BiPAC 7404V(G)PX 3G/VoIP/(802.11g) ADSL2+ (VPN) Firewall Router User Manual Version release:1.09(5.53.s6.b1.
Table of Contents Chapter 1: Introduction ............................................................................................ 1 Chapter 2: Installing the Router ............................................................................... 5 Package Contents .............................................................................................. 5 The Front LEDs............................................................................................. 6 The Rear Ports......................
Wireless ................................................................................................. 45 Wireless Security ................................................................................... 47 Wireless Client / MAC Address Filter..................................................... 50 WPS ...................................................................................................... 51 Port Setting .................................................................................
Time Schedule .......................................................................................... 173 Advanced .................................................................................................. 176 Static Route ......................................................................................... 176 Static ARP ........................................................................................... 177 Dynamic DNS .................................................................
Chapter 1: Introduction Introduction to your Router Welcome to the 3G/VoIP/ (802.11g) ADSL2+(VPN) Firewall Router. The router is an “all-in-one” ADSL router, combining an ADSL modem, ADSL router and Ethernet network switch functionalities, providing everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection.
(WPA-PSK and WPA2-PSK) and Wired Equivalent Privacy (WEP) supported features enhance the security level of data protection and access control via Wireless LAN. Fast Ethernet Switch A 4-port 10/100Mbps fast Ethernet switch is built in with automatic switching between MDI and MDI-X for 10Base-T and 100Base-TX ports. An Ethernet straight or crossover cable can be used directly for auto detection.
The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname. This dynamic IP address is the WAN IP address. For example, to use the service, you must first apply for an account from a DDNS service like http://www.dyndns.org/.
Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI. Rich Management Interfaces It supports flexible management interfaces with local console port, LAN port, and WAN port. Users can use terminal applications through the console port to configure and manage the device, or Telnet, WEB GUI, and SNMP through LAN or WAN ports to configure and manage the device.
Chapter 2: Installing the Router Important note for using this router Package Contents 3G/VoIP/(802.
The Front LEDs. LED Meaning Lit when power is ON. Lit red means system failure. Restart the device or contact Billion for support. 1 Power 2 Lit when one of LAN ports is connected to an Ethernet device. Ethernet Port Lit green when the speed of transmission hits 100Mbps; Lit orange 1X — 4X when the speed of transmission hits 10Mbps. (RJ-45 connector) Blink when data is being Transmitted / Received. 3 USB Lit when the router is connected to a USB device. Flash when data is received / transmitted.
The Rear Ports Port 1 2 3 4 5 Antenna (Wireless Router only) DSL Line (Router with LINE port only) Phone 1X-2X (RJ-11 connector) USB Ethernet Meaning Connect the detachable antenna to this port. Connect this port to the ADSL/telephone network with the RJ11 cable (telephone) provided. Connect this port to the telephone jack on the wall with RJ-11 cable. Connect this port to an analog phone set with RJ-11 cable. Connect the USB cable to this port.
Cabling One of the most common causes of problem is bad cabling or ADSL line(s). Make sure that all connected devices are turned on. On the front panel of your router is a bank of LEDs. Verify that the LAN Link and ADSL line LEDs are lit. If they are not, verify if you are using the proper cables. Make sure that all devices (e.g.
Chapter 3: Basic Installation The router can be configured through your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 98/NT/2000/XP/Me/Vista, etc. The product provides an easy and user-friendly interface for configuration. Please check your PC network components. The TCP/IP protocol stack and Ethernet network adapter must be installed. If not, please refer to your Windows-related or other operating system manuals.
Connecting Your Router 1. Connect this router to a LAN (Local Area Network) and the ADSL/telephone (ADSL) net work. 2. Power on the device. 3. Make sure the Power LED lit steadily and that the LAN LED is lit. 4. Connect your router to the telephone jack on the wall with RJ-11 cable. 5. Connect the USB 2.0 cable.
Network Configuration Configuring PC in windows 7 1. Go to Start. Click on Control Panel. Then click on Network and Internet. 2. When the Network and Sharing Center window pops up, select and click on Change adapter settings on the left window panel. 3. Select the Local Area Connection, and right click the icon to select Properties.
4. Select Internet Protocol Version 4 (TCP/IPv4) then click Properties. 5. In the TCP/IPv4 properties window, select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons. Then click OK to exit the setting. 6. Click OK again in the Local Area Connection Properties window to apply the new configuration.
Configuring PC in Windows Vista 1. Go to Start. Click on Network. 2. Then click on Network and Sharing Center at the top bar. 3. When the Network and Sharing Center window pops up, select and click on Manage network connections on the left window column. 4. Select the Local Area Connection, and right click the icon to select Properties.
5. Select Internet Protocol Version 4 (TCP/IPv4) then click Properties. 6. In the TCP/IPv4 properties window, select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons. Then click OK to exit the setting. 7. Click OK again in the Local Area Connection Properties window to apply the new configuration.
Configuring PC in Windows XP 1. Go to Start > Control Panel (in Classic View). In the Control Panel, double-click on Network Connections 2. Double-click Local Area Connection. 3. In the Local Area Connection Status window, click Properties. 4. Select Internet Protocol (TCP/IP) and click Properties. 5. Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons. 6. Click OK to finish the configuration.
Configuring PC in Windows 2000 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on Network and Dial-up Connections. 2. Double-click Local Area Connection. 3. In the Local Area Connection Status window click Properties. 4. Select Internet Protocol (TCP/IP) and click Properties. 5. Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons. 6. Click OK to finish the configuration.
Configuring PC in Windows 95/98/Me 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on Network and choose the Configuration tab. 2. Select TCP/IP > NE2000 Compatible, or the name of your Network Interface Card (NIC) in your PC. 3. Select the Obtain an IP address automatically radio button. 4. Then select the DNS Configurationtab. 5. Select the Disable DNS radio button and click OK to finish the configuration.
Configuring PC in Windows NT4.0 1. Go to Start > Settings > Control Panel. In the Control Panel, double-click on Network and choose the Protocols tab. 2. Select TCP/IP Protocol and click Properties. 3. Select the Obtain an IP address from a DHCP server radio button and click OK.
Factory Default Settings Before configuring your router, you need to know the following default settings. Web Interface (Username and Password) Username: admin Password: admin The default username and password are “admin” and “admin” respectively. Device LAN IP settings IP Address: 192.168.1.254 Subnet Mask: 255.255.255.0 ISP setting in WAN site PPPoE DHCP server DHCP server is enabled. Start IP Address: 192.168.1.
Information from your ISP Before configuring this device, you have to check with your ISP (Internet Service Provider) to find out what kind of service is provided such as DHCP (Obtain an IP Address Automatically, Static IP (Fixed IP Address) or PPPoE. Gather the information as illustrated in the following table and keep it for reference.
Configuring with your Web Browser Open your web browser, enter the IP address of your router, which by default is 192.168.1.254, and click “Go”, a user name and password window prompt will appear. The default username and password are “admin” and “admin” respectively. (See Figure 3.14) Figure 3.14: User name & Password Prompt Window Congratulations! You are now successfully logon to the 3G/VoIP/(802.
Chapter 4: Configuration At the configuration homepage, the left navigation column provides you the link to each configuration page. The category of each configuration page is listed as below.
Status ADSL Status This section displays the ADSL overall status, which shows a number of helpful information such as DSP firmware version. 3G Status This section displays the 3G Card’s overall status, which shows you a number of helpful information such as the current signal strength and statistics on current and total bytes transferred and received. Status: The current status of the 3G card.
Signal Strength: The signal strength bar indicates current 3G signal strength. Network Name: The network name that the device is connected to. Card Name: The name of the 3G card. Card Firmware: The current firmware for the 3G card. Card IMEI: the IMEI( International Mobile Equipment Identity) of the 3G card. Current TX Bytes / Packets: The statistics of transmission, count for this call. Current RX Bytes / Packets: The statistics of receive, count for this call.
iBurst Status Displays additional information of the 3G status when iBurst function is enabled in the 3G configuration such as its signal strength, card name, connection status and port class Ethernet. ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses.
Static: Static status of the ARP table entry: “no” for dynamically-generated ARP table entries. “yes” for static ARP table entries added by the user. DHCP Table Leased: The DHCP assigned IP addresses information. Expired: The expired IP addresses information. Permanent: The fixed host mapping information.
Leased Table IP Address: The IP address that assigned to client. MAC Address: The MAC address of client. Client Host Name: The Host Name (Computer Name) of client. Expiry: The current lease time of client.
Routing Table Routing Table Valid: It indicates a successful routing status. Destination: The IP address of the destination network. Netmask: The destination Netmask address. Gateway/Interface: The IP address of the gateway or existing interface that this route will use. Cost: The number of hops counted as the cost of the route. RIP Routing Table Destination: The IP address of the destination network. Netmask: The destination Netmask address.
NAT Sessions This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play. See Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options.
PPTP Status This shows details of your configured PPTP VPN Connections. Name: The name you assigned to the particular PPTP connection in your VPN configuration. Type: The type of connection (dial-in/dial-out). Enable: Whether the connection is currently enabled. Active: Whether the connection is currently active. Tunnel Connected: Whether the VPN Tunnel is currently connected. Call Connected: If the Call for this VPN entry is currently connected.
IPSec Status This shows details of your configured IPSec VPN Connections. Name: The name you assigned to the particular VPN entry. Active: Whether the VPN Connection is currently Active. Connection State: Whether the VPN is Connected or Disconnected. Statistics: Statistics for this VPN Connection. Local Subnet: The local IP Address or Subnet used. Remote Subnet: The Subnet of the remote site. Remote Gateway: The Remote Gateway IP address. SA: The Security Association for this VPN entry.
VoIP Status This table shows the status of the phone ports after they are being used for the VoIP feature. It will display some information such as domain name, display name & phone number of the VoIP device.
Event Log This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration – Firewall section of the interface. Please see the Firewall section of this manual for more details on how to enable Firewall logging.
Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window. Diagnostic It tests the connection to computer(s) which is connected to the LAN ports and also the WAN Internet connection. If PING www.google.com is shown FAIL and the rest is PASS, you ought to check your PC’s DNS setting is correct.
Quick Start 1. Click Quick Start. Select the connect mode you want. There are 2 options to choose from: ADSL or 3G. Select ADSL mode from the drop down menu and click Continue. 2. If your ADSL line is not ready, you need to check your ADSL line has been set or not. 3. If your ADSL line is ready, the screen appears ADSL Line is Ready. Choose Auto radio button and click Apply. It will automatically scan the recommended mode for you. Manually mode makes you to set the ADSL line by manual.
5. Please enter “Username” and “Password” as supplied by your ISP(Internet Service Provider) and click Apply to continue. Profile Port: Select the connection mode. There is ADSL. Protocol: Select the protocol mode. The default mode is PPPoE. VPI/VCI: Enter the VPI and VCI information provided by your ISP. Username: Enter the username provided by your ISP. Password: Enter the password provided by your ISP. Service Name: This item is for identification purposes.
6. Configure the Wireless LAN setting. WLAN Service: Default setting is set to Enable. If you want to use wireless, both 802.11g and 802.11b device in your network, you can select Enable. ESSID: The ESSID is the unique name of a wireless access point (AP) to be distinguished from another. For security propose, change to a unique ID name to the AP which is already built-in to the router’s wireless interface. It is case sensitive and must not excess 32 characters.
7. Set up VoIP. SIP: To use VoIP SIP as VoIP call signaling protocol. Default is set to Disable. Region: This selection is a drop-down box, which allows user to select the country for which the VoIP device must work. When a country is selected, the country parameters are automatically loaded. SIP Service Provider: This section allows you to select the service provider. When the selection is done, respective parameters below are automatically displayed.
9. When ADSL is synchronic, it will appear “check”.
Configuration When you click this item, the column will expand to display the sub-items that will allow you to further configure your ADSL router. LAN, WAN, System, Firewall, VPN, VoIP, QoS, Virtual Server, Wake on LAN, Time Schedule and Advanced The function of each configuration sub-item is described in the following sections.
LAN - Local Area Network Here are the items within the LAN section: Bridge Interface, Ethernet, IP Alias, Ethernet Client Filter, Wireless, Wireless Security, Wireless Client Filter, WPS, Port Setting and DHCP Server. Bridge Interface You can setup member ports for each VLAN group under Bridge Interface section. From the example, two VLAN groups need to be created. Ethernet: P1 (Port 1) Ethernet1: P2, P3 and P4 (Port 2, 3, 4). Uncheck P2, P3, P4 from Ethernet VLAN port first.
Ethernet Primary IP Address IP Address: The default IP on this router. Subnet Mask: The default subnet mask on this router. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. IP Alias This function creates multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote node. In this case, an internal router is not required. IP Address: Specify an IP address on this virtual interface.
Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine(s) to access your LAN. There are no pre-define Ethernet MAC address filter rules; you can add the filter rules to meet your requirements. Ethernet Client Filter: Default setting is set Disable.
Active PC in LAN: Active PC in LAN displays a list of individual Ethernet device’s IP Address &MAC Address which connecting to the router. You can easily by checking the box next to the IP address to be blocked or allowed. Then, Add to insert to the Ethernet Client Filter table. The maximum Ethernet client is 16.
Wireless Parameters WLAN Service: Default setting is set to Enable. If you do not have any wireless, both 802.11g and 802.11b, device in your network, select Disable. Mode: The default setting is 802.11b+g (Mixed mode). If you do not know or have both 11g and 11b devices in your network, then keep the default in mixed mode. From the drop-down manual, you can select 802.11g if you have only 11g card. If you have only 11b card, then select 802.11b.
other AP(s). TX PowerLevel: It is a function that enhances the wireless transmitting signal strength. User may adjust this power level from minimum 1 up to maximum 127. Note: The Power Level maybe different in each access network user premises environment and choose the most suitable level for your network. Connected: Representing in true or false. That it is the connection status between the system and the build-in wireless card. AP MAC Address: It is a unique hardware address of the Access Point.
Wireless Security You can disable or enable with WPA or WEP for protecting wireless network. The default mode of wireless security is disabled.
WPA-PSK / WPA2-PSK Security Mode: You can disable or enable with WPA or WEP for protecting wireless network. The default mode of wireless security is Disable. WPA Algorithms: There are two types of the WPA-PSK, WPA-PSK and WPA2-PSK. The WPAPSK adapts the TKIP (Temporal Key Integrity Protocol) encrypted algorithms, which incorporates Message Integrity Code (MIC) to provide protection against hackers.
128 will offer increased security over WEP 64. Passphrase: This is used to generate WEP keys automatically based upon the input string and a pre-defined algorithm in WEP64 or WEP128. Default Used WEP Key: Select the encryption key ID; please refer to Key (1~4) below. Key (1-4): Enter the key to encrypt wireless data. To allow encrypted data transmission, the WEP Encryption Key values on all wireless stations must be the same as the router. There are four keys for your selection.
Wireless Client / MAC Address Filter The MAC Address supports up to 16 wireless network machines and helps you manage your network control to accept traffic from specific authorized machines or to restrict unwanted machine(s) to access your LAN. There are no pre-define MAC Address filter rules; you can add the filter rules to meet your requirements. Wireless Client Filter: Default setting is set to Disable.
Associate Wireless Client: Displays a list of individual wireless device’s MAC Address that currently connects to the router. You can easily by checking the box next to the MAC address to be blocked or allowed. Then, Add to insert to the Wireless Client (MAC Address) Filter table. The maximum Wireless client is 16. WPS WPS feature is follow Wi-Fi Alliance WPS standard and it easily set up security-enabled Wi- Fi networks in the home and small office environment.
Step 3: Enter AP’s PIN into the utility and click on the “next” button. Step 4: These are two ways to trigger AP as Enrollee role, you can choose one to do it. Push AP’s WPS button 1 second and release it. Or In the AP’s WPS configuration page, change Role to “Enrollee” and apply “Start” button.
Step 5: Jump start WPS utility search WPS AP. Step 6: SSID and security will be generated automatically (You can change it) and apply “next” button.
Step 7: WPS set up complete. And you have set up security-enabled Wi-Fi networks. Set up of security-enabled Wi-Fi network using WCN in Vista Step 1: Note down the AP’s PIN from Web (Ex: 90932489). Step 2: In Vista`s Control Panel, select Network and Internet and choose View network computers and devices. Double click the “ADSL Firewall Router” icon and enter the AP’s PIN code then click “Next”.
Step 3: Enter the AP SSID and apply “Next” button. Step 4: Enter the Passphrase and apply “Next” button.
Step 5: WCN set up complete. And you have set up security-enabled Wi-Fi networks. Adding a new WPS device (wireless client) to a network - Use PBC Method Step 1: Push AP’s WPS button more than one second and you will see AP’s WLAN led will flashing per second. Step 2: Open wireless client’s WPS utility, select “Join a wireless network” and apply “next” button. Note: After you push AP’s WPS button, below steps should be completed between 2 minutes.
Step 3: Select “Push the button on my access point” and apply “next” button. Step 4: New WPS device have join into the wireless network.
Adding a new WPS device (wireless client) to a network - Use PIN Method Step 1: Open wireless client’s WPS utility, select “Join a wireless network” and apply “next” button Step 2: Note down the wireless client’s PIN (Ex: 41538142) and apply “Start” button for active wireless client WPS PIN method.
Step 3: Enter wireless client’s PIN into “Enrollee’s PIN” of Web and apply “Start” button. Step 4: New WPS device have join into the wireless network.
Port Setting This section allows you to configure the settings for the router’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network. Port # Connection Type: There are Six options to choose from: Auto, disable, 10M half-duplex, 10M full-duplex, 100M half-duplex, 100M full-duplex and Disable.
DHCP Server You can disable or enable the DHCP (Dynamic Host Configuration Protocol) server or enable the router’s DHCP relay functions. The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically. To disable the router’s DHCP Server, check Disabled and click Next, then click Apply.
WAN - Wide Area Network WAN refers to your Wide Area Network connection, i.e. your router’s connection to your ISP and the Internet. Here are the items within the WAN section: WAN Interface, WAN Profile and ADSL Mode. WAN Interface ADSL Mode The default setting for Connection Mode is ADSL and for Protocol is PPPoE. 3G Mode In ADSL mode, as the ADSL is not available (failover/failback), it will switch to 3G mode for WAN Connection support.
EWAN EWAN is another way of getting connected to the Internet, the router offers its Ethernet port 1 as a WAN port to be used to connect to Cable Modems and fiber optic lines. This alternative, yet faster method to connect to the internet will provide users more flexibility to get online. When the above two mode is not valid,the way can be adopted. Dual WAN Main Port: Select Dual WAN. Mode Failover: Set to trigger ADSL / 3G failover function ready. WAN1: Select “ADSL” “EWAN” or “3G” mode for WAN1.
router will switch to the backup connection (backup port) once the main connection (main port) fails. Note: The time set is for each probe cycle, but the decision to change to the backup port is determined by Probe Cycle duration multiplied by connection Decision amount (e.g. From the image above it will be 60 seconds multiplied by 5 consecutive fails).
WAN Profile ADSL PPPoE Connection PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP. Profile Port: Select the profile port as ADSL. Protocol: The ATM protocol will be used in the device. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric characters (case sensitive).
Auth. Protocol: Default is Auto. Your ISP should advise you on whether to use Chap or Pap. Connection: Always on: If you want the router to establish a PPPoA session when starting up and to automatically re-establish the PPPoA session when disconnected by the ISP. Connect on Demand: If you want to establish a PPPoA session only when there is a packet requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet).
PPPoA Connection Profile Port: Select the profile port as ADSL. Protocol: The ATM protocol will be used in the device.. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric characters (case sensitive). This is in the format of “username@ispname” instead of simply “username”. Password: Enter the password provided by your ISP.
Detail: You can define the destination port and packet type (TCP/UDP) without checking by timer. It allows you to set which outgoing traffic will not trigger and reset the idle timer. MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific headers) that IP will attempt to send through the interface. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. TCP MSS Clamp: This option helps to discover the optimal MTU size automatically. Default is enabled.
MPoA Connection Profile Port: Select the profile port as ADSL. Protocol: The ATM protocol will be used in the device. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
MAC Spoofing: Some service providers require the configuring of this option. You must fill in the MAC address that specify by service provider when it is required. Default is disabled. Obtain DNS: A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. DNS helps to find the IP address for the specific domain name. Check the checkbox to obtain DNS automatically. Primary DNS: Enter the primary DNS. Secondary DNS: Enter the secondary DNS.
IPoA Connection Profile Port: Select the profile port as ADSL. Protocol: The ATM protocol will be used in the device. Description: A given name for the connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. NAT: The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing a single IP address.
Pure Bridge Profile Port: Select the profile port as ADSL. Protocol: The ATM protocol will be used in the device. Description: A given name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Encap. mode: Choose whether you want the packets in WAN interface as bridged packet or routed packet. Acceptable Frame Type: Specify which kind of traffic goes through this connection, all traffic or only VLAN tagged.
Multiple Seesion with PPPoE pass-through Profile Port: Select the profile port as ADSL. Protocol: The Multiple Session protocol will be used in the device. Description: A given name for this connection. VPI/VCI: Enter the information provided by your ISP. ATM Class: The Quality of Service for ATM layer. Username: Enter the username provided by your ISP. You can input up to 128 alpha-numeric characters (case sensitive). Password: Enter the password provided by your ISP.
MTU: Maximum Transmission Unit. The size of the largest datagram (excluding media-specific headers) that IP will attempt to send through the interface. RIP: RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function. TCP MSS Clamp: This option helps to discover the optimal MTU size automatically. Default is enabled. Obtain DNS: A Domain Name System (DNS) contains a mapping table for domain name and IP addresses. DNS helps to find the IP address for the specific domain name.
3G Profile mode: select the profile port as 3G iBurst: check the check box to determine whether to enable the iBurst function. Mode: select your wanted mode of 3G operation from the drop-down menu. TEL No.: The dial string to make a GPRS / 3G user internetworking call. It may provide by your mobile service provider. APN: An APN is similar to a URL on the WWW, it is what the unit makes a GPRS / UMTS call.
SIM card until you enter the correct code. If you enter the PIN code incorrectly into the phone 3 times in a row, then the SIM card will be blocked and you will require a PUK code from your network/service provider. Connection: select the connection method you want. Always On: The router will make UMTS/GPRS call when starting up. Enabling Always On, will give you an option of Keep Alive. Keep Alive: Set Enable to allow the router automatically reconnects the connection when ISP disconnects it.
EWAN Obtain an IP Address Automatically Profile Port: Select the profile port as EWAN. WAN Port: the router offers its Ethernet port 1 as a WAN port to be used to connect to Cable Modems and fiber optic lines. Protocol: Select Obtain an IP Address Automatically. Obtain DNS: Select Automatic to use DNS. Primary DNS/ Secondary DNS: Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask.
Fixed IP Address Select this option to set static IP information. You will need to enter the Connection type, IP address, netmask, and gateway address, provided to you by your ISP. Each IP address entered in the fields must be in the appropriate IP form, which is four IP octets separated by a dot (x.x.x.x). The Router will not accept the IP address if it is not in this format. Profile Port: Select the profile port as EWAN.
PPPoE PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP. Profile Port: Select the profile port as EWAN. WAN Port: the router offers its Ethernet port 1 as a WAN port to be used to connect to Cable Modems and fiber optic lines. Protocol: Select PPPoE. Username: Enter the username provided by your ISP. You can input up to 128 alphanumeric characters (case sensitive). This is in the format of “username@ispname” instead of simply “username”.
headers) that IP will attempt to send through the interface. MAC Spoofing: Select Enable and enter a MAC address that will temporarily change your router’s MAC address to the one you have specified in this field. Leave it as Disabled if you do not wish to change the MAC address of your router. Obtain DNS: Select Automatic to use DNS. Primary DNS/ Secondary DNS: Enter the IP addresses of the DNS servers.
ADSL Mode Connect Mode: This mode will automatically detect your ADSL line code, ADSL2+, ADSL2, AnnexM2 and AnnexM2+, ADSL, All. Please keep the factory setting unless ADSL is detected as the symptom of synchronization problem. Modulation: It will automatically detect capability of your ADSL line mode. Please keep the factory setting unless ADSL is detected as the symptom of synchronization problem.
System Here are the items within the System section: Time Zone, Remote Access, Firmware Upgrade, Backup/Restore, Restart ,User Management and Mail Alert. Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network. Choose your local time zone, click Enable and click the Apply button.
Remote Access To temporarily permit remote administration of the router (i.e. from outside your LAN), select a time period the router will permit remote access for and click Enable. You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI. If you wish to permanently enable remote access, choose a time period of 0 minute.
Backup / Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes. It is advisable to backup your router’s settings before making any significant changes to your router’s configuration. Press Backup to select where on your local PC to save the settings file.
Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings. You may also reset your router to factory settings by holding the small Reset pinhole button more than 6 seconds on the back of your router.
User Management In order to prevent unauthorized access to your router’s configuration interface, it requires all users to login with a password. You can set up multiple user accounts, each with their own password. You are able to Edit existing users and Add new users who are able to access the device’s configuration interface.
When you create a user account, check Valid box and fill in the respective information for User, Comment, Password and Confirm Password in the blanks provided. Then click the Add button to add your new user account. To delete a user account, click on the Delete radio button on the right column of the account you wish to delete and then click the Edit/Delete button on the top to confirm your deletion.
Mail Alert Mail alert is designed to keep system administrator or other relevant personnels alerted of any unexpected events that might have occured to the network computers or server for monitoring efficiency. With this alert system, appropriate solutions may be tackled to fix problems that may have arisen so that the server can be properly maintained. SMTP Server: Enter the SMTP server that you would like to use for sending emails.
Firewall and Access Control Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. Besides, when using NAT, the router acts as a “natural” Internet firewall, as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet. Firewall: Prevent outsiders from accessing your local network.
Listed are the items under the Firewall section: General Settings, Packet Filter, Intrusion Detection, URL Filter, IM/P2P Blocking and Firewall Log. General Settings You can choose not to enable Firewall and still able to access to URL Filter and IM/P2P Blocking or enable the Firewall using preset filter rules and modify the port filter rules as required. The Packet Filter is used to filter packets based-on Applications (Port) or IP addresses.
disable. Mostly it is for preventing any scan tools from WAN site by hacker. Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low). The preset port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected. See Table1: Predefined Port Filter for more detail information.
Example: Predefined Port Filters Rules The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1. Note: Firewall – All Blocked/User-defined, you must define and create the port filter rules yourself. No predefined rule is being preconfigured.
Inbound: Internet to LAN Outbound: LAN to Internet YES: Allowed NO: Blocked N/A: Not Applicable Packet Filter – Add TCP/UDP Filter Rule Name Helper: Users-define description to identify this entry or click “Select” drop-down menu to select existing predefined rules. The maximum name length is 32 characters. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy.
Packet Filter – Add Raw IP Filter Go to “Type” drop-down menu, select “Use Protocol Number”. Rule Name Helper: Users-define description to identify this entry or choosing “Select” drop-down menu to select existing predefined rules. Time Schedule: It is self-defined time period. You may specify a time schedule for your prioritization policy.
As you can see from the diagram below, when the firewall is enabled with one of the three presets (Low/Medium/High), inbound HTTP access is not allowed which means remote access through HTTP to your router is not allowed. Note: Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet.
Configuring Packet Filter: 1. Click Packet Filters. You will then be presented with the predefined port filter rules screen (in this case for the low security level), shown below: Note: You may click Edit the predefined rule instead of Delete it. This is an example to show to how you add a filter on your own. 2. Choose the radio button you want to delete the existing HTTP rule. Click Edit/Delete button to delete the existing HTTP rule. 3.
Example: Application: Cindy_HTTP Time Schedule: Always On Source / Destination IP Address(es): 0.0.0.0 (I do not wish to active the address-filter, instead I use the port-filter) Type: TCP (Please refer to Table1: Predefined Port Filter) Source Port: 0-65535 (I allow all ports to connect with the application)) Redirect Port: 80-80 (This is Port defined for HTTP) Inbound / Outbound: Allow 1. The new port filter rule for HTTP is shown below: 2.
99
Intrusion Detection The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious. Blacklist: If the router detects a possible attack, the source IP or destination IP address will be added to the Blacklist.
Table 2: Hacker attack types recognized by the IDS Intrusion Name Detect Parameter Ascend Kill Ascend Kill data WinNuke Smurf Land attack Echo/CharGen Scan Echo Scan CharGen Scan X’mas Tree Scan IMAP SYN/FIN Scan SYN/FIN/RST/ACK Scan Net Bus Scan Back Orifice Scan SYN Flood ICMP Flood ICMP Echo TCP Port 135, 137~139, Flag: URG ICMP type 8 Des IP is broadcast Type of Block Blacklist Duration DoS Yes Yes Src IP DoS Yes Yes Dst IP Victim Protection Yes Yes Yes Yes Yes Yes UDP Echo P
ICMP Flood ICMP Echo Max ICMP Count (Default 100 c/ sec) Max PING Count (Default 15 c/sec) Yes Yes Src IP: Source IP Src Port: Source Port Dst Port: Destination Port Dst IP: Destination IP 102
URL Filter URL (Uniform Resource Locator – e.g. an address in the form of http://www.abcde.com or http:// www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements. Enable/Disable: To enable or disable URL Filter feature. Block Mode: A list of the modes that you can choose to check the URL filter rules. The default is set to Always On.
Domains Filtering: This function checks the whole URL not the IP address, in URLs accessed against your list of domains to block or allow. If it is matched, the URL request will be sent (Trusted) or dropped (Forbidden). For this function to be activated, both check-boxes must be checked. Here is the checking procedure: 1. Check the domain in the URL to determine if it is in the trusted list. If yes, the connection attempt is sent to the remote web server. 2.
Example: Andy wishes to disable all WEB traffic except for ones listed in the trusted domain, which would prevent Bobby from accessing other web sites. Andy selects both functions in the Domain Filtering and thinks that it will stop Bobby. But Bobby knows this function, Domain Filtering, ONLY disables all WEB traffic except for Trusted Domain, BUT not its IP address. If this is the situation, Block surfing by IP address function can be handy and helpful to Andy.
IM / P2P Blocking IM, short for Instant Message, is required to use client program software that allows users to communicate, in exchanging text message, with other IM users in real time over the Internet. A P2P application, known as Peer-to-peer, is group of computer users who share file to specific groups of people across the Internet. Both Instant Message and Peer-to-peer applications make communication faster and easier but your network can become increasingly insecure at the same time.
Firewall Log Firewall Log display log information of any unexpected action with your firewall settings. Check the Enable box to activate the logs. Log information can be seen in the Status – Event Log after enabling.
VPN - Virtual Private Networks Virtual Private Networks is ways to establish secured communication tunnels to an organization’s network via the Internet. Your router supports three main types of VPN (Virtual Private Network): PPTP, IPSec and L2TP. PPTP (Point-to-Point Tunneling Protocol) There are two types of PPTP VPN supported; Remote Access and LAN-to-LAN (please refer below for more information). Click Configuration/VPN/PPTP. Name: A given name for the connection.
User. Sever IP Address(or Domain Name):Enter the Server IP Adress or Domain Name. Username: If you are a Dial-Out user (client), enter the username provided by your Host. If you are a Dial-In user (server), enter your own username. Password: If you are a Dial-Out user (client), enter the password provided by your Host. If you are a Dial-In user (server), enter your own password.
Example: Configuring a Remote Access PPTP VPN Dial-out Connection A company’s office establishes a PPTP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
Configuring the PPTP VPN in the Office Click Configuration/VPN/PPTP. Choose Remote Access from Connect Type drop-down menu. You can either input the IP address (69.1.121.33 in this case) or hostname to reach the server. Function Description Name VPN_PPTP Given name of PPTP connection Remote Access Select Remote Access from the Connection Type drop-down Connection menu Type Type Dial out Select Dial out from the Type drop-down menu 69.121.1.
PPTP Connection - LAN to LAN Click Configuration/VPN/PPTP. Choose LAN to LAN from Connect Type drop-down menu. Name: A given name for the connection (e.g. “connection to office”). Connection Type: Remote Access or LAN to LAN. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPNserver, e.g. your office server), check Dial In operates as a VPN server.
Auto, it is negotiated when establishing a connection. 128 bit keys provide stronger encryption than 40 bit keys. Mode: You may select Stateful or Stateless mode. The key will be changed every 256 packets when you select Stateful mode. If you select Stateless mode, the key will be changed in each packet. Active as default route: Commonly used by the Dial-out connection which all packets will route through the VPN tunnel to the Internet; therefore, active the function may degrade the Internet performance.
Example: Configuring a Remote Access PPTP VPN Dial-out Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch offices accordingly.
Configuring the PPTP VPN in the Head Office The IP address 192.168.1.201 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. Function Name HeadOffice LAN to LAN Connection Type Type Dial in IP Address 192.168.1.200 192.168.0.0 Peer Network IP Netmask 255.255.255.0 Username Username Password Auth.
Configuring the PPTP VPN in the Head Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router. Function Name HeadOffice LAN to LAN Connection Type Type Dial out 69.121.1.33 IP Address (or Domain Name) 192.168.1.0 Peer Network IP Netmask 255.255.255.0 Username Username Password Auth.
IPSec (IP Security Protocol) Active: This function activates or deactivates the IPSec connection. Check Active checkbox if you want the protocol of tunnel to be activated and vice versa. Note: When the Active checkbox is checked, the function of Edit and Delete will not be available. Name: This is a given name of the connection. Local Subnet: Displays IP address and subnet of the local network. Remote Subnet: Displays IP address and subnet of the remote network.
IPSec VPN Connection Name: A given name for the connection (e.g. “connection to office”). Local Network: Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host. Subnet: The subnet of the local network. For example, IP: 192.168.1.0 with netmask 255.255.255.0 specifies one class C subnet starting from 192.168.1.1 (i.e. 192.168.1.1 through to 192.168.1.254). IP Range: The IP address range of the local network. For example, IP: 192.168.1.
Local ID: Content: Input ID’s information, like domain name www.ipsectest.com. Remote ID: Identifier: Input remote ID’s information, like domain name www.ipsectest.com Hash Function: It is a Message Digest algorithm which coverts any length of a message into a unique set of bits. It is widely used MD5 (Message Digest) and SHA-1 (Secure Hash Algorithm) algorithms. SHA1 is more resistant to brute-force attacks than MD5, however it is slower. MD5: A one-way hashing algorithm that produces a 128íbit hash.
Perfect Forward Secrecy: Choose whether to enable PFS using Diffie-Hellman public-key cryptography to change encryption keys during the second phase of VPN negotiation. This function cryptography protocol that allows two parties to establish a shared secret over an unsecured communication channel (i.e. over the Internet). There are three modes, MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for Modular Exponentiation Groups.
is minimum time interval for this function. Click Edit/Delete to save your changes.
Example: Configuring an IPSec LAN to LAN VPN Connection Table 3: Network Configuration and Security Plan Local Network ID Local Router IP Remote Network ID Branch Office 192.168.0.0/24 69.1.121.30 192.168.1.0/24 Head Office 192.168.1.0/24 69.1.121.3 192.168.0.0/24 Remote Router IP IKE Pre-shared Key 69.1.121.3 12345678 69.1.121.
Configuring IPSec VPN in the Head Office Name Local Network Function IPSec_HeadOffice Subnet IP Address Netmask Remote Secure Gateway IP (or Hostname) Remote Network 192.168.1.0 255.255.255.0 69.121.1.30 IP Address Netmask Pre-shared Key Authentication Encryption Prefer Forward Security 192.168.0.0 255.255.255.0 12345678 MD5 3DES None Subnet Description Give a name of IPSec Connection Select Subnet from Local Network drop-down menu.
Configuring IPSec VPN in the Branch Office Name Local Network Function IPSec_BranchOffice Subnet IP Address Netmask Remote Secure Gateway IP (or Hostname) Remote Network 192.168.0.0 255.255.255.0 69.121.1.3 IP Address Netmask Pre-shared Key Authentication Encryption Prefer Forward Security 192.168.1.0 255.255.255.0 12345678 MD5 3DES None Subnet Description Give a name of IPSec Connection Select Subnet from Local Network drop-down menu.
Example: Configuring an IPSec Host to LAN VPN Connection 125
Configuring IPSec VPN in the Office Name Local Network Function IPSec Subnet IP Address Netmask Remote Secure Gateway IP (or Hostname) Remote Network 192.168.1.0 255.255.255.0 69.121.1.30 IP Address Pre-shared Key Authentication Encryption Prefer Forward Security 69.121.1.30 12345678 MD5 3DES None Single Address Description Give a name of IPSec Connection Select Subnet from Local Network drop-down menu.
L2TP (Layer Two Tunneling Protocol) Two types of L2TP VPN are supported Remote Access and LAN-to-LAN (please refer below for more information.). Fill in the blank with information you need and click Add to create a new VPN connection account. Active: This function activates or deactivates the PPTP connection. Check Active checkbox if you want the protocol of tunnel to be activated and vice versa. Note: When the Active checkbox is checked, the function of Edit and Delete will not be available.
Connection Type: Remote Access or LAN to LAN Name: A given name for the connection (e.g. “connection to office”). Connection Type: Remote Access or LAN to LAN. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g. your office server), check Dial In operates as a VPN server. When configuring your router as a Client, enter the remote Server IP Address (or Hostname) you wish to connect to.
SHA1: A one-way hashing algorithm that produces a 160íbit hash. Encryption: Select the encryption method from the pull-down menu. There are four options, DES, 3DES, AES and NULL. NULL means it is a tunnel only with no encryption. 3DES and AES are more powerful but increase latency. DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method. 3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption method.
Example: Configuring a L2TP VPN - Remote Access Dial-in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft's VPN Adapter (included with Windows XP/2000/ME, etc.). The router is installed in the head office, connected to a couple of PCs and Servers.
Configuring L2TP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure this IP is not used in the Office LAN. Function Name VPN_L2TP Connection Type Remote Access Type IP Address Username Password Auth. Type IPSec Authentication Encryption Perfect Forward Secrecy Pre-Shared Key Dial in 192.168.1.
Example: Configuring a Remote Access L2TP VPN Dial-out Connection A company’s office establishes a L2TP VPN connection with a file server located at a separate location. The router is installed in the office, connected to a couple of PCs and Servers.
Configuring L2TP VPN in the Office The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure this IP is not used in the Office LAN. Function Name VPN_L2TP Connection Type Remote Access Type IP Address (or Hostname) Username Password Auth. Type IPSec Authentication Encryption Perfect Forward Secrecy Pre-Shared Key Dial out 69.121.1.
L2TP Connection - LAN to LAN L2TP VPN Connection Name: A given name for the connection Connection Type: Remote Access or LAN to LAN. Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN server, e.g. your office server), check Dial In to have it operate as a VPN server. When configuring your router to establish a connection to a remote LAN, enter the remote Server IP Address (or Hostname) you wish to connect to.
Active as default route: Commonly used by the Dial-out connection which all packets will route through the VPN tunnel to the Internet; therefore, active the function may degrade the Internet performance. Remote Host Name (Optional): Enter hostname of remote VPN device. It is a tunnel identifier from the Remote VPN device matches with the Remote hostname provided. If remote hostname matches, tunnel will be connected; otherwise, it will be dropped.
Example: Configuring L2TP LAN-to-LAN VPN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch office accordingly.
Configuring L2TP VPN in the Head Office The IP address 192.168.1.200 will be assigned to the router located in the branch office. Please make sure this IP is not used in the head office LAN. Function Name HeadOffice Connection Type LAN to LAN Type IP Address Peer Network IP Username Password Auth. Type IPSec Authentication Encryption Perfect Forward Secrecy Pre-Shared Key Dial in 192.168.1.200 192.168.0.
Configuring L2TP VPN in the Branch Office The IP address 69.1.121.30 is the Public IP address of the router located in head office. If you registered the DDNS (please refer to the DDNS section of this manual), you can also use the domain name instead of the IP address to reach the router. Function Name BranchOffice Connection Type LAN to LAN Type IP Address (or Hostname) Peer Network IP Netmask Username Password Auth. Type IPSec Authentication Encryption Perfect Forward Secrecy Pre-Shared Key Dial out 69.
VoIP - Voice over Internet Protocol VoIP enables telephone calls through existing Internet connection instead of going through the PSTN (Public Switched Telephone Network). It is not only cost-effective, especially for a long distance telephone charges, but also toll-quality voice calls over the Internet. Here are the items within the VoIP section: SIP Device Parameters, SIP Accounts, Phone Port, PSTN Dial Plan, VoIP Dial Plan, Call Features, Speed Dial and Ring &Tone.
SIP Device Parameters This section provides easy setup for your VoIP service. Phone port 1 and 2 can be registered to different SIP Service Provider. SIP Device Parameters SIP: To use VoIP SIP as VoIP call signaling protocol. Default is set to Disable. Silence Suppression (VAD): Voice Activation Detection (VAD) prevents transmitting the nature silence to consume the bandwidth.
Advanced – Parameters VoIP through IP Interface: IP Interface decides where to send/receive the voip traffic; it includes: ipwan and iplan. Easy way to select the interface is to check the location of the SIP server. If it locates some where in the Internet then select ipwan. If the VoIP SIP server is on the local Network then select iplan. Voice Frame Size: Frame size is available from 10ms to 60ms. Frame size meaning how many milliseconds the Voice packets will be queued and sent out.
To take your phone OFFHOOK, lift the receiver then press Hook/Flash until you hear your normal PSTN dialtone, not your VoIP dialtone. Wait several seconds and then press Check Level. You should check the OFFHOOK value for each telephone you have connected to this device. Set the OFFHOOK voltage to the lowest setting registered for all your telephones, e.g. if your telephones return values of 4, 5 and 7 then you should set your OFFHOOK voltage to 4.
SIP Accounts This section reflects and contains basic settings for the VoIP module from selected provider in the Wizard section. Fail to provide correct information will halt making calls out to the Internet. Profile Name: User-defined name is for identifying the Profile. Registrar Address (or Hostname): Indicate the VoIP SIP registrar IP address. Registrar Port: Specify the port of the VoIP SIP registrar on which it will listen for register requests from VoIP device.
Phone Port This section displays status and allows you to edit the account information of your Phones. Click Edit to update your phone information. Port: It allows you to change the phone port setting for specify FXS port. *69 (Return Call): Dial *69 to return the last missed call. It is only available for VoIP call(s). *20 (Do not Disturb ON): Dial *20 to set the No Disturb on. Your phone will not ring if someone calls. *80 (Do not Disturb OFF): Dial *80 to set the No Disturb off.
without waiting. Note: Refer to Special Dial Code section in this Manual for more details. Codec Preference Codec is known as Coder-Decoder used for data signal conversion. Set the priority of voice compression; Priority 1 owns the top priority. G.729: It is used to encoder and decoder voice information into a single packet which reduces the bandwidth consumption. G.711ȝ-LAW: It is a basic non-compressed encoder and decoder technique.
PSTN Dial Plan (Router with LINE port only) This section enables you to configure “VoIP with PSTN switching” on your system. You can define a range of dial plans to make regular call from VoIP switching to PSTN line. Prefix numbers is essential key to make a distinguishing between VoIP and Regular phone call. If actual numbers dialed matches with prefix number defined in this dial plan, the dialed number will be routed to the PSTN to make a regular call.
PSTN Dial Plan Examples: ˄ˁʳʳʳDial with Prefix If you dial 01223 707070, number 01223707070 will be dialed out via FXO to make a regular phone call. ˅ˁʳʳʳDial without Prefix If you dial 9102, the number 102 will only be dialed out via FXO port to make a regular phone call.
ˆˁʳʳʳDial at Timeout If you only dial 01223 7070 and no more numbers, after the timeout activates, 012237070 will be dialed to make a regular call via FXO port.
Even though 7070 (only 4 digits) does not match with number of digits 6 defined in the filed, 7070 is still a valid phone number since it has not exceeded 6 digits. ˇˁʳʳʳDial at Timeout no Prefix If you only dial 97070 and no more numbers, after the timeout activates, 7070 will be dialed without prefix to make a regular call via FXO port. Even though 7070 (only 4 digits) does not match with number of digits 6 defined in the filed, 7070 is still a valid phone number since it has not exceed 6 digits.
VoIP Dial Plan This section helps you to make a telephony number dialed as making a regular call via VoIP. You no longer need to memorize a long dial string of number for making a VoIP call. Go to Configuration > VoIP > VoIP Dial Plan. Dial Plan Rules Click the Add button to create and define a VoIP dial-plan rule(s). PrefixProcessing: Prepend xxx unconditionally: xxx number is appended unconditionally to the front of the dialing number when making a call.
Main Digit Sequence: The call(s) can be called out via SIP or PSTN or ENUM. x: Any numeric number between 0 and 9. . ( period ): Repeat numeric number(s) between 0 and 9. * (asterisk sign): It is normal character ‘*’ on phone key pad. Please check if special service(s) is provided by your VoIP Service Provider or your Local Telephone Service Provider. # (pound sign): It is normal character ‘#’ on phone key pad.
**xx*x. Starting with ‘** sign’ + any two digit numbers between 0 + any number (0-9) in variable length. Maximum length is 16. #xx. Starting with ‘# sign’ + any digit number (0-9) in variable length but no shorter than 1 digits. Maximum length is 16. ##xx*x. Starting with ‘## sign’ + any two digit numbers + ‘* sign’ + any number (0-9) in variable length. Maximum length is 16.
Call Feature VoIP has all the basic features of a traditional phone. Besides the provided basic features, VoIP also comes with several enhanced features that allows you to further customize their settings to suit your personal needs such as call forwarding setting, call waiting time length, conference call feature, anonymous call feature and incoming no answer timer.
Ring & Tone This section allows advanced user to change the existing or newly defined parameters for the various ring tones (dial tone, busy tone, answer tone and etc.) CountrySpecificRing&Tone Region: Select a country ring-tone, from the drop-down list, where you are located. This VoIP router provides default parameter of ring tones according to different countries. The ring-tone parameters are automatically displayed after entering a specific country.
Tone Parameters You may need to check with your local telephone service provider for such information. Also, it is recommended that this option be configured by advanced user unless you are instructed to do so. Click Apply to apply the settings.
QoS - Quality of Service QoS function helps you to control your network traffic for each application from LAN (Ethernet and/or Wireless) to WAN (Internet). It facilitates you to control the different quality and speed of through put for each application when the system is running with full loading of upstream. Here are the items within the QoS section: Prioritization, Outbound IP Throttling & Inbound IP Throttling (bandwidth management).
Destination IP address Range: The destination IP address or range of packets to be monitored. Destination Port: The destination port of packets to be monitored. DSCP Marking: Differentiated Services Code Point (DSCP), it is the first 6 bits in the ToS byte. DSCP Marking allows users to assign specific application traffic to be executed in priority by the next Router based on the DSCP value. See Table 4 for DSCP Mapping Table.
information. Protocol: The name of supported protocol. Rate Limit: To limit the speed of outbound traffic Source IP Address Range: The source IP address or range of packets to be monitored. Source Port(s): The source port of packets to be monitored. Destination IP Address Range: The destination IP address or range of packets to be monitored. Destination Port(s): The destination port of packets to be monitored.
Inbound IP Throttling (WAN to LAN) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps. Name: User-define description to identify this new policy/application. Time Schedule: Scheduling your prioritization policy. Refer to Time Schedule for more information. Protocol: The name of supported protocol. Rate Limit: To limit the speed of for inbound traffic.
Example: QoS for your Network Connection Diagram VoIP Normal PCs Restricted PC 160
Information and Settings Upstream: 928 kbps Downstream: 8 Mbps VoIP User : 192.168.1.1 Normal Users : 192.168.1.2~192.168.1.5 Restricted User: 192.168.1.
Mission-critical application Mostly the VPN connection is mission-critical application for doing data exchange between head and branch office. The mission-critical application must be sent out smoothly without any dropping. Set priority as high level for preventing any other applications to saturate the bandwidth. Voice application Voice is latency-sensitive application. Most VoIP devices are use SIP protocol and the port number will be assigned by SIP module automatically.
With above settings that help to limit utilization of upstream of FTP. Time schedule also help you to only limit utilization at daytime. Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth; even the applications are located in the same level.
Sometime your customers or friends may upload their files to your FTP server and that will saturate your downstream bandwidth. The settings below help you to limit bandwidth for the restricted application.
Virtual Server (known as Port Forwarding) In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”. Servers follow the well-known port assignments so clients can locate them.
Porting Forwarding Because NAT can act as a “natural” Internet firewall, your router protects your network from being accessed by outside users when using NAT, as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network. When your router needs to allow outside users to access internal servers, e.g. a web server, FTP server, Email server or game server, the router can act as a “virtual server”.
enable port number 80 (Web/HTTP) and map to Router’s IP Address. Then all incoming HTTP requests from you (Remote side) will be forwarded to the Router with IP address of 192.168.1.254. Since port number 80 has already been predefined, next to the Application click Helper. A list of predefined rules window will pop and select HTTP_Sever. Application: HTTP_Sever Time Schedule: Always On Protocol: tcp External Port: 80-80 Redirect Port: 80-80 IP Address: 192.168.1.254 Add: Click it to apply your settings.
Edit DMZ Host The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host, when a packet received does not use a port number used by any other Virtual Server entries. Cautious: This Local computer exposing to the Internet may face varies of security risks. Go to Configuration > Virtual Server > Edit DMZ Host Enabled: It activates your DMZ function.
Edit One-to-One NAT (Network Address Translation) One-to-One NAT maps a specific private/local IP address to a global/public IP address. If you have multiple public/WAN IP addresses from you ISP, you are eligible for One-to-One NAT to utilize these IP addresses. Go to Configuration > Virtual Server > Edit One-to-one NAT NAT Type: Select desired NAT type. As set in default setting, it disables the One-to-One NAT function. Global IP Address: Subnet: The subnet of the public/WAN IP address given by your ISP.
Application: Users-defined description to identify this entry or click select existing predefined rules. drop-down menu to : 20 predefined rules are available. Application, Protocol and External/Redirect Ports will be filled after the selection. Protocol: It is the supported protocol for the virtual server. In addition to specifying the port number to be used, you will also need to specify the protocol used. The protocol used is determined by the particular application.
Example: List of some well-known and registered port numbers. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols. Port numbers range from 0 to 65535, but only ports numbers 0 to 1023 are reserved for privileged services and are designated as “well-known ports” (Please refer to Table 5). The registered ports are numbered from 1024 through 49151.
Wake on LAN Wake on LAN (WOL, sometimes WoL) is an Ethernet computer networking standard that allows a computer to be turned on or woken up remotely by a network message. Select: Select MAC address of the computer that you want to wake up or turn on remotely. Add: After selecting, click Add then you can perform the Wake-up action. Edit/Delete: Click to edit or delete the selected MAC address. Ready: “Yes” indicating the remote computer is ready for your waking up.
Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time profile, you may schedule specific day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications. This Time Schedule correlates closely with router’s time, since router does not have a real time clock on board; it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server from the Internet.
Configuration of Time Schedule Edit a Time Slot ˄ˁʳʳʳChoose any Time Slot (ID 1 to ID 16) to edit, click Edit radio button. Note: Watch it carefully, the days you have selected will present in capital letter. Lower case letter shows the day(s) is not selected, and no rule will apply on this day(s). 2. A detailed setting of this Time Slot will be shown. ID: This is the index of the time slot. Name: A user-define description to identify this time portfolio.
Delete a Time Slot Select the Delete radio button of the selected Time Slot under the Time Slot section, and click the Edit/Delete button to confirm the deletion of the selected Time profile, i.e. erase the Day and back to default setting of Start Time / End Time.
Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff. Here are the items within the Advanced section: Static Route, Static ARP, Dynamic DNS, Device Management, IGMP and VLAN Bridge. Static Route Go to Configuration > Advanced > Static Route.
Static ARP Go to Configuration > Advanced > Static ARP. IP Address: Fill in the IP address of the host computer that is sending the data packet. MAC Address: Fill in the MAC address of the computer that the incoming data packets are to be forwarded.
Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via your ADSL connection, so that anyone wishing to connect to you may use your domain name, rather than having to use your dynamic IP address, which changes from time to time. This dynamic IP address is the WAN IP address of the router, which is assigned to you by your ISP.
Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Device Host Name Host Name: Assign it a name. (The Host Name cannot be used with one word only. There are two words should be connected with a ‘.’ at least. Example: Host Name: homegateway ==> Incorrect Host Name: home.gateway or my.home.
Management IP Address: You may specify an IP address allowed to logon and access the router’s web server. Setting the IP address to 0.0.0.0 will disable IP address restrictions, allowing users to login from any IP address. Expire to auto-logout: Specify a time frame for the system to auto-logout the user’s configuration session.
For Example: User A changes HTTP port number to 100, specifies their own IP address of 192.168.1.55, and sets the logout time to be 100 seconds. The router will only allow User A access from the IP address 192.168.1.55 to logon to the Web GUI by typing: http://192.168.1.254:100 in their web browser. After 100 seconds, the device will automatically logout User A.
for “security”, but is widely accepted as the SNMPv2 standard. SNMPv3 is a strong authentication mechanism, authorization with fine granularity for remote monitoring. Traps supported: Cold Start, Authentication Failure.
IGMP IGMP, known as Internet Group Management Protocol, is used to management hosts from multicast group. IGMP Forwarding: Accepting multicast packet. Default is set to Enable. IGMP Snooping: Allowing switched Ethernet to check and make correct forwarding decisions. Default is set to Disable. VLAN Bridge This section allows you to create VLAN group and specify the member. Edit: Edit your member ports in selected VLAN group. Create VLAN: To create another VLAN group.
Logout To exit the router web interface, choose Logout. Please save your configuration setting before logging out of the system. Be aware that the router configuration interface can only be accessed by one PC at a time. Therefore when a PC has logged into the system interface, the other users cannot access the system interface until the current user has logged out of the system.
Chapter 5: Troubleshooting If your router is not functioning properly, please refer to the suggested solutions provided in this chapter. If your problems persist or the suggested solutions do not meet your needs, please kindly contact your service provider or Billion for support. Problems with the router Problem Suggested Action Check the connection between the router and the adapter. If the problem persists, most likely it is due to the malfunction of your hardware.
Problem with LAN interface Problem Cannot PING any PC on LAN Suggested Action Check the Ethernet LEDs on the front panel. The LED should be on for the port that has a PC connected. If it does not lit, check to see if the cable between your router and the PC is properly connected. Make sure you have first uninstalled your firewall program before troubleshooting. Verify that the IP address and the subnet mask are consistent for both the router and the workstations.
Appendix: Product Support & Contact Following the suggestions listed in the Troubleshooting section of the user manual can help you solve most of your problems. However if your problems persist or you come across other technical issues that are not listed in the Troubleshooting section, please contact the dealer from where you purchased your product. Contact Billion Worldwide: http://www.billion.com MAC OS is a registered Trademark of Apple Computer, Inc.
FCC Caution: 1. This device complies with Part 15 of the FCC rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) This device must accept any interference received, including interference that may cause undesired operation. 2. This device and its antenna(s) must not be co-located or operating in conjunction with any other antenna or transmitter. 3.
