Hitron CGNM, User Manual

Page 1: ...CGNM 2250 D3 WiFi Gateway User s Guide Version 1 0 2014 ...

Page 2: ...250 Overview on page 13 to see an overview of the topics covered in this manual Use the Table of Contents page 5 List of Figures page 9 and List of Tables page 11 to quickly find information about a particular GUI screen or topic Use the Index page 119 to find information on a specific keyword Use the rest of this User s Guide to see in depth descriptions of the CGNM 2250 s features Related Docume...

Page 3: ...d paragraphs are used to list items and to indicate options 1 Numbered paragraphs indicate procedural steps NOTE Notes provide additional information on a subject Warnings provide information about actions that could harm you or your device Product labels field labels field choices etc are in bold type For example A mouse click in the Graphical User Interface GUI is denoted by a right angle bracke...

Page 4: ...n into the CGNM 2250 on page 22 Copyright 2014 Hitron Technologies All rights reserved All trademarks and registered trademarks used are the properties of their respective owners DISCLAIMER The information in this User s Guide is accurate at the time of writing This User s Guide is provided as is without express or implied warranty of any kind Neither Hitron Technologies nor its agents assume any ...

Page 5: ...y Features 14 1 2 Hardware Connections 14 1 3 LEDs 17 1 4 IP Address Setup 21 1 4 1 Manual IP Address Setup 21 1 5 Login into the CGNM 2250 22 1 6 GUI Overview 23 1 7 Factory Default Resetting the CGNM 2250 24 Setup Wizard 26 2 1 Setup Wizard Overview 26 2 2 The Setup Wizard Screen 26 2 3 The Welcome Screen 27 2 4 The Setting Password Screen 28 2 5 The Wireless Settings Screen 29 2 6 The Summary S...

Page 6: ... TDMA FDMA and SCDMA 38 3 2 The Overview Screen 39 3 3 The System Information Screen 44 3 4 The DOCSIS Provisioning Screen 46 3 5 The DOCSIS WAN Screen 47 3 6 The DOCSIS Event Screen 49 3 7 The Wireless Screen 51 Basic 54 4 1 Basic Overview 54 4 1 1 WAN and LAN 54 4 1 2 LAN IP Addresses and Subnets 55 4 1 3 DNS and Domain Suffix 55 4 1 4 Debugging Ping and Traceroute 55 4 1 5 Port Forwarding 56 4 ...

Page 7: ...1 WPS 73 5 1 6 WMM 74 5 2 The Basic Settings Screen 74 5 2 1 2 4G Settings 75 5 2 2 5G Settings 78 5 2 3 WPS 82 5 3 The Access Control Screen 84 5 3 1 Adding or Editing a Managed Device 86 Admin 87 6 1 Admin Overview 87 6 1 1 Debugging Ping and Traceroute 87 6 2 The Management Screen 88 6 3 The Remote Management Screen 89 6 4 The Diagnostics Screen 91 6 5 The Backup Screen 92 6 6 The USB Storage S...

Page 8: ...ervice Filter Screen 99 7 3 1 Adding or Editing a Service Filter Rule 101 7 3 2 Adding or Editing a Trust PC List 103 7 4 The Device Filter Screen 104 7 4 1 Adding or Editing a Managed Device 106 7 5 The Keyword Filter Screen 108 7 5 1 Adding or Editing a Trust PC List 110 Advanced 112 8 1 The Switch Setup Screen 112 8 2 The DDNS Screen 113 Troubleshooting 115 Index 119 ...

Page 9: ...ion Screen 45 Figure 15 The Status DOCSIS Provisioning Status Screen 46 Figure 16 The Status DOCSIS WAN Screen 47 Figure 17 The Status DOCSIS Event Screen 50 Figure 18 The Status Wireless Screen 51 Figure 19 Wireless Client List 53 Figure 20 The Basic LAN Setup Screen 57 Figure 21 The Basic Gateway Function Screen 59 Figure 22 The Basic Port Forwarding Screen 60 Figure 23 The Basic Port Forwarding...

Page 10: ...min Device Reset Screen 94 Figure 40 The Security Firewall Screen 97 Figure 41 The Security Service Filter Screen 99 Figure 42 The Security Service Filter Add Edit Screen 101 Figure 43 Additional Service Filtering Options 102 Figure 44 The Security Service Filter Trust PC List Add Edit Screen 103 Figure 45 The Security Device Filter Screen 105 Figure 46 The Security Device Filter Add Edit Screen 1...

Page 11: ...SIS Event Screen 50 Table 15 The Status Wireless Status Screen 52 Table 16 The Basic LAN Setup Screen 57 Table 17 The Basic Gateway Function Screen 59 Table 18 The Basic Port Forwarding Screen 60 Table 19 The Basic Port Forwarding Add Edit Screen 62 Table 20 The Basic Port Triggering Screen 64 Table 21 The Basic Port Triggering Add Edit Screen 66 Table 22 The Basic DMZ Screen 68 Table 23 The Basic...

Page 12: ...le 36 The Security Service Filter Screen 99 Table 37 The Security Service Filter Add Edit Screen 101 Table 38 The Security Service Filter Add Edit Trust Manage Device Screen 103 Table 39 The Security Device Filter Screen 105 Table 40 The Security Device Filter Add Edit Screen 107 Table 41 The Security Keyword Filter Screen 109 Table 42 The Security Keyword Filter Add Edit Trust Manage Device Scree...

Page 13: ...d its GUI Graphical User Interface 1 1 CGNM 2250 Overview Your CGNM 2250 is a NAT capable cable modem and wireless access point that allows you to connect your computers wireless devices and other network devices to one another and to the Internet via the cable connection The CGNM 2250 must be placed vertically on its stand should not be positioned in either wall mount or horizontal Figure 1 Appli...

Page 14: ...ports Dynamic Host Configuration Protocol DHCP for devices on the LAN LAN troubleshooting tools Ping and Traceroute IEEE 802 11a b g n ac concurrent dual band 2 4GHz and 5GHz wireless MIMO Multiple In Multiple Out networking allowing speeds of up to 450Mbps 1300Mbps PHY data rate Wireless security WEP WPA PSK and WPA2 PSK encryption WiFi Protected Setup WPS push button and PIN configuration MAC fi...

Page 15: ...INTRODUCTION Version 1 0 12 2014 Copyright 2012 Hitron Technologies 15 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 15 Hitron CGNM 2250 User s Guide Figure 2 Hardware Connections ...

Page 16: ...l network neighborhood The CGNM 2250 supports the following Windows file systems FAT16 FAT32 NTFS USB devices must not drain more than 500mA from the USB port USB devices requiring more than 500mA should be provided with their own power source s Reset Use this button to reboot or reset your CGNM 2250 Press the button and hold it for less than five seconds to reboot the CGNM 2250 The CGNM 2250 rest...

Page 17: ...ports to connect your computers and other network devices using Category 5 or 6 Ethernet cables with RJ45 connectors LAN2 LAN3 LAN4 CABLE Use this to connect to the Internet and coax network via an F type RF cable POWER Use this to connect to the 12v 2A power adapter that came with your CGNM 2250 NEVER use another power adapter with your CGNM 2250 Doing so could harm your CGNM 2250 Figure 3 Power ...

Page 18: ...12 Hitron Technologies 18 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 18 Hitron CGNM 2250 User s Guide Figure 4 LEDs Table 3 LEDs LED STATUS DESCRIPTION POWER Off The CGNM 2250 is not receiving power On The CGNM 2250 is receiving power ...

Page 19: ...pstream frequency on the CABLE connection Green steady The CGNM 2250 has successfully located and locked onto an upstream frequency on the CABLE connection Blue blinking The CGNM 2250 is ranging on the upstream frequency Blue steady Upstream frequency is locked or online with channel bonding Off There is no upstream activity on the CABLE connection STATUS Blinking The CGNM 2250 s cable modem is re...

Page 20: ...d no data is being transmitted or received over the 2 4GHz wireless network Green blinking The 2 4GHz wireless network is enabled and data is being transmitted or received over the 2 4GHz wireless network WIRELESS 5GHZ Off The 5GHz wireless network is not enabled Green steady The 5GHz wireless network is enabled and no data is being transmitted or received over the 5GHz wireless network Green blin...

Page 21: ...er the CGNM 2250 s DHCP server is not active or your computer is not configured correctly Follow the procedure in Manual IP Address Setup on page 21 and set your computer to get an IP address automatically Try to log in again If you cannot log in follow the manual IP address setup procedure again and set a specific IP address as shown Try to log in again NOTE If you still cannot see the login scre...

Page 22: ...roperties 5 You can get an IP address automatically or specify one manually If your CGNM 2250 s DHCP server is active select Get an IP address automatically If your CGNM 2250 s DHCP server is active select Use the following IP address In the IP address field enter a value between 192 168 0 2 and 192 168 0 254 default In the Subnet mask field enter 255 255 255 0 default NOTE If your CGNM 2250 is no...

Page 23: ...a a wired connection on the LAN 1 Open a browser window 2 Enter the CGNM 2250 s IP address default 192 168 0 1 in the URL bar The Login screen displays Figure 5 Login 3 Enter the Username and Password The default login username is cusadmin and the default password is password NOTE The Username and Password are case sensitive password is not the same as Password 4 Click Login The Overview screen di...

Page 24: ...r configured settings are lost and the CGNM 2250 is returned to its initial configuration state There are two ways to reset the CGNM 2250 Table 4 GUI Overview Primary Navigation Bar Use this section to move from one part of the GUI to another select the language and your login account Secondary Navigation Bar Use this section to move from one related screen to another Main Window Use this section ...

Page 25: ...on on the CGNM 2250 and hold it in for 5 seconds or longer Click Admin Device Reset In the screen that displays click the Factory Reset button After the operation the CGNM 2250 turns off and on again using its factory default settings NOTE Depending on your CGNM 2250 s previous configuration you may need to re configure your computer s IP settings see IP Address Setup on page 21 ...

Page 26: ...tains the following sections Setup Wizard Overview on page 26 The Setup Wizard Screen on page 26 The Welcome Screen on page 27 The Setting Password Screen on page 28 The Wireless Settings Screen on page 29 The Summary Screen on page 30 2 1 Setup Wizard Overview Your CGNM 2250 possess a setup wizard that allows you to rapidly configure its most important settings including password and wireless set...

Page 27: ...following screen displays The following table describes the labels in this screen Table 5 The Setup Wizard Screen Quick Wizard Click to customize the CGNM 2250 s password and common Wi Fi settings Manage LAN Click to manage the CGNM 2250 s firewall settings See The LAN Setup Screen on page 56 Manage Firewall Click to manage the CGNM 2250 s firewall settings See The Firewall Screen on page 96 Manag...

Page 28: ...e the CGNM 2250 s password settings Click Next in the Quick Wizard Welcome Screen The following screen displays NOTE It is strongly recommended that you change the CGNM 2250 s password from its factory default Figure 9 The Quick Wizard Setting Password Screen The following table describes the labels in this screen Table 6 The Setup Wizard Setting Password Screen Old Password Enter the password wit...

Page 29: ...tting Password screen The following screen displays Figure 10 The Quick Wizard Wireless Settings Screen New Password Enter and re enter the password you want to use to log into the CGNM 2250 for this account Confirm New Password Exit Click this to return the fields in this screen to their last saved values without saving your changes Prev Click this to return to the previous screen Next Click this...

Page 30: ...want to use for your CGNM 2250 s wireless network This is the name that identifies your network and to which wireless clients connect Security Type Use this field to apply security encryption to your wireless network Select Open to use no wireless security Anyone can join the network Select Encrypted to require people who want to access your wireless network to use a password Then enter the passwo...

Page 31: ...e Figure 11 The Setup Wizard Summary Screen If you are happy with the settings click Finish The following confirmation message displays Figure 12 The Setup Wizard Summary Screen NOTE If you changed the Primary SSID Name or Wireless Secure Key make sure you keep a note of the new details Alternatively click Prev to make further changes to the wizard s fields ...

Page 32: ... page 39 The System Information Screen on page 44 The DOCSIS Provisioning Screen on page 46 The DOCSIS WAN Screen on page 47 The DOCSIS Event Screen on page 49 The Wireless Screen on page 51 3 1 Status Overview This section describes some of the concepts related to the Status screens 3 1 1 DOCSIS The Data Over Cable Service Interface Specification DOCSIS is a telecommunications standard that defin...

Page 33: ...lue of 255 An IP address carries two basic pieces of information the network number the address of the network as a whole analogous to a street name and the host ID analogous to a house number which identifies the specific computer or other network device 3 1 2 2 IP Address Assignment IP addresses can come from three places The Internet Assigned Numbers Agency IANA Your Internet Service Provider Y...

Page 34: ...ll of the computers at one corporate local office for example while the main network includes several offices In order to define the extent of a subnet and to differentiate it from the main network a subnet mask is used This masks the part of the IP address that refers to the main network leaving the part of the IP address that refers to the sub network Each subnet mask has 32 bits binary digits a...

Page 35: ...ration Protocol or DHCP defines the process by which IP addresses can be assigned to computers and other networking devices automatically from another device on the network This device is known as a DHCP server and provides addresses to all the DHCP client devices In order to receive an IP address via DHCP a computer must first request one from the DHCP server this is a broadcast request meaning t...

Page 36: ... be changed although some devices are capable of MAC spoofing where they impersonate another device s MAC address MAC addresses are the most reliable way of identifying network devices since IP addresses tend to change over time whether manually altered or updated via DHCP Each MAC address displays as six groups of two hexadecimal digits separated by colons or occasionally dashes for example 00 AA...

Page 37: ...ting operations and traffic flows between the computers and the service provider Routing mode is not user configurable it is specified by the service provider in the CGNM 2250 s configuration file 3 1 7 Configuration Files The CGNM 2250 s configuration or config file is a document that the CGNM 2250 obtains automatically over the Internet from the service provider s server which specifies the sett...

Page 38: ...DOCSIS 3 are as follows QPSK Quadrature Phase Shift Keying QAM Quadrature Amplitude Modulation QAM TCM Trellis modulated Quadrature Amplitude Modulation In many cases a number precedes the modulation type for example 16 QAM This number refers to the complexity of modulation The higher the number the more data can be encoded in each symbol NOTE In modulated signals each distinct modulated character...

Page 39: ...DMA allows multiple users to share the same frequency channel by assigning a unique orthogonal code to each user 3 2 The Overview Screen Use this screen to see general information about your CGNM 2250 s hardware its software and its connection to the Internet NOTE Most of the information that displays in this screen is for troubleshooting purposes only However you may need to use the MAC Address i...

Page 40: ...STATUS Version 1 0 12 2014 Copyright 2012 Hitron Technologies 40 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 40 Hitron CGNM 2250 User s Guide Figure 13 The Status Overview Screen ...

Page 41: ...STATUS Version 1 0 12 2014 Copyright 2012 Hitron Technologies 41 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 41 Hitron CGNM 2250 User s Guide ...

Page 42: ...he DNS server IP used by the WAN side Wireless Overview SSID This displays the 2 4 GHz wireless network s Service Set Identifier This is the name of the wireless network to which wireless clients connect Broadcast SSID This field displays Enabled when the 2 4 GHz wireless network s SSID is being broadcast and displays Disabled when it is not Security Mode This displays the type of security the CGN...

Page 43: ...ed Weekdays This displays the days of the week on which this rule applies Trusted PC List Device Name This displays the name of the trust device connected IP Address This displays the IP address of the trust network device connected Status This displays whether or not the service filter rule is enabled to the trust device connected Device Filter Block Rules Status This displays the status of the d...

Page 44: ...tatus This displays Active when a Keyword Filter is Enabled Keyword Enter the keyword that you want to block The CGNM 2250 examines both the page s URL Internet address and its page content text Blocked Time Use these fields to specify the period during which the rule should be applied Enter the start time in the From fields using twenty four hour notation and enter the end time in the To fields B...

Page 45: ...e software that controls the CGNM 2250 Gateway Serial Number This displays a number that uniquely identifies the device HFC MAC Address This displays the Media Access Control MAC address of the CGNM 2250 s RF module This is the module that connects to the Internet through the Cable connection System Time This displays the current date and time Time Zone Use display the time zone when the ToD Funct...

Page 46: ...ccurred you can identify the stage at which the failure occurred Click Status DOCSIS Provisioning The following screen displays Figure 15 The Status DOCSIS Provisioning Status Screen For each step Process displays when the CGNM 2250 is attempting to complete a connection step Private LAN IP Address Use this field to define the IP address of the CGNM 2250 on the LAN LAN Receiving This displays the ...

Page 47: ...50 has completed a connection step 3 5 The DOCSIS WAN Screen Use this screen to discover information about The nature of the upstream and downstream connection between the CGNM 2250 and the device to which it is connected through the CABLE interface IP details of the CGNM 2250 s WAN connection Click Status DOCSIS WAN The following screen displays Figure 16 The Status DOCSIS WAN Screen ...

Page 48: ...the time that elapses before your device s IP address lease expires and a new IP address is assigned to it by the DHCP server Downstream Overview NOTE The downstream signal is the signal transmitted to the CGNM 2250 Port ID This displays the ID number of the downstream connection s port Frequency MHz This displays the actual frequency in Megahertz MHz of each downstream data channel to which the C...

Page 49: ...is displays the ID number of the upstream connection s port Frequency MHz This displays the actual frequency in Megahertz MHz of each upstream data channel to which the CGNM 2250 is connected Modulation This displays the type of modulation that each upstream channel uses Signal Strength dBmV This displays the power of the signal of each upstream data channel to which the CGNM 2250 is connected in ...

Page 50: ...en No This displays the arbitrary incremental index number assigned to the DOCSIS event Time This displays the time and date of the DOCSIS event Type This displays the type of the DOCSIS event NOTE The definitions of the type of DOCSIS event follow DOCSIS s specification accordingly Priority This displays the priority of the DOCSIS event NOTE The definitions of the priority of DOCSIS event follow ...

Page 51: ...ser s Guide 3 7 The Wireless Screen Use this screen to view general information about the CGNM 2250 s WiFi related settings You can modify many of the fields in this screen using the Wireless Basic Setting screen see The Basic Settings Screen on page 74 Click Status Wireless The following screen displays Figure 18 The Status Wireless Screen ...

Page 52: ...ss Mode 5GHz This displays the type of 5 GHz wireless network that the CGNM 2250 is using Wireless Channel 5GHz This displays the wireless channel on which the CGNM 2250 s 5 GHz wireless network is transmitting and receiving SSID Overview 2 4GHz SSID This displays the 2 4 GHz wireless network s Service Set Identifier This is the name of the wireless network to which wireless clients connect Broadc...

Page 53: ...gure 19 Wireless Client List MAC This displays the MAC Media Access Control address of each wireless client connected to the device s wireless network AID This displays the AID Association ID of each wireless client connected to the device s wireless network RSSI This field display the Received Signal Strength Indication from each wireless client connected to the device s wireless network DateRate...

Page 54: ...age 59 The Port Forwarding Screen on page 60 The Port Triggering Screen on page 64 The DMZ Screen on page 67 The DNS Screen on page 69 4 1 Basic Overview This section describes some of the concepts related to the Basic screens 4 1 1 WAN and LAN A Local Area Network LAN is a network of computers and other devices that usually occupies a small physical area a single building for example Your CGNM 22...

Page 55: ...ix A domain is a location on a network for instance example com On the Internet domain names are mapped to the IP addresses to which they should refer by the Domain Name System This allows you to enter www example com into your browser and reach the correct place on the Internet even if the IP address of the website s server has changed Similarly the CGNM 2250 allows you to define a Domain Suffix ...

Page 56: ...0 receives incoming traffic from the WAN with a destination port that matches a port forwarding rule it forwards the traffic to the LAN IP address and port number specified in the port forwarding rule NOTE For information on the ports you need to open for a particular application consult that application s documentation 4 1 6 Port Triggering Port triggering is a means of automating port forwarding...

Page 57: ...ffix Configure the CGNM 2250 s internal DHCP server Define how the CGNM 2250 assigns IP addresses on the LAN See information about the network devices connected to the CGNM 2250 on the LAN Click Basic LAN Setup The following screen displays Figure 20 The Basic LAN Setup Screen The following table describes the labels in this screen Table 16 The Basic LAN Setup Screen Private LAN Setting Private LA...

Page 58: ...he CGNM 2250 stops assigning IP addresses to devices on the LAN when DHCP is enabled NOTE Devices requesting IP addresses once the DHCP pool is exhausted are not assigned an IP address Save Changes Click this to save your changes to the fields in this screen Cancel Click this to return the fields in this screen to their last saved values without saving your changes Help Click this to see informati...

Page 59: ...s the labels in this screen Status This displays Active when a device is connected Renew Click this to obtain the connected device s information again Table 17 The Basic Gateway Function Screen Residential Gateway Function Use this field to turn gateway function on or off Select Enabled to turn gateway function on Select Disabled to turn gateway function off UPNP Use this field to turn UPNP on or ...

Page 60: ...wing table describes the labels in this screen Table 18 The Basic Port Forwarding Screen All Port Forwarding Rules Use this field to turn port forwarding on or off Select Enabled to turn all port forwarding rules on Select Disabled to turn all port forwarding rules off Port Forwarding Rules Application Name This displays the name you assigned to the rule when you created it Public This field displ...

Page 61: ...hich traffic conforming to the rule s conditions is forwarded Remote IP Address This displays the IP address range on the WAN from which traffic is forwarded if configured Status Use this field to turn port forwarding rule on or off Manage Use this field to Edit a port forwarding rule Port forwarding must first be set to Enabled See Adding or Editing a Port Forwarding Rule on page 61 for informati...

Page 62: ...The following screen displays Figure 23 The Basic Port Forwarding Add Edit Screen The following table describes the labels in this screen Table 19 The Basic Port Forwarding Add Edit Screen Common Application Use this field to select the application for which you want to create a port forwarding rule if desired Application Name Enter a name for the application for which you want to create the rule ...

Page 63: ... port number in the second field To specify only a single port enter its number in both fields Private Port Range Use these fields to specify the ports to which the received traffic should be forwarded Enter the start port number in the first field The number of ports must match that specified in the Public Port Range so the CGNM 2250 completes the second field automatically Local IP Address Use t...

Page 64: ...ules on or off Select Enabled to turn all port triggering rules on Select Disabled to turn all port triggering rules off Port Triggering Rules Application Name This displays the arbitrary name you assigned to the rule when you created it Trigger This displays the range of outgoing ports When the CGNM 2250 detects activity outgoing traffic on these ports from computers on the LAN it automatically o...

Page 65: ...displays Twoway Status Usually a port triggering rule works for two IP addresses when a rule is enabled other IPs will also be allowed to use the rule as a trigger Status Use this field to turn the rule On or Off Manage Use this field to Edit a port triggering rule Action Use this field to Delete a port triggering rule Add Rule Click this to define a new port triggering rule Port triggering must f...

Page 66: ...ter a name for the application for which you want to create the rule NOTE This name is arbitrary and does not affect functionality in any way Trigger Port Range Use these fields to specify the trigger ports When the CGNM 2250 detects activity on any of these ports originating from a computer on the LAN it automatically opens the Target ports in expectation of incoming traffic Enter the start port ...

Page 67: ...nnected to the LAN Enter the start port number in the first field and the end port number in the second field To specify only a single port enter its number in both fields Protocol Use this field to specify whether the CGNM 2250 should activate this trigger when it detects activity via Transmission Control Protocol TCP User Datagram Protocol UDP Transmission Control Protocol and User Datagram Prot...

Page 68: ...ct Disabled to turn the DMZ off Computers that were previously in the DMZ are now on the LAN DMZ Host Enter the IP address of the computer that you want to add to the DMZ Connected Devices Click this to see a list of the computers currently connected to the CGNM 2250 on the LAN Figure 27 Connected Device Info Save Changes Click this to save your changes to the fields in this screen Cancel Click th...

Page 69: ...describes the labels in this screen Table 23 The Basic DNS Screen LAN DNS Obtain Use this field to obtain the DNS automatically or manually Select Auto to obtain the DNS automatically Select Manual to obtain the DNS manually LAN DNS Proxy Status Use this field to turn the DNS Proxy on or off Select Enabled to turn the DNS Proxy on Select Disabled to turn the DNS Proxy off Domain Suffix Use this fi...

Page 70: ...want to add to the DNS manually Proxy Hostname2 Enter the Hostname of the computer that you want to add to the DNS manually Save Changes Click this to save your changes to the fields in this screen Cancel Click this to return the fields in this screen to their last saved values without saving your changes Help Click this to see information about the fields in this screen Table 23 The Basic DNS Scr...

Page 71: ...ion describes some of the concepts related to the Wireless screens 5 1 1 Wireless Networking Basics Your CGNM 2250 s wireless network is part of the Local Area Network LAN known as the Wireless LAN WLAN The WLAN is a network of radio links between the CGNM 2250 and the other computers and devices that connect to it 5 1 2 Architecture The wireless network consists of two types of device access poin...

Page 72: ... old to new and data transfer speeds low to high IEEE 802 11b IEEE 802 11g IEEE 802 11n 5 1 4 Service Sets and SSIDs Each wireless network including all the devices that comprise it is known as a Service Set NOTE Depending on its capabilities and configuration a single wireless access point may control multiple Service Sets this is often done to provide different service or security levels to diff...

Page 73: ... WEP There are two types of WPA the enterprise version known simply as WPA requires the use of a central authentication database server whereas the personal version supported by the CGNM 2250 allows users to authenticate using a pre shared key or password instead While WPA provides good security it is still vulnerable to brute force password guessing attempts in which an attacker simply barrages t...

Page 74: ...ia WPS use the WPA2 security standard 5 1 6 WMM WiFi MultiMedia WMM is a Quality of Service QoS enhancement that allows prioritization of certain types of data over the wireless network WMM provides four data type classifications in priority order highest to lowest Voice Video Best effort Background If you wish to improve the performance of voice and video at the expense of other less time sensiti...

Page 75: ... 2 4G Settings on page 75 for information on the screen that displays To configure the CGNM 2250 s 5GHz wireless network click Wireless Basic Settings then click the 5G tab See 5G Settings on page 78 for information on the screen that displays 5 2 1 2 4G Settings Use this screen to configure the CGNM 2250 s 2 4GHz wireless network Click Wireless Basic Settings then click the 2 4G tab The following...

Page 76: ...Mixed use IEEE 802 11g and 802 11n NOTE Only wireless clients that support the network protocol you select can connect to the wireless network If in doubt use 11B G N default Wireless Channel Select the 2 4GHz wireless channel that you want to use or select Auto to have the CGNM 2250 select the optimum channel to use NOTE Use the Auto setting unless you have a specific reason to do otherwise WPS E...

Page 77: ...ltiMedia WMM Quality of Service QoS settings to this SSID Select ON to enable WMM QoS on this SSID Select OFF to disable WMM QoS on this SSID Security Mode Select the type of security that you want to use Select Open to use no security Anyone in the coverage area can enter your network Select WEP to use the Wired Equivalent Privacy security protocol Select WPA to use the WiFi Protected Access Pers...

Page 78: ...ect WEP128 to use a twenty six digit security key WPA WPA2 and WPA WPA2 Select TKIP to use the Temporal Key Integrity Protocol Select AES to use the Advanced Encryption Standard Select TKIP AES to allow clients using either encryption type to connect to the CGNM 2250 Pass Phrase Enter the security key or password that you want to use for your wireless network You will need to enter this key into y...

Page 79: ...50 User s Guide Figure 30 The Wireless Basic Settings Screen 5G The following table describes the labels in this screen Table 25 The Wireless Basic Settings Screen 5G Basic Settings Wireless Enabled Use this field to turn the 5GHz wireless network on or off Select ON to enable the wireless network Select OFF to disable the wireless network ...

Page 80: ...want to use or select Auto to have the CGNM 2250 select the optimum channel to use NOTE Use the Auto setting unless you have a specific reason to do otherwise WPS Enabled Use this field to turn WiFi Protected Setup WPS on or off on the 5GHz network Select ON to enable WPS Deselect OFF to disable WPS Multiple SSID Settings Multiple SSID Click this to view settings for the main 5GHz SSID Network Nam...

Page 81: ...SSID Select OFF to disable WMM QoS on this SSID Security Mode Select the type of security that you want to use Select Open to use no security Anyone in the coverage area can enter your network Select WEP to use the Wired Equivalent Privacy security protocol Select WPA to use the WiFi Protected Access Personal security protocol Select WPA2 to use the WiFi Protected Access 2 Personal security protoc...

Page 82: ... digit security key Select WEP128 to use a twenty six digit security key WPA WPA2 and WPA WPA2 Select TKIP to use the Temporal Key Integrity Protocol Select AES to use the Advanced Encryption Standard Select TKIP AES to allow clients using either encryption type to connect to the CGNM 2250 Pass Phrase Enter the security key or password that you want to use for your wireless network You will need t...

Page 83: ...ress the PBC button on your client wireless devices within two minutes in order to register them on your wireless network Click the PIN button to begin the PIN configuration process In the screen that displays enter the WPS PIN that you want to use for the CGNM 2250 or the WPS PIN of the client device you want to add to the network WPS Status This displays whether or not the CGNM 2250 is using WiF...

Page 84: ...M 2250 and the network wirelessly or to deny certain devices access Click Wireless Access Control The following screen displays Figure 32 The Wireless Access Control Screen The following table describes the labels in this screen Table 27 The Wireless Access Control Screen Connected Devices Host Name This displays the name of each network device that has connected to the CGNM 2250 on the wireless n...

Page 85: ... to the CGNM 2250 Select Allow to permit only devices you added to the Devices list to access the CGNM 2250 and the network wirelessly All other devices are denied access Select Deny to permit all devices except those you added to the Devices list to access the CGNM 2250 and the network wirelessly The specified devices are denied access Host Name This field displays the name of the wireless device...

Page 86: ...he Wireless Access Control Add Edit Screen The following table describes the labels in this screen Table 28 The Wireless Access Control Add Edit Screen Host Name Enter the name of the wireless device MAC Address Enter the device s MAC Media Access Control address Device Managed Use this field to define whether the device should have its access privileges filtered or not Click Yes to filter the dev...

Page 87: ...ing sections Admin Overview on page 87 The Management Screen on page 88 The Remote Management Screen on page 89 The Diagnostics Screen on page 91 The Backup Screen on page 92 The USB Storage Screen on page 93 The Device Reset Screen on page 94 6 1 Admin Overview This section describes some of the concepts related to the Admin screens 6 1 1 Debugging Ping and Traceroute The CGNM 2250 provides a cou...

Page 88: ...n IP address is in use or to discover if a device whose IP address you know is working properly Traceroute this tool allows you to see the route taken by data packets to get from the CGNM 2250 to the destination you specify You can use this tool to solve routing problems or identify firewalls that may be blocking your access to a computer or service 6 2 The Management Screen Use this screen to mak...

Page 89: ...en displays Table 29 The Admin Management Screen Username If your CGNM 2250 supports multiple user accounts select the account you want to modify from the list Old Password Enter the password with which you currently log into the CGNM 2250 for this account New Password Enter and re enter the password you want to use to log into the CGNM 2250 for this account Confirm New Password Idle Time Use this...

Page 90: ...perText Transfer Protocol HTTP HyperText Transfer Protocol Secure HTTPS Telnet ON OFF Use this field to enable disable each protocol Port Use this field to specify which port to use with each protocol Remote IP Range Remote Range Allow All This function allows you to grant access to a certain range of IP addresses or all IP addresses IP Start Use this field to enter the start IP IP End Use this fi...

Page 91: ...wing table describes the labels in this screen Cancel Click this to return the fields in this screen to their last saved values without saving your changes Help Click this to see information about the fields in this screen Table 31 The Admin Diagnostics Screen Destination IP or Domain Enter the IP address or URL that you want to test Ping Select the type of test that you want to run on the Destina...

Page 92: ...creen Apply Click this to save your changes to the fields in this screen Cancel Click this to return the fields in this screen to their last saved values without saving your changes Help Click this to see information about the fields in this screen Table 32 The Admin Backup Screen Back Up Your Settings Locally Click this to create a backup of all your CGNM 2250 s settings on your computer Restore ...

Page 93: ...2250 Restore Factory Default Settings Click Factory to return your CGNM 2250 to its factory default settings When you do this all your user configured settings are lost and cannot be retrieved Table 33 The Admin USB Storage Screen Shared Status Use this field to select whether the shared status of USB be active or not Select Enabled to activate the shared status Select Disabled to deactivate the s...

Page 94: ...e describes the labels in this screen Save Changes Click this to save your changes to the fields in this screen Cancel Click this to return the fields in this screen to their last saved values without saving your changes Help Click this to see information about the fields in this screen Table 34 The Admin Device Reset Screen Reboot Device Click Reboot to restart your CGNM 2250 Restore Factory Defa...

Page 95: ...on page 104 The Keyword Filter Screen on page 108 7 1 Security Overview This section describes some of the concepts related to the Security screens 7 1 1 Firewall The term firewall comes from a construction technique designed to prevent the spread of fire from one room to another Similarly your CGNM 2250 s firewall prevents intrusion attempts and other undesirable activity originating from the WAN...

Page 96: ... or Allow the devices on the list to access the network in which case no other devices can access the network 7 1 3 Service Filtering Service filtering is a way of preventing users on the LAN from connecting with devices on the WAN via specific services protocols or applications It achieves this by permitting or denying traffic from the LAN to pass to the WAN based on the target port 7 2 The Firew...

Page 97: ...SECURITY Version 1 0 12 2014 Copyright 2012 Hitron Technologies 97 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 97 Hitron CGNM 2250 User s Guide Figure 40 The Security Firewall Screen ...

Page 98: ...es on or off Entire Firewall select ON to enable firewall security protection or select OFF to disable it not recommended HTTP use this field to Allow or Deny HyperText Transfer Protocol traffic ICMP use this field to Allow or Deny Internet Control Message Protocol traffic Multicast use this field to Allow or Deny multicast traffic sent to multiple devices at once P2P use this field to Allow or De...

Page 99: ...screen displays Figure 41 The Security Service Filter Screen The following table describes the labels in this screen Table 36 The Security Service Filter Screen Managed Services Filter Enabled Use this field to turn service filtering on or off Select Enabled to turn service filtering on Select Disabled to turn service filtering off Host Name This displays the name you assigned to the filtering rul...

Page 100: ...is to add a new service filtering rule see Adding or Editing a Service Filter Rule on page 101 Save Changes Click this to save your changes to the fields in this screen Help Click this to see information about the fields in this screen Trust PC List Host Name This displays the name of the trust device connected IP Address This displays the IP address of the trust network device connected Status Th...

Page 101: ...led is selected in the Security Service Filter screen in order to add or edit service filtering rules The following screen displays Figure 42 The Security Service Filter Add Edit Screen The following table describes the labels in this screen Table 37 The Security Service Filter Add Edit Screen Application Name Enter a name for the application for which you want to create the rule NOTE This name is...

Page 102: ...he filtering rule should apply on all days of the week at all times or whether the rule should be applied only at certain times Select YES to apply the rule at all times Select NO to apply the rule only at certain times Additional fields display allowing you to specify the times at which the rule should be applied Figure 43 Additional Service Filtering Options Use the Managed Weekdays fields to sp...

Page 103: ...ed in the Security Service Filter screen in order to add or edit a trust PC The following screen displays Figure 44 The Security Service Filter Trust PC List Add Edit Screen The following table describes the labels in this screen Table 38 The Security Service Filter Add Edit Trust Manage Device Screen Apply Click this to save your changes to the fields in this screen Close Click this to return to ...

Page 104: ...e network or to deny certain devices access You can turn filtering on or off and configure new and existing filtering rules Click Security Device Filter The following screen displays Rule Status Use this field to select whether the filtering rule should be active or not Select Enabled to activate the rule Matching traffic will be blocked Select Disabled to deactivate the rule Matching traffic will...

Page 105: ...This displays the IP address of each network device connected on the LAN MAC Address This displays the Media Access Control MAC address of each network device connected on the LAN Type This displays whether the device s IP address was assigned by DHCP DHCP IP or self assigned Interface This displays the name of the interface on which the relevant device is connected Status This displays if the dev...

Page 106: ...Select Deny to permit all devices except those you added to the Managed Devices list to access the CGNM 2250 and the network The specified devices are denied access Host Name This displays the name of each network device in the list MAC Address This displays the Media Access Control MAC address of each network device in the list Managed Weekdays This displays the days of the week on which the devi...

Page 107: ...g a device that is not connected via the LAN you can enter its name here if you know it MAC Address If you are managing a device that already connected via the LAN this field displays the device s MAC Media Access Control address Alternatively if you are managing a device that is not connected via the LAN you can enter its MAC address here if you know it Device Managed Use this field to define whe...

Page 108: ...he device only at certain times Additional fields display allowing you to specify the times at which the device should be managed Figure 47 Additional Service Filtering Options Use the Managed Weekdays fields to specify the days on which the device should be managed A red background indicates that the device will be managed access will be blocked and a green background indicates that the device wi...

Page 109: ...yword Enter the keyword that you want to block The CGNM 2250 examines both the page s URL Internet address and its page content text Blocked Weekdays Use these fields to specify the times at which the keyword should be blocked A red background indicates that the rule will be applied access will be blocked and a green background indicates that the device will not be applied access will not be block...

Page 110: ...s screen to their last saved values without saving your changes Help Click this to see information about the fields in this screen Trust PC List Host Name This displays the name of the trust device connected IP Address This displays the IP address of the trust network device connected Status This displays whether or not the keyword filter rule is enabled of the trust device connected Manage Click ...

Page 111: ... Device Screen Host Name This displays the name of each network device connected IP Address This displays the IP address of each network device connected Rule Status Use this field to select whether the filtering rule should be active or not Select Enabled to activate the rule Matching traffic will be blocked Select Disabled to deactivate the rule Matching traffic will not be blocked Apply Click t...

Page 112: ...eens that display when you click Advanced in the toolbar It contains the following sections The Switch Setup Screen on page 112 The DDNS Screen on page 113 8 1 The Switch Setup Screen Use this screen to view the speed and duplex status of each of the CGNM 2250 s LAN ports and enable or disable them Click Advanced Switch Setup The following screen displays Figure 50 The Advanced Switch Setup Screen...

Page 113: ...isplays When a device is connected to the LAN port Linked displays Speed This displays the speed of the data link to the device connected to the LAN port in kilobits per second kbps Duplex This displays the duplex status of the data link to the device connected to the LAN port Enable Use this to turn the LAN port on or off Click a disabled LAN port s On button to enable the port Data can be exchan...

Page 114: ... 2250 work as a DDNS client The CGNM 2250 receives DDNS information from the Service Provider you specify Click Off to have the CGNM 2250 not work as a DDNS client Service Provider Select the organization from which you wish to receive DDNS information User Name Enter the credentials assigned to you by the selected Service Provider Password Host Name Save Changes Click this to save your changes to...

Page 115: ...rd on page 116 I Cannot Access the CGNM 2250 or the Internet on page 117 I Cannot Access the Internet and the DS and US LEDs Keep Blinking on page 117 I Cannot Connect My Wireless Device on page 117 Problem None of the LEDs Turn On The CGNM 2250 is not receiving power or there is a fault with the device 1 Ensure that you are using the correct power adaptor Using a power adaptor other than the one ...

Page 116: ... into your browser s address bar on a computer connected to the LAN The default LAN domain suffix is displayed in the Basic LAN Setup screen s Domain Suffix field See The LAN Setup Screen on page 56 for more information 3 Depending on your operating system and your network you may be able to find the CGNM 2250 s IP address by looking up your computer s default gateway To do this on most Windows ma...

Page 117: ... subnet as the CGNM 2250 see IP Address Setup on page 21 4 If you are attempting to connect over the wireless network there may be a problem with the wireless connection Connect via a LAN port instead 5 If the above steps do not work you need to reset the CGNM 2250 See Factory Default Resetting the CGNM 2250 on page 24 All user configured data is lost and the CGNM 2250 is returned to its default s...

Page 118: ...smitters microwave ovens etc reduce your CGNM 2250 s signal quality and coverage area 3 Ensure that the CGNM 2250 and the wireless client are set to use the same wireless mode and SSID see The Basic Settings Screen on page 74 and security settings see The Access Control Screen on page 84 4 Re enter any security credentials WEP keys WPA 2 PSK password or WPS PIN 5 If you are using WPS s PBC push bu...

Page 119: ...cable connection 13 26 56 71 87 cable connection status 46 cable modem 13 26 56 71 87 CATV 32 33 clients wireless 71 configuration file 37 connection status cable 46 conventions document 3 customer support 4 D debugging 55 87 91 default 92 94 default IP address 21 default username and password 23 defaults 92 94 De Militarized Zone 56 DHCP 21 35 DHCP lease 36 diagnostics 55 87 91 DMZ 56 DMZ De Mili...

Page 120: ...ion 14 IP address 21 33 55 116 IP address lease 36 IP address renewal 36 IP address setup 21 22 IP address default 21 IP address format 33 IP address local 21 IP filtering 14 ISP 33 L LAN 54 71 LAN 1 4 17 LAN setup 57 LEDs 17 115 117 lights 17 local IP address 21 logging in 23 login accounts 23 login screen 21 M MAC address 36 MAC filtering 14 96 main window 24 27 Media Access Control address 36 M...

Page 121: ... QoS 74 QPSK 38 R radio coverage 82 radio links 71 reboot 92 94 reset 16 24 restore and backup 14 RJ45 connectors 17 routing mode 34 37 54 rule port forwarding 61 S SCDMA 38 scheduled website blocking 14 security wireless 14 service filter 99 service set 72 settings backup and restore 14 SSID 72 74 Status 19 status 47 49 status cable connection 46 subnet 21 33 55 subnet IP 21 support customer 4 T ...

Page 122: ...3 WiFi MultiMedia 74 WiFi Protected Setup 14 73 window main 24 27 Windows XP 22 wired security 14 wireless access point 13 26 56 71 87 wireless clients 71 wireless connection 117 wireless networking standards 72 wireless security 14 73 wireless security settings 82 wireless settings 29 wireless settings basic 74 wireless status 51 WLAN 71 WMM 74 WPA2 74 WPA2 PSK 14 73 WPA PSK 14 73 WPS 14 73 74 WP...

Page 123: ...INDEX Version 1 0 12 2014 Copyright 2012 Hitron Technologies 123 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 123 Hitron CGNM 2250 User s Guide ...

Page 124: ...INDEX Version 1 0 12 2014 Copyright 2012 Hitron Technologies 124 Version 1 0 12 2014 Copyright 2014 Hitron Technologies 124 Hitron CGNM 2250 User s Guide ...