If Domain Name is chosen and a domain name, such as foobar.com, is entered, any outgoing accesses to foobar.com and *.foobar.com will match this criterion. You may enter a wildcard (.*) at the end of a domain name to match any host with a name having the domain name in the middle. If you enter foobar.*, for example, www.foobar.com, www.foobar.co.jp, or foobar.co.uk will also match. Placing wildcards in any other position is not supported.
This field allows you to configure the default action when all the selected Connections are not available. When No connections are available Drop the Traffic - Traffic will be discarded. Use Any Available Connections - Traffic will be routed to any available Connection, even it is not selected in the list. Fall-through to Next Rule - Traffic will continue to match the next Outbound Policy rule just like this rule is inactive.
● USB: 10 Total weight is 60 = (10 +10 + 10 + 10 + 10 + 10). Matching traffic distributed to Ethernet WAN1 is 16.7% = (10 / 60 x 100%. Matching traffic distributed to Ethernet WAN2 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Wi-Fi WAN is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Cellular 1 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Cellular 2 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to USB is 16.7% = (10 / 60) x 100%. 15.2.
By Source: The same WAN connection will be used for traffic matching the rule and originating from the same machine, regardless of its destination. This option will provide the highest level of application compatibility. By Destination: The same WAN connection will be used for traffic matching the rule, originating from the same machine, and going to the same destination. This option can better distribute loads to WAN connections when there are only a few client machines. The default mode is By Source.
Starting from Firmware 5.2, outbound traffic can be prioritized to go through SpeedFusionTM connection(s). By default, VPN connections are not included in the priority list. Tip Configure multiple distribution rules to accommodate different kinds of services. 15.2.5 Alg o rit h m : O ve rflo w The traffic matching this rule will be routed through the healthy WAN connection that has the highest priority and is not in full load.
15.2.6 Algorithm: Least Used The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the most available download bandwidth. The available download bandwidth of a WAN connection is calculated from the total download bandwidth specified on the WAN settings page and the current download usage. The available bandwidth and WAN selection is determined every time an IP session is made. 15.2.
feature, click on the help icon and click turn on Expert Mode. In Expert Mode, a new special rule, SpeedFusionTM Routes, is displayed in the Custom Rules table. This rule represents all SpeedFusionTM routes learned from remote VPN peers. By default, this bar is on the top of all custom rules. This position means that traffic for remote VPN subnets will be routed to the corresponding VPN peer. You can create custom Priority or Enforced rules and move them above the bar to override the SpeedFusionTM routes.
16 P o rt Fo rw a rd in g Pepwave routers can act as a firewall that blocks, by default, all inbound access from the Internet. By using port forwarding, Internet users can access servers behind the Pepwave router. Inbound port forwarding rules can be defined at Advanced>Port Forwarding. To define a new service, click Add Service. Port Forwarding Settings Enable This setting specifies whether the inbound service takes effect.
The Port setting specifies the port(s) that correspond to the service, and can be configured to behave in one of the following manners: Any Port, Single Port, Port Range, Port Map, and Range Mapping Any Port: all traffic that is received by the Pepwave router via the specified protocol is forwarded to the servers specified by the Servers setting. For example, with IP Protocol set to TCP, and Port set to Any Port, all TCP traffic is forwarded to the configured servers.
way, the process of inbound port forwarding becomes automated. When a computer creates a rule using these protocols, the specified TCP/UDP port of all WAN connections' default IP address will be forwarded. Check the corresponding box(es) to enable UPnP and/or NAT-PMP. Enable these features only if you trust the computers connected to the LAN ports. When the options are enabled, a table listing all the forwarded ports under these two protocols can be found at Status > UPnP / NAT-PMP. https://www.peplink.
17 NAT Ma p p in g s NAT mappings allow IP address mapping of all inbound and outbound NAT’d traffic to and from an internal client IP address. Settings to configure NAT mappings are located at Advanced > NAT Mappings. To add a rule for NAT mappings, click Add NAT Rule. NAT Mapping Settings LAN Client(s) NAT mapping rules can be defined for a single LAN IP Address, an IP Range, or an IP Network. Address This refers to the LAN host’s private IP address.
Mappings Internet IP addresses on which the system should bind. Any access to the specified WAN connection(s) and IP address(es) will be forwarded to the LAN host. This option is only available when IP Address is selected in the LAN Client(s) field. Note that inbound mapping is not needed for WAN connections in drop-in mode or IP forwarding mode. Also note that each WAN IP address can be associated to one NAT mapping only.
18 QoS 18 .1 Us e r Gro u p s LAN and PPTP clients can be categorized into three user groups: Manager, Staff, and Guest. This menu allows you to define rules and assign client IP addresses or subnets to a user group. You can apply different bandwidth and traffic prioritization policies on each user group in the Bandwidth Control and Application sections (note that the options available here vary by model). The table is automatically sorted by rule precedence.
each WAN connection) that each individual Staff and Guest member can consume. No limit can be imposed on individual Manager members. By default, download and upload bandwidth limits are set to unlimited (set as 0). 18 .3 Ap p lic a t io n 18 .3.1 Ap p lic a t io n P rio rit iza t io n On many Pepwave routers, you can choose whether to apply the same prioritization settings to all user groups or customize the settings for each group. Three application priority levels can be set: ↑High,━ Normal, and↓Low.
18 .3.3 D SL/Ca b le O p t im iza t io n DSL/cable-based WAN connections have lower upload bandwidth and higher download bandwidth. When a DSL/cable circuit's uplink is congested, the download bandwidth will be affected. Users will not be able to download data at full speed until the uplink becomes less congested. DSL/Cable Optimization can relieve such an issue. When it is enabled, the download speed will become less affected by the upload traffic. By default, this feature is enabled. https://www.peplink.
19 Fire w a ll A firewall is a mechanism that selectively filters data traffic between the WAN side (the Internet) and the LAN side of the network. It can protect the local network from potential hacker attacks, access to offensive websites, and/or other inappropriate uses.
19 .1 O u t b o u n d a n d In b o u n d Fire w a ll Ru le s 19 .1.1 Ac c e s s Ru le s The outbound firewall settings are located at Advanced>Firewall>Access Rules>Outbound Firewall Rules. Click Add Rule to display the following screen: Inbound firewall settings are located at Advanced>Firewall>Access Rules>Inbound Firewall Rules. Click Add Rule to display the following screen: https://www.peplink.
Internal Network firewall settings are located at Advanced>Firewall>Access Rules>Internal Network Firewall Rules. Click Add Rule to display the following window: Inbound / Outbound / Internal Network Firewall Settings https://www.peplink.
Rule Name Enable This setting specifies a name for the firewall rule. This setting specifies whether the firewall rule should take effect. If the box is checked, the firewall rule takes effect. If the traffic matches the specified protocol/IP/port, actions will be taken by the Pepwave router based on the other parameters of the rule. If the box is not checked, the firewall rule does not take effect. The Pepwave router will disregard the other parameters of the rule.
With the value of Allow for the Action setting, the matching traffic passes through the router (to be routed to the destination). If the value of the Action setting is set to Deny, the matching traffic does not pass through the router (and is discarded). Event Logging This setting specifies whether or not to log matched firewall events. The logged messages are shown on the page Status>Event Log. A sample message is as follows: Aug 13 23:47:44 Denied CONN=Ethernet WAN SRC=20.3.2.1 DST=192.168.1.
inbound rule is set as Deny, a corresponding Allow firewall rule will be required. 19 .1.2 Ap p ly Fire w a ll Ru le s t o P e p Vp n Tra ffic When this option is enabled, Outbound Firewall Rules will be applied to PepVPN traffic. To turn on this feature, click , check the Enable check box, and press the Save button. 19 .1.3 In t ru s io n D e t e c t io n a n d D o S P re ve n t io n Pepwave routers can detect and prevent intrusions and denial-of-service (DoS) attacks from the Internet.
19 .2 Co n t e n t Blo c k in g 19 .2.1 Application Blocking Choose applications to be blocked from LAN/PPTP/PepVPN peer clients' access, except for those on the Exempted User Groups or Exempted Subnets defined below. 19 .2.2 W e b Blo c k in g Defines website domain names to be blocked from LAN/PPTP/PepVPN peer clients' access https://www.peplink.
except for those on the Exempted User Groups or Exempted Subnets defined below. If "foobar.com" is entered, any web site with a host name ending in foobar.com will be blocked, e.g. www.foobar.com, foobar.com, etc. However, "myfoobar.com" will not be blocked. You may enter the wild card ".*" at the end of a domain name to block any web site with a host name having the domain name in the middle. If you enter "foobar.*", then "www.foobar.com", "www.foobar.co.jp", or "foobar.co.uk" will be blocked.
20 Routing Protocols 20 .1 O SP F & RIP v2 The Pepwave supports OSPF and RIPv2 dynamic routing protocols. Click the Advanced tab from the top bar, and then click the Routing Protocols > OSPF & RIPv2 item on the sidebar to reach the following menu: OSPF Router ID This field determines the ID of the router. By default, this is specified as the LAN IP address. If you want to specify your own ID, enter it in the Custom field. Area This is an overview of the OSPFv2 areas you have defined.
OSPF Settings Area ID Link Type Determine the name of your Area ID to apply to this group. Machines linked to this group will send and receive related OSPF packets, while unlinked machines will ignore it. Choose the network type that this area will use. Authentication Choose an authentication method, if one is used, from this drop-down menu. Available options are MD5 and Text. Enter the authentication key next to the dropdown menu.
RIPv2 Settings Authentication Choose an authentication method, if one is used, from this drop-down menu. Available options are MD5 and Text. Enter the authentication key next to the dropdown menu. Interfaces Determine which interfaces this group will use to listen to and deliver RIPv2 packets. OSPF & RIPv2 Route Advertisement PepVPN Route Isolation Isolate PepVPN peers from each other. Received PepVPN routes will not be forwarded to other PepVPN peers to reduce bandwidth consumption..
BGP Name Enable Interface Autonomous System This field is for specifying a name to represent this profile. When this box is checked, Otherwise, it will be disabled. this BGP profile will be enabled. The interface where BGP neighbor is located The Autonomous System Number (ASN) of this profile Neighbor BGP Neighbor's details IP address Neighbor's IP address Autonomous System Neighbor's ASN Multihop/TTL Time-to-live (TTL) of BGP packet.
Network Advertising Networks to be advertised to BGP neighbor. Static Route Advertising Enable this option to advertise LAN static routes. Static routes that match the Excluded Networks table will not be advertised. Advertise OSPF When this box is checked, all learnt OSPF routes will be advertised. Route Filter Mode This option selects the route import filter mode. None: all BGP routes will be accepted. Accept: Routes in "Restricted Networks" will be accepted, routes not in the list will be rejected.
When this box is checked, routes learnt from this BGP profile will export to the OSPF Export to OSPF routing protocol. https://www.peplink.
21 Re m o t e Us e r Ac c e s s A remote-access VPN connection allows an individual user to connect to a private business network from a remote location using a laptop or desktop computer connected to the Internet. Networks routed by a Pepwave router can be remotely accessed via OpenVPN, L2TP with IPsec or PPTP. To configure this feature, navigate to Network > Remote User Access and choose the required VPN type. 21.
You have a choice between 2 different OpenVPN Client profiles: ● "route all traffic" profile Using this profile, VPN clients will send all the traffic through the OpenVPN tunnel tunnel" profile ● "split Using this profile, VPN clients will ONLY send those traffic designated to the untagged LAN and VLAN segment through the OpenVPN tunnel. 21.3 P P TP No additional configuration required. The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks.
LDAP Server: Enter the matching LDAP server details to allow for LDAP server authentication. Radius Server: Enter the matching Radius server details to allow for Radius server authentication. Active Directory: Enter the matching Active Directory details to allow for Active Directory server authentication. https://www.peplink.
22 Mis c e lla n e o u s Se t t in g s The miscellaneous settings include configuration for High Availability, Certificate Manager, service forwarding, service passthrough, GPS forwarding, GPIO, Groupe Networks and SIM Toolkit (depending the feature is supported on the model of Peplin router that is being used). 22.1 Hig h Ava ila b ilit y Many Pepwave routers support high availability (HA) configurations via an open standard virtual router redundancy protocol (VRRP, RFC 3768).
become active. You can configure high availability at Advanced>Misc. Settings>High Availability. Interface for Master Router Interface for Slave Router High Availability Enable Checking this box specifies that the Pepwave router is part of a high availability configuration. This number identifies a pair of Pepwave routers operating in a high availability Group Number configuration. The two Pepwave routers in the pair must have the same Group Number value.
LAN This setting specifies a LAN IP address to be used for accessing administration Administration functionality. This address should be unique within the LAN. IP Subnet Mask This setting specifies the subnet mask of the LAN. Important Note For Pepwave routers in NAT mode, the virtual IP (VIP) should be set as the default gateway for all hosts on the LAN segment.
Please note that the drop-in WAN cannot be configured as a LAN bypass port while it is configured for high availability. 22.2 Ce rt ific a t e Ma n a g e r This section allows for certificates to be assigned to the local VPN, Web Admin SSL, Captive Portal SSL, OpenVPN CA, Wi-Fi WAN Client certificate and Wi-Fi WAN CA Certificate. The following knowledge base article describes how to create self-signed certificates and import it to a Peplink Product. https://www.peplink.
https://forum.peplink.com/t/how-to-create-a-self-signed-certificate-and-import-it-to-a-peplinkproduct/ 22.3 Se rvic e Fo rw a rd in g Service forwarding settings are located at Advanced>Misc. Settings>Service Forwarding. Service Forwarding SMTP Forwarding When this option is enabled, all outgoing SMTP connections destined for any host at TCP port 25 will be intercepted. These connections will be redirected to a specified SMTP server and port number.
WAN connection to the WAN’s corresponding SMTP server. To enable the feature, select Enable under SMTP Forwarding Setup. Check Enable Forwarding for the WAN connection(s) that needs forwarding. Under SMTP Server, enter the ISP’s e-mail server host name or IP address. Under SMTP Port, enter the TCP port number for each WAN. The Pepwave router will intercept SMTP connections.
to the connection’s original destination. 22.3.3 D NS Fo rw a rd in g When DNS forwarding is enabled, all clients’ outgoing DNS requests will also be intercepted and forwarded to the built-in DNS proxy server. 22.3.4 Cu s t o m Se rvic e Fo rw a rd in g After clicking the enable checkbox, enter your TCP port for traffic heading to the router, and then specify the IP Address and Port of the server you wish to forward to the service to. 22.
