Billion 7800DX, User Manual

Page 1: ...BiPAC 7800DX L Dual band Wireless N 3G 4G LTE VPN ADSL2 Router User Manual Version Released 2 32b Last revised date August 5 2013 ...

Page 2: ...evice Description 10 The Front LEDs 10 The Rear Ports 11 Cabling 12 Chapter 3 Basic Installation 13 Connecting Your Router 14 Network Configuration 16 Configuring a PC in Windows 7 16 Configuring a PC in Windows Vista 19 Configuring a PC in Windows XP 22 Configuring a PC in Windows 2000 24 Configuring a PC in Windows 95 98 Me 25 Configuring a PC in Windows NT4 0 26 Factory Default Settings 27 Info...

Page 3: ... Info 103 Schedule Control 104 Wireless 5G wl1 105 WAN Wide Area Network 106 WAN Service 106 DSL 106 Ethernet 118 3G LTE 125 DSL 128 SNR 129 System 130 Internet Time 130 Firmware Upgrade 131 Backup Update 132 Access Control 133 Mail Alert 134 SMS Alert 135 Configure Log 136 USB 137 Storage Device Info 137 User Account 138 Print Server 143 DLNA 148 IP Tunnel 150 IPv6inIPv4 150 IPv4inIPv6 152 Securi...

Page 4: ...rver 207 L2TP Client 209 GRE 223 Advanced Setup 224 Routing 225 Default Gateway 225 Static Route 226 Policy Routing 228 RIP 229 DNS 230 DNS 230 Dynamic DNS 232 DNS Proxy 235 Static DNS 236 Static ARP 237 UPnP 238 Certificate 245 Trusted CA 245 Multicast 248 Management 250 SNMP Agent 250 TR 069 Client 251 Remote Access 253 Power Management 254 Time Schedule 255 Diagnostics 257 Diagnostics Tools 257...

Page 5: ...dress space than IPv4 This results from the use of a 128 bit address whereas IPv4 uses only 32 bits The new address space thus supports 2128 about 3 4 1038 addresses This expansion provides flexibility in allocating addresses and routing traffic and eliminates the primary need for network address translation NAT which gained widespread deployment as an effort to alleviate IPv4 address exhaustion I...

Page 6: ...D and capability set Alternatively multiple Virtual APs might advertise the same SSID but a different capability set allowing access to be provided via Web Portal WEP and WPA simultaneously Where APs are shared by multiple providers Virtual APs provide each provider with separate authentication and accounting data for their users as well as diagnostic information without sharing sensitive manageme...

Page 7: ...y L2TP over IPsec BiPAC 7800DX only PPTP VPN with Pap Chap MS CHAPv2 authentication BiPAC 7800DX only GRE tunnel BiPAC 7800DX only SOHO Firewall Security with DoS Preventing and Packet Filtering Quality of Service Control for traffic prioritization and Bandwidth management Universal Plug and Play UPnP Compliance Supports IPTV Application 2 Supports Storage Service Ease of Use with Quick Installati...

Page 8: ...protocol port number and address Firewall Built in NAT Firewall Stateful Packet Inspection SPI DoS attack prevention Packet Filtering v4 v6 port source IP address destination IP address MAC address Time Schedule control URL Content Filtering v4 v6 string or domain name detection in URL string Time Schedule control MAC Filtering Quality of Service Control Supports the DiffServ approach Traffic prio...

Page 9: ...r wireless Up to 600 Mbps wireless operation rate 64 128 bits WEP supported for encryption WPS Wi Fi Protected Setup for easy setup Supports WPS v2 Wireless Security with WPA PSK WPA2 PSK support WDS repeater function support USB Application Server 3G LTE dongle support Storage FTP server Samba server DLNA Printer Server Virtual Private Network VPN 7800DX only IKE key management DES 3DES and AES e...

Page 10: ...P server client relay Supports SNMP v1 v2 MIB I and MIB II TR 069 1 supports remote management Available Syslog Mail alert for WAN IP changed SMS alert for WAN IP changed Auto failover and fallback Push Service for diagnostics and debug usage 1 On request for Telco ISP projects 2 IPTV application may require subscription to IPTV services from a Telco ISP 3 Specifications on this datasheet are subj...

Page 11: ...L port USB 2 0 port for storage service and printer server Ethernet 4 port 10 100 1000Mbps auto crossover MDI MDI X Switch EWAN Ethernet port 4 can be configured as a WAN interface for Broadband connectivity Factory default reset button WPS push button Power jack Power switch ...

Page 12: ...ts BiPAC 7800DX L Dual band Wireless N 3G 4G LTE VPN ADSL2 Router Quick Start Guide CD containing the on line manual Two fixed dual band antennas RJ 45 Cat 5e STP Ethernet cable RJ 11 ADSL telephone cable Power adapter Splitter Micro filter Optional ...

Page 13: ...3 Do not open or repair the case yourself If the router is too hot turn off the power immediately and have it repaired at a qualified service center 4 Avoid using this product and all accessories outdoors Attention 1 Place the router on a stable surface 2 Only use the power adapter that comes with the package Using a different voltage rating power adapter may damage the router ...

Page 14: ...Green Wireless connection established 3 Wireless Green blinking Sending receiving data Green blinking WPS configuration being in progress 4 WPS Off WPS process completed or WPS is off Green Blinking DSL synchronizing or waiting for DSL synchronizing Green Successfully connected to an ADSL DSLAM Line Sync 5 DSL Off DSL cable unplugged Red Obtaining IP failure Green Having obtained an IP address suc...

Page 15: ...PS Push WPS button to trigger Wi Fi Protected Setup function 5 USB Connect the USB device Printer USB 2 0 storage 3G LTE 3G USB modem to this port 6 Ethernet Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps 100Mbps 1000Mbps Note Port 4 can be configured as a WAN Interface for Broadband connectivity 7 DSL Connect t...

Page 16: ... you have a line filter with all devices e g telephones fax machines analogue modems connected to the same telephone line and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed and the right way around Missing line filters or line filters installed the wrong way around ...

Page 17: ...o obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router The default IP address of the router is 192 168 1 254 and the subnet mask is 255 255 255 0 i e any attached PC must be in the same subnet and have an IP address in the range of 192 168 1 1 to 192 168 1 253 The best and easiest way is to configure the PC to get an IP address automaticall...

Page 18: ...14 Connecting Your Router Users can connect the ADSL2 router as the following ADSL Router mode Broadband Router mode ...

Page 19: ...15 3G LTE Router mode ...

Page 20: ...tart Click on Control Panel Then click on Network and Internet 2 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 3 Select the Local Area Connection and right click the icon to select Properties ...

Page 21: ...ties 5 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 6 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 22: ...ies 5 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 6 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 23: ...ork 2 Then click on Network and Sharing Center at the top bar 3 When the Network and Sharing Center window pops up select and click on Manage network connections on the left window pane 4 Select the Local Area Connection and right click the icon to select Properties ...

Page 24: ...ties 6 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 25: ...es 9 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 10 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 26: ...Network Connections 2 Double click Local Area Connection 3 In the Local Area Connection Status window click Properties 4 Select Internet Protocol TCP IP and click Properties 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration ...

Page 27: ...t you should install it first Act as shown below 1 On the desktop Click Start Run type cmd then press Enter key in the keyboard the following screen appears 2 Key in command ipv6 install Configuration is OK now you can test whether it works ok ...

Page 28: ... Dial up Connections 2 Double click Local Area Connection 3 In the Local Area Connection Status window click Properties 4 Select Internet Protocol TCP IP and click Properties 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration ...

Page 29: ...n Network and choose the Configuration tab 2 Select TCP IP NE2000 Compatible or the name of your Network Interface Card NIC in your PC 3 Select the Obtain an IP address automatically radio button 4 Then select the DNS Configuration tab 5 Select the Disable DNS radio button and click OK to finish the configuration ...

Page 30: ...0 1 Go to Start Settings Control Panel In the Control Panel double click on Network and choose the Protocols tab 2 Select TCP IP Protocol and click Properties 3 Select the Obtain an IP address from a DHCP server radio button and click OK ...

Page 31: ...tention If you have forgotten the username and or password of the router you can restore the device to its default setting by pressing the Reset Button more than 5 seconds Device LAN IPv4 settings IPv4 Address 192 168 1 254 Subnet Mask 255 255 255 0 Device LAN IPv6 settings IPv6 Address prefix Default is a link local address and is different from each other as MAC address is different from one to ...

Page 32: ...dresses continuing from 192 168 1 100 through 192 168 1 199 The PPPoE function is enabled to automatically get the WAN port configuration from the ISP IPv6 LAN Port WAN Port IPv6 address prefix Default is a link local address and is different from each other as MAC address is different from one to one For example fe80 204 edff fe01 1 64 the prefix initiates by fe80 DHCP server function Enabled The...

Page 33: ...your ISP when you connect or be set manually PPPoA RFC2364 VPI VCI VC LLC based multiplexing Username Password and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually DHCP Client VPI VCI VC LLC based multiplexing Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually IPoA RFC1...

Page 34: ...he EZSO WEB GUI will automatically pop up and request that you enter some basic information that you have obtained from your ISP By following the instructions given carefully and through the information you provide the router will be configured in no time and you will find yourself surfing the internet sooner than you realize EZSO window pops up Step1 Set the administration password Step 2 Set the...

Page 35: ...f the DLS line doesn t synchronize the page will pop up warning of the DSL connection failure 3 Wait while the device is configured DSL synchronized 4 WAN port configuration is success and next to wireless if you want skip wireless setting click Done Click Done web configuration will be loaded you will enter the web configuration page ...

Page 36: ...etting The 7800DX L supports dual band wireless here you can set to activate wireless on which band or both and set the SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES 6 Continue to set 5GHz wireless 7 Success in configuring the EZSO ...

Page 37: ...33 Click link 192 168 1 254 it will lead you to the following page ...

Page 38: ...the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default 3 Wait while the device is configured 4 WAN port configuration is success Click Done web configuration will be loaded you will enter the web configuration page ...

Page 39: ...etting The 7800DX L supports dual band wireless here you can set to activate wireless on which band or both and set the SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES 6 Continue to set 5GHz wireless 7 Success in configuring the EZSO ...

Page 40: ...36 Click 192 168 1 254 it will lead you to the following page ...

Page 41: ... the APN username password from your ISP for settings about Authentication method PIN etc also refer to your ISP 3 Wait while the device is configured 4 WAN port configuration is success Click Done web configuration will be loaded you will enter the web configuration page ...

Page 42: ...etting The 7800DX L supports dual band wireless here you can set to activate wireless on which band or both and set the SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES 6 Continue to set 5GHz wireless 7 Success in configuring the EZSO ...

Page 43: ...39 Click 192 168 1 254 it will lead you to the following page ...

Page 44: ...the IP address of your router which by default is 192 168 1 254 and click or press Enter key on the keyboard a login prompt window will appear The default root username and password are admin and admin respectively Congratulations You are now successfully logged in to the Firewall Router ...

Page 45: ...p pages which include Status Summary WAN Statistics Bandwidth Usage Route 3G LTE Status ARP DHCP VPN 7800DX only Log Quick Start Quick Start Configuration LAN Wireless 2 4G wl0 Wireless 5G wl1 WAN System USB IP Tunnel Security Quality of Service NAT Wake On LAN VPN IPSec VPN Account PPTP L2TP GRE Advanced Setup Routing DNS Static ARP UPnP Certificate Multicast Management Diagnostics Note VPN is on...

Page 46: ...n easy access to the information about the working router and access to view the current status of the router Here Summary WAN Statistics Bandwidth Usage 3G LTE Status Route ARP DHCP VPN 7800DX only and Log subsections are included 7800DX ...

Page 47: ... LAN IPv6 address Default is a Link Local address but when connects to ISP it will display the Global Address like above figure MAC Address Displays the MAC address DSL PHY and Driver Version Display DSL PHY and Driver version Wireless Driver Version Displays wireless driver version WAN Line Rate Upstream Kbps Displays Upstream line Rate in Kbps Line Rate Downstream Kbps Displays Downstream line R...

Page 48: ...ce The WAN connection interface Description The description of this connection Type The protocol used by this connection Status To disconnect or connect the link Connection Time The WAN connection time since WAN is up IPv4 Address The WAN IPv4 Address the device obtained IPv6 Address The WAN IPv6 Address the device obtained ...

Page 49: ...each LAN interface P1 P4 indicates the four LAN interfaces Bytes Display the Received and Transmitted traffic statistics in Bytes Packets Display the Received and Transmitted traffic statistics in Packets Errors Display the statistics of errors arising in Receiving or Transmitting data Drops Display the statistics of drops arising in Receiving or Transmitting data Reset Press this button to refres...

Page 50: ... to refresh the statistics xTM The Statistics xTM screen displays all the xTM statistics Port Number Shows number of the port for xTM In Octets Number of received octets over the interface Out Octets Number of transmitted octets over the interface In Packets Number of received packets over the interface Out Packets Number of transmitted packets over the interface In OAM Cells Number of OAM cells r...

Page 51: ...Traffic Type Transfer mode here supports ATM and PTM Status Show the status of DSL link Link Power State Show link output power state Line Coding Trellis Trellis on off SNR Margin dB Show the Signal to Noise Ratio SNR margin Attenuation dB This is estimate of average loop attenuation of signal ...

Page 52: ...e total number of super frames Super Frame Errors the total number of super frame errors RS Words Total number of Reed Solomon code errors RS Correctable Errors Total number of RS with correctable errors RS Uncorrectable Errors Total number of RS words with uncorrectable errors HEC Errors Total number of Header Error Checksum errors OCD Errors Total number of out of cell Delineation errors LCD Err...

Page 53: ...49 When it is OK the following test result window will appear You can view the quality of ADSL connection Here the connection is OK Reset Click this button to reset the statistics ...

Page 54: ...usage LAN Note P4 can be configured as EWAN and when the device is in EWAN profile there is no P4 EWAN interface as P4 is working as a WAN port DSL Press View LAN Transmitted button to change the diagram to the statistics from a Received Bytes of view Note means Ethernet port 3 and the traffic information of the port 3 is identified with green the same color with P3 in the diagram other ports all ...

Page 55: ...51 When you press View WAN Traffic concurrently button the WAN Bandwidth Usage pops up so that users can view the WAN traffic concurrently ...

Page 56: ...52 WAN Service Press View WAN Transmitted button to change the diagram to the statistics from a Received Bytes of view ...

Page 57: ...53 Press View LAN Traffic concurrently button to directly switch to the LAN Bandwidth Usage page to view the LAN traffic concurrently ...

Page 58: ...cates current 3G signal strength Network Name The network name that the device is connected to Network Mode The current operation mode for 3G LTE card it depends on service provider and card s limitation GSM or UMTS Card Name The name of the 3G LTE card Card Firmware The current firmware for the 3G LTE card ...

Page 59: ... not the subnet G Show that the outside gateway is needed to forward packets in this route R Show that the route is reinstated from dynamic routing D Show that the route is dynamically installed by daemon or redirecting M Show the route is modified from routing daemon or redirect Metric Display the number of hops counted as the Metric of the route Service Display the service that this route uses I...

Page 60: ...s permanent entry the route is permanent P publish entry publish this route item MAC Address Shows the MAC address that is corresponded to the IP address of the device it is mapped to Device here refers to the physical interface it is a concept to identify Clients from LAN or WAN For example the Clients in LAN here displays br0 Mark Show clearly the SSID WLAN the device is in Neighbor Cache Table ...

Page 61: ...d to the host with this MAC address Expires in Show the remaining time after registration Mark Show clearly the SSID WLAN the device is in Note The devices are free to access each other through device name on condition that they all obtain their IPs from the DHCP If the device IP is obtained from the DHCP other devices can access the device through the device name For example the PC ytt PC can pin...

Page 62: ...PSec Name The IPSec connection name Active Display the connection status Local Subnet Display the local network Remote Subnet Display the remote network Remote Gateway The remote gateway address SA The Security Association for this IPSec entry Refresh Click this button to refresh the tunnel status ...

Page 63: ...nt Action Act to the connection Click Drop button to disconnect the tunnel connection PPTP Client Name The PPTP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN PPTP connection Client Assigned IP by PPTP server Action Act to the connection...

Page 64: ...nt Action Act to the connection Click Drop button to disconnect the tunnel connection L2TP Client Name The L2TP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN L2TP connection Client Assigned IP by L2TP server Action Act to the connection...

Page 65: ... GRE connection name Enable Display the connection status with icons Status The connection status connected or disable Remote Gateway The IP of remote gateway Refresh Click this button to refresh the connection status ...

Page 66: ...cumulated up to the present time You can trace historical information with this function And the log policy can be configured in Configure Log section Refresh Click to update the system log Clear Click to clear the current log from the screen ...

Page 67: ...ng Outgoing IP Filtering Incoming URL Filter to determine if you want to log this information Also you can turn to Configure Log section below to determine the level to log the message You can use this to track potential threats to your system and network Refresh Click to update the system log Clear Click to clear the current log from the screen ...

Page 68: ...o internet DSL mode 1 Select DSL press Continue to go on to next step 2 Enter the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default If the DLS line is not synchronized the page will pop up warning of the DSL connection failure ...

Page 69: ... button and you may proceed to configure the Wireless setting The 7800DX L supports dual band wireless here you can set to activate wireless on which band or both and set the SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES 6 Continue to set 5GHz wireless ...

Page 70: ...66 7 Success If Quick Start is finished user can turn to Status Summary to see the basic information ...

Page 71: ...s Continue to go on to next step 2 Enter the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default 3 Wait while the device is configured 4 WAN port configuration is successful ...

Page 72: ... wireless connections in Quick Start part users can only enable or disable the wireless on the band and the exact SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES For detail setting please go to the Wireless part in this Manual 6 Continue to set 5GHz wireless 7 Success ...

Page 73: ...inue to go on to next step 2 Select the 3G mode and enter the APN username password from your ISP and check with your ISP with the authentication method setting 3 Wait while the device is configured 4 WAN port configuration is successful ...

Page 74: ... band wireless connections in Quick Start part users can only enable or disable the wireless on the band and the exact SSID and encryption Key 1 Leave it empty to disable the wireless security 2 Fill in the Key and the encryption mode will be WPA2 PSK AES For detail setting please go to the Wireless part in this Manual 6 Continue to set 5GHz wireless ...

Page 75: ...71 7 Success If Quick Start is finished user can turn to Status Summary to see the basic information ...

Page 76: ... display the sub items that will allow you to further configure your router LAN Wireless 2 4G wl0 Wireless 5G wl1 WAN System USB IP Tunnel Security Quality of Service NAT and Wake On LAN The function of each configuration sub item is described in the following sections ...

Page 77: ... is it is forwarded to all ports With IGMP snooping multicast traffic of a group is only forwarded to ports that have members of that group When enabled you will see two modes Standard Mode In standard mode multicast traffic will flood to all bridge ports when no client subscribes to a multicast group Blocking Mode In blocking mode the multicast data will be blocked when there are no client subscr...

Page 78: ...nge the DHCP Server used to assign to the Clients End IP Address The end IP address f the range the DHCP Server used to assign to the Clients Leased Time hour The leased time for each DHCP Client Option 66 Click Enable to activate DHCP option 66 for some special devices like IPTV Set Box The devices can get firmware or some special service from the TFTP server User needs to set the IP or hostname ...

Page 79: ...P Alias This function allows the creation of multiple virtual IP interfaces on this router It helps to connect two or more local networks to the ISP or remote node IP Alias Check whether to enable this function IP Address Specify an IP address on this virtual interface Subnet Mask Specify a subnet mask on this virtual interface Click Apply to apply your settings ...

Page 80: ...te its own addresses using a combination of locally available information MAC address and information prefix advertised by routers Routers advertise prefixes that identify the subnet s associated with a link while hosts generate an interface identifier that uniquely identifies an interface on a subnet An address is formed by combining the two When using stateless configuration you needn t configur...

Page 81: ...LA address in the RA messages ULA unique local address is an IPv6 address in the block fc00 7 It is approximately the IPv6 counterpart of the IPv4 private address They are not routable in the global IPv6 Internet RADVD Type The way that ULA prefix is generated Randomly Generated Statically Configured select to set manually in the following parameters Prefix Set the prefix manually Preferred Life T...

Page 82: ...de thus the PCs in LAN are configured through RA mode to obtain the prefix message and generate an address using a combination of locally available information MAC address and information prefix advertised by routers With both DHCPv6 and Issue Router Advertisement Enabled With this method the PCs addresses in LAN are configured like above method but they can obtain such information like DNS from D...

Page 83: ...e PCs addresses are configured the same as in IPv4 that is addresses are assigned by DHCPv6 server With both DHCPv6 and Issue Router Advertisement Enabled With this method the PCs addresses are configured the same like above and the address information in RA packets will be neglected ...

Page 84: ... physical LAN but it allows for end stations to be grouped together even if they are not located on the same network switch Each group will perform as an independent network To support this feature you must create mapping groups with appropriate LAN and WAN interfaces using the Add button Please Note P4 can be configured as EWAN and when the device is in EWAN profile there is no P4 EWAN interface ...

Page 85: ...rfaces you want to group as a single group from Available LAN Interfaces Automatically Add Clients with following DHCP Vendor IDs Enter the DHCP Vendor IDs for which you want the Clients automatically added into the group DHCP vendor ID DHCP 60 is an Authentication for DHCP Messages Click Apply to confirm your settings and your added group will be listed in the Interface Grouping table below ...

Page 86: ...p add the DHCP vendor ID string By configuring a DHCP vendor ID string any DHCP client request with the specified vendor ID DHCP option 60 will be denied an IP address from the local DHCP server If a vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow it to obtain an appropriate IP address Each LAN interface can only be added into one...

Page 87: ...ion for users Wl0 operating on 2 4GHz has sub items as Basic Security MAC Filter Wireless Bridge Advanced Station Info and Schedule Control here Wl1 running on 5GHz are to set with the same ways as in Wl0 Note The dual band wireless is simultaneous with different clients not the same one Users can freely choose the optimum radio band wireless connection base on your environment ...

Page 88: ...wireless devices check the checkbox again to unselect Enable Wireless Hotspot2 0 Make sure you use the WPA2 security mechanism Move to WPA2 Enable to use the Hotsport2 0 same operation as with WPA2 Hide SSID It is function in which transmits its SSID to the air so that when wireless client searches for a network router can then be discovered and recognized Check the checkbox to determine ...

Page 89: ... Different countries have different wireless band resources so you can select the appropriate Country according to your location Max Clients enter the number of max clients the wireless network can supports 1 16 Guest virtual Access Points A Virtual Access Point is a logical entity that exists within a physical Access Point AP When a single physical AP supports multiple Virtual APs each Virtual AP...

Page 90: ...nfiguration Manual Setup AP Select SSID select the SSID you want these settings apply to Network Authentication Open WEP Encryption Select to enable or disable WEP Encryption Here select Enable Encryption Strength Select the strength 128 bit or 64 bit Current Network Key Select the one to be the current network key Please refer to key 1 4 below Network Key 1 4 Enter 13 ASCII characters or 26 hexad...

Page 91: ...r the port number of RADIUS authentication server here RADIUS Key Enter the password of RADIUS authentication server WEP Encryption Select to enable or disable WEP Encryption Here select Enable Current Network Key Select the one to be the current network key Please refer to key 2 3 below Network Key 1 4 Enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys Enter 5 ASCII ch...

Page 92: ...ntication server WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication WPA PSK WPA2 PSK WPA WAPI passphrase Enter the WPA WAPI passphrase you can click here to display to view it WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wir...

Page 93: ...here are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication Mixed WPA2 WPA WPA2 Preauthentication When a wireless client wants to handoff to another AP with preauthentication it can perform 802 1X authentications to the new AP and when handoff happens this mode will help reduce the association time used Network ...

Page 94: ...can click here to display to view it WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP The unit is second WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication ...

Page 95: ...igure WPS WPS Select enable to enable WPS function Please note that WPS can only be available when WPA2 PSK or OPEN mode is configured Note 1 WPS feature is only available when in WPA2 or OPEN mode in security settings 2 Here wireless can be configured as Registrar and Enrollee mode respectively When AP is configured as Registrar you should select Configured in the WPS AP Mode below and default WP...

Page 96: ...m Enrollee Station 16837546 in this example Or else users can alternatively enter the authorized station MAC Help it is to help users to understand the concept and correct operation 3 Click Station PIN Station MAC Note Users can alternatively input PIN from Enrollee Station or enter the authorized station MAC ...

Page 97: ...the wireless client s WPS utility eg Ralink Utility Set the Config Mode as Enrollee press the WPS button on the top bar select the AP eg Wlan ap 2 4g from the WPS AP List column Then press the PIN button located on the middle left of the page to run the scan ...

Page 98: ...s SSID and security settings will now be configured to match the SSID and security settings of the registrar You can check the message in the red ellipse with the security parameters you set here we all use the default ...

Page 99: ...95 Configure AP as Enrollee Add Registrar with PIN Method 1 Set AP to Unconfigured Mode ...

Page 100: ...ty eg Ralink Utility Set the Config Mode as Registrar Enter the PIN number 10864111 device for example in the PIN Code column then choose the correct AP eg wlan ap 2 4g from the WPS AP List section before pressing the PIN button to run the scan ...

Page 101: ...router s AP s SSID and security setting will now be configured to match the SSID and security setting of the registrar 4 Do Web Page refresh after ER complete AP Configuration to check the new parameters setting ...

Page 102: ...ess the wireless network Deny deny the hosts with the following listed MACs to access the wireless network Click Add to add the MACs MAC Address enter the MAC address es The format of MAC address could be xx xx xx xx xx xx or xx xx xx xx xx xx Click Apply to apply your settings and the item will be listed below If you don t need a rule check the remove checkbox and press Remove to delete it ...

Page 103: ...ridges Wireless Bridge the gateway communicates with other WDS devices only In this mode the gateway doesn t communicate with client devices If your wireless network includes repeaters that use WDS the gateway in wireless bridge mode will also communicate with your repeaters The gateway in wireless bridge mode will not communicate with a repeater that uses a proprietary non WDS mode Bridge Restric...

Page 104: ...emote bridge MAC addresses Disable Does not restrict the gateway communicating with bridges that have their MAC address listed but it is still open to communicate with all bridges that are in the same network Click Apply to apply your settings ...

Page 105: ...lect bandwidth The higher the bandwidth the better the performance will be Control Sideband only available for 40MHz It allows you to select upper sideband or lower sideband Sideband refers to the frequency band either above upper sideband or below lower sideband the carrier frequency within which fall the spectral components produced by modulation of a carrier wave 802 11n Rate This allows you to...

Page 106: ...disable the RTS DTIM Interval Delivery Traffic Indication Message DTIM The entry range is a value between 1 and 255 A DTIM is countdown variable that informs clients of the next window for listening to broadcast and multicast messages When the AP has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM interval value AP clients hear the beacons and awa...

Page 107: ...ated List all the stations that are associated with the Access Point If a station is idle for too long it is removed from this list Authorized List those devices with authorized access SSID Show the current SSID of the client Interface To show which interface the wireless client is connected to Refresh To get the latest information ...

Page 108: ...timeslot user can turn to Time Schedule Time Schedule Set when the SSID works If user wants the SSID works all the time please select Always On if not please set or select the exact time your want the SSID works Here user can set two separate intervals For example user wants the SSID wlan ap 2 4g to work on weekdays except for Wednesday under this circumstance user can set as shown below 7800DX L ...

Page 109: ...L uses to radio band 2 4GHz and 5GHz simultaneously to run wireless connection for users Wl1 operating on 5GHz has sub items as Basic Security MAC Filter Wireless Bridge Advanced Station Info and Schedule Control here See Wireless 2 4G wl0 ...

Page 110: ...ork systems WAN Service Two WAN interfaces are provided for WAN connection DSL and Ethernet Click Add to add new WAN connections DSL In DSL mode there are two transfer modes for you to configure for WAN connection namely ATM and PTM configuration of PTM mode is similar as ATM mode here take ATM mode WAN configuration for example Layer2 Interface 2 transfer mode ATM or PTM ...

Page 111: ...es user can define this Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single I...

Page 112: ...rete time interval for dial on demand IPv6 for this service Enable to use IPv6 service IPv6 Address Select whether to set static IPv6 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface PPPoE ...

Page 113: ...econdary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 Obtain IPv6 DNS info from a WAN interface WAN Interface selected Select one configured IPv6 WAN connection from the me...

Page 114: ...110 If you don t need a service select the item you want to remove check the checkbox then press Remove Press Edit button to re edit this service settings ...

Page 115: ...onfigure WAN Service if it is OK you can access the internet You can go to Status WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address IPv4 or IPv6 ...

Page 116: ...enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Note In this connectio...

Page 117: ...empt to send through the interface IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from Clients and set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication MLD Multicast Proxy check whether to enable this function MLD Multicast Listener D...

Page 118: ...lly input the information according to your ISP Obtain an IP address automatically Check whether to enable this function Option 60 Vendor ID Enter the associated information by your ISP This option is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client The information is a string of n octets interpreted by servers Vendors may choose to define specific ven...

Page 119: ...rnal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast IGMP Internet G...

Page 120: ... enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped ext...

Page 121: ...ion commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 ...

Page 122: ...ly use 802 1P Priority The parameter indicates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 ...

Page 123: ...nd a packet with source IP address X and source port P to the internal host only if the internal host had previously sent a packet to IP address X and port P IPv4 Address Select whether to set static IPv4 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address get from the ISP Dial on demand It is a parameter to let users to dial for connect...

Page 124: ...econdary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 Obtain IPv6 DNS info from a WAN interface WAN Interface selected Select one configured IPv6 WAN connection from the me...

Page 125: ...dit button to re edit this service settings Here the corresponding WAN Service have been configured if it is OK you can access the internet You can go to Status WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address IPv4 or IPv6 The device summary information ...

Page 126: ...ndor type and configuration of a DHCP client The information is a string of n octets interpreted by servers Vendors may choose to define specific vendor class identifiers to convey particular configuration or other identification information about a client Option 61 ClientID Enter the associated information provided by your ISP Option 125 Option 125 is a complementary standard of DHCP protocol it ...

Page 127: ...host can send a packet to the internal host by sending a packet to the mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast IGMP Internet Group Membership Protocol is a protocol used by IP hosts to report their multicast group memberships to...

Page 128: ...cates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 ...

Page 129: ...Select 3G LTE to configure the route to enjoy the mobility By default the 3G LTE interface is on user can edit the parameters to meet your own requirements Click Edit button to enter the 3G LTE configuration page ...

Page 130: ...CHAP or MSCHAP PIN PIN stands for Personal Identification Number A PIN code is a numeric value used in certain systems as a password to gain access and authenticate In mobile phones a PIN code locks the SIM card until you enter the correct code If you enter the PIN code incorrectly into the phone 3 times in a row then the SIM card will be blocked and you will require a PUK code from your network s...

Page 131: ...Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Click Apply to confirm the settings Here you can configure WAN Service if it is OK you can access the internet You can go to Status WAN or Summary to vie...

Page 132: ...connection Bitswap Enable Allows bitswaping function SRA Enable Allows seamless rate adaptation PhyR A new technology to control impulse and noise to improve the BER and DSL data quality Click Apply to confirm the settings Click to future configure DSL Select the Test Mode or leave it as default Tone Selection This should be left as default or be configured by an advanced user The frequency band o...

Page 133: ...a measure used in science and engineering that compares the level of a desired signal to the level of background noise It is defined as the ratio of signal power to the noise power SNR Change the value to adjust the DSL link rate more suitable for an advanced user ...

Page 134: ...ther than those in the drop down list simply enter its IP address in their appropriate blanks provided as shown above Your ISP may also provide an SNTP server for you to use Choose your local time zone from the drop down menu After a successful connection to the Internet the router will retrieve the correct local time from the NTP server you have specified If you prefer to specify an NTP server ot...

Page 135: ...pgrading Your router s firmware is the software that allows it to operate and provides all its functionality Think of your router as a dedicated computer and the firmware as the software it runs Over time this software may be improved and revised and your router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse will allow you to select the new firmwar...

Page 136: ...s It is advisable to backup your router s settings before making any significant changes to your router s configuration Click Backup Settings a window appears click save then browse the location where you want to save the backup file Click Browse and browse to the location where your backup file is saved the click Open Then in the above page click Update Settings the following process indicating s...

Page 137: ... username and password are admin and admin respectively Remote username for the remote user to login corresponding default username and password are support and support respectively Local username for the general user when logon to the web page only lit items would be listed for common user corresponding default username password are user and user respectively Username the default username for eac...

Page 138: ...ent to your specified E mail Apply all settings to check whether you want to have a copy of the settings to apply to other WAN port suppose the above Main port is DSL then if you enable this function then Ethernet port will have the same configuration SMTP Server Enter the SMTP server that you would like to use for sending emails Username Enter the username of your email account to be used by the ...

Page 139: ...ormation clients subscribe The BiPAC 7800DX L offers SMS alert sending clients alert messages when a WAN IP change is detected Recipient s Number WAN IP Change Alert Enter the Recipient s number that will receive the alert message once a WAN IP change has been detected ...

Page 140: ...at the chosen level and above For instance if you set the log level to Critical all critical alert and emergency events are logged but none of the others are recorded Display Level Display the log according to the level you set when you view system log Once you set the display level the logs of the same or higher priority will be displayed Mode Select the mode the system log adopted Three modes lo...

Page 141: ...ume the used and the remaining capacity of the device Volume Name Display the storage volume name FileSystem Display the storage device s file system format well known is FAT Total Space Display the total space of the storage with unit MB Used Space Display the remaining space of each partition unit MB Unmount Click Unmount button if you want to uninstall the USB device Please Note that first clic...

Page 142: ...efault user admin Click Add button enter the user account adding page Username user defined name but simpler and more convenient to remember would be favorable Password Set the password Confirm Password Reset the password for confirmation Volume Name Select Volume name as to create access to the volume of the specified partition of the storage For example a user test is setup behind the usb1_1 ...

Page 143: ...139 Accessing mechanism of Storage In your computer Click Start Run enter 192 168 1 254 ...

Page 144: ...the User Accounts section When first logged on to the network folder you will see the public folder Public The public sharing space for each user in the USB Storage When user register a USB account and log successfully a private folder the same name as the user account registered exclusive for each user is established Go on to see the details ...

Page 145: ...141 Access the folder public ...

Page 146: ...142 When successfully accessed the private folder of each user is established and user can see from the following picture The test fold in the picture is the private space for each user ...

Page 147: ... print server on the 7800DXL 3 Install the printer drivers on the PC you want to print from On board Print Server Check Enable to activate the print server Printer Name Enter the Printer name for example OfficePrinter Make and Model Enter in the Make and Model information for the printer for example Epson Stylus Photo R290 Note The Printer name can be any text string up to 40 characters It cannot ...

Page 148: ...144 Step 2 Click Add a Printer Step 3 Click Add a network wireless or Bluetooth printer ...

Page 149: ...elect a shared printer by name Enter http 7800DXL LAN IP 631 printers printer name or Make sure printer s name is the same as what you set in the 7800DXL earlier For Example http 192 168 1 254 631 printers OfficePrinter OfficePrinter is the Printer Name we setup earlier ...

Page 150: ...146 Step 6 Click Next to add the printer driver If your printer is not listed and your printer came with an installation disk click Have Disk find it and install the driver Step 7 Click Next ...

Page 151: ...147 Step 8 Click Next and you are done You will now be able to see your printer on the Devices and Printers Page ...

Page 152: ... the types of devices server renderer controller that DLNA supports and the mechanism for accessing media over a network Overall DLNA allows more convenience more choices and enjoyment of your digital content through DLNA certified devices Any DLNA certified devices or software can access the DLNA server With USB storage 7800DX L can serve as a DLNA server On board digital media server Enable to s...

Page 153: ...149 Take Windows media player in Windows 7 accessing the DLNA server for example for usage of DLNA ...

Page 154: ...to IPv6 6in4 uses tunneling to encapsulate IPv6 traffic over explicitly configured IPv4 links The 6in4 traffic is sent over the IPv4 Internet inside IPv4 packets whose IP headers have the IP Protocol number set to 41 This protocol number is specifically designated for IPv6 capsulation 6RD 6RD is a mechanism to facilitate IPv6 rapid deployment across IPv4 infrastructures of internet service provide...

Page 155: ...Common Bit Length Specify the length of IPv4 address carried in IPv6 prefix for example 0 means to carry all the 32 bits of IPv4 address while 8 carries 24 bits of the IPv4 address 6rd Prefix with Prefix Length Enter the 6rd prefix and prefix length you uniquely designate to 6rd by the ISP The 6rd prefix and prefix length are to replace the standard 6to4 prefix 2002 16 by an IPv6 prefix that belon...

Page 156: ...private IPv4 addresses for the LAN clients the same as a NAT device The subnet information is chosen by the customer identically to the NAT model However instead of performing the NAT itself the CPE encapsulates the IPv4 packet inside an IPv6 packet Click Add button to manually add the 4in6 rules Tunnel Name User defined tunnel name Mechanism It is the 4in6 tunnel operation technology Please selec...

Page 157: ...ck Add button to enter the exact rule setting page Filter Name A user defined rule name User can select simply from the list box for the application for quick setup IP Version Select the IP Version IPv4 or IPv6 Protocol Set the traffic type TCP UDP TCP UDP ICMP that the rule applies to Source IP address This is the Address Filter used to allow or block traffic to from particular IP address es feat...

Page 158: ... select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon in list table indicating the rule is inactive See Time Schedule Log check the check box to record the security log To check the log users can turn to Security Log Example For example if there is an outgoing rule set as follows then the 21 ...

Page 159: ...155 Rule inactive ...

Page 160: ...or block traffic to from particular IP address es featured in the IP range If you leave empty it means any IP address Source Port port or port port The port or port range defines traffic from the port specific application or port in the set port range blocked to go through the router Default is set port from range 1 65535 Destination IP address Traffic from LAN with the particular traffic destinat...

Page 161: ...e 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon in the list table indicating the rule is inactive See Time Schedule Log check the check box to record the security log To check the log users can turn to Security Log ...

Page 162: ...Change checkbox and then press Change Policy to change the settings to the interface For example from above the interface atm0 1 is of bridge mode and all the MAC layer frames will be forward but you can set some rules to let some item matched the rules to be blocked Click Add button to add the rules Protocol type Select from the drop down menu the protocol that applies to this rule Destination So...

Page 163: ...159 Blocking WAN PING This feature is enabled to let your router not respond to any ping command when someone others Ping your WAN IP ...

Page 164: ...ind out the MAC address of a window based PC go to command window and type ipconfig all Note The maximum entries configured 32 Click Add to add the rules Host Label User defined name MAC Address Enter the MAC address es you want to allow or block to access the router and LAN The format of MAC address could be xx xx xx xx xx xx or xx xx xx xx xx xx For convenience user can select from the list box ...

Page 165: ...re you can see that the user child_use with a MAC of 18 a9 05 04 12 23 is blocked to access the router from 00 00 to 23 59 Monday through Friday If you needn t this rule you can check the box press Remove it will be OK ...

Page 166: ...ly Domains Filtering This function checks the whole URL address but not the IP address against your list of domains to block or allow If it is matched the URL request will either be sent Trusted or dropped Forbidden Restrict URL Features Click Block Java Applet to filter web access with Java Applet components Click Block ActiveX to filter web access with ActiveX components Click Block Cookie to fi...

Page 167: ...side the item and press Edit Delete Click Return to be back to the previous page Domain Filtering Note Maximum number of entries 32 Click to add Domains Domain Filtering enter the domain you want this filter to apply Type select the action this filter deals with the Domain Forbidden Domain The domain is forbidden access Trusted Domain The domain is trusted and allowed access Enter a domain and sel...

Page 168: ...d excluded from the URL filtering rules in effect For specific process please refer to Keywords Filtering For example users can set IPv4 client 192 168 1 103 in your network as a exception address that is not limited to the rules set in URL filter or IPv4 clients a range And also an IPv6 client 2000 1211 1002 6ba4 d160 5adb 9009 87ae or IPv6 clients a range can be the exceptions from the URL rules...

Page 169: ...figure at the selected Provider www opendns com in advance To use parental control DNS user needs to configure to use parental control DNS provided by parental control provider to access internet at WAN configuration or DNS page See DNS Host Name Username and Password Enter your registered domain name and your username and password at the provider website www opendns com ...

Page 170: ...f the EWAN interface Click Apply to save the EWAN rate settings Click Add to enter QoS rules IP Version Select either IPv4 or IPv6 base on need Application Assign a name that identifies the new QoS application rule Select from the list box for quick setup Direction Shows the direction mode of the QoS application LAN to WAN You want to control the traffic from local network to the outside Upstream ...

Page 171: ...fferent packet loss priorities from high medium to low Also CS1 CS7 indicates the IP precedence Rate Type You can choose Limited or Prioritization Limited Maximum Specify a limited data rate for this policy It also is the maximum rate for this policy When you choose Limited type the Ratio proportion As above FTP server example you may want to throttle the outgoing FTP speed to 20 of 256K and limit...

Page 172: ... number on the remote WAN side Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an ...

Page 173: ...Give outgoing VoIP traffic more priority The default queue priority is normal so if you have VoIP users in your local network you can set a higher priority to the outgoing VoIP traffic 2 Give regular web http access a limited rate ...

Page 174: ...rnet access for other users within your network you can then use QoS to set a rule that has low priority In this way P2P application will not congest the data transmission with other applications Other applications like FTP Mail access users can use QoS to control based on need ...

Page 175: ...thernet interface When Shaping Rate is set to 1 no shaping will be in place and the Burst Size is to be ignored Interface P1 P4 P4 used as EWAN also covered Type All LAN when P4 is LAN port P4 used as EWAN type WAN and all others LAN QoS Shaping Rate Kbps Set the forcefully maximum rate Burst Size Bytes Set the forcefully Burst Size ...

Page 176: ...on Select Allow to grant access to the listed IP or IPs to Virtual Server and DMZ Host While choose Block to ban the listed IP or IPs to access the Virtual Server and DMZ Host Apply Press Apply button to apply the change Exceptional Rule Range Valid Check the box to enable or disable the IP range IP Address Range Specify the IP address range IPv4 address range can be supported Click Add to add the...

Page 177: ...r to forward these incoming connection attempts using specific ports to the PC on your network running the application You will also need to use port forwarding if you want to host an online game server The reason for this is that when using NAT your publicly accessible IP address will be used by and point to your router which then needs to deliver all traffic to the private IP addresses used by y...

Page 178: ...ess to internal network End Enter a port number as the external ending number for the range you want to give access to internal network Internal Port Start Enter a port number as the internal staring number End Here it will generate automatically according to the End port number of External port and can t be modified Protocol select the protocol this service used TCP UDP TCP UDP Time Schedule Sele...

Page 179: ...nu then the port will automatically appear modify some as you like or you can just leave it as default Remember to enter your server IP Address 2 Press Apply to conform and the items will be list in the Virtual Servers Setup table Means the rule is inactive ...

Page 180: ...176 Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove then press Remove it will be OK ...

Page 181: ...lick Add to add a port triggering rule Interface Select from the drop down menu the interface you want the port triggering rules apply to Application Preinstalled applications or Custom Application user can customize the utility yourself Custom Application It is a kind of service to let users themselves customizes the service they want Enter the user defined service name here Trigger Port Start En...

Page 182: ...an outgoing connection on port 4099 to the Aim Talk server but when the computer is behind the NAT the NAT silently drops this connection because it does not know which computer behind the NAT to send the request to connect So in this case port triggering in the router is working when an outbound connection is attempted on port 4099 or any port in the range set it should allow inbound connections ...

Page 183: ...179 Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove and then press Remove ...

Page 184: ...ng port mapping does have security implications since outside users are able to connect to PCs on your network For this reason you are advised to use specific Virtual Server entries just for the ports your application requires instead of simply using DMZ or creating a Virtual Server entry for All protocols as doing so results in all connection attempts to your public IP address accessing the speci...

Page 185: ...is circumstance it can be reached through the WAN IP of interface set in the field above Internal Address The IP address of an internal device in the LAN For example you have an ADSL connection of pppoe_0_8_35 ppp0 1 interface with three fixed global IP and you then can assign the other two global IPs to two internal devices respectively If you have a WEB server IP address 192 168 1 3 and a FTP se...

Page 186: ...182 ALG The ALG Controls enable or disable protocols over application layer ...

Page 187: ...hedule Enable to wake up your set device at some specific time For instance user can set to get some device woken up at 8 00 every weekday Click Schedule to enter time schedule configuring page to set the exact timeline Add After selecting click Add then you can submit the Wake up action Edit Delete Click to edit or delete the selected MAC address Ready Yes indicating the remote computer is ready ...

Page 188: ...session IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session IPsec is an end to end security scheme operating in the Internet Layer of the Internet Protocol Suite It can be used in protecting data flows between a pair of security gateways network to network or between ...

Page 189: ...een a security gateway and a host network to host Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network IP Address The local network address Netmask The local network netmask Remote Secure Gateway The IP address of the remote VPN device that is connected and establishes a VPN tunnel Anonymous Enable any IP to connect in Remot...

Page 190: ...smit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 However it is slower MD5 A one way hashing algorithm that produces a 128 bit hash SHA1 A one way hashing algorithm that produces a 160 bit hash DH Group It is a public key cryptography protocol that allows two parties to establish a shared secret over an unsecured com...

Page 191: ...when the connection between the router and a remote IPSec peer has lost Please be noted it must be enabled on the both sites Detection Interval The period cycle for dead peer detection The interval can be 180 86400 seconds Idle Timeout Auto disconnect the IPSec connection after trying several consecutive times Ping This mode will detect whether the remote IPSec peer has lost or not by pinging spec...

Page 192: ...Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards you can use 128 192 or 256 bits as encryption method Integrity Algorithm Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more res...

Page 193: ...for IPSec connection Local Network Subnet Select Subnet IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head Office network 3 Secure Gateway Address Hostanme 69 121 1 30 IP address of the Branch office router on WAN side Remote Network Subnet Select Subnet IP Address 192 168 0 0 4 Netmask 255 255 255 0 Branch office network Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Secur...

Page 194: ...190 ...

Page 195: ...P Address 192 168 0 0 2 Netmask 255 255 255 0 Branch Office network 3 Remote Secure Gateway Address Hostanme 69 121 1 3 IP address of the Head office router on WAN side Remote Network Subnet Select Subnet IP Address 192 168 1 0 4 Netmask 255 255 255 0 Head office network Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Security MODP 1024 group2 5 Pre shared Key 123456 Security...

Page 196: ...ame for IPSec connection Local Network Subnet Select Subnet IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head Office network 3 Remote Secure Gateway Hostanme 69 121 1 30 IP address of the Branch office router on WAN side Remote Network 4 Single Address 69 121 1 30 Host Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Security MODP 1024 group2 5 Pre shared Key 123456 Security...

Page 197: ...193 ...

Page 198: ... PPTP L2TP server is waiting for the client to connect to this account Username Please input the username for this account Password Please input the password for this account Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Peer Network IP Please input the subnet IP for remote network Peer Netmask Please input the Netmask for remote network ...

Page 199: ... deactivate PPTP Server function WAN Interface Select the exact WAN interface configured for the tunnel Select Default to use the now working WAN interface for the tunnel Auth Type The authentication type Pap or Chap PaP Chap and MS CHAPv2 When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure t...

Page 200: ...uthentication Protocol if you know which type the server is using when acting as a client or else the authentication type you want clients connecting to you to use when acting as a server When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client PPTP Ser...

Page 201: ...197 Note inside test with 172 16 1 208 just an example for illustration Server Side 1 Configuration VPN PPTP and Enable the PPTP function Click Apply 2 Create a PPTP Account test Client Side ...

Page 202: ...198 1 In Windows7 click Start Control Panel Network and Sharing Center Click Set up a new connection network ...

Page 203: ...199 2 Click Connect to a workplace and press Next 3 Select Use my Internet connection VPN and press Next 4 Input Internet address and Destination name for this connection and press Next ...

Page 204: ...200 5 Input the account user name and password and press Create ...

Page 205: ...201 6 Connect to the server ...

Page 206: ...202 7 Successfully connected ...

Page 207: ...o go to Network Connections shown below to check the detail of the connection Right click test icon and select Properties to change the security parameters if the connection fails users can go here to change the settings ...

Page 208: ...204 ...

Page 209: ... connect two private networks over the Internet The routers are installed in the head office and branch offices accordingly Server side Head Office The above is the common setting for PPTP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side ...

Page 210: ...rver and can also set the tunnel as the default route for all outgoing traffic Note users can see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop ...

Page 211: ...2TP Server settings L2TP Select Enable to activate L2TP Server Disable to deactivate L2TP Server WAN Interface Select the exact WAN interface configured as source for the tunnel Select different interfaces you will decide whether to use L2TP over IPSec or the pure L2TP L2TP over IPSec Select Default or IPSec Tunnel only when there is IPSec for L2TP rule in place Pure L2TP Select Default there is n...

Page 212: ... tunnel authentication Remote Host Name Enter the remote host name of peer featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Click Apply to submit your L2TP Server basic settings ...

Page 213: ...er the username provided by your L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using When using PAP the password is sent unenc...

Page 214: ...icate through pure L2TP server Username Enter the username provided by your L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is usin...

Page 215: ...assword in the server side Remote Host Name Enter the remote host name featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Click Add button to save your changes ...

Page 216: ...L2TP over IPSec Remote Access with Windows7 Note inside test with 172 16 1 185 just an example for illustration Server Side 1 Configuration VPN L2TP and Enable the L2TP function Click Apply The IPSec for L2TP rule ...

Page 217: ...213 2 Create a L2TP Account test1 Client Side 1 In Windows7 click Start Control Panel Network and Sharing Center Click Set up a new connection network ...

Page 218: ...214 2 Click Connect to a workplace and press Next 3 Select Use my Internet connection VPN and press Next ...

Page 219: ...215 4 Input Internet address and Destination name for this connection and press Next ...

Page 220: ...216 5 Input the account user name and password and press Create ...

Page 221: ...217 6 Connection created Press Close 7 Go to Network Connections shown below to check the detail of the connection Right click L2TP_IPSec icon and select Properties to change the security parameters ...

Page 222: ...218 8 Chang the type of VPN to Layer 2 Tunneling Protocol with IPSec L2TP IPSec and Click Advanced Settings to set the pre shared set in IPSec key for authentication ...

Page 223: ...219 9 Go to Network connections enter username and password to connect L2TP_IPSec and check the connection status ...

Page 224: ...blishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the LAN LAN application Server side Head Office ...

Page 225: ...e above is the commonly setting for L2TP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side Then account the L2TP Account ...

Page 226: ...n also set the tunnel as the default route for all outgoing traffic Note users can see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop ...

Page 227: ...l IP Please input the virtual destination IP for tunnel Remote Gateway IP Set the destination IP for the tunnel Remote Network Select the peer topology Single address client or Subnet IP Address Set the IP address if the peer is a client If the peer is a subnet please enter the IP and netmask Enable Keepalive Normally the tunnel interface is always up Enable keepalive to determine when the tunnel ...

Page 228: ...224 Advanced Setup There are sub items within the System section Routing DNS Static ARP UPnP Certificate Multicast Management and Diagnostics ...

Page 229: ... ones you have set in WAN section here select the one you want to be the default gateway by moving the interface via or And select a Default IPv6 Gateway from the drop down menu Note Only one default gateway interface will be used according to the priority with the first being the highest and the last one the lowest priority if the WAN interface is connected ...

Page 230: ...ther mode of presenting submask One IPv4 address 192 168 1 0 24 submask is 255 255 255 0 While in IPv6 IPv6 address composes of two parts thus the prefix and the interface ID the prefix is like the net ID in IPv4 and the interface ID is like the host ID in IPv4 The prefix length is to identify the net ID in the address One IPv6 address 3FFE FFFF 0 CD30 0 0 0 0 64 the prefix is 3FFE FFFF 0 CD3 Inte...

Page 231: ...227 In listing table you can remove the one you don t want by checking the checking box and press Remove button ...

Page 232: ...defined name Physical LAN Port Select the LAN port Source IP Enter the Host Source IP Interface Select the WAN interface which you want the Source IP to access outside through Default Gateway Enter the default gateway which you want the Source IP to access outside through Click Apply to apply your settings And the item will be listed in the policy Routing listing table Here if you want to remove t...

Page 233: ...assive only receive the routing information broadcasted by other routers and modifies its routing table according to the received information Active working in this mode the router sends and receives RIP routing information and modifies routing table according to the received information Enable check the checkbox to enable RIP rule for the interface Note RIP can t be configured on the WAN interfac...

Page 234: ...se the IP address provided by Parental Control Provider If user registers and gets an DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 IPv6 DNS Server s operation is similar to IPv4 DNS server There are two modes to get DNS server address Auto ...

Page 235: ...231 Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv6 DNS Server address ...

Page 236: ...ddress is the WAN IP address of the router which is assigned to you by your ISP Here users can register different WAN interfaces with different DNS es Click Add to register a WAN interface with the exact DNS You will first need to register and establish an account with the Dynamic DNS provider using their website for example http www dyndns org Dynamic DNS Server Select the DDNS service you have e...

Page 237: ...xamples Note first users have to go to the Dynamic DNS registration service provider to register an account User test register two Dynamic Domain Names in DDNS provider http www dyndns org 1 pppoe_0_8_35 with DDNS www hometest com using username password test test ...

Page 238: ...234 2 ipoe_eth0 with DDNS www hometest1 com using username password test test ...

Page 239: ...y to connect to the DNS Server in public to correctly resolve Domain name to access the internet DNS Proxy Select whether to enable or disable DNS Proxy function default is enabled Host name of the Broadband Router Enter the host name of the router Default is home gateway Domain name of the LAN network Enter the domain name of the LAN network home gateway ...

Page 240: ...me In LAN you can map a PC to a domain name for convenient access Or you can set some well known Internet IP mapping item so your router will response quickly for your DNS query instead of querying from the ISP s DNS server Host Name Type the domain name host name for the specific IP IP Address Type the IP address bound to the set host name above Click Add to save your settings ...

Page 241: ...resses And Static ARP here allows user to map manually the layer 3 MAC Media Access Control address to the layer 2 IP address of the device IP Address Enter the IP of the device that the corresponding MAC address will be mapped to MAC Address Enter the MAC address that corresponds to the IP address of the device Click Add to confirm the settings ...

Page 242: ...ired settings removing the need for the user to control advanced configuration of their device Both the user s Operating System and the relevant application must support UPnP in addition to the router Windows XP and Windows Me natively support UPnP when the component is installed and Windows 98 users may install the Internet Connection Sharing client from Windows XP in order to support UPnP Window...

Page 243: ...ouble click Add Remove Programs Step 2 Click on the Windows Setup tab and select Communication in the Components selection box Click Details Step 3 In the Communications window select the Universal Plug and Play check box in the Components selection box Step 4 Click OK to go back to the Add Remove Programs Properties window Click Next ...

Page 244: ... and Control Panel Step 2 Double click Network Connections Step 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components The Windows Optional Networking Components Wizard window displays Step 4 Select Networking Service in the Components selection box and click Details ...

Page 245: ...lick OK to go back to the Windows Optional Networking Component Wizard window and click Next Auto discover Your UPnP enabled Network Device Step 1 Click start and Control Panel Double click Network Connections An icon displays under Internet Gateway Step 2 Right click the icon and select Properties ...

Page 246: ...lick Settings to see the port mappings that were automatically created Step 4 You may edit or delete the port mappings or click Add to manually add port mappings Step 5 Select Show icon in notification area when connected option and click OK An icon displays ...

Page 247: ...243 in the system tray Step 6 Double click on the icon to display your current Internet connection status ...

Page 248: ...Step 1 Click Start and then Control Panel Step 2 Double click Network Connections Step 3 Select My Network Places under Other Places Step 4 An icon describing each UPnP enabled device shows under Local Network Step 5 Right click on the icon of your BiPAC 7800DX L and select Invoke The web configuration login screen displays Step 6 Right click on the icon of your BiPAC 7800DX L and select Propertie...

Page 249: ...sted CA Certificate Name The certificate identification name Subject The certificate subject Type The certificate type information ca indicates that the certificate is a CA signed certificate self indicates that the certificate is a certificate owner signed one x 509 indicates the certificate is the one created and signed according to the definition of Public Key System suggested by x 509 Action V...

Page 250: ...246 Click Import Certificate button to import your certificate Enter the certificate name and insert the certificate ...

Page 251: ...247 Click Apply to confirm your settings ...

Page 252: ...three versions for IGMP that is IGMPv1 IGMPv2 and IGMPv3 MLD short for Multicast Listener Discovery protocol is a component if the Internet Protocol version 6 IPv6 suite MLD is used by IPv6 to discover multicast listeners on a directly attached link much as IGMP used in IPv4 The protocol is embedded in ICMPv6 instead of using a separate protocol MLDv1 is similar to IGMPv2 and MLDv2 is similar to I...

Page 253: ... Startup Query Interval has been set to 1 4 of the General Query value to enable the faster join at startup MLD Default Version Enter the supported MLD version 1 2 default is MLDv2 Query Interval Enter the periodic query interval time sec the multicast router sending the query message to hosts to understand the group membership information Query Response Interval Enter the response interval time s...

Page 254: ...IB accordingly and then generates Response message to send it to the manager Also agent will send Trap message to the manager when agent finds some exceptions Trap message is the message automatically sent by the managed device without request to the manager about the emergency events SNMP Agent enable or disable SNMP Agent Read Community Type the Get Community which is the authentication for the ...

Page 255: ...e Auto Configuration Servers ACS and establish the configuration automatically and let ACS configure CPE automatically Inform select enable to let CPE be authorized to send Inform message to automatically connect to ACS Inform Interval Specify the inform interval time sec which CPE used to periodically send inform message to automatically connect to ACS When the inform interval time arrives the CP...

Page 256: ...252 GetRPCMethods Supported by both CPE and ACS display the supported RFC listing methods Click Apply to apply your settings ...

Page 257: ...ss Click Apply button to submit your settings Allowed Access IP Address Range was used to restrict which IP address could login to access system web GUI Valid Enable Disable Allowed Access IP Address Range IP Address Range Specify the IP address Range IPv4 and IPv6 address range can be supported users can set IPv4 and IPv6 address range individually Click Add to add an IP Range to allow remote acc...

Page 258: ...agement is a feature of some electrical appliances especially computers that turn off the power or switch to a low power state when inactive Five main parameters are listed for users to check to manage the performance of the router ...

Page 259: ...nternet by users or applications This Time Schedule correlates closely with router s time since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Refer to Internet Time for details You router time should synchronize with NTP server For example user can add a timeslot named timeslot1 features a...

Page 260: ...he current configuration of router for users in line with scheduled timetable settings Enable to set the time schedule for rebooting For example the router is scheduled to reboot at 22 00 every single weekday and to reboot at 9 00 on Saturday and Sunday You can set as follows ...

Page 261: ...ct or set the source address to test the connectivity from the source to the destination Ping Test Press this button to proceed ping test Trace route Test to trace the route to see how many hops also see the exact hops the packet of data has to take to get to the destination Destination Host Set the destination host IP domain name to be traced Source Address Select or set the source address to tra...

Page 262: ...258 Example Ping www google com ...

Page 263: ...259 Example trace www google com ...

Page 264: ... E mail Enter the destination mail address The email is used to receive system log system configuration security log sent by the device when the Push Now button is pressed information sent only when pressing the button but the mail address is not remembered Note Please first set correct the SMTP server parameters in Mail Alert ...

Page 265: ...stics Check the connections including Ethernet connection Internet Connection and wireless connection Click Help link that can lead you to the interpretation of the results and the possible simply troubleshooting ...

Page 266: ...ames through the relay function drops all CFM frames of its level or lower that come from the wire side Link Trace Link Trace messages otherwise known as Mac Trace Route are Multicast frames that a MEP transmits to track the path hop by hop to a destination MEP which is similar in concept to User Datagram Protocol UDP Trace Route Each receiving MEP sends a Trace route Reply directly to the Origina...

Page 267: ...If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings Or you just want to restart after the current setting the select the Current Settings and Click Restart ...

Page 268: ...admin If this fails you can restore your router to its factory settings by pressing the reset button on the device rear side Problems with WAN interface Problem Suggested Action Frequent loss of ADSL line sync disconnections Ensure that all other devices connected to the same telephone line as your router e g telephones fax machines analogue modems have a line filter connected between them and the...

Page 269: ... should be on for the port that has a PC connected If it does not lit check to see if the cable between your router and the PC is properly connected Make sure you have first uninstalled your firewall program before troubleshooting Verify that the IP address and the subnet mask are consistent for both the router and the workstations ...

Page 270: ...act the dealer from where you purchased your product Contact Billion Worldwide http www billion com MAC OS is a registered Trademark of Apple Computer Inc Windows 7 98 Windows NT Windows 2000 Windows Me Windows XP and Windows Vista are registered Trademarks of Microsoft Corporation ...