manualshive.com logo in svg

Pepwave BR1 ENT, User Manual

Introducing the Pepwave BR1 ENT, a powerful networking device that ensures seamless connectivity. Maximize your experience with this advanced technology by downloading the user manual for free from our website, providing comprehensive instructions and insights. Stay connected effortlessly with the Pepwave BR1 ENT and unleash its full potential today.

Share
Download
background image

 

IPsec VPN Settings

 

Name

 

This field is for specifying a local name to represent this connection profile. 

 

Active

 

When this box is checked, this IPsec VPN connection profile will be enabled. Otherwise, it 
will be disabled.

 

Connect Upon 
Disconnection 

of

 

Check this box and select a WAN to connect to this VPN automatically when the specified 
WAN is disconnected.

 

Remote 

Gateway IP 

Address / 

Host Name

 

Enter the remote peer’s public IP address. For 

Aggressive Mode

, this is optional.

 

Local 

Networks

 

Enter the local LAN subnets here. If you have defined static routes, they will be shown 
here.

 

 

Using NAT, you can map a specific local network / IP address to another, and the packets 
received by remote gateway will appear to be coming from the mapped network / IP 
address. This allow you to establish IPsec connection to a remote site that has one or 
more subnets overlapped with local site.

 

 

Two types of NAT policies can be defined:

 

 

One-to-One NAT policy: if the defined subnet in Local Network and NAT Network has the 
same size, for example, policy "192.168.50.0/24 > 172.16.1.0/24" will translate the local 
IP address 192.168.50.10 to 172.16.1.10 and 192.168.50.20 to 172.16.1.20. This is a 
bidirectional mapping which means clients in remote site can initiate connection to the 
local clients using the mapped address too.

 

 

Many-to-One NAT policy: if the defined NAT Network on the right hand side is an IP 
address (or having a network prefix /32), for example, policy "192.168.1.0/24 > 
172.168.50.1/32" will translate all clients in 192.168.1.0/24 network to 172.168.50.1. This 
is a unidirectional mapping which means clients in remote site will not be able to initiate 
connection to the local clients.

 

Remote 

Networks 

 

Enter the LAN and subnets that are located at the remote site here.

 

Authenticatio

n

 

To access your VPN, clients will need to authenticate by your choice of methods. Choose 
between the 

Preshared Key

 and 

X.509 Certificate

 methods of authentication. 

 

Mode

 

Choose 

Main Mode

 if both IPsec peers use static IP addresses. Choose 

Aggressive 

Mode

 if one of the IPsec peers uses dynamic IP addresses.

 

Force UDP 

Encapsulation

 

For forced UDP encapsulation regardless of NAT-traversal, tick this checkbox.

 

 

http://www.peplink.com 

103 

  Copyright @ 2017 Pepwave 

 

Summary of Contents for BR1 ENT

Page 1: ...o MAX HD2 HD4 with MediaFast Pepwave Firmware 7 January 2017 Copyright Trademarks Specifications are subject to change without notice Copyright 2017 Pepwave Ltd All Rights Reserved Pepwave and the Pepwave logo are trademarks of Pepwave Ltd Other brands or products mentioned may be trademarks or registered trademarks of their respective owners ...

Page 2: ...tal 12 Outbound Policy 12 AP Controller 12 QoS 12 Other Supported Features 13 Pepwave MAX Mobile Router Overview 14 MAX 700 14 MAX HD2 16 MAX HD2 IP67 18 MAX HD2 mini 19 MAX Transit 20 MAX HD4 22 MAX BR1 23 MAX BR1 Slim 25 MAX BR1 Pro LTE 27 MAX Hotspot 29 BR1 Mini 30 MAX BR1 2 IP55 31 MAX On The Go 32 http www peplink com 2 Copyright 2017 Pepwave ...

Page 3: ...on 39 Constructing the Network 40 Configuring the Network Environment 41 Mounting the Unit 41 Wall Mount 41 Car Mount 41 IP67 Installation Guide 41 Connecting to the Web Admin Interface 42 Configuring the LAN Interface s 43 Basic Settings 43 Port Settings 54 Captive Portal 54 Configuring the WAN Interface s 57 Ethernet WAN 58 DHCP Connection 63 Static IP Connection 64 PPPoE Connection 65 L2TP Conn...

Page 4: ...pwave Router Behind a NAT Router 102 SpeedFusionTM Status 103 IPsec VPN 103 IPsec VPN Settings 103 Outbound Policy Management 108 Outbound Policy 108 Custom Rules for Outbound Policy 110 Algorithm Weighted Balance 113 Algorithm Persistence 115 Algorithm Enforced 116 Algorithm Priority 116 Algorithm Overflow 117 Algorithm Least Used 117 Algorithm Lowest Latency 118 Expert Mode 118 Inbound Access 11...

Page 5: ...all Rules to PepVpn Traffic 130 Intrusion Detection and DoS Prevention 131 Content Blocking 132 Application Blocking 132 Web Blocking 132 Customized Domains 133 Exempted User Groups 133 Exempted Subnets 133 URL Logging 133 OSPF RIPv2 134 Remote User Access 136 Miscellaneous Settings 138 High Availability 138 PPTP Server 142 Certificate Manager 144 Service Forwarding 144 SMTP Forwarding 145 Web Pro...

Page 6: ...60 Info 160 Access Point Usage 161 Wireless SSID 164 Wireless Client 165 Nearby Device 166 Event Log 167 Toolbox 168 System Settings 169 Admin Security 169 Firmware 173 Time 174 Schedule 174 Email Notification 176 Event Log 177 SNMP 178 InControl 181 Configuration 182 Feature Add ons 184 Reboot 184 Tools 184 Ping 184 http www peplink com 6 Copyright 2017 Pepwave ...

Page 7: ...t 187 Status 187 Device 189 GPS Data 190 Active Sessions 190 Client List 192 WINS Client 193 UPnP NAT PMP 193 SpeedFusion Status 194 Event Log 198 Bandwidth Status 199 Real Time 199 Hourly 200 Daily 200 Monthly 202 Appendix B Declaration 206 http www peplink com 7 Copyright 2017 Pepwave ...

Page 8: ...f products suitable for many different deployments and markets Entry level SD WAN models such as the MAX BR1 are suitable for SMEs or branch offices High capacity SD WAN routers such as the MAX HD2 are suitable for larger organizations and head offices This manual covers setting up Pepwave routers and provides an introduction to their features and usage Tips Want to know more about Pepwave routers...

Page 9: ...Data Optimized FQDN Fully Qualified Domain Name HSDPA High Speed Downlink Packet Access HTTP Hyper Text Transfer Protocol ICMP Internet Control Message Protocol IP Internet Protocol LAN Local Area Network MAC Address Media Access Control Address MTU Maximum Transmission Unit MSS Maximum Segment Size NAT Network Address Translation PPPoE Point to Point Protocol over Ethernet QoS Quality of Service ...

Page 10: ...ireless routers are embedded with multiple 4G LTE modems and allow simultaneous wireless Internet connections through multiple wireless networks The wireless Internet connections can be bonded together using our SpeedFusion technology This allows better reliability larger bandwidth and increased wireless coverage are comparing to use only one 4G LTE modem Below is a list of supported features on P...

Page 11: ...HCP option support Static routing rules VLAN on LAN support 3 1 3 VPN PepVPN with SpeedFusion TM PepVPN performance analyzer X 509 certificate support VPN load balancing and failover among selected WAN connections Bandwidth bonding and failover among selected WAN connections IPsec VPN for network to network connections works with Cisco and Juniper only Ability to route Internet traffic to a remote...

Page 12: ...n per TCP UDP service Persistent routing for specified source and or destination IP addresses per TCP UDP service Traffic prioritization and DSL optimization Prioritize and route traffic to VPN tunnels with Priority and Enforced algorithms 3 1 7 AP Controller Configure and manage Pepwave AP devices Review the status of connected APs 3 1 8 QoS Quality of service for different applications and custo...

Page 13: ...s Time server synchronization SNMP Email notification Read only user for web admin Shared IP drop in mode Authentication and accounting by RADIUS server for web admin Built in WINS servers Syslog SIP passthrough PPTP packet passthrough Event log Active sessions Client list WINS client list UPnP NAT PMP Real time hourly daily and monthly bandwidth usage reports and charts IPv6 support Support USB t...

Page 14: ...Panel Appearance 4 1 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready http www peplink com 14 Copyright 2017 Pepwave ...

Page 15: ... Fi AP OFF Disabled Blinking slowly Enabled but no client connected Blinking Connected to network with traffic ON Client s connected to wireless network LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports http www peplink com 15 Copyright 2017 Pepwave ...

Page 16: ...4 2 MAX HD2 4 2 1 Panel Appearance 4 2 2 LED Indicators The statuses indicated by the front panel LEDs are as follows http www peplink com 16 Copyright 2017 Pepwave ...

Page 17: ...mittent Blinking slowly Connecting to wireless network s Blinking C onnected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports http www peplink com 17 Copyright 2017 Pepwave ...

Page 18: ...Appearance The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready http www peplink com 18 Copyright 2017 Pepwave ...

Page 19: ...el LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Cellular WAN Indicators Cellular 1 Cellular 2 OFF Disabled intermittent Blinking slowly Connecting to wireless network s http www peplink com 19 Copyright 2017 Pepwave ...

Page 20: ...ing Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports 4 5 MAX Transit 4 5 1 Panel Appearance 4 5 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error http www peplink com 20 Copyright 2017 Pepwave ...

Page 21: ... onnected to wireless network s with traffic ON Connected to wireless network s without traffic For MAX TST_DUO LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports http www peplink com 21 Copyright 2017 Pepwave ...

Page 22: ...lizing Red Booting up or busy Blinking red Boot up error Green Ready Wi Fi AP and Wi Fi WAN Indicators Wi Fi WAN Cellular 1 Cellular 2 OFF Disabled Intermittent Blinking slowly Connecting to wireless network s Blinking C onnected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports http www peplink com 22 Copyright 2017 Pepwave ...

Page 23: ...nsferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports 4 7 MAX BR1 4 7 1 Panel Appearance 4 7 2 LED Indicators The statuses indicated by the front panel LEDs are as follows http www peplink com 23 Copyright 2017 Pepwave ...

Page 24: ... wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports http www pepli...

Page 25: ...d Booting up or busy Blinking red Boot up error Green Ready Wi Fi Indicators Wi Fi OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking C onnected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted http www peplink com 25 Copyright 2017 Pepwave ...

Page 26: ...ransferring OFF Port is not connected Port Type Auto MDI MDI X ports 4 9 MAX BR1 ENT 4 9 1 Panel Appearance 4 9 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Cellular Indicators http www peplink com 26 Copyright 2017 Pepwave ...

Page 27: ...ted without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports 4 10 MAX BR1 Pro LTE 4 10 1 Panel Appearence 4 10 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking Boot up error http www peplink com 27 Copyright 2017 Pepwave ...

Page 28: ... ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports http www peplink com 28 Copyright 2017 Pepwave ...

Page 29: ... LED Indicators LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports http www peplink com 29 Copyright 2017 Pepwave ...

Page 30: ...4 12 BR1 Mini 4 12 1 Panel Appearance 4 12 2 LED Indicators Status Indicators Status OFF System initializing Red Booting up or busy Blinking Boot up error http www peplink com 30 Copyright 2017 Pepwave ...

Page 31: ...ected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports 4 13 MAX BR1 2 IP55 4 13 1 Panel Appearance http www peplink com 31 Copyright 2017 Pepwave ...

Page 32: ...linking C onnected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X...

Page 33: ... Green Modem is attached to the port Wi Fi Indicators Wi Fi OFF Disconnected from AP Green Connected to AP Status Indicators Status OFF System initializing Red Booting up or busy Green Ready LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic http www peplink com 33 Copyright 2017 Pepwave ...

Page 34: ...would require effort better spent elsewhere In Drop in Mode you can conveniently install your Peplink router without making any changes to your network And if the Peplink router loses power for any reason LAN Bypass will safely and automatically bypass the Peplink router to resume your original network connection Compatible with MAX 700 MAX HD2 All variants HD4 All Variants http www peplink com 34...

Page 35: ... VoIP and videoconferencing are highly sensitive to latency With QoS Peplink routers can detect VoIP traffic and assign it the highest priority giving you crystal clear calls http www peplink com 35 Copyright 2017 Pepwave ...

Page 36: ...u can define bandwidth control policies for up to 3 groups of users to prevent network congestion Define groups by IP address and subnet and set bandwidth limits for every user in the group 5 4 High Availability via VRRP http www peplink com 36 Copyright 2017 Pepwave ...

Page 37: ...will take over when needed Compatible with MAX 700 MAX HD2 All variants HD4 All Variants 5 5 USB Modem and Android Tethering For increased WAN diversity plug in a USB LTE modem as backup Peplink routers are compatible with over 200 modem types You can also tether to smartphones running Android 4 1 X and above Compatible with MAX 700 HD2 all variants except IP67 HD4 All variants http www peplink co...

Page 38: ...y and conveniently connect remote clients to your private network L2TP with IPsec is supported by most devices but legacy devices can also connect using PPTP Click here for full instructions on setting up L2TP with IPsec http www peplink com 38 Copyright 2017 Pepwave ...

Page 39: ...ng Pepwave routers to your network 6 1 Preparation Before installing your Pepwave router please prepare the following as appropriate for your installation At least one Internet WAN access account and or Wi Fi access information Depending on network connection type s one or more of the following Ethernet WAN A 10 100 1000BaseT UTP cable with RJ45 connector USB A USB modem Embedded modem A SIM card ...

Page 40: ...ding to the following steps 1 With an Ethernet cable connect a computer to one of the LAN ports on the Pepwave router Repeat with different cables for up to 4 computers to be connected 2 With another Ethernet cable or a USB modem Wi Fi antenna PC Card Express Card connect to one of the WAN ports on the Pepwave router Repeat the same procedure for other WAN ports 3 Connect the power adapter to the ...

Page 41: ...nfiguration go to Section 9 2 Captive Portal 7 Mounting the Unit 7 1 Wall Mount The Pepwave MAX 700 HD2 On The Go can be wall mounted using screws After adding the screw on the wall slide the MAX in the screw hole socket as indicated below Recommeneded screw specification M3 5 x 20mm head diameter 6mm head thickness 2 4mm The Pepwave MAX BR1 requires four screws for wall mounting 7 2 Car Mount The...

Page 42: ...ing LAN IP address in the address field of the web browser http 192 168 50 1 This is the default LAN IP address for Pepwave routers 3 Enter the following to access the web admin interface Username admin Password admin This is the default username and password for Pepwave routers The admin and read only user passwords can be changed at System Admin Security 4 After successful login the Dashboard wi...

Page 43: ...ion and uptime For further information please refer to Section 22 Important Note Configuration changes e g WAN LAN admin settings etc will take effect only after clicking the Save button at the bottom of each page The Apply Changes button causes the changes to be saved and applied 9 Configuring the LAN Interface s 9 1 Basic Settings LAN interface settings are located at Network LAN Network Setting...

Page 44: ...here are no settings using the VLAN You can delete that VLAN by clicking the red X Clicking any of the existing LAN interfaces or creating a new one will result in the following IP Settings IP Address The IP address and subnet mask of the Pepwave router on the LAN Network Settings Name Enter a name for the LAN VLAN ID Enter a number for your VLAN Inter VLAN routing Check this box to enable routing...

Page 45: ...Captive Portal Check this box to turn on captive portals http www peplink com 45 Copyright 2017 Pepwave ...

Page 46: ...min access from the WAN DNS proxy etc Shared IP Address A Access to this IP address will be passed through to the LAN port if this device is not serving the service being accessed The shared IP address will be used in connecting to hosts on the WAN email notification remote syslog etc The device will also listen on the IP address when hosts on the WAN access services served on this device web admi...

Page 47: ...o obtain an IP address via DHCP The Pepwave router s DHCP server can prevent IP address collision on the LAN IP Range Subnet Mask These settings allocate a range of IP addresses that will be assigned to LAN computers by the Pepwave router s DHCP server Lease Time This setting specifies the length of time throughout which an IP address of a DHCP client remains valid Upon expiration of the lease tim...

Page 48: ...st format you can enter one IP address per line in the provided text area input control Each option can be defined once only DHCP Reservation This setting reserves the assignment of fixed IP addresses for a list of computers on the LAN The computers to be assigned fixed IP addresses on the LAN are identified by their MAC addresses The fixed IP address assignment is displayed as a cross reference l...

Page 49: ...f WINS clients will be displayed at Status WINS Clients DNS Proxy Settings Enable To enable the DNS proxy feature check this box and then set up the feature at Network LAN DNS Proxy Settings A DNS proxy server can be enabled to serve DNS requests originating from LAN PPTP SpeedFusion TM peers Requests are forwarded to the DNS servers resolvers defined for each WAN connection DNS Caching This field...

Page 50: ...NS resolvers will receive forwarded DNS requests If no WAN VPN LAN DNS resolver is selected all of the WAN s DNS resolvers will be selected If a SpeedFusion TM peer is selected you may enter the VPN peer s DNS resolver IP address es Queries will be forwarded to the selected connections resolvers If all of the selected connections are down queries will be forwarded to all resolvers on healthy WAN c...

Page 51: ...hen creating a new LAN or editing an existing LAN IP Settings IP Address Subnet Mask Enter the Pepwave router s IP address and subnet mask values to be used on the LAN Network Settings Name Enter a name for the LAN VLAN ID Enter a number for your VLAN Inter VLAN Check this box to enable routing between virtual LANs http www peplink com 51 Copyright 2017 Pepwave ...

Page 52: ...Time the assigned IP address will no longer be valid and the IP address assignment must be renewed DNS Servers This option allows you to input the DNS server addresses to be offered to DHCP clients If Assign DNS server automatically is selected the Pepwave router s built in DNS server address i e LAN IP address will be offered WINS Servers This option allows you to specify the Windows Internet Nam...

Page 53: ...t the device MAC addresses should be in the format of 00 AA BB CC DD EE Press to create a new record Press to remove a record Reserved clients information can be imported from the Client List located at Status Client List For more details please refer to Section 22 3 To configure DHCP relay first click the button found next to the DHCP Server option to display the settings DHCP Relay Settings Enab...

Page 54: ...s port can well as which VLAN each link belongs to if any 9 3 Captive Portal The captive portal serves as gateway that clients have to pass if they wish to access the internet using your router To configure navigate to Network LAN Captive Portal Captive Portal Settings Enable Check Enable and then optionally select the LANs VLANs that will use the captive portal http www peplink com 54 Copyright 2...

Page 55: ...his option you will see the following fields Fill in the necessary information to complete your connection to the server and enable authentication Access Quota Set a time and data cap to each user s Internet usage Quota Reset Time This menu determines how your usage quota resets Setting it to Daily will reset it at a specified time every day Setting a number of minutes after quota reached establis...

Page 56: ...o Image Click the Choose File button to select a logo to use for the built in portal Message If you have any additional messages for your users enter them in this field Terms Conditions If you would like to use your own set of terms and conditions please enter them here If left empty the built in portal will display the default terms and conditions http www peplink com 56 Copyright 2017 Pepwave ...

Page 57: ...would be lower priority and so on and drop it by releasing the mouse button To disable a particular WAN connection drag on the appropriate WAN by holding the left mouse button move it the Disabled row and drop it by releasing the mouse button You can also set priorities on the Dashboard Click the Details button in the corresponding row to modify the connection setting Important Note Connection det...

Page 58: ...d strings to match Default DNS Lookup PING Hosts These fields are for specifying the target IP addresses or host names where ICMP Ping packets will be sent to for health check If the box Use first two DNS servers as PING Hosts is checked the first two DNS servers will be the ping targets for checking the connection healthiness If the box is not checked the field Host 1 must be filled and the field...

Page 59: ... tracked but no action will be taken Action If Email Notification is enabled you will receive an email notification when usage hits 75 and 95 of the monthly allowance If the box Disconnect when usage hits 100 of monthly allowance is checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance It will not resume unless this option has been turned off or t...

Page 60: ...ies the dynamic DNS service provider to be used for the WAN based on supported dynamic DNS service providers changeip com dyndns org no ip org tzo com DNS O Matic Select Disabled to disable this feature See Section 9 5 for configuration details 10 1 1 DHCP Connection There are four possible connection methods 1 DHCP 2 Static IP 3 PPPoE http www peplink com 60 Copyright 2017 Pepwave ...

Page 61: ... service provider does not provide you with the value you can safely bypass this option DNS Servers Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS servers being assigned by the WAN DHCP server to be ...

Page 62: ...of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS servers being assigned by the WAN DHCP server to be used for outbound DNS lookups over the connection The DNS servers are obtained along with the WAN IP address assigned from the ...

Page 63: ...rify your password by entering it again in this field Service Name Optional Service name is provided by the ISP Note Leave this field blank unless it is provided by your ISP IP Address Optional If your ISP provides a PPPoE IP address enter it here Note Leave this field blank unless it is provided by your ISP DNS Servers Each ISP may provide a set of DNS servers for DNS lookups This setting specifi...

Page 64: ...to connect via L2TP to your ISP The parameter values are determined by and can be obtained from your ISP Confirm L2TP Password Verify your password by entering it again in this field Server IP Address Host L2TP server address is a parameter which is provided by your ISP Note Leave this field blank unless it is provided by your ISP Address Type Your ISP will also indicate whether the server IP addr...

Page 65: ...th the WAN IP address assigned from the PPPoE server When Use the following DNS server address es is selected you can enter custom DNS server addresses for this WAN connection into the DNS server 1 and DNS server 2 fields 10 2 Cellular WAN To access cellular WAN settings click Network WAN Details Available on the Pepwave MAX BR1 HD2 and HD2 IP67 only Cellular Status http www peplink com 65 Copyrig...

Page 66: ... Name Enter a name to represent this WAN connection Operating Schedule Click the drop down menu to apply a time schedule to this interface if needed Subnet Selection Auto The subnet mask will be set automatically Force 31 Subnet The subnet mask will be set as 255 255 255 254 31 and the gateway IP address will be recalculated Routing Mode This option allows you to select the routing method to be us...

Page 67: ... DNS lookups over the WAN connection The DNS servers are obtained along with the WAN IP address assigned from the PPPoE server When Use the following DNS server address es is selected you can enter custom DNS server addresses for this WAN connection into the DNS server 1 and DNS server 2 fields http www peplink com 67 Copyright 2017 Pepwave ...

Page 68: ... this cellular WAN will use Only applies to cellular WAN with redundant SIM cards Preferred SIM If both cards were enabled on the above field then you can designate the priority of the SIM card slots here http www peplink com 68 Copyright 2017 Pepwave ...

Page 69: ...he default and recommended setting is Auto APN Login Password SIM PIN When Auto is selected the information in these fields will be filled automatically Select Custom to customize these parameters The parameter values are determined by and can be obtained from the ISP Bandwidth Allowance Monitor Check the box Enable to enable bandwidth usage monitoring on this WAN connection for each billing cycle...

Page 70: ...frame the modem will automatically disconnect Once the traffic is resumed by the LAN host the connection will be re activated Health Check Settings Health Check Method This setting allows you to specify the health check method for the cellular connection Available options are Disabled Ping DNS Lookup HTTP and SmartCheck The default method is DNS Lookup See Section 10 4 for configuration details Ti...

Page 71: ...ic Select Disabled to disable this feature See Section 9 5 for configuration details MTU MTU This field is for specifying the Maximum Transmission Unit value of the WAN connection An excessive MTU value can cause file downloads stall shortly after connected You may consult your ISP for the connection s MTU value 10 3 Wi Fi WAN To access Wi Fi WAN settings click Network WAN Details http www peplink...

Page 72: ... setting specifies the state of the WAN connection while in standby The available options are Remain Connected hot standby and Disconnect cold standby MTU This setting specifies the maximum transmission unit By default MTU is set to Custom 1440 You may adjust the MTU value by editing the text field Click Default to restore the default MTU value Select Auto and the appropriate MTU value will be aut...

Page 73: ...selecting a rate will force devices to connect using the fixed rate Output Power If you are setting up a network with many Wi Fi devices in close proximity then you can configure the output power here Click the boost button for additional power However with that option ticked output power may exced local regulatory limits Roaming Checking this box will enable Wi Fi roaming Click the icon for addit...

Page 74: ...nection unless this option has been turned off or the usage has been reset when a new billing cycle starts Start Day This option allows you to define which day of the month each billing cycle begins Monthly Allowance This field is for defining the maximum bandwidth usage allowed for the WAN connection each month Health Check Settings Method This setting specifies the health check method for the WA...

Page 75: ... Health Check Method DNS Lookup DNS lookups will be issued to test connectivity with target DNS servers The connection will be treated as up if DNS responses are received from one or both of the servers regardless of whether the result was positive or negative Health Check DNS Servers This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS Lookup...

Page 76: ...h check will pass if either one of the tests passed Other Health Check Settings Timeout This setting specifies the timeout in seconds for ping DNS lookup requests The default timeout is 5 seconds Health Check Interval This setting specifies the time interval in seconds between ping or DNS lookup requests The default health check interval is 5 seconds Health Check Retries This setting specifies the...

Page 77: ...orted providers are changeip com dyndns org no ip org tzo com DNS O Matic Select Disabled to disable this feature User ID User Email This setting specifies the registered user name for the dynamic DNS service Password Pass TZO Key This setting specifies the password for the dynamic DNS service Update All Hosts Check this box to automatically update all hosts Hosts Domain This setting specifies a l...

Page 78: ... host expires automatically when the host record has not been not updated for a long time Therefore the Peplink Balance performs an update every 23 days even if a WAN s IP address did not change 10 3 1 Creating Wi Fi Connection Profiles You can manually create a profile to connect to a Wi Fi connection This is useful for creating a profile for connecting to hidden SSID access points Click Network ...

Page 79: ...AN connections only the Pepwave router can periodically check the health of each WAN connection The health check settings for each WAN connection can be independently configured via Network WAN Details Health Check Settings Method This setting specifies the health check method for the WAN connection This value can be configured as Disabled PING DNS Lookup or HTTP The default method is DNS Lookup F...

Page 80: ...eceived from one or both of the servers regardless of whether the result was positive or negative Health Check DNS Servers This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS lookup If Use first two DNS servers as Health Check DNS Servers is checked the first two DNS servers will be the DNS lookup targets for checking a connection s health If...

Page 81: ... the number of consecutive ping DNS lookup timeouts after which the Pepwave router will treat the corresponding WAN connection as down Default health retries is set to 3 Using the default Health Retries setting of 3 the corresponding WAN connection will be treated as down after three consecutive timeouts Recovery Retries This setting specifies the number of consecutive successful ping DNS lookup r...

Page 82: ... public IP of each WAN will be automatically reported to the DNS service provider Either upon a change in IP addresses or every 23 days without link reconnection the Pepwave router will connect to the dynamic DNS service provider to perform an IP address update within the provider s records The settings for dynamic DNS service provider s and the association of hostname s are configured via Network...

Page 83: ...roviders policy a dynamic DNS host will automatically expire if the host record has not been updated for a long time Therefore the Pepwave router performs an update every 23 days even if a WAN s IP address has not changed 11 Advanced Wi Fi Settings Wi Fi settings can be configured at Advanced Wi Fi Settings or AP Settings on some models Note that menus displayed can vary by model AP Settings SSID ...

Page 84: ...o 20 40 MHz Default is Auto 20 40 MHz which allows both widths to be used simultaneously Channel This option allows you to select which 802 11 RF channel will be utilized Channel 1 2 412 GHz is selected by default Auto Channel Update Indicate the time of day at which update automatic channel selection Output Power This option is for specifying the transmission output power for the Wi Fi AP There a...

Page 85: ...nt traffic such as communication traffic between the AP and the AP Controller The value is zero by default which means that no VLAN tagging will be applied NOTE Change this value with caution as alterations may result in loss of connection to the AP Controller Operating Schedule Choose from the schedules that you have defined in System Schedule Select the schedule for the integrated AP to follow f...

Page 86: ...tiple pieces Distance Time Convertor Select the range you wish to cover with your Wi Fi and the router will make recommendations for the Slot Time and ACK Timeout Slot Time A This field is for specifying the unit wait time before transmitting a packet By default this field is set to 9 µs ACK Timeout A This field is for setting the wait time to receive an acknowledgement packet before performing a ...

Page 87: ...al on external AP Wi Fi WAN settings can be configured at Advanced Wi Fi Settings or Advanced Wi Fi WAN or some models Wi Fi WAN Settings Channel Width Available options are 20 40 MHz and 20 MHz Default is 20 40 MHz which allows both widths to be used simultaneously Bit Rate This option allows you to select a specific bit rate for data transfer over the device s Wi Fi network By default Auto is se...

Page 88: ...ngs select Advanced Cache Control Cache Control Settings Domain Choose to Cache on all domains or enter domain names and then choose either Cache the specified domains only or Do not cache the specified domains Source IP Subnet This setting allows caching to be applied to the user specified IP subnets If Any is selected then caching will apply to all subnets Content Type Check these boxes to cache...

Page 89: ...iven to the scheduled download Status Check the status of your scheduled download here Next Run Time Last Run Time These fields display the date and time of the next and most recent occurrences of the scheduled download Last Duration Check this field to ensure that the most recent download took as long as expected to complete A value that is too low might indicate an incomplete download or incorre...

Page 90: ...ick To edit a scheduled download click To delete a scheduled download click New Schedule Click to begin creating a new scheduled download Clicking the button will cause the following screen to appear Simply provide the requested information to create your schedule Clear Web Cache To clear all cached content click this button Note that this action cannot be undone Clear Statistics To clear all pref...

Page 91: ...http www peplink com 91 Copyright 2017 Pepwave ...

Page 92: ...nue carrying the network traffic Different models of our SD WAN routers have different numbers of site to site connections allowed End users who need to have more site to site connections can purchase a SpeedFusion license to increase the number of site to site connections allowed Pepwave routers can aggregate all WAN connections bandwidth for routing SpeedFusion TM traffic Unless all the WAN conn...

Page 93: ...nd click the New Profile button to create a new VPN profile you may have to first save the displayed default profile in order to acesss the New Profile button Each profile specifies the settings for making VPN connection with one remote Pepwave or Peplink device Note that available settings vary by model A list of defined SpeedFusion connection profiles and a Link Failure Detection Time option wil...

Page 94: ... the Peplink Balance will use to authenticate peers When selecting By Remote ID Only be sure to enter a unique peer ID number in the Remote ID field Remote ID Pre shared Key This optional field becomes available when Remote ID Pre shared Key is selected as the Peplink Balance s VPN Authentication method as explained above Pre shared Key defines the pre shared key used for this particular VPN conne...

Page 95: ...nnection to each of the remote IP addresses until it succeeds in making a connection If the field is empty the Peplink Balance will wait for connection from the remote peer Therefore at least one of the two VPN peers must specify this value Otherwise VPN connections cannot be established Cost Define path cost for this profile OSPF will determine the best route through the network using the assigne...

Page 96: ...ts it you can specify the priority of WAN connections to be used for making VPN connections WAN connections set to OFF will never be used Only available WAN connections with the highest priority will be used To enable asymmetric connections connection mapping to remote WANs cut off latency and packet loss suspension time click the button Send All Traffic To This feature allows you to redirect all ...

Page 97: ...odels allow you to set outbound policy and custom outbound rules from Advanced PepVPN See Section 14 for more information on outbound policy settings PepVPN Local ID The local ID is a text string to identify this local unit when establishing a VPN connection When creating a profile on a remote unit this local ID must be entered in the remote unit s Remote ID field Click the icon to edit Local ID P...

Page 98: ...five seconds and the expected detection time is 15 seconds When Fast is selected a health check packet is sent every three seconds and the expected detection time is six seconds When Faster is selected a health check packet is sent every second and the expected detection time is two seconds When Extreme is selected a health check packet is sent every 0 1 second and the expected detection time is l...

Page 99: ... IP Addresses Host Names field Leave the field in Unit A blank With this setting a SpeedFusion TM connection can be set up and all WAN connections on both sides will be utilized See the following diagram for an example of this setup in use One of the WANs connected to Router A is non NAT d 212 1 1 1 The rest of the WANs connected to Router A and all WANs connected to Router B are NAT d In this cas...

Page 100: ...our company s main headquarters or to other branches Data voice and video communications between these locations are kept safe and confidential across the public Internet IPsec VPN on Pepwave routers is specially designed for multi WAN environments For instance if a user sets up multiple IPsec profiles for a multi WAN environment and WAN1 is connected and healthy IPsec traffic will go through this...

Page 101: ... defined IPsec VPN profiles will be shown NAT Traversal should be enabled if your system is behind a NAT router Click the New Profile button to create new IPsec VPN profiles that make VPN connections to remote Pepwave Cisco or Juniper routers via available WAN connections To edit any of the profiles click on its associated connection name in the leftmost column http www peplink com 101 Copyright 2...

Page 102: ...http www peplink com 102 Copyright 2017 Pepwave ...

Page 103: ...or example policy 192 168 50 0 24 172 16 1 0 24 will translate the local IP address 192 168 50 10 to 172 16 1 10 and 192 168 50 20 to 172 16 1 20 This is a bidirectional mapping which means clients in remote site can initiate connection to the local clients using the mapped address too Many to One NAT policy if the defined NAT Network on the right hand side is an IP address or having a network pre...

Page 104: ...allows two parties to establish a shared secret over an insecure communications channel The larger the group number the higher the security Group 2 1024 bit is the default value Group 5 1536 bit is the alternative option Phase 1 SA Lifetime This setting specifies the lifetime limit of this Phase 1 Security Association By default it is set at 3600 seconds Phase 2 ESP Proposal In Main Mode this allo...

Page 105: ...Note Outbound policy is applied only when more than one WAN connection is active The settings for managing and load balancing outbound traffic are located at Advanced Outbound Policy or Advanced PepVPN depending on the model 15 1 Outbound Policy Outbound policies for managing and load balancing outbound traffic are located at Network Outbound Policy or Advanced PepVPN Outbound Policy http www pepl...

Page 106: ...on Compatibility Outbound traffic from a source LAN device to the same destination Internet IP address will be routed through the same WAN connection persistently regardless of protocol This option provides high compatibility to most applications and users still benefit from WAN link load balancing when multiple Internet servers are accessed Custom Outbound traffic behavior can be managed by defin...

Page 107: ...oose Custom and press the Save button 15 2 1 Algorithm Weighted Balance This setting specifies the ratio of WAN connection usage to be applied on the specified IP protocol and port This setting is applicable only when Algorithm is set to Weighted Balance http www peplink com 107 Copyright 2017 Pepwave ...

Page 108: ...llular 1 10 Cellular 2 10 USB 10 Total weight is 60 10 10 10 10 10 10 Matching traffic distributed to Ethernet WAN1 is 16 7 10 60 x 100 Matching traffic distributed to Ethernet WAN2 is 16 7 10 60 x 100 Matching traffic distributed to Wi Fi WAN is 16 7 10 60 x 100 Matching traffic distributed to Cellular 1 is 16 7 10 60 x 100 Matching traffic distributed to Cellular 2 is 16 7 10 60 x 100 Matching t...

Page 109: ...the Internet IP depends on the WAN connections over which communication actually takes place As a result a LAN client computer behind the Pepwave router may communicate using multiple Internet IP addresses For example a LAN client computer behind a Pepwave router with three WAN connections may communicate on the Internet using three different IP addresses With the persistence feature rules can be ...

Page 110: ...g the sliders 15 2 3 Algorithm Enforced This setting specifies the WAN connection usage to be applied on the specified IP protocol and port This setting is applicable only when Algorithm is set to Enforced Matching traffic will be routed through the specified WAN connection regardless of the health check status of the WAN connection Starting from Firmware 5 2 outbound traffic can be enforced to go...

Page 111: ...y WAN connection that is not in full load Drag and drop to specify the order of WAN connections to be used for routing traffic Only the highest priority healthy connection that is not in full load will be used 15 2 6 Algorithm Least Used The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the most available download bandwidth The ...

Page 112: ...ll WAN connections are symmetric or A latency sensitive application must be routed through the lowest latency WAN regardless of the WAN s available bandwidth 15 2 8 Expert Mode Expert Mode is available on some Pepwave routers for use by advanced users To enable the feature click on the help icon and click turn on Expert Mode In Expert Mode a new special rule SpeedFusion TM Routes is displayed in t...

Page 113: ...all inbound access from the Internet By using port forwarding Internet users can access servers behind the Pepwave router Inbound port forwarding rules can be defined at Advanced Port Forwarding To define a new service click Add Service Port Forwarding Settings http www peplink com 113 Copyright 2017 Pepwave ...

Page 114: ...e router via the specified protocol is forwarded to the servers specified by the Servers setting For example with IP Protocol set to TCP and Port set to Any Port all TCP traffic is forwarded to the configured servers Single Port traffic that is received by the Pepwave router via the specified protocol at the specified port is forwarded via the same port to the servers specified by the Servers sett...

Page 115: ...mated When a computer creates a rule using these protocols the specified TCP UDP port of all WAN connections default IP address will be forwarded Check the corresponding box es to enable UPnP and or NAT PMP Enable these features only if you trust the computers connected to the LAN ports When the options are enabled a table listing all the forwarded ports under these two protocols can be found at S...

Page 116: ...elected Network The IP network refers to all private IP addresses and ranges managed by the LAN host The system maps these addresses to a number of public IP addresses specified below to facilitate outbound traffic This option is only available when IP Network is selected Inbound Mappings This setting specifies the WAN connections and corresponding WAN specific Internet IP addresses on which the s...

Page 117: ...oups Manager Staff and Guest This menu allows you to define rules and assign client IP addresses or subnets to a user group You can apply different bandwidth and traffic prioritization policies on each user group in the Bandwidth Control and Application sections note that the options available here vary by model The table is automatically sorted by rule precedence The smaller and more specific sub...

Page 118: ... subnet IP address belongs to Once users have been assigned to a user group their internet traffic will be restricted by rules defined for that particular group Please refer to the following two sections for details 18 2 Bandwidth Control You can define a maximum download speed over all WAN connections and upload speed for each WAN connection that each individual Staff and Guest member can consume...

Page 119: ...lication manually The priority preference of supported applications is placed at the top of the table Custom applications are at the bottom 18 3 2 Prioritization for Custom Applications Click the Add button to define a custom application Click the button in the Action column to delete the custom application in the corresponding row When Supported Applications is selected the Pepwave router will in...

Page 120: ...y the upload traffic By default this feature is enabled 19 Firewall A firewall is a mechanism that selectively filters data traffic between the WAN side the Internet and the LAN side of the network It can protect the local network from potential hacker attacks access to offensive websites and or other inappropriate uses The firewall functionality of Pepwave routers supports the selective filtering...

Page 121: ...VPN tunneled traffic 19 1 Outbound and Inbound Firewall Rules 19 1 1 Access Rules The outbound firewall settings are located at Advanced Firewall Access Rules Outbound Firewall Rules Click Add Rule to display the following screen http www peplink com 121 Copyright 2017 Pepwave ...

Page 122: ...all Rules Click Add Rule to display the following screen Rules are matched from top to bottom If a connection matches any one of the upper rules the matching process will stop If none of the rules match the Default rule will be applied By http www peplink com 122 Copyright 2017 Pepwave ...

Page 123: ...rotocols can be specified TCP UDP ICMP IP Alternatively the Protocol Selection Tool drop down menu can be used to automatically fill in the protocol and port number of common Internet services e g HTTP HTTPS etc After selecting an item from the Protocol Selection Tool drop down menu the protocol and port number remains manually modifiable Source IP Port This specifies the source IP address es and ...

Page 124: ...connection where the log entry refers to SRC Source IP address DST Destination IP address LEN Packet length PROTO Protocol SPT Source port DPT Destination port Click Save to store your changes To create an additional firewall rule click Add Rule and repeat the above steps To change a rule s priority simply drag and drop the rule Hold the left mouse button on the rule Move it to the desired positio...

Page 125: ... Internet To turn on this feature click check the Enable check box and press the Save button When this feature is enabled the Pepwave router will detect and prevent the following kinds of intrusions and denial of service attacks Port scan o NMAP FIN URG PSH o Xmas tree o Another Xmas tree o Null scan o SYN RST o SYN FIN SYN flood prevention Ping flood attack prevention http www peplink com 125 Cop...

Page 126: ...19 2 Content Blocking 19 2 1 Application Blocking Choose applications to be blocked from LAN PPTP PepVPN peer clients access except for http www peplink com 126 Copyright 2017 Pepwave ...

Page 127: ...r an appropriate website address and the Peplink Balance will block and disallow LAN PPTP SpeedFusionTM peer clients to access these websites Exceptions can be added using the instructions in Sections 20 1 3 2 and 20 1 3 3 You may enter the wild card at the end of a domain name to block any web site with a host name having the domain name in the middle For example If you enter foobar then www foob...

Page 128: ...then click the OSPF RIPv2 item on the sidebar to reach the following menu OSPF Router ID This field determines the ID of the router By default this is specified as the LAN IP address If you want to specify your own ID enter it in the Custom field Area This is an overview of the OSPFv2 areas you have defined Click on the area name to configure it To set a new area click Add To delete an existing ar...

Page 129: ...e Choose the network type that this area will use Authentication Choose an authentication method if one is used from this drop down menu Available options are MD5 and Text Enter the authentication key next to the drop down menu Interfaces Determine which interfaces this area will use to listen to and deliver OSPF packets To access RIPv2 settings click http www peplink com 129 Copyright 2017 Pepwav...

Page 130: ...tion key next to the drop down menu Interfaces Determine which interfaces this group will use to listen to and deliver RIPv2 packets 21 Remote User Access a Networks routed by a Peplink Balance can be remotely accessed via L2TP with IPsec or PPTP To configure this feature navigate to Network Remote User Access http www peplink com 130 Copyright 2017 Pepwave ...

Page 131: ... Access Settings Enable Click the checkbox to enable Remote User Access VPN Type Determine whether remote devices can connect to the Balance using L2TP with IPsec or http www peplink com 131 Copyright 2017 Pepwave ...

Page 132: ...an click on a username to edit the account password Click the button X to delete the account in its corresponding row Click the button to switch to enters user accounts by pasting the information in CSV format Miscellaneous Settings The miscellaneous settings include configuration for high availability PPTP server service forwarding and service passthrough 21 1 High Availability Many Pepwave route...

Page 133: ...eartbeat signals to the LAN at a frequency of one heartbeat signal per second In the event that no heartbeat signal from the master Pepwave router is received in 3 seconds or longer since the last heartbeat signal the slave Pepwave router becomes active The slave Pepwave router initiates the WAN connections and binds to a previously configured LAN IP address At a subsequent point when the master P...

Page 134: ...m the slave unit Configuration Sync This option is displayed when Slave mode is selected in Preferred Role If this option is enabled and the Master Serial Number entered matches with the actual master unit s the master unit will automatically transfer the configuration to this unit Please make sure the LAN IP Address and the Subnet Mask fields are set correctly in the LAN settings page You can ref...

Page 135: ...ult gateway for all hosts on the LAN segment For example a firewall sitting behind the Pepwave router should set its default gateway as the virtual IP instead of the IP of the master router In drop in mode no other configuration needs to be set http www peplink com 135 Copyright 2017 Pepwave ...

Page 136: ...nables remote computers to conveniently and securely access the local network PPTP server settings are located at Advanced Misc Settings PPTP Server Check the box to enable PPTP server functionality All connected PPTP sessions are displayed at Status Client List Please refer to Section 22 3 for details Note that available options vary by model http www peplink com 136 Copyright 2017 Pepwave ...

Page 137: ... Server Local User Accounts User accounts are stored in the Pepwave router locally You can add modify delete accounts in the User Accounts table LDAP Server Authenticate with an external LDAP server This has been tested with Open LDAP servers where passwords are NTLM hashed Active Directory is not supported You can choose to use RADIUS to authenticate with a Windows server RADIUS Server Authentica...

Page 138: ...ans 21 4 Service Forwarding Service forwarding settings are located at Advanced Misc Settings Service Forwarding Service Forwarding SMTP Forwarding When this option is enabled all outgoing SMTP connections destined for any host at TCP port 25 will be intercepted These connections will be redirected to a specified SMTP server and port number SMTP server settings for each WAN can be specified after ...

Page 139: ...ISP s SMTP server All outgoing SMTP connections are blocked except those connecting to the ISP s Pepwave routers support intercepting and redirecting all outgoing SMTP connections destined for TCP port 25 via a WAN connection to the WAN s corresponding SMTP server To enable the feature select Enable under SMTP Forwarding Setup Check Enable Forwarding for the WAN connection s that needs forwarding ...

Page 140: ...er and port number Redirected server settings for each WAN can be set here If forwarding is disabled for a WAN web proxy connections for the WAN will be simply forwarded to the connection s original destination 21 4 3 DNS Forwarding When DNS forwarding is enabled all clients outgoing DNS requests will also be intercepted and forwarded to the built in DNS proxy server 21 4 4 Custom Service Forwardi...

Page 141: ...upport is always enabled and there are two modes for selection Standard Mode and Compatibility Mode If your SIP server s signal port number is non standard you can check the box Define custom signal ports and input the port numbers to the text boxes H 323 With this option enabled protocols that provide audio visual communication sessions will be defined on any packet network and pass through the P...

Page 142: ...fic to 21 6 GPS Forwarding Using the GPS forwarding feature some Pepwave routers can automatically send GPS reports to a specified server To set up GPS forwarding navigate to Advanced GPS Forwarding GPS Forwarding Enable Check this box to turn on GPS forwarding Server Enter the name IP address of the server that will receive GPS data Also specify a port number protocol UDP or TCP and a report inte...

Page 143: ...ontroller of Pepwave AP devices With this feature users can customize and manage multiple APs from a single Pepwave router interface Special Note Each Pepwave router can control a limited number of routers without additional cost To manage more a Full Edition license is required Please contact your Authorized Reseller or the Peplink Sales Team for more information and pricing details To configure ...

Page 144: ... will be added to the DHCP server A local DNS record AP Controller will be added to the local DNS proxy Permitted AP Access points to manage can be specified here If Any is selected the AP controller will manage any AP that reports to it If Approved List is selected only APs with serial numbers listed in the provided text box will be managed Current SSID information appears in the SSID section To ...

Page 145: ...egment through the Pepwave AP One unit to the Ethernet segment via the LAN port The default value of this setting is 0 which means VLAN tagging is disabled instead of tagged with zero Broadcast SSID This setting specifies whether or not Wi Fi clients can scan the SSID of this wireless network Broadcast SSID is enabled by default Data Rate A Select Auto to allow the Pepwave router to set the data r...

Page 146: ...second layer in the ISO Open System Interconnect model When this option is enabled clients on the same VLAN SSID or subnet are isolated to that VLAN SSID or subnet which can enhance security Traffic is passed to upper communication layer s By default the setting is disabled Maximum Number of Clients Indicate the maximum number of clients that should be able to connect to each frequency Band Steeri...

Page 147: ...on When using this configuration the Shared Key option should be enabled Key length must be between eight and 63 characters inclusive The security level of this method is known to be high The configuration of Static WEP parameters enables pre shared WEP key encryption Authentication is not supported by this method The security level of this method is known to be weak MAC Address List Connection co...

Page 148: ...efault button to enter 1812 Accounting Port In field enter the UDP accounting port s used by your RADIUS server s or click the Default button to enter 1813 22 2 Settings On many Pepwave models the AP settings screen AP Settings looks similar to the example below http www peplink com 148 Copyright 2017 Pepwave ...

Page 149: ... transmit Please note that the Peplink Balance does not detect whether the AP is capable of transmitting at both frequencies Instructions to transmit at unsupported frequencies will be ignored by the AP Operating This drop down menu specifies the national regional regulations which the AP should follow http www peplink com 149 Copyright 2017 Pepwave ...

Page 150: ...d on the scheduled time set and choose the most suitable channel automatically Auto Channel Update Indicate the time of day at which update automatic channel selection Output Power A This drop down menu determines the power at which the AP under this profile will broadcast When fixed settings are selected the AP will broadcast at the specified power level regardless of context When Dynamic setting...

Page 151: ... send an RTS using the RTS CTS handshake Setting 0 disables this feature Fragmentation Threshold A Determines the maximum size in bytes that each packet fragment will be broken down into Set 0 to disable fragmentation Distance Time Converter A Select the distance you want your Wi Fi to cover in order to adjust the below parameters Default values are recommended Slot Time A This field provides the ...

Page 152: ...the Web Access Protocol With this enabled any HTTP access to the web admin will redirect to HTTPS automatically Admin User Name This field specifies the administrator username of the web admin It is set as admin by default Admin Password This field allows you to specify a new administrator password You may also click the Generate button and let the system generate a random password automatically N...

Page 153: ...e bound by the regulatory limits of the selected country Beacon Rate A This option is for setting the transmit bit rate for sending a beacon By default 1Mbps is selected Beacon Interval A This option is for setting the time interval between each beacon By default 100ms is selected DTIM A This field allows you to set the frequency for the beacon to include a delivery traffic indication message The ...

Page 154: ...Frequency Underneath there are two check boxes labeled 2 4 Ghz and 5 Ghz Clicking either box will toggle the display of information for that frequency By default the graphs display the number of clients and data usage for both 2 4GHz and 5 GHz frequencies SSID The colored boxes indicate the SSID to display information for Clicking any colored box will toggle the display of information for that SSI...

Page 155: ...eriod Mouse over any line on the graph to see the data usage by each SSID for that point in time Use the buttons next to Zoom to select the time scale you wish to view In addition you could use the sliders at the bottom to further refine your timescale Events This event log displays all activity on your AP network down to the client level Click View Alerts to see only alerts and click the More lin...

Page 156: ... Devices This table shows the detailed information on each AP including channel number of clients upload traffic and download traffic Click the blue arrows at the left of the table to expand and collapse information on each device group You could also expand and collapse all groups by using the buttons On the right of the table you will see the following icons Click the icon to see a usage table f...

Page 157: ...name and designate its location You can also designate which firmware pack if any this client will follow as well as the channels on which the client will broadcast Click the icon to see a graph displaying usage http www peplink com 157 Copyright 2017 Pepwave ...

Page 158: ...On the Data Usage by menu you can display the information by SSID or by AP send receive rate Click the Event tab next to Wireless Usage to view a detailed event log for that particular device 23 3 Wireless SSID In depth SSID reports are available under AP Controller Status Wireless SSID http www peplink com 158 Copyright 2017 Pepwave ...

Page 159: ...any SSID to obtain more detailed usage information on each SSID 23 4 Wireless Client You can search for specific Wi Fi users by navigating to AP Controller Status Wireless Client http www peplink com 159 Copyright 2017 Pepwave ...

Page 160: ...for specific users Click the icon to bookmark specific users and click the icon for additional details about each user 23 5 Nearby Device A listing of near devices can be accessed by navigating to AP Controller Status Nearby Device http www peplink com 160 Copyright 2017 Pepwave ...

Page 161: ...th information on how this device was detected Click the icons and the device will be moved to the bottom table of identified devices 23 6 Event Log You can access the AP Controller Event log by navigating to AP Controller Status Event Log http www peplink com 161 Copyright 2017 Pepwave ...

Page 162: ...ds 24 Toolbox Tools for managing firmware packs can be found at AP Toolbox Firmware Packs Here you can manage the firmware of your AP Clicking on will result in information regarding each firmware pack To receive new firmware packs you can click Check for Updates to download new packs or you can click Manual Upload to manually upload a firmware pack Click Default to define which firmware pack is d...

Page 163: ...ires you may click the Logout button in the web admin to exit the session 0 hours 0 minutes signifies an unlimited session time This setting should be used only in special situations as it will lower the system security level if users do not log out before closing the browser The default is 4 hours 0 minutes For security reasons after logging in to the web admin Interface for the first time it is ...

Page 164: ...ault but can be changed if desired Admin Password This field allows you to specify a new administrator password Confirm Admin Password This field allows you to verify and confirm the new administrator password Read only User Name Read only User Name is set as user by default but can be changed if desired User Password This field allows you to specify a new user password Once the user password is s...

Page 165: ...ver This specifies the access address and port of the external RADIUS server Auth Server Secret This field is for entering the secret key for accessing the RADIUS server Auth Timeout This option specifies the time value for authentication timeout Accounting Server This specifies the access address and port of the external accounting server Accounting Server Secret This field is for entering the se...

Page 166: ...cess Settings Allowed LAN Networks This field allows you to permit only specific networks or VLANs to access the Web UI WAN Connection Access Settings Allowed Source IP Subnets This field allows you to restrict web admin access only from defined IP subnets Any Allow web admin accesses to be from anywhere without IP address restriction Allow access from the following IP subnets only Restrict web ad...

Page 167: ...ad The second method is to upload a firmware file manually To perform an online download click on the Check for Firmware button The Pepwave router will check online for new firmware If new firmware is available the Pepwave router will automatically download the firmware The rest of the upgrade process will be automatically initiated You may also download a firmware image from the Peplink website a...

Page 168: ... firmware is rolled back from 5 x to 4 x the configurations will be lost 25 3 Time Time Settings enables the system clock of the Pepwave router to be synchronized with a specified time server Time settings are located at System Time Time Settings Time Zone This specifies the time zone along with the corresponding Daylight Savings Time scheme The Time Zone value affects the time stamps in the Pepwa...

Page 169: ...e button to begin Edit Schedule Profile Enabling Click this checkbox to enable this schedule profile Note that if this is disabled then any associated features will also have their scheduling disabled Name Enter your desired name for this particular schedule profile http www peplink com 169 Copyright 2017 Pepwave ...

Page 170: ...ail Notification Email Notification Settings Email Notification This setting specifies whether or not to enable email notification If Enable is checked the Pepwave router will send email messages to system administrators when the WAN status changes or when new firmware is available If Enable is not checked email notification is disabled and the Pepwave router will not send email messages SMTP Serv...

Page 171: ...nfirm the new administrator password Sender s Email Address This setting specifies the email address the Pepwave router will use to send reports Recipient s Email Address This setting specifies the email address es to which the Pepwave router will send email notifications For multiple recipients separate each email addresses using the enter key After you have finished setting up email notification...

Page 172: ... to log events at the specified remote syslog server Remote Syslog Host This setting specifies the IP address or hostname of the remote syslog server Push Events The Pepwave router can also send push notifications to mobile devices that have our Mobile Router Utility installed Check the box to activate this feature For more information on the Router Utility go to www peplink com products router ut...

Page 173: ...dmin Security SNMP Port This option specifies the port which SNMP will use The default port is 161 SNMPv1 This option allows you to enable SNMP version 1 SNMPv2 This option allows you to enable SNMP version 2 SNMPv3 This option allows you to enable SNMP version 3 To add a community for either SNMPv1 or SNMPv2 click the Add SNMP Community button in the Community Name table upon which the following ...

Page 174: ...http www peplink com 174 Copyright 2017 Pepwave ...

Page 175: ...pon which the following screen is displayed SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3 Authentication Protocol This setting specifies via a drop down menu one of the following valid authentication protocols NONE MD5 SHA When MD5 or SHA is selected an entry field will appear for the password Privacy Protocol This setting specifies via a drop down menu one...

Page 176: ...ystem Alternately you could also privately host InControl Simply check the box beside the Privately Host InControl open and enter the IP Address of your InControl Host You can sign up for an InControl account at https incontrol2 peplink com You can register your devices under the account monitor their status see their usage reports and receive offline notifications 25 9 Configuration Backing up Pe...

Page 177: ...ck Choose File to locate the configuration file on the local computer and then click Upload The new settings can then be applied by clicking the Apply Changes button on the page header or you can cancel the procedure by pressing discard on the main page of the web admin interface Upload Configurations from High Availability Pair In a high availability HA configuration a Pepwave router can quickly ...

Page 178: ...ersion You can select the firmware version you would like to reboot the device with The firmware marked with Running is the current system boot up firmware Please note that a firmware upgrade will always replace the inactive firmware partition 26 Tools 26 1 Ping The ping test tool sends pings through a specified Ethernet interface or a SpeedFusion TM VPN connection You can specify the number of pi...

Page 179: ...cular LAN WAN connection 26 2 Traceroute Test The traceroute test tool traces the routing path to the destination through a particular Ethernet interface or a SpeedFusion TM connection The traceroute test utility is located at System Tools Traceroute http www peplink com 179 Copyright 2017 Pepwave ...

Page 180: ... Test The PepVPN Test tool can help to test the throughput between different VPN peers You can define the Test Type Direction and Duration of the test and press Go to perform the throughput test The VPN test utility is located at System Tools PepVPN Test illustrated as follows http www peplink com 180 Copyright 2017 Pepwave ...

Page 181: ...ick Send to send a magic packet 26 5 CLI Command Line Interface Support The CLI command line interface can be accessed via SSH This field enables CLI support The below settings specify which TCP port and which interface s should accept remote SSH CLI access The user name and password used for remote SSH CLI access are the same as those used for web admin access http www peplink com 181 Copyright 2...

Page 182: ...http www peplink com 182 Copyright 2017 Pepwave ...

Page 183: ...our model uses a product code it will appear here Hardware Revision This shows the hardware version of this device Serial Number This shows the serial number of this device Firmware This shows the firmware version this device is currently running PepVPN Version This shows the current PepVPN version Modem Support Version This shows the modem support version For a list of supported modems click Mode...

Page 184: ...d attach it along with a description of your issue In Firmware 5 1 or before the diagnostic report file can be obtained at System Reboot 27 2 GPS Data The MAX HD2 and HD2 IP67 automatically store up to seven days of GPS location data in GPS eXchange format GPX To review this data using third party applications click Status Device and then download your GPX file The Pepwave MAX BR1 HD2 and HD2 IP67...

Page 185: ...dicates the number of sessions initiated by each WAN port In addition you can see which clients are initiating the most sessions You can also perform a filtered search for specific sessions You can filter by subnet port protocol and interface To perform a search navigate to Status Active Sessions Search http www peplink com 185 Copyright 2017 Pepwave ...

Page 186: ...or filtering 27 4 Client List The client list table is located at Status Client List It lists DHCP and online client IP addresses names retrieved from the DHCP reservation table or defined by users current download and upload rate and MAC address Clients can be imported into the DHCP reservation table by clicking the button on the right You can update the record after import by going to Network LA...

Page 187: ...es of WINS clients This option will only be available when you have enabled the WINS server navigation Network Interfaces LAN The names of clients retrieved will be automatically matched into the Client List see previous section Click Flush All to flush all WINS client records 27 6 UPnP NAT PMP The table that shows the forwarded ports under UPnP and NAT PMP protocols is located at Status UPnP NAT ...

Page 188: ...ted immediately after clicking the button or Delete All without the need to click Save or Confirm 27 7 SpeedFusion Status Current SpeedFusion TM status information is located at Status SpeedFusion TM Details about SpeedFusion TM connection peers appears as below Click on the corresponding peer name to explore the WAN connection s status and subnet information of each VPN peer http www peplink com ...

Page 189: ...button for a chart displaying real time throughput latency and drop rate information for each WAN connection When pressing the button the following menu will appear http www peplink com 189 Copyright 2017 Pepwave ...

Page 190: ...licking the icon the following menu appears Select the L2 protocol TCP UDP direction and duration and click the Start button to begin the general throughput test http www peplink com 190 Copyright 2017 Pepwave ...

Page 191: ...analyzer is to report the throughput packet loss and latency of all possible combinations of connections Please note that the PepVPN Analyzer will temporarily interrupt VPN connectivity and will restore after test After clicking the icon the analyzer will require several minutes to perform its analysis depending the number of WAN links in the SpeedFusion TM Tunnel Once the test the complete the re...

Page 192: ...rticular test Tx Avg is the averaged throughput across the full 10 seconds time while Tx Max is the averaged throughput of the fastest 30 of time 27 8 Event Log Event log information is located at Status Event Log http www peplink com 192 Copyright 2017 Pepwave ...

Page 193: ... entries automatically Click the Clear Log button to clear the log 28 Bandwidth Status This section shows bandwidth usage statistics and is located at Status Bandwidth Bandwidth usage at the LAN while the device is switched off e g LAN bypass is neither recorded nor shown http www peplink com 193 Copyright 2017 Pepwave ...

Page 194: ...nsferred since last reboot table indicates how much network traffic has been processed by the device since the last bootup 28 2 Hourly This page shows the hourly bandwidth usage for all WAN connections with the option of viewing each individual connection Select the desired connection to check from the drop down menu http www peplink com 194 Copyright 2017 Pepwave ...

Page 195: ...Bandwidth Monitoring feature the Current Billing Cycle table for that WAN connection will be displayed Click on a date to view the client bandwidth usage of that specific date This feature is not available if you have selected to view the bandwidth usage of only a particular WAN connection The scale of the graph can be set to display megabytes MB or gigabytes GB http www peplink com 195 Copyright ...

Page 196: ...ch particular connection and view the information by Billing Cycle or by Calendar Month Click the first two rows to view the client bandwidth usage in the last two months This feature is not available if you have chosen to view the bandwidth of an individual WAN connection The scale of the graph can be set to display megabytes MB or gigabytes GB http www peplink com 196 Copyright 2017 Pepwave ...

Page 197: ...All WAN Monthly Bandwidth Usage http www peplink com 197 Copyright 2017 Pepwave ...

Page 198: ...Ethernet WAN Monthly Bandwidth Usage Tip By default the scale of data size is in MB 1GB equals 1024MB http www peplink com 198 Copyright 2017 Pepwave ...

Page 199: ...clip press the reset button and hold it for at least 10 seconds until the unit reboots itself After the Pepwave router finishes rebooting the factory default settings will be restored Important Note All previous configurations and bandwidth usage data will be lost after restoring factory default settings Regular backup of configuration settings is strongly recommended http www peplink com 199 Copy...

Page 200: ...io communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures Reorient or relocate the receiving antenna Increase the ...

Page 201: ...BR1 This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator your body http www peplink com 201 Copyright 2017 Pepwave ...

Page 202: ...tended destination 3 CE Statement for Pepwave Routers Europe EU Declaration of Conformity This device complies with the essential requirements of the R TTE Directive 1999 5 EC The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the R TTE Directive 1999 5 EC EN 60950 1 2006 A11 2009 A1 2010 A12 2011 Safety of Information Techno...

Page 203: ...y EMC standard for radio equipment and services Part 1 Common technical requirements EN 301 489 7 V1 3 1 2005 ElectroMagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment ad services Part 7 Specific conditions for mobile and portable radio and ancillary equipment of digital cellular radio telecommunications systems GSM and DCS EN 301 4...

Page 204: ...iciones aplicables o exigibles de la Directiva 1999 5 CE Ελληνική Greek ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ name of manufacturer ΔΗΛΩΝΕΙ ΟΤΙ type of equipment ΣΥΜΜΟΡΦΩΝΕΤΑΙ ΠΡΟΣ ΤΙΣ ΟΥΣΙΩΔΕΙΣ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙΣ ΛΟΙΠΕΣ ΣΧΕΤΙΚΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔΗΓΙΑΣ 1999 5 ΕΚ Français French Par la présente nom du fabricant déclare que l appareil type d appareil est conforme aux exigences essentielles et aux autres dispositions pertine...

Page 205: ...no výrobcu týmto vyhlasuje že typ zariadenia spĺňa základné požiadavky a všetky príslušné ustanovenia Smernice 1999 5 ES Suomi Finnish Valmistaja manufacturer vakuuttaa täten että type of equipment laitteen tyyppimerkintä tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen Svenska Swedish Härmed intygar företag att denna utrustning...

Page 206: ...警告使用者 此為甲類資訊技術設備 於居住環境中使用時 可能會造成射頻擾動 在此種情況下 使用者會被要求採取某些適 當的對策 http www peplink com 206 Copyright 2017 Pepwave ...

Reviews:

No comments

Related manuals for BR1 ENT

D-Link DIR-855L Quick Installation Manual preview
DIR-855L
Brand: D-Link Pages: 28
D-Link DIR-826L Quick Install Manual preview
DIR-826L
Brand: D-Link Pages: 2
D-Link DIR-655 - Xtreme N Gigabit Router Wireless Quick Start Manual preview
DIR-655 - Xtreme N Gigabit Router Wireless
Brand: D-Link Pages: 3
D-Link DIR-605L Technical Support Setup Procedure preview
DIR-605L
Brand: D-Link Pages: 11
D-Link DIR-822 Quick Instillation Manual preview
DIR-822
Brand: D-Link Pages: 35
D-Link DIR-880L Quick Install Manual preview
DIR-880L
Brand: D-Link Pages: 12
D-Link DIR-842 Quick Install Manual preview
DIR-842
Brand: D-Link Pages: 12
D-Link DIR-821 Quick Install Manual preview
DIR-821
Brand: D-Link Pages: 24
D-Link DIR-803 Quick Installation Manual preview
DIR-803
Brand: D-Link Pages: 20
D-Link DIR-815/AC Quick Installation Manual preview
DIR-815/AC
Brand: D-Link Pages: 44
D-Link DIR-830M Quick Installation Manual preview
DIR-830M
Brand: D-Link Pages: 52
D-Link DIR-821 User Manual preview
DIR-821
Brand: D-Link Pages: 103
3Com TokenLink 3C359B Release Note preview
TokenLink 3C359B
Brand: 3Com Pages: 4
3Com TokenLink 3C359B Quick Start Manual preview
TokenLink 3C359B
Brand: 3Com Pages: 8
3Com TokenLink 3C339 Release Note preview
TokenLink 3C339
Brand: 3Com Pages: 2
3Com EtherLink 3C985B-SX Installation And User Manual preview
EtherLink 3C985B-SX
Brand: 3Com Pages: 44
3Com 3CR990 Administration Manual preview
3CR990
Brand: 3Com Pages: 88
3Com 3C16080 Important Information preview
3C16080
Brand: 3Com Pages: 2

Brands by name

Popular brands

Load more brands