background image

CradlePoint MBR1000 | USER MANUAL Firmware ver. 1.6.9 

© 2010 

CRADLEPOINT, INC.                                        PLEASE VISIT 

HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/

 FOR MORE HELP AND RESOURCES 

 

 

 

  PAGE 28  

 

4.6  Wireless (WI-FI)  

Use  the  Wireless  (Wi-Fi)  sub-menu  configure  the  wireless  settings  for  the 
MBR1000.  NOTE:  changes  made  in  this  section  may  also  need  to  be 
duplicated  on  wireless  clients  that  you  want  to  connect  to  your  wireless 
network. Add Wireless Devices with WPS (WI-FI Protected Setup) Wizard 

Add  Wireless  Device  with  WPS.

 

This  Wizard  helps  you  add  wireless 

devices to the wireless network using the Wi-Fi Protected Setup protocol. 

The  wizard  will  prompt  you  to  enter  the  PIN  for  the  device,  or  ask  you  to 
press the 

Configuration

 

button on the device. If the device supports Wi-Fi 

Protected  Setup  and  has  a  configuration  button,  you  can  add  it  to  the 
network  by  pressing  the 

Configuration

 

button  on  the  device  and  then  the 

WPS

 

button on the router  within 60 seconds. The 

WPS

 

status LED on the 

router will flash three times if the device has been successfully added to the 
network. 

There are several ways to add a wireless device to your network. Access to 
the  wireless  network  is  controlled  by  a  “registrar.”  A  registrar  only  allows 
devices onto the wireless network if you have entered the PIN, or pressed a 

Wi-Fi Protected Setup

 

button on the device. The router acts as a registrar 

for the network, although other devices may act as a registrar as well. 

4.6.1

 

Wireless (WI-FI) Network Settings 

Enable  Wireless  Radio.

  (

Default:  Enabled).  When  checked,  wireless 

connectivity is enabled. 

Wireless Network Name.

 

(Default: visible). The SSID name for the router. 

Default:  “MBR-xxx”  where  “xxx”  is  the  last  three  digits  of  the  MBR1000‟s 
MAC address. The MAC address can  be found on the product  label  of the 
MBR1000. 

 (continued) 
 

 

Summary of Contents for WIPIPE MBR1000

Page 1: ......

Page 2: ...iption Author 1 0 June 7 2010 Initial draft David Rush Trademarks CradlePoint and the CradlePoint logo are registered trademarks of CradlePoint Inc in the United States and other countries All other company or product names mentioned herein are trademarks or registered trademarks of their respective companies Copyright 2010 by CradlePoint Inc All rights reserved This publication may not be reprodu...

Page 3: ... WIRELESS WI FI 28 5 ADVANCED TAB 34 5 1 ACCESS CONTROL 35 5 2 FAILOVER LOAD BALANCE 39 5 3 FIREWALL 42 5 4 GAMING 46 5 5 INBOUND FILTERS 48 5 6 MAC ADDRESS FILTER 50 5 7 NETWORK 52 5 8 ROUTING 53 5 9 SPECIAL APPLICATIONS APPLICATION RULES 55 5 10 TRAFFIC SHAPING 57 5 11 VIRTUAL SERVER 61 5 12 WEB FILTER WEBSITE FILTER 63 5 13 WIRELESS WI FI 65 5 14 WI FI PROTECTED SETUP 69 5 15 WISH 72 6 MODEM TA...

Page 4: ... CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 2 8 2 ACTIVE SESSIONS 108 8 3 LOGS 109 8 4 ROUTING 110 8 5 STATISTICS TRAFFIC STATISTICS 111 8 6 WIRELESS WI FI 112 8 7 WISH SESSIONS 114 9 GLOSSARY 115 10 APPENDIX 126 10 1 REGULATORY INFORMATION 126 10 2 WARRANTY INFORMATION 126 10 3 SPECIFICATIONS 127 ...

Page 5: ...000 XP Vista Mac OS X or Linux Computer with Wi Fi Adapter 802 11n Recommended Internet Explorer v6 0 Firefox v2 0 or Safari v1 0 Internet Browser 1 3 MBR1000 Overview Easy Setup and Maintenance High Performance Internal 802 11n Antennas 10 100 Ethernet WAN and LAN Ports Cellular Redundancy Failover to 3G 4G 1 Works with USB and ExpressCard Modems Physical Modem Security Cap Available 1 3 1 Always...

Page 6: ... afford to be offline Your business is always connected 1 3 3 Enterprise Power SOHO Simple With its built in failover capability the MBR1000 automatically switches from a primary wired DSL cable T1 etc connection to wireless mobile broadband network when primary service is disrupted Once service is restored the MBR1000 will automatically failback from wireless mobile broadband to the primary wired...

Page 7: ...CradlePoint MBR1000 USER MANUAL Firmware ver 1 6 9 2010 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 5 2 HARDWAREOVERVIEW ...

Page 8: ...CradlePoint MBR1000 USER MANUAL Firmware ver 1 6 9 2010 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 6 2 1 Ports ...

Page 9: ...CradlePoint MBR1000 USER MANUAL Firmware ver 1 6 9 2010 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 7 2 2 LEDs ...

Page 10: ...sert one end of your Ethernet cable to the WAN port Insert the other end of the Ethernet cable into your Cable or DSL modem It may take a minute or two for the MBR1000 to initialize Open your web browser You can now access the Internet For Failover Failback Functionality you must have an Active Data Modem attached to the MBR1000 CradlePoint recommends that Wi Fi security be setup at this point See...

Page 11: ...ity not recommended by skipping the next step 3 3 2 Setting Up Wireless Network Security Wi Fi Security is highly recommended by CradlePoint Wi Fi Security is separate from the User Login Page Setting Wi Fi Security on your router prevents users from connecting their computers to your router unless they have you wireless security password Follow The Steps Below to Set the Wi Fi Security Access you...

Page 12: ...ar asking for a password Use the password you assigned in the Basic Wizard Setup If you did not change the password or have not yet setup your wireless network security use the default password The default password is the last six digits of the MBR1000 s MAC address The MAC address can be found on the MBR1000 product box or the bottom of the MBR1000 Enter the password and click the Login button Re...

Page 13: ...a modem reconnect the cellular device to your CradlePoint router and connect to the Internet If you are using 4G modem you need to set the WiMAX Realm This can be done at the administrative page login to IP address http 192 168 0 1 and go to Modem Settings Under Modem Specific Settings use the WiMAX Realm Select to select your carrier Make sure you Save Settings Some wireless carriers provide mult...

Page 14: ...t The status LEDs of your router will give you an indication whether or not a proper connection is being made See the LED STATUS definitions below If the USB Data Modem LEDs are not illuminated your modem is not connected and online You may need to update firmware Refer to Your USB Modem or Phone Does Not Work With The Router If you are still not online after updating call CradlePoint Technical Su...

Page 15: ... instructions below to disable the user login Access your router administration page by opening your browser and typing http 192 168 0 1 in the address bar Go to the TOOLS tab on the top navigation then the USER LOGIN menu on the left panel Uncheck the REQUIRE USER LOGIN check box Scroll to the top of the page and click SAVE THE SETTINGS which will save and reboot the router with your new configur...

Page 16: ...US The MBR1000 has a Web interface that provides a set of tabs and sub menus for configuration and administration of all features The interface is organized with 6 tabs at the top of the screen Basic Advanced Modem Tools Status Help Within each of the 6 tabs there are sub menus along the left side of the web page that you use to navigate to the specific function task you wish to manage ...

Page 17: ...2010 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 15 4 1 Basic Tab The Basic tab provides access to the 5 sub menus for administering the following function tasks Wizard DHCP NETWORK WAN WIRELESS WI FI ...

Page 18: ...tlined in the Quick Start Guide included in the product package 4 2 1 Launch Setup Wizard Launch Setup Wizard Click the Launch Setup Wizard button to start the wizard 4 2 2 Welcome to the Setup Wizard Next Cancel Click Next to start the Setup Wizard 4 2 3 Set your password and time zone Password Enter a password for administrative access Verify Re enter the password Time Zone Click on the drop dow...

Page 19: ...e the pre configured network name NOTE Be sure to write down the new SSID and keep it in a safe place Require User Login With the box checked users will be required to login before they can access the internet With the box unchecked users will NOT be required to login before they can access the internet WPS Best Better Good None Choose one of four levels of security or none NOTE The wireless adapt...

Page 20: ...o access the MBR1000 wireless network NOTE Be sure to write down the password and keep it in a safe place If you chose None for security you will not see the Set Your Wireless Security Password screen and will be directed to the Setup Complete screen 4 2 6 Setup Complete This screen summarizes the wireless settings you have chosen NOTE Make sure you write down this information and keep it in a saf...

Page 21: ...CP Server the following options are displayed DHCP IP Address Range Default 192 168 0 100 192 168 0 199 This option defines the range of addresses available for the MBR1000 to assign to an internal network If there are any devices using static IP addresses you must be sure the addresses do not fall within the range defined here A Static IP address is one that is entered in manually on the device E...

Page 22: ...ts are to perform NetBIOS name registration and discovery This setting has no effect if the Learn NetBIOS information from WAN is activated Broadcast only This setting is useful where there are no WINS servers available however it is preferred you try Mixed Mode operation first Point to Point Mode This setting indicates to use WINS servers ONLY This setting is useful to force all NetBIOS operation...

Page 23: ...pt that it must still actually request an IP address from the MBR1000 The MBR1000 will provide the device the same IP address all the time Servers on the network should either use a static IP address or this option Enable Specifies whether the entry will be active or inactive Computer Name You can assign a name for each computer that is given a reserved IP address This may help you keep track of w...

Page 24: ...ou are done editing the settings you must click the Save Settings button at the top of the page to make the changes effective and permanent Example A DHCP reservation is used for making sure the router always gives a computer or device the same IP address Let s say you have a Wi Fi printer that you want to access via the Internet You can connect to the CradlePoint Router from the Wi Fi printer des...

Page 25: ... click the Edit icon the item is highlighted and the DHCP Reservation List section is activated for editing Click the Enable check box at the left to directly activate or de activate the entry After you ve completed all modifications or deletions you must click the Save Settings button at the top of the page to save your changes The router must reboot before new settings will take effect You will ...

Page 26: ...ed here For example 192 168 0 1 Subnet Mask The subnet mask of your router on the local area network Local Domain Name This entry is optional Enter a domain name for the local network LAN computers will assume this domain name when they get an address from the router s built in DHCP server So for example if you enter mynetwork net here and you have a LAN side laptop with a name of chris that lapto...

Page 27: ...n 2 V2 Broadcast Use if some routers are capable of Version 2 but some are only capable of Version 1 V2 Multicast Use if this is the only router on the LAN or if all the routers support Version 2 Router Metric The additional cost of routing a packet through this router The normal value for a simple network is 1 This metric is added to routes learned from other routers it is not added to static or ...

Page 28: ... this field blank Password If required by your ISP enter the password provided to you by your ISP If not required by your ISP leave this field blank Verify Password Re enter the password 4 5 2 Wired WAN Connection Type There are several connection types to choose from Static IP DHCP PPPoE PPTP L2TP If you are unsure of your connection method please contact your Internet Service Provider Note If us...

Page 29: ...se the WAN Configuration sub menu to configure the network settings for the Wired and Cellular Modem WAN the first connected cellular handset or modem DNS Address Select the Get Automatically from ISP Cellular Provider radio button to acquire a DNS Address automatically from our ISP Cellular Provider or select the Use the Following DNS Servers radio button to specify DNS Servers NOTE You would spe...

Page 30: ...ion button you can add it to the network by pressing the Configuration button on the device and then the WPS button on the router within 60 seconds The WPS status LED on the router will flash three times if the device has been successfully added to the network There are several ways to add a wireless device to your network Access to the wireless network is controlled by a registrar A registrar onl...

Page 31: ...us Whether or not the SSID will be visible on the LAN The Invisible option allows you to hide your wireless network When this option is set to Visible your wireless network name is broadcast to anyone within the range of your signal If you re not using encryption then they could connect to your network When Invisible mode is enabled you must enter the Wireless Network Name SSID on the client manua...

Page 32: ...t you can change keys easily Default WEP Key A default key is selected for use on the network Authentication Open Key authentication involves supplying the correct SSID to connect to the Access Point with no key authentication performed Shared Key authentication involves the Access Point sending the client device a challenge text packet that the client must then encrypt with the correct WEP key an...

Page 33: ...th clients that also support WPA2 security Cipher Type The encryption algorithm used to secure the data communication TKIP Temporal Key Integrity Protocol provides per packet key generation and is based on WEP AES Advanced Encryption Standard is a very secure block based encryption With the TKIP and AES option the router negotiates the cipher type with the client and uses AES when available Group ...

Page 34: ...tandard WPA2 is the newer implementation of the stronger IEEE 802 11i security standard With the WPA2 option the router tries WPA2 first but falls back to WPA if the client only supports WPA With the WPA2 Only option the router associates only with clients that also support WPA2 security Cipher Type The encryption algorithm used to secure the data communication TKIP Temporal Key Integrity Protocol...

Page 35: ...his option enables configuration of an optional second RADIUS server A second RADIUS server can be used as backup for the primary RADIUS server The second RADIUS server is consulted only when the primary server is not available or not responding The fields for Second RADIUS Server IP Address RADIUS Server Port Second RADIUS server Shared Secret and Second MAC Address Authentication provide the cor...

Page 36: ...RESOURCES PAGE 34 5 ADVANCEDTAB The Advanced tab provides access to the 16 sub menus for administering the following functions tasks Access Control Failover Load Balance Firewall Gaming Inbound Filter Mac Address Filter Network Routing Special Applications Traffic Shaping Virtual Server Web Filter Wireless WI FI WI FI Protected Setup WISH ...

Page 37: ...f you enable Access Control every device on the WLAN that needs to access the Internet must have an Access Control rule that explicitly permits it to access the Internet Devices that do not have an Access Control Rule cannot access the Internet 5 1 1 Access Control The Policy Wizard guides you through the steps of defining each access control policy A policy is the Who What When and How of access ...

Page 38: ...ing a radio button IP MAC or Other Machines Depending on which radio button you ve selected enter either the local network IP address or MAC address of the machine that you want the access control rule to apply to Click OK Example 192 168 0 50 Make sure that this is a static IP address or the system is in the static DHCP Client list See the Basic DHCP sub menu Step 4 Select Filtering Method Log We...

Page 39: ...MORE HELP AND RESOURCES PAGE 37 Step 5 Port Filter By clicking the Apply Advanced Port Filter button you can specify that the rule enables access only to specific IP addresses and ports Step 6 Configure Web Access Logging If this option is enabled all of the Web sites visited by the specified machine will be logged continued ...

Page 40: ... be deleted by clicking the Delete Policy Table section icon When you click the Edit icon the item is highlighted and the Policy Table section is activated for editing After you ve completed all modifications or deletions you must click the Save Settings button at the top of the page to save your changes The router must reboot before new settings will take effect You will be prompted to Reboot the...

Page 41: ...ernet WAN link Note that this only applies to the ethernet WAN link not the modems If the link is idle for too long the router will attempt to ping a target IP address If the ping does not reply the router assumes the link is down and attempts to fail over to a modem Enable This enables failure detection on the Ethernet link Even when this is disabled unplugging the Ethernet cable at the WAN port ...

Page 42: ... is the device which the router will attempt to start when it boots up If the link cannot be brought up on this device or if it fails after boot up the router will attempt to bring the link up on the next available device Whenever a link fails on a device the router will always move down to the next device down in the list and wrap around again to the top Slot The slot is the physical port the mod...

Page 43: ...you bring the link down the modem will remain disconnected until you use the control to enable it again The router will not attempt to automatically connect to a modem that has been manually disconnected All other available devices will have a check mark icon If you click on this icon the router will attempt to bring the link up over this device If neces sary it will first bring the active link do...

Page 44: ...ion states and ensures that each TCP packet s flags are valid for the current state 5 3 2 NAT Endpoint Filtering The NAT Endpoint Filtering options control how the router s NAT manages incoming connection requests to ports that are already being used UDP Endpoint Filtering TCP Endpoint Filtering The UDP Endpoint Filtering check box controls endpoint filtering for packets of the UDP protocol and th...

Page 45: ...metric NATs in particular but leaves inbound filters and scheduled access working as expected 5 3 3 NAT Port Preservation Enable Port Preservation Default enabled NAT Port preservation tries to ensure that when a LAN host makes an Internet connection the same LAN port is also used as the Internet visible port This ensures best compatibility for internet communications Under some circumstances it m...

Page 46: ...d Allows single VPN connections to a remote host But for multiple VPN connections the appropriate VPN ALG must be used Disabling this option however only disables VPN if the appropriate VPN ALG is also disabled 5 3 7 Application Level Gateway ALG Configuration Here you can enable or disable ALGs Some protocols and applications require special handling of the IP payload to make them work with netwo...

Page 47: ...virtual server for Net Meeting Refer to the Advanced Virtual Server sub menu for information on how to set up a virtual server SIP Allows devices and applications using VoIP Voice over IP to communicate across NAT Some VoIP applications and devices have the ability to discover NAT devices and work around them This ALG may interfere with the operation of such devices If you are having trouble makin...

Page 48: ...be active or inactive Name Give the rule a name that is meaningful to you for example Game Server You can also select from a list of popular games and many of the remaining configuration values will be filled in accordingly However you should check whether the port values have changed since this list was created and you must fill in the IP address field IP Address Enter the local network IP addres...

Page 49: ...annot be associated with Gaming rules that contain any ports in common Such rules would contradict each other 5 4 2 Gaming Rules This is a list of the defined Gaming Rules Click the Enable check box at the left to directly activate or de activate the entry An entry can be changed by clicking the Edit icon or can be deleted by clicking the Delete icon When you click the Edit icon the item is highli...

Page 50: ... of a particular gaming group to play several different games for which gaming entries have been created At the same time an Admin filter might only allows systems from your office network to access the WAN admin pages and an FTP server you use at home If you add an IP address to a filter the change is effected in all of the places where the filter is used 5 5 1 Add Inbound Filter Rule Name Enter ...

Page 51: ...ket will either be DENIED Dropped or ALLOWED Once a match has been made no further rules will be examined for that packet If no rules match the data packet it is ALLOWED This means that to allow only a specific subset of traffic usually requires more than one rule to be entered Example You have configured a game server using the Advanced Gaming sub menu to play HALO Combat Evolved with some friend...

Page 52: ... MAC Address List are granted network access Turn MAC Filtering ON and DENY computers listed to access the network When DENY is selected any computer with a MAC address listed in the MAC Address List will not be granted network access Filter Wired Clients When check box is selected MAC Filtering is applied to wired clients connected to the MBR1000 in addition to wireless clients 5 6 2 ADD MAC Filt...

Page 53: ...con or can be deleted MAC Filtering Rules section by clicking the Delete icon When you click the Edit icon the item is highlighted and the MAC Filtering Rules section is activated for editing After you ve completed all modifications or deletions you must click the Save Settings button at the top of the page to save your changes The router must reboot before new settings will take effect You will b...

Page 54: ...ing feature If you do not see the filter you need in the list of filters go to the Advanced Inbound Filter sub menu and create a new filter Details This filter designates certain IP addresses from other computers or devices so that these IP addresses are either specifically allowed to com municate to the router or are specifically blocked This limits the range of IPs that can connect to the router...

Page 55: ...d to NOTE 255 255 255 255 is used to signify only the host that was entered in the Destination IP field Gateway Specifies the next hop to be taken if this route is used A gateway of 0 0 0 0 implies there is no next hop and the IP address matched is directly connected to the router on the interface specified LAN or WAN Metric The route metric is a value from 1 to 16 that indicates the cost of using...

Page 56: ...k the Enable check box at the left to directly acti vate or de activate the entry The router must reboot before new settings will take effect You will be prompted to Reboot the Device or Continue If you need to make additional settings changes click Continue If you are finished with all configuration settings click the Reboot the Device button 5 8 3 Existing Routes Shows the routes that are in pla...

Page 57: ...ns rules Opens single or multiple ports on the router when the router senses data sent to the Internet on a trigger port or port range Special Applications rules apply to all computers on the network Name Enter a name for the Special Application Rule for example Game App which will help you identify the rule in the future Alternatively you can select from a drop down menu of common applications an...

Page 58: ... section shows the current routing table entries Certain required routes are predefined and cannot be changed Routes that you add can be changed by clicking the Edit icon or can be deleted by clicking the Delete icon When you click the Edit icon the item is highlighted and the Application Rules section is activated for editing Click the Enable check box at the left to directly activate or de activ...

Page 59: ...best performance use the Automatic Classification option to automatically set the priority for your applications Dynamic Fragmentation This option should be enabled when you have a slow Internet uplink It helps to reduce the impact that large low priority network packets can have on more urgent ones by breaking the large packets into several smaller packets Automatic Uplink Speed When enabled this...

Page 60: ... speed with a service such as www dslreports com NOTE not matter how a site such as DSL reports because they do not consider as many network protocol overheads will generally note speeds slightly lower than the Measured Uplink Speed or the ISP rated speed Connection Type By default the router automatically determines whether the underlying connection is an xDSL Frame relay network or some other co...

Page 61: ...iority The priority of the message flow is entered here 1 receives the highest priority most urgent and 255 receives the lowest priority least urgent Protocol The protocol used by the messages Local IP Range The rule applies to a flow of messages whose LAN side IP address falls within the range set here Local Port Range The rule applies to a flow of messages whose LAN side port number is within th...

Page 62: ...it icon or can be deleted by clicking the Delete icon When you click the Edit icon the item is highlighted and the Traffic Shaping Rules List section is activated for editing After you ve completed all modifications or deletions you must click the Save Settings button at the top of the page to save your changes The router must reboot before new settings will take effect You will be prompted to Reb...

Page 63: ...ect a computer from the list of DHCP clients in the Computer Name drop down menu or you can manually enter the IP address of the server computer Protocol Select the protocol used by the service TCP UDP or Both To specify any other protocol select Other from the list then enter the corresponding protocol number as assigned by the IANA in the Protocol box Public Port The port that will be accessed f...

Page 64: ...may not be looped back or you may be redirected to the Forbidden page This will happen if you have an Access Control Rule configured for this LAN machine The requests from the LAN machine will not be looped back if Internet access is blocked at the time of access To work around this problem access the LAN machine using its LAN side identity Requests may be redirected to the Forbidden page if web a...

Page 65: ...g for everyone connected to the device This does change your router s DNS settings to use the OpenDNS servers None Disables Web filtering that uses OpenDNS but will enable manual Web site white listing in the next subsection Minimal Filters phishing and URL typos Good Filters any Web site containing pornography as well as enable typo and phishing redirection Better Filters more nudity sexuality an...

Page 66: ...m Do not enter the http preceding the URL Enter the most inclusive domain for example enter kyocera com and access will be permitted to both www kyocera com and support kyocera com Save Record the changes you have made into the following list NOTE Many web sites construct pages with images and content from other web sites Access will be forbidden if you do not enable all the web sites used to cons...

Page 67: ...ng wireless performance can be improved by using the RTS CTS Request to Send Clear to Send handshake protocol The wireless transmitter will begin to send RTS frames and wait for CTS when data frame size in bytes is greater than the RTS Threshold This setting should remain at its default value of 2346 bytes Fragmentation Threshold Wireless frames can be divided into smaller units fragments to impro...

Page 68: ...help control latency and jitter when transmitting multimedia content over a wireless connection Short GI Using a short 400ns guard interval can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation WDS Enable When WDS is enabled this access point functions...

Page 69: ...Explorer Safari Opera etc Step 1 Change LAN IP To enable WDS you will need to change some settings in configurations of the repeater router and WAN connected router First connect to the unit that will function as the repeater by typing its IP address in a browser default IP address for the MBR1000 192 168 0 1 Go to the Basic LAN submenu Change the IP address of this unit to 192 168 0 5 and click S...

Page 70: ...he WAN connection Click Save Settings when prompted to Reboot or Continue select Continue Step 4 Enable WDS Go to the Advanced Advanced Wireless sub menu Check WDS Enable and enter the MAC address of the WAN Router Click Save Settings and when prompted to Reboot or Continue click Reboot Step 5 WAN Router Repeat steps 3 and 4 on the router with the WAN connection Substitute the MAC address of the W...

Page 71: ...g external WLAN Manager Registrar Reset to Unconfigured Click the Reset to Unconfigured button to set the PIN back to the factory default pin which is listed on the end panel of the MBR1000 box and on the label affixed to the bottom of the MBR1000 unit 5 14 2 Pin Settings A PIN is a unique number that can be used to add the router to an existing network or to create a new network The default PIN m...

Page 72: ...Wi Fi Protected Setup button on the device The router acts as a registrar for the network although other devices may act as a registrar as well Clicking the Add Wireless Device Wizard button starts the wizard PIN Option Welcome to the Add Wireless Device Wizard Click Next Step 1 Select Configuration Method for Your Wireless Network Choose configuration method that your wireless device is capable o...

Page 73: ... your wireless device is capable of supporting refer to the documentation that came with your wireless adapter Select Push Button Select this option if your wireless device supports push button PIN instructions in previous section Click Next Click Next Step 2 Connect Your Wireless Device Push the button on your wireless device then click on the Connect button When you use the push button method th...

Page 74: ...d to prioritize these above other traffic Such streams are used by systems known as Windows Media Extenders such as the Xbox 360 Automatic When enabled this option causes the router to automatically attempt to prioritize traffic streams that it doesn t otherwise recognize based on the behavior that the streams exhibit This acts to de prioritize streams that exhibit bulk transfer characteristics su...

Page 75: ...e range set here Save Update Record the changes you have made Clear Re initialize this area of the screen discarding any changes you have made When you are done editing the settings you must click the Save Settings button at the top of the page to make the changes effective and permanent 5 15 4 WISH Rules This section lists the WISH rules Click the Enable check box at the left to directly activate...

Page 76: ...LEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 74 6 MODEMTAB The Modem Tab provides access to 4 sub menus for displaying information and controlling settings for any attached phones or modems Info GPS Settings Update ...

Page 77: ...connection to your carrier You may be able to move the location of the router or modem to increase your Signal Strength Please note that if any of the values are displayed in red you will need to correct the condition before you can access the WAN link across that phone modem If your phone modem does not support reading diagnostics such as Signal Strength while it is connected to the carrier s net...

Page 78: ...age has received The best way to get an accurate GPS reading from the router is to use the GPS Network Access feature 6 2 2 Data Update Settings Update Method determines how the web page s GPS data is updated from the router Automatic When chosen the page will update itself at a specified interval Update Interval Default every 15 seconds Changed by using the Update Interval drop down box that is d...

Page 79: ... data available over the local wireless network The GPS data can be read from port 8889 of the router when this option is enabled Enable GPS Network Port on WAN Default disabled When checked the router makes live GPS data available to the WAN GPS data is presented in both NMEA 0183 sentences and Keyhole Markup Language KML formatted data To get NMEA data into a GPS aware application you may need a...

Page 80: ...ys on A connection to the Internet is always maintained On demand A connection to the Internet is made as needed Manual You have to open up the Web based management interface and click the Connect button manually any time that you wish to connect to the Internet Maximum Idle Time Time interval in minutes the machine can be idle before the modem connection is disconnected The Maximum Idle Time valu...

Page 81: ... detect this condition either actively or passively and restart the connection if there is a problem Timeout This is how often the router will check to see if the modem connection is still active It does this by seeing if any new data was received over the connection during the previous Timeout seconds This is the passive mode of connection verification Enable Ping on Idle This setting configures ...

Page 82: ...ased on data rate More Often based on timer Less Often based on timer Never Default Custom Data Rate Threshold KB Sec Select Data Rate Threshold Duration Threshold seconds Select Duration Threshold If the rate of data on the 3G connection falls below Data Rate Threshold for longer than the Duration Threshold the router will attempt to upgrade the 4G connection automatically If the Data Rate Thresh...

Page 83: ...Permanent is selected the entered PIN will be remembered between reboots If a modem is plugged in when this is selected the router will make a permanent association between the PIN and the current modem When a PIN is associated with a modem the PIN will be automatically entered for you when the associated modem is plugged in If you choose Permanent PIN but there is no modem plugged in at the time ...

Page 84: ...pending on your location different network selections will be shown based on the bands the particular modem supports and the router recognizes If you select one of the WCDMA settings such as WCDMA GSM NA North America the modem will use the 3G network in preference to the 2 5G network This change is persistent and stays with the modem even if you unplug it and move it to a PC The band currently se...

Page 85: ...FOR MORE HELP AND RESOURCES PAGE 83 6 4 Update Some modems can be activated and updated while plugged into the router Activation and updates vary by modem model and service provider All supported methods are displayed If no methods are displayed for your device you will need to activate and update your device externally ...

Page 86: ...or IT organizations that use a number of MBR1000 units to provide wireless data connectivity for employees the Tools tab allows you to enable the remote devices to be an extension of your network and abide by the policies set within your department Included are a number of features that allow the unit to provide security supportability and EVDO handset behavior regardless where a remote employee i...

Page 87: ...idual who first activates the unit 7 1 1 System Language System Language Select English or Spanish 7 1 2 Admin Password Password Type password in this field that you want to use to grant access to Web based management interface Default Last 6 characters of the MBR1000 s MAC address NOTE all letters in the MAC address should be entered as lower case Verify Password Re type the password to ensure it...

Page 88: ... the router only from computers on your LAN Default off Remote Admin Port The port that will be accessed from the Internet This allows you to make modifications to ensure that there is no conflict with other enterprise software Default Port 8080 For example if you specify port 1080 here then to access the router from the Internet you would use a URL of the form http my domain com 1080 Use HTTPS Se...

Page 89: ...rg for details Example myserver mydomain net Host Name Enter the host name fully qualified for example myhost mydomain net Username or Key Enter the username or key provided by the Dynamic DNS service provider If the Dynamic DNS provider supplies only a key enter that key in all three fields Password or Key Enter the password or key provided by the Dynamic DNS service provider If the Dynamic DNS p...

Page 90: ...uter for dynamic DNS you can open a browser and navigate to the URL for your domain for example http www mydomain info and the router will attempt to forward the request to port 80 on your LAN If however you do this from a LAN side computer and there is no virtual server defined for port 80 the router will return the router s configuration home page Refer to the Advanced Virtual Server configurati...

Page 91: ... address will appear as the sender when you receive a log file or firmware upgrade notification via email To Email Address Enter the email address where you want the email sent SMTP Server Address Enter the SMTP server address for sending email SMTP Server Port Enter the SMTP server port for sending email Enable Authentication If your SMTP server requires authentication select this option Account ...

Page 92: ...n select a schedule from the list of defined schedules To create a schedule go to the Tools Schedules sub menu NOTE Normally email is sent at the start time defined for a schedule and the schedule end time is not used However rebooting the router during the schedule period will cause additional emails to be sent Details The text field description of the inbound filter you want to select When you p...

Page 93: ...for Latest Firmware Version button To verify the latest firmware version the MBR1000 checks the Internet 7 4 2 Manually Upgrade Firmware Upload Firmware To update the firmware follow these steps 1 Click the Browse button to locate the update file on your computer 2 Once you have found the file to be used click the Upload button to start the firmware update process 3 Wait for the router to reboot 4...

Page 94: ...de to insure that the new file is correct 1 Before the new firmware update is loaded into its permanent location the NVRAM it is first downloaded into a temporary RAM area for checking 2 The downloaded file is first checked against a checksum to insure that the entire file has been downloaded and no data errors have occurred 3 Each firmware file is encoded with a special product identification whi...

Page 95: ...reboot and will not load the new firmware It is recommend that when you are doing these en mass the first few are manually checked by logging into the router with a computer and going to http 192 168 0 1 login with the default password and then check the Status tab which will show the current router firmware version The default password is the last 6 character of the MAC address which is located o...

Page 96: ... router to attempt to establish a management session over the active WAN link Ethernet Only A management session can involve non trivial amounts of data transfer especially for f w upgrades Since many modem plans impose data limits you may want to disable managed services when the modem is the primary WAN interface By checking this box you ensure that the router will only establish a management se...

Page 97: ...the week or place a check mark in the Select Day s radio button then put a check mark in the boxes next to the days of the week that you want your schedule to be in effect All Day Select this option if you want your schedule in effect all 24 hours for the selected day s Start Time If you don t use the All Day option then enter the Start Time which consists of two fields Enter the hour of the Start...

Page 98: ...icking the Edit icon or can be deleted by clicking the Delete icon When you click the Edit icon the item populates the Edit Schedule Rule and is activated for editing Update Record the changes you have made The router must reboot before new settings will take effect You will be prompted to Reboot the Device or Continue If you need to make additional settings changes click Continue If you are finis...

Page 99: ...ch allows access to read only data within this community group The community names should never be public or private Community names are a maximum of 15 characters long Names should contain at least one number and one capital letter Access to the community name should be limited to the Administrator of realms Set Community Name Variable length string which allows access to read and write data with...

Page 100: ...ve of log files to a Syslog Server Enable Logging to Syslog Server Default off Enable this option if you have a syslog server currently running on the LAN and wish to send log messages to it Syslog Server IP Address Enter the LAN IP address of the Syslog Server When you are done editing the settings you must click the Save Settings button at the top of the page to make the changes effective and pe...

Page 101: ...n information to a file on a local hard drive or any other target you choose Restore Configuration from File Reads all configuration information from a Save Configuration file Restore to Factory Defaults This option will restore all configuration settings back to the factory defaults Any settings that have not been saved will be lost If you want to save your router configuration settings you can d...

Page 102: ...r enter its fully qualified domain name Ping Start Pinging the specified host Stop The host is pinged repeatedly until you click the Stop button 7 10 2 Ping Result Displays the results of the ping test The ping test is an ICMP echo protocol It s used to test response and path to a remote computer system i e a ping to a URL www xxxxx com will tell you if there is a path and if the remote computer i...

Page 103: ...aving Check this option to adjust for daylight savings time Daylight Saving Offset Select the time offset for daylight savings time Daylight Savings Dates Set the month week day of week and time for the MBR1000 to switch to from Daylight Savings Time 7 11 2 Automatic Time Configuration Enabling this option allows the MBR1000 to contact network time servers to automatically adjust the MBR1000 clock...

Page 104: ...ngs button to copy the time from the computer you are using NOTE Be sure the computer s time is set correctly WARNING If the router loses power for any reason it cannot keep its clock running and will not have the correct time when it is started again To maintain the correct time for schedules and logs either you must enter the correct time after you restart the router or you must enable the NTP S...

Page 105: ...s 7 12 3 Customize Billboard Enable Custom Billboard Select this option if you want to provide the router with a new customized user login page Custom Billboard Enter HTML into this section to create a customized user login page Preview Select this button to preview the customized user login in the preview panel Load Default Select this button to load a default or example customized user login NOT...

Page 106: ...SIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 104 8 STATUSTAB The Status tab provides information about the current configuration settings of the MBR1000 router via 7 sub menus Device Info Active Sessions Logs Routing Statistics Wireless Wi Fi WISH Sessions ...

Page 107: ...AN connection go to the Advanced Failover sub menu If the connection is DHCP clicking the DHCP Release button unassigns the router s IP address The router will not respond to IP messages from the WAN side until you click the DHCP Renew button or power up the router again Clicking the DHCP Renew button requests a new IP address from the ISP s server If the connection is via a modem clicking the Dis...

Page 108: ...or your wired network It is the factory assigned identifier of the LAN ports IP Address IP Address of the router Subnet Mask Subnet of the router DHCP Server DHCP Server is Enabled or Disabled 8 1 4 Wireless Wi Fi LAN This area of the screen reflects configuration settings from the Basic Wireless page the Advanced WISH page and the Advanced Wi Fi Protected Setup page The MAC Address is the factory...

Page 109: ...n range is limited to the address range as configured in DHCP Server Computers that have an address outside of this range will not show If the DHCP Client i e a computer configured to Automatically obtain an address supplies a Host Name then that will also be shown Any computer or device that has a static IP address that lies within the detection range may show however its host name will not 8 1 6...

Page 110: ...nection is passing data FW FIN Wait The client system has requested that the connection be stopped CW Close Wait The server system has requested that the connection be stopped TW Time Wait Waiting for a short time while a connection that was in FIN Wait is fully closed LA Last ACK Waiting for a short time while a connection that was in Close Wait is fully closed CL Closed The connection is no long...

Page 111: ...Server support so you can send the log files to a computer on your network that is running a Syslog utility 8 3 1 Log Options What to View You can select the types of messages that you want to display from the log Firewall Security System Router Status View Levels You can choose from three levels of message importance Critical Warning Informational Apply Log Settings Now Filters the log results so...

Page 112: ...PAGE 110 8 4 Routing The routing section displays all of the routing details configured for your router A value of 0 0 0 0 for gateway means there is no next hop and the IP address is directly connected to the router on the interface specified LAN or WAN A value of 0 0 0 0 in both the destination IP and netmask means that this is the default route ...

Page 113: ...tatistics Updates the screen with the latest router statistics Clear Statistics Clears all of the values on the screen 8 5 2 Wireless Wi Fi LAN and WAN Statistics Kbytes Sent The number of packets transmitted to the local area network Kbytes Received The number of packets received from the local area network TX Packets Dropped The number of transmit packets not sent RX Packets Dropped The number o...

Page 114: ...nts This lists the client computers that are currently connected to the WLAN access point MAC Address The Ethernet ID MAC address of the wireless client IP Address The LAN side IP address of the client Mode The transmission standard being used by the client Values are 802 11a 802 11b 802 11g or 802 11n Rate The actual transmission rate of the client in megabits per second Signal This is a relative...

Page 115: ...ill have access until disconnected from the Wi Fi network Client allowed permanently Same as the Remember Me function in the user login process Will have access each time connected to the Wi Fi network Client is not allowed This client computer is denied access to the Wi Fi network 8 6 3 Remembered Clients Once a Wi Fi client has successfully logged into the Internet access side of the router the ...

Page 116: ...pting to start a connection EST Established the connection is passing data FW FIN Wait The client system has requested that the connection be stopped CW Close Wait the server system has requested that the connection be stopped TW Time Wait Waiting for a short time while a connection that was in FIN Wait is fully closed LA Last ACK Waiting for a short time while a connection that was in Close Wait ...

Page 117: ...e RF signals AppleTalk A set of Local Area Network protocols developed by Apple for their computer systems AppleTalk Address Resolution Protocol AARP Used to map the MAC addresses of Apple computers to their AppleTalk network addresses so that conversions can be made in both directions Application layer 7th Layer of the OSI model Provides services to applications to ensure that they can communicat...

Page 118: ...ansmitting data in all directions at once Browser A program that allows you to access resources on the web and provides them to you graphically Cable modem A device that allows you to connect a computer up to a coaxial cable and receive Internet access from your Cable provider CardBus A newer version of the PC Card or PCMCIA interface It supports a 32 bit data path DMA and consumes less voltage CA...

Page 119: ...ned pool of addresses to computers or devices that request them Digital certificate An electronic method of providing credentials to a server in order to have access to it or a network Direct Sequence Spread Spectrum DSSS Modulation technique used by 802 11b wireless devices DMZ Demilitarized Zone A computer that logically sits in a no mans land between the LAN and the WAN The DMZ computer trades ...

Page 120: ...ed by other computers on the network with different levels of access rights Firewall A device that protects resources of the Local Area Network from unauthorized users outside of the local network Firmware Programming that is inserted into a hardware device that tells it how to function Fragmentation Breaking up data into smaller pieces to make it easier to store FTP File Transfer Protocol Easiest...

Page 121: ...ovided by Microsoft IKE Internet Key Exchange is used to ensure security for VPN connections Infrastructure In terms of a wireless network this is when wireless clients use an Access Point to gain access to the network Internet A system of worldwide networks which use TCP IP to allow for resources to be accessed from computers around the world Internet Explorer A World Wide Web browser created and...

Page 122: ... Network LAN A group of computers in a building that usually access files from a server LPR LPD Line Printer Requestor Line Printer Daemon A TCP IP protocol for transmitting streams of printer data MAC Address A unique hardware ID assigned to every Ethernet adapter by the manufacturer Mbps Megabits per second MDI Medium Dependent Interface is an Ethernet port for a connection to a straight through...

Page 123: ...ters in a network NIC Network Interface Card NTP Network Time Protocol OFDM Orthogonal Frequency Division Multiplexing is the modulation technique for both 802 11a and 802 11g OSI Open Systems Interconnection is the reference model for how data should travel between two devices on a network OSPF Open Shortest Path First is a routing protocol that is used more than RIP in larger scale networks beca...

Page 124: ...nd reload it s operating software or firmware from nonvolatile storage Rendezvous Apple s version of UPnP which allows for devices on a network to discover each other and be connected without the need to configure any settings Repeater Retransmits the signal of an Access Point in order to extend its coverage RIP Routing Information Protocol is used to synchronize the routing table of all the route...

Page 125: ...which part designates the Host Syslog System Logger a distributed logging interface for collecting in one place the logs from different sources Originally written for UNIX it is now available for other operating systems including Windows TCP Transmission Control Protocol TCP Raw A TCP IP protocol for transmitting streams of printer data TCP IP Transmission Control Protocol Internet Protocol TFTP T...

Page 126: ...ethod for configuring and bootstrapping wireless networking hardware access points and wireless clients including PCs and other devices WDS Wireless Distribution System A system that enables the interconnection of access points wirelessly Web browser A utility that allows you to view content and interact with all of the information on the World Wide Web WEP Wired Equivalent Privacy is security for...

Page 127: ...ternet Service Provider WLAN Wireless Local Area Network WPA Wi Fi Protected Access A Wi Fi security enhancement that provides improved data encryption relative to WEP xDSL A generic term for the family of digital subscriber line DSL technologies such as ADSL HDSL RADSL and SDSL Yagi antenna A directional antenna used to concentrate wireless signals on a specific location ...

Page 128: ...erference Requirement Canada This Class B digital apparatus complies with Canadian ICES 003 Cet appareil numérique de la classe B est conforme à la norme NMB 003 du Canada 10 2Warranty Information CradlePoint Inc warrants this product against defects in materials and workmanship to the original purchases or the first purchaser in the case of resale by an authorized distributor for a period of one ...

Page 129: ...mode POWER 12VDC 1 5A 100 240V AC DIMENSIONS 7 x 5 6 x 1 2 180 mm x 142 mm x 30 25 mm WEIGHT 12 oz 340g CERTIFICATIONS FCC CE WiFi Certification OPERATING TEMPERATURE 0 o C to 50 o C DETAILS Compatible with 100 HSPA and EVDO Mobile Broadband Devices Supports both USB and ExpressCard Mobile Broadband Modems Supports Cable DSL Modems with Dynamic IP Static IP PPPoE PPTP and L2tp Connection Types Uni...

Page 130: ...00 USER MANUAL Firmware ver 1 6 9 2010 CRADLEPOINT INC PLEASE VISIT HTTP KNOWLEDGEBASE CRADLEPOINT COM FOR MORE HELP AND RESOURCES PAGE 128 http www cradlepoint com Copyright 2010 by CradlePoint Inc All rights reserved ...

Reviews: