the IP address and subnet mask are on the same subnet as the device. For Example: Device IP address: 192.168.1.1 PC IP address: 192.168.1.10 PC subnet mask: 255.255.255.0 4. Click on the OK button to close this window, and once again to close LAN properties window. 3 Web Configuration Logging In To configure the device through the web-browser, enter the IP address of the Bridge (default: 192.168.1.1) into the address bar of the web-browser and press Enter. Make sure that the device and your computers are configured on the same subnet. Refer to Chapter 2 in order to configure the IP address of your computer. After connecting to the IP address, the web-browser will display the login page. Specify the User Name and Password. The User name and password are set to admin by default, click on the Login or OK button. 10 1. 2. 3. 4. After logging in you will graphical user interface (GUI) of the device. The navigation drop-down menu on left is divided into four main sections: Management: This menu includes the administrator settings, advanced wireless settings such as wireless MAC clone and RTS/fragmentation threshold. Also included are other system related settings such as firmware upgrade, reset to factory defaults, and system date/time configuration. TCIP/IP: This menu includes the configuration of the LAN port and settings for the LAN IP, subnet mask, default gateway and DHCP client. Also, included are the settings for the WAN connection Wireless: This menu includes the settings such as network type (infrastructure/adhoc), data rate, and security. Firewall: This menu displays the security settings such as MAC filter, content filter, port blocking and DoS protection. Management Click on the Management link on the navigation drop-down menu. You will then see nine options: Status, Statistics, DDNS, Time Zone Setting, Denial-of-Service, Log, Upgrade Firmware, Save/Reload Settings and Password. Each option is described below. Status Click on the Status link under the Management menu. The device status page is also displayed once you have logged in. This includes details about the system uptime and firmware, LAN IP address and MAC address and the wireless settings such as the radio status, MAC address, SSID, RF channel, as well as WAN settings. 11 12 Statistics Click on the Statistics link on the navigation drop-down menu. This page displays the transmitted and received packet statistics of the wired and wireless interface. Click on the Refresh button to refresh the statistics. Dynamic DNS Click on the DDNS link on the navigation drop-down menu. This feature allows you to maintain your Internet domain name even if you IP address supplied by your ISP is a dynamic one. Enable DDNS: Place a check in this box to enable the DDNS feature. Service Provider: Select a DDNS service provider from the drop-down list. DynDNS is a free service while TZO offers a 30 day free trial. Domain Name: Specify the website URL. User Name: Specify the user name for the DDNS service. Password: Specify the password for the DDNS service. Click on the Apply Change to save the changes or the Reset button to clear the fields. 13 Time Zone Setting Click on the Time Zone Setting link in the navigation menu. This feature allows you to configure, update, and maintain the correct time on the device’s internal system clock as well as configure the time zone. The date and time of the device can be configured manually or by synchronizing with a time server. Note: If the device losses power for any reason, it will not be able to keep its clock running, and will not display the correct time once the device has been restarted. Therefore, you must re-enter the correct date and time. Current Time: You may specify the date and time manually, if you choose not to use the Network Timing Protocol (NTP) Time Zone: Select a time zone from the drop-down list Enable NTP client update: Place a check in this box if you choose to enable the NTP client service. NTP Server: Select a service IP address from the drop-down list or manually assign the IP address of the NTP server. Click on the Apply Change to save the changes or the Reset button to clear the fields. 14 Denial of Service (DoS) Click on the Denial of Service link in the navigation menu. This is a security feature that blocks intrusions from the Internet that may disrupt the network service. Enable DoS protection: Place a check in this box to enable the DoS features. You may also enable the other DoS protection features listed below. If you are not sure what the DoS protection feature is used for, it is recommend keeping the feature disabled. Click on the Apply Change to save the changes or the Reset button to clear the fields. 15 Log Click on the Log link on the navigation drop-down menu. Logs display a list of events that are triggered on the Ethernet and Wireless interface. This log can be referred when an unknown error occurs on the system or when a report needs to be sent to the technical support department for debugging purposes. Enable Log: Place a check in this box to enable the system logging feature. You may also click on system all, which will log wireless and DoS events. Enable Remote Log: You may also enable remote logging by placing a check in this box and then specifying the IP address of the log server. Click on the Apply Changesto save the changes. You may also use the Refresh and Clear button. 16 Upgrade Firmware Click on the Upgrade Firmware link on the navigation drop-down menu. This page allows you to upgrade the firmware of the device in order to improve the functionality and performance. Ensure that you have downloaded the appropriate firmware from the vendor’s website. Connect the device to your PC using an Ethernet cable, as the firmware cannot be upgraded using the wireless interface. Click on the Browse button to select the firmware and then click on the Upload button. Note: Do not un-plug the device during this process. Some firmware upgrades may restore the configuration back to the factory default settings. Therefore you may need to restore a configuration from a file. Refer to the next two sections for details on saving and restoring configurations. Save Configuration to a File Click on the Save / Reload Settings link on the navigation drop-down menu. This option allows you to save the current configuration of the device into a file. Click on the Save button to begin. Save the file on your local disk by using the Save or Save to Disk button in the dialog box. 17 Restore the Configuration from a File Click on the Save / Reload Settings link on the navigation drop-down menu. This option allows you to restore a backup configuration from a file to the device. Click on the Browse button to select the file and then click on Upload button. A page indicating the reloading process will be displayed. Please wait while the system restarts and load the configuration page based on the pervious IP address. Restore Settings to Factory Defaults Click on the Save / Reload Settings link on the navigation drop-down menu. This option allows you to restore the configuration back to the factory default settings. Click on the Reset button to restore the configuration. Click on the Restart button to reboot the device using the current settings. 18 Administrator Settings Click on the Password link on the navigation drop-down menu. This page allows you to configure the password to access this device from the web-browser. Note: The default user name and password of the device is admin User Name: Specify a user name that will be used to connect to the device. New Password: Specify a password. Confirmed Password: Re-type the password. Click on the Apply Changesto save the changes. TCP/ IP Settings Click on the TCP/IP Settings link on the navigation drop-down menu. You will then see two options. Usijng this menu you may configure the LAN IP address, DHCP, Static or Dynamic WAN IP and PPPoE. Each option is described below. 19 LAN Settings – Static IP Click on the LAN Interface link on the navigation drop-down menu. This feature allows you to configure the LAN interface using a static IP address or as a DHCP server/client. This IP address is also used to access the web-based interface. IP Address: Enter an IP address for this device. Subnet Mask: Enter the subnet mask for this IP address. Default Gateway: Enter the IP address of the default gateway. DHCP: Since you have specified a static IP address, select Disabled from the dropdown list. 802.1d: You may enable this option if you would like to use the spanning tree feature for bridging. (optional) Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Click on the Apply Changes to save the changes. Note: If you change the IP address here, you may need to adjust your PC’s network settings to access the network again. 20 LAN Settings – DHCP Client Click on the LAN link on the navigation drop-down menu. This feature allows you to configure the LAN interface using a static IP address or as a DHCP server/client. This IP address is also used to access the web-based interface. DHCP: If you select DHCP, you are not required to enter the rest of the fields, as the IP address will be provided to the device by the AP or DHCP server 802.1d: You may enable this option if you would like to use the spanning tree feature for bridging. (optional) Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Click on the Apply Changes to save the changes. Note: If you change the IP address here, you may need to adjust your PC’s network settings to access the network again. The computers (and other devices) connected to your LAN also need to have their TCP/IP configuration set to DHCP or Obtain an IP address automatically. 21 LAN Settings – DHCP Server Click on the LAN link on the navigation drop-down menu. This feature allows you to configure the LAN interface using a static IP address or as a DHCP server/client. DHCP stands for Dynamic Host Configuration Protocol. The DHCP section is where you configure the built-in DHCP Server to assign IP addresses to the computers and other devices on your local area network (LAN). In most situations, the router provides DHCP services, and you can leave this option disabled. However, if for any reason the router does not provide DHCP services, enable this option. The device’s DHCP Server will then manage the IP addresses and other network configuration information for wireless clients associated with the AP. The computers (and other devices) connected to your LAN also need to have their TCP/IP configuration set to DHCP or Obtain an IP address automatically. IP Address: Enter an IP address for this device. Subnet Mask: Enter the subnet mask for this IP address. Default Gateway: Enter the IP address of the default gateway. DHCP: Select Server from the drop-down list. This device will act as a DHCP server and assign IP address to it clients. DHCP Client Range: You may limit the number of IP addresses that are distributed on the network. Specify a starting and ending range that is part of the same subnet. Domain Name: Specify a domain name for this device/network. 802.1d: You may enable this option if you would like to use the spanning tree feature for bridging. (optional) Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Click on the Apply Changesto save the changes. Note: If you change the IP address here, you may need to adjust your PC’s network settings to access the network again. The computers (and other devices) connected to your LAN also need to have their TCP/IP configuration set to DHCP or Obtain an IP address automatically. 22 WAN Settings – Static IP Click on the WAN link on the navigation drop-down menu. This feature allows you to configure the WAN interface using a static IP address, DHCP Client, PPoE, or PPTP. WAN Access Type: Select Static IP from the drop-down list. This type of connection is used when your ISP has provided you a dedicated IP address. IP Address: Enter an IP address for this device, which is assigned by your ISP. Subnet Mask: Enter the subnet mask for this IP address, which is assigned by your ISP. Default Gateway: Enter the IP address of the default gateway, which is assigned by your ISP. MTU: You may adjust the Maximum Transmit Unit (MTU), however it is recommend that this value is set to the default: 1500 bytes DNS 1-3: Specify the IP address of the DNS server Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Enable uPNP: Place a check in this box to enable UPnP. It is recommended to enable this feature as it’s used by several applications. Enable PING Access on WAN: Place a check in this box if you would like the device to be pinged from the WAN side (ISP). Enable Web Sever Access on WAN: Place a check in this box if the static IP address if used for a web-server. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of IPsec packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of PPTP packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of L2TP packets on a VPN connection. 23 Click on the Apply Changesto save the changes. WAN Settings – DHCP Client Click on the WAN link on the navigation drop-down menu. This feature allows you to configure the WAN interface using a static IP address, DHCP Client, PPoE, or PPTP. The DHCP Client feature allows the ISP to provide an IP address to the device. This is also known as Dynamic IP. WAN Access Type: Select DHCP Client from the drop-down list. This type of connection is usually used when the ISP will supply the IP address and DNS settings. This is also known as Dynamic IP. Host Name: Specify a host name for this device. DNS: The ISP usually automatically assigns the DNS IP address, in case you need to assign it manually then click on the Set DNS Manually and fill in the fields. MTU: You may adjust the Maximum Transmit Unit (MTU), however it is recommend that this value is set to the default: 1500 bytes DNS 1-3: Specify the IP address of the DNS server Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Enable uPNP: Place a check in this box to enable UPnP. It is recommended to enable this feature as it’s used by several applications. Enable PING Access on WAN: Place a check in this box if you would like the device to be pinged from the WAN side (ISP). 24 Enable Web Sever Access on WAN: Place a check in this box if the static address if used for a web-server. Enable IPsec pass through on VPN connection: Place a check in this box enable the pass through of IPsec packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box enable the pass through of PPTP packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box enable the pass through of L2TP packets on a VPN connection. Click on the Apply Changesto save the changes. IP to to to WAN Settings – PPPoE Click on the WAN link on the navigation drop-down menu. This feature allows you to configure the WAN interface using a static IP address, DHCP Client, PPoE, or PPTP. A PPPoE service requires a user name and password to log into the Internet and is usually a DSL service. WAN Access Type: Select PPPoE from the drop-down list. This type of connection is usually used for a DSL service and requires a username and password to connect. User Name: Specify the user name which is provided by your ISP. Password: Specify the password which is provided by your ISP. Service Name: Specify the name of the ISP. Connection Type: Select Continuous (always online), Connect on Demand (connect to the ISP only when you click on a website), or Manual (connect to the ISP only when you click on a ‘Connect’ button) from the drop-down list. Idle Time: The PPPoE service can automatically disconnect if the connection is idle. Specify the number of minutes after between 1 and 100. 