United Bus Tech WIFUN1050 Vehicle Wi-Fi Media Server User Manual UBT

United Bus Tech, Inc. Vehicle Wi-Fi Media Server UBT

User Manual

WIFUN1050VehicleWi‐FiMediaServerUser’sManual©2015UBTInc.Allrightsreserved.Republicationwithoutpermissionisprohibited.
WIFUN1050User’sManualCopyrightNoticeCopyright©2015UBTInc.Allrightsreserved.Reproductionwithoutpermissionisprohibited.TrademarksUBTisaregisteredtrademarkofUnitedBusTech.Otherregisteredmarkscitedinthismanualrepresentedtheirrespectivecompanies.DisclaimerInformationinthisdocumentissubjecttochangewithoutnoticeanddoesnotrepresentanobligationonthepartofUnitedBusTech.Thisusermanualmayincludeintentionaltechnicalortypographicalerrors.Changesareperiodicallymadetothemanualtocorrectsucherrors,andthesechangesarenotinformedinneweditions.TechnicalSupportContactInformationUnitedBusTechnologyinfo@ubt.io
TableofContentsWIFUN1050USER’SMANUAL...................................................................................................21.WIFUN1050INTRODUCTION..........................................................................................................61.1Overview.............................................................................................................................61.2Features...............................................................................................................................62.ESTABLISHNETWORKCONNECTION...................................................................................................92.1EstablishNetworkConnection............................................................................................92.1.1AutomaticacquisitionofIPaddress(recommended)..................................................92.1.2SetastaticIPaddress.................................................................................................122.2ConfirmthatthenetworkbetweenthesupervisoryPCandrouterisconnected............132.3CanceltheProxyServer....................................................................................................153.WEBCONFIGURATION..................................................................................................................173.1LogintheWebSettingPageofRouter..............................................................................173.2Management.....................................................................................................................183.2.1System........................................................................................................................183.2.1.1SystemStatus......................................................................................................183.2.1.2BasicSettings.......................................................................................................193.2.2SystemTime...............................................................................................................193.2.2.1SystemTime........................................................................................................203.2.2.2SNTPClientPort..................................................................................................203.2.3AdminAccess.............................................................................................................223.2.3.1Createauser.......................................................................................................223.2.3.2ModifyaUser......................................................................................................233.2.3.3RemoveUsers......................................................................................................233.2.3.4ManagementService..........................................................................................243.2.4AAA.............................................................................................................................263.2.4.1Radius..................................................................................................................273.2.4.2Tacacs+................................................................................................................283.2.4.3LDAP....................................................................................................................293.2.4.4AAASettings........................................................................................................303.2.5ConfigurationManagement.......................................................................................323.2.6SNMP..........................................................................................................................333.2.6.1SNMP...................................................................................................................353.2.6.2SnmpTrap............................................................................................................373.2.7Alarm..........................................................................................................................373.2.7.1AlarmStatus........................................................................................................383.2.7.2AlarmInput.........................................................................................................393.2.7.3AlarmOutput......................................................................................................393.2.7.4AlarmMap...........................................................................................................413.2.8SystemLog.................................................................................................................413.2.8.1SystemLog..........................................................................................................413.2.8.2SystemLogSettings.............................................................................................423.2.8.3KiwiSyslogDaemon............................................................................................43
3.2.9SystemUpgrading.......................................................................................................433.2.10Reboot......................................................................................................................443.2.11CloudPlatform.........................................................................................................443.2.11.1CloudPlatform..................................................................................................443.2.11.2MOTTClient......................................................................................................453.2.12ScheduledTasks........................................................................................................463.3Network.............................................................................................................................463.3.1Cellular.......................................................................................................................463.3.1.1Status...................................................................................................................473.3.1.2Cellular................................................................................................................473.3.2WLANInterface(2.4G)...........................................................................................503.3.2.1Status...................................................................................................................503.3.2.2WLAN(2.4G).......................................................................................................503.3.2.3IPSetup...............................................................................................................533.3.2.4SSIDScan.............................................................................................................533.3.3WLANInterface(5.8G)...........................................................................................533.3.3.1Status...................................................................................................................533.3.3.2WLAN(5.8G)...................................................................................................543.3.3.3IPSetup...............................................................................................................563.3.3.4SSIDScan.............................................................................................................573.3.4CaptivePortal.............................................................................................................573.3.5DHCPservice..............................................................................................................593.3.5.1Status...................................................................................................................603.3.5.2DHCPServer........................................................................................................603.3.5.3DHCPRelay..........................................................................................................623.3.5.4DHCPClient.........................................................................................................623.3.6DNSServices...............................................................................................................633.3.6.1DNSServer..........................................................................................................643.3.6.2DNSRelay............................................................................................................643.3.7SMS............................................................................................................................653.3.8VLANInterface...........................................................................................................663.3.8.1VLANConfiguration.............................................................................................663.3.8.2VLANAggregation...............................................................................................673.3.9ADSLDialup(PPPoE)..............................................................................................683.3.10LoopbackInterface...................................................................................................693.3.11DynamicDomainName...........................................................................................713.3.12BridgeInterface........................................................................................................723.4LinkBackup.......................................................................................................................733.4.1SLA..............................................................................................................................733.4.2TrackModule..............................................................................................................743.4.3VRRP...........................................................................................................................763.4.4InterfaceBackup.........................................................................................................793.5Routing..............................................................................................................................803.5.1StaticRoute................................................................................................................80
3.5.1.1RoutingStatus.....................................................................................................813.5.1.2StaticRouting......................................................................................................813.5.2DynamicRouting........................................................................................................823.5.2.1RoutingStatus.....................................................................................................833.5.2.2RIP.......................................................................................................................833.5.2.3OSPF....................................................................................................................873.5.2.4FilteringRoute.....................................................................................................893.5.3MulticastRouting.......................................................................................................903.5.3.1BasicSettings.......................................................................................................903.5.3.2IGMP....................................................................................................................913.6Tools..................................................................................................................................933.6.1PING...........................................................................................................................933.6.2RoutingDetection......................................................................................................943.6.3LinkSpeedTest...........................................................................................................943.7InstallationGuide..............................................................................................................953.7.1NewDial.....................................................................................................................953.7.2NewIPSecTunnel.......................................................................................................963.8PersonalizationFeatures...................................................................................................973.8.1NginxServer...............................................................................................................973.8.2FileSynchronization...................................................................................................983.8.3GPSLocationInformation..........................................................................................993.8.4RoamingManagement.............................................................................................1003.8.4.1RoamingManagement......................................................................................1003.8.4.2UpgradefromAP...............................................................................................1003.9Firewall............................................................................................................................1013.9.1AccessControl(ACL)............................................................................................1013.9.2NAT...........................................................................................................................1033.10QoS................................................................................................................................1063.11VPN................................................................................................................................1083.11.1IPSec.......................................................................................................................1083.11.1.1IPSecPhase1...................................................................................................1093.11.1.2IPSecPhase2...................................................................................................1123.11.1.3IPSecConfiguration.........................................................................................1133.11.1.4IPSecVPNConfigurationExample...................................................................1143.11.2GRE.........................................................................................................................1183.11.3L2TP........................................................................................................................1203.11.4OPENVPN...............................................................................................................1223.11.5CertificateManagement........................................................................................1243.12ConfigurationWizard....................................................................................................1264.APPLICATIONSCENARIOS.............................................................................................................128APPENDIX1TROUBLESHOOTING..........................................................................................129APPENDIX2INSTRUCTIONOFCOMMANDLINE....................................................................132
1.WIFUN1050IntroductionThisChapterincludes: Overview Features1.1OverviewWIFUN1050isadedicatedvehicleWi‐FiMediaServerwithembeddedNGINXwebserverandlocalstorageSSD.WithWIFUN1050andtheRainbowWi‐Ficloud,motorcoachoperatorsmayeasilysetupanadvancedWi‐Fioperatingsystemwhichprovidesdevicemanagement,contentmanagement,vehiclelocationmanagement,visitormanagement,statisticalreports,andotherfeatures.TravelerssimplyconnecttotheWi‐FihotspotprovidedbyWIFUN1050tosurfInternet,andtoenjoylocalservicessuchasVODmoviesandinteractivegamesprovidedbyoperators.BydeployingtheRainbowWi‐Ficloud,motorcoachoperatorsmayeasilyremotelymanagethousandsofWIFUN1050devices,nomatterchangingvisitorpolicyorupdatingmediacontentdeployedinWIFUN1050.TheWIFUN1050isaportalintothemobileinternetandastepforwardinprovidingvalue‐addedservicestotravelers.1.2Features AdvancedWi‐Fi Supportdualband2.4GHzand5.8GH,fullycompliancewithIEEE802.11ac/a/b/g/nstandards. With2X2MIMOtechnologyenabled,Wi‐Ficonnectionbandwidthcanreachashighas1.2Gbps,bringsamazingmulti‐userperformance. High‐speed4GAccess Integratinguptotwo4Gcellularmodules,WIFUN1050providesreliableTD‐LTE/FDD‐LTEaccess,with100Mbpsuplinkand50Mbpsdownlink. QuadBandLTE:700/850/AWS(1700/2100)/1900MHz;FDD‐Band(17,5,4,2);TriBand
UMTS(WCDMA):850/AWS(1700/2100)/1900MHz;FDD‐Band(5,4,2)QuadBandGSM/GPRS/EDGE:850/900/1800/1900MHz GPS WithGPSenabled,WIFUN1050providesvehiclelocation,speed/courseovergroundandtrackinformation. PowerfulWebPortal WhenvisitorsconnecttotheWi‐FihotspotprovidedbyWIFUN1050,agreetingsplashpagepopsup,providinglocalmediaservicesanduserauthentication. Built‐inWebServer EmbedreliableNGINXwebserver,enablinglocalmediaservices. SupportPHP,enablingdynamicpagecontent. LocalStorage SupportSSDupto1TB,toleratingvibrationfromvehicle. Localstoragemaybeusedtostorelocalwebcontent,movies,music,apps,etc.toacceleratelocalaccessandtosaveinternetbandwidth. ContentUpdateMechanism Inremotesynchronizationmode,locallystoredcontentsmaysyncwiththecloud. Inlocalsynchronizationmode,contentmaybeupdatedviaSDcardorFTP. Bothmodesmaybehybridtoenableevenmoreflexibleoperation. VisitorBehaviorManagement SupportvisitorauthenticationbySMSorsocialaccounts. SupportQoStolimitper‐userbandwidthandtraffic,preventingoveragesandprotectinglatency‐sensitivetraffic. Supportwebsitesblacklistandwhitelist. CloudManagement SupporttheRainbowWi‐Ficloud,enablingdevicemanagement,contentmanagement,vehiclelocationmanagement,visitormanagement,statisticalreports,andotherfeatures. SupportCLI,webUIandSNMPv3. HighReliability
 Withdedicatedvehiclepowermoduleinside,WIFUN1050toleratespowervoltagedips,overruns,shortandotherfailures.SupportautomaticallypowercontrolwithACCsignaltoprotectSSDandvehiclebattery. Fanlesscoolingdesigntosimplifyinstallation. Supportlinkqualityinspectionandauto‐recoverytoensurereliableLTEaccess. RobustSecurity SupportIPSecVPN,DMVPN,L2TP,SSLVPN,andCAcertificationtoensuredatasecurity. SupportpowerfulfirewallfunctionssuchasStatefulPacketInspection(SPI),AccessControlList(ACLs),DoSattackprevention,etc. SupportAAA,TACACS,Radius,localauthentication,andmultilevelsuserauthoritytoensuresecuremanagement.
2.EstablishNetworkConnectionThischaptermainlycontainsthefollowingcontents: EstablishNetworkConnection ConfirmthattheconnectionbetweensupervisoryPCandrouter CanceltheProxyServerAftercompletingthehardwareinstallation,beforetologintheWebset‐uppage,youneedtoensurethatthemanagementoftheEthernetcardinstalledonyourcomputer.2.1EstablishNetworkConnection2.1.1AutomaticacquisitionofIPaddress(recommended)Pleasesetthesupervisorycomputerto"automaticacquisitionofIPaddress"and"automaticacquisitionofDNSserveraddress"(defaultconfigurationofcomputersystem)tolettherouterautomaticallyassignIPaddressforsupervisorycomputer.1)Open“ControlPanel”,doubleclick“NetworkandInternet”icon,enter“NetworkandSharingCenters”2)Clickthebutton<LocalConnection>toenterthewindowof"LocalConnectionStatus”
3)Click<Properties>toenterthewindowof"LocalConnectionProperties”,asshownbelow.
4)Select“InternetPortocolVersion4(TCP/IPv4)”,click<Properties>toenter“InternetPortocolVersion4(TCP/IPv4)Properties”page.Select“ObtainanIPaddressautomatically”and“ObtainDNSServeraddressautomatically”,thenclick<OK>tofinishsetting,asshownbelow.
2.1.2SetastaticIPaddressSetcomputermanagementIPaddressanddevieceFEportIPaddressonthesamenetworksegment(deviceFEportinitialIPaddress:192.168.2.1,SubnetMask:255.255.255.0).ThefollowingFE1/1portconnectedtoacomputerandmanagementprovidedinWindowsXPsystemdescribedasanexample.Enter“InternetPortocol(TCP/IP)Properties”page,select“UsethefollowingIPaddress”,typeIPaddress(arbitraryvaluebetween192.168.2.2~192.168.2.254),SubnetMask(255.255.255.0),andDefafultGateway(192.168.2.1),thenclick<OK>tofinishsetting,asshownFigure2‐5.
Figure2‐5InternetPortocol(TCP/IP)Properties2.2ConfirmthatthenetworkbetweenthesupervisoryPCandrouterisconnected1)Clickthelowerleftcornerofthescreen<Start>buttontoenterthe"Start"menu,select"Run"pop‐up"Run"dialogbox,showninFigure2‐6.
Figure2‐6Run2)Enter"ping192.168.2.1(IPaddressofrouter;itisthedefaultIPaddress),andclickthebutton<OK>.Ifthepop‐updialogboxshowstheresponsereturnedfromtherouterside,itindicatesthatthenetworkisconnected;otherwise,checkthenetworkconnection,showninFigure2‐7.Figure2‐7CommandPrompt
2.3CanceltheProxyServerIfthecurrentsupervisorycomputerusesaproxyservertoaccesstheInternet,itisrequiredtocanceltheproxyserviceandtheoperatingstepsareasfollows:1)Select[Tools/InternetOPtions]inthebrowsertoenterthewindowof[InternetOptions],showninFigure2‐8.Figure2‐8InternetOPtions2)Selectthetab”Connect”andclickthebutton<LANSetting(L)>toenterthepageof“LANSetting”.Pleaseconfirmiftheoption”UseaProxyServerforLAN”ischecked;ifitischecked,pleasecancelandclickthebutton<OK>,showninFigure2‐9.
Figure2‐9LANSetting
3.WebConfigurationThischapterincludesthefollowingparts: Login/outWebConfigurationPage Management Network LinkBackup Routing Tools InstallationGuide PersonalizationFeatures Firewall Qos VPN3.1LogintheWebSettingPageofRouterRuntheWebbrowser,enter“http://192.168.2.1:8080”intheaddressbar,andpressEntertoskiptotheWebloginpage,asshowninFigure3‐1.Enterthe“UserName”(default:adm)and“Password”(default:123456),andclickbutton<OK>ordirectlypressEntertoentertheWebsettingpage.
Figure3‐1LoginRouterAfterenteringtheWebSettingpage,clickthe"AdvancedConfiguration"webinterface,thepop‐updialogbox,enter"UserName"(default:adm)againand"Password"(default:123456),thenentertheparameterconfigurationinterfacestartparametersettings.Advancedconfigurationisshownin3.2~3.11. Atthesametime,therouterallowsuptofouruserstomanagethroughtheWebsettingpage.Whenmulti‐usermanagementisimplementedfortherouter,itissuggestednottoconductconfigurationoperationfortherouteratthesametime;otherwiseitmayleadtoinconsistentdataconfiguration. Forsecurity,youaresuggestedtomodifythedefaultloginpasswordafterthefirstloginandsafekeepthepasswordinformation.3.2Management3.2.1System3.2.1.1SystemStatusFromtheleftnavigationpanel,selectAdministration/System,thenenter“SystemStatus”page.Onthispageyoucanchecksystemstatusandnetworkstatus,asshowninFigure3‐2.Insystemstatus,byclicking<SyncTime>youcanmakethetimeofroutersynchronizedwiththesystemtimeofthehost.Clickthe“Set”onnetworkstatustoenterintotheconfigurationscreendirectly.Forconfigurationmethods,refertoSection3.3.2.
Figure3‐2SystemStatus3.2.1.2BasicSettingsSelectAdministration/System,thenenter“BasicSetup”page.YoucansetthelanguageofWebConfigurationPageanddefineRouterName,asshowninFigure3‐3.Figure3‐3BasicSettings3.2.2SystemTimeToensurethecoordinationbetweenthisdeviceandotherdevices,userisrequiredtosetthesystemtimeinanaccuratewaysincethisfunctionisusedtoconfigureandchecksystemtimeaswellassystemtimezone.
