Billion M500 Скачать руководство пользователя | Manualshive

Страница: 108 / 181

background image

104



Subnet:

The subnet of the local network, for establishing an IPSec tunnel between a pair of

security gateways (network-to-network), If the remote peer is a network, select Subnet.

IPSec Phase 1(IKE)

IKE Mode:

IKE, Internet Key Exchange, is the mechanism to negotiate and exchange parameters

and keys between IPSec peers to establish security associations(SA). Select Main or Aggressive
mode.

Pre-Shared Key:

This is for the Internet Key Exchange (IKE) protocol, a string from 4 to 128

characters. Both sides should use the same key. IKE is used to establish a shared security policy and
authenticated keys for services (such as IPSec) that require a key. Before any IPSec traffic can be
passed, each router must be able to verify the identity of its peer. This can be done by manually
entering the pre-shared key into both sides (router or hosts).

Local ID Type

and

Remote ID Type:

When the mode of IKE is aggressive, Local and Remote peers

can be identified by other IDs.

IDContent:

Enter IDContent the name you want to identify when the Local and Remote Type are

Domain Name; Enter IDContent IP address you want to identify when the Local and Remote Type are
IP addresses (IPv4 and IPv6 supported).

Encryption Algorithm:

Select the encryption algorithm from the drop-down menu. There are several

options: DES and AES (128, 192 and 256). 3DES and AES are more powerful but increase latency.



DES:

Stands for Data Encryption Standard, it uses 56 bits as an encryption method.



3DES:

Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption

method.



AES:

Stands for Advanced Encryption Standards, you can use 128, 192 or 256 bits as

encryption method.

Authentication Algorithm:

Authentication establishes the integrity of the datagram and ensures it is

not tampered with in transmission. There are 3 options: Message Digest 5 (MD5) and Secure Hash
Algorithm (SHA1, SHA256). SHA1 is more resistant to brute-force attacks than MD5. However, it is
slower.



MD5:

A one-

way hashing algorithm that produces a 128−bit hash.



SHA1:

A one-

way hashing algorithm that produces a 160−bit hash.

Diffle-Hellman Group:

It is a public-key cryptography protocol that allows two parties to establish a

shared secret over an unsecured communication channel (i.e. over the Internet). MODP stands for
Modular Exponentiation Groups.

IPSec Phase 2(IPSec)

IPSec Proposal:

Select the IPSec security method. There are two methods of verifying the

authentication information, AH(Authentication Header) and ESP(Encapsulating Security Payload).

«
...
106
107
108
109
110
...
»

Содержание M500

Страница 1: ...Last revised date November 16 2016 Billion M500 4G LTE Industrial In Vehicle Multi Carrier Router User Manual Version release 1 05 1 1 ...

Страница 2: ...allation 13 Installation Reference 14 Cabling 17 Default Settings 18 Information from Your ISP 19 Chapter 4 Device Configuration 20 Login to your Device 20 Status 22 Device Info 23 System Log 25 4G LTE Status 26 GPS Status 27 Hardware Monitor 28 Hotspot Status 29 Statistics 30 DHCP Table 34 IPSec Status 35 PPTP Status 36 L2TP Status 37 GRE Status 38 OpenVPN Status 39 Disk Stauts 40 ARP Table 41 Qu...

Страница 3: ...c 102 PPTP Server 112 PPTP Client 114 L2TP 122 GRE Tunnel 132 OpenVPN Server 137 OpenVPN Client 139 Access Management 144 Device Management 145 SNMP 146 Remote System Log 147 Universal Plug Play 148 Dynamic DNS 149 Access Control 151 Packet Filter 153 CWMP TR 069 156 Parental Control 158 SAMBA FTP Server 159 Maintenance 160 User Management 161 Certificate Management 165 Time Zone 167 Firmware Conf...

Страница 4: ...3 Problem with LAN Interface 174 Recovery Procedures 174 Appendix Product Support Contact 176 ...

Страница 5: ...ter is a feature rich industrial class router combined with robust network processing and Multi WAN connectivity purposely built for network resilience and business continuity The platform supports dual SIM and dual LTE radios for carrier redundancy or load balancing between carriers networks In the event of a connectivity failure of the primary WAN interface traffic is automatically redirected to...

Страница 6: ...llhead gas drilling manufacturing factories and virtually anywhere that requires a robust wireless connection Secure VPN Connections The Industrial LTE Router supports comprehensive and robust IPSec PPTP L2TP GRE OpenVPN VPN Virtual Private Network protocols for business users to establish private encrypted tunnels over the public Internet to secure data transmission between headquarters and branc...

Страница 7: ...rivacy WEP Secured IPSec VPN with powerful DES AES Secured PPTP VPN with Pap Chap MPPE authentication Secured L2TP VPN with Pap Chap authentication Secured GRE VPN tunnels Secured OpenVPN Server and Client Firewall Security with DoS Preventing and Packet Filtering Universal Plug and Play UPnP Compliance Ease of Use with Quick Installation Wizard USB port for NAS FTP SAMBA server Global Navigation ...

Страница 8: ...g and Play UPnP Compliant Dynamic Domain Name System DDNS Virtual Server and DMZ SNTP DNS proxy IGMP snooping and IGMP proxy MLD snooping and MLD proxy Firewall Built in NAT Firewall Stateful Packet Inspection SPI DoS attack prevention including Land Attack Ping of Death etc Access control IP MAC filter URL Content Filter Password protection for system management VPN pass through Virtual Private N...

Страница 9: ...USB Application Server Storage NAS SAMBA Server FTP Server Management Quick Installation wizard Web based GUI for remote and local management Firmware upgrades and configuration data upload and download via web based GUI Supports DHCP server client relay Supports SNMP v1 v2 v3 MIB I and MIB II TR 069 3 supports remote management 1 The 4G LTE is dependent on your local service provider 2 The suppor...

Страница 10: ...odem for Broadband connectivity GNSS Embeded GNSS SIM card slot 2 mini SIM 2FF card slots USB 2 USB 2 0 Type A Host port for storage service Mini USB 2 mini USB connectors for 4G LTE module debug 4G LTE antenna 4 detachable antennas 2 antennas for each 4G LTE module GPS antenna 1 detachable active GPS antenna WiFi antenna 2 detachable wireless antennas Factory default reset button Wireless on off ...

Страница 11: ...7 Application Diagram The Industrial LTE Router is specifically designed to provide outstanding network efficiency and internet security for a wide range of applications and vertical M2M market segments ...

Страница 12: ... not use the router in high humidity or high temperature Do not open or repair the case yourself If the device becomes too hot turn off the power immediately and have it repaired at a qualified service center Avoid using this product and all accessories outdoors Warning ...

Страница 13: ... On Off the wireless 2 WPS Press hold the button for less than 6 seconds to trigger WPS function 4 Reset button After the device is powered on press it 6 seconds or above to restore to factory default settings this is used when you cannot login to the router e g forgot your password 5 Mini USB port Direct connect to embedded 4G LTE module for debuging or module firmware upgrade 6 SIM card slot Ins...

Страница 14: ...a Screw the supplied GPS antenna onto the antenna connectors 4 Power connector Connect the supplied Power cable to this connector 5 USB port The USB can support setup for storage file sharing Connect an external USB dongle hard drive for storage 6 Gigabit Ethernet LAN 1 LAN 4 Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network...

Страница 15: ... GPS active 5 WAN LED Received Signal Strength Indicator The 4G LTE received signal dual colar LED behaves as shown below Green RSSI greater than 69 dBm Excellent signal condition Green Flashing quickly RSSI from 81 to 69 dBm Good signal condition Red Flashing quickly RSSI from 99 to 81 dBm Fair signal condition Red Flashing slowly RSSI less than 99 dBm Poor signal condition Red No signal and the ...

Страница 16: ...ore starting recovery process please configure the IP address of the PC as 192 168 1 100 and proceed with the following step by step guide 1 Power the router off 2 Press reset button and power on the router once the Power flashes Red and Green keeping press reset button over 6 seconds 3 Internet led flashes Green and Red router entering recovery procedure and router s IP will reset to Emergency IP...

Страница 17: ...ddress in the range of 192 168 1 1 to 192 168 1 253 The best and easiest way is to configure the PC to get an IP address automatically from the router using DHCP If you encounter any problems accessing the router s web interface it may also be advisable to uninstall any kind of software firewall on your PCs as they can cause problems accessing the 192 168 1 254 IP address of the router Users shoul...

Страница 18: ...oceeding Turn to the panel with SIM card slot Insert the SIM card with the gold contact facing up Push the SIM card inwards to inject it Use the SIM 1 first use the SIM 2 for a secondary back up SIM Warning Before inserting or removing the SIM card you must disconnect the router from the power adapter Power Installation Case 1 ...

Страница 19: ...turn off after the input has been held at low for the timeout period The router will then reboot when the input is returned to high If the input is held low for less than the timeout period before returning to high no action is taken This diagram shows the connector pin definition Pin Definition Details Wireless Color 1 Ground Black 2 Ground Black 3 ACC Standard ignition on signal The voltage high...

Страница 20: ...16 The wire colors shown are for the power GPIO cable that comes with the Industrial LTE Router optional ...

Страница 21: ...auses of problems is bad cabling Make sure that all connected devices are turned on On the front panel of the product is a bank of LEDs Verify that the LAN Link and LEDs are lit If they are not verify that you are using the proper cables ...

Страница 22: ... Settings IP Address 192 168 1 254 Subnet Mask 255 255 255 0 DHCP Server DHCP server is enabled Start IP Address 192 168 1 100 IP pool counts 20 Attention If you ever forget the username password to login to the router you may press the RESET button up to 6 seconds then release it to restore the factory default settings Caution After pressing the RESET button for more than 6 seconds then release i...

Страница 23: ...configuring this device you have to check with your ISP Internet Service Provider what kind of service is provided such as 4G LTE EWAN Dynamic IP address Static IP address PPPoE Mode or Wireless Client Dynamic IP address Static IP address ...

Страница 24: ...e IP address of your router which by default is 192 168 1 254 and click Go a user name and password window prompt appears The default username and password is admin and admin respectively for the Administrator Congratulations You have successfully logged on to your Industrial LTE Router ...

Страница 25: ...ch includes Status Device Info System Log 4G LTE Status GPS Status Hardware Monitor Hotspot Status Statistics DHCP Table IPSec Status PPTP Status L2TP Status GRE Status OpenVPN Status Disk Status ARP Table Quick Start Wizard Setup Configuration Interface Setup Dual WAN Hotspot Advanced Setup VPN Access Management Maintenance Please see the relevant sections of this manual for detailed instructions...

Страница 26: ...can check the router working status including Device Info System Log 4G LTE Status GPS Status Hardware Monitor Hotspot Status Statistics DHCP Table IPSec Status PPTP Status L2TP Status GRE Status OpenVPN Status Disk Status ARP Table ...

Страница 27: ...tem Up Time The duration since system is up Physical Port Status Here the page shows the status of physical port of 4G LTE EWAN WirelessClient Ethernet and Wireless WAN Interface The WAN interface 4G LTE 1 4G LTE 2 EWAN LAN4 and Wireless Client Protocol The protocol in use Connection The connection status of the link IP Address The WAN interface IP address obtained Default Gateway The default gate...

Страница 28: ...Subnet mask for IPv4 or Prefix length for IPv6 on LAN DHCP Server LAN port DHCP information Wireless Mode The wireless mode in use SSID The SSID Channel The current channel Security The wireless security setting authentication type ...

Страница 29: ...m Log In system log you can check the operations status and any glitches to the router Refresh Press this button to refresh the statistics Backup Back up the current system log file and save it to your computer ...

Страница 30: ...rference plus Noise Ratio is also a measure of signal quality as well It is widely used by the operators as it provides a clear relationship between RF conditions and throughput Note Some LTE modules do not provide this information Network Name The name of the LTE network the router is connecting to Cell ID The ID of base station that the device is connected to Card IMEI The unique identification ...

Страница 31: ...27 GPS Status In GPS status you can check the UTC time position of the router ...

Страница 32: ...28 Hardware Monitor In hardware monitor you can check the voltage current and temperature of system ...

Страница 33: ...o connect in IP Address The IP assigned to the client Authenticated Show the client is authorized or not User Name The username of the logined client in agreement mode no username showed Duration Time The uptime of the client Upload The upload traffic percentage of the used to the maximum allowed Dowload The download traffic percentage of the used to the maximum allowed ...

Страница 34: ...splays the total number of frames transmitted till the latest second since system is up Transmit Total Bytes This field displays the total number of bytes transmitted until the latest second since system is up Receive Frames of Current Connection This field displays the number of frames received until the latest second for the current connection Receive Bytes of Current Connection This field shows...

Страница 35: ...llision This is the number of collisions on this port Transmit Error Frames This field displays the number of error packets on this port Receive Frames This field displays the number of frames received until the latest second Receive Multicast Frames This field displays the number of multicast frames received until the latest second Receive Total Bytes This field displays the number of bytes recei...

Страница 36: ...on This is the number of collisions on this port Transmit Error Frames This field displays the number of error packets on this port Receive Frames This field displays the number of frames received until the latest second Receive Multicast Frames This field displays the number of multicast frames received until the latest second Receive Total Bytes This field displays the number of bytes received u...

Страница 37: ...rror frames transmitted until the latest second Transmit Drop Frames This field displays the number of drop frames transmitted until the latest second Receive Frames This field displays the number of frames received until the latest second Receive Error Frames This field displays the number of error frames received until the latest second Receive Drop Frames This field displays the number of drop ...

Страница 38: ...with clear information Index The index identifying the connected devices Host Name Show the hostname of the PC IP Address The IP allocated to the device MAC Address The MAC of the connected device Expire Time The total remaining interval since the IP assignment to the PC ...

Страница 39: ...el is active for connection Connection State Show the IPSec phase 1 and phase 2 connecting status Statistics Display the upstream downstream traffic per session in KB The value clears when session disconnects Remote Gateway The IP of the remote IPSec gateway Remote Network The IP and netmask of remote access range Local Network The IP and netmask of local access range ...

Страница 40: ...mote network and subnet mask in LAN to LAN PPTP connection Refresh Click this button to refresh the connection status PPTP Client Index The PPTP client tunnel index number Connection Name Show user defined PPTP VPN connection name Active Show if the tunnel is active for connection Connection State Show the connecting status Connection Type Remote Access or LAN to LAN Server IP Address Show the IP ...

Страница 41: ...e Active Show if the tunnel is active for connection Connection State Show the connecting status Connection Mode The L2TP mode is dialin or dialout Connection Type Remote Access or LAN to LAN Tunnel Remote IP Address Display the remote tunnel IP address Refresh Click this button to refresh the connection status ...

Страница 42: ...ion Name Display the user defined GRE connection name Active Show if the tunnel is active for connection Remote Gateway IP The IP of the remote GRE gateway Remote Network Display the remote network Refresh Click this button to refresh the connection status ...

Страница 43: ... virtual tunnel subnet of the server Status The status of the rule OpenVPN Client Index The index to identify the OpenVPN connection rule Connection Name User defined name to mark the connection rule Active Yes or no to demosntrate the rule is active or not Remote Server Show the remote server public IP port protocl Status The status of the rule Detail Info Show the assigned virtual IP and routing...

Страница 44: ...40 Disk Stauts Partition Display the USB storage partition Disk Space KB Display the total storage space of the NAS in Kbytes unit Free Space KB Display the available space in Kbytes unit ...

Страница 45: ...ble which shows the mapping of IP addresses to Ethernet MAC addresses Index The Index of the ARP rule item IP Address Shows the IP Address of the device that the MAC address maps to MAC Address Shows the MAC address that is corresponded to the IP address of the device it is mapped to ...

Страница 46: ...ce For detailed instructions on configuring WAN settings see refer to the Interface Setup section Click Next to move on to Step 1 Step 1 Password Set new password of the admin account to access for router management The default is admin Once changed please use this new password next time when accessing to the router Click Next to continue Step 2 Time Zone Choose your time zone Click Next to contin...

Страница 47: ...ext to continue Input all relevant 3G 4G LTE parameters from your ISP 4 2 If selected EWAN If selected PPPoE please enter PPPoE account information provided by your ISP Click Next to continue Or others protocol assigned by your ISP If selected Dynamic IP Address click Next to continue Or others protocol assigned by your ISP ...

Страница 48: ...44 Step 5 Quick Start Completed The Setup Wizard has completed Click on Back to modify changes or mistakes Click Next to save the current settings Step 6 Quick Start Completed ...

Страница 49: ...ion Click to access and configure the available features in the following Interface Setup Dual WAN Hotspot Advanced Setup VPN Access Management and Maintenance These functions are described in the following sections ...

Страница 50: ...46 Interface Setup Here are the features under Interface Setup Internet LAN Wireless and Wireless MAC Filter ...

Страница 51: ...which mode to use you may select Automatic to auto detect the best mode for you TEL No The dial string to make a GPRS 3G 4G LTE user internetworking call It may provide by your mobile service provider Dual APN The Router can support up to two APNs Select Single or Dual APN An APN is similar to a URL on the WWW it is what the unit makes a GPRS UMTS call The service provider is able to attach anythi...

Страница 52: ... router will ping the IP to find whether the connection is on or not if not router will recover the connection Default Route Select Yes to use this interface as default route interface NAT Select this option to Disabled Enable the NAT Network Address Translation function Enable NAT to grant multiples devices in LAN to access to the Internet through a single WAN IP MTU Set the MTU maximum transimis...

Страница 53: ...49 EWAN ...

Страница 54: ...ter will not accept the IP address if it is not in this format PPPoE Select this option if your ISP requires you to use a PPPoE connection Bridge Select this mode if you want to use this device as an OSI Layer 2 device like a switch 802 1q Options 802 1q When activated please enter a VLAN ID VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagg...

Страница 55: ...mum Segment Size MSS IP Options Default Route Select Yes to use this interface as default route interface TCP MTU Option Enter the maximum packet that can be transmitted Default MTU is set to 1492 IPv4 Options Get IP Address Choose Static or Dynamic Static IP Address If Static is selected in the above field please enter the specific IP address you get from ISP and the following IP subnet mask and ...

Страница 56: ...oup Multicast Protocol is a network layer protocol used to establish membership in a Multicast group Choose whether enable IGMP proxy IPv6 Options only when choose IPv4 IPv6 or just IPv6 in IP version field above IPv6 Address Type the WAN IPv6 address from your ISP Obtain IPv6 DNS Choose if you want to obtain DNS automatically Primary Secondary DNS if you choose Disable in the Obtain IPv6 DNS fiel...

Страница 57: ...provided to you by your ISP Each IP address entered in the fields must be in the appropriate IP form IP address from by four IP octets separated by a dot xx xx xx xx The Router will not accept the IP address if it is not in this format IP Common Options Default Route Select Yes to use this interface as default route interface IPv4 Options NAT Select Enable if you use this router to hold a group of...

Страница 58: ...54 Use Scan button to scan the available SSIDs in the air find your desired on type the encypytion key ...

Страница 59: ...55 LAN A Local Area Network LAN is a shared communication system to which many computers are attached and is limited to the immediate area usually the same building or floor of a building ...

Страница 60: ...Select the RIP version from RIP1 or RIP2 DHCPv4 Server DHCP Dynamic Host Configuration Protocol allows individual clients to obtain TCP IP configuration at start up from a server DHCPv4 Server If set to Enabled your M100 can assign IP addresses default gateway and DNS servers to the DHCP client If set to Disabled the DHCP server will be disabled If set to Relay the M100 acts as a surrogate DHCP se...

Страница 61: ...n see the ones listed as showed below IPv6 parameters The IPv6 address composes of two parts thus the prefix and the interface ID Interface Address Prefix Length Enter a static LAN IPv6 address If you are not sure what to do with this field please leave it empty as if contains false information it could result in LAN devices not being able to access other IPv6 device Router will take the same WAN ...

Страница 62: ...e prefix message and generate an address using a combination of locally available information MAC address and information prefix advertised by routers but they can obtain such information like DNS from DHCPv6 Server Stateful If selected the PCs in LAN will be configured like in IPv4 mode thus obtain addresses and DNS information from DHCPv6 server Start interface ID enter the start interface ID Th...

Страница 63: ...on introduces the wireless LAN and some basic configurations Wireless LANs can be as complex as a number of computers with wireless LAN cards communicating through access points which bridge network traffic to the wired LAN ...

Страница 64: ...ue between 20 and 1000 A beacon is a packet broadcast by the Router to synchronize the wireless network RTS CTS Threshold The RTS Request To Send threshold number of bytes for enabling RTS CTS handshake Data with its frame size larger than this value will perform the RTS CTS handshake Enter a value between 1500 and 2347 Fragmentation Threshold The threshold number of bytes for the fragmentation bo...

Страница 65: ...to a unique ID name to the AP which is already built in to the router s wireless interface Make sure your wireless clients have exactly the SSID as the device in order to get connected to your network Broadcast SSID Select Yes to make the SSID visible so a station can obtain the SSID through passive scanning Select No to hide the SSID in so a station cannot obtain the SSID through passive scanning...

Страница 66: ...PSK If you require high security for transmissions please select WPA PSK WPA2 PSK or WPA WPA2 PSK WEP 64 bit WEP 128 bit WEP Authentication Method WEP authentication method there are two methods of authentication used Open System authentication OPENWEB and Share Key authentication SHAREDWEB We suggest you select OPENWEB Key 1 to Key 4 Enter the key to encrypt wireless data To allow encrypted data ...

Страница 67: ...s or 64 hexadecimal characters Key Renewal Interval The time interval for changing the security key automatically between wireless client and AP WDS Settings WDS Wireless distributed system is a wireless access point mode that enables wireless link and communication with other access point It is easy to be installed just define the peer s MAC of the connected AP WDS Mode select Activated to enable...

Страница 68: ...h the wireless client s WPS utility e g Ralink Utility Set the Config Mode as Enrollee press the WPS button on the top bar select the AP e g Billion_AP from the WPS AP List column Then press the PIN button located on the middle left of the page to run the scan 4 The client s SSID and security setting will now be configured to match the SSID and security setting of the registrar router ...

Страница 69: ...65 ...

Страница 70: ...ent s WPS utility e g Ralink Utility Set the Config Mode as Registrar Enter the PIN number in the PIN Code column then choose the correct AP e g Billion_AP from the WPS AP List before pressing the PIN button to run the scan 3 The router s AP s SSID and security setting will now be configured to match the SSID and security setting of the registrar client ...

Страница 71: ...re that the setup is correctly done cross check to see if the SSID and the security setting of the registrar setting match with the parameters found on both Wireless Configuration and Wireless Security Configuration page ...

Страница 72: ... as Enrollee Then press the WPS button and choose the correct AP e g Billion_AP from the WPS AP List section before pressing the PBC button to run the scan 3 When the PBC button is pushed a wireless communication will be established between your router and the PC The client s SSID and security setting will now be configured to match the SSID and security setting of the router ...

Страница 73: ...ress of the devices you wish to filter SSID Index Select the targeted SSID you want the MAC filter rules to apply to Active Select Activated to enable MAC address filtering Action Define the filter action for the list of MAC addresses in the MAC address filter table Select Deny to block access to the AP MAC addresses not listed will be allowed to access the router Select Allow to permit access to ...

Страница 74: ...ernet connection Users can set a WAN1 main WAN and WAN 2 backup WAN and when WAN1 fails it will switch to WAN2 and when WAN1 restores it will switch to WAN1 again General Setting Select Failover Failback or Failover Proirity to enable the failover failback feature to keep WAN always on or Load Balance to maximize WAN band width ...

Страница 75: ...he backup link WAN2 when primary link WAN1 fails and vise versa Example Auto failover takes place after straight 3 consecutive failures in every 30 seconds meaning all traffic will hand over to backup link WAN2 after primary link fails to response in total of 90 seconds 30 seconds for 3 consecutive failures Note Failover and Failback follow the same Connectivity Decision Probe Cycle rule to failov...

Страница 76: ... for WAN1 The main WAN WAN2 Select the 4G LTE 2 EWAN or Wireless Client for WAN2 as backup port if you select 4G LTE 1 as WAN1 Connectivity Decision Set how many times of probing failure to switch to backup port Priority by The condition is signal strength Switch to the WAN port which has good signal strength ...

Страница 77: ...ure to disable load balance Connectivity Decision Probe Cycle Set a number of times and time in seconds to determine when to turn off the Load Balancing service Example Disable Load Balance after straight 3 consecutive failures in every 30 seconds meaning all traffic will hand over to backup link WAN2 after primary link fails to response in total of 90 seconds 30 seconds for 3 consecutive failures...

Страница 78: ...and less delay User can distribute outbound traffic based on Session Mechanism or IP Hash Mechanism Base on Session Mechanism Balance by Session Round Robin Balance session traffic based on a round robin method Balance by Session weight Balance session traffic based on a weight ratio Enter the desired ratio in the fields provided Base on IP Hash Mechanism Balance by weight Use an IP hash to balanc...

Страница 79: ... the WAN interface the to be set rule will apply to and what type of traffic is to be bound to forward to the which WAN interface Source IP Address Enter the source IP address featuring the traffic origin Subnet Mask Enter the subnet of the designation network Port Number Enter the port number which defines the application Destination IP Address Enter the destination IP address featuring the traff...

Страница 80: ...illion Industrial LTE Router HotSpot Gateway provides authentication for clients before access to public networks It also allows users to access some web pages without authentication using Walled Garden feature Rich features are explained in these sections General Setting Built In User Account Walled Garden Advertisment Session Log and Customization ...

Страница 81: ... Authentication when authentication is selected client needs to provide authenticated account either via external RADIUS server or built in user account database to login to access internet Agreement when ageeemnt is selected client doesn t need an account to access internet Open your brower the hotspot guide page directly appears Redirection on successful authentication to Set the URL to be redir...

Страница 82: ...login attempt proves failed another try needed Idle Timeout period of inactivity for each client When there is no traffic from this client literally client computer should be switched off once the timeout is reached the link disconnect automatically Upload Download Bandwidth The maximum usage bandwidth to each client ...

Страница 83: ...ccount This part is to configure the local valid user account database Up to 16 accounts can be created Rule Index 0 15 the valid user identifier index User Name Password Enter the username password for each valid user ...

Страница 84: ...oy unlimited Upload Download Bandwidth These privilegd clients can be added by MACs Authorized of Client Activate or Deactivate the feature Rule Index 0 15 trusted users can be added each identified by a rule index Active Activate the rule or not If activated the client is a trusted client MAC Address Enter the authorized client MAC ...

Страница 85: ...thentication Rule Index 0 15 different domain names or IP addresses can be added Active Select Yes to activate the rule If activated the domain name or IP will be open without authentication to access Domain name or IP Address Enter the domain name or IP address open to access for unauthorized clients ...

Страница 86: ... some website after successfully logged in Advertisement Activate or deactivate the Advertisement feature Mode The mode the propaganda advertisement is shown in Rule Index The rule index identifying the URL 0 15 URLs can be created URL The propaganda web URL ...

Страница 87: ...lped by Mail Alert How often to record the session log and to mail can be set here Session Log Activate session log or not Log Session data every Set how often to record the session log By default session log records every 1 minutes Mail Session Log File every Set how often to send the session log file ...

Страница 88: ...ers to customize their desired authenticate page strings if not default settings are showed on the authentication page Places where strings are to be shown are listed in the following screenshots in red rectangle please check where to change ...

Страница 89: ...etup Wirelss to set the WLAN1 hotspot is running on WLAN1 Change SSID to M500 Hotspot for test Note Before using hotspot please connect to the SSID running hotspot first 2 Hotspot interface login setting and the session control setting Here the login mode is Authentication and Authentication Method is RADIUS for authtication If the Authentication Method is Built in User Account for authtication cr...

Страница 90: ...86 ...

Страница 91: ...less Client Connection 1 Connect to the SSID M500 Hotspot on the laptop 2 Launch the web brower the hotspot welcome and authentication page pops up 3 Input correct Username and Password then loging successfull ...

Страница 92: ...88 Advanced Setup Advanced Step provides advanced features including Firewall Routing Dynamic Routing NAT Static DNS Time Schedule and Mail Alert for advanced users ...

Страница 93: ...annot be directly accessed from the Internet Firewall To automatically detect and block Denial of Service DoS attacks such as Ping of Death SYN Flood Port Scan and Land Attack Enabled It activates your firewall function Disabled It disables the firewall function SPI If you enabled SPI all traffics initiated from WAN would be blocked including DMZ Virtual Server and ACL WAN side Enabled It activate...

Страница 94: ...nts the cost of transmission for routing purposes The number need not be precise but it must be between 1 and 15 Interface Media channel selected to append the route Edit Edit the route this icon is not shown for system default route Drop Drop the route this icon is not shown for system default route Add Route Destination IP Address This is the destination subnet IP address Destination Subnet Mask...

Страница 95: ...h will be our next topic the pricipal routing protocol between autonomous systems on the itnernet OSPF Enable to actiavte OSPF routing Rule Index A totoal 10 OSPF rules are allowed ranging from 0 to 9 Interface Set the interface which runs the OSPF process involved in OSPF routing It can be WAN interfaces or established GRE tunnels Area ID The OSPF area identifier It is a decimal number in the ran...

Страница 96: ...he AS number of local router The AS number is used to identify the IBGP or EBGP your neighbor is running The same AS number means the IBGP and the different means EBGP Rule Index A totoal 10 BGP rules are allowed ranging from 0 to 9 Neighbor IP Set your neighbor IP Neighbor AS Number Set your neghbor AS number Allowas in Enable to allow inter communication between devices in the same AS If the loc...

Страница 97: ... communications In this session there are VPN Passthrough SIP ALG DMZ and Virtual Server provided to solve these nasty problems NAT Status Enabled It depends on ISP Connection Type in Internet settings VPN Passthrough VPN pass through is a feature of routers which allows VPN client on a private network to establish outbound VPNs unhindered SIP ALG Enable the SIP ALG when SIP phone needs ALG to pas...

Страница 98: ...activates your DMZ function Disabled It disables the DMZ function DMZ Host IP Address Give a static IP address to the DMZ Host when Enabled radio button is checked Be aware that this IP will be exposed to the WAN Internet Select the Save button to apply your changes Except Ports Commonly all incoming packets will be passed to the DMZ host after being checked by the Firewall and NAT algorithms But ...

Страница 99: ...nal service request to the appropriate server within the LAN network Virtual Server for Indicate the related WAN interface which allows outside network to connect in and communicate Protocol Choose the application protocol Start End Port Number Enter a port or port range you want to forward Example Start End 21 or Start 1000 End 2000 The starting greater than zero 0 and the ending port must be the...

Страница 100: ...twork For this reason you are advised to use specific Virtual Server entries just for the ports your application requires instead of using DMZ As doing so will result in all connections from the WAN attempt to access to your public IP of the DMZ PC specified If you have disabled the NAT option in the Interface Setup Internet section the Virtual Server function will hence be invalid If the DHCP ser...

Страница 101: ...y and go to Configuration Advanced Setup NAT Virtual Server FTP server uses TCP protocol with port 21 Enter 21 to Start and End Port Number M100 will accept port 21 requests from WAN side Eneter the static IP assiged to the local PC that is hosting the FTP server Ex 192 168 1 110 Enter 21 to Local Start and End Port number M100 will forward port 21 request from WAN to the specific LAN PC ex 192 16...

Страница 102: ...merical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide An often used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human friendly computer hostnames into IP addresses For example the domain name www example com can be translated into the addresses 192 0 32 10 IPv4 IP...

Страница 103: ...ol SNTP to get the current time from an SNTP server from the Internet Rule Index The rule index 0 15 for identifying each timeslot Rule Name User defined identification for each time period Day of Week Mon to Sun Specify the time interval for each timeslot from Day of Week Start Time The starting point of the interval for the timeslot anytime in 00 00 24 00 End Time The ending point of the interva...

Страница 104: ...word Enter the password of your email account Sender s Email Enter your email address SSL TLS Check to whether to enable SSL encryption feature Port the port default is 25 Account Test Press this button to test the connectivity and feasibility to your sender s e mail WAN IP Change Alert Recipient s Email Enter the email address that will receive the alert message once a WAN IP change has been dete...

Страница 105: ...ic communication infrastructures such as the Internet VPNs provide security through tunneling protocols and security procedures such as encryption For example a VPN could be used to securely connect the branch offices of an organization to a head office network through the public Internet M100 supports IPSec PPTP L2TP GRE OpenVPN for enterprise users ...

Страница 106: ...tween agents at the beginning of the session and negotiation of cryptographic keys to be used during the session IPSec is an end to end security scheme operating in the Internet Layer of the Internet Protocol Suite It can be used in protecting data flows between a pair of security gateways network to network or between a security gateway and a host network to host Note up to 16 IPSec tunnels can b...

Страница 107: ...ablishing a VPN tunnel Local Access Range Set the IP address or subnet of the local network Single IP The IP address of the local host for establishing an IPSec connection between a security gateway and a host network to host Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network Remote Access Range Set the IP address or subne...

Страница 108: ... are IP addresses IPv4 and IPv6 supported Encryption Algorithm Select the encryption algorithm from the drop down menu There are several options DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency DES Stands for Data Encryption Standard it uses 56 bits as an encryption method 3DES Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method A...

Страница 109: ...el i e over the Internet MODP stands for Modular Exponentiation Groups IPSec SA Lifetime SA Lifetime Specify the number of minutes that a Security Association SA will stay active before new encryption and authentication key will be exchanged There are two kinds of SAs IKE and IPSec IKE negotiates and establishes SA on behalf of IPSec an IKE SA is used by IKE Phase 1 IKE To issue an initial connect...

Страница 110: ...om 0 to 3600 second 0 second disables the function Ping to the IP Interval sec Ping to the IP Action 0 0 0 0 0 No 0 0 0 0 2000 No xxx xxx xxx xxx A valid IP Address 0 No xxx xxx xxx xxx A valid IP Address 2000 Yes activate it in every 2000 second Disconnection Time after No Traffic It is the NO Response time clock When no traffic stage time is beyond the Disconnection time set Router will automati...

Страница 111: ...107 Examples How to establish an IPSec Tunnel 1 LAN to LAN connection Two VPN router want to setup a secure IPSec VPN tunnel Note The IPSec Settings shall be consistent between the two routers ...

Страница 112: ...8 1 0 Local Netwrok Netmask 255 255 255 0 Remote Access Range Subnet Branch office network Remote Netwrok IP Address 192 168 0 0 Remote Netwrok Netmask 255 255 255 0 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal ESP Phase 2 Authentication SHA1 Phase 2 Encrypt...

Страница 113: ...68 0 0 Local Netwrok Netmask 255 255 255 0 Remote Access Range Subnet Branch office network Remote Netwrok IP Address 192 168 1 0 Remote Netwrok Netmask 255 255 255 0 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal ESP Phase 2 Authentication SHA1 Phase 2 Encryp...

Страница 114: ...110 2 Host to LAN Router servers as VPN server and host should install the IPSec client to connect to head office through IPSec VPN ...

Страница 115: ...192 168 1 0 Local Netwrok Netmask 255 255 255 0 Remote Access Range Signal IP Host Remote Netwrok IP Address 69 121 1 30 Remote Netwrok Netmask 255 255 255 255 IPSec Proposal IKE Mode Main Security Plan Pre Shared Key 1234567890 Phase 1 Encryption AES 128 Phase 1 Authentication SHA1 Phase 1 Diffie Hellman Group MODP 1024 group2 Phase 2 Proposal ESP Phase 2 Authentication SHA1 Phase 2 Encryption 3D...

Страница 116: ...ap Chap or MS CHAPv2 Encryption When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client When passed the authentication with MS CHAPv2 the MPPE encryption is supported Encryption Ley Length Encryption Mode CPC MS DNS Directly set the IP of DNS server or...

Страница 117: ... Dial in User Specify the private IP address to be assigned to dialin clients and the IP should be in the same subnet as local LAN but not occupied Remote Network IP Address Please input the subnet IP for remote network Remote Network Netmask Please input the Netmask for remote network Click Save button to save your changes ...

Страница 118: ...AP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client When passed the authentication with MS CHAPv2 the MPPE encryption is supported Encryption Ley Length Encryption Mode CPC Username Please input the username for this account Password Please input the password for this account Connection Type Select Remot...

Страница 119: ...stablishes a PPTP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch offices accordingly Note Both office LAN networks must be in different subnets with the LAN LAN application ...

Страница 120: ...iption Connection Name HS LL Give a name of PPTP conneciton Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Conneciton Type LAN to LAN LAN to LAN for dial in Assigned IP 192 168 1 2 An IP assigned to the dial in client Remote Network IP 129 168 0 0 Remote access network Remote Network Netmask 255 255 ...

Страница 121: ... Name BC LL Give a name of PPTP conneciton Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Conneciton Type LAN to LAN LAN to LAN for dial in Server IP 69 121 1 33 Dialed server IP Remote Network IP 129 168 1 0 Remote access network Remote Network Netmask 255 255 255 0 ...

Страница 122: ... Remote Access Dial in connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft s VPN Adapter The router is installed in the head office connected to a couple of PCs and Servers ...

Страница 123: ...used in the office LAN Item Description Connection Name HS RA Give a name of L2TP conneciton Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Conneciton Type Remote Access Remote access for dial in Assigned IP 192 168 1 2 An IP assigned to the dial in client ...

Страница 124: ...P Remote Access Dial out connection A company s office establishes a PPTP VPN connection with a file server located at a separate location The router is installed in the office connected to a couple of PCs and Servers ...

Страница 125: ...in head office Item Description Connection Name HC RA Give a name of PPTP conneciton Authentication Type MPPE 128bit Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Conneciton Type Remote Access Remote access for dial out Server IP 61 121 1 33 Dialed server IP ...

Страница 126: ...nel Conneciton Mode Connection Mode Select Dial In to operate as a L2TP server Authentication Type Default is Chap Pap CHAP Challenge Handshake Authentication Protocol PAP Password Authentication Protocol if you want the router to determine the authentication type to use or else manually specify PAP if you know which type the server is using when acting as a client or else the authentication type ...

Страница 127: ...t the username for this account Password Please input the password for this account Conneciton Type Connection Type Remote Access for single user Connection Type If LAN to LAN is selected enter the peer network information such as network address and netmask Tunel Authentication and Active as Default Router Tunnel Authentication This enables router to authenticate both the L2TP remote and L2TP hos...

Страница 128: ...Select Main or Aggressive mode IKE Local ID Type and Remote ID Type When the mode of IKE is aggressive Local and Remote peers can be identified by other IDs IKE Pre Shared Key This is for the Internet Key Exchange IKE protocol a string from 4 to 128 characters Both sides should use the same key IKE is used to establish a shared security policy and authenticated keys for services such as IPSec that...

Страница 129: ...establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the LAN LAN application ...

Страница 130: ...e HS LL Give a name of L2TP conneciton Connection Mode Dial in Operate as L2TP server Authentication Type Chap Pap Authentication type Username Test Dial in authenticate user name Passwrod Test Dial in authenticate user password Assigned IP 192 168 1 200 An IP assigned to the dial in client Conneciton Type LAN to LAN LAN to LAN for dial in Remote Network IP 129 168 0 0 Remote access network Remote...

Страница 131: ...e of L2TP conneciton Connection Mode Dial out Operate as L2TP client Server IP 69 121 1 33 Dialed server IP Authentication Type Chap Pap Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Conneciton Type LAN to LAN LAN to LAN for dial out Remote Network IP 129 168 1 0 Remote access network Remote Network Netmask 255 255 255 0 ...

Страница 132: ... Remote Access Dial in connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft s VPN Adapter The router is installed in the head office connected to a couple of PCs and Servers ...

Страница 133: ...tem Description Connection Name HS RA Give a name of L2TP conneciton Connection Mode Dial in Operate as L2TP server Authentication Type Chap Pap Authentication type Username test Dial in authenticate user name Passwrod test Dial in authenticate user password Assigned IP 192 168 1 200 An IP assigned to the dial in client Conneciton Type Remote Access Remote access for dial in ...

Страница 134: ...P Remote Access Dial out connection A company s office establishes a L2TP VPN connection with a file server located at a separate location The router is installed in the office connected to a couple of PCs and Servers ...

Страница 135: ...L2TP conneciton Connection Mode Dial out Operate as L2TP client Server IP 61 121 1 33 Dialed server IP Authentication Type Chap Pap Authentication type Username test Dial out authenticate user name Passwrod test Dial out authenticate user password Conneciton Type Remote Access Remote access for dial out ...

Страница 136: ...e tunnel Tunnel Network Netmask Please set the netmask for the local tunnel Tunnel Remote IP Address Set the peer IP address of the tunnel It is a virtual interface for the tunnel Remote Network IP Address Please set the subnet IP for remote network Remote Network Netmask Please set the Netmask for remote network Enable Keepalive Normally the tunnel interface is always up Enable keepalive to deter...

Страница 137: ...SA Select Main or Aggressive mode IKE Local ID Type and Remote ID Type When the mode of IKE is aggressive Local and Remote peers can be identified by other IDs IKE Pre Shared Key This is for the Internet Key Exchange IKE protocol a string from 4 to 128 characters Both sides should use the same key IKE is used to establish a shared security policy and authenticated keys for services such as IPSec t...

Страница 138: ...ablishes a GRE VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the GRE VPN connection ...

Страница 139: ...21 1 30 Authentication type Tunnel Local IP Address Virtual Interface 192 168 100 11 The local virtual interface IP address for the tunnel Tunnel Remote IP Address Virtual Interface 192 168 100 10 The remote virtual interface IP address for the tunnel Tunnel Network Netmask Virtual Interface 255 255 255 0 The network netmask for tunnel virtual interface Remote Network IP Netmask 192 168 0 0 255 25...

Страница 140: ...21 1 3 Authentication type Tunnel Local IP Address Virtual Interface 192 168 100 10 The local virtual interface IP address for the tunnel Tunnel Remote IP Address Virtual Interface 192 168 100 11 The remote virtual interface IP address for the tunnel Tunnel Network Netmask Virtual Interface 255 255 255 0 The network netmask for tunnel virtual interface Remote Network IP Netmask 192 168 1 0 255 255...

Страница 141: ...ed being the most robust and feature rich It uses the OpenSSL encryption library extensively allowing OpenVPN to use all the ciphers available in the OpenSSL package as well as the SSLv3 TLSv1 protocol and contains many security and control features It has integrated with OpenVPN package allowing users to run OpenVPN in server or client mode from their network routers OpenVPN Server Set the basic ...

Страница 142: ...package to encrypt both the data and channels Select the encryption method Hash To establish the integrity of the datagram and ensures it is not tampered with in transmission There are options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA256 SHA1 is more resistant to brute force attacks than MD5 However it is slower Compression Choose adaptive to use the LZO compression library to compre...

Страница 143: ... under this circumstance all outgoing packets will be forwarded to this tunnel and routed to the next hop Remote Subnet IP Address Set the network address of the remote peer Netmask Set the subnet mask of the remote peer Protocol OpenVPN can run over User Datagram Protocol UDP or Transmission Control Protocol TCP transports Select the protocol Local Certificate Index Select the local certificate P...

Страница 144: ...resistant to brute force attacks than MD5 However it is slower Keepalive Enable to allow the router to check the connectivity to the peer every 10 seconds can be changed based on need by sending ping package to keep the OpenVPN tunnel active Interval This period between Pings is set to monitor the connection status Default interval setting is 10 seconds Time interval can be set from 0 to 3600 seco...

Страница 145: ...stablishes a OpenVPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the OpenVPN connection ...

Страница 146: ...ated in branch office The OpenVPN tunnel netwrok virtual interface is 192 168 100 0 24 Item Description Connection Name HS LL Give a name of GRE conneciton Tunnel Network Virtual Interface 192 168 100 0 255 255 255 0 The network for tunnel virtual interface Local Access Range 192 168 0 0 255 255 255 0 The local network ...

Страница 147: ...ss 69 1 121 3 is the Public IP address of the router located in head office Item Description Connection Name BC LL Give a name of GRE conneciton Server IP Address 69 121 1 3 The IP address of OpenVPN server Remote Subnet 192 168 0 0 255 255 255 0 The remote network ...

Страница 148: ...nt equipments the users with the ability of maintaining the access management including Device Management SNMP Remote System Log Universal Plug Play Dynamic DNS Access Control Packet Filter CWMP TR 069 Parental Control and SAMBA FTP Server ...

Страница 149: ...145 Device Management Device management offers users a way to change the embedded web server accessing port default 80 User can change the http port to 8080 or something else here ...

Страница 150: ...management station Trap Manager IP Enter the IP of the server receiving the trap message when some exception occurs sent by this SNMP agent SNMPv3 Enable to activate the SNMPv3 Username Enter the name allowed to access the SNMP agent Access Permissions Set the access permissions for the user RO read only and RW read and writer Authentication Protocol Select the authentication protocol MD5 and SHA ...

Страница 151: ...strator can set up a remote system log server for receiving and monitoring the system information by enabling remote system log feature on the router Remote System Log Select whether to activate Remote System Log Server IP Address Enter the remote syslog server IP address Server UDP Port Enter the UDP port of the remote syslog server ...

Страница 152: ... natively support UPnP when the component is installed and Windows 98 users may install the Internet Connection Sharing client from Windows XP in order to support UPnP Windows 2000 does not support UPnP UPnP Select this checkbox to activate UPnP Be aware that anyone could use a UPnP application to open the web configuration s login screen without entering the M100 IP address Auto configured Select...

Страница 153: ... interfaces with different DNS es But note that first users have to go to the Dynamic DNS registration service provider to register an account Dynamic DNS Select this check box to activate Dynamic DNS Service Provider Select from drop down menu for the appropriate service provider for example www dyndns org My Host Name Type the domain name assigned to your router by your Dynamic DNS provider User...

Страница 154: ...ount Note First users have to go to the Dynamic DNS registration service provider to register an account User test1 register a Dynamic Domain Names in DDNS provider http www dyndns org DDNS www hometest com using username password test test ...

Страница 155: ...elow The maximum number of entries is 16 Access Control Select whether to make Access Control function available Rule Index This is item number Active Select to activate the rule Secure IP Address The default 0 0 0 0 allows any client to use this service to manage the gateway Type an IP address range to restrict access to the client s without a matching IP address Application Choose a service that...

Страница 156: ...s Default Rule 1 Index 0 a rule to allow only clients from LAN to have access to all embedded applications Web FTP etc Under this situation clients from WAN cannot access the router even from Ping Default Rule 2 Index 1 an ACL rule to open Ping to WAN side ...

Страница 157: ...rule Action This is how to deal with the packets matching the rule Allow please select White List or block selecting Black List Interface Select to determine which interface the rule will be applied to Direction Select to determine whether the rule applies to outgoing packets incoming packets or packets of both directions Type Choose type of field you want to specify to monitor Select IPv4 for IPv...

Страница 158: ...tocol Specify the packet type TCP UDP ICMP and ICMPv6 that the rule applies to IP MAC Filter List Index Item number Active Whether the connection is currently active Interface show the interface the rule applied to Direction show the direction the rule applied to Source IP IPv6 Address Mask Prefix The source IP address or range of packets to be monitored Destination IP IPv6 Address Mask Prefix Thi...

Страница 159: ...for example you want to prohibit access to www yahoo com please first press Activated in URL Filter field and also Yes in Individual Active field if some time you want to allow access to this URL you simply select No in individual active field In a word the command serves as a switch to the access of some specific URL with the filter on URL Host Specified URL which is prohibited from accessing ...

Страница 160: ...tion of this equipment became more complicated too complicated for end users For this reason TR 069 was developed It provides the possibility of auto configuration of the access types Using TR 069 the terminals can get in contact with the Auto Configuration Servers ACS and establish the configuration automatically and let ACS configure CPE automatically CWMP Select activated to enable CWMP TR 069 ...

Страница 161: ...l s Specify the inform interval time sec which CPE used to periodically send inform message to automatically connect to ACS When the inform interval time arrives the CPE will send inform message to automatically connect to ACS ...

Страница 162: ...r users Please get an account and configure at the selected Provider www opendns com in advance If activated the Parental Control has the top priority as DNS when accessing internet Host Name Username and Password Enter your registered domain name and your username and password at the provider website www opendns com ...

Страница 163: ... Server Activated to enable FTP sharing FTP Server Port Set the working port Well known one is 21 User can change it SAMBA FTP login account Default user admin admin it is the administrative user and a super user it has the full authority of SAMBA FTP access and operation permission of objects in SAMBA and FTP server New user users can create new user s to grant it them access and permission to th...

Страница 164: ... with the ability of maintaining the device as well as examining the connectivity of the WAN connections including User Management Certificate Management Time Zone Firmware Configuration System Restart Auto Reboot Diagnostic Tool and Ignition Sensing ...

Страница 165: ...orized to web access of router Samba access and FTP access user user is equipment with limited access specified by advanced users with admin account to router web and FTP SAMBA A total of 6 other accounts can be created to grant access to the access of Samba and FTP and web page need to be specified Note Please go to SAMBA FTP Server to re activate FTP and SAMBA server to enable the changes to the...

Страница 166: ...account Confirmed Password Re enter the new password again you must enter the password exactly the same as in the previous field FTP Authority Setup FTP Access Enable to grant the user access to the FTP server Permission Set the operation permission for the user Read Write or Read SAMBA Authority SAMBA Access Enable to grant the user access to the SAMBA server Permission Set the operation permissi...

Страница 167: ...FTP Access Enable to grant the user access to the FTP server Permission Set the operation permission for the user Read Write or Read SAMBA Authority SAMBA Access Enable to grant the user access to the SAMBA server Permission Set the operation permission for the user Read Write or Read Web GUI Permission Guest Account A pre set guest account setting granted with Interface Setup Advanced Setup Acces...

Страница 168: ...s to Advanced Setup with this account Access Management Enable to allowing access to Access Management with this account Maintenance Enable to allowing access to Maintenance with this account When customers use the user account to login to the router they are offered with only configuration items set in Web GUI Permission ...

Страница 169: ... if PKCS is disabled Enable PKCS12 to put Certificate Private Key in the same file like p12 pfx Certificate File Browse to locate the target certificate file on PC before uploading it Private Key File Browse to locate the target file on PC before uploading it If PKCS enabled please ignore this setting Password Enter the password if any which is used to protect the private key Otherwise leave it em...

Страница 170: ...166 CA Certificate File Browse to locate the target CA certificate file on PC before uploading it Click Apply to save the settings ...

Страница 171: ...to use Current Date Time To show the current time based on the time synchronization mechanism users choose below Synchronize time with Select the methods to synchronize the time NTP Server automatically To synchronize time with the NTP server PC s Clock To synchronize time with the PC s clock Manually Select this user need to set the time yourself manually Time Zone Choose the time zone of your lo...

Страница 172: ...ettings Restart the device with the current settings automatically when finishing upgrading Factory Default Settings Restart the device with factory default settings automatically when finishing upgrading File Type in the location of the file you want to upload in this field or click Choose File to find it Choose File Click Choose File to find the configuration file or firmware file you want to up...

Страница 173: ...169 DO NOT turn off power off the device or interrupt the firmware upgrading while it is still in process Improper operation could damage your Industrial LTE Router ...

Страница 174: ...lt settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to restore to factory default settings You may also restore your router to factory settings by holding the small Reset pinhole button on the back of your router in about more than 6s seconds whilst the router is turned on ...

Страница 175: ...he current configuration of router for users in line with scheduled timetable settings Enable to set the time schedule for rebooting For example the router is scheduled to reboot at 22 00 every single weekday and to reboot at 9 00 on Saturday and Sunday You can set as follows ...

Страница 176: ... Tool The Diagnostic Test page shows the test results for the connectivity of the physical layer and protocol layer for both LAN and WAN sides 4G LTE Click Start to begin to diagnose the connection EWAN WirelessClient ...

Страница 177: ...example set your router to remain on for an hour after the vehicle is turned off and then shut off When the vehicle is turned on again the router will also turn back on Ignition Sensing Interval Time Set the timeout period of the desired number of seconds this is how long the router will remain on after the vehicle is turned off If the vehicle is turned back on before the timeout is reached no act...

Страница 178: ... technical support You have forgotten your login username or password Try the default username admin and password admin If this fails you can restore your router to its factory settings by pressing the reset button on the device rear side Problem with LAN Interface Problem Suggested Action Cannot PING any PC on LAN Check the Ethernet LEDs on the front panel The LED should be on for the port that h...

Страница 179: ... reset button and power on the router once the Power flashes Red and Green keeping press reset button over 6 seconds 3 Internet LED flashes Green and Red router entering recovery procedure and router s IP will reset to Emergency IP address Say 192 168 1 1 4 Open browser and access http 192 168 1 1 to upload the firmware 5 Internet LED lit Red and router starts to write firmware into flash Please D...

Страница 180: ...y problems please contact the dealer from where you have purchased the product Contact Billion WORLDWIDE http www billion com MAC OS is a registered Trademark of Apple Computer Inc Windows XP Vista 7 8 8 1 10 are registered Trademarks of Microsoft Corporation ...

Страница 181: ...quipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference...

Отзывы:

Нет отзывов

Похожие инструкции для M500

Бренд: Magnadyne Страницы: 13

Бренд: Vivotek Страницы: 136

SteelCentral NetExpress

Бренд: Riverbed Страницы: 38

Бренд: XMOS Страницы: 6

PoleVault System A/V Source Inputs

Бренд: Extron electronics Страницы: 4

Бренд: Ubiquiti Страницы: 20

Бренд: AMG Systems Страницы: 2

Бренд: SAGEMCOM Страницы: 75

TD-3316B4-16P-A1

Бренд: TVT Digital Страницы: 2

Бренд: Idis Страницы: 20

UniFi LED ULED-AT

Бренд: Ubiquiti Страницы: 16

Бренд: NBase Страницы: 18

Бренд: Gearlinx Страницы: 23

Бренд: Cradlepoint Страницы: 2

Бренд: QNAP Страницы: 68

Бренд: Vivotek Страницы: 185

3GStation Professional

Бренд: Ubiquiti Страницы: 24

Бренд: Tripp Lite Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды