Multitech RouteFinder RF825-C-Nx, User Manual

Page 1: ...RouteFinder SOHO SOHO Security Appliance EDGE Models RF825 E RF825 E AP CDMA Models RF825 C Nx RF825 C Nx AP User Guide ...

Page 2: ...his publication and to make changes from time to time in the content hereof without obligation of Multi Tech Systems Inc to notify any person or organization of such revisions or changes Revision Date Description A 06 19 07 Initial release Software version 1 30 B 10 31 07 Software version 1 40 Patents This device is covered by one or more of the following U S Patent Numbers 6 219 708 5 301 274 5 3...

Page 3: ...ecifications 15 Specifications for 802 11b g Interface 16 Chapter 2 Cabling the RouteFinder 17 RF825 Cabling 17 RF825 AP Cabling 18 Chapter 3 Setting Up a Workstation and a Wireless Account 19 Establishing TCP IP Communication 19 Obtaining Activating a Wireless Account 21 How Connect to the Internet Through the Cellular Provider s Service 21 To Disable Your Cellular Connection 23 Additional Config...

Page 4: ... 55 Network Setup PPP Cellular Analog Backup 56 Network Setup Dynamic DNS 58 Network Setup Static Routes 60 Network Setup IP Masquerading 60 Network Setup SNAT 61 Network Setup DNAT 62 Packet Filters 63 Packet Filter Packet Filter Rules 63 Packet Filters Advanced Filters 65 Packet Filter ICMP 66 Packet Filter Packet Filter Log 66 VPN Virtual Private Network 67 VPN IPSec 67 Introduction to Virtual ...

Page 5: ...ting 87 Chapter 7 Frequently Asked Questions 88 RouteFinder FAQs 88 EDGE FAQs 90 CDMA FAQs 90 Appendix A Table of Commonly Supported Subnet Addresses 91 Appendix B Antenna for the Wireless RouteFinder 93 The Access Point Antenna 93 Antenna Electrical Characteristics 93 Mechanical 93 Environmental 93 The Wireless Antenna 94 GSM EDGE and CDMA Antenna 94 GSM and E GSM Radio Characteristics 94 CDMA Ra...

Page 6: ...ecurity AP models Supports IPSec VPN tunnels and PPTP tunnels for secure LAN to LAN and Client to LAN access over the Internet 3DES and AES encryption Shared Internet access via PPPoE DHCP or static IP Integrated cellular EDGE or CDMA 1xRTT modem connectivity for automatic dial backup if your broadband connection goes down Built in 4 port 10 100M bps switch Stateful Packet Inspection firewall with...

Page 7: ...0M bps switch eliminates the need for an additional hub or switch to connect users not on a LAN It ensures high speed transmission and can serve as a completely dedicated full duplex backbone Network Security The RouteFinder SOHO appliance provides network layer security utilizing Stateful Packet Inspection the sophisticated firewall technology found in large enterprise firewalls to protect the ne...

Page 8: ...nections to securely connect telecommuters remote offices customers or suppliers to the corporate office Go to www multitech com products for more details RouteFinder Ship Kit Contents The RouteFinder ship kit contains the following items One RF825 RouteFinder Power Supply RJ45 Ethernet Cable 2 4 GHz 5dBi SWI Reverse F Swivel Access Point Antenna included with Wi Fi models only 2dBi Cellular Anten...

Page 9: ...avoid damage due to the accumulation of static charge Although input protection circuitry has been incorporated into the devices to minimize the effect of this static build up proper precautions should be taken to avoid exposure to electrostatic discharge during handling and mounting Caution Maintain a separation distance of at least 20 cm 8 inches between the transmitter s antenna and the body of...

Page 10: ...ted to the 10BaseT WAN Link ACT Lights when the WAN port has a valid Internet connection Blinks when it is receiving or transmitting data Modem TD TRANSMIT DATA This LED blinks when the modem is transmitting data to your wireless carrier RD RECEIVE DATA This LED blinks when the modem is receiving data from your wireless carrier CD CARRIER DETECT This LED lights when the modem detects a valid carri...

Page 11: ...ues chart Definition of xx Values The following table lists the xx values and explains how they correspond to the number of LEDs lit for signal strength AT CSQ xx Values Signal Strength LED Bars Signal Strength 0 to 6 No LEDs are lit Very weak signal 7 to 14 1 Bar LED is lit Weak signal 15 to 23 1 Bar and 2 Bar LEDs are lit Stronger signal 24 to 31 1 Bar 2 Bar 3 Bar LEDs are lit Strongest signal A...

Page 12: ...WAN 10 100BaseT port connects the DSL modem or cable modem LAN Ports There are 4 LAN ports You can connect to PCs FTP servers printers or other devices you want to put on your network 9 Volt to 32VDC RouteFinder power source can range from 9 volts to 32VDC Reset The Reset button resets the RouteFinder to its factory defaults Press and hold the Reset button until the Status LED blinks and then rele...

Page 13: ...Chapter 1 Introduction and Product Description Multi Tech Systems Inc RouteFinder RF825 RF825 AP User Guide Document Number S000422B 13 Application Example ...

Page 14: ...Office LAN to LAN IPSec 3DES AES Encryption Encryption Throughput 3M bps VPN Using FQDN Recommended VPN Tunnels Up to 15 Other Features Web Based HTTP Email Alerts Syslog Intrusion Logging WEP WPA WPA2 TKIP AES RF825 AP Automatic Dial Backup Integrated EDGE Modem RF825 E RF825 E AP Integrated CDMA Modem RF825 C RF825 C AP PPPoE DHCP Client Server Built in Dynamic DNS Client Multiple Public IPs on ...

Page 15: ...d Serial interface supporting DTE speeds to 230K Packet data up to 153 6K bps forward and reverse channels Circuit switched data up to 14 4K bps EDGE Specifications The SocketModem EDGE meets the following specifications Category Description Standards EDGE E GPRS Class 10 GPRS GPRS Class 12 Data Speed Packet Data rates up to 240K bps modulation coding scheme MCS 1 9 Mobile station Class B Circuit ...

Page 16: ...11 North America Ch 1 to 11 North America Ch 1 to 14 Japan Ch 1 to 13 Japan Ch 1 to 13 Europe ETSI Ch 1 to 13 Europe ETSI Ch 10 to 11 Spain Ch 10 to 11 Spain Ch 10 to 13 France Ch 10 to 13 France Transmission IEEE 802 11b DSSS IEEE 802 11g OFDM Modulation IEEE 802 11b DSSS IEEE 802 11g OFDM CCK 11 1 1 Mbps BPSK 6 9 Mbps QPSK 2 Mbps QPSK 12 18 Mbps BPSK 1 Mbps 16 QAM 24 36 Mbps 64 QAM 48 54 Mbps Ne...

Page 17: ...work devices PCs cable modems DSL modems analog modems and the RouteFinder 2 Plug one end of a RJ 45 cable into the Ethernet port on the PC and other into one of the LAN port on the RouteFinder If you have more than one PC connect the others in the same way to the other LAN ports 3 Connect the provided power supply cable to the 9 volt power port on the back of the RouteFinder and plug the other en...

Page 18: ...ck Panel section earlier in this chapter for the location of the antenna connector Note The antenna must be attached in order for the RouteFinder to be operational Antenna Power Supply Cable Ethernet Cable This part of the power supply cable varies by the region of the world to which the product is shipped NAM EU GB IE Note Units shipped with the universal AC power supply are not suited for instal...

Page 19: ...RouteFinders have built in DHCP functionality so you can set the PC to obtain a dynamic IP address The following directions were written using a Windows 2000 XP operating system Obtaining a Dynamic IP Address To obtain a dynamic IP address so it can be assigned to the Ethernet port 1 Make the RouteFinder connections as described on the previous two pages 2 Click Start Settings Control Panel Double...

Page 20: ... a dynamic IP address click the Obtain an IP address automatically button 6 Close out of the Control Panel 7 Repeat these steps for each PC on your network Setting a Fixed IP Address To set a Fixed IP Address check Specify an IP address instead of Obtain an IP address automatically Then click OK 1 Enter the workstation IP address as 192 168 2 x Note that the x in the address stands for numbers 101...

Page 21: ...plan with your account Multi Tech will not be responsible for any charges relating to your cellular bill Steps to Follow to Connect to the Internet 1 Turn on your PC and login Make sure your LAN connection is set to Obtain an IP Address Automatically see the section Setting a TCP IP Connection 2 Connect the RouteFinder LAN port to the PC using the Ethernet RJ 45 cable and apply power by plugging i...

Page 22: ...nder RF825 RF825 AP User Guide Document Number S000422B 22 10 Once you are logged in you must setup the PPP functionality Select Network Setup from the Menu bar and then select PPP Cellular Analog Backup when the Network Setup screen displays The PPP Cellular Analog Backup screen displays ...

Page 23: ...d light not blinking 13 From the workstation open the command window by clicking the Start button and selecting Run 14 Type CMD to open the command window Click OK 15 When the command window opens type IPCONFIG RELEASE to release your current IP received from the router 16 Then type IPCONFIG RENEW to renew your IP address from the router You should also receive a DNS address from the RouteFinder 1...

Page 24: ... signal 7 to 14 1 Bar LED is lit Weak signal 15 to 23 1 Bar and 2 Bar LEDs are lit Stronger signal 24 to 31 1 Bar 2 Bar 3 Bar LEDs are lit Strongest signal AT CCED Signal Strength LED Bars Signal Strength 113 to 101 No LEDs are lit Very weak signal 99 to 85 1 Bar LED is lit Weak signal 83 to 67 1 Bar and 2 Bar LEDs are lit Stronger signal 65 to 51 1 Bar 2 Bar 3 Bar LEDs are lit Strongest signal Ch...

Page 25: ... for finding out a PC s IP configuration the default gateway and the MAC address Login The Login screen for the RouteFinder software displays Type admin admin is the default user name in the user name box Type admin in the password box Click Login Note The User name and Password entries are case sensitive both must be typed in lower case The password can be up to 12 characters Later you will want ...

Page 26: ...n from which you can access all setup functions Note Only the top portion of the Home screen is shown here Navigating the Screens Before using the software you may find the following information about navigating through the screens and the structuring of the menus helpful Menu Bar Sub Menu Other Options Screen Name Input Area Menu Bar See menu categories and their submenus below ...

Page 27: ...ive Access System Logs Remote Syslog SNTP Client Tools Factory Defaults Network Configuration Service Configuration IP Settings Wireless LAN WLAN Security WLAN Client Filter Advanced IP Settings PPP Cellular Analog Backup Dynamic DNS Static Routes IP Masquerading SNAT DNAT Packet Filter Rules Advanced Filters ICMP Packet Filter Log IPSec PPTP Proxy DHCP Server Utilities Statistics Logs HTTP Proxy ...

Page 28: ...ation entered here will default to other screens that require this information Important Note An initial configuration must be completed for each type of RouteFinder functions firewall configuration LAN to LAN configuration or a LAN to Remote Client configuration Benefits of Using the Wizard Setup Saves time so that you are not entering the same information several times Allows you to start using ...

Page 29: ... must be completed for each type of RouteFinder functions firewall configuration LAN to LAN configuration a LAN to Remote Client configuration Click the Wizard Setup button located under the Menu Bar The following screen displays Screen Notes If you are using the AP build a section labeled WLAN inset shown on the right of the screen shot displays after you select Independent Subnet on the Network ...

Page 30: ...Address Mask DCP Server Address DNS Address Gateway Address Renew Time The time that the DHCP client should begin to contact its server to renew the lease it has obtained Expiry Time Expiry time is the time that the DHCP client must stop using the lease if it has not been able to contact a server in order to renew Use Peer DNS IP Address Check this box if you want the DNS server addresses from the...

Page 31: ...onds after which the PPPoE link should be brought down Connection Type Specify the type of connection for the link Options are Always Connect The link will always be established It is not dependent on whether or not there is data or a traffic flow through the RouteFinder Default Trigger on Demand The link will be established only when there is data or a traffic flow through the RouteFinder Dynamic...

Page 32: ...are Status Check this box to enable PPP Dial Backup on WAN interface Dial on Demand Check this box to initiate dial on demand which automatically makes the connection when there is traffic User Name Enter the user name to authenticate the RouteFinder with the ISP Password Enter the user password The password is optional These special characters cannot be used Baud Rate Select the serial baud rate ...

Page 33: ...entered correctly and your basic configuration is now complete Now you must save your settings to the Flash Memory this saves the current settings in the flash prom and prevents settings from getting lost at the next power up Restart This is optional You do not have to restart the RouteFinder after saving to the flash memory Your Basic Configuration Using the Setup Wizard is now Complete Testing Y...

Page 34: ... to be operational Administration Administration System Setup In the Administration part of the software you can set the RouteFinder general system based parameters System Setup includes the setting the Administrator s email address and the types of email notifications that will be sent to the System Administrator Email Notification SMTP Server Enter the IP address of the mail server Port Enter th...

Page 35: ... notifications Enter it in proper user domain format Click Save You can delete the entry and change it at any time if desired At least one email address must be entered in this field Configure Email Notification Select the types of notifications that you want sent Click the Add button The name will then appear in the Send Email Notification For box You can remove a type by clicking the Delete butt...

Page 36: ...e access Note that the selection box list will include those networks you enter under Networks Services Network Configuration You can change access by moving network hosts names from the Available list to from the Allowed list The RouteFinder will display an ERROR message if you try to delete access to a network that would cause you to lock yourself out Note Any defaults here for ease of installat...

Page 37: ... 120 seconds The smallest possible setting is 60 seconds The maximum setting is 3000 seconds If you close the browser in the middle of an open configuration session without closing via Exit the last session stays active until the end of the time out and no new administrator can log in Administrative Access HTTP Port This field is used for setting the HTTP port for Web administration After changing...

Page 38: ...click the Save button Administration Remote Syslog Note Enabling Remote Syslog logging will slow down the performance of the RouteFinder It should be used strictly for debugging purposes only Remote Syslog Remote Syslog Status Check the Remote Syslog Status box to enable the remote syslog function Remote Syslog Host IP Address If Remote Syslog is enabled then you must specify the Host IP Address A...

Page 39: ...e SNTP Client check box enables the firewall to act as a SNTP client SNTP Configuration General Configuration SNTP Client Enable or disable the SNTP Client to contact the configured server on the UDP port 123 and set the local time Default is Disable Server Enter the SNTP server name or IP address to which the SNTP Client must contact in order to update the time No default Polling Time Enter the p...

Page 40: ...ar Each day of the week occurs four or five times a month Therefore you will be selecting the week in which daylight saving time starts the first second third fourth or the last of the month In the U S A daylight saving time starts at 2 00 a m on the second Sunday in March Start Month Set the start month to use during Daylight Saving mode The default is March Start Day Set the start weekday to use...

Page 41: ...e Server is enabled the IP addresses of the reply packets will be converted into valid names PING Ping is an acronym for Packet Internet Groper The PING utility is used as a diagnostic tool to determine if a communication path exists between two devices on the network The utility sends a packet to the specified address and then waits for a reply PING is used primarily to troubleshoot Internet conn...

Page 42: ...the destination address has been reached Should the data packets path momentarily not be traceable stars appear to indicate a time out After a fixed number of time outs the attempt is aborted This can have various reasons e g a packet filter doesn t allow Trace Route If it is not possible to locate a name despite activated name resolution the IP address is shown after several attempts instead Host...

Page 43: ...ns where that particular network host is being used the corresponding change in the IP address or mask will be made automatically The networks hosts can be deleted only if is not used for any route or by any other module If a network is being used by the routing screen that network cannot be edited Similarly if a host address is edited and changed to a network address and if that host was used by ...

Page 44: ...e The Edit Network Publications in this example is displayed The name of the network cannot be changed but the IP Address and Subnet Mask can be edited You can delete a newly created network by clicking on Delete in the Options column for a desired network Example 1 IP address 192 168 2 1 Subnet mask 255 255 255 0 Define a private Class C net Example 2 IP address 216 200 241 66 Subnet mask 255 255...

Page 45: ...onfiguration of the user defined services The options to Delete or Edit a service after it has been defined and added are available by using the table at the bottom of the screen However standard sets of well known services cannot be edited or deleted Service Entries on This Service Configuration Screen Will Display on the Following Screens Packet Filters Packet Filter Rules Packet Filters Advance...

Page 46: ...eleting the user added services However there are some standard services which cannot be edited or deleted If the service is used by the Packet Filter rules SNAT or DNAT it cannot be deleted For editing any user defined service the Edit button has to be clicked to get the fields corresponding to the service entry Edit By clicking Edit in the Options column the information is loaded into the entry ...

Page 47: ... RouteFinder s Web Management Software Multi Tech Systems Inc RouteFinder RF825 RF825 AP User Guide Document Number S000422B 47 Network Setup IP Settings Network Setup Network Setup IP Settings Network IP Settings Screen ...

Page 48: ...l be displayed on the page Assigned IP Address Mask DHCP Server Address DNS Address Gateway Address Lease to be Renewed on the time that the DHCP client should begin to contact its server to renew the lease it has obtained Lease Expires on time at which the DHCP client must stop using the lease if it has not been able to contact a server in order to renew it Use Peer DNS IP Address Check this box ...

Page 49: ...hen there is data or a traffic flow through the RouteFinder Dynamic IP Address from ISP Check the box to enable the Dynamic IP address from the ISP If enabled the IP address obtained from the ISP is dynamic If disabled enter the IP address and subnet mask from the ISP in the following Fixed Address fields IP Address Subnet Mask Note If the ISP does not support the Fixed Address option then the Rou...

Page 50: ...b supports a maximum speed of 11M bps Mode b g is compatible with both b Only Clients as well as g Clients Country or Region Choose the Country or Region in which this device will be used Radio Channel Select the Radio Channel allowed in the selected country or region Independent Subnet Check this box if you would like the Wireless LAN located on a different Network from the default LAN Network Wh...

Page 51: ...receiving station such as an access point or another radio performs decryption upon arrival of the data 802 11 WEP encrypts data only between 802 11 stations WEP Authentication Method Automatic Automatic authentication allows any wireless station configured with the Open System Shared Key authentication method to associate with the AP Open System Using Open Authentication any wireless station can ...

Page 52: ... Wi Fi computer networks WPA is designed for use with an IEEE 802 1x authentication server which distributes different keys to each user However it can also be used in a less secure pre shared key PSK mode in which every user is given the same passphrase Pre Shared Key mode PSK also known as personal mode is designed for home and small networks that cannot afford the cost and complexity of an 802 ...

Page 53: ...ss before the Key will timeout for the WPA2 PSK Key only Group Key Rekeying The encryption keys are automatically changed called rekeying and authenticated between devices after a specified period of time or after a specified number of packets has been transmitted This is called the rekey interval Select either No Rekeying Rekeying Every number of seconds and enter the number of seconds desired or...

Page 54: ...l on the WLAN Default Action Choices are ALLOW Select this to allow the WLAN Client based on the Access Control list REJECT Select this to deny the WLAN Client based on the Access Control list Access Control List Device Name Enter the name of the device that will be allowed access to the WLAN Mac Address Enter Mac Address of the device that will be allowed access to the WLAN Add Button Click the A...

Page 55: ...ng IP Aliases The RouteFinder will treat the additional addresses as equals to the primary network card addresses IP aliases are required to administer several logical networks on one network card They can also be necessary in connection with the SNAT function to assign additional addresses to the firewall Note The same IP Address cannot be configured many times for an interface Similarly the same...

Page 56: ...h the WAN Ethernet interface the PPP backup link automatically comes up and the system regains its connection to the ISP PPP Client for Cellular Analog Modem Backup Status Check this box to enable PPP Dial Backup on WAN interface Dial On Demand Check this box to initiate dial on demand which automatically makes the connection when there is traffic Disable this to stay connected at all times Idle T...

Page 57: ... is an IP network to which a mobile device can be connected Click the Save button after the initialization strings are entered SIM Initialization String for GSM EDGE Cellular only Initialization String Enter the SIM initialization string The SIM initialization string is sent to the cellular modem during boot up in order to initialize the Cellular SIM This is not applicable for analog modems Click ...

Page 58: ...enable DDNS Client Default Disable Dynamic DNS Server Enter the name of the IP Server to which obtained IP addresses will be registered Dynamic DNS Port Enter the port number through which the DDNS has to update the server By default port 80 is used This port is configurable User Name Enter the name of the user who will be allowed access the DDNS Server Password Enter the Password the user will us...

Page 59: ...dns test dyndns org will also get resolved to a b c d However this will work only if the dynamic DNS server supports this option Custom DNS If enabled this option specifies the domain name registered is of custom type Also its specified server belongs to custom type Use Check IP If enabled this option specifies that the RouteFinder will use the Check IP utility to verify the IP addresses that are ...

Page 60: ...the network is defined in Networks Services Network Setup IP Masquerading Masquerading is a process that allows attaching of private networks to public networks Since private addresses are not routed to the Internet a source NAT on the RouteFinder s external interface is required Masquerading enables the user to enter only one source network Also if the external interface s IP address keeps changi...

Page 61: ...or UDP settings must be enabled in the Networks menu As the translation takes place after the filtering by packet filter rules you must allow connections that concern your SNAT rules in Packet Filters Packet Filter Rules with the original source address Packet filter rules are covered later in this chapter To create simple connections from private networks to the Internet you should use the Networ...

Page 62: ...rules you must set the appropriate rules in the Packet Filter Packet Filter Rules menu to let the already translated packets pass You can find more about setting packet filter rules earlier in this chapter Add DNAT Definition Allow Access From Select the source network host to which the DNAT rule will apply WAN IP Select the original target host or network of the IP packets that are to be re route...

Page 63: ...this button opens up a new window that displays the RouteFinder s live packet filter rules System Defined Rules These rules define a set of common application services that are allowed outbound access through the RouteFinder s WAN interface The services that come under this definition FTP TELNET SMTP DNS HTTP POP3 IMAP and HTTPS they form the Default Outbound Service Group The Default Outbound Ser...

Page 64: ...pre defined in the Services section The default entry Any selects all combinations of protocols and parameters e g ports Example SMTP ANY To Host Networks Select the host networks to which the packet is to be sent in order for the filter rule to match The Any option which matches all IP addresses regardless of whether they are officially assigned or private addresses may also be specified The netw...

Page 65: ...rface Allow Private Addresses By default packets from the WAN interface of the RouteFinder destined to any private address will be dropped Check this option to allow private addresses to pass through Allow Strict TCP Connection Passthrough TCP Strict By default packets with invalid flag combinations or TCP Sequence numbers passing via the RouteFinder will be dropped Check this option to allow thes...

Page 66: ... into the local network and all connected DMZs The default is Enabled ICMP on Firewall ICMP on LAN Check the ICMP on LAN checkbox to enable the forwarding of ICMP packets through the firewall into the local network and all connected DMZs The default is Enabled ICMP on WAN1 Check the ICMP on WAN1 checkbox to enable the transfer of ICMP packets on the WAN1 interface Packet Filter Packet Filter Log U...

Page 67: ...PSec protocol suite based on modern cryptographic technologies provides security services like encryption and authentication at the IP network layer It secures the whole network traffic providing guaranteed security for any application using the network It can be used to create private secured tunnels between two hosts two security gateways or a host and a security gateway VPN IPSec VPN Status Che...

Page 68: ...orward Secrecy PFS Check the PFS checkbox to enable PFS a concept in which the newly generated keys are unrelated to the older keys This is enabled by default Authentication Method Authentication can be done using Pre Shared Secrets Secret The Pre Shared Secret must be agreed upon and shared by the VPN endpoints it must be configured at both endpoints of the tunnel Select Encryption Select the enc...

Page 69: ... the local security gateway for which the security services should be provided If the RouteFinder acts as a host this should be configured as None Remote Gateway IP Interface where the IPSec tunnel ends In the case of a Road Warrior with a Dynamic IP address this should be configured to ANY FQDN FQDN is a DNS resolvable fully qualified domain name with which identity the right peer can be identifi...

Page 70: ...ntication MD5 96 bit key example 0x123456789012345678 SHA1 96 bit key example 0x123456789012345678 Encryption Method Select the encryption method Options include 3DES DES AES 128 AES 192 AES 256 and NULL no encryption Encryption Key The RouteFinder can use any one of the methods listed above See the online Help for examples SPI Base The Security Parameter Index identifies a manual connection The S...

Page 71: ...s are to be provided If the RouteFinder acts as a host this should be configured as None Other options are Any LAN LAN Interface WAN 1 WAN 1 Interface Remote Gateway IP Select the interface in which the IPSec tunnel ends In the case of Road Warriors with a Dynamic IP addresses this should be configured as ANY Other options include LAN LAN Interface WAN 1 WAN 1 Interface and None FQDN FQDN is a DNS...

Page 72: ...tion strength for the remote access connection Options are 40 bit 56 bit or 128 bit Select Remote Address The local IP address for the PPTP link and the range of remote IP addresses can be selected with this option The network has to be defined in the Network section The Local Address Remote Start Address Remote End Address and Range are displayed below as configured from the network Check Select ...

Page 73: ...Retype the password to confirm it Static IP Address Enter the specific Static IP Address from the range so that the server will issue it to the client when it is connected Allowed Users The names of the users entered above display in this text box If you wish to delete a name click the Delete button RADIUS Authentication Input Prerequisite Step In order to select RADIUS as the authentication type ...

Page 74: ...s there is no direct connection between client and server Proxy HTTP Proxy The HTTP Proxy is a module built into the RouteFinder to redirect HTTP requests from the clients in the LAN to the Internet HTTP Status To enable HTTP check the Status box and click Save When you click Edit the HTTP Allowed Networks part of the screen displays HTTP Allowed Networks Available Networks Hosts This defines the ...

Page 75: ... A Custom URL List has to be named before defining a rule Enter a name for the URL to include in the list here Click the Add button to save the name The name will be added to the Custom URL List on this screen Once the name is listed you can edit it and delete it Access Rules The Access Rules function enables you to define custom rules for the URL lists With these custom rules networks hosts can b...

Page 76: ...l store the DNS entries for a specified item So when there is a query next time the values will be taken from the cache and the response will be sent from the module itself This will shorten the waiting time significantly especially if it is a slow connection DNS Proxy LAN Status Click the Status box to enable the DNS proxy Click the Save button If enabled the DNS Proxy will be listening on the LA...

Page 77: ...hange the check mark click the Save button to activate the change Add Range From To add a range of IP addresses enter the beginning address of the range in this From field To Enter the last IP address of the range in this To field Specify Lease Time By default infinite lease is assigned to the configured subnet However this is NOT mandatory and can be configured If enabled by checking the box the ...

Page 78: ...MAC address even if there is no active DHCP connection with that IP address Add Fixed Address Enter both a MAC address and an IP address MAC Address Enter the MAC address Add Fixed Address Enter the fixed IP address DHCP Server WLAN Subnet Settings and WLAN Fixed Addresses This screen becomes available after you have checked the Independent Subnet box on the Network Setup Wireless LAN screen On th...

Page 79: ...ved configured Click the Browse button to locate the file Then click the Import button to restore the RouteFinder s configuration from this backup file The configuration file is downloaded to the RouteFinder and the saved configuration restored Export Backup Use this section of the screen to store the RouteFinder s configuration Click the Export button to save the configuration file Utilities Firm...

Page 80: ...ent Number S000422B 80 Statistics Logs System Information Statistics Logs Statistics Logs System Information The System Information screen provides the following information 1 System Information Product Modem Number Firmware Version MAC Address 2 Live Details Date and Time System Uptime Memory Utilization Free Memory Blocks ...

Page 81: ...Filter Logs All Access Requests Traversing Firewall Violating Security Policy All access requests from the private LAN and public WAN network clients to traverse the RouteFinder that violate the configured security policy All Access Requests to Firewall Violating Security Policy All access requests from the private LAN and public WAN network clients to send traffic to the RouteFinder itself that v...

Page 82: ...s that are active IPSec Statistics gives statistics of transmitted and received packets bytes Statistics Logs PPTP Live Log The PPTP Live Log gives information about users who are logged in into the PPTP server at any given point in time It also gives the Connect Time data and time Interface Name the link on which the user is connected User Name Local IP Address and Remote IP Address assigned Byte...

Page 83: ...uide Document Number S000422B 83 Statistics Logs PPP Cellular Analog Log Statistics Logs WLAN Client Live Log Statistics Logs PPP Cellular Analog Log The PPP Cellular Analog Log gives information about the modem connection Statistics Logs WLAN Client Live Log The WLAN Client Live Log lists current WLAN connections ...

Page 84: ...s DHCP Client Log Traces Click the Show button to view connection events between the DHCP Client and the DHCP Server PPPoE Client Log Traces Click the Show button to view connection events between the PPPoE Client and the DHCP Server PPTP Log Traces Click the Show button to view PPTP connection events Dynamic DNS Log Traces Click the Show button to view DDNS connection events IPSec Log Traces Clic...

Page 85: ...re the automatic DHCP configuration has been correctly set up for this computer or enter a statically assigned IP address Ensure that the Web browser is properly configured to connect to the Internet via the LAN The RouteFinder is connected but my workstation has problems accessing the Internet Ensure the workstation has TCP IP properly configured Attempt to ping the IP address of the RouteFinder ...

Page 86: ...he connection if there is a request from one of the computers on the LAN for an IP address on the Internet Keep in mind that certain applications can be configured to request information from the Internet For example Microsoft Outlook can be set up to check for new mail every x minutes If this feature is enabled Outlook will send a request for your Internet POP3 server which will cause your RouteF...

Page 87: ...er to get this activated on their network It is always best for the customer to be working with the carrier when they are activating a N1 model I activated my modem but I can t do anything with it When I try to dial out I get a NO CARRIER response If you are receiving a NO CARRIER response send AT CEER to check the reason for no carrier then check the number in the Reference Guide Make sure the mo...

Page 88: ...t This adds a level of security since the address of a PC connected to the private LAN is never transmitted on the Internet Furthermore NAT allows the RouteFinder to be used with low cost Internet accounts where only one TCP IP address is provided by the ISP The user may have many private addresses behind this single address provided by the ISP Does the RouteFinder support any operating system oth...

Page 89: ...m is DHCP capable Some ISPs require a MAC address to be registered with them If all else fails in the installation what can I do Reset your cable modem or DSL modem by powering the unit off and on Obtain the latest release of firmware for the RouteFinder at www multitech com Reset the RouteFinder s factory default by holding down the reset button until the lights start blinking Flash the firmware ...

Page 90: ...COM Telstra AU TELSTRA INTERNET Which module is used Siemens GSM GPRS EDGE quad band module MC75 CDMA FAQs What are the current models and firmware versions N1 213G Generic N2 205S Sprint N3 213V Verizon N4 213R RUIM N5 213G New Zealand Telecom N6 210G Bell South Ecuador N7 212A Telstra Australia N8 210G Bell South Colombia N9 213G Generic w Akey 0 N10 Bell South Peru N11 215I RUIM Indonesia N12 2...

Page 91: ... N N N 31 N N N 32 N N N 33 46 N N N 47 N N N 48 N N N 49 62 N N N 63 N N N 64 N N N 65 78 N N N 79 N N N 80 N N N 81 94 N N N 95 N N N 96 N N N 97 110 N N N 111 N N N 112 N N N 113 126 N N N 127 N N N 128 N N N 129 142 N N N 143 N N N 144 N N N 145 158 N N N 159 N N N 160 N N N 161 174 N N N 175 N N N 176 N N N 177 190 N N N 191 N N N 192 N N N 193 206 N N N 207 N N N 208 N N N 209 222 N N N 223 ...

Page 92: ... N N 89 90 N N N 91 N N N 92 N N N 93 94 N N N 95 N N N 96 N N N 97 98 N N N 99 N N N 100 N N N 101 102 N N N 103 N N N 104 N N N 105 106 N N N 107 N N N 108 N N N 109 110 N N N 111 N N N 112 N N N 113 114 N N N 115 N N N 116 N N N 117 118 N N N 119 N N N 120 N N N 121 122 N N N 123 N N N 124 N N N 125 126 N N N 127 N N N 128 N N N 129 130 N N N 131 N N N 132 N N N 133 134 N N N 135 N N N 136 N N ...

Page 93: ...Mandatory Guaranty of functionalities after test Bending Number of 90 at the hinge parts and bending on one direction with 1kg force 1000 cycles Mandatory No mechanical damage tolerated Guaranty of functionalities after test Antenna Resistance Tests are applicable to all parts and both sides Traction Tractions force applied 3 times on plugs during 15 seconds 5kg Mandatory No mechanical damage tole...

Page 94: ...le and semi rigid cables The characteristic impedance of the MMCX coaxial connector is 50 ohm The antenna manufacturer must guarantee that the antenna will be working according to the radio characteristics presented in the table below GSM and E GSM Radio Characteristics GSM 850 E GSM 900 GSM 1800 GSM 1900 Frequency RX 869 to 894 MHz 925 to 960 MHz 1805 to 1880 MHz 1930 to 1990 MHz Frequency TX 824...

Page 95: ... U S dollars drawn on a U S Bank For out of warranty repair charges go to COMPANY Policies warranty Extended two year overnight replacement service agreements are available for selected products Please call MTS customer service at 888 288 5470 or visit our web site at PARTNERS Programs overnight_replacement for details on rates and coverages Please direct your questions regarding technical matters...

Page 96: ...al sales representative for information about the repair of Multi Tech product s Please direct your questions regarding technical matters product configuration verification that the product is defective etc to our International Technical Support department at 763 717 5863 When calling the U S please direct your questions regarding repair expediting receiving shipping billing etc to our Repair Acco...

Page 97: ...o finance the costs of recovery from municipal collection points reuse and recycling of specified percentages per the WEEE requirements Instructions for Disposal of WEEE by Users in the European Union The symbol shown below is on the product or on its packaging which indicates that this product must not be disposed of with other waste Instead it is the user s responsibility to dispose of the user ...

Page 98: ...ata as opposed to a key that encrypts other keys Also called a session key DHCP Dynamic Host Configuration Protocol A protocol that was made to lessen the administrative burden of having to manually configure TCP IP Hosts on a network DHCP makes it possible for every computer on a network to extract its IP information from a DHCP server instead of having to be manually configured on each network c...

Page 99: ...ks those that do not meet the specified security criteria Firmware Software that has been has been permanently or semi permanently written to the RouteFinder s memory Your RouteFinder supports flash ROM which means you can upgrade the firmware in your network device very easily by downloading a copy of the new firmware from the Multi Tech Web site and using the RouteFinder Web browser management F...

Page 100: ...es M ML PPP Also called MP or MPPP Stands for Multilink Point to Point Protocol and is an advancement of the PPP protocol that allows for the bridging or bundling of two ISDN or analog channels for faster connections MAC Address The hardware address of a Device connected to a shared media To find out the MAC address of your computer please see Troubleshooting N NAT Technology NAT is short for Netw...

Page 101: ...ider Its main advantage is that it determines the need for the ISP to manage the allocation of IP addresses PPTP Point to Point Tunneling Protocol An IP tunneling protocol designed to encapsulate the LAN protocols IPX and Apple Talk within IP for transmission across the Internet and other IP based networks Private Key Key used in public key crypto that belongs to an individual entity and must be k...

Page 102: ... C Class A supports 16 million hosts on each of 127 networks Class B supports 65 000 hosts on each of 16 000 networks Class C supports 254 hosts on each of 2 million networks Due to the large increase in access to the Internet new classless schemes are gradually replacing the system based on classes TKIP TKIP Temporal Key Integrity Protocol is a security protocol used in Wi Fi Protected Access WPA...

Page 103: ...orks WPA is designed for use with an IEEE 802 1x authentication server which distributes different keys to each user However it can also be used in a less secure pre shared key PSK mode where every user is given the same passphrase Pre Shared Key mode PSK also known as personal mode is designed fro home and small networks that cannot afford the cost and complexity of an 802 1x authentication serve...

Page 104: ...m URL Filters 75 D Data Encryption Standard DES Definition 98 Data Key Definition 98 Daylight Savings Time configuration 40 DDNS authentication 58 DDNS Client 41 DDNS force update 42 DDNS Server 58 DDNS Status 42 DHCP Definition 98 DHCP Server 77 78 DHCP Server LAN Fixed Addresses 78 DHCP Server LAN Subnet Settings 77 DHCP Server WLAN Fixed Addresses 78 DHCP Server WLAN Subnet Settings 78 DHCP Ser...

Page 105: ...etwork Interface Details Log 81 Network Registration 24 Network Setup Advanced IP Settings 55 Network Setup DNAT 62 Network Setup Dynamic DNS 58 Network Setup IP Masquerading 60 Network Setup IP Settings 47 Network Setup IP Settings PPPoE 49 Network Setup PPP Cellular Analog Modem Backup 56 Network Setup SNAT 61 Network Setup Static Routes 60 Network Setup Wireless LAN 50 Network Setup Wireless LA...

Page 106: ...tion 80 Stats Logs WLAN Client Live Log 83 Sub Menus 27 Subnet Addresses 91 Subnet Definition 102 Subnet Mask Definition 102 Supported Subnet Addresses 91 System Information Log 80 System Logs 38 System Setup 34 T TCP IP Communication 19 TCP IP Definition 102 Temperature 14 Time Before Automatic Disconnect 37 Time zone configuration 40 TKIP Definition 102 Tools 41 Trace Route 42 Triple DES 3DES De...