GRE Tunnel Profile Settings Name This field is for specifying a name to represent this GRE Tunnel connection profile. Active When this box is checked, this GRE Tunnel connection profile will be enabled. Otherwise, it will be disabled. Remote GRE IP This field is for entering the remote GRE’s IP address Address Tunnel Local IP This field is for specifying the tunnel source IP address.
17 Outbound Policy Pepwave routers can flexibly manage and load balance outbound traffic among WAN connections. Important Note Outbound policy is applied only when more than one WAN connection is active. The settings for managing and load balancing outbound traffic are located at Advanced>Outbound Policy or Advanced>PepVPN, depending on the model.
17.1 Outbound Policy Outbound policies for managing and load balancing outbound traffic are located at Advanced>Outbound Policy> or Advanced>PepVPN>Outbound Policy. Click the button beside the Outbound Policy box: There are three main selections for the outbound traffic policy: ● ● ● High Application Compatibility Normal Application Compatibility Custom Note that some Pepwave routers provide only the Send All Traffic To setting here. See Section 12.1 for details.
http://youtu.be/rKH4AS_bQnE 17.2 Adding Rules for Outbound Policy The menu underneath enables you to define Outbound policy rules: The bottom-most rule is Default. Edit this rule to change the device’s default manner of controlling outbound traffic for all connections that do not match any of the rules above it. Under the Service heading, click Default to change these settings. To rearrange the priority of outbound rules, drag and drop them into the desired sequence.
By default, Auto is selected as the Default Rule. You can select Custom to change the algorithm to be used. Please refer to the upcoming sections for the details on the available algorithms. To create a custom rule, click Add Rule at the bottom of the table.
New Custom Rule Settings Service Name Enable This setting specifies the name of the outbound traffic rule. This setting specifies whether the outbound traffic rule takes effect. When Enable is checked, the rule takes effect: traffic is matched and actions are taken by the Pepwave router based on the other parameters of the rule. When Enable is unchecked, the rule does not take effect: the Pepwave router disregards the other parameters of the rule.
If Domain Name is chosen and a domain name, such as foobar.com, is entered, any outgoing accesses to foobar.com and *.foobar.com will match this criterion. You may enter a wildcard (.*) at the end of a domain name to match any host with a name having the domain name in the middle. If you enter foobar.*, for example, www.foobar.com, www.foobar.co.jp, or foobar.co.uk will also match. Placing wildcards in any other position is not supported.
This field allows you to configure the default action when all the selected Connections are not available. When No connections are available Drop the Traffic - Traffic will be discarded. Use Any Available Connections - Traffic will be routed to any available Connection, even it is not selected in the list. Fall-through to Next Rule - Traffic will continue to match the next Outbound Policy rule just like this rule is inactive.
● USB: 10 Total weight is 60 = (10 +10 + 10 + 10 + 10 + 10). Matching traffic distributed to Ethernet WAN1 is 16.7% = (10 / 60 x 100%. Matching traffic distributed to Ethernet WAN2 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Wi-Fi WAN is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Cellular 1 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to Cellular 2 is 16.7% = (10 / 60) x 100%. Matching traffic distributed to USB is 16.7% = (10 / 60) x 100%. 17.2.
There are two persistent modes: By Source and By Destination. By Source: The same WAN connection will be used for traffic matching the rule and originating from the same machine, regardless of its destination. This option will provide the highest level of application compatibility. By Destination: The same WAN connection will be used for traffic matching the rule, originating from the same machine, and going to the same destination.
17.2.4 Algorithm: Priority This setting specifies the priority of the WAN connections used to route the specified network service. The highest priority WAN connection available will always be used for routing the specified type of traffic. A lower priority WAN connection will be used only when all higher priority connections have become unavailable. Starting from Firmware 5.2, outbound traffic can be prioritized to go through SpeedFusionTM connection(s).
17.2.6 Algorithm: Least Used The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the most available download bandwidth. The available download bandwidth of a WAN connection is calculated from the total download bandwidth specified on the WAN settings page and the current download usage. The available bandwidth and WAN selection is determined every time an IP session is made. 17.2.
17.2.8 Expert Mode Expert Mode is available on some Pepwave routers for use by advanced users. To enable the feature, click on the help icon and click turn on Expert Mode. In Expert Mode, a new special rule, SpeedFusionTM Routes, is displayed in the Custom Rules table. This rule represents all SpeedFusionTM routes learned from remote VPN peers. By default, this bar is on the top of all custom rules. This position means that traffic for remote VPN subnets will be routed to the corresponding VPN peer.
18 Port Forwarding Pepwave routers can act as a firewall that blocks, by default, all inbound access from the Internet. By using port forwarding, Internet users can access servers behind the Pepwave router. Inbound port forwarding rules can be defined at Advanced>Port Forwarding. To define a new service, click Add Service. Port Forwarding Settings Enable This setting specifies whether the inbound service takes effect.
IP Protocol The IP Protocol setting, along with the Port setting, specifies the protocol of the service as TCP, UDP, ICMP, or IP. Traffic that is received by the Pepwave router via the specified protocol at the specified port(s) is forwarded to the LAN hosts specified by the Servers setting. Please see below for details on the Port and Servers settings.
Inbound IP Address(es) This setting specifies the WAN connections and Internet IP address(es) from which the service can be accessed. Server IP Address This setting specifies the LAN IP address of the server that handles the requests for the service. 18.1 UPnP / NAT-PMP Settings UPnP and NAT-PMP are network protocols which allow a computer connected to the LAN port to automatically configure the router to allow parties on the WAN port to connect to itself.
19 NAT Mappings NAT mappings allow IP address mapping of all inbound and outbound NAT’d traffic to and from an internal client IP address. Settings to configure NAT mappings are located at Advanced > NAT Mappings. To add a rule for NAT mappings, click Add NAT Rule. NAT Mapping Settings LAN Client(s) NAT mapping rules can be defined for a single LAN IP Address, an IP Range, or an IP Network. Address This refers to the LAN host’s private IP address.
available when IP Network is selected. Inbound Mappings This setting specifies the WAN connections and corresponding WAN-specific Internet IP addresses on which the system should bind. Any access to the specified WAN connection(s) and IP address(es) will be forwarded to the LAN host. This option is only available when IP Address is selected in the LAN Client(s) field. Note that inbound mapping is not needed for WAN connections in drop-in mode or IP forwarding mode.
20 QoS 20.1 User Groups LAN and PPTP clients can be categorized into three user groups: Manager, Staff, and Guest. This menu allows you to define rules and assign client IP addresses or subnets to a user group. You can apply different bandwidth and traffic prioritization policies on each user group in the Bandwidth Control and Application sections (note that the options available here vary by model). The table is automatically sorted by rule precedence.
.2 Bandwidth Control You can define a maximum download speed (over all WAN connections) and upload speed (for each WAN connection) that each individual Staff and Guest member can consume. No limit can be imposed on individual Manager members. By default, download and upload bandwidth limits are set to unlimited (set as 0). 20.3 Application 20.3.
20.3.2 Prioritization for Custom Applications Click the Add button to define a custom application. Click the button column to delete the custom application in the corresponding row. in the Action When Supported Applications is selected, the Pepwave router will inspect network traffic and prioritize the selected applications. Alternatively, you can select Custom Applications and define the application by providing the protocol, scope, port number, and DSCP value. 20.3.
21 Firewall A firewall is a mechanism that selectively filters data traffic between the WAN side (the Internet) and the LAN side of the network. It can protect the local network from potential hacker attacks, access to offensive websites, and/or other inappropriate uses.
21.1 Outbound and Inbound Firewall Rules 21.1.1 Access Rules The outbound firewall settings are located at Advanced>Firewall>Access Rules>Outbound Firewall Rules. Click Add Rule to display the following screen: Inbound firewall settings are located at Advanced>Firewall>Access Rules>Inbound Firewall Rules.
Internal Network firewall settings are located at Advanced>Firewall>Access Rules>Internal Network Firewall Rules.
Inbound / Outbound / Internal Network Firewall Settings Rule Name Enable This setting specifies a name for the firewall rule. This setting specifies whether the firewall rule should take effect. If the box is checked, the firewall rule takes effect. If the traffic matches the specified protocol/IP/port, actions will be taken by the Pepwave router based on the other parameters of the rule. If the box is not checked, the firewall rule does not take effect.
that matches the both of the following: ● Source IP & port ● Destination IP & port With the value of Allow for the Action setting, the matching traffic passes through the router (to be routed to the destination). If the value of the Action setting is set to Deny, the matching traffic does not pass through the router (and is discarded). This setting specifies whether or not to log matched firewall events. The logged messages are shown on the page Status>Event Log.
Tip If the default inbound rule is set to Allow for NAT-enabled WANs, no inbound Allow firewall rules will be required for inbound port forwarding and inbound NAT mapping rules. However, if the default inbound rule is set as Deny, a corresponding Allow firewall rule will be required. 21.1.2 Apply Firewall Rules to PepVpn Traffic When this option is enabled, Outbound Firewall Rules will be applied to PepVPN traffic. To turn on this feature, click , check the Enable check box, and press the Save button.
21.2 Content Blocking 21.2.1 Application Blocking Choose applications to be blocked from LAN/PPTP/PepVPN peer clients' access, except for those on the Exempted User Groups or Exempted Subnets defined below.
21.2.2 Web Blocking Defines website domain names to be blocked from LAN/PPTP/PepVPN peer clients' access except for those on the Exempted User Groups or Exempted Subnets defined below. If "foobar.com" is entered, any web site with a host name ending in foobar.com will be blocked, e.g. www.foobar.com, foobar.com, etc. However, "myfoobar.com" will not be blocked. You may enter the wild card ".*" at the end of a domain name to block any web site with a host name having the domain name in the middle.
22 Routing Protocols 22.1 OSPF & RIPv2 The Pepwave supports OSPF and RIPv2 dynamic routing protocols. Click the Advanced tab from the top bar, and then click the Routing Protocols > OSPF & RIPv2 item on the sidebar to reach the following menu: OSPF Router ID Area This field determines the ID of the router. By default, this is specified as the WAN IP address. If you want to specify your own ID, enter it into the Custom field. This is an overview of the OSPF areas that you have defined.
OSPF Settings Area ID Link Type Assign a name to be applied to this group. Machines linked to this group will send and receive related OSPF packets, while unlinked machines will ignore them. Choose the type of network that this area will use. Authentication If an authentication method is used, select one from this drop-down menu. Available options are MD5 and Text. Authentication key(s) may be input next to the drop-down menu after selecting an authentication method.
RIPv2 Settings Authentication If an authentication method is used, select one from this drop-down menu. Available options are MD5 and Text. Authentication key(s) may be input next to the drop-down menu after selecting an authentication method. Interfaces Select the interface(s) that this area will use to listen to and deliver RIPv2 packets. OSPF & RIPv2 Route Advertisement PepVPN Route Isolation Isolate PepVPN peers from each other.
BGP Name Enable Interface Autonomous System This field specifies the name that represents this profile. When this box is checked, this BGP profile will be enabled. If it is left unchecked, it will be disabled. The interface in which the BGP neighbor is located. The Autonomous System Number (ASN) assigned to this profile. Neighbor BGP Neighbors and their details. IP address The IP address of the Neighbor. Autonomous System The Neighbor's ASN.
Hold Time Wait time in seconds for a keepalive message from a Neighbor before considering the BGP connection as stalled. The value must be either 0 (infinite hold time) or between 3 and 65535 inclusively. Default: 240 Next Hop Self iBGP Local Preference BFD Enable this option to advertise your own source address as the next hop when propagating routes. This is the metric advertised to iBGP Neighbors to indicate the preference for external routes. The value must be between 0 to 4294967295 inclusively.
Two numbers in new-format. e.g. 65000:21344 Well-known communities: no-export 65535:65281 no-advertise 65535:65282 no-export-subconfed 65535:65283 no-peer 65535:65284 Route Prefix: Comma separated networks. e.g. 172.168.1.0/24,192.168.1.0/28 This field allows for the selection of the filter mode for route import. None: All BGP routes will be accepted. Filter Mode Accept: Routes in "Restricted Networks" will be accepted, routes not in the list will be rejected.
be rejected. Reject: Routes in "Restricted Networks" will be rejected, routes not in the list will be accepted. This field specifies the network(s) in the “route export” entry. Restricted Networks Exact Match: When this box is checked, only routes with the same Network and Subnet Mask will be filtered. Otherwise, routes within the Networks and Subnets will be filtered. Export to other BGP Profile When this box is checked, routes learnt from this BGP profile will be exported to other BGP profiles.
23 Remote User Access A remote-access VPN connection allows an individual user to connect to a private business network from a remote location using a laptop or desktop computer connected to the Internet. Networks routed by a Pepwave router can be remotely accessed via OpenVPN, L2TP with IPsec or PPTP. To configure this feature, navigate to Network > Remote User Access and choose the required VPN type. 23.
You have a choice between 2 different OpenVPN Client profiles: ● "route all traffic" profile Using this profile, VPN clients will send all the traffic through the OpenVPN tunnel ● "split tunnel" profile Using this profile, VPN clients will ONLY send those traffic designated to the untagged LAN and VLAN segment through the OpenVPN tunnel. 23.3 PPTP No additional configuration required. The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks.
Note: The username must contain lowercase letters, numerics, underscore(_), dash(-), at sign(@), and period(.) only. The password must be between 8 and 12 characters long. LDAP Server: Enter the matching LDAP server details to allow for LDAP server authentication. Radius Server: Enter the matching Radius server details to allow for Radius server authentication. Active Directory: Enter the matching Active Directory details to allow for Active Directory server authentication.
24 Miscellaneous Settings The miscellaneous settings include configuration for High Availability, Certificate Manager, service forwarding, service passthrough, GPS forwarding, GPIO, Groupe Networks and SIM Toolkit (depending the feature is supported on the model of Peplin router that is being used). 24.1 High Availability Many Pepwave routers support high availability (HA) configurations via an open standard virtual router redundancy protocol (VRRP, RFC 3768).
● configured LAN IP address. At a subsequent point when the master Pepwave router recovers, it will once again become active. You can configure high availability at Advanced>Misc. Settings>High Availability. Interface for Master Router Interface for Slave Router High Availability Enable Checking this box specifies that the Pepwave router is part of a high availability configuration. This number identifies a pair of Pepwave routers operating in a high availability Group Number configuration.
Administration IP must be under the same network. LAN This setting specifies a LAN IP address to be used for accessing administration Administration functionality. This address should be unique within the LAN. IP Subnet Mask This setting specifies the subnet mask of the LAN. Important Note For Pepwave routers in NAT mode, the virtual IP (VIP) should be set as the default gateway for all hosts on the LAN segment.
Please note that the drop-in WAN cannot be configured as a LAN bypass port while it is configured for high availability. 24.2 Certificate Manager This section allows for certificates to be assigned to the local VPN, Web Admin SSL, Captive Portal SSL, OpenVPN CA, Wi-Fi WAN Client certificate and Wi-Fi WAN CA Certificate.
The following knowledge base article describes how to create self-signed certificates and import it to a Peplink Product. https://forum.peplink.com/t/how-to-create-a-self-signed-certificate-and-import-it-to-a-peplink-pr oduct/ 24.3 Service Forwarding Service forwarding settings are located at Advanced>Misc. Settings>Service Forwarding. Service Forwarding SMTP Forwarding When this option is enabled, all outgoing SMTP connections destined for any host at TCP port 25 will be intercepted.
24.3.1 SMTP Forwarding Some ISPs require their users to send e-mails via the ISP’s SMTP server. All outgoing SMTP connections are blocked except those connecting to the ISP’s. Pepwave routers support intercepting and redirecting all outgoing SMTP connections (destined for TCP port 25) via a WAN connection to the WAN’s corresponding SMTP server. To enable the feature, select Enable under SMTP Forwarding Setup. Check Enable Forwarding for the WAN connection(s) that needs forwarding.
24.3.2 Web Proxy Forwarding When this feature is enabled, the Pepwave router will intercept all outgoing connections destined for the proxy server specified in Web Proxy Interception Settings, choose a WAN connection with reference to the outbound policy, and then forward them to the specified web proxy server and port number. Redirected server settings for each WAN can be set here.
24.4 Service Passthrough Service passthrough settings can be found at Advanced>Misc. Settings>Service Passthrough. Some Internet services need to be specially handled in a multi-WAN environment. Pepwave routers can handle these services such that Internet applications do not notice being behind a multi-WAN router. Settings for service passthrough support are available here. Service Passthrough Support SIP Session initiation protocol, aka SIP, is a voice-over-IP protocol.
IPsec NAT-T This field is for enabling the support of IPsec NAT-T passthrough. UDP ports 500, 4500, and 10000 are monitored by default. You may add more custom data ports that your IPsec system uses by checking Define custom ports. If the VPN contains IPsec site-to-site VPN traffic, check Route IPsec Site-to-Site VPN and choose the WAN connection to route the traffic to.
24.5 UART Selected Pepwave MAX routers feature a RS-232 serial interface on the built-in terminal block. The RS-232 serial interface can be used to connect to a serial device and make it accessible over an TCP/IP network. The serial interface can be enabled and parameters can be set on the web admin page under Advanced > UART. Make sure they match the serial device you are connecting to.
There are 4 pins i.e. TX, RX, RTS, CTS on the terminal block for serial connection and they correspond to the pins in a DB-9 connector as follows: DB-9 Pepwave MAX Terminal Block Pin 1 – Pin 2 Rx (rated -+25V) Pin 3 Tx (rated -+12V) Pin 4 – Pin 5 – Pin 6 – Pin 7 RTS Pin 8 CTS Pin 9 – The RS232 serial interface is not an isolated RS232. External galvanic isolation may be added if required.
24.6 GPS Forwarding Using the GPS forwarding feature, some Pepwave routers can automatically send GPS reports to a specified server. To set up GPS forwarding, navigate to Advanced>GPS Forwarding. GPS Forwarding Enable Check this box to turn on GPS forwarding. Server Enter the name/IP address of the server that will receive GPS data. Also specify a port number, protocol (UDP or TCP), and a report interval of between 1 and 10 seconds. Click to save these settings.
This feature allows the cellular router to start up or shut down when the engine of that vehicle is started or turned off. The time delay setting between ignition off and power down of the router is a configurable setting, which allows the router to stay on for a period of time after the engine of a vehicle is turned off. Ignition Sensing installation Colour Wire Functoin I/O optional* Brown connected to positive feed on the ignition .
Connectivity diagram for devices with 4-pin connector Connectivity diagram for devices with terminal block connection
GPIO Menu Note: This feature is applicable for certain models that come with a GPIO interface. Ignition Sensing options can be found in Advanced > GPIO. The configurable option for Ignition Input is Delay; the time in seconds that the router stays powered on after the ignition is turned off. The O/P (connected to the I/O pin on a 4 pin connector) can be configured as a digital input, a digital output, or an analog input.
24.8 NTP Server Pepwave routers can now serve as a local NTP server. Upon start up, it is now able to provide connected devices with the accurate time, precise UTC from either an external NTP server or via GPS and ensuring that connected devices always receive the correct time. Compatible with: BR1 ENT, 700 HW3, HD2/4, Transit NTP Server setting can be found via: Advanced>Misc. Settings>NTP Server Time Settings can be found at System>Time>Time Settings 24.
The created network groups can be used in outbound policies, firewall rules.
24.10Remote SIM Management The Remote SIM management is accessible via Advanced > Misc Settings > Remote SIM Management. By default, this feature is disabled. Please note that a limited number of Pepwave routers support the SIM Injector, may refer to the link: https://www.peplink.com/products/sim-injector/ or Appendix B for more details on FusionSIM Manual. Remote SIM Host Settings Remote SIM Host Settings Active LAN Discovery Check this box to enable Auto LAN discovery of the remote SIM server..
Add Remote SIM Settings SIM Server Add a new SIM Server SIM Server - Serial Number Enter the serial number of SIM Server SIM Server - Name This optional field allows you define a name for the SIM Server SIM Slot SIM Slot - Name Data Roaming Click the drop-down menu and choose which SIM slot you want to connect. This optional field allows you define a name for the SIM slot. Enables data roaming on this particular SIM card. This setting allows you to configure the APN settings of your connection.
24.11 SIM Toolkit The SIM Toolkit, accessible via Advanced > Misc Settings > SIM Toolkit, supports two functionalities, USSD and SMS. USSD Unstructured Supplementary Service Data (USSD) is a protocol used by mobile phones to communicate with their service provider’s computers. One of the most common uses is to query the available balance. Enter your USSD code under the USSD Code text field and click Submit. You will receive a confirmation. To check the SMS response, click Get.
SMS The SMS option allows you to read SMS (text) messages that have been sent to the SIM in your Pepwave router.
25 AP 25.1 AP Controller The AP controller acts as a centralized controller of Pepwave Access Points. With this feature, users can customize and manage up to 1500 Access Points from a single Pepwave router interface. To configure, navigate to the AP tab. and the following screen appears. AP Controller The AP controller for managing Pepwave APs can be enabled by checking this box.
SSID Settings SSID Enable VLAN This setting specifies the SSID of the virtual AP to be scanned by Wi-Fi clients. Click the drop-down menu to apply a time schedule to this interface This setting specifies the VLAN ID to be tagged on all outgoing packets generated from this wireless network (i.e., packets that travel from the Wi-Fi segment through the Pepwave AP One unit to the Ethernet segment via the LAN port).
Broadcast SSID This setting specifies whether or not Wi-Fi clients can scan the SSID of this wireless network. Broadcast SSID is enabled by default. Data Rate A Select Auto to allow the Pepwave router to set the data rate automatically, or select Fixed and choose a rate from the displayed drop-down menu. Multicast FilterA This setting enables the filtering of multicast network traffic to the wireless SSID.
● WPA/WPA2 – Enterprise When WPA/WPA2 - Enterprise is configured, RADIUS-based 802.1 x authentication is enabled. Under this configuration, the Shared Key option should be disabled. When using this method, select the appropriate version using the V1/V2 controls. The security level of this method is known to be very high. When WPA/WPA2- Personal is configured, a shared key is used for data encryption and authentication. When using this configuration, the Shared Key option should be enabled.
RADIUS Server Settings Host Enter the IP address of the primary RADIUS server and, if applicable, the secondary RADIUS server. Secret Enter the RADIUS shared secret for the primary server and, if applicable, the secondary RADIUS server. Authentication In the field, enter the UDP authentication port(s) used by your RADIUS server(s) or click the Default button to enter 1812.
Frequency Select the 2.4GHz or 5GHz frequency to be used. Shared Key Enter the shared key in the text field. Please note that it needs to match the shared keys of the other APs in the Wireless Mesh settings. Click Hide / Show Characters to toggle visibility. 25.
AP Settings SSID These buttons specify which wireless networks will use this AP profile. You can also select the frequencies at which each network will transmit. Please note that the Pepwave MAX does not detect whether the AP is capable of transmitting at both frequencies. Instructions to transmit at unsupported frequencies will be ignored by the AP. This drop-down menu specifies the national / regional regulations which the AP should follow.
If you click the Boost checkbox, the AP under this profile will transmit using additional power. Please note that using this option with several APs in close proximity will lead to increased interference. Client Signal Strength ThresholdA This field determines that maximum signal strength each individual client will receive. The measurement unit is megawatts. Max number of ClientsA This field determines the maximum clients that can be connected to APs under this profile.
Web Administration Settings Enable Check the box to allow the Pepwave router to manage the web admin access information of the AP. Web Access Protocol These buttons specify the web access protocol used for accessing the web admin of the AP. The two available options are HTTP and HTTPS. Management Port This field specifies the management port used for accessing the device. HTTP to HTTPS Redirection This option will be available if you have chosen HTTPS as the Web Access Protocol.
Navigating to AP>Settings on some Pepwave models displays a screen similar to the one shown below: Wi-Fi Radio Settings Operating Country Wi-Fi Antenna This option sets the country whose regulations the Pepwave router follows. Choose from the router's internal or optional external antennas, if so equipped. Important Note Per FCC regulations, the country selection is not available on all models marketed in the US. All US models are fixed to US channels only.
A Beacon RateA This option is for setting the transmit bit rate for sending a beacon. By default, 1Mbps is selected. Beacon IntervalA This option is for setting the time interval between each beacon. By default, 100ms is selected. DTIMA This field allows you to set the frequency for the beacon to include a delivery traffic indication message. The interval is measured in milliseconds. The default value is set to 1 ms.
26 AP Controller Status 26.1 Info A comprehensive overview of your AP can be accessed by navigating to AP > Controller Status > Info. AP Controller License Limit This field displays the maximum number of AP your Balance router can control. You can purchase licenses to increase the number of AP you can manage. Frequency Underneath, there are two check boxes labeled 2.4 Ghz and 5 Ghz. Clicking either box will toggle the display of information for that frequency.
given time. Mouse over any line on the graph to see how many clients connected to a specific SSID for that point in time. Data Usage This graph enables you to see the data usage of any SSID for any given time period. Mouse over any line on the graph to see the data usage by each SSID for that point in time. Use the buttons next to Zoom to select the time scale you wish to view. In addition, you could use the sliders at the bottom to further refine your timescale.
26.2 Access Point (Usage) A detailed breakdown of data usage for each AP is available at AP > Controller Status > Access Point. Usage AP Name/Serial Number Online Status This field enables you to quickly find your device if you know its name or serial number. Fill in the field to begin searching. Partial names and serial numbers are supported. This button toggles whether your search will include offline devices.
For easier network management, you can give each client a name and designate its location. You can also designate which firmware pack (if any) this client will follow, as well as the channels on which the client will broadcast. Click the icon to see a graph displaying usage: Click any point in the graphs to display detailed usage and client information for that device, using that SSID, at that point in time. On the Data Usage by menu, you can display the information by SSID or by AP send/receive rate.
particular device: 26.3 Wireless SSID In-depth SSID reports are available under AP > Controller Status > Wireless SSID.
Click the blue arrow on any SSID to obtain more detailed usage information on each SSID. 26.4 Mesh / WDS Mesh / WDS allows you to monitor the status of your wireless distribution system (WDS) or Mesh, and track activity by MAC address by navigating to AP > Controller Status > Mesh / WDS. This table shows the detailed information of each AP, including protocol, transmit rate (sent / received), signal strength, and duration.
26.5 Wireless Client You can search for specific Wi-Fi users by navigating to AP > Controller Status > Wireless Client. Here, you will be able to see your network’s heaviest users as well as search for specific users.
26.6 Nearby Device A listing of near devices can be accessed by navigating to AP > Controller Status > Nearby Device. Suspected Rogue Devices Hovering over the device MAC address will result in a popup with information on how this device was detected. Click the icons and the device will be moved to the bottom table of identified devices. 26.7 Event Log You can access the AP Controller Event log by navigating to AP > Controller Status > Event Log.
Events This event log displays all activity on your AP network, down to the client level. Use to filter box to search by MAC address, SSID, AP Serial Number, or AP Profile name. Click View Alerts to see only alerts, and click the More… link for additional records. 27 Toolbox Tools for managing firmware packs can be found at AP>Toolbox. Firmware Packs Here, you can manage the firmware of your AP. Clicking on will result in information regarding each firmware pack.
28 System Settings 28.1 Admin Security There are two types of user accounts available for accessing the web admin: admin and user. They represent two user levels: the admin level has full administrative access, while the user level is read-only. The user level can access only the device's status information; users cannot make any changes on the device. A web login session will be logged out automatically when it has been idle longer than the Web Session Timeout.
Admin Settings Router Name Admin User Name This field allows you to define a name for this Pepwave router. By default, Router Name is set as MAX_XXXX, where XXXX refers to the last 4 digits of the unit’s serial number. Admin User Name is set as admin by default, but can be changed, if desired. Admin Password This field allows you to specify a new administrator password. Confirm Admin Password This field allows you to verify and confirm the new administrator password.
Web Session Timeout This field specifies the number of hours and minutes that a web session can remain idle before the Pepwave router terminates its access to the web admin interface. By default, it is set to 4 hours. Authentication by RADIUS With this box is checked, the web admin will authenticate using an external RADIUS server. Authenticated users are treated as either "admin" with full read-write permission or “user” with read-only access. Local admin and user accounts will be disabled.
Access interface can be accessed: ● LAN only ● LAN/WAN If LAN/WAN is chosen, the WAN Connection Access Settings form will be displayed. LAN Connection Access Settings Allowed LAN Networks This field allows you to permit only specific networks or VLANs to access the Web UI. WAN Connection Access Settings This field allows you to restrict web admin access only from defined IP subnets. Allowed Source IP Subnets ● Any - Allow web admin accesses to be from anywhere, without IP address restriction.
● ● Allowed WAN IP Address(es) 192.168.0.0/24 10.8.0.0/16 This is to choose which WAN IP address(es) the web server should listen on. 28.2 Firmware Web admin interface : automatically check for updates Upgrading firmware can be done in one of three ways. Using the router’s interface to automatically check for an update, using the router’s interface to manually upgrade the firmware, or using InControl2 to push an upgrade to a router. The automatic upgrade can be done from System > Firmware.
*Upgrading the firmware will cause the router to reboot. Web admin interface : install updates manually In some cases, a special build may be provided via a ticket or it may be found in the forum. Upgrading to the special build can be done using this method, or using IC2 if you are using that to manage your firmware upgrades. A manual upgrade using the GA firmware posted on the site may also be recommended or required for a couple of reasons.
on the underlined download text. After downloading the current config click the Ok button to start the upgrade process. The firmware will now be applied to the router*. The amount of time it takes for the firmware to upgrade will depend on the router that’s being upgraded. *Upgrading the firmware will cause the router to reboot. The InControl method Described in this knowledgebase article on our forum. 28.
this are located at System > Schedule Enable scheduling, and then click on your schedule name or on the New Schedule button to begin. Edit Schedule Profile Enabling Name Click this checkbox to enable this schedule profile. Note that if this is disabled, then any associated features will also have their scheduling disabled. Enter your desired name for this particular schedule profile. Schedule Click the drop-down menu to choose pre-defined schedules as your starting point.
28.5 Email Notification Email notification functionality provides a system administrator with up-to-date information on network status. The settings for configuring email notifications are found at System>Email Notification. Email Notification Settings Email Notification This setting specifies whether or not to enable email notification. If Enable is checked, the Pepwave router will send email messages to system administrators when the WAN status changes or when new firmware is available.
SMTP User Name / Password This setting specifies the SMTP username and password while sending email. These options are shown only if Require authentication is checked in the SMTP Server setting. Confirm SMTP Password This field allows you to verify and confirm the new administrator password. Sender’s Email Address This setting specifies the email address the Pepwave router will use to send reports.
28.6 Event Log Event log functionality enables event logging at a specified remote syslog server. The settings for configuring the remote system log can be found at System>Event Log. Event Log Settings Remote Syslog This setting specifies whether or not to log events at the specified remote syslog server. Remote Syslog Host This setting specifies the IP address or hostname of the remote syslog server.
Session Logging This setting specifies the IP address or hostname of the Session log server. Host For more information on www.peplink.com/products/router-utility the Router Utility, go to: 28.7 SNMP SNMP or simple network management protocol is an open standard that can be used to collect information about the Pepwave router. SNMP configuration is located at System>SNMP. SNMP Settings SNMP Device Name SNMP Port This field shows the router name defined at System>Admin Security.
SNMP Community Settings Community Name This setting specifies the SNMP community name. Allowed Source This setting specifies a subnet from which access to the SNMP server is allowed. Enter subnet address here (e.g., 192.168.1.0) and select the appropriate subnet Subnet Address mask. To define a user name for SNMPv3, click Add SNMP User in the SNMPv3 User Name table, upon which the following screen is displayed: SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3.
When DES is selected, an entry field will appear for the password. 28.8 SMS Control SMS Control allows the user to control the device using SMS even if the modem does not have a data connection. The settings for configuring the SMS Control can be found at System>SMS Control. Supported Models ● ● Balance/MAX: *-LTE-E, *-LTEA-W, *-LTEA-P, *-LTE-MX EPX: *-LW*, *-LP* When this box is checked, the device will be allowed to take actions according to received commands via SMS.
28.9 InControl InControl is a cloud-based service which allows you to manage all of your Peplink and Pepwave devices with one unified system. With it, you can generate reports, gather statistics, and configure your devices automatically. All of this is now possible with InControl. When this check box is checked, the device's status information will be sent to the Peplink InControl system. This device's usage data and configuration will be sent to the system if you enable the features in the system.
28.10Configuration Backing up Pepwave router settings immediately after successful completion of initial setup is strongly recommended. The functionality to download and upload Pepwave router settings is found at System>Configuration. Note that available options vary by model. Configuration The Restore Factory Settings button is to reset the configuration to factory Restore Configuration to default settings.
28.11 Feature Add-ons Some Pepwave routers have features that can be activated upon purchase. Once the purchase is complete, you will receive an activation key. Enter the key in the Activation Key field, click Activate, and then click Apply Changes. 28.12 Reboot This page provides a reboot button for restarting the system. For maximum reliability, the Pepwave router can equip with two copies of firmware. Each copy can be a different version.
29 Tools 29.1 Ping The ping test tool sends pings through a specific Ethernet interface or a SpeedFusionTM VPN connection. You can specify the number of pings in the field Number of times, to a maximum number of 10 times. Packet Size can be set to a maximum of 1472 bytes. The ping utility is located at System>Tools>Ping, illustrated below: Tip A system administrator can use the ping utility to manually check the connectivity of a particular LAN/WAN connection.
29.2 Traceroute Test The traceroute test tool traces the routing path to the destination through a particular Ethernet interface or a SpeedFusionTM connection. The traceroute test utility is located at System>Tools>Traceroute. Tip A system administrator can use the traceroute utility to analyze the connection path of a LAN/WAN connection. 29.3 PepVPN Test The PepVPN Test tool can help to test the throughput between different VPN peers.
29.4 Wake-on-LAN Peplink routers can send special “magic packets” to any client specified from the Web UI. To access this feature, navigate to System > Tools > Wake-on-LAN Select a client from the drop-down list and click Send to send a “magic packet” 29.5 CLI (Command Line Interface Support) The CLI (command line interface) can be accessed via SSH. This field enables CLI support. The below settings specify which TCP port and which interface(s) should accept remote SSH CLI access.
30 Status 30.1 Device System information is located at Status>Device. System Information Device Name Model Product Code Hardware Revision This is the name specified in the Device Name field located at System>Admin Security. This shows the model name and number of this device. If your model uses a product code, it will appear here. This shows the hardware version of this device.
Serial Number Firmware This shows the serial number of this device. This shows the firmware version this device is currently running. PepVPN Version This shows the current PepVPN version. Modem Support This shows the modem support version. For a list of supported modems, click Modem Support List. Version InControl Managed Configuration Host Name Uptime System Time InControl Managed Configurations (firmware, VLAN, Captive Portal, etcetera) The host name assigned to the Pepwave router appears here.
30.2 GPS Data GPS enabled models automatically store up to seven days of GPS location data in GPS eXchange format (GPX). To review this data using third-party applications, click Status>Device and then download your GPX file. The Pepwave GPS enabled devices export real-time location data in NMEA format through the LAN IP address at TCP port 60660. It is accessible from the LAN or over a SpeedFusion connection. To access the data via a virtual serial port, install a virtual serial port driver.
30.3 Active Sessions Information on active sessions can be found at Status>Active Sessions>Overview. This screen displays the number of sessions initiated by each application. Click on each service listing for additional information. This screen also indicates the number of sessions initiated by each WAN port. In addition, you can see which clients are initiating the most sessions. You can also perform a filtered search for specific sessions. You can filter by subnet, port, protocol, and interface.
This Active Sessions section displays the active inbound/outbound sessions of each WAN connection on the Pepwave router. A filter is available to sort active session information. Enter a keyword in the field or check one of the WAN connection boxes for filtering.
30.4 Client List The client list table is located at Status>Client List. It lists DHCP and online client IP addresses, names (retrieved from the DHCP reservation table or defined by users), current download and upload rate, and MAC address. Clients can be imported into the DHCP reservation table by clicking the right. You can update the record after import by going to Network>LAN. button on the If the PPTP server (see Section 19.2), SpeedFusionTM (see Section 12.
30.6 UPnP / NAT-PMP The table that shows the forwarded ports under UPnP and NAT-PMP protocols is located at Status>UPnP/NAT-PMP. This section appears only if you have enabled UPnP / NAT-PMP as mentioned in Section 16.1.1. Click to delete a single UPnP / NAT-PMP record in its corresponding row. To delete all records, click Delete All on the right-hand side below the table. Important Note UPnP / NAT-PMP records will be deleted immediately after clicking the button need to click Save or Confirm. 30.
30.8 BGP Shows status of BGP 30.9 SpeedFusion Status Current SpeedFusionTM status information is located at Status>SpeedFusionTM. Details about SpeedFusionTM connection peers appears as below: Click on the corresponding peer name to explore the WAN connection(s) status and subnet information of each VPN peer.
Click the button for a SpeedFusion chart displaying real-time throughput, latency, and drop-rate information for each WAN connection.
When pressing the button, the following menu will appear: The Speedfusion status page shows all related information about the PepVPN connection. This screen also allows you to run PepVPN Tests allowing throughput tests. Peplink also published a whitepaper about Speedfusion which can be downloaded from the following url: http://download.peplink.com/resources/whitepaper-speedfusion-and-best-practices-2019.
30.10 Event Log Event log information is located at Status>Event Log. The log section displays a list of events that has taken place on the Pepwave router. Check Auto Refresh to refresh log entries automatically. Click the Clear Log button to clear the log.
31 WAN Quality The Status > WAN Quality allow to show detailed information about each connected WAN connection. For cellular connections it shows signal strength, quality, throughput and latency for the past hour.
32 Usage Reports This section shows bandwidth usage statistics and is located at Status > Usage Reports Bandwidth usage at the LAN while the device is switched off (e.g., LAN bypass) is neither recorded nor shown. 32.1 Real-Time The Data transferred since installation table indicates how much network traffic has been processed by the device since the first bootup. The Data transferred since last reboot table indicates how much network traffic has been processed by the device since the last bootup.
32.2 Hourly This page shows the hourly bandwidth usage for all WAN connections, with the option of viewing each individual connection. Select the desired connection to check from the drop-down menu.
32.3 Daily This page shows the daily bandwidth usage for all WAN connections, with the option of viewing each individual connection. Select the connection to check from the drop-down menu. If you have enabled the Bandwidth Monitoring feature, the Current Billing Cycle table for that WAN connection will be displayed. Click on a date to view the client bandwidth usage of that specific date. This feature is not available if you have selected to view the bandwidth usage of only a particular WAN connection.
32.4 Monthly This page shows the monthly bandwidth usage for each WAN connection. If you have enabled the Bandwidth Monitoring feature, you can check the usage of each particular connection and view the information by Billing Cycle or by Calendar Month. Click the first two rows to view the client bandwidth usage in the last two months. This feature is not available if you have chosen to view the bandwidth of an individual WAN connection.
Ethernet WAN Monthly Bandwidth Usage Tip By default, the scale of data size is in MB. 1GB equals 1024MB.
Appendix A: Restoration of Factory Defaults To restore the factory default settings on a Pepwave router, follow the steps below: 1. Locate the reset button on the front or back panel of the Pepwave router. 2. With a paperclip, press and keep the reset button pressed. Note: There is a dual function to the reset button.
Appendix B: FusionSIM Manual Peplink has developed a unique technology called FusionSIM, which allows SIM cards to remotely link to a cellular router. This can be done via cloud or within the same physical network. There are a few key scenarios to fit certain applications. The purpose of this manual is to provide an introduction on where to start and how to set up for the most common scenarios and uses. Requirements 1. A Cellular router that supports FusionSIM technology 2. SIM Injector 3.
Scenario 1: SIM Injector in LAN of Cellular Router Setup topology This is the most basic scenario in which the SIM Injector is connected directly to the cellular router’s LAN port via an ethernet cable. This allows for the cellular router to be positioned for the best possible signal. Meanwhile, the SIM cards can be conveniently located in other locations such as the office, passenger area, or the bridge of a ship.