25 DNS: The ISP usually automatically assigns the DNS IP address, in case you need to assign it manually then click on the Set DNS Manually and fill in the fields. MTU: You may adjust the Maximum Transmit Unit (MTU), however it is recommend that this value is set to the default: 1500 bytes DNS 1-3: Specify the IP address of the DNS server Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Enable uPNP: Place a check in this box to enable UPnP. It is recommended to enable this feature as it’s used by several applications. Enable PING Access on WAN: Place a check in this box if you would like the device to be pinged from the WAN side (ISP). Enable Web Sever Access on WAN: Place a check in this box if the static IP address if used for a web-server. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of IPsec packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of PPTP packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of L2TP packets on a VPN connection. Click on the Apply Changesto save the changes. WAN Settings – PPTP Click on the WAN link on the navigation drop-down menu. This feature allows you to configure the WAN interface using a static IP address, DHCP Client, PPoE, or PPTP. 26 WAN Access Type: Select PPTP from the drop-down list. This type of connection is used when your ISP has provided you a dedicated IP address. IP Address: Enter an IP address for this device, which is assigned by your ISP. Subnet Mask: Enter the subnet mask for this IP address, which is assigned by your ISP. Default Gateway: Enter the IP address of the default gateway, which is assigned by your ISP. MTU: You may adjust the Maximum Transmit Unit (MTU), however it is recommend that this value is set to the default: 1500 bytes DNS 1-3: Specify the IP address of the DNS server Clone MAC Address: Specify a MAC address if you would like to use a different MAC address on this device. (optional) Enable uPNP: Place a check in this box to enable UPnP. It is recommended to enable this feature as it’s used by several applications. Enable PING Access on WAN: Place a check in this box if you would like the device to be pinged from the WAN side (ISP). Enable Web Sever Access on WAN: Place a check in this box if the static IP address if used for a web-server. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of IPsec packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of PPTP packets on a VPN connection. Enable IPsec pass through on VPN connection: Place a check in this box to enable the pass through of L2TP packets on a VPN connection. Click on the Apply Changesto save the changes. 27 Wireless Click on the TCP/IP Settings link on the navigation drop-down menu. You will then see five options. Basic Settings, Advanced Settings, Security, Access Control, and WDS Settings. Each option is described below. Wireless Basic Settings Click on the Basic Settings link on the navigation drop-down menu. These options allow you to enable/disable the wireless interface, switch between the 11b/g and 11b radio band and channel frequency Wireless Interface: Place a check in this box to disable the wireless interface, it is enabled by default. Band: Select the IEEE 802.11 mode from the drop-down list. For example, if you are sure that the wireless network will be using only IEEE 802.11g clients, then it is recommended to select 802.11g only instead of 2.4 GHz B+G which will reduce the performance of the wireless network. You may also select 2.4GHz B or 2.4GHz G SSID: The SSID is a unique named shared amongst all the points of the wireless network. The SSID must be identical on all points of the wireless network and cannot exceed 32 characters. Channel: Select a channel from the drop-down list. The channels available are based on the country’s regulation. 28 Show Active Clients: Click on this button to view a list of clients that are associated with this device. Click on the Apply Changesto save the changes. Wireless Advanced Settings Click on the Advanced Settings link on the navigation drop-down menu. These options allow you to configure the authentication type, fragment threshold, RTS threshold, beacon interval, and RF output power. Authentication Type: Select Open System, Shared Key or Auto as an authentication type. An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set. All authentication packets are transmitted without encryption. Shared Key sends an unencrypted challenge text string to any device attempting to communicate with the AP. The device requesting authentication encrypts the challenge text and sends it back to the access point. If the challenge text is encrypted correctly, the access point allows the requesting device to authenticate. It is recommended to select Auto if you are not sure which authentication type is used. Fragment Threshold: Packets over the specified size will be fragmented in order to improve performance on noisy networks. Specify a value between 256 and 65535. The default value is 2346. RTS Threshold: Packets over the specified size will use the RTS/CTS mechanism to maintain performance in noisy networks and preventing hidden nodes from degrading the performance. Specify a value between 1 and 2347. The default value is 2347. 29 Beacon Interval: Beacons are packets sent by a wireless Access Point to synchronize wireless devices. Specify a Beacon Period value between 20 and 1024. The default value is set to 100 milliseconds. Data Rate: Select a transmission rate from the drop-down list. It is recommended to use the auto option. Preamble Type: Select a long or short preamble type. For best performance, it is recommended that the preamble type of the AP matches that of the client. Broadcast SSID: Select Enable or Disable. This is the SSID broadcast feature. If you set this value to Visible, then the clients will be able to find this SSID on a site survey. IAPP: This is the Inter Access Point Protocol which simplifies roaming between Access Points. If you have setup several Access Point or a WDS system, it is recommended to Enable this feature. 802.11g protection: If your network includes 11g and 11b clients, it’s recommended to enable the feature as this will enhance the throughput rate in a mixed mode. User Isolation: Select Enable or Disable. This is a security feature that will isolate every client device that is associated with the device. One client device will not be able to view the other client device in a network neighborhood. If used in a public area such as a coffee shop, it is recommended to enable this feature in order to protect the privacy of the client devices. RF Output Power: You may control the output power of the device by selecting a value. This feature can be helpful in restricting the coverage area of the wireless network. Turbo Mode: This is a special feature that improves the speed and performance of the network. It is recommend to enable the feature. QoS WMM: If you are using VoIP, it is recommended to enable WMM. Wi-Fi Multimedia (WMM) is a Wi-Fi Alliance interpretability certification, based on the IEEE 802.11e draft standard. It provides basic Quality of service (QoS) features to IEEE 802.11 networks. WMM prioritizes traffic according to 4 AC (Access Categories), however it does not provide guaranteed throughput. It is suitable for simple applications that require QoS, such as Wi-Fi Voice over IP (VoIP) phone Click on the Apply Changesto save the changes. 30 Wireless Security To protect your privacy this mode supports several types of wireless security: WEP WPA, WPA2, and WPA-Mixed. WEP is the original wireless encryption standard. WPA provides a higher level of security. The following section describes the security configuration in detail. Wireless Security - Disabled Encryption: Select None from the drop-down list in order to disable wireless security. Click on the Apply Changesto save the changes. Wireless Security - WEP Select WEP from the drop-down list if your wireless network uses WEP encryption. WEP is an acronym for Wired Equivalent Privacy, and is a security protocol that provides the same level of security for wireless networks as for a wired network. WEP is not as secure as WPA encryption. To gain access to a WEP network, you must know the key. The key is a string of characters that you create. When using WEP, you must determine the level of encryption. The type of encryption determines the key length. 128-bit encryption requires a longer key than 64-bit encryption. Keys are defined by entering in a string in HEX (hexadecimal - using characters 0-9, A-F) or ASCII (American Standard Code for Information Interchange - alphanumeric characters) format. ASCII format is provided so you can enter a string that is easier to remember. The ASCII string is converted to HEX for use over the network. Four keys can be defined so that you can change keys easily. A default key is selected for use on the network. 31 Encryption: Select WEP from the drop-down list in order to enable WEP security and then click on the Set WEP key button. Key Length: Select a 64-bit or 128-bit WEP key length from the drop-down list. Key Format: Select a key format such as HEX or ASCII from the drop-down list. Encryption Key: You may use up to four different keys for four different networks. Select the current key that will be used. Click on the Apply Changes to save the changes. 