background image

MP1800-10 3G Router User Manual 

 

 

 

 

 

 

 

 

 

 

 

Maipu Confidential & Proprietary Information  

 

 

 

 

 

Page 33 of 95 

 
 

MS-CHAP

:  Similar  to  CHAP,  MS-CHAP  is  one  encrypted  authentication 

mechanism, using the MPPE-based data encryption. 

MS2-CHAP

 : MS-CHAP protocol version 2. 

EAP

:  It is one extended authentication  protocol. The protocol is used for 

the authentication in the point-to-point network, such as PPP. It supports 
various  authentication  mechanisms.  With  the  extendable  authentication 
protocol,  any  ID  authentication  mechanism  can  authenticate  the  remote 
access connection. 

 

(3)

 

Compression protocol configuration 

 

Compression protocol configuration

 

Compression/Control  Compression

:  Responsible  for  the  configuration  of  the 

two  sides  on  the PPP link,  negotiate  which  compression algorithm  to  adopt  and 
use  the  reliable  mode  to  identify  the  failure  of  the  compression  and  de-
compression mechanism. If ticking, it means enable. 

Protocol  Field  Compression

:  Whether  to  permit  address  domain  and  control 

domain compression in the PPP packet. If ticking, it means enable. 

Compression  Control  Protocol

:  Whether  to  enable  the  protocol  domain 

compression. If ticking, it means enable. 

VJ  TCP/IP  Header  Compression

:  Whether  to  permit  Van  Jacobson  header 

compression for the 

TCP/IP packet. If ticking, it means enable.

 

VJ  Connection  ID  Compression

:  Whether  to  permit  the  connection  ID 

compression. If ticking, it means enable. 

 

(4)

 

Other parameters 

The other parameter setting provides you whether to use the processing of the 

peer DNS, LCP echo interval, LCP echo failure, and packet size and the setting of 

the debugging. 

Summary of Contents for MP1800-10

Page 1: ...MP1800 10 3G Router User Manual V1 2 Maipu Communication Technology Co Ltd No 16 Jiuxing Avenue Hi Tech Park Chengdu Sichuan Province P R China 610041 Tel 86 28 85148850 85148041 Fax 86 28 85148948 8...

Page 2: ...isclaims any implied warranties of merchantability or fitness for any specific purpose Further Maipu reserves the right to revise this document and to make changes from time to time in its content wit...

Page 3: ...g Preparations 9 Configure Computer 10 Log into System 14 Configuration 15 System 15 System Time 16 Remote Logs 18 Management Control 18 Configuration Management 19 System Upgrade 20 SNMP 21 Modify Pa...

Page 4: ...l 59 Basic Setting 59 Access Control 60 Port Mapping 61 MAC IP Binding 62 QOS 63 Bandwidth Management 63 VPN Configuration 64 IPSec 64 GRE 71 Certificate Management 73 Status 78 System Logs 79 System...

Page 5: ...ure 1 Hardware specifications 2 Functions 3 Product models 4 Product shapes Hardware Specifications 1 3G data Support two kinds of 3G module that is WCDMA and CDMA2000 2 Interface Wireless interface 5...

Page 6: ...humidity 95 no condensing Functions 1 Basic Features Convenient flexible reliable Support CDMA 2000 and WCDMA Data terminal online forever NTP Remote logs Remote SSH Telnet HTTP management Local Firm...

Page 7: ...tication Support disconnection detection Support multi WAN port backup Support getting time via 3G Support regular online offline Support E3G management Product Models MP1800 10 router adopts the gene...

Page 8: ...9600 8 bit data bit no parity one bit stop bit FE0 FE4 RJ45 Ethernet interface USB Outer USB interface ANT0 is 3G antenna ANT1 is WIFI antenna The outer power adaptor is DC 12V 1 5A Indicator descrip...

Page 9: ...figure computer 4 Log into system Environment Requirement The requirements of MP1800 10 router for the using environment Work environment temperature 25 70 Storage temperature 30 70 Relative humidity...

Page 10: ...e following takes the LAN connection mode and adopts Windows XP as an example to describe the configuration steps of the computer network connection 1 Method 1 In LAN select one computer for configura...

Page 11: ...Router User Manual Maipu Confidential Proprietary Information Page 11 of 95 Configure local connection properties of the computer Select Internet Protocol TCP IP and click Properties to enter the foll...

Page 12: ...s IP address 192 168 10 refers to any integer from 2 254 Subnet mask 255 255 255 0 Default gateway 192 168 10 1 After configuration click OK Caution 1 The method interrupts the communication between t...

Page 13: ...still can configure MP1800 10 router you can consider adding route IP to realize Click Advanced in the above figure 3 3 as shown in Figure 3 3 Advanced configuration interface of TCP IP attributes Cl...

Page 14: ...e IE browser of the computer and input http 192 168 10 1 in the address bar Web login Press Enter to enter the login interface of the user as follows User login authentication When the user logs into...

Page 15: ...configuration parameters precautions and problems of the product 1 System 2 Network 3 Service 4 Status firewall 5 QoS 6 VPN configuration 7 Status 8 CLI System The system tool of MP1800 10 router pro...

Page 16: ...r setting time manually as follows Interface for setting time manually Current time Display current system time System time setting Manual setting time server Date setting Set system date Time setting...

Page 17: ...al of synchronizing time Time server Specify the domain name or IP address of the server providing the service of synchronizing time Time Zone Specify the time zone of the country against UTC Caution...

Page 18: ...Enter System Remote log and you can see the following configuration interface Remote log configuration interface Enable Whether to send the device log information to the remote log server Remote Log...

Page 19: ...user configuration Backup can save the configured parameters to the PC Recovery can restore the saved configuration parameters to the system 1 Backup configuration Enter System Configuration Manageme...

Page 20: ...en you want to restore the system to the factory status enter System Configuration Management and click Restore Factory Setting System Upgrade MP1800 10 router can perform the remote web upgrade Befor...

Page 21: ...ccessfully the interface turns to the login interface automatically Caution During upgrade do not power off Otherwise the device cannot be used SNMP When you want to configure SNMP enter System SNMP a...

Page 22: ...ns are all set to the nodes in MIB Modify Password MP1800 10 router provides the authority of modifying user password Enter System Modify Password and you can set the new password for the system admin...

Page 23: ...r System Log out Network MP1800 10 router network setting includes the following functions Dialing interface WAN interface LAN interface Forwarding mode Dynamic domain name Static route Dynamic route...

Page 24: ...y account to dial Enable SIM Card Bind Set the binding function of the SIM card If enabling the option bind the IMSI code of the SIM card with the system When using the 3G module for the first time re...

Page 25: ...dial Count Set the re dialing times of each account By default it is three times 0 means always trying to use the master account dialing and do not use standby account APN Specifies the APN Access Po...

Page 26: ...ed with the service that needs to use the 3G traffic such as NTP remote log and IPSec DPD the dial on demand function becomes invalid Idle time Set the idle time of the connection when reaching the id...

Page 27: ...MS2 CHAP MS CHAP version 2 EAP It is one expansible authentication protocol The protocol is used by the authentication in the point to point network such as PPP It can support various authentication...

Page 28: ...by the peer The mapping table uses the hexadecimal coding do not need 0x The least significant bit 00000001 indicates the character 0 and the most significant bit 80000000 indicates the character 31 D...

Page 29: ...ed by MP1800 10 router Local IP Set the local IP of MP1800 10 router when performing PPP IPCP negotiation Remote IP Set the peer IP of MP1800 10 router when performing PPP IPCP negotiation WAN Interfa...

Page 30: ...of the WAN interface The DNS server uses the IP address format Multiple DNS servers are separated by the blank After selecting the connection mode as DHCP the setting interface of WAN interface is as...

Page 31: ...n mode as Disable you cannot connect Internet via Ethernet WAN interface 2 PPPoE advanced setting If you are advanced user enter Network WAN interface PPPoE advanced setting and you can complete the c...

Page 32: ...fter reaching the maximum feature times do not dial any more The default value is 0 and it means always trying It is mandatory 2 Authentication and encryption parameters Authentication mode configurat...

Page 33: ...on of the two sides on the PPP link negotiate which compression algorithm to adopt and use the reliable mode to identify the failure of the compression and de compression mechanism If ticking it means...

Page 34: ...Interval Set the PPP LCP keepalive interval The setting range is 1 2147483647 By default send one LCP every 10s LCP Echo Failure Set the PPP LCP keepalive times The setting range is 1 2147483647 The...

Page 35: ...ting IP Set or modify the LAN IP address of MP1800 10 router The default value is 192 168 10 1 Usually it is the gateway IP or LAN gateway of the direct connected computer Netmask Set or modify the sp...

Page 36: ...ation interface Forwarding mode setting Route mode Decide the forwarding path by searching for the system route table NAT mode Perform the source address pretending for the packet to realize the requi...

Page 37: ...service provider DNS The DNS domain name set by the DDNS service provider Static Route Static route can confirm the external route for the packet sent out When the router network and the target access...

Page 38: ...n address is set as one IP the subnet mask should be set as 255 255 255 255 Otherwise the system calculates one network address automatically according to the subnet mask 3 If you want to add route in...

Page 39: ...formation Failure time Set the invalid interval of the route information If not receiving update packets after exceeding the time set the route information unavailable but do not clear the route infor...

Page 40: ...MP1800 10 router already knows the IP address of the E3G server and the telephone number of the short message gateway E3G server can manage the device via the traditional mode of delivering the confi...

Page 41: ...e accessed you can select Dial interface 2 For the using of the device report interface the device reports the information via the 3G dial interface as the source interface use LAN port as the report...

Page 42: ...be emitted Name SSID Set the access point name of the wireless network Forbid SSID broadcast After ticking the SSID is not broadcast Authentication Select the security mode of the wireless network Yo...

Page 43: ...ice can reduce the workload of the network management staff greatly MP1800 10 router is inbuilt with DHCP server letting it provide the dynamic IP distributing service for your LAN Enter Service DHCP...

Page 44: ...ress of other kinds of client hosts refer to the using instruction of the device Setting of auto get IP address 2 Statics IP Mapping Static IP mapping is the IP MAC map setting that is the binging set...

Page 45: ...LAN port and cannot be the broadcast address or LAN port address Caution After adding the static IP mapping information click Save to make the device valid Before saving do not switch to other interf...

Page 46: ...irtual Router ID Specify the virtual router ID of this device Priority The one with the highest priority becomes the master router Interval The interval of sending the VRRP packets By default it is se...

Page 47: ...tion The AAA module of MP1800 10 router provides the log authentication service including serial port web Telnet and SSH Enter Service AAA Configuration and you can see the following interface AAA con...

Page 48: ...client 802 1x Authentication The 802 1x protocol is C S based access control and authentication protocol It can limit the un authorized user device from accessing LAN WLAN via the access port Before...

Page 49: ...authentication Deny MAC List Configure the refused MAC address The host in the list cannot access network resource without passing authentication Basic configuration of 802 1x authentication Enable I...

Page 50: ...ithout authentication Deny MAC address configuration interface Deny MAC address Configure the denied MAC address The MAC address cannot pass the authentication or access the network resources PIN Code...

Page 51: ...protect is as follows Configuration interface of enabling PIN code protect Show status Query the current status of the SIM card including PIN code protect status PIN code remaining input times and rem...

Page 52: ...PIN code protect status PIN code remaining input times and remaining input times of PUK code PIN The PIN code is the personal identification code comprising 4 8 digitals Enable protect Enable the PIN...

Page 53: ...er modifying the PIN code successfully and if the PIN code protect is enabled before modifying the PIN code the system automatically records the new PIN code and uses the PIN code during dialing The P...

Page 54: ...ion interface is as follows PUK code unblocking configuration interface After unblocking PUK code successfully and the PIN code protect is enabled the system automatically records the new PIN code and...

Page 55: ...nter Service Regular online offline and the configuration interface is as follows Regular Online Offline Enable If ticking enable the regular online offline function Start time Set the 3G to be online...

Page 56: ...uccessively failed the device automatically restarts Count The number of the ICMP packets every time Abnormal Time The waiting time for the device to restart because of the SIM card arrears wrong dial...

Page 57: ...terface as the work interface according to the status of the dial interface and Ethernet WAN port and the other interfaces work as the backup of the work interface Backup Mode There are two work modes...

Page 58: ...t of the route in the load balance Track IP Detect whether the link is the fluent IP address It is suggested to fill in one fixed address in the network Ping Count The times of ping keepalive address...

Page 59: ...prevent DOS attack and whether to enable the status firewall Enter Status firewall Basic setting and the setting interface is as follows Basic setting Default Policy Set the default action of the fire...

Page 60: ...ol protect Enter Status Firewall Access control and the configuration interface is as follows Access control Enable If ticking the item enable the rule Protocol It can be TCP protocol UDP protocol ICM...

Page 61: ...to one mapping between Internet public IP address and internal private IP address Enter Status firewall Port mapping and you can see the following configuration interface Port mapping Enable If ticki...

Page 62: ...P address in LAN to filter the packets according to the mode of matching IP and MAC at the same time The optional filter modes are accept refuse or drop Rule setting MAC IP binding rule setting Source...

Page 63: ...management Bandwidth Management Enter QoS Bandwidth Management tick Enable and you can set the downloading speed and uploading speed as follows Bandwidth management Interface The name of the network...

Page 64: ...protocol not only refers to the data encryption and decryption technology but also refers to the data transmission and validation technology It is often used for the end to end network security trans...

Page 65: ...el configuration includes two phases phase 1 and phase 2 1 Add rule After inputting the tunnel name on the interface as shown in Figure 4 50 click Add to enter the interface for configuring the IPSec...

Page 66: ...of the authentication center CA certificate The certificate requires uploading the corresponding certificate in the certificate uploading configuration item The item depends on the authentication mode...

Page 67: ...orithm The authentication algorithm used by IPSec phase 1 You can select MD5 SHA1 and SHA256 The default value is MD5 DH Key Group Select the desired key group the key group is also the DH algorithm L...

Page 68: ...2 You can select DES and 3DES BLOWFISH AES128 AES192 AES256 NULL DES for RM1800 10C RM1800 10W RM1800 10 Hash Algorithm The authentication algorithm used by IPSec phase 2 You can select MD5 SHA1 SHA2...

Page 69: ...n you should click Save to make the device take effect Before clicking Save do not switch to other interface Advanced setting Advanced setting IPSec Fragment If ticking the item enable the IPSec pre f...

Page 70: ...y the gateway address at the two sides of the tunnel Package Display the security protocol of the tunnel such as esp and ah encryption algorithm authentication algorithm negotiation mode transport or...

Page 71: ...quirement for the enterprise internal protocol encapsulation when setting up the tunnel in China The unique reason why the enterprise adopts GRE is the encapsulation for the internal address Enter VPN...

Page 72: ...an Network Set the internal interface segment of the peer network of the GRE tunnel It also can be one single IP address Inner Lan Mask Set the subnet mask of the peer intranet of the GRE tunnel If it...

Page 73: ...one certificate request file the suffix is csr For the application mode refer to the certificate application After the router generates the certificate request file it turns to the certificate uploadi...

Page 74: ...ation interface as follows Upload certificate Cert Upload Used to upload the certificate applied from other device Here you should upload the device certificate and private key center certificate CA c...

Page 75: ...ficate application Application Way There are two modes of filling the certificate One is to fill by the prompt the other is to fill the whole subject name applicable to apply for the certificates with...

Page 76: ...st file from the certificate application file list it is recommended to place the mouse on the corresponding certificate application file right click and select Save as to download If using the third...

Page 77: ...er Manual Maipu Confidential Proprietary Information Page 77 of 95 Online certificate CA Type mandatory select the certificate server type Currently the system supports Maipu CMS and Windows certifica...

Page 78: ...the certificate The maximum length is 30 bits Common Name CN mandatory you cannot input the special characters such as County Name C optional you can select CN HK or do not input Province optional in...

Page 79: ...of MP1800 10 router Click Status System logs and you can see the following interface System logs Prompt The system logs include route IPSEC firewall DHCP and system The user can select from the drop d...

Page 80: ...current operation system application software version information CPU frequency The main frequency information of MP1800 10 device Memory The memory information of MP1800 10 device SM1 Information Th...

Page 81: ...nel Send Flow The data traffic sent to the peer via the tunnel Lifetime The maximum using time of IPSec SA Run Time The time of setting up the tunnel Tunnel Num The total number of the tunnels set up...

Page 82: ...MP1800 10 3G Router User Manual Maipu Confidential Proprietary Information Page 82 of 95 Dialer interface status After enabling the standby account the dial interface status interface is as follows...

Page 83: ...ce status The dialer interface traffic information displays the wireless network interface traffic information of the current device as follows Dialer interface traffic information The mobile network...

Page 84: ...r Status WAN status and you can see the following interface WAN status Network Status Display the current connection status of the WAN port Protocol Display the protocol used by the WAN interface IP a...

Page 85: ...the bytes received by the WAN port Sent Packets Display the total number of the packets sent by the WAN port Sent Errors Display the number of the error packets sent by the WAN port Sent Drops Displa...

Page 86: ...s received by the LAN port Received Drops Display the number of the dropped packets received by the LAN port Received Bytes Display the number of the bytes received by the LAN port Sent Packets Displa...

Page 87: ...all DHCP clients of MP1800 10 router Click Status DHCP information and you can see the auto distributed addresses as follows DHCP information Connection Information The connection information display...

Page 88: ...Manual Maipu Confidential Proprietary Information Page 88 of 95 Connection information GPS Status This screen provides the longitude and latitude information of the devices location if GPS signal can...

Page 89: ...buffer realtime View the system running logs Reload Restart the device Exit Log out the device active device Activate the locked device login key Log into the shell command line traceroute dst Track t...

Page 90: ...ce mask refers to the network mask of the interface show interface View the information of all interfaces or one interface show interface ifname configure status ifname can be wan lan wan1 and lan1 Sy...

Page 91: ...the system show sms gateway View the number of the short message gateway show ppp View the PPP configuration information show configure View the configuration information of the module show configure...

Page 92: ...in value in the subject name of the certificate no crypto ca certificate name commonname Syntax Description commonname The CN value in certificate subject no crypto ca certificate type Delete the cert...

Page 93: ...tion clear conntrack Clear the connection track in the system show firewall View the firewall configuration information show firewall configure all chain name table name Syntax Description configure a...

Page 94: ...ernet Protocol IPv4 IP version 4 IPv6 IP version 6 IPSEC IP Secure Protocol L2TP Layer 2 Tunneling Protocol MTU Maximum Transmission Unit NAT Network Address Translation NTP Network Time Protocol PAP...

Page 95: ...n Page 95 of 95 TDMA Time Division Multiple Access UDP User Datagram Protocol UIM User Identity Module UMTS Universal Mobile Telecommunication System VPN Virtual Private Network VRRP Virtual Router Re...

Reviews: