Pepwave MAX User Manual Download | Manualshive

Page: 1 / 121

background image

C

OPYRIGHT

&

T

RADEMARKS

Specifications are subject to change without notice. Copyright © 2013 Pepwave Ltd. All Rights Reserved. Pepwave and the
Pepwave logo are trademarks of Pepwave Ltd. Other brands or products mentioned may be trademarks or registered
trademarks of their respective owners.

Pepwave MAX Series:

MAX 600 / 700 / HD2

Pepwave MAX Firmware 5.4
July 2013

1
2
3
...
»

Summary of Contents for MAX

Page 1: ...yright 2013 Pepwave Ltd All Rights Reserved Pepwave and the Pepwave logo are trademarks of Pepwave Ltd Other brands or products mentioned may be trademarks or registered trademarks of their respective owners Pepwave MAX Series MAX 600 700 HD2 Pepwave MAX Firmware 5 4 July 2013 ...

Page 2: ...HE UNIT 16 6 CONNECTING TO WEB ADMIN INTERFACE 18 7 CONFIGURATION OF LAN INTERFACE S 20 7 1 BASIC SETTINGS 20 7 2 WI FI AP 24 8 CONFIGURATION OF WAN INTERFACE S 26 8 1 ETHERNET WAN 27 8 2 CELLULAR 1 CELLULAR 2 36 8 3 WI FI WAN 39 8 4 WAN HEALTH CHECK 44 8 5 BANDWIDTH ALLOWANCE MONITOR 48 9 WI FI SETTINGS 49 10 BANDWIDTH BONDING SPEEDFUSIONTM 52 10 1 SPEEDFUSION TM 53 10 2 LINK FAILURE DETECTION 57...

Page 3: ... 88 17 2 SERVICE FORWARDING 89 17 3 SERVICE PASSTHROUGH 91 18 SYSTEM SETTINGS 92 18 1 ADMIN SECURITY 92 18 2 FIRMWARE UPGRADE 96 18 3 TIME 96 18 4 EMAIL NOTIFICATION 97 18 5 REMOTE SYSLOG 100 18 6 SNMP 101 18 7 INCONTROL 103 18 8 CONFIGURATION 104 18 9 REBOOT 105 18 10 PING TEST 106 18 11 TRACEROUTE TEST 107 18 12 SPEEDFUSION TM TEST 107 18 13 CLI COMMAND LINE INTERFACE SUPPORT 108 19 STATUS 109 1...

Page 4: ...http www pepwave com 4 Copyright 2013 Pepwave APPENDIX B DECLARATION 120 ...

Page 5: ...tion of technologies like 3G HSDPA EVDO 4G LTE Wi Fi external WiMAX dongle and Satellite to be utilized to connect to the Internet This manual presents how to set up the Pepwave MAX Mobile Router and provides an introduction to the features and usage of Pepwave MAX Mobile Router Tips Want to know more about Pepwave MAX Visit our YouTube Channel for a video introduction http youtu be UCkVQThLKO4 ...

Page 6: ...peed Downlink Packet Access HTTP Hyper Text Transfer Protocol ICMP Internet Control Message Protocol IP Internet Protocol LAN Local Area Network MAC Address Media Access Control Address MTU Maximum Transmission Unit MSS Maximum Segment Size NAT Network Address Translation PPPoE Point to Point Protocol over Ethernet QoS Quality of Service SNMP Simple Network Management Protocol TCP Transmission Con...

Page 7: ...AT mapping IPsec NAT T and PPTP packet passthrough MAC address clone and passthrough Customizable MTU and MSS values WAN connection health check Dynamic DNS Supported service providers changeip com dyndns org no ip org tzo com and DNS O Matic Ping DNS Lookup and HTTP based health check 3 1 2 LAN Wi Fi AP Ethernet LAN ports DHCP server on LAN Static routing rules 3 1 3 VPN SpeedFusionTM VPN load ba...

Page 8: ...vel Application Prioritization for custom protocols and DSL Cable optimization 3 2 Other Supported Features User friendly web based administration interface HTTP and HTTPS support for Web Admin Interface Configurable web administration port and administrator password Firmware upgrades configuration backups Ping and Traceroute via Web Admin Interface Remote web based configuration via WAN and LAN i...

Page 9: ... Fi WAN Indicators Wi Fi WAN OFF Disabled Intermittent Blinking Trying to connect but not connected to any wireless network ON Connected to wireless network s without traffic Continuous Blinking Transferring data Wi Fi AP OFF Disabled Intermittent Blinking Enabled but no client connected ON Client s connected to wireless network Continuous Blinking Transferring data to wireless network Wi Fi AP LE...

Page 10: ...and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED Solid Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports 4 1 3 Rear Panel Appearance Power Connector Terminal Block ...

Page 11: ...Fi AP and Wi Fi WAN Indicators Wi Fi WAN OFF Disconnected Blinking slowly Connecting to network Blinking Connected to network with traffic ON Connected to network without traffic Wi Fi AP OFF Disabled Blinking slowly Enabled but no client connected Blinking Connected to network with traffic ON Client s connected to wireless network LAN Ports Ethernet WAN Port Wi Fi WAN Connector Wi Fi LAN Connecto...

Page 12: ...and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports 4 2 3 Rear Panel Appearance Power Connector USB Ports Kensington Lock ...

Page 13: ...lular 1 Cellular 2 OFF Disabled Intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port Type Auto MDI MDI X ports LAN Ports Ethe...

Page 14: ...http www pepwave com 14 Copyright 2013 Pepwave 4 3 3 Rear Panel Appearance Power Connector Cellular SIM Slots Kensington Lock Cellular Antenna Connectors ...

Page 15: ...nstalled Supported browsers include Microsoft Internet Explorer 8 0 or above Mozilla Firefox 10 0 or above Apple Safari 5 1 or above and Google Chrome 18 or above 5 2 Constructing the Network At the high level construct the network according to the following steps 1 With an Ethernet cable connect a computer to one of the LAN ports on the Pepwave MAX Repeat with different cables for up to 4 compute...

Page 16: ...anced configuration go to Section 7 Configuration of LAN Interface s WAN Configuration For basic configuration refer to Section 6 Connecting to Web Admin Interface For advanced configuration go to Section 8 Configuration of WAN Interface s 5 4 Mounting the Unit 5 4 1 Wall Mount Pepwave MAX can be mounted on the wall by screwing After adding the screw on the wall slide the MAX in the screw whole so...

Page 17: ... can be mounted on a flat surface using a car mounting plate not included Place the car mount according the label s direction and screw it onto the device After mounting the plate on the back of the device add screw on the plate on the flat surface Mounting Plate Screw Holes ...

Page 18: ...f Pepwave MAX enter the following LAN IP address in the address field of the web browser http 192 168 50 1 This is the default LAN IP address of Pepwave MAX 3 Enter the following to access the Web Admin Interface Username admin Password admin This is the default Username and Password of Pepwave MAX The Admin and Read only User Password can be changed at System Admin Security of the Web Admin Inter...

Page 19: ...n about how to set up these connections please refer to Section 7 2 and 8 A map with real time GPS data is shown on the Dashboard when GPS signal is received HD2 only Device Information shows the details about the device including Model name Firmware version and Uptime For further information please refer to Section 19 Important Note Configuration changes e g WAN LAN Admin settings etc will only t...

Page 20: ...http www pepwave com 20 Copyright 2013 Pepwave 7 Configuration of LAN Interface s 7 1 Basic Settings The LAN Interface settings are located in Network LAN Basic Settings ...

Page 21: ...rver This option allows you to specify the Windows Internet Name Service WINS server You may choose to use the built in WINS server or external WINS servers When this unit is SpeedFusion TM connected other VPN peers can share this unit s built in WINS server by entering this unit s LAN IP address in their DHCP WINS Servers setting Therefore all PC clients in the VPN can resolve the NetBIOS names o...

Page 22: ...ned in each WAN connection DNS Caching This field is to enable DNS caching on the built in DNS proxy server When the option is enabled queried DNS replies will be cached until the records TTL has been reached This feature can help improve the DNS lookup time However it cannot return the most updated result for those frequently updated DNS records By default it is disabled Include Google Public DNS...

Page 23: ...FusionTM peer is selected you may enter the VPN peer s DNS resolver IP address es Queries will be forwarded to the selected connections resolvers If all of the selected connections are down queries will be forwarded to all resolvers on healthy WAN connections ...

Page 24: ...s enabled Select No to disable it By default it is enabled You can also choose to enable or disable this virtual AP on the Dashboard Connection Status of Wi Fi AP please refer to section 6 for information Broadcast SSID When the box Enable is checked this SSID can be scanned by Wi Fi clients By default it is enabled Multicast Filter When the box Enable is checked multicast network traffic to the w...

Page 25: ...cy will be used for this wireless network Available options Open No Encryption WPA WPA2 Personal WPA WPA2 Enterprise 802 1X Static WEP Access Control Settings Restriction Mode This option allows you to perform access control through MAC address filtering Available options are None Deny all except listed and Accept all except listed ...

Page 26: ...iority and so on and drop it by releasing the mouse button To disable a particular WAN connection just drag on the appropriate WAN by holding the left mouse button move it the Disabled row and drop it by releasing the mouse button You can also do the above priority setting on the Dashboard please refer to Section 6 for information Click the Details button in the corresponding row of connection to ...

Page 27: ...http www pepwave com 27 Copyright 2013 Pepwave 8 1 Ethernet WAN Network WAN Click on WAN Details This will open a screen similar to shown below ...

Page 28: ...http www pepwave com 28 Copyright 2013 Pepwave ...

Page 29: ...the algorithm Least Used or the algorithm Persistence Auto in Outbound Policy with Managed by Custom Rules chosen see Section 12 2 Health Check Method This setting specifies the health check method for the WAN connection The value of method can be configured as Disabled Ping or DNS Lookup The default method is Disabled See Section 8 4 for configuration details Dynamic DNS This setting specifies th...

Page 30: ... In such cases change the WAN interface s MAC address to the original client PC s one via this field The default MAC Address is a unique value assigned at the factory In most cases the default value is sufficient Clicking the Default button restores the MAC Address to the default value Reply to ICMP PING If this field is disabled the WAN connection will not respond to ICMP PING requests By default...

Page 31: ...s This setting specifies the DNS Domain Name System Servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatically results in the DNS Servers to be assigned by the WAN DHCP Server to be used for outbound DNS lookups over the connection The DNS Servers are obtained along with the WAN IP address assigned from the DHCP server When Use the foll...

Page 32: ...ese settings allow you to specify the information required in order to communicate on the Internet via a fixed Internet IP address The information is typically determined by and can be obtained from the ISP DNS Servers Each ISP may provide a set of DNS servers for DNS lookups This field specifies the DNS Domain Name System Servers to be used when a DNS lookup is routed through this connection You ...

Page 33: ...PPPoE Password Verify your password by entering it again in this field Service Name Service Name is provided by the ISP Note Leave this field blank unless it is provided by your ISP DNS Servers Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System Servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server...

Page 34: ... DNS service provider to perform an IP address update within the provider s records The settings for dynamic DNS service provider s and the association of host name s are configured via Network WAN Click on WAN Detail Either upon a change in IP address or every 23 days without link reconnection Pepwave MAX will connect to the dynamic DNS service provider to perform an IP address update within the ...

Page 35: ...ice provider are required A dynamic DNS update is performed whenever a WAN s IP address changes E g IP is changed after a DHCP IP refresh reconnection etc Due to dynamic DNS service providers policy a dynamic DNS host will automatically expire if the host record has not been updated for a long time Therefore Pepwave MAX performs an update every 23 days even if a WAN s IP address has not changed ...

Page 36: ...http www pepwave com 36 Copyright 2013 Pepwave 8 2 Cellular 1 Cellular 2 Network WAN Click on Detail Available on Pepwave MAX HD2 only ...

Page 37: ...http www pepwave com 37 Copyright 2013 Pepwave ...

Page 38: ...ect Once the traffic is resumed by the LAN host the connection will be re activated Operator Settings This setting applies to 3G EDGE GPRS modem only It does not apply to EVDO EVDO Rev A modem This allows you to configure the APN settings of your connection If Auto is selected the mobile operator should be detected automatically The connected device will be configured and connection will be made a...

Page 39: ...http www pepwave com 39 Copyright 2013 Pepwave 8 3 Wi Fi WAN Network WAN Click on Wi Fi WAN ...

Page 40: ...tandby State This setting specifies the state of the WAN connection while in standby The available options are Remain Connected hot standby and Disconnect cold standby Health Check Method This setting allows you to specify the health check method for the WAN connection The available options are Disabled Ping and DNS Lookup The default method is Disabled ...

Page 41: ...till being tracked but no action will be taken See Section 8 5 for configuration details MTU This setting specifies the Maximum Transmission Unit By default MTU is set to Custom 1440 You may adjust the MTU value by editing the text field Click Default to restore the default MTU value Select Auto and the appropriate MTU value will be automatically detected The auto detection will run each time when...

Page 42: ...eate a profile to connect to a Wi Fi connection It is useful for creating a profile for connecting to hidden SSID access points Click on the link Create Profile and the following window will be displayed Network WAN Click on Detail Click on Create Profile This will open a window similar to the shown below ...

Page 43: ... is for defining a name to represent this Wi Fi connection Security This option allows you to select which security policy is used for this wireless network Available options Open WEP WPA WPA2 Personal WPA WPA2 Enterprise The settings to be displayed under this row will vary depending on the selected security policy ...

Page 44: ...ealthy WAN connections only Pepwave MAX provides the functionality to periodically check the health of each WAN connection The Health Check settings for each WAN connection can be independently configured via Network WAN Details Enable the Health Check Settings by drop down to PING DNS Lookup and HTTP ...

Page 45: ...Use first two DNS servers as Ping Hosts is checked the target PING Host will be the first DNS server for the corresponding WAN connection Reliable PING hosts with a high uptime should be considered By default the first two DNS servers of the WAN connection are used as the PING Hosts Health Check Method DNS Lookup DNS lookups will be issued to test the connectivity with target DNS servers The conne...

Page 46: ...ll be issued to test the connectivity with configurable URLs and strings to match WAN Settings WAN Edit Health Check Settings URL 1 The URL will be retrieved when performing an HTTP health check When String to Match is left blank a health check will pass if the HTTP return code is between 200 and 299 Note HTTP redirection codes 301 or 302 are treated as failures When String to Match is filled a he...

Page 47: ... 3 timeouts the corresponding WAN connection will be treated as down Recovery Retries This setting specifies the number of consecutive successful ping DNS lookup responses that must be received before Pepwave MAX treats a previously down WAN connection to be up again By default Recover Times is set to 3 For example a WAN connection that is treated as down will be considered to be up again upon rec...

Page 48: ...he monthly allowance If the box Disconnect when usage hits 100 of monthly allowance is checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance It will not resume connection unless this option has been turned off or the usage has been reset when a new billing cycle starts Start Day This option allows you to define which day in the month each billing ...

Page 49: ...hose regulations the Pepwave MAX follows Channel This option allows you to select which 802 11 RF channel will be utilized Channel 1 2 412 GHz is selected by default Channel Width Options Auto 20 40 MHz and 20 MHz are available Default is Auto 20 40 MHz which allows both widths to be used simultaneously Bit Rate This option allows you to select a specific bit rate for data transfer over the device...

Page 50: ...llows you to choose whether clients on the network should be able to communicate with each other directly If the checkbox Enable is selected clients are allowed to communicate with each other directly and traffic will not be passed to any uplink equipment If this option is disabled clients are not allowed to communicate directly Traffic will be passed to uplink equipment uplink routers before comm...

Page 51: ...e channel widths between 20 and 40 MHz If 40 is chosen channel bonding will be enforced and the channel width will just be 40 MHz Frame Aggregation This option allows you to enable frame aggregation to increase transmission throughput Guard Interval This is where you opt for a short or long guard period interval for your transmissions STP Settings Bridge Priority This parameter is set to give the ...

Page 52: ...tial across the public Internet The Bandwidth Bonding SpeedFusion TM of the Pepwave MAX is specifically designed for multi WAN environment The Pepwave MAX can aggregate all WAN connections bandwidth for routing SpeedFusion TM traffic Unless all the WAN connections of one site are down the Pepwave MAX can still maintain VPN up and running VPN Bandwidth Bonding is supported in firmware 5 1 or above ...

Page 53: ...ge will be advertised to the VPN All VPN members branch offices and headquarters will be able to route to the local subnets Note that all LAN subnet and subnets behind it have to be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN with 256 bit AES encryption standard To configure navigate to Advanced SpeedFusion TM click the New Profile button ...

Page 54: ... be shown Click the New Profile button to create a new VPN connection profile for making VPN connection to a remote Peplink Balance Pepwave MAX via the available WAN connections Each profile is for making VPN connection with one remote Peplink Balance Pepwave MAX You can check the status of the connection from Status SpeedFusion TM ...

Page 55: ... will be up only if the pre shared keys on each side match When the remote peer is running firmware 5 0 or 5 1 this setting will be ignored Remote IP Addresses Host Names Enter the remote peer s WAN IP address es or host name s here Dynamic DNS host names are accepted This field is optional With this field filled the Pepwave MAX will initiate connection to each of the remote IP addresses until suc...

Page 56: ...the VPN s traffic should be tagged before sending the traffic to the bridge port If no VLAN tagging is needed select No VLAN To define a new VLAN ID click New and input the VLAN ID VLAN IDs that are not referenced by any VPN profiles will be removed from the list automatically Default No VLAN STP Checking this box enables Spanning Tree Protocol Default Unchecked Preserve LAN Settings Upon Connecte...

Page 57: ...elected a health check packet is sent out every 3 seconds and the expected detection time is 6 seconds When Faster is selected a health check packet is sent out every 1 second and the expected detection time is 2 seconds When Extreme is selected a health check packet is sent out every 0 1 second and the expected detection time is under 1 second By default Recommended is selected Important Note Pep...

Page 58: ...IP addresses or host names of the Unit A to the Unit B s Remote IP Addresses Host Names field Leave the field in Unit A blank With such setting SpeedFusion TM connection can be set up and all WAN connections on both sides will be utilized For example see the following diagram One of the WANs of Router A is non NAT d 212 1 1 1 The rest of the WANs on Router A and all WANs on Router B are NAT d In s...

Page 59: ... corner of SpeedFusion TM table you will be forwarded to Status SpeedFusion TM You can view the subnet and WAN connection information of each VPN peer Please refer to Section 19 5 for details IP subnets must be unique among VPN peers The entire inter connected SpeedFusionTM network is one single non NAT IP network No two subnets in two sites shall be duplicated Otherwise connectivity problems will...

Page 60: ...n will make use of WAN2 and WAN3 accordingly as failover purposes 11 1 IPsec VPN Settings All of our Pepwave products can make multiple IPsec VPN connections with Peplink Pepwave as well as Cisco or Juniper Routers Note that all LAN subnet and subnets behind it have to be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN with a selection of encr...

Page 61: ...e If you have defined static routes they will be shown here too Remote Networks Enter the LAN and subnets that are located at the remote site here Main Mode Choose this Main Mode if both IPsec peers use static IP addresses Aggressive Mode Choose this Aggressive Mode if one of the IPsec peers use dynamic IP addresses Force UDP Encapsulation For UDP encapsulation to be forced regardless of the NAT T...

Page 62: ...Group 5 1536 bit is the alternative option Phase 1 SA Lifetime This setting specifies the lifetime limit of this Phase 1 Security Association By default it is set at 3600 seconds Phase 2 ESP Proposal Under Main Mode this allows the setting of up to 6 encryption standards in descending order of priority to be used for the IP data that is being transferred For Aggressive Mode only one selection is p...

Page 63: ...d balance outbound traffic among the WAN connections Important Note Outbound Policy is applied only when more than one WAN connection is active The settings for managing and load balancing outbound traffic are located in Advanced Outbound Policy Network Outbound Policy Click on 12 1 Outbound Policy There are three main selections for the Outbound Policy for Pepwave MAX High Application Compatibili...

Page 64: ...ing when multiple Internet servers are accessed Custom With the selection of this policy outbound traffic behavior can be managed by defining custom rules Rules can be defined in a custom rule table A default rule can be defined for connections that cannot be matched with any one of the rules The default policy is Normal Application Compatibility Tip Want to know more about how to create outbound ...

Page 65: ...http www pepwave com 65 Copyright 2013 Pepwave You may drag and drop a row to rearrange the priority of outbound rules ...

Page 66: ... and a domain name such as foobar com is entered any outgoing accesses to foobar com and foobar com will match this criterion You may enter a wildcard at the end of a domain name to match any host with a name having the domain name in the middle If you enter foobar for example then www foobar com www foobar co jp or foobar co uk will also match Placing wildcards in any other position is not suppor...

Page 67: ...Network or Domain Name for traffic that matches the rule Domain Name If Domain Name is chosen and a domain name such as foobar com is entered any outgoing accesses to foobar com and foobar com will match this criterion You may enter a wildcard at the end of a domain name to match any host with a name having the domain name in the middle If you enter for example then www foobar com www foobar co jp...

Page 68: ...this case all existing IP sessions will not be terminated or affected when any other WAN connection is recovered If it is set to enabled existing IP sessions may be terminated when another WAN connection is recovered such that only the preferred healthy WAN connection s are used at any point in time 12 2 1 Algorithm Weighted Balance This setting specifies the ratio of WAN connection usage to be ap...

Page 69: ... is 16 7 10 60 x 100 Matching traffic distributed to Ethernet WAN2 is 16 7 10 60 x 100 Matching traffic distributed to Wi Fi WAN is 16 7 10 60 x 100 Matching traffic distributed to Cellular 1 is 16 7 10 60 x 100 Matching traffic distributed to Cellular 2 is 16 7 10 60 x 100 Matching traffic distributed to USB is 16 7 10 60 x 100 ...

Page 70: ...Internet using three different IP addresses With the algorithm Persistence of Pepwave MAX rules can be configured to enable client computers to persistently utilize the same WAN connections for e banking and other secure websites As a result a client computer will communicate with the other end using one IP address and eliminate the issues There are two modes for Persistence By Source and By Desti...

Page 71: ... SpeedFusionTM connection 12 2 4 Algorithm Priority This setting specifies the priority of the WAN connections to be utilized to route the specified network service The highest priority WAN connection available will always be used for routing the specified type of traffic A lower priority WAN connection will be used only when all higher priority connections have become unavailable Starting from fi...

Page 72: ...r routing traffic Only the highest priority healthy connection that is not in full load will be utilized 12 2 6 Algorithm Least Used The traffic matching this rule will be routed through the healthy WAN connection that is selected in the field Connection and has the most available downstream bandwidth The available downstream bandwidth of a WAN connection is calculated from the total downstream ba...

Page 73: ...ed Therefore this algorithm is good for two scenarios All WAN connections are symmetric or A latency sensitive application requires to be routed through the lowest latency WAN regardless the WAN s available bandwidth 12 2 8 Expert Mode Expert Mode is also available for advance users Click the help test balloon and click the link turn on Expert Mode to switch on the feature Under Expert Mode a spec...

Page 74: ... be taken by Pepwave MAX based on the other parameters of the rule When No is selected the inbound service rule does not take effect Pepwave MAX will disregard the other parameters of the rule Service Name This setting identifies the service to the System Administrator Valid values for this setting consist only of alphanumeric and the underscore _ characters IP Protocol The IP Protocol setting alo...

Page 75: ...he specified protocol at the specified port range is forwarded via the same respective ports to the LAN hosts specified by the Servers setting For example with IP Protocol set to TCP and Port set to Single Port and Service Port 80 88 TCP traffic received on ports 80 through 88 is forwarded to the configured servers via the respective ports Port Mapping Traffic that is received by Pepwave MAX via t...

Page 76: ...f In this way the process of inbound port forwarding is automated When a computer creates a rule using these protocols the specified TCP UDP port of all WAN connections default IP address will be forwarded Check the corresponding box es to enable UPnP and or NAT PMP Enable these features only if you trust the computers on the LAN A table listing all the forwarded ports under these two protocols ca...

Page 77: ...of all inbound and outbound NAT d traffic to and from an internal client IP address The settings to configure NAT Mappings are located at Advanced NAT Mappings To add a rule for NAT Mappings click Add NAT Rule upon which the following screen will be displayed Click Save to save the settings when configuration has been completed ...

Page 78: ...d Mappings This setting specifies the WAN connections and corresponding WAN specific Internet IP addresses on which the system should bind on Any access to the specified WAN connection s and IP address es will be forwarded to the LAN Host This option is only available when IP Address is selected in LAN Client s field Note 1 Inbound Mapping is not needed for WAN connections in drop in or IP forward...

Page 79: ...default rules are pre defined and put at the bottommost They are All DHCP reservation clients and Everyone and they cannot be removed All DHCP reservation clients represents the LAN clients defined in the DHCP Reservation table in the LAN settings page Everyone represents all clients that are not defined in any rule above Click on a rule to change its group Add Edit User Group Subnet IP Address Fr...

Page 80: ...ine a maximum download speed over all WAN connections and upload speed for each WAN connection that each individual Staff and Guest member can consume No limit can be imposed on individual Manager members By default Download and Upload Bandwidth Limits are set to unlimited set as 0 ...

Page 81: ... the table is assigned with normal priority 15 3 2 Prioritization for Custom Application Click the Add button to define a custom application Click the button in the Action column to delete the custom application in the corresponding row Application Prioritization PPTP and IPsec VPN When enabled any PPTP and IPsec traffic will be prioritized SIP Vonage When enabled any SIP and Vonage voice traffic ...

Page 82: ...andwidth of the WAN can be fully utilized in any situation When a DSL cable circuit s uplink is congested the download bandwidth will be affected Users will not be able to download data in full speed until the uplink becomes less congested The DSL Cable Optimization can relieve such issue When it is enabled the download speed will become less affected by the upload traffic By default this feature ...

Page 83: ... Pepwave MAX supports the selective filtering of data traffic in both directions Outbound LAN to WAN Inbound WAN to LAN Intrusion Detection and DoS Prevention With SpeedFusion TM enabled see Section 10 the firewall rules also apply to VPN tunneled traffic 16 1 Outbound and Inbound Firewall 16 1 1 Access Rules The outbound firewall settings are located at Advanced Firewall Outbound Firewall Rule Up...

Page 84: ...irewall rule takes effect If the traffic matches the specified Protocol IP Port actions will be taken by Pepwave MAX based on the other parameters of the rule When No is selected the firewall rule does not take effect Pepwave MAX will disregard the other parameters of the rule WAN Connection This setting is applicable to Inbound Firewall Rules only This setting specifies which WAN connection s the...

Page 85: ...d as the Source IP Port setting as indicated with the following screenshots In addition a single port or a range of ports can be specified for the Source IP Port setting Action This setting specifies the action to be taken by Pepwave MAX upon encountering traffic that matches the both of the following Source IP Port Destination IP Port With the value of Allow for the Action setting the matching tr...

Page 86: ...lt inbound rule is set as Allow for NAT enabled WANs no inbound Allow firewall rules will be required for inbound Port Forwarding and inbound NAT Mapping rules However if the default inbound rule is set as Deny a corresponding Allow firewall rules will be required ...

Page 87: ...rn on this feature click check the box Enable for the Intrusion Detection and DoS Prevention and press the Save button When this feature is enabled the Pepwave MAX will detect and protect the network from the following kinds of intrusions and denial of service attacks Port Scan o NMAP FIN URG PSH o Xmas Tree o Another Xmas Tree o Null Scan o SYN RST o SYN FIN SYN Flood Prevention Ping Flood Attack...

Page 88: ...y check the box to enable the PPTP server function All connected PPTP sessions are displayed on the Client List at Status Client List Please refer to section 19 3 for details PPTP Server Setting Listen On This setting is for specifying the WAN connection s and IP address es where the PPTP server should listen on User Accounts This setting allows you to define the PPTP User Accounts Click Add to in...

Page 89: ... and proxy server settings for each WAN can be specified after selecting Enable DNS Forwarding When this option is enabled all outgoing DNS lookups will be intercepted and redirected to the built in DNS name server If any LAN device is using DNS name servers of a WAN connection you may want to enable this option to enhance the DNS availability without modifying the DNS server setting of the client...

Page 90: ...ation Note If you want to route all SMTP connections only to particular WAN connection s you should create a rule in Outbound Policy see section 12 2 17 2 2 Web Proxy Forwarding When this feature is enabled the Pepwave MAX will intercept all outgoing connections destined for the proxy server specified in Web Proxy Interception Settings choose a WAN connection with reference to the Outbound Policy ...

Page 91: ...on any packet network and passthrough the device FTP FTP sessions consist of two TCP connections one for control and one for data In multi WAN situation they have to be binded to the same WAN connection Otherwise problems will arise in transferring files By default the Pepwave MAX monitors TCP control connections on port 21 for any FTP connections and binds TCP connections of the same FTP session ...

Page 92: ...sion Timeout Before the session expires you may click the Logout button in the Web Admin to exit the session 0 hours 0 minutes signifies an unlimited session time This setting should be used only in special situations as it will lower the system security level if users do not logout before closing the browser Default 4 hours 0 minutes For security reason after logging in to the Web Admin Interface...

Page 93: ...http www pepwave com 93 Copyright 2013 Pepwave ...

Page 94: ...ticated users are treated as admin users with full read write permission Local admin and user accounts will be disabled When the device is not able to communicate with the external RADIUS server local accounts will be enabled again for emergency access Authentication options will be available once this box is checked Auth Protocol This specifies the authentication protocol used Available options a...

Page 95: ...owing IP subnets only Restrict web admin access only from the defined IP subnets When this is chosen a text input area will be displayed beneath The allowed IP subnet addresses should be entered into this text area Each IP subnet must be in form of w x y z m Where w x y z is an IP address e g 192 168 0 0 and m is the subnet mask in CIDR format which is between 0 and 32 inclusively For example 192 ...

Page 96: ...l Upgrade to send the firmware to Pepwave MAX Pepwave MAX will then automatically initiate the firmware upgrade process Please note that all Pepwave devices are equipped to be able to store two different firmware versions in two different partitions A firmware upgrade preformed will always replace the inactive partition If you want to keep the inactive firmware you can simply reboot your device wi...

Page 97: ... Time scheme in which Pepwave MAX operates The Time Zone value affects the time stamps in the Event Log of Pepwave MAX and E mail notifications Checked the box Show all to show all available time zone options Time Server This setting specifies the NTP network time server to be utilized by Pepwave MAX 18 4 Email Notification The Email Notification functionality of Pepwave MAX provides a System Admi...

Page 98: ...port number will be set to 465 You may customize the port number by editing this field Click the button Default to restore to default SMTP User Name Password This setting specifies the SMTP username and password while sending email These options are shown only if Require authentication check box is checked in SMTP Server setting Confirm SMTP Password This field allows you to verify and confirm the...

Page 99: ...http www pepwave com 99 Copyright 2013 Pepwave ...

Page 100: ...ing Remote System Log are found at System Remote Syslog Remote Syslog Settings Remote Syslog This setting specifies whether or not to log events at the specified remote Syslog server Remote Syslog Host This setting specifies the IP address or host name of the remote Syslog server Port This setting specifies the port number of the remote Syslog service By default the Port setting has value is 514 ...

Page 101: ...s field shows the router name defined in System Admin Security SNMP Port This option specifies the port which SNMP used The default port is set as 161 SNMPv1 This option allows you to enable SNMP version 1 SNMPv2 This option allows you to enable SNMP version 2 SNMPv3 This option allows you to enable SNMP version 3 To add a community for either SNMPv1 or SNMPv2 click the Add SNMP Community button i...

Page 102: ...er in the SNMPv3 User Name table upon which the following screen is displayed SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3 Authentication Protocol This setting specifies via a drop down menu the one of the following valid authentication protocols NONE MD5 SHA Authentication Password This setting specifies the authentication password and is applicable only ...

Page 103: ...s status information usage data and configuration will be sent to Pepwave s InControl system You can sign up for an InControl account at https incontrol pepwave com You can register devices under the account monitor device status and usage reports and download backed up configuration files Default Disabled ...

Page 104: ...tion to the factory default settings You have to click the Apply Changes button to make the settings effective 18 8 2 Downloading Active Configurations The Download button is to backup the current active settings Click Download and save the configuration file 18 8 3 Uploading Configurations To restore or change settings based on a configuration file click Browse to locate the configuration file on...

Page 105: ...ighest reliability Pepwave MAX is equipped with two copies of firmware of different version You can select the firmware version you would like the device to reboot with The firmware marked with Running is the current system boot up firmware Please note that a firmware upgrade will always replace the inactive firmware partition ...

Page 106: ...nection You can specify the number of pings in the field Number of times to a maximum of 10 times and Packet Size can be specified in the field Packet Size to a maximum of 1472 bytes The Ping utility is located at System Tools Ping illustrated as follows Tip A system administrator can use the Ping utility to manually check the connectivity of a particular LAN WAN connection ...

Page 107: ...t System Tools Traceroute illustrated as follows Tip A system administrator can use the Traceroute utility to analyze the connection path of a LAN WAN connection 18 12 SpeedFusionTM Test The SpeedFusion TM tool can help to test the throughput between different VPN peers You can define the Test Type Direction and Duration of the test and press Go to perform the throughput test The VPN Test utility ...

Page 108: ...The CLI Command Line Interface can be accessed via SSH This field enables CLI support The below settings specify which TCP port and which interface s should accept remote SSH CLI access The user name and password used for remote SSH CLI access are the same as those used for web admin access ...

Page 109: ...Revision This shows the hardware version of this device Serial Number This shows the serial number of this device Firmware This shows the firmware version that this device is currently running Modem Support Version This shows the modem support version of this device A Modem Support List link redirects users to a list of cellular modems supported by this device Uptime This shows the length of time ...

Page 110: ...n of your encountered issue In firmware 5 1 or before Diagnostic Report file can be obtained at System Reboot 19 1 1 GPS Data The MAX HD2 automatically stores up to seven days of GPS location data in GPS eXchange format GPX To review this data using third party applications click Status Device and then download your GPX file The Pepwave MAX HD2 exports real time location data in NMEA format throug...

Page 111: ...tatus Active Sessions Overview This Active Sessions section displays the active inbound outbound and UDP TCP sessions of each WAN connection on Pepwave MAX A filter is available to help sort out the active session information Enter a keyword in the field or check one of the WAN connection boxes for filtering ...

Page 112: ...e Pepwave MAX has offered IP addresses to since it is powered up Network Name SSID and Signal refers to the information about Wi Fi AP which is the name of the Network and its signal strength Clients can be imported into DHCP Reservation table by clicking the button on the right most column Further update the record after the import by going to Network LAN If PPTP Server in section 17 1 is enabled...

Page 113: ...only be available when you have enabled the WINS Server in section 7 1 Name of clients retrieved will be automatically matched into Client List in the previous section Click the button Flush All to flush all WINS client records 19 5 SpeedFusionTM This is a page showing the current status of SpeedFusionTM located at Status SpeedFusionTM Details about peer s WAN connections are listed as below ...

Page 114: ...rs only if you have enabled the function of UPnP NAT PMP as mentioned in Section 13 2 Click the button to delete the single UPnP NAT PMP record in its corresponding row To delete all records click Delete All on the right hand side below the table Important Note UPnP NAT PMP records would be deleted immediately after clicking the button or Delete All without the need to click Save or Confirm ...

Page 115: ...s located at Status Event Log The log section displays a list of events that has taken place on the Pepwave MAX unit Click the Auto Refresh to retrieve log entries again Click the Clear Log button to clear the log Select 50 100 or all to show the corresponding number of events in the log ...

Page 116: ...is not recorded and not shown 19 8 1 Real Time The Data transferred since installation shows you how many network traffic has been processed by your device since first boot Click Show Details in the top right hand corner of each table and the details of data transferred will be shown The check box Stacked below the data transferred graph can be checked to show the aggregated transferred rate of bo...

Page 117: ... the connection in which you want to check its usage from the drop down menu If you have enabled Bandwidth Monitoring feature as shown in section 8 5 the Current Billing Cycle table for that WAN connection will be displayed Click on a date to view the client bandwidth usage of that specific date This feature is not available if you have selected to view the bandwidth usage of only a particular WAN...

Page 118: ...to show the monthly usage period in Billing Cycle or Calendar Month Click the first or second row to view the client bandwidth usage of the current month This feature is not available if you have chosen to view the bandwidth usage of only a particular WAN connection The Scale of the graph can be set to show in Megabyte MB or Gigabyte GB All WAN Monthly Bandwidth Usage Ethernet WAN Monthly Bandwidt...

Page 119: ...ont panel of Pepwave MAX unit 2 With a paper clip press the reset button and hold it for at least 10 seconds until the unit reboots itself After Pepwave MAX finishes rebooting the factory default settings will be restored Important Note All previous configurations and bandwidth usage data will be lost after restoring the factory default settings Regular backup of configuration settings is strongly...

Page 120: ... 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio TV technician for help This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including inter...

Page 121: ...n View CA 94040 United States Tel 1 650 450 9669 Fax 1 866 625 4664 Hong Kong Office 17 F Park Building 476 Castle Peak Road Cheung Sha Wan Hong Kong Tel 852 2990 7600 Fax 852 3007 0588 What are we doing at the moment Follow us on Twitter http twitter com Peplink Want to know more about us Add us on Facebook http www facebook com peplink Difficulties when configuring the device Visit Our YouTube C...

Reviews:

No comments

Related manuals for MAX

xStack Storage DSN-4000 Series

Brand: D-Link Pages: 5

Brand: Idis Pages: 123

Brand: Idis Pages: 29

Brand: Idis Pages: 28

DirectIP DR-1304P

Brand: Idis Pages: 82

Brand: iDirect Pages: 130

Brand: Observint Pages: 117

Sure Cross DX70

Brand: Banner Pages: 35

Brand: ZyXEL Communications Pages: 3

Brand: Dataprobe Pages: 16

CyberPower RMCARD201

Brand: CyberPower Pages: 8

Brand: 3Com Pages: 212

MULTIflight Stick

Brand: Multiplex Pages: 10

Brand: Amphenol Pages: 43

AGENT-2 S41D Line

Brand: Pullnet Pages: 89

32 bit 10/100 Fast Ethernet Card A02-S32-S

Brand: Atlantis Land Pages: 9

Prestige 642R Series

Brand: ZyXEL Communications Pages: 163

Brand: RSupport Pages: 5

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands