manualshive.com logo in svg

Billion BiPAC 8900X R3, User Manual

The Billion BiPAC 8900X R3 is a cutting-edge networking device that will revolutionize your internet experience. Unlock its full potential by accessing the detailed User Manual, available for free download from our website. Explore the versatility and power of this device through our comprehensive manual, only a click away.

Share
Download
background image

 

 

  
 
 
 
 
 
 
 
 
 
 
 
 
 

 

 

BiPAC 8900X R3

 

 
 
 
 

3G/4G LTE VDSL2/ADSL2+ VPN 

Firewall Router 

 
 
 
 
 
 

User Manual 

 

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Version Released: 2.52.d3 

Last revised date: Sept. 21, 2018 

 

 

 

 

 

Summary of Contents for BiPAC 8900X R3

Page 1: ...BiPAC 8900X R3 3G 4G LTE VDSL2 ADSL2 VPN Firewall Router User Manual Version Released 2 52 d3 Last revised date Sept 21 2018 ...

Page 2: ...8 Package Contents 8 Important note for using this router 9 Device Description 10 The Front LEDs 10 The Rear Ports 11 Cabling 12 Chapter 3 Basic Installation 13 Connecting Your Router 14 Network Configuration 16 Configuring a PC in Windows 7 8 10 16 Configuring a PC in Windows Vista 19 Configuring a PC in Windows XP 22 Factory Default Settings 24 Information from your ISP 26 Easy Sign On EZSO 27 C...

Page 3: ... Ethernet 86 3G 4G LTE 93 DSL 96 Failover 97 SNR 98 System 99 Internet Time 99 Firmware Upgrade 100 Backup Update 101 Access Control 102 Mail Alert 103 SMS Alert 104 Configure Log 105 USB 106 Storage Device Info 106 User Account 107 Print Server 112 DLNA 117 IP Tunnel 119 IPv6inIPv4 119 IPv4inIPv6 121 Security 122 IP Filtering Outgoing 122 IP Filtering Incoming 125 MAC Filtering 127 Blocking WAN P...

Page 4: ...Server 197 OpenVPN CA 199 OpenVPN Client 200 GRE 207 Advanced Setup 208 Routing 209 Default Gateway 209 Static Route 210 Policy Routing 211 RIP 212 Load Balance 213 DNS 216 DNS 216 Dynamic DNS 218 DNS Proxy 221 Static DNS 222 Static ARP 223 UPnP 224 Certificate 230 Trusted CA 230 Multicast 233 Management 235 SNMP Agent 235 TR 069 Client 236 HTTP Port 238 Remote Access 239 Mobile Networks 240 3G 4G...

Page 5: ...Push Service 248 Diagnostics 249 Fault Management 250 Ethernet OAM 251 Restart 252 Chapter 5 Troubleshooting 253 Appendix Product Support Contact 255 ...

Page 6: ... modem communication via the BiPAC 8900X R3 is becoming more convenient and widely available allowing you to watch movies download music on the road or access e mail no matter where you are You can even share your Internet connection with others no matter if you re in a meeting or speeding across the country on a train The auto fail over feature ensures optimum connectivity and minimum interruptio...

Page 7: ...ized by fixing the size of the host identifier portion of an address to 64 bits to facilitate an automatic mechanism for forming the host identifier from Link Layer media addressing information MAC address Web Based GUI It supports web based GUI for configuration and management It is user friendly and comes with online help It also supports remote management capability for remote users to configur...

Page 8: ...HO Firewall Security with DoS Preventing and Packet Filtering Quality of Service Control for traffic prioritization and Bandwidth management 16 Secured IPSec VPN tunnels with powerful DES 3DES AES PPTP VPN with Pap Chap MS CHAPv2 authentication Pure L2TP and L2TP over IPSec OpenVPN with CA authentication and extensive OpenSSL encryption GRE tunnel Universal Plug and Play UPnP Compliance Supports I...

Page 9: ...DNS relay IGMP snooping and IGMP proxy for video service MLD snooping and MLD proxy for video service Management based on IP protocol port number and address SMTP client with SSL TLS Supports port based interface grouping VLAN Firewall Built in NAT Firewall Stateful Packet Inspection SPI DoS attack prevention Packet Filtering v4 v6 port source IP address destination IP address URL Content Filterin...

Page 10: ...AN Quality of Service QoS USB Application Server 3G 4G LTE dongle support Storage FTP server Samba server DLNA Printer Server Virtual Private Network VPN 16 IPSec VPN tunnels IKE key management DES 3DES and AES encryption for IPSec L2TP over IPSec Pap Chap MS CHAPv2 authentication for PPTP IPSec pass through GRE tunnel Management Easy Sign on EZSO Web based GUI for remote and local management IPv4...

Page 11: ...ert for WAN IP changed Wake on LAN Auto failover and fallback Push Service 1 On request for Telco ISP projects 2 IPTV application may require subscription to IPTV services from a Telco ISP 3 Specifications on this manual are subject to change without prior notice ...

Page 12: ...hernet 4 port 10 100 1000Mbps auto crossover MDI MDI X Switch EWAN 1 Ethernet port port 5 can be configured as a WAN interface for Broadband connectivity Factory default reset button Power jack Power switch Power Requirements Input 15V DC 2 0A Operating Environment Operating temperature 0 40 Storage temperature 20 70 Humidity 20 95 non condensing ...

Page 13: ...ter Package Contents BiPAC 8900X R3 3G 4G LTE VDSL2 ADSL2 VPN Firewall Router Quick Start Guide CD containing the on line manual RJ 45 Cat 5e STP Ethernet cable RJ 11 xDSL telephone cable Power adapter Splitter Micro filter Optional ...

Page 14: ...3 Do not open or repair the case yourself If the router is too hot turn off the power immediately and have it repaired at a qualified service center 4 Avoid using this product and all accessories outdoors Attention 1 Place the router on a stable surface 2 Only use the power adapter that comes with the package Using a different voltage rating power adapter may damage the router ...

Page 15: ...nnected to a 1000Mbos LAN device Orange Successfully connected to a 10 100Mbos LAN device Gigabit Ethernet Port 1 4 Blinking Data being transmitted received Green Successfully connected to an xDSL DSLAM Line Synced Green Blinking DSL synchronizing or waiting for DSL synchronizing DSL Off DSL cable unplugged Green IP connected and traffic is passing through the device Blinking Data being transmitte...

Page 16: ...tomatically becomes an EWAN port when EWAN internet interface is being selected in the GUI 2 If you need port 5 to be used as a LAN port again please remove the EWAN interface See EWAN Interface Removal 5 Gb Ethernet 1 5 Connect PCs Laptops or any other office home LAN devices with the supplied RJ 45 Ethernet cable Cat 5 or Cat 5e to any of the five LAN ports Note Port 5 is a LAN WAN Configurable ...

Page 17: ...you have a line filter with all devices e g telephones fax machines analogue modems connected to the same telephone line and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed and the right way around Missing line filters or line filters installed the wrong way around c...

Page 18: ...ain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router The default IP address of the router is 192 168 1 254 and the subnet mask is 255 255 255 0 i e any attached PC must be in the same subnet and have an IP address in the range of 192 168 1 1 to 192 168 1 253 The best and easiest way is to configure the PC to get an IP address automatically fro...

Page 19: ...14 Connecting Your Router Users can connect the VDSL2 ADSL2 router as the following DSL Router mode Broadband Router mode ...

Page 20: ...15 3G LTE Router mode ...

Page 21: ...Settings or right click the mouse when it points at Windows ICON Start then click Control Panel 3 Click on Network and Internet 4 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 5 Select the Local Area Connection and right click the icon to select Properties Settings of Windows 10 Control Panel ...

Page 22: ...ties 7 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 8 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 23: ...ies 7 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 8 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 24: ...ork 2 Then click on Network and Sharing Center at the top bar 3 When the Network and Sharing Center window pops up select and click on Manage network connections on the left window pane 4 Select the Local Area Connection and right click the icon to select Properties ...

Page 25: ...ties 6 In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 26: ...ies 6 In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting 7 Click OK again in the Local Area Connection Properties window to apply the new configuration ...

Page 27: ...Network Connections 2 Double click Local Area Connection 3 In the Local Area Connection Status window click Properties 4 Select Internet Protocol TCP IP and click Properties 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration ...

Page 28: ...t you should install it first Act as shown below 1 On the desktop Click Start Run type cmd then press Enter key in the keyboard the following screen appears 2 Key in command ipv6 install Configuration is OK now you can test whether it works ok ...

Page 29: ...tention If you have forgotten the username and or password of the router you can restore the device to its default setting by pressing the Reset Button more than 5 seconds Device LAN IPv4 settings IPv4 Address 192 168 1 254 Subnet Mask 255 255 255 0 Device LAN IPv6 settings IPv6 Address prefix Default is a link local address and is different from each other as MAC address is different from one to ...

Page 30: ...dresses continuing from 192 168 1 100 through 192 168 1 199 The PPPoE function is enabled to automatically get the WAN port configuration from the ISP IPv6 LAN Port WAN Port IPv6 address prefix Default is a link local address and is different from each other as MAC address is different from one to one For example fe80 204 edff fe01 1 64 the prefix initiates by fe80 DHCP server function Enabled The...

Page 31: ...your ISP when you connect or be set manually PPPoA RFC2364 VPI VCI VC LLC based multiplexing Username Password and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually DHCP Client VPI VCI VC LLC based multiplexing Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually IPoA RFC1...

Page 32: ...up and request that you enter some basic information that you have obtained from your ISP By following the instructions given carefully and through the information you provide the router will be configured in no time and you will find yourself surfing the internet sooner than you realize EZSO window pops up Step1 Set the administration password Step 2 Set the Time Zone Step 3 Configure the WAN int...

Page 33: ...ISP Here IPv6 service is enabled by default If the DSL line doesn t synchronize the page will pop up warning of the DSL connection failure 3 Wait while the device is configured DSL synchronized 4 Success in configuring the EZSO Click link 192 168 1 254 it will lead you to the following page ...

Page 34: ...ress Continue to go on to next step 2 Enter the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default 3 Wait while the device is configured 4 Success in configuring the EZSO ...

Page 35: ...TE press Continue to go on to next step 2 Enter the APN username password from your ISP for settings about Authentication method PIN etc also refer to your ISP 3 Wait while the device is configured 4 Success in configuring the EZSO ...

Page 36: ...he IP address of your router which by default is 192 168 1 254 and click or press Enter key on the keyboard a login prompt window will appear The default root username and password are admin and admin respectively Congratulations You are now successfully logged in to the VDSL2 ADSL2 Router ...

Page 37: ...pane links you directly to the setup pages which include Status Summary WAN Statistics Bandwidth Usage 3G 4G LTE Status Route ARP DHCP VPN Log Quick Start Configuration LAN WAN System USB IP Tunnel Security Quality of Service NAT Wake On LAN VPN IPSec VPN Account Exceptional Rule Group PPTP L2TP GRE Advanced Setup Routing DNS Static ARP UPnP Certificate Multicast Management Diagnostics ...

Page 38: ... users an easy access to the information about the working router and access to view the current status of the router Here Summary WAN Statistics Bandwidth Usage 3G 4G LTE Status Route ARP DHCP VPN and Log subsections are included ...

Page 39: ...s LAN IPv6 Address Displays the LAN IPv6 address Default is a Link Local address but when connects to ISP it will display the Global Address like above figure MAC Address Displays the MAC address DSL PHY and Driver Version Display DSL PHY and Driver version WAN Line Rate Upstream Kbps Display Upstream line Rate in Kbps Line Rate Downstream Kbps Display Downstream line Rate in Kbps Default Gateway ...

Page 40: ...n interface Description The description of this connection Type The protocol used by this connection Status To disconnect or connect the link Connection Time The WAN connection time since WAN is up IPv4 Address The WAN IPv4 Address the device obtained IPv6 Address The WAN IPv6 Address the device obtained DNS The DNS address the device obtained ...

Page 41: ... each interface Packets Display the total Received and Transmitted traffic statistics in Packets for each interface Errors Display the total statistics of errors arising in Receiving or Transmitting data for each interface Drops Display the total statistics of drops arising in Receiving or Transmitting data for each interface Multicast packets Display the Received and Transmitted multicast Packets...

Page 42: ...ors Display the statistics of errors arising in Receiving or Transmitting data for every WAN interface Drops Display the statistics of drops arising in Receiving or Transmitting data for every WAN interface Multicast packets Display the Received and Transmitted multicast Packets for every WAN interface Unicast packets Display the Received and Transmitted unicast Packets for every WAN interface Bro...

Page 43: ...kets Number of received packets over the interface Out Packets Number of transmitted packets over the interface In OAM Cells Number of OAM cells received Out OAM Cells Number of OAM cells transmitted In ASM Cells Number of ASM cells received Out ASM Cells Number of ASM cells transmitted In Packet Errors Number of received packets with errors In Cell Errors Number of received cells with errors Rese...

Page 44: ...ol including G dmt G lite T1 413 ADSL2 AnnexL ADSL2 and AnnexM Traffic Type Transfer mode here supports ATM and PTM Status Show the status of DSL link Link Power State Show link output power state Line Coding Trellis Trellis on off ...

Page 45: ... Delay msec Show the delay time in msec INP DMT symbol Show the DMT symbol Super Frames The total number of super frames Super Frame Errors the total number of super frame errors RS Words Total number of Reed Solomon code errors RS Correctable Errors Total number of RS with correctable errors RS Uncorrectable Errors Total number of RS words with uncorrectable errors HEC Errors Total number of Head...

Page 46: ...ested Time sec press Start to start test When it is OK the following test result window will appear You can view the quality of ADSL connection Here the connection is OK Reset Click this button to reset the statistics ...

Page 47: ...as EWAN and when the device is in EWAN profile there is no P5 EWAN interface as P5 is working as a WAN port If you need P5 please remove EWAN interface in WAN Interface section EWAN Press View LAN Transmitted button to change the diagram to the statistics from a Received Bytes of view Note means Ethernet port 2 and the traffic information of the port 2 is identified with green the same color with ...

Page 48: ...43 When you press View WAN Traffic concurrently button the WAN Bandwidth Usage pops up so that users can view the WAN traffic concurrently ...

Page 49: ...44 WAN Service Press View WAN Transmitted button to change the diagram to the statistics from a Received Bytes of view ...

Page 50: ...45 Press View LAN Traffic concurrently button to directly switch to the LAN Bandwidth Usage page to view the LAN traffic concurrently ...

Page 51: ...ard s limitation GSM or UMTS Card Name The name of the 3G 4G LTE card Card Firmware The current firmware for the 3G 4G LTE card Current TX Bytes Packets The statistics of transmission count for this call Current RX Bytes Packets The statistics of receive count for this call Total TX Bytes Packets The statistics of transmission count from system ready Total RX Bytes Packets The statistics of receiv...

Page 52: ... not the subnet G Show that the outside gateway is needed to forward packets in this route R Show that the route is reinstated from dynamic routing D Show that the route is dynamically installed by daemon or redirecting M Show the route is modified from routing daemon or redirect Metric Display the number of hops counted as the Metric of the route Service Display the service that this route uses I...

Page 53: ...ed as permanent entry the route is permanent P publish entry publish this route item MAC Address Shows the MAC address that is corresponded to the IP address of the device it is mapped to Device here refers to the physical interface it is a concept to identify Clients from LAN or WAN For example the Clients in LAN here displays br0 Mark Show clearly the SSID WLAN the device is in IPv6 Address IPv6...

Page 54: ... server in the device Host Name The Host Name of DHCP client MAC Address The MAC Address of internal DHCP client host IP Address The IP address which is assigned to the host with this MAC address Expires in Show the remaining time after registration Mark Show clearly the SSID WLAN the device is in ...

Page 55: ...ec Name The IPSec connection name Active Display the connection status Local Subnet Display the local network Remote Subnet Display the remote network Remote Gateway The remote gateway address SA The Security Association for this IPSec entry Refresh Click this button to refresh the tunnel status ...

Page 56: ...nt Action Act to the connection Click Drop button to disconnect the tunnel connection PPTP Client Name The PPTP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN PPTP connection Client Assigned IP by PPTP server Action Act to the connection...

Page 57: ...nt Action Act to the connection Click Drop button to disconnect the tunnel connection L2TP Client Name The L2TP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN L2TP connection Client Assigned IP by L2TP server Action Act to the connection...

Page 58: ...l IP to remotely connected OpenVPN client Action Act to the connection Click Drop button to disconnect the tunnel connection OpenVPN Client Name The OpenVPN connection name Enable Display the connection status with icon Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the tunnel virtual address WAN address of server side Client Assigned tunnel virtua...

Page 59: ... GRE connection name Enable Display the connection status with icons Status The connection status connected or disable Remote Gateway The IP of remote gateway Refresh Click this button to refresh the connection status ...

Page 60: ...cumulated up to the present time You can trace historical information with this function And the log policy can be configured in Configure Log section Refresh Click to update the system log Clear Click to clear the current log from the screen ...

Page 61: ...g Outgoing IP Filtering Incoming URL Filter to determine if you want to log this information Also you can turn to Configure Log section below to determine the level to log the message You can use this to track potential threats to your system and network Refresh Click to update the security log Clear Click to clear the current log from the screen ...

Page 62: ...tion RxBWUR Downstream BandWidth Utilization Ration Weight Sisplay weight value when using WRR method Current Status green check means L2 link is work red cross means L2 link is failure If L3 Health check option is used status will display L3 status word as above figure otherwise only show L2 link status ...

Page 63: ...oose ATM VDSL please choose PTM Here take ADSL for example 1 Select DSL press Continue to go on to next step 2 Enter the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default If the DSL line is not synchronized the page will pop up warning of the DSL connection failure ...

Page 64: ...59 3 Wait while the device is configured 4 Success ...

Page 65: ...t Ethernet press Continue to go on to next step 2 Enter the username password from your ISP for IP and DNS settings also refer to your ISP Here IPv6 service is enabled by default 3 Wait while the device is configured 4 Success ...

Page 66: ... 4G LTE press Continue to go on to next step 2 Select the 3G mode and enter the APN username password from your ISP and check with your ISP with the authentication method setting 3 Wait while the device is configured 4 Success ...

Page 67: ...mn will expand to display the sub items that will allow you to further configure your router LAN WAN System USB IP Tunnel Security Quality of Service NAT and Wake On LAN The function of each configuration sub item is described in the following sections ...

Page 68: ...s of the router Default is 192 168 1 254 Subnet Mask the default Subnet mask on the router IGMP Snooping Enable or disable the IGMP Snooping function Without IGMP snooping multicast traffic is treated in the same manner as broadcast traffic that is it is forwarded to all ports With IGMP snooping multicast traffic of a group is only forwarded to ports that have members of that group When enabled yo...

Page 69: ...lows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically Disable Disable the DHCP Server function Enable Enable the DHCP function enter the information wanted Here as default Start IP Address The start IP address of the range the DHCP Server used to assign to the Clients End IP Address The end IP address f the range the ...

Page 70: ...s and then click Apply to confirm your settings But the IP assigned should be outside the range of 192 168 1 100 192 168 1 199 IP Alias This function allows the creation of multiple virtual IP interfaces on this router It helps to connect two or more local networks to the ISP or remote node IP Alias Check whether to enable this function IP Address Specify an IP address on this virtual interface Su...

Page 71: ... stateless mechanism allows a host to generate its own addresses using a combination of locally available information MAC address and information prefix advertised by routers Routers advertise prefixes that identify the subnet s associated with a link while hosts generate an interface identifier that uniquely identifies an interface on a subnet An address is formed by combining the two When using ...

Page 72: ...e block fc00 7 It is approximately the IPv6 counterpart of the IPv4 private address They are not routable in the global IPv6 Internet RADVD Type The way that ULA prefix is generated Randomly Generated Statically Configured select to set manually in the following parameters Prefix Set the prefix manually Preferred Life Time The ULA prefix life time When the time is over the ULA prefix is invalid an...

Page 73: ...de thus the PCs in LAN are configured through RA mode to obtain the prefix message and generate an address using a combination of locally available information MAC address and information prefix advertised by routers With both DHCPv6 and Issue Router Advertisement Enabled With this method the PCs addresses in LAN are configured like above method but they can obtain such information like DNS from D...

Page 74: ...e PCs addresses are configured the same as in IPv4 that is addresses are assigned by DHCPv6 server With both DHCPv6 and Issue Router Advertisement Enabled With this method the PCs addresses are configured the same like above and the address information in RA packets will be neglected ...

Page 75: ...d stations to be grouped together even if they are not located on the same network switch Each group will perform as an independent network To support this feature you must create mapping groups with appropriate LAN and WAN interfaces using the Add button Please Note P5 can be configured as EWAN and when the device is in EWAN profile there is no P5 EWAN interface as P5 is working as a WAN port If ...

Page 76: ...rfaces you want to group as a single group from Available LAN Interfaces Automatically Add Clients with following DHCP Vendor IDs Enter the DHCP Vendor IDs for which you want the Clients automatically added into the group DHCP vendor ID DHCP 60 is an Authentication for DHCP Messages Click Apply to confirm your settings and your added group will be listed in the Interface Grouping table below ...

Page 77: ...p add the DHCP vendor ID string By configuring a DHCP vendor ID string any DHCP client request with the specified vendor ID DHCP option 60 will be denied an IP address from the local DHCP server If a vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow it to obtain an appropriate IP address Each LAN interface can only be added into one...

Page 78: ...N VLAN VLAN Mode Check if to enable LAN VLAN for the selected port Click Add to set the VLAN ID Pbits for the port VLAN ID a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 1 4094 Pbits The parameter indicates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc ...

Page 79: ... Bit Rate and Duplex Mode Select to change the port working patterns in the Edit vertical column Eth Port Select the port P1 P5 EWAN Max Bit Rate Manually specify the max bit rate for the Ethernet port 10 or 100Mbps Duplex Mode Manually specify the duplex mode for the Ethernet port half or full duplex ...

Page 80: ...hree WAN interfaces are provided for WAN connection DSL VDSL ADSL Ethernet and 3G 4GLTE Click Add to add new WAN connections DSL In DSL mode there are two transfer modes for you to configure for WAN connection namely ATM ADSL and PTM VDSL configuration of PTM mode is similar as ATM mode here take ATM mode WAN configuration for example Layer2 Interface 2 transfer mode ATM ADSL or PTM VDSL ...

Page 81: ...es user can define this Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single I...

Page 82: ...MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface PPPoE with Pass through Enable or disable PPPoE pass through If it is enabled PCs behind the router can dial itself IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from ...

Page 83: ...econdary DNS server addresses Parent Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 Obtain IPv6 DNS info from a WAN interface WAN Interface selected Select one configured IPv6 WAN connection from the menu...

Page 84: ...ss Remove Press Edit button to re edit this service settings Here you can configure WAN Service if it is OK you can access the internet You can go to Status WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address IPv4 or IPv6 ...

Page 85: ... While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Note I...

Page 86: ... over some of the router s job simplifying the router s job and multicast communication IGMP Multicast Source Enable to support the source filtering which is the ability for a system to report interest in receiving packets only from specific source address es or all but specific source address es sent to a particular multicast address Note It works only on IGMP version 3 MLD Multicast Proxy check ...

Page 87: ...the VLAN ID identification tagged 0 4094 untagged 1 Here two modes are supported for users to deal with the IP and DNS You can select obtain automatically or manually input the information according to your ISP Obtain an IP address automatically Check whether to enable this function Option 60 Vendor ID Enter the associated information by your ISP This option is used by DHCP clients to optionally i...

Page 88: ...he mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from Clients and set up the multicast forwarding table it takes over...

Page 89: ...es to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same ex...

Page 90: ...ed 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Allow as IGMP Multicast Source Enable to support the source filtering which is the ability for a system to report interest in receiving packets only from specific source address es or all but specific source address es sent to a particular multicast address No...

Page 91: ...P5 EWAN interface as P5 is working as a WAN port If you need P5 please remove EWAN interface PPPoE Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 lowest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority ...

Page 92: ... the internal host only if the internal host had previously sent a packet to IP address X and port P IPv4 Address Select whether to set static IPv4 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address get from the ISP Dial on demand It is a parameter to let users to dial for connection to internet themselves It is useful when saving inter...

Page 93: ...N interface as the IPv4 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses Parent Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 Obtai...

Page 94: ...he EWAN rules to release EWAN port to become a LAN port Press Edit button to re edit this service settings Here the corresponding WAN Service have been configured if it is OK you can access the internet You can go to Status WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address IPv4 or IPv6 ...

Page 95: ...SP This option is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client The information is a string of n octets interpreted by servers Vendors may choose to define specific vendor class identifiers to convey particular configuration or other identification information about a client Option 61 ClientID Enter the associated information provided by your ISP Op...

Page 96: ...wing rules IGMP Multicast IGMP Internet Group Membership Protocol is a protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast routers Check this item to enable IGMP multicast on that WAN interface for multicast forwarding IGMP Multicast Source Enable to support the source filtering which is the ability for a system to report interest in recei...

Page 97: ...the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Allow as IGMP Multicast Source Enable to support the source filtering which is the ability for a system to report interest in receiving packets only from specific source address es or all but specific source address es sent to a particular multicast address Note It works only on IGMP version 3 Allow as MLD Multicast Source...

Page 98: ...n page Dial on demand If enabled the 3G 4G LTE will work in dial on demand and be brought up only when there is no active default route In this mode 3G LTE work as a backup for the WAN connectivity While if disabled 3G 4G LTE serves as a normal interface and can only be brought up when it has been configured to achieve a mobile connectivity Mode There are 6 options of phone service standards GSM 2...

Page 99: ... the SIM card will be blocked and you will require a PUK code from your network service provider Dial on Demand If you want to make UMTS GPRS call only when there is a packet requesting access to the Internet i e when a program on your computer attempts to access the Internet In this mode you must set Idle Timeout value at same time Click on Connect on Demand the Idle Timeout field will display Id...

Page 100: ... a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Click Apply to confirm the settings Here you can configure WAN Service if it is OK you can access the internet You can go to Status WAN or Summary to view the WAN connection information Here user can see the 3G LTE failover ...

Page 101: ...les up to 17a US0 Select to enable US0 In VDSL mode profiles like 8a 8b 8c 8d and 12a need users to enable US0 band Phone line pair This is for reserved only You can choose Inner Pair or Outer Pair Capability There are 2 options Bitswap Enable and SRA Enable that user can select for this connection Bitswap Enable Allows bitswaping function SRA Enable Allows seamless rate adaptation PhyR A new tech...

Page 102: ... to check the connectivity of the gateway of slave interface Host It will send ping packets to specific host and wait for response in every Probe Cycle Probe Cycle Set the time duration for the Probe Cycle to determine when the router will switch to the backup connection once the main connection main port fails For example when set to 30 seconds the probe will be conducted every 30 seconds Connect...

Page 103: ... measure used in science and engineering that compares the level of a desired signal to the level of background noise It is defined as the ratio of signal power to the noise power SNR Change the value to adjust the DSL link rate more suitable for an advanced user ...

Page 104: ...her than those in the drop down list simply enter its IP address in their appropriate blanks provided as shown above Your ISP may also provide an SNTP server for you to use Choose your local time zone from the drop down menu After a successful connection to the Internet the router will retrieve the correct local time from the NTP server you have specified If you prefer to specify an NTP server oth...

Page 105: ...pgrading Your router s firmware is the software that allows it to operate and provides all its functionality Think of your router as a dedicated computer and the firmware as the software it runs Over time this software may be improved and revised and your router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse will allow you to select the new firmwar...

Page 106: ...s It is advisable to backup your router s settings before making any significant changes to your router s configuration Click Backup Settings a window appears click save then browse the location where you want to save the backup file Click Browse and browse to the location where your backup file is saved the click Open Then in the above page click Update Settings the following process indicating s...

Page 107: ... username and password are admin and admin respectively Remote username for the remote user to login corresponding default username and password are support and support respectively Local username for the general user when logon to the web page only lit items would be listed for common user corresponding default username password are user and user respectively Username the default username for eac...

Page 108: ...net port will have the same configuration SMTP Server Enter the SMTP server that you would like to use for sending emails Username Enter the username of your email account to be used by the SMTP server Password Enter the password of your email account Sender s Email Enter your email address SSL TLS check to whether to enable SSL encryption feature Port the port default is 25 Account Test Press thi...

Page 109: ...ormation clients subscribe The BiPAC 8900X R3 offers SMS alert sending clients alert messages when a WAN IP change is detected Recipient s Number WAN IP Change Alert Enter the Recipient s number that will receive the alert message once a WAN IP change has been detected ...

Page 110: ...at the chosen level and above For instance if you set the log level to Critical all critical alert and emergency events are logged but none of the others are recorded Display Level Display the log according to the level you set when you view system log Once you set the display level the logs of the same or higher priority will be displayed Mode Select the mode the system log adopted Three modes lo...

Page 111: ...ume the used and the remaining capacity of the device Volume Name Display the storage volume name FileSystem Display the storage device s file system format well known is FAT Total Space Display the total space of the storage with unit MB Used Space Display the remaining space of each partition unit MB Unmount Click Unmount button if you want to uninstall the USB device Please Note that first clic...

Page 112: ...fault user admin Click Add button enter the user account adding page Username user defined name but simpler and more convenient to remember would be favorable Password Set the password Confirm Password Reset the password for confirmation Volume Name Select Volume name as to create access to the volume of the specified partition of the storage For example a user test is setup behind the disk1_1 ...

Page 113: ...108 Accessing mechanism of Storage In your computer Click Start Run enter 192 168 1 254 ...

Page 114: ...the User Accounts section When first logged on to the network folder you will see the public folder Public The public sharing space for each user in the USB Storage When user register a USB account and log successfully a private folder the same name as the user account registered exclusive for each user is established Go on to see the details ...

Page 115: ...110 Access the folder public ...

Page 116: ...111 When successfully accessed the private folder of each user is established and user can see from the following picture The test fold in the picture is the private space for each user ...

Page 117: ... print server on the 8900X R3 3 Install the printer drivers on the PC you want to print from On board Print Server Check Enable to activate the print server Printer Name Enter the Printer name for example OfficePrinter Make and Model Enter in the Make and Model information for the printer for example Epson Stylus Photo R290 Note The Printer name can be any text string up to 40 characters It cannot...

Page 118: ...113 Step 2 Click Add a Printer Step 3 Click Add a network wireless or Bluetooth printer ...

Page 119: ...Select a shared printer by name Enter http 8900XR3 LAN IP 631 printers printer name or Make sure printer s name is the same as what you set in the router earlier For Example http 192 168 1 254 631 printers OfficePrinter OfficePrinter is the Printer Name we setup earlier ...

Page 120: ...115 Step 6 Click Next to add the printer driver If your printer is not listed and your printer came with an installation disk click Have Disk find it and install the driver Step 7 Click Next ...

Page 121: ...116 Step 8 Click Next and you are done You will now be able to see your printer on the Devices and Printers Page ...

Page 122: ... the types of devices server renderer controller that DLNA supports and the mechanism for accessing media over a network Overall DLNA allows more convenience more choices and enjoyment of your digital content through DLNA certified devices Any DLNA certified devices or software can access the DLNA server With USB storage 8900X R3 can serve as a DLNA server On board digital media server Enable to s...

Page 123: ...118 Take Windows media player in Windows 7 accessing the DLNA server for example for usage of DLNA ...

Page 124: ...to IPv6 6in4 uses tunneling to encapsulate IPv6 traffic over explicitly configured IPv4 links The 6in4 traffic is sent over the IPv4 Internet inside IPv4 packets whose IP headers have the IP Protocol number set to 41 This protocol number is specifically designated for IPv6 capsulation 6RD 6RD is a mechanism to facilitate IPv6 rapid deployment across IPv4 infrastructures of internet service provide...

Page 125: ...Common Bit Length Specify the length of IPv4 address carried in IPv6 prefix for example 0 means to carry all the 32 bits of IPv4 address while 8 carries 24 bits of the IPv4 address 6rd Prefix with Prefix Length Enter the 6rd prefix and prefix length you uniquely designate to 6rd by the ISP The 6rd prefix and prefix length are to replace the standard 6to4 prefix 2002 16 by an IPv6 prefix that belon...

Page 126: ...e CPE distributes private IPv4 addresses for the LAN clients the same as a NAT device The subnet information is chosen by the customer identically to the NAT model However instead of performing the NAT itself the CPE encapsulates the IPv4 packet inside an IPv6 packet Click Add button to manually add the 4in6 rules Tunnel Name User defined tunnel name Mechanism It is the 4in6 tunnel operation techn...

Page 127: ...dd button to enter the exact rule setting page Filter Name A user defined rule name User can select simply from the list box for the application for quick setup IP Version Select the IP Version IPv4 or IPv6 Protocol Set the traffic type TCP UDP TCP UDP ICMP RAW Any that the rule applies to Source IP address This is the Address Filter used to allow or block traffic to from particular IP address es ...

Page 128: ...e Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon in list table indicating the rule is inactive See Time Schedule Action Select to drop or forward the packets fit the outgoing filtering rule Log check the check box to record the security log To check the log users can turn to Security Log Example For example if there is an out...

Page 129: ...124 Rule inactive ...

Page 130: ...low or block traffic to from particular IP address es featured in the IP range If you leave empty it means any IP address Source Port port or port port The port or port range defines traffic from the port specific application or port in the set port range blocked to go through the router Default is set port from range 1 65535 Destination IP address Traffic from LAN with the particular traffic dest...

Page 131: ...e 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon in the list table indicating the rule is inactive See Time Schedule Log check the check box to record the security log To check the log users can turn to Security Log ...

Page 132: ...Change checkbox and then press Change Policy to change the settings to the interface For example from above the interface atm0 1 is of bridge mode and all the MAC layer frames will be forward but you can set some rules to let some item matched the rules to be blocked Click Add button to add the rules Protocol type Select from the drop down menu the protocol that applies to this rule Destination So...

Page 133: ...128 Blocking WAN PING This feature is enabled to let your router not respond to any ping command when someone others Ping your WAN IP ...

Page 134: ...l User defined name MAC Address Enter the MAC address es you want to allow or block to access the router and LAN The format of MAC address could be xx xx xx xx xx xx or xx xx xx xx xx xx For convenience user can select from the list box Time Schedule To determine when the rule works Drop To drop the MAC entries always in other words the MACs are blocked access to router and internet always Forward...

Page 135: ...the user child use with a MAC of 18 a9 05 04 12 23 is blocked to access the router from 00 00 to 23 59 Monday through Friday The test can access the internet always If you needn t this rule you can check the box press Remove it will be OK ...

Page 136: ...ly Domains Filtering This function checks the whole URL address but not the IP address against your list of domains to block or allow If it is matched the URL request will either be sent Trusted or dropped Forbidden Restrict URL Features Click Block Java Applet to filter web access with Java Applet components Click Block ActiveX to filter web access with ActiveX components Click Block Cookie to fi...

Page 137: ...the item and press Edit Delete Click Return to be back to the previous page Domain Filtering Note Maximum number of entries 32 Click to add Domains Domain Filtering enter the domain you want this filter to apply Type select the action this filter deals with the Domain Forbidden Domain The domain is forbidden access Trusted Domain The domain is trusted and allowed access Enter a domain and select w...

Page 138: ...ded from the URL filtering rules in effect For specific process please refer to Keywords Filtering For example users can set IPv4 client 192 168 1 103 in your network as a exception address that is not limited to the rules set in URL filter or IPv4 clients a range And also an IPv6 client 2000 1211 1002 6ba4 d160 5adb 9009 87ae or IPv6 clients a range can be the exceptions from the URL rules At the...

Page 139: ...figure at the selected Provider www opendns com in advance To use parental control DNS user needs to configure to use parental control DNS provided by parental control provider to access internet at WAN configuration or DNS page See DNS Host Name Username and Password Enter your registered domain name and your username and password at the provider website www opendns com ...

Page 140: ...m rate of the EWAN interface Click Apply to save the EWAN rate settings Click Add to enter QoS rules IP Version Select either IPv4 or IPv6 base on need Application Assign a name that identifies the new QoS application rule Select from the list box for quick setup Direction Shows the direction mode of the QoS application LAN to WAN You want to control the traffic from local network to the outside U...

Page 141: ...red Forwarding AF and Expedited Forwarding EF AF1 AF2 AF3 and AF4 are four levels of assured forwarding services Each AF has three different packet loss priorities from high medium to low Also CS1 CS7 indicates the IP precedence Rate Type You can choose Limited Prioritization or Set DSCP Marking Limited Maximum Specify a limited data rate for this policy It also is the maximum rate for this policy...

Page 142: ... Port number on the LAN side it is used to identify an application External IP Address The IP address on remote WAN side External Port The Port number on the remote WAN side Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you can select the a...

Page 143: ...Give outgoing VoIP traffic more priority The default queue priority is normal so if you have VoIP users in your local network you can set a higher priority to the outgoing VoIP traffic 2 Give regular web http access a limited rate ...

Page 144: ...rnet access for other users within your network you can then use QoS to set a rule that has low priority In this way P2P application will not congest the data transmission with other applications Other applications like FTP Mail access users can use QoS to control based on need ...

Page 145: ...thernet interface When Shaping Rate is set to 1 no shaping will be in place and the Burst Size is to be ignored Interface P1 P5 P5 used as EWAN also covered Type All LAN when P5 is LAN port P5 used as EWAN type WAN and all others LAN QoS Shaping Rate Kbps Set the forcefully maximum rate Burst Size Bytes Set the forcefully Burst Size ...

Page 146: ... Virtual Server DMZ access to some specific IP or IPs range Users are allowed to set 8 different exceptional rule groups at most In each group user can add specific IP or IP range Press Edit to set the exceptional IP IP Range Default Action Please first set the range to make Default Action setting available Set Allow to ban the listed IP or IPs to access the Virtual Server and DMZ Host Check Block...

Page 147: ... the IP address range IPv4 address range can be supported Click Add to add the IP Range For instance if user wants to block IP range of 172 16 1 102 172 16 1 106 from accessing your set virtual server and DMZ host you can add this IP range and valid it ...

Page 148: ...r to forward these incoming connection attempts using specific ports to the PC on your network running the application You will also need to use port forwarding if you want to host an online game server The reason for this is that when using NAT your publicly accessible IP address will be used by and point to your router which then needs to deliver all traffic to the private IP addresses used by y...

Page 149: ...ort Start Enter a port number as the external starting number for the range you want to give access to internal network End Enter a port number as the external ending number for the range you want to give access to internal network Internal Port Start Enter a port number as the internal staring number End Here it will generate automatically according to the End port number of External port and can...

Page 150: ... 16 1 102 172 16 1 106 If here you want to block Virtual Server access to this IP range you can select Group1 Set up 1 Select a Server Name from the drop down menu then the port will automatically appear modify some as you like or you can just leave it as default Remember to enter your server IP Address 2 Press Apply to conform and the items will be list in the Virtual Servers Setup table ...

Page 151: ...146 Means the rule is inactive Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove then press Remove it will be OK ...

Page 152: ... set previously group 1 blocking access to 172 16 1 102 172 16 1 106 If here you want to block DMZ Access to this IP range you can select Group1 Using port mapping does have security implications since outside users are able to connect to PCs on your network For this reason you are advised to use specific Virtual Server entries just for the ports your application requires instead of simply using D...

Page 153: ... Exceptional Rule Group Select the exceptional group listed It is to give or block access to a group of IPs to the server after One to One NAT For example a server with 192 168 1 3 is mapped to 123 1 1 2 by One to One NAT then the exceptional group can be designated to have or have not access to 123 1 1 2 For example you have an ADSL connection of pppoe_0_8_35 ppp0 1 interface with three fixed glo...

Page 154: ...lick Add to add a port triggering rule Interface Select from the drop down menu the interface you want the port triggering rules apply to Application Preinstalled applications or Custom Application user can customize the utility yourself Custom Application It is a kind of service to let users themselves customizes the service they want Enter the user defined service name here Trigger Port Start En...

Page 155: ... an outgoing connection on port 4099 to the Aim Talk server but when the computer is behind the NAT the NAT silently drops this connection because it does not know which computer behind the NAT to send the request to connect So in this case port triggering in the router is working when an outbound connection is attempted on port 4099 or any port in the range set it should allow inbound connections...

Page 156: ...151 Edit Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove and then press Remove Click Edit to re edit your port triggering rule ...

Page 157: ...ALG to pass through the NAT Disable the SIP when SIP phone includes NAT Traversal algorithm H 323 Enable to secure the voice communication using H 323 protocol when one or both terminals are behind a NAT IPSec Enable IPSec ALG to allow one or both peers to reside behind a NAT gateway i e doing address or port translation ...

Page 158: ...hedule Enable to wake up your set device at some specific time For instance user can set to get some device woken up at 8 00 every weekday Click Schedule to enter time schedule configuring page to set the exact timeline Add After selecting click Add then you can submit the Wake up action Edit Delete Click to edit or delete the selected MAC address Ready Yes indicating the remote computer is ready ...

Page 159: ...session IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session IPsec is an end to end security scheme operating in the Internet Layer of the Internet Protocol Suite It can be used in protecting data flows between a pair of security gateways network to network or between ...

Page 160: ...an IPSec connection between a security gateway and a host network to host Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network IP Address The local network address Netmask The local network netmask Remote Security Gateway The IP address of the remote VPN device that is connected and establishes a VPN tunnel Anonymous Enable ...

Page 161: ...he integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 However it is slower MD5 A one way hashing algorithm that produces a 128 bit hash SHA1 A one way hashing algorithm that produces a 160 bit hash DH Group It is a public key cryptography protocol th...

Page 162: ...to be detected lively when the connection between the router and a remote IPSec peer has lost Please be noted it must be enabled on the both sites Detection Interval The period cycle for dead peer detection The interval can be 180 86400 seconds Idle Timeout Auto disconnect the IPSec connection after trying several consecutive times Ping This mode will detect whether the remote IPSec peer has lost ...

Page 163: ...t uses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards you can use 128 192 or 256 bits as encryption method Integrity Algorithm Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 Howev...

Page 164: ... for IPSec connection Local Network Subnet Select Subnet IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head Office network 3 Secure Gateway Address Hostanme 69 121 1 30 IP address of the Branch office router on WAN side Remote Network Subnet Select Subnet IP Address 192 168 0 0 4 Netmask 255 255 255 0 Branch office network Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Secu...

Page 165: ...160 ...

Page 166: ...P Address 192 168 0 0 2 Netmask 255 255 255 0 Branch Office network 3 Remote Secure Gateway Address Hostanme 69 121 1 3 IP address of the Head office router on WAN side Remote Network Subnet Select Subnet IP Address 192 168 1 0 4 Netmask 255 255 255 0 Head office network Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Security MODP 1024 group2 5 Pre shared Key 123456 Security...

Page 167: ...ame for IPSec connection Local Network Subnet Select Subnet IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head Office network 3 Remote Secure Gateway Hostanme 69 121 1 30 IP address of the Branch office router on WAN side Remote Network 4 Single Address 69 121 1 30 Host Proposal Method ESP Authentication MD5 Encryption 3DES Prefer Forward Security MODP 1024 group2 5 Pre shared Key 123456 Security...

Page 168: ...163 ...

Page 169: ... PPTP L2TP server is waiting for the client to connect to this account Username Please input the username for this account Password Please input the password for this account Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Peer Network IP Please input the subnet IP for remote network Peer Netmask Please input the Netmask for remote network ...

Page 170: ...groups at most In each group user can add specific IP or IP range Press Edit to set the exceptional IP IP Range Default Action Please first set the range to make Default Action setting available Set Allow to ban the listed IP or IPs to access the PPTP and L2TP server Check Block to grant access to the listed IP or IPs to the PPTP and L2TP server Apply Press Apply button to apply the change ...

Page 171: ...pecify the IP address range IPv4 address range can be supported Click Add to add the IP Range For instance if user wants to block IP range of 172 16 1 102 172 16 1 106 from accessing your PPTP and L2TP server you can add this IP range and valid it ...

Page 172: ...tion Select Enable to activate PPTP Server Disable to deactivate PPTP Server function WAN Interface Select the exact WAN interface configured for the tunnel Select Default to use the now working WAN interface for the tunnel Auth Type The authentication type Pap or Chap PaP Chap and MS CHAPv2 When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also a...

Page 173: ... you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using when acting as a client or else the authentication type you want clients connecting to you to use when acting as a server When using PAP the password is sent unencrypted whilst C...

Page 174: ... with 172 16 1 208 just an example for illustration 2 Here is a configuration example on Windows 7 Windows series including Windows 10 8 7 vista also supports the application with similar steps Server Side 1 Configuration VPN PPTP and Enable the PPTP function Click Apply ...

Page 175: ... Note Here is a configuration example on Windows 7 Windows series including Windows 10 vista 8 7 also supports the application with similar steps 1 In Windows7 click Start Control Panel Network and Sharing Center Click Set up a new connection network Windows 7 ...

Page 176: ...or Windows 10 Users can click Start Settings or right click the mouse when it points at Windows ICON Start then click Control Panel Network and Sharing Center then Set up a new connection network Windows 10 ...

Page 177: ...172 2 Click Connect to a workplace and press Next 3 Select Use my Internet connection VPN and press Next ...

Page 178: ...173 4 Input Internet address and Destination name for this connection and press Next ...

Page 179: ...174 5 Input the account user name and password and press Create ...

Page 180: ...175 6 Connect to the server ...

Page 181: ... You can also go to Network Connections shown below to check the detail of the connection Right click test icon and select Properties to change the security parameters if the connection fails users can go here to change the settings ...

Page 182: ...177 ...

Page 183: ... connect two private networks over the Internet The routers are installed in the head office and branch offices accordingly Server side Head Office The above is the common setting for PPTP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side ...

Page 184: ...rver and can also set the tunnel as the default route for all outgoing traffic Note users can see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop ...

Page 185: ...tes the complete L2TP Server settings L2TP Select Enable to activate L2TP Server Disable to deactivate L2TP Server WAN Interface Select the exact WAN interface configured as source for the tunnel Select different interfaces you will decide whether to use L2TP over IPSec or the pure L2TP L2TP over IPSec Select Default or IPSec Tunnel only when there is IPSec for L2TP rule in place Pure L2TP Select ...

Page 186: ...me of peer featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Exceptional Rule Group Select to grant or block access to a group of IPs to the L2TP server See Exceptional Rule Group If there is not any restriction select none Click Apply to submit your L2TP Server basic settings ...

Page 187: ...er the username provided by your L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using When using PAP the password is sent unenc...

Page 188: ...icate through pure L2TP server Username Enter the username provided by your L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is usin...

Page 189: ...assword in the server side Remote Host Name Enter the remote host name featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Click Add button to save your changes ...

Page 190: ...72 16 1 185 just an example for illustration 2 Here is a configuration example on Windows 7 Windows series including Windows 10 8 7 vista also supports the application with similar steps Server Side 1 Configuration VPN L2TP and Enable the L2TP function Click Apply The IPSec for L2TP rule ...

Page 191: ...s Note Here is a configuration example on Windows 7 Windows series including Windows 10 vista 8 7 also supports the application with similar steps 1 In Windows7 click Start Control Panel Network and Sharing Center Click Set up a new connection network Windows 7 ...

Page 192: ...or Windows 10 Users can click Start Settings or right click the mouse when it points at Windows ICON Start then click Control Panel Network and Sharing Center then Set up a new connection network Windows 10 ...

Page 193: ...188 2 Click Connect to a workplace and press Next 3 Select Use my Internet connection VPN and press Next ...

Page 194: ...189 4 Input Internet address and Destination name for this connection and press Next ...

Page 195: ...190 5 Input the account user name and password and press Create ...

Page 196: ...191 6 Connection created Press Close 7 Go to Network Connections shown below to check the detail of the connection Right click L2TP_IPSec icon and select Properties to change the security parameters ...

Page 197: ...192 8 Chang the type of VPN to Layer 2 Tunneling Protocol with IPSec L2TP IPSec and Click Advanced Settings to set the pre shared set in IPSec key for authentication ...

Page 198: ...193 9 Go to Network connections enter username and password to connect L2TP_IPSec and check the connection status ...

Page 199: ...blishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the LAN LAN application Server side Head Office ...

Page 200: ...e above is the commonly setting for L2TP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side Then account the L2TP Account ...

Page 201: ...n also set the tunnel as the default route for all outgoing traffic Note users can see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop ...

Page 202: ...nSSL encryption 250H258H258H258Hlibrary extensively as well as the 251H259H259H259HSSLv3 TLSv1 252H260H260H260Hprotocol and contains many security and control features OpenVPN is good at portability OpenVPN has been ported and embedded to several systems OpenVPN Server Users can set the bassic parameters source destination address protocl port authentication encyption etc for OpenVPN Server OpenVP...

Page 203: ...255H263H263H263HHMAC authentication please select authentication item from the list lzo Compression Enable to use the 256H264H264H264HLZO compression library to compress the data stream Click Apply to submit your OpenVPN Server basic settings ...

Page 204: ...t robust Generally the part offers the billion factory defined authentication certificate Recipient s Email Set the recipient s email address to send the trusted CA to the OpenVPN client OpenVPN server and client need matched certificate to establish trusted VPN tunnel on client side please import this certificate in 258H266H266H266HTrusted CA client side CA ...

Page 205: ...r Password Enter the password provided by your OpenVPN Server OpenVPN Server Address Enter the WAN IP address of the OpenVPN server Protocol The protocol same as set in server side Port Number 1194 Cipher Encryption Be consistent with what set on server side HMAC Authentication Be consistent with what set on server side lzo Compression Enable to use the 259H267H267H267HLZO compression library to c...

Page 206: ...tter install an OpenVPN client application installer and connect to server accordingly Here only give the configuration on server side Server side on router 1 Set up parameters WAN interface port tunnel virtual subnet IP mask encryption authentication etc on OpenVPN server side 2 Create an account for the OpenVPN tunnel for client to connect in ...

Page 207: ...202 3 Set the OpenVPN client s E mail address to receive trusted CA from server to establish a trusted OpenVPN tunnel ...

Page 208: ...ed in the head office and branch office accordingly Configured in this way head office and branch office can access each other Note Both office LAN networks must be in different subnets with the LAN to LAN application Server side Head Office 1 Set up parameters WAN interface port tunnel virtual subnet IP mask encryption authentication etc on OpenVPN server side ...

Page 209: ...204 2 Create an account for client to connect in 3 Set the OpenVPN client s E mail address to receive trusted CA from server to establish a trusted OpenVPN tunnel ...

Page 210: ... Import your trusted certificate from server side which is used to authenticate between client and server for establishing trusted OpenVPN tunnel 2 On the OpenVPN client side fill in the parameters the same as set for OpenVPN server ...

Page 211: ...see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop ...

Page 212: ... virtual destination IP for tunnel Remote Gateway IP Set the destination IP for the tunnel Remote Network Select the peer topology Single address client or Subnet IP Address Set the IP address if the peer is a client If the peer is a subnet please enter the IP and netmask Enable Keepalive Normally the tunnel interface is always up Enable keepalive to determine when the tunnel interface is to be cl...

Page 213: ...208 Advanced Setup There are sub items within the System section Routing DNS Static ARP UPnP Certificate Multicast Management and Diagnostics ...

Page 214: ... ones you have set in WAN section here select the one you want to be the default gateway by moving the interface via or And select a Default IPv6 Gateway from the drop down menu Note Only one default gateway interface will be used according to the priority with the first being the highest and the last one the lowest priority if the WAN interface is connected ...

Page 215: ...68 1 0 24 submask is 255 255 255 0 While in IPv6 IPv6 address composes of two parts thus the prefix and the interface ID the prefix is like the net ID in IPv4 and the interface ID is like the host ID in IPv4 The prefix length is to identify the net ID in the address One IPv6 address 3FFE FFFF 0 CD30 0 0 0 0 64 the prefix is 3FFE FFFF 0 CD3 Interface Select an interface this route associated Gatewa...

Page 216: ...defined name Physical LAN Port Select the LAN port Source IP Enter the Host Source IP Interface Select the WAN interface which you want the Source IP to access outside through Default Gateway Enter the default gateway which you want the Source IP to access outside through Click Apply to apply your settings And the item will be listed in the policy Routing listing table Here if you want to remove t...

Page 217: ...y receive the routing information broadcasted by other routers and modifies its routing table according to the received information Active working in this mode the router sends and receives RIP routing information and modifies routing table according to the received information Enable check the checkbox to enable RIP rule for the interface Note RIP can t be configured on the WAN interface which ha...

Page 218: ...od can dynamic detecting the traffic status among multiple WAN and adjust the traffic pass through the proper WAN interface WRR Weighted Round Robin method can distribute the internet traffic by weight assigned Click Apply to save your changes and set WAN Interface settings WAN Settings WAN Interface Assign a wan interface Enable Select enable to join this WAN interface into load balance process o...

Page 219: ...L 90 of speed on upstream downstream LTE 90 of speed on upstream downstream II Huge speed disparity between WAN interfaces for example WAN ETH 1000 1000 LTE 100 50Mbps Select WRR And the speed ratio between the interfaces is 10 1 so put WRR at 200 20 Ethernet WAN 90 of speed on upstream downstream LTE 90 of speed on upstream downstream ...

Page 220: ...een VDSL Eth and LTE are 1 20 2 Hence we need to use WRR to 10 200 20 VDSL 90 of speed on upstream downstream Ethernet WAN 90 of speed on upstream downstream LTE 90 of speed on upstream downstream Note If there is a huge disparity between interfaces please use WRR If not please use SDB It depends on your test environment ...

Page 221: ...DNS server addresses Use the IP address provided by Parental Control Provider If user registers and gets an DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 IPv6 DNS Server s operation is similar to IPv4 DNS server There are two modes to get DN...

Page 222: ...217 Use the following Static IPv6 DNS address Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv6 DNS Server address ...

Page 223: ...N interfaces with different DNS es Click Add to register a WAN interface with the exact DNS You will first need to register and establish an account with the Dynamic DNS provider using their website for example http www dyndns org Dynamic DNS Server Select the DDNS service you have established an account with Host Name Username and Password Enter your registered domain name and your username and p...

Page 224: ...xamples Note first users have to go to the Dynamic DNS registration service provider to register an account User test register two Dynamic Domain Names in DDNS provider http www dyndns org 1 pppoe_0_8_35 with DDNS www hometest com using username password test test ...

Page 225: ...220 2 ipoe_eth0 with DDNS www hometest1 com using username password test test ...

Page 226: ...y to connect to the DNS Server in public to correctly resolve Domain name to access the internet DNS Proxy Select whether to enable or disable DNS Proxy function default is enabled Host name of the Broadband Router Enter the host name of the router Default is home gateway Domain name of the LAN network Enter the domain name of the LAN network home gateway ...

Page 227: ...me In LAN you can map a PC to a domain name for convenient access Or you can set some well known Internet IP mapping item so your router will response quickly for your DNS query instead of querying from the ISP s DNS server Host Name Type the domain name host name for the specific IP IP Address Type the IP address bound to the set host name above Click Add to save your settings ...

Page 228: ...resses And Static ARP here allows user to map manually the layer 3 MAC Media Access Control address to the layer 2 IP address of the device IP Address Enter the IP of the device that the corresponding MAC address will be mapped to MAC Address Enter the MAC address that corresponds to the IP address of the device Click Add to confirm the settings ...

Page 229: ...ired settings removing the need for the user to control advanced configuration of their device Both the user s Operating System and the relevant application must support UPnP in addition to the router Windows XP and Windows Me natively support UPnP when the component is installed and Windows 98 users may install the Internet Connection Sharing client from Windows XP in order to support UPnP Window...

Page 230: ...ouble click Add Remove Programs Step 2 Click on the Windows Setup tab and select Communication in the Components selection box Click Details Step 3 In the Communications window select the Universal Plug and Play check box in the Components selection box Step 4 Click OK to go back to the Add Remove Programs Properties window Click Next ...

Page 231: ... and Control Panel Step 2 Double click Network Connections Step 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components The Windows Optional Networking Components Wizard window displays Step 4 Select Networking Service in the Components selection box and click Details ...

Page 232: ...lick OK to go back to the Windows Optional Networking Component Wizard window and click Next Auto discover Your UPnP enabled Network Device Step 1 Click start and Control Panel Double click Network Connections An icon displays under Internet Gateway Step 2 Right click the icon and select Properties ...

Page 233: ... 3 In the Internet Connection Properties window click Settings to see the port mappings that were automatically created Step 4 You may edit or delete the port mappings or click Add to manually add port mappings ...

Page 234: ...229 Step 5 Select Show icon in notification area when connected option and click OK An icon displays in the system tray Step 6 Double click on the icon to display your current Internet connection status ...

Page 235: ...sted CA Certificate Name The certificate identification name Subject The certificate subject Type The certificate type information ca indicates that the certificate is a CA signed certificate self indicates that the certificate is a certificate owner signed one x 509 indicates the certificate is the one created and signed according to the definition of Public Key System suggested by x 509 Action V...

Page 236: ...231 Click Import Certificate button to import your certificate Enter the certificate name and insert the certificate ...

Page 237: ...232 Click Apply to confirm your settings ...

Page 238: ...s IGMPv1 IGMPv2 and IGMPv3 MLD short for Multicast Listener Discovery protocol is a component if the Internet Protocol version 6 IPv6 suite MLD is used by IPv6 to discover multicast listeners on a directly attached link much as IGMP used in IPv4 The protocol is embedded in ICMPv6 instead of using a separate protocol MLDv1 is similar to IGMPv2 and MLDv2 is similar to IGMPv3 IGMP Multicast Precedenc...

Page 239: ...sion 1 2 default is MLDv2 Query Interval Enter the periodic query interval time sec the multicast router sending the query message to hosts to understand the group membership information Query Response Interval Enter the response interval time sec Last Member Query Interval Enter the interval time sec the multicast router query the specified group after it has received leave message Robustness Val...

Page 240: ...IB accordingly and then generates Response message to send it to the manager Also agent will send Trap message to the manager when agent finds some exceptions Trap message is the message automatically sent by the managed device without request to the manager about the emergency events SNMP Agent enable or disable SNMP Agent Read Community Type the Get Community which is the authentication for the ...

Page 241: ...e Auto Configuration Servers ACS and establish the configuration automatically and let ACS configure CPE automatically Inform select enable to let CPE be authorized to send Inform message to automatically connect to ACS Inform Interval Specify the inform interval time sec which CPE used to periodically send inform message to automatically connect to ACS When the inform interval time arrives the CP...

Page 242: ...237 GetRPCMethods Supported by both CPE and ACS display the supported RFC listing methods Click Apply to apply your settings ...

Page 243: ...238 HTTP Port The device equips user to change the embedded web server accessing port Default is 80 ...

Page 244: ...ss Click Apply button to submit your settings Allowed Access IP Address Range was used to restrict which IP address could login to access system web GUI Valid Enable Disable Allowed Access IP Address Range IP Address Range Specify the IP address Range IPv4 and IPv6 address range can be supported users can set IPv4 and IPv6 address range individually Click Add to add an IP Range to allow remote acc...

Page 245: ...240 Mobile Networks User can press Scan to discover available 3G 4G LTE mobile network ...

Page 246: ...d control the flow by providing specific hours per month The billing period begins on The beginning day of billing each month Over usage allowance action What to do when the flow is over usage allowance the available methods are E mail Alert Email Alert and Disconnect and Disconnect E mail alert at percentage of bandwidth When the used bandwidth exceeds the set proportion the system will send emai...

Page 247: ...agement is a feature of some electrical appliances especially computers that turn off the power or switch to a low power state when inactive Five main parameters are listed for users to check to manage the performance of the router ...

Page 248: ... restrict or allowing the usage of the Internet by users or applications This Time Schedule correlates closely with router s time since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet For example user can add a timeslot named timeslot1 which features a period of 9 00 19 00 on every weekday ...

Page 249: ...he current configuration of router for users in line with scheduled timetable settings Enable to set the time schedule for rebooting For example the router is scheduled to reboot at 22 00 every single weekday and to reboot at 9 00 on Saturday and Sunday You can set as follows ...

Page 250: ...ct or set the source address to test the connectivity from the source to the destination Ping Test Press this button to proceed ping test Trace route Test to trace the route to see how many hops also see the exact hops the packet of data has to take to get to the destination Destination Host Set the destination host IP domain name to be traced Source Address Select or set the source address to tra...

Page 251: ...246 Example Ping www google com ...

Page 252: ...247 Example trace www google com ...

Page 253: ... E mail Enter the destination mail address The email is used to receive system log system configuration security log sent by the device when the Push Now button is pressed information sent only when pressing the button but the mail address is not remembered Note Please first set correct the SMTP server parameters in Mail Alert ...

Page 254: ...stics Check the connections including Ethernet connection Internet Connection and wireless connection Click Help link that can lead you to the interpretation of the results and the possible simply troubleshooting ...

Page 255: ...ames through the relay function drops all CFM frames of its level or lower that come from the wire side Link Trace Link Trace messages otherwise known as Mac Trace Route are Multicast frames that a MEP transmits to track the path hop by hop to a destination MEP which is similar in concept to User Datagram Protocol UDP Trace Route Each receiving MEP sends a Trace route Reply directly to the Origina...

Page 256: ... are necessary for ensuring conformance to SLAs and verifying end to end service quality Ethernet Link OAM 802 3ah Enable to activate Ethernet in the First Mile EFM Link OAM to do link fault management Ethernet Service OAM 802 1ag Y1 1731 Enable to activate Ethernet Service OAM check mechanism including connectivity fault management and performance monitoring Linktrace Operators trigger linktrace ...

Page 257: ...If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings Or you just want to restart after the current setting the select the Current Settings and Click Restart ...

Page 258: ... admin If this fails you can restore your router to its factory settings by pressing the reset button on the device rear side Problems with WAN interface Problem Suggested Action Frequent loss of DSL line sync disconnections Ensure that all other devices connected to the same telephone line as your router e g telephones fax machines analogue modems have a line filter connected between them and the...

Page 259: ... should be on for the port that has a PC connected If it does not lit check to see if the cable between your router and the PC is properly connected Make sure you have first uninstalled your firewall program before troubleshooting Verify that the IP address and the subnet mask are consistent for both the router and the workstations ...

Page 260: ...lems please contact the dealer from where you purchased your product Contact Billion Worldwide http www billion com MAC OS is a registered Trademark of Apple Computer Inc Windows 10 8 7 Windows XP and Windows Vista are registered Trademarks of Microsoft Corporation ...

Page 261: ...r relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not...

Reviews:

No comments

Related manuals for BiPAC 8900X R3

D-Link DXS-3610-54S Quick Installation Manual preview
DXS-3610-54S
Brand: D-Link Pages: 38
D-Link DWL-3150 Install Manual preview
DWL-3150
Brand: D-Link Pages: 8
D-Link DSS-8+ Manual preview
DSS-8+
Brand: D-Link Pages: 22
D-Link DSS-5+ Manual preview
DSS-5+
Brand: D-Link Pages: 20
D-Link DSS-24+ Technical Specifications preview
DSS-24+
Brand: D-Link Pages: 2
D-Link DSS-24+ Manual preview
DSS-24+
Brand: D-Link Pages: 16
D-Link DI-804V Quick Install Manual preview
DI-804V
Brand: D-Link Pages: 12
D-Link DIR-615 - Wireless N Router Installation Manual preview
DIR-615 - Wireless N Router
Brand: D-Link Pages: 13
D-Link Cobra DSL-5300 User Manual preview
Cobra DSL-5300
Brand: D-Link Pages: 124
D-Link Web Smart DES-1210-28P Selection Manual preview
Web Smart DES-1210-28P
Brand: D-Link Pages: 6
D-Link 2Voice + 4SW VoIP Router DVG-1402S User Manual preview
2Voice + 4SW VoIP Router DVG-1402S
Brand: D-Link Pages: 57
D-Link xStack Storage DSN-4000 Series Manual preview
xStack Storage DSN-4000 Series
Brand: D-Link Pages: 23
D-Link Express EtherNetwork DI-604 Brochure preview
Express EtherNetwork DI-604
Brand: D-Link Pages: 7
D-Link xStack Storage DSN-4000 Series Cli User'S Manual preview
xStack Storage DSN-4000 Series
Brand: D-Link Pages: 97
D-Link SharePort DIR-825 Quick Start Manual preview
SharePort DIR-825
Brand: D-Link Pages: 2
D-Link Amplifi DIR-645 Quick Installation Manual preview
Amplifi DIR-645
Brand: D-Link Pages: 28
D-Link DI-634M Quick Installation Manual preview
DI-634M
Brand: D-Link Pages: 12
Hama 53107 Operating Instruction preview
53107
Brand: Hama Pages: 10

Brands by name

Popular brands

Load more brands