SIP Session initiation protocol, aka SIP, is a voice-over-IP protocol. The Pepwave router can act as a SIP application layer gateway (ALG) which binds connections for the same SIP session to the same WAN connection and translate IP address in the SIP packets correctly in NAT mode. Such passthrough support is always enabled, and there are two modes for selection: Standard Mode and Compatibility Mode.
22.5 UART Selected Pepwave MAX routers feature a RS-232 serial interface on the built-in terminal block. The RS-232 serial interface can be used to connect to a serial device and make it accessible over an TCP/IP network. The serial interface can be enabled and parameters can be set on the web admin page under Advanced > UART. Make sure they match the serial device you are connecting to. https://www.peplink.
There are 4 pins i.e. TX, RX, RTS, CTS on the terminal block for serial connection and they correspond to the pins in a DB-9 connector as follows: DB-9 Pepwave MAX Terminal Block Pin 1 – Pin 2 Rx (rated -+25V) Pin 3 Tx (rated -+12V) Pin 4 – Pin 5 – Pin 6 – Pin 7 RTS Pin 8 CTS Pin 9 – The RS232 serial interface is not an isolated RS232. External galvanic isolation may be added if required.
22.6 GP S Fo rw a rd in g Using the GPS forwarding feature, some Pepwave routers can automatically send GPS reports to a specified server. To set up GPS forwarding, navigate to Advanced>GPS Forwarding. GPS Forwarding Enable Check this box to turn on GPS forwarding. Server Enter the name/IP address of the server that will receive GPS data. Also specify a port number, protocol (UDP or TCP), and a report interval of between 1 and 10 seconds. Click to save these settings.
The time delay setting between ignition off and power down of the router is a configurable setting, which allows the router to stay on for a period of time after the engine of a vehicle is turned off. Ignition Sensing installation Colour Wire Functoin I/O optional* Brown connected to positive feed on the ignition . Orange DC IN - connected to permanent negative feed (ground) Black DC IN + connected to permanent positive feed (power 12VDC, 2A)).
Connectivity diagram for devices with 4-pin connector Connectivity diagram for devices with terminal block connection https://www.peplink.
GPIO Menu The Ignition Sensing options are available in Advanced > GPIO The configurable option for Ignition Input is Delay; the time in seconds the router stays powered on after the ignition is turned off. Still under development: O/P (connected to I/O pin on 4 pin connector) can be configured as a digital input, digital output or analog input. Digital Input - the connection supports input sensing; it reads the external input and determine if the settings should be 'High' (on) or 'Low' (off).
NTP Server setting can be found via: Advanced>Misc. Settings>NTP Server Time Settings can be found at System>Time>Time Settings 22.9 Gro u p e d Ne t w o rk s Advanced > Grouped Networks allows to configure destination networks in grouped format. Select Add group to create a new group with single IPaddresses or subnets from different VLANs. The created network groups can be used in outbound policies, firewall rules. 22.
functionalities, USSD and SMS. USSD Unstructured Supplementary Service Data (USSD) is a protocol used by mobile phones to communicate with their service provider’s computers. One of the most common uses is to query the available balance. Enter your USSD code under the USSD Code text field and click Submit. You will receive a confirmation. To check the SMS response, click Get. After a few minutes you will receive a response to your USSD code https://www.peplink.
SMS The SMS option allows you to read SMS (text) messages that have been sent to the SIM in your Pepwave router. https://www.peplink.
23 AP 23.1 AP Co n t ro lle r The AP controller acts as a centralized controller of Pepwave Access Points. With this feature, users can customize and manage up to 1500 Access Points from a single Pepwave router interface. To configure, navigate to the AP tab. and the following screen appears. AP Controller The AP controller for managing Pepwave APs can be enabled by checking this box.
SSID Settings SSID Enable This setting specifies the SSID of the virtual AP to be scanned by Wi-Fi clients. Click the drop-down menu to apply a time schedule to this interface VLAN This setting specifies the VLAN ID to be tagged on all outgoing packets generated from this wireless network (i.e., packets that travel from the Wi-Fi segment through the Pepwave AP One unit to the Ethernet segment via the LAN port).
Data Rate A Select Auto to allow the Pepwave router to set the data rate automatically, or select Fixed and choose a rate from the displayed drop-down menu. Multicast FilterA This setting enables the filtering of multicast network traffic to the wireless SSID. Multicast RateA This setting specifies the transmit rate to be used for sending multicast network traffic. The selected Protocol and Channel Bonding settings will affect the rate options and values available here.
using this method, select the appropriate version using the V1/V2 controls. The security level of this method is known to be very high. When WPA/WPA2- Personal is configured, a shared key is used for data encryption and authentication. When using this configuration, the Shared Key option should be enabled. Key length must be between eight and 63 characters (inclusive). The security level of this method is known to be high.
Secret Enter the RADIUS shared secret for the primary server and, if applicable, the secondary RADIUS server. Authentication In field, enter the UDP authentication port(s) used by your RADIUS server(s) or click the Default button to enter 1812. Port Accounting Port In field, enter the UDP accounting port(s) used by your RADIUS server(s) or click the Default button to enter 1813. NAS-Identifier Choose between Device Name, LAN MAC address, Device Serial Number and Custom Value 23.
23.4 Se t t in g s On many Pepwave models, the AP settings screen (AP>Settings) looks similar to the example below: AP Settings SSID These buttons specify which wireless networks will use this AP profile. You can also select the frequencies at which each network will transmit. Please note that the Pepwave MAX does not detect whether the AP is capable of transmitting at both frequencies. Instructions to transmit at unsupported frequencies will be ignored by the AP.
should follow. ● If a North American region is selected, RF channels 1 to 11 will be available and the maximum transmission power will be 26 dBm (400 mW). ● If European region is selected, RF channels 1 to 13 will be available. The maximum transmission power will be 20 dBm (100 mW). NOTE: Users are required to choose an option suitable to local laws and regulations. Per FCC regulation, the country selection is not available on all models marketed in the US. All US models are fixed to US channels only.
This field specifies the VLAN ID to tag to management traffic, such as AP to AP Management VLAN controller communication traffic. The value is 0 by default, meaning that no VLAN tagging will be applied. NOTE: change this value with caution as alterations may ID result in loss of connection to the AP controller. A Operating Schedule Choose from the schedules that you have defined in System>Schedule. Select the schedule for the integrated AP to follow from the drop-down menu.
Enable Check the box to allow the Pepwave router to manage the web admin access information of the AP. Web Access Protocol These buttons specify the web access protocol used for accessing the web admin of the AP. The two available options are HTTP and HTTPS. Management Port This field specifies the management port used for accessing the device. HTTP to HTTPS Redirection This option will be available if you have chosen HTTPS as the Web Access Protocol.
Wi-Fi Radio Settings Operating Country Wi-Fi Antenna This option sets the country whose regulations the Pepwave router follows. Choose from the router's internal or optional external antennas, if so equipped. Important Note Per FCC regulations, the country selection is not available on all models marketed in the US. All US models are fixed to US channels only. Wi-Fi AP Settings Protocol This option allows you to specify whether 802.11b and/or 802.11g client association requests will be accepted.
A Beacon IntervalA This option is for setting the time interval between each beacon. By default, 100ms is selected. DTIMA This field allows you to set the frequency for the beacon to include a delivery traffic indication message. The interval is measured in milliseconds. The default value is set to 1 ms. Slot TimeA This field is for specifying the wait time before the Router transmits a packet. By default, this field is set to 9 µs.
24 AP Co n t ro lle r St a t u s 24 .1 In fo A comprehensive overview of your AP can be accessed by navigating to AP > Controller Status > Info. AP Controller License Limit This field displays the maximum number of AP your Balance router can control. You can purchase licenses to increase the number of AP you can manage. Frequency Underneath, there are two check boxes labeled 2.4 Ghz and 5 Ghz. Clicking either box will toggle the display of information for that frequency.
specific SSID for that point in time. Data Usage This graph enables you to see the data usage of any SSID for any given time period. Mouse over any line on the graph to see the data usage by each SSID for that point in time. Use the buttons next to Zoom to select the time scale you wish to view. In addition, you could use the sliders at the bottom to further refine your timescale. Events This event log displays all activity on your AP network, down to the client level.
24 .2 Ac c e s s P o in t (Us a g e ) A detailed breakdown of data usage for each AP is available at AP > Controller Status > Access Point. Usage AP Name/Serial Number Online Status This field enables you to quickly find your device if you know its name or serial number. Fill in the field to begin searching. Partial names and serial numbers are supported. This button toggles whether your search will include offline devices.
For easier network management, you can give each client a name and designate its location. You can also designate which firmware pack (if any) this client will follow, as well as the channels on which the client will broadcast. Click the icon to see a graph displaying usage: Click any point in the graphs to display detailed usage and client information for that device, using that SSID, at that point in time. On the Data Usage by menu, you can display the information by SSID or by AP send/receive rate.
24 .3 W ire le s s SSID In-depth SSID reports are available under AP > Controller Status > Wireless SSID. Click the blue arrow on any SSID to obtain more detailed usage information on each SSID. https://www.peplink.
24 .4 Me s h / W D S Mesh / WDS allows you to monitor the status of your wireless distribution system (WDS) or Mesh, and track activity by MAC address by navigating to AP > Controller Status > Mesh / WDS. This table shows the detailed information of each AP, including protocol, transmit rate (sent / received), signal strength, and duration. https://www.peplink.