Thedevicesupportsmanualsettingofsystemtimeandthetimetopassself‐synchronisticSNTPserver.3.2.2.1SystemTimeTimesynchronizationofrouterwithconnectedhostcouldbesetupmanuallyinsystemtimeconfigurationpartwhilesystemtimeisallowedtobesetasanyexpectedvalueafterYear2000manually.Fromtheleftnavigationpanel,selectAdministration/SystemTime,thenenter“SystemTime”page,asshowninFigure3‐4.Byclicking<SyncTime>youcanmakethetimeofroutersynchronizedwiththesystemtimeofthehost.SelecttheexpectedparametersinYear/Month/DateandHour:Min:SecColum,thenclick<Apply&Save>.Therouterwillimmediatelysetthesystemtimeintoexpectedvalue.Figure3‐4SystemTime3.2.2.2SNTPClientPortSNTP,namelySimpleNetworkTimeProtocol,isasystemforsynchronizingtheclocksofnetworkedcomputers.InmostplacesoftheInternettoday,SNTPprovidesaccuraciesof1‐50msdependingonthecharacteristicsofthesynchronizationsourceandnetworkpaths.ThepurposeofusingSNTPistoachievetimesynchronizationofalldevicesequippedwithaclockonnetworksoastoprovidemultipleapplicationsbasedonuniformtime.
Fromtheleftnavigationpanel,selectAdministration/SystemTime,thenenter“SNTPClient”page,asshowninFigure3‐5.Figure3‐5SNTPClientPortPagedescriptionisshowninTable3‐1.Table3‐1SNTPClientPortPageDescriptionParameterDescriptionDefaultSourceIPThecorrespondingIPofsourceinterfaceNoneSNTPServersListServerAddressSNTPserveraddress(domainname/IP),maximumtoset10SNTPserverNonePortTheserviceportofSNTPserver123 BeforesettingaSNTPserver,shouldensureSNTPserverreachable.EspeciallywhentheIPaddressofSNTPserverisdomain,shouldensureDNSserverhasbeenconfiguredcorrectly. Ifyouconfigureasourceinterfaceandthencannotconfigurethesourceaddress.theoppositeisalsotrue.
WhensettingmultipleSNTPserver,systemwillpollallSNTPserversuntilfindanavailableSNTPserver.3.2.3AdminAccessAdminAccessallowsthemanagementofuserswhicharecategorizedintosuperuserandcommonuser. Superuser:onlyoneautomaticallycreatedbythesystem,allocatedwiththeusernameofadmandgrantedwithallaccessrightstotherouter. Commonuser:createdbysuperuserwiththerighttocheckratherthenmodifyrouterconfiguration.3.2.3.1CreateauserClicknavigationpanel/AdminAccess,enter“Createauser”page,Whereintheuserpermissionsvalue,thehighertheprivilege,showninFigure3‐6.Figure3‐6Createauser
3.2.3.2ModifyaUserFromtheleftnavigationpanel,selectAdministration/AdminAccess,thenenter“ModifyaUser”page,asshowninFigure3‐7.Presstheuserthatneedstomodifyin“UserSummary”,afterthebackgroundturnsblue,enternewinformationin“ModifyaUser”.Figure3‐7ModifyaUser3.2.3.3RemoveUsersFromtheleftnavigationpanel,selectAdministration/AdminAccess,thenenter“RemoveUsers”page,asshowninFigure3‐8.Presstheuserthatneedstoremovein”UserSummary”.Afterthebackgroundturnsblue,press<Delete>toremovetheuser.
Figure3‐8RemoveUsersThesuperuser(adm)canneitherbemodifiednordeleted.Butsuperuser’spasswordcanbemodified.3.2.3.4ManagementServiceHTTPHTTP,shortenedformofHypertextTransferProtocol,isusedtotransmitWebpageinformationonInternet.HTTPislocatedastheapplicationlayerinTCP/IPprotocolstack.ThroughHTTP,usercouldlogonthedevicetoaccessandcontrolitthroughWeb.HTTPSHTTPS(HypertextTransferProtocolSecure)supportsHTTPinSSL(SecuritySocketLayer).HTTPS,dependingonSSL,isabletoimprovethedevice’ssecuritythroughfollowingaspects: DistinguishlegalclientsfromillegalclientsthroughSSLandDisableillegalclientstoaccessthedevice; Encryptthedataexchangedbetweenclientanddevicetoguaranteesecurityandintegralityofdatatransmissionsoastoachievethesafemanagementofdevice; Anaccesscontrolstrategybasedoncertificateattributionsisestablishedforfurthercontrolofclient’saccessauthoritysoastofurtheravoidattackforillegalclients.
TELNETTelnet isanapplicationlayerprotocolinTCP/IPprotocolfamily,providingtelnetandVTfunctionsthroughWeb.DependingonServer/Client,Tel netClientcouldsendrequesttoTelnetserverwhichprovidesTeln etservices.ThedevicesupportsTel netClientandTe lnetServer.SSHIncomparisonwithTel net, STelnet(SecureTel net) ,basedonSSH2,allowstheClienttonegotiatewithServersoastoestablishsecureconnection.ClientcouldlogonServerjustasoperationofTelnet .ThroughfollowingmeasuresSSHwillrealizethesecuretelnetoninsecurenetwork: SupportRASauthentication. SupportencryptionalgorithmssuchasDES,3DESandAES128toencryptusernamepasswordanddatatransmission. Localconnection.ASSHchannelcouldbeestablishedbetweenSSHClientandSSHServertoachievelocalconnection.FollowingisafigureshowingtheestablishmentofaSSHchannelinLAN: WANconnection.ASSHchannelcouldbeestablishedbetweenSSHClientandSSHServertoachieveWANconnection.FollowingisafigureshowingtheestablishmentofaSSHchannelinWAN:
Fromtheleftnavigationpanel,selectAdministration/AdminAccess,thenenter“ManagementService”page,asshowninFigure3‐9.Figure3‐9ManagementService3.2.4AAAAAAaccesscontrolisusedtocontrolvisitorsandcorrespondingservicesavailableaslongasaccessisallowed.Samemethodisadoptedtoconfigurethreeindependentsafetyfunctions.Itprovidesmodularizationmethodsforfollowingservices: Authentication:verifywhethertheuserisqualifiedtoaccesstothenetwork. Authorization:relatedwithservicesavailable. Charging:recordsoftheutilizationofnetworkresources.。
UsermayonlyuseoneortwosafetyservicesprovidedbyAAA.Forexample,thecompanyjustwantsidentityauthenticationwhenemployeesareaccessingtosomespecifiedresources,thennetworkadministratoronlyneedstoconfigureauthenticationserver.Butifrecordingoftheutilizationofnetworkisrequired,then,achargingservershallbeconfigured.CommonlyAAAadopts“Client—Server”structurewhichisfeaturedbyfavorableexpandabilityandfacilitatescentralizedmanagementofusers’information,asthefollowingfigureshows:3.2.4.1RadiusRemoteAuthenticationDial‐inUserService(RADIUS),aninformationexchangeprotocolwithadistributiveClient/Serverstructure,couldpreventthenetworkfromanydisturbancefromunauthorizedaccessandisgenerallyappliedinvariousnetworkenvironmentswithhigherrequirementsonsecurityandthatpermitremoteuseraccess.TheprotocolhasdefinedtheRadiusframeformatbasedonUDPandinformationtransmissionmechanism,confirmedUDPPort1812astheauthenticationport.RadiusServergenerallyrunsoncentralcomputerorworkstation;RadiusClientgenerallyislocatedonNAS.InitiallyRadiusisdesignedanddevelopedagainstAAAprotocolofdial‐inusers.Alongwiththediversifieddevelopmentofuseraccessways,Radiusalsoadaptsitselftosuchchanges,includingEthernetaccessandADSLaccess.Accessserviceisrenderedthroughauthenticationandauthorization.MessageflowbetweenRadiusClientandServerisshownasfollows:
 UsernameandpassportwillbesenttotheNASwhentheuserlogsonit; RadiusClientonNASreceivesusernameandpasswordandthensendsanauthenticationrequesttoRadiusServer; Uponthereceptionoflegalrequest,RadiusServerexecutesauthenticationandfeedsbackrequireduserauthorizationinformationtoClient;Forillegalrequest,RadiusServerwillfeedbackAuthenticationFailedtoClient.Fromtheleftnavigationpanel,selectAdministration/AAA,thenenter“Radius”page,asshowninFigure3‐10.Figure3‐10RadiusPagedescriptionisshowninTable3‐2.Table3‐2RadiusDescriptionParameterDescriptionDefaultServerAddressServeraddress(domainname/IP)NonePortConsistentwiththeserverport1812KeyConsistentwiththeserverauthenticationkeyNone3.2.4.2Tacacs+Tacacs+,orTerminalAccessControllerAccessControlSystem,similartoRadius,adopts
Client/ServermodetoachievethecommunicationbetweenNASandTacacs+Server.But,Tacacs+adoptsTCPwhileRadiusadoptsUDP.Tacacs+ismainlyusedforauthentication,authorizationandchargingofaccessusersandterminalusersadoptingPPPandVPDN.Itstypicalapplicationisauthentication,authorizationandchargingforterminalusersrequiringloggingonthedevicetocarryoutoperation.AstheClient,thedevicewillhaveusernameandpasswordsenttoTacacs+Serverforverification.Solongasuserverificationpassedandauthorizationobtained,loggingandoperationonthedeviceareallowed.Fromtheleftnavigationpanel,selectAdministration/AAA,thenenter“Tacacs+”page,asshowninFigure3‐11.Figure3‐11Tacacs+PagedescriptionisshowninTable3‐3.Table3‐3Tacacs+DescriptionParametersDescriptionDefaultServerAddressServeraddress(domainname/IP)NonePortConsistentwiththeserverport49KeyConsistentwiththeserverauthenticationkeyNone3.2.4.3LDAPOneofthegreatadvantagesofLDAPisrapidresponsetousers’searchingrequest.Forinstance,user’sauthenticationwhichmaygeneralalargeamountofinformationsentasthesametime.Ifdatabaseisadoptedforthispurpose,sinceitisdividedintomanytables,eachtimetomeetsuch
asimplerequirement,thewholedatabasehastobesearched,integratedandfilteredslowlyanddisadvantageously.LDAP,simpleasatable,onlyrequiresusernameandcommandandsomethingelse.Authenticationismetfromefficiencyandstructure.Fromtheleftnavigationpanel,selectAdministration/AAA,thenenter“LDAP”page,asshowninFigure3‐12.Figure3‐12LDAPPagedescriptionisshowninTable3‐4.Table3‐4LDAPDescriptionParametersDescriptionDefaultName DefineservernameNoneServerAddressServeraddress(domainname/IP)NonePortConsistentwiththeserverportNoneBaseDNThetopofLDAPdirectorytreeNoneUsernameUsernameaccessingtheserverNonePasswordPasswordaccessingtheserverNoneSecurity Encryptionmod:None,SSL,StartTLSNoneVerifyPeer VerifyPeerUnopened3.2.4.4AAASettingsAAAsupportsfollowingauthenticationways: None:withgreatconfidencetousers,legalcheckomitted,generallynotrecommended. Local:Haveuser’sinformationstoredonNAS.Advantages:rapidness,costreduction.
Disadvantages:storagecapacitylimitedbyhardware. Remote:Haveuser’sinformationstoredonauthenticationserver.Radius,Tacacs+andLDAPsupportedforremoteauthentication.AAAsupportsfollowingauthorizationways: None:authorizationrejected. Local:authorizationbasedonrelevantattributionsconfiguredbyNASforlocaluser’saccount. Tacacs+:authorizationdonebyTacacs+Server. RadiusAuthenticationBased:authenticationbondedwithauthorization,authorizationonlybyRadiusnotallowed. LDAPAuthorization.Fromtheleftnavigationpanel,selectAdministration/AAA,thenenter“AAASetting”page,asshowninFigure3‐13.Figure3‐13AAAauthenticationPagedescriptionisshowninTable3‐5.Table3‐5AAASettingsKeyItemsKeyItemsDescriptionradiusAuthenticationandAuthorizationServertacacs+AuthenticationandAuthorizationServerldapAuthenticationandAuthorizationServerlocal Thelocalusernameandpassword
Authentication1shouldbesetconsistentlywithAuthorization1;Authentication2shouldbesetconsistentlywithAuthorization2;Authentication3shouldbesetconsistentlywithAuthorization3.Whenconfigureradius,Tacas+,localatthesametime,priorityorderfollow:1>2>3.3.2.5ConfigurationManagementHereyoucanbackuptheconfigurationparameters,importthedesiredparametersconfigurationbackupandrestorethefactorysettingsoftherouter.Fromtheleftnavigationpanel,selectAdministration/ConfigManagement,thenenter“ConfigManagement”page,asshownin3‐14.Figure3‐14ConfigurationManagementPagedescriptionisshowninTable3‐6.Table3‐6ConfigManagementDescriptionParametersDescriptionDefaultBackuprunning‐configBackuprunning‐configfiletohost.NoneBackupstartup‐configBackupstartup‐configfiletohost.NoneAutomaticallysavemodifiedconfigurationDecidewhethertoautomaticallysaveconfigurationaftermodifytheconfiguration.OnRestoreDefaultConfigurationRestorefactoryconfigurationNone
Whenimporttheconfiguration,thesystemwillfilterincorrectconfigurationfiles,andsavethecorrectconfigurationfiles,whensystemrestarts,itwillorderlyexecutethesesconfigurationfiles.Iftheconfigurationfilesdidn’tbearrangedaccordingtoeffectiveorder,thesystemwon’tenterthedesiredstate.Inordernottoaffectcurrentsystemrunning,whenperformingtheimportconfigurationandrestorethedefaultconfiguration,needtoreboottherouternewconfigurationwilltakeeffect.3.2.6SNMPDefinitionSNMP,orSimpleNetworkManagementProtocol,isastandardnetworkmanagementprotocolwidelyusedinTCP/IPnetworksandprovidesamethodofmanagingthedevicethroughtherunningthecentralcomputerofnetworkmanagementsoftware.FeaturesofSNMP: Simplicity:SNMPadoptspollingmechanism,providesthemostbasicsetsoffeaturesandcouldbeusedinsmall‐scale,rapid,lowcostenvironments.SNMP,withUDPmessageasthecarrier,issupportedbyagreatmajorityofdevices. Powerfulness:objectiveofSNMPistoensurethetransmissionofmanagementinformationbetweenanytwopointssoastofacilitateadministrator’sretrievalofinformationonanynodeonnetworkandmodificationandtroubleshooting.Benefits NetworkadministratorscouldmakeuseofSNMPtoaccomplishtheinformationquery,modification,troubleshootingandotherjobsonanynodeonnetworktoachievehigherefficiency. Shieldingofphysicaldifferencesbetweendevices.SNMPonlyprovidesthemostbasicsetsoffeaturesformutualindependencebetweenadministrationandthephysicalproperties,networktypesofdevicesunderadministration;therefore,itcouldrealizetheuniformmanagementofdifferentdevicesatalowercost.
 Simpledesign,lowercost.Simplicityisstressedonadditionofsoftware/hardware,typesandformatsofmessageondevicessoastominimizetheinfluenceandcostondevicescausedbyrunningSNMP.Application:managementofdeviceisachievedthroughSNMPAdministratorisrequiredtocarryoutconfigurationandmanagementofalldevicesinthesamenetwork,whicharescattered,makingonsitedeviceconfigurationimpracticable.Moreover,incasethatthosenetworkdevicesaresuppliedfromdifferentsourcesandeachsourcehasitsindependentmanagementinterfaces(forexample,differentcommandlines),theworkloadofbatchconfigurationofnetworkdeviceswillbeconsiderable.Therefore,undersuchcircumstances,traditionalmanualwayswillresultinlowerefficiencyathighercost.Atthattime,networkadministratorwouldmakeuseofSNMPtocarryoutremotemanagementandconfigurationofattacheddevicesandachievereal‐timemonitoring.FollowingisafigureshowinghowtomanagedevicesthroughSNMP:ToconfigureSNMPinnetworking,NMS,amanagementprogramofSNMP,shallbeconfiguredattheManager.Meanwhile,Agentshallbeconfiguredaswell.ThroughSNMP: NMScouldcollectstatusinformationofdeviceswheneverandwhereverandachieveremotecontrolofdevicesundermanagementthroughAgent. AgentcouldtimelysendcurrentstatusinformationtoNMSreportdevice.Incaseofanyproblem,NMSwillbenotifiedimmediately.
3.2.6.1SNMPSNMPagentofdevicesupportsSNMPv1,SNMPv2andSNMPv3atpresent. SNMPv1andSNMPv2adoptcommunitynametoauthenticate. SNMPv3adoptusernameandpasswordtoauthenticate.Fromtheleftnavigationpanel,selectAdministration/SNMP,thenenter“SNMP”page,asshowninFigure3‐15.Figure3‐1SNMPv1&SNMPv2cSettingsPagedescriptionisshowninTable3‐7.Table3‐7SNMPKeyItemsParametersDescriptionDefaultCommunityNameUserdefineCommunityNamePublicandprivateAccessLimitSelectaccesslimitRead‐onlyMIBView SelectMIBViewdefaultViewWhenchoosingSNMPv3version,thecorrespondingUseandUserGroupshouldbeconfigured.TheconfigurationpageisshowninFigure3‐16.
Figure3‐16SNMPv3SettingPagedescriptionisshowninTable3‐8.Table3‐8SNMPv3DescriptionParametersDescriptionDefaultGroupManagementGroupnameUserdefine,length:1‐32charatersNoneSecurityLevelIncludesNoAuth/NoPriv,Auth/NoPriv,Auth/privNoAuth/NoPrivRead‐onlyViewOnlysupportdefaultViewatpresentdefaultViewRead‐writeViewOnlysupportdefaultViewatpresentdefaultViewInformViewOnlysupportdefaultViewatpresentdefaultViewUserManagementUsernameUser‐definedusername,length:1‐32charactersNoneGroupNameSelectusertojoinusergroup,firstdefinedintheusergroupmanagementtable,beforethis,selectappropriateusergroupNoneAuthenticationModeSelectauthenticationmode.MD5andSHAprovidestwoauthenticationmodes,“noidentification"notenableauthentication.SHAAuthenticationpasswordWhenonlyauthenticationmodeisnot"noidentification",authenticationpasswordcanenter.Length:8‐32characters.NoneEncryptionmodeChoosewhethertouseDESencryptionmodeDES
EncryptionPasswordOnlyencryptionmodeisnot"noencryption",encryptionmodepasswordcanenter.Length:8‐32characters.None3.2.6.2SnmpTrapSNMPtrap:AcertainportwheredevicesunderthemanagementofSNMPwillnotifySNMPmanagerratherthanwaitingforpollingfromSNMPmanager.InNMS,AgentsinmanageddevicescouldhaveallerrorsreportedtoNMWatanytimeinsteadofwaitingforpollingfromNMWafteritsreceptionofsucherrorswhich,asamatteroffact,arethewell‐knownSNMPtraps.Fromtheleftnavigationpanel,selectAdministration/SNMP,thenenter“SnmpTrap”page,asshowninFigure3‐17.Figure3‐17SnmpTrapPagedescriptionisshowninTable3‐9.Table3‐9SnmpTrapDescriptionParametersDescriptionDefaultHostAddressFillintheNMSIPaddressNoneSecurtiyNameFillinthegroupnamewhenusetheSNMPv1/v2c;FillintheusernamewhenusetheSNMPv3.Length:1‐32charactersNoneUDPPort FillinUDPport,thedefaultportrangeis1‐655351623.2.7AlarmAlarmfunctionisawaywhichisprovidedforuserstogetexceptionsofdevice,whichcanmake
theusersfindandsolveexceptionsassoonaspossible.Whenabnormalityhappened,devicewillsendalarm.Usercanchoosemanykindsofexceptionswhichsystemdefinedandchooseappropriatenoticewaytogettheseexceptions.Alltheexceptionsshouldberecordedinalarmlogsothatusertroubleshootproblem.Alarmcanbedivided: Raise:Indicatesthealarmoccurrencehasnotbeenconfirmed. Confirm:Alarmindicatesthatausercannottemporarysolve. All:Indicatesallalarmsoccur.Alarmlevelcanbedivided: EMERG:Deviceoccurssomefaults,itcouldleadtothesystemrestart. CRIT:Deviceoccurssomefaultswhichareunrecoverable. WARN:Deviceoccurssomefaultswhichcouldaffectsystemfunction. NOTICE:Deviceoccurssomefaultswhichcouldaffectsystemproperties. INFO:Deviceoccurssomenormalevents.3.2.7.1AlarmStatusFromtheleftnavigationpanel,selectAdministration/Alarm,thenenter“AlarmState”page,asshowninFigure3‐18.Throughthispage,youcancheckallthealrmssincetherouterispowered. Click<ClearAllAlarms>tosetallthealarmto“clear”state. Click<ConfirmAllAlarms>tosetallthealarmto“cconfirm”state. Click<Reload>toreloadallthealarms.Figure3‐18AlarmStatus
3.2.7.2AlarmInputHereusercouldselectalarmtypesincludingsystemalarmandportalarm.Oneormorethanonetypescouldbeselected.Fromtheleftnavigationpanel,selectAdministration/Alarm,thenenter“AlarmInput”page,asshowninFigure3‐19.Figure3‐19AlarmInput3.2.7.3AlarmOutputWhenanalarmhappens,thesystemconfiguredwiththisfunctionwillsendthealarmcontenttointendedemailaddressfromthemailaddresswhereanalarmemailissentinaformofemail.Generallythisfunctionisnotconfigured.Fromtheleftnavigationpanel,selectAdministration/Alarm,thenenter“AlarmOutput”page,asshowninFigure3‐20.
Figure3‐20AlarmOutputPagedescriptionisshowninTable3‐10.Table3‐10AlarmOutputDescriptionParametersDescriptionDefaultMailServerIP/NameSetIPaddressofMailServerthatsendalarmemails NoneMailServerPortSetPortofMailServerthatsendalarmemails25AccountName SetEmailaddressfromwhichalarmemailsaresentNoneAccountPassword SetEmailpassword NoneCryptSetthecryptmethodNoneEmailAddressesDestinationaddressofreceivingalarmemail(1‐10)NoneWhentheemailparametershadbeenconfigured,youshouldclickthe“sendtestemail”buttonsothatensuretheconfigurationiscorrect.Ifthetestemailfailed,itmaythenetworkconfigurationormailboxconfigurationisnotcorrect.
3.2.7.4AlarmMapAlarmMapconsistsoftwomappingways:CLI(consoleinterface)andEmail.Incaseoflatteroneisselected,andthenalarmoutputshallbeactivatedwithanemailaddresswellconfigured.Fromtheleftnavigationpanel,selectAdministration/Alarm,thenenter“AlarmMap”page,asshowninFigure3‐21.Figure3‐21AlarmMap3.2.8SystemLogSystemLogincludesmassiveinformationaboutnetworkanddevices,includingoperatingstatus,configurationchangesandsoon,servingasanimportantwayfornetworkadministratortomonitorandcontroltheoperationofnetworkanddevices.SystemLogcouldprovideinformationtohelpnetworkadministratortofindnetworkproblemsorsafetyhazardsoastotakemoretargetedmeasures.3.2.8.1SystemLogFromtheleftnavigationpanel,selectAdministration/Log,thenenter“SystemLog”page,asshowninFigure3‐22.
Figure3‐22SystemLogWhendownloadsystemlog,routersettingswillalsobedownloaded.3.2.8.2SystemLogSettingsOn“SystemLogSettings”,remotelogservercouldbeset.Routerwillhaveallsystemlogssenttoremotelogserverdependingonremotelogsoftware(forexample:KiwiSyslogDaemon).Fromnavigationpanel,selectAdministration/Log,thenenter“SystemLog”page,asshowninFigure2‐23.Figure3‐23SystemLogSettingsPagedescriptionisshowninTable3‐11.Table3‐11SystemLogSettingsDescriptionParametersDescriptionDefaultLogtoRemoteSystemOpen/closeremotelogfunctionCloseIPAddress/Port(UDP)Setremoteserver’sIPaddress/PortNone/514LogtoConsoleOpen/closeconsolelogfunctionOpen
3.2.8.3KiwiSyslogDaemonKiwiSyslogDaemonisakindoffreelogserversoftwareusedinWindows,whichcouldreceive,recordanddisplaylogsformedwhenpoweringonthehostofsyslog(forexample,router,exchangeboard,Unixhost).AfterdownloadingandinstallationofKiwiSyslogDaemon,configurenecessaryparameterson“File>>Setup>>Input>>UDP”.3.2.9SystemUpgradingFromnavigationpanel,selectAdministration/Upgrade,thenenter“Upgrade”page,asshowninFigure3‐24.Figure3‐24SystemUpgradingClick<Browse>toupgradedocumentsandthenclick<Upgrade>tostart.Thewholeprocesstakesabout1min,uponthecompletionofwhich,restarttherouterandnewfirmwaretakeseffect.Softwareupgradetakestime,duringwhich,pleasedonocarryoutanyoperationonWeb,otherwise,interruptionmaytakeplace.Upgradeconsistsoftwostages:firststage:read‐inofupgradedocumentintobackupfirmwarezone,asdescribedinSectionofSystemUpgrade;secondstage:copyofdocumentsinbackupfirmwarezoneintomainfirmwarezone,whichmaybeexecutedinsystemreboot.
3.2.10RebootFromnavigationpanel,selectAdministration/Reboot,thenenter“Reboot”page,asshowninFigure3‐25.Click<Yes>torebootthesystem.Figure3‐25RebootPleasesavetheconfigurationsbeforereboot,otherwisetheconfigurationsthatarenotsavedwillbelostafterreboot.3.2.11CloudPlatformCloudplatformisthroughsoftwareplatformtomanagedevices.Afterenablingcloudplatform,itcanoperatethedevicemanagementthroughsoftwareplatformthatenablesnetwork‐efficientrunning.Forexample,queryequipmentrunningstatus,updatethedevicesoftware,rebootthedevice,andsendconfigurationparameterstotheequipment,etc.,mayalsosendcontrolorquerymessagetothedevicethroughthecloudplatform.3.2.11.1CloudPlatformFromnavigationpanel"Administration>>DeviceManagementCloud"menu,enterthe"CloudPlatform"screen,asshowninFigure3‐26.
Figure3‐26CloudPlatformPagedescriptionisshowninTable3‐12.Table3‐12CloudPlatformDescriptionParametersDescriptionDefaultServer SetcloudplatformIPaddress nonePortSettingcloudplatformportnumbernone3.2.11.2MOTTClientFromnavigationpanel“Administration>>DeviceManagementCloud"menu,enterthe"MOTTClient"screen,asshownbelow.
3.2.12ScheduledTasksFromnavigationpanel,selectAdministration>>ScheduleManagement,thenenter“ScheduleManagement”page,asshowninFigure3‐27.Figure3‐27ScheduleManagement3.3Network3.3.1CellularSIMcarddialoutthroughDialInterface,achieverouterWi‐Ficapabilities.
Dialinterfacesupportsthreeconnections:always‐on,on‐demanddialingandmanualdialing.3.3.1.1StatusFromnavigationpanel,selectNetwork>>Cellular,thenenter“Status”page,asshowninFigure3‐28.Figure3‐28Status3.3.1.2CellularInthe"Cellular"page,youcancompletethewirelessdialconfiguration.Fromnavigationpanel,selectNetwork>>Cellular,thenenter“Cellular”page,asshowninFigure3‐29‐1.
Figure3‐29‐1CellularAdvancedoptionsareshowninFigure3‐29‐2.Figure3‐29‐2CellularAdvancedoptionsPagedescriptionisshowninTable3‐13.Table3‐13CellularPageDescriptionParametersDescriptionDefaultProfileDialpolicychoices,donotneedtoconfigurehere1RoamingSelectroamingEnablePINCodeSIMcardPINcodeNoneNetworkSelectionModeThreeoptions:Automatic,2Gand3GAuto
StaticIPClickEnable(Enablerequireoperatorstoopenrelatedservices)OffConnectionAlternativelyalwaysonline,on‐demanddial(allowsdataactivation,phoneactivation,SMSactivation),manualdialingAlwaysonlineRedialIntervalwhensettingupthelandingfails,redialinginterval10secICMPdetectionserverDetectremoteIPaddressNoneICMPdetectionintervalSetICMPdetectioninterval30secICMPdetectiontimeoutSetICMPdetectiontimeout5secICMPdetectionmaximumnumberofretriesSetmaximumnumberofretrieswhenICMPdetectionfails(Re‐dialafterreachingthemaximumnumber)5ICMPstrictdetectionClickEnableOffDialparametersIndexUser‐defined,generallyintheorderdefinedbydigital.NoneNetworkMobilenetworktypeusedforselectingGSMAPN(CDMA2000seriesdoesnotsetthis)Mobileoperatorstoprovidetherelevantparameters(accordingtolocaloperatorschoose)3gnetDialNumberMobileoperatorstoprovidetherelevantparameters(accordingtolocaloperatorschoose)*99***1#UserNameMobileoperatorstoprovidetherelevantparameters(accordingtolocaloperatorschoose)gprsPasswordMobileoperatorstoprovidetherelevantparameters(accordingtolocaloperatorschoose)******ClickEnableShowAdvancedOptions(thefollowingaretherelevantparameterstoconfigureaftertheadvancedoptionsturnon)InitiaCommandsUsedtosetadvancednetworkparameters,generallydonotneedtofillinNoneRSSIPollIntervalSetsignalqueryinterval120secDialtimeoutSetdialtimeout(afterdialingtimeoutthesystemwillredial)120secMTUSetsthemaximumtransmissionunitinbytes1500MRUSettingmaximumreceivingunitinbytes1500EnabledefaultasyncmapClickEnabledefaultasyncmapDisableUseassignedDNSserverClicktoenabletoacceptassignedDNSbymobileoperators.EnableConnectiondetectionintervalSetconnectiondetectioninterval55secConnectionDetectionmaximumnumberofretriesSetmaximumnumberofretrieswhenconnectiondetectionfails(Re‐dialafterreachingthemaximumnumber)5EnabledebugmodeThesystemcanprintamoredetailedlogEnable
ExpertOptionsProvideadditionalPPPparameters,usersgenerallydonotsetNone3.3.2WLANInterface(2.4G)WLANorWirelessLAN,isquiteconvenientdatatransmissionsystem,whichusesradiofrequency(RadioFrequency;RF)technology,toreplacetheoldoutofthewayoftwistedcopper(Coaxial)localareanetworkcomposedofsuchawirelesslocalareanetwork,canbeaccessedusingasimplearchitectureallowsuserstothroughit,to"carryinformationtechnologytofacilitatetraveltheworld,"theidealstate.3.3.2.1StatusFromnavigationpanel,selectNetwork/WLAN(2.4G),enter“Status”page,asshowninFigure3‐30.Figure3‐30WLAN(2.4G)Status3.3.2.2WLAN(2.4G)WLANinterfacehasaccesspointandclienttwotypes.Fromnavigationpanel,select"Network/WLAN(2.4G)"menu,enter"WLAN(2.4G)"page.Interfacetypeusingthe"accesspoint",asshowninFigure3‐31‐a;interfacetypeusingthe"client",asshowninFigure3‐31‐b.
Figure3‐31‐aWLAN(2.4G)‐AccessPointPagedescriptionisshowninTable3‐14‐a.Table3‐14‐aAccessPointDescriptionParametersDescriptionDefaultMultipleSSIDClickEnable,enabledreusablecustom3SSIDDisableSSIDBroadcastOpen"SSIDBroadcast",usercansearchwirelessnetworkthroughSSIDname.EnableRFTypeSixtypesOptional:802.11g/n,802.11g,802.11n,802.11b,802.11b/g,802.11b/g/n802.11g/nChannel Selectchannel11SSIDUser‐definedSSIDnameWIFUN10503000AuthenticationFourauthenticationmodesavailable:Open,Shared,WPA‐PSKandWPA2‐PSKOpenEncryptionAccordingtothedifferentauthenticationmethods,NONE
supportNONE,WEP40andWEP104WirelessBandwidthTwooptions:20MHzand40MHz20MHzMaximumNumberofClients User‐defined(upto128)NoneFigure3‐31‐bWLAN(2.4G)‐ClientPagedescriptionisshowninTable3‐14‐b.Table3‐14‐bClientInterfaceDescriptionParametersDescriptionDefaultSSIDFillintheSSIDnametoconnectNoneAuthenticationSSIDauthenticationmethodOpenEncryptionSSIDencryptionmethodNONEWhentheWLANissetasClientmode,refertothefollowing3steps:Step1:select"Network/Cellular"menu,enter"Cellular"page,anddisableCellularfunction.Iftherouterdoesnothavecelluarmodule,skipthisstepandgotostep2.Step2:select"Network/WLAN(2.4G)"menu,enter"WLAN(2.4G)"pageandchoose“Client”toconfigurerelatedparametersasshowninFigure3‐31‐b.Step2:select"Network/WLAN(2.4G)"menu,enter"IPSetup"pagetoconfigureIPparametersasshownin3.3.2.3IPSetup.
3.3.2.3IPSetupWLANinterfaceIPaddresssupportmultipleIP,itcanbesetaccordingtodemand,butuptomorethan10.Fromnavigationpanel,select"Network/WLAN(2.4G)"menu,enter"IPSetup"page,asshowninFigure3‐32.Figure3‐32WLAN(2.4G)IPSetup3.3.2.4SSIDScanWLANinterfaceselectsclient(Section3.3.2.2WLANInterface(2.4G)),SSIDscanningfunctionstarts.Fromnavigationpanel"Network/WLAN(2.4G)"menu,enter"SSIDScan"page,willdisplayalltheavailableSSIDnames,andthedisplayWIFUN1050canbeconnectedasaclientstate.3.3.3WLANInterface(5.8G)3.3.3.1StatusFromnavigationpanel,selectNetwork/WLAN(5.8G),enter“Status”page,asshowninFigure3‐34.
Figure3‐34WLAN(5.8G)Status3.3.3.2WLAN(5.8G)WLANinterfacehasaccesspointandclienttwotypes.Fromnavigationpanel"Network/WLAN(5.8G)"menu,enter"WLAN(5.8G)"page.Interfacetypeusingthe"accesspoint",asshowninFigure3‐35‐a;interfacetypeusingthe"client",asshowninFigure3‐35‐b.
Figure3‐35‐aWLANinterface(5.8G)‐AcessPointPagedescriptionisshowninTable3‐15‐a.Table3‐15‐aAcessPointDescriptionParametersDescriptionDefaultMultipleSSIDClickEnable,enabledreusablecustom3SSIDDisableSSIDBroadcastOpen"SSIDBroadcast",usercansearchwirelessnetworkthroughSSIDname.EnableRFTypeSixtypesOptional:802.11g/n,802.11g,802.11n,802.11b,802.11b/g,802.11b/g/n802.11g/nChannel Selectchannel11SSIDUser‐definedSSIDnameWIFUN1050AuthenticationFourauthenticationmodesavailable:Open,Shared,WPA‐PSKandWPA2‐PSKOpenEncryptionAccordingtothedifferentauthenticationmethods,supportNONE,WEP40andWEP104NONEWirelessBandwidthTwooptions:20MHzand40MHz20MHzMaximumNumberofClients User‐defined(upto128)None
Figure3‐35‐bWLANinterface(5.8G)‐ClientPagedescriptionisshowninTable3‐15‐b.Table3‐15‐bWLANinterface(5.8G)DescriptionParametersDescriptionDefault5GprioritySelectEnable DisableSSIDSSIDnametoconnectNoneAuthenticationSSIDauthenticationmethodOpenEncryptionSSIDencryptionmethodNONEWhentheWLANissetasClientmode,refertothefollowing3steps:Step1:select"Network/Cellular"menu,enter"Cellular"page,anddisableCellularfunction.Iftherouterdoesnothavecelluarmodule,skipthisstepandgotostep2.Step2:select"Network/WLAN(5.8G)"menu,enter"WLAN(5.8G)"pageandchoose“Client”toconfigurerelatedparametersasshowninFigure3‐35‐b.Step2:select"Network/WLAN(5.8G)"menu,enter"IPSetup"pagetoconfigureIPparametersasshownin3.3.3.3IPSetup.3.3.3.3IPSetupWLANinterfaceIPaddresssupportmultipleIP,itcanbesetaccordingtodemand,butuptomorethan10.Fromnavigationpanel,selectNetwork/WLAN(5.8G),enter"IPSetup"page,asshowninFigure3‐36.
Figure3‐36WLAN(5.8G)IPSetup3.3.3.4SSIDScanWLANinterfaceselectsclient(Section3.3.3.2WLANInterface(5.8G)),SSIDscanningfunctionstarts.Fromnavigationpanel"Network/WLANinterface(5.8G)"menu,enter"SSIDScan"page,willdisplayalltheavailableSSIDnames,andthedisplayWIFUN1050canbeconnectedasaclientstate.3.3.4CaptivePortalCaptiveportalisWebpagethatusermustvisitandinteractwithbeforegrantedaccesstopublicaccessnetwork.CaptiveportalusuallyoffersfreeWi‐FihotspotservicestoInternetusersincommercialcenters,airports,hotellobbies,cafesandotherpublicplacestouse.Fromnavigationpanel"Network/captiveportal"menu,enterthe"captiveportal"page.AsshowninFigure3‐38.
Figure3‐38CaptivePortalPagedescriptionisshowninTable3‐16.Table3‐16CaptivePortalDescriptionParametersDescriptionDefaultLANInterfaceCaptiveportallocalinterfacedotllradio1WANInterfaceExternalnetworkadaptercellular1SplashedHomePage PushHometocustomerswifi.goAuthenticationServerUserauthenticationserverIPaddressforuserloginauthenticationNone:80ForceReloginPeriod Forceusertore‐loginNoneSilentUserAutomaticLogoffUserautomaticlogoffwhennoflow5ClientFairnessUsedinconjunctionwiththespeedfunctionEnableSpeedLimitWificlienttrafficrestrictionsNoneKnownUsersAccessControlAuthenticateduseraccesscontroltwooptionals:blacklistandwhitelistmode.BlacklistTrustedMACAddressesListIDSerialnumberNoneMACAddressMACaddressauthentication‐freeuserNoneGlobalwhitelistIDSerialnumberNoneDomain/IPaddressorIPthatcanbeaccessedwithoutauthenticationNoneAuthenticatedusersblacklistIDSerialnumberNoneDomain/IPRestrictauthenticateduserstoaccessnetwork,thatiscannotbeaccessedbyauthenticateduserstoNone
blacklistaddressesorIP3.3.5DHCPserviceAlongwiththecontinuousexpansionofnetworksizeandcomplicationofnetwork,numberofcomputersoftenexceedsdistributableIPaddresses.Meanwhile,inpacewiththeextensiveapplicationofportabledevicesandwirelessnetwork,positionofcomputerchangesfrequently,resultingtothefrequentupgradeofIPaddress,leadingtoamoreandmorecomplicatednetworkconfiguration.DHCP(DynamicHostConfigurationProtocol)isaproductforsuchdemands.DHCPadoptsClient/Servercommunicationmode.ClientsendsconfigurationrequesttoServerwhichfeedsbackcorrespondingconfigurationinformation,includingdistributedIPaddresstotheClienttoachievethedynamicconfigurationofIPaddressandotherinformation.IntypicalapplicationsofDHCP,generallyoneDHCPServerandanumberofClients(PCandPortableDevices)areincluded,asthefollowingfigureshows:WhenDHCPClientandDHCPServerareindifferentphysicalnetworksegment,ClientcouldcommunicatewithServerthroughDHCPRelaytoobtainIPaddressandotherconfigurationinformation,asthefollowingfigureshows:
3.3.5.1StatusFromnavigationpanel,selectNetwork/DHCP,thenenter“Status”page,asshowninFigure3‐39.Figure3‐39DHCPStatus3.3.5.2DHCPServerThedutyofDHCPServeristodistributeIPaddresswhenWorkstationlogsonandensureeachworkstationissuppliedwithdifferentIPaddress.DHCPServerhassimplifiedsomenetworkmanagementtasksrequiringmanualoperationsbeforetothelargestextent.Fromnavigationpanel,selectNetwork>>DHCP,thenenter“DHCPServer”page,asshowninFigure3‐40.
Figure3‐40DHCPServerPagedescriptionisshowninTable3‐17.Table3‐17DHCPServerDescriptionParametersDescriptionDefaultEnableOn/OffOffInterfacedot11radio1dot11radio1StartingAddressDynamicaldistributionofstartingIPaddressN/AEndingAddressDynamicaldistributionofendingIPaddressN/ALeaseDynamicaldistributionofIPvalidity1440DNSServerOneortwo,orNoneN/AWINSSetupofWINS,generallyleftblankN/AStaticIPSetupMACAddressSetupastaticspecifiedDHCP’sMACaddress(differentfromotherMACstoavoidconfliction)0000.0000.0000IPAddressSetupastaticspecifiedIPaddress(withinthescopefromstartIPtoendIP)N/AIfthehostconnectedwithrouterchoosestoobtainIPaddressautomatically,thensuchservicemustbeactivated.StaticIPsetupcouldhelpacertainhosttoobtainspecifiedIPaddress.
3.3.5.3DHCPRelayGenerally,DHCPdatapacketisunabletobetransmittedthroughrouter.Thatistosay,DHCPServerisunabletoprovideDHCPservicesfortwoormoredevicesconnectedwitharouterremotely.ThroughDHCPrelay,DHCPrequestsandresponsedatapacketcouldgothroughmanyrouters(BroadbandRouter).Fromnavigationpanel,selectNetwork/DHCP,thenenter“DHCPRelay”page,asshowninFigure3‐41.Figure3‐41DHCPRelayPagedescriptionisshowninTable3‐18.Table3‐18DHCPRealyDescriptionParametersDescriptionDefaultEnableOn/OffOffDHCPSeverSetDHCPserver;upto4serverscanbeconfiguredN/ASourceIPAddressoftheinterfaceconnectedtotheDHCPserverN/A3.3.5.4DHCPClientFromnavigationpanel,selectNetwork/DHCP,thenenter“DHCPClient”page,byclickingtoenable,chooseSSIDinterface,asshowninFigure3‐42.
Figure3‐42DHCPClient3.3.6DNSServicesDNS(DomainNameSystem)isaDDBusedinTCP/IPapplicationprograms,providingswitchbetweendomainnameandIPaddress.ThroughDNS,usercoulddirectlyusesomemeaningfuldomainnamewhichcouldbememorizedeasilyandDNSServerinnetworkcouldresolvethedomainnameintocorrectIPaddress.Thedevicesupportstoachievefollowingtwofunctionsthroughdomainnameserviceconfiguration: DNSServer:fordynamicdomainnameresolution. DNSrelay:thedevice,asaDNSAgent,relaysDNSrequestandresponsemessagebetweenDNSClientandDNSServertocarryoutdomainnameresolutioninlieuofDNSClient.
3.3.6.1DNSServerDomainNameServer:DNSstandsforDomainNameSystem.ItisacoreserviceoftheInternet.AsadistributeddatabasethatcanletthedomainnamesandIPaddressesmappingtoeachother,itallowspeopletomoreconvenientlyaccesstotheInternetwithouttheneedtomemorizetheIPstringthatcanbedirectlyreadbythecomputer.Fromnavigationpanel,selectNetwork/DNS,thenenter“DNSServer”page.InmanualsetupofDNSServer,ifitisblank,thendialtoobtainDNS.GenerallythisitemisrequiredtobesetwhenWANportusesstaticIP,asshowninFigure3‐43.Figure3‐43DNSServerPagedescriptionisshowninTable3‐19.Table3‐19DNSServerDescriptionParametersDescriptionDefaultPrimaryDNSUserdefinePrimaryDNSaddress N/ASecondaryDNSUserdefineSecondaryDNSaddressN/A3.3.6.2DNSRelayDNSforwarding:DNSforwardingisopenbydefault.Youcansetthespecified[DomainName<=>IPAddress]toletIPaddressmatchwiththedomainname,thusallowingaccesstotheappropriateIPthroughaccessingtothedomainname.Fromnavigationpanel,selectNetwork/DNS,thenenter“DNSRelay”page,asshownin3‐44.
Figure3‐44DNSRelayPagedescriptionisshowninTable3‐20.Table3‐20DNSDelayDescriptionParametersDescriptionDefaultEnableDNSRelay On/OffOnHostDomainNameN/AIPAddress1SetIPAddress1N/AIPAddress2SetIPAddress2N/AOnceDHCPisturnedon,DNSrelaywillbeturnedonasdefaultandcan’tbeturnedoff;toturnoffDNSrely,DHCPServerhastobeclosedfirstly.3.3.7SMSSMSpermitsmessage‐basedrebootandmanualdialing.Fromnavigationpanel,selectNetwork/SMS,thenenter“Basic”page.ConfigurePermitactiontoPhoneNumberandclick<Apply&Save>.Afterthatyoucansend“reboot”commandtorestartthedeviceor“cellular1pppup/down”toredialordisconnectthedevice,asshowninFigure3‐45.
Figure3‐45SMSPagedescriptionisshowninTable3‐21.Table3‐21SMSDescriptionParametersDescriptionDefaultEnableOn/OffOffModeTEXTandPDUTEXTPollInterval UserdefinePollInterval 120SMSAccessControlIDUserdefineID1Action Permitandrefuseareavailable PermitPhoneNumber TrustingphonenumberN/A3.3.8VLANInterfaceVLAN(VirtualLocalAreaNetwork)dividesLANdevicelogicallyintooneandanothernetworksegment,enableemergingdataexchangetechnologyofvirtualworkgroups.3.3.8.1VLANConfigurationFromnavigationpanel"Network/VLAN"menu,enter"ConfigureVLANParameters"page,click<Add>buttontoaddtheVLAN,asshowninFigure3‐46.
Figure3‐46ConfigureVLANParametersPagedescriptionisshowninTable3‐22.Table3‐22ConfigureVLANParametersDescriptionParametersDescriptionDefaultVLANIDVLANID,User‐definedNoneVLANInterfacePrimaryIPAddressIPaddressUserscanconfigureorchangetheprimaryIPaddressneededNoneSubnetMaskUserscanconfigureorchangethesubnetmaskifnecessarySecondaryIPAddressIPaddressInadditiontoprimaryIP,usercanalsoconfigure10SecondaryIPaddressesNoneSubnetMaskUserscanconfigureorchangethesubnetmaskifnecessary3.3.8.2VLANAggregationFromnavigationpanel"Network/VLAN”menu,enter"VLANTrunk"page,setVLANportmodeforWIFUN1050,themodecanbesettoAccessorTrunk,asshowninFigure3‐47.
Figure3‐47VLANTrunk3.3.9ADSLDialup(PPPoE)PPPoEisPointtoPointProtocoloverEthernet.Usersneedwhilemaintainingtheoriginalaccess,installaPPPoEclient.ThroughPPPoE,aremoteaccessdevicecanrealizecontrolandaccountingofeachaccessuser.EthernetinterfaceconnectionmodeyouconfigurehereisPPPoE,namelytheinterfaceasPPPoEclient.Fromnavigationpanel"Network/ADSLDialup(PPPoE)"menu,enter"ADSLDialup(PPPoE)"page,asshowninFigure3‐48.
Figure3‐48PPPoEPagedescriptionisshowninTable3‐23.Table3‐23PPPoEDescriptionParametersDescriptionDefaultDialPoolUser‐defined,easytorememberandmanageNoneInterface SelectFastethernet0/1orFastethernet0/2Fastethernet0/1PPPoEListIDUser‐defined,easytorememberandmanage1PoolIDDialpoolIndexNoneAuthenticationTypeThreeoptions:Auto,PAP,CHAPAutoUserNameRelevantparametersprovidedbypeeroperatorNonePassword RelevantparametersprovidedbypeeroperatorNoneLocalIPAddressAssignedIPaddresstoEthernetinterfaceNoneRemoteIPAddressRemoteIPaddressNone3.3.10LoopbackInterfaceLoopbackisusedtorepresentrouterID,becauseifyouuseactiveinterface,whenactivityinterfaceDOWN,routerIDissubjecttore‐selection,thatwouldcauseOSPFconvergencetimeslow,thusloopbackinterfaceisgenerallyusedasarouterID.
Loopbackinterfaceislogicalandvirtualinterfaceonrouters.Nodefaultrouterloopbackinterface.Youcancreateanynumberofloopbackinterfacesasneeded.Theseinterfacesonroutertreatedlikephysicalinterface:Youcanassignthemaddressinginformation,includingtheirchoicetoupdatethenetworknumberinrouters,oreventerminateIPconnectiononthem.Fromnavigationpanel"Network/LoopbackInterface"menu,enter"loopback"page,showninFigure3‐49.Figure3‐49LoopbackPagedescriptionisshowninTable3‐24.Table3‐24LoopbackInterfaceDescriptionParametersDescriptionDefaultIPAddressUsercannotchange.127.0.0.1SubnetMaskUsercannotchange.255.0.0.0Multi‐IPsettingsInadditiontotheaboveIP,useralsocanbeequippedwithotherIPaddressesNoneSinceloopbackinterfaceisexclusiveofoneIPaddress,subnetmaskisgenerallyrecommendedto255.255.255.255,tosaveresources.
3.3.11DynamicDomainNameDDNSDynamicDomainNameServiceismappinguserdynamicIPaddresstoafixeddomainnameresolutionservices,whenuserconnecttothenetwork,clientprogramwillpassdynamicIPaddressofthehostthroughinformationtransfertoserverprogramonthehostofserviceproviders,theserverprogramisresponsibleforprovidingDNSserviceandrealizingdynamicdomainnameresolution.Thatis,DDNStocapturechangeableIPaddress,thencorrespondingwithdomainname,sothatotherInternetuserscancommunicatethroughthedomainname.Andallfinalcustomerstoremember,istorememberthedynamicdomainnamegivenbysuppliers,withouthavingtopipehowtheyareimplemented.DDNSfunctionasDDNSclienttools,weneedtoworkwithDDNSserver.Beforeusingthisfeature,youneedfirsttofindcorrespondingsitessuchas(www.3322.org)andapplyforregistrationofadomainname.DDNSservicetypeinclude:DynAccess,QDNS(3322)‐Dynamic,QDNS(3322)‐Static,DynDNS‐Dynamic,DynDNS‐StaticandNoIP.Fromnavigationpanel"Network/DDNS"menu,enter"DDNS"page.Setdynamicbindingdomain.AsshowninFigure3‐50.Figure3‐50DynamicDomainNamePagedescriptionisshowninTable3‐25.Table3‐25DynamicDomainNameDescriptionParametersDescriptionDefault
MethodUser‐definedNoneServiceTypeSelectdynamicdomainnameserviceprovidersDisableUserNameApplyregistrationDDNSusernameNonePassword ApplyregistrationDDNSusernameNoneHost ApplyregistrationDDNShostNoneSpecifiedInterfaceUpdateMethodDefineddynamicdomainupdatemethod NoneIfIProuterdialobtainaprivateaddress,dynamicDNSfunctionisnotavailable.3.3.12BridgeInterfaceFromnavigationpanel"Network/Bridge"menu,enter"Bridge1"page,setrelatedparameters,asshowninFigure3‐51.Figure3‐51Bridge1PagedescriptionisshowninTable3‐26.Table3‐26EthernetInterfaceParameterDescription
ParametersDescriptionDefaultBridgeIDBridgenumbercanonlybeassignedto1NoneBridgeInterfaceIPaddressandsubnetmaskofprimaryaddressConfigureorchangetheprimaryIPaddressandsubnetmaskasneeded.NoneIPaddressandsubnetmaskofsecondaryaddressInadditiontoprimaryIPfromoutside,clientsalsocanbeequippedwithsecondaryIPaddressandsubnetmaskNoneBridgeMemberClickenablebridgeinterfaceNone3.4LinkBackup3.4.1SLABasicConceptsandPrinciplesUndernormalcircumstances,theedgeroutercandetectifthelinklinkedtotheISPisinfault.IfthenetworklinkingtooneISPisinfault,anotherISPwillbeusedtotransmitallthedatastreams.However,ifthelinkofanISPisnormalandtheinfrastructurefails,theedgerouterwillcontinuetousethisroute.Then,thedataisnolongerreachable.Onefeasiblesolutionistousingstaticroutingorpolicy‐basedroutingtofirsttestthereachabilityofimportantdestination.Ifitisunreachable,thestaticroutingwillbedeleted.ThereachabilitytestcanbeperformedwithInHandSLAtocontinuouslycheckthereachabilityofISPandbeassociatedwithstaticrouting.BasicprinciplesofInHandSLA:1.Objecttrack:Trackthereachabilityofthespecifiedobject.2.SLAprobe:TheobjecttrackfunctioncanuseInHandSLAtosenddifferenttypesofdetectionstotheobject.3.Policy‐basedroutingusingroutemappingtable:Itassociatesthetrackresultswiththeroutingprocess.4.Usingstaticroutingandtrackoptions.SLAConfigurationStepsStep1:DefineoneormoreSLAoperations(detection).Step2:DefineoneormoretrackobjectstotrackthestatusofSLAoperation.Step3:Definemeasuresassociatedwithtrackobjects.Fromnavigationpanel,selectLinkBackup>>SLA,thenenter“SLA”page,asshowninFigure
3‐52.Figure3‐52SLAPagedescriptionisshowninTable3‐27.Table3‐27SLADescriptionParametersDescriptionDefaultIndexSLAindexorID1TypeDetectiontype,defaultisicmp‐echo,theusercannotchange icmp‐echoIPAddressDetectedIPaddressNoneDataSize Userdefinedatasize 56Interval Userdefinedetectioninterval 30Timeout(ms)Userdefine,Timeoutfordetectiontofail5000ConnecutiveDetectionretries5LifeDefaultis“forever”,usercannotchange foreverStart‐timeDetectionStart‐time,select“now”orNonenow3.4.2TrackModuleTrackisdesignedtoachievelinkageconsistingofapplicationmodule,Trackmoduleandmonitoringmodule.Linkagereferstoachievethelinkageamongstdifferentmodulesthroughtheestablishmentoflinkageitems,namely,themonitoringmodulecouldtriggerapplicationmoduletotakeacertainactionthroughTrackmodule.Monitoringmoduleisresponsiblefordetectionoflinkstatus,networkperformanceandnotificationtoapplicationmoduleofdetectionresultsviaTrackmodule.Oncetheapplicationmodulefindsoutanychangesinnetworkstatus,correspondingmeasureswillbetakenonatimelybasissoastoavoidinterruptionof
communicationorreductionofservicequality.Trackmoduleislocatedbetweenapplicationmoduleandmonitoringmodulewithmainfunctionsofshieldingthedifferencesofdifferentmonitoringmodulesandprovidinguniforminterfacesforapplicationmodule.TrackModuleandMonitoringModuleLinkageThroughconfiguration,thelinkagerelationshipbetweenTrackmoduleandmonitoringmoduleisestablished.Monitoringmoduleisresponsiblefordetectionoflinkstatus,networkperformanceandnotificationtoapplicationmoduleofdetectionresultsviaTrackmodulesoastocarryouttimelychangeofthestatusofTrackitem: Successfuldetection,correspondingtrackitemisPositive Faileddetection,correspondingtrackitemisNegativeTrackModuleandApplicationModuleLinkageThroughconfiguration,thelinkagerelationshipbetweenTrackmoduleandapplicationmoduleisestablished.Incaseofanychangesintrackitem,anotificationrequiringcorrespondenttreatmentwillbesenttoapplicationmodule.Currently,applicationmoduleswhichcouldachievelinkagewithtrackmoduleinclude:VRRP,staticrouting,strategy‐basedroutingandinterfacebackup.Undercertaincircumstances,onceanychangesinTrackitemarefounded,ifatimelynotificationissenttoapplicationmodule,thencommunicationmaybeinterruptedduetorouting’sfailureintimelyrestorationandotherreasons.Forexample,MasterrouterinVRRPbackupgroupcouldmonitorthestatusofupstreaminterfacethroughTrack.Incaseofanyfaultinupstreaminterface,MasterrouterwillbenotifiedtoreduceprioritysothatBackuproutermayascendtothenewMastertoberesponsibleforrelayofmessage.Onceupstreaminterfaceisrecovered,solongasTrackimmediatelysendsamessagetooriginalMasterroutertorecoverpriority,thentherouterwilltakeoverthetaskofmessagerelay.Atthattime,messagerelayfailuremayoccursincetherouterhasnotrestoredtotheupstreamrouter.Undersuchcircumstances,usertoconfigurethatonceanychangestakeplaceinTrackitem,delaysaperiodoftimetonotifytheapplicationmodule.Fromnavigationpanel,selectLinkBackup/Track,thenenter“Track”page,asshownFigure3‐53.
Figure3‐53TrackMPagedescriptionisshowninTable3‐28.Table3‐28TrackDescriptionParametersDescriptionDefaultIndex TrackindexorID1TypeDefault“sla”,UsercannotchangeslaSLAIDDefinedSLAIndexorIDNoneInterfaceDetectinterface’sup/downstatecellular1NegativeDelay(m)Incaseofnegativestatus,switchingcanbedelayedbasedonthesettime(0representsimmediateswitching),ratherthanimmediateswitching.0PositiveDelay(m)Incaseoffailurerecovery,switchingcanbedelayedbasedonthesettime(0representsimmediateswitching),ratherthanimmediateswitching.03.4.3VRRPDefaultrouteprovidesconvenienceforuser’sconfigurationoperationsbutalsoimposeshighrequirementsonstabilityofthedefaultgatewaydevice.Allhostsinthesamenetworksegmentaresetupwithanidenticaldefaultroutewithgatewaybeingthenexthopingeneral.Whenfaultoccursongateway,allhostswiththegatewaybeingdefaultrouteinthenetworksegmentcan’tcommunicatewithexternalnetwork.Increasingexitgatewayisacommonmethodforimprovingsystemreliability.Then,theproblem
tobesolvedishowtoselectrouteamongmultipleexits.VRRP(VirtualRouterRedundancyProtocol)addsasetofroutersthatcanundertakegatewayfunctionintoabackupgrouptoformavirtualrouter.TheelectionmechanismofVRRPwilldecidewhichroutertoundertaketheforwardingtaskandthehostinLANisonlyrequiredtoconfigurethedefaultgatewayforthevirtualrouter.VRRPwillbringtogetherasetofroutersinLAN.Itconsistsofmultipleroutersandissimilartoavirtualrouterinrespectoffunction.Accordingtothevlaninterfaceipofdifferentnetworksegments,itcanbevirtualizedintomultiplevirtualrouters.EachvirtualrouterhasanIDnumberandupto255canbevirtualized.VRRPhasthefollowingcharacteristics: VirtualrouterhasanIPaddress,knownastheVirtualIPaddress.ForthehostinLAN,itisonlyrequiredtoknowtheIPaddressofvirtualrouter,andsetitastheaddressofthenexthopofthedefaultroute. Hostinthenetworkcommunicateswiththeexternalnetworkthroughthisvirtualrouter. 1routerwillbeselectedfromthesetofroutersbasedonprioritytoundertakethegatewayfunction.Otherrouterswillbeusedasbackuprouterstoperformthedutiesofgatewayforthegatewayrouterincaseoffaultofgatewayrouter,thustoguaranteeuninterruptedcommunicationbetweenthehostandexternalnetworkVRRPNetworkingScheme:AsshowninFigureabove,RouterAandRouterCcomposeavirtualrouter.ThisvirtualrouterhasitsownIPaddress.ThehostinLANwillsetthevirtualrouterasthedefaultgateway.RouterAor
RouterC,theonewiththehighestpriority,willbeusedasthegatewayroutertoundertakethefunctionofgateway.AnotherrouterwillbeusedasaBackuprouter.MonitorinterfacefunctionofVRRPbetterexpandsbackupfunction:thebackupfunctioncanbeofferedwheninterfaceofacertainrouterhasfaultorotherinterfacesoftherouterareunavailable.WheninterfaceconnectedwiththeuplinkisatthestateofDownorRemoved,therouteractivelyreducesitsprioritysothatthepriorityofotherroutersinthebackupgroupishigherandthustherouterwithhighestprioritybecomesthegatewayforthetransmissiontask.Fromnavigationpanel,selectLinkBackup/VRRP,thenenter“VRRP”page,asshowninFigure3‐54.Figure3‐54VRRPPagedescriptionisshowninTable3‐29.Table3‐29VRRPDescriptionParametersDescriptionDefaultEnableEnable/DisableEnableVirtualRouteIDUserdefineVirtualRouteIDNoneInterfaceConfiguretheinterfaceofVirtualRoutevlan1VirtualIPAddressConfiguretheIPaddressofVirtualRouteNonePriorityTheVRRPpriorityrangeis0‐255(alargernumberindicates100
ahigherpriority).Therouterwithhigherprioritywillbemorelikelytobecomethegatewayrouter.AdvertisementIntervalHeartbeatpackagetransmissiontimeintervalbetweenroutersinthevirtualipgroup1PreemptionModeIftherouterworksinthepreemptivemode,onceitfindsthatitsownpriorityishigherthanthatofthecurrentgatewayrouter,itwillsendVRRPnotificationpackage,resultinginre‐electionofgatewayrouterandeventuallyreplacingtheoriginalgatewayrouter.Accordingly,theoriginalgatewayrouterwillbecomeaBackuprouter.EnableTrackIDTraceDetection,selectthedefinedTrackindexorID None3.4.4InterfaceBackupInterfacebackupreferstobackuprelationshipformedbetweenappointedinterfacesinthesameequipment.Whenservicetransmissioncan’tbecarriedoutnormallyduetofaultofacertaininterfaceorlackofbandwidth,rateofflowcanbeswitchedtobackupinterfacequicklyandthebackupinterfacewillcarryoutservicetransmissionandsharenetworkflowsoastoraisereliabilityofcommunicationofdataequipment.Whenlinkstateofmaininterfaceisswitchedfromuptodown,systemwillwaitforpresetdelayfirstinsteadofswitchingtolinkofbackupinterfaceimmediately.Onlyifthestateofmaininterfacestillkeepsdownafterthedelay,systemwillswitchtolinkofbackupinterface.Otherwise,systemwillnotswitch.Afterlinkstateofmaininterfaceisswitchedfromdowntoup,systemwillwaitforpresetdelayfirstinsteadofswitchingbacktomaininterfaceimmediately.Onlyifstateofmaininterfacestillkeepsupafterthedelay,systemwillswitchbacktomaininterface.Otherwise,systemwillnotswitch.Fromnavigationpanel,selectLinkBackup/InterfaceBackup,thenenter“InterfaceBackup”page,asshowninFigure3‐55.
Figure3‐55InterfaceBackupPagedescriptionisshowninTable3‐30.Table3‐30InterfaceBackupDescriptionParametersDescriptionDefaultPrimaryInterfaceTheinterfacebeingusedcellular1BackupInterfaceInterfacetobeswitchedcellular1Start‐upDelaySethowlongtowaitforthestart‐uptrackingdetectionpolicytotakeeffect60UpDelayWhentheprimaryinterfaceswitchesfromfaileddetectiontosuccessfuldetection,switchingcanbedelayedbasedonthesettime(0representsimmediateswitching),ratherthanimmediateswitching.0DownDelayWhentheprimaryinterfaceswitchesfromsuccessfuldetectiontofaileddetection,switchingcanbedelayedbasedonthesettime(0representsimmediateswitching),ratherthanimmediateswitching.0TrackIDTraceDetection,selectthedefinedTrackindexorIDNone3.5Routing3.5.1StaticRouteStaticroutingisaspecialroutingthatrequiresyourmanualsetting.Aftersettingstaticrouting,thepackageforthespecifieddestinationwillbeforwardedaccordingtothepathdesignatedbyyou.Inthenetworkwithrelativelysimplenetworkingstructure,itisrequiredtosetstaticrouting
toachievenetworkinterworking.Propersettingandusestaticroutingcanimprovetheperformanceofnetworkandcanguaranteebandwidthforimportantnetworkapplications.Disadvantagesofstaticrouting:Itcannotautomaticallyadapttothechangesinthenetworktopology.Thenetworkfailureorchangesintopologymaycausetherouteunreachableandnetworkinterrupted.Then,youarerequiredtomanuallymodifythesettingofstaticrouting.StaticRoutingperformsdifferentpurposesindifferentnetworkenvironments. Whenthenetworkstructureiscomparativelysimple,thenetworkcanworknormallyonlywithStaticRouting. Whileincomplexnetworkenvironment,StaticRoutingcanimprovetheperformanceofnetworkandensurebandwidthforimportantapplication. StaticRoutingcanbeusedinVPNexamples,mainlyforthemanagementofVPNroute.3.5.1.1RoutingStatusFromnavigationpanel,selectRouting/StaticRouting,thenenter“RouteTable”page,asshowninFigure3‐56.Figure3‐56RoutingStatus3.5.1.2StaticRoutingFromnavigationpanel,selectRouting/StaticRouting,thenenter“StaticRouting,”page.Add/deleteadditionalRouterstaticrouting.Normallyusersdonnotneedtoconfigurethisitem,asshownin3‐57.
Figure3‐57StaticRoutingPagedescriptionisshowninTable3‐31.Table3‐31StaticRoutingDescriptionParametersDescriptionDefaultDestinationaddress EnterthedestinationIPaddressneedtobereachedNoneSubnetMaskEnterthesubnetmaskofdestinationaddressneedtobereachedNoneInterfaceTheinterfacethroughwhichthedatareachesthedestinationaddressNoneGatewayIPaddressofthenextroutertobepassedbybeforetheinputdatareachesthedestinationaddressNoneDistancePriority,smallervaluecontributestohigherpriorityNoneTrackIDSelectthedefinedTrackindexorIDNone3.5.2DynamicRoutingTheroutingtableentryondynamicrouterisobtainedinaccordancewithcertainalgorithmoptimizationthroughtheinformationexchangebetweentheconnectedrouters,whiletheroutinginformationiscontinuouslyupdatingincertaintimeslotsoastoadapttothecontinuouslychangingnetworkandobtaintheoptimizedpathfindingeffectsatanytime.InordertoachieveefficientpathfindingofIPpacket,IETFhasdevelopedavarietyofpathfindingprotocols,includingOpenShortestPathFirst(OSPF)andRoutingInformationProtocol(RIP)forAutonomousSystem(AS)interiorgatewayprotocol.Theso‐calledautonomoussystemreferstothecollectionofhosts,routersandothernetworkdevicesunderthe
managementofthesameentity(e.g.schools,businesses,orISP)3.5.2.1RoutingStatusFromnavigationpanel,selectRouting/DynamicRouting,thenenter“RouteTable”page,asshowninFigure3‐58.Figure3‐58RoutingStatus3.5.2.2RIPRIP(RoutingInformationProtocol)isarelativelysimpleinteriorgatewayprotocol(IGP),mainlyusedforsmallernetworks.ThecomplexenvironmentsandlargenetworksgeneraldonotuseRIP.RIPusesHopCounttomeasurethedistancetothedestinationaddressanditiscalledRoutingCost.InRIP,thehopcountfromtheroutertoitsdirectlyconnectednetworkis0andthehopcountofnetworktobereachedthrougharouteris1andsoon.Inordertolimittheconvergencetime,thespecifiedRoutingCostofRIPisanintegerintherangeof0~15andhopcountlargerthanorequalto16isdefinedasinfinity,whichmeansthatthedestinationnetworkorhostisunreachable.Becauseofthislimitation,theRIPisnotsuitableforlarge‐scalenetworks.Toimproveperformanceandpreventroutingloops,RIPsupportssplithorizonfunction.RIPalsointroducesroutingobtainedbyotherroutingprotocols.ItisspecifiedinRFC1058RIPthatRIPiscontrolledbythreetimers,i.e.Periodupdate,TimeoutandGarbage‐Collection:EachrouterthatrunsRIPmanagesaroutingdatabase,whichcontainsroutingentriestoreachallreachabledestinations.Theroutingentriescontainthefollowinginformation: Destinationaddress:IPaddressofhostornetwork. Addressofnexthop:IPaddressofinterfaceoftherouter’sadjacentroutertobepassedby
onthewaytoreachthedestination. Outputinterface:Theoutputinterfacefortheroutertoforwardpackage. RoutingCost:Costfortheroutertoreachthedestination. Routingtime:Thetimefromthelastupdateofrouterentrytothepresent.Eachtimetherouterentryisupdated,theroutingtimewillberesetto0.Fromnavigationpanel,selectRouting>>DynamicRouting,thenenter“RIP”page,asshownFigure3‐59‐1.Figure3‐59‐1RIPAdvancedOptionsareshowninFigure3‐59‐2.
Figure3‐59‐2RIPPagedescriptionisshowninTable3‐32.Table3‐32RIPDescriptionParametersDescriptionDefaultEnableEnable/DisableDisableUpdatetimerItdefinestheintervaltosendroutingupdates30TimeouttimerItdefinestheroutingagingtime.Ifnoupdatepackageonaroutingisreceivedwithintheagingtime,therouting’sRoutingCostintheroutingtablewillbesetto16.180ClearTimerItdefinesthetimefromthetimewhentheRoutingCostofaroutingbecomes16tothetimewhenitisdeletedfromtheroutingtable.InthetimeofGarbage‐Collection,RIPuses16astheRoutingCostforsendingupdatesoftherouting.IncaseoftimeoutofGarbage‐Collectionandtheroutingstillhasnotbeenupdated,theroutingwillbecompletelyremovedfromtheroutingtable.120NetworkThefirstIPaddressandsubnetmaskofthesegmentNone
AdvancedOptionsDefaultPostClickEnable,thedefaultinformationwillenablepublishingDisableDefaultMetricDefaultcostofroutertodestination1RedirectdirectrouteDirect,Static,andOSProuteagreementintroducedtoRIProuteagreementDisableRedirectStaticRoutEDisableRedirectOSPRoutEDisableAdvancedOptions‐Distance/MetricManagementDistanceSetRIProutingadministrativedistance,priority,thesmallervalue,thepriority 120IPaddressNetworknumberisthefirstIPaddressinnetworksegmentNoneSubnetMaskSubnetmask,networknumberissubnetmaskofthefirstIPaddressinnetworksegmentNoneAccessListApplicationoftheACLIDNoneRedirectroutingmetricRewritedefaultcostfromroutetothedestination NoneIngress/egressfilteringpolicySetredirectionroutefilteringpolicy(in/out)inInterface SetInterfacerewritingtorouteNoneAccessListApplicationoftheACLIDNoneAdvancedOptions‐RouteFilteringPolicyPolicyTypeSelectthetypeofpolicytoimplementAccess‐listPolicynameCustompolicynameNoneIngress/egressfilteringpolicySelectpolicyappliedintheoutboundorinboundinInterface SelectroutefilteringpolicyenforcementInterfaceNoneSendfiltrationAfterenabling,onlyRIPpacketsendtothedefaultroutinginterface.DisableAdvancedOptions‐InterfacePassiveInterfaceAfterenabling,onlyreceiveRIPpacket,nosendDisableRIPsendversion SelectSendRIPpacketversionDefaultRIPReceiveversionChoosereceiveRIPpacketversionDefaultHorizontalsplit/toxicityFlipSelectenablesplithorizonorpoisonreversefunctionNoneAuthenticationSelecttheinterfaceauthenticationmodeNoneKey FillinthecorrespondingkeyNoneAdvancedOptions‐NeighborIPaddressNeighborIPaddressNone
3.5.2.3OSPFOpenShortestPathFirst(OSPF)isalinkstatusbasedinteriorgatewayprotocoldevelopedbyIETF.RouterIDIfarouterwantstoruntheOSPFprotocol,thereshouldbeaRouterID.RouterIDcanbemanuallyconfigured.IfnoRouterIDisconfigured,thesystemwillautomaticallyselectoneIPaddressofinterfaceastheRouterID.Theselectionorderisasfollows: IfaLoopbackinterfaceaddressisconfigured,thenthelastconfiguredIPaddressofLoopbackinterfacewillbeusedastheRouterID; IfnoLoopBackinterfaceaddressisconfigured,choosetheinterfacewiththebiggestIPadressfromotherinterfacesastheRouterID.NeighborandNeighboringAfterthestart‐upofOSPFrouter,itwillsendoutHellopacketsthroughtheOSPFinterface.UponreceiptofHellopacket,OSPFrouterwillchecktheparametersdefinedinthepacket.Ifbothareconsistent,aneighborrelationshipwillbeformed.Notallbothsidesinneighborrelationshipcanformtheadjacencyrelationship.Itisdeterminedbasedonthenetworktype.OnlywhenbothsidessuccessfullyexchangeDDpacketsandLSDBsynchronizationisachieved,theadjacencyinthetruesensecanbeformed.LSAdescribethenetworktopologyaroundarouter,LSDBdescribeentirenetworktopology.Fromnavigationpanel,selectRouting/DynamicRouting,thenenter“OSPF”page,asshowninFigure3‐60.
Figure3‐60OSPFPagedescriptionisshowninTable3‐33.Table3‐33OSPFDescriptionParametersDescriptionDefaultEnableEnable/DisableDisableRouterIDRouterIDoftheoriginatingtheLSANoneInterfaceInterface Theinterface NoneHelloIntervalSendintervalofHellopacket.IfthetheHellotimebetweentwoadjacentroutersisdifferent,youcannotestablishaneighborrelationship.10DeadIntervalDeadTime.IfnoHellopacketisreceivedfromtheneighbors,theneighborisconsideredfailed.Ifdeadtimesoftwoadjacentroutersaredifferent,theneighborrelationshipcannotbeestablished.40
RetransmitIntervalWhentherouternotifiesanLSAtoitsneighbor,itisrequiredtomakeacknowledgement.Ifnoacknowledgementpacketisreceivedwithintheretransmissioninterval,thisLSAwillberetransmittedtotheneighbor.5LSAtransmissiondelaytimerOSPFpacketalsoneedtospendtimewhentravelingonlinks,soLSAagingtime(age)beforetransferringtoaddadelaytime,inthelow‐speedlinksrequireconsiderationofconfiguration.1Interface‐InterfaceAdvancedOptionsInterfaceNameConfigureOSPFinterfaceparametersNonePassiveInterfaceAfterenabling,onlyreceiveRIPpacket,nosendDisableInterfaceCostBydefault,aninterfacecomputesitscostaccordingtothebandwidth10ProtocolPriorityConfigureOSPFrouterinterfacepriority10NetworkIPAddress IPAddressoflocalnetwork NoneSubnetMask SubnetMaskofIPAddressoflocalnetworkNoneAreaIDAreaIDofrouterwhichoriginatingLSA None3.5.2.4FilteringRouteClicknavigationpanel“Routing/DynamicRouting”menu,enter“FilteringRoute”interface,asshowninFigure3‐61.
Figure3‐61FilteringRoutePagedescriptionisshowninTable3‐34.Table3‐34FilteringRouteDescriptionParameterDescriptionDefaultAccessControlListAccesslistUserdefined NoneActionPermitanddenyPermitAnyAddress Anyaddressafterclicking,nomatchingIPaddressandsubnetmaskagainDisable3.5.3MulticastRoutingMulticastroutingsetsupanacyclicdatatransmissionroutefromdatasourceendtomultiplereceivingends,whichreferstotheestablishmentofamulticastdistributiontree.Themulticastroutingprotocolisusedforestablishingandmaintainingthemulticastroutingandforrelayingmulticastdatapacketcorrectlyandefficiently.3.5.3.1BasicSettingsThebasicismainlytodefinethesourceofmulticastrouting.
Fromnavigationpanel,selectRouting/MulticastRouting,thenenter“Basic”page,asshowninFigure3‐62.Figure3‐62BasicSettingsPagedescriptionisshowninTable3‐35.Table3‐35BasicSettingsDescriptionParametersDescriptionDefaultEnableOpen/CloseCloseSourceIPAddressofSource NoneNetmask NetmaskofSource 255.255.255.03.5.3.2IGMPIGMP,beingamulticastprotocolinInternetprotocolfamily,whichisusedforIPhosttoreportitsconstitutiontoanydirectlyadjacentrouter,definesthewayformulticastcommunicationofhostsamongstdifferentnetworksegmentswithpreconditionthattherouteritselfsupportsmulticastandisusedforsettingandmaintainingtherelationshipbetweenmulticastmembersbetweenIPhostandthedirectlyadjacentmulticastrouting.IGMPdefinesthewayformaintenanceofmemberinformationbetweenhostandmulticastroutinginanetworksegment.Inthemulticastcommunicationmodel,sender,withoutpayingattentiontothepositioninformationofreceiver,onlyneedstosenddatatotheappointeddestinationaddress,whiletheinformationaboutreceiverwillbecollectedandmaintainedbynetworkfacility.IGMPissuchasignalingmechanismforahostusedinthenetworksegmentofreceivertotherouter.IGMP
informstheroutertheinformationaboutmembersandtherouterwillacquirewhetherthemulticastmemberexistsonthesubnetconnectedwiththerouterviaIGMP.Functionofmulticastroutingprotocol: Discoveringupstreaminterfaceandinterfaceclosesttothesourceforthereasonthatmulticastroutingprotocolonlycarestheshortestroutetothesource. Decidingtherealdownstreaminterfacevia(S,G).AmulticasttreewillbefinishedafterallroutersacquiretheirupstreamanddownstreaminterfaceswithrootbeingrouterdirectlyconnectedwiththesourcehostandbranchesbeingroutersdirectlyconnectedviasubnetwithmemberdiscoveredbyIGMP. Managingmulticasttree.Themessagecanbetransferredoncetheaddressofnexthopcanbeacquiredbyunicastrouting,whilemulticastreferstorelaymessagegeneratedbysourcetoagroup.Fromnavigationpanel,selectRouting/MulticastRouting,thenenter“IGMP”page,asshowninFigure3‐63.Figure3‐63IGMPPagedescriptionisshowninTable3‐36.Table3‐36IGMPDescriptionParametersDescriptionDefaultUplinkInterfaceUplinkInterfacelinktouppernetworkdeviceinterfaceNone
DownlinkInterfaceDownlinkInterfacelinktoterminalequipmentinterfacecellular1UplinkInterfacelinktouppernetworkdeviceinterfacecellular13.6Tools3.6.1PINGHelptoPINGinternetthroughroute.Fromnavigationpanel,selectTools/Ping,thenenter“Ping”page,asshowninFigure3‐64.Figure3‐64PINGPagedescriptionisshowninTable3‐37.Table3‐37PINGDescriptionParametersDescriptionDefaultHostItrequiresthedestinationhostaddressofPINGdetection192.168.2.1PingCountSetPingdetectioncount 4PacketSize Setpacketsizeofpingdetection 32bytesExpertOptionsAdvancedparametersofpingcanbeusedNone
3.6.2RoutingDetectionItisusedtodetectnetworkroutingfailure.Fromnavigationpanel,selectTools/Traceroute,thenenter“Traceroute”page,asshowninFigure3‐65.Figure3‐65TraceroutePagedescriptionisshowninTable3‐38.Table3‐38TracerouteDescriptionParametersDescriptionDefaultHostHostaddressneedstodetect 192.168.2.1MaxiumHopsSetthemaxiumhopsofroutingdetection 20TimeoutSettimeoutofroutingdetection3secsProtocolSelectICMP/UDPUDPExpertOptions AdvancedparametersofpingcanbeusedNone3.6.3LinkSpeedTestThroughuploadanddownloadfiles,linkspeedcanbetested.Fromnavigationpanel,selectTools/LinkSpeedTest ,thenenter“LinkSpeedTest ” page,asshowninFigure3‐66.
Figure3‐66LinkSpeedTest3.7InstallationGuideSimplifygeneralconfiguration,wheretherouterwithfast,simple,basicconfiguration,configurationresultcannotbedisplayedhere,butviewitwhenfinishedinaspecificcorrespondingconfigurationsetting.3.7.1NewDialFromnavigationpanel"Wizards/NewCellular"menu,enter"NewCellular"page,asshowninFigure3‐67.Figure3‐67NewCellularPagedescriptionisshowninTable3‐39.Table3‐39NewCellularDescriptionParametersDescriptionDefault
APNSelectNewWANInterface3gnetAccessnumberMobileoperatorprovidedial‐upparameters(pleasechooseaccordingtothelocaloperator)*99***1#UsernameMobileoperatorprovidedial‐upparameters(pleasechooseaccordingtothelocaloperator)gprspasswordMobileoperatorprovidedial‐upparameters(pleasechooseaccordingtothelocaloperator)●●●●NetworkAddressTranslationClickEnable,putprivateIPaddressconvertedintoapublicIPaddressDisable3.7.2NewIPSecTunnelFromnavigationpanel"Wizards/NewIPSecTunnel"menu,enter"NewIPSecTunnel"page,asshowninFigure3‐68.Table3‐68NewIPSecTunnelPagedescriptionisshowninTable3‐40.Table3‐40NewIPSecTunnelDescriptionParametersDescriptionDefaultBasicTunnelNo.SetTunnelNo.1InterfaceNameSelectInterfaceNamecellular1PeerAddressSetVPNpeerIPNoneNegotiationModeOptionalmainmode,aggressivemode.(Usuallyselectmainmode)Mainmode
LocalsubnetaddressSetIPSeclocalprotectionsubnetNoneLocalSubnetMaskSetIPSeclocalprotectionsubnetmask255.255.255.0PeersubnetaddressSetIPSecpeerprotectionsubnetNonePeersubnetmaskSetIPSecpeerprotectionsubnetmask255.255.255.0Phase1IKEPolicyOptional3DES‐MD5‐DH1or3DES‐MD5‐DH2,etc.3DES‐MD5‐DH2IKELifeCycleSetIKELifeCycle86400secLocalIdentityType OptionalFQDN,USERFQDN,IPaddressIPaddressLocalIndexOnlyinFQDNandUSERFQDN.Fillintheappropriateidentificationaccordingtotheselectedidentitytype(USERFQDNshouldbeastandardmailboxformat)NonePeerIdentityTypeOptionalFQDN,USERFQDN,IPaddressIPaddressPeerIndexOnlyinFQDNandUSERFQDN.Fillintheappropriateidentificationaccordingtotheselectedidentitytype(USERFQDNshouldbeastandardmailboxformat)NoneAuthenticationChoosetosharekeysanddigitalcertificatessharekeysKey Authenticationmodeselectsharedkeysshowthefeature.SetIPSecVPNagreementkeyNonePhase2IPSecPolicyOptional3DES‐MD5‐96or3DES‐SHA1‐96etc.3DES‐MD5‐96IPSecLifeCycleSetIPSecLifeCycle3600secCreateinboundandoutboundrulestoeachtunnelcollection.Ifonlytocreateaone‐wayconnectionfilter,theruleisnotapplied.3.8PersonalizationFeaturesAccordingtothespecificneedsofindividualcustomers,privatecustomfunctionscanbeequippedtoWIFUN1050.3.8.1NginxServerSetharddiskserverfunction.Afteropeningcaptiveportalloginb,usershareharddiskdata.
Fromnavigationpanel"PersonalizedFunction/Nginx"menu,enter"Nginx"page,asshowninFigure3‐69.Figure3‐69Nginx3.8.2FileSynchronizationFromnavigationpanel"PersonalizedFunction/FileSynchronization"menu,enter"FileSynchronization"page,asshowninFigure3‐70.Figure3‐70FileSynchronizationPagedescriptionisshowninTable3‐41.
Table3‐41FileSynchronizationDescriptionParametersDescriptionDefaultTaskUser‐definedtasknameNoneServerRsyncServerAddressNoneServerDirectorySynchronizefilestoRsyncserveraddressNoneLocalDirectorySynchronizefilestolocaldirectoryNoneUsernameRsyncservernameNonePassword RsyncserverpasswordNone3.8.3GPSLocationInformationFromnavigationpanel"PersonalizedFunction/GPSConfig"menu,enter"GPSConfig"page,showninFigure3‐71.Figure3‐71GPSSettingsPagedescriptionisshowninTable3‐42.Table3‐42GPSConfigDescriptionParametersDescriptionDefaultServer uploadlocationinformationserverIPaddressNonePort Uploadlocationinformationserverport80PositioningtimeintervalSetpositioningtimeinterval60UploadLocationSetuploadLocationinformationgap60
informationgap3.8.4RoamingManagement3.8.4.1RoamingManagementFromnavigationpanel“PersonalizedFunction/RoamingManagement"menu,enter"RoamingManagement"page,showninFigure3‐72.Figure3‐72RoamingManagement3.8.4.2UpgradefromAPFromnavigationpanel"PersonalizedFunction/RoamingManagement"menu,enter"SlaveAPUpgrade"page,asshowninFigure3‐73.
Figure3‐73SlaveAPUpgrade3.9FirewallWiththeexpansionofnetworkandincreaseinflow,thecontrolovernetworksafetyandtheallocationofbandwidthbecometheimportantcontentsofnetworkmanagement.Thefirewallfunctionoftherouterimplementscorrespondingcontroltodataflowatentrydirection(fromInternettolocalareanetwork)andexitdirection(fromlocalareanetworktoInternet)accordingtothecontentfeaturesofmessage(suchas:protocolstyle,source/destinationIPaddress,etc.)andensuressafeoperationofrouterandhostinlocalareanetwork.3.9.1AccessControl(ACL)ACL,namelyaccesscontrollist,implementspermissionorprohibitionofaccessforappointeddataflow(suchasprescribedsourceIPaddressandaccountnumber,etc.)viaconfigurationofaseriesofmatchingrulessoastofilterthenetworkinterfacedata.Aftermessageisreceivedbyportofrouter,thefieldisanalyzedaccordingtoACLruleappliedonthecurrentport.Andafterthespecialmessageisidentified,thepermissionorprohibitionofcorrespondingpacketisimplementedaccordingtopresetstrategy.
ACLclassifiesdatapackagesthroughaseriesofmatchingconditions.Theseconditionscanbedatapackages’sourceMACaddress,destinationMACaddress,sourceIPaddress,destinationIPaddress,portnumber,etc.ThedatapackagematchingrulesasdefinedbyACLcanalsobeusedbyotherfunctionsrequiringflowdistinguish.Fromnavigationpanel,selectFirewall/ACL,thenenter“ACL”page,asshowninFigure3‐74‐1.Figure3‐74‐1AccessControl(ACL)Click<Add>toaddnewaccesscontrollist,asshowninFigure3‐74‐2.
Figure3‐74‐2AccessControl(ACL)PagedescriptionisshowninTable3‐43.Table3‐43AccessControlDescriptionParametersDescriptionDefaultTypeStandardACLcanblockallcommunicationflowsfromanetwork,orallowallcommunicationflowsfromaparticularnetwork,ordenyallcommunicationflowsofaprotocolstack(e.g.IP)of.TheextendedACLprovidesawiderrangeofcontrolthanthatprovidedbythestandardACL.Forexample,ifthenetworkadministratorwantsto"allowexternalWebcommunicationflowstopassthroughandrejectexternalcommunicationflows,e.g.FTPandTel ne t ”,theextendedACLcanbeusedtoachievetheobjective.ThestandardACLcannotbecontrolledsoprecisely.ExtendedIDUserdefineNoneActionPermit/Deny PermitProtocolAccessControlProtocolipSourceIPAddress IPAddressofSourceNoneDestinationIP IPAddressofDestinationNoneDestinationIPaddressDestinationnetworkaddressNoneDestinationInvertMask DestinationaddressmaskinvertedNoneLoggingClickEnable,thesystemwillrecordaccesscontrolonalogDisableDescription EasytorecordcontrolaccessparametersonalogNoneNetworkInterfacelistInterfaceNameSelectInterfaceNamecellular1Rules Selectinbound,outboundandmanagementrulesnone3.9.2NATNATcanachieveInternetaccessbymultiplehostswithintheLANthroughoneormorepublic
networkIPaddresses.ItmeansthatfewpublicnetworkIPaddressesrepresentmoreprivatenetworkIPaddresses,thussavingpublicnetworkIPaddresses.Fromnavigationpanel,selectFirewall/NAT,thenenter“NAT”page,asshowninFigure3‐75‐1.Figure3‐75‐1NATNATruleistoapplyACLtoaddresspool,onlymatchingtheACLaddressbeforeconversion.Click<Add>toaddnewNATrules,asshowninFigure3‐75‐2.
Figure3‐75‐2NATPagedescriptionisshowninTable3‐44.Table3‐44NATDescriptionParametersDescriptionDefaultActionSNAT:SourceNAT:TranslateIPpacket'ssourceaddressintoanotheraddressDNAT:DestinationNAT:Mapasetoflocalinternaladdressestoasetoflegalglobaladdresses.1:1NAT:TransferIPaddressonetoone.SNATSourceNetworkInside:InsideaddressOutside:OutsideaddressInsideTranslationTypeSelecttheTranslationTypeIPtoIPPrivatenetworkIPaddressreferstotheIPaddressofinternalnetworkorhost,whilepublicnetworkIPaddressisagloballyuniqueIPaddressontheInternet.RFC1918threeIPaddressblocksfortheprivatenetworkasfollows:ClassA:10.0.0.0~10.255.255.255
ClassB:172.16.0.0~172.31.255.255ClassA:192.168.0.0~192.168.255.255TheaddresseswithintheabovethreerangeswillnotbeallocatedontheInternet.Therefore,theycanbefreelyusedincompaniesorenterpriseswithouttheneedtomakeapplicationtotheoperatororregistrationcenter3.10QoSInthetraditionalIPnetwork,allpacketsaretreatedequallywithoutdistinction.Eachnetworkdeviceusesfirstinfirstoutstrategyforpacketprocessing.Thebest‐effortnetworksendspacketstothedestination,butitcannotguaranteetransmissionreliabilityanddelay.QoScancontrolnetworktraffic,avoidandmanagenetworkcongestion,andreducepacketdroppingrate.Someapplicationsbringconveniencetousers,buttheyalsotakeupalotofnetworkbandwidth.ToensureallLANuserscannormallygetaccesstonetworkresources,IPtrafficcontrolfunctioncanlimittheflowofspecifiedhostonlocalnetwork.QoSprovidesuserswithdedicatedbandwidthanddifferentservicequalityfordifferentapplications,greatlyimprovingthenetworkservicecapabilities.Userscanmeetvariousrequirementsofdifferentapplicationslikeguaranteeinglowlatencyoftime‐sensitivebusinessandbandwidthofmultimediaservices.QoScanguaranteehighprioritydataframesreceiving,acceleratehigh‐prioritydataframetransmission,andensurethatcriticalservicesareunaffectedbynetworkcongestion.IR900supportsfourservicelevels,whichcanbeidentifiedbyreceivingportofdataframe,TagpriorityandIPpriority.Fromnavigationpanel,selectQos/TrafficControl,thenenter“TrafficControl”page,asshowninFigure3‐76.
Figure3‐76QoSPagedescriptionisshowninTable3‐45.Table3‐45QoSDescriptionParametersDescriptionDefaultTypeNameNameNameAnyPackets ClickStartupforflowcontroltoanypackets DisableSource SourceaddressofflowcontrolN/ADestination DestinationaddressofflowcontrolN/AProtocol ClicktoselectprotocolstyleN/APolicyNameNameofuserdefinedflowcontrolstrategyN/AClassifier NameofstyledefinedaboveN/AGuaranteedBandwidthKbpsUserdefinedguaranteedbandwidthN/AMaximumBandwidthKbpsUserdefinedmaximumbandwidthN/ALocalPriorityLocalpriorityofselectionstrategyN/AApplyQosInterfaceSelectionofflowcontrolinterfacecellular1IngressMaxbandwidthKbpsUserdefine,biggerthanmaximumbandwidthofinputstrategyN/A
EgressMaxbandwidthKbpsUserdefine,biggerthanmaximumbandwidthofoutputstrategyN/AIngressPolicy NameofpolicydefinedaboveN/AEgressPolicyNameofpolicydefinedaboveN/A3.11VPNVPNisanewtechnologythatrapidlydevelopedinrecentyearswiththeextensiveapplicationofInternet.Itisforbuildingaprivatededicatednetworkonapublicnetwork.'Virtuality"mainlyreferstothatthenetworkisalogicalnetwork.TwoBasicFeaturesofVPN: Private:theresourcesofVPNareunavailabletounauthorizedVPNusersontheinternet;VPNcanensureandprotectitsinternalinformationfromexternalintrusion. Virtual:thecommunicationamongVPNusersisrealizedviapublicnetworkwhich,meanwhilecanbeusedbyunauthorizedVPNuserssothatwhatVPNusersobtainedisonlyalogisticprivatenetwork.ThispublicnetworkisregardedasVPNBackbone.FundamentalPrincipleofVPNThefundamentalprincipleofVPNindicatestoencloseVPNmessageintotunnelwithtunnelingtechnologyandtoestablishaprivatedatatransmissionchannelutilizingVPNBackbonesoastorealizethetransparentmessagetransmission.Tunnelingtechnologyenclosestheotherprotocolmessagewithoneprotocol.Also,encapsulationprotocolitselfcanbeenclosedorcarriedbyotherencapsulationprotocols.Totheusers,tunnelislogicalextensionofPSTN/linkofISDN,whichissimilartotheoperationofactualphysicallink.ThecommontunnelprotocolsincludeL2TP,PPTP,GRE,IPSec,MPLS,etc.3.11.1IPSecAmajorityofdatacontentsarePlaintextTransmissionontheInternet,whichhasmanypotentialdangerssuchaspasswordandbankaccountinformationstolenandtampered,useridentityimitated,sufferingfrommaliciousnetworkattack,etc.AfterdisposalofIPSeconthenetwork,itcanprotectdatatransmissionandreduceriskofinformationdisclosure.
IPSecisagroupofopennetworksecurityprotocolmadebyIETF,whichcanensurethesecurityofdatatransmissionbetweentwopartiesontheInternet,reducetheriskofdisclosureandeavesdropping,guaranteedataintegrityandconfidentialityaswellasmaintainsecurityofservicetransmissionofusersviadataoriginauthentication,dataencryption,dataintegrityandanti‐replayfunctionontheIPlevel.IPSec,includingAH,ESPandIKE,canprotectoneandmoredateflowsbetweenhosts,betweenhostandgateway,andbetweengateways.ThesecurityprotocolsofAHandESPcanensuresecurityandIKEisusedforciphercodeexchange.IPSeccanestablishbidirectionalSecurityAllianceontheIPSecpeerpairstoformasecureandinterworkingIPSectunnelandtorealizethesecuretransmissionofdataontheInternet.3.11.1.1IPSecPhase1IKEcanprovideautomaticnegotiationciphercodeexchangeandestablishmentofSAforIPSectosimplifytheoperationandmanagementofIPSec.Theself‐protectionmechanismsofIKEcancompleteidentityauthenticationandkeydistributioninaninsecurenetwork.Fromnavigationpanel,selectVPN/IPSec,thenenter“IPSecPhase1”page,asshowninFigure3‐77.Figure3‐77IPSecPhase1
PagedescriptionisshowninTable3‐46.Table3‐46IPSecPhase1DescriptionParameters DescriptionDefaultKeyringName Userdefinekey N/AIPAddress End‐to‐endIPaddressN/ASubnetMaskEnd‐to‐endsubnetmaskN/AKeyUserdefinekeycontentN/AIKEPolicyIdentification PolicyidentificationofuserdefinedIKE N/AAuthentication Alternativeauthentication:sharedkeyanddigitalcertificateSharedkeyEncryption3des:encryptplaintextwiththreeDESciphercodesof64bitdes:encrypta64bitplaintextblockwith64bitciphercodeAes:encryptplaintextblockwithAESAlgorithmwithciphercodelengthof128bit,192bitor256bit3desHashmd5:inputinformationofarbitrarylengthtoobtain128bitmessagedigest.sha‐1:inputinformationwithshorterlengthofbittoobtain160bitmessagedigest.Comparingboth,md5isfasterwhilesha‐1issafer.md5Diffie‐HellmanKeyExchangeThreeoptions:Group1,Group2andGroup5Group2LifetimeActivetimeofpolicy 86400ISAKMPProfileName NameofuserdefinedISAKMPProfileN/ANegotiationModeMainmode:asanexchangemethodofIKE,mainmodeshallbeestablishedinthesituationwherestricteridentityprotectionisrequired.Aggressivemode:asanexchangemethodofIKE,aggressiveMainmode
modeexchangingfewermessage,canacceleratenegotiationinthesituationwhereordinaryidentityprotectionisrequired.LocalIDTypeSelecttypeoflocalidentificationIPAddressLocalIDThelocalIDcorrespondingtotheselectedlocalIDN/ARemoteIDTypeSelecttypeofRemoteIDIPAddressRemoteIDTheRemoteIDcorrespondingtotheselectedpeeridentificationN/APolicy ThedefinedstrategyidentificationintheIKEStrategylistN/AKeyRingThedefinedkeysetinthekeysetlistN/ADPDIntervalUsedfordetectionintervalofIPSecneighborstate.AfterinitiatingDPD,IfreceivingendcannotreceiveIPSeccryptographicmessagesentbypeerendwithinintervaloftriggeringDPD,receivingendcanmakeDPDcheck,sendrequestmessagetooppositeendautomatically,detectwhetherIKEpeerpairexists.N/ADPDTimeoutReceivingendwillmakeDPDcheckandsendrequestmessageautomaticallytooppositeendforcheck.IfitdoesnotreceiveIPSeccryptographicmessagefrompeerendbeyondtimeout,ISAKMPProfilewillbedeleted.N/AThesecuritylevelofthreeencryptionalgorithmsrankssuccessively:AES,3DES,DES.Theimplementationmechanismofencryptionalgorithmwithstrictersecurityiscomplexandslowarithmeticspeed.DESalgorithmcansatisfytheordinarysafetyrequirements.
3.11.1.2IPSecPhase2Fromnavigationpanel,selectVPN>>IPSec,thenenter“IPSecPhase2”page,asshowninFigure3‐78.Figure3‐78IPSecPhase2PagedescriptionisshowninTable3‐47.Table3‐47IPSecIPSecPhase2DescriptionParametersDescriptionDefaultName UserdefineTransformSetname N/AEncapsulationChooseencapsulationformsofdatapacketAH:protectintegrityandauthenticityofdatapacketfromhackerinterceptingdatapacketorinsertingfalsedatapacketontheinternet.ESP:encrypttheuserdataneedingprotection,andthenencloseintoIPpacketforthepurposeofconfidentialityofdata.espEncryption Threeoptions:AES,3DES,DES3desAuthenticationAlternativeauthentication:md5andsha‐1md5IPSecModeTunnelMode:besidessourcehostanddestinationhost,specialgatewaywillbeoperatedwithpasswordtoensurethesafetyfromgatewaytogateway.TransmissionMode:sourcehostanddestinationhostmustdirectlybeoperatedwithallpasswordsforthepurposeofhigherworkefficiency,butcomparingwithtunnelmodetheTunnelMode
securitywillbeinferior.3.11.1.3IPSecConfigurationFromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSetting”page,asshowninFigure3‐79.Figure3‐79IPSecConfigurationPagedescriptionisshowninTable3‐48.Table3‐48IPSecConfigurationDescriptionParametersDescriptionDefaultIPSecProfileNameUserdefineIPSecProfilenameN/AISAKMPProfileISAKMPProfilenamesdefinedinthefirststageofparametersofIPSecN/ATransformSetTransformSetdefinedinthefirststageofparametersofIPSecN/APerfectForwardSecurity(PFS)Meanstherevealofoneciphercodewillnotendangerinformationprotectedbyotherciphercodes.Disable
LifetimeLifetimeofIPSecProfile3600RekeyMargin(S)Reconnectiontimeforthesecondstage540RekeyFuzz(%)Deviationpercentageofthereconnectiontimeforthesecondstage100SIMCardBindingWiththisfunctionactivated,successfuldialingofthecardwithwhichIPSecisbondedisapreconditionfortheuseofIPSec.DisableCryptoMapNameUserdefinenameofcryptomapN/AIDUserdefineIDofcryptomapN/APeerAddressPeerIPAddressN/AACLIDIDofACLdefinedinACLoffirewallN/AISAKMPProfileISAKMPProfilenamesdefinedinthefirststageofparametersofIPSecN/ATransformSetTransformSetdefinedinthefirststageofparametersofIPSecN/APerfectForwardSecurity(PFS)Meanstherevealofoneciphercodewillnotendangerinformationprotectedbyotherciphercodes.DisableLifetimeValidityofCryptoMap3600RekeyMargin(S)Reconnectiontimeforthesecondstage540RekeyFuzz(%)Deviationpercentageofthereconnectiontimeforthesecondstage100ParametersDescriptionDefaultInterface<==>CryptoMapMAPInterface SelectInterfaceNamecellular1MapNameSelectfromdefinednamesofCryptoMap.Onenameismatchedwithseveralmarks.none3.11.1.4IPSecVPNConfigurationExampleBuildingasecurechannelbetweenRouterAandRouterBtoensurethesecuredataflow
betweenCustomerBranchA‘ssubnet(192.168.1.0/24)andCustomerBranchB‘ssubnet(172.16.1.0/24).SecurityprotocolisESP,theencryptionalgorithmis3DES,andauthenticationalgorithmisSHA.Thetopologyisasfollows:ConfigurationSteps:(1)RouterASettingsStep1:IPSecSettingPhase1Fromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSettingPhase1”page,asshownbelow.NoneedtofillinLocalIDTypeandRemoteIDType.Step2:IPSecSettingPhase2
Fromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSettingPhase2”page,asshownbelow.Step3:IPSecSettingFromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSetting”page,asshownbelow.IPSecProfilesettingisneededonlywhenit’sDMVPN.(2)RouterBSettingsStep1:IPSecSettingPhase1Fromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSettingPhase1”page,asshownbelow.
Step2:IPSecSettingPhase2Fromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSettingPhase2”page,asshownbelow.Step3:IPSecSettingFromnavigationpanel,selectVPN/IPSec,thenenter“IPSecSetting”page,asshownbelow.
(3)VPNStatusCheckingFromnavigationpanel,selectVPN/IPSec,thenenter“IPSecStatus”page,asshownbelow.3.11.2GREGenericRouteEncapsulation(GRE)definestheencapsulationofanyothernetworklayerprotocolonanetworklayerprotocol.GREcouldbeusedastheL3TPofVPNtoprovideatransparenttransmissionchannelforVPNdata.Insimpleterms,GREisatunnelingtechnologywhichprovidesachannelthroughwhichencapsulateddatamessagecouldbetransmittedandencapsulationanddecapsulationcouldberealizedatbothends.GREtunnelapplicationnetworkingshownasthefollowingfigure:AlongwiththeextensiveapplicationofIPv4,tohavemessagesfromsomenetworklayerprotocol
transmittedonIPv4network,thosemessagescouldbyencapsulatedbyGREtosolvethetransmissionproblemsbetweendifferentnetworks.InfollowingcircumstancesGREtunneltransmission: GREtunnelcouldtransmitmulticastdatapacketsasifitwereatruenetworkinterface.SingleuseofIPSeccannotachievetheencryptionofmulticast. Acertainprotocoladoptedcannotberouted. AnetworkofdifferentIPaddressshallberequiredtoconnectothertwosimilarnetworks.GREapplicationexample:combinedwithIPSectoprotectmulticastdataGREcanencapsulateandtransmitmulticastdatainGREtunnel,butIPSec,currently,couldonlycarryoutencryptionprotectionagainstunicastdata.IncaseofmulticastdatarequiringtobetransmittedinIPSectunnel,aGREtunnelcouldbeestablishedfirstforGREencapsulationofmulticastdataandthenIPSecencryptionofencapsulatedmessagesoastoachievetheencryptiontransmissionofmulticastdatainIPSectunnel.Fromnavigationpanel,selectVPN/GRE,thenenter“GRE”page,asshowninFigure3‐80.Figure3‐80GRESettingsPagedescriptionisshowninTable3‐49.
Table3‐49GREDescriptionParametersDescriptionDefaultEnable Clicktoopen OpenIndex SetGREtunnelname NoneNetworkTypeSelectGREnetworktype peertopeerLocalVirtualIPSetLocalVirtualIPAddressNonePeerVirtualIPSetPeerVirtualIPAddressNoneSourceTypeSelectsourcetypeandsettheaccordingIPaddressorinterfaceIPLocalIPSetLocalIPAddressNonePeerIPSetPeerIPAddress NoneKeySetthekeyoftunnelNoneMTUSetthemaximumtransmission,unitinbytesNoneEnableNHRPNextHopResolutionProtocol,usedtoconnecttonon‐broadcastmultipleaccess(NBMA)formulasubnetworksourcestation(hostorrouter)decidedtoreach"NBMAnexthop"internetworkinglayeraddressandNBMAsubnetworkbetweenthedestinationstationaddress.EnableDescription AdddescriptionNone3.11.3L2TPL2TP,oneofVPDNTPs,hasexpandedtheapplicationsofPPP,knownasaveryimportantVPNtechnologyforremotedial‐inusertoaccessthenetworkofenterpriseheadquarters.L2TP,throughdial‐upnetwork(PSTN/ISDN),basedonnegotiationofPPP,couldestablishatunnelbetweenenterprisebranchesandenterpriseheadquarterssothatremoteuserhasaccesstothenetworkofenterpriseheadquarters.PPPoEisapplicableinL2TP.ThroughtheconnectionofEthernetandInternet,aL2TPtunnelbetweenremotemobileofficersandenterpriseheadquarterscouldbeestablished.L2TP‐Layer2TunnelProtocol,encapsulatesprivatedatafromusernetworkattheheadofL2PPP.Noencryptionmechanismisavailable,thusIPSesisrequiredtoensuresafety. MainPurpose:branchesinotherplacesandemployeesonabusinesstripcouldaccesstothenetworkofenterpriseheadquarterthroughavirtualtunnelbypublicnetworkremotely.
Fromnavigationpanel,selectVPN/L2TP,thenenter“L2TPClient”page,asshowninFigure3‐81.Figure3‐81L2TPClientPagedescriptionisshowninTable3‐50.Table3‐50L2TPClientDescriptionParametersDescriptionDefaultL2TPClassNameUserdifineL2TPClassNameNoneAuthenticationClickEnable,peerauthenticationisrequiredtonetworkconnectionwhenenable.DisableHostNameNetworkconnectiontolocalhostname,nottoconfigure.NoneTunnelAuthenticationkeyWhenthetunnelmustbeconfiguredtoenabletheauthentication,clickauthenticationkey,oryouwillnotneedtoconfigure.NonePseudowireClassName UserdifinePseudowireClassNameNoneL2TPClassL2TPClassnameNoneSourceInterfaceSeclectsourceinterfacenamecellular1L2TPTunnelEnable Clicktoenable EnableIndexAutomaticgenerated1L2TPServerSetL2TPServeraddressNone
PseudowireClassPseudowireClassnameNoneAuthenticationType SelectAuthenticationType AutoUsernamePeerServerusername NonePasswordPeerServerpasswordNoneLocalIPAddress SetlocalIPaddress,orautomaticallyallocatedbypeerserver.NoneRemoteIPAddressSetremoteIPaddres,ornotNone3.11.4OPENVPNSinglepointparticipatingintheestablishmentofVPNisallowedtocarryoutIDverificationbypresetprivatekey,third‐partycertificateorusername/password.OpenSSLencryptionlibraryandSSLv3/TLSv1protocolaremassivelyused.InOpenVpn,ifauserneedstoaccesstoaremotevirtualaddress(addressfamilymatchingvirtualnetworkcard),thenOSwillsendthedatapacket(TUNmode)ordataframe(TAPmode)tothevisualnetworkcardthroughroutingmechanism.Uponthereception,serviceprogramwillreceiveandprocessthosedataandsendthemoutthroughouternetbySOCKET,owingtowhich,theremoteserviceprogramwillreceivethosedataandcarryoutprocessing,thensendthemtothevirtualnetworkcard,thenapplicationsoftwarereceiveandaccomplishacompleteunidirectionaltransmission,viceversa.Fromnavigationpanel,selectVPN/OPENVPN,thenenter“OPENVPNClient”page,asshowninFigure3‐82.
Figure3‐82OPENVPNClientPagedescriptionisshowninTable3‐51.Table3‐51OPENVPNOPENVPNClientDescriptionParameterDescriptionDefaultEnableClickEnableEnableIDSetchannelIDNoneServerIPAddressSetpeerserverIPaddresssNonePortNumberSetpeerserverportnumber1194AuthenticationType SelectandconfigureauthenticationtypeparametersoftypecertificationUsername/PasswordUsernameKeepconsistencywithserver NonePassword KeepconsistencywithserverNoneChanneldescription userdefinechanneldescriptionNoneAdvancedOptionsSourcePortSelectsourceportnameNone
NetworkTypeSelectnetworktypenet30PortTypeSelectdataformissuedfromtheinterface.tun‐packet,tap‐dataframetunProtocolType KeepconsistencywithserverprotocoludpAdvancedOptionsEncryptionAlgorithmkeepconsistencywithserverDefaultLZOCompressionClickEnableOffConnectionTesting IntervalSetconnectingtestingtimeintervalNoneConnectionTesting OvertimeSetconnectingtestingovertimeNoneExpertConfigurationSetexpertoption:blankadvisableNoneImportconfigurationscanbedirectlyimportedintotheconfigureddocumentsgeneratedfrombackendserverandmanualconfigurationofOPENVPNcustomerendparameterisinnoneedafterimport.3.11.5CertificateManagementFromnavigationpanel,selectVPN/CertificateManagement,thenenter“CertificateManagement”page,asshowninFigure3‐83.
Figure3‐83CertificateManagementPagedescriptionisshowninTable3‐52.Table3‐52CertificateManagementDescriptionParameterDescriptionDefaultForcedtore‐applyIfthecertificatehasnotexpired,butneedtoreapply,clickforcedtore‐apply,re‐configurethecertificaterequestparameter.DisableRequestStatussuccessfulapplication,"RequestStatus"shows:CompletionInitiationCertificateProtectionKeySetcertificateprotectionkeyNoneCertificateProtectionKeyConfirmationConfirmcertificateprotectionkey NoneServerURLSetcertificateserverIPNoneCertificatenameSetcertificatenameNoneFQDNSetfulldomainnameNoneUnitName1Setunitname1NoneUnitName2Setunitname2NoneDomainName SetdomainnameNoneSerialNumberSetapplicationcertificateserialnumberNoneAuthenticationPasswordSetauthenticationpasswordNone
AuthenticationPasswordConfirmationConfirmauthenticationpasswordNoneHostIPSetrouteraddressintheuseofcertificateapplicationNoneRSAKeylengthSetRSAkeylength1024QueryIntervalSetqueryinterval60secQueryTimeoutSetquerytimeout3600sec3.12ConfigurationWizardAfterlogintheconfigurationpageviaWeb,click“ConnectInternet”toenterconfigurationpagebelow:Figure3‐12‐1ConnectInternetPagedescription:Table3‐12‐1ConnectInternetConfigurationDescriptionParametersDescriptionDefaultInterfaceType:3G/LTE,ADSL,DHCPandStaticIPAddress3G/LTEAPNProvidedbylocaloperator3gnetUsernameProvidedbylocaloperatorgprs
PasswordProvidedbylocaloperatorgprsDialedNumbersProvidedbylocaloperator*99***1#ADSLUsernameProvidedbylocaloperatorN/APasswordProvidedbylocaloperatorN/ANoconfigurationforDHCPStaticIPAddressIPAddress Userdefine N/ASubnetmaskUserdefine255.255.255.0GatewayUserdefineN/APrimaryDNSUserdefineN/ASecondaryDNSUserdefineN/ASavetheconfigurationandclick<NextStep>toenter“CloudPlatform”configurationpageasshownbelow:Figure3‐12‐2CloudManagementPlatformTable3‐12‐2CloudManagementPlatformConfigurationDescriptionParametersDescriptionDefaultPlatformAddressTheaddressandportnumberofcloudplatformrainbow.inhand.com.cn:80DemoModeClicktoenableDisable
4.ApplicationScenariosPlaceonabusoneInhandIPortal3000server,usingWIFIwirelesscoverageinsidethecar,built3G/4GmoduletoaccesstheInternet.Passengers’smartphones,tabletandnotebooksandotherintelligentterminalaccesstotheWIFIhotspot,WIFUN1050withPortalauthenticationmethodpushspecifiedpagetothemobileterminal,toprovideinformation,downloads,entertainmentandotherinformationservicesandInternetservices.InformationservicesavailableatthelocalstoreWIFUN1050enhanceuseraccessexperience,synchronousupdateCenterandlocalcontentvia3G/4G.
Appendix1TroubleshootingThismanualdescribesonlyasimpleroutertroubleshootingmethod,ifstillcannotruleout,youcangettheservicethroughTable1‐1.1) CannotlogonlocallyrouterthroughWebsettingpage? useMS‐DOSPingcommandtocheckthenetworkconnectiona.Ping127.0.0.1usedtocheckthecomputermanagementTCP/IPprotocolisinstalled.b.PingcollectiontoFEinterfaceIPaddresswhichdirectlyconnectedtorouter,usedtocheckwhethercollectionofmanagementcomputertorouter. Numberofusersallowedtomanagetherouterhasreachedthemaximum(foruptofouruserstosimultaneouslylog),pleasetryagainlater. PleasechecktheWebbrowserissetupaproxyserverordial‐upconnection,ifany,unset. SeeabovePCfirewallsettingsareusedtoconfiguretherouter,whethershieldingfunction. PleasecheckwhetherIEisequippedwiththird‐partyplug‐ins(eg:3721,IEpartner,etc.)itisrecommendedtoconfigureafteruninstalling.2) WIFUN1050ispoweredon,butcannotaccessInternet?Pleasecheck: WhethertheWIFUN1050isinsertedwithaSIMcard. WhethertheSIMcardisenabledwithdataservice,whethertheserviceoftheSIMcardissuspendedbecauseofanoverduecharge. Whetherthedialupparameters,e.g.APN,dialupnumber,account,andpasswordarecorrectlyconfigured. WhethertheIPAddressofyourcomputeristhesamesubnetwithWIFUN1050andthegatewayaddressisWIFUN1050LANaddress.3) LANusersdroppedcable,cannotaccesstheInternet? Checkswitchcablecollectedtorouter,andWANportnetworkcable,ifthereisloosening. Logintotherouter'sWebsetuppage,checkaccesscontrollist,tocheckwhethertheIPaddressofasegmentisnotallowedtoaccesstheInternet.4) WIFUN1050ispoweredon,haveapingtodetectWIFUN1050fromyourPCandfindpacketloss?
 Pleasecheckifthenetworkcrossovercableisingoodcondition.5) ForgetthesettingafterrevisingIPaddressandcannotconfigureWIFUN1050?Method1:connectWIFUN1050withserialcable,configureitthroughconsoleport.Method2:WIFUN1050ispoweredon,pressandholdRESETResetbutton(untilERRORlights),releasetheRESETbutton(ERRORlampisoff),pressandholdtheRESETbuttonagain(untiltheERRORindicatorblinks),andyoucanrestorethefactorydefaultsettings.Afterapplyingtheabovetwomethods,configuretheWIFUN1050.6) AfterWIFUN1050ispoweredon,itfrequentlyautorestarts.Whydoesthishappen?Pleasecheck: Whetherthemoduleworksnormally. WhethertheWIFUN1050risinsertedwithaSIMcard. WhethertheSIMcardisenabledwithdataservice,whethertheserviceoftheSIMcardissuspendedbecauseofanoverduecharge. Whetherthedialupparameters,e.g.APN,dialupnumber,account,andpasswordarecorrectlyconfigured. Whetherthesignalisnormal. Whetherthepowersupplyvoltageisnormal.7) WIFUN1050ispoweredon,butthePowerLEDisnoton?Pleasecheck: Checkthefuseisburnedout. Checksupplyvoltage,andthepolarityisconnectedcorrectly.8) WIFUN1050ispoweredon,connectedtothePC,WhyEthernetportlightisnoton?Pleasecheck: Checkthenetworkcableisnormal. NICcharacteristiconthePCissetto10/100M,fullduplex.9) WIFUN1050ispoweredon,whenconnectedwithPC,theNetworkLEDisnormalbutcannothaveapingdetectiontotheWIFUN1050?CheckiftheIPAddressofthePCandWIFUN1050areinthesamenetworksegmentandWIFUN1050IPasgatewayaddress.10) WIFUN1050dialupalwaysfails,Icannotfindoutwhy?
PleaserestoreWIFUN1050tofactorydefaultsettingsandconfiguretheparametersagain.Table1‐1SalesServiceTroubleDescriptionObtainserviceHardwarefailureForexample:WIFUN1050doesnotappearnormalpower,didnotplugthenetworkcablewhileEthernetportlightwaslitandotherissues.PleasecontactInhandTechnicialSupportHotlineforhelp:010‐64391099SoftwareProlemForexample:WIFUN1050featureisunavailable,abnormalorconfigurationadvice.PleasecontactInhandTechnicialSupportHotlineforhelp:010‐64391099
Appendix2InstructionofCommandLineOperatingstatusLED:POWERSTATUSWARNERRORDescriptionThepowerLED(red)StatusLED(green)AlarmLED(yellow)ErrorLED(red)onononoffPowerstatusonblinkonoffPowerSuccessonblinkblinkoffDialingonblinkoffoffDialingSuccessonblinkblinkblinkBeingupgradedonblinkonblinkResetSuccessSignalStatusLEDandDescription:SignalStatusGreenLED1SignalStatusGreenLED2SignalStatusGreenLED3DescriptionoffoffoffNosignalwasdetectedonoffoff1‐9signalcondition(inthiscasesignalconditionsdescribeproblems,pleasechecktheantennaisinstalledintact,thesignalsituationintheregionisgood)ononoff10‐19signalcondition(inthiscaseillustratesignalstatusisnormal,WIFUN1050canbeusednormally)ononon20‐31signalcondition(inthiscaseillustratethesignalingoodcondition)EthernetPortStatusLEDandDescription:GreenLEDDescriptiononThenetworkportis100M,inanormalstate,nodatatransmissionblinkThenetworkportis100M,inanormalstate,indatatransmissionoffNoconnectionMODEMLEDandDescription
MODEMGreenLEDDescriptiononAlreadydialedblinkNotdailedPOWERLEDandDescriptionPOWERRedLEDDescriptiononNomalpowerconnectionoffNopowerconnectionWLANLEDandDescriptionWLANGreenLEDDescriptiononWLANonfunctionoffWLANofffunction
FCCSTATEMENT1.ThisdevicecomplieswithPart15oftheFCCRules.Operationissubjecttothefollowingtwoconditions:(1)Thisdevicemaynotcauseharmfulinterference.(2)Thisdevicemustacceptanyinterferencereceived,includinginterferencethatmaycauseundesiredoperation.2.Changesormodificationsnotexpresslyapprovedbythepartyresponsibleforcompliancecouldvoidtheuser'sauthoritytooperatetheequipment.NOTE:ThisequipmenthasbeentestedandfoundtocomplywiththelimitsforaClassBdigitaldevice,pursuanttoPart15oftheFCCRules.Theselimitsaredesignedtoprovidereasonableprotectionagainstharmfulinterferenceinaresidentialinstallation.Thisequipmentgeneratesusesandcanradiateradiofrequencyenergyand,ifnotinstalledandusedinaccordancewiththeinstructions,maycauseharmfulinterferencetoradiocommunications.However,thereisnoguaranteethatinterferencewillnotoccurinaparticularinstallation.Ifthisequipmentdoescauseharmfulinterferencetoradioortelevisionreception,whichcanbedeterminedbyturningtheequipmentoffandon,theuserisencouragedtotrytocorrecttheinterferencebyoneormoreofthefollowingmeasures: Reorientorrelocatethereceivingantenna. Increasetheseparationbetweentheequipmentandreceiver. Connecttheequipmentintoanoutletonacircuitdifferentfromthattowhichthereceiverisconnected. Consultthedealeroranexperiencedradio/TVtechnicianforhelp.
         UnitedBusTechnology778BlanchardWay,SunnyvaleCA,94087‐3118USAT:+1‐408‐663‐4958info@ubt.iohttp://www.ubt.io/UnitedBusTechnologyUBT(UnitedBusTechnology),asiliconvalleybasedhightechcompany,isfocusingonhowtoimprovebusrideexperience,togeneratemorerevenueformotocoachoperators,toprovidebettermanagementforoperatorsandtomaximizethevalueofcoachlineindustrybythepowerofInternet+technology.Ourmissionistoprovidethebestinternet+servicetoallmotocoachoperatorswithcutting‐edgeproductlinesthatcoversfromdailybusbusinessoperationtopassengers’ridingexperience.

Navigation menu