Pepwave HD2 mini Скачать руководство пользователя страница 99

Страница: 99 / 188

Pepwave MAX and Surf User Manual

http://www.pepwave.com

field is typically a U-FQDN.

Remote ID

Main Mode

, this field can be left blank. In

Aggressive Mode

, if

Remote Gateway IP

Address

is filled on this end and the peer end, this field can be left blank. Otherwise, this

field is typically a U-FQDN.

Phase 1 (IKE)

Proposal

Main Mode

, this allows setting up to six encryption standards, in descending order of

priority, to be used in initial connection key negotiations. In

Aggressive Mode

, only one

selection is permitted.

Phase 1 DH

Group

This is the Diffie-Hellman group used within IKE. This allows two parties to establish a
shared secret over an insecure communications channel. The larger the group number,
the higher the security.

Group 2

1024-bit

is the default value.

Group 5

1536-bit

is the alternative option.

Phase 1 SA

Lifetime

This setting specifies the lifetime limit of this Phase 1 Security Association. By default, it is
set at

3600

seconds.

Phase 2 (ESP)

Proposal

Main Mode

, this allows setting up to six encryption standards, in descending order of

priority, to be used for the IP data that is being transferred. In

Aggressive Mode

, only

one selection is permitted.

Phase 2 PFS

Group

Perfect forward secrecy (PFS) ensures that if a key was compromised, the attacker will be
able to access only the data protected by that key.

None

- Do not request for PFS when initiating connection. However, since there is no

valid reason to refuse PFS, the system will allow the connection to use PFS if requested
by the remote peer. This is the default value.

Group 2

: 1024-bit Diffie-Hellman group. The larger the group number, the higher the

security.

Group 5

1536-bit

is the third option.

Phase 2 SA

Lifetime

This setting specifies the lifetime limit of this Phase 2 Security Association. By default, it is
set at

28800

seconds.

WAN Connection Priority

WAN Connection

Select the appropriate WAN connection from the drop-down menu.

Содержание HD2 mini

Страница 1: ...ave Ltd Other brands or products mentioned may be trademarks or registered trademarks of their respective owners Pepwave MAX and Surf User Manual Pepwave Products MAX 700 HD2 HD2 IP67 HD2 mini HD4 Transit Hotspot BR1 BR1 Mini BR1 Slim BR1 ENT BR1 Pro LTE BR1 IP55 BR2 IP55 On The Go MAX HD2 HD4 with MediaFast Device Connector Surf SOHO Pepwave Firmware 6 3 September 2016 ...

Страница 2: ... 9 MAX BR1 MINI 24 4 10 MAX BR1 SLIM 25 4 11 MAX BR1 ENT 27 4 12 MAX BR1 PRO LTE 28 4 13 MAX BR1 2 IP55 29 4 14 MAX ON THE GO 31 4 15 SURF SOHO 32 5 ADVANCED FEATURE SUMMARY 33 5 1 DROP IN MODE AND LAN BYPASS TRANSPARENT DEPLOYMENT 33 5 2 QOS CLEARER VOIP 33 5 3 PER USER BANDWIDTH CONTROL 34 5 4 HIGH AVAILABILITY VIA VRRP 34 5 5 USB MODEM AND ANDROID TETHERING 35 5 6 BUILT IN REMOTE USER VPN SUPPO...

Страница 3: ...83 12 1 SETTING UP MEDIAFAST CONTENT CACHING 83 12 2 SCHEDULING CONTENT PREFETCHING 84 12 3 VIEWING MEDIAFAST STATISTICS 85 13 BANDWIDTH BONDING SPEEDFUSIONTM PEPVPN 87 13 1 PEPVPN 88 13 2 THE PEPWAVE ROUTER BEHIND A NAT ROUTER 94 13 3 SPEEDFUSIONTM STATUS 95 14 IPSEC VPN 96 14 1 IPSEC VPN SETTINGS 96 15 OUTBOUND POLICY MANAGEMENT 100 15 1 OUTBOUND POLICY 100 15 2 CUSTOM RULES FOR OUTBOUND POLICY ...

Страница 4: ...STEM SETTINGS 146 21 1 ADMIN SECURITY 146 21 2 FIRMWARE 151 21 3 TIME 152 21 4 SCHEDULE 152 21 5 EMAIL NOTIFICATION 153 21 6 EVENT LOG 155 21 7 SNMP 157 21 8 INCONTROL 159 21 9 CONFIGURATION 159 21 10 FEATURE ADD ONS 161 21 11 REBOOT 161 21 12 PING 162 21 13 TRACEROUTE TEST 163 21 14 PEPVPN TEST 163 21 15 WAKE ON LAN 164 21 16 CLI COMMAND LINE INTERFACE SUPPORT 164 22 STATUS 165 22 1 DEVICE 165 22...

Страница 6: ...ternet The MAX wireless SD WAN router series has a wide range of products suitable for many different deployments and markets Entry level SD WAN models such as the MAX BR1 are suitable for SMEs or branch offices High capacity SD WAN routers such as the MAX HD2 are suitable for larger organizations and head offices This manual covers setting up Pepwave routers and provides an introduction to their ...

Страница 7: ...igh Speed Downlink Packet Access HTTP Hyper Text Transfer Protocol ICMP Internet Control Message Protocol IP Internet Protocol LAN Local Area Network MAC Address Media Access Control Address MTU Maximum Transmission Unit MSS Maximum Segment Size NAT Network Address Translation PPPoE Point to Point Protocol over Ethernet QoS Quality of Service SNMP Simple Network Management Protocol TCP Transmissio...

Страница 8: ...reliability larger bandwidth and increased wireless coverage are comparing to use only one 4G LTE modem Below is a list of supported features on Pepwave routers Features vary by model For more information please see peplink com products 3 1 Supported Network Features 3 1 1 WAN Ethernet WAN connection in full half duplex Static IP support for PPPoE Built in HSPA and EVDO cellular modems USB mobile ...

Страница 9: ...h 3 1 4 Firewall Outbound LAN to WAN firewall rules Inbound WAN to LAN firewall rules per WAN connection Intrusion detection and prevention Specification of NAT mappings Outbound firewall rules can be defined by destination domain name 3 1 5 Captive Portal Splash screen of open networks login page for secure networks Customizable built in captive portal Supports linking to outside page for captive...

Страница 10: ...erface Configurable web administration port and administrator password Firmware upgrades configuration backups ping and traceroute via web admin interface Remote web based configuration via WAN and LAN interfaces Time server synchronization SNMP Email notification Read only user for web admin Shared IP drop in mode Authentication and accounting by RADIUS server for web admin Built in WINS servers ...

Страница 12: ...ndicators Wi Fi WAN OFF Disconnected Blinking slowly Connecting to network Blinking Connected to network with traffic ON Connected to network without traffic Wi Fi AP OFF Disabled Blinking slowly Enabled but no client connected Blinking Connected to network with traffic ON Client s connected to wireless network LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is tr...

Страница 14: ... up error Green Ready Wi Fi AP and Wi Fi WAN Indicators Wi Fi WAN Cellular 1 Cellular 2 OFF Disabled Intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred o...

Страница 15: ...wave com 15 Copyright 2016 Pepwave 4 3 MAX HD2 IP67 4 3 1 Panel Appearance The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready ...

Страница 17: ...g red Boot up error Green Ready Cellular WAN Indicators Cellular 1 Cellular 2 OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is ...

Страница 18: ...usy Blinking red Boot up error Green Ready Cellular WAN Indicators Cellular 1 Cellular 2 OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic For MAX TST_DUO LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is be...

Страница 19: ...l Appearance 4 6 2 LED Indications LED Indicators Status RED Access point initializing GREEN Access point ready LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports ...

Страница 20: ...ting up or busy Blinking red Boot up error Green Ready Wi Fi AP and Wi Fi WAN Indicators Wi Fi WAN Cellular 1 Cellular 2 OFF Disabled Intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic LAN and Ethernet WAN Ports Green LED ON 10 100 1000 Mbps Orange LED Blinking Data is transferring O...

Страница 22: ...ted by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Wi Fi Indicators Wi Fi OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic ...

Страница 23: ...ndicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports ...

Страница 24: ...Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Wi Fi Indicators Wi Fi OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected ...

Страница 25: ... Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Wi Fi Indicators Wi Fi OFF Disabled intermittent Blinking slowly Connecting to wireless network s Blinking Connected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected...

Страница 26: ... www pepwave com 26 Copyright 2016 Pepwave LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports ...

Страница 27: ...tus Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MD...

Страница 28: ...tatus Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI ...

Страница 29: ...opyright 2016 Pepwave 4 13 MAX BR1 2 IP55 4 13 1 Panel Appearance 4 13 2 LED Indicators The statuses indicated by the front panel LEDs are as follows Status Indicators Status OFF System initializing Red Booting up or busy Blinking red Boot up error Green Ready ...

Страница 30: ...ected to wireless network s with traffic ON Connected to wireless network s without traffic Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network s LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring OFF Port is not connected Port Type Auto MDI MDI X ports ...

Страница 31: ...ar Indicators WAN OFF Modem is not attached to the port Green Modem is attached to the port Wi Fi Indicators Wi Fi OFF Disconnected from AP Green Connected to AP Status Indicators Status OFF System initializing Red Booting up or busy Green Ready LAN and Ethernet WAN Ports Green LED ON 100 Mbps OFF 10 Mbps Orange LED ON Port is connected without traffic Blinking Data is transferring Port Type Auto ...

Страница 32: ...nabled but no client connected ON Client s connected to wireless network Continuous blinking Transferring data to wireless network Status OFF System initializing Red Booting up or busy Green Ready state LAN and Ethernet WAN Ports Green LED ON 100 1000 Mbps Orange LED Blinking Data is transferring OFF No data is being transferred or port is not connected Port type Auto MDI MDI X ports Wi Fi Signal ...

Страница 33: ...an conveniently install your Peplink router without making any changes to your network And if the Peplink router loses power for any reason LAN Bypass will safely and automatically bypass the Peplink router to resume your original network connection Compatible with MAX 700 MAX HD2 All variants HD4 All Variants 5 2 QoS Clearer VoIP VoIP and videoconferencing are highly sensitive to latency With QoS...

Страница 34: ...ion Define groups by IP address and subnet and set bandwidth limits for every user in the group 5 4 High Availability via VRRP When your organization has a corporate requirement demanding the highest availability with no single point of failure you can deploy two Peplink routers in High Availability mode With High Availability mode the second device will take over when needed Compatible with MAX 7...

Страница 35: ... types You can also tether to smartphones running Android 4 1 X and above Compatible with MAX 700 HD2 all variants except IP67 HD4 All variants 5 6 Built In Remote User VPN Support Use L2TP with IPsec to safely and conveniently connect remote clients to your private network L2TP with IPsec is supported by most devices but legacy devices can also connect using PPTP Click here for full instructions ...

Страница 36: ...wave com 36 Copyright 2016 Pepwave 5 7 SIM card USSD support Cellular enabled routers can now use USSD to check their SIM card s balance process pre paid cards and configure carrier specific services Click here for full instructions on using USSD ...

Страница 37: ...ss information Depending on network connection type s one or more of the following Ethernet WAN A 10 100 1000BaseT UTP cable with RJ45 connector USB A USB modem Embedded modem A SIM card for GSM HSPA service Wi Fi WAN Wi Fi antennas PC Card Express Card WAN A PC Card ExpressCard for the corresponding card slot A computer installed with the TCP IP network protocol and a supported web browser Suppor...

Страница 38: ...ave router Repeat with different cables for up to 4 computers to be connected 2 With another Ethernet cable or a USB modem Wi Fi antenna PC Card Express Card connect to one of the WAN ports on the Pepwave router Repeat the same procedure for other WAN ports 3 Connect the power adapter to the power connector on the rear panel of the Pepwave router and then plug it into a power outlet The following ...

Страница 39: ...e Internet via WAN connections please refer to the following setup procedures LAN configuration For basic configuration refer to Section 8 Connecting to the Web Admin Interface For advanced configuration go to Section 9 Configuring the LAN Interface s WAN configuration For basic configuration refer to Section 8 Connecting to the Web Admin Interface For advanced configuration go to Section 9 2 Capt...

Страница 40: ...ow Recommeneded screw specification M3 5 x 20mm head diameter 6mm head thickness 2 4mm The Pepwave MAX BR1 requires four screws for wall mounting 7 2 Car Mount The Pepwave MAX700 HD2 can be mounted in a vehicle using the included mounting brackets Place the mounting brackets by the two sides and screw them onto the device 7 3 IP67 Installation Guide Installation instructions for IP67 devices can b...

Страница 41: ...his is the default LAN IP address for Pepwave routers 3 Enter the following to access the web admin interface Username admin Password admin This is the default username and password for Pepwave routers The admin and read only user passwords can be changed at System Admin Security 4 After successful login the Dashboard will be displayed The Dashboard shows current WAN LAN and Wi Fi AP statuses Here...

Страница 42: ...he device including model name firmware version and uptime For further information please refer to Section 22 Important Note Configuration changes e g WAN LAN admin settings etc will take effect only after clicking the Save button at the bottom of each page The Apply Changes button causes the changes to be saved and applied ...

Страница 43: ...used in other settings and cannot be deleted You can find which settings are using the VLAN by hovering over the grey X Alternatively a red X means that there are no settings using the VLAN You can delete that VLAN by clicking the red X Clicking any of the existing LAN interfaces or creating a new one will result in the following IP Settings IP Address The IP address and subnet mask of the Pepwave...

Страница 45: ...dressA Access to this IP address will be passed through to the LAN port if this device is not serving the service being accessed The shared IP address will be used in connecting to hosts on the WAN email notification remote syslog etc The device will also listen on the IP address when hosts on the WAN access services served on this device web admin access from the WAN DNS server etc WAN Default Ga...

Страница 46: ...the DNS server addresses to be offered to DHCP clients If Assign DNS server automatically is selected the Pepwave router s built in DNS server address i e LAN IP address will be offered WINS Server This option allows you to optionally specify a Windows Internet Name Service WINS server You may choose to use the built in WINS server or external WINS servers When this unit is connected using SpeedFu...

Страница 47: ...tatus Client List For more details please refer to Section 22 3 LAN Physical Settings Speed This is the port speed of the LAN interface It should be set to the same speed as the connected device to avoid port negotiation problems When a static speed is set you may choose whether to advertise its speed to the peer device Auto is selected by default You can choose not to advertise the port speed if ...

Страница 48: ...AN This could increase the DNS service s availability This setting is disabled by default Local DNS Records This table is for defining custom local DNS records A static local DNS record consists of a host name and IP address When looking up the host name from the LAN to LAN IP of the Pepwave router the corresponding IP address will be returned Press to create a new record Press to remove a record ...