32 Wireless Security – WPA / WPA2-Mixed Select WPA or WPA2-Mixed from the drop-down list if your wireless network uses WPA encryption. WPA (Wi-Fi Protected Access) was designed to improve upon the security features of WEP (Wired Equivalent Privacy). The technology is designed to work with existing Wi-Fi products that have been enabled with WEP. WPA provides improved data encryption through the Temporal Integrity Protocol (TKIP), which scrambles the keys using a hashing algorithm and by adding an integrity checking feature which makes sure that keys haven’t been tampered with. Encryption: Select WPA or WPA2-Mixed from the drop-down list in order to enable WPA security. WPA Authentication Mode: Select Enterprise (Radius) or Personal (Pre-Shared Key). If you select Enterprise (radius) then the pass key is located on the RADIUS server, however, if you select Personal (Pre-Shared Key) then you may assign a key on this configuration page. WPA / WPA2 Cipher Suite: Select TKIP or AES as the cipher suite. The encryption algorithm used to secure the data communication. TKIP (Temporal Key Integrity Protocol) provides per-packet key generation and is based on WEP. AES (Advanced Encryption Standard) is a very secure block based encryption. Note that, if the bridge uses the AES option, the bridge can associate with the access point only if the access point is also set to use only AES. The device negotiates the cipher type with the access point, and uses AES when available. Pre-Shared Key: The key is entered as a pass-phrase of up to 63 alphanumeric characters in ASCII (American Standard Code for Information Interchange) format at both ends of the wireless connection. It cannot be shorter than eight characters, although for proper security it needs to be of ample length and should not be a commonly known phrase. This phrase is used to generate session keys that are unique for each wireless client. Authentication Radius Sever: If you have selected Enterprise (Radius) as the authentication type then you must specify the RADIUS port number, IP address, and password. 33 Click on the Apply Changes to save the changes. Wireless Access Control Click on the Access Control link on the navigation drop-down menu. The MAC address filter section can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to your network. A MAC address is a unique ID assigned by the manufacturer of the network adapter. Wireless Access Control Mode: You may use this feature to filter the wireless clients. Select a filter setting from the drop-down list. When allow listed is selected; only computers with MAC addresses listed in the MAC Address List are granted network access. When deny listed is selected, any computer with a MAC address listed in the MAC Address List is refused access to the network. MAC Address: Specify the MAC address of the node which you would like to filter. Click on the Apply Changes to save the changes. 34 WDS (Wireless Distribution System) Click on the WDS link on the navigation drop-down menu. The Wireless Distribution System feature configures this device as a repeater and therefore extends the range/coverage area of the wireless network. Enable WDS: When WDS is enabled, this access point functions as a wireless repeater and is able to wirelessly communicate with other APs via WDS links. A WDS link is bidirectional; so this AP must know the MAC Address (creates the WDS link) of the other AP, and the other AP must have a WDS link back to this AP. Make sure the APs are configured with same channel number. Add WDS AP: Specify one-half of the WDS link. The other AP must also have the MAC address of this AP to create the WDS link back to this AP. Click on the Apply Changes to save the changes. 35 WDS Security Click on the Set Security button to configure one of the security options for the WDS. Options available are WEP, WPA and WPA2, and you must configure the same security setting on each Access Point linked with this one. WDS Security - None Encryption: Select None from the drop-down list in order to disable wireless security. Click on the Apply Changes to save the changes. WDS Security – WEP 64/128 Select WEP from the drop-down list if your wireless network uses WEP encryption. WEP is an acronym for Wired Equivalent Privacy, and is a security protocol that provides the same level of security for wireless networks as for a wired network. WEP is not as secure as WPA encryption. To gain access to a WEP network, you must know the key. The key is a string of characters that you create. When using WEP, you must determine the level of encryption. The type of encryption determines the key length. 128-bit encryption requires a longer key than 64-bit encryption. Keys are defined by entering in a string in HEX (hexadecimal - using characters 0-9, A-F) or ASCII (American Standard Code for Information Interchange - alphanumeric characters) format. ASCII format is provided so you can enter a string that is easier to remember. The ASCII string is converted to HEX for use over the network. Four keys can be defined so that you can change keys easily. A default key is selected for use on the network. 36 Encryption: Select a 64-bit or 128-bit WEP encryption from the drop-down list. Key Format: Select a key format such as HEX or ASCII from the drop-down list. WEP Key: Specify the WEP key Click on the Apply Changes to save the changes and then click on the Close button. WDS Security – WPA (TKIP), WPA2 (AES) Select WPA or WPA2-Mixed from the drop-down list if your wireless network uses WPA encryption. WPA (Wi-Fi Protected Access) was designed to improve upon the security features of WEP (Wired Equivalent Privacy). The technology is designed to work with existing Wi-Fi products that have been enabled with WEP. WPA provides improved data encryption through the Temporal Integrity Protocol (TKIP), which scrambles the keys using a hashing algorithm and by adding an integrity checking feature which makes sure that keys haven’t been tampered with. 37 Encryption: Select a WPA or WPA2 encryption from the drop-down list. The encryption algorithm used to secure the data communication. TKIP (Temporal Key Integrity Protocol) provides per-packet key generation and is based on WEP. AES (Advanced Encryption Standard) is a very secure block based encryption. Note that, if the bridge uses the AES option, the bridge can associate with the access point only if the access point is also set to use only AES. The device negotiates the cipher type with the access point, and uses AES when available. Pre-Shared Key: The key is entered as a pass-phrase of up to 63 alphanumeric characters in ASCII (American Standard Code for Information Interchange) format at both ends of the wireless connection. It cannot be shorter than eight characters, although for proper security it needs to be of ample length and should not be a commonly known phrase. This phrase is used to generate session keys that are unique for each wireless client. 38 Firewall Click on the Firewall link on the navigation drop-down menu. You will then see six options. Port filtering, IP filtering, MAC filtering, Port filtering, URL filtering, DMZ. Each option is described below. Port Filtering Select Port Filtering from the drop-down list This feature is used to restrict certain types of data packets on certain port numbers from your local network and the Internet. These filters can be used for securing and restricting your network. Enable Port Filtering: Place a check in this box to enable this feature. Port Range: Enter the starting and ending port number. You may also enter a single port number if necessary. Protocol: Select a protocol from the drop-down list: TCP, UDP, or Both. Comment: You may add a comment to define the filter. (optional) Click on the Apply Changes button to add the filter to the table. 39 You may place a check in the box on under the Select column and then click on Delete Selected to remove the selected entry. You may also click on Delete All to delete all the filtering entries. IP Filtering Select IP Filtering from the drop-down list. This feature is used to restrict certain IP address from using certain protocols over the Internet. These filters can be used for securing and restricting your network. Enable IP Filtering: Place a check in this box to enable this feature. Local IP Address: Enter the IP address of the device on the local network. Protocol: Select a protocol from the drop-down list: TCP, UDP, or Both. Comment: You may add a comment to define the filter. (optional) Click on the Apply Changes button to add the filter to the table. You may place a check in the box on under the Select column and then click on Delete Selected to remove the selected entry. You may also click on Delete All to delete all the filtering entries. 40 MAC Filtering Select MAC Filtering from the drop-down list. This feature is used to restrict certain MAC address from accessing the Internet. These filters can be used for securing and restricting your network. Enable MAC Filtering: Place a check in this box to enable this feature. MAC Address: Enter the MAC address of the device on the local network. Comment: You may add a comment to define the filter. (optional) Click on the Apply Changes button to add the filter to the table. You may place a check in the box on under the Select column and then click on Delete Selected to remove the selected entry. You may also click on Delete All to delete all the filtering entries. 41 Port Forwarding Select Port Forwarding from the drop-down list. This feature is used to automatically redirect common network services to a specific machine behind the NAT firewall. These settings are only necessary if you wish to host some sort of server like a web server or email server on the private local network behind the NAT firewall. Enable MAC Filtering: Place a check in this box to enable this feature. Local IP Address: Enter the IP address of the device on the local network. Protocol: Select a protocol from the drop-down list: TCP, UDP, or Both. Port Range: Enter the starting and ending port number. You may also enter a single port number if necessary. Comment: You may add a comment to define the filter. (optional) Click on the Apply Changes button to add the filter to the table. You may place a check in the box on under the Select column and then click on Delete Selected to remove the selected entry. You may also click on Delete All to delete all the filtering entries. 42 URL Filtering Select URL Filtering from the drop-down list. This is a type of parental control feature used to restrict certain websites form being accessed through your network. These filters can be used for securing and restricting your network. Enable URL Filtering: Place a check in this box to enable this feature. URL Address: Enter the URL of the website. Click on the Apply Changes button to add the filter to the table. You may place a check in the box on under the Select column and then click on Delete Selected to remove the selected entry. You may also click on Delete All to delete all the filtering entries. 43 DMZ Select DMZ from the drop-down list. A demilitarized zone is used to provide Internet services without sacrificing unauthorized access to its local private network. Typically, the DMZ host contains devices accessible to Internet traffic, such as web, FTP, email and DNS servers. Enable DMZ: Place a check in this box to enable this feature. DMZ Host IP Address: Enter the IP address of the DMZ host. Click on the Apply Changes button to add the filter to the table. 44 Appendix A – Specifications Standards IEEE802.11b/g, IEEE802.1x, IEEE802.3, IEEE802.3u Wi-Fi data speed IEEE 802.11b: 11/5.5/2/1Mbps IEEE 802.11g: 54/48/36/24/18/12/9/6Mbps Compatibility IEEE 802.11g/ IEEE 802.11b Power Requirements Power Supply: 90 to 240 VDC ±10 (depends on different countries) Device: 12 V/ 1.3A Status LEDs 4*LAN : Link/Activity WLAN : Link/Activity Power : On/Off Internet : On/Off/Activity Regulation Certifications FCC Part 15/UL, ETSI 300/328/CE RF Information Frequency Band 2.400-2.497GHz (Japan Band) 2.400-2.483GHz (North America, Europe Band) 2.455-2.475GHz (Spand Band) 2.446-2.483GHz (France Band Media Access Protocol Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) Modulation Technology Orthogonal Frequency Division Multiplexing (OFDM) DBPSK @ 1Mbps DQPSK @2Mbps CCK @ 5.5 & 11Mbps BPSK @ 6 and 9 Mbps QPSK @ 12 and 18 Mbps 16-QAM @ 24 and 36 Mbps 64-QAM @ 48 and 54 Mbps Operating Channels 11 for North America, 14 for Japan, 13 for Europe, Receive Sensitivity (Typical) -88dBm @ 1Mbps -70dBm @ 54Mbps Available transmit power (Typical) 2.412~2.472G(IEEE802.11g) 8+-1 dBm min. @6 ~ 54Mbps 2.412~2.472G(IEEE802.11b) 7+-1 dBm. @1~11Mbps Antenna Connector Dipole antenna with reverse SMA connector Networking Topology Ad-Hoc, Infrastructure Operation Mode AP/Router Interface LAN: Four 10/100Mbps Ethernet (RJ-45); WAN: One 10/100Mbps Ethernet (RJ-45); WLAN: 802.11b/g air interface Security IEEE802.1x Authenticator /RADIUS Client (EAPMD5/TLS/TTLS) Support in AP Mode MAC address filtering Hide SSID in beacons Network Protocol NAT/PAT Internet connection management: FixedIP/DHCP/PPPoE/PPTP DHCP (server/client) Static route, RIP1/2 HTTP UPnP DDNS (Dynamic DNS) PPTP/L2TP/IPsec (pass-thru) Management Web-based configuration (HTTP) Firmware Upgrade Upgrade firmware via web-browser Physical Dimensions (HxWxD) 16x10x4cm Environmental Temperature Range Operating: -10°C to 50°C (14F to 122F) Storage: -40°Cto 70°C (-40F to 158F) Humidity (non-condensing) 5%~95% Typical 45 Appendix B – FCC Interference Statement Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures: - Reorient or relocate the receiving antenna. - Increase the separation between the equipment and receiver. - Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. - Consult the dealer or an experienced radio/TV technician for help. FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. IMPORTANT NOTE: FCC Radiation Exposure Statement: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. The availability of some specific channels and/or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination. The firmware setting is not accessible by the end user. 46 Industry Canada statement: This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. IMPORTANT NOTE: Radiation Exposure Statement: This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. This device has been designed to operate with an antenna having a maximum gain of 2 dB. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada. The required antenna impedance is 50 ohms. 47
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : No Encryption : Standard V2.3 (128-bit) User Access : Print XMP Toolkit : 3.1-701 About : ed1b3649-69b3-11dd-0000-7b8e8e0a7f7e Producer : AFPL Ghostscript 8.54 Modify Date : 2008:08:11 11:52:01+08:00 Create Date : 2008:08:11 11:48:26+08:00 Creator Tool : PDFCreator Version 0.9.2 Metadata Date : 2008:08:11 11:52:01+08:00 Document ID : ed1b3649-69b3-11dd-0000-7b8e8e0a7f7e Instance ID : uuid:5ab93fca-4cf7-46bd-909b-0a30a8098f1a Format : application/pdf Title : ESR-1221-UsersManual-V1-2 Creator : Aimee Page Count : 47 Author : AimeeEXIF Metadata provided by EXIF.tools