Beam MG200 Скачать руководство пользователя страница 1

Страница: 1 / 291

MG200 LTE Gateway

User Manual

Содержание MG200

Страница 1: ...MG200 LTE Gateway User Manual ...

Страница 2: ...ng caps and areas aircrafts and airports In such areas the MG200 needs to be powered off For vehicle capplications do not place or install the MG200 in the area near or over an air bag or in the air bag deployment area Mount the MG200 safely before driving your vehicle Connection to the vehicle electrical system should be carried out by trained professional only While driving full attention always...

Страница 3: ...MG200 USER MANUAL 3 of 269 2019 BEAM ...

Страница 4: ...rs the following product Beam MG200 LTE Gateway REVISION CHANGE DESCRIPTION DATE 01 MG200 User Manual SEP 2019 Specifications are subject to change without notice Images shown may vary slightly from the actual product Images shown may vary slightly from the actual product ...

Страница 5: ...anel 16 1 3 Installation 17 1 3 1 System requirement 17 1 3 2 Hardware installation 17 1 3 2 1 important notes on installation 17 1 3 2 2 Mounting the unit 17 1 3 2 3 Inserting the SIM cards 19 1 3 2 4 Connecting terminal block 19 1 3 2 5 Connecting Ethernet ports 19 1 4 Connecting PC to MG200 19 1 4 1 Connecting via Wi Fi 19 1 4 2 Connecting via Ethernet cable 19 1 4 3 Accessing the web GUI 19 ...

Страница 6: ...link 27 2 2 2 LAN VLAN 33 2 2 3 Wi Fi 33 2 2 4 DDNS 36 2 3 Security 37 2 3 1 VPN 37 2 3 2 Firewall 42 2 4 Administration 47 2 4 1 Remote Management 47 2 4 2 Log Storage 48 2 4 3 GNSS 48 2 5 Usage 49 2 5 1 Connection Records 49 2 5 2 Login Info 50 2 5 3 Cellular Usage 50 2 5 4 Cellular Signal 51 ...

Страница 7: ...Static IP 66 3 1 2 2 2 Dynamic IP 68 3 1 2 2 3 PPPoE 69 3 1 2 2 4 PPTP 70 3 1 2 2 5 L2TP 71 3 1 3 Load Balance 73 3 2 LAN VLAN 78 3 2 1 Ethernet LAN 78 3 2 2 VLAN 80 3 2 3 DHCP Server 90 3 3 Wi Fi 97 3 3 1 Wi Fi Module One 97 3 3 2 Wireless Client List 110 3 3 3 Advanced Configuration 112 3 4 IPv6 113 3 5 Port Forwarding 116 3 5 1 Configuration 116 3 5 2 Virtual Server Virtual PC 117 3 5 3 DMZ Pas...

Страница 8: ... 130 3 7 DNS DDNS 133 4 User Rule 136 4 1 Scheduling 136 4 2 Grouping 138 4 3 External Servers 140 4 4 Certificate 143 4 4 1 Configuration 143 4 4 2 My Certificate 144 4 4 3 Trusted Certificate 147 4 4 4 Issued Certificate 151 5 Security 153 5 1 VPN 153 5 1 1 IPSec 153 5 1 2 OpenVPN 161 5 1 3 L2TP 175 5 1 4 PPTP 181 6 1 5 GRE 186 ...

Страница 9: ...Hotspot Services 204 6 Service 207 6 1 Cellular Toolkit 207 6 1 1 Data Limit 207 6 1 2 SMS 209 6 1 3 SIM PIN 212 6 1 4 USSD 218 6 1 5 Network Scan 220 6 2 Event Handling 221 6 2 1 Configuration 221 6 2 2 Managing Events 226 6 2 3 Notifying Events 229 6 3 Location Tracking 232 6 3 1 GNSS 232 6 3 2 Track Viewer 235 7 Administration 240 7 1 Remote Management 240 7 1 1 Command Script 240 ...

Страница 10: ...System Time 261 7 2 4 System Log 266 7 2 5 Backup Restore 270 7 2 6 Reboot Reset 271 7 3 FTP 272 7 3 1 Server Configuration 272 7 3 2 User Account 275 7 4 Diagnostic 276 7 4 1 Packet Analyzer 276 7 4 2 Diagnostic Tools 278 Appendix 280 Appendix A GPL Written Offer 280 Appendix B Product handling 288 Appendix C BEAM Warranty Terms and Conditions 290 Appendix D Compliance 291 ...

Страница 11: ...his manual provides the information users need to set up configure and operate the MG200 Target readers This document is intended for system integrators and experienced hardware installers who understand telecommunications and networking terminology ...

Страница 12: ...contents 1 x MG200 Gateway 2 x Wi Fi antenna 2 x LTE antenna 1 x 2PIN Terminal block 1 x AC power adapter with AU plug 1 x fused DC power cable 2 x Mounting bracket 4 x Bracket screw 4 x Rubber feet 1 x Din Rail bracket with screws 1 x Quick Start Guide 1 x Spare MG200 label ...

Страница 13: ...sh Data packets are transferring Fast Flash MG200 is in Recovery mode 3 LTE signal OFF No cellular signal Steady ON Cellular signal strength 50 Low Flash Cellular signal strength 50 4 GPS OFF GPS function is disabled GPS antenna is disconnected or there is no GPS signal Steady ON GPS signal is locked Flash the MG200 is searching for GPS signal no GPS lock 5 SIM A OFF SIM card is not inserted or no...

Страница 14: ...MG200 USER MANUAL 14 of 269 2019 BEAM ...

Страница 15: ...r source Connect 2PIN Terminal block H LTE antenna Main port Connect LTE antenna If only one antenna being used ensure it is connected to this port Left Description Notes I Zinc screw for grounding Earth point Screw the mounting brackets and grounding Earth cable to the MG400 J Wi Fi antenna ports Connect Wi Fi antennas F H G I J J ...

Страница 16: ...2019 BEAM 1 2 3 Bottom panel Description Notes L Positions for rubber feet or screws Stick rubber feets or screw mounting brackets M Cover for SIM card slots and SD card slot Protect 2x SIM card slots and 1x SD card slot L M L L L ...

Страница 17: ...the AC power adapter shipped with the MG200 or 12Vdc 24Vdc vehicle power The top cover heatsink of the MG200 can be hot in operation Before servicing power OFF the MG200 and leave it for a while to cool down No serviceable parts inside the MG200 It is not recommended to open the case and service the unit yourself If there is any hardware issue please contact support at BEAM Communications 1 3 2 2 ...

Страница 18: ...MG200 USER MANUAL 18 of 269 2019 BEAM O Screw holes for flat surface installation ...

Страница 19: ...for ground wire connection 2 PWR 9V 36V DC power input 1 3 2 5 Connecting Ethernet ports The MG200 features 2x RJ45 10 100 Mbps Ethernet ports with auto MDIX WAN LAN1 port by factory default is configurated as LAN port However it can be configured to work as WAN port refer to WAN Uplink section for details 1 4 Connecting PC to MG200 1 4 1 Connecting via Wi Fi Using your PC connect to the SSID labe...

Страница 20: ...admin Default Password admin To log out the MG200 click top right Upon your first login the 1st page is the Setup Wizard page You can use the Setup Wizard to configure the Administrator password Time Zone Wi Fi SSID password APN settings Click Next for the next page ...

Страница 21: ...MG200 USER MANUAL 21 of 269 2019 BEAM On the Administrator Password page type in a new password for MG200 login Then click Next for the next page ...

Страница 22: ...e Time Zone page have the option to select Time Zone Manual time zone setting is available down the bottom of drop down list Click Next for the next page The Wi Fi Module One page is for the 2 4HGz Wi Fi Module 1 Click Next for the next page ...

Страница 23: ...69 2019 BEAM On the APN Setting page for each SIM card there are 2x options One option is Telstra with APN automatically filled The other option is Manual where the APN needs to be manually typed in Click Next for the next page ...

Страница 24: ...SER MANUAL 24 of 269 2019 BEAM Check the settings in the Setup Summary page Click Apply to confirm settings The MG200 will then reboot After the reboot is complete the Dashborad page will be shown after login ...

Страница 25: ...ow shows the MG200 Up time and the resource utilization for the CPU Memory and Connection Sessions The Network Interface Status window shows statistic information for each network interface of the MG200 The statistic information includes the Interface Type Upload Traffic Download Traffic and Current Upload Download Traffic The System Information History window shows the statistic graphs for the CP...

Страница 26: ...MG200 USER MANUAL 26 of 269 2019 BEAM ...

Страница 27: ...isplays the network type for the WAN interface s It can be NAT Routing Bridge or IP Pass through IP Addr System generated Displays the public IP address obtained from your ISP for Internet connection Default setting is 0 0 0 0 if left unconfigured Subnet Mask System generated Displays the Subnet Mask for public IP address obtained from your ISP for Internet connection Default setting is 0 0 0 0 if...

Страница 28: ...disconnected Disconnect button allows you to manually disconnect the MG200 from the Internet Note Connect button is available when Connection Control in WAN Type setting is set to Connect Manually Refer to Edit button in Network WAN Uplink Internet Setup and WAN connection status is connected The WAN Interface IPv6 Network Status window shows IPv6 WAN connection status WAN interface IPv6 Network S...

Страница 29: ...use to access Router s Web based Utility IPv4 Subnet Mask System data Displays the current mask of the subnet IPv6 Link local Address System data Displays the current LAN IPv6 Link Local address This is also the IPv6 IP Address you use to access Router s Web based Utility IPv6 Global Address System data Displays the current IPv6 global IP address assigned by your ISP for your Internet connection M...

Страница 30: ...m model name Link Status System data Displays the 3G 4G connection status The status can be Connecting Connected Disconnecting and Disconnected Signal Strength System data Displays the 3G 4G wireless signal level Network Name System data Displays the name of the service network carrier Refresh System data Click the Refresh button to renew the information Action Button This area provides functional...

Страница 31: ...MG200 USER MANUAL 31 of 269 2019 BEAM Following is the Modem Information window ...

Страница 32: ...ing WAN interface WAN IDs Interface System data Displays the type of WAN physical interface It can be 3G 4G Ethernet Received Packets Mb System data Displays the downstream packets Mb It is reset when the MG200 is rebooted Transmitted Packets Mb System data Displays the upstream packets Mb It is reset when the MG200 is rebooted Action Buttons Click the Reset button to clear the entire statistic an...

Страница 33: ...record of Host Name MAC Address System data Client record of MAC Address Remaining Lease Time System data Client record of Remaining Lease Time 2 2 3 Wi Fi Navigate to the Status Network Wi Fi tab The Wi Fi page shows the Wi Fi Module One and Two AP list Wi Fi Module One is for 2 4GHz Wi Fi The Edit tab under Action provide access to configuration of the Wi Fi module The Wi Fi Virtual AP List show...

Страница 34: ...b The QR Code button allow you to generate QR code for quick connect to the VAP by scanning the QR code The Wi Fi IDS Status shows the quantities of authentication association and other frames Wi Fi IDS Status Item Value setting Description Authentication Frame System data Displays the receiving Authentication Frame count Association Request Frame System data Displays the receiving Association Req...

Страница 35: ...MG200 USER MANUAL 35 of 269 2019 BEAM Action Button Click the Reset button to clear the entire statistic and reset counter to 0 ...

Страница 36: ...tab The DDNS Status window shows the current DDNS service in use the last update status and the last update time to the DDNS service server DDNS Status Item Value Setting Description Host Name System data Displays the name you enter to identify DDNS service provider Provider System data Displays the DDNS server of DDNS service provider Effective IP System data Displays the public IP address of the...

Страница 37: ... System data Displays the Remote Subnets Conn Time System data Displays the connection time for the IPSec tunnel Status System data Displays the Status of the VPN connection The status displays are Connected Disconnected waiting for traffic and Connecting Edit Button Click on Edit Button to change IPSec setting web based utility will take you to the IPSec configuration page Security VPN IPSec tab ...

Страница 38: ...tem data Displays the Remote Subnet TUN TAP Read bytes System data Displays the TUN TAP Read Bytes of OpenVPN Client TUN TAP Write bytes System data Displays the TUN TAP Write Bytes of OpenVPN Client TCP UDP Read bytes System data Displays the TCP UDP Read Bytes of OpenVPN Client TCP UDP Write bytes System data Displays the TCP UDP Write Bytes of OpenVPN Client Connection Conn Time System data Dis...

Страница 39: ...equest PPTP tunneling connection to the PPTP server Virtual IP System data Displays the IP address assigned by Virtual IP server of L2TP server Remote IP FQDN System data Displays the L2TP Server s Public IP address the WAN IP address or FQDN Default MG200 Remote Subnet System data Displays the specified IP address of the MG200 used to connect to the L2TP server the default MG200 Or another specif...

Страница 40: ...d PPTP client Remote Call ID System data Displays the PPTP client Call ID Conn Time System data Displays the connection time for the PPTP tunnel Status System data Displays the Status of each of the PPTP client connection The status displays Connected Disconnect and Connecting Edit Button Click on Edit Button to change PPTP server setting web based utility will take you to the PPTP server page Sec...

Страница 41: ... IP address the WAN IP address or FQDN Default MG200 Remote Subnet System data Displays the specified IP address of the MG200 used to connect to the internet to connect to the PPTP server the default MG200 Or another specified subnet if the MG200 is not used to connect to the PPTP server the remote subnet Conn Time System data Displays the connection time for the PPTP tunnel Status System data Dis...

Страница 42: ...t the TCP or UDP String format Source IP to Destination IP Destination Protocol TCP or UDP IP System data The Source IP IPv4 of the logged packet Time System data The Date and Time stamp of the logged packet Date time format Month Day Hours Minutes Seconds Note Enable Packet Filter Log Alert navigate to Security Firewall Packet Filter tab Enable Log Alert and save the setting The URL Blocking Stat...

Страница 43: ...MG200 USER MANUAL 43 of 269 2019 BEAM ...

Страница 44: ...utes Seconds Note Enable Web Content Filter Log Alert navigate to Security Firewall Web Content Filter Tab Enable Log Alert and save the setting The MAC Control window shows the MAC filter status MAC Control Status Item Value setting Description Activated Control Rule System data This is the MAC Control Rule name Blocked MAC Addresses System data This is the MAC address of the logged packet IP Sys...

Страница 45: ... packet Date time format Month Day Hours Minutes Seconds Note Enable Application Filter Log Alert navigate to Security Firewall Application Filter tab Enable Log Alert and save the setting IPS window shows the IPS Firewall status IPS Firewall Status Item Value setting Description Detected Intrusion System data This is the intrusion type of the packets being blocked IP System data The Source IP IPv...

Страница 46: ...g from WAN System data Enable or Disable setting status of Discard Ping from WAN on Firewall Options String Format Disable or Enable Remote Administrator Management System data Enable or Disable setting status of Remote Administrator If Remote Administrator is enabled it shows the currently logged in administrator s source IP address and login username and the login time Format IP Source IP userna...

Страница 47: ...ess System data Displays the IP address of SNMP manager Port System data Displays the port number which is used to maintain connection with the SNMP manager Community System data Displays the community for SNMP version 1 or version 2c only Auth Mode System data Displays the authentication method for SNMP version 3 only Privacy Mode System data Displays the privacy mode for version 3 only SNMP Vers...

Страница 48: ...the Status Administration Log Storage tab Log Storage Status window shows the status of current the selected MG200 storage The status includes MG200 Description Usage File System Speed and status 2 4 3 GNSS Navigate to the Status Administration GNSS tab The GNSS page shows GPS and location information The GNSS Information window shows the status for current GNSS positioning information for the MG2...

Страница 49: ...l see the previous page of the track list Next Button Click the Next button you will see the next page of the track list First Button Click the First button you will see the first page of the track list Last Button Click the Last button you will see the last page of the track list Export xml Button Click the Export xml button to export the track list to an xml file Export csv Button Click the Expo...

Страница 50: ...Click the Last button you will see the last page of login information Export xml Button Click the Export xml button to export the login information to xml file Export csv Button Click the Export csv button to export the login information to csv file Refresh Button Click the Refresh button to refresh the login information 2 5 3 Cellular Usage Navigate to the Status Usage Cellular Usage tab The Cell...

Страница 51: ...USER MANUAL 51 of 269 2019 BEAM 2 5 4 Cellular Signal Navigate to the Status Statistics Reports Cellular Signal tab The Cellular Signal window shows the records of the cellular signal during a period of time ...

Страница 52: ...gs 3G 4G Ethernet For WAN 2 operation mode can be always on failover or disable VLAN tagging can be enabled with VLAN ID 1 4095 by manually typing in Interface Configuration Item Value setting Description Physical Interface A mandatory field WAN 1 is the primary interface and is factory set to Always on Select one expected interface from the available interface dropdown list It can be 3G 4G Ethern...

Страница 53: ...ge 1 4095 Note This feature is NOT available for 3G 4G WAN connection 3 1 2 Connection Setup Navigate to the Network WAN Uplink Connection Setup tab The Connection Setup window provides the logical settings on WAN connection Click Edit to show the detail settings The detail settings are subject to the WAN type 3 1 2 1 3G 4G WAN Connection Setup For 3G 4G WAN the 1st window in detail settings is th...

Страница 54: ...will failback to the main SIM and try to establish the connection periodically Note 1 For the product with single SIM design only SIM A Only option is available Note 2 Failback is available only when SIM A First or SIM B First is selected Auto Flight Mode Disabled by default Check the Enable box to activate the function By default if you disable the Auto Flight Mode the cellular module will always...

Страница 55: ...MG200 to enable the Auto Flight Mode The Policy Setting pop up window provides the settings on Failed connection times RSSI Monitor Network Service signal loss time and Roaming Service timeout The Connection with SIM A SIM B Card windows shows the Network Type Dial Up Profile APN and other related settings ...

Страница 56: ...t LTE only to register the LTE network only Dial Up Profile Mandatory field Default setting Manual configuration Enter the type of dial up profile for your 3G 4G network It can be Manual configuration APN Profile List or Auto detection Select Manual configuration to set APN Access Point Name Dial Number Account and Password to what your carrier provides Select APN Profile List to set more than one...

Страница 57: ...ntification Number code if it needs to unlock your SIM card Dial Number Account Password Optional field String format any text Enter the optional Dial Number Account and Password settings if your ISP provides such settings to you Note These settings are only displayed when Manual configuration is selected Authentication Mandatory field Default setting Auto Select PAP Password Authentication Protoc...

Страница 58: ...sh the connection even the registration status is roaming not in home network Note It may cost more due to additional charges if the connection is under roaming When Dial Up Profile selects APN Profile List the Connection with SIM A SIM B Card window changes as following Connection with SIM A B Card Item Value setting Description Network Type Mandatory field Default setting Auto Select Auto to reg...

Страница 59: ...IPv4 6 PIN code Optional field String format interger Enter the PIN Personal Identification Number code if it needs to unlock your SIM card Dial Number Account Password Optional field String format any text Enter the optional Dial Number Account and Password settings if your ISP provided such settings to you Note These settings are only displayed when Manual configuration is selected IP Mode Manda...

Страница 60: ... status is roaming not in home network Note It may cost additional charges if the connection is under roaming The SIM A APN Profile List shows the APN Profiles that have been applied to the MG200 SIM A B APN Profile Configuration Item Value setting Description Profile Name Default setting Profile x String format any text Enter the profile name you want to describe for this profile APN String forma...

Страница 61: ...to 16 It will start to dial up with the profile that assigned with the smallest number Value Range 1 16 Profile Enabled by default Check the box to enable this profile Uncheck the box to disable this profile in dialing up action Save Button Click the Save button to save the configuration Undo Button Click the Undo button to restore what you just configure back to the previous setting Back Button W...

Страница 62: ...you set other schedule rules there will be other options to select Please Navigate to User Rule Scheduling for details MTU Setup Optional field Uncheck by default Check the Enable box to enable the MTU Maximum Transmission Unit limit and enter the MTU for the 3G 4G connection MTU refers to Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission Value Rang...

Страница 63: ... detect WAN link With DNS Query the system checks the connection by sending DNS Query packets to the destination specified in Target 1 and Target 2 With ICMP Checking the system will check connection by sending ICMP request packets to the destination specified in Target 1 and Target 2 Query Interval defines the transmitting interval between two DNS Query or ICMP checking packets Loading Check Opti...

Страница 64: ... query ICMP request DNS1 set the primary DNS to be the target DNS2 set the secondary DNS to be the target MG200 set the Current MG200 to be the target Other Host enter an IP address to be the target Target 2 Optional Setting Default setting None Target1 specifies the second target of sending DNS query ICMP request None no second target is required DNS1 set the primary DNS to be the target DNS2 set...

Страница 65: ...operation mode of the interface Select Always on to make this WAN always active Select Disable to disable this WAN interface Select Failover to make this WAN a Failover WAN when the primary or the secondary WAN link failed Then select the primary or the existed secondary WAN interface to switch Failover from Note for WAN 1 only Always on option is available VLAN Tagging Optional setting Check Enab...

Страница 66: ...f ISP provides a fixed IP to you when you subscribe the service Dynamic IP The WAN IP address is assigned from a DHCP server PPP over Ethernet Also known as PPPoE This WAN type is widely used for ADSL connection PPTP WAN connection via Point to Point Tunneling Protocol L2TP WAN connection via Layer 2 Tunneling Protocol 3 1 2 2 1 Static IP Following the example of setting the Ethernet WAN type to s...

Страница 67: ... Provider WAN Subnet Mask Mandatory field Enter the WAN subnet mask given by your Service Provider WAN MG200 Mandatory field Enter the WAN MG200 IP address given by your Service Provider Primary DNS Mandatory field Enter the primary WAN DNS IP address given by your Service Provider Secondary DNS Optional field Enter the secondary WAN DNS IP address given by your Service Provider ...

Страница 68: ...m Value setting Description Host Name Optional field Enter the host name provided by your Service Provider ISP Registered MAC Address Optional field Enter the MAC address that you have registered with your service provider Or Click the Clone button to clone your PC s MAC to this field Usually this is the PC s MAC address assigned to allow you to connect to Internet ...

Страница 69: ...y DNS server Secondary DNS Optional field Enter the IP address of Secondary DNS server Connection Control Mandatory field Three options 1 Auto reconnect It is for automatically connect when connection establish after a disconnect 2 Connect on demand When data transfers between LAN and WAN connection establishes When traffic idle time reaches the value of preset maximum idle time connection disconn...

Страница 70: ...tic or Dynamic IP address for PPTP Internet connection When Static IP Address is selected you will need to enter the WAN IP Address WAN Subnet Mask and WAN MG200 WAN IP Address Mandatory field Enter the WAN IP address given by your Service Provider WAN Subnet Mask Mandatory field Enter the WAN subnet mask given by your Service Provider WAN MG200 Mandatory field Enter the WAN MG200 IP address given...

Страница 71: ...a name to identify the PPTP connection Connection Control Mandatory field Three options 3 Auto reconnect It is for automatically connect when connection establish after a disconnect 4 Connect on demand When data transfers between LAN and WAN connection establishes When traffic idle time reaches the value of preset maximum idle time connection disconnect 5 Manually Connection and disconnection by m...

Страница 72: ... Enter the WAN subnet mask given by your Service Provider WAN MG200 Mandatory field Enter the WAN MG200 IP address given by your Service Provider When Dynamic IP is selected there are no above settings required Server IP Address Name Mandatory field Enter the L2TP server name or IP Address L2TP Account Mandatory field Enter the L2TP username provided by your Service Provider L2TP Password Mandator...

Страница 73: ...1 For Cisco Set service port to port 1701 to connect to CISCO server User defined Enter a service port provided by your Service Provider MPPE Optional field Select Enable to enable MPPE Microsoft Point to Point Encryption security for PPTP connection 3 1 3 Load Balance Navigate to the Network WAN Uplink Load Balance tab The Load Balance window provides the settings on load balance on multiple WAN ...

Страница 74: ...s in MG200 By Specific Weight When you select the By Specific Weight strategy you need to set up ratio of WAN 1 WAN 2 to as sessions sent ratio Total ratio come together should be 100 MG200 s traffic control process will operate routing adequately based on the dedicated weights ratio on each WAN interface Weight Definition Item Value setting Description WAN ID NA The Identifier for each available ...

Страница 75: ...MG200 USER MANUAL 75 of 269 2019 BEAM Undo Button Click the Undo button to restore what you just configure back to the previous setting ...

Страница 76: ...tination port can be a single port or port range You can set the mapping with IP address and leave others just left as Any All Moreover you can also set protocol as TCP UDP or both User Policy Configuration Item Value setting Description Source IP Address Mandatory field Default setting Any Four options can be selected Any No specific Source IP is provided The traffic may come from any source Subn...

Страница 77: ...Domain Name Enter the domain name for the traffics come to the domain Destination Port Mandatory field Default setting All Four options can be selected All No specific destination port is provided Port Range Enter the Destination Port Range for the traffics Single Port Enter a unique destination Port for the traffics Well known Applications Select the service port of well known application defined...

Страница 78: ... The network MG200 s on your network need to use the LAN IP address of the MG200 as their Default MG200 You can change it if necessary Note It s also the IP address of web UI If you change it you need to type new IP address in the browser to see web UI Subnet Mask Mandatory field Default setting 255 255 255 0 24 Select the subnet mask for the MG200 from the dropdown list Subnet mask defines how ma...

Страница 79: ...MG200 Subnet Mask Mandatory field Default setting 255 255 255 0 24 Select the subnet mask for the MG200 from the dropdown list Subnet mask defines how many clients are allowed in one network or subnet The default subnet mask is 255 255 255 0 24 and it means maximum 254 IP addresses are allowed in this subnet However one of them is occupied by LAN IP address of the MG200 so there are maximum 253 cl...

Страница 80: ... adopt for organizing user local subnets Port based Port based VLAN allows you to add rule for each LAN port and you can do advanced control with its VLAN ID Tag based Tag based VLAN allows you to add VLAN ID select member and DHCP Server for this VLAN ID Navigate to Tag based VLAN List table System Reserved VLAN ID Default setting 1 5 Enter the VLAN ID range that is reserved for the system operat...

Страница 81: ...MG200 USER MANUAL 81 of 269 2019 BEAM By clicking Add you can add a Port based VLAN rule By clicking Edit you can edit an existed rule ...

Страница 82: ...fault text and cannot be modified VLAN ID Mandatory field Define the VLAN ID number range is 1 4094 VLAN Tagging Default setting Disable The rule is activated per VLAN ID and Port Members configuration when Enable is selected The rule is activated per Port Members configuration when Disable is selected NAT Default setting NAT Select NAT mode or Bridge mode for the rule ...

Страница 83: ...y function for the VLAN group and you only need to fill the DHCP Server IP Address field Server Select Server to enable DHCP Server function for the VLAN group and you need to enter the DHCP Server settings Disable Select Disable to disable the DHCP Server function for the VLAN group DHCP Server IP Address for DHCP Relay only Mandatory field If you select Relay type of DHCP Server assign a DHCP Se...

Страница 84: ...and enter a VID LAN IP Address Mandatory field Assign an IP Address for the DHCP Server that the rule used this IP address is a MG200 IP Subnet Mask Default setting 255 255 255 0 24 Select a Subnet Mask for the DHCP Server DHCP Server Relay Default setting Server Define the DHCP Server type There are three types you can select Server Relay and Disable Relay Select Relay to enable DHCP Relay functi...

Страница 85: ...4 format The Secondary WINS of this DHCP Server MG200 IPv4 format The MG200 of this DHCP Server Enable Disabled by default Click Enable box to activate this rule Back Button When the X button is clicked the window will return to the Application Filter Configuration page Mapping Rule Configuration Item Value setting Description MAC Address Mandatory field Define the MAC Address target that the DHCP...

Страница 86: ...of LAN rule The other VLAN IDs are available only when they are enabled Inter VLAN Group Routing Disabled by default Click the expected VLAN IDs box to enable the Inter VLAN access function By default members in different VLAN IDs can t access each other The MG200 supports up to 4 rules for Inter VLAN Group Routing For example if ID_1 and ID_2 are checked it means members in VLAN ID_1 can access m...

Страница 87: ...ess Add button to add a new rule Tag based VLAN Configuration Part I Item Value setting Description VALN ID Mandatory field Define the VLAN ID number that is outside the system reserved range Value Range 1 4095 Internet Access Enabled by default Click Enable box to allow the members in the VLAN group access to internet Port Members Disabled by default Check the LAN port box es to join the VLAN gro...

Страница 88: ...d this IP address is a MG200 IP Subnet Mask Default setting 255 255 255 0 24 Select a Subnet Mask for the DHCP Server DHCP Relay Disabled by default Check the box to enable the DHCP Relay function for the VLAN group and you only need to fill the DHCP Server IP Address field WAN Interface Default setting WAN 1 Select which WAN interface that allow accessing Internet DHCP Option 82 Optional Setting ...

Страница 89: ...MG200 USER MANUAL 89 of 269 2019 BEAM ...

Страница 90: ...es DHCP Server policies to assign IP Addresses to the MG200 on the local area network LAN The MG200 allows you to customize your DHCP Server Policy If multiple LAN ports are available you can define one policy for each LAN or VLAN group and it supports up to a maximum of 4 policy sets When Add button is applied DHCP Server Configuration pop up window will appear ...

Страница 91: ...Address IPv4 format Mandatory field The LAN IP Address of this DHCP Server Subnet Mask Default setting 255 0 0 0 8 The Subnet Mask of this DHCP Server IP Pool IPv4 format Mandatory field The IP Pool of this DHCP Server It composed of Starting Address entered in this field and Ending Address entered in this field Lease Time Numberic string format Mandatory field The Lease Time of this DHCP Server V...

Страница 92: ...clicked the window will return to the Application Filter Configuration page The MG200 allows you to create edit mapping rule customize your Mapping Rule List on DHCP Server It supports up to a maximum of 64 rule sets When Fix Mapping button is applied the Mapping Rule List window will appear When the Add button is clicked Mapping Rule Configuration pop up window will appear Mapping Rule Configurat...

Страница 93: ...ply to the Mapping Rule List on specific DHCP Server automatically The DHCP Server Options setting allows you to set DHCP OPTIONS 66 72 or 114 Click the Enable button to activate the DHCP option function and the DHCP Server will add the expected options in the sending out DHCPOFFER DHCPACK packages Option Meaning RFC 66 TFTP server name RFC 2132 72 Default World Wide Web Server RFC 2132 114 URL RF...

Страница 94: ... field Default setting Option 66 Choose the specific option from the dropdown list It can be Option 66 Option 72 Option 144 Option 42 Option 150 or Option 160 Option 42 for ntp server Option 66 for tftp Option 72 for www Option 144 for url Type Dropdown list of DHCP server option value s type Each different options has different value types 66 Single IP Address Single FQDN 72 IP Addresses List sep...

Страница 95: ...114 Single URL URL format Enable Disabled by default Click Enable box to activate this setting Save Button Click the Save button to save the setting Back Button When the X button is clicked the window will return to the Application Filter Configuration page The MG200 supports up to a maximum of 6 DHCP Relay configurations When the Add Edit button is clicked the DHCP Relay Configuration pop up wind...

Страница 96: ...face s and L2TP connection Server IP Mandatory field Default setting null Assign a DHCP Server IP Address that the MG200 will relay the DHCP requests to the assigned DHCP server via specified WAN interface DHCP OPTION 82 Disabled by default Click Enable box to activate DHCP OPTION 82 function Option 82 is organized as a single DHCP option that contains circuit ID information known by the relay age...

Страница 97: ...ction Channel Mandatory field Default setting Auto Select a radio channel for the VAP Each channel is corresponding to different radio band The permissible channels depend on the Regulatory Domain There are two available options when Auto is selected By AP Numbers The channel will be selected according to AP numbers The less the better By Less Interference The channel will be selected according to...

Страница 98: ...mmunicate with each other Time Schedule Mandatory field Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pre configured Refer to User Rule Scheduling Configuration tab By default VAP 1 is enabled and security key is required to connect to the MG200 wirelessly to enhance the security level and prevent unexpected access ...

Страница 99: ...sabled by default It means no special limitation on the number of connected STAs Authenticatio n Mandatory field VAP1 default setting WPA2 PSK Others default setting Open For security there are several authentication methods supported Client stations should provide the key when associate with the MG200 When Open is selected The check box named 802 1x shows up next to the dropdown list 802 1x Disab...

Страница 100: ...t value is 1812 RADIUS Shared Key When WPA WPA2 is selected It has the same setting as WPA or WPA2 The client stations can associate with the MG200 via WPA or WPA2 When WPA PSK or WPA2 PSK is selected It has the same encryption system as WPA or WPA2 The authentication uses pre shared key instead of RADIUS server When WPA PSK WPA2 PSK is selected It has the same setting as WPA PSK or WPA2 PSK The c...

Страница 101: ...3 characters STA Isolation VAP1 Enabled by default Others unchecked by default Check the Enable box to activate this function With default setting stations which associates to the same VAP cannot communicate with each other Broadcast SSID VAP1 Enabled by default Others unchecked by default Check the Enable box to activate this function If the broadcast SSID option is enabled it means the SSID will...

Страница 102: ...me Schedule Mandatory field Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pre configured Refer to User Rule Scheduling Configuration tab Scan Remote AP s MAC List System data Press the Scan button to scan the spatial AP information and then select one from the AP list the MAC of the selected AP will be auto filled i...

Страница 103: ...on on the number of connected STAs Authenticatio n Mandatory field VAP1 WPA2 PSK is selected be default Others Open is selected be default For security there are several authentication methods supported Client stations should provide the key when associate with the MG200 When Open is selected The check box named 802 1x shows up next to the dropdown list 802 1x Disabled by default When 802 1x is en...

Страница 104: ...setting as WPA or WPA2 The client stations can associate with the MG200 via WPA or WPA2 When WPA PSK or WPA2 PSK is selected It has the same encryption system as WPA or WPA2 The authentication uses pre shared key instead of RADIUS server When WPA PSK WPA2 PSK is selected It has the same setting as WPA PSK or WPA2 PSK The client stations can associate with the MG200 via WPA PSK or WPA2 PSK Encrypti...

Страница 105: ...have associates to the same VAP cannot communicate with each other Broadcast SSID VAP1 Enabled by default Others unchecked by default Check the Enable box to activate this function If the broadcast SSID option is enabled it means the SSID will be broadcasted and the stations can associate with the MG200 by scanning SSID Enable VAP1 Enabled by default Others unchecked by default Check the Enable bo...

Страница 106: ...he Enable box to activate Green AP function VAP Isolation Enabled by default Check the Enable box to activate this function By default enabling it means that stations which associates to different VAPs cannot communicate with each other Time Schedule Mandatory field Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pre ...

Страница 107: ...lt It means no special limitation on the number of connected STAs Authenticatio n Mandatory field VAP1 WPA2 PSK is selected be default Others Open is selected be default For security there are several authentication methods supported Client stations should provide the key when associate with the MG200 When Open is selected the check box named 802 1x shows up next to the dropdown list 802 1x Disabl...

Страница 108: ... is selected It has the same setting as WPA or WPA2 The client stations can associate with the MG200 via WPA or WPA2 When WPA PSK or WPA2 PSK is selected It has the same encryption system as WPA or WPA2 The authentication uses pre shared key instead of RADIUS server When WPA PSK WPA2 PSK is selected It has the same setting as WPA PSK or WPA2 PSK The client stations can associate with the MG200 via...

Страница 109: ...bled by default Others unchecked by default Check the Enable box to activate this function With default setting stations which have associates to the same VAP cannot communicate with each other Broadcast SSID VAP1 Enabled by default Others unchecked by default Check the Enable box to activate this function If the broadcast SSID option is enabled it means the SSID will be broadcasted and the statio...

Страница 110: ...of connected clients For those single Wi Fi module products this option is hidden Operation Band Mandatory field Enter the intended operation band for the Wi Fi module This setting is fixed and cannot be changed once the module is integrated into the product However there is some module with selectable band for you to choose according to his network environment Under such situation you can enter w...

Страница 111: ...client Host Name System data It shows the host name of client MAC Address System data It shows the MAC address of client Mode System data It shows what kind of Wi Fi system the client used to associate with the MG200 Rate System data It shows the data rate between client and the MG200 RSSI0 RSSI1 System data It shows the RX sensitivity RSSI value for each radio path Signal System data The signal s...

Страница 112: ...al Default setting 100 It shows the time interval between each beacon packet broadcasted The beacon packet contains SSID Channel ID and Security setting DTIM Interval Default setting 3 A DTIM Delivery Traffic Indication Message is a countdown informing clients of the next window for listening to broadcast message When the MG200 has buffered broadcast message for associated client it sends the next...

Страница 113: ...100 Normally the wireless transmitter operates at 100 power Alter the transmit power to control the Wi Fi coverage WIDS Disabled by default The WIDS Wireless Intrusion Detection System will analyze all packets and make a statistic table in Wi Fi status Navigate to Status Network Wi Fi tab for detailed WIDS status Save Button Click the Save button to save the current configuration Undo Button Click...

Страница 114: ...ivate the IPv6 function WAN Connection Type Mandatory field Default setting DHCPv6 Define the selected IPv6 WAN Connection Type to establish the IPv6 connectivity via WAN 1 Interface Select DHCPv6 when your ISP provides you with DHCPv6 services Note The available WAN connection types can be different depending on the Interface type of WAN 1 ...

Страница 115: ... information Primary DNS Can not modified by default Enter the WAN primary DNS Server Secondary DNS Can not modified by default Enter the WAN secondary DNS Server MLD Disabled by default Enable Disable the MLD Snooping function LAN Configuration window provides the Global Address setting LAN Configuration Item Value setting Description Global Address Value auto created Enter the LAN IPv6 Address f...

Страница 116: ... router 3 5 Port Forwarding 3 5 1 Configuration Navigate to the Network Port Forwarding Configuration tab The NAT Loopback allows you to access the WAN IP address from inside your local network Configuration Item Value setting Description NAT Loopback Enabled by default Check the Enable box to activate this NAT function Save Button Click the Save button to save the settings Undo Button Click the U...

Страница 117: ...er Virtual Computer in the following window Configuration Item Value setting Description Virtual Server Disabled by default Check the Enable box to activate this port forwarding function Virtual Computer Enabled by default Check the Enable box to activate this port forwarding function Click Add button to add a new Virtual Server Type in the server information ...

Страница 118: ...lable check boxes WAN 1 WAN 4 depend on the number of WAN interfaces for the product Server IP Mandatory field This field is to enter the IP address of the interface selected in the WAN Interface setting above Source IP Mandatory field Default setting is Any This field is to enter the Source IP address Select Any to allow the access coming from any IP addresses Select Specific IP Address to allow ...

Страница 119: ...e same with Public Port number Public Port is selected Single Port and enter a port number and Private Port can be set a Single Port number Public Port is selected Port Range and enter a port range and Private Port can be selected Single Port or Port Range Value Range 1 65535 for Public Port Private Port When TCP UDP is selected It means the option Protocol of packet filter rule is TCP and UDP Pub...

Страница 120: ... window will return to the Application Filter Configuration page The MG200 allows you to customize your Virtual Computer rules It supports up to a maximum of 20 rule based Virtual Computer sets When Add button is applied Virtual Computer Rule Configuration window will appear Virtual Computer Rule Configuration Item Value setting Description Global IP Mandatory field This field is to enter the IP a...

Страница 121: ...MG200 USER MANUAL 121 of 269 2019 BEAM ...

Страница 122: ...e feature and enter the DMZ host with a host in the Intranet when needed Navigate to the Network Port Forwarding DMZ Pass Through tab The Configuration window allows you to enable DMZ and Pass Through Configuration Item Value setting Description DMZ Mandatory field Default setting is ALL Check the Enable box to activate the DMZ function Define the selected interface to be the packet specifying int...

Страница 123: ... activate this function The Static Routing Rule List shows the setup parameters of all static routing rule entries To configure a static routing rule you need to specify related parameters including the destination IP address and subnet mask of dedicated host server or subnet the IP address of peer MG200 the metric and the rule activation The MG200 allows you to customize your static routing rules...

Страница 124: ...ield Enter the MG200 IP of this static routing rule Interface Default setting Auto Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric Numberic String Format Mandatory field The Metric of this static routing rule Value Range 0 255 Rule Disabled by default Click Enable box to activate this rule Save NA Click the Save button to save the configur...

Страница 125: ...to Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric Numberic String Format Mandatory field The Metric of this static routing rule Value Range 0 255 Rule Disabled by default Click Enable box to activate this rule Save Button Click the Save button to save the configuration Back Button When the X button is clicked the window will return to the...

Страница 126: ...It gathers link state information from available routers and constructs a topology map of the network The topology is presented as a routing table which routes datagrams based solely on the destination IP address BGP Scenario Border MG200 Protocol BGP is a standard exterior MG200 protocol designed to exchange routing and reachability information between autonomous systems AS on the Internet It usu...

Страница 127: ...ol Authentication Default setting None The Authentication method of this router on OSPF protocol Select None will disable Authentication on OSPF protocol Select Text will enable Text Authentication with entered the Key in this field on OSPF protocol Select MD5 will enable MD5 Authentication with entered the ID and Key in these fields on OSPF protocol Backbone Subnet Classless Inter Domain Routing ...

Страница 128: ...Mandatory field The Area Subnet of this router on OSPF Area List Area ID IPv4 Format Mandatory field The Area ID of this router on OSPF Area List Area Disabled by default Click Enable box to activate this rule Save System data Click the Save button to save the configuration The OSPF6 Configuration allows you to enable OSPF6 protocol RIPng Configuration Item Value setting Description OSPF6 Enable D...

Страница 129: ...atory field The Router ID of this router on BGP protocol The BGP Network List allows you to add your BGP Network rules It supports up to a maximum of 32 rule sets When Add button is applied BGP Network Configuration window will appear Item Value setting Description Network Subnet IPv4 Format Mandatory field The Network Subnet of this router on BGP Network List It composes of entered the IP address...

Страница 130: ...ue setting Description Neighbor IP IPv4 Format Mandatory field The Neighbor IP of this router on BGP Neighbor List Remote ASN Numberic String Format Mandatory field The Remote ASN of this router on BGP Neighbor List Value Range 1 4294967295 Neighbor Disabled by default Click Enable box to activate this rule Save System data Click the Save button to save the configuration 3 6 3 Routing Information ...

Страница 131: ...IP IPv4 Format Metric System data Routing record of Metric Numeric String Format Interface System data Routing record of Interface Type String Format IPv6 Routing Table Item Value setting Description Destination IP System data Routing record of Destination IP IPv6 Format Next Hop System data Routing record of Next Hop IP IPv6 Format Metric System data Routing record of Metric Numeric String Format...

Страница 132: ...icy Routing of Source String Format Source IP System data Policy Routing of Source IP IPv4 or IPv6 Format Destination IP System data Policy Routing of Destination IP IPv4 or IPv6 Format Destination Port System data Policy Routing of Destination Port String Format WAN Interface System data Policy Routing of WAN Interface String Format ...

Страница 133: ... WAN Interface IP Address of the MG200 Provider DynDNS org Dynamic is set by default Select your DDNS provider of Dynamic DNS It can be DynDNS org Dynamic DynDNS org NO IP com etc Host Name Enter text string Mandatory field Your registered host name of Dynamic DNS Value Range 0 63 characters User Name E Mail Enter text string Mandatory field Enter your user name or E mail address of Dynamic DNS Pa...

Страница 134: ...ed IP address When Add button is applied Redirect Rule window will appear Redirect Rule Configuration Item Value setting Description Domain Name Enter text string Mandatory field Enter a domain name to be redirect The traffic to specified domain name will be redirect to the following IP address Value Range at least 1 character is required for any IP IPv4 format Mandatory field Enter an IP Address ...

Страница 135: ...be applied to matched DNS only when the WAN connection is disconnected or un reachable Description Enter text string Mandatory field Enter a brief description for this rule Value Range 0 63 characters Enable Disabled by default Click the Enable button to activate this rule Save Button Click Save to save the settings Undo Button Click Undo to cancel the settings ...

Страница 136: ...etting Description Add Button Click the Add button to configure time schedule rule Delete Button Click the Delete button to delete selected rule s Save Button Click the Save button to save the configuration Refresh Button Refresh the Time Schedule List When Add button is applied Time Schedule Configuration and Time Period Definition windows will appear ...

Страница 137: ...activate Inactivate activate the function been applied to in the time period below Time Period Definition Item Value Setting Description Week Day Select from menu Select every day or one of weekday Start Time Time format hh mm Start time in selected weekday End Time Time format hh mm End time in selected weekday Save System data Click Save to save the settings ...

Страница 138: ...figuration Item Value setting Description Group Name Enter text string Mandatory field Enter a group name for the rule It is a name that is easy for you to understand Group Type Default setting IP Address based Mandatory field Select the group type for the host group It can be IP Address based MAC Address based or Host Name based When IP Address based is selected only IP address can be added in Me...

Страница 139: ...e by one Member List System data This field will indicate the hosts members contained in the group Bound Services Disabled by default Binding the services that the host group can be applied If you enable the Firewall the produced group can be used in firewall service Group Disabled by default Check the Enable checkbox to activate the host group rule So that the group can be bound to selected servi...

Страница 140: ...r Configuration Item Value setting Description Sever Name Enter text string Mandatory field Enter the server name Enter a name that is easy for you to understand Server Type Mandatory field Enter the Server Type of the external server and enter the required settings for the accessing the server Email Server Mandatory field When Email Server is selected Username and Password are also required Usern...

Страница 141: ...in setting is also required Domain String format any text LDAP Server Mandatory field When LDAP Server is selected the following settings are also required Base DN String format any text Identity String format any text Password String format any text UAM Server Mandatory field When UAM Server is selected the following settings are also required Login URL String format any text Shared Secret String...

Страница 142: ...u selected a certain server type the default server port number will be set Email Server default setting 25 Syslog Server default setting 514 For RADIUS Server default setting 1812 1823 For Active Directory Server default setting 389 For LDAP Server default setting 389 For UAM Server default setting 3990 4990 For TACACS Server default setting 49 For SCEP Server default setting 80 For FTP SFTP Serv...

Страница 143: ...on is clicked Root CA Certificate Configuration window will pop up Please fill in the name key subject name and validity period Root CA Certificate Configuration Item Value setting Description Name Enter text string Mandatory field Enter the Root CA Certificate name It will be a certificate file name Key Mandatory field This field is to enter the key attribute of certificate Key Type to set public...

Страница 144: ...ity Period Mandatory field This field is to enter the validity period of certificate Save Button Click Save to save the settings Back Button When the X button is clicked the window will return to the Application Filter Configuration page SCEP can be enabled in the SCEP Configuration window SCEP Configuration Item Value setting Description SCEP Disabled by default Check the Enable box to activate S...

Страница 145: ... Certificate Configuration Item Value setting Description Name Enter text string Mandatory field Enter a certificate name It will be a certificate file name If Self signed is checked it will be signed by root CA If Self signed is not checked it will generate a certificate signing request CSR Key Mandatory field This field is to enter the key attributes of certificate Key Type to set public key cry...

Страница 146: ...g request CSR and then signed by SCEP server online you can check the Enable box Select a SCEP Server to identify the SCEP server for use The server detailed information could be specified in External Servers Refer to User Rule External Server External Server You may click Add Object button to generate and the settings are the same as those defined in Section 3 4 External Server Select a CA Certif...

Страница 147: ... MG200 Apply Button Click the Apply button to import the certificate Cancel Button Click the Cancel button to discard the import operation and the window will return to the My Certificates page Back Button When the X button is clicked the window will return to the Application Filter Configuration page 4 4 3 Trusted Certificate Navigate to the User Rule Certificate Trusted Certificate tab The Trust...

Страница 148: ... string and click the Apply button to import the specified CA certificate to the MG200 Apply Button Click the Apply button to import the certificate Cancel Button Click the Cancel button to discard the import operation and the window will return to the Trusted Certificates page Back Button When the X button is clicked the window will return to the Application Filter Configuration page Instead of i...

Страница 149: ...CA Identifier Enter text string Fill in optional CA Identifier to identify which CA could be used for signing certificates Save System data Click Save to save the settings Back Button When the X button is clicked the window will return to the Application Filter Configuration page Trusted Client Certificate can be imported from Trusted Client Certificate List window When Import button is clicked a ...

Страница 150: ...rtificate string and click the Apply button to import the specified certificate to the MG200 Apply Button Click the Apply button to import certificate Cancel Button Click the Cancel button to discard the import operation and the window will return to the Trusted Certificates page Back Button When the X button is clicked the window will return to the Application Filter Configuration page Trusted Cl...

Страница 151: ...button to import the certificate key Cancel Button Click the Cancel button to discard the import operation and the window will return to the Trusted Certificates page Back Button When the X button is clicked the window will return to the Application Filter Configuration page 4 4 4 Issued Certificate Navigate to the User Rule Certificate Issued Certificate tab When you have a Certificate Signing Re...

Страница 152: ...igned by root CA Import and Issue Certificate Certificate Signing Request CSR Import from a File Item Value setting Description Certificate Signing Request CSR Import from a File Mandatory field Select a certificate signing request file for your computer for importing to the MG200 Certificate Signing Request CSR Import from a PEM Enter text string Mandatory field Enter copy paste the certificate s...

Страница 153: ...ed in an intranet the Host to Site scenario can be applied Host to Host Host to Host is a special configuration for building a VPN tunnel between two single hosts The Configuration window allow you to enable IPSec Configuration Window Item Value setting Description IPsec Disabled by default Click the Enable box to enable IPSec function Max Concurrent IPSec Tunnels System data The maximum number of...

Страница 154: ...aracters Interface Mandatory field Default setting WAN 1 Select WAN interface on which IPSec tunnel is to be established Tunnel Scenario Mandatory field Default setting Tunnel Mode Select the Dynamic IPSec tunneling scenario It can be Tunnel Mode or Transport Mode Encapsulation Protocol Mandatory field Default setting ESP Select the Encapsulation Protocol from the dropdown box for this IPSec tunne...

Страница 155: ...nt Mandatory field Pre shared Key 8 to 32 characters Select Key Management from the dropdown box for this IPSec tunnel IKE Pre shared Key you need to set a key 8 32 characters Local ID Optional field Enter the Local ID for this IPSec tunnel to authenticate Select User Name for Local ID and enter the username The username may include but can t be all numbers Select FQDN for Local ID and enter the F...

Страница 156: ... be an X Auth server Click on the X Auth Account button to create remote X Auth client account Selected Client the MG200 will be an X Auth client Enter username and Password to be authenticated by the X Auth server MG200 Note X Auth Client will not be available for Dynamic VPN option selected in Tunnel Scenario Dead Peer Detection DPD Default setting Timeout is 180s and Delay is 30s Click Enable b...

Страница 157: ...l appear They are Tunnel Configuration Local Remote Configuration Authentication IKE Phase IKE Proposal Definition IPSec Phase and IPSec Proposal Definition Tunnel details for both local and remote VPN MG200s need to be configured Tunnel Configuration Window Item Value setting Description Tunnel Disabled by default Check the Enable box to activate the IPSec tunnel Tunnel Name Mandatory field Strin...

Страница 158: ...SS Optional field Default setting Auto Select from the dropdown box to define the size of Tunnel TCP MSS Select Auto and all MG200s will adjust this parameter automatically Select Manual and enter an expected value for Tunnel TCP MSS Value Range 64 1500 bytes Encapsulation Protocol Mandatory field Default setting ESP Select the Encapsulation Protocol from the dropdown box for this IPSec tunnel Ava...

Страница 159: ...emote Subnet setting Remote MG200 Mandatory field Format can be a ipv4 address or FQDN Enter the Remote MG200 Back Button When the X button is clicked the window will return to the Application Filter Configuration page Authentication Configuration Window Item Value setting Description Key Management Mandatory field Pre shared Key 8 to 32 characters Select Key Management from the dropdown box for t...

Страница 160: ... the username The username may include but can t be all numbers Select FQDN for Local ID and enter the FQDN Select user FQDN for Remote ID and enter the user FQDN Select Key ID for Remote ID and enter the Key ID English alphabet or number Note Remote ID will be not available when Dynamic VPN option in Tunnel Scenario is selected Back Button When the X button is clicked the window will return to th...

Страница 161: ...method It can be None MD5 SHA1 SHA2 256 Note None and SHA2 256 are available only when Encapsulation Protocol is set as ESP they are not available for AH Encapsulation Enter the PFS Group It can be None Group1 Group2 Group5 Group14 Group15 Group16 Group17 Group18 Click Enable to enable this setting Save Button Click Save to save the settings Back Button When the X button is clicked the window will...

Страница 162: ...erent subnet than the local LAN under the OpenVPN server This virtual subnet is created for connecting to any remote VPN computers OpenVPN TAP Scenario The term TAP is referred to bridge mode and operates with layer 2 packets In bridge mode the VPN client is given an IP address on the same subnet as the LAN resided under the OpenVPN server Under such configuration the OpenVPN client can directly a...

Страница 163: ...rver is selected as the name indicated server configuration will be displayed below for further setup When Client is selected you can enter the client settings in another client configuration window If Server is selected an OpenVPN Server Configuration window will appear OpenVPN Server Configuration window allows you to enable the OpenVPN server function The OpenVPN Server supports up to 4 TUN TAP...

Страница 164: ...MG200 USER MANUAL 164 of 269 2019 BEAM OpenVPN Server Configuration Item Value setting Description OpenVPN Server Disabled by default Click the Enable to activate OpenVPN Server functions ...

Страница 165: ...cate Trusted Certificate Server Cert could be generated in Certificate Refer to User Rule Certificate My Certificate Static Key The OpenVPN will use static key pre shared authorization mode and the following items Local Endpoint IP Address Remote Endpoint IP Address and Static Key will be displayed Note Static Key will be available only when TUN is chosen in Tunnel Scenario Local Endpoint IP Addre...

Страница 166: ... Note_1 Netmask will be available when TAP is chosen in Tunnel MG200 and DHCP Proxy Mode is unchecked disabled Note_2 Netmask will also be available when TUN is chosen in Tunnel MG200 Redirect Default MG200 Optional field Disabled by default Check the Enable box to activate the Redirect Default MG200 function Encryption Cipher Mandatory field Default setting Blowfish Enter the Encryption Cipher fr...

Страница 167: ...ne TLS RSA WITH RC4 MD5 TLS RSA WITH AES128 SHA TLS RSA WITH AES256 SHA TLS DHE DSS AES128 SHA TLS DHE DSS AES256 SHA Note TLS Cipher will be available only when TLS is chosen in Authorization Mode TLS Auth Key Optional field String format any text Enter the TLS Auth Key Note TLS Auth Key will be available only when TLS is chosen in Authorization Mode Client to Client Enabled by default Check the ...

Страница 168: ...DP MSS Fix will be available only when UDP is chosen in Protocol CCD Dir Default File Optional field String format any text Enter the CCD Dir Default File Value Range 0 256 characters Client Connection Script Optional field String format any text Enter the Client Connection Script Value Range 0 256 characters Additional Configuration Optional field String format any text Enter the Additional Confi...

Страница 169: ...ion you can t add any OpenVPN clients manually When Add button is clicked OpenVPN Client Configuration window will pop up It allows you to enter the required parameters for setting up an OpenVPN VPN client OpenVPN Client Configuration Item Value setting Description ...

Страница 170: ... FQDN of the peer OpenVPN Server for this OpenVPN Client tunnel Fill in the IP address or FQDN Remote Subnet Optional field Disabled by default Check the Enable box to activate remote subnet function and enter Remote Subnet of the peer OpenVPN Server for this OpenVPN Client tunnel Fill in the remote subnet address and remote subnet mask Redirect Internet Traffic Optional field Disabled by default ...

Страница 171: ...ation Mode Encryption Cipher Default setting Blowfish Enter the Encryption Cipher It can be Blowfish AES 256 AES 192 AES 128 None Hash Algorithm Default setting SHA 1 Enter the Hash Algorithm It can be SHA 1 MD5 MD4 SHA2 256 SHA2 512 None Disable LZO Compression Default setting Adaptive Enter the LZO Compression scheme It can be Adaptive YES NO Default Persis Key Optional field Enabled by default ...

Страница 172: ...TLS DHE DSS AES128 SHA TLS DHE DSS AES256 SHA Note TLS Cipher will be available only when TLS is chosen in Authorization Mode TLS Auth Key Optional field String format any text Enter the TLS Auth Key for connecting to an OpenVPN server if the server required it Note TLS Auth Key will be available only when TLS is chosen in Authorization Mode User Name Optional field Enter the user account for conn...

Страница 173: ...t Value Range 0 1500 Note Tunnel UDP Fragment will be available only when UDP is chosen in Protocol Tunnel UDP MSS Fix Disabled by default Check the Enable box to activate the Tunnel UDP MSS Fix function Note Tunnel UDP MSS Fix will be available only when UDP is chosen in Protocol nsCerType Verification Disabled by default Check the Enable box to activate the nsCerType Verification function Note n...

Страница 174: ...MG200 USER MANUAL 174 of 269 2019 BEAM ...

Страница 175: ...FQDN for clients are needed to create L2TP tunnels L2TP Client This is for MG200s in remote offices with Dynamic IP The Configuration window allows the users to enable L2TP Enable L2TP Window Item Value setting Description L2TP Disabled by default Click the Enable box to activate L2TP function Client Server Mandatory field Enter the role of L2TP Select Server or Client role your MG200 will take Be...

Страница 176: ...MG200 USER MANUAL 176 of 269 2019 BEAM ...

Страница 177: ...Enter the L2TP server ending IP of virtual IP pool It will set as the ending IP which assign to L2TP client Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol Mandatory field Select single or multiple Authentication Protocols for the L2TP server with which to authenticate L2TP clients Available authentication protocols are PAP CHAP MS CHAP MS CHAP v2 MPPE Encryption...

Страница 178: ... button to save new user account The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters Save Button Click Save button to save the settings Undo Button Click Undo button to cancel the settings When add is clicked User Name Password can be typed in into the User Account Configuration window For Client mode select Client in Client Server When Cl...

Страница 179: ...atus window When Add Edit button is applied a series of configuration windows will appear You can add up to 8 Clients L2TP Client Configuration Item Setting Value setting Description Tunnel Name Mandatory field Enter the tunnel name Enter a name that is easy for you to identify Value Range 1 32 characters ...

Страница 180: ...or this L2TP tunnel to reach L2TP server The Remote Subnet format need to be IP address netmask e g 10 0 0 2 24 It is for the Intranet of L2TP VPN server So at L2TP client peer the packets whose destination is in the dedicated subnet will be transferred via the L2TP VPN tunnel Others will be transferred based on current routing policy of the security MG200 at L2TP client peer If you entered 0 0 0 ...

Страница 181: ...d by default Check the Enable box to enable this L2TP tunnel Save Button Click Save button to save the settings Back Button When the X button is clicked the window will return to the Application Filter Configuration page 5 1 4 PPTP Navigate to the Security VPN PPTP tab Point to Point Tunneling Protocol PPTP is a method for implementing virtual private networks PPTP uses a control channel over TCP ...

Страница 182: ...hich PPTP tunnel is to be established It can be the available WAN interfaces Server Virtual IP Mandatory field Default setting 192 168 0 1 Enter the PPTP server Virtual IP address The virtual IP address will serve as the virtual DHCP server for the PPTP clients Clients will be assigned a virtual IP address from it after the PPTP tunnel has been established IP Pool Starting Address Mandatory field ...

Страница 183: ...w Item Value setting Description PPTP Server Status System data Displays the Username Remote IP Remote Virtual IP and Remote Call ID of the connected PPTP clients Click the Refresh button to renew the PPTP client information User Account List window allows you to add user accounts User Account List Window Item Value setting Description User Account List Maximum of 10 accounts This is the PPTP auth...

Страница 184: ...ult Check the Enable box to enable PPTP Client Server Client or Server Select Client or Server mode Create Edit PPTP Client PPTP Client Configuration Item Value setting Description PPTP Client Disabled by default Check the Enable box to enable PPTP client role of the MG200 PPTP Client can be added in PPTP Client List Status window When Add Edit button is applied a series PPTP Client Configuration ...

Страница 185: ...ailable only when WAN 1 interface is enabled The same applies to other WAN interfaces e g WAN 2 Remote IP FQDN Mandatory field Format can be an IPv4 address or FQDN Enter the public IP address or the FQDN of the PPTP server MTU Mandatory field Default setting 1500 Enter the MTU Value Range 0 1500 User Name Mandatory field Enter the User Name for this PPTP tunnel to be authenticated when connect to...

Страница 186: ... Authentication Protocol for this PPTP tunnel Available authentication methods are PAP CHAP MS CHAP MS CHAP v2 MPPE Encryption Optional field Disabled by default Enter whether PPTP server supports MPPE Protocol Click the Enable box to enable MPPE Note when MPPE Encryption is enabled the Authentication Protocol PAP CHAP options will not be available NAT before Tunneling Mandatory field Disabled by ...

Страница 187: ...al IP as tunnel IP and fill in the other s global IP as remote IP The Configuration window allows you to enable the GRE Tunnel Enable GRE Window Item Value setting Description GRE Tunnel Disabled by default Click the Enable box to enable GRE function Max Concurrent GRE Tunnels System data The maximum number of simultaneous GRE tunnel connection is 32 GRE Tunnel can be added in following GRE Tunnel...

Страница 188: ...0 MTU Mandatory field Default setting Auto value zero or blank MTU refers to Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission When set to Auto value 0 or blank the router selects the best MTU for best Internet connection performance Value Range 0 1500 Key Optional field Enter the Key for the GRE connection Value Range 0 9999999999 TTL Mandatory fie...

Страница 189: ...nternet accessing of GRE client peer will go through the established GRE tunnel That means the remote GRE server peer controls the flow of any packets from the GRE client peer Certainly those packets come through the GRE tunnel Tunnel Disabled by default Check Enable box to enable this GRE tunnel Save Button Click Save button to save the settings Back Button When the X button is clicked the window...

Страница 190: ...bled by default Check the Enable box to activate Packet Filter function Black List White List Deny those match the following rules is set by default When Deny those match the following rules is selected as the name suggest packets specified in the rules will be blocked blacklisted In contrast with Allow those match the following rules you can specifically white list the packets to pass and the res...

Страница 191: ...e Mandatory field Default setting Any Define the selected interface to be the packet entering interface of the router If the packets to be filtered are coming from LAN to WAN then select LAN for this field Or VLAN 1 to WAN then select VLAN 1 for this field Other examples are VLAN 1 to VLAN 2 VLAN 1 to WAN Select Any to filter packets coming into the router from any interfaces Please note that two ...

Страница 192: ...lect Any to filter packets that are entering to any IP addresses Select Specific IP Address to filter packets entering to an IP address entered in this field Select IP Range to filter packets entering to a specified range of IP address entered in this field Select IP Address based Group to filter packets entering to a pre defined group selected Note group need to be pre defined before this selecti...

Страница 193: ... range Then for Destination Port select a predefined port dropdown box when Well known Service is selected otherwise select User defined Service and enter a port range Value Range 1 65535 for Source Port Destination Port For Protocol select GRE to filter GRE packets For Protocol select ESP to filter ESP packets For Protocol select SCTP to filter SCTP packets For Protocol select User defined to fil...

Страница 194: ...l appear 5 2 2 URL Blocking Navigate to the Security Firewall URL Blocking tab URL Blocking function allows you to define blocking or allowing rules for incoming and outgoing Web request packets With defined rules MG200 can control the Web requests containing the complete URL partial domain name or pre defined keywords URL Blocking can be enabled in following Configuration page ...

Страница 195: ...ules is selected as the name suggest the matched Web request packets will be blocked White List When Allow those match the following rules is selected the matched Web request packets can pass through the MG200 and the others that don t match the rules will be blocked Log Alert Disabled by default Check the Enable box to activate Event Log URL Blocking Rule can be added in following URL Blocking Ru...

Страница 196: ...kets coming from a specified range of IP address entered in this field Select IP Address based Group to filter packets coming from a pre defined group selected Note group need to be pre defined before this option become available Refer to User Rule Grouping Host grouping Source MAC Mandatory field Default setting Any This field is to enter the Source MAC address Select Any to filter packets coming...

Страница 197: ... range of Ports entered in this field Time Schedule Rule Mandatory field Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pre configured Refer to User Rule Scheduling Configuration tab Rule Disabled by default Click the Enable box to activate this rule Save Button Click the Save button to save the settings Back Button ...

Страница 198: ...ack listed In contrast with Allow MAC Address Below you can specifically white list the packets to pass and the rest will be blocked Log Alert Disabled by default Check the Enable box to activate to activate Event Log Known MAC from LAN PC List System data Select a MAC Address from LAN Client List Click the Copy to copy the selected MAC Address to the filter rule MAC Control Rules can be added in ...

Страница 199: ...ation tab Enable Disabled by default Click Enable box to activate this rule and then save the settings Save Button Click Save to save the settings Undo Button Click Undo to cancel the settings 5 2 4 IPS Navigate to the Security Firewall Application Filter tab Intrusion Prevention System IPS is network security appliances that monitor network and or system activities for malicious activity The main...

Страница 200: ...em Value setting Description IPS Disabled by default Check the Enable box to activate IPS function Log Alert Disabled by default Check the Enable box to activate to activate Event Log The Intrusion Prevention window allows you to enable intrusion prevention rules ...

Страница 201: ...this field UDP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field ICMP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Port Scan Defection Mandatory field Disabled by default Traffic threshold default setting Click Enable box to activate ...

Страница 202: ...0 Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Save Button Click Save to save the settings Undo Button Click Undo to cancel the settings 5 2 5 Options Navigate to the Security Firewall Options tab The Firewall Options window allows you to modify the behaviour of the firewall and to enable Remote Router Access Control...

Страница 203: ...ess IP Mandatory field This field is to enter the remote host to assign access right for remote access Select Any IP to allow any remote hosts Select Specific IP to allow the remote host coming from a specific subnet An IP address entered in this field and a selected Subnet Mask to compose the subnet Service Port Default setting 80 for HTTP Default setting 443 for HTTPS This field is to enter a Se...

Страница 204: ...ernal Web Portal For external Web Portal you need to enter external RADIUS Remote Authentication Dial in User Service server and external UAM Universal Access Method server Before enabling the external Hotspot Services function please Navigate to User Rule External Server to setup external server objects like RADIUS server and UAM server Then return to configure Hotspot Services function back in t...

Страница 205: ...t setting WAN 1 Enter a WAN Interface for the authenticated clients or hosts All the traffics coming from the hosts will be directed to the specified WAN interface DHCP Server Mandatory field Default setting DHCP It can be DHCP 1 DHCP 4 if you configured the corresponding DHCP servers in Network LAN VLAN DHCP Server If DHCP 1 is selected you connected to the physical LAN port which bound the DHCP ...

Страница 206: ...ected to the Hotspot Services authentication function The MAC s filled in this field can access Internet directly instead of been re direct to the login page Walled Garden Hosts Separated by Optional setting Enter the host IP s for the MG200 that will not be subjected to the Hotspot Services authentication function The IP s filled in this field can access Internet directly instead of been re direc...

Страница 207: ...e and take actions if required When data limit is configured if data usage reaches limited quota the MG200 can be set to drop the cellular data connection If Data Limit feature is enabled all history of cellular data usage can be viewed at Status Usage Cellular Usage tab When Add button is clicked 3G 4G Data Limit Profile Configuration window will pop up You can create up to four data limit profil...

Страница 208: ...Days Weekly and Monthly Days For per Days cycle periods you need to further enter the number of days in the second box Value Range 1 90 days Weekly Monthly The cycle period is one week or one month Start Date System data Enter the date to start measure network traffic Please don t select the day before now otherwise the traffic statistics will be incorrect Data Limitation System data Enter the all...

Страница 209: ... SMS Enabled by default This is the SMS switch If the box checked that the SMS function enable if the box unchecked that the SMS function disable SIM Status System data Depend on currently SIM status The possible value will be SIM_A or SIM_B SMS Storage Default setting SIM Card Only This is the SMS storage location Currently the option only SIM Card Only SMS Space Disabled by default Check the Ena...

Страница 210: ... new SMS SMS Inbox and SMS Sent Folder SMS Summary Item Value setting Description Unread SMS System data If SIM card insert to router first time unread SMS value is zero When received the new SMS but didn t read this value plus one Received SMS System data This value record the existing SMS numbers from SIM card when received the new SMS this value plus one ...

Страница 211: ...ow Save Button Click the Save button to save changes Refresh Button Click the Refresh button to update the SMS summary immediately When New SMS button is clicked you can create the content for a new SMS New SMS Item Value setting Description Receivers System data Write the receivers to send SMS You need to add the semicolon and compose multiple receivers that can group send SMS Text Message System...

Страница 212: ...ete the SMS for all checked box from Action Close Buttons Close the Detail SMS Message window When SMS Sent Folder button is clicked the SMS Sent Folder window shows the SMS been sent SMS Sent Folder Item Value setting Description ID System data The number of SMS Receivers System data Receiver list for the sent SMS Timestamp System data What time the SMS is sent SMS Text Preview System data Previe...

Страница 213: ...MG200 USER MANUAL 213 of 269 2019 BEAM The MG200 allows you to activate and manage PIN code on a SIM card through its web GUI ...

Страница 214: ...eady SIM card is inserted and ready to use It can be a SIM card without PIN protection or that SIM card is already unlocked by correct PIN code Not Insert No SIM card is inserted in that SIM slot SIM PIN SIM card is protected by PIN code and it s not unlocked by a correct PIN code yet That SIM card is still at locked status SIM Selection Default setting SIM A Select the SIM card for further SIM PI...

Страница 215: ...PUK unlocking Note DO NOT make the remaining times down to zero it will damage the SIM card FOREVER Call for your ISP s help to get a correct PUK and unlock the SIM if you don t have the PUK code PUK Code Mandatory field Fill in the PUK code 8 digits that can unlock the SIM card in PUK unlock status New PIN Code Mandatory field Fill in the New PIN Code 4 8 digits for the SIM card You need to deter...

Страница 216: ...ge the PIN code you need to enable the SIM Lock function first fill in the PIN code and then click the Save button to enable After that you can click the Change PIN code button to change the PIN code When Change PIN Code button is clicked the following window will appear Item Value Setting Description Current PIN Code Mandatory field Fill in the current old PIN code of the SIM card New PIN Code Ma...

Страница 217: ...MG200 USER MANUAL 217 of 269 2019 BEAM Connection with SIM A SIM B Otherwise it may result in wrong SIM PIN trials with invalid old PIN code ...

Страница 218: ... services and as part of configuring the phone on the network Configuration Item Value setting Description Physical Interface Default setting 3G 4G 1 Choose a cellular interface 3G 4G 1 or 3G 4G 2 to configure the USSD setting for the connected cellular service identified with SIM_A or SIM_B SIM Status System information Show the connected cellular service identified with SIM_A or SIM_B The USSD P...

Страница 219: ...r service provider for the details Comments Optional field Enter a brief comment for the profile USSD Request can be send clear or cancel in the following window USSD Request Item Value setting Description USSD Profile Mandatory field Select a USSD profile name from the dropdown list USSD Command Mandatory field The USSD Command string of the selected profile will be shown here USSD Response Syste...

Страница 220: ...an function It can be Auto 2G Only 2G prefer 3G Only 3G prefer or LTE Only When Auto is selected the network will be register automatically If the prefer option is selected network will be register for your option first If the only option is selected network will be register for your option only Scan Approach Default setting Auto When Auto is selected cellular module register automatically If the ...

Страница 221: ... notifying events are the events that related objects have been triggered and take corresponding actions on the occurrence of the events It could be an event generated from the connected sensor or a certain connected field bus MG200 for alerting you something happened with SMS message Email and SNMP Trap etc 6 2 1 Configuration Navigate to the Service Event Handling Configuration tab Configuration...

Страница 222: ...G 1 Choose a cellular interface 3G 4G 1 or 3G 4G 2 to configure the SMS management setting SIM Status System data Show the connected cellular service identified with SIM_A or SIM_B Delete Managed SMS after Processing Disabled by default Check the Enable box to delete the received managing event SMS after it has been processed Setup the SMS Account for managing the MG200 through the SMS It supports...

Страница 223: ...ld Disabled by default Click Enable box to active the SMS response function The MG200 will send a confirmed message back to the sender whenever it received a SMS managing event The confirmed message is like following format MG200 received a SMS with command xxxxx Enable Disabled by default Click Enable box to activate this account Save Button Click the Save button to save the configuration Setup t...

Страница 224: ...MG200 USER MANUAL 224 of 269 2019 BEAM Addresses format Mandatory field Enable Disabled by default Click Enable box to activate this account Save Button Click the Save button to save the configuration ...

Страница 225: ...dress format Enter the IP address for the Remote Host IPv4 Format Protocol Type Mandatory field Default setting TCP Enter the protocol to access the Remote Host It could be TCP or UDP Port Number Mandatory field Enter the Port number for accessing the Remote Host Value Range 1 65535 Prefix Message String format Optional Setting Enter the Prefix Message string as pre defined identification for acce...

Страница 226: ... what you just configure back to the previous setting 6 2 2 Managing Events Navigate to the Service Event Handling Managing Events tab Managing Events allows you to define the rule between event trigger handlers and response Configuration Item Value setting Description Managing Events Disabled by default Check the Enable box to activate the Managing Events function Setup the Managing Event rules I...

Страница 227: ...vent type SMS or SNMP Trap and an event identifier profile Up to 3 event conditions can be specified for defining an event and the event will be triggered when all the conditions hold simutaneously AND relation The supported Event types could be SMS Select SMS and fill the message in the textbox to as the trigger condition for the event ...

Страница 228: ...Fi Checkbox and the interested sub items Wi Fi radio On Off the MG200 will change the settings as the action for the event NAT Select NAT Checkbox and the interested sub items Virtual Server Rule On Off DMZ On Off the MG200 will change the settings as the action for the event Firewall Select Firewall Checkbox and the interested sub items Remote Administrator Host ID On Off the MG200 will change th...

Страница 229: ...ying Events Navigate to the Service Event Handing Notifying Events tab Notifying Events Setting allows you to define the rules between event trigger and handlers Configuration Item Value setting Description Notifying Events Disabled by default Check the Enable box to activate the Notifying Events function Create Edit Notifying Event Rules Setup your Notifying Event rules It supports up to a maximu...

Страница 230: ...nt conditions can be specified for defining an event and the event will be triggered when all the conditions hold simutaneously AND relation The supported Event Type could be WAN Select WAN and a trigger condition to enter a certain WAN Event LAN VLAN Select LAN VLAN and a trigger condition to enter a certain LAN VLAN Event Wi Fi Select Wi Fi and a trigger condition to enter a certain Wi Fi Event ...

Страница 231: ...tion for the event Syslog Select Syslog and select unselect the Enable Checkbox to as the action for the event SNMP Trap Select SNMP Trap and the MG200 will send out SNMP Trap to the defined SNMP Event Receivers as the action for the event Email Alert Select Email Alert and the MG200 will send out an Email to the defined Email accounts as the action for the event Remote Host Select Remote Host che...

Страница 232: ...ng GPS data There are many sentences in the NMEA standard for selecting GGA GLL GSA GSV RMC and VTG ALL Other includes DTM GNS GRS GST ZDA and GBS sentences Only select the type you need otherwise it will consume unnecessary network bandwidth Note The supported message type is hardware dependent SBAS Disabled by default Check Enable box to activate satellite based augmentation system SBAS Note Som...

Страница 233: ... function Split Size Unit Define file size and unit for log file By default 200 KB is defined Value Range 10KB Minimum file size is 10 KB Download log file Select a log file and Click Download log file to download through Web GUI If the log format which is specified to download is GPX we will convert standard GPX format for used The Remote Host List window allows you to customize your rules for se...

Страница 234: ...tocol TCP or UDP to use for sending NMEA packets Port Number Mandatory field Enter a Port Number as destination port for sending NMEA packets Value Range 1 65535 Interval s Mandatory field Enter the time interval seconds between two NMEA packets Value Range 1 255 seconds Prefix Message String format any text Enter optional prefix string with specific information if your backend server can recogniz...

Страница 235: ...abled by default Check Enable box to activate this remote host rule Save Button Click the Save button to save the configuration 6 3 2 Track Viewer Navigate to the Service Location Tracking Track Viewer tab Track Viewer allows you to see the track in Google Map from GPX file recorded by GNSS In addition when GNSS is enabled current position will also be displayed in Track Viewer ...

Страница 236: ...licks Save you can load and use Google map normally However we can t guarantee the number of loading times you can reach if you don t input the API key Track Viewer lists following items in the side bar General Functions Item Value setting Description Current Track System data Show current position and current track on the map Update interval is 5 seconds If GNSS is disabled Current Track button w...

Страница 237: ...nal is disabled when no SD card is detected GPX file Mandatory field Select the expected GPX file from the dropdown list When Advanced setting button is clicked then applied window will appear Advanced Setting Item Value setting Description Track color Mandatory field Default setting 0000FF Change the color of the track The default value is 0000FF Blue Format color names e g 0000FF 00F blue Line w...

Страница 238: ...the map loads current track instead of GPX file Start time System data Show the time of the start position Time format depends on locale End time System data Show the time of the end position Time format depends on locale Duration System data Show the time difference between Start time and End time Format years months days hours minutes seconds hide the unit when 0 Refresh System data Only showing...

Страница 239: ...MG200 USER MANUAL 239 of 269 2019 BEAM map When you click the mouse on the point of curve in time speed graph it will set the centre point of the map to that position ...

Страница 240: ...y default Check the Enable box to activate the Command Script function Backup Script Button Click the Via Web UI button to backup or upload the existed command script in a txt file You can enter the script file name in Script Name below Upload Script Button Click the Via Web UI button to Upload the existed command script from a specified txt file Script Name Optional field Any valid file name Ente...

Страница 241: ...dy saved in the system Save Button Save configuration The supported plain text configuration items are shown in the following list For the settings that can be executed with standard Linux commands you can put them in a script file and apply to the system configure with STARTUP command For those configurations without corresponding Linux command set to configure you can configure them with proprie...

Страница 242: ...ield Enter the Trusted CA certificate for the OpenVPN client It will go through Base64 Conversion OPENVPN_LOCAL_CERT Mandatory field Enter the local certificate for OpenVPN client It will go through Base64 Conversion OPENVPN_LOCAL_KEY Mandatory field Enter the local key for the OpenVPN client It will go through Base64 Conversion OPENVPN_EXTRA_OPTS Options Enter the extra options setting for the Op...

Страница 243: ... as performing the Backup plain text configuration commit An existing file Commit the configuration content to database ex txtConfig commit tmp config enable NA Enable plain text system config ex txtConfig enable disable NA Disable plain text system config ex txtConfig disable run_immediately NA Apply the configuration content that has been committed in database ex txtConfig run_immediately run_im...

Страница 244: ...unction Interface Default setting WAN 1 When you finish set network WAN 1 WAN n you can choose WAN 1 WAN n When you finish set Security VPN IPSec OpenVPN PPTP L2TP GRE you can choose IPSec OpenVPN PPTP L2TP GRE tunnel the interface just like IPSec 1 Data Model Default setting ACS Cloud Data Select the TR 069 data model for the remote management ...

Страница 245: ...n ask ACS manager provide ACS ConnectionRequest Port and manually set Value Range 0 65535 ConnectionRequest UserName Mandatory field You can ask ACS manager provide ACS ConnectionRequest Username and manually set ConnectionRequest Password Mandatory field You can ask ACS manager provide ACS ConnectionRequest Password and manually set Inform Enabled by default Default setting 300 When the Enable bo...

Страница 246: ...nter the keep alive time period for the connection with STUN Server Value Range 0 65535 Save Button Click Save to save the settings Undo Button Click Undo to cancel the modifications 7 1 3 SNMP Navigate to the Administration Remote Management SNMP tab In brief SNMP the Simple Network Management Protocol is a protocol designed to give you the capability to remotely manage a computer network by poll...

Страница 247: ...lt setting ALL WANs Enter the WAN interface that a remote SNMP host can access to the MG200 By default All WANs is selected and there is no limitation for the WAN interface Supported Versions Mandatory field Disabled by default Select the version for the SNMP When Check the v1 box It means you can access SNMP with version 1 When Check the v2c box It means you can access SNMP with version 2c When C...

Страница 248: ...N side The Multiple Community List window allows you to customize your access control The router supports up to 10 community sets When Add button is applied Multiple Community Rule Configuration window will pop up Multiple Community Rule Configuration Item Value setting Description Community Mandatory field String format any text Default setting Read Only Enter this version 1 or version v2c user s...

Страница 249: ... changes to remind you to click main page Save button Back Button Click the X button to return to last page The User Privacy List window allows you to customize your access control The router supports up to 128 user Privacy sets When Add button is clicked User Privacy List window will pop up ...

Страница 250: ...not use any authentication types and encryption protocols Select the authNoPriv You need to enter the Authentication and Password Select the authPriv You need to enter the Authentication Password Encryption and Privacy Key Privacy Key String format any text When your Privacy Mode is authPriv you need to enter the Privacy Key 8 64 characters for the user Authority Default setting Read Enter the use...

Страница 251: ...Pv4 address or FQDN Enter the trap Server IP or FQDN The DUT will send trap to the server IP FQDN Server Port String format any port number The default SNMP trap port is 162 Mandatory field Enter the trap Server Port You can fill in any port number But you need to ensure the port number is not to be used Value Range 1 65535 SNMP Version Default setting v1 Select the version for the trap Selecting ...

Страница 252: ...rd If authPriv is selected you need to specify the Authentication Password Encryption and Privacy Key Authentication Mandatory field for SNMP Version v3 Default setting None When your Privacy Mode is authNoPriv or authPriv you need to enter the Authentication types for this version 3 trap Select the authentication types MD5 SHA 1 to use Encryption Mandatory field for SNMP Version v3 Default settin...

Страница 253: ...ide more setting items for the version 3 Trap SNMP MIB 2 System Configuration Item Value setting Description sysContact Optional Setting String format any text Enter the contact information forMIB 2 system Value Range 0 64 characters sysLocation Optional Setting String format any text Enter the location information forMIB 2 system Value Range 0 64 characters ...

Страница 254: ...3 Default Enterprise Number Mandatory field String format any number Enter the Enterprise Number for the private MIB Value Range 1 2080768 Enterprise OID The default value is 1 3 6 1 4 1 12823 4 4 9 Default Enterprise OID Mandatory field String format any legal OID Enter the Enterprise OID for the private MIB The range of the each OID number is 1 2080768 The maximum length of the enterprise OID is...

Страница 255: ...lnet The LAN Enable box is checked by default By default Service Port is 23 Check the Enable box to activate the Telnet function for connecting from LAN or WAN interfaces You can set which number of Service Port you want to provide for the corresponding service Value Range 1 65535 SSH The LAN Enable box is checked by default By default Service Port is 22 Check the Enable box to activate the SSH Te...

Страница 256: ...rd and enter new password to change root password Note_1 You are highly recommended to change the default telnet password with you before the MG200 is deployed Note_2 If you have trouble for the default password for previous FW version please check the corresponding User Manual to get the correct one Save Button Click Save to save the settings Undo Button Click Undo to cancel the settings ...

Страница 257: ...e Optional field Enter the host name of the MG200 Save Button Click Save button to save the settings Undo Button Click Undo button to cancel the settings Username window allows you to change the web based MMI login account to access the MG200 Username Configuration Item Value setting Description Username The default Username for web based MMI is admin Display the current MMI login account Username...

Страница 258: ...ge the web based MMI login password for the MG200 access Password Configuration Item Value setting Description Old Password String any text The default password for web based MMI is admin Enter the old password New Password String any text Enter new password New Password Confirmation String any text Enter new password again to confirm Save Button Click Save button to save the settings Undo Button ...

Страница 259: ...e box is checked default setting 300 Check the Enable box to activate the auto logout function and enter the maximum idle time as well Value Range 30 65535 GUI Access Protocol Default setting http https Select the protocol that will be used for GUI access It can be http https http only or https only HTTPs Certificate Setup Default is selected by default If the https Access Protocol is selected the...

Страница 260: ...ring the MG200 booting Fast Mode It takes shorter boot up time without checking the firmware image during the MG200 booting Quick Mode It takes the shortest boot up time without checking the firmware image and creating the internal database for User Group Hotspot Services functions Note Use Quick Mode with care once selected the User Group Hotspot Services function will become non functional Save ...

Страница 261: ...rent system time MG200 Up Time System data Displays the statistics for the MG200 up time since last boot up Refresh System data Click the Refresh button to update the system Information immediately 7 2 3 System Time Navigate to the Administration System Operation System Time tab The System Time Configuration window provides auto synchronized and manual setup for you to setup the system time for th...

Страница 262: ...onal item Disabled by default Check the Enable button to activate the daylight saving function When you enabled this function you need to enter the start date and end date for the daylight saving time duration NTP Service It is an optional item Disabled by default Check the Enable button to activate the NTP Service function When you enabled this function the MG200 can provide NTP server service fo...

Страница 263: ...MG200 USER MANUAL 263 of 269 2019 BEAM ...

Страница 264: ...unction When you enabled this function the MG200 can provide NTP server service for its local connected MG200s Save Button Click the Save button to save the settings Refresh Button Refresh the System Time Configuration window When PC is selected in Synchronization method the system time will follow the PC time System Time Information Item Value Setting Description Synchronization method Mandatory ...

Страница 265: ...nterface Time Zone Mandatory field Default setting GMT 00 00 Select a time zone where the MG200 locates NTP Service It is an optional item Disabled by default Check the Enable button to activate the NTP Service function When you enabled this function the MG200 can provide NTP server service for its local connected MG200s Synchronize immediately Button Click the Active button to synchronize the sys...

Страница 266: ...locates NTP Service It is an optional item Disabled by default Check the Enable button to activate the NTP Service function When you enabled this function the MG200 can provide NTP server service for its local connected MG200s Synchronize immediately Button Click the Active button to synchronize the system time with specified time server immediately Save Button Click the Save button to save the se...

Страница 267: ...ous page Web Log Type Category window allows you to select the type of events to be logged and displayed in the Web Log List Window as described in the previous section Web Log Type Category Setting Window Item Value Setting Description System Enabled by default Check to log system events and to display in the Web Log List window Attacks Enabled by default Check to log attack events and to display...

Страница 268: ...e type of events to log and be sent to the designated Email account Available events are System Attacks Drop Login message and Debug Syslog window allows you to select the type of event to be logged and sent to a Syslog server Syslog Setting Window Item Value Setting Description Enable Disabled by default Check Enable box to activate the Syslog function and send event logs to a syslog server Serve...

Страница 269: ...g 200 KB Enter the file size limit for each split log file Value Range 10 1000 Interval Enable Disabled by default Check enable box to enable the log interval setting Log Interval Default setting 1440 minute Enter the log interval setting Value Range 1 10080 Minute Max Records Default setting 3000 minute Enter the maximum number of records to be stored in the log storage Value Range 5 10000 Log ty...

Страница 270: ...policy please check Accept unofficial firmware Module FW Upgrade Button Upgrade Cellular module FW via Web UI Backup Configuration Settings Default setting Download You can backup or restore the MG200 configuration settings by clicking the Via Web UI button Download for backup the MG200 configuration to a config bin file Upload for restore a designated configuration file to the MG200 Via Web UI to...

Страница 271: ...g Now Chick the Reboot button to reboot the MG200 immediately or on a pre defined time schedule Now Reboot immediately Time Schedule Select a pre defined auto reboot time schedule rule to reboot the MG200 automatically To define a time schedule rule Navigate to User Rule Scheduling Configuration tab Reset to Default Button Click the Reset button to reset the MG200 configuration to its default valu...

Страница 272: ...FTP Disabled by default Check Enable box to activate the embedded FTP Server function With the FTP Server enabled you can retrieve or delete the stored log files via FTP connection Note The embedded FTP Server is only for log downloading so no write permission is implemented for user file upload to the storage FTP Port Default setting Port 21 Enter a port number for FTP connection The MG200 will l...

Страница 273: ...n PASV Mode Optional setting Check the Enable box to activate the support of overriding the IP address advertising in response to the PASV command ASCII Transfer Mode Optional setting Check the Enable box to activate the support of ASCII mode data transfers Binary mode is supported by default FTPS FTP over SSL TLS Optional setting Check the Enable box to activate the support of secure connections ...

Страница 274: ...MG200 USER MANUAL 274 of 269 2019 BEAM Value Range 1 65535 ...

Страница 275: ...uration Item Value setting Description User Name String non blank string Enter the user account for login to the FTP server Value Range 1 15 characters Password String no blank Enter the user password for login to the FTP server Directory Button Select a root directory after user login Permission Default setting Read Write Select the Read write permission Note The embedded FTP Server is only for l...

Страница 276: ...ard and then enable the Package Analyzer function File Name Optional field Blank is set by default and the default file name is Interface _ Date _ index Enter the file name to save the captured packets in log storage If Split Files option is also enabled the file name will be appended with an index code _ index The extension file name is pcap Split Files Optional field The default value of File Si...

Страница 277: ...re VAP This means the virtual AP When Wi Fi and VAP are enabled it can be selected here After you enable the Packet Analyzer function on specific Interface s you can further setup some filter rules to capture the packets which matched the rules Capture Fitters Item Value setting Description Filter Optional setting Check Enable box to activate the Capture Filter function ...

Страница 278: ... Destination MACs Optional setting Define the filter rule with Destination MACs which means the destination MAC address of packets Packets which match the rule will be captured Up to 10 MACs are supported but they need to be separated with e g AA BB CC DD EE FF 11 22 33 44 55 66 The packets will be captured when match any one MAC in the rule Destination IPs Optional setting Define the filter rule ...

Страница 279: ... lost for more than twice then the connection is lost and the route cannot be evaluated First you need to enter an IP FQDN the test interface LAN WAN or Auto and the protocol UDP or ICMP and by default it is UDP Then system will try to trace the specified host to test whether it is alive after clicking on Tracert button A test result window will appear beneath it Speed Test Optional setting This a...

Страница 280: ...t C 1995 1998 Eric Young eay cryptsoft com GPL License https www openssl org brctl ethernet bridge administration Stephen Hemminger shemminger osdl org Lennert Buytenhek buytenh gnu org version 1 1 GNU GENERAL PUBLIC LICENSE Version 2 June 1991 tc show manipulate traffic control settings Stephen Hemminger shemminger osdl org Alexey Kuznetsov kuznet ms2 inr ac ru version iproute2 ss050330 GNU GENER...

Страница 281: ...f 269 2019 BEAM Copyright c 1996 2014 by Alexander V Lukyanov lav yars free net dnsmasq A lightweight DHCP and caching DNS server Simon Kelley simon thekelleys org uk version 2 72 dnsmasq is Copyright c 2000 2014 Simon Kelley ...

Страница 282: ...tribute verbatim copies of this license document but changing it is not allowed https www openswan org Opennhrp Version v0 14 1 OpenNHRP is an NHRP implementation for Linux It has most of the RFC2332 and Cisco IOS extensions Project homepage http sourceforge net projects opennhrp Git repository git opennhrp git sourceforge net gitroot opennhrp LICENSE OpenNHRP is licensed under the MIT License See...

Страница 283: ... Inc You may distribute it under the terms of the GNU General Public License the GPL Version 2 or at your option any later version http www roaringpenguin com L2TPServ Version v 1 3 1 GNU GENERAL PUBLIC LICENSEVersion 2 June 1991 Copyright C 1989 1991 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this...

Страница 284: ...L 284 of 269 2019 BEAM MiniUPnP The miniUPnP daemon is an UPnP IGD internet Gateway MG200 which provide NAT traversal services to any UPnP enabled client on the network Version 1 7 Copyright c 2006 2011 Thomas BERNARD ...

Страница 285: ...ht C 2007 Free Software Foundation Inc http fsf org NTPClient an NTP RFC 1305 RFC 4330 client for unix alike computers Version 2007_365 Copyright 1997 1999 2000 2003 2006 2007 Larry Doolittle exFAT FUSE based exFAT implementation Version 0 9 8 Copyright C 2010 2012 Andrew Nayenko ONTFS_3G The NTFS 3G driver is an open source freely available read write NTFS driver for Linux FreeBSD Mac OS X NetBSD...

Страница 286: ...Licensed GPLed code so it may be used in proprietary projects just like prior Python distributions There are interfaces to some GNU code but these are entirely optional OpenPAM Radula This software was developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories the Security Research Division of Network Associates Inc under DARPA SPAWAR contract N66001 01 C 8035 CBOSS as pa...

Страница 287: ...MG200 USER MANUAL 287 of 269 2019 BEAM ...

Страница 288: ... is 10 95 non condensing Do not operate the MG200 beyond this range or expose to liquid Do not operate the MG200 beyond operating temperature range 30 C to 70 C Before decommissioning do check and follow local regulations for disposal of electronic products For DC power source applications before connecting power check the output voltage and rated current of the power source Output voltage should ...

Страница 289: ...MG200 USER MANUAL 289 of 269 2019 BEAM ...

Страница 290: ...90 of 269 2019 BEAM Appendix C BEAM Warranty Terms and Conditions Please visit following web page for the latest warranty terms and conditions https beamcommunications com support service warranty beam warranty conditions ...

Страница 291: ...269 2019 BEAM Appendix D Compliance The MG200 complies with the following standards EMC EN 55032 ETSI EN 301 489 1 ETSI EN 301 489 17 EN 301489 52 Radio ETSI EN 300 328 AS ACIF S042 1 AS CA S042 4 Safety AS NZS 2772 2 IEC62368 ...

Результаты поиска

Содержание MG200

Отзывы:

Бренды по названию

Популярные бренды

Beam MG200, Руководство пользователя

Результаты поиска

Содержание MG200

Отзывы:

Бренды по названию

Популярные бренды