Страница 49: ...LAN configuration is complete click Save to store your changes Bonjour Forwarding Settings Enable Check this box to turn on Bonjour forwarding Bonjour Service Choose Service and Client networks from the drop down menus and then click to add the networks To delete an existing Bonjour listing click ...

Страница 50: ...change under the LAN heading The following settings are displayed when creating a new LAN or editing an existing LAN IP Settings IP Address Subnet Mask Enter the Pepwave router s IP address and subnet mask values to be used on the LAN Network Settings Name Enter a name for the LAN VLAN ID Enter a number for your VLAN Inter VLAN routing Check this box to enable routing between virtual LANs Captive ...

Страница 51: ...s LAN IP address in their DHCP WINS Servers setting Therefore all PC clients in the VPN can resolve the NetBIOS names of other clients in remote peers If you have enabled this option a list of WINS clients will be displayed at Status WINS Clients BOOTP Check this box to enable BOOTP on older networks that still require it Extended DHCP Option In addition to standard DHCP options e g DNS server add...

Страница 52: ...ntered here will receive relayed DHCP requests from the LAN For active passive DHCP server configurations enter active and passive DHCP server relay IP addresses in DHCP Server 1 and DHCP Server 2 DHCP Option 82 DCHP Option 82 includes device information as relay agent for the attached client when forwarding DHCP requests from client to server This option also embeds the device s MAC address and n...

Страница 53: ...eld To reset the URL to factory settings click Default Access Mode Click Open Access to allow clients to freely access your router Click User Authentication to force your clients to authenticate before accessing your router RADIUS Server This authenticates your clients through a RADIUS server After selecting this option you will see the following fields Fill in the necessary information to complet...

Страница 54: ...each user that begins after the quota has been reached Allowed Networks To whitelist a network enter the domain name IP address here and click To delete an existing network from the list of allowed networks click the button next to the listing Splash Page Here you can choose between using the Pepwave router s built in captive portal and redirecting clients to a URL you define The Portal Customizat...

Страница 55: ...ring the WAN Interface s WAN Interface settings are located at Network WAN To reorder WAN priority drag on the appropriate WAN by holding the left mouse button move it to the desired priority the first one would be the highest priority the second one would be lower priority and so on and drop it by releasing the mouse button To disable a particular WAN connection drag on the appropriate WAN by hol...

Страница 56: ... possible connection methods for Ethernet WAN DHCP Static IP PPPoE The connection method and details are determined by and can be obtained from the ISP See the following sections for details on each connection method Routing Mode This field shows that NAT network address translation will be applied to the traffic routed over this WAN connection IP Forwarding is available when you click the link in...

Страница 57: ...his value is referenced as the default weight value when using the algorithm Least Used or the algorithm Persistence Auto in outbound policy with Managed by Custom Rules chosen see Section 15 2 Health Check Method This setting specifies the health check method for the WAN connection The value of method can be configured as Disabled Ping DNS Lookup or HTTP The default method is Disabled See Section...

Страница 58: ... on supported dynamic DNS service providers changeip com dyndns org no ip org tzo com DNS O Matic Select Disabled to disable this feature See Section 9 5 for configuration details Bandwidth Allowance Monitor This option enables bandwidth usage monitoring on this WAN connection for each billing cycle When this setting is not enabled each month s bandwidth usage is tracked but no action will be take...

Страница 59: ...ge the WAN interface s MAC address to the original client PC s MAC address via this field The default MAC address is a unique value assigned at the factory In most cases the default value is sufficient Clicking Default restores the MAC address to the default value VLAN Click the square if you wish to enable VLAN functionality and enable multiple broadcast domains Once you enable VLAN you will be a...

Страница 60: ...v6 address for performing ping traceroute checks and accepting web admin accesses Note This feature is only available on the Pepwave MAX 700 HD2 and HD2 IP67 10 1 1 DHCP Connection There are four possible connection methods 1 DHCP 2 Static IP 3 PPPoE 4 L2TP The DHCP connection method is suitable if the ISP provides an IP address automatically using DHCP e g satellite modem WiMAX modem cable Metro ...

Страница 61: ...nection into the DNS Server 1 and DNS Server 2 fields 10 1 2 Static IP Connection The static IP connection method is suitable if your ISP provides a static IP address to connect directly Static IP Settings Routing Mode NAT allows substituting the real address in a packet with a mapped address that is routable on the destination network By clicking the help icon in this field you can display the IP...

Страница 62: ...s information is obtained from the ISP automatically PPPoE User Name Password Enter the required information in these fields in order to connect via PPPoE to the ISP The parameter values are determined by and can be obtained from the ISP Confirm PPPoE Password Verify your password by entering it again in this field Service Name Optional Service name is provided by the ISP Note Leave this field bla...

Страница 63: ...n order to connect via L2TP to your ISP The parameter values are determined by and can be obtained from your ISP Confirm L2TP Password Verify your password by entering it again in this field Server IP Address Host L2TP server address is a parameter which is provided by your ISP Note Leave this field blank unless it is provided by your ISP Address Type Your ISP will also indicate whether the server...

Страница 64: ...IP67 only Cellular Status IMSI This is the International Mobile Subscriber Identity which uniquely identifies the SIM card This is applicable to 3G modems only MEID Some Pepwave routers support both HSPA and EV DO For Sprint or Verizon Wireless EV DO users a unique MEID identifier code in hexadecimal format is used by the carrier to associate the EV DO device with the user This information is pres...

Страница 65: ... used in routing IP frames via the WAN connection The mode can be either NAT network address translation or IP Forwarding Click the button to enable IP forwarding DNS Servers Each ISP may provide a set of DNS servers for DNS lookups This setting specifies the DNS Domain Name System servers to be used when a DNS lookup is routed through this connection Selecting Obtain DNS server address automatica...

Страница 66: ...e the menu item 3G 2G This drop down menu allows restricting cellular to particular band Click the button to enable the selection of specific bands Authentication Choose from PAP Only or CHAP Only to use those authentication methods exclusively Select Auto to automatically choose an authentication method Data Roaming This checkbox enables data roaming on this particular SIM card Please check your ...

Страница 67: ...t enabled bandwidth usage of each month is still being tracked but no action will be taken Action If email notification is enabled you will be notified by email when usage hits 75 and 95 of the monthly allowance If Disconnect when usage hits 100 of monthly allowance is checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance It will not resume connec...

Страница 68: ...ll be treated as failed Health Check Interval This is the time interval between each health check test Health Check Retries This is the number of consecutive check failures before treating a connection as down Recovery Retries This is the number of responses required after a health check failure before treating a connection as up again Dynamic DNS Settings Dynamic DNS Service Provider This setting...

Страница 69: ...by and Disconnect cold standby MTU This setting specifies the maximum transmission unit By default MTU is set to Custom 1440 You may adjust the MTU value by editing the text field Click Default to restore the default MTU value Select Auto and the appropriate MTU value will be automatically detected The auto detection will run each time the WAN connection establishes Reply to ICMP PING If this sett...

Страница 70: ...d you will be notified by email when usage hits 75 and 95 of the monthly allowance If Disconnect when usage hits 100 of monthly allowance is checked this WAN connection will be disconnected automatically when the usage hits the monthly allowance It will not resume connection unless this option has been turned off or the usage has been reset when a new billing cycle starts Start Day This option all...

Страница 71: ...he connectivity with a configurable target IP address or hostname A WAN connection is considered as up if ping responses are received from either one or both of the ping hosts PING Hosts This setting specifies IP addresses or hostnames with which connectivity is to be tested via ICMP ping If Use first two DNS servers as Ping Hosts is checked the target ping host will be the first DNS server for th...

Страница 72: ...s will be considered as up if DNS responses are received from any one of the health check DNS servers regardless of a positive or negative result By default the first two DNS servers of the WAN connection are used as the health check DNS servers Health Check Method HTTP HTTP connections will be issued to test connectivity with configurable URLs and strings to match URL1 WAN Settings WAN Edit Healt...

Страница 73: ...will be treated as down after three consecutive timeouts Recovery Retries This setting specifies the number of consecutive successful ping DNS lookup responses that must be received before the Peplink Balance treats a previously down WAN connection as up again By default Recover Retries is set to 3 Using the default setting a WAN connection that is treated as down will be considered as up again up...

Страница 74: ... update is performed whenever a WAN s IP address is changed such as when an IP is changed after a DHCP IP refresh or reconnection Due to dynamic DNS service providers policies a dynamic DNS host expires automatically when the host record has not been not updated for a long time Therefore the Peplink Balance performs an update every 23 days even if a WAN s IP address did not change 10 3 1 Creating ...

Страница 75: ...PA WPA2 Enterprise 10 4 WAN Health Check To ensure traffic is routed to healthy WAN connections only the Pepwave router can periodically check the health of each WAN connection The health check settings for each WAN connection can be independently configured via Network WAN Details Health Check Settings Method This setting specifies the health check method for the WAN connection This value can be ...

Страница 76: ...ative Health Check DNS Servers This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS lookup If Use first two DNS servers as Health Check DNS Servers is checked the first two DNS servers will be the DNS lookup targets for checking a connection s health If the box is not checked Host 1 must be filled while a value for Host 2 is optional If Includ...

Страница 77: ...ses that must be received before the Pepwave router treats a previously down WAN connection as up again By default Recover Retries is set to 3 Using the default setting a WAN connection that is treated as down will be considered as up again upon receiving three consecutive successful ping DNS lookup responses Automatic Public DNS Server Check on DNS Test Failure When the health check method is set...

Страница 78: ...ns org no ip org tzo com DNS O Matic Others Support custom Dynamic DNS servers by entering its URL Works with any service compatible with DynDNS API Select Disabled to disable this feature Account Name Email Address This setting specifies the registered user name for the dynamic DNS service Password TZO Key This setting specifies the password for the dynamic DNS service Hosts Domain This field all...

Страница 79: ...com 79 Copyright 2016 Pepwave providers policy a dynamic DNS host will automatically expire if the host record has not been updated for a long time Therefore the Pepwave router performs an update every 23 days even if a WAN s IP address has not changed ...

Страница 80: ...l laws and regulations Important Note Per FCC regulation the country selection is not available on all models marketed in the US All US models are fixed to US channels only Wi Fi AP Settings Protocol This option allows you to specify whether 802 11b and or 802 11g client association requests will be accepted Available options are 802 11ng and 802 11na By default 802 11ng is selected Channel This o...

Страница 81: ...ult 100ms is selected DTIM A This field allows you to set the frequency for the beacon to include delivery traffic indication messages The interval is measured in milliseconds The default value is set to 1 ms Slot Time A This field is for specifying the unit wait time before transmitting a packet By default this field is set to 9 µs ACK Timeout A This field is for setting the wait time to receive ...

Страница 82: ...be used simultaneously Bit Rate This option allows you to select a specific bit rate for data transfer over the device s Wi Fi network By default Auto is selected Output Power This option is for specifying the transmission output power for the Wi Fi AP There are 4 relative power levels available Max High Mid and Low The actual output power will be bound by the regulatory limits of the selected cou...

Страница 83: ... choose either Cache the specified domains only or Do not cache the specified domains Source IP Subnet This setting allows caching to be applied to the user specified IP subnets If Any is selected then caching will apply to all subnets Content Type Check these boxes to cache the listed content types or leave boxes unchecked to disable caching for the listed types Cache Lifetime Settings Enter a fi...

Страница 84: ...the scheduled download Last Duration Check this field to ensure that the most recent download took as long as expected to complete A value that is too low might indicate an incomplete download or incorrectly specified download target while a value that is too long could mean a download with an incorrectly specified target or stop time Result This field indicates whether downloads are in progress o...

Страница 85: ...ick to begin creating a new scheduled download Clicking the button will cause the following screen to appear Simply provide the requested information to create your schedule Clear Web Cache To clear all cached content click this button Note that this action cannot be undone Clear Statistics To clear all prefetch and status page statistics click this button 12 3 Viewing MediaFast Statistics To get ...

Страница 87: ...i WAN environments In case of failures and network congestion at one or more WANs other WANs can be used to continue carrying the network traffic Different models of our SD WAN routers have different numbers of site to site connections allowed End users who need to have more site to site connections can purchase a SpeedFusion license to increase the number of site to site connections allowed Pepwa...

Страница 88: ...l subnets Note that all LAN subnets and the subnets behind them must be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN using the 256 bit AES encryption standard To configure navigate to Advanced SpeedFusion or Advanced PepVPN and click the New Profile button to create a new VPN profile you may have to first save the displayed default profile ...

Страница 89: ...be enabled Otherwise it will be disabled Encryption By default VPN traffic is encrypted with 256 bit AES If Off is selected on both sides of a VPN connection no encryption will be applied Authentication Select from By Remote ID Only Preshared Key or X 509 to specify the method the Peplink Balance will use to authenticate peers When selecting By Remote ID Only be sure to enter a unique peer ID numb...

Страница 90: ...d and can be separated by a space character or carriage return Dynamic DNS host names are also accepted This field is optional With this field filled the Peplink Balance will initiate connection to each of the remote IP addresses until it succeeds in making a connection If the field is empty the Peplink Balance will wait for connection from the remote peer Therefore at least one of the two VPN pee...

Страница 91: ...ency and packet loss suspension time click the button Send All Traffic To This feature allows you to redirect all traffic to a specified PepVPN connection Click the button to select your connection and the following menu will appear You could also specify a DNS server to resolve incoming DNS requests Click the checkbox next to Backup Site to designate a backup SpeedFusion profile that will take ov...

Страница 92: ...PN traffic Health check packets are sent to the remote unit to detect any failure The more frequently checks are sent the shorter the detection time although more bandwidth will be consumed When Recommended default is selected a health check packet is sent every five seconds and the expected detection time is 15 seconds When Fast is selected a health check packet is sent every three seconds and th...

Страница 93: ...ve MAX and Surf User Manual http www pepwave com 93 Copyright 2016 Pepwave Tip Want to know more about VPN sub second session failover Visit our YouTube Channel for a video tutorial http youtu be TLQgdpPSY88 ...

Страница 94: ... Unit A s public IP addresses or hostnames into Unit B s Remote IP Addresses Host Names field Leave the field in Unit A blank With this setting a SpeedFusionTM connection can be set up and all WAN connections on both sides will be utilized See the following diagram for an example of this setup in use One of the WANs connected to Router A is non NAT d 212 1 1 1 The rest of the WANs connected to Rou...

Страница 95: ...us button at the top right corner of the SpeedFusionTM table you will be forwarded to Status SpeedFusionTM where you can view subnet and WAN connection information for each VPN peer Please refer to Section 22 6 for details IP Subnets Must Be Unique Among VPN Peers The entire interconnected SpeedFusionTM network is a single non NAT IP network Avoid duplicating subnets in your sites to prevent conne...

Страница 96: ...make use of WAN2 and WAN3 for failover 14 1 IPsec VPN Settings Many Pepwave products can make multiple IPsec VPN connections with Peplink Pepwave Cisco and Juniper routers Note that all LAN subnets and the subnets behind them must be unique Otherwise VPN members will not be able to access each other All data can be routed over the VPN with a selection of encryption standards such as 3DES AES 128 a...

Страница 97: ...www pepwave com 97 Copyright 2016 Pepwave IPsec VPN Settings Name This field is for specifying a local name to represent this connection profile Active When this box is checked this IPsec VPN connection profile will be enabled Otherwise it ...

Страница 98: ... NAT policy if the defined NAT Network on the right hand side is an IP address or having a network prefix 32 for example policy 192 168 1 0 24 172 168 50 1 32 will translate all clients in 192 168 1 0 24 network to 172 168 50 1 This is a unidirectional mapping which means clients in remote site will not be able to initiate connection to the local clients Remote Networks Enter the LAN and subnets t...

Страница 99: ...ng specifies the lifetime limit of this Phase 1 Security Association By default it is set at 3600 seconds Phase 2 ESP Proposal In Main Mode this allows setting up to six encryption standards in descending order of priority to be used for the IP data that is being transferred In Aggressive Mode only one selection is permitted Phase 2 PFS Group Perfect forward secrecy PFS ensures that if a key was c...

Страница 100: ...ng on the model 15 1 Outbound Policy Outbound policies for managing and load balancing outbound traffic are located at Network Outbound Policy or Advanced PepVPN Outbound Policy There are three main selections for the outbound traffic policy High Application Compatibility Normal Application Compatibility Custom Note that some Pepwave routers provide only the Send All Traffic To setting here See Se...

Страница 101: ... most applications and users still benefit from WAN link load balancing when multiple Internet servers are accessed Custom Outbound traffic behavior can be managed by defining rules in a custom rule table A default rule can be defined for connections that cannot be matched with any of the rules The default policy is Normal Application Compatibility Tip Want to know more about creating outbound rul...

Страница 102: ...ding click Default to change these settings To rearrange the priority of outbound rules drag and drop them into the desired sequence By default Auto is selected as the Default Rule You can select Custom to change the algorithm to be used Please refer to the upcoming sections for the details on the available algorithms To create a custom rule click Add Rule at the bottom of the table Note that some...

Страница 103: ...his setting specifies the source IP address IP network or MAC address for traffic that matches the rule Destination This setting specifies the destination IP address IP network or domain name for traffic that matches the rule If Domain Name is chosen and a domain name such as foobar com is entered any outgoing accesses to foobar com and foobar com will match this criterion You may enter a wildcard...

Страница 104: ... upcoming sections detail the listed algorithms Terminate Sessions on Link Recovery This setting specifies whether to terminate existing IP sessions on a less preferred WAN connection in the event that a more preferred WAN connection is recovered This setting is applicable to the Weighted Persistence and Priority algorithms By default this setting is disabled In this case existing IP sessions will...

Страница 105: ...ion relative to the total weight Use the sliders to change each WAN s weight For example with the following weight settings Ethernet WAN1 10 Ethernet WAN2 10 Wi Fi WAN 10 Cellular 1 10 Cellular 2 10 USB 10 Total weight is 60 10 10 10 10 10 10 Matching traffic distributed to Ethernet WAN1 is 16 7 10 60 x 100 Matching traffic distributed to Ethernet WAN2 is 16 7 10 60 x 100 Matching traffic distribu...

Страница 106: ... with three WAN connections may communicate on the Internet using three different IP addresses With the persistence feature rules can be configured to enable client computers to persistently utilize the same WAN connections for e banking and other secure websites As a result a client computer will communicate using one IP address eliminating the issues mentioned above There are two persistent mode...

Страница 107: ...sed to route the specified network service The highest priority WAN connection available will always be used for routing the specified type of traffic A lower priority WAN connection will be used only when all higher priority connections have become unavailable Starting from Firmware 5 2 outbound traffic can be prioritized to go through SpeedFusionTM connection s By default VPN connections are not...

Страница 108: ...he available bandwidth and WAN selection is determined every time an IP session is made 15 2 7 Algorithm Lowest Latency The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the lowest latency Latency checking packets are issued periodically to a nearby router of each WAN connection to determine its latency value The latency of a WA...

Страница 109: ...con and click turn on Expert Mode In Expert Mode a new special rule SpeedFusionTM Routes is displayed in the Custom Rules table This rule represents all SpeedFusionTM routes learned from remote VPN peers By default this bar is on the top of all custom rules This position means that traffic for remote VPN subnets will be routed to the corresponding VPN peer You can create custom Priority or Enforce...

Страница 110: ... inbound service does not take effect the Pepwave router disregards the other parameters of the rule Service Name This setting identifies the service to the system administrator Valid values for this setting consist of only alphanumeric and underscore _ characters IP Protocol The IP Protocol setting along with the Port setting specifies the protocol of the service as TCP UDP ICMP or IP Traffic tha...

Страница 111: ...ocol at the specified port range is forwarded via the same respective ports to the LAN hosts specified by the Servers setting For example with IP Protocol set to TCP and Port set to Port Range and Service Ports 80 88 TCP traffic received on ports 80 through 88 is forwarded to the configured servers via the respective ports Port Mapping traffic that is received by Pepwave router via the specified p...

Страница 112: ...itself That way the process of inbound port forwarding becomes automated When a computer creates a rule using these protocols the specified TCP UDP port of all WAN connections default IP address will be forwarded Check the corresponding box es to enable UPnP and or NAT PMP Enable these features only if you trust the computers connected to the LAN ports When the options are enabled a table listing ...

Страница 113: ...ddress The system maps this address to a number of public IP addresses specified below in order to facilitate inbound and outbound traffic This option is only available when IP Address is selected Range The IP range is a contiguous group of private IP addresses used by the LAN host The system maps these addresses to a number of public IP addresses specified below to facilitate outbound traffic Thi...

Страница 114: ...pping only Outbound Mappings This setting specifies the WAN IP addresses that should be used when an IP connection is made from a LAN host to the Internet Each LAN host in an IP range or IP network will be evenly mapped to one of each selected WAN s IP addresses for better IP address utilization in a persistent manner for better application compatibility Note that if you do not want to use a speci...

Страница 115: ...move the defined rule Two default rules are pre defined and put at the bottom They are All DHCP reservation clients and Everyone and they cannot be removed The All DHCP reservation client represents the LAN clients defined in the DHCP Reservation table on the LAN settings page Everyone represents all clients that are not defined in any rule above Click on a rule to change its group Add Edit User G...

Страница 116: ...et as 0 18 3 Application 18 3 1 Application Prioritization On many Pepwave routers you can choose whether to apply the same prioritization settings to all user groups or customize the settings for each group Three application priority levels can be set High Normal and Low Pepwave routers can detect various application traffic types by inspecting the packet content Select an application by choosing...

Страница 117: ...Alternatively you can select Custom Applications and define the application by providing the protocol scope port number and DSCP value 18 3 3 DSL Cable Optimization DSL cable based WAN connections have lower upload bandwidth and higher download bandwidth When a DSL cable circuit s uplink is congested the download bandwidth will be affected Users will not be able to download data at full speed unti...

Страница 118: ...her inappropriate uses The firewall functionality of Pepwave routers supports the selective filtering of data traffic in both directions Outbound LAN to WAN Inbound WAN to LAN The firewall also supports the following functionality Intrusion detection and DoS prevention Web blocking With SpeedFusionTM enabled the firewall rules also apply to VPN tunneled traffic 19 1 Outbound and Inbound Firewall R...

Страница 119: ...d at Advanced Firewall Access Rules Inbound Firewall Rules Click Add Rule to display the following screen Rules are matched from top to bottom If a connection matches any one of the upper rules the matching process will stop If none of the rules match the Default rule will be applied By default the Default rule is set as Allow for both outbound and inbound access ...

Страница 120: ...et services e g HTTP HTTPS etc After selecting an item from the Protocol Selection Tool drop down menu the protocol and port number remains manually modifiable Source IP Port This specifies the source IP address es and port number s to be matched for the firewall rule A single address or a network can be specified as the Source IP Port setting as indicated by the following screenshot In addition a...

Страница 121: ...ion IP address LEN Packet length PROTO Protocol SPT Source port DPT Destination port Click Save to store your changes To create an additional firewall rule click Add Rule and repeat the above steps To change a rule s priority simply drag and drop the rule Hold the left mouse button on the rule Move it to the desired position Drop it by releasing the mouse button Tip If the default inbound rule is ...

Страница 122: ... Intrusion Detection and DoS Prevention Pepwave routers can detect and prevent intrusions and denial of service DoS attacks from the Internet To turn on this feature click check the Enable check box and press the Save button When this feature is enabled the Pepwave router will detect and prevent the following kinds of intrusions and denial of service attacks Port scan o NMAP FIN URG PSH o Xmas tre...

Страница 123: ...oose applications to be blocked from LAN PPTP PepVPN peer clients access except for those on the Exempted User Groups or Exempted Subnets defined below 19 2 2 Web Blocking Defines web site domain names to be blocked from LAN PPTP PepVPN peer clients access except for those on the Exempted User Groups or Exempted Subnets defined below ...

Страница 124: ... may enter the wild card at the end of a domain name to block any web site with a host name having the domain name in the middle For example If you enter foobar then www foobar com www foobar co jp or foobar co uk will be blocked Placing the wild card in any other position is not supported The Peplink Balance will inspect and look for blocked domain names on all HTTP traffic Secure web HTTPS traff...

Страница 125: ...area click Add To delete an existing area click OSPF Settings Area ID Determine the name of your Area ID to apply to this group Machines linked to this group will send and receive related OSPF packets while unlinked machines will ignore it Link Type Choose the network type that this area will use Authentication Choose an authentication method if one is used from this drop down menu Available optio...

Страница 126: ...rom this drop down menu Available options are MD5 and Text Enter the authentication key next to the drop down menu Interfaces Determine which interfaces this group will use to listen to and deliver RIPv2 packets 19 4 Remote User Access a Networks routed by a Peplink Balance can be remotely accessed via L2TP with IPsec or PPTP To configure this feature navigate to Network Remote User Access ...

Страница 127: ... field Please note that remote devices will need this preshared key to access the Balance Listen On This setting is for specifying the WAN IP addresses where the PPTP server of the router should listen on User Accounts This setting allows you to define the PPTP User Accounts Click Add to input username and password to create an account After adding the user accounts you can click on a username to ...

Страница 128: ...he diagram the WAN ports of each Pepwave router connect to the router and to the modem Both Pepwave routers connect to the same LAN switch via a LAN port An elaboration on the technical details of the implementation of the virtual router redundancy protocol VRRP RFC 3768 by Pepwave routers follows In an HA configuration the two Pepwave routers communicate with each other using VRRP over the LAN Th...

Страница 129: ...eferred Role If this option is enabled once the device has recovered from an outage it will take over and resume its Master role from the slave unit Configuration Sync This option is displayed when Slave mode is selected in Preferred Role If this option is enabled and the Master Serial Number entered matches with the actual master unit s the master unit will automatically transfer the configuratio...

Страница 130: ... default gateway for all hosts on the LAN segment For example a firewall sitting behind the Pepwave router should set its default gateway as the virtual IP instead of the IP of the master router In drop in mode no other configuration needs to be set Please note that the drop in WAN cannot be configured as a LAN bypass port while it is configured for high availability ...

Страница 131: ...ch enables remote computers to conveniently and securely access the local network PPTP server settings are located at Advanced Misc Settings PPTP Server Check the box to enable PPTP server functionality All connected PPTP sessions are displayed at Status Client List Please refer to Section 22 3 for details Note that available options vary by model ...

Страница 132: ...his has been tested with Microsoft Windows Internet Authentication Service and FreeRADIUS servers where passwords are NTLM hashed or in plain text User Accounts This setting allows you to define PPTP user accounts for authentication via local user accounts Click Add to input username and password to create an account After adding the user accounts you can click on a username to edit the account pa...

Страница 133: ...ustom service forwarding is enabled outgoing traffic with the specified TCP port will be forwarded to a local or remote server by defining its IP address and port number 19 8 1 SMTP Forwarding Some ISPs require their users to send e mails via the ISP s SMTP server All outgoing SMTP connections are blocked except those connecting to the ISP s Pepwave routers support intercepting and redirecting all...

Страница 134: ...ified web proxy server and port number Redirected server settings for each WAN can be set here If forwarding is disabled for a WAN web proxy connections for the WAN will be simply forwarded to the connection s original destination 19 8 3 DNS Forwarding When DNS forwarding is enabled all clients outgoing DNS requests will also be intercepted and forwarded to the built in DNS proxy server 19 8 4 Cus...

Страница 135: ...t boxes H 323 With this option enabled protocols that provide audio visual communication sessions will be defined on any packet network and pass through the Pepwave router FTP FTP sessions consist of two TCP connections one for control and one for data In a multi WAN situation they must be routed to the same WAN connection Otherwise problems will arise in transferring files By default the Pepwave ...

Страница 136: ...etween 1 and 10 seconds Click to save these settings GPS Report Format Choose from NMEA or TAIP format for sending GPS reports NMEA Sentence Type If you ve chosen to send GPS reports in NMEA format select one or more sentence types for sending the data GPRMC GPGGA GPVTG GPGSA and GPGSV Vehicle ID The vehicle ID will be appended in the last field of the NMEA sentence Note that the NMEA sentence wil...

Страница 137: ... tab This screen can also be reached by clicking AP Wireless SSID Note the appearance of this screen varies by model AP Controller AP Management The AP controller for managing Pepwave APs can be enabled by checking this box When this option is enabled the AP controller will wait for management connections originating from APs over the LAN on TCP and UDP port 11753 It will also wait for captive por...

Страница 138: ...g packets generated from this wireless network i e packets that travel from the Wi Fi segment through the Pepwave AP One unit to the Ethernet segment via the LAN port The default value of this setting is 0 which means VLAN tagging is disabled instead of tagged with zero Broadcast SSID This setting specifies whether or not Wi Fi clients can scan the SSID of this wireless network Broadcast SSID is e...

Страница 139: ...et are isolated to that VLAN SSID or subnet which can enhance security Traffic is passed to upper communication layer s By default the setting is disabled Band Steering A Band steering allows the Pepwave router to steer AP clients from the 2 4GHz band to the 5GHz band for better usage of bandwidth To make steering mandatory select Enforce To cause the Pepwave router to preferentially choose steeri...

Страница 140: ... encryption Authentication is not supported by this method The security level of this method is known to be weak MAC Address List Connection coming from the MAC addresses in this list will be either denied or accepted based the option selected in the previous field RADIUS Server Settings Host Enter the IP address of the primary RADIUS server and if applicable the secondary RADIUS server Secret Ent...

Страница 141: ...this AP profile SSID These buttons specify which wireless networks will use this AP profile You can also select the frequencies at which each network will transmit Please note that the Peplink Balance does not detect whether the AP is capable of transmitting at both frequencies Instructions to transmit at unsupported frequencies will be ignored by the AP Operating This drop down menu specifies the...

Страница 142: ...oves the performance of the Wi Fi connection 2 4 GHz Channel This drop down menu selects the 802 11 channel to be utilized Available options are from 1 to 11 and from 1 to 13 for the North America region and Europe region respectively Channel 14 is only available when the country is selected as Japan with protocol 802 11b If Auto is set the system will perform channel scanning based on the schedul...

Страница 143: ...the option to set the minimum packet size for the unit to send an RTS using the RTS CTS handshake Setting 0 disables this feature Fragmentation ThresholdA Determines the maximum size in bytes that each packet fragment will be broken down into Set 0 to disable fragmentation Distance Time ConverterA Select the distance you want your Wi Fi to cover in order to adjust the below parameters Default valu...

Страница 144: ...r accessing the device HTTP to HTTPS Redirection This option will be available if you have chosen HTTPS as the Web Access Protocol With this enabled any HTTP access to the web admin will redirect to HTTPS automatically Admin User Name This field specifies the administrator username of the web admin It is set as admin by default Admin Password This field allows you to specify a new administrator pa...

Страница 145: ... 4 relative power levels available Max High Mid and Low The actual output power will be bound by the regulatory limits of the selected country Beacon RateA This option is for setting the transmit bit rate for sending a beacon By default 1Mbps is selected Beacon IntervalA This option is for setting the time interval between each beacon By default 100ms is selected DTIMA This field allows you to set...

Страница 146: ...ou can click Manual Upload to manually upload a firmware pack Click Default to define which firmware pack is default 21 System Settings 21 1 Admin Security There are two types of user accounts available for accessing the web admin admin and user They represent two user levels the admin level has full administration access while the user level is read only The user level can access only the device ...

Страница 147: ...mited session time This setting should be used only in special situations as it will lower the system security level if users do not log out before closing the browser The default is 4 hours 0 minutes For security reasons after logging in to the web admin Interface for the first time it is recommended to change the administrator password Configuring the administration interface to be accessible on...

Страница 148: ...et to 4 hours Authentication by RADIUS With this box is checked the web admin will authenticate using an external RADIUS server Authenticated users are treated as either admin with full read write permission or user with read only access Local admin and user accounts will be disabled When the device is not able to communicate with the external RADIUS server local accounts will be enabled again for...

Страница 149: ... which the web admin interface can be accessed LAN only LAN WAN If LAN WAN is chosen the WAN Connection Access Settings form will be displayed WAN Connection Access Settings Allowed Source IP Subnets This field allows you to restrict web admin access only from defined IP subnets Any Allow web admin accesses to be from anywhere without IP address restriction Allow access from the following IP subne...

Страница 150: ...wave MAX and Surf User Manual http www pepwave com 150 Copyright 2016 Pepwave 192 168 0 0 24 10 8 0 0 16 Allowed WAN IP Address es This is to choose which WAN IP address es the web server should listen on ...

Страница 151: ...uter and then click Manual Upgrade to send the firmware to the Pepwave router It will then automatically initiate the firmware upgrade process Please note that all Peplink devices can store two different firmware versions in two different partitions A firmware upgrade will always replace the inactive partition If you want to keep the inactive firmware you can simply reboot your device with the ina...

Страница 152: ...e Zone value affects the time stamps in the Pepwave router s event log and e mail notifications Check Show all to show all time zone options Time Server This setting specifies the NTP network time server to be utilized by the Pepwave router 21 4 Schedule Enable and disable different functions such as WAN connections outbound policy and firewalls at different times based on a user scheduled configu...

Страница 153: ...profile Schedule Click the drop down menu to choose pre defined schedules as your starting point Please note that upon selection previous changes on the schedule map will be deleted Schedule Map Click on the desired times to enable features at that time period You can hold your mouse for faster entry 21 5 Email Notification Email notification functionality provides a system administrator with up t...

Страница 154: ...efault this is set to 25 when SSL Encryption is checked the default port number will be set to 465 You may customize the port number by editing this field Click Default to restore the number to its default setting SMTP User Name Password This setting specifies the SMTP username and password while sending email These options are shown only if Require authentication is checked in the SMTP Server set...

Страница 155: ... detailed test results 21 6 Event Log Event log functionality enables event logging at a specified remote syslog server The settings for configuring the remote system log can be found at System Event Log Event Log Settings Remote Syslog This setting specifies whether or not to log events at the specified remote syslog server Remote Syslog Host This setting specifies the IP address or hostname of t...

Страница 156: ... 2016 Pepwave Push Events The Pepwave router can also send push notifications to mobile devices that have our Mobile Router Utility installed Check the box to activate this feature For more information on the Router Utility go to www peplink com products router utility ...

Страница 157: ... Device Name This field shows the router name defined at System Admin Security SNMP Port This option specifies the port which SNMP will use The default port is 161 SNMPv1 This option allows you to enable SNMP version 1 SNMPv2 This option allows you to enable SNMP version 2 SNMPv3 This option allows you to enable SNMP version 3 To add a community for either SNMPv1 or SNMPv2 click the Add SNMP Commu...

Страница 158: ...e for SNMPv3 click Add SNMP User in the SNMPv3 User Name table upon which the following screen is displayed SNMPv3 User Settings User Name This setting specifies a user name to be used in SNMPv3 Authentication Protocol This setting specifies via a drop down menu one of the following valid authentication protocols NONE MD5 SHA When MD5 or SHA is selected an entry field will appear for the password ...

Страница 159: ...is checked the device s status information will be sent to the Peplink InControl system This device s usage data and configuration will be sent to the system if you enable the features in the system Alternately you could also privately host InControl Simply check the box beside the Privately Host InControl open and enter the IP Address of your InControl Host You can sign up for an InControl accoun...

Страница 160: ...the settings effective Download Active Configurations Click Download to backup the current active settings Upload Configurations To restore or change settings based on a configuration file click Choose File to locate the configuration file on the local computer and then click Upload The new settings can then be applied by clicking the Apply Changes button on the page header or you can cancel the p...

Страница 161: ...ield click Activate and then click Apply Changes 21 11Reboot This page provides a reboot button for restarting the system For maximum reliability the Pepwave router can equip with two copies of firmware Each copy can be a different version You can select the firmware version you would like to reboot the device with The firmware marked with Running is the current system boot up firmware Please note...

Страница 162: ...a SpeedFusionTM VPN connection You can specify the number of pings in the field Number of times to a maximum number of 10 times Packet Size can be set to a maximum of 1472 bytes The ping utility is located at System Tools Ping illustrated below Tip A system administrator can use the ping utility to manually check the connectivity of a particular LAN WAN connection ...

Страница 163: ...e test utility is located at System Tools Traceroute Tip A system administrator can use the traceroute utility to analyze the connection path of a LAN WAN connection 21 14 PepVPN Test The PepVPN Test tool can help to test the throughput between different VPN peers You can define the Test Type Direction and Duration of the test and press Go to perform the throughput test The VPN test utility is loc...

Страница 164: ... Tools Wake on LAN Select a client from the drop down list and click Send to send a magic packet 21 16CLI Command Line Interface Support The CLI command line interface can be accessed via SSH This field enables CLI support The below settings specify which TCP port and which interface s should accept remote SSH CLI access The user name and password used for remote SSH CLI access are the same as tho...

Страница 165: ...rdware version of this device Serial Number This shows the serial number of this device Firmware This shows the firmware version this device is currently running PepVPN Version This shows the current PepVPN version Modem Support Version This shows the modem support version For a list of supported modems click Modem Support List Host Name The host name assigned to the Pepwave router appears here Up...

Страница 166: ... of your issue In Firmware 5 1 or before the diagnostic report file can be obtained at System Reboot 22 1 1 GPS Data The MAX HD2 and HD2 IP67 automatically store up to seven days of GPS location data in GPS eXchange format GPX To review this data using third party applications click Status Device and then download your GPX file The Pepwave MAX BR1 HD2 and HD2 IP67 export real time location data in...

Страница 167: ...ons can be found at Status Active Sessions Overview This screen displays the number of sessions initiated by each application Click on each service listing for additional information This screen also indicates the number of sessions initiated by each WAN port In addition you can see which clients are initiating the most sessions ...

Страница 168: ...y subnet port protocol and interface To perform a search navigate to Status Active Sessions Search This Active Sessions section displays the active inbound outbound sessions of each WAN connection on the Pepwave router A filter is available to sort active session information Enter a keyword in the field or check one of the WAN connection boxes for filtering ...

Страница 169: ...cord after import by going to Network LAN If the PPTP server see Section 19 2 SpeedFusionTM see Section 12 1 or AP controller see Section 20 is enabled you may see the corresponding connection name listed in the Name field 22 4 WINS Client The WINS client list table is located at Status WINS Client The WINS client table lists the IP addresses and names of WINS clients This option will only be avai...

Страница 170: ...P record in its corresponding row To delete all records click Delete All on the right hand side below the table Important Note UPnP NAT PMP records will be deleted immediately after clicking the button or Delete All without the need to click Save or Confirm 22 6 SpeedFusion Status Current SpeedFusionTM status information is located at Status SpeedFusionTM Details about SpeedFusionTM connection pee...

Страница 171: ...anual http www pepwave com 171 Copyright 2016 Pepwave Click the button for a chart displaying real time throughput latency and drop rate information for each WAN connection When pressing the button the following menu will appear ...

Страница 172: ...r Manual http www pepwave com 172 Copyright 2016 Pepwave After clicking the icon the following menu appears Select the L2 protocol TCP UDP direction and duration and click the Start button to begin the general throughput test ...

Страница 173: ...packet loss and latency of all possible combinations of connections Please note that the PepVPN Analyzer will temporarily interrupt VPN connectivity and will restore after test After clicking the icon the analyzer will require several minutes to perform its analysis depending the number of WAN links in the SpeedFusionTM Tunnel Once the test the complete the report will appear O indicates that spec...

Страница 174: ...isplays a list of events that has taken place on the Pepwave router Check Auto Refresh to refresh log entries automatically Click the Clear Log button to clear the log 22 8 Bandwidth This section shows bandwidth usage statistics and is located at Status Bandwidth Bandwidth usage at the LAN while the device is switched off e g LAN bypass is neither recorded nor shown ...

Страница 175: ...8 1 Real Time The Data transferred since installation table indicates how much network traffic has been processed by the device since the first bootup The Data transferred since last reboot table indicates how much network traffic has been processed by the device since the last bootup ...

Страница 176: ...wave com 176 Copyright 2016 Pepwave 22 8 2 Hourly This page shows the hourly bandwidth usage for all WAN connections with the option of viewing each individual connection Select the desired connection to check from the drop down menu 22 8 3 Daily ...

Страница 177: ... the drop down menu If you have enabled the Bandwidth Monitoring feature the Current Billing Cycle table for that WAN connection will be displayed Click on a date to view the client bandwidth usage of that specific date This feature is not available if you have selected to view the bandwidth usage of only a particular WAN connection The scale of the graph can be set to display megabytes MB or giga...

Страница 178: ...ture you can check the usage of each particular connection and view the information by Billing Cycle or by Calendar Month Click the first two rows to view the client bandwidth usage in the last two months This feature is not available if you have chosen to view the bandwidth of an individual WAN connection The scale of the graph can be set to display megabytes MB or gigabytes GB All WAN Monthly Ba...

Страница 179: ...Pepwave MAX and Surf User Manual http www pepwave com 179 Copyright 2016 Pepwave Ethernet WAN Monthly Bandwidth Usage Tip By default the scale of data size is in MB 1GB equals 1024MB ...

Страница 180: ...on the front or back panel of the Pepwave router 2 With a paper clip press the reset button and hold it for at least 10 seconds until the unit reboots itself After the Pepwave router finishes rebooting the factory default settings will be restored Important Note All previous configurations and bandwidth usage data will be lost after restoring factory default settings Regular backup of configuratio...

Страница 181: ...r s authority to operate this equipment This transmitter must not be co located or operating in conjunction with any other antenna or transmitter Operations in the 5 15 5 25GHz band are restricted to indoor usage only IMPORTANT NOTE FCC Radiation Exposure Statement for MAX BR1 mini This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment s...

Страница 182: ...ult the RF technician or device supplier This transmitter must not be co located or operating in conjunction with any other antenna or transmitter The availability of some specific channels and or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination FCC Radiation Exposure Statement for MAX HD4 This equipment complies with FC...

Страница 183: ...é aux directives relatives à l exposition aux fréquences radio le jouet doit êtreplacé à au moins 20_cm des personnes à proximité Caution i the device for operation in the band 5150 5250 MHz is only for indoor use to reduce the potential for harmful interference to co channel mobile satellite systems ii the maximum antenna gain permitted for devices in the band 5725 5850 MHz shall be such that the...

Страница 184: ...mits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator your body Déclaration d exposition aux radiations Cet équipement est conforme aux limites d exposition aux rayonnements ISED établies pour un environnement non contrôlé Cet équipement doit être installé et utilisé avec un minimum de 20 cm de distance entre ...

Страница 185: ...ompatibility and Radio Spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 1 Common technical requirements EN 301 489 7 V1 3 1 2005 ElectroMagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment ad services Part 7 Specific conditions for mobile and portable radio and ancillary equipment o...

Страница 186: ...ype d appareil est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Italiano Italian Con la presente nome del costruttore dichiara che questo tipo di apparecchio è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Latviski Latvian Ar šo name of manufacturer izgatavotāja nosaukums deklarē ka...

Страница 187: ... EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen Svenska Swedish Härmed intygar företag att denna utrustningstyp står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999 5 EG 4 NCC for Pepwave Routers For MAX Transit WLAN 警語電磁波曝露量MPE 標準值1mW cm2 本產品使用時建議應距離人體24 cm 警語內容 1 電磁波警語標示減少電磁波影響請妥適使用標示方式必須標示於設...

Страница 188: ...Contact Us Sales http www pepwave com contact sales Support http www pepwave com contact Business Development and Partnerships http www pepwave com partners channel ...

Результаты поиска

Содержание HD2 mini

Отзывы:

Похожие инструкции для HD2 mini

Бренды по названию

Популярные бренды

Pepwave HD2 mini, Руководство пользователя

Результаты поиска

Содержание HD2 mini

Отзывы:

Похожие инструкции для HD2 mini

Бренды по названию

Популярные бренды