OX230 / OX250 / OX350I WiMAX Outdoor CPE User Manual
Contents
1. 19 Field definition for WIMAX gt Authentication 22 Field definition for WiMAX gt Wide Scan 23 Field definition for Networking gt Bridge NAT mode gt LAN 24 Field definition for Networking gt Bridge NAT mode gt WAN 26 Field definition for Networking gt Bridge NAT mode gt DNG 27 Field definition for Networking gt Firewall gt HTTP _ 28 Field definition for Networking gt Firewall gt TELNET 28 Field definition for Networking gt Firewall gt IP Filter 30 Field definition for Networking gt DHCP Server es 34 Field definition for Networking gt Forwarding 36 Field definition for Networking gt Trigger 37 Field definition for Networking gt DDNS 38 Field definition for Networking gt UPRnP 39 Field definition for Networking gt Ping 39 Field definition for Management gt R 069 41 Field definition for Management gt OMA DM 42 Page 8 of 59 Table 21 Table 22 Table 23 Table 24 Table 25 Table 26 Table 27 WiMAX Outdoor CPE User Manual Field definition for Management gt SNMP2. 43 Field definition for Management gt Upgrade 45 Field definition for VPN gt PPTP gt PPTP Server 48 Field definition for VPN gt PPTP gt PPTP Client 50 Field definition for VPN gt L2TP gt L2TP Server 52 Field definition for VPN gt L2TP gt L2TP Client 54 Field definition for VPN gt IPsec gt Add 59 Page 9 of 59 WiMAX Outdoor CPE User Manual 1 Introduction The CPE Software platform comes with a Web based Configuration Manager which gives users the ability to manage configure and analyze the platforms environment The Connection Manager works with all versions of Windows after Windows 95 The supported browser version e Internet Explorer Ver 8 0 or later Recommended e FireFox Ver 3 6 and higher Google Chrome Ver 5 0 and higher 1 1 Connect Users need to connect to the CPE platform It s assumed that the user has a fully working CPE platform and properly connected From the web browser connect to the device entering the IP address of the device it will prompt user to enter the username and password as shown in Figure 1 The default IP address usernames and passwords are as follows Default IP Address e 192 168 0 254 Username Password e admin admin guest guest Page 10 of 59 WiMAX Outdoor CPE User Manual Username
3. Password Figure 1 Login 1 2 Logout The Logout window allows users to disconnect from the device and exit the Web based Configuration Manager as shown in Figure 2 The page at http 192 168 0 254 says Q Do you want to logout Figure 2 Logout Page 11 of 59 WiMAX Outdoor CPE User Manual 2 Status After user has established a connection user will see the Status window It gives user an initial overview of the current status of the device 2 1 WiMAX Status This window shows the information of system status WiMAX link status and service flow status Syre Self US Frequency r DD HSID 00 00 00 00 00 00 Des State Marma Up tirrem 0 06 10 48 9 dim 33 LE dE 24 49 db 14 d r QPSK ETE 1 2 Pak ETC uz Figure 3 Status gt WiMAX Status 2 2 Network Status The Network Status displays the information of WAN status and LAN status as shown in Figure 4 Page 12 of 59 IF Netmask Gateway MAC Address ISP DNS IP Netmask MAC Address WiMAX Outdoor CPE User Manual MA MA MA OO GST FIER 30 01 MA 192 1658 0 253 E EINES OO 03 7F BF 30 01 Figure 4 Status gt Network Status 2 3 Device Status The Device Status displays the information of device status as shown in Figure 5 Hardware model Firmware Version Date Serial number WIMA CPE Web Configuration DSP 2010 Dm 12 E23 741015 CPE 256 Cali s1AM0 v7 0 m7 000 944
4. Allow Telnet access Check the check box to allow connections from WAN Ing from WAN Commit the changes made and save to CPE Reset fields to the last saved values Table 11 Field definition for Networking gt Firewall gt TELNET 5 2 3 DMZ DMZ stands for Demilitarized Zone It is a physical or logical sub network that Page 28 of 59 WiMAX Outdoor CPE User Manual contains and exposes an organization s external services to a larger un trusted network usually the Internet The term is normally referred to as a DMZ by IT professionals It is sometimes referred to as a Perimeter Network The purpose of a DMZ Is to add an additional layer of security to an organization s LAN an external attacker only has access to equipment in the DMZ rather than any other part of the network The Networking gt Firewall gt DMZ tab allows user to configure a DMZ host IP address as shown in Figure 19 In DMZ Settings user needs to enter the IP address of the DMZ host The Save button will save the changes to CPE and the Cancel button will reset the field to last saved value It will disable DMZ host when entering 0 0 0 0 DMZ Host UI Save Cancel Figure 19 Networking gt Firewall gt DMZ 5 2 4 IP Filiter The IP filter rules will drop or discard traffic that fits the filter criteria User can define IP filter rules as shown in Figure 20 The definition for each field is shown on Table 12 IP Filter per
5. The lease time is a controlled time period allowing the DHCP server to reclaim and then reallocate IP Lease Time addresses that are not renewed dynamic re use of IP addresses Lease time is measured in minutes in the Configuration Manager Page 32 of 59 WiMAX Outdoor CPE User Manual Name Description User can specify three DNS servers and select how the DNS Server is assigned There are three options for assigning the DNS server e From ISP e User Defined First DNS Server Nene Second DNS Server lf user selects None then the DHCP server will not give clients the DNS server information If all the three DNS servers setting are set to None then the DHCP server will use the LAN IP address as the DNS server information for the clients If the user chooses User Defined and leaves the IP address as 0 0 0 0 it will change the field to None Enter MAC address and IP address for static DHCP Static DHCP addresses Click on the Add button to enter a static leased IP Add address Enter the MAC address of the Ethernet Third DNS Server device and enter the IP address Click the OK button to exit out of edit mode Enable IP Pass Yes means to enable IP pass through function Through Check the check box to activate the IP pass through Active ve There are three options for assigning the incoming interface Incoming Interface e ALL e LAN e WAN There ar
6. enter the WAN IP address lf user chooses Static for IP Method user should WIN IP Subnet Mask I enter the WAN IP subnet mask If user chooses Static for IP Method user should Gateway IP Address enter IP gateway address Page 25 of 59 WiMAX Outdoor CPE User Manual Name Description MTU Enter the MTU PPPoE The user name to connect PPPoE server via the User Name selected Auth Protocol Password The password of the corresponding username Retype Password Type the Password again The authentication protocol of the peer required Select which Authentication protocol to use PAP e CHAP e MSCHAPv1 e MSCHAPv2 Encryption Scheme e No Encryption e MPPE 40 bits 40 bit encryption with MPPE e MPPE 128 bits 128 bit encryption with MPPE e Auto automatically selected Idle Timeout Disconnect if the link is idle for the assigned seconds AC Name The name of the access concentrator to connection to Commit the changes made and save to CPE after clicking the Save button user will get a message asking if user wants to reboot the CPE Reboot is necessary for the device to switch to a different profile Cancel Reset field to the last saved values Table 8 Field definition for Networking gt Bridge NAT mode gt WAN Auth Protocol 5 1 3 DNS In Figure 16 it demonstrates how to configure WAN DNS on CPE web page The definition for each field is shown on Table 9 Page 26 of 59 WiMAX Outdoor CPE Us
7. 59 of 59
8. Enable Daylight If user wants to enable Daylight Savings Time user Savings needs to check the box Table 3 Field definition for Personalization gt Date gt Time Zone Page 16 of 59 WiMAX Outdoor CPE User Manual 4 WiMAX This technology is based on the IEEE 802 16 standard enabling the delivery of last mile wireless broadband access Portable device with built in WiMAX adapter WiMAX Hub Internet Consumer Broadband Access Figure 9 Wireless Broadband Access 4 1 Scanner User can set WiMAX standard settings which include how to establish a connection and get frequency information as shown in Figure 10 The defini tion for each field is shown on Table 4 The frequency list window displays all the configured frequencies and their bandwidth To set additional frequencies click on the Add button Page 17 of 59 WiMAX Outdoor CPE User Manual Start Stop WIMAX Start Channel Table Frequency Bandwidth CIHR dB Preamble ID RSSI dBm Total Mum 1 Join Wide Scan Result Default Bandwidth MHz per page TS 0 page EN Frequency KHz Bandwidth MHz 2200000 Total Mum 1 valid Band Info Band Start KHz Band Endi KHZ 2500000 2690000 Total Mum 1 Save Cancel Figure 10 WiMAX gt Scanner Name Description Click the Start button to connect to a BSID Click the Stop button to terminate the connection Click the Search button to scan t
9. including payload and L2TP header is sent within a UDP datagram It is common to carry Point to Point Protocol PPP session within an L2TP tunnel L2TP does not provide confidentiality or strong authentication by itself IPsec is often used to secure L2TP packets by providing confidentiality authentication and integrity 7 2 1 L2TP Server User can setup CPE from web page as shown in Figure 38 The definition for each field of PPTP Server is shown on Table 25 Page 50 of 59 WiMAX Outdoor CPE User Manual L2TP Server Enable Sever Name tpd Auth Protocol MIPAP ICHAP MIMSCHAPY1 MI MSCHAPY2 Encryption MPPE 128 kits w Local IP Address 142 168 3 1 Remote Start IP 192 168 3 2 1192 168 3 253 Restrict Client IP Oes Ono Allow Client IP 255 255 255 055 Idle Timeout 5 minutes enter 0 fo never timeout DNS Server 1 options ONS Server 2 options per page ala pagel el User Hame A Password IP Address Total Mum 0 per page page el Remote IP User Hame PP L2TP IP Address Login Time Link Time s Figure 38 VPN gt L2TP gt L2TP Server Name Description L2TP Server Check the check box to activate L2TP server Require the peer to authenticate itself before allowing network packets to be sent or received The following protocols are supported Auth Protocol e PAP Password Authentication Protocol e CHAP Challenge Handshake Authentication protocol MSCHAPv1 Microsoft Challenge Ha
10. of the data stream User could setup IPsec as shown in Figure 41 and Figure 42 The definition for each field of PPTP Client is shown on Table 26 per page pagel EIET Remote Enabler Local Endpoint si Local Network Remote Network Endpoint Total Mum 0 Figure 41 VPN gt IPsec Overview Page 54 of 59 Enable Connection Name Connection Type Local Endpoint Interface OUP Address Remote Endpoint IP Address Pre Shared Key Local ID Type Content Remote ID Type Content Proposal Key Group of Lite Time Dead Peer Detection DPO DPD Interval DPD Idle Try Address Type start IP Address subnet Mask Local Port Address Type start IP Address subnet Mask Remote Port Encapsulation Mode Active Protocol Encryption Algorithm Authentication Algorithm 5A Life Time 1 Total Num 1 Perfect Forward Secrecy PFS Figure 42 WiMAX Outdoor CPE User Manual On Demand s WAN booo Domain Name or IP Address UU Domain Name or IP Address IF vw tg CH S i gt Encryption AES1 26 Authentication SHA ig DHS 8800 second w Co D CH 7 al Een S CH CH I i CH CH j S d A i Ian ESP 129 4 Sp FE lt j lt Save Cancel VPN gt IPsec gt Add Page 55 of 59 WiMAX Outdoor CPE User Manual Name Description Add Click the Add button to add an
11. or TCP UDP Tere Borg It defines which port range the outgoing packet will trigger the rule User needs to enter the starting and Page 36 of 59 WiMAX Outdoor CPE User Manual Name Description ending port range It defines which protocol will be opened if the rule had Open Protocol been triggered Available options are TCP UDP or TCP UDP It defines which protocol port will be opened if the rule Open Port s had been triggered User needs to enter the starting and ending port range Click the Add button to enter a Port Trigger rule Click the OK button to exit table edit mode Table 15 Field definition for Networking gt Trigger 5 DDNS DDNS stands for Dynamic Domain Name Services It provides a function to convert the domain name to the unique IP address With DDNS users is able to find and connect to CPE no matter what IP address CPE is currently using that is DDNS can map CPE s dynamic IP address to a static hostname The best profit of this function allows user to access CPE from everywhere In Figure 25 it demonstrates how to configure DDNS on CPE web page The definition for each field is shown on Table 16 Enable Dynamic DNS Service Provider Service Tyoe Domain Name Login Name Password Save Cancel Figure 25 Networking gt DDNS Name Description Page 37 of 59 WiMAX Outdoor CPE User Manual Name Description Enable Dynamic Click the checkbox to enable dynamic DNS D
12. 851 S0B0CSETS4S7SDTOSSS0F OF 273 ext 31 Beat 3130 Tue Mow 09 16 50 17 2010 Figure 5 Status gt Device Status Page 13 of 59 WiMAX Outdoor CPE User Manual 3 Personalization 3 1 Account Note The default usernames passwords are admin admin and guest guest The user with administrative privileges belonging to the admin group has access to all the features in the software A user with guest privileges belonging to the guest group only has a subset of the features available to them Note There can only be one username in each of the groups one to one rela tionship Group Lid Password Mew Password Retype Save Cancel Figure 6 Personalization gt Account Name Deseription Change Password Select which group the user belongs to that user would like to change the password for admin if the user is part of the admin group they have full access to all the features guest if the user is part of the guest group they have limited access to the features only commit the change made to the password Reset fields to the last saved values Page 14 of 59 WiMAX Outdoor CPE User Manual Table 1 Field definition for Personalization gt Account 3 2 Date 3 2 1 Date User can configure date and time on the device as shown in Figure 7 Each field definition is shown on Table 2 User can manually configure the system time or choose to get the date and time from a time ser
13. ES128 AES192 AES256 Authentication Algorithm MD5 SHA 1 Click the OK button to exit the table edit mode The DH group used to negotiate the IKE ISAKMP SA The period that the keying channel of a connection IKE ISAKMP SA should last before being rene gotiated Enable or disable the Dead Peer Detection protocol RFC 3706 The time interval when R U THERE messages are sent to the peer The retry counter for DPD The timeout interval is DPD interval multiplied by DPD Idle Try After the timeout interval all connections to the peer are deleted if they are inactive The private subnet behind the CPE single Address The private subnet consisting of one IP address Subnet address The private subnet consisting within the subnet IP addresses The only IP address allowed in the subnet The netmask of the subnet Subnet address Restrict the traffic selector to a single protocol and or port Any No restriction ICMP Restrict the traffic selector to ICMP protocol TCP Restrict the traffic selector to TCP protocol If the port number is 0 all TCP port numbers are accepted UDP Restrict the traffic selector to UDP protocol Page 57 of 59 WiMAX Outdoor CPE User Manual Name Description If the port number is 0 all UDP port numbers are accepted Remote Network The private subnet behind the remote peer Single Address The private subnet consisting of one IP address Address Typ
14. Figure 21 When user disables the DHCP server it requires setting a static IP address on host PC for CPE to configure Please be noted that without the static IP address set properly on the host PC user can not open the CPE web page for configuration When DHCP server is enabled user needs to define the IP pool range for dynamically assigning the IP address The advantage of using DHCP server is that the addresses which are no longer in use will be returned to the IP address pool so that the server can reallocate them to other machines in the network There are three DNS servers the user can configure to assign an IP address Static DHCP will assign an IP address on the LAN to a specific device based on its MAC address The definition for each field is shown on Table 13 Page 31 of 59 WiMAX Outdoor CPE User Manual Enable DHCP start IP address 192 168 0 100 DHCP end IP address 1 168 019 First DNS Server EP Second DNS Server EP x Third ONS Server From P w Lease Time 1480 minutes per page Maja page gt bl GC MAC Address IP Address Total Mum 0 Enable IP Pass Through per page page el Inc omin 9 Comment ups Interface DHCP request from lan DHCP response from wan EI Add Total Mum 2 Figure 21 Networking gt DHCP Server Name Tpescription Check the check box to enable DHCP server DHCP start IP Starting IP address range address DHCP end IP Ending IP address range address
15. IP WiMAX Outdoor CPE User Manual Name Description Click the Add button to create a new Port Forward rule Click the OK button to exit table edit mode Commit the changes made and save to the CPE Reset field to the last saved values Table 14 Field definition for Networking gt Forwarding 5 6 Trigger The Networking gt Trigger allows user to configure Port Trigger rules as shown in Figure 24 Port Trigger is a way to automate port forwarding in which outbound traffic on predetermined ports trigger port causes inbound traffic to specific incoming ports to be dynamically forwarded to the initiating host while the outbound ports are in use This allows users behind CPE on the LAN to provide services that would normally require the computer to have IP address on the LAN Port triggering triggers an open incoming port open port when a client on the local network makes an outgoing connection on a predetermined port or range of ports The definition for each field is shown on Table 15 pagel el Trigger Trigger Port s Open Open Port s Protocol Start Port EndPort Protocol Start Port End Port Active Hame Total Mum Save Cancel Figure 24 Networking gt Trigger Name Description OO Check the box to active the Port Trigger rule Name of the Port Trigger rule It defines which protocol the outgoing packet used will Trigger Protocol trigger the rule Available options are TCP UDP
16. IPsec connection rule Property Enable Enable IPsec connection The name of the connection Select the connection type e Initiator e On Demand Responder Gateway Information Local Endpoint Inter ee SS The interface of the CPE public network interface Local Endpoint IP The IP address or Domain Name of the CPE pub Address lic network interface Remote Endpoint IP SS The IP address or Domain Name of the remote peer Address Authentication Method The pre share key that two security gateways use to Pre Shared Key j S SS authenticate Connection Type States how the CPE should be identified for authen tication Local ID Type IP The CPE is identified by the assigned IP for authentication The default value is 0 0 0 0 Content States how the remote peer should be identified for authentication SUS UD Np IP The remote peer is identified by the assigned IP for authentication The default value is 0 0 0 0 and this means CPE will accept any IP The IP address Content Press the Add button to enter an Encryption and Authentication algorithm Click the trash to remove the Proposal Add selected algorithm Eneryption Algorithm e DES e 3DES Page 56 of 59 Name WiMAX Outdoor CPE User Manual Proposal OK Key Group SA Life Time Dead Peer Detection DPD DPD Interval DPD Idle Try Local Network Address Type Start IP Address Subnet Mask Local Port Description A
17. NS Enter the URL of the Service Provider Enter the service type DYNDNS only e Dynamic e Static e Custom Note Supported by DYNDNS service provider Table 16 Field definition for Networking gt DDNS Service Type 5 8 UPnP Two methods of simplifying the process of connecting a device to the network are available as shown in Figure 26 UPnP allows devices to connect seam lessly to networks in the home data sharing communications and entertain ment and in corporate environments for simplified installation of computer components NAT Port Mapping Protocol NAP PMP allows a computer in a private network behind a NAT router to automatically configure the router to allow parties outside the private network to contact itself The definition for each field of UPnP Setting is shown on Table 17 5 8 1 UPnP Setting Enable UPnP Enable WAT PMP Save Cancel Figure 26 Networking gt UPnP Name Description Page 38 of 59 WiMAX Outdoor CPE User Manual Enable UPnP Check the check box to enable UPnP Reset fields to the last saved values Table 17 Field definition for Networking gt UPnP 5 9 Ping IP Address l Example wn google Com Example 165 21 65 58 Figure 27 Networking gt Ping Name Description IP Address The destination IP address for ping test It can be in one of the following formats IP address ex 165 21 83 88 e Domain name ex www google com C
18. Networking gt Forwarding 35 INGTWORKING NOE EE 36 NeIWOrking DONS EE 37 NGIWOFKING UPP E 38 INGTWORKING F ING RE 39 Managements TR 069 EE 40 Management gt OMA DM 42 WaNageMenl SNP see 43 Manage MEN SLOG EE 44 Management gt UDpgrade 44 Management gt Recovery 45 Restore to factory reset warning 45 VPNSPPRTRSPR RE 47 VPNSPPTPSPPTP GION E 49 VPN gt PPTP gt PPTP Client gt Add 49 E ER SE Te PE 51 VPNSC2TPSE2TP GICM senda 53 VPNsL21IPsL21P GIIeRnISAqd ennen 53 VPN PS ON 54 VPNSPSEG e e ME 55 Page 6 of 59 WiMAX Outdoor CPE User Manual Page 7 of 59 Table 1 Table 2 Table 3 Table 4 Table 5 Table 6 Table 7 Table 8 Table 9 Table 10 Table 11 Table 12 Table 13 Table 14 Table 15 Table 16 Table 17 Table 18 Table 19 Table 20 WiMAX Outdoor CPE User Manual List of Tables Field definition for Personalization gt Account 15 Field definition for Personalization gt Date gt Date 16 Field definition for Personalization gt Date gt lime Zone 16 Field definition for WIMAX gt Scanner
19. OX230 OX250 OX350I WiMAX Outdoor CPE User Manual Version 1 0 Date Jan 12 2011 Page 1 of 59 WiMAX Outdoor CPE User Manual Table of Contents MUOU CIO EE EE NE ENN NE 10 lele Ga o EE ER er 10 12 LOGO EE 11 NU 12 TE VEN 12 22 NMK SES Ha 12 23 DEE SA see 13 Reegele ER ER ENE 14 Sele eer ei E 14 Gee REN 15 3 2 1 D e EE 15 522 MME ZONG PANNEN 16 MI 17 dele SAMENES 17 42 RUIMCIUGAUON uuu u nano eee 19 doe Wide SCAN EE 22 NEMI 24 571 BIGGENAT MOTO sores 24 5 1 1 BC RE 24 e Na 24 Page 2 of 59 WiMAX Outdoor CPE User Manual ET DN eee 26 Des EE 27 Seke ETE a 28 Ne VD LE 28 Dae MLE 28 de PRIO ena 29 Ded PRO PSV EE 31 54 NAT kee 34 ID FONAN eaa 39 e Ge Ke Let 36 57 DONS ownee ennen 37 EVA 38 5 8 1 VER Sal EE 38 SE e e EEE EEE 39 Manageme REE EE I derden 40 bre TRO E 40 Oa MAD EE 41 6 NPE 43 En 43 6 5 010 IdE cecair aE E R E T E T 44 SE RENN EE 45 Pee 46 Page 3 of 59 WiMAX Outdoor CPE User Manual TG EP BPD2uu ul uuu aus sasakuna hasayakasnusca 46 Valle PPTP OSNO ee 46 PR UN 48 La PP u u u u etende 50 ek RE 50 ER EP EN 53 Los PR Ge 54 Page 4 of 59 Figure 1 Figure 2 Figure 3 Figure 4 Figure 5 Figure 6 Figure 7 Figure 8 Figure 9 Figure 10 Figure 11 Figure 12 Figure 13 Figure 14 Figure 15 Figure 16 Figure 17 Figure 18 Figure 19 Figure 20 WiMAX Outdoor CPE User Manual List of Figures Beie 11 Eee 11 SEAUSSWMAX SES sa 12 Status gt N
20. Profile Name Auth Protocol par LICHAP LIMSCHAPY1 LIMSCHAPY2 Encryption Ho v Server IP Address 0000 User Name Password Retype Get IP automatically es Ono Assign IP Address Idle Timeout lg minutes enter 0 fo never timeout Save Cancel Figure 40 VPN gt L2TP gt L2TP Client gt Add Name Description L2TP Client Add Add a new connection setting Edit the existed connection setting Edit L2TP Client Profile Name The name of this connection setting Page 53 of 59 WiMAX Outdoor CPE User Manual Name Description The Authentication Protocol of the peer required Select which Authentication protocol to use PAP e CHAP e MSCHAPv1 e MSCHAPv2 Encryption Encryption Scheme Server IP Address The IP address of L2TP server The username to connect L2TP server via the se Username lected Auth Protocol The password of the corresponding username Retype Type the Password again Get IP Automati Obtain the dynamic IP address assigned by the L2TP cally server Table 26 Field definition for VPN gt L2TP gt L2TP Client Auth Protocol 7 3 IPsec Internet Protocol Security IPsec is an end to end security solution and operated at the IP Layer It provides secure communication between pairs of hosts pairs of security gateways or between security gateways and a host It s based on a suite of protocols for securing IP traffic by authenticating and encrypting each IP packet
21. de gt LAN window user can update the LAN information as shown in Figure 14 The definition for each field is shown on Table 7 LAN IP Address 192 168 0 254 IP Subnet Mask Figure 14 Networking gt Bridge NAT mode gt LAN Name Description IP Address IP address of CPE IP Subnet Mask Subnet Mask of CPE Save Commits the changes made and set the LAN IP information some services will be reloaded Reset the fields to the last saved values Table 7 Field definition for Networking gt Bridge NAT mode gt LAN 5 1 2 WAN In Figure 15 it demonstrates how to configure WAN IP on CPE web page In this web page the PPPoE setting will be shown if user choose PPPoE for WAN Protocol The definition for each field is shown on Table 8 Page 24 of 59 WiMAX Outdoor CPE User Manual WAN Operation Mode VAN Protocol Get IP Method WARN IP Address WAM IP Subnet vask Gateway IP Address WI User Mame Password Retype Password Auth Protocol VIPAP CHAP MIMSCHAPY1 lv MSCHAPY2 Encryption No idle Timeout o seconds enter 0 to never timeout AL Name Save Cancel Figure 15 Networking gt Bridge NAT mode gt WAN Name Description WAN IP Select the WAN operation mode Operation Mode e Bridge e NAT Select the WAN encapsulation protocol WAN Protocol e Ethernet PPPoE Select the IP method Get IP Method e DHCP e Static WAN IP Address lf user chooses Static for IP Method user should
22. e CA Certificate File certificate of ACS when D 230 communicated ACS with HTTPS URL CA Certificate Info Displays the subject field of the CA Certificate GST The CLIENT certificate file is used when CPE ifi communicates with HTTPS URL Client Certificate Info Displays the subject field of the CLIENT Certificate Commit the changes made and save to CPE Reset fields to the last saved values Table 19 Field definition for Management gt IT R 069 6 2 OMA DM Using OMA DM the terminals can communicate with the OMA DM Server and establish the configuration automatically as shown in Figure 29 The definition for each field of OMA DM is shown on Table 20 It s the current standard for activation of terminals in OMA Open Mobile Alliance Page 41 of 59 WiMAX Outdoor CPE User Manual Enable server URL Server Port Server Auth Type server ID Server Password Client Auth Type Client ID Client Password Periodical Client Initiated Enable Periodical Client seconds 10 3600 default 3500 initiated Interval Save Cancel Figure 29 Management gt OMA DM Name Desoription The Server ID for CPE when connected to DM Server The Server password for CPE when connected to DM Server Password Gaver Client Auth Type The DM Client authentication type oe ID en The Client ID for CPE when connected to DM Server The Client ID for CPE when connected to DM Server ID for CPE when connected to DM Serv
23. e g Subnet address The private subnet consisting of subnet IP addresses Start IP Address The only IP address allowed in the subnet Subnet Mask The netmask of the subnet Subnet address Restrict the traffic selector to a single protocol and or port e Any No restriction e ICMP Restrict the traffic selector to ICMP protocol Remote Port TCP Restrict the traffic selector to TCP protocol If the port number is 0 all TCP port numbers are accepted UDP Restrict the traffic selector to UDP protocol If the port number is 0 all UDP port numbers are accepted The type of the connection e Tunnel signifying a host to host host to subnet or subnet to subnet tunnel e Transport signifying host to host transport made Encapsulation Mode Whether authentication should be done as part of Active Protocol ESP encryption and or separately using the AH pro tocol e NULL e AES128 e AES192 Encryption Algorithm e AES256 e DES e 3DES Authentication Algo e MD5 rithm e SHA 1 SA Life Time The time interval a particular instance of a connection Page 58 of 59 WiMAX Outdoor CPE User Manual Name Description a set of encryption authentication key for user pack ets should last from successful negotiation to expiry Perfect Forward Se Whether Perfect Forward Secrecy of keys is desired device Reset fields to the last saved values Table 27 Field definition for VPN gt IPsec gt Add Page
24. e three options for assigning the protocol Protocol er e UDP e TCP Source port for packet incoming The format of this Src Port field is as below Port number ex 8080 Page 33 of 59 WiMAX Outdoor CPE User Manual Name Description Destination port for packet outgoing The format of this Dest Port field is as below Port number ex 8080 Description of the rule Delete the IP Pass Through rule Sane Commit the changes made and save to CPE some services will be reloaded Reset fields to the last saved values Table 13 Field definition for Networking gt DHCP Server 5 4 NAT ALG There are some ALG settings that user can enable from Networking gt NAT ALG ALG allows legitimate application traffic to pass through the CPE that would have otherwise restricted Without ALGs some application may not work well because of NAT firewall settings User could click on the check box to enable ALGs Note If user is using any of these types of application protocols user needs to enable them in the ALG settings FTP ALG H 323 ALG PPTP ALG SIP ALG Set BSID Enable FTP ALG Enable H 323 ALG Enable PPTP ALG Enable SIF ALG Set BSID Allow PPTP pass ihroudh P Save Cancel Figure 22 Networking gt NAT ALG Page 34 of 59 WiMAX Outdoor CPE User Manual 5 5 Forwarding Forwarding is the act of forwarding the data from WAN side to the particular port of the private IP This function can allo
25. er The Client password for CPE when connected to DM Client Password Server Periodical Client To enable or disable the periodical client initiated initiated Enable session to DM server for CPE Periodical Client The interval between two periodical client initiated initiated Interval sessions Commit the changes made and save to CPE Reset fields to the last saved values Table 20 Field definition for Management gt OMA DM Page 42 of 59 WiMAX Outdoor CPE User Manual 6 3 SNMP Enable F SNMP read only Community public SNMP write onky Community Contact Figure 30 Management gt SNMP Name Deseription Checking the enable button will allow SNMP Enable applications to query and set some of the SNMP variables Enter the Location SNMP string variable Enter the Contact SNMP string variable SNMP read onl 4 Enter Read community string to query SNMP data Community SNMP write only Enter Write community string to query SNMP vari Community ables Commit the changes made and save to CPE Reset fields to the last saved values Table 21 Field definition for Management gt SNMP 6 4 Log The Management gt Log will display system log output as shown in Figure 31 The Refresh button will clear the log window and display the most current system log information Page 43 of 59 WiMAX Outdoor CPE User Manual Display Level daemon device state transiti daemon MAC Re Init Rea
26. er Manual DNS First DNS Server Second ONS Server Third ONS Server Save Cancel Figure 16 Networking gt Bridge NAT mode gt DNS Name Description O Enter the WAN DNS information e User Defined e From SP First DNS Server If user selects User Define user needs to enter a valid IP address for the DNS server Second DNS Server Same as First DNS Server Third DNS Server Same as First DNS Server Commit the changes made and save to CPE after clicking the Save button user will get a message asking if user wants to reboot the CPE Reboot is necessary for the device to switch to a different profile Reset field to the last saved values Table 9 Field definition for Networking gt Bridge NAT mode gt DNS 5 2 Firewall In networking firewalls are used to block un wanted traffic It will prevent unau thorized devices to enter a trusted network Page 27 of 59 WiMAX Outdoor CPE User Manual 5 2 1 HTTP HTTP Allow Web accessing from VAN ave Cancel Figure 17 Networking gt Firewall gt HTTP Name Description Allow Web accessin w 9 Check the check box to allow connections from WAN from WAN Commit the changes made and save to CPE Reset fields to the last saved values Table 10 Field definition for Networking gt Firewall gt HTTP 5 2 2 TELNET TELNET Allow Telnet accessing from Vv AN Save Cancel Figure 18 Networking gt Firewall gt TELNET Name Description
27. etWork SIS save 13 Status Device SAUS 13 Personalization gt ACccount uu u uu u uuu uuu usss 14 Personalization gt Date gt Date 15 Personalization gt Date gt Time Zone 16 Wireless Broadband Access u u uuu asss 17 WIMAX SCANNET EE 18 WiMAX gt Authentication No authentication 19 WiMAX gt Authentication User authentication 20 WIMAX Wde SCAN uuu lun edna eene 22 Networking gt Bridge NAT mode gt LAN 24 Networking gt Bridge NAT mode gt WAN 25 Networking gt Bridge NAT mode gt DNS 27 Networking Firewal HTIIR 28 Networking gt Firewall gt TELNET 28 Networking gt Firewall gt DMZ 29 Networking gt Firewall gt IP Filter 29 Page 5 of 59 Figure 21 Figure 22 Figure 23 Figure 24 Figure 25 Figure 26 Figure 27 Figure 28 Figure 29 Figure 30 Figure 31 Figure 32 Figure 33 Figure 34 Figure 35 Figure 36 Figure 37 Figure 38 Figure 39 Figure 40 Figure 41 Figure 42 WiMAX Outdoor CPE User Manual Networking gt DHCP Server 32 NetWorkinNg gt NAT ALG ansann 34
28. gon Co Jaemon device state transiti daemon W device state transiti daemon Hi device state transiti daemon Hi device state transiti daemon Hi WAN is down aute rec daemon device state transiti daenon device state trangiti daenon MAC Ke Init Reagan Co daemon e device state transiti daemon device state transiti daenon device state transiti mt ls daemon device state trangiti l l l l l l l l l l l l l l gt Figure 31 Management gt Log 6 5 Upgrade The Upgrade window allows user to upgrade the firmware on the device Users can choose to upgrade the firmware by entering the file path as shown in Figure 32 The definition for each field is shown on Table 22 Note After pressing the Upgrade button It will automatically reboot the CPE and upgrade the firmware with the specified file User will be prompted to login to CPE after the upgrade is complete gaer TT Figure 32 Management gt Upgrade Name Description Enter the full path of the file user wants to upgrade Browse The browse button will help user to find the file on the server Page 44 of 59 WiMAX Outdoor CPE User Manual Name beseripton Upgrade It will start upgrading the file The status bar will display which segment it s Status processing and what percentage of the upgrade has been completed Table 22 Field definition for Management gt Upgrade 6 6 Recovery Recovery wil
29. he frequency Joint Wide Scan Re Yes means to append wide scan result to the fre sult quency setting Select the default bandwidth to be used in Frequency List Default Bandwidth e 5MHz e 7 MHz e 10 MHz Page 18 of 59 WiMAX Outdoor CPE User Manual Name Desoription Valid band information If the frequencies aren t loca Valid Band Info ted using the valid band range the frequency setting will be rejected Add The Add button will allow user to enter more fre quency lists Click the OK button to exit table edit mode Commit the changes made and save to CPE Reset fields to the last saved values Table 4 Field definition for WiMAX gt Scanner 4 2 Authentication Authentication Mode Cancel Figure 11 WiMAX gt Authentication No authentication Page 19 of 59 WiMAX Outdoor CPE User Manual Authentication Mode Phase 1 Phase 2 Username Password identity CA certificate Brose No certificate file found CA Cert Info User Cert Info Password Auto Prepend Auth Mode Random Outer ID Ignore Cert Verification same EAP OuterlD in ReAuth MAC address in EAP TLS outer ID Delete existed Root Certificate file Delete existed Device Certificate file Delete existed Private Key 0 OUWE IE Save Cancel Figure 12 WiMAxX gt Authentication User authentication name Beete Authentication The method used in authentication Authentication Mode No Authe
30. ign IP Total Mum Figure 36 VPN gt PPTP gt PPTP Client Profile Name Auth Protocol par LICHAP LIMSCHAPY1 LIMSCHAPY2 Encryption Mo v Server IP Address 000 0 User Name Password Retype Get IP automatically es Ono Assign IP Address Idle Timeout minutes enter to never timeout Save Cancel Figure 37 VPN gt PPTP gt PPTP Client gt Add Name Description PPTP Client Add Add a new connection setting Edit Edit the existed connection setting Edit PPTP Client Profile Name The name for this connection setting The Authentication protocol of the peer required Auth Protocol Select which Authentication protocol to use PAP Page 49 of 59 WiMAX Outdoor CPE User Manual Name Description e CHAP e MSCHAPv1 e MSCHAPv2 Encryption Encryption scheme Server IP Address The IP address of PPTP server Username The user ID to connect PPTP server via the selected Auth Protocol The password of the corresponding user ID Retype Type the Password again Obtain the dynamic IP address assigned by the PPTP Table 24 Field definition for VPN gt PPTP gt PPTP Client 7 2 L2TP In computer networking Layer 2 Tunneling Protocol L2TP is a tunneling protocol used to support virtual private networks VPNs It does not provide any encryption or confidentiality by itself It relies on an encryption protocol that it passes within the tunnel to provide privacy The entire L2TP packet
31. l set all the configurations back to factory defaults as shown in Figure 33 Any configurations that user has made will be changed back to the factory default settings After selecting Factory Default button it will prompt a window for user to confirm or cancel the action as shown in Figure 34 Warning Restore factory defaults will clear any IP addresses and setting that may have been configured on the CPE Current Firmware Version wid TO10 AM1 0 Reset to factory defaults settings Factory Default Figure 33 Management gt Recovery The page at http 192 168 0 254 says ve Thi step will restore factors defaults and reboot the CPE continue Figure 34 Restore to factory reset warning Page 45 of 59 WiMAX Outdoor CPE User Manual 7 VPN VPN Virtual Private Network is a network that is implemented in an additional software layer on top of an existing larger network for the purpose of providing a secure extension of a private network into an insecure network such as the Internet The links between nodes of a VPN are formed over logical connect ions or virtual circuits between hosts of the larger network VPNs are often installed by organizations to provide remote access to a secure organizational network Generally a VPN has a network topology more compl ex than a point to point connection VPNs are also used to mask the IP address of individual computers within the Internet in order for instance to surf the Wo
32. ndshake Page 51 of 59 WiMAX Outdoor CPE User Manual Name Description Authentication Protocol e MSCHAPv2 Microsoft Challenge Handshake Authentication Protocol Version 2 Encryption Scheme No Encryption MPPE 40 bits 40 bit encryption with MPPE MPPE 128 bits 128 bit encryption with MPPE Auto automatically select Local IP Address The IP of router Ae sessions are established IP addresses are as Remote Start IP i signed starting from Remote Start IP Restrict Client IP To restrict client IP address range for the client Allow Client IP The IP address range for the client Disconnect if the link is idle for the given number of Idle Timeout seconds The primary DNS Domain Name Server addresses to The secondary DNS Domain Name Server ad DNS Server 2 dresses to the clients User Access List User ID to connect L2TP server via the selected Auth User Name Protocol Server Protocol type Password to connect L2TP server via the selected Password Auth Protocol Connection List Table 25 Field definition for VPN gt L2TP gt L2TP Server DNS Server 1 the clients Page 52 of 59 WiMAX Outdoor CPE User Manual 7 2 2 L2TP Client User could setup PPTP Client as shown in Figure 39 and Figure 40 The defi nition for each field of PPTP Client is shown on Table 26 L2TP Client per page page P el Profile Hame Server IP Assign IP Total Mum 0 Figure 39 VPN gt L2TP gt L2TP Client
33. ntication e User Authentication Page 20 of 59 WiMAX Outdoor CPE User Manual Name Description e Device Authentication Ee sage User needs to fill the Outer ID at this field User certificate The MS s X 509 certificate User Cert Info The root MS s certificate information Private Ke The MS s private key file corresponding to the public key enhanced in x 509 certificate Private Key lo Private Key lo Info The The MS s private key information s private The MS s private key information information Private Key Pass The key used to decrypt the MS s private key file puts am i in EAP outer ID Auto Prepend Auth i 1 user authentication Mode 2 device authentication 3 user amp device authentication Enable MS to generate 16 bytes random number as Random Outer ID the user name in the EAP Identity Response message Ignore Cert Verifica MS skips to verify the BS s certificate received in the tion EAP TLS or EAP TTLS procedure Same EAP Outer ID Use the same EAP outer ID when doing re auth in ReAuth MAC address in Add MAC address in outer ID when EAP mode is EAP TLS outer ID EAP TLS Delete existed Root e G Remove the files loaded from Ul Certificate file Delete existed De Delete device certificate file which was uploaded in the vice Certificate file field MTK authorized Device Certificate Delete existed Pri existed Delete existed Pri Delete device private key which was u
34. ommit the ping test request Table 18 Field definition for Networking gt Ping Page 39 of 59 WiMAX Outdoor CPE User Manual 6 Management 6 1 TR 069 Using TR 069 the terminals can communicate with the Auto Configuration Servers ACS and establish the configuration automatically as shown in Figure 28 The definition for each field of TR 069 is shown on Table 19 It s the current standard for activation of terminals in the DSL broadband market Enable C Inform Enable Inform Interval seconds 10 3600 default 3600 Request Username Request Password COTW ST Ta iwan Losinlhu GsWediaTek Inc ZOUH RES CHS0PE femal ldddress servicemediatek com Client Certificate Into Save Cancel Figure 28 Management gt TR 069 Name Beer gt To enable or disable the TR 069 activity on the Enable CPE Fixed Client Port To specify fixed client port ACS Server URL The ACS URL for CPE to connect to Page 40 of 59 WiMAX Outdoor CPE User Manual Name Description Bootstrap Enable Check the box to enable bootstrap The username for the CPE when connected to ACS Username AGS The password for the CPE when connected to AGS Password Kees ACS EC To enable or disable the periodical inform to ACS Periodical Inform Enable for CPE Connection Request Enter the username for the ACS to perform Connection Request Enter the password for the ACS to perform con The CA certificate file is used to identify th
35. page pagel el Active Source IP Source Port Destination IF Destination Port Protocol Total Mum Save Cancel Figure 20 Networking gt Firewall gt IP Filter Name Description OO Page 29 of 59 WiMAX Outdoor CPE User Manual Name Description Click the Add button to create a new IP Filter rule Click the OK button will exit the table edit mode Check the box to activate the IP Filter rule source IP Source IP to filter on It can be in one of the following formats IP address ex 192 168 0 222 Subnet ex 192 168 1 0 24 IP range ex 192 168 0 150 192 168 0 160 0 0 0 0 0 means any source Port source Port to filter on It can be one of the following formats Port number ex 8080 Port Range ex 1024 2048 Destination IP Destination IP to filter on It can be in one of the following formats IP address ex 192 168 0 222 Subnet ex 192 168 1 0 24 IP range ex 192 168 0 150 192 168 0 160 0 0 0 0 0 means any Destination Port Destination port to filter on It can be one of the following formats Port number ex 8080 Port Range ex 1024 2048 Protocol to filter on Table 12 Field definition for Networking gt Firewall gt IP Filter Page 30 of 59 WiMAX Outdoor CPE User Manual 5 3 DHCP Server Use the Networking gt DHCP Server tab to configure the DHCP server information The default DHCP Server setup is enabled and user could disable this function from setup as shown in
36. ploaded in the Page 21 of 59 WiMAX Outdoor CPE User Manual Names Description field Device Private Key Commit the changes made and save to CPE Reset fields to the last saved values Table 5 Field definition for WiMAX gt Authentication 4 3 Wide Scan The Wide Scan function is used for scanning BS based on scanning rule User can set the scan rule with defining start stop frequency step and channel bandwidth and CPE will base on this rule to scan the BS as shown in Figure 13 The definition for each field is shown on Table 6 Auto Vide Scan Wide scan Range per page ES 0 sel EIS Start Frequency KHz End Frequency KHz Step KHz Bandwidth MHz 2260000 257 0000 2580000 2590000 Total Mum 2 Frequency KHZ Bandwidth MHz Figure 13 WiMAX gt Wide Scan Name Description Select Yes to do wide scan automatically when Auto Wide Scan there are no available BS Wide Scan Range User can specify the wide scan range to reduce search Add OK wg SESCH 9 Wide Scan Result Show the result of wide scan Search button can trigger Page 22 of 59 WiMAX Outdoor CPE User Manual Clear button clear current search result Save Cancel Save Cancel current setting Table 6 Field definition for WiMAX gt Wide Scan Page 23 of 59 WiMAX Outdoor CPE User Manual 5 Networking 5 1 Bridge NAT mode 5 1 1 LAN From the Networking gt Bridge NAT mo
37. rld Wide Web anonymously or to access location restricted services such as Internet television Here VPN Settings allow user to set rules for VPN and it supports PPTP L2TP and IPsec 7 1 PPTP The Point to Point Tunneling Protocol PPTP is a method for implementing virtual private networks PPTP does not provide confidentiality or encryption it relies on the protocol being tunneled to provide privacy 7 1 1 PPTP Server User can setup PPTP Server as shown in Figure 35 A PPTP Server Point To Point Tunneling Protocol allows user to connect securely from a place such as the house to a LAN located in another location such as the office This way user can use the services provided in the office at the comfort of the house The definition for each field of PPTP Server is shown on Table 23 Page 46 of 59 WiMAX Outdoor CPE User Manual EISNER PPTP Client Enable Sever Mame Auth Protocol MIPAP CHAP MIMSCHAPY1 bel MSCHAPY2 Encryption MFFE 128 bits Local IP Address 122 168 3 1 Remote Start IP 192 168 3 2 oo Idle Timeout minutes enter 0 fo never timeout DNS Server 1 options DNS Server 2 ostions per page page P bi User Name Password IP Address Total Mum 0 per page pagel el Remote IP User Hame Address PPTP IP Address Login Time Link Time s Figure 35 VPN gt PPTP gt PPTP Server Name Description O OOOO PPTP Server Activate PPTP server Require the peer to authenticate it
38. self before allowing network packets to be sent or received We support the following protocol e PAP Password Authentication Protocol Auth Protocol e CHAP Challenge Handshake Authentication Pro tocol MSCHAP Microsoft Challenge Handshake Au thentication Protocol Page 47 of 59 WiMAX Outdoor CPE User Manual Name Description g thentication Protocol Version 2 Encryption Scheme No Encryption MPPE 40 bits 40 bit encryption with MPPE MPPE 128 bits 128 bit encryption with MPPE Auto automatically select Local IP Address The IP of router As sessions are established IP addresses are as Remote Start IP signed starting from Remote Start IP Idle Timeout Disconnect if the link is idle for the assigned seconds Th DNS Domain Name Server addresses to DNS Server 1 cy l ven clients Th d DNS Domain Name Server ad DNS Server 2 e secon ary Ver dresses to clients User Access List User ID to connect PPTP server via the selected Auth User name Protocol Server protocol type Password to connect PPTP server via the selected Password Auth Protocol Table 23 Field definition for VPN gt PPTP gt PPTP Server 7 1 2 PPTP Client User could setup PPTP Client as shown in Figure 36 and Figure 37 The defi Page 48 of 59 WiMAX Outdoor CPE User Manual nition for each field of PPTP Client is shown on Table 24 PPTP Client 10 el per page pagel el Profile Hame Server IP Ass
39. ver The Save button will commit the configuration and the Cancel button will clear the fields Note If user doesn t configure the time on the CPE it will use the default sys tem starting time The default system starting time is set to 1970 1 1 00 00 00 Date Current system Time Thu Jan 8 15 42 22 1970 O Manual New Time hh mm ss be New Date mm ce yyyy 12 23 amp Get from Time Server Time Protocol NTFIRPFO 1305 ze Save Cancel Figure 7 Personalization gt Date gt Date Name Description enter the time and date manually Get From Time If user selects this option it will get the local time from a Commit the changes made and save to CPE Page 15 of 59 WiMAX Outdoor CPE User Manual Name Description Reset fields to the last saved values Table 2 Field definition for Personalization gt Date gt Date 3 2 2 Time Zone The Time Zone tab will allow user to set the time zone and set the starting and finish time for daylight saving period as shown in Figure 8 The definition for each field is shown on Table 3 User can also enable or disable Daylight Savings Time Time Zone Time Zone GMT 08 00 Kuala Lumpur Singapore v Enable Daylight Saving Start Date gt d o clock End Date Last o Sunday wl of at o clock Save Cancel Figure 8 Personalization gt Date gt Time Zone Name Deserption O O O OOO O Enter the time zone of for the location
40. w remote computers to reach a port on a private IP address within a private LAN In the following it will introduce how to setup for Port Forward First user needs to click the Add button and then select which forward type TCP or UDP or TCP UDP is preferred to trigger the special application as shown in Figure 23 User needs to assign some specific port for the WAN IP to be forwarded to the defined LAN IP and port and then click the Save button to add a Port Forward rule The definition for each field is shown on Table 14 IO w per page pagel gt bl Incoming Portis Forward Port s Active Hamme Protocol rr server IF ta Total Mum Save Cancel Figure 23 Networking gt Forwarding Name Description Check the box to active the DEE forward rule Name Name of the Name of the port forward rule forward rule Protocol User needs to define the desired protocol for rule Available options are TCP UDP or TCP UDP User needs to define incoming port range for port Incoming Port s I P 9 P forwarding rule User needs to define to which port range will be Forward Port s translated for port forwarding rule The packet will be forwarded to one ol these ports if it matches the rule User needs to define which IP address will be translated to if it matches the Port Forwarding rule The packet will be forwarded to this IP address if it matches the rule Delete the Port Forward rule Page 35 of 59 Server
Download Pdf Manuals
Related Search