background image

CRADLEPOINT 

CBR400| USER MANUAL Firmware ver. 3.3.0 

© 2011 

CRADLEPOINT, INC.                                        PLEASE VISIT 

HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/

 FOR MORE HELP AND RESOURCES 

 

 

 

 PAGE 118  

 

7.7.7

 

Global VPN Settings 

These  settings  apply  to  all  configured  VPN  tunnels.  Changing  the  Global  VPN  Settings  is  rarely  necessary;  the  default 
values are almost always sufficient. 

 

 

IKE / ISAKMP Port:

 Internet Key Exchange / Internet Security Association and Key Management Protocol port. 

Default: 500. This is a standard VPN port that usually does not need to be changed. 

 

IKE / ISAKMP NAT-T Port:

 Internet Key Exchange / Internet Security Association and Key Management Protocol 

network address translation traversal port. Default: 4500. This is a standard VPN NAT-T port that usually does not 
need to be changed. 

 

NAT-T KeepAlive Interval:

 Default: 20 seconds. Range: 0-3600 seconds. 20 seconds will be sufficient in almost 

all cases. 

 

Tunnel Connect Retry:

 Default: 30 seconds. Range: 10-255 seconds. 30 seconds will be sufficient in almost all 

cases. 

 

 

Summary of Contents for CBR400

Page 1: ......

Page 2: ... Sept 30 2011 Initial release for Firmware version 3 3 0 Jeremy Cramer Trademarks CradlePoint and the CradlePoint logo are registered trademarks of CradlePoint Inc in the United States and other countries All other company or product names mentioned herein are trademarks or registered trademarks of their respective companies Copyright 2011 by CradlePoint Inc All rights reserved This publication ma...

Page 3: ...RD 33 5 3 GPS 36 5 4 GRE TUNNELS ADVANCED MODE ONLY 37 5 5 INTERNET CONNECTIONS 38 5 6 STATISTICS 49 5 7 SYSTEM LOGS 50 5 8 VPN TUNNELS ADVANCED MODE ONLY 51 6 NETWORK SETTINGS 52 6 1 CONTENT FILTERING 53 6 2 DHCP SERVER ADVANCED MODE ONLY 56 6 3 DNS ADVANCED MODE ONLY 57 6 4 FIREWALL ADVANCED MODE ONLY 60 6 5 MAC FILTER 65 6 6 ROUTING ADVANCED MODE ONLY 66 6 7 WIFI LOCAL NETWORKS 67 6 8 WIPIPE QO...

Page 4: ...GE 2 8 2 DEVICE ALERTS ADVANCED MODE ONLY 131 8 3 HOTSPOT SERVICES ADVANCED MODE ONLY 133 8 4 MANAGED SERVICES ADVANCED MODE ONLY ASK YOUR CRADLEPOINT SALES REPRESENTATIVE FOR DETAILS 137 8 5 SYSTEM CONTROL 138 8 6 SYSTEM SOFTWARE 139 9 GLOSSARY 140 10 APPENDIX 154 10 1 REGULATORY INFORMATION 154 10 2 WARRANTY INFORMATION 154 10 3 SPECIFICATIONS 155 ...

Page 5: ...FLEXIBLE RELIABLE SECURE The CradlePoint Compact Broadband Router CBR400 provides advanced support for distributed operations and emerging industries that require flexible reliable and secure internet access such as temporary internet installations additional network bandwidth or for kiosks digital signage and other Machine to Machine M2M applications FEATURE RICH The CBR400 is a feature rich busi...

Page 6: ...ardized platform and centralized remote management IP passthrough Compatible with Cisco SonicWall and other VPN termination systems Establish continuous uptime with optimum total cost of ownership for broad deployment Centralize the administration and monitoring of distributed routers using WiPipe Central Simple to install configure and maintain with minimal impact on IT Virtual LAN capabilities D...

Page 7: ...3 2 WiPipe Central CradlePoint s cloud based router management service allows for remote monitoring configuration and firmware updates of deployed routers like the CBR400 WiPipe Central drastically simplifies router administration for businesses using multiple routers WiPipe Central can be purchased separately at http cradlepoint com support wipipe central ...

Page 8: ...CRADLEPOINT CBR400 USER MANUAL Firmware ver 3 3 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 6 2 HARDWAREOVERVIEW ...

Page 9: ...2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 7 2 1 Ports Buttons and Switches 3G 4G USB Modem Port Insert a modem with an active data plan as one possible internet source Power On Off 1 On 0 Off ...

Page 10: ...t can be reconfigured as a WAN Wide Area Network your internet source port in Network Settings WiFi Local Networks Connect to local devices with the LAN setting or connect to an Ethernet based modem with the WAN setting Power 12v DC Connect the included power supply to the wall and your CBR400 ExpressCard Modem Port Insert a modem with an active data plan as one possible internet source ExpressCar...

Page 11: ...tton This button is recessed so it requires a pointed object such as a paper clip to press Press and hold for 10 seconds to initiate reset 3G 4G Modem Signal Strength Button When pressed the bar LEDs indicate signal strength from the USB or ExpressCard modems The signal strength is shown for 10 seconds if the modem does not support concurrent data connection and signal strength measurement Tapping...

Page 12: ... Router on No light Router off Ethernet Green Ethernet connected Blinking green Ethernet activity No light Ethernet disconnected or link failure WiFi Green WiFi on and operating normally No light WiFi radio off by administration setting USB Status Green Active data connection Blinking green Connecting Blinking amber Cellular data connection error No light Modem disconnected ...

Page 13: ...tion error No light Modem disconnected Modem Signal Strength Green Active data connection Blinking green Connecting Blinking amber Cellular data connection error No light Modem disconnected Modem Signal Strength These bars indicate modem signal strength when the signal strength button is momentarily depressed Additional LED Indications Factory reset button detected WiFi and USB LEDs blink amber tw...

Page 14: ...tion in Network Settings WiFi Local Networks or connect to an available WiFi source see Internet WiFi as WAN Settings to enable WiFi as WAN For Failover Failback functionality you will need at least two of these sources for example one Ethernet source and one USB modem 1 Connect the 12v DC power adapter to the router and a power source Flip the power switch to the ON position this should illuminat...

Page 15: ...ork will appear on the list select this network 2 Log in You will need to input the Default Password when prompted The Default Password is the last eight digits of the router s MAC address which can be found on the product box or on the product label on the bottom of the router NOTE If more than one CBR400 wireless router is visible you can find the correct unit by checking for its SSID service se...

Page 16: ...eed to log in to the administration pages Access your router s Administrator Login screen by opening a web browser window and typing cp your network s default hostname or the IP address 192 168 0 1 into the address bar Enter your Default Password This password can be found on the bottom of the CBR400 as the last eight digits of the MAC address Then click the LOGIN button When you log in for the fi...

Page 17: ... the Security Mode password If so you will need to reconnect to the CBR400 network Find the network Look for your new personalized network name or the default SSID of the form CBR400 xxx Log in using your new personalized WiFi security password or the Default Password found the bottom of the router as the last eight digits of the MAC address Your network should now be up and running and users who ...

Page 18: ...is having trouble connecting to the CBR400 Insert your USB data modem into your PC and access the internet using the software provided by your cellular carrier Follow the directions provided to complete the update Once you have updated your USB data modem reconnect the cellular device to your CradlePoint router and connect to the internet If you are using a 4G WiMAX modem you need to set the WiMAX...

Page 19: ...may need to plug your modem directly into your computer if you don t have another way to access the internet to download the latest firmware for the router go to http www cradlepoint com support cbr400 and scroll over firmware at the bottom of the page Then log in to the router administration pages and manually upload the firmware Go to System Settings System Software and click on Manual Firmware ...

Page 20: ...ternet The status LEDs of your router will give you an indication whether or not a proper connection is being made If the USB data modem LEDs are not illuminated your modem is not connected and online You may need to update firmware Refer to the previous section Your USB or ExpressCard Modem Does Not Work With The Router If you are still not online after updating call CradlePoint Technical Support...

Page 21: ...es The interface is organized with a button for toggling between Basic Mode and Advanced Mode and 5 tabs at the top of the screen Getting Started Status Network Settings Internet System Settings Web Interface Essentials contains the following sections to help you more quickly and easy navigate these administration pages 4 1 Administrator Login 4 2 Getting Started First Time Setup 4 3 Quick Links 4...

Page 22: ...4 1 Administrator Login To access the administration pages open a Web browser and type the hostname cp or IP address http 192 168 0 1 into the address bar The Administrator Login page will appear Log in using your administrator password Initially this password can be found on the bottom of the CBR400 unit as the last eight digits of the unit s MAC address ...

Page 23: ...ctory defaults When you reset the router the administrator password will revert back to the Default Password Press and hold the reset button on the router unit until the lights flash 10 seconds You can then log in using the Default Password 4 1 1 Router Details The Administrator Login page includes a section that shows the following Router Details Model Number CBR400 WiFi Status The number of clie...

Page 24: ... bar Press enter return 2 When prompted for your password type the eight character Default Password found on the product label on the bottom of the CBR400 as the last 8 digits of the router s MAC address 3 When you log in for the first time you will be automatically directed to the FIRST TIME SETUP WIZARD Otherwise go to Getting Started First Time Setup 4 CradlePoint recommends that you change the...

Page 25: ...devices and is the most secure but may not connect to older devices or some handheld devices such as a PSP GOOD WPA1 WPA2 Select this option if your wireless adapters support WPA or WPA2 This is the most compatible with modern devices and PCs POOR WEP Select this option if your wireless adapters only support WEP This should only be used if a legacy device that only supports WEP will be connected t...

Page 26: ...ct devices to the router s WiFi broadcast once the security settings have been saved WPA Password The WPA Password must be between 8 and 64 characters long A combination of upper and lower case letters along with numbers and special characters is recommended to prevent hackers from gaining access to your network WEP Key A WEP Key must be either a hexadecimal value of 5 or 13 characters or a text v...

Page 27: ...ures that the modem when attached to the router will properly connect to your carrier s wireless broadband service The CBR400 will default to the Sprint Realm Select your carrier from the dropdown menu options shown below Clear clearwire wmx net Rover rover wmx net Sprint 3G 4G sprintpcs com Xohm xohm com BridgeMAXX bridgeMAXX com Time Warner Cable mobile rr com Comcast mob comcast net NOTE If you...

Page 28: ...sword and WPA password or WEP key Move your mouse over the passwords to selectively reveal each password Please record these settings for future access You may need this information to configure other wireless devices NOTE If you are currently using the CBR400 WiFi network reconnect your devices to the network using the new wireless network name and security password Click APPLY to save the settin...

Page 29: ...nformation about the router The black bar across the top provides quick access to important information and controls Internet Connection This links to the Connection Manager Internet Connection Manager where you can manage your internet sources Click on the image of four signal bars to open a Modem Connection Quality popup window that shows the strength of your internet signal WiFi Clients Click t...

Page 30: ...m Settings Basic Mode First Time Setup WiFi Protected Setup Client List Dashboard GPS Internet Connections Statistics System Logs Content Filtering MAC Filter WiFi Local Networks Connection Manager Ethernet Settings Modem Settings Administration System Control System Software Advanced Mode also includes all options in Basic Mode GRE Tunnels VPN Tunnels DHCP Server DNS Firewall Routing WiPipe QoS D...

Page 31: ...outer s source of internet while the Network Settings tab broadly refers to the network created by the router The following chart highlights this difference Network Settings tab Internet output Network created by CBR400 LAN Local Area Network Internet tab Internet input Source for CBR400 WAN Wide Area Network Examples If you want to change the content filtering settings for the network created by ...

Page 32: ...COM FOR MORE HELP AND RESOURCES PAGE 30 5 STATUS The Status tab displays information no adjustments can be made from within these pages It provides access to 8 submenu options Client List Dashboard GPS GRE Tunnels Internet Connections Statistics System Logs VPN Tunnels GRE Tunnels and VPN Tunnels Advanced Mode only ...

Page 33: ...n 20 MHz 130 Mbps 26 dBm 802 11n The transmission standard being used by the client Possible values include 802 11a 802 11b 802 11g and 802 11n 802 11n is the newest and best standard but some older devices may not support it 20 MHz This is the channel width that defines the theoretical data rate in megahertz that the attached computer or device can send to or receive from the router The channel w...

Page 34: ...lliwatt This expresses theoretical best quality The value is given as a negative exponent 20 is a very good value while 80 is relatively poor Signal quality can be reduced by distance by interference from other radio frequency sources such as cordless telephones or neighboring wireless networks and by obstacles between the router and the wireless device Time Online Simply the amount of time the de...

Page 35: ...formation and or configuration options click on the Detailed Info link beside the category title For each category this links to Router Information o System Settings Administration Internet o Internet Connection Manager Local Networks o Network Settings WiFi Local Networks WiFi Networks o Network Settings WiFi Local Networks After the initial setup of the router every time you log in you will auto...

Page 36: ... Settings System Software Internet Detailed Info links to Internet Connection Manager State Connected Disconnected Signal Strength Expressed as a percentage Signal Strength is not included if Ethernet is the WAN type WAN Type Ethernet Modem or WiFi as WAN Connected Time The time the current Internet source WAN has been connected IP Address Gateway DNS Servers For general configuration options see ...

Page 37: ...Passthrough Hotspot or Disabled o Access Admin Access LAN Isolation UPnP Universal Plug and Play and or DHCP To configure a network see Network Settings WiFi Local Networks WiFi Networks Detailed Info links to Network Settings WiFi Local Networks WiFi Radio Channel 1 11 Transmit Power Expressed as a percentage For each WiFi network the following information is displayed SSID Service Set Identifier...

Page 38: ...ee the GPS section in System Settings Administration to enable GPS support GPS information is only displayed if 1 the modem supports GPS 2 your carrier allows the GPS functionality and 3 the modem has sufficient GPS signal strength If no information is displayed check that both the modem and your carrier support GPS 1 If GPS is supported make sure the modem is in an area where it can receive a sig...

Page 39: ... HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 37 5 4 GRE Tunnels Advanced Mode only View the status of configured GRE Tunnels To set up or edit a GRE tunnel go to Internet GRE Tunnels Included information Name Status Transmit packets bytes Receive packets bytes ...

Page 40: ...e of these devices to see detailed information about that particular device For each type of device different information will be included in the Device Information section Possible devices include Ethernet WiFi GSM Modem EVDO Modem WiMAX Modem LTE Modem Depending on the device possible information will be in the following sections Diagnostics General Information IP Information and Statistics For ...

Page 41: ...AND RESOURCES PAGE 39 5 5 1 Ethernet Diagnostics Connection State connected idle etc Connection Uptime General Information Type Ethernet Product Built in Ethernet Protocol Ethernet Static Unique Identifier Port IP Information Netmask IP Address Gateway Statistics Outgoing Bits Second Incoming Bits Second Incoming Bytes Outgoing Bytes ...

Page 42: ... INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 40 5 5 2 WiFi as WAN Diagnostics Connection State connected idle etc General Information Product Wireless As WAN Unique Identifier Type wwan IP Information Netmask IP Address Gateway ...

Page 43: ...Diagnostics Signal Error Rate Modem Firmware Version Battery Status Battery Level Carrier Status Signal Strength dBm PIN Status Connection State connected idle etc General Information Product Nokia Datacard Protocol PPP Unique Identifier ESN IMEI Model Nokia Internet Stick CS 18 Type modem Port Manufacturer Nokia IP Information Netmask IP Address Gateway Statistics Outgoing Bits Second ...

Page 44: ...ADLEPOINT CBR400 USER MANUAL Firmware ver 3 3 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 42 Incoming Bits Second Incoming Bytes Outgoing Bytes ...

Page 45: ... Firmware Version PRL Version Service Display EVDO Carrier Status Signal Strength dBm Connection Type CDMA Connection State connected idle etc General Information Product MC769 COMCAST Protocol PPP Unique Identifier ESN IMEI Model MC760 COMCAST Type modem Port Manufacturer Novatel Wireless Inc IP Information Netmask IP Address Gateway Statistics Outgoing Bits Second Incoming Bits Second Incoming B...

Page 46: ...CRADLEPOINT CBR400 USER MANUAL Firmware ver 3 3 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 44 Outgoing Bytes ...

Page 47: ...h data the router can download or send You can place the router in different locations to see where you get better signal You can also see a LED display of the current signal strength Pressing the router s Signal Strength button will toggle the LED display on and off Base Station ID BSID Signal Strength dBm Center Frequency Calibration Status Don t worry if this says the modem is not calibrated Mo...

Page 48: ... 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 46 Type WiMAX Port Manufacturer Franklin Wireless Corporation Statistics Outgoing Bits Second Incoming Bits Second Incoming Bytes Outgoing Bytes ...

Page 49: ...S PAGE 47 5 5 6 LTE Modem PANTECH UML290 Diagnostics Home Address MN HA SPI Modem Firmware Version Battery Status MN HA SS Network Address Identifier NAI Signal Strength dBm Rev Tun Battery Level Secondary Home Agent Service Display LTE Primary Home Agent Carrier Status Profile MN AAA SPI PIN Status MN AAA SS Connection State connected idle etc ...

Page 50: ...COM FOR MORE HELP AND RESOURCES PAGE 48 General Information Product PANTECH UML290 Protocol IP DHCP Unique Identifier ESN IMEI Model UML290VW Type modem Port Manufacturer Pantech Incorporated IP Information Netmask IP Address Gateway Statistics Outgoing Bits Second Incoming Bits Second Incoming Bytes Outgoing Bytes ...

Page 51: ...rmation that has been sent or received Packets The number of network packets that have been sent or received Errors The number of network packets that failed to be sent or received NOTE Data Packets and Errors statistics include only the numbers since the router was most recently turned on or reset not lifetime for the router Reset All Press this button to zero all statistics Counting restarts imm...

Page 52: ...n easily find relevant messages This router also has external Syslog Server support so you can send the log files to a computer on your network that is running a Syslog utility Auto Update The logs automatically refresh whenever the router creates a new message Update Click to check for new router messages Save log to a file This will open a dialog in your browser that will allow you to save the r...

Page 53: ... KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 51 5 8 VPN Tunnels Advanced Mode only View the status of configured VPN tunnels To set up or edit a VPN tunnel go to Internet VPN Tunnels Included information Name Connections Status Protocols Transferred Direction Time Online ...

Page 54: ...Network Settings tab provides access to 8 submenu options for administering the following functions tasks These functions are all related to controlling the LAN Local Area Network the network you set up with the CBR400 Content Filtering DHCP Server DNS Firewall MAC Filter Routing WiFi Local Networks WiPipe QoS DHCP Server DNS Firewall Routing and WiPipe QoS Advanced Mode only ...

Page 55: ...om for example or allowed exclusively your company s website for example 2 OpenDNS Content Filtering Allows several options for filtering rules To create Domain URL Filter Rules simply input one or more website domain names or URLs By default these websites will be disallowed as part of a Blacklist You can change this to a Whitelist to exclusively allow these sites Enable Whitelist Domain URL filt...

Page 56: ...and tasteless content Best Filters more nudity sexuality and tasteless content Selecting Best will filter all content that is deemed adult content by OpenDNS Custom Custom OpenDNS settings See below for more information In addition to the standard filtering levels you have the following options for filter control Custom OpenDNS To use the Custom OpenDNS setting you need to first create an OpenDNS ...

Page 57: ...NS O MATIC using your OpenDNS credentials and Add A Service for the network specified above Enable OpenDNS ISP Filter Bypass Algorithm It is possible that your Internet Service Provider ISP uses the port that OpenDNS is configured to access port 53 which will prevent OpenDNS filtering If OpenDNS does not appear to be working correctly enabling this will attempt to bypass those ports when using an ...

Page 58: ...network Reservations This option lets you reserve IP addresses you can assign the same IP address to the network device with the specified MAC address any time it requests an IP address This is almost the same as when a device has a static IP address except that the device must still request an IP address from the router The router will provide the device the same IP address every time DHCP Reserv...

Page 59: ... your dynamically assigned IP address Known Hosts Configuration Allows you to map a name printer scanner laptop etc to an IP address of a device on the network 6 3 1 DNS Settings You have the option to choose specific DNS servers for your network instead of using the DNS servers assigned by your internet provider The default DNS servers are usually adequate You may want to assign DNS servers if th...

Page 60: ...n domain name and registered with a Dynamic DNS service provider Server Type Select a Dynamic DNS service provider from the pull down list www DynDNS org www DNSomatic com www ChangeIP com www NO IP com Custom Server DynDNS clone Custom Server Address Only available if you select Custom Server from the Server Address dropdown list Enter your custom dynamic DNS server address here The server must s...

Page 61: ...ss is by going to http myip dnsomatic com in a web browser 6 3 4 Known Hosts Configuration The Known Hosts Configuration feature allows you to map a name printer scanner laptop etc to an IP address of a device on the network This assigns a new hostname that can be used to conveniently identify a device within the network such as an office printer Click Add to name a device in your network Fill in ...

Page 62: ...pplications need to selectively open ports in the firewall to function correctly The options on this page control ways of opening the firewall to address the needs of specific types of applications 6 4 1 Port Forwarding Rules A port forwarding rule allows traffic from the internet to reach a computer on the inside of your network For example a port forwarding rule might be used to run a Web server...

Page 63: ...wn menu or manually input the IP address of a device Local Port s The port number s that corresponds to the service Web server FTP etc on a local computer or device For example you might input 80 in the Local Port s field to open a port for a Web server on a computer within your network The Internet Port s field could then also be 80 or you could choose another port number that will be used across...

Page 64: ...lter rule you can restrict the access to your LAN to only known devices Name Name your rule Direction Incoming or Outgoing Action Allow or Deny Start Port Use for a single port or a range of ports End Port Use for a single port or a range of ports Network Address Subnet Mask Use Start Port End Port Network Address and Subnet Mask to specify the ports and addresses for which the rule applies You ca...

Page 65: ...ADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 63 Start Port 80 End Port 80 Network Address 172 22 24 160 Johnny s IP address Subnet Mask 255 255 255 255 This subnet mask restricts the rule to one single address ...

Page 66: ...ork Only use DMZ as a last resort 6 4 4 Firewall Options Anti Spoof Anti Spoof checks help protect against malicious users faking the source address in packets they transmit in order to either hide themselves or to impersonate someone else Once the user has spoofed their address they can launch a network attack without revealing the true source of the attack or attempt to gain access to network se...

Page 67: ...less LAN Enabled Click to allow MAC Filter options Whitelist Select either Whitelist or Blacklist from a dropdown list By default the list of addresses is designated a white list Deselecting White List turns the list of addresses into a disallowed black list MAC Filter List Whitelist or Blacklist Add devices to either your white list or black list simply by inputting each device s MAC address NOTE...

Page 68: ...estination Click Add to create a new static route IP Network Address The IP address of the target network or host Type Select from a dropdown list to specify the type of the target Network Host Netmask The Netmask along with the IP address defines the network the computer belongs to and which other IP addresses the computer can see in the same LAN An IP address of 192 168 0 1 along with a Netmask ...

Page 69: ...e a LAN s IP address devices within that network will lose connection They will have to reconnect to the network The CBR400 includes these options 2 SSIDS VLAN virtual LAN NAT less routing The user can set up multiple networks each with its own unique configuration and its own selection of interfaces Each local network can be attached to any of the following types of interfaces WiFi Ethernet VLAN ...

Page 70: ...d to configure a new network or select an existing network and click Edit to view configuration options HotSpot Captive Portal When you set a network as a Hotspot under Routing Mode you will also need to make sure to 1 Configure hotspot settings under System Settings Hotspot Services Click on Configure to link to that page 2 If you want a hotspot that includes WiFi set one of your WiFi interfaces ...

Page 71: ...hostname IP Address This is the address used by the router for local area network communication Changes to this parameter may require a restart to computers on this network Each network must have a distinct IP address Most users will want an address from one of the following private IP ranges 10 0 0 1 10 255 255 1 172 16 0 1 172 31 255 1 192 168 0 1 192 168 255 1 NOTE The final number does not hav...

Page 72: ...d Hotspot Provide Hotspot Services on this network requiring Terms of Service or RADIUS UAM authentication before WAN access will occur on both wireless and wired LAN connections To enable a Hotspot you must also configure your Hotspot settings under System Settings Hotspot Services Disabled Disable this network Interfaces Select network interfaces to attach to this network Choose from WiFi Ethern...

Page 73: ...his network to match the intended use Simply select or deselect any of the following LAN Isolation When checked this network will NOT be allowed to communicate with other local networks UPnP Gateway Select the UPnP Universal Plug and Play option if you want to enable the UPnP Gateway service for computers on this network Admin Access When enabled users may access these administration pages on this...

Page 74: ... and Range End These designate the range of values in the reserved pool of IP addresses for the DHCP server Values within this range will be given to any DHCP enabled computers on your network The default values are almost always sufficient default 72 to 200 as in 192 168 0 72 to 192 168 0 200 Example The CBR400 uses an IP address of 192 168 0 1 for its primary network by default A computer design...

Page 75: ...d to a network in the Local Network Editor see above Select from the following tabs Wireless WiFi Network Settings Ethernet Port Configuration VLAN Interfaces Wireless WiFi Network Settings The CBR400 can broadcast two SSIDs service set identifiers the names for WiFi networks One primary WiFi network is enabled by default while you may have enabled a second guest network when using the First Time ...

Page 76: ...uter broadcasts its SSID It is somewhat harder for hackers to find and attack a router that is not broadcasting its SSID which adds to the wireless security but it is also more difficult for friendly users to attach to a WiFi network with a hidden SSID Isolate Select this to isolate all wireless clients so they cannot directly communicate with each other on the wireless network WMM WiFi Multimedia...

Page 77: ...p options Personal security modes require passwords Enterprise security modes are linked to a RADIUS server and require RADIUS authentication IP Port and Shared Key WPA2 Personal or Enterprise forces AES as the WPA Cipher WPA WPA2 and WPA Personal or Enterprise allow AES TKIP AES and TKIP WEP Auto requires a WEP Key Open has no password or other security measures NOTE If you don t know whether you...

Page 78: ...TTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 76 NOTE If you select one of the security modes and are unable to connect to the router afterwards you can use the reset buttons to reset the router to its factory default state and try a different security mode instead ...

Page 79: ...N Local Area Network Internet WAN is used to connect to another network such as a hotel or office wired network The WAN connection is used as a possible source of internet for the CBR400 Local Network LAN is for connecting a computer or similar device directly to the router with an Ethernet cable NOTE When a port group uses the LAN mode you must separately ensure that this logical interface is att...

Page 80: ...t routers because it has only one port However you can still change the port group ID for your Ethernet port Port Group ID The Port Group ID field provides a reference for a port group to be used in other parts of the router configuration For example this ID is referenced in the Local IP Networks configuration to attach this Ethernet port with a network configuration Use a simple short text phrase...

Page 81: ...and a group of Ethernet ports through which users can access the VLAN Then go back up to the Local Network Editor to attach your new VLAN to a network To use a VLAN the VID must be shared with another router or similar device so that multiple physical networks have access to the one virtual network Click Add to create a new VLAN interface VLAN Editor VID An integer value that is the Virtual LAN ID...

Page 82: ... Channel Select to randomize the WiFi channel This makes it less likely that the wireless signal from this router will conflict with another router in the same area Optimize WiFi WiMAX coexistence Shows if Random Channel is selected Setting this will lessen any possible conflict with WiFi and an attached WiMAX modem If a WiMAX modem is attached to the router when the WiFi is enabled the WiFi chann...

Page 83: ...e client it will disconnect it after this timeout in seconds TX Power Normally the wireless transmitter operates at 100 power In some circumstances however there might be a need to isolate specific frequencies to a smaller area By reducing the power of the radio you can prevent transmissions from reaching beyond your corporate home office or designated wireless area RTS Threshold When an excessive...

Page 84: ...for easy and secure establishment of a wireless network It can be used instead of passwords when connecting clients that support WPS Short Slot Slot Time is the period wireless clients use in determining if the channel is free for transmission Enabling this value allows clients that can utilize a shorter time to do so Disabling this option forces all clients to use a longer backoff check and thus ...

Page 85: ...eld Mode Greenfield mode uses an 802 11n only preamble to transmit packets that older wireless clients cannot interpret Use of greenfield mode in a mixed 802 11 environment may result in degraded performance but can improve performance if all devices in the area are 802 11n compatible RADIUS Timeout Default 3600 seconds When using an Enterprise security mode clients will be forced to re authentica...

Page 86: ...the flow of outbound traffic so as not to exceed the WAN uplink bandwidth Default Uplink Speed By default the Uplink Speed values are set as fast as possible Click to deselect default values if you want to restrict the maximum uplink speed for the internet source s you are using 4G Modem Ethernet 3G Modem and or WiFi You might do this to reduce overall bandwidth use for cost reasons or to prioriti...

Page 87: ...c type of message that uses a specific protocol Priority The priority of the message flow is entered here 15 receives the highest priority most urgent and 0 receives the lowest priority least urgent Enable Specifies whether the entry will be active or inactive Click Next to continue to the next page Example You sometimes work from home and you share bandwidth with your children You can set a rule ...

Page 88: ...ddress and or any port number All fields are optional Local Start Port and Local End Port The rule applies to a flow of messages whose LAN side port number is within the range set here Local IP Address The rule applies to a flow of messages with this LAN side IP address Local Netmask The rule applies to a flow of messages with this LAN side netmask Example continued from previous page To select yo...

Page 89: ...are optional Remote Start Port and Remote End Port The rule applies to a flow of messages whose WAN side port number is within the range set here Remote IP Address The rule applies to a flow of messages with this WAN side IP address Remote Netmask The rule applies to a flow of messages with this WAN side Netmask Submit Click to record the changes you have made Example continued from previous page ...

Page 90: ...URCES PAGE 88 7 INTERNET The Internet tab provides access to 8 submenu items for managing a variety of internet connection options Connection Manager Data Usage Ethernet Settings GRE Tunnels Load Balance Modem Settings VPN Tunnels WiFi as WAN Settings Data Usage GRE Tunnels Load Balance VPN Tunnels and WiFi as WAN Settings Advanced Mode only ...

Page 91: ...ity arrows the arrows in the red boxes these show if you have more than one available interface you can set the interface the router uses by default and the order that it allows failover To configure a specific interface use the settings page for that type of interface e g Ethernet Settings page for wired connections In the example shown Ethernet is set as the primary internet source while a USB m...

Page 92: ...h to the next highest priority interface available If this is not selected the router will still failover to the next highest priority interface but only after the user has attempted to get out to the internet and failed Idle Check Interval The amount of time between each check Default 30 seconds Range 10 3600 seconds ICMP Ping Check and Ping IP Address Enable and configure an IP address that the ...

Page 93: ...Rate 20 KB s Time Period 90 seconds Low Rate 10 KB s Time Period 240 seconds Custom Rate range 1 100 KB s Time Period range 10 300 seconds Time Fail back only after a set period of time Default 90 seconds Range 10 300 seconds This is a good setting if you have a primary wired WAN connection and only use a modem for failover when your wired connection goes down This ensures that the higher priority...

Page 94: ...le to shut down use of a modem and or send a message when you reach a data usage amount you set Enable Data Usage Enabled Disabled Default Disabled When you select Enabled you will see the Data Usage Agreement shown to the right The purpose of this agreement is to ensure that you understand that the data numbers for the CBR400 may not perfectly match those of your carrier CradlePoint cannot be hel...

Page 95: ... Enabled True False Date for Rule Reset Cycle Type Daily Weekly or Monthly Cap Amount in MB Current Usage Shown as an amount in MB as a percentage of the cap and in a bar graph Click Add to configure a new Data Usage Rule Usage Rule Configuration page 1 Rule Name Give your rule a name for later recognition WAN Selection Select from the dropdown list of currently attached WAN devices Assigned Usage...

Page 96: ... will be reset Shutdown WAN on Cap If selected the WAN device will shut down when the assigned usage is reached A cycle reset or a rule deletion will re enable the device Send Alert on Cap An email alert will be generated and sent when the assigned usage is reached WARNING The SMTP mail server must be configured in System Settings Device Alerts Custom Alert When checked you enable a second email t...

Page 97: ...ms that causes your router to send an alert after 1000 MB of usage in a month When you attach a new 4G USB modem your template will immediately create a new Data Usage Rule for the attached modem that sends the alert as specified Click Add to configure a new Template rule Create a Template Name that you can recognize The template will apply to one of the following WAN types All WAN All Ethernet Al...

Page 98: ...hed WAN source that has an assigned Data Usage Rule The graph shows the usage trend for one day Click Add Usage to manually input additional usage for an attached data source You might do this if you used your modem while not attached to your router and you want to keep an accurate count of your data usage Enter the date of usage by using the pop up calendar Then enter the total data in MB both in...

Page 99: ...ou have the ability to control Connect Method DHCP Automatic Static Manual or PPPoE Point to Point Protocol over Ethernet MAC Address You have the ability to change the MAC address but typically this is unnecessary You can match this address with your device s address by clicking Clone Your PC s MAC Address 7 3 1 Connect Method Your router s Ethernet ports are automatically configured for DHCP con...

Page 100: ...ADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 98 Static Manual IP Address Subnet Mask Gateway IP Primary DNS Server Secondary DNS Server PPPoE Username Password Password Confirm Service Auth Type None PAP CHAP ...

Page 101: ...re secure In order to set up a tunnel you must know the following Local Network and Remote Network addresses for the Glue Network the network that is created by the administrator that serves as the glue between the networks of the tunnel Each address must be a different IP address from the same private network and these addresses together form the endpoints of the tunnel Remote Gateway the public ...

Page 102: ... match either network 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 Remote Network This is the remote side of the Glue Network Again the user must create an IP address that is distinct from the IP addresses of the networks that are being glued together The Remote Network and Local Network values will be flipped when inputted for the other side of the tunnel configur...

Page 103: ...k traffic from the local host or hosts will be allowed through the tunnel Click Add Route to configure a new route You will need to input the following information defined by the remote network Network Address Netmask Default 255 255 255 0 You can set the tunnel to connect to a range of IP addresses or to a single IP address For example you could input 192 168 0 0 and 255 255 255 0 to connect your...

Page 104: ... using any connected WAN interface consecutively Connections are load balanced between interfaces based on a dynamic measurement of bandwidth available Leave Use default rates selected for automatically defined bandwidth values for Load Balance The default minimum rate can be changed to reflect the minimum bandwidth used during dynamic measurement The dynamic measurement will assume that the inter...

Page 105: ...and activated while plugged into the router Updates and activation methods vary by modem model and service provider Possible methods are PRL Update Activation and FUMO All supported methods will be displayed when you select your modem and click Update Activate If no methods are displayed for your device then you will need to update and activate your device externally To update or activate a modem ...

Page 106: ...ect it The router may start another modem as a failover measure When the operation is done the modem will go back to an idle state at which point the router may restart it depending on failover and failback settings NOTE Only one operation is supported at a time If you try to start the same operation on the same modem twice the UI will not report failure and the request will finish normally when t...

Page 107: ...o navigate to the Connection Manager Internet Connection Manager page and use the control buttons shown in the WAN Interfaces table Maximum Idle Time The interval at which the machine can be idle before the modem connection is disconnected This setting is only valid for the On Demand and Manual connection modes Aggressive Reset When Aggressive Reset is enabled the system will attempt to maintain a...

Page 108: ...ngful to you Select each of the following to create a condition for your rule The condition will be of the following form When is is not value For example Type is not WiMAX Port is USB Port 1 When Port USB Port 1 2 3 ExpressPort 1 2 Manufacturer Model Type WiMAX Modem HSPA Serial Number MAC Address Unique ID Value If you chose Port or Type select from the dropdown list If you chose Manufacturer Mo...

Page 109: ...om Time Warner Cable mobile rr com Comcast mob comcast net TTLS Authentication Mode TTLS inner authentication protocol Select from the following dropdown options MSCHAPv2 MD5 Microsoft Challenge Handshake Authentication Protocol version2 Message Digest Algorithm 5 PAP Password Authentication Protocol CHAP Challenge Handshake Authentication Protocol TTLS Username Username for TTLS authentication TT...

Page 110: ... Challenge Handshake Authentication Protocol PPP Password Password for PPP authentication PPP Username Username for PPP authentication SIM PIN PIN number for GSM modem with a locked SIM Access Point Name APN Some wireless carriers provide multiple Access Point Names that a modem can connect to If you wish to specify an APN enter it into this field Some examples of APN are isp cingular and vpn com ...

Page 111: ...E 109 Configuration Rule SIM APN Settings SIM PIN PIN number for a GSM modem with a locked SIM Access Point Name APN Some wireless carriers provide multiple Access Point Names that a modem can connect to Default Let the router choose an APN automatically Manual Enter an APN by hand Select Select from a dropdown menu of the profiles already on the SIM ...

Page 112: ... VPN encryption protocols The CBR400 uses IPsec Internet Protocol security to authenticate and encrypt packets exchanged across the tunnel To set up a VPN tunnel with the CBR400 on one end there must be another device usually a router that also supports IPsec on the other end IKE Internet Key Exchange is the security protocol in IPsec IKE has two phases Phase 1 and Phase 2 The CBR400 has several d...

Page 113: ...N connection Currently we only support identifiers in the form of an IP address a user fully qualified domain name user mydomain com or just a fully qualified domain name www mydomain com If no identifier is defined then no verification of the remote peer s identification will be done Pre shared Key Create a password or key The routers on both sides of the tunnel must use this same key Mode Tunnel...

Page 114: ...0 will automatically fill in the values for your network but you can change the values to limit the tunnel to only some of the devices in your network NOTE The local network IP address must be different from the remote network IP address Remote Network Enter the remote Gateway s IP address or fully qualified domain name my domain com It is recommended you use a dynamic DNS host name instead of the...

Page 115: ...y the most secure options that your devices support Exchange Mode The IKE protocol has 2 modes of negotiating phase 1 Main also called Identity Protection and Aggressive In Main mode IKE separates the key information from the identities allowing for the identities of peers to be secure at the expense of extra packet exchanges In Aggressive mode IKE tries to combine as much information into fewer p...

Page 116: ...y determined by the strength of the DH Group Group 5 for instance has greater strength than Group 2 o DH group 1 768 bit key o DH group 2 1024 bit key o DH group 5 1536 bit key In Phase 1 only one DH group can be selected while using Aggressive exchange mode By default all the algorithms encryption hash and DH groups supported by the CBR400 are checked which means they are allowed for any given ex...

Page 117: ...nerated in Phase 1 Additionally the new keys generated in Phase 2 with this option enabled are exchanged in an encrypted session Enabling this feature affords the policy greater security Key Lifetime The lifetime of the generated keys of Phase 2 of the IPsec negotiation from IKE After the time has expired IKE will renegotiate a new set of Phase 2 keys Phase 2 has the same selection of Encryption H...

Page 118: ...policy is in use Connection Idle Time allows you to configure how long the router will allow an IPsec session to be idle before beginning to send Dead Peer Detection DPD packets to the peer machine Request Frequency allows you to adjust the delay between these DPD packets to send as quickly as every 2 seconds up to 30 seconds apart Additionally you can specify how many Maximum Requests to send at ...

Page 119: ... especially helpful for matching this information with the router or similar device at the other end of the tunnel Tunnel Name Mode Initiation Mode Pre shared Key Local Network Remote Gateway Remote Network IKE Phase 1 o Exchange Mode o Key Lifetime Secs o Encryption o Hash o DH Groups IKE Phase 2 o PFS o Key Lifetime Secs o Encryption o Hash o DH Groups DPD Click Yes at the bottom of the Tunnel S...

Page 120: ...ity Association and Key Management Protocol port Default 500 This is a standard VPN port that usually does not need to be changed IKE ISAKMP NAT T Port Internet Key Exchange Internet Security Association and Key Management Protocol network address translation traversal port Default 4500 This is a standard VPN NAT T port that usually does not need to be changed NAT T KeepAlive Interval Default 20 s...

Page 121: ...uires the following specifications 1 Each side of the tunnel must use both a Local Identity and a Remote Identity These must match the identities on the other side The Local Identity must match the Remote Identity on the other side of the tunnel and vice versa In this case these identities can each be a simple word 2 The Tunnel Name for the side of the tunnel that is not behind the NAT firewall mu...

Page 122: ...IP conflict you need to change the IP address The router is attempting to use the same IP address for both WAN and LAN which is impossible Go to Network Settings WiFi Local Networks Select the network and click Edit You can change the IP address under IP Settings For example you might change 192 168 0 1 to 192 168 1 1 Saved Profiles This is a list of WiFi networks that have already been configured...

Page 123: ...sible network Auth Mode The type of encryption that is used by the network None WEP Auto WEP Open WEP Shared WPA1 Personal WPA2 Personal WPA1 WPA2 Personal 7 8 2 Profile Editor You have the option to manually add network profiles but it is usually much easier to import them from Site Survey Either click on Add under Saved Profiles or select a WiFi network in Site Survey and click Import If you imp...

Page 124: ...2 7 8 3 Wireless Scan Settings Scan Interval How often WiFi as WAN scans the environment for updates Default 60 seconds Range 5 3600 seconds Scan While Connected Continue to scan for WiFi as WAN profile updates when connected Each time a scan occurs the wireless communication of the router will be temporarily interrupted Normally this should be disabled ...

Page 125: ...HELP AND RESOURCES PAGE 123 8 SYSTEMSETTINGS The System Settings tab has 6 submenu items that provide access to tools for broad administrative control of the CBR400 Administration Device Alerts Hotspot Services Managed Services System Control System Software Device Alerts Hotspot Services and Managed Services Advanced Mode only ...

Page 126: ...be changed through the First Time Setup Wizard The default password is found on the bottom of the router 8 1 2 Network Time Protocol Enabling NTP will tell the router to get its system time from a remote server on the internet If you do not enable NTP then the router time will be based on when the router firmware was built which is guaranteed to be wrong Whenever the internet connection is re esta...

Page 127: ...m you that you are not connected and try to explain why If you disable bounce pages then you will just get the usual browser timeout In the normal case when the router is connected to the internet you don t see them at all This allows a user to disable bounce pages for cases where the router WAN link is down 8 1 5 UPnP Universal Plug and Play is a set of networking protocols standardized by the UP...

Page 128: ...t allows access to these administration web pages from the internet With it disabled you must be a client on the local network to access the administration website For security remote access is usually done via a non standard http port Additionally encrypted connections can be required for an added level of security Requiring a secure https connection is recommended Require Secure Connection HTTP ...

Page 129: ...ormation from supported modems Enable GPS server on WAN Enables a TCP server on the WAN side of the firewall which will periodically send GPS NMEA sentences to connected clients Enable GPS server on LAN Enables a TCP server on the LAN side of the firewall which will periodically send GPS NMEA sentences to connected clients o GPS server port number Enable GPS reporting to remote server Enables peri...

Page 130: ... W or 81d 51 41 W Fix Quality 0 Invalid 1 GPS fix 2 DGPS fix 1 Data is from a GPS fix Number of Satellites 05 5 Satellites are in view Horizontal Dilution of Precision HDOP 1 5 Relative accuracy of horizontal position Altitude 280 2 M 280 2 meters above mean sea level Height of geoid above WGS84 ellipsoid 34 0 M 34 0 meters Time since last DGPS update blank No last update DGPS reference station id...

Page 131: ...sea level M units of antenna altitude meters x x Geoidal separation M units of geoidal separation meters x x Age of Differential GPS data seconds xxxx Differential reference station ID eg3 GPGGA hhmmss ss llll ll a yyyyy yy a x xx x x x x M x x M x x xxxx hh 1 UTC of Position 2 Latitude 3 N or S 4 Longitude 5 E or W 6 GPS quality indicator 0 invalid 1 GPS fix 2 Diff GPS fix 7 Number of satellites ...

Page 132: ...INT COM FOR MORE HELP AND RESOURCES PAGE 130 13 Age in seconds since last update from diff reference station 14 Diff reference station ID 15 Checksum 8 1 9 Syslog Settings Enabling this option will send log messages to a specified Syslog server After enabling type the Hostname or IP address of the Syslog server ...

Page 133: ...plugged unplugged connected and disconnected Login Failure A failed login attempt has been detected Full System Log The system log has filled This alert contains the contents of the system log Recurring System Log The system log is sent periodically This alert contains all of the system events since the last recurring alert It can be scheduled for daily weekly and monthly reports You also choose t...

Page 134: ...Gmail password From Address Your email address To Address Your email address Once you have filled in the information for the SMTP server click on the Verify SMTP Settings button You should receive a test email at your account Advanced Delivery Options Email Subject Prefix This optional string is prefixed to the alert subject It can be customized to help you identify alerts from specific routers Re...

Page 135: ...roup A single LAN Group including both WiFi and Ethernet can be configured as your hotspot If you do not already have a LAN Group configured as a hotspot go to the WiFi Local Networks page you can click Configure to link to this page and set the Routing Mode to Hotspot for the LAN Group you want to use NOTE Routing Mode is in the Local Network Editor under the IP Settings tab Select a network in N...

Page 136: ...rect Only Redirection Depending on your choice for the Terms of Use page your have further options for where the user will be directed After the user accepts the terms you can either let him her continue to the URL they were trying to reach or you can force the user to go to a specified URL once before continuing on To the URL the user intended to visit To an administrator defined URL Redirect URL...

Page 137: ...RL once before continuing on RADIUS settings Server Address Authentication Port Default 1812 Accounting Port Default 1813 Shared Secret Redirection Choose from the dropdown list of options for redirection o Redirect to the UAM Server o Redirect to the URL that the user intends to visit o Redirect to the following URL input the desired URL Session Timeout The amount of time the user may use the rou...

Page 138: ...al domain or website prior to being authenticated For example a hotel might allow access to its own website prior to authentication Click Add to enter new hostnames you wish to allow Enter the Host or Domain Name of the website you wish to allow i e www google com To make sure the full domain is allowed enter the most inclusive domain i e google com will effectively allow www google com as well as...

Page 139: ...OR DETAILS Managed Services allow you to centralize your router configuration using the WiPipe Central server WiPipe Central services must be purchased separately Enable Services Enables the WiPipe Central client to contact the server Ethernet Communication Only The WiPipe Central client will not start unless the WAN is Ethernet Registration URL Register your router using the code provided by Crad...

Page 140: ...s all settings back to their default values Reboot The Device This causes the router to restart Scheduled Reboot This causes the router to restart at a user determined time Watchdog Reboot This causes the router to automatically restart when it determines an unrecoverable error condition has occurred Ping Test A simple test to check internet connectivity Type the Hostname or IP address of the comp...

Page 141: ...e Check the firmware release notes for information to decide if you should upgrade or not Automatic Internet Have the router download the file and perform the upgrade with no user interaction Manual Firmware Upload Upload the router firmware from an attached computer Factory Reset Set default settings to match the new firmware This is safest as settings may have changed You should back up your cur...

Page 142: ...ddresses so that conversions can be made in both directions ADSL Asymmetric Digital Subscriber Line Advanced Encryption Standard AES Government encryption standard Alphanumeric Characters A Z and 0 9 Antenna Used to transmit and receive RF signals AppleTalk A set of Local Area Network protocols developed by Apple for their computer systems AppleTalk Address Resolution Protocol AARP Used to map the...

Page 143: ... Input Output System BIOS A program that the processor of a computer uses to startup the system once it is turned on Baud Data transmission speed Beacon A data frame by which one of the stations in a WiFi network periodically broadcasts network control data to other wireless stations Bit rate The amount of bits that pass in given amount of time Bit sec Bits per second BOOTP Bootstrap Protocol Allo...

Page 144: ...d into binary so that it can be processed or moved to another device Data Encryption Standard Uses a randomly selected 56 bit key that must be known by both the sender and the receiver when information is exchanged Data Link layer The second layer of the OSI model Controls the movement of data on the physical link of a network Database Organizes information so that it can be managed updated as wel...

Page 145: ...ter s security mechanisms for the convenience of being directly addressable from the internet DNS Domain Name System Translates Domain Names to IP addresses Domain name A name that is associated with an IP address Download To send a request from one computer to another and have the file transmitted back to the requesting computer DSL Digital Subscriber Line High bandwidth internet connection over ...

Page 146: ...hts Firewall A device that protects resources of the Local Area Network from unauthorized users outside of the local network Firmware Programming that is inserted into a hardware device that tells it how to function Fragmentation Breaking up data into smaller pieces to make it easier to store FTP File Transfer Protocol Easiest way to transfer files between computers on the internet Full duplex Sen...

Page 147: ...evice that connects multiple devices together ICMP Internet Control Message Protocol IEEE Institute of Electrical and Electronics Engineers IGMP Internet Group Management Protocol is used to make sure that computers can report their multicast group membership to adjacent routers IIS Internet Information Server is a WEB server and FTP server provided by Microsoft IKE Internet Key Exchange is used t...

Page 148: ...out Internet Protocol Version 4 that identifies each computer that transmits data on the internet or on an intranet IPsec Internet Protocol Security IPX Internetwork Packet Exchange is a networking protocol developed by Novell to enable their Netware clients and servers to communicate ISP Internet Service Provider Java A programming language used to create programs and applets for web pages Kbps K...

Page 149: ...tal signals from a computer to an analog signal in order to transmit the signal over phone lines It also demodulates the analog signals coming from the phone lines to digital signals for your computer MPPE Microsoft Point to Point Encryption is used to secure data transmissions over PPTP connections MTU Maximum Transmission Unit is the largest packet that can be transmitted on a packet based netwo...

Page 150: ... used more than RIP in larger scale networks because only changes to the routing table are sent to all the other routers in the network as opposed to sending the entire routing table at a regular interval which is how RIP functions Password A sequence of characters that is used to authenticate requests to resources on a network Personal Area Network The interconnection of networking devices within...

Page 151: ...ice allows for remote users to dial into a central server and be authenticated in order to access resources on a network Reboot To restart a computer and reload its operating software or firmware from nonvolatile storage Rendezvous Apple s version of UPnP which allows for devices on a network to discover each other and be connected without the need to configure any settings Repeater Retransmits th...

Page 152: ...col SNMP Simple Network Management Protocol SOHO Small Office Home Office SPI Stateful Packet Inspection SSH Secure Shell is a command line interface that allows for secure connections to remote computers SSID Service Set Identifier is a name for a wireless network Stateful Packet Inspection A feature of a firewall that monitors outgoing and incoming traffic to make sure that only valid responses ...

Page 153: ...t allows network devices to discover each other and configure themselves to be a part of the network Update To install a more recent version of a software or firmware product Upgrade To install a more recent version of a software or firmware product Upload To send a request from one computer to another and have a file transmitted from the requesting computer to the other UPnP Universal Plug and Pl...

Page 154: ...tworks that is supposed to be comparable to that of a wired network WiFi Wireless Fidelity Used to describe any of the 802 11 wireless networking specifications WiFi Protected Access An updated version of security for wireless networks that provides authentication as well as encryption Wide Area Network The larger network that your LAN is connected to which may be the internet itself or a regional...

Page 155: ...MANUAL Firmware ver 3 3 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 153 Yagi antenna A directional antenna used to concentrate wireless signals on a specific location ...

Page 156: ...erference Requirement Canada This Class B digital apparatus complies with Canadian ICES 003 Cet appareil numérique de la classe B est conforme à la norme NMB 003 du Canada 10 2Warranty Information CradlePoint Inc warrants this product against defects in materials and workmanship to the original purchases or the first purchaser in the case of resale by an authorized distributor for a period of one ...

Page 157: ... 484 GHz WiFi Frequency Band Operation Compliant with IEEE 802 3 and 3u Standards Supports OFDM and CCK Modulation Supports Cable DSL modems with Dynamic IP Static IP PPPoE PPTP or L2TP Connection Types Traffic Control Port Forwarding Virtual Server max 32 servers and DMZ Compatible with HSPA EVDO LTE WiMAX Cellular Network Devices Easy Management via HTTP and Remote Management via HTTP and SNMP C...

Page 158: ...00 USER MANUAL Firmware ver 3 3 0 2011 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 156 http www cradlepoint com Copyright 2011 by CradlePoint Inc All rights reserved ...

Reviews: