MP-202 User`s Manual ver 2.4
Contents
1. cccccesceeeneeeees arene PEPEE ee ai 1 er Figure 10 11 Internet Connection Firewall cccccsseceeeeeeeees iio E AE ITIER TEE prrrrrrr as T Figure 10 12 Allow Unrestricted Administration inten ius PEE MEE PEEEIN E 107 Figure 10 13 Additional IP Pc retacpasauscsntncreca vars sarsnteseoeninntentnaceeaentenneedioeemnniienae 108 Figure 10 14 Using VLAN SEUD erari paisnecenaeenaen ran tnacetetenanenieieanesiasauartasn aosmeeaaeenisennsaians 108 Figure 10 15 109 Configuring WAN Ethernet 110 Use the Following IP Address 110 Routing Advanced l nannnaannnaann 111 Routing Advanced Extended Parameters 111 Route Settings PENE ETE ATE 112 Network Bridging 117 LAN LAN Network Bridging 117 Connection Summary Configure Existing Bridge Mie alee Bridge SettingS cccccccsssssseccesssseeeeeseasseeeesseseeeeensenses PENE EEIE EEEE PERERA n 119 Example of Using Bridge Mode and d Configuring V VLANs PTCP EEATT OTTA MEPIT a 120 Network Connections PEPE AFATET 121 Configuring WAN Ethernet 121 Network Bridging 122 No IP Address 122 126 100 User s Manual Figure 10 44 g WA EEEE I EEEE AEE EI ET EEE EE Figure 10 45 aeta Monitoring ied ap kare AIA PAE AEA AA OP AE EAT EA AEA A ETAN 127 Figure 10 46 Testing the Pe PEENE ATEEN IEEE AEE TEE A EN EA E EA EE gt Figure 10 47 Testing the lt BUD oeeccceceee solani2. signaling Protocol ignaling Protocol S Figure 5 5 VoIP Media Streaming Basic Figure 5 6 VoIP Media shi Advan ced Figure 5 7 VoIP Voice and Fax EEES PEPPE EE EEEE TAOIS PITOA EERE neice EEEE T T Figure 5 8 VolP Services Basic AT R T T A ER Figure 5 9 VolP Services Advanced Figure 5 10 VoIP Line Settings PEME ENEIT EIE E EA EIET A AE E AAT Figure 5 11 VolP Line Settings Defining a a New Line a NEEE EEEE VARPAAT ETICE E aes Figure 5 12 VolP Speed Dial TEETER A EOT EEN AAE AOAIE E AAE AENT seinen Figure 5 13 VolP ze Dial Settings Figure 5 14 VoIP Speer Dial Local Line Sep ial Settings Local Line OR RRRR RRR RA Dw ww ww OOWAONDMDAAND Figure 5 15 VoIP Spee ed Dia bs eat T EN eed A PEPATE T EE E TTET Figure 5 16 VolP Speed Dial Drect Calken T rre tere errres Figure 6 1 VoIP Line Settings E pasoucen dehtads nee A Figure 6 2 VoIP Line Settings Defining a New Ey AIIE E A E EEEE E A P ENT Figure 8 1 QoS Add Device Traffic Shaping si Figure 8 2 a Edit Device Traffic Shaping Sa eee eae ersten Figure 8 3 QoS Edit Device Traffic Shaping Add Cla SS AAAA AE Figure 8 4 QoS Edit Device Traffic Shaping Edit Class Figure 8 5 QoS Edit Device Traffic kat Edit Class Figure 8 6 QoS Traffic Shaping ee Figure 8 7 QoS Add Traffic Priority Rule Figure 8 8 Qo S DSCP Se
3. 5 Enter the username and password provided by the administrator of the network you are trying to access 6 Enter the IPSec shared secret which is the encryption key jointly decided upon with the network you are trying to access 7 Enter the remote tunnel endpoint address This would be the IP address or domain name of the remote network computer which serves as the tunnel s endpoint 8 Click Next The Connection Summary screen will appear see figure 8 184 Figure 9 25 Connection Summary ae Connection Summary You have successfully completed the steps needed to create the following connection e Layer 2 Tunneling Protocol to 191 52 3 1 VPM server User Name john smith Edit the Newly Created Connection Press Finish to create the connection _ Cancel User s Manual 94 Document 299 452 100 User s Manual 9 WAN Settings 9 Check the check box Edit the Newly Created Connection to be routed to the new connection s configuration screen after clicking Finish 10 Click Finish to save the settings the new L2TP IPSec VPN connection is added to the network connections list it is configurable like any other connection 9 4 3 General This section displays the connection s general parameters General Device Name ppp3od Status Connected Schedule Always Network Connection Type L2TF Table 9 9 General Settings Parameter Description Schedule By default t
4. A packet can match more than one rule Therefore m The first class rule has precedence over all other class rules Scanning is stopped once the first rule is reached m The first traffic priority classless rule has precedence over all other traffic priority rules m There is no prevention of a traffic priority rule conflicting with a class rule In this case the priority and DSCP setting of the class rule if given will take precedence Connection based QoS also allows inheriting QoS parameters by some of the applications that open subsequent connections For instance you can define QoS rules on SIP and the rules will apply to both control and data ports even if the data ports are unknown This feature applies to all applications that have ALG at firewall m Any m User Defined FTP HTTP HTTPS TFTP IMAP PING POP3 SNMP SMTP Telnet L2TP Traceroute or any other protocol User s Manual 64 Document 299 452 100 User s Manual Traffic Shaping QoS Input Rules Rule ID Source Address All Devices WAN Ethernet Rules LAN Ethernet Rules QoS Output Rules Rule ID Source Address All Devices WAN Ethernet Rules LAN Ethernet Rules Version 2 4 To set traffic priority rules 8 Quality of Service QoS Press the QoS button on the sidebar the Traffic Priority screen the first tab appears This screen is divided into two identical sections one for QoS Input Rules and the other for QoS Output Rul
5. For the list of features available in the current software version refer to the latest Release Notes Table 15 1 MP 202 Telephone Adapter Software Specifications Feature Details VoIP Signaling SIP RFC 3261 2327 SDP Protocols Data Protocols IPv4 TCP UDP ICMP ARP PPPoE RFC2516 L2TP RFC 2661 PPTP RFC 2637 DNS Dynamic DNS WAN to LAN Layers routing with DHCP Client Server RFC 2132 NAT RFC 3022 Application Layer Gateway ALG Firewall QoS Priority queues VLAN 802 1p Q tagging traffic shaping or Layer 2 switching not supported in this version Media Processing Voice Coders G 711 G 723 1 G 729A B G 726 Optional Voice Coders iLBC AMR separate software image Echo Cancelation G 168 2004 compliant 64 msec tail length Silence Compression Adaptive Jitter Buffer 300 msec Fax bypass Voice Band Data and 1 38 fax relay Automatic Gain Control Telephony Features Call hold and transfer Call waiting 3 way conferencing Message Waiting Indication Call Forward Configuration Embedded Web Server for configuration and management Management Remote firmware upgrade and configuration by HTTP Telnet Packetization RTP RTCP Packetization RFC 3550 3551 DTMF Relay RFC 2833 Security HTTPS for Web based configuration Password protected Web pages MD5 Version 2 4 207 April 2007 Uno ERA MP 202 Telephone Adapter Feature Details Telephony Signaling In band
6. from the Control Panel 2 Right click on the Ethernet connection s icon and select Properties to display the connection s properties Select the Internet Protocol TCP IP component and press the Properties button The Internet Protocol TCP IP properties will be displayed Select the Obtain an IP address automatically radio button mom a p Select the Obtain DNS server address automatically radio button 3 1 3 Windows NT 1 Access Network from the Control Panel to display the network control panel 2 From the Protocol tab select the Internet Protocol TCP IP component and press the Properties button 3 From the IP Address tab select the Obtain an IP address automatically radio button 4 From the DNS tab verify that no DNS server is defined in the DNS Service Search Order box and no suffix is defined in the Domain Suffix Search Order box 3 1 4 Linux 1 Login into the system as a super user by entering su at the prompt Type ifconfig to display the network devices and allocated IP s Type pump i lt dev gt where lt dev gt is the network device name Type ifconfig again to view the new allocated IP address yr SY Make sure no firewall is active on device lt dev gt 3 2 Configuring the MP 202 s Network Connection The Web based management interface of the MP 202 allows you to control the device s system parameters The interface is ac
7. or the host Source Address The source address of the packets From the drop down list choose Any User Defined or the host Destination Address The destination address of the packets From the drop down list choose Any User Defined or the host Protocol From the drop down list choose a specific protocol or add a new one by choosing User Defined the screen Edit Service opens Click the icon new under the column Action this commences a sequence that adds a new protocol QoS Operation In this screen section set a Quality of Service working method Check parameter Set Priority or Set DSCP refer to the descriptions below Set Priority Check this check box to add a priority to the rule Select priority level 0 7 where 0 lowest and 7 highest each priority level is mapped to low medium high priority This sets the priority of a packet on the connection matching the rule while routing the packet Set DSCP Check this check box to mark a DSCP value on packets matching this rule Enter a value between 0 63 in the field that appears Log Packets Matched by This Rule Under the screen section Logging this check box must be checked in order to log the first packet from a connection that was matched by this rule schedule Always or User Defined By default the rule will always be active However you can configure scheduler rules in order to define time segments duri
8. settings 1 Click tab Speed Dial the Speed Dial screen opens Signaling Protocol Dialing Speed Dial New Entry Version 2 4 Figure 5 12 VolP Speed Dial ey Voice Over IP User ID IP Address or Host Name Action amp Close 47 April 2007 s wwe Fe MP 202 Telephone Adapter Click New Entry to add a new speed dial entry the Speed Dial Settings screen appears The figure below shows how a proxy speed dial is configured The proxy IP address is Office and number to speed dial is 123 Figure 5 13 VoIP Speed Dial Settings Ep Speed Dial Settings Speed Dial 123 Destination Proxy User ID lottice EA GK j X Cancel Table 5 14 Speed Dial Settings via Proxy Parameter Description Speed Dial Defines the number to dial Destination Defines the entry s destination in this case a proxy server User ID Defines the user ID to call The figure below shows how a local line speed dial is configured from port Line 2 on the MP 202 to port Line 1 on the MP 202 The speed dial number 225 is now associated with Line 1 on the MP 202 User s Manual Figure 5 14 VoIP Speed Dial Local Line ay Speed Dial Settings Speed Dial 225 Destination Local Line Line ooooooo0n Line 13 r oe ares BX Cancel D 48 Document 299 452 100 User s Manual 5 Configuring VolP Parameters E Click OK you re returned to the Voice Over
9. 13 6 2 Performing a Traceroute gt To perform a traceroute 1 Click the Diagnostics icon from the Advanced screen in the Web based Management the Diagnostics screen is displayed 2 Under the screen section Traceroute enter the IP address or URL to be tested in the Destination field 3 Press the button Go a traceroute commences constantly refreshing the screen refer to the figure above 4 To stop the trace and view the results press Cancel 13 7 MAC Cloning A Media Access Control MAC address is the numeric code that identifies a device on a network such as your external cable DSL modem or a PC network card Your Service Provider may ask you to supply the MAC address of your PC external modem or both When replacing an external modem with your gateway you can simplify the installation process by copying the MAC address of your existing PC to the gateway User s Manual 174 Document 299 452 100 User s Manual 13 Advanced Settings In such a case you do not need to delay the setup process by informing your Service Provider of newly installed equipment gt To use MAC cloning 1 Click the MAC Cloning icon in the Advanced screen of the Web based Management the MAC Cloning screen appears refer to the figure Figure 13 9 Advanced MAC Cloning Settings aed MAC Cloning Set MAC of Device Ww AK Ethernet To Physical Address _ Clone My MAC Address
10. DTMF Detection and Generation TIA464B Caller ID Telcordia ETSI NTT Type l Telcordia Type II Call Progress Tones Out of band FXS Loop start On Off Hook Flash Hook Table 15 2 MP 202 Telephone Adapter Hardware Specifications Power 12VDC Interfaces RJ 45 10 100 Base T for LAN RJ 45 10 100 Base T for WAN 2xRJ 11 2 FXS lines for telephones POTS LED Indications LAN activity on Ethernet Port Power on Phone 1 and Phone 2 Registered In Use Alert SLIC Maximum Ringer Load REN 5 characteristics Short Haul Ringer Voltage up to 65Vrms Configurable Terminating Impedance User s Manual 208 Document 299 452 100
11. The data transfer session will not be handled using Stateful Packet Inspection SPI meaning that other packets that match this rule will not be automatically allowed access For example this can useful when creating rules that allow broadcasting e QoS Select this check box to define QoS Operation for the rule the following section User s Manual 158 Document 299 452 100 User s Manual 12 Security 8 Under the screen section QoS Operation set rule priority with Quality of Service by checking the check box to add a priority to the rule the screen refreshes refer to the figure allowing you to select between one of eight priority levels zero being the lowest and seven the highest each priority level is mapped to low medium high priority This sets the priority of a packet on the connection matching the rule while routing the packet Figure 12 28 Set Priority Rule 9 Check the check box Set DSCP to mark a DSCP value on packets matching this rule the screen refreshes refer to the figure allowing you to enter the hexadecimal value of the DSCP Figure 12 29 Set DSCP Rule Set DSCP o tHex 10 Under the screen section Logging check the parameter Log Packets Matched by This Rule to log the first packet from a connection that was matched by this rule 11 By default the Schedule rule will always be active However you can configure scheduler rules in order to define time segments during wh
12. Use MSS Clamping to Reduce Voice Delay Codecs Codecs Priority Supported Codecs Packetization Time milliseconds ist Codec G 729 8kbps B 2nd Codec 711 64kbps A Law 3rd Codec G 711 64kbps u Law 4th Codec G 723 53 6 3kbps ov Sth Codec G 726 16kbps v 6th Codec G 726 32kbps v G 723 Bitrate G 723 Bitrate G 723 High Bitrate 6 3kbps Y 49K F 1 Apply F X Cancel Basic lt lt F User s Manual 40 Document 299 452 100 User s Manual 5 Configuring VolP Parameters Table 5 9 VoIP Advanced Media Streaming Parameters Parameter Description RTP Port Range Defines the port range for Real Time Protocol RTP voice transport Contiguous Series of 8 Ports Starting From DTMF Relay RFC 2833 The RTP payload type used for RFC 2833 DTMF relay packets Range 0 Payload Type 255 Default 101 G 726 16 Payload Type The RTP payload type used for 16 kbps G 726 packets Range 0 255 Default 98 Table 5 10 VoIP Advanced Quality of Service Parameters Parameter Description Type of Service Hex This is a part of the IP header that defines the type of routing service to be used to tag outgoing voice packets originated from the MP 202 It is used to tell routers along the way that this packet should get specific QoS Leave this value as Oxb8 default if you are unfamiliar with the Differentiated Services IP protocol parameter Use MSS Clamping to
13. x represents any dialed digit Each backslash at the right side of the represents one of the dialed digits Example 4xxx Line_ 10 1 2 3 This rule will issue a call to 10 1 2 3 with the SIP ID of Line_ followed by the last 3 digits of the dialed number Rules are separated by the character Choose either Flash only default or Flash digits sequence Flash only uses only the phone s Flash button There are 3 scenarios 1 During an existing call if the user presses Flash the call is put on hold a dial tone is heard and the user is able to initiate a second call Once the second call is established on hooking transfers the first held call to the second call 2 During an existing call if the user presses Flash the call is put on hold and a dial tone is heard The user can initiate a second call and establish a 3 way conference by again pressing Flash after the second call is initiated 3 During an existing call if a call comes in call waiting pressing Flash puts the active call on hold and answers the waiting call pressing Flash again toggles between these two calls Flash digits sequence is where a sequence of Flash 1 holds a call or toggles between two existing calls Flash 2 makes a call transfer Flash 3 establishes a 3 way conference 38 Document 299 452 100 User s Manual 5 Configuring VolP Parameters 5 1 3 Configuring Media Streaming Parameters gt To
14. 2 you ve transferred B to C a warning tone is heard 7 5 Establishing a 3 Way Conference gt User s Manual To extend an existing call with party B into a 3 way conference by bringing in party C when Flash only is configured refer to Configuring Dialing Parameters on page 37 During a call with party B press Flash Party B is placed on hold and you ll hear a dial tone Dial party C s number and wait until the call is established 54 Document 299 452 100 User s Manual 7 Making VoIP Calls 3 Press Flash again to put B and C in a 3 way conference 4 To end the 3 way conference call on hook Alternatively press Flash again gt To extend an existing call with party B into a 3 way conference by bringing in party C when Flash digits sequence is configured refer to Configuring Dialing Parameters on page 37 1 During a call with party B press Flash and then the 1 key on the phone Party B is now placed on hold and you ll hear a dial tone 2 Dial party C s number and wait until the call is established 3 Press Flash and then the 3 key to put B and C in a 3 way conference 4 To end the 3 way conference call on hook Alternatively press Flash and then the 3 key 7 6 Forwarding Calls to Another Phone gt To forward calls to another phone 1 First configure call forwarding refer to Configuring Services Parameters on page 43 Pick up the phone Make sure
15. For each compression algorithm select one of the following from the drop down menu Table 9 7 PPP Compression Parameter Descriptions Parameter Description Reject Reject PPP connections with peers that use the compression algorithm Allow Allow PPP connections with peers that use the compression algorithm Require Ensure a connection with a peer is using the compression algorithm Version 2 4 81 April 2007 ey MP 202 Telephone Adapter 9 2 6 Internet Protocol Refer to Internet Protocol Settings on page 75 9 2 7 DNS Server Refer to DNS Server on page 76 9 2 8 Routing Refer to Routing on page 76 9 2 9 Internet Connection Firewall Refer to Internet Connection Firewall on page 77 9 3 WAN PPTP Point to Point Tunneling Protocol PPTP is a protocol developed by Microsoft targeted at creating VPN connections over the Internet This enables remote users to access the gateway via any ISP that supports PPTP on its servers PPTP encapsulates network traffic encrypts content using Microsoft s Point to Point Encryption MPPE protocol that is based on RC4 and routes using the generic routing encapsulation GRE protocol With your gateway PPTP is targeted at serving two purposes 1 Connecting the gateway to the Internet when it is used as a cable modem or when using an external cable modem Such a connection is established using user name and password authentication 2 Connecting the gateway to a remote
16. Interface the screen VLAN Interface opens refer to the figure Figure 10 15 Example of Using VLAN VLAN Interface Screen pe VLAN Interface Configure new VLAN interface Underlying Device WAN Ethernet VLAN ID Version 2 4 109 April 2007 Nh ne cs me me a MP 202 Telephone Adapter 2 Define a VLAN ID for each device Verify that you ve got a new interface on the WAN side WAN Ethernet 2 refer to the figure below Figure 10 16 Verifying a New Interface on the WAN Side ag Network Connections T 3 WAN Ethernet Connected 1 LAN Ethernet Disconnected f WAN Ethernet 2 Connected New Connection 3 Enter the new interface by clicking the Action icon shown in the screen above the screen shown below opens Figure 10 17 Configuring WAN Ethernet 5 Configure WAN Ethernet General Device Name etho 300 Status Connected Schedule Always Network WAN wt Connection Type Ethernet Physical Address O0 90 8f 00 00 02 MTU Automatic v 1500 Underlying Connection WAN Ethernet Internet Protocol No IF Address No IP Address Internet Connection Firewall Obtain an IF Address Automatically Use the Following IP Address Additional IP Addresses Tew IF A YOK j anatel j n x Cancel 4 Assign an IP address static DHCP to the new interface Configure the parameter Internet Protocol to the Static IP option of Use the Following IP Address the screen sh
17. Metric MP 202 Telephone Adapter Table 13 3 Adding a Routing Rule Parameter Descriptions Description Select the network device The destination is the destination host subnet address network address or default route The destination for a default route is 0 0 0 0 The network mask is used in conjunction with the destination to determine when a route is used Enter the Telephone Adapter s IP address A measurement of the preference of a route Typically the lowest metric is the most preferred route If multiple routes exist to a given destination network the route with the lowest metric is used Figure 13 23 Routing Rule Settings i g Route Settings Name LAN Ethemet Destination lise he p B Netmask 255 Lss 255 255 Gateway ha he ho fho Metric 20 13 16 2 Multicasting The MP 202 provides support for IGMP multicasting which allows hosts connected to a network to be updated whenever an important change occurs in the network A multicast is simply a message that is sent simultaneously to a pre defined group of recipients When you join a multicast group you will receive all messages addressed to the group much like what happens when an e mail message is sent to a mailing list IGMP multicasting enables UPnP capabilities over wireless networks and may also be useful when connected to the Internet through a router When an application running on a computer in the home network sends out a request to
18. Metric 10 2 From the Name drop down list choose WAN Ethernet configure the parameters Destination Netmask and Gateway Adding a Security Input Rule gt To add a security input rule 1 Open menu Security gt tab Advanced Filtering the screen containing section Input Rule Sets shown below opens Figure 10 22 Input Rule Sets Input Rule Sets Initial Rules WAN Ethernet Rules LAN Ethernet Rules WAN Ethernet 2 Rules WAN Ethernet 3 Rules o Any Any HTTP TCP Any gt 80 New Entry WAN Ethernet 4 Rules Final Rules User s Manual 112 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 2 Add anew entry for the interface choose what the filter will be determined by Source IP Destination IP or Protocol In the example shown in the figure below Port 80 HTTP is rejected Figure 10 23 Edit Advanced Filter ne Edit Advanced Filter Matching Source Address Destination Address E HTTP Web Server TCP Any gt 80 Drop Reject Drop packets and send TCP Reset or ICMP Host Unreachable packets to sender Accept Accept all packets related to this session This session is handled by Stateful Packet Version 2 4 113 April 2007 E Caro saree MP 202 Telephone Adapter Testing the 3 VLAN Setup gt Totest the 3 VLAN setup 1 Place a VOIP call Verify that the VOIP is using 802 1q p that the VLAN ID is 300 and that the IP is 3 3 x x refer to the s
19. Table 13 1 Action Icons in the Advanced Screen PEPE AEEA AEE TER TATEA E TATAEE TEAN Table 13 2 AS Ein Table 13 3 Table 13 4 Dyn IS Table 13 5 DHCP Server eoe eiaeia EEEE EE AEE ETE T ETETE Table 15 1 MP 202 Telephone Adapter Software Specifications PELE EE E E EEATT Table 15 2 MP 202 Telephone Adapter Hardware Specificatic NS covccssssssesessssesesssisssssiesssssiesessseeseeee Contents When viewing this manual on CD Web site or on any other electronic copy all cross references are hyperlinked Click on the page or section numbers shown in blue to reach the individual cross referenced item directly To return back to the point from where you accessed the cross reference press Att E Trademarks All products or trademarks are property of their respective owners WEEE EU Directive Pursuant to the WEEE EU Directive electronic and electrical waste must not be disposed of with unsorted waste Please contact your local recycling authority for disposal of this product Customer Support The Nuera Technical Assistance Center TAC is available on 7 x 24 hour basis for any maintenance or service related issue on the Nuera product line A Nuera maintenance contract is required to access the TAC center The TAC center can be reached via e US 1 800 966 8372 opt 3 e International 1 858 625 9220 opt 3 e Email tac nuera com T
20. address and some outgoing servers refuse to forward mail without a valid from address for anti spam considerations Enter a from email address in the From Email Address field m If your outgoing mail server requires authentication check the Server Requires Authentication check box and enter your user name and password in the User Name and Password fields respectively Version 2 4 177 April 2007 Uno ERA m Enter the port that is used by your outgoing mail server Figure 13 11 System Settings System Gateway s Hostname Local Domain home Gateway Management Console W Automatic Refresh of System Monitoring Web Pages MW warn User Before Network Configuration Changes Session Lifetime 900 Seconds User Interface Theme Language Remote Administration Management Application Ports Primary HTTP Management Port a i ll Secondary HTTP Management Port S080 Primary HTTPS Management Port 443 Secondary HTTPS Management Port agta Primary Telnet Port 3 Secondary Telnet Port 5023 Secure Telnet over SSL Port qo System Logging System Log Buffer Size he KE Remote System Notify Level Mone Security Logging Security Log Buffer Size KB Remote Security Motify Level Mone Outgoing Mail Server Server From Email 4ddress Port 25 Server Requires Authentication User s Manual 178 MP 202 Telephone Adapter Document 299 452 100 User s Manual 13 Adva
21. exchange server to be a backup server Offliine To temporarily take your site offliine prevent traffic from reaching your DDNS domain name check this box to enable redirection of DNS requests to an alternative predefined URL The availability of this feature depends on your DDNS account s level of service The redirection URL must be configured through the account as well 13 19 IP Address Distribution Your gateway s Dynamic Host Configuration Protocol DHCP server makes it possible to easily add computers that are configured as DHCP clients to the home network It provides a mechanism for allocating IP addresses and delivering network configuration parameters to such hosts The gateway s default DHCP server is the LAN bridge Version 2 4 193 April 2007 MP 202 Telephone Adapter A client host sends out a broadcast message on the LAN requesting an IP address for itself The DHCP server then checks its list of available addresses and leases a local IP address to the host for a specific period of time and simultaneously designates this IP address as taken At this point the host is configured with an IP address for the duration of the lease The host can choose to renew an expiring lease or let it expire If it chooses to renew a lease then it will also receive current information about network services as it did with the original lease allowing it to update its network configurations to reject any changes that may have occ
22. to save the changes 12 2 Access Control You may want to block specific computers within the home network or even the whole network from accessing certain services on the Internet For example you may want to prohibit one computer from surfing the Web another computer from transferring files using FTP and the whole network from receiving incoming e mail Access Control defines restrictions on the types of requests that may pass from the home network out to the Internet and thus may block traffic flowing in both directions In the e mail example given above you may prevent computers in the home network from receiving e mail by blocking their outgoing requests to POP3 servers on the Internet There are services you should consider blocking such as popular game and file sharing servers For example to ensure that your employees do not put your business at risk from illegally traded copyright files you may want to block several popular P2P and file sharing applications gt To view and allow restrict these services 1 In the Security screen refer to the figure above click tab Access Control the screen Access Control opens refer to the figure below Figure 12 3 Access Control Advanced Security General i Bate bees Forwarding Host Triggering Restrictions Filtering Block access ta Internet services fram within the LON Local Host Local Address Protocals Status Action New Entry E m
23. up process takes approximately 40 seconds When the power up process ends Phone 1 and Phone 2 LEDs turn off off hook a phone and listen for a dial tone Figure 2 1 Cabling the Device Version 2 4 15 April 2007 User s Manual 3 Setting up a Network Connection 3 Setting up a Network Connection gt Toset up a network connection 1 Define your PC s network connection refer to Defining Your PC s Network Connection on page 17 2 Configure the MP 202 s network connection refer to Configuring the MP 202 s Network Connection on page 19 3 1 Defining Your PC s Network Connection Refer to MP 202 Telephone Adapter Quick Installation Guide for instructions relating to installation on a Windows operating system Each network interface on the PC should either be configured with a statically defined IP address and DNS address or should be instructed to automatically obtain an IP address using the Network DHCP server The MP 202 provides a DHCP server on its LAN and it is recommended to configure your PC to obtain its IP and DNS server IPs automatically This configuration principle is identical but performed differently on each operating system Refer to Windows XP on page 18 Refer to Windows 2000 on page 19 Refer to Windows NT on page 19 Refer to Linux on page 19 Version 2 4 17 April 2007 a UF E Fe A MP 202 Telephone Adapter The setup procedure is in most cases unnecessary due
24. 299 452 100 User s Manual Parameter Call Waiting Call Forward Type Time for No Reply Forward Key Sequence Message Waiting Indication Subscribe to MWI MWI Server IP Address or Host Name MWI Server Port MWI Subscribe Expiration Tlme Stutter Tone Duration Version 2 4 5 Configuring VolP Parameters Table 5 12 VolP Services Description Call Waiting SIP Reply which response message is sent when another call arrives while a call is in progress There are two possibilities 180 Ringing or 182 Queued default To disable the call waiting feature select 180 Ringing The Call Forward feature permits a user to redirect incoming calls addressed to him her to another number The user s ability to originate calls is unaffected by Call Forward Three types of Call Forwarding exist Unconditional When selected incoming calls are forwarded independently of the status of the endpoint Busy When selected incoming calls are forwarded only if the endpoint is busy i e if all lines are active No Reply When selected incoming calls are forwarded only if the endpoint does not answer before a pre configured timeout see next parameter If you specify 5 seconds for this parameter for example and No Reply is selected for parameter Call Forward Type see above incoming calls are forwarded only after 5 seconds lapse The default is 72 but users can modify to any sequence of up to 2 digits
25. 4 System Monitoring System Up Time cccccccccsseeeeeceeseeceesseeceeaeeeeseageeessanseessegeeenss 205 Figure 14 5 Advanced System Monitoring VOIP ccccccscsssececcseesseeecsseesseeeeeseasseeeesseaseeeeesseees 206 User s Manual 10 Document 299 452 100 User s Manual Table 4 1 Networl weeds eae Table 4 2 a to cae i nis ee Used for Connecting the PC AA E A EAE 2 8 Table 4 3 Managing Tables nee E EE EE E E T E E Table 5 1 Vol lF Signaling Protocol Table 5 2 VolP Signaling Protocol Table 5 3 Vo IP Signaling Protocol Table 5 4 VoIP Signaling Protocol SIP Regist rar SIF ERTI AEAN tices abt AE EEA E E Table 5 5 VolP Signaling Protocol SIP O Poe Proxy PE cause E EEE A IE TE TA EEA Table 5 6 Advanced Dialing Parameters PEIEE A Table 5 7 VoIP Dialing Parameters EEE EAE EPE A EATE EAEE EEE E E Table 5 8 VolP Media Streaming Parameters a a e t EPEE EEEE E EE EEE ne reenter Table 5 9 VoIP Advanced Media Streaming Parameters ee ee ere E E rr rrr Table 5 10 VoIP Advanced Qua and of Service Parameters aeinn a Table 5 11 VoIP Voice and Fax n e e oG Table 5 12 VolP Services drta 45 Table 5 13 VolP Line Settings E A mee aoa neen teed Table 5 14 Spee L ia Settings via a Proxy adds tate ne Dane ead anus ree aa ee Table 5 15 Speed Dial Settings Direct Call PEEP EEEE EEEE S ARIETE T IT TEET A atl cae Table 8 1
26. 59 April 2007 MP 202 Telephone Adapter gt To adda shaping class 1 In the screen Edit Device Traffic Shaping section Shaping Classes refer to the figure click the link New Entry the screen Add Class opens refer to the figure Figure 8 3 QoS Edit Device Traffic Shaping Add Class F add Class X Cancel j 2 Name the new class and click OK to save the settings the screen Edit Device Traffic Shaping opens 3 Click the class name to edit the shaping class Alternatively click its icon Edit under the column Action the Edit Class screen opens refer to the figure Figure 8 4 QoS Edit Device Traffic Shaping Edit Class Edit Class Name lass Class Priority 0 Highest r Tx Bandwidth Reserved fo Maximum Uniimitec Kbits s Rx Bandwidth Reserved fo Maximum Uniimited Kbits s Policy Priority r Schedule Always Class Rules Destination Rule ID Source Address Address Protocols Operation Status Action Outbound rules New Entry Inbound rules New Entry x OK j x Cancel j Resolve Mow i Refresh j Configure the following fields User s Manual 60 Document 299 452 100 User s Manual Name Class Priority Tx Bandwidth Rx Bandwidth Policy Schedule Version 2 4 8 Quality of Service QoS Table 8 2 Edit Class Parameter Descriptions Parameter Description The name of the class The class can be granted one of
27. Address link appears Figure 10 7 IP Address Distribution DHCP Relay 2 Click the New IP Address link The DHCP Relay Server Address screen appears Figure 10 8 DHCP Relay Server Address P DHCP Relay Server Address IP Address A Cancel j 3 Specify the IP address of the DHCP server 4 Click OK to save the settings Disabled Select Disabled from the combo box if you would like to statically assign IP addresses to your network computers Figure 10 9 IP Address Distribution Disable DHCP IP Address Distribution Disabled ial 10 1 4 Routing You can choose to setup your Telephone Adapter to use static or dynamic routing Dynamic routing automatically adjusts how packets travel on the network whereas static routing specifies a fixed routing path to neighboring destinations Version 2 4 105 April 2007 wk Rr A MP 202 Telephone Adapter Table 10 3 Routing Parameters Parameter Routing Routing Mode Route NAT NAPT Device Metric Default Route Routing Information Protocol RIP Listen to RIP messages Send RIP messages Multicast Routing Table User s Manual Description Select Advanced or Basic routing Select one of the following Routing modes Use route mode if you want your device to function as a router between two networks Network Address Translation NAT translates IP addresses to a valid public address on the Internet This adds secur
28. Bridge Settings 10 2 4 Bridge Settings The bridge section allows you to specify the LAN and WAN devices that you would like to join under the network bridge Click the icon Edit on the VLAN column to assign the network connections to specific Virtual LANS Select the check box STP to enable the Spanning Tree Protocol on the device You should use this to ensure that there are no loops in your network configuration and apply these settings if your network consists of multiple switches or other bridges apart from those created by the Telephone Adapter Figure 10 31 Bridge Settings Status Disabled Up C WAN ethernet Connected LAN Ethernet Disabled Disconnected E WAN Ethernet 2 Disabled Ee Connected Version 2 4 119 April 2007 ae MP 202 Telephone Adapter 10 2 5 Examples of Configuring VLANs in Bridge Mode 10 2 5 1 Example 1 Configuring 3 VLANs VoIP Data and Management This example explains how to configure the MP 202 to use 3 separate VLANs for VOIP data and management in bridge mode Figure 10 32 Example of Using Bridge Mode and Configuring VLANs PC connected to the network in VLAN 300 data DHCP Server DHCP Server DHCP Server VLAN 300 VLAN 400 WLAN 200 idata management VolP Setup Two MP 202s are connected to the switch Both are configured to use VLAN 200 for VOIP VLAN 300 for Data and VLAN 400 for Management Three DHCP servers are connected to the same switch optional you can us
29. Class Rules Class rules define which packets belong to the class They must be defined in order to associate packets that meet them with the shaping class Without class rules the shaping class will have no effect whatsoever Each class can have outbound and or inbound rules for outgoing and incoming traffic respectively For example you can define that all outgoing packets from computer A in your LAN belong to your VolP class These packets will be limited to the class settings bandwidth schedule etc In addition you can define the traffic protocol and priority for each rule this is not mandatory as in Traffic Priority rules 8 1 2 1 1 Inbound and Outbound Data The gateway can control outgoing data easily It can queue packets delay them give precedence to other packets or drop them This helps in resolving upload Tx traffic bottlenecks and in most cases is sufficient However in the case of download Rx traffic bottlenecks the ability to control the flow is much more limited The gateway cannot queue packets since in most cases the LAN is much faster then the WAN and when the gateway receives a packet from the WAN it passes it immediately to the LAN QoS for ingress data has the following limitations which do not exist for outgoing data E QoS can only be applied to TCP streams UDP streams cannot be delayed E No borrowing mechanism m When reserving Rx bandwidth it is strictly taken from the bandwidth of all other cla
30. Connection Firewall Additional IP Addresses Version 2 4 Figure 10 34 Configuring WAN Ethernet 5 Configure WAN Ethernet etho 300 Connected Always wan Ethernet 00 90 8f 00 00 02 Automatic 1500 WAM Ethernet Mo IF Address Obtain an IP Address Automatically Use the Following IP Address s H if vO J i App ly j A Cancel j April 2007 MP 202 Telephone Adapter 7 Define a new network bridge Define a network bridge by checking the check boxes of LAN Ethernet and WAN Ethernet 3 VLAN Interface 300 in the screen Network Bridging under Bridged Connections refer to the figure below Figure 10 35 Network Bridging ae Network Bridging Configure your bridge properties Bridged Connections ee I WAN Ethernet Connected LAN Ethernet Connected C WAN Ethernet 2 Connected WAN Ethernet 3 Connected j ia ri 8 Set the bridge to use No IP Address Click Apply and OK and then click OK again Figure 10 36 No IP Address Internet Protocol Obtain an IP Address Automatically Mo IF Address unsnuuneneunsnennsnennsnnnnnnnnnnnnnnnnnnnnnnNnnnnEN Override Subnet Mask Obtain an IF Address Automatically Use the Following IP Address DHCP Lease j etiam NENE J 9 Reboot the MP 202 optional 10 Ensure that the PC is connected to the LAN port of the MP 202 and then configure it to Obtain IP Address Automatically all data
31. Edit ee Traffi c Shaping Parameter Descriptions Table 8 2 Edit Class Parameter Descriptions E E Table 8 3 Add Traffic Priority Rule Parameter Descriptions E A A Table 8 4 Add Traffic Priority Rule Parameter Descriptions EPET LEPASE EEE TEE EE crete Table 8 5 Edit DSCP Settings Parameter L Descriptions rn nsrrnininsnnrneninnnnneninnsnnnn Table 9 1 General Connection Settings segs Eee acre ia A E EA T AA Table 9 2 Static or Dynamic Routing Parameters Rar PEET rarer rae E TET E aaeeea TO Table 9 3 PPPoE Parameter Descriptions 00 EEIEIE ENTE PEA A ETAT ATE renee Table 9 4 PPP Configuration Parameter Description EE A Table 9 5 PPP Authentication Parameter paa ii a 80 Table 9 6 ee Encryption Parameter Descriptions O Table 9 7 PPP Compression Parameter Descriptions E Table 9 8 Gene TT ar a E E eden A idiots Table 9 9 General Settings PEPERELET PAE A PEENE E T A P E E Table 9 10 PPTP Compression Parameters TPM A EE R A neater Table 10 1 VLAN Interface General Communication Parametrs eean 101 Table 10 2 IP Address Distribution Parameters cccccccccessseseeeeeeeceeesseceeeeeessssssseeeessssssssssseseesees 104 Table 10 3 Routing Parameters OPP AEEA ETE AE EEA AAEN EE EEY E E Table 11 1 TR 069 Parameter Descriptions n NEEE ENE TEA E AE ESAN T EEEIEE ENEE EEEN AE S Table 12 1 Behavior for the Three Security Levels PEPEE EOE A EPE EEIE EEIE AE EEEE TATT 0
32. IP screen displaying the configured speed dial refer to the figure below displaying how two local lines are configured for speed dial Figure 5 15 VoIP Speed Dial Settings Local Line iy Voice Over IP Signaling Proto col Speed Dial User ID IP Address or Host Name 0000000001 fLine 1 Local Line 0000000002 Line 2 Local Line New Entry Close J The figure below shows how a speed dial direct call is configured The call is configured to one of the pre configured lines of a remote device 10 16 2 26 Figure 5 16 VolP Speed Dial Direct Call Tah Speed Dial Settings Speed Dial 227 Destination Direct Call r User ID 22T IF 4ddress or Host Name 10 16 2 26 Port 5060 l a Table 5 15 Speed Dial Settings Direct Call Parameter Description Speed Dial A shortcut number which you will dial to call this party Destination The entry s destination in this case a direct call User ID Specify the remote party s user ID IP Address or Host Specify the remote party s IP Address or host name Name Port The SIP UDP or TCP port of the remote party Version 2 4 49 April 2007 User s Manual 6 Connecting the MP 202 to a VoIP Service Provider 6 Connecting the MP 202 to a VoIP Service Provider Using the MP 202 s VoIP capabilities it is possible to connect to a remote SIP server in order to conduct worldwide phone calls The following section describes how to place a worldwide phone call utili
33. Manual 13 Advanced Settings 13 6 1 Diagnosing Network Connectivity gt To diagnose network connectivity 1 Click the Diagnostics icon from the Advanced screen in the Web based Management the Diagnostics screen is displayed Figure 13 7 Advanced Diagnostics Ping ICMP Echo Destination Number of pings Status Traceroute Destination Status Press the Refresh button to update the status 7 Close i Refresh j 2 Under the screen section Ping ICMP Echo enter the IP address or URL to be tested in the Destination field 3 Enter the number of pings you would like to perform 4 Press the Go button Version 2 4 173 April 2007 a UF E F A MP 202 Telephone Adapter 5 In a few seconds diagnostic statistics are displayed refer to the figure below If no new information is displayed press the Refresh button Ping ICMP Echo Destination Number of pings Status Packets Round Trip Time Traceroute Destination Status Figure 13 8 Advanced Diagnostics Statistics Diagnostics fi 0 33 2 40 4 Test Succeeded 4 4 transmitted 4 4 received 0 loss Minimum 30 ms Maximum 35 ms Average 31 ms fi 0 33 2 40 Test Succeeded traceroute to 10 33 2 40 10 33 2 40 30 hops max 1 dmitryh laptop corp audiocodes com 10 33 2 40 41 8946 ms 31 545 ms 39 547 T k Fress the Refresh button to update the status Close Refresh
34. Name is admin note that it is case sensitive It is recommended to define a password 2 To verify that the Password is correct retype it and press OK the Quick Setup screen opens refer to the figure Make sure you retain your User Name and Password for future reference as this is the only way you can access and manage the MP 202 If there s inactivity after logging in a new login becomes necessary after a lapse of 15 minutes User s Manual 20 Document 299 452 100 User s Manual 3 Setting up a Network Connection 3 2 2 Configuring Quick Setup Screen Parameters The Quick Setup screen refer to the figure enables the speedy precise and accurate configuration of your Internet connection and other important parameters Figure 3 4 Quick Setup a Quick Setup Internet Connections WAN Ethernet Connection Type Automatic IP Address Ethernet Connection Name WAN Ethernet Status Connected MAC Address 00 90 8f 09 ef 5e IP Address 10 33 2 42 Subnet Mask 255 255 0 0 Default Gateway 10 33 0 1 10 1 1 11 DHS Server 10 1 1 10 Administrator MP202 s Hostname P202 E Mail Press the Refresh button to update the status Y ew ii Note End users are advised not to modify the section Administrator in the Quick Setup screen The screen section applies to telephony carrier technicians In the Administrator section of the Quick Setup screen m Spec
35. Pi Restore default factory settings I Restore Defaults like Perform networking diagnostics Diagnostics aie Clone MP 202 s MAC address MAC Cloning ex Change the regional settings Regional Settings Modify administrator settings including the MP 202 s hostname Configure the MP 202 s SNMP agent Version 2 4 165 April 2007 MP 202 Telephone Adapter Icon What you can do Configure Universal Plug and Play UPnP parameters Universal Plug and Play i Perform a Firmware Upgrade MP 202 Firmware Upgrade Define time segments for system rules Scheduler Rules ie Set the local date and time Date and Time Configure users Users ae Routing Manage routing policies Define groups of LAN devices for system rules Bre Network Objects View and modify the DNS Hosts table aE Dynamic DNS Modify the behavior of the DHCP server for each LAN device and view a list of DHCP clients in the local network IP Address Distribution In Alias a dynamic IP address to a static hostname Pe DNS Server Manage protocols AA Frotocols User s Manual 166 Document 299 452 100 User s Manual Remote Administration Diagnostics Universal Plug and P Play Frotocols Figure 13 1 Advanced Settings i a About The MPZO2 MAZ Cloning MP202 Firmware Upgrade Ay Bio Network Objects i Advanced z Configuration File mE Regional Settings Dynami
36. Point Choose one of the following protocols to connect to 4 remote YPN server gt Point to Point Tunneling Protocol irtual Private Network PPTP YPN Enable secure transfer of data to another location aver the Internet Using User name password authentication Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec YPN Enable secure transfer of data to another location over the Internet using private and public keys for encryption and digital certificates and user name password for authentication Internet Protocol Security IPSec Enable secure transfer of data to another location over the Internet using private and public keys for encryption and digital certificates or shared secret for authentication ENEA Ter j Next gt J E Cancel j Version 2 4 93 April 2007 a3 E FE am MP 202 Telephone Adapter 4 Select the radio button Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN and click Next the screen Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN opens refer to the figure Figure 9 24 Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN gE Layer 2 Tunneling Protocol over Internet Protocol Security C L2TP IPSec VPN Configure your LATP VPN connection properties Login User Name fcase sensitive john_ smith Login Password IPSec Shared Secret Remote Tunnel Endpoint Address 1991 52 54
37. Port Forwarding M Security Expose services on the LAN to external Internet users Local Host Local Address Protocols Status Action New Entry ER v OK T Apply j X Cancel j Resolve Mow j Refresh Version 2 4 143 April 2007 rt i E FE am MP 202 Telephone Adapter 2 Click the link New Entry the screen Add Port Forwarding Rule opens refer to the figure Figure 12 6 Add Port Forwarding Rule Add Port Forwarding Rule Local Host Protocol Any Forward to Port Same as Incoming Port Schedule Always Oku aai 3 Enter the IP address or the host name of the computer that will provide the service the server Note that only one LAN computer can be assigned to provide a specific service or application The Protocol combo box lets you select or specify the type of protocol that will be used In addition to the list of popular protocols it provides you may also choose any or a specific protocol If you choose the option Specify Protocol the screen refreshes and an Add link appears Figure 12 7 Add a Specific Protocol Protocol Specify Protocol Add 4 Click the link Add to specify a protocol by default the gateway forwards traffic to the same port as the incoming port To redirect traffic to a different port select the option Specify the screen refreshes and an additional field appears enabling you to enter the port number Figure 12 8 Forward to a Specific Port Forward
38. Provide Host Name If Not Specified by Client De EE tea eats 2 From the IP Address Distribution drop down list select whether to enable or disable the DHCP server 3 From the IP Address Distribution drop down list select whether the gateway will function as a DHCP server or as DHCP relay Choose DHCP Server the screen section DHCP Server is displayed showing the parameters described in the table below Version 2 4 195 April 2007 a UF E Fe A MP 202 Telephone Adapter Table 13 5 DHCP Server Parameter Descriptions Parameter IP Address Range Start and End Subnet Mask Lease Time Provide host name if not specified by client Description Determines the number of hosts that may be connected to the network in this subnet Start specifies the first IP address that may be assigned in this subnet and End specifies the last IP address in the range A mask used to determine what subnet an IP address belongs to An example of a subnet mask value is 255 255 0 0 Each device will be assigned an IP address by the DHCP server for a limited time Lease Time when it connects to the network When the lease expires the server will determine if the computer has disconnected from the network If it has then the server may reassign this IP address to a newly connected computer This feature ensures that IP addresses that are not in use will become available for other computers on the network If
39. RRR RRR RRR RRR RRR RRR RRR RRR RRR Ree eee eee eee eee WAN Ethernet ocassevaddceadonedd nncdacddicswaraciacbeaabecacsuweicdedentecendecascbunieneatestassdussiieesieuadawade O General Internet Protocol l Settings DNS Server goles Ree eee tence oetenn rere hover me teen ee re re nie ener ve rermreey Mie rer Se nreten creer ner rere Advanced Routing Properties ccccccsccccesseeceeceeceeeecseeeessaseeseaeeesegeessagees Internet Connection FIPS WA siciiacinncasncsniniencennsaiiesseaesenassbarinncaorsenussenaiancaasnciancinecomies et we VAN er Oe ase niii eee eee eer tree or Ae eerie nee eee Set ene tren rte vere 78 9 2 1 9 2 2 9 2 3 9 2 4 9 2 5 9 2 6 9 2 7 9 2 8 A 2 9 General m PPP Configuration PPP Authentication PPP EMY DUO s sasise nin AEAEE ASEEN PPP Compression ccccccsesesesesescsessuceuencussencuevensevencuaueuaceuseueuencusreneuavensevens Internet Protocol ssiiessicsxacvstssiaaenas esinsusveennsetiassansunassinensnensaauateanseiabesshiwabuesmenenones DNS SEI VET ica sinesaninsnnoncnwadartnaesaaesiennsnssnxxentd soiyaiiad coneninansinaeinernnatsianstadesnassinnsumann E 0 gt PEIEE PAPAA EENEN IOE T A I ENA PEENE ESA EI A NE T Ieri Connection Firewall n 8 PEN 82 PAn 82 hers 82 9 3 1 9 3 2 Fo FO 9 3 4 9 3 5 9 3 6 Far 9 3 8 9 3 9 9 3 10 Prete a PPTP Paces ai the Pannen Wizard Creating a PPTP VPN Connection with the Connection Wizard General PELENA
40. This allows the DHCP server to issue valid leases thus avoiding conflicting IP addresses used by other computers in the network 13 19 1 DHCP Server Parameters gt To view a summary of the services currently being provided by the DHCP server m 8 Click the icon IP Address Distribution in the Advanced screen the IP Address Distribution screen opens Figure 13 26 DHCP Server Summary aP IP Address Distribution WAM Ethernet Disabled LAM Ethernet DHCP Server Zon 0n nn 192 168 2 1 oe ee 2 cot User s Manual 194 Document 299 452 100 User s Manual 13 Advanced Settings If In the column Service of the IP Address Distribution screen if a gateway is indicated Disabled then DHCP services are not being provided to hosts connected to the network through that gateway This means that the gateway will not assign IP addresses to these computers which is useful if you wish to work with static IP addresses only gt To edit the DHCP server settings for a device 1 Under the column Action click the icon Edit the DHCP Server settings for this device are displayed refer to the figure Figure 13 27 Advanced IP Address Distribution DHCP Server aP DHCP Settings for LAN Ethernet Service IF Address Distribution DHCP Server DHCP Server Start IP Address 92 f 68 E J End IP Address ha e pp ps Subnet Mask pas es pa fo WINS Server b bP P b Lease Time In Minutes feo W
41. Version 2 4 131 April 2007 User s Manual InternetGatewayDevice Devicelnfo InternetGatewayDevice LANDevice i Username Password PeriodiclnformEnable PeriodiclnformInterval PeriodiclnformTime ParameterKey ConnectionRequestURL ConnectionRequestUsername ConnectionRequestPassword Manufacturer ManufacturerOUI ModelName Description Product Class SerialNumber HardwareVersion SoftwareVersion SpecVersion ProvisioningCode UpTime DeviceLog MP 202 Telephone Adapter InternetGatewayDevice LANDevice i LANHostCongManagement InternetGatewayDevice LANDevice i Hosts InternetGatewayDevice LANDevice i Hosts Host i DHCPServerEnable MinAddress MaxAddress SubnetMask DNSServers IPAddress AddressSource MACAddress HostName InterfaceType InternetGatewayDevice LANDevice i LANEthernetlnterfaceConfig 132 Document 299 452 100 User s Manual Version 2 4 11 TR 069 CPE WAN Management Protocol e Status e MACAddress e MaxBitRate InternetGatewayDevice LANDevice i _LANEthernetInterfaceConfig Stats InternetGatewayDevice WANDevice i InternetGatewayDevice WANDevice i WWANCommoninterfaceConfig e EnabledForlnternet e WANAccessType e Layer1UpstreamMaxBitRate e Layer1DownstreamMaxBitRate e PhysicalLinkStatus e TotalBytesSent e TotalBytesReceived e TotalPacketsSent e TotalPacketsReceived InternetGatewayDevice WANDevice i WANDSLConnectionManagement InternetGa
42. be the bottleneck A traffic shaper is essentially a regulated queue that accepts uneven and or bursty flows of packets and transmits them in a steady predictable stream so that the network is not overwhelmed with traffic While Traffic Priority allows basic prioritization of packets Traffic Shaping provides more sophisticated definitions such as E Bandwidth limit for each device E Bandwidth limit for classes of rules E Prioritization policy m TCP serialization on a device Additionally you can define QoS traffic shaping rules for a default device These rules will be used on a device that has no definitions of its own This enables the definition of QoS rules on Default WAN for example and their maintenance even if the PPP or bridge device over the WAN is removed Device Traffic Shaping This section describes the different Traffic Shaping screens and terms and presents the feature s configuration logic 1 On the sidebar click the QoS link and then click the tab Traffic Shaping 2 Click the link New Entry the screen Add Device Traffic Shaping opens refer to the figure Figure 8 1 QoS Add Device Traffic Shaping S add Device Traffic Shaping Device Defaut WAN device WAN Ethernet LAN Ethernet PPTP Default LAN device Detault WAM device Default DMZ device Version 2 4 of April 2007 Uno ERA MP 202 Telephone Adapter 3 From the drop down list select the device for which to
43. box if you are communicating with a peer that uses Microsoft CHAP Version 2 authentication protocol 9 2 4 PPP Encryption PPP supports encryption facilities to secure the data across the network connection A wide variety of encryption methods may be negotiated although typically only one method is used in each direction of the link User s Manual 80 Document 299 452 100 User s Manual 9 WAN Settings Note that PPP encryption can only be used with MS CHAP or MS CHAP V2 authentication algorithms Figure 9 11 PPP Encryption PPP Encryption Require Encryption Disconnect If Server Declines Support Encryption 40 Bit Keys Support Maximum Strength Encryption 128 Bit Keys Table 9 6 PPP Encryption Parameter Descriptions Parameter Description Require Encryption Select this check box to ensure that the PPP connection is encrypted Support Encryption Select this check box if your peer supports 40 bit encryption keys 40 Bit Keys Support Maximum Select this check box if your peer supports 128 bit encryption keys Strength Encryption 128 Bit Keys 9 2 5 PPP Compression The PPP Compression Control Protocol CCP is responsible for configuring enabling and disabling data compression algorithms on both ends of the point to point link It is also used to signal a failure of the compression decompression mechanism in a reliable manner Figure 9 12 PPP Compression PPP Compression BSD Deflate
44. configure Media Streaming parameters m Click tab Media Streaming the Media Streaming screen opens Figure 5 5 VoIP Media Streaming Basic Gay Voice Over IP Signaling r R Dialing Protoco Codecs Codecs Priority Supported Codecs Packetization Time milliseconds ist Codec G 729 8kbps v 2nd Codec G 711 64kbps A Law Y 3rd Codec G 711 64kbps u Law W 4th Codec G 723 5 3 6 3kbps v Sth Codec G 726 16kbps v 6th Codec G 726 32kbps v Version 2 4 39 April 2007 4 NM we FF A MP 202 Telephone Adapter Table 5 8 VoIP Media Streaming Parameters Codecs Parameter Description 1st Codec Refer to Configuring Codecs on page 41 2nd Codec Refer to Configuring Codecs on page 41 3rd Codec Refer to Configuring Codecs on page 41 4th Codec Refer to Configuring Codecs on page 41 5th Codec Refer to Configuring Codecs on page 41 6th Codec Refer to Configuring Codecs on page 41 m Click the button Advanced the Media Streaming Parameters and Quality of Service Parameters screen sections open Figure 5 6 VoIP Media Streaming Advanced Voice Over IP Signaling prone Dialing Media Streaming Parameters RTP Port Range Contiquous Series of 8 Ports Starting From DTMF Relay RFC2833 Payload Type default value 101 G 726 16 Payload Type default value 98 Quality of Service Parameters Type Of Service Hex
45. connection opened by the firewall Use this option to track connection handling by the firewall and Application Level Gateways ALGs Log Buffer e Prevent Log Overrun Select this check box in order to stop logging firewall activities when the memory allocated for the log fills up 3 Click OK to save the settings Following are the available event types that can be recorded in the firewall log Firewall internal an accompanying explanation from the firewall internal mechanism will be added in case this event type is recorded Firewall status changed the firewall changed status from up to down or the other way around as specified in the event type description STP packet an STP packet has been accepted rejected Illegal packet options the options field in the packet s header is either illegal or forbidden Fragmented packet a fragment has been rejected WinNuke protection a WinNuke attack has been blocked ICMP replay an ICMP replay message has been blocked ICMP redirect protection an ICMP redirected message has been blocked Packet invalid in connection a packet has been blocked being on an invalid connection ICMP protection a broadcast ICMP message has been blocked Broadcast Multicast protection a packet with a broadcast multicast source IP has been blocked Spoofing protection a packet from the WAN with a source IP of the LAN has been blocked DMZ network packet a packet from a demilitarized
46. driver InttReadOptions completed successfully Jan 1 00 00 System E gt 003 ina Message kern warn LES driver InitSettings completed successfully 14 4 System Up Time gt To display the system up time m Press tab System to display the length of time that has passed since the system was last started Figure 14 4 System Monitoring System Up Time afi System Monitoring Connections System Has Been Up For 1 hours 14 minutes Version 2 4 205 April 2007 14 5 Voice over IP gt To monitor VoIP MP 202 Telephone Adapter m Click tab Voice over IP the System Monitoring Voice over IP screen opens showing read only VoIP call related parameters Connections Line Phone State SIP registration state Origin Remote Phone Number Remote ID Duration Type Encoder Decoder Packets Sent Packets Received Bytes Sent Bytes Received Packets Last Packets Loss Percentage Jitter ms Round Trip Delay ms User s Manual re System Monitoring Alan Of Hook Not Registered Connected Incoming 201 Mirit 10 33 2 42 o 00 14 VoicE PCMU PCMU 570 575 206 Figure 14 5 Advanced System Monitoring VolP Mirit Of Hook Not Registered Connected Outgoing 200 2O00 I10 35 2 42 5060 O o00 12 Voice PCMU FEMU 579 579 Document 299 452 100 User s Manual 15 Software and Hardware Specifications 15 Software and Hardware Specifications
47. eight priority levels zero being the highest and seven the lowest The reserved transmission bandwidth Committed Information Rate or CIR in kbps for each class The reserved reception bandwidth Committed Information Rate or CIR in kbps for each class The class policy determines the policy of routing packets inside the class Select either 1 Priority 2 FIFO 3 Fairness 4 RED Refer to the following four descriptions Priority Priority queuing utilizes multiple queues so that traffic is distributed among queues based on priority This priority is defined according to packet priority which can be defined explicitly by a DSCP value or by a 802 1p value FIFO First In First Out This priority queue ignores any previously marked priority that packets may have Fairness The fairness algorithm ensures no starvation by granting all packets a certain level of priority RED Random Early Detection Utilizes statistical methods to drop packets in a probabilistic way before queues overflow Dropping packets in this way slows a source down enough to keep the queue steady and reduces the number of packets that would be lost when a queue overflows and a host is transmitting at a high rate By default the class will always be active However you can configure scheduler rules in order to define time segments during which the class may be active 61 April 2007 Uno ERA MP 202 Telephone Adapter 8 1 2 1
48. exceeds a packet has been blocked because defragmentation found more fragments than allowed Fragmented packet no memory a fragmented packet has been blocked because there was no memory for fragments Fragmented packet overlapped a packet has been blocked because after the defragmentation there were overlapping fragments Defragmentation failed the fragment has been stored in memory and blocked until all fragments arrived and defragmentation could be performed Connection opened usually a debug message regarding a connection Wildcard connection opened usually a debug message regarding a connection Wildcard connection hooked usually debug message regarding connection Connection closed usually a debug message regarding a connection Echo Chargen Quote Snork protection a packet has been blocked protecting from Echo Chargen Quote Snork First packet in connection is not a SYN packet a packet has been blocked because of a TCP connection that had started without a SYN packet Error No memory a message notifying that a new connection has not been established because of lack of memory NAT Error Connection pool is full a message notifying that a connection has not been created because the connection pool is full NAT Error No free NAT IP a message notifying that there is no free NAT IP therefore NAT has failed NAT Error Conflict Mapping already exists a message notifying that there is a conflict sin
49. from the LAN port will be in VLAN 300 11 To access the web from the WAN you must be in VLAN 400 and use the VLAN 400 IP address User s Manual 122 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 12 To access the web from the LAN set your PC to a static IP address 192 168 2 2 254 the figure below shows the System Monitoring screen Name Device Name Status Network Underlying Device Connection Type MAZ Address IP Address Subnet Mask Default Gateway DNS Server IP Sddress Distribution Received Packets Sent Packets Time Span Figure 10 37 System Monitoring System Log System WARK Ethernet eth Connected Wah Ethernet 00 90 8f 03 20 dd 10 33 2 64 250 255 0 0 10 33 0 1 10 1 1 111 10 1 1 10 Disabled 92557 9166 O52 34 ail System Monitoring VOCE yer IP LAM Ethernet eth Connected Lat Ethernet 12 de ca 81 62 d5 Disabled 11746 13784 0 52 34 WAM Ethernet 2 etho 200 Connected Wah WAN Ethernet Ethernet 00 90 8f 03 20 dd a eras 255 0 0 0 EE EE Disabled WAN Ethernet 3 etho 300 Connected YW A Wah Ethernet Ethernet O00 90 6f 03 20 dd Disabled 10271 9469 0 52 34 Testing the Setup 13 14 15 the WAN interface Version 2 4 123 Bridge bro Connected Woh LAN Ethernet Woh Ethernet 3 Bridge SE 87 1 92 31 be e9 Disabled 20417 1430 0 52 34 Place a VOIP call and see that the VOIP is
50. it back to the LAN Host which originated the outgoing traffic to UDP port 2222 Select the tab Port Triggering in the Security screen the screen Port Triggering opens refer to the figure The screen lists all port triggering entries Figure 12 13 Port Triggering Trigger opening of ports for incoming data Protocol Outgoing Trigger Ports Incoming Ports to Open Action L2TP Layer Two Tunneling Protocol UDP Any gt 1701 UDP Any gt Same as Initiating TFTP Trivial File Transfer Protocol UDP 1024 65555 gt 69 UDP ny gt Same as Initiating Specify Protocol Add j A Cancel User s Manual 148 Document 299 452 100 User s Manual 12 Security gt To add an entry for the gaming example above 1 Click the link Add to add an entry the screen Edit Service opens refer to the figure Figure 12 14 Adding Port Triggering Rules S Edit Service Service Name Application Outgoing Trigger Ports Protocol Server Ports Action New Trigger Ports Ei Incoming Ports to Open Protocol Opened Ports Action New Opened Ports ai OK Cancel j 2 Enter a name for the service e g game_server and click the link New Trigger Ports the screen Edit Service Server Ports opens refer to the figure Figure 12 15 Edit Service Server Ports z Edit Service Server Ports Protocol Protocol Number lo wf OK Cancel j 3 In the Protocol combo box select UDP the screen refresh
51. join a multicast group the MP 202 intercepts and processes the request If the MP 202 is set to Minimum Security no further action is required However if the MP 202 is set to Typical Security or Maximum Security you must add the group s IP address to the MP 202 s Multicast Groups screen This will allow incoming messages addressed to the group to pass through the Firewall and on to the correct LAN computer 1 Click the Routing icon in the Advanced screen User s Manual 190 Document 299 452 100 User s Manual 13 Advanced Settings 13 17 13 18 2 Select the Multicast Groups Management check box 3 Press the OK button Network Objects Network Objects is a method used to abstractly define a set of LAN hosts according to one or more MAC address IP address and host name Defining such a group can assist when configuring system rules For example network objects can be used when configuring the gateway s security filtering settings such as IP address filtering host name filtering or MAC address filtering You can use network objects in order to apply security rules based on host names instead of IP addresses This may be useful since IP addresses change from time to time Moreover it is possible to define network objects according to MAC addresses making rule application more persistent against network configuration settings gt To define a network object 1 Click the icon Network O
52. network using a Virtual Private Network VPN tunnel over the Internet This enables secure transfer of data to another location over the Internet using user name and password authentication 9 3 1 Creating a PPTP Connection with the Connection Wizard gt To create a new PPTP connection take these steps 1 Open the screen Network Connections and click the link New Connection the Connection Wizard screen opens 2 Select the radio button Internet Connection and click Next the screen Internet Connection opens User s Manual 82 Document 299 452 100 User s Manual 9 WAN Settings 3 Select the radio button External Cable Modem this option is for both internal and external cable modems and click Next the screen Internet Cable Modem Connection opens refer to the figure Figure 9 13 Internet Cable Modem Connection ae Internet Cable Modem Connection Choose your Internet connection type Ethernet Connection My ISP doesn t require user name and password in order to me connect to the Internet Point To Point Tunneling Protocol PPTP with User Name and Password Authentication My ISP requires user name and password in order to connect me to the Internet using a PPTP connection Layer 2 Tunneling Protocol L2TP with User Name and Password Authentication My ISP requires user name and password in order to connect me ta the Internet using a LTP connection A Cancel Vers
53. of a specific codec leave only that codec checked Version 2 4 41 April 2007 5 1 3 3 Packetization Time MP 202 Telephone Adapter The Packetization Time is the length of the digital voice segment that each packet holds The default is 20 millisecond packets Selecting 10 millisecond packets reduces the delay but increases the bandwidth consumption 5 1 4 Configuring Voice and Fax Parameters gt To configure Voice and Fax parameters m Click the tab Voice and Fax the basic Voice and Fax parameters screen opens m Click the button Advanced the extended Voice and Fax parameters screen opens Figure 5 7 VoIP Voice and Fax sp Voice Over IP Media Signaling Streaming Protoco Dialin g Line 1 Voice Volume 31 to 31 db Line 2 Voice Volume 31 to 31 db C Enable Automatic Gain Control Jitter Buffer Minimum Delay 10 to 150 milliseconds Optimization Factor 1 to 13 Silence Compression C Enable Silence Compression Echo Cancellation Enable Echo Cancellation Fax and Modem Settings milliseconds Fax Transport Mode Bypass Fax Bypass Payload Type 102 Modem Transport Mode Bypass 7 Modem Bypass Payload Type 103 Fax Modem Bypass Codec 711 64kbps A Law Y Enable CNG Detection OK J u Apply D x cancel J Basic lt lt D User s Manual 42 Document 299 452 100 User s Manual 5 Configuring VolP Par
54. refer to the figure Choose this connection type if you do not have an Internet connection or if you want to disable all existing connections Figure 3 10 Internet Connection No Internet Connection a Quick Setup Internet Connections WAN Ethernet Connection Type Mo Internet Connection Administrator MP202 s Hostname P202 E Mail Loe tamis cancel Version 2 4 25 April 2007 User s Manual 4 Using the MP 202 s Web Interface a Using the MP 202 s Web Interface 4 1 Your Home Network Map When you log into the Web based management you ll view the Network Map Figure 4 1 Network Map nn Network Map Typical Security Laptop 192 165 1 2 The network map depicts the various network elements from top going down 1 External network interface Internet connection 2 Firewall 3 MP 202 4 Telephones connected to the MP 202 5 Local network computers and peripherals the figure above shows a network element that obtained its IP address automatically via MP 202 s DHCP server The table below explains the meaning of different network map symbols Version 2 4 27 April 2007 a UF E Fe A MP 202 Telephone Adapter Table 4 1 Network Map Symbols Represents the Internet Represents your Ethernet Wide Area Network WAN connection Click this icon to configure the WAN interface l Represents the Telephone Adapter s Firewall The height of the wall corresponds to im
55. screen will refresh and an Add link will appear Figure 12 23 Add a Specific Schedule Schedule Specify Schedule add Version 2 4 Click the link Add to specify a protocol Click OK to save the settings you re returned to the previous screen while the gateway attempts to find the site Resolving will appear in the Status column while the site is being located the URL is resolved into one or more IP addresses Click the Refresh button to update the status if necessary If the site is successfully located Resolved will appear in the status bar if not Hostname Resolution Failed will appear If the gateway fails to locate the website Use a Web browser to verify that the website is available If it is then you probably entered the website address incorrectly If the website is unavailable return to the screen Website Restrictions later and click the button Resolve Now to verify that the website can be found and blocked by the gateway You can edit the website restriction by modifying its entry under the column Local Host in the screen Website Restrictions To modify an entry Click the action icon Edit for the restriction the screen Restricted Website opens refer to the figure Modify the website address group or schedule as required Click OK to save your changes and return to the screen Website Restrictions To ensure that all current IP addresses corresp
56. the Internet Protocol drop down menu E No IP Address E Obtain an IP Address Automatically m Use the Following IP Address Note that according to the selection you make in the Internet Protocol drop down menu the screen will refresh and display relevant configuration settings Version 2 4 101 April 2007 No IP Address MP 202 Telephone Adapter Select No IP Address if you require that your Telephone Adapter has no IP address This can be useful if you are working in an environment where you are not connected to other networks such as the Internet Figure 10 3 Internet Protocol Settings No IP Address Internet Protocol Obtain an IP Address Automatically No IP Address Your WAN connection is configured by default to act as a DHCP client You should keep this configuration in case your service provider supports DHCP or if you are connecting using a dynamic IP address The server that assigns the Telephone Adapter with an IP address also assigns a subnet mask You can override the dynamically assigned subnet mask by selecting the Override Subnet Mask and specifying your own mask instead You can press the Release button to release the current leased IP address Once the address has been released the button text changes to Renew Use the Renew button to renew the leased IP address Figure 10 4 Internet Protocol Settings Automatic IP Internet Protocol Override Subnet M
57. the security level currently selected Minimum Typical or Maximum Click this icon to E configure security settings If the MP 202 is equipped with multiple LAN devices other than bridges then the home network will use the following icons to indicate the interface used for connecting the PC Table 4 2 Icons to Indicate the Interface Used for Connecting the PC Represents an Ethernet Local Area Network LAN connection Click this icon to configure network parameters for the Ethernet LAN device Represents a bridge connected in the home network Click this icon to view the bridge s underlying devices Represents a computer host connected in the home network Each computer connected to the network appears below the network symbol of the network through which it is connected Click an icon to view network information for the corresponding computer Figure 4 2 Host Information Host Information Hast Laptop IP Address 192 168 2 2 Subnet Mask 255 255 255 0 Network Connection Ethernet Lease Type Dynamic Port Forwarding Nene Services Ping Test Windows Shared Palen WWEitan Laptop fome Version 2 4 28 Document 299 452 100 User s Manual 4 Using the MP 202 s Web Interface 4 2 Managing Tables Tables are structures used throughout the Web based Management They handle user defined entries relating to elements such as network connections local servers restrictions and configurable parameters The
58. to Port Specity w 7 User s Manual 144 Document 299 452 100 User s Manual 12 Security 5 To define the time period during which this rule will take effect select The in the drop down list Schedule between Always or a specific schedule If you choose the option Specify Schedule the screen refreshes and an Add link appears Figure 12 9 Add a Specific Schedule Schedule Specify schedule Add 6 Click Add to specify a protocol and click OK to save your changes the screen Port Forwarding displays a summary of the rule that you just added refer to the figure Figure 12 10 Port Forwarding Rule ia Security Expose services on the LAN to external Internet users Local Host Local Address Protocols Status Action w 192 168 1 11 192 168 1 11 Any Active New Entry EF i CE j apply AX Cancel j Resolve Mow Refresh j 7 Edit the port forwarding rule by modifying its entry under column Local Host in the screen Port Forwarding To modify an entry click the action icon Edit for the rule the screen Edit Port Forwarding Rule opens refer to the figure This screen allows you to edit all the parameters that you configured when creating the port forwarding rule Version 2 4 145 April 2007 MP 202 Telephone Adapter Figure 12 11 Edit Port Forwarding Rule o Edit Port Forwarding Rule Protocol Name Ports Action FTP File Transter TOP Any gt 21 Forward to Port Sc
59. to reboot Are you sure you Want to restore MP202 manufacturer defaults 2 Click OK to restore the MP 202 s factory default settings Version 2 4 171 April 2007 Uno ERA MP 202 Telephone Adapter If you are accessing the MP 202 s Web from the WAN restoring the factory settings will cause the connection to be lost since access to the Web from the WAN is blocked by default In cases where the Web server cannot be accessed for example if you ve forgotten the password or if the LAN is disabled it s possible to restore the default settings using a manual procedure gt To restore default settings manually 1 Disconnect the MP 202 DC power cable 2 Using a paper clip press the pushbutton located on the bottom of the MP 202 a pinhole at one of the corners 3 While pressing the pushbutton power up the device Keep the pushbutton pressed for another 5 seconds Note All Web based management settings and parameters not only those in the Advanced section will be restored to their default values This includes the administrator password a user specified password will no longer be valid 13 6 Diagnostics The Diagnostics screen can assist you to test network connectivity and view statistics such as the number of packets transmitted and received round trip time and success status The test tools are platform dependent and are not available simultaneously User s Manual 172 Document 299 452 100 User s
60. 00 Use the Following IP Address DHCP Relay New IP Address M Enabled New IP Address 9 1 1 General The top part of the screen Configure WAN Ethernet displays general communication parameters It is recommended not to change the default values in this screen unless you are familiar with the networking concepts they represent Since your Telephone Adapter is configured to operate with the default values no parameter modification is necessary You can configure the following general connection settings User s Manual 14 Document 299 452 100 User s Manual 9 WAN Settings Table 9 1 General Connection Settings Parameter Description Schedule Network You can configure scheduler rules in order to define time segments during which the connection is active via Advanced gt Scheduler Rules Select whether the parameters you are configuring relate to a LAN WAN connection by selecting LAN WAN from the drop down list Physical Address The physical address of the network card used for your network Some cards allow you to change this address Clone MAC Allows you to copy the current MAC address of your PC to the MAC address of this device MTU MTU is the Maximum Transmission Unit It species the largest packet size 9 1 2 permitted for Internet transmission In the default setting Automatic the Telephone Adapter selects the best MTU for your Internet connection In case you Change to manual you can enter the
61. 10 29 W Figure 10 30 Figure 10 31 Figure 10 32 Figure 10 33 Figure 10 34 Figure 10 35 Figure 10 36 Figure 10 37 Figure 10 38 Figure 10 39 Figure 10 40 Figure 10 41 Figure 10 42 Figure 10 43 User s Manu os E Fe A MP 202 Telephone Adapter Verifying a New Interface on the WAN Side sa denp Race MAGIA MIA T Input Rule Sets PEIE OPEREN PEA ANE E EESE E EAN ANE E E EAE EE res EA aeea FO ena A E E E EENE Tona ne e U E E A To a a A A TAAA Testing the aA AEA A A ica nai Bridge Options e System Monitoring Sia pebiaretieepeaeionerbeaereneianaiareaaaeeaers Example of Tagging Voice and i Untagaing L Data PAPEETE ETEA EETA E ETT WAN LAN Bridge MPRA VLAN Interface Screen seepage nb ge bend ents 40a ss tse ts esto Bridge Section of the Screen isles tnd Gee eases role E al eaag anes eaten A ee DA ep RE 2 E ates cigs densa poled dened oie densa A E Pa TE itera a e anne ee bse eed apnea edema aaa al 8 Document 299 452 Example of Using VLAN VLAN Interface Screen ccccceseeceeeeeeeee E E ET 1 Figure 9 12 PPP Compression cccceeseeees BERAE A E EAEAN MEPE PAA xine eee RENN ee Figure 9 13 Internet Cable Modem Connection ade EE ores faves ed PARROT A AA PETEN PERIA icine Figure 9 14 Point to Point Tunneling Protocol ccccccceeecceceeeceeeeeeceeceeeccesseeeceeseeeceesseeecesseesessaaessssO4 Figure 9 15 Connection Summary l R 4 Figure 9 16 VPN Cli
62. 31057 5460454 Receive Errors Oo 5 Receive Drops 0 D Time Span 12 06 56 12 06 56 14 3 System Log The System Log displays a list of the most recent activity that has taken place on the gateway User s Manual 204 Document 299 452 100 User s Manual 14 System Monitoring gt To open the system log m Click tab System Log the System Monitoring System Log screen opens Figure 14 3 System Monitoring System Log w System Monitoring Connections Press the Refresh button to update the data Type Jan 1 00 02 07 System gt 003 faa Message daemon err rmt_upd failed retrieving new version Jan 1 00 02 System 2003 Log Message daemon err Error connecting to host Jan 1 00 02 System Message daemon infto estream_connect_done 36 connection failed 2003 Log Jan 1 00 00 System 2003 Log Message daemon err Error connecting to host Jan 1 00 00 System Message daemon info estream_connect_done 36 connection failed 2003 Log Jan 1 00 00 System gt 003 ka Message daemon into rg_system_argy 261 spawned PID 34 Jan 1 00 00 System gt 003 ina Message daemon into rg_system_full 309 bin voip_task Jan 1 00 00 System 2003 fee Message daemon info SNMP Binding agent on 10 33 2 42 Jan 1 00 00 System 2003 Log kernwiwarn SOV4NCED CHANNEL CONFIGURATION before open channel OB is not initialized piesa ee yet exit function Jan 1 00 00 System a f l a gt 003 ka Message kern warn LES
63. 4 MP 202 Telephone Adapter DNS Server Domain Name System DNS is the method by which website or domain names are translated into IP addresses You can configure the connection to automatically obtain a DNS server address or specify such an address manually according to the information provided by your ISP To configure the connection to automatically obtain a DNS server address select Obtain DNS Server Address Automatically from the DNS Server drop down menu Figure 9 4 Obtain DNS Server Address Automatically DNS Server To manually configure DNS server addresses select Use the Following DNS Server Addresses from the DNS Server drop down menu refer to the figure below Specify up to two different DNS server address one primary another secondary Figure 9 5 DNS Server Settings ONS Server Use the Following ONS Sarver Addresses Primary ONS Server Secondary DNS Server Routing You can choose to setup your Telephone Adapter to use static or dynamic routing Dynamic routing automatically adjusts how packets travel on the network whereas static routing specifies a fixed routing path to neighboring destinations Table 9 2 Static or Dynamic Routing Parameters Parameter Description Routing Select Advanced or Basic routing Routing Mode Select one of the following Routing modes Route Use route mode if you want your Telephone Adapter to function as a router between two netwo
64. CPE amp Access Gateway Products Telephone Adapters with Integrated Router MP 20x series MP 202 Telephone Adapter User s Manual Version 2 4 M nu onra Document 299 452 100 April 2007 Notice This document describes the MP 202 Telephone Adapter available from Nuera Information contained in this document is believed to be accurate and reliable at the time of printing However due to ongoing product improvements and revisions Nuera cannot guarantee the accuracy of printed material after the Date Published nor can it accept responsibility for errors or omissions Updates to this document and other documents can be viewed and downloaded by registered Technical Support customers at www nuera com 2007 Nuera All rights reserved This document is subject to change without notice Refer to the current release notes that may be included with your documentation or hardware delivery Date Published Apr 10 2007 Date Printed Apr 12 2007 User s Manual 4 BAe Bilin ENE E E AE AA 9 3 2 Configuring ihe MP 202 s Network Cot TEE EEE T TPE 3 2 1 Logging In PEETRE TEE PTP EE AEA ere ne A TEE i 3 2 2 Configuring Quick Setup Screen Parameters icp othe nich E E E E T EEE E 3 2 2 1 Rain Your Internet Connection ssscsssssseessssesssseeesssseesssseeessseeees 21 ee 1 aT 5 Signaling Protec Panot ae paras sha ree Kaiaka es Pane ay 3 Packetization Time i Configuring Voi
65. E I EAE OPEN PE AERA EEA PPP Configuration PEATE P ati kaasa beatin E EEE E E E E AE E PPP Authentication PPP Encryption Internet Protocol DNS See aaa Routing Internet Connection Firewall ccsssssssssssssssevssesssssesnsseeisnseensnsssennseeesnesee 88 WAN L2TP PPPE EEES A NA ap es are ere ee psn oe see eae cee sconces 9 4 1 9 4 2 9 4 3 9 4 4 9 4 5 9 4 6 9 4 7 9 4 8 9 4 9 9 4 10 9 4 11 Creating an L2TP IPSec VPN Saadeh with the Poison Wizard MERREN Creating an L2TP IPSec VPN Connection with the Connection Wizard General PPP Configuration EEIE I E E NE AT AE NOT E E E A EA PPP ee i voscencetapaceratepaiete dacs tesogagsataycunpuanee tons tesedesianseaeeaiossciipsiessinis a AIEE gA i A APAE E EE ET E EE OO TA PEP E A ear E eea iar er ane AERUS A LE S E E PARE EEE EAE E E EREE O TA DNS SerVE aisinar netiiuresadsaibepetciaientcadapeasds ais lareieiiiabeaetiieneieieal Routing l Internet Connection Firewall aaa 95 10 VLAN and Bridge AN ee ee ee 99 10 1 Virtual LAN Interface VLAN Creation with the Connection Wizard ccccccceeccecceeccecceeececcueececcauececcueeaeeseeeaeesass GOMES Al cceccccceccecceccecceccccuecuucuucueccucceucuececsueaueuseauucuuseusaucueceesuucuecuecaecueeueenseaeeass 10 1 1 10 1 2 User s Manual 4 Document 299 452 100 User s Manual 11 13 Adva 10 1 7 ii r abia Distribution 10 1 5 Arian Connecti
66. Ethernet and WAN Ethernet refer to the figure below Figure 10 39 WAN LAN Bridge ae Network Bridging Configure your bridge properties Bridged Connections Name Status Connected E CaN Ethernet Disconnected lt Back j eat j x Cancel J 5 For VolP add VLAN Interface 200 VID 200 and choose option Bridge in the drop down list of parameter Underlying Device refer to the figure below Figure 10 40 VLAN Interface Screen Sed VLAN Interface Configure new VLAN interface 7 Underlying Device WAN Ethernet WAN Ethernet VLAN ID LAN Ethernet Bridge Version 2 4 125 April 2007 Mi a U E R A MP 202 Telephone Adapter 6 Set the bridge interface In the Bridge section of the Network Connection screen edit the Bridge and WAN interfaces to enable VLAN for all VLAN IDs refer to the screen below Figure 10 41 Bridge Section of the Screen Bridge F Bridge Disabled Connected WAN Ethernet Disabled Connected LAN Ethernet Disabled E gt Connected CI F Wan Ethernet 2 Connected Figure 10 42 VLAN Settings ae VLAN Settings Enable VLAN Default YL4N ID All VLAN IDs 7 Set the bridge to use No IP Address Click Apply and OK and then click OK again Figure 10 43 No IP Address Internet Protocol Obtain an iP Address Automatically No IP Address Override Subnet Mask Obtain an IF Address Automatically Use the Following IP Add
67. Internet access to servers in the home network The Port Forwarding feature supports both of these functionalities The Port Forwarding screen lets you define the applications that require special handling by the gateway You must select the application s protocol and the local IP address of the computer that will be using or providing the service If required you can add new protocols in addition to the most common ones provided by the gateway For example to use an FTP application on one of your PCs select FTP from the list and enter the local IP address or host name of the designated computer all FTP related data arriving at the gateway from the Internet is then forwarded to the specified computer Similarly to grant Internet users access to servers inside your home network you must identify each service that you want to provide and the PC that will provide it For example to host a Web server inside the home network you must select HTTP from the list of protocols and enter the local IP address or host name of the computer that will host the Web server When an Internet user points her browser to the external IP address of the gateway it forwards the incoming HTTP request to the computer that is hosting the Web server Additionally port forwarding enables you to redirect traffic to a different port instead of the one to which it was designated If for example you have a Web server running on your PC on port 8080 and you want to gr
68. N Ethernet Device Name etho eth1 Status Connected Connected Network WAN LAN Connection Type Ethernet Ethernet MAC Address 00 90 5f 09 ef 5e 00 90 8f 09 95 e2 IP Address 10 53 2 42 192 168 2 1 Subnet Mask 255 255 0 0 255 255 255 0 Default Gateway 10 33 0 1 10 1 1 11 10 1 1 10 DHS Server IF Sddress Distribution Disabled DHCP Server Received Packets 199037 10070 Sent Packets BF 66 10956 Time Span 12 00 41 12 00 41 2 Click the Refresh button to update the display or press the Automatic Refresh On button to constantly update the displayed parameters Version 2 4 203 April 2007 ma UF E Fe A MP 202 Telephone Adapter 14 2 Traffic The gateway is constantly monitoring traffic within the local network and between the local network and the Internet You can view up to the second statistical information about data received from and transmitted to the Internet WAN and about data received from and transmitted to computers in the local network LAN gt To view traffic statistics Click tab Traffic the System Monitoring Traffic screen opens Figure 14 2 System Monitoring Traffic ail System Monitoring Connections Name WAN Ethernet LAN Ethernet Device Name etho eth1 Status Connected Connected Network WAN LAM Connection Type Ethernet Ethernet IP Address 10 353 2 42 192 168 2 1 Received Packets 200364 10700 Sent Packets 2849 11650 Received Bytes 18828215 2123257 Sent Bytes 16
69. Other Events Remote Administration Attempts Connection States Log Buffer Prevent Log Overrun ICMP Replay ICMP Redirect ICMP Multicast ICMP Flood 2 Select the types of activities for which you would like to have a log message generated Accepted Events e Accepted Incoming Connections Write a log message for each successful attempt to establish an inbound connection to the home network e Accepted Outgoing Connections Write a log message for each successful attempt to establish an outgoing connection to the public network Version 2 4 161 April 2007 Nt H U E Fre A MP 202 Telephone Adapter Blocked Events e All Blocked Connection Attempts Write a log message for each blocked attempt to establish an inbound connection to the home network or vice versa You can enable logging of blocked packets of specific types by disabling this option and enabling some of the more specific options below it e Specific Events Specify the blocked events that should be monitored Use this to monitor specific event such as SynFlood A log message will be generated if either the corresponding check box is checked or the check box All Blocked Connection Attempts is checked Other Events e Remote Administration Attempts Write a log message for each remote administration connection attempt whether successful or not e Connection States Provide extra information about every change in a
70. P 202 Telephone Adapter 4 Name the service in the parameter Service Name and click the link New Service Ports the Edit Service Server Ports screen appears refer to the figure Figure 13 37 Advanced Protocols Edit Service Server Ports m Edit Service Server Ports Protocol Other Frotocol Number j A Cancel J 5 You may choose any of the protocols available in the combo box or add a new one by selecting Other When selecting a protocol from the combo box the screen refreshes presenting the respective fields by which to enter the relevant information 6 Selecta protocol and enter the relevant information 7 Click OK to save the settings User s Manual 202 Document 299 452 100 User s Manual 14 System Monitoring 14 System Monitoring The System Monitoring screen displays important system information including m Key network device parameters Network traffic statistics The system log The length of time that has transpired since the system was last started Voice over IP 14 1 Connections gt To monitor connections 1 Click the menu System Monitoring in the left sidebar the System Monitoring screen tab Connections is displayed showing a read only summary with the exception of linked parameter IP Address Distribution of the monitored connection data refer to the figure Figure 14 1 System Monitoring Connections re System Monitoring Name WAN Ethernet LA
71. P address provided by your ISP changes the DNS database will change accordingly to reflect the change In this way even though your IP address will change often your domain name will remain constant and accessible 13 18 1 Opening a Dynamic DNS Account To be able to use the DDNS feature you must first open a free DDNS account at http www dyndns org account create html When applying for an account you will need to specify a user name and password Have them readily available when customizing the MP 202 s DDNS support For detailed information on DDNS refer to http www dyndns org gt To open a dynamic DNS account m Click the icon Dynamic DNS in the Advanced screen of the Management Console the Dynamic DNS connections screen opens refer to the figure displaying a table showing the different connections and their DDNS aliases Figure 13 24 Advanced Dynamic DNS t Dynamic DNS Connections Connection Provider User Host Wildcard Mail Backup Offline Status Action Name Name Name Exchanger Mx Add Ete Connection Press the Refresh button to update the status YOK j T Apply j X Cancel See ern j m Click the link Add Connection to add a new connection alternatively click the icon under Action the Dynamic DNS screen appears refer to the figure Figure 13 25 Advanced Dynamic DNS j Dynamic DNS Connection WAN Ethernet Provider dyndns org Click Here to Initiate and Manage your Subs
72. Shaping ey Edit Device Traffic Shaping Device Default WAN device Traffic Shaping Tx Bandwidth 250 Kbits s Rx Bandwidth 97656 bits s TCP Serialization when Active voice Calls Exist Maximum Delay 20 ms 640 bytes Shaping Classes Class ID Mew Entry Version 2 4 Name Priority TH Bandwidth Rx Bandwidth Kbits s Kbits s Status Action Reserved Maximum Reserved Maximum mo col 71 April 2007 _ rz i FE amh MP 202 Telephone Adapter 6 Click OK to submit the new definition Figure 8 13 QoS Edit Device Traffic Shaping Submitting the Configuration a Quality of Service Traffic BSP S z ip Class Priority Settings Settings Statistics Device Rx Bandwidth Tx Bandwidth TCP Kbits s Kbits s Serialization M Default WAN device 97656 250 20 ms 640 bytes Mew Entry 7 Click OK again to exit the QoS page and return to the main page User s Manual 72 Document 299 452 100 User s Manual 9 WAN Settings 9 WAN Settings To change the WAN mode from its default connection type Ethernet to PPP choose from the Connection Type drop down list in the Quick Setup screen Alternatively click link New Connection in the Network Connections screen check the Advanced Connection radio button and then choose the connection type 9 1 WAN Ethernet WAN Ethernet is the default mode WAN Ethernet is used to connect the MP 202 to the network either dire
73. Telephone Adapter 8 Click Next the screen Connection Summary opens refer to the figure Figure 9 22 Connection Summary ae Connection Summary You have successfully completed the steps needed to create the following connection e Layer 2 Tunneling Protocol to 191 52 3 1 VPM server User Name john_smith Edit the Newly Created Connection Press Finish to create the connection A Cancel 9 Check the check box Edit the Newly Created Connection to be routed to the new connection s configuration screen after clicking Finish 10 Click Finish to save the settings the new L2TP IPSec VPN connection is added to the network connections list and is configurable like any other connection 9 4 2 Creating an L2TP IPSec VPN Connection with the Connection Wizard gt To create a new L2TP IPSec VPN connection take these steps 1 Click the link New Connection in the screen Network Connections the screen Connection Wizard opens 2 Select the radio button Connect to a Virtual Private Network over the Internet and click Next the screen Connect to a Virtual Private Network over the Internet opens User s Manual 92 Document 299 452 100 User s Manual 9 WAN Settings 3 Select the radio button VPN Client or Point To Point and click Next the screen VPN Client or Point To Point opens refer to the figure Figure 9 23 VPN Client or Point To Point ae VPN Client or Point To
74. When using Maximum Segment Size MSS Clamping TCP streams routed Reduce Voice Delay via the MP 202 when a voice call is active will have a smaller segment size This will cause RTP to receive a better priority and will help prevent high voice jitter that results of slow upstream transmission rate as common with most WAN connections DSL DOCSIS etc 5 1 3 1 Configuring Codecs Codecs define the method of relaying voice data Different codecs have different characteristics such as data compression and voice quality For example G 723 is a codec that uses compression so it is good for use where bandwidth is limited but its voice quality is not as good compared to other codecs such as the G 711 5 1 3 2 Supported Codecs To make a Call at least one codec must be enabled Moreover all codecs may be enabled for best performance When you start a call to a remote party your available codecs are compared against the remote party s to determine which codec will be used The priority by which the codecs are compared is according to the descending order of their list depicted in the figure above To change the priorities rearrange the codecs in the required order If there is no codec that both parties have made available the call attempt will fail Note that if more than one codec is common to both parties you cannot force which of the common codecs that were found will be used by the remote party s client If you do wish to force the use
75. YOK j EApply j i A Cancel J Resolve Now Refresh j User s Manual 140 Document 299 452 100 User s Manual 12 Security 2 Click the link New Entry the screen Add Access Control Rule opens refer to the figure below Figure 12 4 Add Access Control Rule Add Access Control Rule Address Protocol Schedule Always X Cancel 3 The parameter Address enables you to specify the computer or group of computers for which you would like to apply the access control rule You can select between any or a specifc computer address in your LAN If you choose the Specify Address option the screen will refresh and an Add link appears Click it to specify a computer address Specify an address by creating a Network Object 4 The parameter Protocol lets you select or specify the type of protocol to be used In addition to the list of popular protocols it provides you may also choose any or a specifc protocol If you choose option Specify Protocol the screen refreshes and an Add link appears Click it to specify a protocol address 5 The parameter Schedule allows you to define the time period during which this rule will take effect You can select between Always or a specific schedule If you choose the option Specify Schedule the screen refreshes and an Add link appears Click it to specify a schedule 6 Click OK to save your settings the Access Control screen displays a summary of the ru
76. a point to point connection to be established in the normally multipoint architecture of Ethernet A discovery process in PPPoE determines the Ethernet MAC address of the remote device in order to establish a session General Table 9 3 PPPoE Parameter Descriptions Parameter Description Schedule Network MTU You can configure scheduler rules in order to define time segments during which the connection is active via Advanced gt Scheduler Rules Select whether the parameters you are configuring relate to a LAN WAN connection by selecting LAN WAN from the drop down list MTU is the Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission The default setting Manual allows you to enter the largest packet size that will be transmitted The recommended size is 1492 You should leave this value in the 1200 to 1500 range To have the Telephone Adapter select the best MTU for your Internet connection select Automatic Underlying Specify the underlying connection above which the protocol will be initiated Connection Figure 9 8 General PPPoE Settings General Device Name pppo Status Disconnected Schedule Always Network WAN Connection Type PPPoA MTU Automatic 1492 Underlying Connection WAN DSL 9 2 2 PPP Configuration Point to Point Protocol PPP is the most popular method for transporting packets between the user and the Internet service pr
77. agnostic Tools Allow Incoming ICMP Echo Requests e g pings and ICMP traceroute queries Allow Incoming UDP Traceroute Queries JCMS Outgoing M Allow the Remote Upgrade Server to Control MP202 t Configure MP202 Firmware Upgrade JCMS Incoming Listen ta JCMS Incoming Requests on Port 7020 Accept ICMS Incoming Packets Listen to JCMS SSL Incoming Requests on Port oz Accept ICMS SSL Incoming Packets Telnet and Web Management can be used to modify the settings of the firewall or to disable it Users can also change local IP addresses and other settings making it difficult or impossible to access the Telephone Adapter from the home network Therefore remote access to Telnet or HTTP services should be blocked and should only be permitted when absolutely necessary gt To allow remote access to MP 202 services 1 Click the Remote Administration button The Remote Access Configuration screen will appear refer to the figure above 2 Select the services that you would like to make available to computers on the Internet User s Manual 168 Document 299 452 100 User s Manual 13 Advanced Settings Click OK to save your changes and return to the Security Settings screen Encrypted remote administration is done using a secure SSL connection that requires an SSL certificate When accessing the MP 202 for the first time using encrypted remote administration you will be prompted by your brow
78. ame manner this parameter limits the gateway s bandwidth reception rate to that of the DSL modem TCP Serialization You can enable TCP Serialization in its combo box either for active voice calls only or for all traffic The screen will refresh adding a Maximum Delay field refer to the figure This function allows you to define the maximal allowed transmission time frame in milliseconds of a single packet Any packet that requires a longer time to be transmitted will be fragmented to smaller sections This avoids transmission of large bursty packets that may cause delay or jitter for real time traffic such as VoIP 8 1 2 Shaping Classes The bandwidth of a device can be divided in order to reserve constant portions of bandwidth to predefined traffic types Such a portion is known as a Shaping Class When not used by its predefined traffic type or owner for example VoIP the class will be available to all other traffic However when needed the entire class is reserved solely for its owner Moreover you can limit the maximum bandwidth that a class can use even if the entire bandwidth is available When a shaping class is defined for a specific traffic type two shaping classes are created The second class is the Default Class responsible for all the packets that do not match the defined shaping class or any other classes that may be defined on the device This can be viewed in the Class Statistics screen Version 2 4
79. ameters Table 5 11 VoIP Voice and Fax Parameter Description Line 1 Voice Volume The voice volume of line 1 2 the gain from the network towards the local Line 2 Voice Volume phone Default 0 dB Enable Automatic Gain When enabled when the box is checked the device will adjust the voice Control volume automatically to compensate for a weak or loud signal Minimum Delay The initial and minimal delay of the adaptive jitter buffer mechanism which compensates for network problems The value should be set according to the expected average jitter in the network in milliseconds Default 35 msec Optimization Factor The adaptation rate of the jitter buffer mechanism Higher values will cause the jitter buffer to respond faster to increased network jitter Default 7 Enable Silence Check to enable silence compression for reducing the network bandwidth Compression consumption Default Disabled Enable Echo Check to enable echo cancellation disabling echo cancellation should be Cancellation done for testing purposes only Default Enabled Fax Transport Mode Selects the way fax calls are handled Transparent Fax is transferred in band like a voice call can be used if the codec is G 711 T 38 Relay Fax is relayed to the remote side according to the T 38 standard VBD Voice Band Data Switch to G 711 via SIP messaging Bypass An automatic switch to Nuera s proprietary payload type 102 103 Fax Bypass Code
80. ant access to this server to anyone who accesses the gateway via HTTP do the following m Define a port forwarding rule for the HTTP service with the PC s IP or host name E Specify 8080 in the field Forward to Port All incoming HTTP traffic will now be forwarded to the PC running the Web server on port 8080 When setting a port forwarding service you must ensure that the port is not already in use by another application which may stop functioning A common example is when using SIP signaling in Voice over IP the port used by the gateway s VoIP application 5060 is the same port on which port forwarding is set for LAN SIP agents User s Manual 142 Document 299 452 100 User s Manual 12 Security Some applications such as FTP TFTP PPTP and H323 require the support of special specific Application Level Gateway ALG modules in order to work inside the home network Data packets associated with these applications contain information that allows them to be routed correctly An ALG is needed to handle these packets and ensure that they reach their intended destinations OpenRG is equipped with a robust list of ALG modules in order to enable maximum functionality in the home network The ALG is automatically assigned based on the destination port gt To add a new port forwarding service 1 Select the tab Port Forwarding in the screen Security the screen Port Forwarding opens refer to the figure Figure 12 5
81. ara aiaa aaeain Advanced Dynamic DNS DHCP Server Summary POE EERE A EA PEE ETE Advanced IP Address Distribution DHCP SOLVED cossesccscsssssecsssssssssesesssssecesssssseeeeeesse Four Tan DRGF Servar FBI fa rciccsancseateqensasceiocaqessysedicsciesldatis snqsanstiarsdaediomaatedatdiapsamesnarsisnlaarseouns 196 Figure 13 29 Advanced IP Address Distribution DHCP Relay i 197 Figure 13 30 Advanced IP Address Distribution DHCP Relay New IP Address 197 Figure 13 31 Advanced IP Address Distribution Connection List ano TAN Figure 13 32 Advanced IP Address Distribution Connection List New Static Connection rere 198 Foue Toa DONS SENEI arreir onide in i EE Ee aade ieiti 199 Figure 13 34 DNS Entry IENEI TIAE EAE I AEA E EE EN TAE i 3 Figure 13 35 Advanced Protocols EN EEEE AN EEE E EN AA AE E I ETAN 201 Figure 13 36 Advanced Protocols Edit Service cccccccssesseccecesesececeseeseeeeesseeeeeeessenseeeesseeases 201 Figure 13 37 Advanced Protocols Edit Service Server Ports ccccccseeeeeeeeeeeeeeeeeeaeeeeeeeaeaees 202 Figure 14 1 System Monitoring Connections cccceseccceceeesseeeesseeseeeeenseeseeeeesseaseeeecsseaseesessaeases 203 Figure 14 2 System Monitoring Traffic EEEE EIEE TS EEEE E E EEE 204 Figure 14 3 System Monitoring System Log cccccccscssseceecessseeeceseeseeseceseacesecsseaseeesssauseeeessnansss 205 Figure 14
82. ask User s Manual Obtain an IF Address Automatically 102 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings Use the Following IP Address Your WAN connection can be configured using a permanent static IP address Your service provider should provide you with this IP address subnet mask and the default Telephone Adapter IP address Figure 10 5 Internet Protocol Settings Static IP Internet Protocol IP Address Subnet Mask Default Gateway DNS Server Primary DNS Server Secondary DNS Server 10 1 3 IP Address Distribution The IP Address Distribution section allows you to configure the device s Dynamic Host Configuration Protocol DHCP server parameters The DHCP automatically assigns IP addresses to network PCs If you enable this feature make sure that you also configure your network PCs as DHCP clients For a comprehensive description of this feature refer to Section 10 28 Select one of the following options from the IP Address Distribution combo box Version 2 4 103 April 2007 UUN we FF MP 202 Telephone Adapter Table 10 2 IP Address Distribution Parameters Parameter Description DHCP Server Start IP Address The first IP address that may be assigned to a LAN host Since the device s default IP address is 192 168 2 1 this address must be 192 168 2 2 or greater End IP Address The last IP address in the range that can be used to automatically assign IP add
83. ate For each compression algorithm select one of the following from the drop down menu Table 9 10 PPTP Compression Parameters Parameter Description Reject Reject PPP connections with peers that use the compression algorithm Allow Allow PPP connections with peers that use the compression algorithm Require Ensure a connection with a peer is using the compression algorithm 9 4 8 Internet Protocol Refer to Internet Protocol Settings on page 75 9 49 DNS Server Refer to DNS Server on page 76 9 4 10 Routing Refer to Routing on page 76 User s Manual 96 Document 299 452 100 User s Manual 9 WAN Settings 9 4 11 Internet Connection Firewall Refer to Internet Connection Firewall on page 77 Version 2 4 97 April 2007 User s Manual 10 VLAN and Bridge Settings 10 VLAN and Bridge Settings 10 1 Virtual LAN Interface VLAN 10 1 1 Creation with the Connection Wizard gt Tocreate a new VLAN interface 1 Click the New Connection link in the Network Connections screen refer to the figure the Connection Wizard screen opens refer to the figure 2 Select the Advanced Connection radio button and click Next the Advanced Connection screen appears refer to the figure 3 Select the VLAN Interface radio button and click Next The VLAN Interface screen appears refer to the figure Figure 10 1 VLAN Interface ae VLAN Interface Configure new VLAN interface Unde
84. ate amp Time settings screen will be displayed Figure 13 20 Date amp Time Settings ae Date and Time Localization Local Time cep 5 2004 10 12 56 Time Zone GMT GhIT 00 00 4 Daylight Saving Time __ Enabled Start Mar 28 x po foo oct 23 for po Bo Minutes Automatic Time Update e Enabled Time Of Day TOD Network Time Protocol NTP3 Update Every 4 Hours Time Server Action Protocol ntp jungo com Hew Entry Status Waiting for response from serwer 2 Select the local time zone from the pull down menu The MP 202 can automatically detect daylight saving setting for selected time zones If the daylight saving settings for your time zone are not automatically detected the following fields will be displayed User s Manual 186 Document 299 452 100 User s Manual Enabled Start End Offest gt a 13 Advanced Settings Select this check box to enable daylight saving time Date and time when daylight saving starts Date and time when daylight saving ends Daylight saving time offset For the Telephone Adapter to perform an automatic time update Select the Enabled checkbox under the Automatic Time Update section Select the protocol to be used to perform the time update by selecting wither the Time of Day or Network Time Protocol radio button Specify how often to perform the update in the Update Every field You can define time server address
85. ation file using the CLI 1 Using Telnet access the device and enter the user name and password 2 Enter the command rmt_config for example Version 2 4 rmt_config u http myserver com my_conf_file conf 183 April 2007 MP 202 Telephone Adapter gt To enable automatic configuration download at power up 1 Using Telnet access the device and enter the user name and password 2 Set the following configuration parameters rg_conf_set rmt_config enabled 1 rg_conf_set rmt_config url lt required url gt for example rg_conf_set rmt_config url http myserver com my_conf_file conf The next time the device is powered up it will attempt to download the configuration file Notes m The configuration parameter rmt_config version defines the version of the configuration file The device uses the new configuration file only if the version that is defined in this file is larger than the current version By default the version is set to O This means that each time Service Providers operations personnel require the device to download a new configuration file they need to increment the version parameter in the new file in the conf file the version parameter is under the section rmt_config m The remote configuration file can include a subset of the complete mp202 conf file A recommended procedure is to upload a mp202 conf file from a working device system and remove all sectio
86. ation on the traffic moving through your defined device classes For example the amount of packets sent dropped or delayed are just a few of the parameters that you can monitor per each shaping class To view your Class statistics press the QoS button on the sidebar and then click the Class Statistics tab The following screen will appear refer to the figure Version 2 4 69 April 2007 8 6 a UF E F A MP 202 Telephone Adapter Class statistics will only be available after defining at least one class otherwise the screen will not present any information Figure 8 11 QoS Class Statistics a Quality of Service Class Packets Bytes Packets Packets Rate Packet Sent Sent Dropped Delayed bytes s Rate LAN Bridge Gaming J2 fli 0 0 13 T Derauk 557 326143 0 0 2984 5 Class WAN Ethernet VoIP 12 870 0 0 J D FTP D D 0 0 D Default 39 3167 0 0 42 D Class spo Reftzsh Configuring Basic VoIP QoS The Traffic Shaping feature only ensures priority to calls that are originated inside the MP 202 When giving VoIP priority over data the bottleneck is effectively moved from the Cable ADSL modem into the MP 202 To give priority to calls from the LAN you must define a traffic priority rule for SIP and RTP from the device on the LAN This section recommends a minimal QoS configuration that ensures sufficient QoS for VoIP calls when the gateway is connected behind a broadband cable or DSL mo
87. ature Routing Table Allows you to add or modify routes when this device is active Use the New Route button to add a route or edit existing routes 9 1 5 Advanced Routing Properties Refer to Routing on page 82 9 1 6 Internet Connection Firewall Your Telephone Adapter s firewall helps protect your computer by preventing unauthorized users from gaining access to it through a network such as the Internet The firewall can be activated per network connection To enable the firewall on this network connection select the Enabled check box For detailed information on your Telephone Adapter s security features refer to Security on page 137 Figure 9 6 Internet Connection Firewall Internet Connection Firewall Enabled Figure 9 7 Additional IP Addresses Additional IF Addresses New IF Address You can add alias names additional IP addresses to the Telephone Adapter by clicking the link New IP Address This enables you to access the Telephone Adapter using these aliases in addition to 192 168 1 1 and http mp202 home Version 2 4 Tf April 2007 MP 202 Telephone Adapter 9 2 9 2 1 WAN PPPoE Point to Point Protocol over Ethernet PPPoE relies on two widely accepted standards PPP and Ethernet PPPoE enables your home network PCs that communicate on an Ethernet network to exchange information with PCs on the Internet PPPoE supports the protocol layers and authentication widely used in PPP and enables
88. bjects in the Advanced screen of the Web based Management the Network Objects screen appears refer to the figure Network Objects 2 Click the link New Entry the Edit Network Object screen appears refer to the figure Edit Network Object 3 Name the network object in the Description field and click New Entry to actually create it the Edit Item screen appears refer to the figure 4 The source address can be entered in one of the following methods IP Address 8 IP Subnet e IP Range MAC Address Host Name 5 When selecting a method from the combo box the screen refreshes presenting the respective fields by which to enter the relevant information Edit Item 6 Select a method and enter the source address accordingly 7 Click OK to save the settings Dynamic DNS The Dynamic DNS DDNS service enables you to alias a dynamic IP address to a static hostname allowing your computer to be more easily accessible from various locations on the Internet Typically when you connect to the Internet your service provider assigns an unused IP address from a pool of IP addresses and this address is used only for the duration of a specific connection Dynamically assigning addresses extends the usable pool of available IP addresses whilst maintaining a constant domain name Version 2 4 191 April 2007 ri UJ EE FE aA MP 202 Telephone Adapter When using the DDNS service each time the I
89. c DNS 13 1 Remote Administration System Settings by Date and Time all IF Sddress Distribution 13 Advanced Settings It is possible to access and control the MP 202 not only from within the home network but also from the Internet This allows you to view or change settings while travelling It also enables you to allow your ISP to change settings or help you trouble shoot functionality or communication issues from a remote location Remote access to the MP 202 is blocked by default to ensure the security of your home network However remote access is supported by the following services and you may use the Remote Access Configuration screen to selectively enable these services if they are needed gt Toview the device s remote administration options Click the icon Remote Administration in the Advanced screen of the Web based management the Remote Administration screen appears Version 2 4 167 April 2007 MP 202 Telephone Adapter Figure 13 2 Remote Administration Allow Incoming Access to the Telnet Server Using Primary Telnet Port 23 Using Secondary Telnet Port 8023 Using Secure Telnet over SSL Port 992 Allow Incoming Access to the Web Management Using Primary HTTP Port 80 Using Secondary HTTP Port 8080 Using Primary HTTPS Port 4433 Using Secondary HTTPS Port 84434 Allow SNMP Control and Diagnostic Requests Allow Incoming SNMP Requests Di
90. can only use files with an rmt extension when performing the firmware upgrade procedure 1 Click the icon MP 202 Firmware and Configuration Upgrade from the Advanced screen the screen MP 202 Firmware and Configuration Upgrade opens refer to the figure Figure 13 14 MP 202 Firmware and Configuration Upgrade Upgrade From the Internet Automatically Check for Mew Versions and Upgrade MP202 Check every 24 hours at URL https Awww audiocodes com opent Next check scheduled in 0 30 hours Status No response received fram the upgrade server Internet Version Wo new version available Upgrade From a Computer in the Network ee Select an updated MP202 firmware file from a computer s hard drive or CD on the network a Press the Refresh button to update the status E a Version 2 4 181 April 2007 MP 202 Telephone Adapter 2 In the screen section Upgrade From a Computer in the Network click the button Upgrade Now the screen Upgrade From a Computer in the Network opens refer to the figure Figure 13 15 Upgrade From a Computer in the Network oe Upgrade From a Computer in the Network Parad Browse to locate the file then press OK to begin the firmware upgrade process Uploading the firmware upgrade file may take a few minutes Interrupting the upload process may result in an inoperable device Please wait until a completion message appears before rebooting 3 Enter the path o
91. ce and Fax Parameters Configuring Services Parameters Configuring Line Settings Screen Configuring Speed Dial Settings Connecting the MP 202 to a VoIP Service Provider snnnnsnnnnnnnnnnnnnnnnnnnnnn OT 6 1 Opening a SIP FCC irrteccrarrcrestciservovsnrticthieniieradtarsacemniahamineimint D1 G2 Conigunng VoF Pala Otel E ecim Making VolP Calls Fy Pena O Aaa AEE aa a 7 2 Answering a Waiting Call E PEIA IE AA A E AOT Ta PU a R AE E EE ATA 7 4 Performing a Call e cecccecsescsscssssssisssssssissstiesstsssttssistsestssee 54 7 5 Establishing a 3 7 6 Forwarding Calls to Another Phone Vay Conference Quality o of Se a vi e gt 3S Q 8 1 Traffic hei ote apa aea a SAE 8 1 1 Device Traffic Shaping 57 Version 2 4 3 April 2007 n a UI E FE A 8 2 8 4 WAN Settings 9 1 9 4 MP 202 Telephone Adapter 8 1 2 Shaping Classes eo0annnnnoannnnnnennnnesnnrrreserrrrersrnrrressnrrrersnnrrresnrrressnrrrersnnrrrenn 59 8 1 2 1 Class Rules ccccccsecosccecoecsecceccssceccecsecnccecnsucecserseeceecenceecaccanceas re 62 Traffic Priority vecccmesscrcmensteacies EENEN E EAE ET TEN E E EE oe DSCP Mapping E E aa Class Statistics IARE rima P EAEE EEA VOERE A TE ATT 69 COIS Basie VolP Fa ern vin dicaedineacnereneuetniierininaurnicuieeunendatpadiaemiaunet 0 BEB BBR RBBB RRB BBR RRR RRR RR RR RRR RRR RR RRR RRR
92. ce the NAT mapping already exists therefore NAT has failed Malformed packet Failed parsing a packet has been blocked because it is malformed Passive attack on ftp server Client attempted to open Server ports a packet has been blocked because of an unauthorized attempt to open a server port FTP port request to 3rd party is forbidden Possible bounce attack a packet has been blocked because of an unauthorized FTP port request Firewall Rules were changed the firewall rule set has been modified User authentication a message during login time including both successful and failed authentication First packet is Invalid First packet in connection failed to pass firewall or NAT User s Manual 164 Document 299 452 100 User s Manual 13 Advanced Settings 13 Advanced Settings This section of the Web based Management is intended primarily for more advanced users Some changes to settings within this section could adversely affect the operation of the MP 202 and the home network and should be made with caution From the Advanced screen you can refer to the table below Table 13 1 Action Icons in the Advanced Screen Icon What you can do is Configure remote administration privileges Remote Administration i View technical information about the gateway including version number T About the MP 202 Load the Configuration File to the MP 202 Configuration File tt Restart the MP 202 a Restart
93. cessed through a Web browser For detailed information on the gateway s Web management interface refer to Using the MP 202 s Web Interface on page 27 gt To access the Web based management interface 1 Launch a Web browser on your PC Version 2 4 19 April 2007 noO ERA MP 202 Telephone Adapter 2 With your PC connected directly to the MP 202 use URL http mp202 home to access the Web based management interface the Welcome to Your MP 202 screen appears refer to the figure you can click the link Add to Favorites to add a shortcut to the screen in your Favorites folder for future access Figure 3 2 Welcome Screen ra Welcome to Your MP202 A Attention This i r first login to MP202 Management Console a a kipi 7 182 168 2 1 in order to access MP202 Management Console MP202 Management Console you can click Add to Favorites You should tet as sure that cookies are enabled in the browser To do that you s should go to Tools gt Internet Options gt Privacy gt Advance d Please select language for MP202 Management Console Language EN English x 3 Press OK to continue the Login Setup screen appears refer to the figure 3 2 1 Logging In The figure below shows the Logging In screen Figure 3 3 Logging In ra Login Setup Please configure MP202 s username and password User Name admin New Password Retype New Password gt To log in take these steps 1 The default User
94. creen Network Connections opens N Click the link WAN Ethernet the WAN Ethernet Properties screen opens 8 Press the button Settings the screen Configure WAN Ethernet opens 9 In the screen section Routing select Advanced from the drop down list the screen refreshes 10 In the Routing Mode drop down list select Route this changes the gateway s WAN to work in routing mode which is necessary in order for DHCP relaying to function correctly 11 Click OK to save the settings Version 2 4 197 April 2007 Sm oF E Fe A wa MP 202 Telephone Adapter 13 19 3 DHCP Connections gt To view a list of computers currently recognized by the DHCP server 1 Open the screen IP Address Distribution and click button Connection List refer to the figure the IP Address Distribution screen opens Figure 13 31 Advanced IP Address Distribution Connection List oe DHCP Connections alan 192 168 2 2 O0 90 27 1d 9d f5 Dynamic LAN Ethernet Active 51 minutes ol Ee E a New Static Connection Ae Press the Refresh button to update the data gt To define a new connection with a fixed IP address 1 Click the link New Static Connection the screen DHCP Connection Settings opens refer to the figure Figure 13 32 Advanced IP Address Distribution Connection List New Static Connection P DHGP Connection Settings Host Name hew host IP Address lo E fo fo MAC Address foo
95. creen shown below Figure 10 24 Testing the Setup Source Destination Protocol Info Frame 40 78 bytes 78 bytes captured G Ethernet II src 00 90 87 03 20 dd Dst 00 90 8fF 03 20 d7 G 802 1q Virtual LAN IIi eee oe oe eye F J Seee mien eee CFI 0001 0010 1100 ID 300 Type IP Ox0800 G Internet Protocol src Addr 3 3 3 3 3 3 3 3 Dst Addr 3 3 3 1 3 3 3 1 2 Connect a PC to the LAN port of MP202 1 or 2 and send traffic ICMP Verify that the ICMP traffic is tagged 802 1q and that it is using VLAN 521 Figure 10 25 Testing the Setup Time 1 0 000000 2 0 000748 3 1 000307 4 1 000930 5 2 000492 6 x amp Lf a E yj a PT TS RT LT RT LT FL E a a a a a a a E I Destination Protocal Info l ICMP Echo ping request ICMP Echo ping reply ICMP Echo ping request ICMP Echo ping reply ICMP Echo ping request ping reply ping request ping reply 001113 t en u A T E a a a a a a a a I en eee T a a a a a a a a oo un a an en e H Frame 6 78 bytes on wire 78 bytes captured a Ethernet II src 00 90 8fF 03 20 dd Dst 00 90 87 03 20 d 7 3 802 19 Virtual LAN MME ass Bae eee Priority 0 Fa ities Gee Ree CFI O 0010 0000 1001 ID 521 Type IP 0x0800 a Internet Protocol Src Addr 5 5 5 5 5 5 5 5 Dst Addr 5 5 5 1 5 5 5 1 User s Manual 114 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 3 Connect
96. cription User Name Password Host Mame Wildcard Mail Exchanger Backup Mx Offline User s Manual 192 Document 299 452 100 User s Manual 13 Advanced Settings E Configure the DDNS parameters Use the table below as a reference Table 13 4 Dynamic DNS Parameter Descriptions Dynamic DNS Parameter Description Connection In a single WAN scenario the connection parameter appears as static text non configurable However if you have multiple WAN devices a combo box appears refer to the figure enabling you to select the connection to which you would like to couple the DDNS service The DDNS service only uses the chosen device unless fail over is enabled In this case the failed to device will be used instead assuming its route rules consent until the chosen device is up again Provider Select your DDNS service provider Currently only dyndns org is supported Click Here to Initiate and Manage your Subscription Clicking this link opens a new browser page in http www dyndns com account User Name Enter your DDNS user name Password Enter your DDNS password Host Name Enter your full DDNS domain name Wildcard Select this check box to enable use of special links such as www lt yourhost gt dyndns org Mail Exchanger Enter your mail exchange server address to redirect all e mails arriving at your DDNS address to your mail server Backup MX Select this check box to designate the mail
97. cted Administration Enabled Version 2 4 107 April 2007 MP 202 Telephone Adapter 10 1 7 Additional IP Addresses You can add alias names additional IP addresses to the Telephone Adapter by clicking the New IP Address link This enables you to access the device using these aliases in addition to 192 168 1 1 and htto MP 202 home Figure 10 13 Additional IP Addresses Additional IP Addresses New IP Address 10 1 8 Example of Configuring 3 VLANs VoIP Data and Management This example explains how to configure three separate VLANs VoIP data and management Setup Two MP 202s are connected to the switch Both are configured to use VLAN 300 for VoIP VLAN 521 for Data and VLAN 311 for management A station is connected to the switch in VLAN 311 management Figure 10 14 Using VLAN Setup EA 03 GA CA CI G Switch VolP VLAN 300 MO IP 3 3 3 3 VolP VLAN 300 MO IP 3 3 3 1 Data VLAN 521 M1 IF 5 5 5 5 Data VLAN S21 M1 IF 5 5 5 1 Mgmt VLAN 311 M2 IP 11 11 11 11 Mgmt VLAN 344 M2 IP 11 11 11 14 Stalle route 11 11 0 0 MASK 255 255 0 0 Static route 11 11 0 0 MASK 255 255 0 0 gt default GWW 11 11 11 11 gt default GW 11 11 11 1 K Host running on management VLAN 311 User s Manual 108 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings gt To configure separate VLANs for VoIP Data and Management packets 1 For MP202 1 Open menu Advanced gt Remote Administration open Us
98. ctly or via an external modem gt To access its properties m 3 Click on the link Network Connections and in the screen Network Connections click link WAN Ethernet the screen WAN Ethernet Properties opens refer to the figure Figure 9 1 WAN Ethernet Properties E WAM Ethernet Properties Disable j Hame WAN Elhamnegt Device Name inp Statue Connected Network WAN Connection Type Ethernet MAC Address 14 f6 52 0b 75 16 IP Address 192 168 65 111 Subnet Mask 55 255 299 0 Detsult Gateway 192 168 65 1 192 166 65 1 192 166 711 CNS Server TP Address Distribution Dis abled Received Packets 12099394 Sent Packets 1476 Time Span 23 23 56 ee a ee a ae Beer Sere Reece Version 2 4 73 April 2007 a FF E Fe A MP 202 Telephone Adapter gt To configure the WAN Ethernet connection m Click on the Settings button at the bottom right of the connection s Properties screen the screen Configure WAN Ethernet opens Figure 9 2 WAN Ethernet Configuration 5 Configure WAN Ethernet General Device Name status Schedule Network Connection Type Physical Address MTU Internet Protocol IP Address Subnet Mask Default Gateway DNS Server Primary DNS Server Secondary ONS Server IP Address Distribution Routing Internet Connection Firewall Additional IP Addresses etho Connected Always Ethernet Slane My MAC Address Automatic 15
99. dem with limited uplink bandwidth and the user runs bandwidth consuming applications on their PC Since most modems do not have any priority mechanisms the Tx bandwidth of the gateway should be limited according to the modem s uplink bandwidth Since the gateway will automatically give higher priority to VoIP packets in its internal queues it is not necessary to define traffic shaping classes gt To perform a minimal QoS configuration for VoIP 1 Click on menu QoS on the left sidebar and then click tab Traffic Shaping the Quality of Service Traffic Shaping screen opens 2 Click New Entry or the icon under column Action the screen Add Device Traffic Shaping opens User s Manual 70 Document 299 452 100 User s Manual 8 Quality of Service QoS From the drop down list adjacent to parameter Device select Default WAN Device or your PPTP L2TP connection you have created and click OK the screen Edit Device Traffic Shaping opens Limit the Tx bandwidth parameter Tx Bandwidth according to your modem s uplink bandwidth To prevent jitter in outgoing RTP packets select When Active Voice Calls Exist from the drop down list adjacent to parameter TCP Serialization and use parameter Maximum Delay to define the maximum allowed delay e g 20 milliseconds This will cause long TCP packets to be fragmented when there is an active voice call Figure 8 12 QoS Edit Device Traffic
100. e Authentication Password 5 Configuring VolP Parameters Table 5 13 VoIP Line Settings Description A telephone port in the MP 202 to which you can connect a standard POTS telephone You can manage which telephone is operational by checking the check box adjacent to it This telephone s VoIP user ID used for identification to initiate and accept calls Check this check box to hide your ID from the remote party Used to define a name to intuitively identify the line A free text description to be displayed to remote parties as your caller ID The user name received from the VoIP Service Provider Used when sending a response to Unauthorized or Proxy Authentication Requested 401 407 The password received from the VoIP Service Provider Used when sending a response to Unauthorized or Proxy Authentication Requested 401 407 5 1 7 Configuring Speed Dial Settings Use the Speed Dial Settings screen to associate a called party s contact parameters including the IP address of his her ATA and Line ID with a number that you ll dial to call him her The number of speed dialing codes that can be defined is unlimited Use the screen to define a destination type Proxy Local Line or Direct Call Note that when connecting the MP 202 to a World Wide SIP Server refer to Connecting MP 202 s VoIP to a VoIP Service Provider on page 51 you don t need to configure Speed Dial Settings gt To configure Speed Dial
101. e a static IP address for each VLAN One uses VLAN 200 the second VLAN 300 and the third VLAN 400 gt To configure 3 separate VLANs in bridge mode 1 For MP202 1 amp MP202 2 refer to the figure above Connect the PC to MP202 1 LAN NIC and use static IP address 192 168 2 10 for your PC 2 In Internet Explorer browse to http 192 168 2 1 User s Manual 120 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 3 Open menu Advanced gt Remote Administration Check the check boxes Using Primary HTTP Port 80 and Allow Incoming ICMP Echo Requests to allow HTTP and ICMP from the WAN interface 4 For data configure VLAN ID 300 and then configure it to Obtain IP Address Automatically refer to the figure below optionally you can use a static IP address Figure 10 33 Network Connections Network Connections SS ee ee WAN Ethernet f WAN Ethernet 2 ry Bridge New Connection 5 For VOIP configure VLAN ID 200 and then configure it to Obtain IP Address Automatically optionally you can use a static IP address 6 For management configure VLAN ID 400 and then configure it to Obtain IP Address Automatically optionally you can use a static IP address The figure below shows how to obtain DHCP on the interface General Device Name status Schedule Network Connection Type Physical Address MTU Underlying Connection Internet Protocol Internet
102. e database using the MP 202 s Web based Management m Permits a computer to have multiple host names m Permits a host name to have multiple IPs needed if a host has multiple network cards The DNS server does not require configuration However you may wish to view the list of computers known by the DNS edit the host name or IP address of a computer on the list or manually add a new computer to the list 13 20 1 Viewing and Modifying the DNS Table gt To view the list of computers stored in the DNS table m Click the icon DNS Server in the Advanced screen of the Web based Management the DNS table is displayed refer to the figure Figure 13 33 DNS Server at DNS Server Host Name IP Address Source New DNS Cntry Close j Version 2 4 199 April 2007 MP 202 Telephone Adapter gt To add anew entry to the list 1 Click the link New DNS Entry the DNS Entry screen opens refer to the figure Figure 13 34 DNS Entry DNS Entry Host Name Tony IP Address fisz fies fio fi 2 Enter the computer s host name and IP address 3 Click OK to save your changes gt To edit the host name or IP address of an entry 1 Click the Edit button under column Action the DNS Entry screen opens 2 If the host was manually added to the DNS Table you can modify its host name and or IP address If it wasn t you can only modify its host name 3 Click OK to save your chang
103. eases uc E E anaemia panache leas Figure 10 48 Configuring VoIP and Data i int 1 the Sarr sites eons bane Roce at EEEE ES Figure 10 49 VoIP and Data on same VLAN ERAIN E EEA aici asada E E aise EE E tioned io Figure 10 50 No IP Address spun dia beta EEEE a We Figure 11 1 TR O69 CPE WAN Management F Protocol a a E Figure 12 1 Firewall in Action A PE OA PEA P EE NA O E E EE 197 Figure 12 2 General Security Level Settings aks AET EA E OAE T ENNE E Poue Ee Aoten COO a a aeaa Oe Figure 12 4 Add ReneS Control Rule ESAE EEE Figure 12 5 Port Forwar T Figure 12 6 Add Port Forwarding Rule Figure 12 7 Add a Specific Protocol Figure 12 8 Forward to a Specific Port Figure 12 9 Add a Specific Schedule Figure 12 10 on Forwarding Rule ss He tae PEE POEA IAE EE E I E E E E E Figure 12 11 Edit Port Fo n Rule ceases an alee cach aria nena one Figure 12 12 D DMZ Host EEO E E i Figure 12 13 Port Triggering are E et EE I AEE A A E E T A Figure 12 14 Adding Port Triggering Rule EEEIEE EAEE EEE EI IE ia AEE ENE EE ATT Figure 12 15 Edit Service Server FOS ssssssrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrereeeeeeeeererereee 14 Figure 12 16 Edit Service Server Ports E A a Vo Figure 12 17 Edit Service Opened TEE ys accsSstco navecesnpndsicneosb ores nedneisoad Adacumiadesbovea envesietsnnnbessies 150 Figure 12 18 Edit Service Opened Pore iccminnimiciomornendcmiatnmiiieneiann tenes 1 D0 Figu
104. eated Connection if you wish to be routed to the new connection s configuration screen after clicking Finish User s Manual 86 Document 299 452 100 User s Manual 9 WAN Settings 9 Click Finish to save the settings the new PPTP VPN connection is added to the network connections list and is configurable like any other connection 9 3 3 General This section displays the connection s general parameters Figure 9 19 General PPTP Settings General Device Name ppp200 Status Disconnected Schedule Always Network WAN Connection Type VPN PPTP MTU Automatic 1460 Table 9 8 General PPTP Settings Parameter Description Schedule By default the connection is always active However you can configure scheduler rules via Advanced gt Scheduler Rules in order to define time segments during which the connection may be active Once a scheduler rule s is defined this field changes to a drop down list allowing you to choose between the available rules Network Select whether the parameters you are configuring relate to a WAN LAN or DMZ connection by selecting the connection type from the drop down list MTU MTU is the Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission When set to its default Automatic the gateway selects the best MTU for your Internet connection Select Automatic by DHCP for the DHCP to determine the MTU If you select Manual i
105. ecting the gateway to a remote network using a Virtual Private Network VPN tunnel over the Internet This enables secure transfer of data to another location over the Internet using private and public keys for encryption and digital certificates and user name and password for authentication 9 4 1 Creating an L2TP IPSec VPN Connection with the Connection Wizard gt To create a new L2TP IPSec VPN connection take these steps 1 Click the link New Connection in the screen Network Connections the screen Connection Wizard opens 2 Select the radio button Connect to a Virtual Private Network over the Internet and click Next the screen Connect to a Virtual Private Network over the Internet opens Version 2 4 89 April 2007 MP 202 Telephone Adapter 3 Select the radio button VPN Client or Point To Point and click Next the screen VPN Client or Point To Point opens refer to the figure Figure 9 20 VPN Client or Point To Point er p3 PN Client or Point To Point Choose one of the following protocols to connect to 4 remote YPN server s Point to Point Tunneling Protocol irtual Private Network PPTP YPN Enable secure transfer of data to another location aver the Internet Using User name password authentication Layer Z Tunneling Protocol over Internet Protocol Security L2TP IPSec PN Enable secure transfer of data to another location over the Internet using private and public keys
106. ed into widely used consumer products such as Windows XP Therefore it is critical that today s Residential Gateways be UPnP compliant Your gateway is at the forefront of this development offering a complete software platform for UPnP devices This means that any UPnP enabled control point client can dynamically join the network obtain an IP address and exchange information about its capabilities and those of other computers on the network They can subsequently communicate with each other directly thereby further enabling peer to peer networking And this all happens automatically providing a truly zero configuration network User s Manual 180 Document 299 452 100 User s Manual 13 Advanced Settings 13 12 Firmware and Configuration Upgrade The MP 202 offers a built in mechanism for upgrading its software image There are two methods for upgrading the software image Upgrading from a Computer on the Network use a software image file pre downloaded to your PC s disk drive or located on the accompanying CD Upgrading from the Internet also referred to as Remote Update use this method to upgrade your firmware by remotely downloading an updated software image file Go to Upgrading from a Computer on the Network on page 181 Go to Upgrading from the Internet on page 182 13 12 1 Upgrading From a Computer in the Network gt To upgrade the MP 202 s software image using a locally available rmt file Note You
107. eeeereees ma woe R Ma MP 202 Telephone Adapter 13 11 Universal Plug and Play EIEEE EEEE EET LO 13 12Firmware and Configuration iamai AN EEE O EE AA E AEE ON 181 13 12 1 Upgrading From a Computer in the Network ccccccccceceeseeseeeeeeeeseeseeeeeeeeeees 181 13 12 24 Uporading From mhe Mernel sesers riren irea 182 13 12 3 Remote Configuration Download os ce essa nhscvasaannderarniowsrsiniays cose tavsatoaenanaeaaneeen 183 pRB Stel coal gil a eet eee eee eee eee eee een eee reat eee eee ee ey sae tee eee 184 Mh Be TINE orrira E RTE i ee eTo aie A a sentences ce ee este NEATE sacenesenorepeectvsen geuessiens 187 De Val a e FO g PEE EE E ween eens A O tenements sean 188 T Mis P r en eee eee N E N A EEA E EA A 189 13 16 1 Managing Routing Table Rules cccecccsssccceeseeceseeeseseseneseeensseeenseeees N 189 e U e a PA E E P A EA E E E N SE T E AE ATE A 190 TROW OTOC eeina arni nEn ARa a iaa A E LT E E E E EEE 191 13 18 1 Opening a Dynamic DNS ACCOuUN s kiarateeceersisrrtrenterieviereemnasnasresiemniial 192 Te TAF ele g B10 1 a 9 Geen en eee E A 193 13 19 1 DHCP Server Parameters ccccccccsseeeseeeeeeeeeeseeeeees EAE EEA 194 13 192 DHCP Relay ParametelS siiagi aa aa a inai iia aa PRETE 197 TISS DHAUP COMC TOT ea E A E E A EAE A 198 ENE TEE AEA AAE IO A EE T E IA A A E E NT E AET 199 13 20 1 Viewing and Modifying the DNS Table ccccccesccccsssseeceeeceeeeee
108. een showing User s Manual 32 Document 299 452 100 User s Manual 5 Configuring VolP Parameters the advanced parameters including the basic parameters opens Figure 5 2 VoIP Signaling Protocol SIP Proxy and Registrar arb Voice Over IP tignaling Protocol Sagnahng Preteen SIF Triaridpecet Prob sgl besa SbF Port Gabeway Mame User Domain SIF Prony and Registrar F Use SIP Precy Proxy IF Ad ivets or Hest Hane i162 e Proxy Poet nen Use SP Proxy EP and Port for Registrate Reguter Expres D Use SIP Gutbound Proxy SIP Timers Reransnicion Tener TL er anseieh Tener Tt eiransrnisae Tener Td ERVITE Timer Version 2 4 33 April 2007 MP 202 Telephone Adapter Table 5 2 VoIP Signaling Protocol SIP Proxy and Registrar Parameter Description SIP Transport Protocol Choose either UDP default or TCP Local SIP Port Gateway Name User Domain Use SIP Proxy Proxy IP Address or Host Name Proxy Port Use SIP Proxy IP and Port for Registration Use SIP Outbound Proxy The UDP TCP port default 5060 on which the Stack listens This domain name will be sent in the From header of outgoing Invite messages When checked outgoing calls will be routed to the configured SIP proxy If the parameter Use SIP Proxy IP and Port for Registration is checked as well the configured SIP proxy will also be used as the registrar allowing incoming calls The IP address or h
109. el of network security while enabling the safe use of interactive applications such as Internet gaming and video conferencing Additional features including surfing restrictions and access control can also be easily configured locally by the user through a user friendly Web based interface or remotely by a service provider The MP 202 firewall supports advanced filtering designed to allow comprehensive control over the firewall s behavior You can define specific input and output rules control the order of logically similar sets of rules and make a distinction between rules that apply to WAN and LAN network devices The Web based management screens in the Security section feature the following m The General screen allows you to choose the security level for the firewall refer to General Security Level Settings on page 138 m The Access Control screen can be used to restrict access from the home network to the Internet refer to Local Servers Port Forwarding on page 142 m The Port Forwarding screen can be used to enable access from the Internet to specified services provided by computers in the home network and special Internet applications refer to Port Forwarding on page 142 m The DMZ Host screen allows you to configure a LAN host to receive all traffic arriving at your Telephone Adapter which does not belong to a known session refer to Port Triggering on page 147 m The Port Triggering screen a
110. ent or Point To Point i ETETE ae Figure 9 17 Point to Point Leslee al Protocol Virtual Private Network PPTP VPN B PEPEE APET E TE 86 Figure 9 18 Connection Summary PENE T A TE T ATTA EEEE TT gt Figure 9 19 General PPTP Settings neat Figure 9 20 VPN Client or Point To Point MEET gt i Figure 9 21 Layer 2 Tunneling Protocol over r Internet Protocol Security L2TP IF IPSec c VPN PERRET Figure 9 22 Connection Summary a EN i m 92 Figure 9 23 VPN Client or Point To Point EOE amp Figure 9 24 Layer 2 Tunneling Protocol over r Internet Protocol Security L2TP I IPSec gt VPN PAS Figure 9 25 Connection aa PIP EEIE EE AAE PE OE A E ESEE ETA Figure 9 26 PPP Compression riers ae Figure 10 1 VLAN Interface PEE Figure 10 2 Connection Summary 100 Figure 10 3 Internet Protocol Settings No IP Address 102 Figure 10 4 Internet Protocol Settings Automatic IP stipends 102 Figure 10 5 Internet Protocol Settings Static IP EPEE PEE INEEN EEEN IETEN TEE P E E gt Figure 10 6 IP Address Distribution DHCP Server sas eeu piecing NETANA akan EEEN TEE 104 Figure 10 7 IP Address Distribution DHCP Relay iene PEPEE TETERA PEPEE N I CEE i Figure 10 8 DHCP Relay Server Address 5 PEPEE esate abies elas akaa Vio Figure 10 9 IP Address Distribution Disable DHCP oooi yews PEERI EEN EE enedek TUO Figure 10 10 Advanced Routing Properties
111. epted PPP Session a PPP session packet has been accepted 802 1Q a 802 1Q VLAN packet has been accepted Outbound Auth1X an outbound Auth1X packet has been accepted IP Version 6 an IPv6 packet has been accepted OpenRG initiated traffic all traffic that OpenRG initiates is recorded Maximum security enabled service a packet has been accepted because it belongs to a permitted service in the maximum security level SynCookies Protection a SynCookies packet has been blocked ICMP Flood Protection a packet has been blocked stopping an ICMP flood UDP Flood Protection a packet has been blocked stopping a UDP flood Service a packet has been accepted because of a certain service as specified in the event type Advanced Filter Rule a packet has been accepted blocked because of an advanced filter rule Fragmented packet header too small a packet has been blocked because after the defragmentation the header was too small Fragmented packet header too big a packet has been blocked because after the defragmentation the header was too big Fragmented packet drop all not used Fragmented packet bad align a packet has been blocked because after the defragmentation the packet was badly aligned Fragmented packet packet too big a packet has been blocked because after the defragmentation the packet was too big Version 2 4 163 April 2007 MP 202 Telephone Adapter Fragmented packet packet
112. ernet to home network all connection except as configured in the Access attempts permitted Control screen These services include Telnet FTP HTTP HTTPS DNS IMAP POP3 and SMTP The list of allowed services at Maximum Security mode can be edited in the screen Access Contro l on page 140 Some applications such as some Internet messengers and Peer To Peer client applications tend to use these ports if they cannot connect with their own default ports When applying this behaviour these applications will not be blocked outbound even at Maximum Security Level gt To configure the MP 202 s security settings Refer to the figure General Security Level Settings 1 Choose from among the three predefined security levels described in the table above Maximum Security is the default setting Using the Minimum Security setting may expose the home network to significant security risks and thus should only be used when necessary for short periods of time Version 2 4 139 April 2007 MP 202 Telephone Adapter 2 Check the Block IP Fragments box in order to protect your home network from a common type of hacker attack that could make use of fragmented data packets to sabotage your home network Note that VPN over IPSec and some UDP based services make legitimate use of IP fragments You will need to allow IP fragments to pass into the home network in order to make use of these select services 3 Click OK
113. es gt To remove a host from the DNS table m Click Delete under column Action the entry is removed from the table 13 21 Protocols The Protocols feature incorporates a list of preset and user defined applications and common port settings You can use protocols in various security features such as Access Control and Port Forwarding You may add new protocols to support new applications or edit existing ones according to your needs gt To define a protocol 1 Click the Advanced icon on the side bar User s Manual 200 Document 299 452 100 User s Manual 13 Advanced Settings 2 Click the icon Protocols the Protocols screen appears refer to the figure Figure 13 35 Advanced Protocols oe Protocols Protocols Action FTP TCP any gt 21 HTTP TCP Any gt 80 HTTPS TCP Any gt 443 TFTP UDP 1024 65535 gt 69 IMAP TCP Any gt 143 Ping ICMP Echo Request POPS TCP Any gt 110 SNMP UDF Any gt 161 SMTF TCP Any gt 25 Telnet TCP Any gt 23 Eee UDP Any gt 1701 Traceroute WOOP 32769 65535 gt 33454 35523 New Entry 3 Click the link New Entry the Edit Service screen appears refer to the figure Figure 13 36 Advanced Protocols Edit Service E Edit Service Service Name Siobal Application Service Description Server Ports Protocol Server Ports Action New Server Ports OK j Cancel j Version 2 4 201 April 2007 a UF E F A M
114. es which are for prioritizing inbound and outbound traffic respectively Each section lists all the devices on which rules can be set You can set rules on all devices at once by clicking the link New Entry adjacent to All Devices Figure 8 6 QoS Traffic Shaping Quality of Service 5 ZF a 0 os 1 p Settings Settings Destination Address Destination Address Protocols Operation Protocols Operation Action New Entry New Entry New Entry Action New Entry New Entry New Entry After clicking the appropriate New Entry link the screen Add Traffic Priority Rule opens refer to the figure Figure 8 7 QoS Add Traffic Priority Rule Add Traffic Priority Rule Matching Source Address Any Destination Address any Protocol Any Qos Operation Set Priority Set DSCP Logging Log Packets Matched by This Rule Schedule v e ARLS j _ amp Cancel 65 April 2007 Uno ERA MP 202 Telephone Adapter Table 8 4 Add Traffic Priority Rule Parameter Descriptions Parameter Source Address Destination Address Protocol QoS Operation Set Priority Set DSCP Log Packets Matched by This Rule Schedule 8 3 m Click OK to save the settings DSCP Mapping Description The source address of the packets sent to or received from the network object From the drop down list choose Any User Defined or t
115. es providing source and destination port options refer to the figure Version 2 4 149 April 2007 ma UF E F A a MP 202 Telephone Adapter 4 Leave the Source Ports combo box at its default Any In the drop down list Destination Ports select Single the screen refreshes again providing an additional field in which you should enter 2222 as the destination port Figure 12 16 Edit Service Server Ports Protocol UOP Source Ports Any t Destination Ports 5 Click OK to save the settings 6 In the screen Edit Service click the link New Opened Ports the screen Edit Service Opened Ports opens refer to the figure Figure 12 17 Edit Service Opened Ports iad Edit Service Opened Ports Protocol Protocol Wumber boo anal 7 Similar to the trigger ports screen select UDP as the protocol leave the source port at Any and enter a 3333 as the single destination port refer to the figure Figure 12 18 Edit Service Opened Ports Protocol source Ports Any W Destination Ports 3333 User s Manual 150 Document 299 452 100 User s Manual 12 Security 8 Click OK to save the settings the screen Edit Service presents your entered information Click OK again to save the port triggering rule the screen Port Triggering now includes the new port triggering entry refer to the figure Figure 12 19 New Port Triggering Rule Protocol Outgoing Trigger P
116. es by pressing the New Entry link on the bottom of the Automatic Time Update section 13 15 Configuring Users You can add edit and delete users When adding a user you need to specify the following parameters Table 13 2 Managing Users Parameter Description Full Name The remote user s full name UserName The name a remote user will use to access your home network New Type a new password for the remote user If you do not want to change the remote Password user s password leave this field empty Retype New If a new password was assigned type it again to verify correctness Password Version 2 4 187 April 2007 Uno ERA MP 202 Telephone Adapter Figure 13 21 Managing Users F User Settings General Full Warne Administrator User Name case sensitive Hew Password Retype New Password E Mail Configure Mail Server Oddress System Motify Level None Security Notity Level None af OK J A Cancel j Note that changing any of the user parameters will prompt the connection associated with the user to terminate For changes to take effect you should activate the connection manually after modifying user parameters 13 15 1 Email Notification You can use email notification to receive indications of system events for a predefined severity classification The available types of events are System or Security events The available severity of events are Error Warning and Information If the I
117. es of LAN Ethernet and the new VLAN Interface that you defined refer to the figure below Figure 10 49 VolP and Data on same VLAN ae Network Bridging Configure your bridge properties Bridged Connections Name Status CI E wan Ethernet Connected LAN Ethernet Disconnected Connected Back j Next gt j Cancel j Version 2 4 129 April 2007 Ss wwe Fe MP 202 Telephone Adapter 3 Go to the regular WAN and change the mode to No IP Address Figure 10 50 No IP Address Internet Protocol Obtain an IP Address Automatically wl Ma IP Address Override Subnet Mask Obtain an IP Address Automatically Use the Following IP Address DHCP Lease Renew j Release j If your configuration is correct all data from the LAN and VolP should be sent in the same VLAN User s Manual 130 Document 299 452 100 User s Manual 11 TR O69 CPE WAN Management Protocol 11 TR 069 CPE WAN Management Protocol 11 1 Overview TR 069 is a WAN management protocol intended for communication between Customer Premise Equipment CPE or residential devices such as the MP 202 and an Auto Configuration Server ACS It defines a mechanism that encompasses secure auto configuration of CPE and also incorporates other CPE management functions into a common framework In simpler terms TR 069 is a protocol that enables remote server management of the MP 202 Such a protocol is useful for example for remotely and securely con
118. esseeesesesseeeaees 199 Teta VPP ett areeasvroraegigceten ciara veo tolegd towsdaom tated teem weat Gewnaad nada ned A NA A AEN A E O 200 sore rc esteem eecaeceaceeceeracanceansenmauseesaasusecnencuenvanwansecsecars 203 ee E OE E NE SEE E E A OA A E AE EEA E A A E A er Pe E eA A Rara Toa ayoa LO isini EE EEE EREA S ENAR 204 tma S sem U TNE ecrin Eiin ea ai oo Ber UN rT eas 206 15 Software and Hardware Specifications ccccscceseeceeeeeeeeeeeseeeeeeneeeneneeees 207 User s Manual 6 Document 299 452 100 User s Manual Contents List of Figures i ae 7 Jea DNS iS Configur TOTES ETEEN EENAA A OA EE EAE O AE E AA 15 Figure gt 2N Wel PS AEE N E E I EAE E T E eee ase Figure 3 3 nanai in eee eee eee eee 50 Figure 3 4 Quick ee Figure 3 5 ee Sealine til A 3S E EE Figure 3 6 6 Figure 3 7 Figure 3 8 Internet Connection Polni to Point Tunneling Protocol Haan Figure 3 9 Layer 2 Tunneling Protocol PE ERP Mepa Figure 3 10 Internet Connection No Internet Connection orenen nren 25 Figure 4 1 Network Map SA Figure 4 2 Host IFOrMALION 28 Figure 4 3 Typical Table Structure avai an o iaiaaeaia Figure 5 1 VoIP Signaling Protocol 7 Figure 5 2 VoIP Signaling Protocol SIP Proxy and Registrar Figure 5 3 VoIP S SIP Proxy and A ae ere rere Tren Tre Tree Terry Figure 5 4 VoIP S SIP Outbound nica PAE TEENE EET TE ET TIETTY an ERA PPPoE ne p eee 3
119. estricted Website Restricted IP Address Status Action New Entry EF Press the Refresh button to update the data 2 Click the link New Entry the Restricted Website screen opens refer to the figure Figure 12 21 Restricted Website Restricted Website Enter the website you wish to restrict Restricted Website Local Host Schedule 3 Enter the website address IP address or URL that you would like to make inaccessible from your home network all Web pages within the site will also be blocked If the website address has multiple IP addresses the gateway will resolve all additional addresses and automatically add them to the restrictions table User s Manual 152 Document 299 452 100 User s Manual 12 Security The Local Host combo box provides you the ability to specify the computer or group of computers for which you would like to apply the website restriction You can select between any or a specific computer address in your LAN If you choose the option Specify Address the screen will refresh and a link Add appears Figure 12 22 Add a Specific Host Local Host Specify Address Add Click the link Add to specify a computer address Specify an address creating a Network Object The parameter Schedule allows you to define the time period during which this rule will take effect You can select between Always or a specific schedule If you choose the option Specify Schedule the
120. et WAN Ethernet Bridge 3e 80 95 6e 9f 9F Disabled 14126 7652 0 23 33 127 WAN Ethernet 2 brO 200 Connected WAN Bridge Ethernet 3e 80 95 6e 9f 9f a ba Ra Lee Ye K 255 0 0 0 Pass Disabled April 2007 E rH i E FE am MP 202 Telephone Adapter Testing the Setup 1 Place a VolP call and verify that VOIP is using 802 1q p and that the VID is 200 Figure 10 46 Testing the Setup vian cap Ethereal File Edit View Go Capture Analyze Statistics Help SAx eS Ber OFZ QQQ PHEX GE Fite TO pe Expression Clear Apply Source Destination Protocol Info a ts Be BR Be SIP SD Request INVITE 51p 234 1 1 1 12 5060 transport UDP with session Frame 88 933 bytes on wire 933 bytes captured Ethernet II Src 38 3c d8 06 5e 33 Dst 00 90 8f 09 ef 93 3 802 1q Virtual LAN een Te Priority 0 ae CFI 0 0000 1100 1000 ID 200 Type IP 0x0800 H Internet Protocol Src Addr 1 1 1 14 1 1 1 14 DSE Addr 1 1 1 12 1 1 1 12 User Datagram Protocol Src Port 5060 5060 Dst Port 5060 5060 Session Initiation Protocol 2 Ping from the PC connected to the LAN port of the MP 202 and verify that the data traffic ICMP is untagged refer to the screen below Figure 10 47 Testing the Setup vlan cap Ethereal Ele Edt View Go Capture Analyze Statistics Help A ee ee ee OH oeEA eG amp Be DF EZ QQQ PRHAX F Fite fiemp v Expression Clear Apply Source Destinat
121. f the software image file or click Browse and navigate to the rmt file on your PC Click OK the file starts loading from your PC to your gateway When loading is complete a confirmation screen prompts you if you want to upgrade to the new version 4 Click OK to confirm the upgrade process commences and shouldn t take longer than a couple of minutes to complete x Please wait system is now being upgraded AN Attention gt If the page does not refresh automatically in a minute please press the Login button Login j 5 At the conclusion of the upgrade process the device automatically reboots The new software version runs maintaining your custom configurations and settings Note Do not power down the MP 202 or stop the upgrade process in the middle or else the MP 202 will become inoperable 13 12 2 Upgrading From the Internet The Remote Update mechanism helps you keep your software image up to date by performing routine daily checks for newer software versions as well as letting you perform manual checks User s Manual 182 Document 299 452 100 User s Manual 13 Advanced Settings To view the automatic check utility s settings and last check result click the MP 202 Firmware Upgrade icon from the Advanced screen The MP 202 Firmware Upgrade screen will appear In the Upgrade From the Internet section you can select the utility s checking method and interval The result of the last
122. for encryption and digital certificates and user name password for authentication Internet Protocol Security IPSec Enable secure transfer of data to another location over the Internet using private and public keys for encryption and digital certificates or shared secret for authentication a manihini Next aa J A Cancel J User s Manual 90 Document 299 452 100 User s Manual 9 WAN Settings 4 Check the radio button Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN and click Next the screen Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN opens refer to the figure Figure 9 21 Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec VPN gE Layer 2 Tunneling Protocol over Internet Protocol Security C L2TP IPSec VPN Configure your LATP VPN connection properties Login User Name fcase sensitive john_smith Login Password IPSec Shared Secret Remote Tunnel Endpoint 4ddress 1917 52 51 5 Enter the username and password provided by the administrator of the network you are trying to access 6 Enter the IPSec shared secret which is the encryption key jointly decided upon with the network you are trying to access 7 Enter the remote tunnel endpoint address This would be the IP address or domain name of the remote network computer which serves as the tunnel s endpoint Version 2 4 91 April 2007 ma UF E Fe A a MP 202
123. formation Web site http www audiocodes cam E mail sales audiocodes com USA Boston 508 787 3800 San Jose 408 441 1175 ROW Phone 972 3 9764000 13 3 Configuration File Your gateway enables you to view save and load its configuration file in order to backup and restore your current configuration Version 2 4 169 April 2007 ms UF E Fe A MP 202 Telephone Adapter 1 Click the icon Configuration File in the Advanced screen of the Web based management the Configuration File screen is displayed refer to the figure showing the entire contents of the configuration file Figure 13 4 Contents of the Configuration File Configuration File rq cont dew fetho type tl cpmac eth logical network 1 13 syne 0 fenabled 1i route level 4 metrics J mtu mode 1 default route 1 has _ipiij 13 wan man l 13 wan datall 13 dns neg l rip fenabled O input version s output vwersion lt description WAN Ethernet mac OO 90 8F 09 EF 5E id 1 alias dheps lease j wt Close Load Configuration File j Save Configuration File j 2 Click the button Load Configuration File to restore your configuration from a file and restart the gateway 3 Click Save Configuration File to back up your current configuration to a file Note When rebooting the gateway restores the settings from its configuration file Howeve
124. g which the rule may be active In order to understand what is Differentiated Services Code Point DSCP one must first be familiarized with the Differentiated Services model Differentiated Services Diffserv is a Class of Service CoS model that enhances best effort Internet services by differentiating traffic by users service requirements and other criteria Packets are specifically marked allowing network nodes to provide different levels of service aS appropriate for voice calls video playback or other delay sensitive applications via priority queuing or bandwidth allocation or by choosing dedicated routes for specific traffic flows User s Manual 66 Document 299 452 100 User s Manual 8 Quality of Service QoS Diffserv defines a field in IP packet headers referred to as DSCP Hosts or routers passing traffic to a Diffserv enabled network will typically mark each transmitted packet with an appropriate DSCP The DSCP markings are used by Diffserv network routers to appropriately classify packets and to apply particular queue handling or scheduling behavior The gateway provides a table of predefined DSCP values which are mapped to 802 1p priority marking method You can edit or delete any of the existing DSCP setting as well as add new entries 1 Press the QoS button on the sidebar and then click the DSCP Settings tab The following screen will appear refer to the figure Figure 8 8 QoS DSCP Settings os Qua
125. gistrar Port Register Expires Seconds Use SIP Outbound Proxy Outbound Proxy IP 110 16 2 12 Outbound Proxy Port 5060 A OK Apply J X Cancel F Advanced gt gt J Table 5 5 VolP Signaling Protocol SIP Outbound Proxy Parameter Description Outbound Proxy IP The IP address of the outbound Proxy If this parameter is set all outgoing messages including Registration messages will be sent to this Proxy according to the Stack behavior Outbound Proxy Port The Port on which the outbound Proxy listens User s Manual 36 Document 299 452 100 User s Manual 5 Configuring VolP Parameters 5 1 2 Configuring Dialing Parameters gt To configure Dialing parameters m Click tab Dialing the Dialing Parameters screen opens m Click the button Advanced gt gt the advanced Dialing Parameters screen opens Table 5 6 Advanced Dialing Parameters ey Voice Over IP Media Streaming Dialing Parameters Dialing Timeout Seconds Phone Number Size 15 Digits Dial Tone Timeout 30 Seconds DTMF Transport Mode RFC2833 v Digit Map Dial Plan Key Sequence Flash keys sequence style Flash only i Version 2 4 37 April 2007 wk Rr A Parameter Dialing Timeout Phone Number Size Dial Tone Timeout DTMF Transport Mode Digit Map Dial Plan Key Sequence User s Manual MP 202 Telephone Adapter Table 5 7 VoIP Dialing Pa
126. he Internet Both incoming and outgoing data are inspected and then either accepted allowed to pass through the MP 202 or rejected barred from passing through the MP 202 according to a flexible and configurable set of rules These rules are designed to prevent unwanted intrusions from the outside while allowing home users access to the Internet services that they require The firewall rules specify what types of services available on the Internet may be accessed from the home network and what types of services available in the home network may be accessed from the Internet Each request for a service that the firewall receives whether originating in the Internet or from a computer in the home network is checked against the set of firewall rules to determine whether the request should be allowed to pass through the firewall If the request is permitted to pass then all subsequent data associated with this request a session will also be allowed to pass regardless of its direction User s Manual 138 Document 299 452 100 User s Manual 12 Security Security Maximum Security Default For example when you point your Web browser to a Web page on the Internet a request is sent out to the Internet for this page When the request reaches the MP 202 the firewall will identify the request type and origin HTTP and a specific PC in your home network in this case Unless you have configured access control to block requests of this type f
127. he TAC center maintains a support page on Nuera s web site www nuera com support The site includes information on support services as well as a download page that includes relevant Technical Advisory Bulletins updated software releases and manuals First time users of the download services must request a login account and password from TAC by phone or email Abbreviations and Terminology Each abbreviation unless widely used is spelled out in full when first used Only industry standard terms are used throughout this manual Hexadecimal notation is indicated by Ox preceding the number When the term device is used it refers to the MP 202 Telephone Adapter Version 2 4 12 April 2007 User s Manual 1 Introducing the MP 202 Telephone Adapter 1 Introducing the MP 202 Telephone Adapter The MP 202 is a 2 line SIP gateway allowing residential and SOHO subscribers to connect ordinary POTS telephones or fax machines and is interoperable with leading Softswitches and SIP Application Servers for enabling legacy phone services such as caller ID call waiting and call forwarding In addition the MP 202 includes an internal router with DHCP NAT Firewall PPPoE PPTP and L2TP capabilities enabling subscribers to connect their home PC or LAN hub switch to it Utilizing Nuera s core architecture and gaining from its accumulated experience in providing IP telephony solutions the MP 20x series combines superior voice quality and state of t
128. he art features for end users such as T 38 Fax Relay and G 168 2004 compliant Echo Cancelation Low bit rate vocoders voice coders can be used simultaneously on both telephony ports to save valuable bandwidth The Voice over Data prioritization algorithm prevents degradation in voice quality even during large data transfers The MP 20x Series is designed for full interoperability with leading Softswitches and SIP Servers for deployment in various network environments Throughout the years Nuera has invested significant effort in complying with the leading and evolving VoIP standards Support of the Session Initiation Protocol SIP which is commonly found in Voice over Broadband VoB networks assures seamless integration and rapid deployment Version 2 4 13 April 2007 User s Manual 2 Cabling the MP 202 Telephone Adapter 2 Cabling the MP 202 Telephone Adapter gt To cable the MP 202 take these steps 1 Connect the MP 202 s Ethernet 10 100 Base T RJ 45 connector labeled WAN to your cable or DSL modem or other network connection 2 Connect the MP 202 s Ethernet 10 100 Base T RJ 45 connector labeled LAN PC to a PC 3 Optionally you can connect the MP 202 s connector labeled LAN PC to a switch hub and connect multiple PCs to the latter 4 Connect the MP 202 s two RJ 11 ports labeled PHONE 1 and PHONE 2 to two analog telephones 5 Connect the power cable to the power supply the green LEDs illuminate the power
129. he connection is always active However you can configure scheduler rules via Advanced gt Scheduler Rules in order to define time segments during which the connection may be active Once a scheduler rule s is defined this field changes to a drop down list allowing you to choose between the available rules Network Select whether the parameters you are configuring relate to a WAN LAN or DMZ connection by selecting the connection type from the drop down list MTU MTU is the Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission When set to its default Automatic the gateway selects the best MTU for your Internet connection Select Automatic by DHCP for the DHCP to determine the MTU If you select Manual it is recommended to enter a value in the range of 1200 to 1500 9 4 4 PPP Configuration Refer to PPP Configuration on page 78 Version 2 4 95 April 2007 MP 202 Telephone Adapter 9 4 5 PPP Authentication Refer to PPP Authentication on page 79 9 4 6 PPP Encryption Refer to PPP Encryption on page 80 9 4 7 PPP Compression The PPP Compression Control Protocol CCP is responsible for configuring enabling and disabling data compression algorithms on both ends of the point to point link It is also used to signal a failure of the compression decompression mechanism in a reliable manner Figure 9 26 PPP Compression PPP Compression BSD Defl
130. he host The destination address of the packets sent to or received from the network object This address can be configured in the same manner as the source address From the drop down list choose Any User Defined or the host From the drop down list choose a specific traffic protocol or add a new one by choosing User Defined the screen Edit Service opens Click the icon new under the column Action this commences a sequence that adds a new protocol In this screen section set a Quality of Service working method Check parameter Set Priority or Set DSCP refer to the descriptions below Check this check box to add a priority to the rule the screen Edit Service opens allowing you to select between one of eight priority levels 0 lowest and 7 highest each priority level is mapped to low medium high priority This sets the priority of a packet on the connection matching the rule while routing the packet Check this check box to mark a DSCP value on packets matching this rule the screen Edit Service opens allowing you to enter the hexadecimal value of the DSCP Under the screen section Logging this check box must be checked in order to log the first packet from a connection that was matched by this rule Always or User Defined By default the rule will always be active However you can configure scheduler rules in order to define time segments durin
131. he status g ay o vok Tamy X cancel Refresh If left at the default the MP 202 will obtain the WAN IP and DNS IP addresses from a DHCP server on the WAN 3 2 2 1 2 Manual IP Address Ethernet Connection m Select Manual IP Address Ethernet Connection from the Connection Type drop down list refer to the figure Figure 3 6 Internet Connection Manual IP Address Ethernet Connection E Quick Setup Internet Connections WAN Ethernet Connection Type Manual IP Address Ethernet Connection IP Address Subnet Mask Default Gateway Primary DNS Server Secondary ONS Server Administrator MP202 s Hostname E Mail User s Manual 22 Document 299 452 100 User s Manual 3 Setting up a Network Connection According to your ISP s instructions specify the following parameters m IP address Subnet mask Default device Primary DNS server Secondary DNS server 3 2 2 1 3 Point to Point Protocol over Ethernet PPPoE E Select Point to point protocol over Ethernet PPPoE from the Connection Type drop down list refer to the figure Figure 3 7 Internet Connection PPPoE Internet Connections WAN Ethernet Connection Type Login User Name case sensitive Login Password Administrator MP202 s Hostname E Mail Your ISP should provide you with the following information E Login user name m Login password Version 2 4 23 April 2007 Mh o u mom a MP 202 Telep
132. hedule A Cancel J 8 Click OK to save your changes and return to the screen Port Forwarding 9 You can disable a port forwarding rule to make a service unavailable without having to remove the rule from the screen Port Forwarding This can be useful when making the service temporarily unavailable and when expecting to reinstate it in the future m To temporarily disable a rule clear the check box next to the service name E To reinstate it at a later time reselect the check box E To remove a rule click the action icon Remove for the service the service is permanently removed How many computers can use a service or play a game simultaneously All computers on the network can use a specific service as clients simultaneously Being a client means that the computer within the network initiates the connection for example opens an FTP connection with an FIP server on the Internet But only one computer can serve as a server meaning responding to requests from computers on the Internet Assigning a specific computer as a server is done in the Port Forwarding section of Web based management 12 4 DMZ Host The DMZ Demilitarized Host feature allows one local computer to be exposed to the Internet Designate a DMZ host to m Use a special purpose Internet service such as an on line game or video conferencing program that is not present in the Local Servers list and for which no port range information i
133. hone Adapter 3 2 2 1 4 Point to Point Tunneling Protocol PPTP E Select Point to Point Tunneling Protocol PPTP from the Connection Type drop down list refer to the figure Figure 3 8 Internet Connection Point to Point Tunneling Protocol Internet Connections WAN Ethernet Connection Type PPTP Server Host Name or IP Address Login User Name case sensitive Login Password Internet Protocol Obtain an IF Address Automatically Administrator MP202 s Hostname P202 E Mail Your ISP should provide you with the following information m PPTP Server Host Name or IP Address m Login user name E Login password 3 2 2 1 5 Layer 2 Tunneling Protocol L2TP m Select Layer 2 Tunneling Protocol L2TP from the Connection Type drop down list refer to the figure Figure 3 9 Layer 2 Tunneling Protocol Internet Connections WAM Ethernet Connection Type L2TP Server Host Name or IF Address Login User Name case sensitive Login Password Internet Protocol Obtain an IP Address Automatically r Administrator MP202 s Hostname Iup202 E Mail User s Manual 24 Document 299 452 100 User s Manual 3 Setting up a Network Connection Your ISP should provide you with the following information m L2TP Server Host Name or IP Address E Login user name m Login password 3 2 2 1 6 No Internet Connection m Select No Internet Connection from the Connection Type combo box
134. i e nN or nm Check this checkbox if you must register with a MWI subscriber server If so configure the three parameters below The IP address or host name of the MWI server The port number of the MWI server The interval between registrations When you enable message waiting and an unheard message exists you ll hear a stutter tone for the duration configured in this parameter and or when you activate the call forwarding feature refer to Forwarding Calls to Another Phone on page 55 45 April 2007 MP 202 Telephone Adapter 5 1 6 Configuring Line Settings Screen Before starting to make phone calls configure each line s parameters 1 Click the tab Line Settings the screen that opens refer to the figure enables you to define the phone ports of the MP 202 and to configure them Figure 5 10 VoIP Line Settings ey Voice Over IP User ID Display Name Action Line 203 Line 205 A ls F H Apply J x cancel J 2 Click the Action icon in each line to configure the line s different parameters refer to the figure Figure 5 11 VolP Line Settings Defining a New Line AY Line Settings Line Number il User ID Block Caller ID Display Name SIP Proxy Authentication User Name 4uthentication Password x OK D x Cancel D User s Manual 46 Document 299 452 100 User s Manual Parameter Line Number User ID Block Caller ID Display Name Authentication User Nam
135. ich the rule may be active 12 Click OK to save the settings 12 8 Security Log The Security log displays a list of firewall related events including attempts to establish inbound and outbound connections attempts to authenticate at an administrative interface Web based management or Telnet terminal firewall configuration and system start up Version 2 4 159 April 2007 Time Jun 14 16 00 2004 Jun 14 15 12 2004 Jun 14 15 12 2004 Jun 14 14 200 4 Jun 14 14 200 4 Jun 13 13 2004 Jun 13 13 2004 Jun 13 13 2004 Jun is 12 2004 User s Man MP 202 Telephone Adapter gt To view the Security Log 1 opens Event WBM Login Firewall Setup Firewall Setup Firewall Setup Firewall Setup WBM Login Firewall Setup Firewall Setup CLI Login Click tab Security Log in the screen Security Settings the screen Security Log Figure 12 30 Security Log Event Type User authentication SUCCESS Firewall internal Firewall internal Firewall internal Firewall internal User authentication SUCCESS Firewall internal Firewall internal User authentication SUCCESS Details Username admin Firewall configuration succeeded Starting firewall configuration Firewall configuration succeeded Starting firewall configuration Username admin repeated 6 times last time on Jun 14 14 23 16 2004 Firewall configuration succeeded Sta
136. ify the device s host name in the Hostname field This host name is used to access the device s Web based management E Specify the administrator s e mail in the E mail field System alerts and notifications are sent to this address 3 2 2 1 Configuring Your Internet Connection When subscribing to a broadband service you should be aware of the method by which you are connected to the Internet Technical information regarding the properties of your Internet connection should be provided by your Internet Service Provider ISP For example your ISP should inform you whether you are connected to the Internet using a static or dynamic IP address or what protocols such as PPTP or PPPoE you will be using to communicate over the Internet Version 2 4 21 April 2007 MP 202 Telephone Adapter 3 2 2 1 1 Automatic IP Address Ethernet Connection Automatic IP Address Ethernet Connection is the default connection type refer to parameter Connection Type drop down list in the figure below Figure 3 5 Internet Connection Automatic IP Address Ethernet Connection Internet Connections WAN Ethernet Connection Type Automatic IP Address Ethernet Connection Name WAN Ethernet Status Connected MAC Address 00 90 5f 09 ef 5e IP Address 10 33 2 42 Subnet Mask 255 255 0 0 Default Gateway 10 33 0 1 10 1 1 11 DHS Server 10 1 1 100 Administrator MP202 s Hostname P202 E Mail Press the Refresh button to update t
137. ing Primary HTTP Port 80 and Allow Incoming ICMP Echo Requests e g pings and ICMP traceroute queries 2 For VOIP add VLAN ID 300 Set the new WAN interface to use static route 3 3 3 3 Choose advanced route In advanced route choose ROUTE mode device metric 0 and check the default gateway check box 3 For Data add VLAN ID 521 Set the new WAN interface to use static route 5 5 5 5 Choose advanced route In advanced route choose NAPT mode device metric 1 and check the default gateway check box 4 For Management add VLAN ID 311 Set the new WAN interface to use static route 11 11 11 11 Choose advanced route In advanced route choose ROUTE mode device metric 2 and check the default gateway check box 5 Add static route Do so for all packets with destination IP 11 11 x x to use default the device whose address is 11 11 11 11 6 To deny access to web management for all interfaces except VLAN 311 add an input rule in advanced filtering and deny all HTTP packets Do this for each interface except the interface with VLAN 311 7 Repeat the same steps for MP202 2 Use a different IP address 8 To access the web management for both MP 202 1 and MP 202 2 connect a PC that works on the same VLAN management 311 Defining a VLAN Configuring its Interface gt To define an interface VLAN 1 Open menu Network Connections gt New Connection gt Advanced Connection gt VLAN
138. ion 2 4 83 April 2007 MP 202 Telephone Adapter 4 Select the radio button Point To Point Tunneling Protocol PPTP with User Name and Password Authentication and click Next the screen Point to Point Tunneling Protocol PPTP opens refer to the figure Figure 9 14 Point to Point Tunneling Protocol ae Point to Point Tunneling Protocol PPTP Configure your PPTP connection properties Login User Name fcase sensitive Login Password sore PPTP Server Host Name or IP Address Internet Protocol Back j Next gt j A Cancel j Enter the username and password provided by your Internet Service Provider ISP Enter the PPTP server host name or IP address provided by your ISP Select whether to obtain an IP address automatically or specify one a o Click Next the screen Connection Summary opens refer to the figure Figure 9 15 Connection Summary ae Connection Summary You have successfully completed the steps needed to create the following connection e Point to Point Tunneling Protocol to my_isp_pptp User Name john_ smith Edit the Newly Created Connection Press Finish to create the connection Back F gf Finish j X Cancel j 9 Check the Edit the Newly Created Connection check box if you wish to be routed to the new connection s configuration screen after clicking Finish User s Manual 84 Document 299 452 100 User s Manual 9 WAN Settings 10 Click Finish to sa
139. ion Protocol 36 108 88867 10 T ade 37 108 89175 10 33 2 ae te Be reply 39 113 88727 10 33 4 te i request 40 113 88729 10 33 2 EERS i reply 42 118 88751 10 33 4 et Be i request 43 118 88753 10 33 2 ep a F i reply e eee ee Frame 36 98 bytes on wire 98 bytes captured Ethernet II Src 00 90 8f 06 7e ca Dst 00 17 a4 40 fe 34 m Internet Protocol Src Addr 10 33 4 166 10 33 4 166 DSt Addr 10 33 2 3 10 33 2 3 Internet Control Message Protocol 10 2 5 3 Example 3 Configuring VoIP and Data in the Same VLAN gt To configure VoIP and data in the same VLAN 1 For VoIP and data configure a VLAN ID and then configure each to Obtain IP Address Automatically refer to the figure below optionally you can use a static IP address User s Manual 128 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings Figure 10 48 Configuring VoIP and Data in the Same VLAN 5 Configure WAN Ethernet General Device Name ethd 300 Status Connected Schedule Always Network PAN v Connection Type Ethernet Physical Address 00 90 8f 00 00 02 MTU Automatic 1500 Underlying Connection WAN Ethernet Internet Protocol Mo IP Address Mo IP Address Internet Connection Firewall Obtain an IP Address Automatically Additional IPF Addresses X Cancel j 2 Define a new network bridge Define it by checking the check box
140. ital certificates or shared secret for authentication a TF A Cancel j Version 2 4 85 April 2007 a UF E Fe A MP 202 Telephone Adapter 4 Select the Point to Point Tunneling Protocol Virtual Private Network PPTP VPN radio button and click Next The Point to Point Tunneling Protocol Virtual Private Network PPTP VPN screen will appear see figure 8 205 Figure 9 17 Point to Point Tunneling Protocol Virtual Private Network PPTP VPN qE Point to Point Tunneling Protocol Virtual Private Network LCI PPTP VPN Configure your PPTP VPN connection properties Login User Name case sensitive john _ mith Remote Tunnel Endpoint 4ddress 1917 52 51 i Back J Mext j _ Cancel j 5 Enter the username and password provided by the administrator of the network you are trying to access 6 Enter the remote tunnel endpoint address This would be the IP address or domain name of the remote network computer which serves as the tunnel s endpoint 7 Click Next the screen Connection Summary opens refer to the figure Figure 9 18 Connection Summary ae Connection Summary You have successfully completed the steps needed to create the following connection e Point to Point Tunneling Protocol to 191 52 3 1 VPN server User Name john_ smith Edit the Newly Created Connection Press Finish to create the connection Back oof Finish F A Cancel j 8 Check the check box Edit the Newly Cr
141. ity since internal LAN addresses are not transmitted over the Internet In addition NAT allows many addresses to exist behind a single valid address Use the NAT routing mode if your LAN consists of a single device otherwise collisions may occur if more than one device attempts to communicate using the same port Network Address and Port Translation NAPT refers to network address translation involving the mapping of port numbers allowing multiple machines to share a single IP address Use NAPT if your LAN encompasses multiple devices a topology that necessitates port translation in addition to address translation The device metric is a value used by the device to determine whether one route is superior to another considering parameters such as bandwidth delay and more Select this check box to define this device as a the default route Select this check box to enable the Routing Information Protocol RIP RIP determines a route based on the smallest hop count between source and destination When RIP is enabled select the following select None RIPv1 RIPv2 or RIPv1 2 Select None RIPv1 RIPv2 broadcast or RIPv2 multicast IGMP Proxy Internal IGMP proxy enables the system to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces IGMP proxy enables the routing of multicast packets according to the IGMP requests of LAN devices asking to join mul
142. k the link New Scheduler Entry the Scheduler Rule Edit screen appears refer to the figure Figure 13 18 Advanced Scheduler Rules Edit Scheduler Rule gi Edit Scheduler Rule Mame Echeduler Rule Rule Activity Settings Rule will be active at the scheduled time Rule will be inactive at the scheduled time Time Segments Action New Time Segment Entry EF YOK E X Cancel j 3 Specify a name for the rule in the Name field 4 Specify if the rule will be active inactive during the designated time period by selecting the appropriate Rule Activity Settings check box 5 Click the link New Time Segment Entry to define the time segment to which the rule will apply the Time Segment Edit screen appears refer to the figure Figure 13 19 Advanced Scheduler Rules Time Segment Edit 4k Edit Time Segment Days of Week Monday Tuesday Wednesday Thursday Friday Saturday Sunday Hours Range Start Time End Time Action New Hours Range Entry EF A Cancel Version 2 4 185 April 2007 Uno ERA MP 202 Telephone Adapter a Select active inactive days of the week b Click the New Time Segment Entry to define an active inactive hourly range 6 Click OK to save the settings 13 14 Date amp Time gt To configure date time and daylight savings time settings 1 Click the Date and Time icon in the Advanced screen of the Web based Management The D
143. largest packet size you should leave this value in the 1200 to 1500 range Internet Protocol Settings Select one of the following Internet Protocol options from the Internet Protocol drop down menu E No IP Address E Obtain an IP Address Automatically Your WAN connection is configured by default to act as a DHCP client You should keep this configuration in case your service provider supports DHCP or if you are connecting using a dynamic IP address m Use the Following IP Address Note that according to the selection you make in the Internet Protocol drop down menu the screen will refresh and display relevant configuration settings Figure 9 3 Internet Protocol Settings No IP Address Internet Protocol ho Pct eee The server that assigns the Telephone Adapter with an IP address also assigns a subnet mask You can override the dynamically assigned subnet mask by selecting the Override Subnet Mask and specifying your own mask instead You can press the Release button to release the current leased IP address Once the address has been released the button text changes to Renew Use the Renew button to renew the leased IP address Use the Following IP Address Your WAN connection can be configured using a permanent static IP address Your service provider should provide you with this IP address subnet mask and the default Telephone Adapter IP address Version 2 4 19 April 2007 9 1 3 9 1
144. le that you just added Click Edit to edit the access control rule for the service the screen Edit Service opens 7 Select the network group to which you would like to apply the rule and the schedule during which the rule will take effect 8 Click OK to save your changes and return to the Access Control screen You can disable an access control rule and make the service available without having to remove the service from Access Control This can be useful when making the service only temporarily available and when expecting to reinstate the restriction in the future m To temporarily disable rule clear the check box adjacent to the service name m To reinstate the restriction at a later time recheck it E To remove a rule click the action icon Remove for the service the service is removed from Access Control Note When Web Filtering is enabled HTTP services cannot be blocked by Access Control Version 2 4 141 April 2007 12 3 MP 202 Telephone Adapter Port Forwarding In its default state the gateway blocks all external users from connecting to or communicating with your network Therefore the system is safe from hackers who may try to intrude on the network and damage it However you may want to expose your network to the Internet in certain limited and controlled ways in order to enable some applications to work from the LAN game voice and chat applications for example and to enable
145. lity of Service DSCP Yalue hex 607 1p Priority Action Oxo Medium Wedium 0x10 digh xiz digh Ox14 4igh 0x16 4igh 0x15 Medium Ox14 Medium xic Medium Ox1LE Medium OxZE digh New Entry Close j Version 2 4 67 April 2007 on Se ee oe MP 202 Telephone Adapter 2 To edit an existing entry click its Edit action icon To add a new entry click the New Entry link In both cases the Edit DSCP Settings screen will appear refer to the figure Figure 8 9 QoS Edit DSCP Settings ie Edit DSCP Settings DSCP Value hex 802 1p Priority Sq Medium Medium High High 3 Configure the following fields Table 8 5 Edit DSCP Settings Parameter Descriptions Parameter Description DSCP Value hex Enter a hexadecimal number that will serve as the DSCP value 802 1p Priority Select a 802 1p priority level from the combo box 8 4 each priority level is mapped to low medium high priority m Click OK to save the settings Note that the DSCP value overriding the priority of incoming packets with an unassigned value priority 0 assumed to be a no priority set is Ox0 refer to the figure By default this value is mapped to 802 1p priority level O Low which means that such packets will receive the lowest priority 802 1p Mapping The IEEE 802 1p priority marking method is a standard for prioritizing network traffic at the data link Mac sub layer 802 1p traffic i
146. llows you to define port triggering entries to dynamically open the firewall for some protocols or ports refer to Remote Administration on page 167 m The Website Restrictions allows you to block LAN access to a certain host or web Version 2 4 137 April 2007 ms FF E F A MP 202 Telephone Adapter site on the Internet refer to Website Restrictions on page 151 m Advanced Filtering allows you to implicitly control the firewall setting and rules refer to Advanced Filtering on page 154 m Security Log allows you to view and configure the firewall Log refer to Security Log on page 159 12 1 General Security Level Settings Use the Security Settings screen to configure the Telephone Adapter s basic security settings refer to the figure below Figure 12 2 General Security Level Settings Advanced Filtering Maximum Security Inbound Policy Reject Remote Administration settings will override the security inbound policy Outbound Policy Reject Outbound access is allowed to the following services Telnet FTF HTTP HTTPS ONS IMAP POPS and SMTP Typical Security Inbound Policy Reject Remote Administration settings will override the security inbound policy Outbound Policy Accept Minimum Security Inbound Policy Accept Outbound Policy Accept Block IP Fragments X Cancel The firewall regulates the flow of data between the home network and t
147. matic Refresh of System Monitoring Web Pages select this check box to enable the automatic refresh of system monitoring web pages m Warn User Before Network Conguration Changes select this check box to activate user warnings before network configuration changes take effect m Session Lifetime the duration of idle time in seconds in which the WBM session will remain active When this duration times out the user will have to re login m Language select a different language for the WBM interface Use the link Remote Administration to access the MP 202 s remote administration screen from where you can selectively enable services that grant remote access to the MP 202 Use the screen section Management Application Ports to configure E Primary secondary HTTP ports E Primary secondary HTTPS ports E Primary secondary Telnet ports E Secure Telnet over SSL ports Use the screen section System Logging to configure m System Log buffer size m Remote system notify level None Error e Warning e Information Use the screen section Security Logging to configure m Security Log buffer size E Remote system notify level None e Error e Warning Information Use the screen section Outgoing Mail Server User s Manual 176 Document 299 452 100 User s Manual 13 Advanced Settings m Enter the hostname of your outgoing SMTP server in the Server field Each email requires a from
148. mended Configure the existing bridge by adding new connections or removing existing connections Add a New Bridge Configure a new bridge Note that no connections can be shared by two bridges and a bridge cannot be bridged oot Back J Next m F X Cancel P 4 Select whether to configure an existing bridge this option will only appear if a bridge exists or to add a new one User s Manual 116 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 1 Configure Existing Bridge Select this option and click Next the screen Network Bridging opens refer to the figure below allowing you to add new connections or remove existing ones by checking or unchecking their respective check boxes Figure 10 28 Network Bridging Be Network Bridging Configure Bridge properties Bridged Connections Name Status ry Bridge Up Fl Wan ethernet Connected LAN Ethernet Disconnected Wan Ethernet 2 Connected lt Back J Mext j A Cancel For example checking the WAN check box will create a LAN WAN bridge 2 Add a New Bridge Select this option and click Next a different Network Bridging screen opens refer to the figure below allowing you to add a bridge over the unbridged connections by checking their respective check boxes Figure 10 29 WLAN LAN Network Bridging d Network Bridging Configure your bridge properties Bridged Connections Mame Status E WAN ethernet Con
149. nced Diagnostics Statistic eee TEER ETE Teen Peer CNTR on rete oer TEA ESTE Fd Figure 13 9 Advanced MAC sills sada Figure 13 10 Regional Settings EEEIEE ENI PEPE AE TENT AE A T EE ETET TE T TE Figure 13 11 System r E E O EA E m MEE TAT Fs Figure 13 12 Advanced SNMP re E ERIE EEEIEE EEPE EEE E ANTEE IITE ESET E 13 13 Advanced Universal Plug n Play a E A A 3 14 MP 202 Firmware and Configuration Upgrade 13 15 Upgrade From a Computer in the Ne twork ccccccsseeccccceseseeeeceeeeeeeeeeeeeeceeeseaeneees 110 Romo a ipa caveat eseacn crsnnosesingiaeieresinalset eased ieee 13 17 Advanced Scheduler Rules EE E EA NEE A T EEE ETET jure 13 18 Advanced Scheduler Rules Edit Schedu ler PUIG ceccccccccccsssssecesssssssiivesessssviveseessseveee Figure 13 19 Advanced Scheduler Rules Time Segment Edit cccssssssssssssssssssssseessseeseeseees Version 2 4 9 April 2007 Nye Figure 13 20 Figure 13 21 Figure 13 22 Figure 13 23 Figure 13 24 Figure 13 25 Figure 13 26 Figure 13 27 MP 202 Telephone Adapter Date amp Time Settings scien sce ca ncsnscerirmincte ene srsenernnsauntxndrnencsansnaaseesinuntenisardiansonmnsnsisantsas 186 Managing PGI os icineositanextavesuvnnepeiaasunseinnnessihenseertxa stand aana AAS ERANS 188 189 Roung FSG axccnichetesesciacnesnescxts nania AA Ra aA RODNI RUG SOUN irasa a AR aiana PING OAM ONG as
150. nced Settings 13 10 SNMP Simple Network Management Protocol SNMP enables Network Management Systems NMSs to remotely configure and monitor your gateway Your Internet Service Provider ISP may use SNMP to identify and resolve technical problems 13 10 1 Configuring Your Gateway s SNMP Agent Technical information regarding the properties of the gateway s SNMP agent should be provided by your ISP gt To configure the gateway s SNMP agent 1 Click the icon Simple Network Management Protocol SNMP in the Advanced screen of the Web based Management the SNMP screen appears refer to the figure Figure 13 12 Advanced SNMP 2 Simple Network Management Protocol SNMP W Enable SNMP Agent Read Only Community Name public Read Write Community Name private Trusted Peer Any Address SNMP Traps W Enabled Version Sn w Destination lo fo fo fe Community OK r 7 Apply F X Cancel j 2 Define the SNMP parameters according to the instructions of the ISP Version 2 4 179 April 2007 4 uM wee Fe oe Read only Write Community Names SNMP Trusted Peer SNMP Traps MP 202 Telephone Adapter SNMP community strings are passwords used in SNMP messages between the management system and the gateway A read only community allows the manager to monitor the gateway A read write community allows the manager to both monitor and configure the gateway The IP address or subnet of addresses tha
151. nected LAN Ethernet Disconnected WAN Ethernet 2 Up Back J Next J X Cancel J Version 2 4 117 April 2007 MP 202 Telephone Adapter Important notes The same connections cannot be shared by two bridges A bridge cannot be bridged Bridged connections will lose their IP settings Click Next the screen Connection Summary opens refer to the figure below corresponding to your changes Figure 10 30 Connection Summary Configure Existing Bridge ae Connection Summary You have successfully completed the steps needed to create the following connection Configure the existing bridge LAN Bridge WAN Ethernet LAN Ethernet LAN USB LAN Wireless 802 119 Access Point will be bridged Bridged connections are about to lose their IP settings If the bridge is removed the connections should be configured pen G Management Console might lose its connectivity Edit the Connection Press Finish to create the connection Check the check box Edit the Newly Created Connection to be routed to the new connection s configuration screen after clicking Finish Click Finish to save the settings the new bridge is added to the network connections list it s configurable like any other bridge 10 2 2 General Refer to General on page 100 10 2 3 Internet Protocol Settings Refer to Internet Protocol Settings on page 75 User s Manual 118 Document 299 452 100 User s Manual 10 VLAN and
152. nformation level is selected the user will receive notification of Information Warning and Error events If the Warning level is selected the user will receive notification of Warning and Error events etc gt To configure email notification for a specific user 1 Make sure you have configured an outgoing mail server in System Settings A click on the Configure Mail Server link will display the System Settings page were you can configure the outgoing mail server 2 Enter the user s email address in the Address field in the Email section 3 Select the System and Security notification levels in the System Notify Level and Security Notify Level combo boxes respectively User s Manual 188 Document 299 452 100 User s Manual 13 Advanced Settings 13 16 Routing 13 16 1 Managing Routing Table Rules You can access the routing table rules by clicking the Routing icon from the Advanced screen The Routing screen will appear Figure 13 22 Routing Rules id i Routing Name Destination Gateway Netmask Metric Status Action Routing Table LAN Ethernet 192 168 2 3 192 168 1 1 255 255 255 255 20 Applied New Route Routing Protocols Routing Information Protocol RIP W Multicasting x OK r A Cancel j When adding a routing rule you need to specify Version 2 4 189 April 2007 4 MN wee Fe A Parameter Device Destination Netmask Gateway
153. ng which the rule may be active The hierarchy of the class rules is determined by the order of their addition to the class For example if your first rule is match packets with any source address any destination address and any protocol to this class then all packets traveling through the gateway will be associated with the specific class Any rules defined later will not have any effect Version 2 4 63 April 2007 4 MN wee Fe oe MP 202 Telephone Adapter 8 2 Traffic Priority Traffic Priority allows you to manage and avoid traffic congestion by defining inbound and outbound priority rules for each device on your gateway These rules determine the priority that packets traveling through the device will receive QOS parameters DSCP marking and packet priority are set per packet on an application basis You can set QoS parameters using flexible rules according to the following parameters E Source destination IP address MAC address or host name m Device E Source destination ports Limit the rule for specific days and hours the gateway supports two priority marking methods for packet prioritization E DSCP E 802 1p Priority The matching of packets by rules is connection based known as Stateful Packet Inspection SPI using the same connection tracking mechanism used by firewall Once a packet matches a rule all subsequent packets with the same attributes receive the same QoS parameters both inbound and outbound
154. ns except those that should be modified by the remote configuration For example a Service Provider can choose to configure just the section voip The configuration file must include the root rg_conf and the section rmt_config The structure and integrity of the configuration file must be preserved m The string lt MAC gt enables the ISP to configure all its deployed systems with the same URL and file details under rmt_config url Once the URL is configured with the string lt MAC gt the system which is trying to update its configuration file automatically replaces lt MAC gt with its own unique MAC address For example if there s a system with a WAN MAC address 00 01 02 03 04 05 the ISP should configure the url with command _conf_set rmt_config url http myserver com my_conf_file_ lt MAC gt conf and place a file called my_conf_file O00 01 02 03 04 O5 conf 13 13 Scheduler Rules Scheduler rules are used for limiting the activation of Firewall rules to specific time periods specified in days of the week and hours gt To define a Rule 1 Click the icon Scheduler Rules in the Advanced screen of the Web based Management the Scheduler Rules screen appears refer to the figure Figure 13 17 Advanced Scheduler Rules ge Scheduler Rules Settings Status Action New Entry Er fF Clase j _ Retresh J User s Manual 184 Document 299 452 100 User s Manual 13 Advanced Settings 2 Clic
155. nt 299 452 100 User s Manual 10 VLAN and Bridge Settings Table 10 1 VLAN Interface General Communication Parameters Parameter Description Schedule By default the connection will always be active However you can configure scheduler rules in order to define time segments during which the connection may be active Once a scheduler rule s is defined via Advanced gt Scheduler Rules this field changes to a combo box allowing you to choose between the available rules To configure scheduler rules refer to Section 10 11 Network Select whether the parameters you are configuring relate to a WAN LAN or DMZ connection by selecting the connection type from the combo box For detailed information refer to Section 4 2 Physical Address The physical address of the network card used for your network Some cards allow you to change this address Clone MAC Allows you to copy the current MAC address of your PC to the MAC address of this device MTU MTU is the Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission In the default setting Automatic the Telephone Adapter selects the best MTU for your Internet connection In case you Change to manual you can enter the largest packet size you should leave this value in the 1200 to 1500 range Underlying Connection The Ethernet device that the connection is implemented over Select one of the following Internet Protocol options from
156. number Version 2 4 53 April 2007 Uno ERA MP 202 Telephone Adapter If you press Flash again before the other party answers you ll revert to the original call If however the other party answers and you press Flash a 3 way conference is established To place the remote party on hold when Flash digits sequence is configured refer to Configuring Dialing Parameters on page 37 Press the Flash key and then the 1 key on the phone the phone plays a dial tone At this point you can initiate a second call by dialing another party s number To cancel the hold state and resume the previous phone call press Flash and then 1 7 4 Performing a Call Transfer gt To transfer an existing call with B to a third party C when Flash only is configured refer to Configuring Dialing Parameters on page 37 During a call with party B press Flash Party B is placed on hold and you ll hear a dial tone Dial party C s number You can wait for C to answer or not On hook you ve transferred B to C To transfer an existing call with B to a third party C when Flash digits sequence is configured refer to Configuring Dialing Parameters on page 37 During a call with party B press Flash and then the 1 key on the phone Party B is placed on hold and you ll hear a dial tone Dial party C s number You can wait for C to answer or not Press the Flash key and then the
157. o foo o o sf 2 Enter a host name for this connection 3 Enter the fixed IP address to be assigned to the computer 4 Enter the MAC address of the computer s network card Note A device s fixed IP address is actually assigned to the specific network card s NIC MAC address installed on the LAN computer If you replace this network card then you must update the device s entry in the DHCP Connections list with the new network card s MAC address Click OK to save the settings the DHCP Connections screen reappears displaying the defined static connection This connection can be edited or deleted using the standard Action icon User s Manual 198 Document 299 452 100 User s Manual 13 Advanced Settings 13 20 DNS Server Domain Name System DNS provides a service that translates domain names into IP addresses and vice versa The Telephone Adapter s DNS server is an auto learning DNS which means that when a new computer is connected to the network the DNS server learns its name and automatically adds it to the DNS table Other network users may immediately communicate with this computer using either its name or its IP address In addition your Telephone Adapter s DNS E Shares a common database of domain names and IP addresses with the DHCP server E Supports multiple subnets within the LAN simultaneously Automatically appends a domain name to unqualified names E Allows new domain names to be added to th
158. on Firewall ese PEIEE IAEE TE TEI A E EEA 107 10 1 6 Allow Unrestricted Administration OPPE O EE E EAE TEE E E i 10 1 7 Additional IP Addresses EOE EEE a 10 i Peron of Aai 3 VLANs VoIP Data and Management 08 108 10 2 1 p an the Connection N aussie nese EO 10 2 2 eae UALS Rae 1 10 2 3 Internet Protocol ie ol ale EA anaes a TO 10 2 4 Bridge Settings a a a L eo 10 2 5 Examples of Configuring VLANS it in 1 Bridge M ode ees terre 120 10 2 5 1 Example 1 Configuring 3 VLANs VolP Data and Management 120 2 5 2 Example 2 Configuring Tagged VolP Untagged Data Traffic 124 10 2 5 3 Example 3 Configuring VolP and I Data in the Same VLAN one 128 CPE WAN Management Pro TR 069 11 2 TR 069 Parameter l setae er 11 2 1 AE eects etree eset 12 2 i Control conta NAPE PAPA IA TA IEE PE EEE OAOE A E T 12 a Pt E A E E A I E E A S ee 1 27 T his nced Fi Fi VAER IIA EPEE AE PEE N AENA I A OENE EEREN 1 oe LAS Socu OO irsin EEE NEE ai aisea 1 Settings 0 EOE renee rere ETENE ETE EEES 165 13 1 Remote Administration 13 2 Pae the MP 202 siiis nced Restoring Defaul ult t Se a E aaa le 13 6 Diagnostics 13 6 1 Diagnosing ated en pap ieeindn meee a ee nen 1 on 2 Performing a Traceroute 13 40 0 1 tere S Gateway s SNMP AGent cccccceeeeeeeseseseesnnseaaaeeeeeeee
159. onding to the restricted websites are blocked Click button Resolve Now the gateway checks each of the restricted website addresses and ensures that all IP addresses at which this website can be found are included in the IP addresses column 153 April 2007 Uno ERA MP 202 Telephone Adapter You can disable a restriction to make a website available again without having to remove it from the screen Website Restrictions This can be useful when making the website temporarily available and when expecting to block it again in the future m To temporarily disable a rule clear the check box adjacent to the service name E To reinstate it at a later time recheck the check box E To remove a rule click the action icon Remove for the service the service will be permanently removed 12 7 Advanced Filtering Advanced filtering is designed to allow comprehensive control over the firewall s behavior You can define specific input and output rules control the order of logically similar sets of rules and make a distinction between rules that apply to WAN and LAN devices User s Manual 154 Document 299 452 100 User s Manual 12 Security To view the gateway s advanced filtering options click the tab Advanced Filtering in the Security screen the screen Advanced Filtering opens refer to the figure Figure 12 24 Advanced Filtering os Security Input Rule Sets Destination Address Source PRH Pr
160. onfiguration of advanced VoIP parameters Version 2 4 31 April 2007 Unver MP 202 Telephone Adapter 5 1 1 Configuring Signaling Protocol Parameters Note In the current version release only SIP Session Initiation Protocol is supported gt To configure signaling protocol parameters m After clicking the menu Voice over IP in the main screen the Signaling Protocol screen opens by default refer to the figure below Figure 5 1 VoIP Signaling Protocol cae Voice Over IP Signaling Protocol Signaling Protocol SIP Proxy and Registrar W Use SIP Proxy Proxy IP Address or Host Name 10 162 44 Proxy Port S060 Use SIP Proxy IF and Port for Registration Register Expires Seconds _ Use SIP Outbound Proxy Table 5 1 VoIP Signaling Protocol Parameter Description Use SIP Proxy When checked outgoing calls will be routed to the configured SIP proxy If the parameter Use SIP Proxy IP and Port for Registration is checked as well the configured SIP proxy will also be used as the registrar allowing incoming calls Use SIP Registrar Check to use a Separate SIP registrar server Default is unchecked Use SIP Outbound Use an outbound SIP proxy all SIP messages will be sent to this server as Proxy the first hop Default is unchecked m Check the checkbox Use SIP Proxy the SIP Proxy screen showing basic parameters opens Click the button Advanced gt gt the SIP Proxy scr
161. orts Incoming Ports to Open Action W LTP Layer Two Tunneling Protocol UDP Any gt 1701 UDP Any gt Same as Initiating TFTP Trivial File Transfer Protocol UDP 1024 65535 gt 69 UDP Any gt Same as Initiating v game_server UDF Any gt 2222 UDF Any gt 3333 Specify Protocol Add You can disable a port triggering rule without having to remove it from the screen Port Triggering m To temporarily disable a rule clear the check box next to the service name E To reinstate it later simply reselect the check box E To remove a rule click the action icon Remove for the service the service is permanently removed There may be a few default port triggering rules listed when you first access the port triggering screen Note that disabling these rules may result in impaired gateway functionality 12 6 Website Restrictions You can configure the gateway to block specific Internet websites so that they cannot be accessed from computers in the home network Moreover restrictions can be applied to a comprehensive and automatically updated table of sites to which access is not recommended Version 2 4 151 April 2007 mw fF E F A MP 202 Telephone Adapter gt To block access to a website 1 Click the tab Website Restrictions in the screen Security refer to the figure Figure 12 20 Website Restrictions oe Security Restrict access from the LAN to websites Local Host Local Address R
162. ost name of the SIP proxy The UDP or TCP port of the SIP proxy Use the SIP proxy IP and port for registration Default checked When checked there is no need to configure the address of the registrar separately Use an outbound SIP proxy all SIP messages will be sent to this server as the first hop Default unchecked This parameter appears only in Advanced mode User s Manual 34 Document 299 452 100 User s Manual 5 Configuring VolP Parameters Table 5 3 VoIP Signaling Protocol SIP Timers Parameter Description Retransmission Timer The SIP T1 retransmission timer according to RFC 3261 T1 Retransmission Timer The SIP T2 retransmission timer according to RFC 3261 T2 Retransmission Timer The SIP T4 retransmission timer according to RFC 3261 T4 INVITE Timer The SIP INVITE timer according to RFC 3261 m Uncheck the box Use SIP Proxy IP and Port for Registration and check Use SIP Registrar the parameters screen for SIP Registrar opens showing the basic parameters Click the button Advanced the parameters screen for SIP Registrar showing the advanced parameters including the basic parameters opens Figure 5 3 VoIP Signaling Protocol SIP Proxy and Registrar By Voice Over IP Media Dialing Streaming Signaling Protocol Signaling Protocol SIP Proxy and Registrar Use SIP Proxy Proxy IP Address or Host Name 10 16 2 44 Proxy Port 5060 C Use SIP Pro
163. otocols Rule ID Initial Rules LAN Bridge Rules LAN Ethernet Rules LAN Wireless 607 119 Access Point Rules LAN USB Rules Final Rules Output Rule Sets Destination Address Source Ke Protocols Rule ID Initial Rules LAN Bridge Rules LAN Ethernet Rules LAN Wireless 802 11g Access Point Rules LAN USB Rules Final Rules Operation Operation Status Status Action New Entry New Entry New Entry Mew Entry Mew Entry New Entry Action New Entry Mew Entry New Entry New Entry New Entry New Entry wf Ok j T Apply X Cancel j Resolve Mow j Refresh j This screen is divided into two identical sections one for Input Rule Sets and the other for Output Rule Sets which are for configuring inbound and outbound traffic respectively Each section is comprised of subsets which can be grouped into three main subjects 1 Initial rules rules defined here will be applied first on all gateway devices 2 Network devices rules rules can be defined per each gateway device 3 Final rules rules defined here will be applied last on all gateway devices Version 2 4 155 April 2007 MP 202 Telephone Adapter Note The order of the firewall rules appearance in the screen Advanced Filtering represents the sequence by which they will be applied Numerous rules are automatically inserted by the firewall to provide improved security and block harmful attacks User s Manual 156 Doc
164. ou wish to disable the DMZ host but expect that you will want to enable it again in the future m To disable the DMZ host so that it will not be fully exposed to the Internet clear the check box next to the DMZ IP designation and click OK E To re enable the DMZ host later recheck the check box 12 5 Port Triggering Port triggering can be used for dynamic port forwarding configuration By setting port triggering rules you can allow inbound traffic to arrive at a specific LAN host using ports different than those used for the outbound traffic This is called port triggering since the outbound traffic triggers to which ports inbound traffic is directed Version 2 4 147 April 2007 MP 202 Telephone Adapter For example consider a gaming server that is accessed using UDP protocol on port 2222 The gaming server responds by connecting the user using UDP on port 3333 when starting gaming sessions In such a case you must use port triggering since this scenario conflicts with the following default firewall settings m The firewall blocks inbound traffic by default m The server replies to the gateway s IP and the connection is not sent back to your host since it is not part of a session To solve this you need to define a Port Triggering entry which allows inbound traffic on UDP port 3333 only after a LAN host generated traffic to UDP port 2222 This results in accepting the inbound traffic from the gaming server and sending
165. ovider PPP supports authentication protocols such as PAP and CHAP as well as other compression and encryption protocols User s Manual 78 Document 299 452 100 User s Manual 9 WAN Settings Table 9 4 PPP Configuration Parameter Descriptions Parameter Description Service Name Specify the networking peer s service name if provided by your ISP PPP on Demand Use PPP on demand to initiate the point to point protocol session only when packets are actually sent over the Internet Time Between Specify the duration between PPP reconnected attempts as provided by your Reconnect ISP Attempts Figure 9 9 PPP Configuration PPP Service Name should be filled only if specified by provider On Demand will attempt to connect only when packets are sent Time Between Reconnect Attempts 30 Seconds 9 2 3 PPP Authentication Point to Point Protocol PPP currently supports four authentication protocols 1 Password Authentication Protocol PAP 2 Challenge Handshake Authentication Protocol CHAP 3 Microsoft CHAP version 1 4 Microsoft CHAP version 2 Version 2 4 19 April 2007 Ss mM uU E R A wa MP 202 Telephone Adapter This section allows you to select the authentication protocols your gateway may use when negotiating with a PPTP server Select all the protocols if no information is available about the server s authentication protocols Note that encryption is performed only if Microsoft CHAP Microsoft CHAP
166. own below opens Figure 10 18 Use the Following IP Address IP Address Subnet Mask Default Gateway User s Manual 110 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 5 Define an IP address for each device and click Apply and OK Changing the Routing Mode gt Tochange the routing mode 1 For all VOIP packets needing to be transferred within the VoIP VLAN Open menu Network Connections gt WAN Ethernet 2 gt Settings the figure shown below opens Routing Routing Mode Device Metric Default Route 2 In the Routing drop down list change the mode to Advanced extended parameters are displayed refer to the figure below Figure 10 20 Routing Advanced Extended Parameters Routing Mode Route Bl Device Metric 3 i Default Route Multicast IGMP Proxy Default 3 Configure parameter Routing Mode NAT or Route Choose Route and check the check box Default Route in order to use the VoIP VLAN 4 Configure Device Metric to be the lower than the default metric default 3 Version 2 4 111 April 2007 Mi rtf E fF A MP 202 Telephone Adapter Adding a Static Route gt To add a static route 1 Open menu Advanced gt Routing and click link New Route the screen shown below opens Figure 10 21 Route Settings y Route Settings Destination o He ho Jo Netmask es ho fo fo Gateway wo ga de p
167. password gt To view the current TR 069 settings run these commands User s Manual rg conf print manufacturer vendor name rg conf print manufacturer vendor oui rg conf print manufacturer product class rg conf print manufacturer model number rg conf print manufacturer hardware serial num rg conf print cwmp acs url rg conf print cwmp username rg conf print obscure cwmp password rg conf print cwmp conn req username rg conf print obscure cwmp conn req password 134 Document 299 452 100 User s Manual gt gt gt Name Manufacturer OUI ProductClass SerialNumber Version 2 4 11 TR 069 CPE WAN Management Protocol To change a TR 069 parameter use the following API rg conf set manufacturer vendor name CompanyName rg conf set manufacturer vendor oui Organizationally Unique Identifier OUI is 00908F rg conf set manufacturer product class MP 20X rg conf set manufacturer model number MP 202 rg conf set manufacturer hardware serial num 123456 rg conf set cwmp acs url http acsurl com rg conf set cwmp username cpe rg conf set obscure cwmp password 123456 rg conf set cwmp conn req username acl rg conf set obscure cwmp conn req password 123 If a parameter is changed activate the following CLI commands rg conf set cwmp enabled 1 reconf 1 To stop and restart the TR 69 client use the following CLI commands cwmp session start cwmp session stop Table 11 1 TR 069 Parameter Descriptions T
168. performed check is displayed by the line between the Check Now and Force Upgrade buttons indicating whether a new version is available or not m If anew version is available 1 Press the Force Upgrade button A download process will begin When downloading is completed a confirmation screen will appear asking you if you want to upgrade to the new version 2 Click OK to confirm The upgrade process will begin and should take no longer than one minute to complete At the conclusion of the upgrade process the MP 202 will automatically reboot The new software version will run m If anew version is not available 1 Press the Check Now button to perform an immediate check instead of waiting for the next scheduled one The screen will display a green Check in progress message Figure 13 16 Remote Update Check Upgrade From the Internet amp Automatically Check for Hew Versions and Upgrade 13 12 3 Check every 4 hours at URL https www audiocodes com oper Mext check scheduled in 2 43 hours Check Mow F Internet Version Mo new version available 2 Press the Refresh button until the check is completed and the result is displayed Remote Configuration Download The MP 202 can download a configuration file from the Internet The downloaded file can be triggered manually from the Command Line Interface or automatically every time the device is powered up gt To download a configur
169. principles outlined in this section apply to all tables in the Web based Management Figure 4 3 Typical Table Structure mi Network Connections Status Action ry WOM Ethemet 4 LAN ethernet Connection Wizard EE lose P Stats F Advanced The figure illustrates a typical table Each row denotes an entry in the table The following buttons located in the Action column enable adding editing and deleting table entries Table 4 3 Managing Tables Use the Add button to add a row to the table Use the Edit button to edit a row from the table Use the Delete button to remove a row from the table In many tables the last row includes a button that allows adding a new row to the table Version 2 4 29 April 2007 User s Manual 5 Configuring VolP Parameters 5 Configuring VoIP Parameters 5 1 Voice over IP Screen Open the Voice over IP screen by clicking the button Voice over IP on the menu bar to the left the Voice over IP screen opens showing the tabs that allow m Configuring Signaling Protocol Parameters on page 32 Configuring Dialing Parameters on page 37 Configuring Media Streaming Parameters on page 39 Configuring Voice and Fax Parameters on page 42 Configuring Services Parameters on page 43 Configuring Line Settings Screen on page 46 Configuring Speed Dial Settings on page 47 Note Clicking the button Advanced in the Voice over IP screens enables c
170. r if reboot attempts fail three times consecutively the gateway resets the configuration file by restoring factory defaults before attempting to reboot User s Manual 170 Document 299 452 100 User s Manual 13 Advanced Settings 13 4 13 5 Restart gt To restart your gateway 1 Click the icon Restart in the Advanced screen of the Web based Management the Restart screen is displayed refer to the figure below Figure 13 5 Advanced Restart tt Restart Are you sure you Want to reboot the Gateway of OK X Cancel F 2 Press OK to restart the gateway This may take up to one minute 3 To re enter the Web based Management after restarting the gateway click the browser s Refresh button Restoring Default Settings You can restore the MP 202 s factory default settings when for example you re building a new network from the beginning or when you cannot recall changes made to the network and you need to go back to the default configuration gt To restore default settings 1 Click the Restore Defaults icon in the Advanced screen of the Web based Management the Restore Defaults screen is displayed refer to the figure Figure 13 6 Restore Defaults Ei Restore Defaults A Attention The following items will be set to default User Defined Settings Network Connections All connected DHCP clients will need to request new IP addresses Also the MP202 will have
171. r Select the codec to be used for the VBD and Bypass modes PCMA default or PCMU G 711 64 kbps A Law OR G 711 64 kbps u Law Enable CNG Detection Check to enable detection of the fax CNG signal generated by the calling fax machine at the beginning of the fax session Default Disabled Max Rate The maximum fax rate Select from the drop down list either 2 4 Kbps 4 8 Kbps 7 2 Kops 9 6 Kbps 12 Kbps or 14 4 Kbps default Error Correction Mode Check to enable fax error correction mode ECM Default Enabled 5 1 5 Configuring Services Parameters gt To configure Service parameters m Click the tab Service the basic Service parameters screen opens Version 2 4 43 April 2007 E ms U E R A MP 202 Telephone Adapter m Click the button Advanced the extended Service parameters screen opens Figure 5 8 VoIP Services Basic ay Voice Over IP Call Waiting Call Waiting SIP Reply Call Forward C Enabled Message Waiting Indication C Enabled Figure 5 9 VoIP Services Advanced Ap Voice Over IP Call Waiting Call Waiting SIP Reply Call Forward V Enabled Call Forward Type Time for No Reply Forward Key Sequence Message Waiting Indication Enabled M Subscribe To MWI MWI Server IP 4ddress Or Host Name MWI Server Port MWI Subscribe Expiration Time Stutter Tone Duration Stutter Tone Duration User s Manual 44 Document
172. rameters Description Dialing timeout specifies the duration in seconds of allowed inactivity between dialed digits When you work with a proxy or gatekeeper the number you have dialed before the dialing process has timed out is sent to the proxy gatekeeper as the user ID to be called This is useful for calling a remote party without creating a speed dial entry assuming the remote party is registered with the proxy gatekeeper The maximum length of shortcut numbers that you can enter and the maximum number of digits that you can dial The duration of the dial tone in seconds If the limit is exceeded the dial tone will stop and you will hear a warning tone DTMEs are the tones generated by your telephone s keypad Choose either Inband RFC 2833 or Via SIP Enables the ISP to predefine possible formats or patterns for the dialed number A match to one of the defined patterns terminates the dialed number An x in the pattern indicates any digit separates between patterns Example 10x 05XXXXXXXX 4XXX In this example 3 patterns are defined A number that starts with 10 will be terminated after the 3rd digit and so on If the user dials a number that does not match any pattern the number will be terminated using the timeout or when the user presses the pound key This parameter works in conjunction with the Digit Map and enables translation of specific patterns to specific SIP destination addresses An
173. re 12 19 New Port T a Rule mee en sina eanEieeae A a a 1 Figure 12 20 Website Restrictions ors cancisnias nadincxiaidigninaesincgsanblanteonidumsnnndiniactidinraanieatiaeiiesambleaiaae 1 OR Figure 12 21 Restricted Website Figure 12 22 Add a Specific Ho st Figure 12 23 Add a Specific Schedule Figure 12 24 Advanced Filtering Figure 12 25 Add Advanced Filter PERPEIT E NEPE PE OEE A PEET TIE adamant ies Figure 12 26 Specify Source Address re prota eee ESA MAAE AE E PE SA AN E ETEA EEA E TTET Figure 12 27 Specify Protocol PEET PAE IEE A ETEA I EESE EE TIRAIRE EEE E TEAT ETE Figure 12 28 Set Priority Rule PEA EEA E T PA I EELE TRETE ET E ET TEET E EEE Figure 12 29 Set DSCP Rule ccccccccssssssssssscceseeccaeeeeaeceeceeeeceececeeeeeeaeaeeaaeseeeeasssssssssssssssssssssseass Figure 12 30 Security eae nrrtya tence E E E ou averse E EE ETN Figure 12 31 Security ESA Setting rarer a PE AEE T EA ALEE EEE EE E ATR TATT Figure 13 1 Advanced Se Figure 13 2 Remote Administration A A E A E A E Figure 13 3 Advanced About the Gateway CEE PEE A E EE A EEEE IEE TEET AE ETE ETTA Figure 13 4 Contents of the PEA File AA A E AA ee dasa ie nace gece Figure 13 5 Advanced Restart Figure 13 6 Restore Defaults pee tela tenets gota anata cmt ates ii gate Figure 13 7 Advanced Diagnostics Pepe rade a a a 12 Figure 13 8 Adva
174. ress DHCP Lease Renew j Pelease User s Manual 126 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 8 For WAN Ethernet 2 VLAN ID 200 configure this interface to Obtain IP Address Automatically Optionally you can choose option Use the Following IP Address for a static IP address Figure 10 44 Configuring WAN Ethernet 5 Configure WAN Ethernet General Device Name status Schedule Network Connection Type Physical Address MTU Underlying Connection Internet Protocol Internet Connection Firewall Additional IPF Addresses etho 300 Connected Always wan E Ethernet 00 90 8f 00 00 02 Automatic 1500 WAM Ethernet Mo IP Address Mo IP Address Obtain an IP Address Automatically Use the Following IP Address i OK j T Apply j X Cancel j 9 Set your PC to use DHCP address the figure below shows how the System Monitoring screen should look Name Device Name Status Network Underlying Device Connection Type MAC Address IP Address Subnet Mask Default Gateway IP Address Distribution Received Packets Sent Packets Time Span Version 2 4 Figure 10 45 System Monitoring WAN Ethernet etho Connected WAN Ethernet 00 90 8f 01 e2 40 Disabled 681689 523 N System Monitoring LAN Ethernet ethi Connected LAN Ethernet 12 de ca 81 82 d5 Disabled 9176 26427 0 23 33 Bridge bro Connected WAN LAN Ethern
175. resses to LAN hosts Subnet Mask A mask used to determine to what subnet an IP address belongs An example of a subnet mask value is 255 255 0 0 Lease Time In Minutes Each device will be assigned an IP address by the DHCP server for this amount of time when it connects to the network When the lease expires the server will determine if the computer has disconnected from the network If it has the server may reassign this IP address to a newly connected computer This feature ensures that IP addresses that are not in use will become available for other computers on the network Provide Host Name If Not Specified by Client If the DHCP client does not have a host name the device will automatically assign one for him Figure 10 6 IP Address Distribution DHCP Server IP Address Distribution DHCP Server Start IP Address 192 168 End IP Address 192 168 Subnet Mask 255 255 Lease Time In Minutes 60 v Provide Host Name If Not Specified by Client User s Manual 104 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings DHCP Relay Your device can act as a DHCP relay in case you would like to dynamically assign IP addresses from a DHCP server other than your Telephone Adapter s DHCP server Note that when selecting this option you must also change the device s WAN to work in routing mode For detailed information refer to Section 10 28 2 1 After selecting DHCP Relay from the drop down menu a New IP
176. rks NAPT Network Address and Port Translation NAPT refers to network address translation involving the mapping of port numbers allowing multiple machines to share a single IP address Use NAPT if your LAN encompasses multiple devices a topology that necessitates port translation in addition to address translation User s Manual 76 Document 299 452 100 User s Manual 9 WAN Settings Parameter Description Device Metric The device metric is a value used by the Telephone Adapter to determine whether one route is superior to another considering parameters such as bandwidth delay and more Default Route Select this check box to define this device as a the default route Routing Information Select this check box to enable the Routing Information Protocol RIP RIP Protocol RIP determines a route based on the smallest hop count between source and destination When RIP is enabled select the following Listen to RIP messages select None RIPv1 RIPv2 or RIPv1 2 Send RIP messages select None RIPv1 RIPv2 broadcast or RIPv2 multicast Multicast IGMP IGMP proxy enables the system to issue IGMP host messages on behalf of Proxy Internal hosts that the system discovered through standard IGMP interfaces IGMP proxy enables the routing of multicast packets according to the IGMP requests of LAN devices asking to join multicast groups Select the Multicast IGMP Proxy Internal check box to enable this fe
177. rlying Device WAN Ethernet VLAN ID L EE ll aniic Next gt j wow Cancel J A Cancel 4 Select the underlying device for this interface The combo box displays the device s Ethernet connections Version 2 4 99 April 2007 WW wwe Fe MP 202 Telephone Adapter 5 Enter a value that will serve as the VLAN ID and click Next the Connection Summary screen appears refer to the figure Figure 10 2 Connection Summary pF Connection Summary You have successfully completed the steps needed to create the following connection VLAN interface over WAN Ethernet VLAN ID isl Edit the Newly Created Connection Press Finish to create the connection lt Back E Finish j AX Cancel j 6 Check the Edit the Newly Created Connection check box to be routed to the new connection s configuration screen after clicking Finish 7 Click Finish to save the settings the new VLAN interface is added to the network connections list it s configurable like any other connection 10 1 2 General The top part of the configuration window displays general communication parameters It s recommended to leave the values in this screen at their defaults unless you re familiar with the networking concepts they represent Since your Telephone Adapter is configured to operate with the default values no parameter modification is necessary You can configure the following general connection settings User s Manual 100 Docume
178. rom this computer the firewall will allow this request to pass out onto the Internet refer to WAN PPPoE on page 78 for more on setting access controls When the Web page is returned from the Web server the firewall will associate it with this session and allow it to pass regardless of whether HTTP access from the Internet to the home network is blocked or permitted Note that it is the origin of the request not subsequent responses to this request that determines whether a session can be established or not You can choose from among three pre defined security levels for the MP 202 Minimum Typical and Maximum the default setting The table below summarizes the behavior of the MP 202 for each of the three security levels Table 12 1 Behavior for the Three Security Levels Level Requests Originating Requests in the WAN Originating Incoming Traffic in the LAN Outgoing Traffic Blocked No access to home network Limited Only commonly used services from Internet except as configured in such as Web browsing and e mail are the Local Servers DMZ host and permitted Remote Access screens Typical Security Blocked No access to home network Unrestricted All services are permitted Minimum Security from Internet except as configured in except as configured in the Access the Local Servers DMZ host and Control screen Remote Access screens Unrestricted Permits full access from Unrestricted All services are permitted Int
179. rting firewall configuration Username admin View column Time to determine the time the event occurred View column Event to determine the type of event There are five types of events e Inbound Traffic The event is a result of an incoming packet e Outbound Traffic The event is a result of outgoing packet e Firewall Setup Configuration message e WBM Login Indicates that a user has logged in to WBM e CLI Login Indicates that a user has logged in to CLI via Telnet View column Event Type for a textual description of the event e Blocked The packet was blocked The message is color coded red e Accepted The packet was accepted The message is color coded green addresses ports etc ual View column Details for details of the packet or the event such as protocol IP 160 Document 299 452 100 User s Manual 12 Security gt To view or change the security log settings 1 Click Settings in the Firewall Log screen the screen Security Log Settings opens refer to the figure Figure 12 31 Security Log Settings ne Security Log Settings Accepted Events Accepted Incoming Connections Accepted Gutgoing Connections Blocked Events All Blocked Connection Attempts Winnuke Multicast Broadcast Defragmentation Error Spoofed Connection Blocked Fragments Packet Illegal Options Syn Flood UDF Flood Echo Chargen
180. s The following describes how to perform these operations 7 1 Placing a Call gt To place a call take these steps 1 Pick up the phone 2 Make sure that you can hear a dial tone 3 Dial the remote party s number or pre configured speed dial number 7 2 Answering a Waiting Call gt To answer a waiting call when Flash only is configured refer to Configuring Dialing Parameters on page 37 1 When you hear a call waiting tone during a call press Flash on the phone this puts the active call on hold and switches to the waiting call 2 To return to the original call press Flash again You can toggle from one party to another as much as you like by pressing Flash gt To answer a waiting call when Flash digits sequence is configured refer to Configuring Dialing Parameters on page 37 1 When you hear the call waiting tone during a call press the Flash key on the phone and then the 1 key this puts the original call on hold and switches to the waiting call 2 To return to the original call press Flash 1 again You can toggle from one party to another as much as you like by pressing Flash 1 7 3 Putting a Call on Hold gt To place the remote party on hold when Flash only is configured refer to Configuring Dialing Parameters on page 37 1 During a call press Flash on the phone the phone plays a dial tone At this point you can initiate a second call by dialing another party s
181. s available m To expose one computer to all services without restriction irrespective of security User s Manual 146 Document 299 452 100 User s Manual 12 Security Warning A DMZ host is not protected by the firewall and may be vulnerable to attack Designating a DMZ host may also put other computers in the home network at risk When designating a DMZ host you must consider the security implications and protect it if necessary An incoming request for access to a service in the home network such as a Web server is fielded by the MP 202 The MP 202 will forward this request to the DMZ host if one is designated unless the service is being provided by another PC in the home network assigned in Local Servers in which case that PC will receive the request instead gt To designate a local computer as a DMZ Host 1 Click tab DMZ Host the screen DMZ Host opens refer to the figure Figure 12 12 DMZ Host ed Security Allow a single LAN computer to be fully exposed to the Internet DMZ Host IP Address hsz hee h jo i X Cancel j 2 Enter the local IP address of the computer to be designated as a DMZ host Note that only one LAN computer can be a DMZ host at any time 3 Click OK to save your changes and return to the screen DMZ Host You can disable the DMZ host so that it will not be fully exposed to the Internet but keep its IP address recorded on the DMZ Host screen This may be useful if y
182. s management GDB Server IGMP Proxy Jungo Firewall Remote Upgrade from LAN MAT Secure HTTP SSL Permanent Storage RIP Wis Ve Reverse MAT SNMP vi v2 SNMP v3 Universal Plug amp Play Remote Upgrade from Wan DNS Concurrent DNS query ONS Router Add route rules according to which dns server answare queries Domain routing Route according to domains listed on 4 device Dynamic ONS Email Supported Features Notification HTTP Proxy Generic Proxy Mail filter URL Keyword Filtering SurmControl 802 1 802 1 MODS Internal Authentication 802 1 TTLS Internal Authentication 802 1 TLS Internal Authentication RADIUS External Authentication WEP WFA DHCP Server DHCP Client DHCP Relay Agent Static HTML Management Web Based Management TimeZone support Full Timezone support HTTP Server Telnet Server Syslog Command Line Interface TOD Client USB RNDIS File Server Posix 4ccess Control Lists ACLs RAID GAM F4 F5 Loopback Print Server Microsoft Shared Printing Internet Printing Voice Over IP SIP Signalling H 323 Signalling MGCP Signalling Remote Update Management Remote Management Server Event Logging WINS Server FTP Server Mail Server Web Server File System Backup and Restore OpenRG OOS suppor 802 1p to DSCP translate Routing over multiple WON devices support Routing by DSCP value Load Balancing Fail over of multiple WAN interfaces IPIP and IPGRE Tunnels Bluetooth support Kaffe support Contact In
183. s simply classified and sent to the destination with no bandwidth reservations established The 802 1p header includes a 3 bit prioritization field which allows packets to be grouped into eight levels of priority The gateway maps these eight levels to three main priorities high medium and low By default values six and seven are mapped to high priority which may be assigned to network critical traffic Values four and five are mapped to medium priority which may be applied to delay sensitive applications such as interactive video and voice Values three to zero are mapped to low priority which may range from controlled load applications down to loss eligible traffic The zero value is normally used for best effort traffic It is the default value for traffic with unassigned priority User s Manual 68 Document 299 452 100 User s Manual 8 Quality of Service QoS E Click the QoS link on the sidebar and then click the tab 802 1p Settings the following screen opens Figure 8 10 QoS 802 1p Settings ca Quality of Service 802 1p alue Priority Low w Low Mest v High n i a D od Cancel 9 m The eight 802 1p values are pre configured with the three priority levels high medium and low You can change these levels for each of the eight values in their respective combo box m Click OK to save the settings 8 5 Class Statistics The gateway provides you with accurate real time inform
184. ser with a warning regrading certificate authentication This is due to the fact that the MP 202 s SSL certificate is self generated When encountering this message under these circumstances ignore it and continue It should be noted that even though this message appears the self generated certificate is safe and provides you with a secure SSL connection It is also possible to assign a user defined certificate to the MP 202 13 2 About the MP 202 Versian To view technical information regarding the MP 202 Click the icon About the MP 202 in the Advanced screen of the Web based Management the screen About the MP 202 appears showing the version the release date and the supported features refer to the figure Figure 13 3 Advanced About the Gateway i About The MP202 eT 2 2 0_build_6 Release Date 30 4ug 06 14 04 02 Netfilter Linux Firewall Ethernet over ATM RFC2664 Classical IP PVC Scan WEM Evaluation License Agreement Internet Protocol Security Intel DSR support PPTP Server LATP Server PPP Over ATM PPP Over Ethernet IP 6 PPTP Client LATP Client ICMP ALG Port trigger TFTP ALG FTPVFTPS ALG GuickTime Realdudio RealPlayer RTSP ALG H323 ALG Netmeeting CuSeeMe SIP ALG MGCP ALG PPTP Client multiuser ALG Microsoft Network Messenger Windows Messenger ALG PSec multiuser ALG LTF ALG AOL Instant Messenger ALG ONS ALG DHCP ALG Bridge VL4N 802 10 bridge VLAN 802 10 interface
185. shape traffic The drop down list includes all your interfaces as well as category options e g All LAN Devices All WAN Devices and VPNs such as PPoE PPTP and L2TP if defined Select for example the option WAN Ethernet and click OK the Edit Device Traffic Shaping screen opens refer to the figure Figure 8 2 QoS Edit Device Traffic Shaping Edit Device Traffic Shaping Device WON Ethernet Traffic Shaping Tx Bandwidth 97656 K bits s Rx Bandwidth 97656 K bits s TCP Serialization Disable Shaping Classes Tx Bandwidth Kbits s Re Bandwidth Kbits s Class ID Name Priority Status Action Reserved Maximum Reserved Maximum New Entry EF vi OK j T Apply X Cancel j 4 Configure the following fields User s Manual 58 Document 299 452 100 User s Manual 8 Quality of Service QoS Table 8 1 Edit Device Traffic Shaping Parameter Descriptions Parameter Description Tx Bandwidth This parameter limits the gateway s bandwidth transmission rate The purpose is to limit the bandwidth of the WAN device to that of the weakest outbound link for instance the DSL speed provided by the ISP This forces the gateway to be the network bottleneck where sophisticated QoS prioritization can be performed If the device s bandwidth is not limited correctly the bottleneck will be in an unknown router or modem on the network path rendering the gateway QoS useless Rx Bandwidth In the s
186. sses Furthermore the gateway cannot control the behavior of its WAN gateway usually the ISP which may not have proper QoS handling Unfortunately this is a common situation Let s look at a scenario of downloading a large file and surfing the Internet at the same time Downloading the file is distinguished by small requests followed by very large responses This may result in blocking HTML traffic at the ISP A solution for such a situation is limiting the bandwidth of low priority TCP connections such as the file download gt To add a new outbound inbound class rule 1 Inthe screen Edit Class under the screen section Class Rules click link New Entry the screen Add Traffic Priority Rule opens refer to the figure Figure 8 5 QoS Edit Device Traffic Shaping Edit Class Add Traffic Priority Rule Add Traffic Priority Rule Matching Source Address Destination Address Protocol Qos Operation Set Priority Set OScp Logging Log Packets Matched by This Rule Schedule Always A Cancel j User s Manual 62 Document 299 452 100 User s Manual 8 Quality of Service QoS Table 8 3 Add Traffic Priority Rule Parameter Descriptions Parameter Description Matching Use the parameters in this screen section to apply a rule To apply the rule matching must be performed between IP addresses and or a traffic protocol must be defined From the drop down list choose Any User Defined
187. t identify which remote management stations are allowed to perform SNMP operations on the gateway Messages sent by the gateway to a remote management station in order to notify the manager about the occurrence of important events or serious conditions The gateway supports both SNMP version 1 and SNMP version 2c traps 13 11 Universal Plug and Play gt To configure UPnP Click the icon Universal Plug and Play in the Advanced screen of the Web based Management the Universal Plug and Play screen appears refer to the figure Figure 13 13 Advanced Universal Plug n Play F Universal Plug and Play WM Allow Other Network Users to Control MP202 s Network Features Enable Automatic Cleanup of Old Unused UPnP Services WAN Connection Publication Publish Only the Main WAM Connection Universal Plug and Play is a networking architecture that provides compatibility among networking equipment software and peripherals UPnP enabled products can seamlessly connect and communicate with other Universal Plug and Play enabled devices without the need for user configuration centralized servers or product specific device drivers This technology leverages existing standards and technologies including TCP IP HTTP 1 1 and XML facilitating the incorporation of Universal Plug and Play capabilities into a wide range of networked products for the home Universal Plug and Play technologies are rapidly adopted and integrat
188. t is recommended to enter a value in the range of 1200 to 1500 9 3 4 PPP Configuration Refer to PPP Configuration on page 78 Version 2 4 87 April 2007 ri UJ E FE zA ey MP 202 Telephone Adapter 9 3 5 PPP Authentication Refer to PPP Authentication on page 79 9 3 6 PPP Encryption Refer to PPP Encryption on page 80 9 3 7 Internet Protocol Refer to Internet Protocol Settings on page 75 9 3 8 DNS Server Refer to DNS Server on page 76 9 3 9 Routing Refer to Routing on page 76 9 3 10 Internet Connection Firewall Refer to Internet Connection Firewall on page 77 User s Manual 88 Document 299 452 100 User s Manual 9 WAN Settings 9 4 WAN L2TP Layer 2 Tunneling Protocol L2TP is an extension to the PPP protocol enabling your gateway to create VPN connections Derived from Microsoft s Point to Point Tunneling Protocol PPTP and Cisco s Layer 2 Forwarding L2F technology L2TP encapsulates PPP frames into IP packets either at the remote user s PC or at an ISP that has an L2TP Remote Access Concentrator LAC The LAC transmits the L2TP packets over the network to the L2TP Network Server LNS at the corporate side With your gateway L2TP is targeted at serving two purposes 1 Connecting the gateway to the Internet when it is used as a cable modem or when using an external cable modem Such a connection is established using user name and password authentication 2 Conn
189. tewayDevice WANDevice i WANDSLConnectionManagement ConnectionService i InternetGatewayDevice WANDevice i WWANConnectionDevice i InternetGatewayDevice WANDevice i WWANConnectionDevice i e WANDSLLinkCong e Enable e LinkStatus e LinkType e AutoCong e DestinationAddress e ATMTransmittedBlocks e ATMReceivedBlocks InternetGatewayDevice WANDevice i WWANConnectionDevice i e WANPPPConnection i e Enable e ConnectionStatus e ConnectionType e Name e Uptime Username 133 April 2007 ey MP 202 Telephone Adapter e Password e ExternallPAddress e DNSServers e TransportType e PPPoEACName PPPoEServiceName The MP 202 supports the following Remote Procedure Calls RPCs GetRPCMethods setParameterValues GetParameterValues GetParameterNames setParameterAttributes GetParameterAttributes AddObject DeleteObject Download Reboot Note that the implementation of SetParameterAttributes is empty MP 202 does not implement access control nor notifications as defined in the specification 11 2 1 Viewing Changing TR 069 Parameters Using the CLI TR 069 parameters can be viewed and configured via the CLI This section presents a specific example of how to view and change TR 069 parameters Use the example as a guide gt Torun CLI commands 4 Open Telnet 5 Access the system from a PC connected to the LAN port of the MP 202 Telnet 192 168 2 1 6 Enter the administrator user and
190. that you can hear a dial tone Dial the call forward key sequence for example 32 you ll hear a dial tone rp Dial the number of the phone to which you want calls forwarded you ll hear a stutter tone refer to Configuring Services Parameters on page 43 6 Replace the receiver from now on all incoming calls will be forwarded Every time you pick up this receiver you ll hear the stutter tone for the length of time you configured for parameter Stutter Tone Duration gt To deactivate calls fowarding 1 Pick up the phone you ll hear a stutter tone Dial the call forward key sequence Replace the receiver rP rp To make sure you ve de activated pick up the phone again you should hear a regular dial tone and not the stutter tone Version 2 4 55 April 2007 User s Manual 8 Quality of Service QoS 8 1 Quality of Service QoS Traffic Shaping Traffic Shaping is the solution for managing and avoiding congestion where a high speed LAN meets limited broadband bandwidth A user may have for example a 100 Mbps Ethernet LAN with a 100 Mbps WAN interface router The router may communicate with the ISP using a modem with a bandwidth of 2Mbps This typical configuration makes the modem having no QoS module the bottleneck The router sends traffic as fast as it is received while its well designed QoS algorithms are left unused Traffic shaping limits the bandwidth of the router artificially forcing the router to
191. the DHCP client does not have a host name the Telephone Adapter will assign the client a default name gt To configure a DHCP relay server 1 From the IP Address Distribution drop down list select DHCP Relay the screen DHCP Relay Server Address opens refer to the figure below Use this screen to configure your DHCP server s IP address IPF Address Figure 13 28 DHCP Server Relay P DHCP Relay Server Address EEE XO j T Apply DX Cancel 2 Click OK to save your changes User s Manual 196 Document 299 452 100 User s Manual 13 Advanced Settings 13 19 2 DHCP Relay Parameters To configure a device as a DHCP relay perform the following steps 1 Select the DHCP Relay option in the IP Address Distribution drop down list under the screen section Service refer to the figure Figure 13 29 Advanced IP Address Distribution DHCP Relay P DHCP settings for LAN Ethernet Service IF Sddress Distribution DHCP Relay 2 Click the link New IP Address the DHCP Relay Server Address screen opens refer to the figure Figure 13 30 Advanced IP Address Distribution DHCP Relay New IP Address P DHCP Relay Server Address IP Address p fo fo fo Specify the IP address of the DHCP server Click OK to save the settings Click OK once more in the DHCP Settings screen PP Click the icon Network Connections on the sidebar of the main screen the s
192. the management PC to VLAN 311 and verify that all management traffic is carried in this VLAN refer to the figure below Figure 10 26 Testing the Setup Time Source Destination Protocol Info 316 21 448006 11 11 11 11 Be ap a HTTP HTTP 1 1 304 Not Moditied arj Frame 316 319 bytes on wire 319 bytes captured Ethernet II src 00 90 8fF 03 20 dd Dst 00 90 8fF 00 00 00 802 1q Virtual LAN Priority 0 i CFI 0 0001 0011 0111 TD 311 Type IP Ox0800 Internet Protocol Src Addr 11 11 11 11 11 11 11 11 Ost Addr 11 11 11 3 11 11 11 3 10 2 WAN LAN Bridge WAN bridge creates a bridge over WAN and LAN devices In this way PCs on the ProductNameGeneric s LAN side can get IP addresses that are known on the WAN side 10 2 1 Creation with the Connection Wizard gt To configure an existing bridge or create a new one 1 Click the link New Connection in the screen Network Connections the screen Connection Wizard opens 2 Select the radio button Advanced Connection and click Next the screen Advanced Connection opens Version 2 4 115 April 2007 Nh ne cs me me a MP 202 Telephone Adapter 3 Select the radio button Network Bridging and click Next the screen Bridge Options opens refer to the figure below Figure 10 27 Bridge Options ae Bridge Options 4 bridge already exists in the network Choose one of the following Configure Existing Bridge Recom
193. ticast groups Select the Multicast IGMP Proxy Internal check box to enable this feature Allows you to add or modify routes when this device is active Use the New Route button to add a route or edit existing routes 106 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings Figure 10 10 Advanced Routing Properties Routing Advanced Routing Mode Route Device Metric p Default Route lw Multicast IGMP Proxy Internal Routing Information Protocol RIP Routing Table Name Destination Gateway Netmask Metric Status Action LAN Ethernet 192 168 2 4 192 168 1 1 255 255 255 255 2 Applied Gy S New Route For detailed information on this feature refer to Section 10 17 10 1 5 Internet Connection Firewall Your Telephone Adapter s firewall helps protect your computer by preventing unauthorized users from gaining access to it through a network such as the Internet The firewall can be activated per network connection To enable the firewall on this network connection select the Enabled check box For detailed information on your device s security features refer to Section 5 Figure 10 11 Internet Connection Firewall Internet Connection Firewall Enabled 10 1 6 Allow Unrestricted Administration Select this check box to enable users other than those defined as Administrator to change the device s configuration Figure 10 12 Allow Unrestricted Administration Allow Unrestri
194. tings screen opens refer to the figure Use the configuration values provided by your ISP to configure the parameters in this screen Figure 6 2 VoIP Line Settings Defining a New Line Sy Line Settings Line Number 1 User ID Block Caller ID Display Name SIP Proxy Authentication User Name Authentication Password A OK j X Cancel j 4 Click tab Signaling Protocol and check the box Use SIP Proxy refer to Configuring Signaling Protocol Parameters on page 32 5 Define the field Proxy IP Address or Host Name of the ISP s SIP proxy provided by the ISP refer to Configuring Signaling Protocol Parameters on page 32 6 Press OK or Apply to complete the VoIP configuration Check that the gateway was successfully registered by clicking System Monitoring gt tab Voice over IP entry SIP Registration should indicate Registered for the line s you configured Phone 1 and Phone 2 LEDs should be flashing slowly Pick up the phone receiver and listen for the dial tone you re now ready to place an outgoing call E Al your settings are saved in the gateway s non volatile memory From now on you won t need the PC to make VolP calls User s Manual 52 Document 299 452 100 User s Manual 7 Making VoIP Calls 7 Making VoIP Calls Users connected to the MP 202 can place calls put calls on hold transfer calls and manage 3 way conference
195. to Windows default network settings For example the default DHCP setting in Windows 2000 is client requiring no further modification It is advisable however to follow the setup procedure in order to verify that all communication parameters are valid and that the physical cable connections are correct Figure 3 1 IP and DNS Configuration Internet Protocol TCP IP Properties e General Altemate Configuration _ You can get IP settings assigned autcmatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically O Use the following IP address Obtain DNS server address automatically O Use the following DNS server acdresses 3 1 1 Windows XP 1 Access Network Connections from the Control Panel 2 Right click on the Ethernet connection icon and select Properties m Under the General tab select the Internet Protocol TCP IP component and press the Properties button The Internet Protocol TCP IP properties window will be displayed Select the Obtain an IP address automatically radio button Select the Obtain DNS server address automatically radio button gt PSS Click OK to save the settings User s Manual 18 Document 299 452 100 User s Manual 3 Setting up a Network Connection 3 1 2 Windows 2000 1 Access Network and Dialing Connections
196. trolling the MP 202 by the CPE provider Figure 11 1 TR 069 CPE WAN Management Protocol Auto Configuration Server LAN Device The TR 069 protocol allows an ACS to provision a CPE or collection of CPE based on a variety of criteria The provisioning mechanism includes specific provisioning parameters and a general mechanism for adding vendor specific provisioning capabilities as needed The provisioning mechanism allows CPE provisioning at the time of initial connection to the broadband access network and the ability to re provision at any subsequent time This includes support for asynchronous ACS initiated re provisioning of CPE TR 069 defines several Remote Procedure Call RPC methods as well as a large number of parameters which may be set or read Some of these methods and parameters are defined as mandatory TR 098 is the DSLHome Internet Gateway Device Version 1 1 Data Model for TR 069 11 2 TR 069 Parameter List The DSL Forum TR 069 Technical Report species the TR 069 full parameter list including the parameter type and description For further information refer to http www dslforum org aboutdsl Technical_ Reports TR 069 pdf Following is the list of the TR 069 objects supported by the MP 202 Objects that are partly supported have a detailed list of their implemented parameters If not specified the listed object is fully implemented m InternetGatewayDevice m InternetGatewayDevice ManagementServer e URL
197. ttings Figure 8 9 QoS Edit DSCP Settings Figure 8 10 Qos 802 1p Settings Figure 8 11 QoS Class Statistics E AE petvestata adenoid etn ed een tata ances Figure 8 12 QoS Edit Device Traffic Shaping Figure 8 13 QoS Edit Device Traffic ene Submitting the Configuration Figure 9 1 WAN Ethernet Properties ind ja PETITE PEA ETE EE Figure 9 2 WAN Ethernet Configuration Figure 9 3 Internet Protocol Settings No IP Address PEET AEE F EEIE EEI E E A ER i Figure 9 4 Obtain D DNS Server Address Automatically jester r A Figure 9 5 DNS Server SetNJS vnin TG Figure 9 6 Internet Connection Firewall See errr E E ete errr E E rrr AEE err T ff Figure 9 7 Additional IP Addresses Serre vere meres PE Sree rere Nero epee rete terra terre orem ve terme rer seem rer rr ery E i Figure 9 8 General PPPoE bai iaa O TS Figure 9 9 PPP Configuration slicer Ter nea EEE TAEA a n OR Figure 9 10 PPP Authentication r A AN Pee ee ee eee eee eee eee eee eee eee eee ou wr lA j r ee BAE C ot yA Figure 9 11 PPP Encryption 81 aT ae Ws VV ia Ff Li si y wt Wi eee Ng Add Traffic c Priority F Rule 8 vn 62 Version 2 4 7 April 2007 ht Figure 10 16 Figure 10 17 Figure 10 18 Figure 10 19 Figure 10 20 Figure 10 21 Figure 10 22 Figure 10 23 Figure 10 24 Figure 10 25 Figure 10 26 Figure 10 27 Figure 10 28 Figure
198. ument 299 452 100 User s Manual 12 Security gt To configure an advanced filtering rule 1 After choosing the traffic direction and the device on which to set the rule click the appropriate link New Entry the screen Add Advanced Filter opens refer to the figure Figure 12 25 Add Advanced Filter Led Add Advanced Filter Matching Source Address Any w Destination Address Any w Protocol Any b Operation Drop ta Reject Drop packets and send TCP Reset or ICMP Host Unreachable packets to sender Accept Accept all packets related to this session This session is handled by Stateful Packet Inspection SPI Accept Packet Accept packets matching this rule only Do not use Stateful Packet Inspection SPI to also automatically accept packets related to this session Gos Qos Operation Set Priority Set DSCP Logging Log Packets Matched by This Rule Schedule Always w f Ok _ Cancel j Version 2 4 157 April 2007 MP 202 Telephone Adapter gt Toapply rules 1 Use the screen section Matching to define a match between IP addresses and a traffic protocol 2 Configure the source address of the packets sent to or received from the network object computer A in the above example To add an address select the option Specify Address from the drop down list the screen refreshes and a link Add appears refer to the figure Figure 12 26 Specify Source Address So
199. urce Address Specify Address add Click the link Add this commences a sequence that adds a new network object 4 Configure the destination address of the packets sent to or received from the network object This address can be configured in the same manner as the source address 5 Choose a specific traffic protocol from the Protocol drop down list or add a new one To add a new traffic protocol choose the Specify Protocol option in the drop down list the screen refreshes and a link Add appears refer to the figure Figure 12 27 Specify Protocol Protocol 6 Click the link Add this commences a sequence that adds a new protocol 7 Inthe screen section Operation define what action the rule will take check one of the following radio buttons e Drop Deny access to packets that match the source and destination IP addresses and service ports defined in Matching e Reject Deny access to packets that match the source and destination IP addresses and service ports defined in Matching and sends and sends an ICMP error or a TCP reset to the origination peer e Accept Allow access to packets that match the source and destination IP addresses and service ports defined in Matching The data transfer session will be handled using Stateful Packet Inspection SPI e Accept Packet Allow access to packets that match the source and destination IP addresses and service ports defined in Matching
200. urred since it first connected to the network If the host wishes to terminate a lease before its expiration it can send a release message to the DHCP server which will then make the IP address available for use by others Your gateway s DHCP server m Displays a list of all DHCP host devices connected to the gateway m Defines the range of IP addresses that can be allocated in the LAN m Defines the length of time for which dynamic IP addresses are allocated iz Provides the above configurations for each LAN device and can be configured and enabled disabled separately for each LAN device m Can assign a static lease to a LAN PC so that it receives the same IP address each time it connects to the network even if this IP address is within the range of addresses that the DHCP server may assign to other computers m Provides the DNS server with the host name and IP address of each PC that is connected to the LAN Additionally the gateway can act as a DHCP relay escalating DHCP responsibilities to a WAN DHCP server In this case the gateway will act merely as a router while its LAN hosts will receive their IP addresses from a DHCP server on the WAN With the gateway s optional Zero Configuration Technology feature the IP Auto Detection method detects statically defined IP addresses in addition to the gateway s DHCP clients It learns all the IP addresses on the LAN and integrates the collected information with the database of the DHCP server
201. using 802 1q p and that the VID is 200 Ping from the PC behind MP202 1 to the network you ll see that the data traffic is using 802 1q and that the VID is 300 Connect a PC to the network in VLAN 400 verify that you can access VLAN 400 from April 2007 MP 202 Telephone Adapter 10 2 5 2 Example 2 Configuring Tagged VoIP Untagged Data Traffic This example explains how to configure the MP 202 to tag VoIP traffic and untag data traffic in bridge mode Figure 10 38 Example of Tagging Voice and Untagging Data Switch DHCP Server DHCP Server untagged VLAN 200 non LAN WolP network Setup Two MP 202s are connected to the switch Both are configured to use VLAN 200 for VoIP and non VLAN traffic for data Two DHCP servers are connected to the same switch One is in a VLAN 200 network the other is in a non VLAN network gt To configure tagging for VoIP and untagging for data in bridge mode For MP202 1 and MP202 2 1 Connect the PC to the LAN NIC and use static IP address 192 168 2 2 254 for your PC 2 In Internet Explorer browse to http 192 168 2 1 3 Open menu Advanced gt Remote Administration Check the check boxes Using Primary HTTP Port 80 and Allow Incoming ICMP Echo Requests to allow HTTP and ICMP from the WAN interface User s Manual 124 Document 299 452 100 User s Manual 10 VLAN and Bridge Settings 4 Add a network bridge In the screen Network Bridging check LAN
202. ve the settings the new PPTP connection is added to the network connections list and is configurable like any other connection 9 3 2 Creating a PPTP VPN Connection with the Connection Wizard gt Tocreate anew PPTP VPN connection take these steps 1 Open the screen Network Connections and click link New Connection the screen Connection Wizard opens 2 Select the radio button Connect to a Virtual Private Network over the Internet and click Next the screen Connect to a Virtual Private Network over the Internet opens 3 Select the radio button VPN Client or Point To Point and click Next the screen VPN Client or Point To Point opens refer to the figure Figure 9 16 VPN Client or Point To Point ae YPN Client or Point To Point Choose one of the following protocols to connect to a remote YPN server s Point to Point Tunneling Protocol irtual Private Network PPTP YPN Enable secure transfer of data to another location aver the Internet using user name password authentication Layer 2 Tunneling Protocol over Internet Protocol Security L2TP IPSec YPN Enable secure transfer of data to another location over the Internet using private and public keys for encryption and digital certificates and user name password for authentication Internet Protocol Security IPSec Enable secure transfer of data to another location over the Internet using private and public keys for encryption and dig
203. version 2 or both are selected Figure 9 10 PPP Authentication Settings PPP Authentication Login User Name case sensitive Idina Login Password eeveeeee Support Unencrypted Password PAF Support Challenge Handshake Authentication CHAP W Support Microsoft CHAP M5 CHAP W Support Microsoft CHAP Version 2 MS CHAP v2 Parameter Login User Name Login Password Support Unencrypted Password PAP Support Challenge Handshake Authentication CHAP Support Microsoft CHAP Support Microsoft CHAP Version 2 Table 9 5 PPP Authentication Parameter Descriptions Description As agreed with ISP As agreed with ISP Password Authentication Protocol PAP is a simple plaintext authentication scheme The user name and password are requested by your networking peer in plaintext PAP however is not a secure authentication protocol Man in the middle attacks can easily determine the remote access client s password PAP offers no protection against replay attacks remote client impersonation or remote server impersonation The Challenge Handshake Authentication Protocol CHAP is a challenge response authentication protocol that uses MD5 to hash the response to a challenge CHAP protects against replay attacks by using an arbitrary challenge string per authentication attempt Select this check box if you are communicating with a peer that uses Microsoft CHAP authentication protocol Select this check
204. wc eh P DL Dd XM Cancel J 2 Enter the physical MAC address to be cloned 3 Press the button Clone My MAC Address 13 8 Regional Settings The behavior and parameters of analog telephones lines vary between countries The set of Call Progress Tones the protocol used for caller ID and the analog line impedance are all location specific The MP 202 enables users to select the country they reside in and the MP 202 automatically selects the correct regional settings gt To select your present location 1 Click the icon Regional Settings in the Advanced screen of the Web based Management the Regional Settings screen opens refer to the figure below 2 Select the country from the drop down menu If your current location is not in the list contact your Service Provider Figure 13 10 Regional Settings 3 Regional Settings Please Select Your Present Location USA AN Attention Changing the regional settings parameters requires a reboot i Ei ae F Apply i j X Cancel _ j Version 2 4 179 April 2007 MP 202 Telephone Adapter 13 9 System Settings The screen System Settings allows you to configure various system and management parameters Use the screen section System Settings to configure m The Telephone Adapter s host name The host name is the Telephone Adapter s URL address E Your network s local domain Use the screen section MP 202 Management Console to configure m Auto
205. xy IP and Port for Registration Use SIP Registrar Registrar Address 0 000 Registrar Port 5060 Register Expires 3600 Seconds Use SIP Outbound Proxy A OK P Apply F X Cancel j Advanced gt gt F The table below shows descriptions of those SIP Registrar parameters that differ from SIP Proxy parameters Descriptions of common parameters can be seen under the section SIP Proxy and Registrar above Version 2 4 35 April 2007 WWO ERA MP 202 Telephone Adapter Table 5 4 VolP Signaling Protocol SIP Registrar SIP Parameter Description Use SIP Registrar Check the box to use a separate SIP registrar server Registrar Address The IP address or host name of the registrar server Registrar Port The UDP or TCP port of the registrar server Registrar Expires The registration timeout in seconds Check the box Use SIP Outbound Proxy the parameters screen for SIP Outbound Proxy opens showing the basic parameters Click the button Advanced the parameters screen for SIP Outbound Proxy showing the advanced parameters including the basic parameters opens Figure 5 4 VoIP Signaling Protocol SIP Outbound Proxy Gay 3 Voice Over IP Media Streaming Signaling Protocol Signaling Protocol SIP Proxy and Registrar Use SIP Proxy Proxy IP Address or Host Name 10 16 2 44 Proxy Port 5060 Use SIP Proxy IP and Port for Registration Use SIP Registrar Registrar Address Re
206. ype Description string 64 Manufacturer of the device for display only string 6 Organizationally unique identifier of the device manufacturer Represented as a six hexadecimal digit value using all upper case letters and including any leading zeros The value MUST be a valid OUI string 64 Identifier of the class of product for which the serial number applies That is for a given manufacturer this parameter is used to identify the product or class of product over which the SerialNumber parameter is unique string 64 Identifier of the particular device that is unique for the indicated class of product and manufacturer 135 April 2007 User s Manual 12 Security 12 Security The MP 202 s security suite includes comprehensive and robust security services Stateful Packet Inspection Firewall user authentication protocols and password protection mechanisms These features together allow users to connect their computers to the Internet and simultaneously be protected from the security threats of the Internet The firewall which is the cornerstone of your Telephone Adapter s security suite has been exclusively tailored to the needs of the residential office user and has been pre configured to provide optimum security refer to the figure below Figure 12 1 Firewall in Action reani Coie oi The MP 202 firewall provides both the security and flexibility that home and office users seek It provides a managed professional lev
207. zing the MP 202 s VoIP capabilities over a SIP server Verify that your Telephone Adapter and telephone are correctly connected and that your WAN connection is up 6 1 Opening a SIP Account Before you can connect to a SIP server it is necessary that you obtain a SIP account The following section describes how to open a free worldwide dialing SIP account You can also obtain a paid SIP account gt To open a free worldwide dialing SIP account on the Pulver com Free World Dialup service E Browse to http www pulver com fwd http www pulver com fwd and open a new account 6 2 Configuring VoIP Parameters Note This section describes the minimal set of changes required to connect to a VoIP Service Provider Other configuration changes might be required to connect to some Service Providers gt To configure VoIP parameters 1 Click the icon Voice Over IP on the toolbar on the left side of the page the Voice Over IP configuration screen opens 2 Click tab Line Settings If you only have a single number disable line 2 by unchecking the 2 checkbox and click Apply Figure 6 1 VoIP Line Settings ey Voice Over IP Signaling Dialin Media Ate L Protocol aung Streamin g User ID Display Name Action Line 203 gt Line 205 _ X Cancel Version 2 4 51 April 2007 UUN we Fe MP 202 Telephone Adapter 3 Click the Action icon on the right of line 1 the Line Set
208. zone network has been blocked Trusted device a packet from a trusted device has been accepted Default policy a packet has been accepted blocked according to the default policy Remote administration a packet designated for OpenRG management has been accepted blocked Access control a packet has been accepted blocked according to an access control rule Parental control a packet has been blocked according to a parental control rule User s Manual 162 Document 299 452 100 User s Manual 12 Security NAT out failed NAT failed for this packet DHCP request OpenRG sent a DHCP request depends on the distribution DHCP response OpenRG received a DHCP response depends on the distribution DHCP relay agent a DHCP relay packet has been received depends on the distribution IGMP packet an IGMP packet has been accepted Multicast IGMP connection a multicast packet has been accepted RIP packet a RIP packet has been accepted PPTP connection a packet inquiring whether OpenRG is ready to receive a PPTP connection has been accepted Kerberos key management 1293 security related for future use Kerberos 88 for future use AUTH 113 request an outbound packet for AUTH protocol has been accepted for maximum security level Packet Cable for future use IPV6 over IPV4 an IPv6 over IPv4 packet has been accepted ARP an ARP packet has been accepted PPP Discover a PPP discover packet has been acc
Download Pdf Manuals
Related Search