PROLiNK Hurricane 9300G, User Manual

Page 1: ... 802 11g ADSL2 Modem Router User s Manual Revision 1 0 ...

Page 2: ......

Page 3: ...P server 16 LAN and WAN Port Addresses 16 INFORMATION FROM YOUR ISP 17 CONFIGURING WITH YOUR WEB BROWSER 18 CHAPTER 4 CONFIGURATION 19 STATUS 20 ARP Table 20 Wireless Association Table Wireless router only 21 DHCP Table 23 Email Status 24 Event Log 24 Error Log 24 NAT Sessions 25 UPnP Portmap 25 QUICK START 26 CONFIGURATION 28 LAN Local Area Network 28 Bridge Interface 28 Ethernet 29 Ethernet Clie...

Page 4: ...78 Virtual Server Port Forwarding 82 Add Virtual Server 83 Edit DMZ Host 84 Edit DMZ Host 85 Edit One to One NAT Network Address Translation 86 Time Schedule 89 Configuration of Time Schedule 90 Advanced 91 Static Routing 91 Dynamic DNS 92 Check Emails 93 Device Management 94 IGMP 98 VLAN Bridge 98 SAVE CONFIGURATION TO FLASH 103 LOGOUT 104 CHAPTER 5 TROUBLESHOOTING 105 PROBLEMS STARTING UP THE RO...

Page 5: ...s but also broadband multimedia applications such as interactive gaming video streaming and real time audio much easier and faster than ever It is compliant with Multi Mode standard ANSI T1 413 Issue 2 G dmt ITU G 992 1 G lite ITU G 992 2 G hs ITU G994 1 G dmt bis ITU G 992 3 G dmt bisplus ITU G 992 5 Wireless Ethernet 802 11g Wireless router only With integrated 802 11g Wireless Access Point in t...

Page 6: ... The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname This dynamic IP address is the WAN IP address For example to use the service you must first apply for an account from a DDNS service like http www dyndns org More than 5 DDNS servers are supported PPP over Ethernet PPPoE Provides embedded PPPoE client function to establish a connection Users can get greater acce...

Page 7: ...management It is user friendly and comes with on line help It also supports remote management capability for remote users to configure and manage this product Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI Rich management interfaces Supports flexible management interfaces with local console port LAN port and WAN port Users can use terminal applications...

Page 8: ... Antenna Quick Start Guide Do not use this router in high humidity or high temperatures Do not use the same power source for this router as other equipment Do not open or repair the case yourself If this router is too hot turn off the power immediately and have it repaired at a qualified service center Avoid using this product and all accessories outdoors Warning Place this router on a stable surf...

Page 9: ...2 ADSL When lit it indicates that the ADSL Line port is connected to the DSLAM and working properly 8 11 ETHERNET Port 1X 4X RJ 45 connector Lit when the LAN link is connected to an Ethernet device Green for 100Mbps Orange for 10Mbps Blinking when data is Transmitted Received 7 WLAN Lit green when the wireless connection is established Flashes when sending receiving data 6 SYS Lit when the system ...

Page 10: ... seconds above restore to factory default settings this is used when you cannot login to the router E g forgot the password 4 LAN 1X 4X RJ 45 connector Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 5 CONSOLE Connect a PS2 RS 232 cable optional to this port when connecting to a PC s RS 232 port 9 pin ...

Page 11: ...ng the proper cables Ensure that all other devices connected to the same telephone line as your router e g telephones fax machines analogue modems have a line filter connected between them and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed and the right way around M...

Page 12: ...is 255 255 255 0 i e any attached PC must be in the same subnet and have an IP address in the range of 192 168 1 1 to 192 168 1 253 The best and easiest way is to configure the PC to get an IP address automatically from this router using DHCP If you encounter any problems accessing the router s web interface it may also be advisable to uninstall any kind of software firewall on your PCs as they ca...

Page 13: ...ws XP 1 Go to Start Control Panel in Classic View In the Control Panel double click on Network Connections 2 Double click Local Area Connection See Figure 3 1 Figure 3 1 LAN Area Connection 3 In the Local Area Connection Status window click Properties See Figure 3 2 Figure 3 2 LAN Connection Status ...

Page 14: ...t Internet Protocol TCP IP and click Properties See Figure 3 3 Figure 3 3 TCP IP 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons See Figure 3 4 6 Click OK to finish the configuration Figure 3 4 IP Address DNS Configuration ...

Page 15: ...2000 1 Go to Start Settings Control Panel In the Control Panel double click on Network and Dial up Connections 2 Double click Local Area Connection See Figure 3 5 Figure 3 5 LAN Area Connection 3 In the Local Area Connection Status window click Properties See Figure 3 6 Figure 3 6 LAN Connection Status ...

Page 16: ...t Internet Protocol TCP IP and click Properties See Figure 3 7 Figure 3 7 TCP IP 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons See Figure 3 8 6 Click OK to finish the configuration Figure 3 8 IP Address DNS Configuration ...

Page 17: ...e Control Panel double click on Network and choose the Configuration tab 2 Select TCP IP NE2000 Compatible or the name of your Network Interface Card NIC in your PC See Figure 3 9 3 Click Properties Figure 3 9 TCP IP 4 Select the IP Address tab In this page click the Obtain an IP address automatically radio button See Figure 3 10 Figure 3 10 IP Address ...

Page 18: ... 11g ADSL2 Modem Router Chapter 3 Basic Installation 14 5 Then select the DNS Configuration tab See Figure 3 11 6 Select the Disable DNS radio button and click OK to finish the configuration Figure 3 11 DNS Configuration ...

Page 19: ...1 Go to Start Settings Control Panel In the Control Panel double click on Network and choose the Protocols tab 2 Select TCP IP Protocol and click Properties See Figure 3 12 Figure 3 12 TCP IP 3 Select the Obtain an IP address from a DHCP server radio button and click OK See Figure 3 13 Figure 3 13 IP Address ...

Page 20: ...ress 192 168 1 100 IP pool counts 100 LAN and WAN Port Addresses The parameters of LAN and WAN ports are pre set in the factory The default values are shown below LAN Port WAN Port IP address 192 168 1 254 Subnet Mask 255 255 255 0 DHCP server function Enabled IP addresses for distribution to PCs 100 IP addresses continuing from 192 168 1 100 through 192 168 1 199 The PPPoE function is enabled to ...

Page 21: ... IP address it can be automatically assigned by your ISP when you connect or be set manually PPPoA VPI VCI VC based LLC based multiplexing Username Password and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually RFC1483 Bridged VPI VCI VC based LLC based multiplexing to use Bridged Mode RFC1483 Routed VPI VCI VC based LLC based multip...

Page 22: ...r enter the IP address of your router which by default is 192 168 1 254 and click Go a user name and password window prompt will appear The default username and password are admin and admin See Figure 3 14 Figure 3 14 User name Password Prompt Widonw Congratulation You are now successfully logon to the 802 11g ADSL2 Modem Router ...

Page 23: ...ss Association Table Wireless router only Routing Table DHCP Table Email Status Event Log Error Log NAT Sessions and UPnP Portmap Quick Start Configuration LAN WAN System Firewall QoS Virtual Server Time Schedule and Advanced Save Config to FLASH Language provides user interface in English and Deutsch languages Please see the relevant sections of this manual for detailed instructions on how to con...

Page 24: ...of your PCs to use with the router s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature IP Address A list of IP addresses of devices on your LAN Local Area Network MAC Address The MAC Media Access Control addresses for each device on your LAN Interface The interface name on the router that this IP Address connects to Static Static stat...

Page 25: ...rricane 9300G 802 11g ADSL2 Modem Router Chapter 4 Configuration 21 Wireless Association Table IP Address It is IP address of wireless client that joins this network MAC The MAC address of wireless client ...

Page 26: ... destination netmask address Gateway Interface The IP address of the gateway or existing interface that this route will use Cost The number of hops counted as the cost of the route RIP Routing Table Destination The IP address of the destination network Netmask The destination netmask address Gateway The IP address of the gateway that this route will use Cost The number of hops counted as the cost ...

Page 27: ...Table IP Address The IP address that assigned to client MAC Address The MAC address of client Client Host Name The Host Name Computer Name of client Expiry The current lease time of client Expired Table Please refer the Leased Table Permanent Table Name The name you assigned to the Permanent configuration IP Address The fixed IP address for the specify client MAC Address The MAC Address that you w...

Page 28: ...s the router s Event Log entries Major events are logged to this window such as when the router s ADSL connection is disconnected as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration Firewall section of the interface Please see the Firewall section of this manual for more details on how to enable Firewall logging Error Log Any errors encountered by th...

Page 29: ...lists all current NAT sessions between interface of types external WAN and internal LAN UPnP Portmap The section lists all port mapping established using UPnP Universal Plug and Play Please see the Advanced section of this manual for more details on UPnP and the router s UPnP configuration options ...

Page 30: ... additional you have the option to provide specific DNS as your desire or check the Enable box to get the DNS automatically from your ISP Your ISP will be able to supply all the details you need alternatively if you have deleted the current WAN Connection in the WAN ISP section of the interface you can use the router s PVC Scan feature to attempt to determine the Encapsulation types offered by you...

Page 31: ...4 Configuration 27 Select the desired option from the list and click Apply to return to the Quick Start interface to continue configuring your ISP connection Please note that the contents of this list will vary depending on what is supported by your ISP ...

Page 32: ...ilter Wireless Wireless Security Wireless Client Filter Port Setting and DHCP Server Bridge Interface You can setup member ports for each VLAN group under Bridge Interface section From the example two VLAN groups need to be created Ethernet P1 Port 1 Ethernet1 P2 P3 and P4 Port 2 3 4 Please uncheck P2 P3 P4 from Ethernet VLAN port first Note You should setup each VLAN group with caution Each Bridg...

Page 33: ...in the LAN and two different LAN subnets through which you can access the Internet at the same time Users usually only have one subnet in their LAN so there is no need to configure a Secondary IP address The default IP address for the router is 192 168 1 254 RIP RIP v1 RIP v2 and RIP v2 Multicast Check to enable RIP function ...

Page 34: ...ng is set to Disable Allowed check to authorize specific device accessing your LAN by insert the MAC Address in the space provided or click Make sure your PC s MAC is listed Blocked check to prevent unwanted device accessing your LAN by insert the MAC Address in the space provided or click Make sure your PC s MAC is not listed The maximum client is 16 The MAC addresses are 6 bytes long they are pr...

Page 35: ... in LAN displays a list of individual Ethernet device s IP Address MAC Address which connecting to the router You can easily by checking the box next to the IP address to be blocked or allowed Then Add to insert to the Ethernet Client Filter table The maximum Ethernet client is 16 ...

Page 36: ...e exactly the ESSID as the device in order to get connected to your network Note It is case sensitive and must not excess 32 characters ESSID Broadcast It is function in which transmits its ESSID to the air so that when wireless client searches for a network router can then be discovered and recognized Default setting is Enable Disable If you do not want broadcast your ESSID Any client uses any wi...

Page 37: ...uired to bridge between two access points and extending an existing wired or wireless infrastructure network to create a larger network In addition WDS enhances its link connection security in WEP mode WEP key encryption must be the same for both access points WDS Service The default setting is Disable Check Enable radio button to activate this function Peer WDS MAC Address It is the associated AP...

Page 38: ...he key for network authentication The input format is in character style and key size should be in the range between 8 and 63 characters Group Key Renewal The period of renewal time for changing the security key automatically between wireless client and Access Point AP Default value is 600 seconds Idle Timeout The default idle timeout is 3600 seconds A Timeout value base on the case of no data tra...

Page 39: ...algorithm in WEP64 or WEP128 You can input the same string in both the AP and Client card settings to generate the same WEP keys Please note that you do not have to enter Key 0 3 as below when the Passphrase is enabled Default Used WEP Key Select the encryption key ID please refer to Key 0 3 below Key 0 3 Enter the key to encrypt wireless data To allow encrypted data transmission the WEP Encryptio...

Page 40: ...rt the MAC Address in the space provided or click Make sure your PC s MAC is listed Blocked check to prevent unwanted device accessing the LAN by insert the MAC Address in the space provided or click Make sure your PC s MAC is not listed The maximum client is 16 The MAC addresses are 6 bytes long they are presented only in hexadecimal characters The number 0 9 and letters a f are acceptable The ma...

Page 41: ... Client displays a list of individual wireless device s MAC Address that currently connects to the router You can easily by checking the box next to the MAC address to be blocked or allowed Then Add to insert to the Wireless Client MAC Address Filter table The maximum Ethernet client is 16 ...

Page 42: ...gure different types to solve compatibility issues The default is Auto which users should keep unless there are specific problems with PCs not being able to access your LAN IPv4 TOS priority Control Advanced users TOS Type of Services is the 2nd octet of an IP packet Bits 6 7 of this octet are reserved and bit 0 5 are used to specify the priority of the packet This feature uses bits 0 5 to classif...

Page 43: ...en configure parameters of the DHCP Server including the IP pool starting IP address and ending IP address to be allocated to PCs on your network lease time for each assigned IP address the period of time the IP address assigned will be valid DNS IP address and the gateway IP address These details are sent to the DHCP client i e your PC when it requests an IP address from the DHCP server Click App...

Page 44: ...wo items within the WAN section ISP DNS and ADSL ISP The factory default is PPPoE If your ISP uses this access protocol click Edit to input other parameters as below If your ISP does not use PPPoE you can change the default WAN connection entry by clicking Change A simpler alternative is to select Quick Start from the main menu on the left Please see the Quick Start section of the manual for more ...

Page 45: ...sulation method Selects the encapsulation format the default is LLC Bridged Select the one provided by your ISP DHCP client Enable or disable the DHCP client specify if the Router can get an IP address from the Internet Service Provider ISP automatically or not Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to disab...

Page 46: ...her Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allows all types of ethernet packets through the port Ip Allows only IP ARP types of ethernet packets through the port Pppoe Allows only PPPoE types of ethernet packets through the port PVID for Untagged Frames PVID is known as Port VLAN Identifier When an untagged packet is received by input port s ...

Page 47: ...Internet directly the NAT function can be disabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive IP Address Specify an IP address allowed to...

Page 48: ...is a specific or default route If set to enabled the route created will only apply to packets for the subnet at the remote end of the PPP link The address of this subnet is obtained during IPCP negotiation Subnet Mask sets the subnet mask used for the local IP interface connected to the PPP transport If the value 0 0 0 0 is supplied the netmask will be calculated from the class of the IP address o...

Page 49: ...NS This setting enables disables whether the primary secondary NBNS server address is requested from a remote PPP peer using IPCP The default setting for this command is disabled Discover Subnet Mask Specifies if the subnet mask given by IPCP negotiation process is to be used Give Subnet Mask To DHCP Server Enable to change your DHCP Server settings by using the given information in IPCP negotiati...

Page 50: ...rnet directly the NAT function can be disabled DHCP client Enable or disable the DHCP client specifying if the router can obtain an IP address from the Internet Service Provider ISP automatically or not Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to disable the DHCP client function and specify the IP address manu...

Page 51: ...t up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive Service Name This item is for identification purposes If it is required your ISP will provide you the information Maximum input is 20 alphanumeric characte...

Page 52: ...he remote end of the PPP link Specific Route Specifies whether the route created when a PPP link comes up is a specific or default route If set to enabled the route created will only apply to packets for the subnet at the remote end of the PPP link The address of this subnet is obtained during IPCP negotiation Subnet Mask sets the subnet mask used for the local IP interface connected to the PPP tr...

Page 53: ...the DHCP server Discover Primary NBNS Discover Secondary NBNS This setting enables disables whether the primary secondary NBNS server address is requested from a remote PPP peer using IPCP The default setting for this command is disabled Discover Subnet Mask Specifies if the subnet mask given by IPCP negotiation process is to be used Give Subnet Mask To DHCP Server Enable to change your DHCP Serve...

Page 54: ...to remember the DNS converts the friendly name into its equivalent IP Address You can obtain a Domain Name System DNS IP address automatically if your ISP has provided it when you logon check the Enable box Usually when you choose PPPoE or PPPoA as your WAN ISP protocol the ISP will provide the DNS IP address automatically You may leave the configuration field blank Alternatively your ISP may prov...

Page 55: ...king it active true again for taking effect with setting of Connect Mode Coding Gain Configure the ADSL coding gain from 0 dB to 7dB or automatic Tx Attenuation Setting ADSL transmission gain the value is between 0 12 DSP FirmwareVersion Current ADSL line code firmware version Connected Display current ADSL line sync status Operational Mode Display current ADSL mode standard Operational Mode your ...

Page 56: ... server you have specified If you prefer to specify an SNTP server other than those in the list simply enter its IP address as shown above Your ISP may provide an SNTP server for you to use Daylight Saving is also known as Summer Time Period Many places in the world adapt it during summer time to move one hour of daylight from morning to the evening in local standard time Check Automatic box to au...

Page 57: ...select a time period the router will permit remote access for and click Enable You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI If you wish to permanently enable remote access choose a time period of 0 minutes This setting cannot be saved into flash when timer set to zero ...

Page 58: ...r time this software may be improved and modified and your router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse will allow you to select the new firmware image file you have downloaded to your PC Once the correct file is selected click Upgrade to update the firmware in your router Warning DO NOT power down the router or interrupt the firmware upgr...

Page 59: ...any significant changes to your router s configuration Press Backup to select where on your local PC to save the settings file You may also change the name of the file when saving if you wish to keep multiple backups Press Browse to select a file from your PC to restore You should only restore settings files that have been generated by the Backup function and that were created when using the curre...

Page 60: ...If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings You may also reset your router to factory settings by holding the small Reset pinhole button on the back of your router in for 10 12 seconds whilst the router is turned on ...

Page 61: ... have clicked on Edit you are shown the following options You can change the user s password whether their account is active and Valid as well as add a comment to each user account These options are the same when creating a user account with the exception that once created you cannot change the username You cannot delete the default admin account however you can delete any other created accounts b...

Page 62: ...Internet Firewall Prevents access from outside your network The router provides three levels of security support NAT natural firewall This masks LAN users IP addresses which are invisible to outside users on the Internet making it much more difficult for a hacker to target a machine on your network This natural firewall is on when NAT function is enabled Firewall Security and Policy General Settin...

Page 63: ...Hurricane 9300G 802 11g ADSL2 Modem Router Chapter 4 Configuration 59 You can find six items under the Firewall section General Settings Packet Filter Intrusion Detection URL Filter and Firewall Log ...

Page 64: ...layed in Port Filters of Packet Filter Select either High Medium or Low security level to enable the Firewall The only difference between these three security levels is the preset port filter rules in the Packet Filter Firewall functionality is the same for all levels it is only the list of preset port filters that changes between each setting For more detailed on level of preset port filter infor...

Page 65: ...y available when the Firewall is enabled and one of these four security levels is chosen All blocked High Medium and Low The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall which is selected See Table1 Predefined Port Filter for more detailed information ...

Page 66: ...ES NO YES NO YES DNS 53 UDP 17 53 53 NO YES NO YES YES YES DNS 53 TCP 6 53 53 NO YES NO YES YES YES FTP 21 TCP 6 21 21 NO NO NO YES NO YES Telnet 23 TCP 6 23 23 NO NO NO YES NO YES SMTP 25 TCP 6 25 25 NO YES NO YES NO YES POP3 110 TCP 6 110 110 NO YES NO YES NO YES NEWS 119 TCP 6 119 119 NO NO NO YES NO YES RealAudio 7070 UDP 17 7070 7070 NO NO YES YES YES YES PING ICMP 1 N A N A NO YES NO YES NO ...

Page 67: ...ock the traffic to or form set IP address and Subnet Mask to 0 0 0 0 to inactive the Address Filter rule Tip To block access to from a single IP address enter that IP address as the Host IP Address and use a Host Subnet Mask of 255 255 255 255 Type It is the packet protocol type used by the application select either TCP or UDP Source Port This Port or Port Ranges defines the port allowed to be use...

Page 68: ...existing predefined rules Time Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol Number Insert the port number i e GRE 47 Inbound Outbound Select Allow or Block the access to the Internet Outbound or from the Internet Inbound Click Apply button to apply your changes ...

Page 69: ...medium or low security level To setup a web server located on the local network when the firewall is enabled you have to configure the Port Filters setting for HTTP As you can see from the diagram below when the firewall is enabled with one of the three presets Low Medium High inbound HTTP access is not allowed which means remote access through HTTP to your router is not allowed Note Inbound indic...

Page 70: ...Delete to delete the existing HTTP rule 3 Click Add TCP UDP Filter 4 Input the Rule Name Time Schedule Source Destination IP Type Source Destination Port Inbound and Outbound Example Application Cindy_HTTP Time Schedule Always On Source Destination IP Address es 0 0 0 0 I do not wish to active the address filter instead I use the port filter Type TCP Please refer to Table1 Predefined Port Filter S...

Page 71: ...e for HTTP is shown below 7 Configure your Virtual Server port forwarding settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server Note For how to configure the HTTP in Virtual Server go to Add Virtual Server in Virtual Server section for more details ...

Page 72: ...function such as Land attack and Echo CharGen scan Intrusion Detection If enabled IDS will block Smurf attack attempts Default is false Block Duration Victim Protection Block Duration This is the duration for blocking Smurf attacks Default value is 600 seconds Scan Attack Block Duration This is the duration for blocking hosts that attempt a possible Scan attack Scan attack types include X mas scan...

Page 73: ...im Protection Yes Yes Land attack SrcIP DstIP Yes Yes Echo CharGen Scan UDP Echo Port and CharGen Port Yes Yes Echo Scan UDP Dst Port Echo 7 Src IP Scan Yes Yes CharGen Scan UDP Dst Port CharGen 19 Src IP Scan Yes Yes X mas Tree Scan TCP Flag X mas Src IP Scan Yes Yes IMAP SYN FIN Scan TCP Flag SYN FIN DstPort IMAP 143 SrcPort 0 or 65535 Src IP Scan Yes Yes SYN FIN RST ACK Scan TCP No Existing ses...

Page 74: ...ion will be performed by the Block Mode Always On Action is enabled URL filter rules will be monitoring and checking at all hours of the day TimeSlot1 TimeSlot16 It is self defined time period You may specify the time period to check the URL filter rules i e during working hours For setup and detail refer to Time Schedule section Keywords Filtering Allows blocking by specific keywords within a par...

Page 75: ...he URL to determine if it is in the trusted list If yes the connection attempt is sent to the remote web server 2 If not check if it is listed in the forbidden list and if present then the connection attempt is dropped 3 If the packet does not match either of the above two items it is sent to the remote web server 4 Please be note that the domain only should be specified not the full URL For examp...

Page 76: ...knows this function Domain Filtering ONLY disables all WEB traffic except for Trusted Domain BUT not its IP address If this is the situation Block surfing by IP address function can be handy and helpful to Andy Now Andy can prevent Bobby from accessing other sites Block Java Applet This function can block Web content that includes the Java Applet It is to prevent someone who wants to damage your s...

Page 77: ...er Chapter 4 Configuration 73 Firewall Log Firewall Log display log information of any unexpected action with your firewall settings Check the Enable box to activate the logs Log information can be seen in the Status Event Log after enabling ...

Page 78: ...ic for each application from LAN Ethernet and or Wireless to WAN Internet It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream You can find three items under the QoS section Prioritization and Outbound Inbound IP Throttling bandwidth management ...

Page 79: ...tting is set to High you may adjust this setting to fit your policy application Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or range of packets to...

Page 80: ...ffort 000000 Premium Express Forwarding 101110 Gold service L Class 1 Gold 001010 Gold service M Class 1 Silver 001100 Gold service H Class 1 Bronze 001110 Silver service L Class 2 Gold 010010 Silver service M Class 2 Silver 010100 Silver service H Class 2 Bronze 010110 Bronze service L Class 3 Gold 011010 Bronze service M Class 3 Silver 011100 Bronze service H Class 3 Bronze 011110 ...

Page 81: ... Time Schedule Scheduling your prioritization policy Refer to Time Schedule for more information Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or ra...

Page 82: ...ime Schedule Scheduling your prioritization policy Refer to Time Schedule for more information Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or rang...

Page 83: ...Diagram Information and Settings Upstream 928 kbps Downstream 8 Mbps VoIP User 192 168 1 1 Normal Users 192 168 1 2 192 168 1 5 Restricted User 192 168 1 100 0 100 200 300 400 500 kbps VoIP VPN HIGH Others NORMAL Restricted LOW Throughput VoIP VPN HIGH Others NORMAL Restricted LOW Restricted PC Normal PCs VoIP ...

Page 84: ... latency sensitive application Most VoIP devices are use SIP protocol and the port number will be assigned by SIP module automatically Better to use fixed IP address for catching VoIP packets as high priority Above settings will help to improve quality of your VoIP service when traffic is full loading Restricted Application Some of companies will setup FTP server for customer downloading or home u...

Page 85: ...8kbps 29 32kbps Mission critical Application 192kbps 6 32kbps Voice Application 128kbps 4 32kbps Restricted Application 160kbps 5 32kbps Other Applications 448kbps 14 32kbps 6 4 14 5 29 29 32kbps 928kbps Sometime your customers or friends may upload their files to your FTP server and that will saturate your downstream bandwidth The settings below help you to limit bandwidth for the restricted appl...

Page 86: ...sharing applications and are using NAT Network Address Translation then you will usually need to configure your router to forward these incoming connection attempts using specific ports to the PC on your network running the application You will also need to use port forwarding if you want to host an online game server The reason for this is that when using NAT your publicly accessible IP address w...

Page 87: ... port is received it will be forwarded to the corresponding internal server Time Schedule A self defined time period to enable your virtual server You may specify a time schedule or Always on for the usage of this Virtual Server Entry For setup and detail refer to Time Schedule section Application Users define description to identify this entry or click to select existing predefined rules 20 prede...

Page 88: ... edit this virtual server application Delete Click it to delete this virtual server application If you have disabled the NAT option in the WAN ISP section the Virtual Server function will hence be invalid If the DHCP server option is enabled you have to be very careful in assigning the IP addresses of the virtual servers in order to avoid conflicts The easiest way of configuring Virtual Servers is...

Page 89: ...umber used by any other Virtual Server entries Cautious This Local computer exposing to the Internet may face varies of security risks Disabled As set in default setting it disables the DMZ function Enabled It activates your DMZ function Internal IP Address Give a static IP address to the DMZ Host when Enabled radio button is checked Be aware that this IP will be exposed to the WAN Internet Listed...

Page 90: ... utilize these IP addresses NAT Type Select desired NAT type As set in default setting it disables the One to One NAT function Global IP Address Subnet The subnet of the public WAN IP address given by your ISP If your ISP has provided this information you may insert it here Otherwise use IP Range method IP Range The IP address range of your public WAN IP addresses For example IP 192 168 1 1 end IP...

Page 91: ... for the virtual server In addition to specifying the port number to be used you will also need to specify the protocol used The protocol used is determined by the particular application Most applications will use TCP or UDP Global IP Define a public WAN IP address for this Application to use This Global IP address must be defined in the Global IP Address External Port The Port number on the Remot...

Page 92: ...aining ports referred to as dynamic or private ports are numbered from 49152 through 65535 For further information please see IANA s website at http www iana org assignments port numbers Table 5 Well known and registered Ports Port Number Protocol Description 20 TCP FTP Data 21 TCP FTP Control 22 TCP UDP SSH Remote Login Protocol 23 TCP Telnet 25 TCP SMTP Simple Mail Transfer Protocol 53 TCP UDP D...

Page 93: ...y to restrict or allowing the usage of the Internet by users or applications This Time Schedule correlates closely with router s time since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Refer to Time Zone for details You router time should correspond with your local time If the time is not...

Page 94: ...l be shown ID This is the index of the time slot Name A user define description to identify this time portfolio Day The default is set from Monday through Friday You may specify the days for the schedule to be applied Start Time The default is set at 8 00 AM You may specify the start time of the schedule End Time The default is set at 18 00 6 00PM You may specify the end time of the schedule Selec...

Page 95: ... items within the Advanced section Static Route Dynamic DNS Check Email Device Management IGMP and VLAN Bridge Static Routing Click on Routing Table and then choose Create Route add a routing table Destination This is the destination subnet IP address Netmask Subnet mask of the destination IP addresses based on above destination subnet IP Gateway This is the gateway IP address to which packets are...

Page 96: ...stablish an account with the Dynamic DNS provider using their website for example http www dyndns org There are more than 5 DDNS services supported Disable Check to disable the Dynamic DNS function Enable Check to enable the Dynamic DNS function The following fields will be activated and required Dynamic DNS Server Select the DDNS service you have established an account with Domain Name Username a...

Page 97: ...ters Emailing checking function The following fields will be activated and required Account Name Enter the name login of the POP3 account you wish to check Normally it is the text in your email address before the symbol If you have trouble with it please contact your ISP Password Enter the account s password POP3 Mail Server Enter your POP mail server name You Internet Service Provider ISP or netw...

Page 98: ... their LAN Management IP Address You may specify an IP address allowed to logon and access the router s web server Setting the IP address to 0 0 0 0 will disable IP address restrictions allowing users to login from any IP address Expire to auto logout Specify a time frame for the system to auto logout the user s configuration session For Example User A changes HTTP port number to 100 specifies the...

Page 99: ...agement Protocol SNMP V1 and V2 Read Community Specify a name to be identified as the Read Community and an IP address This community string will be checked against the string entered in the configuration file Once the string name is matched user obtains this IP address will be able to view the data Write Community Specify a name to be identified as the Write Community and an IP address This commu...

Page 100: ...ion group IP group ICMP group TCP group UDP group EGP not applicable Transmission SNMP group From RFC 1650 EtherLike MIB dot3Stats From RFC 1493 Bridge MIB dot1dBase group dot1dTp group dot1dStp group if configured as spanning tree From RFC 1471 PPP LCP MIB pppLink group pppLqr group From RFC 1472 PPP Security MIB PPP Security Group From RFC 1473 PPP IP MIB PPP IP Group ...

Page 101: ...02 11g ADSL2 Modem Router Chapter 4 Configuration 97 From RFC 1474 PPP Bridge MIB PPP Bridge Group From RFC 1573 IfMIB ifMIBObjects Group From RFC 1695 atmMIB atmMIBObjects From RFC 1907 SNMPv2 only snmpSetSerialNo OID ...

Page 102: ... Advanced VLAN Setup Example Triply Play VLAN_data Ethernet Port 1 Wireless and Wireless WDS are reserving for Internet On Ethernet port 1 I also need VC 0 40 bridged VLAN_Vedio Ethernet ports 2 3 and 4 0 33 Bi directional IP 0 34 Video 0 35 Video 0 36 Video Subscriber Services EPG EAS etc 0 37 Video 0 38 Video 0 39 Spare Step 1 Setup Member Ports Go to Configuration LAN Bridge Interface You can s...

Page 103: ...l click Edit to input other parameters if needed If your ISP does not use PPPoE you can change the default WAN connection entry by clicking Change From the example 0 40 is used for data internet and assumes PPPoE is used click the Edit to change the VPI VCI to 0 40 Click Create to setup up additional WAN interface for video applications Total of 8 VLAN is support therefore only 8 WAN interfaces ca...

Page 104: ...ion all traffic or only VLAN tagged Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allows all types of ethernet packets through the port Ip Allows only IP ARP types of ethernet packets through the port Pppoe Allows only PPPoE types of ethernet packets through the port PVID for Untagged Frames PVID is known as Port VLAN Identifier When an untagged pac...

Page 105: ...d ID PVID to identify the Video group The valid value range for PVID is 1 4094 From the example VLAN untagged ports for Data Internet ethernet wireless and wireless_wds VLAN untagged ports for Video ethernet1 rfc 1483 0 rfc 1483 6 Click Apply to made change effective immediately Mapping the VLAN Bridge with Bridge Interface created in Step1 you will see the conformable relationship in these two sc...

Page 106: ...Hurricane 9300G 802 11g ADSL2 Modem Router Chapter 4 Configuration 102 ...

Page 107: ...ion 103 Save Configuration to Flash After changing the router s configuration settings you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router Click Save to write your new configuration to FLASH ...

Page 108: ...PC accessing the configuration web pages at a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If the previous PC forgets to logout the second PC can access the page after a user defined period by default 3 minutes You can modify this value using the Advanced Device Management section of the web interface Please s...

Page 109: ...ialization of the PVC connection linesync failed Ensure that the telephone cable is connected properly from the ADSL port to the wall jack The ADSL LED on the front panel of the router should be on Check that your VPI VCI encapsulation type and type of multiplexing settings are the same as those provided by your ISP Reboot the router GE If you still have problems you may need to verify these setti...

Page 110: ...Cs on the LAN Check the Ethernet LEDs on the front panel The LED should be on for a port that has a PC connected If it is off check the cables between your router and the PC Make sure you have uninstalled any software firewall for troubleshooting Verify that the IP address and the subnet mask are consistent between the router and the workstations ...

Page 111: ......

Page 112: ... be unable to assist you until the virus is eradicated Singapore Service Centre Tel 65 62965455 Fax 65 63925455 Email support fida com Address Blk 105 Boon Keng Rd 06 13 Singapore 339776 Operating Hours Mon Fri 0900 1745 hrs Sat 0900 1300 hrs Malaysia Service Centre Tel 603 8023 9151 Fax 603 8024 9161 Email support_my fida com Address 29 Jalan USJ 1 31 47600 Subang Jaya Selangor Darul Ehsan Malays...