manualshive.com logo in svg

BEC MX-200, User Manual

The BEC MX-200 User Manual is a comprehensive guide for operating and configuring the BEC MX-200 device. This manual provides step-by-step instructions and detailed illustrations to ensure a smooth setup process. Get your free download of the BEC MX-200 User Manual exclusively at manualshive.com.

Share
Download
background image

 

Device Configuration 

Dual WAN 

– Protocol Binding 

62 

 

 
BEC MX-200 User Manual

 

 

Protocol Binding 

Protocol Binding lets you direct specific traffic to go out from a specific WAN port. Policies determine 
how specific types of internet traffic are routed, for example, traffic from a particular IP address(es) 
granted access to only one WAN port rather than using both of the WAN ports as with load balancing.

 

 

Rule Index: 

The numeric rule indicator. The maximum entry is up to 16. 

Active: 

Click YES to activate the rule 

Bind Interface: 

The dedicated WAN interface that guarantees to handle this traffic request. 

Source IP Address: 

Enter the source IP address featuring the traffic origin. 

Subnet Mask: 

Enter the subnet of the source network. 

Port Number: 

Enter the port number which defines the application. 

Destination IP Address: 

Enter the destination IP address featuring the traffic destination. 

Subnet Mask: 

Enter the subnet of the designation network. 

Port Number: 

Enter the port number which defines the application. 

DSCP: 

The DSCP value. Value Range from 0~64; 64 means Don't care 

Protocol: 

Select a protocol, TCP, UDP, ICMP, to use for this traffic. 

Click

 Save 

to apply the settings 

 

Example:  

All traffics from IP 192.168.1.100/255.255.255.0 with port 8080 will go through WAN1 interface.  

The only time it would go through WAN2 interface is when WAN1 has no Internet connection.  

Summary of Contents for MX-200

Page 1: ...Last revised October 2015 Version release v1 10 User Manual BEC MX 200 Advanced Industrial 4G LTE Wireless Router ...

Page 2: ... BASIC INSTALLATION 12 NETWORK CONFIGURATION IPV4 13 Configuring PC in Windows 10 IPv4 13 Configuring PC in Windows 7 8 IPv4 15 Configuring PC in Windows Vista IPv4 17 Configuring PC in Windows XP IPv4 19 NETWORK CONFIGURATION IPV6 21 Configuring PC in Windows 10 IPv6 21 Configuring PC in Windows 7 8 IPv6 23 Configuring PC in Windows Vista IPv6 25 Configuring PC in Windows XP IPv6 27 DEFAULT SETTI...

Page 3: ...N 54 Dual WAN 58 General Setting 58 Outbound Load Balance 61 Protocol Binding 62 Advanced Setup 63 Firewall 63 Routing 64 Dynamic Routing 65 NAT 67 Static DNS 72 Time Schedule 73 Mail Alert 74 Remote System Log 75 Serial RS 232 Port 76 VPN 78 IPSec 79 PPTP Server 89 PPTP Client 90 L2TP 94 GRE Tunnel 101 Access Management 103 Device Management 103 SNMP 104 Universal Plug Play 105 Dynamic DNS DDNS 1...

Page 4: ...e 117 User Management 117 Time Zone 119 License 120 Firmware Configuration 121 System Restart 122 Auto Reboot 123 Diagnostics Tool 124 CHAPTER 5 TROUBLESHOOTING 125 Problems with the Router 125 Problem with LAN Interface 125 Recovery Procedures 126 APPENDIX PRODUCT SUPPORT CONTACT 127 ...

Page 5: ...provide extraordinary always on internet connectivity Ultra Compact and Lightweight Design Designed for continuous operation in harsh environments the MX 200 supports an extended operating temperature range from 4 to 140ºF 20 to 60ºC and a flexible input voltage range of 8 56V DC making it suitable for diverse environments and applications To enable simple reliable and efficient integration the ul...

Page 6: ...s commonly implemented in modern operating systems supporting IPv6 Quick Start Wizard Support a WEB GUI page to install this device quickly With this wizard simple steps will get you connected to the Internet immediately Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI ...

Page 7: ...et Filtering Quality of Service Control for traffic prioritization management Universal Plug and Play UPnP Compliance Ease of Use with Quick Installation Wizard Small form factor with multiple mounting options easily installed by a single person Hardened enclosure with Industrial graded components Designed to withstand hypothermia heat and protect from shock vibration etc Availability and Resilien...

Page 8: ...ation management based on Protocol Port Number and IP Address IPv4 IPv6 Virtual Private Network VPN Optional 8 IPSec VPN Tunnels 8 PPTP VPN Tunnels Dial in 4 Dial out 4 8 L2TP VPN Tunnels Dial in 4 Dial out 4 GRE up to 8 tunnels Embedded PPTP L2TP IPSec Client and Server IKE Key Management MPPE Encryption for PPTP IPSec DES 3DES and AES encryption Management Quick Installation wizard Web based GUI...

Page 9: ... antennas WAN 3G 4G LTE and or ETH WAN Optional RS 232 DCE DB 9 one 1 port Ethernet LAN 2 port 10 100 1000Mbps auto crossover MDI MDI X switch SIM Card One 1 slot Reset Button Power Connector 4 pin connectors LED Indicators Power Internet LTE Ethernet Physical Specifications Dimensions W H D 4 29 x 1 17 x 3 43 109mm x 29 7mm x 87mm ...

Page 10: ... 200 Advanced Industrial 4G LTE Wireless VPN Router is ideal the ideal solution for Digital signage Remote surveillance Vending Machines Retail Point of Sales PoS Remote patient care maintenance services SCADA Metering applications and much more Industrial Industry Power Energy Industry ...

Page 11: ...X 200 on other equipment Do not open or repair the case yourself If the device becomes too hot turn off the power immediately and have it repaired at a qualified service center Avoid using this product and all accessories outdoors Warning Place the router on a stable surface Only use the power adapter that comes with the package Using a different voltage rating power adaptor may damage the router ...

Page 12: ...ble port for broadband connectivity Connect PCs Laptops or any other office home LAN devices with the supplied RJ 45 Ethernet cable Cat 5 or Cat 5e to any of those two LAN ports 2 SERIAL RS 232 serial port for machine connection and data collection Connect the male end of RS 232 serial data cable to the MX 200 and the other end to a machine or PC 2 1 1 ...

Page 13: ...rs for the Cellular Module 2 GPS Antenna Connector SMA female connectors Manually screw the GPS antenna tight to the connector 3 RESET After the device is powered on press it 6 seconds or above to restore to factory default settings this is used when you cannot login to the router e g forgot your password 4 POWER Connect the supplied screw terminal block 2 pin 3 5mm to this jack port 1 1 1 1 2 1 3...

Page 14: ...than 69 dBm Excellent signal condition Green Fast Flashing RSSI from 81 to 69 dBm Good signal condition Red Fast Flashing RSSI from 99 to 81 dBm Fair signal condition Red Slow Flashing RSSI less than 99 dBm Poor signal condition Red No signal and the 4G LTE module is in service Off No LTE module or LTE module fails 3 Internet Green IP connected and traffic is passing through the device Red IP requ...

Page 15: ...INTERNET LED flashes in GREEN Step 3 Restore your MX 200 Device With INTERNET light flashes green MX 200 is in recovery mode and ready for a new Firmware 3 1 Open a web browser and type the IP address 192 168 1 1 to access to the recovery page NOTE In the recovery mode MX 200 will not respond to any PING or other requests 3 2 Browse to the new Firmware image file then click Upload to start the upg...

Page 16: ...bnet and have an IP address in the range of 192 168 1 1 to 192 168 1 253 The best and easiest way is to configure the PC to get an IP address automatically from the router using DHCP If you encounter any problems accessing the router s web interface it may also be advisable to uninstall any kind of software firewall on your PCs as they can cause problems accessing the 192 168 1 254 IP address of t...

Page 17: ...Windows 10 IPv4 1 Click 2 Click 3 Then click on Network and Internet 4 Under Related settings select Network and Sharing Center 5 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 6 Select the Local Area Connection and right click the icon to select Properties ...

Page 18: ... Version 4 TCP IPv4 then click Properties 8 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 9 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 19: ...7 8 IPv4 10 Go to Start Click on Control Panel 11 Then click on Network and Internet 12 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 13 Select the Local Area Connection and right click the icon to select Properties ...

Page 20: ...TCP IPv4 then click Properties 15 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 16 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 21: ...IPv4 1 Go to Start Click on Network 2 Then click on Network and Sharing Center at the top bar 3 When the Network and Sharing Center window pops up select and click on Manage network connections on the left window pane 4 Select the Local Area Connection and right click the icon to select Properties ...

Page 22: ...4 TCP IPv4 then click Properties 6 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 23: ...MX 200 User Manual Configuring PC in Windows XP IPv4 1 Go to Start Click on Control Panel 2 Then click on Network and Internet 3 In the Local Area Connection Status window click Properties 4 Select Internet Protocol TCP IP and click Properties ...

Page 24: ...c Installation Windows XP IPv4 20 BEC MX 200 User Manual 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration ...

Page 25: ...IPv6 1 Click 2 Click 3 Then click on Network and Internet 4 Under Related settings select Network and Sharing Center 5 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 6 Select the Local Area Connection and right click the icon to select Properties ...

Page 26: ...CP IPv6 then click Properties 8 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 9 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 27: ...s 7 8 IPv6 1 Go to Start Click on Control Panel 2 Then click on Network and Internet 3 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 4 Select the Local Area Connection and right click the icon to select Properties ...

Page 28: ...TCP IPv6 then click Properties 6 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 29: ...IPv6 1 Go to Start Click on Network 2 Then click on Network and Sharing Center at the top bar 3 When the Network and Sharing Center window pops up select and click on Manage network connections on the left window pane 4 Select the Local Area Connection and right click the icon to select Properties ...

Page 30: ...6 TCP IPv6 then click Properties 6 In the TCP IPv6 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 31: ...orted by Windows XP but you need to install it first Please follow the steps to install IPv6 1 On the Desktop Click Start Run type cmd then press Enter key in the keyboard the following screen appears 2 Key in command ipv6 install Installation of IPv6 is now completed Please test it to see if it works or not ...

Page 32: ... user Device LAN IP Settings IP Address 192 168 1 254 Subnet Mask 255 255 255 0 DHCP Server DHCP server is enabled Start IP Address 192 168 1 100 IP pool counts 100 Attention If you ever forget the username password to login to the router you may press the RESET button up to 6 seconds then release it to restore the factory default settings Caution After pressing the RESET button for more than 6 se...

Page 33: ... by default is 192 168 1 254 and click Go a user name and password window prompt appears The default username and password is admin and admin respectively for the Administrator For the User account default username and password is user and user NOTE This username password may vary by different Internet Service Providers Congratulations You have successfully logged on to your MX 200 ...

Page 34: ...und Load Balance Protocol Binding 3G 4G LTE Status Advanced Setup Firewall Routing Dynamic Routing NAT Static DNS Time Schedule Mail Alert Remote System Log Serial Statistics VPN IPSec PPTP Server PPTP Client L2TP GRE DHCP Table Access Management Device Management SNMP Universal Plug Play Dynamic DNS Access Control Packet Filter CWMP TR 069 Parental Control IPSec Status Maintenance User Management...

Page 35: ...tly loaded in the router MAC Address A unique number that identifies the router Data Time Setup correct time on the MX 200 with your PC Check on Time Zone section for more configuration information System Uptime Display how long the MX 200 has been powered on Physical Port Status Physical Port Status Display available connection interfaces WAN 3G 4G LTE EWAN and LAN Ethernet are supported in the M...

Page 36: ...address Subnet Mask Prefix Length Display LAN port IP subnet mask of IPv4 and or Prefix length of IPv6 DHCP Server Display LAN DHCP status of IPv4 and IPv6 Enable 192 168 1 100 199 DHCPv4 server status on or off DHCP IP range Enable Stateless DHCPv6 server status on or off DHCPv6 server Type ...

Page 37: ...ice Configuration Status System Log 33 BEC MX 200 User Manual System Log In system log you can check the operations status and any glitches to the router Refresh Press this button to refresh the statistics ...

Page 38: ...d RSSI RSSI Received Signal Strength Indicator parameter which provides information about total received wide band power measure in all symbols including all interference and thermal noise Please refer to the Device Description for details SINR Signal to Interference plus Noise Ratio is also a measure of signal quality as well It is widely used by the operators as it provides a clear relationship ...

Page 39: ...y the amount of mobile data used and remaining in current billing cycle Billing Cycle Display the start date and number of days remaining in current billing cycle Clean Reset current saved mobile usage Save Click to save current mobile status to ROM Refresh Click to refresh this page ...

Page 40: ...latest second for the current connection for the current connection Transmit Total Frames Display the total number of frames transmitted till the latest second since system is up Transmit Total Bytes Display the total number of bytes transmitted until the latest second since system is up Receive Statistics Receive Frames of Current Connection Display the number of frames received until the latest ...

Page 41: ...ay the number of bytes transmitted until the latest second Transmit Collision Numbers of collisions have occurred on this port Transmit Error Frames Display the number of error packets on this port Receive Statistics Receive Frames Display the number of frames received until the latest second Receive Multicast Frames Display the number of multicast frames received until the latest second Receive T...

Page 42: ...e number of bytes transmitted until the latest second Transmit Collision Numbers of collisions have occurred on this port Transmit Error Frames Display the number of error packets on this port Receive Statistics Receive Frames Display the number of frames received until the latest second Receive Multicast Frames Display the number of multicast frames received until the latest second Receive Total ...

Page 43: ...onnected to the router with clear information Index The numeric indicator for devices using dynamic IP addresses Host Name Show the hostname of the PC IP Address The IP allocated to the device MAC Address The MAC of the connected device Expire Time The total remaining interval since the IP assignment to the PC ...

Page 44: ...ction name Active Show if the tunnel is active for connection Connection State Show the IPSec phase 1 and phase 2 connecting status Statistics Display the upstream downstream traffic per session in KB The value clears when session disconnects Remote Gateway The IP of the remote IPSec gateway Remote Network The IP and Netmask of remote access range Local Network The IP and Netmask of local access r...

Page 45: ...r Remote Network Display the remote network and subnet mask in LAN to LAN PPTP connection Refresh Click this button to refresh the connection status PPTP Client Index The numeric PPTP connection indicator Connection Name Show user defined PPTP VPN connection name Active Show if the tunnel is active for connection Connection State Show the connecting status Connection Type Remote Access or LAN to L...

Page 46: ... L2TP mode is dial in or dial out Connection Type Remote Access or LAN to LAN Tunnel Remote IP Address Display the remote tunnel IP address Refresh Click this button to refresh the connection status GRE Status Index The numerical GRE tunnel indication Connection Name Display the user defined GRE connection name Active Show if the tunnel is active for connection Connection State Show the connecting...

Page 47: ... Ethernet MAC addresses This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature The numeric table list indicator IP Address It is IP Address of internal host that join this network MAC Address The MAC address of interna...

Page 48: ...t Wizard is a helpful guide for the first time users to the device For detailed instructions on configuring WAN settings see refer to the Interface Setup section Click NEXT to move on to Step 1 Step 1 Password Set new password of the admin account to access for router management The default is admin Once changed please use this new password next time when accessing to the router Click NEXT to cont...

Page 49: ...ters from your ISP Click Next to continue 3 2 2 If selected EWAN LAN1 PPPoE please enter PPPoE account information provided by your ISP Click NEXT to continue Step 4 Quick Start Completed The Setup Wizard has completed Click on BACK to make changes or correct mistakes Click NEXT to save the current settings and complete the Quick Start setups Go back to the Status Device Info to view the status ...

Page 50: ...Maintenance These functions are described in the following sections Interface Setup Here are the features under Interface Setup Internet and LAN Internet 3G 4G LTE WAN Interface List all available WAN interfaces In this section you have selected to use 3G 4G LTE Status Choose Activated to enable the 3G 4G LTE connection Usage Allowance Enable and click Usage Allowance for further setting configura...

Page 51: ...mail alert and keep the mobile connection alive Email Alert and Disconnect Disconnect mobile connection after an alert e mail is being sent Save the statistics to ROM Every one hour Activate the 3G 4G LTE statistics on data usage and this info will get updated and saved to the internal memory ROM in every hour Once the feature is turned on you can see the amount of data used and how many days left...

Page 52: ... information APN An APN is similar to a URL on the WWW it is what the unit makes a GPRS UMTS call The service provider is able to attach anything to an APN to create a data connection requirements for APNs varies between different service providers Most service providers have an internet portal which they use to connect to a DHCP Server thus giving you access to the internet i e some 3G operators ...

Page 53: ... Yes to use this interface as default route interface NAT Select this option to Disabled Enable the NAT Network Address Translation function Enable NAT to grant multiples devices in LAN to access to the Internet through a single WAN IP When router s Internet configuration is finished successfully you can go to the Status to check connection information MTU aximum Transmission Unit The size of the ...

Page 54: ...200 User Manual EWAN LAN 1 Status Select to enable activate or disable deactivated the service IPv4 IPv6 IP Version Choose IPv4 IPv4 IPv6 IPv6 based on your environment If you don t know which one to choose from please choose IPv4 IPv6 instead ISP Connection Type ...

Page 55: ...hich the frame belongs Enter the VLAN ID identification tagged 0 4095 PPPoE If selected PPPoE as WAN Connection Type otherwise skip this part Username Enter the user name provided by your ISP Password Enter the password provided by your ISP Bridge Interface for PPPoE When Activated the device will gain WAN IP from your ISP with the PPPoE account But if your PC is connected to the router working as...

Page 56: ...default is 0 0 0 0 User can change it to other such as 255 255 255 0 Type the subnet mask assigned to you by your ISP if given Gateway Enter the specific gateway IP address you get from ISP NAT Enable to allow MX 1000 to assign private network IPs to all devices in the network for get Internet access Dynamic Route RIP Version Routing Information protocol Select this option to specify the RIP versi...

Page 57: ...v6 in IP version field above IPv6 Address Type the WAN IPv6 address from your ISP Obtain IPv6 DNS Choose if you want to obtain DNS automatically Primary Secondary if you choose Disable in the Obtain IPv6 DNS field please type the exactly primary and secondary DNS MLD Proxy MLD Multicast Listener Discovery Protocol is to IPv6 just as IGMP to IPv4 It is a Multicast Management protocol for IPv6 multi...

Page 58: ... Address Enter the IP address of Router in dotted decimal notation for example 192 168 1 254 factory default IP Subnet Mask The default is 255 255 255 0 User can change it to other such as 255 255 255 128 Alias IP Address This is for local networks virtual IP interface Specify an IP address on this virtual interface Alias IP Subnet Mask Specify a subnet mask on this virtual interface IGMP Snooping...

Page 59: ...gate DHCP server and relays DHCP requests and responses between the remote server and the clients Enter the IP address of the actual remote DHCP server in the Remote DHCP Server field in this case When DHCP is used the following items need to be set Start IP This field specifies the first of the contiguous addresses in the IP address pool IP Pool Count This field specifies the count of the IP addr...

Page 60: ...f hosts minimal if any configuration of routers and no additional servers The stateless mechanism allows a host to generate its own addresses using a combination of locally available information MAC address and information prefix advertised by routers Routers advertise prefixes that identify the subnet s associated with a link while hosts generate an interface identifier that uniquely identifies a...

Page 61: ...DHCPv6 server Start interface ID enter the start interface ID The IPv6 address composed of two parts thus the prefix and the interface ID Interface is like the Host ID compared to IPv4 End interface ID enter the end interface ID Leased Time seconds the leased time similar to leased time in DHCPv4 is a time limit assigned to clients when expires the assigned ID will be recycled and reassigned Route...

Page 62: ...l Dual WAN Dual WAN is a feature to have two independent Internet connection connected concurrently offers a reliable Internet connectivity and maximize bandwidth utilization for critical applications delivery General Setting Mode Select a mode then click Save to proceed ...

Page 63: ...switch to the backup link WAN2 when primary link WAN1 fails and vise versa Example Auto failover takes place after straight 3 consecutive failures in every 30 seconds meaning all traffic will hand over to backup link WAN2 after primary link fails to response in total of 90 seconds 30 seconds for 3 consecutive failures Note Failover and Failback follow the same Connectivity Decision Probe Cycle rul...

Page 64: ...etect WAN connectivity automatically Connectivity Decision Probe Cycle Set a number of times and time in seconds to determine when to turn off the Load Balancing service Example Disable Load Balance after straight 3 consecutive failures in every 30 seconds meaning all traffic will hand over to backup link WAN2 after primary link fails to response in total of 90 seconds 30 seconds for 3 consecutive...

Page 65: ... based on Session Mechanism or IP Hash Mechanism Base on Session Mechanism Balance by Session Round Robin Automatically assign requests traffics to each WAN interface based on real time WAN traffic handling capacity OR Balance by Session weight Manually Balance session traffic based on a weight ratio Example Session weight by 3 1 meaning forward 3 requests to WAN1 and 1 request to WAN2 Base on IP ...

Page 66: ...this traffic request Source IP Address Enter the source IP address featuring the traffic origin Subnet Mask Enter the subnet of the source network Port Number Enter the port number which defines the application Destination IP Address Enter the destination IP address featuring the traffic destination Subnet Mask Enter the subnet of the designation network Port Number Enter the port number which def...

Page 67: ...Translation the router acts as a natural Internet firewall since all PCs on your LAN use private IP addresses that cannot be directly accessed from the Internet Firewall To automatically detect and block Denial of Service DoS attacks such as Ping of Death SYN Flood Port Scan and Land Attack Enabled Activate your firewall function Disabled Deactivate the firewall function SPI If you enabled SPI all...

Page 68: ...te uses Metric It represents the cost of transmission for routing purposes The number need not be precise but it must be between 1 and 15 Interface Media channel selected to append the route Edit Edit the route this icon is not shown for system default route Drop Drop the route this icon is not shown for system default route Add Route Destination IP Address This is the destination subnet IP addres...

Page 69: ...ess the internet through a single IP account sharing the single IP address NAT break the originally envisioned model of IP end to end connectivity across the internet so NAT can cause problems where IPSec PPTP encryption is applied or some application layer protocols such as SIP phones are located behind a NAT And NAT makes it difficult for systems behind a NAT to accept incoming communications OS...

Page 70: ...Device Configuration Advanced Setup Routing 66 BEC MX 200 User Manual BGP ...

Page 71: ...to accept incoming communications NAT Status Enabled Disabled if WAN connection is in BRIDGE mode VPN Passthrough VPN pass through is a feature of routers which allows VPN client on a private network to establish outbound VPNs unhindered SIP ALG Enable the SIP ALG when SIP phone needs ALG to pass through the NAT Disable the SIP ALG when SIP phone includes NAT Traversal algorithm Interface Select a...

Page 72: ... Firewall and NAT algorithms then passed to the DMZ host when a packet received does not use a port number used by any other Virtual Server entries DMZ for via a WAN Interface Allows outside network to connect in and communicate with internal LAN devices via this WAN interface DMZ Enabled Activate the DMZ function Disabled Deactivate the DMZ function DMZ Host IP Address Give a static IP address to...

Page 73: ...LAN network Depending on the requested service TCP UDP port number the device redirects the external service request to the appropriate server within the LAN network Virtual Server for Indicate the related WAN interface to allow outside network to connect in and communicate with internal LAN devices Protocol Choose the application protocol Start End Port Number Enter a port or port range you want ...

Page 74: ... users will be able to connect to PCs on your network For this reason you are advised to use specific Virtual Server entries just for the ports your application requires instead of using DMZ As doing so will result in all connections from the WAN attempt to access to your public IP of the DMZ PC specified If you have disabled the NAT option in the WAN ISP section the Virtual Server function will h...

Page 75: ... Step 2 Login to the Gateway and go to Configuration Advanced Setup NAT Virtual Server FTP server uses TCP protocol with port 21 Enter 21 to Start and End Port Number The MX 200 will accept port 21 requests from WAN side Enter the static IP assigned to the local PC that is hosting the FTP server Ex 192 168 1 102 Enter 21 to Local Start and End Port number The MX 200 will forward port 21 request fr...

Page 76: ...names meaningful to humans into the numerical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide An often used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human friendly computer hostnames into IP addresses For example the domain name www example com can be translated ...

Page 77: ...ple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Time Index The rule indicator 0 15 for identifying each timeslot Name User defined identification for each time period Day of Week Mon to Sun Specify the time interval for each timeslot from Day of Week Start Time The starting point of the interval for the timeslot anytime in 00 00 24 00 End Time The endin...

Page 78: ...e for sending emails Username Enter the username of your email account to be used by the SMTP server Password Enter the password of your email account Sender s Email Enter your email address SSL TLS Check to whether to enable SSL encryption feature Port the port default is 25 Account Test Click the button to test the connectivity and feasibility to your sender s e mail Recipient s Email WAN IP Cha...

Page 79: ...EC MX 200 User Manual Remote System Log Remote System Log Select Activated to enable this feature Server IP Address Assign the remote log server IP address Server UDP Port Assign the remote log server port 514 is commonly used Click Save to apply the settings ...

Page 80: ...TCP Disable Disable the serial port RS 232 Modbus TCP Modbus is a master slave communication uses IP over Ethernet to carry data between devices machines Port Generally uses port 502 master and slave must use the same port Specify port other than port 502 Response Timeout ms Specify a response time out in milliseconds After the response timeout expires default is in 3000ms 3 seconds data transacti...

Page 81: ...a packet Delimiter A way to keep packets in tract Time Delimiter Default time is in 1000ms After time has reached serial data will be transmitted Time range from 1 30000ms Character Delimiter Default characters are 0x0d0a Serial data will get transmitted when seeing the specified character s in this case 0x0d0a Valid characters 0x Hex code TCP Idle Timeout Seconds Default time is in 60 seconds Spe...

Page 82: ...s through primarily public communication infrastructures such as the Internet VPNs provide security through tunneling protocols and security procedures such as encryption For example a VPN could be used to securely connect the branch offices of an organization to a head office network through the public Internet MX 200 supports IPSec PPTP L2TP and GRE for enterprise users ...

Page 83: ...g mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session IPSec is an end to end security scheme operating in the Internet Layer of the Internet Protocol Suite It can be used in protecting data flows between a pair of security gateways network to network or between a security gateway and a host network to host A total...

Page 84: ...s or subnet of the local network Single IP The IP address of the local host for establishing an IPSec connection between a security gateway and a host network to host Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network Remote Access Range Set the IP address or subnet of the remote network Single IP The IP address of the loc...

Page 85: ... DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency DES Stands for Data Encryption Standard it uses 56 bits as an encryption method 3DES Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards you can use 128 192 or 256 bits as encryption method Authentication Algorithm Authentication establi...

Page 86: ...fetime SA Lifetime Specify the number of minutes that a Security Association SA will stay active before new encryption and authentication key will be exchanged There are two kinds of SAs IKE and IPSec IKE negotiates and establishes SA on behalf of IPSec an IKE SA is used by IKE Phase 1 IKE To issue an initial connection request for a new VPN tunnel The range can be from 5 to 15 000 minutes and the...

Page 87: ...n Ping to the IP Interval sec Ping to the IP Action 0 0 0 0 0 No 0 0 0 0 2000 No xxx xxx xxx xxx A valid IP Address 0 No xxx xxx xxx xxx A valid IP Address 2000 Yes activate it in every 2000 second Disconnection Time after No Traffic It is the NO Response time clock When no traffic stage time is beyond the Disconnection time set Router will automatically halt the tunnel connection and re establish...

Page 88: ...Sec Example on LAN to LAN 84 BEC MX 200 User Manual Examples IPSec Network LAN to Network LAN Two of the MX 1000 devices want to setup a secure IPSec VPN tunnel NOTE The IPSec Settings shall be consistent between the two routers ...

Page 89: ... Office network Local Network IP Address 192 168 1 0 Local Network Netmask 255 255 255 0 Remote Access Range Subnet Branch office network Remote Network IP Address 192 168 0 0 Remote Network Netmask 255 255 255 0 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal ...

Page 90: ...d Office network Local Network IP Address 192 168 0 0 Local Network Netmask 255 255 255 0 Remote Access Range Subnet Branch office network Remote Network IP Address 192 168 1 0 Remote Network Netmask 255 255 255 0 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal...

Page 91: ...N IPSec Example on Remote Access 87 BEC MX 200 User Manual Examples IPSec Remote Employee to MX 200 Connection Router servers as VPN server and host should install the IPSec client to connect to head office through IPSec VPN ...

Page 92: ...net Head Office network Local Network IP Address 192 168 1 0 Local Network Netmask 255 255 255 0 Remote Access Range Signal IP Host Remote Network IP Address 69 121 1 30 Remote Network Netmask 255 255 255 255 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal ESP ...

Page 93: ...o ensure that an intruder has not replaced the client When passed the authentication with MS CHAPv2 the MPPE encryption is supported MS DNS Assign a DNS server or use router default IP address to be the MS DNS server IP address Rule Index The numeric rule indicator for PPTP server The maximum entry is up to 4 Connection Name User defined name for the PPTP connection Active Yes to activate the acco...

Page 94: ...8bit Encryption When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client When passed the authentication with MS CHAPv2 the MPPE encryption is supported Username Please input the username for this account Password Please input the password for this accou...

Page 95: ...ease make sure this IP is not used in the Office LAN Configuration Settings Description Connection Name HS RA Give a name of L2TP connection Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Password test Dial in authenticate user password Connection Type Remote Access Remote access for dial in Assigned IP 192 168 1 2 An IP assigned to the dial in cli...

Page 96: ...ring PPTP Server in the Head office The IP address 192 168 1 2 will be assigned to the router located in the branch office Please make sure this IP is not used in the head office LAN Configuration Settings Description Connection Name HS LL Give a name of PPTP connection Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Password test Dial in authentica...

Page 97: ... Configuration Settings Description Connection Name BC LL Give a name of PPTP connection Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Password test Dial in authenticate user password Connection Type LAN to LAN LAN to LAN for dial in Server IP 69 121 1 33 Dialed server IP Remote Network IP 129 168 1 0 Remote access network Remote Network Netmask 2...

Page 98: ...ion Active To enable or disable the tunnel Connection Mode Dial in Connection Mode Select Dial In to operate as a L2TP server Authentication Type Default is Chap Pap CHAP Challenge Handshake Authentication Protocol PAP Password Authentication Protocol if you want the router to determine the authentication type to use or else manually specify PAP if you know which type the server is using when acti...

Page 99: ...rd Please input the password for this account Connection Type Remote Access From a single user LAN to LAN Enter the peer network information such as network address and Netmask Tunnel Authentication and Active Tunnel Authentication This enables router to authenticate both the L2TP remote and L2TP host This is only valid when L2TP remote supports this feature Secret Password The secure password len...

Page 100: ...PCs and Servers The input IP address 192 168 1 200 will be assigned to the remote worker Please make sure this IP is not used in the Office LAN Configuration Settings Description Connection Name HS RA Give a name of L2TP connection Connection Mode Dial in Operate as L2TP server Authentication Type Chap Pap Authentication type Username test Dial in authenticate user name Password test Dial in authe...

Page 101: ...uter is installed in the office connected to a couple of PCs and Servers Item Description Connection Name HC RA Give a name of L2TP connection Connection Mode Dial out Operate as L2TP client Server IP 69 121 1 33 Dialed server IP address Authentication Type Chap Pap Authentication type Username test Dial out authenticate user name Password test Dial out authenticate user password Connection Type R...

Page 102: ...AN to Network LAN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly NOTE Both office LAN networks must be in different subnets with the LAN LAN application ...

Page 103: ...ice LAN Item Description Connection Name HS LL Give a name of L2TP connection Connection Mode Dial in Operate as L2TP server Authentication Type Chap Pap Authentication type Username Test Dial in authenticate user name Password Test Dial in authenticate user password Assigned IP 192 168 1 200 An IP assigned to the dial in client Connection Type LAN to LAN LAN to LAN for dial in Remote Network IP 1...

Page 104: ...ription Connection Name BC LL Give a name of L2TP connection Connection Mode Dial out Operate as L2TP client Server IP 69 121 1 33 Dialed server IP Authentication Type Chap Pap Authentication type Username test Dial in authenticate user name Password test Dial in authenticate user password Connection Type LAN to LAN LAN to LAN for dial out Remote Network IP 129 168 1 0 Remote access network Remote...

Page 105: ... the local tunnel Tunnel Local Netmask Please set the Netmask for the local tunnel Tunnel Remote IP Address Set the peer IP address of the tunnel Remote Network IP Address Please set the subnet IP for remote network Remote Network Netmask Please set the Netmask for remote network Enable Keep alive Normally the tunnel interface is always up Enable keep alive to determine when the tunnel interface i...

Page 106: ...onfiguration VPN L2TP Example on LAN to LAN 102 BEC MX 200 User Manual MTU Maximum Transmission Unit Active as Default Route Select if to set the GRE tunnel as the default route Click Save to apply the settings ...

Page 107: ...evice Management SNMP Universal Plug Play Dynamic DNS Access Control Packet Filter CWMP TR 069 and Parental Control Device Management Device management offers users a way to change the embedded web server accessing port default 80 User can change the http port to 8080 or something else here Click Save to apply the settings ...

Page 108: ... requests from the management station Trap Manager IP Enter the IP of the server receiving the trap message when some exception occurs sent by this SNMP agent SNMPv3 Enable to activate the SNMPv3 User Name Enter the name allowed to access the SNMP agent Access Permissions Set the access permissions for the user RO read only and RW read and writer Authentication Protocol Select the authentication p...

Page 109: ...h the user s Operating System and the relevant application must support UPnP in addition to the router UPnP Select this checkbox to activate UPnP Be aware that anyone could use an UPnP application to open the web configuration s login screen without entering the MX 200 s IP address Auto configured Select this check box to allow UPnP enabled applications to automatically configure the MX 200 so tha...

Page 110: ...re users can register different WAN interfaces with different DNS Providers If you do not have a DDNS account please choose a DDNS Service Provider from the list then go to their website to create an account first Dynamic DNS Select this check box to activate Dynamic DNS Service Provider Select from drop down menu for the appropriate service provider for example www dyndns org My Host Name Type th...

Page 111: ... Example How to register a DDNS account If you do not have an account with Dynamic DNS please go to www dyndns org to register an account first User test1 register a Dynamic Domain Names in DDNS provider http www dyndns org DDNS www hometest com using username password test test ...

Page 112: ...n available Rule Index The numeric rule indicator Active Yes to activate the rule Secure IP Address The default 0 0 0 0 allows any client to use this service to manage the MX 200 Type an IP address range to restrict access to the client s without a matching IP address Application Choose a service that you want to all access to all the secure IP clients The drop down menu lists all the common used ...

Page 113: ...Device Configuration Access Management Access Control 109 BEC MX 200 User Manual Default Rule 2 Index 2 an ACL rule to open Ping to WAN side ...

Page 114: ...ecting Black List Interface Select to determine which interface the rule will be applied to Direction Select to determine whether the rule applies to outgoing packets incoming packets or packets of both directions Type Choose type of field you want to specify to monitor Select IPv4 for IPv4 address port number and protocol Select IPv6 for IPv6 address port number and protocol Select MAC for MAC ad...

Page 115: ...at the rule applies to IP MAC Filter Listing Index The numeric rule indicator Active Whether the connection is currently active Interface show the interface the rule applied to Direction show the direction the rule applied to Source IP IPv6 Address Mask Prefix The source IP address or range of packets to be monitored Destination IP IPv6 Address Mask Prefix This is the destination subnet IP address...

Page 116: ...Application Filter Select this option to Activated Deactivated the Application filter ICQ Select this option to Allow Deny ICQ MSN Select this option to Allow Deny MSN YMSG Select this option to Allow Deny Yahoo messenger Real Audio Video RTSP Select this option to Allow Deny Real Audio Video RTSP Click Save to apply the settings ...

Page 117: ...ific URL access individually for example you want to prohibit access to www yahoo com please first press Activated in URL Filter field and also Yes in Individual Active field if some time you want to allow access to this URL you simply select No in individual active field In a word the command serves as a switch to the access of some specific URL with the filter on URL Host Specified URL which is ...

Page 118: ...ies grew as well e g modems routers gateways set top box VoIP phones At the same time the configuration of this equipment became more complicated too complicated for end users For this reason TR 069 was developed It provides the possibility of auto configuration of the access types Using TR 069 the terminals can get in contact with the Auto Configuration Servers ACS and establish the configuration...

Page 119: ...e inform interval time sec which CPE used to periodically send inform message to automatically connect to ACS When the inform interval time arrives the CPE will send inform message to automatically connect to ACS NATT Config This is a proprietary feature provided by BEC May leave them in blank no configuration is required NATT Server By BEC administrator only NATT Period By BEC administrator only ...

Page 120: ...urity and control the contents for children at home To activate this feature please log on to www opendns com to get an OpenDNS account first Parent Control Provider Hosted by www opendns com Parent Control Enable the feature by clicking the Activated Host Name It is the domain name of your OpenDNS If you don t have one please leave it blink Username Password Put down your OpenDNS account username...

Page 121: ...allow other users to access to The User account is with limited access specified by advanced users with admin account to the GUI Total of 8 accounts can be created to grant access to manage the MX 200 via the web page Administrator Account admin admin is the root default account username and password NOTE This username password may vary by different Internet Service Providers Login using the Admin...

Page 122: ...rname Create account s user name for GUI management New Password Password for the user account Confirm Password Re enter the password Web GUI Permission Guest Account Enable to create this new guest account Interface Setup Advanced Setup Access Management Setup Maintenances Enable to grant this user access to these features When someone accesses to the MX 200 using this user account he she can onl...

Page 123: ... get the current time from an SNTP server outside your network then choose your local time zone After a successful connection to the Internet MX 200 will retrieve the correct local time from the SNTP server this is specified PC s Clock To synchronize time with the PC s clock Manually Select this to enter the SNMP server IP address manually Time Zone Choose the time zone of your location This will ...

Page 124: ...ser Manual License Some of the advanced features are required for a license For more information please contact with Billion BEC for more information Input your license key here and click Upgrade to enable the features NOTE Device will reboot after the upgrade ...

Page 125: ...device with the current settings automatically when finishing upgrading Factory Default Settings Restart the device with factory default settings automatically when finishing upgrading File Type in the location of the file you want to upload in this field or click Browse to find it Choose File Click Choose File to find the configuration file or firmware file you want to upload Remember that you mu...

Page 126: ... the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to restore to factory default settings You may also restore your router to factory settings by holding the small Reset pinhole button on the back of your router in about more than 6s seconds whilst the router is turned on ...

Page 127: ...r MX 200 to ensure proper operation and best performance This reboot will only reboot with current configuration settings and not overwrite any existing settings Click Save to apply the settings Example Schedule MX 200 to reboot at 10 00pm 22 00 every weekday Monday thru Friday and reboot at 9 00am on Saturday and Sunday ...

Page 128: ...he Diagnostic Test page shows the test results for the connectivity of the physical layer and protocol layer for both LAN and WAN sides 3G 4G LTE EWAN LAN1 Ping other IP Address Click Yes if you wish to ping other IP address rather than google com Click START to begin to diagnose the connection ...

Page 129: ...lease contact your service provider or BEC for technical support You have forgotten your login username or password Try the default username admin and password admin If this fails you can restore your router to its factory settings by pressing the reset button on the device rear side Problem with LAN Interface Problem Suggested Action Cannot PING any PC on LAN Check the Ethernet LEDs on the front ...

Page 130: ...ing step by step guide 1 Power the router off 2 Press reset button and power on the router once the Power lights Red keeping press reset button over 6 seconds 3 Internet LED flashes Green router entering recovery procedure and router s IP will reset to Emergency IP address Say 192 168 1 1 4 Open browser and access http 192 168 1 1 to upload the firmware 5 Internet LED lit Red and router starts to ...

Page 131: ...nual APPENDIX PRODUCT SUPPORT CONTACT If you come across any problems please contact the dealer from where you have purchased the product Contact BEC http www bectechnologies net MAC OS is a registered Trademark of Apple Computer Inc ...

Page 132: ...ient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device m...

Reviews:

No comments

Related manuals for MX-200

Abus TVVR36500 User Manual preview
TVVR36500
Brand: Abus Pages: 60
MicroNet BroadLink SP3353 Installation Manual preview
BroadLink SP3353
Brand: MicroNet Pages: 66
Aruba IntroSpect Analyzer 2 Series Quick Start Manual preview
IntroSpect Analyzer 2 Series
Brand: Aruba Pages: 5
IBM 8677 - BladeCenter Rack-mountable - Power Supply Planning And Installation Manual preview
8677 - BladeCenter Rack-mountable - Power Supply
Brand: IBM Pages: 126
Techroutes TSR 2800-30 Hardware Installation Manual preview
TSR 2800-30
Brand: Techroutes Pages: 20
AC&NC JetStor NAS 724UX User Manual preview
JetStor NAS 724UX
Brand: AC&NC Pages: 117
Xantech IR-X10 Installation Instructions Manual preview
IR-X10
Brand: Xantech Pages: 16
Quatech Device Server User Manual preview
Device Server
Brand: Quatech Pages: 98
Teltonika RUT955 User Manual preview
RUT955
Brand: Teltonika Pages: 12
Foxconn RAID Foldout Introduction preview
RAID Foldout
Brand: Foxconn Pages: 1
National Instruments NI 653x User Manual preview
NI 653x
Brand: National Instruments Pages: 147
National Instruments FIELD POINT Installation Manual preview
FIELD POINT
Brand: National Instruments Pages: 4
SeaLevel 2423 User Manual preview
2423
Brand: SeaLevel Pages: 25
National Instruments NI ELVIS III Getting Started preview
NI ELVIS III
Brand: National Instruments Pages: 37
IC Realtime Network Video Recorder User Manual preview
Network Video Recorder
Brand: IC Realtime Pages: 118
IC Realtime Mobile Network Video Recorder User Manual preview
Mobile Network Video Recorder
Brand: IC Realtime Pages: 158
Ecos SECURE BOOT STICK FX Administrator'S Manual preview
SECURE BOOT STICK FX
Brand: Ecos Pages: 22
Fujitsu PCNA EP OCe14102 Installation Manual preview
PCNA EP OCe14102
Brand: Fujitsu Pages: 20

Brands by name

Popular brands

Load more brands