manualshive.com logo in svg

Motorola SURFboard SBG901, User Manual

The Motorola SURFboard SBG901 is a high-speed modem and wireless router combo. To get started with this versatile device, simply access the Setup And Configuration Manual available for download on our website. This comprehensive manual, completely free of charge, provides step-by-step instructions to set up and configure your SBG901 effortlessly.

Share
Download
background image

 

Wireless Security 

Because WLAN data is transmitted using radio signals, it may be possible for an unauthorized 
person to access your WLAN unless you prevent them from doing so. To prevent unauthorized 
eavesdropping of data transmitted over your LAN, you must enable wireless security. The default 
SBG901 settings neither provide security for transmitted data nor protect network data from 
unauthorized intrusions. 

The SBG901 provides the following wireless security measures, which are described on the

 

Wireless Pages

To prevent unauthorized eavesdropping, you must encrypt data transmitted over the wireless 
interface using 

one 

of the following: 

 

If all of your wireless clients support Wi-Fi Protected Access (WPA or WPA2) encryption, 
Motorola recommends using WPA2. Otherwise, configure a Wired Equivalency Privacy 
(WEP) key on the SBG901 and each WLAN client. 

 

To protect the wireless LAN from unauthorized intrusions (see 

Setting Up Your Wireless 

LAN

), you can do one or both of the following: 

ƒ

 

Restrict WLAN access to computers having known MAC addresses 

ƒ

 

Enable closed network operation by disabling SSID broadcasting 

Port Forwarding 

The SBG901 opens logical data ports when a computer on its LAN sends data, such as e-mail 
messages or web data, to the Internet. A logical data port is different from a physical port, such 
as an Ethernet port. Data from a protocol must go through certain data ports. 

Some applications, such as games and video conferencing, require multiple data ports. If you 
enable NAT, this can cause problems because NAT assumes that data sent through one port will 
return to the same port. You may need to configure port forwarding to run applications with 
special requirements. 

To configure port forwarding, you must specify an inbound (source) port or range of ports. The 
inbound port opens only when data is sent to the inbound port and closes again after a specified 
time elapses with no data sent to it. You can configure up to 32 port forwarding entries using the 
Advanced Port Forwarding Page. 

1 Introduction 

22

 

This document is uncontrolled pending incorporation in PDM 

 

Summary of Contents for SURFboard SBG901

Page 1: ...Motorola SURFboard SBG901 Wireless Cable Modem Gateway User Guide ...

Page 2: ...ions to the main supply circuit Use only a main line cord that complies with all applicable device safety requirements of the country of use Installation of this device must be in accordance with national wiring codes and conform to local regulations Operate this device only from the type of power source indicated on the device s marking label If you are not sure of the type of power supplied to y...

Page 3: ...es that the coaxial cable shield shall be connected to the grounding system of the building as close to the point of cable entry as practical CARING FOR THE ENVIRONMENT BY RECYCLING When you see this symbol on a Motorola product do not dispose of the product with residential or commercial waste Recycling your Motorola Equipment Please do not dispose of this product with your residential or commerc...

Page 4: ...the end user INDUSTRY CANADA IC STATEMENT This device complies with RSS 210 of the Industry Canada Rules Operation is subject to the following two conditions 1 This device may not cause interference and 2 This device must accept any interference including interference that may cause undesired operation of the device This device is designed to operate with two internal antennas as part of the print...

Page 5: ...ables and equipment other than specified by the manufacturer Correction of the interference caused by such unauthorized modification substitution or attachment is the responsibility of the user The manufacturer and its authorized resellers or distributors are not liable for any damage or violation of government regulations that may arise from failing to comply with these guidelines SECURITY WARNIN...

Page 6: ...orvalds in the U S and other countries UNIX is a registered trademark of the Open Group in the United States and other countries Macintosh is a registered trademark of Apple Computer Inc Adobe Adobe Acrobat and Adobe Acrobat Reader are registered trademarks of Adobe Systems Inc All other product or service names are property of their respective owners No part of the contents of this document may b...

Page 7: ...AN 20 Security 20 Firewall 21 DMZ 21 Port Triggering 21 Wireless Security 22 Port Forwarding 22 Getting Started Before You Begin 23 Precautions 24 Signing Up for Service 24 Computer System Requirements 25 Connecting the SBG901 to the Cable System 25 Cabling the LAN 26 Obtaining an IP Address for an Ethernet Connection 27 Configuring TCP IP 27 Configuring TCP IP in Windows 2000 27 Configuring TCP I...

Page 8: ...p 44 Gaming Configuration Guidelines 44 Configuring the Firewall for Gaming 44 Configuring Port Triggers 45 Configuring a Gaming DMZ Host 45 Exiting the SBG901 Configuration Manager 45 Status Pages Status Software Page 47 Status Connection Page 48 Status Security Page 49 Changing the SBG901 Default Password 49 Status Diagnostics Page 49 Ping Utility 50 Traceroute Utility 51 Status Event Log Page 5...

Page 9: ...ental Control User Setup Page 73 Parental Control Basic Setup Page 75 Parental Control ToD Access Policy Page 76 Parental Control Event Log Page 77 Wireless Pages Setting Up Your Wireless LAN 79 Encrypting Wireless LAN Transmissions 80 Wireless 802 11b g Basic Page 81 Wireless 802 11b g Privacy Page 83 Wireless 802 11b g Access Control Page 86 Wireless 802 11b g Advanced Page 87 Wireless Bridging ...

Page 10: ...iptions for the Advanced Options Page 60 Field Descriptions for the Advanced IP Filtering Page 61 Field Descriptions for the Advanced MAC Filtering Page 62 Field Descriptions for the Advanced Port Filtering Page 63 Field Descriptions for the Advanced Port Triggers Page 65 Field Descriptions for the Firewall Local Log Page 71 Field Description for the Firewall Remote Log Page 72 Field Descriptions ...

Page 11: ...ion Properties window 28 Select Network Component Type window 29 Local Area Connection Properties window 29 Network and Internet Connections window 30 Windows XP Classic View Control Panel 30 Network Connections window 31 Local Area Connection Properties window 31 Network and Sharing Center window 32 LAN or High Speed Internet connections window 32 Local Area Connection Properties window 33 Intern...

Page 12: ...Advanced DMZ Host Page 66 Advanced RIP Setup Page 67 Firewall Web Content Filter Page 70 Firewall Local Log Page 71 Firewall Remote Log Page 72 Parental Control User Setup Page 74 Parental Control Basic Setup Page 75 Parental Control ToD Access Policy Page 76 Parental Control Event Log Page 77 Wireless 802 11b g Basic Page 81 Wireless 802 11b g Privacy Page 83 Wireless 802 11b g Access Control Pag...

Page 13: ...entral connection point between your computers and the Internet It directs routes information between the computers connected to your home network A built in cable modem transmits information between your home network and the Internet SBG901 Features The SBG901 offers the following standard features Combines four separate products a DOCSIS 2 0 cable modem IEEE 802 11g wireless access point Wi Fi c...

Page 14: ... Powerful Features in a Single Unit An SBG901 combines high speed Internet access networking and computer security for a home or small office LAN An SBG901 provides An integrated high speed cable modem for continuous broadband access to the Internet and other online services with much faster data transfer than traditional dial up or ISDN modems One broadband connection for up to 245 computers to s...

Page 15: ... 802 11g wireless LAN connection Figure 1 Sample Hybrid LAN Optional Accessories All networks are composed of multiple devices The SBG901 works with any Wi Fi certified IEEE 802 11g or IEEE 802 11b compliant client product The Wi Fi capability of the SBG901 can also be used to allow other Wi Fi enabled devices to connect to the Internet The maximum range of Wi Fi devices is 300 feet and the maximu...

Page 16: ... downstream channel connection Downstream channel is connected 3 SEND Scanning for a send upstream channel connection Upstream channel is connected 4 ONLINE Scanning for configuration parameters Startup process is complete and the SBG901 is online 5 WIRELESS Green Wi Fi enabled with encrypted wireless data activity A long short flash indicates mobile pairing in progress Amber Wi Fi enabled with un...

Page 17: ...ETHERNET Connects to an Ethernet equipped computer hub or switch using an RJ 45 cable connection 2 CABLE Connects the SBG901 to a cable wall outlet coaxial cable connection 3 RESET Resets the digital voice modem Resetting the modem may take from five to 30 minutes 4 12VDC Provides power to the cable modem 1 Introduction 17 This document is uncontrolled pending incorporation in PDM ...

Page 18: ...on of Wireless LAN WLAN vs LAN for wired Each computer needs appropriate network adapter hardware and driver software The clients on the Ethernet or wireless interfaces can share Internet access with a single Internet Service provider account subject to Internet Service provider terms and conditions Files printers storage devices multi user software applications games and video conferencing Wirele...

Page 19: ...ot or a wireless USB adapter Desktop PCs Use a wireless PCI adapter wireless USB adapter or compatible product in the PCI slot or USB port respectively Figure 5 Sample Wireless Network Connections To set up the SBG901 on a computer wired to the SBG901 with an Ethernet connection perform the procedures found on the Wireless Pages Do not attempt to configure the SBG901 over a wireless connection You...

Page 20: ...puter requires one or more hubs switches or routers You can do the following Connect a hub or switch to the Ethernet port on the SBG901 Use Ethernet hubs switches or routers to connect up to 245 computers to the SBG901 A complete discussion of Ethernet cabling is beyond the scope of this document Security The SBG901 provides the following A firewall to protect the SBG901 LAN from undesired attacks...

Page 21: ...s one or more computers logically located outside the firewall between an SBG901 LAN and the Internet A DMZ prevents direct access by outside users to private data For example you can set up a web server on a DMZ computer to enable outside users to access your website without exposing confidential data on your network A DMZ can also be useful to play interactive games that may have a problem runni...

Page 22: ...s LAN you can do one or both of the following Restrict WLAN access to computers having known MAC addresses Enable closed network operation by disabling SSID broadcasting Port Forwarding The SBG901 opens logical data ports when a computer on its LAN sends data such as e mail messages or web data to the Internet A logical data port is different from a physical port such as an Ethernet port Data from...

Page 23: ...egin Before you begin the installation check that the following items were included with your Motorola SBG901 Gateway Table 3 Items Included with Your SBG901 Item Description Power cord Connects the SBG901 to a power adapter that connects to an AC electrical outlet Ethernet cable Connects to the Ethernet port SBG901 Installation CD ROM Contains SBG901 Installation Assistant and this user guide SBG...

Page 24: ...k of thunderstorm or lightning activity in the area To avoid potential shock always unplug the power cord from the wall outlet or other power source before disconnecting it from the SBG901 rear panel To prevent overheating the SBG901 do not block the ventilation holes on the sides of the unit Do not open the unit Refer all service to your Internet Service provider Signing Up for Service You must s...

Page 25: ...re In addition your computer must meet the following requirements PC with Pentium class or better processor Windows 2000 Windows XP Windows Vista Macintosh Linux or UNIX operating system with operating system CD ROM available Minimum 256 MB RAM recommended 10 MB available hard disk space You can use any web browser with the SBG901 Connecting the SBG901 to the Cable System Before starting be sure t...

Page 26: ...while scanning for the upstream send channel Changes to solid green when the send channel is locked ONLINE Flashes during SBG901 registration and configuration Changes to solid green when the SBG901 is registered Cabling the LAN After connecting to the cable system you can connect your wired Ethernet LAN Some sample connections are shown in Wired Ethernet LAN On each networked computer you must in...

Page 27: ...entation After configuring TCP IP on your computer you must verify the IP address Perform one of the following Verifying the IP Address in Windows 2000 or Windows XP Verifying the IP Address in Windows Vista For UNIX systems follow the instructions in the applicable UNIX user documentation Your cable provider may provide additional instructions to set up your computer Configuring TCP IP in Windows...

Page 28: ...splayed Figure 9 Local Area Connection Properties window 5 If Internet Protocol TCP IP is in the list of components TCP IP is installed You can skip to step 8 6 If Internet Protocol TCP IP is not in the list of components click Install The Select Network Component Type window is displayed 2 Getting Started 28 This document is uncontrolled pending incorporation in PDM ...

Page 29: ...to display the Internet Protocol TCP IP Properties window 10 Be sure Obtain an IP address automatically and Obtain DNS server address automatically are selected 11 Click OK to save the TCP IP settings and exit the TCP IP Properties window 12 Click OK to exit the Local Area Connection Properties window 13 Click OK when prompted to restart the computer and click OK again 14 When you complete the TCP...

Page 30: ...Internet Connections window Figure 12 Network and Internet Connections window 4 Click Network Connections to display the LAN or High Speed connections You can skip to step 7 5 If a Classic view similar to the screenshot below is displayed double click Network Connections to display LAN or High Speed Internet connections Figure 13 Windows XP Classic View Control Panel 6 Right click the network conn...

Page 31: ... display the Internet Protocol TCP IP Properties window 9 Make sure Obtain an IP address automatically and Obtain DNS server address automatically are selected 10 Click OK to save the TCP IP settings and exit the TCP IP Properties window 11 Click OK to exit the Local Area Connection Properties window 12 When you complete the TCP IP configuration go to Verifying the IP Address in Windows 2000 or Wi...

Page 32: ... and Internet window is displayed 4 Double click Network and Sharing Center and the Network and Sharing Center window is displayed Figure 16 Network and Sharing Center window 5 Click Manage network connections and the LAN or High Speed Internet connections window is displayed Figure 17 LAN or High Speed Internet connections window 2 Getting Started 32 This document is uncontrolled pending incorpor...

Page 33: ...count Control Windows needs your permission to continue click Continue 8 Select Internet ProtocolVersion4 TCP IPv4 and click Properties to display the Internet Protocol Version 4 TCP IPv4 Properties window Figure 19 Internet Protocol Version 4 TCP IPv4 Properties window 9 Make sure Obtain an IP address automatically and Obtain DNS server address automatically are selected 10 Click OK to save the T...

Page 34: ...ENTER to display your IP configuration A display like below indicates a normal configuration Figure 20 IPCONFIG window 1 for Windows 2000 and XP If an Autoconfiguration IP Address is displayed as in the window below there is an incorrect connection between your PC and the digital voice modem or there are cable network problems Figure 21 IPCONFIG window 2 for Windows 2000 and XP Check the following...

Page 35: ...ion Figure 22 IPCONFIG window for Windows Vista If an Autoconfiguration IP Address is displayed there is an incorrect connection between the PC and the SBG901 or there are broadband network problems Renewing Your IP Address To renew your IP address in Windows 2000 Windows XP or Windows Vista 1 On the Windows Desktop click Start 2 Select Run The Run window is displayed 3 Type cmd and click OK 4 Typ...

Page 36: ...aterial Use anchors if necessary for example if you must mount the unit on drywall CAUTION Before drilling holes check the structure for potential damage to water gas or electric lines Make sure the AC power plug is disconnected from the wall outlet and all cables are removed from the back of the SBG901 before starting the installation You can mount the SBG901 horizontally or vertically Do the fol...

Page 37: ...oles to a depth of at least 1 1 2 inches 3 8 cm Use M3 5 x 38 mm 6 x 11 2 inch screws with a flat underside and maximum screw head diameter of 9 0 mm to mount the SBG901 8 Using a screwdriver turn each screw until part of it protrudes from the wall as shown in the following illustration 6 0 mm 24 inches maximum 9 0 mm 35 inches maximum 2 5 mm 10 inches Figure 25 Wall Mounting Screw Dimensions Ther...

Page 38: ...oute the cables so that they are not a safety problem Wall Mounting Template You can print the following page to use as a wall mounting template Be sure you print it at 100 scale In the Print dialogue window be sure that Scale to paper size is set to No scaling in the Print dialog box Measure the printed template with a ruler to ensure that it is the correct size 2 Getting Started 38 This document...

Page 39: ...Figure 26 Wall Mounting Template 2 Getting Started 39 This document is uncontrolled pending incorporation in PDM ...

Page 40: ...mediately when you first configure the SBG901 See Changing the SBG901 Default Password Firewalls are not foolproof Choose the most secure firewall policy you can See the Firewall Pages If you are using a wired LAN only and have no wireless clients be sure you disable the wireless interface See Wireless 802 11b g Basic Page to disable Starting the SBG901 Configuration Manager CMGR The SBG901 Config...

Page 41: ...work connection of the SBG901 RF Downstream Channel which uses lower cable frequencies to transmit data RF Upstream Channel which uses higher cable frequencies to receive data Click the Refresh button in your web browser any time you want to refresh the information on this page If you have any problems starting the SBG901 Configuration Manager CMGR see Troubleshooting for information 3 Basic Confi...

Page 42: ...onfiguration WAN Connection Type DHCP and DDNS The Backup option allows you to save your SBG901 configuration on your PC Advanced Configures and monitors how the SBG901 routes IP traffic Firewall Configures and monitors the SBG901 firewall Parental Control Configures and monitors the SBG901 parental control feature Wireless Configures and monitors SBG901 wireless networking features Logout Exits t...

Page 43: ...ssword field type your new password again this field is case sensitive 5 In the Current Username Password field type your old password 6 Click Apply to save your changes Restore Factory Defaults To reset the user name and password back to the original factory settings 1 Select Yes and then click Apply 2 You must login with the default user name admin and password motorola after applying this chang...

Page 44: ...1 firewall and DMZ for gaming Configuring the Firewall for Gaming By default the SBG901 firewall is enabled If as recommended you keep the firewall enabled refer to the game s documentation to ensure that the necessary ports are open for use by that game The pre defined SBG901 firewall policies affect Xbox LIVE as follows On the Firewall Web Content Filter Page you may need to disable Firewall Pro...

Page 45: ...e one of The use of random ports The forwarding of unsolicited traffic For example to connect a PlayStation 2 for PS2 online gaming designate it as the gaming DMZ host because the ports required vary from game to game For these games Motorola recommends configuring the gaming computer or device as a gaming DMZ device To configure a gaming DMZ device on the Basic DHCP Page 1 Reserve a private IP ad...

Page 46: ...3 Basic Configuration 46 This document is uncontrolled pending incorporation in PDM ...

Page 47: ...ools and allow you to change your SBG901 user name and password You can click any Status submenu option to view or change the status information for that option Status Software Page This page displays information about the hardware version software version MAC address cable modem IP address serial number system up time and network registration status Figure 27 Status Software Page 4 Status Pages 4...

Page 48: ... the Status Connection Page Field Description Startup Procedure Startup status information about the cable modem Downstream Channel Status information about the RF downstream channels including downstream channel frequency and downstream signal power and modulation Upstream Channel Status information about the RF upstream channels including upstream channel ID and upstream signal power and modulat...

Page 49: ... Re Enter New Password field type your new password again this field is case sensitive 4 In the Current Username Password field type your old password 5 Select Yes if you want to reset the user name and password to the original factory settings 6 Click Apply to update the user name password Note You must login with the default user name admin and password motorola after applying the restore factor...

Page 50: ...the Select Utility drop down list 2 Enter the IP address of the computer you want to Ping in the Target field 3 Enter the data packet size in bytes in the Ping Size field 4 Enter the number of ping attempts in the No of Pings field 5 Enter the time between Ping send operations in milliseconds in the Ping Interval field 6 Click StartTest to begin the Ping operation The Ping results will display in ...

Page 51: ...eld 3 Enter the data packet size in bytes in the Data Size field 4 Set the base UDP port number used by Traceroute in the Base Port field The default is 33434 If a UDP port is not available this field can be used to specify an unused port range 5 In the Resolve Host field select On to list the names of hosts found during theTraceroute operation or select Off to list only the hosts IP addresses 6 A...

Page 52: ...ure 32 Status Event Log Page Table 7 Descriptions for the Status Event Log Page Field Description Time Indicates the date and time the error occurred Priority Indicates the level of importance of the error Description A brief definition of the error 4 Status Pages 52 This document is uncontrolled pending incorporation in PDM ...

Page 53: ...lows you to save a copy of your SBG901 configuration on your PC You can click any Basic submenu option to view or change the configuration information for that option Basic Setup Page This page allows you to configure the basic features of your SBG901 gateway related to your ISP connection Figure 33 Basic Setup Page 5 Basic Pages 53 This document is uncontrolled pending incorporation in PDM ...

Page 54: ... IP Address The public WAN IP address of your SBG901 device which is either dynamically or statically assigned by your ISP MAC Address Media Access Control address a set of 12 hexadecimal digits assigned during manufacturing that uniquely identifies the hardware address of the SBG901 Access Point Duration Describes how long before your Internet connection expires The WAN lease will automatically r...

Page 55: ...uitable for most users Spoofed MAC Address If the WAN Connection Type is Static IP enter the information provided by your ISP for Static IP Address Static IP Mask Default Gateway Primary DNS and Secondary DNS When done click Apply to save your changes Basic DHCP Page This page allows you to configure and view the status of the optional internal SBG901 DHCP Dynamic Host Configuration Protocol serve...

Page 56: ...5 Lease Time Sets the time in seconds that the SBG901 DHCP server leases an IP address to a client The default is 3600 seconds 60 minutes DHCP Clients Lists DHCP client device information When done click Apply to save your changes To renew a DHCP client IP address choose Select and then click Force Available Basic DDNS Page This page allows you to set up the Dynamic Domain Name System DDNS service...

Page 57: ...your current SBG901 configuration settings locally on your computer or restore previously saved configurations Figure 36 Basic Backup Page Table 11 Field Descriptions for the Basic Backup Page Field Description Restore Lets you restore a previously saved configuration Backup Lets you create a backup copy of the current configuration Restoring Your SBG901 Configuration 1 Type the path with the file...

Page 58: ...path with the file name where you want to store your backup file on your computer or click Browse to locate the file 2 Click Backup to create a backup of your SBG901 settings 5 Basic Pages 58 This document is uncontrolled pending incorporation in PDM ...

Page 59: ...ost and Routing Information Protocol Setup You can click any Advanced submenu option to view or change the advanced configuration information for that option Advanced Options Page This page allows you to set the operating modes for adjusting how the SBG901 device routes IP traffic Figure 37 Advance Options Page 6 Advanced Pages 59 This document is uncontrolled pending incorporation in PDM ...

Page 60: ...ration Management Allows remote access to the SBG901 Configuration Manager This enables you to configure the SBG901 WAN by accessing the WAN IP address at Port 8080 of the configuration manager from anywhere on the Internet For example in the browser URL window type http WanIPAddress 8080 to access the SBG901 Configuration Manager remotely Checkmark Enable to turn on this option or uncheck to disa...

Page 61: ...ure 38 Advanced IP Filtering Page Table 13 Field Descriptions for the Advanced IP Filtering Page Field Description Start Address Enter the starting IP address range of the computers for which you want to deny access to the SBG901 WAN Be sure to only enter the least significant byte of the IP address End Address Enter the ending IP address range of the computers you want to deny access to the SBG90...

Page 62: ...ned via the DHCP server or hard coded to various addresses over time Figure 39 Advanced MAC Filtering Page Table 14 Field Descriptions for the Advanced MAC Filtering Page Field Description MAC xx Media Access Control address a unique set of 12 hexadecimal digits assigned to a PC during manufacturing Setting a MAC Address Filter 1 Enter the MAC address in the MAC xx field for each PC you want to bl...

Page 63: ...s specific For example if you wanted to block all PCs on the private LAN from accessing HTTP sites or web surfing you would set the Start Port to 80 End Port to 80 Protocol to TCP checkmark Enabled and then click Apply Figure 40 Advanced Port Filtering Page Table 15 Field Descriptions for the Advanced Port Filtering Page Field Description Start Port Enter the starting port number End Port Enter th...

Page 64: ... table of commonly used Port numbers is also displayed on the page for your convenience To map a port you must enter the range of port numbers that should be forwarded locally and the IP address to which traffic to those ports should be sent If only a single port specification is desired enter the same port number in the start and end locations for that IP address The ports used by some common app...

Page 65: ... for incoming sometimes referred to as bi directional ports data If no outgoing traffic is detected on the Trigger Range ports for 10 minutes the Target Range ports will close This is a safer method for opening specific ports for special applications e g video conferencing programs interactive gaming file transfer in chat programs etc because they are dynamically triggered and not held open consta...

Page 66: ...mputer or small sub network that sits between the trusted internal private LAN and the untrusted public Internet Figure 43 Advanced DMZ Host Page You may configure one PC to be the DMZ host This setting is generally used for PCs using problem applications that use random port numbers and do not function correctly with specific port triggers or the port forwarding setups mentioned earlier If a spec...

Page 67: ...es RIP is a protocol that requires negotiation from both sides of the network i e CMRG and CMTS The ISP would normally set this up to match their CMTS settings with the configuration in the CMRG Note RIP messaging will only be sent upstream when running in Static IP Addressing mode on the Basic Setup page You must enable Static IP Addressing and then set the WAN IP network information RIP is norma...

Page 68: ...ey Used to encrypt the plain text password that is enclosed in each RIP packet If you are using the shared key authentication in RIP you will need to provide a key RIP Authentication Key ID An unsigned 8 bit field in the RIP packet This field identifies the key used to create the authentication data for the RIP packet and it also indicates the authentication algorithm RIP Reporting Interval Determ...

Page 69: ...01 firewall to allow inbound packets without first establishing an outbound session You also need to configure a port forwarding entry on the Advanced Port Forwarding Page or a DMZ client on the Advanced DMZ Host Page Firewall Web Content Filter Page This page allows you to configure the firewall by enabling or disabling various Web filters related to blocking or exclusively allowing different typ...

Page 70: ... and then click Apply The Web filters will activate without having to reboot the SBG901 Configuration Manager Note At least one Web filter or feature must be enabled for the firewall to be active Make sure the firewall is not disabled 7 Firewall Pages 70 This document is uncontrolled pending incorporation in PDM ...

Page 71: ...e 46 Firewall Local Log Page Table 18 Field Descriptions for the Firewall Local Log Page Field Description Contact Email Address Your email address SMTP Server Name Name of the e mail Simple Mail Transfer Protocol server The firewall page needs your email server name to send a firewall log to your email address You can obtain the SMTP server name from your Internet service provider E mail Alerts E...

Page 72: ...ly the IP address of this SysLog server would be hard coded so that the address does not change and always agrees with the entry on this page Figure 47 Firewall Remote Log Page Table 19 Field Description for the Firewall Remote Log Page Field Description Permitted Connections Check for the server to e mail you logs of who is connecting to your network Blocked Connections Check for the server to e ...

Page 73: ... filters that you define You can use the Trusted User checkbox as a simple override to grant a user full access while storing all of the filtering settings for easy availability You can also enable Internet session duration timers which set a limited amount of time for Internet access from the rules you select The user must enter their password only the first time to access the Internet It is not ...

Page 74: ...o log onto the Internet Re Enter Password Enter the password again for confirmation Trusted User The selected user will have full access to Internet content thus overriding any set filters Checkmark Enable to override set filters without having to turn off filter settings Content Rule Used to specify which websites a selected user is allowed to access Check White List Access Only and choose a user...

Page 75: ... CPE MAC address so that CPE can access the Internet without being censored by the Parental Control When done entering the MAC address click Add When done click Apply to activate and save any changes you made Parental Control Basic Setup Page This page allows you to set rules to block certain kinds of Internet content and certain Web sites Figure 49 Parental Control Basic Setup Page After you have...

Page 76: ...lter for Internet access can be enabled or disabled at any time The time filters for limited Internet access are applied for each user in the Time Access Rule field on the Parental Control User Setup Page Figure 50 Parental Control ToD Access Policy Page Once each category change has been made the user must click Apply at the bottom of the page to store and activate the settings These same categor...

Page 77: ...he following items on Internet traffic If the user s Internet access is blocked time filter If a blocked keyword is detected in the URL If a blocked domain is detected in the URL If the online lookup service detects that the URL falls under a blocked category Figure 51 Parental Control Event Log Page 8 Parental Control Pages 77 This document is uncontrolled pending incorporation in PDM ...

Page 78: ...8 Parental Control Pages 78 This document is uncontrolled pending incorporation in PDM ...

Page 79: ...ng on the SBG901 Table 21 Enabling Wireless Security on Your LAN To Perform Use in SBG901 Configuration Mgr Encrypt wireless transmissions and restrict WLAN access Encrypting Wireless LAN Transmissions Wireless 802 11b g Privacy Page Further prevent unauthorized WLAN intrusions Restricting Wireless LAN Access Wireless 802 11b g Access Control Page CAUTION Never provide your SSID WPA or WEP passphr...

Page 80: ...nd small office settings typically use a local passphrase Otherwise configure WEP on the SBG901 You must configure the identical WEP key to the SBG901 on each wireless client If all of your wireless clients support WPA encryption Motorola recommends using WPA instead of WEP because WPA Provides much stronger encryption and is more secure Provides authentication to ensure that only authorized users...

Page 81: ...automating the configuring new wireless networks processes and adding devices to existing networks SecureEasySetup establishes a private connection between the devices and automatically configures the network s Service Set Identifier SSID and WPA Personal security settings It configures a new network only on each new device that is authorized to join the network Figure 52 Wireless 802 11b g Basic ...

Page 82: ... must be the same as the one selected on the SBG901 Interface Allows the access point to be Enabled or Disabled Create SES Network This action button generates a new SecureEasySetup network applies the configuration to the wireless interface and stores the settings to non volatile memory It enables WPA PSK authentication and generates a unique Network Name SSID and random 16 character Pre Shared K...

Page 83: ... 802 11b g Privacy Page This page allows you to configure the WEP keys and or passphrase Figure 53 Wireless 802 11b g Privacy Page 9 Wireless Pages 83 This document is uncontrolled pending incorporation in PDM ...

Page 84: ... or a 64 digit hex number Enabled when the Network Authentication method is WPA PSK RADIUS Server Sets the RADIUS server IP address to use for client authentication using the dotted decimal format xxx xxx xxx xxx RADIUS Port Sets the UDP port number of the RADIUS server The default is 1812 RADIUS Key Sets the shared secret for the RADIUS connection The key is a 0 to 255 character ASCII string Grou...

Page 85: ...hentication is a much stronger type of authentication than WEP Network Key 1 4 Sets the static WEP keys when WEP encryption is enabled Enter 5 ASCII characters or 10 hexadecimal digits for a 64 bit key Enter 13 ASCII characters or 26 hexadecimal digits for a 128 bit key When both WPA encryption and WEP encryption are enabled only keys 2 and 3 are available for WEP encryption Current Network Key Se...

Page 86: ...f wireless client MAC addresses to allow or deny based on the Restrict Mode setting Valid input MAC address formats are XX XX XX XX XX XX and XX XX XX XX XX XX Connected Clients A list of connected wireless clients When a client connects associates to the network it is added to the list when a client leaves disassociates from the network it is removed from the list For each client the age in secon...

Page 87: ... clients but optimizes performance based on the type of connected clients 54g Performance accepts only 54g clients and provides the highest performance throughout nearby 802 11b networks may have degraded performance 54g LRS interoperates with the widest variety of 54g 802 11g and 802 11b clients 80211b accepts only 802 11b clients Basic Rate Set Determines which rates are advertised as basic rate...

Page 88: ...ed Auto will provide the best performance in nearly all situations Output Power Sets the output power as a percentage of the hardware s maximum capability Beacon Interval Sets the beacon interval for the AP The default is 100 which is fine for nearly all applications DTIM Interval Sets the wakeup interval for clients in power save mode When a client is running in power save mode lower SBG901N 2 1 ...

Page 89: ...ield Description Wireless Bridging Enables or disables wireless bridging Remote Bridges Table of remote bridge MAC addresses authorized to establish a wireless bridge Up to four remote bridges may be connected Typically you will also have to enter your AP s MAC address on the remote bridge 9 Wireless Pages 89 This document is uncontrolled pending incorporation in PDM ...

Page 90: ...f If enabled Auto or On the WME Information Element is included in beacon frame No Acknowledgement Sets No Acknowledgement support to On or Off When enabled acknowledgments for data are not transmitted Power Save Support Sets Power Save support to On or Off When Power Save is enabled the AP queues packets for STAs that are in power save mode Queued packets are transmitted when the STA notifies AP ...

Page 91: ...t There are also two AP specific settings Admission Control and Discard Oldest First Admission control specifies if admission control is enforced for the Access Categories Discard Oldest First specifies the discard policy for the queues On discards the oldest first Off discards the newest first EDCA STA Parameters Specifies the transmit parameters for traffic transmitted from the STA to the AP in ...

Page 92: ...ess interface This network is isolated from the LAN Any clients that associate with the guest network SSID will be isolated from the private LAN and can only communicate with WAN hosts Figure 58 Wireless 802 11b g Guest Network Page 9 Wireless Pages 92 This document is uncontrolled pending incorporation in PDM ...

Page 93: ...a list This feature makes it slightly more difficult for the user to gain access DHCP Server Enables the DHCP server to give out leases to guest network clients from the specified lease pool If the DHCP server is disabled guest network STAs need to be assigned static IP addresses IP Address Specifies the gateway IP relayed to guest clients in DHCP lease offers Subnet Mask Specifies the subnet mask...

Page 94: ... Performed On Each Client You Need to Perform Configuring WPA on the SBG901 Configuring a Wireless Client for WPA or WPA2 Configuring WEP on the SBG901 Configuring a Wireless Client for WEP Configuring the Wireless Network Name on the SBG901 Configuring a Wireless Client with the Network Name SSID Configuring a MAC Access Control List on the SBG901 No configuration on client required Configuring a...

Page 95: ...de the WEP key to anyone who is not authorized to use your WLAN Configuring a Wireless Client with the Network Name SSID After you specify the network name on the Wireless Basic Page many wireless cards or adapters automatically scan for an access point such as the SBG901 and the proper channel and data rate If your card requires you to manually start scanning for an access point do so following t...

Page 96: ...9 Wireless Pages 96 This document is uncontrolled pending incorporation in PDM ...

Page 97: ...ial cable at the SBG901 and wall outlet Hand tighten if necessary Check the IP address Follow the steps for verifying the IP address for your system described in Configuring TCP IP Call your service provider if you need an IP address Check that the Ethernet cable is properly connected to the SBG901 and the computer A wireless client s cannot send or receive data Perform the first four checks in Ca...

Page 98: ... the Wireless Security Page check whether the WPA Encryption type is TKIP If all of your wireless clients support AES change the WPA Encryption to AES Front Panel LEDs and Error Conditions The SBG901 front panel LEDs provide status information for the following error conditions Table 32 Front Panel LEDs and Error Conditions LED Status If During Startup If During Normal Operation POWER OFF The SBG9...

Page 99: ...ut customer service technical support or warranty claims see the Motorola SBG901 Regulatory Safety Software License and Warranty Information card provided with the SBG901 wireless gateway For answers to typical questions see Frequently Asked Questions 11 Contact Us 99 This document is uncontrolled pending incorporation in PDM ...

Page 100: ...11 Contact Us 100 This document is uncontrolled pending incorporation in PDM ...

Page 101: ...rth America 105 to 125 VAC 60 Hz 90 to 264 VAC 45 to 65 Hz ENVIRONMENT Operating Temperature Storage Temperature Operating Humidity 0 C to 40 C 32 F to 104 F 30 C to 70 C 22 F to 158 F 0 to 95 R H non condensing DOWNSTREAM Modulation Maximum Data Rate Bandwidth Symbol Rates Operating Level Range Frequency Range Input Impedance 64 or 256 QAM 38 Mbps 256 QAM at 5 361 Msym s 6 MHz 64 QAM at 5 069 Msy...

Page 102: ...mV QPSK 8 to 53 dBmV all modulations 75 Ω nominal 5 to 42 MHz edge to edge 5 65 for Euro DOCSIS Actual data throughput will be less due to physical layer overhead error correction coding burst preamble and guard interval With A TDMA or S CDMA enabled Cable Modem Termination System CMTS NETWORK Gateway Wireless LAN Power Management 802 11 i Security Mobile Pairing Regulatory Domains Transmit Power ...

Page 103: ...tain features may not be activated by your service provider and or their network settings may limit the feature s functionality Additionally certain features may require a subscription Contact your service provider for details All features functionality and other product specifications are subject to change without notice or obligation Battery back up times may vary based on many factors including...

Page 104: ...A Specifications 104 This document is uncontrolled pending incorporation in PDM ...

Page 105: ...ze of electrical conductors gauge numbers are inverse to Gauge AWG size ANX Automotive Network Exchange ARP Address Resolution Protocol broadcasts a datagram to obtain a response containing a MAC address corresponding to the host IP address When it is first connected to the network a client sends an ARP message The SBG901 responds with a message containing its MAC address Subsequently data sent by...

Page 106: ...e that encrypts data between the CMTS and the cable modem or gateway Protection of service is provided by ensuring that a cable modem or gateway uniquely identified by its MAC address can only obtain keys for services it is authorized to access Baud The analog signaling rate For complex modulation modes the digital bit rate is encoded in multiple bits per baud For example 64 QAM encodes 6 bits per...

Page 107: ...t C CableHome A project of CableLabs and technology suppliers to develop interface specifications for extending high quality cable based services to home network devices It addresses issues such as device interoperability QoS and network management CableHome will enable cable service providers to offer more services over HFC It will improve consumer convenience by providing cable delivered service...

Page 108: ... has high bandwidth and can support transmission over long distances CoS Class of service traffic management or scheduling functions are performed when transferring data upstream or downstream on HFC CPE Customer premise equipment typically computers printers etc are connected to the cable modem or gateway at the subscriber s location CPE can be provided by the subscriber or the Internet Service p...

Page 109: ...from the geographic buffers located between some conflicting countries such as North and South Korea In a typical small DMZ configuration the DMZ host receives requests from private LAN users to access external web sites and initiates sessions for these requests The DMZ host cannot initiate a session back to the private LAN Internet users outside the private LAN can access only the DMZ host You ca...

Page 110: ...or gateway downloads its configuration file from a TFTP server during start up downstream In a cable data network the direction of data received by the computer from the Internet driver Software that enables a computer to interact with a network or other device For example there are drivers for printers monitors graphics adapters modems Ethernet USB HPNA and many others DSSS Direct Sequence Spread...

Page 111: ...or correction is a technique to correct transmission errors without requiring the transmitter to resend any data FMDA Frequency Division Multiple Access is a method to allow multiple users to share a specific radio spectrum Each active user is assigned an individual RF channel or carrier with the carrier frequency of each channel offset from its adjacent channels by an amount equal to the channel ...

Page 112: ...device at a time can transmit data See also full duplex headend A location that receives TV programming radio programming and data that it modulates onto the HFC network It also sends return data Headend equipment includes transmitters preamplifiers frequency terminals demodulators modulators and other devices that amplify filter and convert incoming broadcast TV signals to wireless and cable chan...

Page 113: ...unit on a rack or desktop On an HFC network a hub is a scaled down headend that performs some or all headend functions for part of the system Hz Hertz one cycle per second The unit to measure the frequency that an alternating electromagnetic signal cycles through its highest and lowest states Used to define the bands of the electromagnetic spectrum used in voice and data communications or to defin...

Page 114: ...g on and lightning or switching equipment that bleed over to the cable ingress noise Noise typically caused by discrete frequencies picked up by the cable plant from radio broadcasts or an improperly grounded or shielded home appliance such as a hair dryer Ingress is the major source of cable system noise Internet A worldwide collection of interconnected networks using TCP IP Internetwork A collec...

Page 115: ...rvice Provider K kHz kilohertz one thousand cycles per second L L2F Layer 2 Forwarding is an OSI layer 2 protocol that establishes a secure tunnel across the Internet to create a virtual PPP connection between the user and the enterprise network L2F is the most established and stable layer 2 tunneling protocol LAC An L2TP access concentrator is a device to which the client directly connects PPP fr...

Page 116: ...at loops the transmit signal to the receive signal Usually the loopback test is initiated on a network device The test is used to verify a path or to measure the quality of a signal on that path M MAC address The Media Access Control address is a unique 48 bit value permanently saved in ROM at the factory to identify each Ethernet network device It is expressed as a sequence of 12 hexadecimal digi...

Page 117: ...dress Translation is an Internet standard for a LAN to use one set of IP addresses for internal traffic and a second set of IP addresses for external traffic NAPT Network Address Port Translation is the most common form of address translation between public and private IP addresses NAPT maps one public IP address to many private IP addresses If NAPT is enabled on the Basic Setup Page one public IP...

Page 118: ...pen Systems Interconnection reference model is an illustrative model describing how data moves through a network from an application on the source host to an application on the destination host It is a conceptual framework developed by ISO that is now the primary model for intercomputer communications OSI is a model only it does not define a specific networking interface P packet The unit of data ...

Page 119: ... request inform request and trap periodic ranging Ranging that is performed on an on going basis after initial ranging has taken place physical layer Layer 1 in the OSI architecture It provides services to transmit bits or groups of bits over a transmission link between open systems It entails the electrical mechanical and handshaking procedures piggybacking A process that occurs when a cable mode...

Page 120: ...y the DHCP server on the SBG901 for an address specified lease time Private IP addresses are used by the SBG901 LAN only they are invisible to devices on the Internet See also public IP address protocol A formal set of rules and conventions for exchanging data Different computer types for example PC UNIX or mainframe can communicate if they support common protocols provisioning The process of auto...

Page 121: ...reater is preferred RF Radio Frequency signals used by the CMTS transmitter and receiver to send data over HFC The carrier is modulated to encode the digital data stream for transmission across the cable network RJ 11 The most common type of connector for household or office phones RJ 45 An 8 pin modular connector the most common connector type for 10Base T or 100Base T Ethernet networks ROM read ...

Page 122: ...d medium enterprise SMTP Simple Mail Transfer Protocol is a standard Internet protocol for transferring e mail SNMP Simple Network Management Protocol is a standard to monitor and manage networks and network devices Data is exchanged using PDU messages SOHO small office home office spectrum A specified range of frequencies used for transmission of electromagnetic signals spectrum allocation An all...

Page 123: ...the packet header based on administrator defined rules only static IP address An IP address that is permanently assigned to a host Normally a static IP address must be assigned manually The opposite of dynamic IP address static route A manually defined route station IEEE 802 11b term for wireless client subscriber A home or office user who accesses television data or other services from an Interne...

Page 124: ...ing IP network layer three It is an end to end protocol defining rules and procedures for data exchange between hosts on top of connectionless IP TCP uses a timer to track outstanding packets checks error in incoming packets and retransmits packets if requested TCP IP Transmission Control Protocol Internet Protocol suite It provides standards and rules for data communication between networks on th...

Page 125: ...r a large geographic area such as a country or the whole world The bandwidth depends on need and cost but is usually much lower than for a LAN WAP Wireless access point or Wireless Access Protocol See also access point WECA The Wireless Ethernet Compatibility Alliance is a trade organization that works to ensure that all wireless devices computer cards laptops air routers PDAs etc can communicate ...

Page 126: ...b An interface to the Internet that you use to navigate and hyperlink to information WPA Wi Fi Protected Access WPA encryption as described on the Wi Fi Alliance web page http www wifialliance org It is a far more robust form of encryption than WEP Motorola recommends using WPA if all of your client hardware supports WPA ...

Page 127: ...s of such Software The Software is never sold Motorola licenses the Software to the original customer and to any subsequent licensee for personal use only on the terms of this License Motorola and its 3rd party licensors retain the ownership of the Software You may USE the Software only in connection with the operation of the Product TRANSFER the Software including all component parts and printed ...

Page 128: ...ovisions Except as otherwise expressly provided in this License the copying reproduction distribution or preparation of derivative works of the Software any portion of the Product or the documentation is strictly prohibited by such laws and treaty provisions Nothing in this License constitutes a waiver of Motorola s rights under United States copyright law This License and your rights regarding an...

Page 129: ...C Software License 129 This document is uncontrolled pending incorporation in PDM FOR PRODUCTION USE ONLY DO NOT TYPE OR DELETE PAST THIS SYMBOL 0 ...

Page 130: ... U S A http www motorola com MOTOROLA and the Stylized M logo are registered in the US Patent and Trademark Office All other product or service names are the property of their respective owners 2008 Motorola Inc All rights reserved 558660 001 a 11 2008 ...

Reviews:

No comments

Related manuals for SURFboard SBG901

Ubisys G1 Assembly And Commissioning Instructions preview
G1
Brand: Ubisys Pages: 51
Moxa Technologies MGate MB3480 Quick Installation Manual preview
MGate MB3480
Brand: Moxa Technologies Pages: 6
Nitgen NAC-5000 User Manual preview
NAC-5000
Brand: Nitgen Pages: 66
David Clark U9922-G38 User Manual preview
U9922-G38
Brand: David Clark Pages: 11
NetComm HS1100 User Manual preview
HS1100
Brand: NetComm Pages: 212
Actility ThingPark Partner Installation Manual preview
ThingPark Partner
Brand: Actility Pages: 4
Siemens CXG3.X200 Manual preview
CXG3.X200
Brand: Siemens Pages: 12
Sharp DN3E6JE074 User Manual preview
DN3E6JE074
Brand: Sharp Pages: 16
Kiloview RMG-300 Quick Start Manual preview
RMG-300
Brand: Kiloview Pages: 11
San Telequip SC10MK2 User Manual preview
SC10MK2
Brand: San Telequip Pages: 20
Paradyne 1810 User Manual preview
1810
Brand: Paradyne Pages: 31
Paradyne 1823 User Manual preview
1823
Brand: Paradyne Pages: 49
Paradyne 1862 User Manual preview
1862
Brand: Paradyne Pages: 78
Technicolor CGA4234 Instruction Manual preview
CGA4234
Brand: Technicolor Pages: 12
PR Elecronics 4801 Installation And Connection Manual preview
4801
Brand: PR Elecronics Pages: 24
Peripheral Electronics iSimple PGHNI2 Owner'S Manual preview
iSimple PGHNI2
Brand: Peripheral Electronics Pages: 34
TECOM GW5051 User Manual preview
GW5051
Brand: TECOM Pages: 49
ViewSonic WPG-360 Specification Sheet preview
WPG-360
Brand: ViewSonic Pages: 1

Brands by name

Popular brands

Load more brands