Alfa Network AIP-W502, User Manual

Page 1: ...Long Range Wide Coverage 150Mbps 802 11N Wireless Router AIP W502 USER GUIDE ...

Page 2: ...AIP W502 User Guide ...

Page 3: ...ements of patents or other rights of third parties which may result from its use No license is granted by implication or otherwise under any patent or patent rights of ALFA ALFA reserves the right to change specifications at any time without notice Copyright 2010 by ALFA Networks Inc All rights reserved Trademarks ALFA is a registered trademark of ALFA NETWORK Inc ...

Page 4: ...ng conventions are used throughout this guide to show information NOTE Emphasizes important information or calls your attention to related features or instructions CAUTION Alerts you to a potential hazard that could cause loss of data or damage the system or equipment WARNING Alerts you to a potential hazard that could cause personal injury RELATED PUBLICATIONS As part of the Mini Broadband Router...

Page 5: ...Description of Capabilities 18 Applications 19 Package Contents 20 Hardware Description 20 LED Indicators 22 Ethernet WAN Port 23 Ethernet LAN Port 23 Power Connector 23 WPS Button 23 Reset Button 23 2 NETWORK PLANNING 24 Internet Gateway Router 24 LAN Access Point 25 Wireless Bridge 26 Wireless Client 27 3 INSTALLING THE MINI ROUTER 28 ...

Page 6: ... 34 Common Web Page Buttons 35 Setup Wizard 35 Step 1 Language Selection 35 Step 2 Time Settings 36 Step 3 WAN Settings DHCP 37 Step 3 WAN Settings Static IP 38 Step 3 WAN Settings PPPoE 39 Step 3 WAN Settings PPTP 40 Step 3 WAN Settings L2TP 42 Step 4 Wireless Security 43 Completion 44 SECTION II WEB CONFIGURATION 45 5 OPERATION MODE 46 Logging In 47 Operation Mode 49 6 NETWORK SETTINGS 50 WAN Se...

Page 7: ...vacy WEP 75 WPA Pre Shared Key 76 WPA Enterprise Mode 77 IEEE 802 1X and RADIUS 79 Access Policy 81 Wireless Distribution System WDS 81 Wi Fi Protected Setup WPS 84 Station List 87 8 FIREWALL CONFIGURATION 88 MAC IP Port Filtering 88 Current Filter Rules 90 Virtual Server Settings Port Forwarding 91 Current Virtual Servers in system 92 DMZ 92 System Security 93 Content Filtering 94 9 ADMINISTRATIO...

Page 8: ...7 Diagnosing LED Indicators 107 If You Cannot Connect to the Internet 107 Before Contacting Technical Support 108 B HARDWARE SPECIFICATIONS 109 C CABLES AND PINOUTS 111 Twisted Pair Cable Assignments 111 10 100BASE TX Pin Assignments 112 Straight Through Wiring 112 Crossover Wiring 113 GLOSSARY 118 INDEX 122 ...

Page 9: ... Home Page 34 Figure 15 Wizard Step 1 Language Selection 35 Figure 16 Wizard Step 2 Time and SNTP Settings 36 Figure 17 Wizard Step 3 WAN Settings DHCP 37 Figure 18 Wizard Step 3 WAN Settings Static IP 38 Figure 19 Wizard Step 3 WAN Settings PPPoE 39 Figure 20 Wizard Step 3 WAN Settings PPTP 40 Figure 21 Wizard Step 3 WAN Settings L2TP 42 Figure 22 Wizard Step 4 Wireless Security 43 Figure 23 Logg...

Page 10: ...ure 46 Manual WDS MAC Address Configuration 82 Figure 47 WDS Configuration Example 82 Figure 48 WDS Configuration 83 Figure 49 Enabling WPS 85 Figure 50 WPS Configuration 85 Figure 51 Station List 87 Figure 52 MAC IP Port Filtering 89 Figure 53 Virtual Server 91 Figure 54 DMZ 92 Figure 55 System Security 93 Figure 56 Content Filtering 94 Figure 57 System Management 97 Figure 58 Time Zone Settings ...

Page 11: ... 16 TABLES Table 1 Key Hardware Features 18 Table 2 LED Behavior 22 Table 3 WMM Access Categories 71 Table 4 LED Indicators 107 Table 5 10 100BASE TX MDI and MDI X Port Pinouts 112 ...

Page 12: ...ibes how to install and mount the unit It also describes the basic settings required to access the management interface and run the setup Wizard This section includes these chapters Introduction on page 18 Network Planning on page 24 Installing the Mini Router on page 28 Initial Configuration on page 33 ...

Page 13: ...irtual server functionality providing protected access to Internet services such as Web FTP e mail and Telnet VPN passthrough IPsec PPTP or L2TP User definable application sensing tunnel supports applications requiring multiple connections Feature Description WAN Port One 100BASE TX RJ 45 port for connecting to the Internet LAN Port One 100BASE TX RJ 45 port for local network connections WPS Butto...

Page 14: ...te the request to the appropriate server at another internal IP address This secures your network from direct attack by hackers and provides more flexible management by allowing you to change internal IP addresses without affecting outside access to your network DMZ Host Support Allows a networked computer to be fully exposed to the Internet This function is used when NAT and firewall security pre...

Page 15: ...wer adapter Documentation CD Inform your dealer if there are any incorrect missing or damaged parts If possible retain the carton including the original packing materials Use them again to repack the product in case there is a need to return it The AIP W502 150Mbps Wireless N Mini Broadband Router from herein refered to as Mini Broadband Router connects to the Internet through its RJ 45 WAN port I...

Page 16: ...Hardware Description 21 Figure 1 Top Panel Figure 2 Rear Pan LED Indicators CHAPTER 1 Introduction WPS Button RJ 45 WAN Port RJ 45 LAN Port So DC Power cket ...

Page 17: ... The 802 11n radio is enabled and transmitting or receiving data through wireless links Off On Blue The 802 11n radio is disabled address The Ethernet WAN port is aquiring an IP Blinking The Ethernet WAN port is connected and is transmitting receiving data Off The Ethernet WAN port is disconnected or has malfunctioned LAN On Blue The Ethernet LAN port is connected to a PC or server Blinking The Et...

Page 18: ...any warrantly supplied with the product The power adapter automatically adjusts to any voltage between 100 240 volts at 50 or 60 Hz and supplies 12 volts DC power to the unit No voltage range settings are required Press the WPS button to automatically configure the Mini Broadband Router with other WPS devices in the WLAN The Reset button is used to restore the factory default configuration If you ...

Page 19: ...ovide an Internet connection for multiple users through a single service provider account Users connect to the Mini Broadband Router either through a wired connection to a LAN port or though the device s own wireless network The Mini Broadband Router functions as an Internet gateway when set to Router Mode An Internet gateway employs several functions that essentially create two separate Internet ...

Page 20: ...connection to an Internet service provider ISP through a cable or DSL modem LAN ACCESS POINT The Mini Broadband Router can provide an access point service for an existing wired LAN creating a wireless extension to the local network The Mini Broadband Router functions as purely an access point when set to Bridge Mode When used in this mode there are no gateway functions between the WAN port and the...

Page 21: ...es two basic functions to be configured in the wireless network Either a repeater function that extends the range of the wireless network or a bridge function that connects a remote LAN segment to an Internet connection Figure 7 Operating as a Wireless Bridge Figure 8 Operating as a Wireless Repeater Desktop PC Cable DSL Modem Mini Router Bridge Mode WDS Link Internet Service Provider Mini Router ...

Page 22: ...ns as an external gateway WAN port When the wireless client option is enabled as a LAN connection the other SSID interface and LAN ports all function as the local network within the same IP subnet Figure 9 Operating as a Wireless Client Cable DSL Modem Internet Service Provider Server IP 192 168 2 x Desktop PC IP 192 168 2 x Notebook PC IP 192 168 2 x Wireless Client WAN IP from external network L...

Page 23: ...ating modes the wireless interface supports Wireless Distribution System WDS links to other Mini Broadband Routers and a wireless AP Client Mode for a link to another wireless network These advanced configurations are not described in this section See Network Planning on page 24 for more information In a basic configuration how the Mini Broadband Router is connected depends on the operating mode T...

Page 24: ...insert wall plugs for the screws 2 Insert two 20 mm M4 tap screws not included into the holes leaving about 2 3 mm 0 08 0 12 inches clearance from the wall 3 Line up the two mounting points on the unit with the screws in the wall then slide the unit down onto the screws until it is in a secured position To keep the Mini Broadband Router from sliding on the surface the unit has four rubber feet on ...

Page 25: ...ers The Mini Broadband Router can support up to 253 wired and wireless users 3 Power on the Mini Broadband Router by connecting the AC power adapter and plugging it into a power source Use ONLY the power adapter supplied with the Mini Broadband Router Otherwise the product may be damaged When you power on the Mini Broadband Router verify that the Power LED turns on and that the other LED indicator...

Page 26: ...t be manually set using the web management interface Figure 12 Bridge Mode Connection To connect the Mini Broadband Router for use as an access point follow these steps 1 Using Ethernet cable connect the Mini Broadband Router s LAN and WAN ports to PCs Alternatively you can connect to a workgroup switch to support more wired users 2 Power on the Mini Broadband Router by connecting the AC power ada...

Page 27: ...outer Bridge Mode Connections 32 3 Set up wireless devices by pressing the WPS button on the Mini Broadband Router or by using the web interface See Initial Configuration on page 33 for more information on accessing the web interface ...

Page 28: ...ommended to make initial configuration changes by connecting a PC directly to the Mini Broadband Router s LAN port The Mini Broadband Router has a default IP address of 192 168 2 1 and a subnet mask of 255 255 255 0 You must set your PC IP address to be on the same subnet as the Mini Broadband Router that is the PC and Mini Broadband Router addresses must both start 192 168 2 x To access the Mini ...

Page 29: ...ge and Main Menu 34 Figure 13 Login Page After logging in to the web interface the Home page displays The Home page shows the main menu and the method to access the Setup Wizard Figure 14 Home Page CHAPTER 4 HOME PAGE AND MAIN MENU ...

Page 30: ...o the previous screen SETUP WIZARD The Wizard is designed to help you configure the basic settings required to get the the Mini Broadband Router up and running There are only a few basic steps you need to set up the the Mini Broadband Router and provide a connection Follow these steps STEP 1 LANGUAGE SELECTION Select between English Traditional Chinese Simple Chinese or Korean Click Next to procee...

Page 31: ...k Next after completing the setup Figure 16 Wizard Step 2 Time and SNTP Settings The following items are displayed on this page Current Time Receives a time and date stamp from an SNTP server Time Zone Select the time zone that is applicable to your region SNTP Server Enter the address of an SNTP server to receive time updates SNTP synchronization hours Specify the interval between SNTP server upd...

Page 32: ...main Name Server A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses To specify a DNS server type the IP addresses in the text field provided Otherwise leave the text field blank Secondary DNS Server The IP address of the Secondary Domain Name Server MAC Clone Some ISPs limit Internet connections to a specified M...

Page 33: ...of the Mini Broadband Router Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Subnet Mask The mask that identifies the host address bits used for routing to specific subnets Default Gateway The IP address of the gateway router for the Mini Broadband Router which is used if the requested destination address is not on the local subnet Primary DNS Server The IP address...

Page 34: ...ce provider ISP through a DSL modem using Point to Point Protocol over Ethernet PPPoE Figure 19 Wizard Step 3 WAN Settings PPPoE The following items are displayed on this page User Name Sets the PPPoE user name for the WAN port Default pppoe_user Range 1 32 characters Password Sets a PPPoE password for the WAN port Default pppoe_password Range 1 32 characters Verify Password Prompts you to re ente...

Page 35: ...ivate networks The service is provided in many European countries Figure 20 Wizard Step 3 WAN Settings PPTP The following items are displayed on this page Server IP Sets the PPTP server IP Address Default pptp_server User Name Sets the PPTP user name for the WAN port Default pptp_user Range 1 32 characters Password Sets a PPTP password for the WAN port Default pptp_password Range 1 32 characters V...

Page 36: ...n names and can be used to identify network hosts by familiar names instead of the IP addresses To specify a DNS server type the IP addresses in the text field provided Otherwise leave the text field blank Secondary DNS Server The IP address of the Secondary Domain Name Server MAC Clone Some ISPs limit Internet connections to a specified MAC address of one PC This setting allows you to manually ch...

Page 37: ... Default l2tp_server User Name Sets the L2TP user name for the WAN port Default l2tp_user Range 1 32 characters Password Sets a L2TP password for the WAN port Default l2tp_password Range 1 32 characters Verify Password Prompts you to re enter your chosen password Address Mode Sets a L2TP network mode Default Static IP Address Sets the static IP address Default 0 0 0 0 available when L2TP Network M...

Page 38: ... specified MAC address of one PC This setting allows you to manually change the MAC address of the Mini Broadband Router s WAN interface to match the PC s MAC address provided to your ISP for registration You can enter the registered MAC address manually by typing it in the boxes provided Otherwise connect only the PC with the registered MAC address to the Mini Broadband Router then click the Clon...

Page 39: ...ct WPA2 PSK using AES encryption as the most secure option However if you have older wireless devices in the network that do not support AES encryption select TKIP as the encryption algorithm Access Policy The Mini Broadband Router provides a MAC address filtering facility The access policy can be set to allow or reject specific station MAC addresses This feature can be used to connect known wirel...

Page 40: ...n configuring the Mini Broadband Router using the web browser interface This section includes these chapters Operation Mode on page 46 Network Settings on page 50 Wireless Configuration on page 64 Firewall Configuration on page 88 Administration Settings on page 96 ...

Page 41: ...erface for the configuration of all the unit s features Any PC directly attached to the unit can access the management interface using a web browser such as Internet Explorer version 6 0 or above The following sections are contained in this chapter Logging In on page 47 Operation Mode on page 49 ...

Page 42: ...o be on the same subnet as the Mini Broadband Router that is the PC and Mini Broadband Router addresses must both start 192 168 2 x To access the configuration menu follow these steps 1 Use your web browser to connect to the management interface using the default IP address of 192 168 2 1 2 Log into the Mini Broadband Router management interface by entering the default user name admin and password...

Page 43: ...splays the main menu items at the top of the screen and the Setup Wizard See Setup Wizard on page 35 Figure 24 Home Page NOTE The displayed pages and settings may differ depending on whether the unit is in Router or Bridge Mode See Operation Mode on page 49 ...

Page 44: ...this page Bridge Mode An access point mode that extends a wired LAN to wireless clients Router Mode The Internet gateway mode that connects a wired LAN and wireless clients to an Internet access device such as a cable or DSL modem This is the factory set default mode AP Client Mode The wireless client mode that connects to another wireless network In this mode the wireless client SSID interface op...

Page 45: ... options are significantly reduced with only LAN Settings and the Client List being available to the user WAN SETTING The WAN Setting page specifies the Internet connection parameters Click on Network Settings followed by WAN WAN Connection Type By default the access point WAN port is configured with DHCP enabled After you have network access to the access point you can use the web browser interfa...

Page 46: ...sses in the text field provided Otherwise leave the text field blank Secondary DNS Server The IP address of the Secondary Domain Name Server MAC Clone Some ISPs limit Internet connections to a specified MAC address of one PC This setting allows you to manually change the MAC address of the Mini Broadband Router s WAN interface to match the PC s MAC address provided to your ISP for registration You...

Page 47: ...destination address is not on the local subnet Primary DNS Server The IP address of the Primary Domain Name Server on the network A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses If you have one or more DNS servers located on the local network type the IP addresses in the text fields provided Otherwise leave t...

Page 48: ...L modem using Point to Point Protocol over Ethernet PPPoE Figure 28 PPPoE Configuration The following items are displayed on this page PPPoE User Name Sets the PPPoE user name for the WAN port Default pppoe_user Range 1 32 characters PPPoE Password Sets a PPPoE password for the WAN port Default pppoe_password Range 1 32 characters Verify Password Prompts you to re enter your chosen password Operat...

Page 49: ...ess of the Mini Broadband Router s WAN interface to match the PC s MAC address provided to your ISP for registration You can enter the registered MAC address manually by typing it in the boxes provided Otherwise connect only the PC with the registered MAC address to the Mini Broadband Router then click the Clone your PC s MAC Address Default Disable PPTP Enables the Point to Point Tunneling Protoc...

Page 50: ...ve Mode The Mini Broadband Router will periodically check your Internet connection and automatically re establish your connection when disconnected Default 60 seconds Manual Mode The unit will remain connected to the Internet without disconnecting Primary DNS Server The IP address of the Primary Domain Name Server A DNS maps numerical IP addresses to domain names and can be used to identify networ...

Page 51: ...tion The following items are displayed on this page Server IP Sets the L2TP server IP Address Default l2tp_server User Name Sets the L2TP user name for the WAN port Default l2tp_user Range 1 32 characters Password Sets a L2TP password for the WAN port Default l2tp_password Range 1 32 characters Verify Password Prompts you to re enter your chosen password Address Mode Sets a L2TP network mode Defau...

Page 52: ...nnected to the Internet without disconnecting Primary DNS Server The IP address of the Primary Domain Name Server A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses To specify a DNS server type the IP addresses in the text field provided Otherwise leave the text field blank Secondary DNS Server The IP address of...

Page 53: ... 2 1 You can use this IP address or assign another address that is compatible with your existing local network Click on Network Settings followed by LAN Figure 31 LAN Configuration The following items are displayed on this page MAC Address The physical layer address for the Mini Broadband Router s LAN port IP Address Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods ...

Page 54: ...s expressed in seconds Options Forever Two weeks One week Two days One day Half day Two hours One hour Half hour Default One week LLTD Link Layer Topology Discovery LLTD is a Microsoft proprietary discovery protocol which can be used for both wired and wireless networks Options Disable Enable Default Enable IGMP Proxy Enables IGMP proxy on the Mini Broadband Router Options Disable Enable Default D...

Page 55: ...l Figure 32 DHCP Clients The following items are displayed on this page Host name The name of the connected client station MAC Address The MAC address of the connected client station IP Address The IP address assigned to the client from the IP pool Expires in The time limit for the use of the IP address from the IP pool When the time limit expires the client has to request a new IP address ...

Page 56: ... routes by entering routes directly into the routing table Static routing has the advantage of being predictable and easy to configure ADVANCED ROUTING SETTINGS This screen is used to manually configure static routes to other IP networks subnetworks or hosts Click Network Settings followed by Advanced Routing Maximum 32 entries are allowed Figure 33 Advanced Routing Router Mode ...

Page 57: ...examines the packet and matches it to the routing table entry providing the best match for its destination The table then provides the device with instructions for sending the packet to the next hop on its route across the network NOTE The Routing Table is only available when the Mini Broadband Router is set to Router Mode Destination Displays all destination networks or specific hosts to which pa...

Page 58: ...P is the most widely used method for dynamically maintaining routing tables RIP uses a distance vector based approach to routing Routes are chosen to minimize the distance vector or hop count which serves as a rough estimate of transmission cost Each router broadcasts its advertisement every 30 seconds together with any updates to its routing table This allows all routers on the network to build c...

Page 59: ... that 802 11g is backward compatible with 802 11b and 802 11n is backward compatible with 802 11b g at slower data transmit rates The Mini Broadband Router supports two virtual access point VAP interfaces One VAP is the primary Network Name SSID and the other one is referred to as Multiple SSID1 Each VAP functions as a separate access point and can be configured with its own Service Set Identifica...

Page 60: ...transmission rates may be slowed to compensate for 802 11b clients Any 802 11n clients will also be able to communicate with the Mini Broadband Router but they will be limited to 802 11g protocols and data transmission rates 11b only All 802 11b 802 11g and 802 11n clients will be able to communicate with the Mini Broadband Router but the 802 11g and 802 11n clients will be limited to 802 11b prot...

Page 61: ...eases security of the network because wireless clients need to already know the SSID before attempting to connect When set to disable the Network Name SSID and SSID1 are automatically set to Hide Default Enabled AP Isolation The Mini Broadband Router will isolate communincation between all clients in order to protect them Normally for users who are at hotspots Default Disabled MBSSID AP Isolation ...

Page 62: ...eivers overcome the effects of multipath delays When you add a guard time the back portion of useful signal time is copied and appended to the front Default Auto MCS The Modulation and Coding Scheme MCS is a value that determines the modulation coding and number of spatial channels Options value range 0 7 1 Tx Stream 8 15 2 TxStream 32 and auto 33 Default auto Reverse Direction Grant RDG When Reve...

Page 63: ...ngs NOTE There are several variables to consider when selecting a radio mode that make it fully functional Simply selecting the mode you want is not enough to ensure full compatibility for that mode Information on these variables may be found in the HT Physcial Mode Setting section ADVANCED WIRELESS The Advanced Wireless section on the Wireless Settings Advanced page includes additional radio para...

Page 64: ...a more timely manner causing stations in Power Save mode to wake up more often and drain power faster Using higher DTIM values reduces the power used by stations in Power Save mode but delays the transmission of broadcast multicast frames Range 1 255 beacons Default 1 beacon Fragmentation Threshold Configures the minimum packet size that can be fragmented when passing through the access point Frag...

Page 65: ...he same time when the feature is supported by compatible clients Default Enabled Packet Aggregate A performance enhancement that combines data packets together when the feature is supported by compatible clients Default Enabled WI FI MULTIMEDIA The Mini Broadband Router implements Quality of Service QoS using the Wi Fi Multimedia WMM standard Using WMM the access point is able to prioritize traffi...

Page 66: ...elivery APSD can also be enabled APSD is an efficient power management method that enables client devices sending WMM packets to enter a low power sleep state between receiving and transmitting data Default Disabled WMM Parameters Click the WMM Configuration button to set detailed WMM parameters Table 3 WMM Access Categories Access Category WMM Designation Description 802 1D Tags AC_VO AC3 Voice H...

Page 67: ... microseconds Note that the CWMin value must be equal or less than the CWMax value CWMax Maximum Contention Window The maximum upper limit of the random backoff wait time before wireless medium access can be attempted The contention window is doubled after each detected collision up to the CWMax value Specify the CWMax value in the range 0 15 microseconds Note that the CWMax value must be greater ...

Page 68: ...heavy Default Acknowledge MULTICAST TO UNICAST CONVERTER The Multicast to Unicast Converter section on the Wireless Settings Advanced page allows you to enable multicast traffic conversion Converting multicast traffic to unicast before sending to wireless clients allows a longer DTIM Data Beacon Rate interval to be set A longer DTIM interval prevents clients in power save mode having to activate t...

Page 69: ...ntication It must be verified that clients attempting to connect to the network are authorized users Traffic Encryption Data passing between the unit and clients must be protected from interception and eavesdropping The Mini Broadband Router supports supports ten different security mechanisms that provide various levels of authentication and encryption depending on the requirements of the network ...

Page 70: ...at are manually distributed to all clients that want to use the network When you select to use WEP be sure to define at least one static WEP key for user authentication or data encryption Also be sure that the WEP shared keys are the same for each client in the wireless network Figure 41 Security Mode WEP The following items are displayed in this section on this page Security Mode Configures the W...

Page 71: ...preset value WPA PRE SHARED KEY Wi Fi Protected Access WPA was introduced as an interim solution for the vulnerability of WEP pending the adoption of a more robust wireless security standard WPA2 includes the complete wireless security standard but also offers backward compatibility with WPA Both WPA and WPA2 provide an enterprise and personal mode of operation For small home or office networks WP...

Page 72: ...ment for WPA2 Before implementing WPA2 in the network be sure client devices are upgraded to WPA2 compliant hardware TKIP AES Uses either TKIP or AES keys for encryption WPA and WPA2 mixed modes allow both WPA and WPA2 clients to associate to a common SSID In mixed mode the unicast encryption type TKIP or AES is negotiated for each client Pass Phrase The WPA Preshared Key can be input as an ASCII ...

Page 73: ...s using WPA2 with an 802 1X authentication method are accepted for authentication The default data encryption type for WPA is AES WPA1_WPA2 Clients using WPA or WPA2 with an 802 1X authentication method are accepted for authentication The default data encryption type is TKIP AES WPA Algorithms Selects the data encryption type to use Default is determined by the Security Mode selected TKIP Uses Tem...

Page 74: ...ming full 802 1X authentication Default Disabled IEEE 802 1X AND RADIUS IEEE 802 1X is a standard framework for network access control that uses a central RADIUS server for user authentication This control feature prevents unauthorized access to the network by requiring an 802 1X client application to submit user credentials for authentication The 802 1X standard uses the Extensible Authentication...

Page 75: ... Disabled RADIUS Server Configures RADIUS server settings IP Address Specifies the IP address of the RADIUS server Port The User Datagram Protocol UDP port number used by the RADIUS server for authentication messages Range 1024 65535 Default 1812 Shared Secret A shared text string used to encrypt messages between the access point and the RADIUS server Be sure that the same text string is specified...

Page 76: ...to operate in a mode that allows it to forward traffic directly to other Mini Broadband Router units This feature can be used to extend the range of the wireless network to reach remote clients or to link disconnected network segments to an Internet connection To set up links between units you must configure the Wireless Distribution System WDS forwarding table by specifying the wireless MAC addre...

Page 77: ...gured with a different LAN IP address Internet Service Provider MAC 00 22 2D 62 EA 11 WDS MAC List 00 22 2D 62 EA 22 00 22 2D 62 EA 33 00 22 2D 62 EA 44 MAC 00 22 2D 62 EA 22 WDS MAC List 00 22 2D 62 EA 11 Cable DSL Modem WDS Link MAC 00 22 2D 62 EA 33 WDS MAC List 00 22 2D 62 EA 11 MAC 00 22 2D 62 EA 44 WDS MAC List 00 22 2D 62 EA 11 WDS Link WDS Link Internet Service Provider Operation Mode Rout...

Page 78: ...Repeater mode Figure 48 WDS Configuration The WDS settings configure WDS related parameters Up to four MAC addresses can be specified for each unit in the WDS network WDS links may either be manually configured Bridge and Repeater modes or auto discovered Lazy mode The following items are displayed on this page WDS Mode Selects the WDS mode of the SSID Options Disable Lazy Bridge Repeater Default ...

Page 79: ...t both ends of a WDS link are configured with the same encryption type and key Options None WEP TKIP AES Default None Encryption Key The encryption key for the WDS link The key type and length varies depending on the encryption type selected For WEP enter 5 alphanumeric characters or 10 hexadecimal digits for 64 bit keys or 13 alphanumeric characters or 26 hexadecimal digits for 128 bit keys For T...

Page 80: ...ion Wi Fi Protected Setup WPS 85 Figure 49 Enabling WPS The following items are displayed on this page WPS Enables WPS locks security settings and refreshes WPS configuration information Default Disabled Figure 50 WPS Configuration ...

Page 81: ...efault is exclusive for each unit Default 64824901 Reset WPS to Default Resets the WPS settings to factory default values WPS Config Configures WPS settings for the Mini Broadband Router WPS Mode Selects between methods of broadcasting the WPS beacon to network clients wanting to join the network PIN The Mini Broadband Router along with other WPS devices such as notebook PCs cameras or phones all ...

Page 82: ...CHAPTER 7 Wireless Configuration Station List 87 STATION LIST Displays the station information which associated to this Mini Broadband Router Figure 51 Station List ...

Page 83: ...TERING MAC IP Port filtering restricts connection parameters to limit the risk of intrusion and defends against a wide array of common hacker attacks MAC IP Port filtering allows the unit to permit deny or proxy traffic through its MAC addresses IP addresses and ports The Mini Broadband Router allows you define a sequential list of permit or deny filtering rules up to 32 This device tests ingress ...

Page 84: ...ltering Default Disable Default Policy When MAC IP Port Filtering is enabled the default policy will be enabled If you set the default policy to Dropped all incoming packets that don t match the rules will be dropped If the policy is set to Accepted all incoming packets that don t match the rules are accepted Default Dropped MAC Address Specifies the MAC address to block or allow traffic from ...

Page 85: ...ecifies if traffic should be accepted or dropped Default Accept Comment Enter a useful comment to help identify the filtering rules CURRENT FILTER RULES The Current Filter Table displays the configured IP addresses and ports that are permitted or denied access to and from the Mini Broadband Router Select Selects a table entry MAC Address Displays a MAC address to filter Destination IP Address Disp...

Page 86: ...h a NAT enabled router Maximum 32 entries are allowed Figure 53 Virtual Server The following items are displayed on this page Virtual Server Settings Selects between enabling or disabling port forwarding the virtual server Default Disable IP Address Specifies the IP address on the local network to allow external access Port Range Specifies the port range through which traffic is forwarded Protocol...

Page 87: ...nables a specified host PC on the local network to access the Internet without any firewall protection Some Internet applications such as interactive games or video conferencing may not function properly behind the Mini Broadband Router s firewall By specifying a Demilitarized Zone DMZ host the PC s TCP ports are completely exposed to the Internet allowing open two way communication The host PC sh...

Page 88: ...Denies or allows management access to the Mini Broadband Router through the WAN interface Default Deny Ping from WAN Filter When enabled the Mini Broadband Router does not respond to ping packets received on the WAN port Default Disable Stateful Packet Inspection SPI The Stateful Packet Inspection SPI firewall protects your network and computers against attacks and intrusions A stateful packet fir...

Page 89: ...an be reduced URLs are commonly used to point to websites By specifying a URL or a keyword contained in a URL traffic from that site may be blocked Current URL Filters Displays current URL filter Add a URL Filter Adds a URL filter to the settings For example myhost example com Web Host Filter Settings The Mini Broadband Router allows Internet content access to be restricted based on web address ke...

Page 90: ...CHAPTER 8 Firewall Configuration Content Filtering 95 Current Host Filters Displays current Host filter Add a Host Filter Enters the keyword for a host filtering ...

Page 91: ...e a management access password set the system time upgrade the system software display the system status and statistics Administration Settings contains the following sections System Management on page 97 Time Zone Settings on page 98 DDNS Settings on page 99 Firmware Upgrade on page 100 Configuration Settings on page 101 System Status on page 102 Statistics on page 104 System Log on page 105 ...

Page 92: ...s English Traditional Chinese Simple Chinese or Korean Default English Web Interface Settings To protect access to the management interface you need to configure a new Administrator s user name and password as soon as possible If a new user name and password are not configured then anyone having access to the Mini Broadband Router may be able to compromise the unit s security by entering the defau...

Page 93: ...igure 58 Time Zone Settings The following items are displayed in this section on this page Current Time Displays the current system time on the unit Sync with host Updates the unit s time from the web management PC s system time Time Zone Specifies the time zone in relation to Greenwich Mean Time GMT SNTP Server The IP address or URL of the NTP server to be used SNTP synchronization Sets the SNTP ...

Page 94: ... three DDNS service providers DynDns org Non IP com and ZoneEdit com To set up an DDNS account visit the websites of these service providers at www dyndns org www non ip com or www zoneedit com Figure 59 DDNS Settings Router Mode The following items are displayed in this section on this page Dynamic DNS Provider Specifies the DDNS service provider DynDns org Freedns afraid org ZoneEdit com or Non ...

Page 95: ...on this page Firmware Upgrade Allows you to upload new firmware manually by specifying a file path Make sure the firmware you want to use is on the local computer by clicking Browse to search for the firmware to be used for the update Software Version The current version number of the firmware Browse Opens a directory on the local hard drive for specifying the path of the file to upload Apply Star...

Page 96: ...configuration or restore a previously saved configuration back to the device Figure 61 Configuration Settings The following items are displayed on this page Export Settings Saves the current configuration to a file locally Import Settings Allows the user to load previously saved configuration files from a local source Load Factory Defaults Restores the factory defaults ...

Page 97: ...age System Info Displays the basic system information in both Bridge and Router Modes Firmware Version The version number of the current Mini Broadband Router software System Time Length of time the management agent has been up specified in hours and minutes Operation Mode Displays the mode setting of the unit Internet Configurations Displays the basic WAN information Connected Type Displays the W...

Page 98: ...ps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses MAC Address The shared physical layer address for the Mini Broadband Router s LAN ports Local Network Displays the basic LAN information LAN IP Address The IP address configured on the Mini Broadband Router LAN Netmask The mask that identifies the host address bits used...

Page 99: ...yed on this page Memory total The total memory of this Mini Broadband Router Memory left The available memory of this Mini Broadband Router WAN LAN All Interfaces Displays the interface on which traffic is being monitored Rx packets Displays the total number of packets received by the specified interface Rx bytes Displays the total number of bytes transmitted by the specified interface Tx packets ...

Page 100: ...Router and network problems The System Log page displays the latest messages logged in chronological order from the newest to the oldest Log messages saved in the Mini Broadband Router s memory are erased when the device is rebooted Figure 64 System Log The following items are displayed on this page System Log Displays the latest log messages in chronological order from the newest to the oldest Re...

Page 101: ... 106 SECTION III APPENDICES This section provides additional information and includes these items Troubleshooting on page 107 Hardware Specifications on page 109 Cables and Pinouts on page 111 ...

Page 102: ...C power adapter may be disconnected Check connections between the Mini Broadband Router the power adapter and the wall outlet WLAN LED is off The access point radio has been disabled through it s web management interface Access the management interface using a web browser to enable the radio LAN LED is off when port connected Verify that the Mini Broadband Router is powered on Be sure cables are p...

Page 103: ...cting to the Mini Broadband Router through the wired Ethernet interface check the network cabling between the management station and the Mini Broadband Router If you are connecting to Mini Broadband Router from a wireless client ensure that you have a valid connection 2 If you forgot or lost the password Set the Mini Broadband Router to its default configuration by pressing the reset button on the...

Page 104: ...381 1212 W2E SYS1381 1212 W3U SYS1381 1212 W2 Input 100 240 VAC 50 60 Hz Output 12 VDC 1 A LED INDICATORS Power WLAN Wireless Local Area Network WAN Wide Area Network LAN Local Area Network NETWORK MANAGEMENT Web browser TEMPERATURE Operating 0 to 40 C 32 to 104 F Storage 20 to 70 C 32 to 158 F HUMIDITY 20 to 85 non condensing PHYSICAL SIZE 93 x 70 x 26 mm WEIGHT 76 g 2 68 oz FREQUENCY RANGE FCC I...

Page 105: ...12 9 6 Mbps Draft 802 11n 20MHz 800ns GI 65 58 5 52 39 26 19 5 13 6 5 Mbps Draft 802 11n 40MHz 800ns GI 135 121 5 108 81 54 40 5 27 13 5 Mbps Draft 802 11n 20MHz 400ns GI 72 2 65 57 8 43 3 28 9 21 7 14 4 7 2 Mbps Draft 802 11n 40MHz 400ns GI 150 135 120 90 60 45 30 15 Mbps RF OUTPUT POWER 27 2dBm ...

Page 106: ... with white stripes Also an RJ 45 connector must be attached to both ends of the cable NOTE Each wire pair must be attached to the RJ 45 connectors in a specific orientation CAUTION DO NOT plug a phone jack connector into the RJ 45 port Use only twisted pair cables with RJ 45 connectors that conform with FCC standards The following figure illustrates how the pins on the RJ 45 connector are numbere...

Page 107: ... other end of the cable STRAIGHT THROUGH WIRING If the twisted pair cable is to join two ports and only one of the ports has an internal crossover MDI X the two pairs of wires must be straight through When auto negotiation is enabled for any RJ 45 port on this switch you can use either straight through or crossover cable to connect to any device type You must connect all four wire pairs as shown i...

Page 108: ...er cable to connect to any device type You must connect all four wire pairs as shown in the following diagram to support Gigabit Ethernet connections Figure 67 Crossover Wiring White Orange Stripe Orange White Green Stripe Green 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 EIA TIA 568B RJ 45 Wiring Standard 10 100BASE TX Straight through Cable End A End B Blue White Blue Stripe Brown White Brown Stripe White O...

Page 109: ...ferent ciphering algorithm to TKIP and WEP AUTHENTICATION The process to verify the identity of a client requesting network access IEEE 802 11 specifies two forms of authentication open system and shared key BACKBONE The core infrastructure of a network The portion of the network that transports information from one central location to another central location where it is unloaded onto a local sys...

Page 110: ...hat supports wireless communications in the 2 4 GHz band using Orthogonal Frequency Division Multiplexing OFDM The standard provides for data rates of 6 9 12 18 24 36 48 54 Mbps IEEE 802 11g is also backward compatible with IEEE 802 11b INFRASTRUCTURE An integrated wireless and wired LAN is called an infrastructure configuration LAN Local Area Network A group of interconnected computers and suppor...

Page 111: ...eived via broadcasts sent by NTP servers TKIP Temporal Key Integrity Protocol A data encryption method designed as a replacement for WEP TKIP avoids the problems of WEP static keys by dynamically changing data encryption keys TFTP Trivial File Transfer Protocol A TCP IP protocol commonly used for software downloads VAP Virtual Access Point Virtual AP technology multiplies the number of Access Poin...

Page 112: ...red Key WPA PSK can be used for small office networks with a limited number of users that may not need a high level of security WPA PSK provides a simple security implementation that uses just a pre shared password for network access ...

Page 113: ...on web page buttons 35 configuration settings 101 connections Bridge Mode 31 repeater 26 Router Mode 30 wireless bridge 26 contents of package 20 crossover cables 113 D data beacon rate 69 DC power socket 21 default IP address 33 47 default Key WEP 76 default settings reset 23 deployment options 24 desktop mounting 29 destination routing 62 DHCP address pool 59 DHCP clients list 60 DHCP server set...

Page 114: ...tion 23 messages logging 105 metric routing 62 modes operating 28 mounting horizontal surface 29 options 29 slots 29 mounting on a wall 29 multicast to unicast convertion 73 multiple SSID 66 N network applications 19 network name wireless 64 66 network statistics 104 O open system 74 operation mode setting 49 P package contents 20 password default 33 lost 108 setting 97 PBC mode WPS 86 physical si...

Page 115: ... time settings 98 time zone setting 98 TKIP encryption 77 traffic statistics 104 troubleshooting 107 114 twisted pair cable assignments 111 U upgrading software 100 UPNP 59 URL filters 94 user interface login 47 username setting 97 username default 33 UTP cable pinouts 112 V VAP interfaces 64 VPN Passthrough 19 W wall mounting 29 WAN ping filter 93 WAN port 21 WAN settings 50 WDS operation 26 WDS ...