24 .5 W ire le s s Clie n t You can search for specific Wi-Fi users by navigating to AP > Controller Status > Wireless Client. Here, you will be able to see your network’s heaviest users as well as search for specific users. Click the icon to bookmark specific users, and click the icon for additional details about each user: https://www.peplink.
24 .6 Ne a rb y D e vic e A listing of near devices can be accessed by navigating to AP > Controller Status > Nearby https://www.peplink.
Device. Suspected Rogue Devices Hovering over the device MAC address will result in a popup with information on how this device was detected. Click the icons and the device will be moved to the bottom table of identified devices. 24 .7 Eve n t Lo g You can access the AP Controller Event log by navigating to AP > Controller Status > Event Log. https://www.peplink.
Events This event log displays all activity on your AP network, down to the client level. Use to filter box to search by MAC address, SSID, AP Serial Number, or AP Profile name. Click View Alerts to see only alerts, and click the More… link for additional records. 25 To o lb o x Tools for managing firmware packs can be found at AP>Toolbox. Firmware Packs Here, you can manage the firmware of your AP. Clicking on will result in information regarding each firmware pack.
26 Sys t e m Se t t in g s 26 .1 Ad m in Se c u rit y There are two types of user accounts available for accessing the web admin: admin and user. They represent two user levels: the admin level has full administrative access, while the user level is read-only. The user level can access only the device's status information; users cannot make any changes on the device. A web login session will be logged out automatically when it has been idle longer than the Web Session Timeout.
Admin Settings Router Name Admin User Name This field allows you to define a name for this Pepwave router. By default, Router Name is set as MAX_XXXX, where XXXX refers to the last 4 digits of the unit’s serial number. Admin User Name is set as admin by default, but can be changed, if desired. Admin Password This field allows you to specify a new administrator password. Confirm Admin This field allows you to verify and confirm the new administrator password.
Network Connection This option is for specifying the network connection to be used for authentication. Users can choose from LAN, WAN, and VPN connections. CLI SSH The CLI (command line interface) can be accessed via SSH. This field enables CLI support. For additional information regarding CLI, please refer to Section 30.5. CLI SSH Port This field determines the port on which clients can access CLI SSH.
WAN Connection Access Settings Allowed Source IP Subnets Allowed WAN IP Address(es) This field allows you to restrict web admin access only from defined IP subnets. ● Any - Allow web admin accesses to be from anywhere, without IP address restriction. ● Allow access from the following IP subnets only - Restrict web admin access only from the defined IP subnets. When this is chosen, a text input area will be displayed beneath: The allowed IP subnet addresses should be entered into this text area.
If an update is found the buttons will change to allow you to Download and Update the firmware. Click on the Download and Upgrade button. A prompt will be displayed advising to download the Current Active Configuration. Please click on the underlined download text. After downloading the current config click the Ok button to start the upgrade process. The router will download and then apply the firmware. The time that this process takes will depend on your internet connection’s speed.
(ie. Balance, Max, FusionHub, SOHO, etc). Some product lines may have a dropdown that lists all of the products in that product line. Here is a screenshot from the Balance line. If the device has more than one firmware version the current hardware revision will be required to know what firmware to download. Navigate to System > Firmware and click the Choose File button under the Manual Firmware Upgrade section. Navigate to the location that the firmware was downloaded to select the “.
26 .3 Tim e Time Settings enables the system clock of the Pepwave router to be synchronized with a specified time server. Time settings are located at System>Time. Time Settings Time Zone This specifies the time zone (along with the corresponding Daylight Savings Time scheme). The Time Zone value affects the time stamps in the Pepwave router’s event log and e-mail notifications. Check Show all to show all time zone options.
Edit Schedule Profile Enabling Name Click this checkbox to enable this schedule profile. Note that if this is disabled, then any associated features will also have their scheduling disabled. Enter your desired name for this particular schedule profile. Schedule Click the drop-down menu to choose pre-defined schedules as your starting point. Please note that upon selection, previous changes on the schedule map will be deleted.
Email Notification Settings Email Notification This setting specifies whether or not to enable email notification. If Enable is checked, the Pepwave router will send email messages to system administrators when the WAN status changes or when new firmware is available. If Enable is not checked, email notification is disabled and the Pepwave router will not send email messages. SMTP Server This setting specifies the SMTP server to be used for sending email.
enter key. After you have finished setting up email notifications, you can click the Test Email Notification button to test the settings before saving. After Test Email Notification is clicked, you will see this screen to confirm the settings: Click Send Test Notification to confirm. In a few seconds, you will see a message with detailed test results. https://www.peplink.
26 .6 Eve n t Lo g Event log functionality enables event logging at a specified remote syslog server. The settings https://www.peplink.
for configuring the remote system log can be found at System>Event Log. Event Log Settings Remote Syslog This setting specifies whether or not to log events at the specified remote syslog server. Remote Syslog Host This setting specifies the IP address or hostname of the remote syslog server. Push Events The Pepwave router can also send push notifications to mobile devices that have our Mobile Router Utility installed. Check the box to activate this feature.
SNMP Settings SNMP Device Name SNMP Port This field shows the router name defined at System>Admin Security. This option specifies the port which SNMP will use. The default port is 161. SNMPv1 This option allows you to enable SNMP version 1. SNMPv2 This option allows you to enable SNMP version 2. SNMPv3 This option allows you to enable SNMP version 3.
SNMP Community Settings Community Name This setting specifies the SNMP community name. This setting specifies a subnet from which access to the SNMP server is allowed. Allowed Source Enter subnet address here (e.g., 192.168.1.0) and select the appropriate subnet Subnet Address mask. To define a user name for SNMPv3, click Add SNMP User in the SNMPv3 User Name table, upon which the following screen is displayed: SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3.
26 .8 SMS Co n t ro l SMS Control allows the user to control the device using SMS even if the modem does not have a data connection. The settings for configuring the SMS Control can be found at System>SMS Control. Note: Supported Models ● ● Balance/MAX: *-LTE-E, *-LTEA-W, *-LTEA-P, *-LTE-MX EPX: *-LW*, *-LP* When this box is checked, the device will be allowed to take actions according to received commands via SMS.
26 .9 In Co n t ro l InControl is a cloud-based service which allows you to manage all of your Peplink and Pepwave devices with one unified system. With it, you can generate reports, gather statistics, and configure your devices automatically. All of this is now possible with InControl. When this check box is checked, the device's status information will be sent to the Peplink InControl system. This device's usage data and configuration will be sent to the system if you enable the features in the system.
Configuration The Restore Factory Settings button is to reset the configuration to factory default Restore Configuration to settings. After clicking the button, you will need to click the Apply Changes button Factory Settings on the top right corner to make the settings effective. Download Active Click Download to backup the current active settings.
26 .12 Re b o o t This page provides a reboot button for restarting the system. For maximum reliability, the Pepwave router can equip with two copies of firmware. Each copy can be a different version. You can select the firmware version you would like to reboot the device with. The firmware marked with (Running) is the current system boot up firmware. Please note that a firmware upgrade will always replace the inactive firmware partition. https://www.peplink.
27 To o ls 27 .1 P in g The ping test tool sends pings through a specific Ethernet interface or a SpeedFusionTM VPN connection. You can specify the number of pings in the field Number of times, to a maximum number of 10 times. Packet Size can be set to a maximum of 1472 bytes. The ping utility is located at System>Tools>Ping, illustrated below: Tip A system administrator can use the ping utility to manually check the connectivity of a particular LAN/WAN connection. https://www.peplink.
27 .2 Tra c e ro u t e Te s t The traceroute test tool traces the routing path to the destination through a particular Ethernet interface or a SpeedFusionTM connection. The traceroute test utility is located at System>Tools>Traceroute. Tip A system administrator can use the traceroute utility to analyze the connection path of a LAN/WAN connection. 27 .3 P e p VP N Te s t The PepVPN Test tool can help to test the throughput between different VPN peers.
27 .4 W a k e -o n -LAN Peplink routers can send special “magic packets” to any client specified from the Web UI. To access this feature, navigate to System > Tools > Wake-on-LAN Select a client from the drop-down list and click Send to send a “magic packet” 27 .5 CLI (Co m m a n d Lin e In t e rfa c e Su p p o rt ) The CLI (command line interface) can be accessed via SSH. This field enables CLI support. The below settings specify which TCP port and which interface(s) should accept remote SSH CLI access.
28 St a t u s 28 .1 D e vic e System information is located at Status>Device. System Information Device Name Model Product Code Hardware Revision Serial Number https://www.peplink.com This is the name specified in the Device Name field located at System>Admin Security. This shows the model name and number of this device. If your model uses a product code, it will appear here. This shows the hardware version of this device. This shows the serial number of this device.
Firmware This shows the firmware version this device is currently running. PepVPN Version This shows the current PepVPN version. Modem Support This shows the modem support version. For a list of supported modems, click Modem Support List. Version InControl Managed Configuration Host Name Uptime System Time InControl Managed Configurations (firmware, VLAN, Captive Portal, etcetera) The host name assigned to the Pepwave router appears here. This shows the length of time since the device has been rebooted.
28 .2 GP S Da t a GPS enabled models automatically store up to seven days of GPS location data in GPS eXchange format (GPX). To review this data using third-party applications, click Status>Device and then download your GPX file. The Pepwave GPS enabled devices export real-time location data in NMEA format through the LAN IP address at TCP port 60660. It is accessible from the LAN or over a SpeedFusion connection. To access the data via a virtual serial port, install a virtual serial port driver.
This screen displays the number of sessions initiated by each application. Click on each service listing for additional information. This screen also indicates the number of sessions initiated by each WAN port. In addition, you can see which clients are initiating the most sessions. You can also perform a filtered search for specific sessions. You can filter by subnet, port, protocol, and interface. To perform a search, navigate to Status>Active Sessions>Search. https://www.peplink.
This Active Sessions section displays the active inbound/outbound sessions of each WAN connection on the Pepwave router. A filter is available to sort active session information. Enter a keyword in the field or check one of the WAN connection boxes for filtering. 28 .4 Clie n t Lis t The client list table is located at Status>Client List. It lists DHCP and online client IP addresses, https://www.peplink.
names (retrieved from the DHCP reservation table or defined by users), current download and upload rate, and MAC address. Clients can be imported into the DHCP reservation table by clicking the You can update the record after import by going to Network>LAN. button on the right. If the PPTP server (see Section 19.2), SpeedFusionTM (see Section 12.1), or AP controller (see Section 20) is enabled, you may see the corresponding connection name listed in the Name field. 28 .
Click to delete a single UPnP / NAT-PMP record in its corresponding row. To delete all records, click Delete All on the right-hand side below the table. Important Note UPnP / NAT-PMP records will be deleted immediately after clicking the button need to click Save or Confirm. or Delete All, without the 28 .7 O SP F & RIP v2 Shows status of OSPF and RIPv2 28 .8 BGP Shows status of BGP https://www.peplink.
28 .9 Sp e e d Fu s io n St a t u s Current SpeedFusionTM status information is located at Status>SpeedFusionTM. Details about SpeedFusionTM connection peers appears as below: Click on the corresponding peer name to explore the WAN connection(s) status and subnet information of each VPN peer. Click the button for a SpeedFusion chart displaying real-time throughput, latency, and drop-rate information for each WAN connection. https://www.peplink.
When pressing the https://www.peplink.
The Speedfusion status page shows all related information about the PepVPN connection. This screen also allows you to run PepVPN Tests allowing throughput tests. Peplink also published a whitepaper about Speedfusion which can be downloaded from the following url: http://download.peplink.com/resources/whitepaper-speedfusion-and-best-practices-2019.pdf 28 .10 Eve n t Lo g Event log information is located at Status>Event Log. https://www.peplink.
The log section displays a list of events that has taken place on the Pepwave router. Check Auto Refresh to refresh log entries automatically. Click the Clear Log button to clear the log. https://www.peplink.
29 W AN Q u a lit y The Status > WAN Quality allow to show detailed information about each connected WAN connection. For cellular connections it shows signal strength, quality, throughput and latency for the past hour. https://www.peplink.
30 Us a g e Re p o rt s This section shows bandwidth usage statistics and is located at Status > Usage Reports Bandwidth usage at the LAN while the device is switched off (e.g., LAN bypass) is neither recorded nor shown. 30 .1 Re a l-Tim e The Data transferred since installation table indicates how much network traffic has been processed by the device since the first bootup.
30 .2 Ho u rly This page shows the hourly bandwidth usage for all WAN connections, with the option of viewing each individual connection. Select the desired connection to check from the drop-down menu. 30 .3 D a ily This page shows the daily bandwidth usage for all WAN connections, with the option of viewing each individual connection. https://www.peplink.
Select the connection to check from the drop-down menu. If you have enabled the Bandwidth Monitoring feature, the Current Billing Cycle table for that WAN connection will be displayed. Click on a date to view the client bandwidth usage of that specific date. This feature is not available if you have selected to view the bandwidth usage of only a particular WAN connection. The scale of the graph can be set to display megabytes (MB) or gigabytes (GB). All WAN Daily Bandwidth Usage 30 .
All WAN Monthly Bandwidth Usage https://www.peplink.
Ethernet WAN Monthly Bandwidth Usage Tip By default, the scale of data size is in MB. 1GB equals 1024MB. https://www.peplink.
Appendix A: Restoration of Factory Defaults To restore the factory default settings on a Pepwave router, follow the steps below: 1. Locate the reset button on the front or back panel of the Pepwave router. 2. With a paperclip, press and keep the reset button pressed. Note: There is a dual function to the reset button.
Appendix B: Declaration FCC Requirements for Operation in the United States Federal Communications Commission (FCC) Compliance Notice: For MAX Transit Pro E / MAX Transit LTEA FCC 15.21: The changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment. FCC 15.105 This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules.
RF exposure warning This equipment must be installed and operated in accordance with provided instructions and the antenna(s) used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operating in conjunction with any other antenna or transmitter. End-users and installers must be provide with antenna installation instructions and transmitter operating conditions for satisfying RF exposure compliance.
This radio transmitter IC: 20682-P1835 has been approved by Innovation, Science and Economic Development Canada to operate with the antenna types listed below, with the maximum permissible gain indicated. Antenna types not included in this list that have a gain greater than the maximum gain indicated for any type listed are strictly prohibited for use with this device. https://www.peplink.
