Eltek R3601-W2 User Manual Eltek R3601
Contents
1. Figure 3 2 3 3 Network Configuration 3 3 1 Network Status System Status The Status page shows all WAN and LAN interfaces configuration and all physical ports connection status related to this device 3 3 1 1 WAN Status Choose the menu Network Status WaAN to load the following page Network gt Status WAN Name Mode Status IP Address DATA VOICE MGMT OTHER1 OTHER2 Static IP 10 55 12 Figure 3 3 3 3 1 2 LAN Status LAN Enable VID PRI 255 255 0 0 No ee Netmask Gateway WAN Status Choose the menu Network Status LAN to load the following page Page 6 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Network gt Status IP Address Netmask Description 192 168 1 1 255 259295 0 VLANI Figure 3 4 LAN Status 3 3 1 3 Link Status Choose the menu Network Status Link Status to load the following page Network gt Status WAN LAN Link Status Port Auto Negotiation Connect Status Speed Duplex Mode WAN Enable Link Up 1000Mbps Full Duplex LAN1 Link Down LAN2 Link Down LANZ Enable Link Up 100Mbps Full Duplex LANA Enable Link Up 100Mbps Full Duplex Figure 3 5 Link Status 3 3 2WAN Configuration The device supports 4 WAN interfaces DATA MGMT OTHER1 OTHER2 Every WAN interface provides the following five Internet connection types Static IP DHCP PPPoE PPTP L2TP Choose the menu Network WAN to load the configuration show page Network gt WAN I2. Enable DDNS Enable Port Mirror Enable DMZ Enable MAC Filter Enable DHCP Relay Enable Access Control Enable L2TP Server Enable ARP Attack Defense Enable PPTP Server Figure 3 30 Service State 3 4 1 2 ARP Table This page displays the ARP List Choose the menu Data Service Status ARP Table to load the following page Page 29 of 82 Ete K R3601 W2 User Manual vil TECHNOLOGIES Data Service gt Status IP Address Flag HW Address Interface 192 168 111 221 0x2 00 22 33 44 55 02 eth2 7 192 168 1 66 0x0 00 00 00 00 00 00 brO 192 168 1 121 0x2 00 0d 88 48 b4 1f brO 192 168 1 65 0x0 00 00 00 00 00 00 brO 1 Total 1 Pages 4 Rows Figure 3 31 ARP Table 3 4 1 3 Route Table Choose the menu Data Service Status Route Table to load the following page Data Service gt Status interface from all lookup local SS a m x from all lookup 1 from all fwmark Ox3e8 lookup 2 from all fwmark Ox3e9 lookup 3 from all fwmark Ox3ea lookup 4 from all lookup main Mio in lB iw Im le from all lookup default 1 Total 1 Pages 7 Rows Figure 3 32 Route Table 3 4 1 4 Net State Choose the menu Data Service Status Net State to load the following page Page 30 of 82 TECHNOLOGIES Data Service gt Status Protocol TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP Local Address 0 0 0 0 1900 0 0 0 0 9100 0 0 0 0 80 0 0 0 0 22 B
3. Thursday MlFriday lM Saturday lM Sunday Page 66 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Figure 3 89 Add or Modify Policy Route The following items are displayed on this page gt Enable PoliceRoute Enable or disable the entry gt Next Hop Type Select from pull down list Interface Address gt Interface Specify the interface of next hop for the entry gt Address Specify the address of next hop for the entry gt Description Give description for the entry gt Protocol Specify the protocol TCP UDP or ALL gt Source IP Enter IP address or IP range of source in the rule entry gt Destination IP Enter IP address or IP range of destination in the rule entry gt Destination Port Specify port or port range of destination in the rule entry gt Active Time Specify the active time range for the rule entry Active Day Specify the active days for the rule entry 3 4 8 3 RIP The Routing Information Protocol RIP is one of the oldest distance vector routing protocols which employs the hop count as a routing metric 3 4 8 3 1 RIP Service Choose the menu Data Service RIP RIP Service to load the following page Data Service gt RIP RIP Service Key Chain O Enable RIP Service Save O Index Interface Receive Version Send Version Enable Auth Key Mode Key Type Simple String Add Del Figure 3 90 RIP Service Configuration The following items are displayed on this pa
4. Figure 3 13 Configure LAN Interface The following items are displayed on this part gt Interface Name Name of this LAN interface gt IP Address Enter the IP address for this LAN interface gt Netmask Enter the subnet mask for this LAN interface Optional Enable or disable NAT for this LAN interface gt NAT gt Assign NAT IP Optional If NAT is selected NAT IP address can be assigned gt Enable DHCP Server Enable or disable DHCP server on this LAN interface If Enable DHCP Server is selected enter the Start IP address to define a range for the DHCP server to assign dynamic IP addresses This address should be in the same IP address subnet with the IP address of this LAN interface gt Start IP Page 15 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt End IP If Enable DHCP Server is selected enter the End IP address to define a range for the DHCP server to assign dynamic IP addresses This address should be in the same IP address subnet with the IP address of this LAN interface gt Netmask If Enable DHCP Server is selected enter the Netmask to define a range for the DHCP server to assign dynamic IP addresses gt Gateway Optional If Enable DHCP Server is selected enter the Gateway address to be assigned gt Primary DNS Optional If Enable DHCP Server is selected enter the Primary DNS server address to be assigned gt Secondary DNS Optional If Enable DHCP Server is selected
5. All the requests from the internet to the specified LAN port will be redirected to this host gt Protocol Specify the protocol used for the entry gt Internet Interface Specify the interface to receive requests from the internet for the entry Description Enter a name for Virtual Server entry 3 4 3 3 DMZ Settings In computer security a DMZ or Demilitarized Zone Sometimes referred to as a perimeter network is a physical or logical network that contains and exposes an organization s external facing services to a larger and insecure network usually the Internet The purpose of a DMZ is to add an additional layer of security to an organization s local area network LAN an external attacker only has direct access to equipment in the DMZ rather than any other part of the network Choose the menu Data Service NAT Config DMZ Settings to load the following page Data Service gt DMZ Settings Enable DMZ O F Index Public IP Private IP Description O 1 0 all yalal 192 168 1 2 test 1 Total 1 Pages 1 Rows Add Del Figure 3 42 View DMZ Settings Page 35 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 The following items are displayed on this screen gt Enable DMZ Enable or disable DMZ globally Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Data Service gt DMZ Settings DM Pu
6. The VPN Virtual Private Network technology is developed and used to establish the private network through the public network which can guarantee a secured data exchange VPN adopts the tunneling technology to establish a private connection between two endpoints It is a connection secured by encrypting the data and using point to point authentication The following diagram is a typical VPN topology Router Server Client Remote PC Server Figure 3 72 VPN Network Topology As the packets are encapsulated and de encapsulated in the Router the tunneling topology implemented by encapsulating packets is transparent to users The tunneling protocols supported contain Layer 3 IPSEC and Layer 2 L2TP PPTP 3 4 7 2 PPTP Server Layer 2 VPN tunneling protocol consists of L2TP Layer 2 Tunneling Protocol and PPTP Point to Point Tunneling Protocol Both L2TP and PPTP encapsulate packet and add extra header to the packet by using PPP Point to Point Protocol Table depicts the difference between L2TP and PPTP Proto Tunnel Length of Authentica col Header tion PPTP IP network Single 6 bytes at Not tunnel least Supported Page 56 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 IP network of UDP Multiple 4 bytes at Supported tunnels least Figure 3 73 Difference between L2TP and PPTP Choose the menu Data Service VPN PPTP Server to load the following page Data Service gt PPTP Server Enable
7. known Therefore the two peers need to negotiate a security key for communication with IKE Internet Key Exchange protocols Actually IKE is a hybrid protocol based on three underlying security protocols ISAKMP Internet Security Association and Key Management Protocol Oakley Key Determination Protocol and SKEME Security Key Exchange Protocol ISAKMP provides a framework for Key Exchange and SA Security Association negotiation Oakley describes a series of key exchange modes SKEME describes another key exchange mode different from those described by Oakley IKE consists of two phases Phase 1 is used to negotiate the parameters key exchange algorithm and encryption to establish an ISAKMP SA for securely exchanging more Page 59 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 information in Phase 2 During phase 2 the IKE peers use the ISAKMP SA established in Phase 1 to negotiate the parameters for security protocols in IPSEC and create IPSEC SA to secure the transmission data 3 4 7 4 1 IKE Safety Proposal In this table you can view the information of IKE Proposals Choose the menu Data Service VPN IPSec IKE Safety Proposal to load the following page Data Service gt YPN gt IPSec IKE Safety Proposal IKE Sa O Index Proposal Name Encryption Algorithm Auth Algorithm DH Group O 1 testi 3DES SHALL DH 1536 modp 1 Total 1 Pages 1 Rows Add Del Figure 3 78 View IKE Safety Proposal Configurat
8. packets from one multiple ports mirrored port to a specific port mirroring port Usually the mirroring port is connected to a data diagnose device which is used to analyze the mirrored packets for monitoring and troubleshooting the network Choose the menu Network Port Management Port Mirror to load the following page Page 26 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Network gt Port Management Port Mirror Enable Port Mirror Destination Port OWAN LAN1 LN OLana OLan4 Source Port wiwan Oane Oana CILAN 4 Save Figure 3 27 Port Mirror The following items are displayed on this screen gt Enable Port Mirror Enable or disable port mirror gt Destination Port The duplicate of packets from Source Port will send to this destination port gt Source Port All packets received from Source Port will be duplicated and the duplicate will be send to Destination Port 3 3 6 2 Media Type Choose the menu Network Port Management Media Type to load the following page Network gt Port Management Media Type Media Type ha WAN Auto Negotiation 3 LAN D I D I Lon e Land Auto Negotiation ze Current Status WAN 1000Mbps Full Duplex LANS 100Mbps Full Duplex LANA 100Mbps Full Duplex Figure 3 28 Media Type The following items are displayed on this screen gt Media Type provides the following six modes to all physical ports 10M Half Duplex 10
9. problems with another nearby access point Wireless Mode Select the desired mode 1ib Select if all of your wireless clients are 802 11b lig Select if all of your wireless clients are 802 119 Page 17 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Lin Select only if all of your wireless clients are 802 11n 11b g Select if you are using both 802 11b and 802 11g wireless clients 11b g n Select if you are using a mix of 802 11b 11g and 11n wireless clients gt Channel Width Select any channel width from the drop down list The default setting is automatic which can automatically adjust the channel width for your clients If you choose to 11n or 11b g n Wireless mode this configuration is required Two values of width are provided 20MHz and 20 40MHz The Service Set Identifier SSID is used to identify an 802 11 Wi Fi network and it s discovered by network sniffing scanning R3601 W2 provides up to four SSID gt Enable Enable or disable this entry of SSID SSID1 can t be disabled gt SSID Name Enter the name of SSID The name of SSID must be unique in all wireless networks nearby gt Bind Interface Select a network interface to be bridged to the SSID gt Enable Broadcast When wireless clients survey the local area for wireless networks to associate with they will detect the SSID broadcast by the device If you select the Enable Broadcast checkbox the device will broadcast its name SSID
10. 768 modp DH 1024 modp and DH 1536 modp 3 4 7 4 2 IKE Safety Policy In this table you can view the information of IKE Policy Choose the menu Data Service VPN IPSec IKE Safety Policy to load the following page Data Service gt VPN gt IPSec al IKE Safety Policy IPSEC Safety Proposa Index Policy Name Operation Mode Enable Local ID Local ID Enable Remote ID Remote ID Auth Mode Pre Share Key F i test2 Main Mode Disable Disable PSK 123 Total 1 Pages 1 Rows Add Del Figure 3 80 View IKE Safety Policy Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Data Service gt YPN gt IPSec gt IKE Policy Maximum 128 Characters Challenge Mode Main Mode Policy Mame Operation Mode Enable Local ID L EA Maximum 256 Characters Enable Remote ID O PE Maximum 256 Characters Auth Mode Pre Share Key 123 Maximum 256 characters lt MM y Enable Safety Proposall testl Enable Safety Proposal testl Enable Safety Proposals testl Enable Safety Proposal4 testl Figure 3 81 Add or Modify IKE Safety Policy Entry The following items are displayed on this screen gt Policy Name Specify a unique name to the IKE policy for identification and management purposes The IKE policy can be applied to IPSEC policy gt Operation Mode Select the IKE Exchange
11. DSCP of packets matched with the rule gt Priority Change the scheduling queue of packets matched with the rule gt Maximal Bandwidth Limit the bandwidth of packet matched with the rule 3 4 6 DDNS DDNS Dynamic DNS service allows you to assign a fixed domain name to a dynamic WAN ip address which enables the Internet hosts to access the Router or the hosts in LAN using the domain names Choose the menu Data Service gt DDNS to load the following page Page 54 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Data Service gt DDNS prrnnncnnnos DDNS Enable M Sencceceeeed Username dydns Password ITI x First Url dydns1 com Second Url dydns2 com Update Interval 600 0 65535 s Server Type DYNDNS Le Server Name dydns con Server Url dydns com Dyn DNS Server Name dydns com Dyn DNS Server Url dydns com System Item dydns con DDNS Status DDNS_TASK_NOT_INIT Figure 3 71 Configure DDNS The following items are display on this page gt DDNS Enable Active or inactive dynamic DNS service gt Username Enter account name of your DDNS account gt Password Enter password of your DDNS account gt First Url First domain name that you registered your DDNS service provider gt Second Url First domain name that you registered your DDNS service provider gt Update Interval How often in second
12. Figure 3 18 Configure WIFI WPS PIN The following items are displayed on this screen gt Enable WPS Enable or disable the WIFI WPS function globally gt WPS Mode Choose the WPS mode PIN gt PIN Code If PIN mode is chosen enter the 8 digit PIN code and then click Connect 2 PBC Mode If PBC mode is selected the following page is loaded Page 21 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Enable WPS WPS Mode DIN di pac PBC Set Simulation Connect Figure 3 19 Configure WIFI WPS PBC The following items are displayed on this screen gt Enable WPS Enable or disable the WIFI WPS function globally gt WPS Mode Choose the WPS mode PBC gt PBC Set If PBC mode is chosen then click Simulation Connect 3 3 4 4 Advanced Settings Choose the menu Network WLAN Advanced Settings to load the following page etuno rk SS Le Gu wD A d Y a n ce d 5 etti n g 5 ee gl Ee TET a EAr Fragmentation Threshold 2346 256 2346 default 2346 RTS Threshold 2347 256 2347 default 2347 Transmit Power 1 100 default 100 Enable WM Figure 3 20 Configure WIFI Advanced Settings The following items are displayed on this screen gt Fragmentation Threshold This value is the maximum size determining whether packets will be fragmented Setting the Fragmentation Threshold too low may result in poor network performance since excessive packets 2346 is the default setting and is recommended gt R
13. Manageme taras 26 3 1 1PYO CONIU ON n EEN 28 3 4 Data Service a 29 sA S EE 29 za DACP SAN EE 31 o NAT ON BE 33 Si Firewall Config WE 37 AD 0 a E EA ee eee eee ee eee 48 SAO DID NS iria Agen 54 SAT VPN eiii 56 Bee ROUNO cis 65 3 4 9 Advanced Parameters cccccccccccccccssssceccccccccseccssecccccccuuuceeeecesceesuuacceceeceeeuaaaeess 69 A Aa 70 A A e E 70 29 IS ri ii 71 SL Time Mando SMN SE 71 IDe Re e ele 73 gt RODOOL SY O NEE 74 By BACKUP RESTO Orta 74 IS o O A a 74 O USC Managemen o ce eee 76 EAS SUSI MOG A 77 3D TROO EE 78 SE 80 Sy LO USE ACCESS HE 81 O ADO eege 82 GC Ger GE viet viet Ce ClO EE 83 en pi Eltek R3601 W2 User Manual v 1 1 1 Overview A new series of ALL IN ONE INTELLIGENT Gateway R3601 W2 is perfectly designed for SOHO small and medium sized business SMB requiring application based solutions of low capital investment to communicate with various kinds of users The R3601 W2 has integrated high data capacity of WIFI 300Mbps and GE LAN Robust VPN functions support office users to create remote multiple accessing of site site encrypted private connections over public Internet Multi access way of R3601 W2 has includes Ethernet Optical and 3G Page 1 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 2 Product Introduction 2 1 Appearance AN vg hh ca ei See et 22314 Chen eae ee e E e eeeee a Figure 2 1 R3601 W2 Front View Table 2 1 LED 00
14. Mode in phase 1 and ensure the remote VPN peer uses the same mode Page 61 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Main Main mode provides identity protection and exchanges more information which applies to the scenarios with higher requirement for identity protection Challenge Challenge Mode establishes a faster connection but with lower security which applies to scenarios with lower requirement for identity protection gt Enable Local ID If enabled enter a name for the local device as the ID in IKE negotiation gt Enable Remote ID If enabled enter the name of the remote peer as the ID in IKE negotiation gt Auth Mode Select the authentication mode for this IKE policy entry PSK Certificate Pre Share Key Enter the Pre shared Key for IKE authentication and ensure both the two peers use the same key The key should consist of visible characters without blank space gt Enable Safety Proposal Select the Proposal for IKE negotiation phase 1 Up to four proposals can be selected 3 4 7 4 3 IPSEC Safety Proposal In this table you can view the information of IPSEC proposal Choose the menu Data Service VPN IPSec IPSEC Safety Proposal to load the following page Data Service gt VPN gt IPSec y Policy IPSEC Safety Proposal IP Fi Index Proposal Name Protocol Type Encryption Algorithm Auth Algorithm O 1 test3 ESP 3DES SHA1 Total 1 Pages 1 Rows Add Del Figur
15. PAT statically uses unique port numbers on a single outside IP address to distinguish between the various translations Choose the menu Data Service gt NAT Config PAT Settings to load the following page Data Service gt PAT Settings Enable PAT a Index Enable Protocol Internet Interface Internet Port Intranet IP Intranet Port Description O 1 Enable TCP DATA 90 ola Fa Ba bo 9090 test Total 1 Pages 1 Rows Add Del Figure 3 40 View PAT Settings The following items are displayed on this screen gt Enable PAT Enable or disable PAT globally Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 34 of 82 Ete R3601 W2 User Manual vil TECHNOLOGIES Data Service gt PAT Settings Enable Internet Port 1 65535 Intranet Port 165535 Intranet IP 8 9 155 55 0 23 Internet Interface DATA wi Description Figure 3 41 Add or Modify PAT Entry The following items are displayed on this screen gt Enable Enable or disable this PAT entry gt Internet Port Enter the service port provided for accessing external network All the requests from internet to this service port will be redirected to the specified server in local network gt Intranet Port Specify the service port of the LAN host as virtual server gt Intranet IP Enter the IP address of the specified internal server for the entry
16. PPTP Server IP Address Pool Range 192 168 1 200 to 192 168 1 240 Enable Authentication Enable Encryption Username IP Description pptp_userl 192 168 1 206 test Total 1 Pages 1 Rows Del Figure 3 74 Configure PPTP Server The following items are displayed on this screen gt Enable PPTP Server Enable or disable the PPTP server function globally gt IP Address Pool Range Specify the start and the end IP address for IP Pool The start IP address should not exceed the end address and the IP ranges must not overlap gt Enable Authentication Specify whether to enable authentication for the tunnel gt Enable Encryption Specify whether to enable the encryption for the tunnel If enabled the PPTP tunnel will be encrypted by MPPE Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Dels Service gt YPN gt PPTP Server Binding IP 192 168 1 206 Figure 3 75 Add or Modify PPTP Client Entry The following items are displayed on this screen Username Enter the account name of PPTP tunnel It should be configured identically on server and client Page 57 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Password Enter the password of PPTP tunnel It should be configured identically on server and client gt Binding IP Enter the IP address of the client which is allowed to connect
17. Should specify address manually gt DNS Stateless Manual DHCPv6 If Manual is selected you Should specify DNS manually gt Enable DHCP PD Whether to enable DHCP PD prefix delegation on WAN Page 28 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 LAN Configuration gt Enable LAN If IPv6 or IPv4 v6 is choseN select this to enable IPv6 stack on LAN gt Link Local Address Select type of Link Local address Auto or Manual If Manual is selected you should specify address manually gt Global Unicast Address Manual Auto If Manual is selected you should specify address manually gt Address Auto Allocate Mode SLAAC RDNSS Recursive DNS Server SLAAC Stateless address autoconfiguration DHCPv6 DHCPv6 gt Manual Allocate Address Prefix Configure the manual allocate address prefix gt Prefix Life Time Enter the life time of prefix gt Default Gateway Life Time Enter the life time of default gateway gt Primary DNS Enter the primary DNS address gt Secondary DNS Enter the secondary DNS address 3 4 Data Service 3 4 1 Status The Status page shows the data services information all information is read only 3 4 1 1 Service State The Service State page show all switch status of data services Choose the menu Data Service Status Service State to load the following page Data Service gt Status Service State ARP Tab Enable WiFi Enable Internet Web Access Enable QoS Enable UPnP
18. Start Hour of Day Specify the start hour of DST range from O to 23 in one day gt End Month Specify the end month of DST range from 1 to 12 in one year gt End Day of Week Specify the end weekday of DST range from Sunday to Saturday gt End Day of Week Last in Month Specify the order of end weekday in the month similar as Start Day of Week Last in Month gt End Hour of Day Specify the end hour of DST range from O to 23 in one day Page 72 of 82 TECHNOLOGIES 2 Auto Configuration Eltek R3601 W2 User Manual v 1 1 Choose Auto Configuration to load the following page System gt Time Management Configuration mode Enable NTP NTP Service Mode Primary NTP Server Secondory NTF Server Auto Configuration Manual Configuration Client Maximus 128 Character Maximus 128 Character Time Zone GMT 01 00 CET Germaryy Italy Switzerland Tunisia Ww Update Interval 60 36000 s default 3600 Daylight Saving Time Fj Offset Min Start Month Start Day of Week Start Day of Week Last in Month Start Hour of Day lo Stop Month Stop Day of Week Stop Day of Week Last in Month Stop Hour of Day lo Figure 3 101 Time Auto Configuration The following items are displayed on this screen gt Enable NTP gt NTP Service Mode Server Enable or disable NTP service Specify CPE role as NTP Client or both Client and gt Primary NTP Server Specify the primary NTP server for
19. Vendor Class Identifier Optional This option 60 is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client gt Enterprise Code Optional gt Manufacture Name Optional gt Device Class Optional gt Device Type Optional gt Device Version Optional 5 PPTP If your ISP Internet Service Provider has provided the account information for the PPTP connection please choose the PPTP connection type Page 12 of 82 TECHNOLOGIES Network gt WAN Eltek R3601 W2 User Manual v 1 1 Interface Name Enable VOICE Type VLAN Enable VLAN ID 1 4094 Priority Level e 0 7 Primary DNS Secondary ONS Static DHCP Appoint Server IP A Vendor Class Identifier Enterprise Code AAA Manufacture Name Ir Device Class Device Type OoOo Device Version fs Enable Encryption C Figure 3 11 WAN PPTP The following items are displayed on this screen gt Enable gt Type gt VLAN Enable Priority Level gt VLAN ID gt Priority Level gt Primary DNS gt Secondary DNS available enter it gt Server IP Username gt Password Enable this WAN interface DATA can t be disabled Select PPTP if your ISP provides a PPTP connection Optional Enable VLAN to configure VLAN ID and VLAN Optional VLAN ID of this WAN interface Optional VLAN Priority Level of this WAN interface Enter the IP address of your ISP s Pri
20. clear please consult your ISP It s not allowed to access the Internet via domain name if the Primary DNS field is blank Secondary DNS Optional If a Secondary DNS Server address is available enter it Username Enter the Account Name provided by your ISP If you are not clear please consult your ISP Password Enter the Password provided by your ISP Page 10 of 82 ite R3601 W2 User Manual vil TECHNOLOGIES Service Name AC Name Optional The service name and AC Access Concentrator name which should not be configured unless you are sure it is necessary for your ISP In most cases leaving these fields blank will work gt LCP Interval PPPoE will send an LCP echo request frame to the peer every LCP interval seconds gt LCP Max Fails PPPoE will presume the peer to be dead if LCP Max Fails LCP echo requests are send without receiving a valid LCP echo reply 4 L2TP If your ISP Internet Service Provider has provided the account information for the L2TP connection please choose the L2TP connection type WAN Network gt Interface Mame WOICE Enable Type VLAN Enable VLAN ID 1 4094 Priority Level 6 0 77 Primary DNS Secondary ONS static DHCP IP Address 138 1 60 1 Metmask 255 255 0 0 Gateway Ol 138 1 40 2 Server IP 0 0 0 0 se Figure 3 10 WAN L2TP The following items are displayed on this screen gt Enable Enable this WAN interface DATA can t be
21. describes the printer pou want to use Local printer attached to this computer Automatically detect and install my Plug and Play printer A network printer or a printer attached to another computer vo To setup a network printer that ts not attached to a print server JJ use the Local printer option Figure 3 115 Connecting local printer 3 Create a new port Select Create a new port and select Standard TCP IP Port Add Printer Wizard Select a Printer Port Computers communicate with printers through ports Select the port pon want your printer bo use IT the port is not listed you can create a ner port Use the following port Create a new port Type of port Figure 3 116 Create a new port Page 84 of 82 iE HK R3601 W2 User Manual vil TECHNOLOGIES 4 Add print device Click Next and add IP devices assuming the device IP is 192 168 1 1 Add Standard ICP IP Printer Port Wizard Add Port For which device do you want to add a port Enter the Printer Mame or IF address and a port name for the desired device Printer Name or IP Address 192 168 1 1 Port Name IP 192168 1 1 Cancel Figure 3 117 Add IP LAN devices 5 Configure printer port Select Custom click Settings to confirm the agreement as RAW R Page 85 of 82 ite R3601 W2 User Manual vil TECHNOLOGIES Add Standard CP IP Printer Port Wizard Additional Port Information Required The device could not b
22. disabled gt Type Select L2TP if your ISP provides a L2TP connection gt VLAN Enable Optional Enable VLAN to configure VLAN ID and VLAN Priority Level gt VLAN ID Optional VLAN ID of this WAN interface gt Priority Level Optional VLAN Priority Level of this WAN interface gt Primary DNS Enter the IP address of your ISP s Primary DNS Domain Name Server If you are not clear please consult your ISP It s not allowed to access the Internet via domain name if the Primary DNS field is blank Page 11 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Secondary DNS Optional If a Secondary DNS Server address is available enter it gt Server IP Enter the Server IP provided by your ISP Username Enter the Account Name provided by your ISP If you are not clear please consult your ISP Password Enter the Password provided by your ISP Secondary Connection Here allow you to configure the secondary connection DHCP and Static IP connection types are provided If Static is selected gt IP Address If Static IP is selected configure the IP address of WAN port gt Netmask If Static IP is selected configure the subnet mask of WAN port Gateway Optional If Static IP is selected configure the default gateway of WAN port If DHCP is selected gt Appoint Server IP Optional If network has multiple DHCP servers enter the IP address of your ISP s DHCP server gt
23. enter the Secondary DNS server address to be assigned gt Lease Time Second If Enable DHCP Server is selected specify the length of time the DHCP server will reserve the IP address for each client After the IP address expired the client will be automatically assigned a new one Advanced Parameter gt LAN Port Select the physical LAN port to bind the IP address of this LAN interface gt WAN Subinterface Select the WAN subinterface which the packet from this LAN interface can be sending to 2 Part 2 Configure LAN Route Bridge mode The following items are displayed on this part gt Port The physical LAN port name LAN1 LAN4 gt Route Bridge Mode of this physical LAN port The following four modes are provided Route route to WAN Transparent bridge not modify the packets Tagged bridge LAN untagged WAN tagged only 1 VID Supported Promisc Mode Tagged packets in bridge mode untagged packets in route mode most 5 VIDs supported e g 8 10 13 gt VLAN ID List If Tagged bridge Promisc Mode is selected configure the VID VIDs 3 Part 3 Configure IPTV Choose the menu Network LAN Advanced Parameters to load this page The following items are displayed on this part Page 16 of 82 TECHNOLOGIES gt LAN Isolate Check the box to prohibit the access between LAN interfaces gt Auto Bridge Check the box to dynamically create IPTV bridge for STB gt DHCP Vendor ID Vendor class identifier List DHCP
24. following items are displayed on this screen gt IP Filter If enabled packet filtering is enabled by MAC gt Policy The policy for MAC list Deny and Allow You can export all the MAC addresses as a file Of course you can also import a file Page 46 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 If you want to delete an entry select it and click the Del Click the Add button to add a new entry There are two ways to add MAC Artificial designated MAC You can manually enter a MAC Using Studying MAC You can choose one or more MAC devices learned DataService gt Filter Strategy gt MAC Filter Artificial designated MAC Using Studing MAC Studed MAC Selected List Figure 3 59 Adda MAC Filter Entry 3 4 4 6 IP amp MAC Binding Choose the menu Data Service Firewall Config IP amp MAC Binding to load the following page There are two ways to add a binding entry You can manually enter a pair of IP and MAC and then press Add Item Alternatively you can select a pair of IP and MAC in Scan List that device learned Page 47 of 82 ite R3601 W2 User Manual vil TECHNOLOGIES Data Service gt IP amp MAC Binding Scan List Binding List 192 168 1 121 00 0d 85 46 b4 1f 192 168 1 65 00 00 00 00 00 00 192 168 111 221 00 22 33 44 55 02 192 168 1 66 00 00 00 00 00 00 Figure 3 60 Configure IP amp MAC Binding 3 4 5QoS 3 4 5 1 Basic Settings QOS feature is enabled by de
25. gt Netmask Enter the Subnet Mask assigned by your ISP Gateway Optional Enter the Gateway assigned by your ISP 2 DHCP If your ISP Internet Service Provider assigns the IP address automatically please choose the DHCP connection type to obtain the parameters for WAN port automatically Page 8 of 82 Ete R3601 W2 User Manual vil TECHNOLOGIES Network gt WAN Interface Mame DATS Enable Type VLAN Enable VLAN ID 1 4094 Priority Level ao 0 71 Primary DNS Secondary DNS Vendor Class Identifier C Enterprise Code Ses Manufacture Name fl Device Class AM Device Type IO Device Version EAS Figure 3 8 WAN DHCP The following items are displayed on this screen gt Enable Enable this WAN interface DATA can t be disabled gt Type Select DHCP if your ISP assigns the IP address automatically gt VLAN Enable Optional Enable VLAN to configure VLAN ID and VLAN Priority Level gt VLAN ID Optional VLAN ID of this WAN interface gt Priority Level Optional VLAN Priority Level of this WAN interface gt Primary DNS Enter the IP address of your ISP s Primary DNS Domain Name Server manually If you are not clear please consult your ISP It s not allowed to access the Internet via domain name if the Primary DNS field is blank gt Secondary DNS Optional If a Secondary DNS Server address is available enter it gt Appoint Server IP Optional If network has multipl
26. role as NTP client gt Second NTP Server Specify the second NTP server for role as NTP client gt Time Zone gt Update Interval 3 5 2 Upgrade 3 5 2 1 Application Enter the local time zone Specify update interval for role as NTP client Firmware upgrade via WEB interface is available There are 2 steps to complete firmware updating 1 Choose menu System gt Upgrade then select the right firmware file click Upgrade wait a few minutes for firmware downloading and programming 2 Choose menu System gt Reboot then click Reboot button to reset the device 3 5 2 2 Configuration 3 5 2 2 1 Update Configuration Configuration updating via WEB interface is available There are 2 steps to complete configuration updating Page 73 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 1 Choose menu System gt Upgrade then select the right configuration file click Upgrade wait a few seconds for downloading and programming 2 Choose menu System Reboot then click Reboot button to reset the device 3 5 2 2 2 Export Configuration Configuration exporting via WEB interface is available Click the Export Configuration File to export the configuration file Web interface configuration index System gt Upgrade gt Configuration 3 5 3 Reboot System Choose menu System gt Reboot then click Reboot button to reset the device 3 5 4 Backup Restore Choose the menu System Backup Res
27. to this PPTP server gt Description Enter the humane readable description for this account 3 4 7 3 L2TP Server Choose the menu Data Service gt VPN gt L2TP Server to load the following page Enable L2TP Server Local IP IP Address Pool Range Enable Authtication Enable Debug Data Service gt L2TP Server 192 168 1 1 192 168 1 200 to 192 168 1 240 Auth Secret 123456 1 127 Characters O IT Index Username IP Description l2tp_userl 192 168 1 206 test Total 1 Pages 1 Rows Add Del Index Username IP State Total O Pages 0 Rows Figure 3 76 Configure L2TP Server The following items are displayed on this screen gt Enable L2TP Server Enable or disable the L2TP server function globally gt Local IP Enter the local IP address of L2TP server gt IP Address Pool Range Specify the start and the end IP address for IP Pool The start IP address should not exceed the end address and the IP ranges must not overlap gt Enable Authentication Specify whether to enable authentication for the tunnel If enabled enter the authentication secret gt Enable Debug Specify whether to enable the debug for L2TP Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 58 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Description Figure 3 77 Add or Modify L2TP Clien
28. 01 W2 User Manual v 1 1 Enable Page Push Push Http Url Figure 3 52 Configure Page Push The following items are displayed on this screen gt Enable Page Push If enabled push specified HTTP page to the browser when accessing the Internet for the first time gt Push Http Url Specifies the HTTP URL of the page you want to push 3 4 4 4 Network Access Ctrl 3 4 4 4 1 WEB Choose the menu Data Service gt Firewall Config Netword Access Ctrl AWER to load the following page Data Service gt Network Access Ctrl HTTP Port 165535 HTTPS Port 165535 Internet Web Access Allow Access IP Limit L Intranet Web Access Allow Access IP Limit Fi Figure 3 53 Configure WEB Access Ctrl The following items are displayed on this screen gt HTTP Port Port used with HTTP access device HTTP Hypertext Transfer Protocol Port used with HTTPS access device HTTPS it is the result of simply layering the Hypertext Transfer Protocol HTTP on top of the SSL TLS protocol Internet Web Access gt Allow Access If enabled allow user to access the device from the Internet via WEB gt HTTPS Port Page 42 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt IP Limit If enabled allow only specific IP range to access the device from the Internet via WEB gt IP Range If IP Limit enabled specifies the IPv4 address range that is only allowed to access to the device from the Internet via WEB gt IPv6
29. 1 3 4 8 1 Static Route 3 4 8 1 1 IPv4 Choose the menu Data Service Routing Static Route IPv4 to load the following page Data Service gt Static Route Ipei Enable Destination IP Netmask Next Hop Type Next Hop Interface Next Hop Address il 2 3 4 5 6 7 8 9 gl lol lol lol fol so lol lol fol le De po De De De De De De 3 e H e Le es Le kl ea De De po De Ki De Des De Des e lt KA o Figure 3 86 Configure IPv4 Static Route The following items are displayed on this screen gt Enable Select it to add and modify the current route Conversely disable the current route gt Destination IP Enter the destination host the route leads to gt Netmask Enter the Subnet mask of the destination network gt Next Hop Type Include Next Hop Interface and Next Hop Address see following option gt Next Hop Interface Specify the interface of next hop for current route gt Next Hop Address Specify the address of next hop for current route gt Valid Show the status of current route 3 4 8 1 2 IPv6 The menu IPV6 is hidden if you don t enable Ipv6 stack please refer to configuration index Network IPv 6 for detail setting Choose the menu Data Service Route Static Route IPv6 to load the following page Page 65 of 82 wean Aas Eltek R3601 W2
30. 60 option support at most two vendor IDs Eltek R3601 W2 User Manual v 1 1 gt IPAddress IP address of interface for STB data service gt Netmask Subnet mask of interface for STB data service gt VID VID of IPTV VLAN gt PRI Priority level of IPTV VLAN gt Automatic Check the box to automatically detect the VID of STB data service 3 3 4 WLAN Wi Fi is a WLAN Wireless Local Area Network technology It provides short range wireless high speed data connections between mobile data devices such as laptops PDAs or phones and nearby Wi Fi access points special hardware connected to a wired network 3 3 4 1 Basic Settings Choose the menu Network WLAN Basic Settings to load the following page Network gt WLAN Basic Settings Enable WiFi Channel Wireless Mode 11b g n E Channel Width Enable SSID Name Bind Interface Enable Broadcast Isolated LAN Isolated Max Client SSID1 Eltek 0 09AD21 VLANI v O O ai man D z SSID3 O 2 SSID4 O SSID AP Isolated O Figure 3 14 Configure WIFI Basic Settings The following items are displayed on this screen gt Enable WiFi Enable or disable the WIFI AP function globally gt Channel This field determines which operating frequency will be used The default channel is set to AutoSelect so the AP will choose the best channel automatically It is not necessary to change the wireless channel unless you notice interference
31. EIENEE 0 0 0 0 24 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 192 168 1 1 80 Foreign Address 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 192 168 1 1 2742 192 168 1 1 2739 192 168 1 1 2746 192 168 1 1 2744 192 168 1 1 2766 192 168 1 1 2740 192 168 1 1 2753 192 168 1 1 2752 192 168 1 1 2743 192 168 1 1 2750 192 168 1 1 2751 192 168 1 1 2749 192 168 1 1 2748 Eltek R3601 W2 User Manual v 1 1 State TCP_LISTEN TCP_LISTEN TCP_LISTEN TCP_LISTEN TCP_LISTEN TCP_LISTEN TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_ESTABLISHED TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT TCP_TIME_WAIT 192 168 1 1 2755 TCP_TIME_WAIT lt lt lt a 2 gt gt gt Total 2 Pages 40 Rows Figure 3 33 Net State 3 4 2 DHCP Server 3 4 2 1 Static Address Assign Choose the menu Data Service DHCP Server Static Address Assign and then you can view and add address which is assigned for clients When you specify a static IP address for a client on the LAN that client will always receive the same IP address each time when it accesses the DHCP server The Reserved IP addresses should be assigned to the devices that require permanent IP settings Data Service gt DHCP Server St
32. Eltek R3601 W2 SFP Gigabit Ethernet WLAN 11in Gateway Eltek R3601 W2 User Manual OS DAAA 60 AR e R3601 W2 User Manual Version R3601 W2 V 1 2 Contact Eltek Technologies AG Glatt Tower Postfach CH 8301 Glattzentrum E Mail info eltektec com Web www eltektechnologies com Copyright Copyright by Eltek Technologies Ltd Switzerland All rights are reserved No Part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Eltek Technologies Ltd Switzerland Disclaimer Eltek Technologies Ltd Switzerland reserves the right to change the document from time to time at its sole discretion and not to make the notice to anyone in advance Preface Brief Introduction This manual provides technical information on how to configure and operate application for your R3601 W2 unit Chapter 1 Provides an overview of R3601 W2 Chapter 2 Introduces the product Chapter 3 Introduces the configuration via WEB based Management Intended Audience System administrators Network engineers and Maintenance technicians Style Convention Table 1 Style convention used in this manual Multi level catalogs or menus are separated by character For instance file new directory means the menu item directory in menu new which in turn in the menu file Used to highlight important area in diagrams Indicates the input data fro
33. IBM Infotec latest HP Laselet 2100 HIE a d d dE dh d ki ES This diver ts digitally signed Windows Update Tell me why diver signing ls important Figure 3 119 Add Printer Driver Page 87 of 82
34. If IP Limit enabled specifies the IPv6 address range that only allow access to the device from the Internet via SSH Intranet Web Access gt Allow Access If enabled allow access to the device from the Intranet via SSH gt IP Limit If enabled allow only specific IP range to access the device from the Intranet via SSH Page 44 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt IP Range If IP Limit enabled specifies the IPv4 address range that only allow access to the device from the Intranet via SSH gt IPv6 Range If IP Limit enabled specifies the IPv6 address range that only allow access to the device from the Intranet via SSH 3 4 4 5 Filter Strategy Each sub page under this page is used to filter Internet access 3 4 4 5 1 Keyword Filter Choose the menu Data Service Firewall Config Filter Strategy Keyword Filter to load the following page Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Data Service gt Filter Strategy a a IS PASA RITA TERRA Keyword Filter IP Filter MAC Filter Keyword Filter Y Policy Deny V Index Keyword 1 terrorist 1 Total 1 Pages 1 Rows Figure 3 56 Configure Keyword Filter The following items are displayed on this screen Keyword Filter If enabled packet filtering is enabled by keyword gt Policy The policy for filtering web page D
35. Land Based Defense The Land Denial of Service attack works by sending a spoofed packet with the SYN flag used in a handshake between a client and a Page 37 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 host set from a host to any port that is open and listening If the packet is programmed to have the same destination and source IP address when it is sent to a machine via IP spoofing the transmission can fool the machine into thinking it is sending itself a message which depending on the operating system will crash the machine Check the box to enable Land Based Defense gt Enable Ping Of Death Defense Ping of death is a denial of service DoS attack caused by an attacker deliberately sending an IP packet larger than the 65 536 bytes allowed by the IP protocol Check the box to enable Ping of Death Defense Enable Teardrop Defense Teardrop is a program that sends IP fragments to a machine connected to the Internet or a network Check the box to enable Teardrop Defense gt Enable Fraggle Defense A fraggle attack is a variation of a Smurf attack where an attacker sends a large amount of UDP traffic to ports 7 echo and 19 chargen to an IP Broadcast Address with the intended victim s spoofed source IP address Check the box to enable Fraggle Defense gt Enable Smurf Defense The Smurf Attack is a denial of service attack in which large numbers of Internet Control Message Protocol ICMP packe
36. M Sunday Figure 3 49 Add or Modify Access Control Entry The following items are displayed on this screen gt Action Policy Read only gt Enable Rule gt Description gt Source IP Range e g 192 168 1 23 Enable The policy of this entry Allow or Deny It is the inverse of or disable this rule Enter a description string for this rule Enter the source IP range in dotted decimal format gt Destination IP Range Enter the destination IP range in dotted decimal format e g 192 168 1 23 Service Name page gt Active Time gt Active Day 3 4 4 3 2 Choose a service type that defined in Service Type Specify the time range for the entry to take effect Specify the day range for the entry to take effect User Authentication This sub page is used to control Internet access through username and password Choose the menu Data Service gt Firewall Config Internet Access Ctrl gt User Authentication to load the following page DataService gt Internet Access Ctrl trol User Authentication E Enable User Authentication Index 1 Password gktel Username gaoke 1 Total 1 Pages 1 Rows Add Figure 3 50 Del View User Authentication Entry The following items are displayed on this screen Page 40 of 82 AN Eltek R3601 W2 User Manual v 1 1 gt Enable User Authentication Enable or disable user authentication globally If enabled only the following l
37. M Full Duplex 100M Half Duplex 100M Full Duplex 1000M Full Duplex Auto Negotiation gt Current Status Current link status of all physical ports Read only Page 27 of 82 Ete K R3601 W2 User Manual vil TECHNOLOGIES 3 3 7 IPv6 Configuration Choose the menu Network IPv6 to load the following page IP Stack Version IPv4 ve v WAR Configuration Enable WAN Access Mode IF w Link Local Address Global Unicast Address Default Gateway Address DNS O Enable DHCP PD LAN Configuration Enable LAN Link Local Address Globe Unicast Address Enable DHEF FD is Required Address Auto Allocate Mode Manual Allocate Address Prefix Po Prefix Life Time 0 65535 O no limited Default Gateway Life Time 0 65535 O not as default route Figure 3 29 Configure IPv6 The following items are displayed on this screen gt IP Stack Version Choose the IP stack version to use Provides the following three types IPv4 IPv6 IPv4 v6 WAN Configuration gt Enable WAN If IPv6 or IPv4 v6 is chosen select this to enable IPv6 stack on WAN gt Access Mode Select access mode of WAN IP or PPP gt Link Local Address Select type of Link Local address Auto or Manual If Manual is selected you should specify address manually gt Global Unicast Address Stateless Manual DHCPv6 If Manual is selected you should specify address manually gt Default Gateway Address Stateless Manual If Manual is selected you
38. N port Choose the menu Network LAN to load the following page There are three parts on this page Network gt LAN F Interface Name IP Netmask LAN Bind WAN Bind WLAN1 192 168 1 1 alan 1 2 3 4 D Total 1 Pages 1 Rows WAN Bind Note D DATA V VOICE M MGMT O1 OTHER1 O2 OTHER2 Add Del Route Bridge LAN ID List Note Message Route ES Fotoiou to WAN PESAN I Transparent bridge not modify the packets Route Eas Tagged bridge LAN untagged WAN tagged Route IT Promise Mode Tagged packets in bridge mode oute untagged packets in route mode most 5 VIDs supported e g 8 10 13 Advanced Parameters OO LAN Isolate STB Data Service IPTY LAN IPAddress Netmask VID Automatic L 7 192 168 111 1 255 255 255 0 albis sagen e k Auto Bridge DHCP Vendor ID STB Data LAN Page 14 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Figure 3 12 LAN page 1 Part 1 Configure LAN interfaces Click the Interface Name of existent LAN interface you want to modify If you want to delete the entry select it and click the Del the VLAN1 is default existed can t be removed Click the Add button to add a new entry Network gt LAN gt Static IP Interface Name S IP Address l MAT Assign M i Ip O Enable DHCP Server Primary DNS Secondary ONS fs Lease TimelSecond Advanced Parameter LAN Port LANI LANZ LAN LAN4 WAN Subinterface DATA VOICE MGMT OTHER1 OTHER2
39. NOTIFY via Multicast and DLNA clients can search DLNA servers by sending M SEARCH via Multicast http en wikipedia org wiki Digital Living Network Alliance cite note 5 Choose the menu Data Service gt Advanced Parameters UPnp Parameter to load the following page Data Service gt UPnP Parameter Enable UPnP Upstream Interface VLANI Downstream Interface SIE Figure 3 94 Configure UPnp The following items are displayed on this screen Page 69 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Enable UPnP Enable or disable the UPnP function globally Upstream Interface The network interface connected to the DLNA server gt Downstream Interface The network interface connected to the DLNA client 3 4 10 Multicast Choose the menu Data Service gt Multicast to load the following page Enable IGMP Proxy F Figure 3 95 Configure Multicast The following items are displayed on this screen gt Enable IGMP Proxy Enable or disable the IGMP proxy function globally Currently IGMP proxy is mainly used for IPTV 3 4 11 USB Storage USB Storage function let Windows OS share files of USB storage mounted on embedded device by Samba and ftp 1 User Management Manage the list of users which access USB storage Choose menu Data Service USB Storage to load the following page DataService gt USB Storage User Management O Index Username Access Right O 1 gaoke Read F
40. P Default is disable This parameter is valid when you select WPA2 or WPA WPA2 gt Rasius Server IP Enter the IP address of the Radius Server gt Rasius Server Port Enter the port that radius service used gt Shared Seret Enter the password for the Radius Server Page 20 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Session Timeout Specify the session timeout in seconds Enter O to not limit the timeout 3 3 4 3 WPS Wi Fi Protected Setup WPS originally Wi Fi Simple Config is a computing standard that attempts to allow easy establishment of a secure wireless home network WPS currently supports two methods Personal Information Number PIN and Push Button Configuration PBC The difference between the two methods is much pretty described in their names The PIN method involves entering a client device PIN obtained either from a client application GUI or a label on a device into the appropriate admin screen on a Registrar device The PBC method requires the user to push buttons on the Registrar and Client devices within a two minute period to connect them The two minute period also applies to the PIN method The buttons can be physical as they typically are on AP router devices or virtual as is normal on client devices Choose the menu Network WLAN WPS to load the WPS page 1 PIN Mode If PIN mode is selected the following page is loaded Enable WPS WPS Mode i PIN ppc DIN Set
41. Powerisoff O SS Solid Green Device Is running INTERNET Green connection authenticate failed Se ii Solid Green is Up No optical signal is detected Solid Green Optical signal is detected No Ethernet signal is detected kaf Zeng ted data going through Ethernet Solid Green Ethernet interface is ready to work No Ethernet signal is detected User data going through Ethernet LAN1 LANG Flash Green port Solid Green Ethernet interface is ready to work Page 2 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Figure 2 2 R3601 W2 Rear View WAN 1000 100 10Mpbs ethernet ports LAN 1000 100 10Mpbs ethernet ports SFP Gigabit fiber interface SD Interface for SD card optional POWER DC power input connector Reset button Use the button to restore the device to the factory defaults WPS WIFI WPS switch 2 2 Hardware Interface Table 2 2 Hardware interface LAN 4 100 1000BASE T ports WAN 1 FE ethernet port or 1 GE optical port WIFI 4 WIFI access point support 802 11b g n 1 Gigabit fiber interface USB 1 USB 2 0 port use for storage or 3G modem 2 3 Features Data Network WAN 1xGE 1xSFP and 1xUSB port for 2G 3G USB Modem Connectivity LAN 2x10 100 1000 Mbps Ethernet Port WAN Access Mode Static IP address PPPoE DHCP PPTP and L2TP Networking Interface Multi WAN Bridge Mode 802 10 QOS Destination Source MAC IP Application DSCP Supports Bandwidth Control Advance Routing S
42. Proposal3 El testi L Enable Safety Proposal4 test3 Figure 3 85 Add or Modify IPSEC Safety Policy Entry The following items are displayed on this screen gt Enable Ipsec Enable or disable this IPSEC entry gt IPSEC Policy Name Specify a unique name to the IPSEC policy gt Select Interface Specify the local WAN port for this Policy gt VPN Mode Select the network mode for IPSEC policy Options include Site To Site Select this option when the client is a network PC to Site Select this option when the client is a host gt Local Subnet IP Local Subnet Netmask Specify IP address range on your local LAN to identify which PCs on your LAN are covered by this policy gt Remote Address If PC to Site is selected specify IP address on your remote network to identify which PCs on the remote network are covered by this policy Remote Subnet IP amp Remote Subnet Netmask Specify IP address range on your remote network to identify which PCs on the remote network are covered by this policy gt IKE Safety Policy Specify the IKE policy If there is no policy selection add new policy on VPN IPSec IKE Safety Policy page gt Enable Safety Prososal If enabled Select IPSEC Proposal If there is no policy selection add new IPSEC proposal on VPN IPSec IPSEC Safety Proposal page Up to four IPSEC Proposals can be selected Page 64 of 82 TECHNOLOGIES 3 4 8 Routing Eltek R3601 W2 User Manual v 1
43. Range If IP Limit enabled specifies the IPv6 address range that is only allowed to access to the device from the Internet via WEB Intranet Web Access gt Allow Access If enabled allow user to access the device from the Intranet via WEB gt IP Limit If enabled allow only specific IP range to access the device from the Intranet via WEB gt IP Range If IP Limit enabled specifies the IPv4 address range that is only allowed to access the device from the Intranet via WEB gt IPv6 Range If IP Limit enabled specifies the IPv6 address range that is only allowed to access the device from the Intranet via WEB 3 4 4 4 2 TELNET Choose the menu Data Service Firewall Config Netword Access Ctri TELNET to load the following page Data Service gt Network 4ccess Ctrl WEB TELNET SSH_ Port on 1 65535 Internet Telnet Access Allow Access IP Limit L Intranet Telnet Access Allow Access IP Limit d Figure 3 54 Configure Telnet Access Ctrl The following items are displayed on this screen gt Port Port when using telnet tools access device Internet Web Access gt Allow Access If enabled allow access to the device from the Internet via telnet gt IP Limit If enabled allow only specific IP range to access the device from the Internet via telnet gt IP Range If IP Limit enabled specifies the IPv4 address range that only allow access to the device from the Internet via telnet gt IPv6 Rang
44. Supported Click the Save button when finished 3 5 7 System Log 3 5 7 1 Log Config Choose the menu System System Log Log Config to load the following page System gt System Log Log Config Log Display og Display Log Level INFO Log Content ALARM LOGIN NMS VOICE Dar LJ OTHER Local Log Enable Remote Log Enable E Log Server IP US t Figure 3 107 Configure System Log The following items are displayed on this screen gt Log Level By selecting the log level only logs of this level will be shown gt Log Content By selecting the log content only logs of selected content will be shown gt Local Log Enable Check this box to enable local log function gt Remote Log Enable Check this box to enable remote log function the logs will be send to the Log Server gt Log Server IP Enter the IP address of the Log Server gt Log Server Port Enter the port that Log service used Click the Save button when finished 3 5 7 2 Log Display Choose the menu System System Log Log Display to load the following page Page 77 of 82 TECHNOLOGIES System gt System Log Log Display 1 1 1 1 1 1 1 1 1 1 1 1 1 1 742 ralink 52 ralink 02 ralink 13 ralink 23 ralink 33 ralink 43 ralink 53 ralink 03 ralink 13 ralink 23 ralink 133 ralink 43 ralink 53 ralink local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice
45. TS Threshold Here you can specify the RTS Request to Send Threshold If the packet is larger than the specified RTS Threshold size the device will send RTS frames to a particular receiving station and negotiate the sending of a data frame The default value is 2347 gt Transmit Power Here you can specify the transmit power of device 100 is the default setting and is recommended Page 22 of 82 TECHNOLOGIES gt Enable WMM Enable or disable the WIFI WMM function globally WMM function can guarantee the packets with high priority messages being transmitted preferentially It is strongly recommended enabled Eltek R3601 W2 User Manual v 1 1 3 3 4 5 Clients Info Choose the menu Network gt WLAN gt Clients Info to load the following page Network gt WLAN gs Clients Info MAC Filtering MAC AID Bandwidth SSID 00 66 4b 2e 00 52 il 20MHz Eltek 11 1 Total 1 Pages 1 Rows Figure 3 21 View Wifi Clients Info This page shows all connected WIFI client information read only The following items are displayed on this screen gt MAC The MAC address of this client entry gt AID The AID Association ID field is a value assigned by an AP during association that represents the 16 bit ID of a STA gt Bandwidth Band width this client entry used gt SSID The SSID this client entry used when connecting WIFI 3 3 4 6 MAC Filtering You can control the wireless access by configuring the Wireless MAC Filterin
46. User Manual v 1 1 IPv6 Enable Destination IPv6 Prefix Length Next Hop Type Next Hop Interface Next Hop Address Valid 1 WM 2010 20c 29ff fe85 a330 64 Interface m WAN v Invalid 2 E y 64 Interface v WAN 3 O y 64 Interface WAN 4 o y 64 Interface WAN 5 A y 64 Interface WAN 6 O y 64 Interface WAN Fi O y 64 Interface WAN g oO y 64 Interface WAN 9 D y 64 Interface v WAN 10 O y 64 Interface WAN Figure 3 87 Configure IPv6 Static Route The configuration options of Ipv6 is similar to Ipv4 the prefix length is equal to mask of Ipv4 address 3 4 8 2 Policy Route Choose the menu Data Service Route Policy Route to load the following page Data Service gt Policy Route O Index Enable Src IP Range Dst IP Range Dst Port Range Next Hop Active Time O al YES 192 168 1 100 192 168 1 200 210 10 10 3 210 10 10 50 1000 2000 DATA TimelInfo 1 Total 1 Pages 1 Rows Add Del Figure 3 88 View Policy Route Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry DataService gt Policy Route Enable PolicyRoute Next Hop Type Interface e Interface DATA Y Protocol ALL na Source IP 192 168 1 100 to 192 168 1 200 Destination IP 210 10 10 3 to 210 10 10 60 Destination Port 1000 to 2000 O 65535 Active Time 00 00 23 59 bb mm Active Day Gei ell il Monday MlTuesday lM Wednesday
47. acters gt Auth Algorithm Select the algorithm used to verify the integrity of the data Options include MD5 MD5 Message Digest Algorithm takes a message of arbitrary length and generates a 128 bit message digest SHA SHA Secure Hash Algorithm takes a message less than the 64th power of 2 in bits and generates a 160 bit message digest 3 4 7 4 4 IPSEC Safety Policy In this table you can view the information of IPSEC policy Choose the menu Data Service VPN IPSec IPSEC Safety Policy to load the following page Data Service gt VPN gt IPSec Index Policy Name Enable IPSEC Interface PN Mode Local Subnet Remote Address Remote Subnet O al test Enable DATA Site2Site 192 166 1 1 255 255 255 0 10 0 2 3 10 0 1 1 255 255 0 0 Total 1 Pages 1 Rows Add Del Figure 3 84 View IPSEC Safety Policy Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 63 of 82 Deene geg Eltek R3601 W2 User Manual v 1 1 Data Service gt YPI Enable Ipsec IPSEC Policy Name Maximum 128 Characters Select Interface DATA WAN ae VPN Mode Site To Site PC To Site Local Subnet IP Local Subnet Netmask Remote 4ddress TIP Address or Domain Name Remote Subnet IP Remote Subnet Netmask IKE Safety Policy Enable Safety Proposall Enable Safety Proposal dl testi Enable Safety
48. al up authentication CHAP PAP Auto are provided Default is Auto Page 25 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt DNS The default is obtained from the dial up network devices automatically You can also configure DNS manually gt TCP MSS Configure TCP maximum segment we recommend using the default value gt MTU Configure 3G link MTU the default value is recommended gt Data Link Backup When enabled if WAN uplink port is disconnected the routing switches to the 3G link gt Heartbeat Address Set the heartbeat detecting address of the link the default configuration is not required 3 Status status Device Status Ready SIM Card Status Ready Product Name E353 Manufacturer Name huawel SP Mame CHA CUGSM 17 Signal Quality ai Connection Status Connected Figure 3 26 Configure 3G Modem Status The following items are displayed on this screen gt Device Status Indicates whether to insert 3G module gt SIM Card Status Indicates whether to insert 3G modem in the SIM card the ready state means the SIM card is detected gt Product Name 3G modem Product Type gt Manufacturer Name 3G modem vendor name gt SP Name 3G modem service provider name gt Signal Quality Signal quality of 3G Modem up to 31 gt Connection Status Connected or disconnected 3 3 6 Port Management 3 3 6 1 Port Mirror Port Mirror the packets obtaining technology functions to forward copies of
49. atic Address Assign E at e O Index Netmask MAC Description O 1 192 168 0 30 laa a 01 02 03 04 05 06 Clienti Total 1 Pages 1 Rows Add Figure 3 34 View Static Address Assign Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 31 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Data Service DHLP Client IP Address For example 192 168 0 30 Client Mask For example 255 255 0 0 Client MAC For example 01 02 03 04 05 06 Description Clienti sd save Return Figure 3 35 Add or Modify An Static Address Assign Entry The following items are displayed on this screen gt Client IP Addres The IP address reserved gt Client Mask The subnet mask of IP address reserved gt Client MAC The MAC address you want to reserve IP address gt Description The description of the entry to add or modify 3 4 2 2 Status Choose the menu Data Service DHCP Server gt Status and then you can view the information about the clients attached to the DHCP server IP MAC Host Name 192 168 111 220 00 66 4b 2e 00 52 android 317afa14157 17027 Total 1 Pages 1 Rows Figure 3 36 DHCP Client Status 3 4 2 3 DHCP Relay A DHCP relay agent is any host that forwards DHCP packets between clients and servers Relay agents are used to forward requests and replies between clients and servers when they are not
50. blic IP 10 0 11 11 t DMZ Private IP 197 168 1 2 2 Figure 3 43 Add or Modify DMZ Entry The following items are displayed on this screen gt DMZ Public IP The public IP address for this DMZ entry gt DMZ Private IP The private IP address for this DMZ entry gt Description Enter a description string for this DMZ entry 3 4 3 4 ALG Settings Application Layer Gateway ALG allows customized Network Address Translation NAT traversal filters to be plugged into the gateway to support address and port translation for certain application layer control data protocols such as FTP H 323 PPTP etc Choose the menu Data Service gt NAT Config ALG Settings to load the following page Data Service gt LG Parameter Enable SIP F Enable H323 Enable FTP Enable PPTP Enable RTSP Server Port 1 65535 Figure 3 44 ALG Settings The following items are displayed on this screen gt Enable SIP Enable or disable SIP ALG gt Enable H323 Allow Microsoft NetMeeting clients to communicate across NAT if selected gt Enable FTP Allow FTP clients and servers to transfer data across NAT if selected gt Enable PPTP Enable or disable PPTP ALG gt Enable RTSP Enable or disable RTSP ALG Page 36 of 82 TECHNOLOGIES 3 4 4 Firewall Config Eltek R3601 W2 User Manual v 1 1 3 4 4 1 Attack Defense With Attack Defense function enabled the device can distinguish the malicious packets and prevent the port scanning f
51. dity 5 95 RH no coagulation Page 4 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 3 Configuration Introduction 3 1 Login The Web interface is ready for accessing about one minute after the device power on The default LAN IP address is 192 168 100 1 you can access the Web interface via either WAN port or LAN port Enter IP address in the address bar of web browser and then press ENTER you can get access to the Login interface There are two languages provided Chinese and English ELTEK R3621 W2 v1 1 16 Password Language English Figure 3 1 Login Interface 3 2 Home After successful login you will see the main menus on the top of the Web based GUI The System Status page provides the current status information about the Gateway All information is read only Choose the menu Home to load the following page Page 5 of 82 TECHNOLOGIES Home Network Eltek R3601 W2 User Manual v 1 1 System Statuz Serial Humber Software Version CDU Usage tel Memory Usage used total System Time Uptime WAN MAC address Connection Mode IP Address Hotmask Default Gateway DNS LAN MAC Address IP Address Hetmask 1111111111 R3621 441_4M_w1 1 7 D 47 2000 01 02 00 01 44 01 Day 00 Hour 01 Min 00 0e b4 09 ad 20 Static IP 10 55 1 1 253 235 0 0 00 00 b4 09 4d 21 192 168 1 1 ZO dn 2 O autorefresh
52. e If IP Limit enabled specifies the IPv6 address range that only allow access to the device from the Internet via telnet Page 43 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Intranet Web Access gt Allow Access If enabled allow access to the device from the Intranet via telnet gt IP Limit If enabled allow only specific IP range to access the device from the Intranet via telnet gt IP Range If IP Limit enabled specifies the IPv4 address range that only allow access to the device from the Intranet via telnet gt IPv6 Range If IP Limit enabled specifies the IPv6 address range that only allow access to the device from the Intranet via telnet 3 4 4 4 3 SSH Choose the menu Data Service Firewall Config Netword Access Ctri SSH to load the following page Port EE Internet SSH Access Allaw Access F IF Limit Intranet SSH Access Allow Access IF Limit d IPv Range 2001 60 2001 ffff Figure 3 55 Configure SSH Access Ctrl The following items are displayed on this screen gt Port Port when using SSH tools access device Internet Web Access gt Allow Access If enabled allow access to the device from the Internet via SSH gt IP Limit If enabled allow only specific IP range to access the device from the Internet via SSH gt IP Range If IP Limit enabled specifies the IPv4 address range that only allow access to the device from the Internet via SSH gt IPv6 Range
53. e 3 82 View IPSEC Safety Proposal Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Data Service gt VPN gt IPSec Proposal Name Maximum 128 Characters IPSec Protocol ESF w Encryption Algorithm 3DES ka Auth Algorithm SHA1 ka Figure 3 83 Add or Modify IPSEC Safety Proposal Entry The following items are displayed on this screen Page 62 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Proposal Name Specify a unique name to the IPSEC Proposal for identification and management purposes The IPSEC proposal can be applied to IPSEC policy gt IPSec Protocol Select the security protocol to be used Options include AH AH Authentication Header provides data origin authentication data integrity and anti replay services ESP ESP Encapsulating Security Payload provides data encryption in addition to origin authentication data integrity and anti replay services ESP AH Both ESP and AH security protocol gt Encryption Algorithm Select the algorithm used to encrypt the data for ESP encryption Options include DES DES Data Encryption Standard encrypts a 64 bit block of plain text with a 56 bit key The key Should be 8 characters 3DES Triple DES encrypts a plain text with 168 bit key The key should be 24 characters AES Uses the AES algorithm for encryption The key Should be 16 char
54. e DHCP servers enter the IP address of your ISP S DHCP server gt Vendor Class Identifier Optional This option 60 is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client gt Enterprise Code Optional gt Manufacture Name Optional gt Device Class Optional Page 9 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Device Type Optional gt Device Version Optional 3 PPPoE If your ISP Internet Service Provider has provided the account information for the PPPoE connection please choose the PPPoE connection type Used mainly for DSL Internet service WAN Network gt Interface Name VOICE Enable Type VLAN Enable VLAN ID 1 4094 Priority Level ke 0 7 Primary DNS Secondary ONS Lisername 123 Password eee ES Service Name LCP Interval 1 3000 default 10 LCP Max Fails 1 10 default 5 Figure 3 9 WAN PPPoE The following items are displayed on this screen gt Enable Enable this WAN interface DATA can t be disabled gt Type Select PPPOE if your ISP provides xDSL Virtual Dial up connection gt VLAN Enable Optional Enable VLAN to configure VLAN ID and VLAN Priority Level gt VLAN ID Optional VLAN ID of this WAN interface gt Priority Level Optional VLAN Priority Level of this WAN interface gt Primary DNS Enter the IP address of your ISP s Primary DNS Domain Name Server manually If you are not
55. e Identifier ELTEK R3621 W1 Enable Couble Register Server Backup Server 4ddress or Domain Tae MAS i Backup Server Part 162 A ic Registration Status Failed Figure 3 110 Configure SNMP The following items are displayed on this screen gt Register Enable Check this box to enable SNMP register gt Server Address or Domain Enter the IP address or domain name of register server gt Server Port Enter the port of Register Server gt TRAP Message Interval Set the sending interval between TRAP messages gt Regional Identity Set the identity of regional gt Device Identifier Set the identifier of device gt Enable Double Register Server Check this box to enable backup Register Server Page 80 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Backup Server Address or Domain Enter the IP Address or Domain Name of Backup Register Server gt Backup Server Port Enter the port of Backup Register Server gt Registration Status The status of registration Read only Click the Save button when finished Click Refresh button to refresh the web page 3 5 10 User Access Right If the permission level of login user is Super you can see this web page On this page you can change the access right of the user to access the web pages Choose the menu System User Access Right to load the following page System gt User Access Right Username Access Detail admin detail guest detail Fi
56. e identified Configure Standard TCP IP Port Monitor Port Settings The device ts not found on the network 1 The device ts turned on EGET 2 The network e connected Port Mame IP 192 165 1 1 A The device is properly configured l d The address e he GE page is Printer Name or IP Address 132 165 1 1 Protocol IF you think the address is not correct clic the address and perform another search d Raw LPR select the device type below Device Type Rar Settings Port Number Standard Genenc Network Car Co Custom LPR Settings Queue Name LPR Byte Counting Enabled SNMP Status Enabled Community Name public SNMF Device Index 17 Figure 3 118 Configuer printer port 6 Add Printer Driver According to the printer manufacturer and printer type select the appropriate driver If the computer has not printer driver you need to install the printer driver After adding the printer you can print through the USB printer Page 86 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Add Printer Wizard Install Printer Software The manufacturer and model determine which printer software to use A ech Select the manufacturer and model of your printer JE your printer came with an installation disk click Have Disk IF your printer 13 not listed consult your printer documentation hor compatible printer software Manufacturer Printers Gestetner HP
57. eny and Allow You can export all the keywords as a file Of course you can also import a file 3 4 4 5 2 IP Filter On this page you can control the Internet access of local hosts by specifying their IP addresses Choose the menu Data Service gt Firewall Config Filter Strategy IP Filter to load the following page Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 45 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Data Service gt Filter Strategy IP Filter IP Filter M Policy Index IPv4 S 192 168 1 222 1 Total 1 Pages 1 Rows Import Fle HE ASEH Figure 3 57 Configure IP Filter The following items are displayed on this screen gt IP Filter If enabled packet filtering is enabled by IP address gt Policy The policy for IP address list Deny and Allow You can export all the IP addresses as a file Of course you can also import a file 3 4 4 5 3 MAC Filter On this page you can control the Internet access of local hosts by specifying their MAC addresses Choose the menu Data Service Firewall Config Filter Strategy MAC Filter to load the following page Data Service gt Filter Strategy Keyword Filter IP Filter MAC Filter MAC Filter policy O Index MAC F 1 00 11 22 33 44 55 Total 1 Pages 1 Rows Import Fie HE AIS Figure 3 58 Configure MAC Filter The
58. ets file Click clean to delete all the packets file Click Refresh button to refresh the web page 3 5 5 3 WAN Speed Test Test the download speed and upload speed of WAN interface and show the result on the web page Choose the menu System gt Diagnostic gt WAN Speed Test to load the following page Figure 3 105 WAN Speed Test The following items are displayed on this screen gt Download URL Enter the URL to test the download speed of WAN For example http speedtest1 szunicom com speedtest random1000x1000 jpg gt Upload URL Enter the URL to test the upload speed of WAN For example http speedtest1 szunicom com speedtest random2000x2000 jpg Click the Start button to starting test 3 5 6 User Management You can change the factory default user password of the device Choose the menu System User Management to load the following page Username Super Admin Guest O Figure 3 106 User Management The following items are displayed on this screen Page 76 of 82 starts Asie Eltek R3601 W2 User Manual v 1 1 gt Username You can select the user with different permissions However you can not select the user whose permission is higher than your permission gt New Password Enter the new password for specified user not more than 32 characters and the space is not supported gt Confirm Password Enter the new password again to confirm for specified user not more than 32 characters and the space is not
59. fault based on 802 1P strict priority scheduling mode The device supports four priority queues when QOS feature enabled Choose the menu Data Service QoS Basic Settings to load the following page Global Parameters QoS Enable Scheduling Mode O Po i wre O PO WRR Weight Ratio o a o a QoS Priority O Dech 802 1P Bandwidth Setting Upstream Bandwidth 0 32 1024000 Kkbps 0 Full Rate Downstream Bandwidth lo 32 1024000 Kbps 0 Full Rate Advanced Parameters Enable Voice Reservation O lo 32 2048 Kbps Enable Video Reservation O 1024 16384 Kbps Remap ToS DSCP to CoS O Figure 3 61 Configure QoS Basic Settings The following items are displayed on this screen Global Parameters gt Qos Enable Enable or disable QoS functionality Page 48 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Scheduling Mode PQ PQ means strict priority that is when congestion occurs first sending packets of high priority queue WRR All queues use weighted fair queuing scheme which is defined in Weight Ratio PQ WRR Only highest queue use strict priority others use weighted fair queuing scheme gt Qos Priority DSCP When you select DSCP value corresponding to the following relationship DSCP priority value Priority queue queue 3 A priority QueueO 802 1P Select the queue classification mode when selecting 802 1P mode depending on the value of 802 1p priority classification in
60. g function Choose the menu Network WLAN MAC Filtering to load the following page Network gt WLAN ts Info MAC Filtering MAC Filtering Filtering Rules Index MAC al 00 11 22 33 44 55 Total 1 Pages 1 Rows Figure 3 22 View Wifi MAC Filtering The following items are displayed on this screen gt MAC Filtering Enable or disable the Wifi MAC filtering function globally gt Filtering Rules Two MAC filtering rules are provided Allow allow the stations specified by entries in the list to access Page 23 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Deny deny the stations specified by entries in the list to access To delete Wireless MAC Address filtering entries select the entries and click the Del button To Add a Wireless MAC Address filtering entry click the Add button Network gt WLAN gt MAC Filtering Selected List Del Figure 3 23 Add WIFI MAC Filtering Entry Enter the appropriate MAC Address into the MAC field The format of the MAC Address iS XX XX XX XX XX XX X is any hexadecimal digit Click Add button to add MAC address to the Selected List click Del button to delete the selected MAC address in the Selected List 3 3 53G Modem Typically 3G Modem WAN is used as uplink port as a backup When inserting 3G Modem into USB port the system recognized the SIM card and charges no problem After dialing successful 3G Modem will serve as a backup uplink usage 1 Basic Se
61. ge gt Enable RIP Service Enable or disable RIP service function globally Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 67 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Data Service gt RIP Ri Interface DATA y Receive RIP Version RIP V2 i Send RIP Version RIP Vis TTT Authorization Enable M Key Mode TEXT O MD5 Key Type Simple String Key Chain Simple String max 15 char Figure 3 91 Add or Modify RIP Service Entry The following items are displayed on this page gt Interface Specify the interface for the entry gt Receive RIP Version Specify receiving RIP version for the entry gt Send RIP Version Specify sending RIP version for the entry gt Authorization Enable Check the box to enable authorization gt Key Mode Specify the encryption mode of key TEXT plaintext MD5 cipertext gt Key Type Specify the key from Simple String or Key Chain gt Simple String If select Simple String in item of Key Type enter simple string as key 3 4 8 3 2 Key Chain Key Chain is a chain of keys used as RIP authorization key Choose the menu Data Service RIP Key Chain to load the following page e Key Chain key Chain Name max 19 char d Index Key ID Key String Add Del Figure 3 92 View RIP Key Chain Configuration The following items are disp
62. gure 3 111 View users If you want to change the user access right click detail in the entry to load the following page System gt WebAccessSetting Network Status WAN LAN WLAN 3G Modem VLAN PortMirror IP 6 OOOR E E E E Page 81 of 82 Eltek TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Data Service Status DHCP Server NAT Basic Settings PAT Settings DMZ Settings ALG Settings Attack Defense Service Type Internet Access Ctrl Management Access Ctrl Filter Strategy IP amp MAC Binding Basic Settings ACL Port Rate Limit Flow Rate Limit Service DDNS GRE VPN PPTP VPN L2TP VPN IPSec Static Route Policy Route RIP UPnP Parameter Apply Filter Control Multicast Share File MOOOOOWOOOODOAODOOOOODBRAHAHORBABA VoIP Service SIP Service User Supplementary Codec Parameters DSP Parameters Digitmap Signal Tone FXS Parameters Centrex Phone Book System Time Management wd 00000880088 Upgrade Reboot Backup Restore Ping Tepdump WAN Speed Test User Management System Log TRO69 SNMP ORKODOER E E E E El Figure 3 112 Modify User Access Right 3 6 Apply Follow the prompts Some parameters will take effect after click the button of Apply Page 82 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Home Network Data Service VoIP Service System Apply Logout system gt Time Management Figure 3 113 Apply 3 7 Print Function The device supp
63. he interface which connects DHCP server gt Server IP Configure the DHCP server IP address 3 4 3 NAT Config Network Address Translation NAT is a network protocol used in IPv4 networks that allows multiple devices to connect a network protocol using the Same public IPv4 address NAT was originally designed in an attempt to help conserve IPv4 addresses NAT modifies the IP address information in IPv4 headers while in transit across a traffic routing device Page 33 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 3 4 3 1 Basic Settings Choose the menu Data Service NAT Config Basic Settings to load the following page Data Service gt Basic Settings Max Nat Connections 16000 512 16000 Enable MSS Auto Adaptive F TCP MSS 1260 1260 1460 Figure 3 39 Basic Settings The following items are displayed on this screen gt Max Nat Connections Specify the maximum number of NAT connections gt Enable MSS Auto Adaptive Enable or disable auto adaptive the value of MSS Maximum Segment Size TCP MSS If Enable MSS Auto Adaptive is not selected configure this to specify the maximum segment size of the TCP protocol 3 4 3 2 PAT Settings Several internal addresses can be NATed to only one or a few external addresses by using a feature called overload which is also referred to as PAT PAT is a subset of NAT functionality where it maps several internal addresses to a single external address
64. igure 3 96 View User Management Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Figure 3 97 Add or Modify User Management Entry The following items are displayed on this screen Username Enter user name of this entry Password Enter password of this entry Page 70 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Access Right Select access right from pull down list Read or Read Write 2 USB Storage Scan the partitions of USB Storage by click Rescan button and umount specified partition by clicking Umount button Click start to start service click stop to stop service DataService gt USB Storage User Management O Index Username Access Right Add Del USB Storage Status stopped O Disk Share Name File System Storage GB Used Storage GB Free Storage GB Utilization Rate Property O media sdai shareO vfat 3 80 0 00 3 79 1 Modify Figure 3 98 View USB Storage Click Modify to load the following page Data Service gt FTPService gt Disk Property Share Name my_share Allowed User O user_1 Miuser_2 Figure 3 99 Modify USB Storage The following items are displayed on this screen Share Name Enter the share name gt Allowed User Select the users need to access the partition of the entry 3 5 System 3 5 1 Time Management Menu of time management is used
65. ing items are displayed on this screen gt Name Service name Read only gt Remap Queue Priority Check the box to remap scheduling queue gt Priority There are four levels of priority Priority 3 is highest and priority O is the lowest gt Remark 802 1p Check the box to enable 802 1p priority remarking gt 802 1p Value The value of remarking 802 1P gt Remark DSCP Check the box to enable DSCP remarking gt DSCP Value The value of remarking DSCP 3 4 5 5 ACL Choose the menu Data Service QoS gt ACL to load the following page Data Service gt Q05 gt ACL Index Rule Name Rule Type i Z 3 E 3 6 fs 8 E 10 e 12 SE 14 a 16 Sbe 18 19 20 21 22 23 24 Figure 3 67 View Qos ACL Click the Del in the entry you want to delete Click the Index or Detail in the entry you want to modify and then the following page will be loaded Page 52 of 82 A Eltek R3601 W2 User Manual v 1 1 Digits Seras 2 Do AL Rule Condition PS Physical Port O vant Duane O vans O Lane Dl wan Rule Name Rule Type L2 Data L3 Data Ether Type ox X00 xFFFF VLAN ID 1 4094 B02 1p Da Action Drop Remark VID Cio 1 4094 Remark 802 1P L o Dr 7 Remark DSCP d lo 0 53 Priority L lo 0 3 S highest Maximal Bandwidth jo 22 1024000 kbps 0 Full Rate Figure 3 68 Modify Qos ACL The following items are display on this page Conditi
66. ion Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry data Service gt WPIN gt IPSec gt IKE Proposal Proposal Name Maximum 128 Characters Encryption Algorithm 3DES we Auth Algorithm SHA1 we DH Group DH 1536 modp w Figure 3 79 Add or Modify IKE Safety Proposal Entry The following items are displayed on this screen gt Proposal Name Specify a unique name to the IKE proposal for identification and management purposes The IKE proposal can be applied to IPSEC proposal gt Encryption Algorithm Specify the encryption algorithm for IKE negotiation Options include DES DES Data Encryption Standard encrypts a 64 bit block of plain text with a 56 bit key 3DES Triple DES encrypts a plain text with 168 bit key AES Uses the AES algorithm for encryption gt Auth Algorithm Select the authentication algorithm for IKE negotiation Options include MD5 MD5 Message Digest Algorithm takes a message of arbitrary length and generates a 128 bit message digest Page 60 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 SHA1 SHA1 Secure Hash Algorithm takes a message less than 2 64 the 64th power of 2 in bits and generates a 160 bit message digest gt DH Group Select the DH Diffie Hellman group to be used in key negotiation phase 1 The DH Group sets the strength of the algorithm in bits Options include DH
67. ist of users and passwords can access the Internet Press Save button if you have modified this parameter Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Access Contral Data Service gt Internet User 4uthentication Password gktel t Auth Mode Allow Multi PC Access iw Figure 3 51 Add or Modify User Authentication Entry The following items are displayed on this screen Username Enter the username of this entry Password Enter the password of this entry gt Auth Mode Choose the authentication mode of this entry Provides four modes Allow Multi PC Access Allows multiple computers to access the Internet using this account Allow One PC Access Only allows one computer to access the Internet using this account Allow Special IP Access Allowing only specified IP computer uses this account to access the Internet Allow Special MAC Access Allowing only specified MAC computer uses this account to access the Internet 3 4 4 3 3 Page Push HTTP Page push is a mechanism for sending unsolicited asynchronous data from web server to a web browser When accessing the Internet for the first time the specified HTTP page will be pushed to the browser when enabled Choose the menu Data Service Firewall Config Internet Access Ctri Page Push to load the following page Page 41 of 82 TECHNOLOGIES Eltek R36
68. layed on this page gt Key Chain Name Enter the name of key chain Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 68 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 keim 1 255 Key String fo max 15 char Figure 3 93 Add or Modify RIP Key Chain Entry The following items are displayed on this page gt Key ID Enter the ID of the entry gt Key String Enter the Key of the entry 3 4 9 Advanced Parameters 3 4 9 1 UPnP Parameter The Universal Plug and Play UPnP technology is enabling a world in which music and other digital entertainment content is accessible from various devices in the home without regard for where the media is stored Using UPnP devices the whole family can share in the fun together whether it s e Viewing your best family photos via the TV e Watching home videos e Listening to favorite tunes throughout the house The Digital Living Network Alliance DLNA is a non profit collaborative trade organization established by Sony in June 2003 which is responsible for defining interoperability guidelines to enable sharing of digital media between multimedia devices http en wikipedia org wiki Digital_ Living Network Alliance cite _note 3 DLNA uses UPnP for media management discovery and control Here UPNP mainly for DLNA DLNA server can be automatically discovered by sending
69. led in WLAN Basic Settings page Read only gt Authentication The authentication type selected WPA PSK WPA2 PSK WPAPSK WPA2PSK gt Algorithm When WPA2 PSK or WPAPSK WPA2PSK is set as the Authentication Type you can select either TKIP or AES or TKIP AES as Encryption When WPA PSK is set as the Authentication Type you can select either TKIP or AES as Encryption gt WPA Pre Shared Key You can enter ASCII characters between 8 and 64 characters gt Renew Interval Specify the group key update interval in seconds Enter O to disable the update 2 Open WEP Shared WEP WEP Auto It is based on the IEEE 802 11 standard Choose one of these types the following page is loaded 7 e Security WD n d ar a TE KEE o y A into TETE aA ee a 5101 Eltek 11 Authentication WEP encryption is enabled so lin rate and WPS will turn off Default Key Figure 3 16 Configure WIFI WEP Security The following items are displayed on this screen gt SSID The SSID enabled in WLAN Basic Settings page Read only gt Authentication The authentication type selected Open WEP Shared WEP WEP Auto gt Default Key Select the default WEP key configure below Page 19 of 82 Eltek R3601 W2 User Manual v 1 1 TECHNOLOGIES Provide up to four key You can select the key type HEX 10 26 char or ASCII 5 13 char for encryption and then enter the key HEX 10 26 char and ASCII 5 13 char formats are provided Hex 10 26 char format sta
70. m operating terminal Indicates one parameter configuration or a function Indicates a syntax of CLI command options multiple XX XX command options in one separated by means exclusive single selection Indicates user specified parameters e g for command host italic tftp host get put sys cfg filename The host and filename should be replaced by user specified real parameters such as tftp 138 0 0 1 get sys sysfile bin Table 2 Convention for Mouse Operation Operation Meanigs _ _ _ _ Quickly press and release a mouse button twice Drag Press a mouse button and move the mouse Table 3 Convention for Keyboard Operation means an operation which presses down several keys in the keyboard in the same time E g Ctrl C means press down the key of Ctrl and C in the same time CONTENTS Eltek R3BGOL W2 oo ccc cece cece cece cece cece eeeueueueueueuaueunueunununununununununenunnnnnnnnngs 1 Ll e e TT EE 1 2 Product Dei ng e el fei g Le Nisicasisacicasicacidacicacidasiiacicadicacicadinani ainia indi 2 Jal APOCO irreales destina trans 2 2 2 Hardware Interface 3 ls ECOS sidra 3 2 4 Working Environment 4 3 Configuration Introgduchon cnn rr rr rr 5 SL OOM paisa 5 De nu TEE 5 3 3 Network Configuration 6 3 3 1 Network Gtatus 6 E WAN e ni GUI AE e EE 7 32 LAN COT ge Le Le IN ensima aint iso cal 14 CC WIEN EN 17 3 3 5 36G REES 24 JO Fort
71. mary DNS Domain Name Server manually If you are not clear please consult your ISP It s not allowed to access the Internet via domain name if the Primary DNS field is blank Optional If a Secondary DNS Server address is Enter the Server IP provided by your ISP Enter the Account Name provided by your ISP If you are not clear please consult your ISP Enter the Password provided by your ISP Page 13 of 82 AN Eltek R3601 W2 User Manual v 1 1 gt Enable Encryption Enable PPTP link encryption Secondary Connection Here allow you to configure the secondary connection DHCP and Static IP connection types are provided If Static is selected gt IP Address If Static IP is selected configure the IP address of WAN port gt Netmask If Static IP is selected configure the subnet mask of WAN port Gateway Optional If Static IP is selected configure the default gateway of WAN port If DHCP is selected gt Appoint Server IP Optional If network has multiple DHCP servers enter the IP address of your ISP s DHCP server gt Vendor Class Identifier Optional This option 60 is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client gt Enterprise Code Optional gt Manufacture Name Optional gt Device Class Optional gt Device Type Optional gt Device Version Optional 3 3 3LAN Configuration On this page you can configure the parameters for LA
72. me are in active gt Active Day If not configured which means that all time in active Direction Up Check the frame from the direction of the LAN port to the WAN port and match the source IP and destination port Down Check the frame from the direction of the WAN port to the LAN port and match the destination IP and source port Bidirectional Limit both upstream and downstream speed gt Limited Bandwidth CIR The limited bandwidth gt Maximal Bandwidth PIR The maximum bandwidth If Application is selected gt Application Protocol Such as HTTP HTTPS FTP TFTP SMTP POP3 TELNET etc If Custom is selected the following page will be loaded Application fe Custom Protocol Type UDP TCP Port Range o ei 0 65535 Figure 3 65 Configure Custom of Qos Flow Rate Limit The following items are displayed on this screen gt Protocol Type Custom protocol type UDP or TCP Page 51 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Port Range Set port range 3 4 5 4 Service The device supports to remap scheduling priority and remark the value of DSCP or 802 1P according to the service type Choose the menu Data Service QoS Service to load the following page Data Service gt QoS gt Service Name Remap Queue Priority Priority Remark 802 1p 802 1p Value Remark DSCP DSCP Value VOICE O O o O en a k 7 a KI vieo a a a Ta Figure 3 66 View Qos Service The follow
73. nds for any combination of hexadecimal digits 0 9 a f A F in the specified length ASCII 5 13 char format stands for any combination of keyboard characters in the specified length gt Key 3 WPA WPA2 WPA WPA2 It s based on Radius Server Choose one of these types the following page is loaded Network gt WLAN SSID1 Authentication Algorithm Renew Interval PMK Cache Period Enable Pre Auth Radius Server IP Radius Server Port Shared Secret Session Timeout Eltek 11 ob I WPAWPA2 AES v 3600 0 2592000 s O not renew 0 43200 min default 10 jil 812 0 65535 default 1812 8 64characters 0 65500 s default 65500 Figure 3 17 Configure WIFI WPA Security The following items are displayed on this screen gt SSID The SSID enabled in WLAN Basic Settings page Read only gt Authentication The authentication type selected WPA WPA2 WPA WPA2 You can select either TKIP or AES or TKIP AES Specify the update interval in seconds Enter O to gt Algorithm gt Renew Interval disable the update gt PMK Cache Period Pairwise Master Key PMK Set WPA2 PMKID cache timeout period after time out the cached key will be deleted This parameter is valid when you select WPA2 or WPA WPA2 gt Enable Pre Auth This is used to speed up roaming before pre authenticating IEEE 802 1X EAP part of the full RSN authentication and key handshake before actually associating with a new A
74. nterface Name Enable Type VLAN Enable Yes Static IP Figure 3 6 WAN page Select an Interface Name to load the configuration page 1 Static IP If a static IP address has been provided by your ISP please choose the Static IP connection type to configure the parameters for WAN port manually Page 7 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Network gt MAN Interface Name DATA Enable Type VLAN Enable VLAN ID 1 4094 Priority Level o 0 7 Primary ONS Secondary ONS IP Address 0 0 0 0 as Metmask 0 0 0 0 s Gateway 0 0 0 Figure 3 7 WAN Static IP The following items are displayed on this screen gt Enable Enable this WAN interface DATA can t be disabled gt Type Select Static IP if your ISP has assigned a static IP address for your gt VLAN Enable Optional Enable VLAN to configure VLAN ID and VLAN Priority Level gt VLAN ID Optional VLAN ID of this WAN interface gt Priority Level Optional VLAN Priority Level of this WAN interface gt Primary DNS Enter the IP address of your ISP s Primary DNS Domain Name Server If you are not clear please consult your ISP It s not allowed to access the Internet via domain name if the Primary DNS field is blank gt Secondary DNS Optional If a Secondary DNS Server address is available enter it gt IP Address Enter the IP address assigned by your ISP If you are not clear please consult your ISP
75. on gt Rule Name The custom name gt Physical Port Rule s source port gt Rule Type Type of rule L2 data or L3 data If L3 Data is selected Rule Type O L2 pata Si L3 Data iist O Protocol Ignore O ime O upp O tcp O Other 0 255 L4 srePort 065535 L4 Dest Pot e 065535 Figure 3 69 L3 Data Rule Type The following items are display on this page gt Src IP Netmask The source IP address and netmask of packets such is 192 168 100 1 255 255 255 0 gt Dest IP Netmask The destination IP address and netmask of packets gt Protocol E g ICMP UDP TCP or custom IP protocol types gt L4 Src Port Source port range gt L4 Dest Port Destination port range If L2 Data is selected Page 53 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 Rule Type fi L2 pata L3 Data Ether Type Ox OXDO 0XFFFF VLAN ID 164094 s02 1p Get Figure 3 70 L2 Data Rule Type The following items are display on this page gt SRC MAC Source MAC address of packets gt DEST MAC Destination MAC address of packets gt Ether Type The ether type of packets gt VLAN ID The VLAN id of packets gt 802 1p The VLAN priority of packets Action gt Drop Drop the packets matched with the rule gt Remark VID Change the VID of packets matched with the rule gt Remark 802 1p Change the 802 1P priority of packets matched with the rule gt Remark DSCP Change the
76. on the air gt Isolated Enable or disable isolate different clients from the same wireless station gt LAN Isolated Enable or disable isolation between the LAN and SSID gt Max Client Enter the maximum number of clients allowed to connect to the SSID gt SSID AP Isolated This function can isolate wireless stations on your network from each other Wireless devices will be able to communicate with the Router but not with each other To use this function check this box AP Isolation is disabled by default 3 3 4 2 Security Choose the menu Network WLAN Security to load the Security page There are nine wireless security modes supported by the device Open WEP Shared WEP WEP Auto WPA PSK WPA2 PSK WPAPSK WPA2PSK WPA WPA2 and WPAWPA2 If you do not want to use wireless security select Disable but it s strongly recommended to choose one of the following modes to enable security 1 WPA PSK WPA2 PSK WPAPSK WPA2PSK It s the WPA WPA2 authentication type based on pre shared passphrase Choose one of these types the following page is loaded Page 18 of 82 TECHNOLOGIES Network gt WLAN Eltek R3601 W2 User Manual v 1 1 Eltek 11 WPAPSK WPA2PSK v eecceeee cadre 3600 0 2592000 5 O not renew SSID1 Authentication Algorithm WPA Pre Shared Key Renew Interval Figure 3 15 Configure WIFI PSK Security The following items are displayed on this screen gt SSID The SSID enab
77. on the same physical subnet Relay agent forwarding is distinct from the normal forwarding of an IP router where IP datagrams are switched between networks somewhat transparently By contrast relay agents receive DHCP messages and then generate a new DHCP message to send on another interface It listens for client requests and adds vital configuration data such as the client s link information which is needed by the server to allocate the address for the client When the DHCP server responds the DHCP relay agent forwards the reply back to the DHCP client Page 32 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 DHEP client DHCP relay DHCP server A E ty E DHOPDISC OVER DHCP DISCOVER broadcast unicast DHCP OF FER DHCP AOFFER unicast DHOPREGUEST DHCP REGUEST broadcast unicast DHEF ACK DHCP ACK unicast Figure 3 37 DHCP Relay Overview Choose the menu Data Service DHCP Server DHCP Relay to load the following page Data Service gt DHCP Server Static Address Assign DHCP Relay lt Enable DHCP Relay Client Interface 1 VLANI K Client Interface 2 Client Interface 3 Client Interface 4 Server Interface Figure 3 38 Configure DHCP Relay The following items are displayed on this screen gt Enable DHCP Relay Enable or disable DHCP Relay gt Client Interface The interface to listen for DHCP client requests Up to four interfaces can be selected Server Interface Choose t
78. orts to link printer port and provides share printing capabilities to other computers To use print function you need do the following steps 1 Add Printer Open the windows of the Control Panel select Printers and Faxes and add the printer 2 Printers and Faxes Fie Edit View Favorites Tools Help Back 7 Ki po Search gt Folders PE Address SA Printers and Faxes Printer Tasks Add Printer Wizard ds Welcome to the Add Printer feo Set up faxing Wizard See Also This wizard helps you install a printer or make printer connections 17 Troubleshoot printing o Get help with printing If You have a Plug and Play printer that connects J through a USB port or any other hot pluggable port such as IEEE 1394 infrared and zo or you Other Places do not need to use this wizard Click Cancel to close the wizard and then plug the printer s cable Into pour computer or point the printer toward your G Control Panel computer s infrared port and turn the printer op Sn Scanners and Cameras Windows will automatically install the printer for pou HS My Documents gi My Pictures vd My Computer To continue click Next Figure 3 114 Add Printer 2 Connecting local printer Select Local printer attached to this computer Page 83 of 82 EH R3601 W2 User Manual vil _ TECHNOLOGIES Add Printer Wizard Local or Network Printer The wizard needs to know which type of printer to set up Select the option that
79. ount Username used to authenticate the CPE when making a connection to the ACS gt TROG9 password Password used to authenticate the CPE when making a connection to the ACS gt Connection Request Auth Whether to authenticate an ACS making a Connection Request to the CPE gt Connection Request Username Username used to authenticate an ACS making a Connection Request to the CPE Page 79 of 82 Ete K R3601 W2 User Manual vil TECHNOLOGIES gt Connection Request Password Password used to authenticate an ACS making a Connection Request to the CPE gt CPE Server Name A part of the HTTP URL for an ACS to make a Connection Request notification to the CPE In the form http host port path gt CPE Port A part of the HTTP URL for an ACS to make a Connection Request notification to the CPE In the form http host port path gt Status Connection Status when CPE making a connection to the ACS Read only gt Fail Reason Show reason for the failure when CPE making a connection to the ACS Read only Click the Save button when finished Click Refresh button to refresh the web page 3 5 9SNMP You can configure the SNMP parameters and view the registration status of SNMP Choose the menu System gt SNMP to load the following page System gt SNMP Register Enable L Server 4ddress or Domain 138 0 60 2 Sa Server Port 162 ies sal TRAP Message Interval 30 36005 Regional Identity ELTEK R3621 W1 Devic
80. rom external network so as to guarantee the network security Configure this for abnormal packets defense and flood attack defense Flood attack is a commonly used DoS Denial of Service attack including TCP SYN UDP ICMP and so on Choose the menu Data Service Firewall Config Attack Defense to load the following page Data Service gt Attack Defense Enable Broadcast Storm Defense F Enable Block Ping F Enable TCP SYN Flood Defense 1 1000 fpackets secondi Enable UDP Flood Defense d 1 1000 packets second Enable ICMP Defense 1 1000 packetsfsecond Enable ARP Attack Defense E Enable Port Scan Defense Enable Land Based Defense Enable Ping Of Death Defense Enable Teardrop Defense Enable Fraggle Defense 000000 Enable Smurf Defense Figure 3 45 Attack Defense The following items are displayed on this screen gt Enable Broadcast Storm Defense Enable or disable Broadcast Storm Defense gt Enable Block Ping Enable or disable Block Ping function gt Enable TCP SYN Flood Defense Enable or disable TCP SYN Flood Defense gt Enable UDP Flood Defense Enable or disable UDP Flood Defense gt Enable ICMP Defense Enable or disable ICMP Defense gt Enable ARP Attack Defense Enable or disable ARP Attack Defense gt Enable Port Scan Defense A port scanner is a software application designed to probe a server or host for open ports Check the box to prevent port scanning gt Enable
81. s the IP is updated gt Server Type optional DDNS server type can select from pull dwon list DYNDNS For dyndns org FREEDNS For freedns afraid org ZONE For zoneedit com NOIP For no ip com 3322 For 3322 org CUSTOM For custom self defined DDNS server type Server Name If CUSTOM is selected specify server name of the device gt Server Url If CUSTOM is selected specify server URL of the device gt Dyn DNS Server Name If CUSTOM is selected specify dyndns DNS server name of custom self defined gt Dyn DNS Server Url If CUSTOM is selected specify dyndns DNS server URL of custom self defined gt System Item If CUSTOM is selected specify system item of custom self defined Page 55 of 82 TECHNOLOGIES gt DDNS Status Display the status of DDNS service Read only Click the Save button when finished Click Refresh button to refresh the web page Eltek R3601 W2 User Manual v 1 1 3 4 7 VPN VPN Virtual Private Network is a private network established via the public network generally via the Internet However the private network is a logical network without any physical network lines so it is called Virtual Private Network With the wide application of the Internet more and more data are needed to be shared through the Internet Connecting the local network to the Internet directly though can allow the data exchange will cause the private data to be exposed to all the users on the Internet
82. t Entry The following items are displayed on this screen Username Enter the account name of L2TP tunnel It should be configured identically on server and client Password Enter the password of L2TP tunnel It should be configured identically on server and client gt Binding IP Enter the IP address of the client which is allowed to connect to this L2TP server gt Description Enter the humane readable description for this account 3 4 7 4 IPSEC IPSEC IP Security is a set of services and protocols defined by IETF Internet Engineering Task Force to provide high security for IP packets and prevent attacks To ensure a secured communication the two IPSEC peers use IPSEC protocol to negotiate the data encryption algorithm and the security protocols for checking the integrity of the transmission data and exchange the key to data de encryption IPSEC has two important security protocols AH Authentication Header and ESP Encapsulating Security Payload AH is used to guarantee the data integrity If the packet has been tampered during transmission the receiver will drop this packet when validating the data integrity ESP is used to check the data integrity and encrypt the packets Even if the encrypted packet is intercepted the third party still cannot get the actual information IKE In the IPSEC VPN to ensure a secure communication the two peers should encapsulate and de encapsulate the packets using the information both
83. t access through IP port and time Choose the menu Data Service gt Firewall Config Internet Access Ctrl gt Access Control to load the following page DataService gt Internet Access Ctrl Access Control User Authentication F Enable Access Control Policy Fi Index Enable Src IP Range Dst IP Range Service Name Active Time Description O ab Enable 10 0 1 1 192 168 100 1 typel 00 00 23 59 rule 1 1 Total 1 Pages 1 Rows Add Del Figure 3 48 View Access Control Entry The following items are displayed on this screen Enable Access Control Enable or disable access control from WAN gt Policy Default policy of access control Allow or Deny If Allow is selected all packets will be allowed except the entries list on this page If Deny is selected all packets will be denied except the entries list on this page Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 39 of 82 TECHNOLOGIES Access Control Dataservice gt Action Enable Rule Description Source IP Range Destination IP Range Service Mame Active Time Active Day Eltek R3601 W2 User Manual v 1 1 Deny 10 0 1 1 to 10 0 1 200 192 168 100 1 to 192 168 100 200 typel ze 00 00 23 59 chen All Lol Monday Tuesday Lal Wednesday d Thursday IM Friday Jl Saturday I
84. tatic Route Policy Route DNS Proxy RIP Internal Address Management DHCP Server IP and MAC Address Bind DHCP Relay Networking Protocols TCP IP IPv4 v6 UDP RTP SNTP NAT DHCP DNS DDNS DLNA Page 3 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 VPN IPSEC PPTP L2TP IPTV IGMP Proxy Snooping IPTV Bridge Management eo Management Protocol CLI SNMPV1 2 Tr069 Web eo LED Indications Total 12LEDS for Power WAN LAN Phone Control Button WPS Button WLAN Button Button NAT amp Firewall amp Security Power Switch Reset Multi SSID X4 AP eo Supports ALG DMZ PAT o Firewall Protection IDS amp IPS Block Ping ICMP IDENT SPI Firewall Portscan restriction e Access control Blocking by URL IP Address Mac Address Protocol Type Port WIFI WLAN e Standard IEEE 802 11b g n 2 4GHz eo Security WEP WPA WPA2 PWA PSK WPA2 PSK o WIFI Features WMM WLAN LAN Isolation Tsolation eo Antenna Type 2R2T Centrex Functions List Call Forward on Busy Call Forward on No Answer Call Forward Unconditional Caller ID Caller ID on Call Waiting Call Waiting Three way Calling Ring groups USB storage Print Support USB storage Support print sharing 2 4 Working Environment Environment requirement includes storage temperature working temperature and humidity Storage Temperature 400C 700C Long Time Working Temperature 100C 500C Short Time Working Temperature 15 C 60 C Environment Humi
85. te Limit Enter incoming maximum rate which must is times of 32Kbsp gt Limit Packet Type Select the packet type which is limited rate gt Outgoing Rate Limit Enter Outgoing maximum rate which must is times of 32Kbsp 3 4 5 3 Flow Rate Limit Choose the menu Data Service gt Q0S gt Flow Rate Limit to load the following page DataService gt QoS gt Flow Rate Limit d Index Protocol IP Range Start Time End Time Direction Protocol Type Port Range CIR PIR O 1 ANY 192 168 1 10 192 168 1 20 00 00 00 00 UP 0 0 1 Total 1 Pages 1 Rows Add Del Figure 3 63 View QoS Flow Rate Limit Entry Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Click the Add button to add a new entry Page 50 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Flow Rate Limit 192 168 1 10 192 168 1 20 Active Time 00 00 00 00 fArhimmm Active Day MIA monday MlTuesday lM Wednesday IP Range Thursday Mlrriday MlSaturday kel Sunday Direction Up Ke Application Custom OHTR Oummpe Om OTFTR Osm Opop3 TELNET any o O 1024000 Kbps b 0 1024000Kbps application Protocol Limited Bandwidth CIR Maximal Bandwidthi PIRI Figure 3 64 Configure Qos Flow Rate Limit The following items are displayed on this screen IP Range The IP range of LAN s PC gt Active Time If not configured which means that all ti
86. the PC whose connection you wish to diagnose gt Ping Count Specifies the number of Echo Request messages sent gt Result This page displays the result of diagnosis Click Start button to check the connectivity of the Internet Click Stop button to stop sending the Echo Request messages Click Refresh button to refresh the web page 3 5 5 2 Tcpdump You can use tcpdump tool to capture the packets and show the result of capture packets Choose the menu System Diagnostic Tcpdump to load the following page Susie gt ecole Interface VLANI ze Protocol SP uppO ale Result tepdump listening on br link type EM1 ME Ethernet capture size 65535 bytes 220 packets captured 61 packets received by filter 41 packets dropped by kernel 1 pocap cean Figure 3 104 Tcpdump Diagnostic The following items are displayed on this screen Page 75 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 gt Interface By selecting the interface only packets through this interface will be captured gt Protocol By selecting the protocol only packets of this protocol will be captured gt Tcpdump Enter some options of tcpdump e g n sO c 100 gt Result This page displays the result of capture packets Click Start button to capture the packets which correspond to the configuration requirement Click Stop button to stop capturing the packets Click pcap to open or download the capture pack
87. tion Servers ACS It includes both a safe auto configuration and the control of other CPE management functions within an integrated framework Choose the menu System TRO69 to load the following page Page 78 of 82 TECHNOLOGIES Eltek R3601 W2 User Manual v 1 1 System gt TROS Serial Number D000EB4B569000000eb 093ad20 Enable ACS Address 142 168 1 121 a ACS Port 3080 0 655395 ACS Server Name ACS server Acs t SSL Enable 0 Schedular Send Inform 3600 1 4294967295 5 Single Account Enable TROG9 Account acs Connection Request Auth Connection Request Username cpe Connection Request Password CPE Server Name cpe CPE Port a099 Status Connect Success Fall Reason Connected Success Figure 3 109 Configure TRO69 The following items are displayed on this screen gt Serial Number The serial number of device Read only gt Enable Enable or disable the TRO69 function globally gt ACS Address Enter the IP address or domain name of ACS gt ACS Port Enter the port of ACS gt ACS Server Name Enter the TRO69 server name of ACS gt SSL Enable Enable or disable the SSL Secure Sockets Layer for TRO69 gt Schedular Send Inform Whether or not the CPE must periodically send CPE information to Server using the Inform method call Enter the duration in seconds of the interval if enabled gt Single Account Enable Whether or not the TRO69 Account is enabled gt TRO69 Acc
88. to different queues corresponding to the following relationship value highest a Queue0 S Bandwidth Setting gt Upstream Bandwidth Configure the bandwidth of upstream gt Downstream Bandwidth Configure the bandwidth of downstream Advanced Parameters gt Enable Video Reservation Enable video reservation and give the value to reserved for video gt Remap Tos DSCP to CoS Check the box that the system will remark 802 1P value with TOS DSCP of upstream packets the mapping relationship is as follows A TI EAN E E tee PEF TE A 32t039 4 A O 285 8 Page 49 of 82 TECHNOLOGIES 3 4 5 2 Port Rate Limit Rate limit for physical LAN ports you can select the package type restrictions limiting the entrance All multiples of 32kbps speed requirements Choose the menu Data Service QoS gt Port Rate Limit to load the following page Data Service gt QoS gt Port Rate Limit Eltek R3601 W2 User Manual v 1 1 Enable Incoming Rate Limit Kbps Limit Packet Type Outgoing Rate Limit Kbps AP UP v BP UUP APR UP C aP ULE FK FK O O AP UP O BP M UUP JAP Mi UP g BP UUP IY Tips AP All UP Unicast MP Multicast BP Broadcast UUP Unknown Unicast UMP Unknown Multicast Figure 3 62 Configure Qos Port Rate Limit The following items are displayed on this screen gt Port Physical LAN port gt Enable Enable or disable rate limit function gt Incoming Ra
89. to manage system time 1 Manual Configuration Choose the menu Data Service Time Management and select Manual Configuration to load the following page Page 71 of 82 AR Eltek R3601 W2 User Manual v 1 1 System gt Time Management Configuration mode Auto Configuration Manual Configuration System Time 2000 01 01 00 12 22 HH MM SS Daylight Saving Time O Offset en Mim Start Month March Start Day of Week Sunday Start Day of Week Last in Month Last in Month Start Hour of Day 2 Stop Month December Stop Day of Week Sunday Stop Day of Week Last in Month Last in Month Stop Hour of Day 2 Figure 3 100 Time Manual Configuration The following items are displayed on this screen gt Configuration mode Specify configuration mode of time Auto Configuration or Manual Configuration default is Manual Configuration System Time Enter the system time under Manual Configuration gt Daylight Saving Time Enable or disable the Daylight Saving Time DST Offset Enter the offset of DST gt Start Month Specify the start month of DST range from 1 to 12 in one year gt Start Day of Week Specify the start weekday of DST range from Sunday to Saturday gt Start Day of Week Last in Month Specify the order of start weekday in the month from pull down list as following e First in Month e Second in Month e Third in Month e Fourth in Month e Last in Month gt
90. tore to load the following page System gt Backup Restore Backup Current Configurations Save current parameters as custom default configurations Load Default Configurations Reset to custom default parameters Restore Factory Configurations Reset to factory parameters Figure 3 102 Backup Restore Configurations The following items are displayed on this screen gt Backup Current Configurations Save current parameters as customer default parameters gt Load Default Configurations To reset to customer default parameters Restore Factory Configurations To reset to factory parameters 3 5 5 Diagnostic 3 5 5 1 Ping Choose menu System gt Diagnostic gt Ping and then you can use Ping function to check connectivity of your network in the following screen Page 74 of 82 Ete K R3601 W2 User Manual vil TECHNOLOGIES System gt Ping Ping 192 168 1 121 Ping Count a 1 86400 Result 168 1 121 192 168 1 121 56 data bytes from 192 165 1 1 1 seg 0 ttl 64 time 0 640 from 192 166 1 121 seg 1 ttl 64 time 0 600 from 194 168 1 121 seg 2 ttl 64 time 0 640 from 194 168 1 121 seg 3 ttl 64 time 0 660 192 168 1 1 lt 1 ping statistics d packets transmitted 4 packets received 0 packet round trip min ave max 0 600 0 635 0 660 ms Figure 3 103 Ping Diagnostic The following items are displayed on this screen gt Ping Enter the IP Address or Domain Name of
91. ts with the intended victim s spoofed source IP are broadcast to a computer network using an IP Broadcast address Check the box to enable Smurf Defense 3 4 4 2 Service Type Service Type defines the entry with protocol and port range which can be chosen in Internet Access Ctrl page Choose the menu Data Service Firewall Config Service Type to load the following page Data Service gt Service Type O Index Name Procotol Port Range Description O al typel TCP 1000 2000 test Total 1 Pages 1 Rows Add Del Figure 3 46 View Service Type Configuration Click the Index in the entry you want to modify If you want to delete the entry select it and click the Del Page 38 of 82 TECHNOLOGIES Click the Add button to add a new entry Eltek R3601 W2 User Manual v 1 1 Data Service Firewall E Mame typel Ki Protocol TCP Port Range 1000 2000 t 1265535 Figure 3 47 Add or Modify Service Type Entry The following items are displayed on this screen gt Name Name of this entry it will be list in Internet Access Ctrl page gt Protocol Select the protocol for this entry Four types are provided TCP UDP ICMP and ALL gt Port Range Configure the port range for this entry gt Description Enter a description string for this entry 3 4 4 3 Internet Access Ctrl Each sub page under this page is used to control Internet access 3 4 4 3 1 Access Control This sub page is used to control Interne
92. ttings Choose the menu Network 3G Modem to load the following page Page 24 of 82 Mp Eltek R3601 W2 User Manual v 1 1 detwork gt 36 Modem Basic Settings SP Network Username Maximum 32 Characters Password ee Maximum 32 Characters Dial Number Maximum 32 Characters APR Maximum 32 Characters PIN Maximum 32 Characters Connect Mode Online Mode Figure 3 24 Configure 3G Modem Basic Settings The following items are displayed on this screen gt SP Network Other or Swisscom If it is not the target user you need to select the other gt Connect Mode Manual or Auto The default is Auto gt Online Mode always online and disconnect after idle interval The default is always online The default idle interval is 60 seconds If Other is selected the following parameters appear gt Username 3G network dial up username gt Password 3G network dial up password gt Dial Number 3G network dial numbers gt APN 3G network access APN gt PIN 3G networks need to use dial up PIN code if not can be set to empty 2 Advanced Parameters Choose the menu Network 3G Modem Advanced Parameters to load the following page Advanced Parameters Authentication TOP MSS 1460 128 2048 default 1460 MITU 1500 128 1500 default 1500 Data Link Backup C Figure 3 25 Configure 3G Modem Advanced Parameters The following items are displayed on this screen gt Authentication 3G di
93. voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 local0 notice voip 5412 HE Eltek R3601 W2 User Manual v 1 1 Local Log NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 NOTICE 5440 in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout in sip_reg_timeout Figure 3 108 Display System Log Click the Export button to export all the local logs as a file Click the Clear button to clear all the local logs from the device permanently not just from the page Click Refresh button to refresh the web page 3 5 8 TRO69 TR 069 Technical Report 069 is a Broadband Forum technical specification entitled CPE WAN Management Protocol CWMP It defines an application layer protocol for remote management of end user devices As a bi directional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configura
Download Pdf Manuals
Related Search