Telewell TW-EAV510-AC V2 router
Contents
1. pa eee eae nn N X EnS UON Je o i haa i Remote Access Client Side In Windows click Start gt Control Panel gt Network and Sharing Center Click Set up a new connection network Control Panel Home View your basic network information and set up connections Change adapter settings A je tod See full map Change advanced sharing WIN7 64 Network 4 Internet settings 2 This computer View your active networks Connect or disconnect Network 4 Access type Internet Work network Connections Local Area Connection Change your networking settings a Set up a new connection or network Set up a wireless broadband dial up ad hoc or VPN connection or set up a router or access point Connect to a network Connect or reconnect to a wireless wired dial up or VPN network connection Choose homegroup and sharing options Access files and printers located on other network computers or change sharing settings Troubleshoot problems See also Diagnose and repair network problems or get troubleshooting information HomeGroup Internet Options Windows Firewall 121 Click Connect to a workplace and press Next Lo esa o G J Choose a connection option Connect to the Internet Set up a wireless broadband or dial up connection to the Internet Ci Set up a new network Configure a new router or access point 4 Set up a dial up connection Connect to the Internet using a dial up conn2. Note 4 sessions for Client and 4 sessions for Server respectively 118 PPTP Server In PPTP session users can set the basaic parameters authentication encyption peer address etc for PPTP Server and accounts in the next page of PPTP Account They both constitutes the PPTP Server setting gt amp ven 1 PPTP Server Parameters PPTP Function Enable Disable WAN Interface Default v Auth Type Pap or Chap Encryption Key Lenath Auto Peer Encryption Mode Only Stateless IP Addresses Assigned to Peer start from 192 168 1 0 idle Timeout 0 0 120 Minutes PPTP Funtion Select Enable to activate PPTP Server Disable to deactivate PPTP Server function WAN Interface Select the exact WAN interface configured for the tunnel Select Default to use the now working WAN interface for the tunnel Auth Type The authentication type Pap or Chap PaP Chap and MS CHAPv2 When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client When passed the authentication with MS CHAPv2 the MPPE encryption is supported Encryption Key Length The data can be encrypted by MPPE algorithm with 40 bits or 128 bits Default is Auto it is negotiated when establishing a connection 128 bit keys provide stronger encryption than 40 bit keys Peer Encryption Mode You may select Only Stateless
3. WMM No Acknowledgement Disable w WMM APSD Enable w Band Select frequency band Here 2 4GHz Channel Allows channel selection of a specific channel 1 7 or Auto mode Scan Used Channel Press the button to scan and list all channels being used Auto Channel Timer min The auto channel times length it takes to scan in minutes Only available for auto channel mode 802 11n EWC select to auto enable or disable 802 11n Bandwidth Select bandwidth The higher the bandwidth the better the performance will be Control Sideband only available for 40MHz It allows you to select upper sideband or lower sideband Sideband refers to the frequency band either above upper sideband or below ower sideband the carrier frequency within which fall the spectral components produced by modulation of a carrier wave 802 11n Rate This allows you to select the fixed transmission rate or auto 802 11n Protection turn off for maximize throughput Auto for greater security Support 802 11n Client Only turn on the option to only provide wireless access to the clients operating at 802 11n speeds RIFS Advertisement Reduced Inter frame Spacing RIFS is a 802 11n feature that also improves performance by reducing the amount of dead time required between OFDM transmissions Select Off 53 to disable this function or auto to enable this function OBSS Co Existence coexistence or not between 20 MHZ and 40 MHZ overlapping basic service sets OBSS in w
4. With push service the system can send email messages with consumption data and system information f Advanced Setup ae j Push Service Parameters Recipients E mail i Must be xx yyyzzz Push Now Recipient s E mail Enter the destination mail address The email is used to receive system log system configuration security log sent by the device when the Push Now button is pressed information sent only when pressing the button but the mail address is not remembered Note Please first set correct the SMTP server parameters in Mail Alert 164 Diagnostics Check the connections including Ethernet connection Internet Connection and wireless connection Click Help link that can lead you to the interpretation of the results and the possible simply troubleshooting f Diagnostics pppoe_0_8_35 y AS aj Test the connection to your local network Test LAN Connection P3 FAIL Help Test LAN Connection P2 PASS Help Test LAN Connection P1 FAIL Help Test LAN Connection P4 EWAN FAIL Help Test your Wireless Connection PASSPASS Help Test the connection to your DSL service provider Test xDSL Synchronization PASS Help Test ATM OAM F5 segment ping PASS Help Test ATM OAM F5 end to end ping PASS Help Test the connection to your Internet service provider Test PPP server connection PASS Help Test authentication with ISP PASS Help Test the assigned IP address PASS Help Ping default gateway PASS H
5. The number of bytes in overhead channel message B of bytes in Mux Data Frame The number of bytes in Mux Data frame M of Mux Data Frames in FEC Data Frame The number of Mux Data frames in FEC frame T Mux Data Frames over sync bytes The number of Mux Data frames over all the sync bytes R of check bytes in FEC Data Frame The number of check bytes in FEC frame S ratio of FEC over PMD Data Frame length The ratio of FEC over PMD Data frame length L of bits in PMD Data Frame The number of bit in PMD Data frame D interleaver depth Show the interleaver depth Delay msec Show the delay time in msec INP DMT symbol Show the DMT symbol Super Frames The total number of super frames Super Frame Errors The total number of super frame errors RS Words Total number of Reed Solomon code errors RS Correctable Errors Total number of RS with correctable errors RS Uncorrectable Errors Total number of RS words with uncorrectable errors HEC Errors Total number of Header Error Checksum errors OCD Errors Total number of out of cell Delineation errors LCD Errors Total number of Loss of Cell Delineation Total Cells Total number of cells Data Cells Total number of data cells Bit Errors Total number of bit errors Total ES Total Number of Errored Seconds Total SES Total Number of Severely Errored Seconds Total UAS Total Number of Unavailable Seconds xDSL BER Test Click this button to start a
6. Time Restriction Access Time Restriction A maximum entries can be configured 32 Host Label MAC Mon Tue Wed Thu Fri Sat Sun Start Stop Remove Edit child_use 00 1b b1 8d ec 03 X X X X x 00 00 23 59 amp Edit Add Remove Here you can see that the user child_use with a MAC of 18 a9 05 04 12 23 is blocked to access the router from 00 00 to 23 59 Monday through Friday If you needn t this rule you can check the box press Remove it will be OK URL Filter URL Uniform Resource Locator e g an address in the form of http www abcde com or http www example com filter rules allow you to prevent users on your network from accessing particular websites by their URL There are no pre defined URL filter rules you can add filter rules to meet your requirements Note URL Filter rules apply to both IPv4 and IPv6 sources But in Exception IP Address part user can click to set the exception IP address es for IPv4 and IPv6 respectively 94 i Configuration ne ay URL Filter Parameters Keywords Filtering C Enable Detail Domains Filtering C Enable Detail Restrict URL Features BLOCK L Java Applet ClActivex Llcookie LIProx Except IP Address Detail gt Log ai Time Schedule Always On v Sun Mon Tue Wed Thu Fri Sat From 00 100 To 00 00 Keywords Filtering Allow blocking against specific keywords within a particular URL rather than having to specify a complete URL e g to block any image called ad
7. ae test1 Anonymous d Se test2 69 121 1 3 oO The above is the commonly setting for L2TP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side Then account the L2TP Account J wm VPN Account VPN Account applied to PPTP Server and L2TP Server Parameters Name HO Tunnel Enable Disable Username test2 Password ELLIT Connection Type Remote Access LAN to LAN Peer Network IP 192 168 0 0 Peer Netmask 255 255 255 0 Ada Edit Delete Edit Name Tunnel Connection Type Peer Network IP Peer Netmask Delete HO Enable LAN to LAN 192 168 0 0 255 255 255 0 i Client Side Branch Office The client user can set up a tunnel connecting to the PPTP server and can also set the tunnel as the default route for all outgoing traffic ia u g L2TP Client Parameters Name BO L2TP over IPSec Enable IPSec Tunnel test2 4 IPSec Username test2 7 Password eeeee a Auth Type Chap 7 K L2TP Server Address 69 121 1 33 Connection Type O Remote Access LAN to LAN Peer Network IP 192 168 1 0 Peer Netmask 255 255 255 0 Tunnel uthentication Fi Secret Remote Host Name a Local Host Name Edit Enable ne Name L2TP Server Address Connection Type Peer Network IP Peer Netmask Delete E d BO 69 121 1 33 LAN to LAN 192 168 1 0 255 255 255 0 C Note users can see the Default G
8. Local ID Type and Remote ID Type When the mode of phase 1 is aggressive Local and Remote peers can be identified by other IDs ID content Enter ID content the name you want to identify when the Local and Remote Type are Domain Name Enter ID content IP address you want to identify when the Local and Remote Type are IP addresses IPv4 and IPv6 supported Phase 1 Mode Select IKE mode from the drop down menu Main or Aggressive This IKE provides secured key generation and key management Encryption Algorithm Select the encryption algorithm from the drop down menu There are several options 3DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency DES Stands for Triple Data Encryption Standard it uses 56 bits as an encryption method 3DES Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards you can use 128 192 or 256 bits as encryption method Integrity Algorithm Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 However it is slower MD5 A one way hashing algorithm that produces a 128 bit hash SHA1 A one way hashing algorithm that produces a 160 bit hash DH Group It is a public key cryptography protocol that allows two par
9. Multicast Precedence Disable lower value higher priority Default Version 3 1 3 Query Interval 125 Query Response Interval 10 Last Member Query Interval 10 Robustness Value 2 Maximum Multicast Groups 25 Maximum Multicast Data Sources for IGMPv3 10 1 24 Maximum Multicast Group Members 25 Fast Leave V Enable LAN to LAN Intra LAN Multicast Enable Membership Join Immediate IPTV C MLD Default Version 2 1 2 Query Interval 125 Query Response Interval 10 Last Member Query Interval 10 Robustness Value 2 Maximum Multicast Groups 10 Maximum Multicast Data Sources for MLDv2 10 1 24 Maximum Multicast Group Members 10 Fast Leave V Enable LAN to LAN Intra LAN Multicast C Enable IGMP Multicast Precedence It is for multicast QoS With lower multicast precedence IGMP packets will be put into higher priority queue Default is set to disable Default Version Enter the supported IGMP version 1 3 default is IGMP v3 Query Interval Enter the periodic query interval time sec the multicast router sending the query message to hosts to understand the group membership information 157 Query Response Interval Enter the response interval time sec Last Member Query Interval Enter the interval time sec the multicast router query the specified group after it has received leave message Robustness Value Enter the router robustness parameter 2 7 the greater the robustness value the more robust the
10. Parameters Dynamic DNS Server www dyndns org custom Host Name www hometest com Username test Password ELLI Selected WAN Interface Available WAN Interfaces pppoe_0_8_35 ppp0 1 ipoe_ethO ethd 1 3G0 USB3G0 Select DDNS Server Interface from available WAN interfaces DDNS Server interface can have multiple WAN interfaces served as system DDNS Server but only one will be used according to the priority with the first being the higest and the last one the lowest priority if the WAN interface is connected Advanced Setup VAS aj Dynamic DNS Parameters Host Name Username Service Interface Remove Edit www hometest com test dyndns custom pppod 1 d 2 ipoe_ethO with DDNS www hometest1 co m using usemame password test test DNS Proxy DNS proxy is used to forward request and response message between DNS Client and DNS Server Hosts in LAN can use router serving as a DNS proxy to connect to the DNS Server in public to correctly resolve Domain name to access the internet Advanced Setup AS ei DNS Proxy Parameters DNS Proxy Enable Disable Host name of the Broadband Router home gateway Domain name of the LAN network home gateway DNS Proxy Select whether to enable or disable DNS Proxy function default is enabled Host name of the Broadband Router Enter the host name of the router Default is home gateway Domain name of the LAN network Enter the domain name of the LAN network home gateway Stat
11. Password Show characters Remember this password Domain optional Type your user name and password User name test Password esoe Show characters Remember this password Domain optional 124 Connect to the server The connection is ready to use gt Connect now Connecting to test Verifying user name and password 125 Successfully connected TP alee lin Connect to a Workplace You are connected A PS You can also go to Network Connections shown below to check the detail of the connection Right click test icon and select Properties to change the security parameters if the connection fails users can go here to change the settings A E Network andintemet Network Connections 6r Seah Network Connectors of Organze ae v A Local Area Connection A Local Area Connection 2 test Network 4 Network cable unplugged test 2 E Reste RILBLGSC PVSLLICIP Fe nN d Intel R PRO 100 Management W WAN Minsport PPTP 126 Use Extensible Authentication Protocol EAP Ooo Allow these protocols EAP MSCHAP v2 will be used for IKEv2 VPN type Select any of these protocols for other VPN types E Unencrypted password PAP 7 Challenge Handshake Authentication Protocol CHAP V Microsoft CHAP Version 2 MS CHAP v2 F Automatically use my Windows logon name and password and domain if any PPP multilink framing C
12. Please enter the complete information For example Please enter 0 0 0 2 instead of 2 37 Leased Time hour The leased time similar to leased time in DHCPV4 is a time limit assigned to clients when expires the assigned ID will be recycled and reassigned Issue Router Advertisement Check whether to enable issue Router Advertisement feature It is to send Router Advertisement messages periodically ULA Prefix Advertisement Enable this parameter to include the ipv6 ULA address in the RA messages ULA unique local address is an IPv6 address in the block fc00 7 It is approximately the IPv6 counterpart of the IPv4 private address They are not routable in the global IPv6 Internet RADVD Type The way that ULA prefix is generated Randomly Generated i Statically Configured select to set manually in the following parameters Prefix Set the prefix manually Preferred Life Time The ULA prefix life time When the time is over the ULA prefix is invalid any more 1 means no limit Valid Life Time It is a time threshold when the time is over clients should obtain new IPv6 address from the router through RA 1 means to be limitless MLD snooping Similar to IGMP snooping listens in on the MLD conversation between hosts and routers by processing MLD packets sent in a multicast network and it analyzes all MLD packets between hosts and the connected multicast routers in the network Without MLD snooping multicast traf
13. Received Transmitted Interface Bytes Packets Errors Drops Bytes Packets Errors Drops P4 EWAN 0 0 0 0 0 0 0 0 P3 0 0 0 0 0 0 0 0 P2 398001 3178 0 0 3661257 4655 0 0 P1 0 0 0 0 0 0 0 0 wid 0 0 0 0 3296 24 0 0 DSL i Status wa a LAN Statistics Received Transmitted Interface Bytes Packets Errors Drops Bytes Packets Errors Drops P3 0 0 0 0 0 0 0 0 P2 81681997 191880 0 0 198896059 237800 0 0 P1 0 0 0 0 0 0 0 0 wid 1179834 10153 0 0 2506888 12190 0 0 Interface List each LAN interface P1 P4 indicates the four LAN interfaces Bytes Display the Received and Transmitted traffic statistics in Bytes Packets Display the Received and Transmitted traffic statistics in Packets Errors Display the statistics of errors arising in Receiving or Transmitting data Drops Display the statistics of drops arising in Receiving or Transmitting data Reset Press this button to refresh the statistics WAN Service The table shows the statistics of WAN 22 Y WAN Service ATM Interface Interface Description Type VPI VCI Vlan8021p VianMuxld lamp NAT Firewall IPv6 Mid Remove Edit atm0 1 ipoe_0_0 33 IPoE 0 33 NIA NIA Enabled Enabled Enabled Disabled Disabled L_ Edit atm0 2 br_0_0_33 Bridge 0 33 NIA NIA Disabled Disabled Disabled Edit atm1 1 ipoe_0_0 100 IPoE 0 100 NIA NIA Enabled Enabled Enabled Disabled Disabled E Edit atm1 2 br_0_0_100 Bridge 0 100 N A N A Disabled Disabled Disabled C Edit atm2 1 b
14. Xe aj DMZ Host Parameters DMZ Host IP Address lt lt type or selectfrom listbox Time Schedule Always On v sun Mon Tue Wed Thu Fri Sat From 00 100 Tol 00 00 DMZ Host IP Address Enter the IP Address of a host you want it to be a DMZ host Select from the list box to quick set the DMZ Time Schedule Select or set exactly when the DMZ works When set to Always On the DMZ will work all time and also you can set the precise time when DMZ works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the DMZ works And when set to Disable the DMZ Host is disabled See Time Schedule Using port mapping does have security implications since outside users are able to connect to PCs on your network For this reason you are advised to use specific Virtual Server entries just for the ports your application requires instead of simply using DMZ or creating a Virtual Server entry for All protocols as doing so results in all connection attempts to your public IP address accessing the specified PC If you have disabled the NAT option in the WAN ISP section the Virtual Server function will hence be invalid If the DHCP server option is enabled you have to be very careful in assigning the IP addresses of the virtual servers in order to avoid conflicts The easiest way of configuring Virtual Servers is to manually assign static IP address to each virtual serv
15. atm2 2 ptm0 1 Failover If enabled the 3G LTE will work in failover mode and be brought up only when there is no active default route In this mode 3G LTE work as a backup for the WAN connectivity While if disabled 3G LTE serves as a normal interface and can only be brought up when it has been configured to achieve a mobile connectivity Mode There are 6 options of phone service standards GSM 2G only UTMS 3G only GSM 2G preferred UMTS 3G preferred Automatic and Use 3G LTE 3g dongle settings If you are uncertain what services are available to you and then please select Automatic TEL No The dial string to make a 3G 4G LTE user internetworking call It may provide by your mobile service provider APN An APN is similar to a URL on the WWW it is what the unit makes a GPRS UMTS call The service provider is able to attach anything to an APN to create a data connection requirements for APNs varies between different service providers Most service providers have an internet portal which69 they use to connect to a DHCP Server thus giving you access to the internet i e some 3G operators use the APN internet for their portal The default value is internet Username Password Enter the username and password provided by your service provider The username and password are case sensitive Authentication Protocol Default is Auto Please consult your service provider on whether to use PAP CHAP or MSCHAP PIN PIN stands fo
16. i Mixed WPA2 WPA PSK Network Authentication Mixed WPA2 WPA PSK WPAMNAPI passphrase eoocococoo Click here to display WPA Group Rekey Interval 3600 0 2447483647 WPA WAPI Encryption AES v WEP Encryption Disabled WPA WAPI passphrase enter the WPA WAPI passphrase you can click here to display to view it WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP The unit is second WPA WAPI Encryption here are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication WPS Setup WPS Wi Fi Protected Setup feature is a standard protocol created by Wi Fi Alliance WPS is used to exchange the AP setting with Station and configure AP settings This feature greatly simplifies the steps needed to create a Wi Fi network for a residential or an office setting The commonly known PIN method is supported to configure WPS WPS Select enable to enable WPS function Please note that WPS can only be available when WPA2 PSK or OPEN mode is configured Note WPS feature is only available when in WPA2 or OPEN mode in security settings Here wireless can be configured as Registrar and Enrollee mode respectively When AP is configured as Registrar you should select Configured in the WPS AP Mode below and default WPS AP Mode is Configured When AP is configu
17. users can use QoS to control based on need QoS Port Shaping QoS port shaping supports traffic shaping of Ethernet interfaces It forcefully maximizes the throughput of the Ethernet interface When Shaping Rate is set to 1 no shaping will be in place and the Burst Size is to be ignored j Advanced Setup y AS QoS Port Shaping Parameters QoS port shaping supports traffic shaping of Ethernet interface If Shaping Rate is setto 1 it means no shaping and Burst Size will be ignored Interface Type QoS Shaping Rate kbps Burst Size Byte P3 LAN l 1 r jo P2 LAN 1 0 P1 LAN 4 0 P4 EWAN LAN 1 o 101 Interface P1 P4 P4 used as EWAN also covered Type All LAN when P4 is LAN port P4 used as EWAN type WAN and all others LAN QoS Shaping Rate Kbps Set the forcefully maximum rate Burst Size Bytes Set the forcefully Burst Size NAT NAT Network Address Translation feature translates a private IP to a public IP allowing multiple users to access the Internet through a single IP account sharing the single IP address It is a natural firewall for the private network Exceptional Rule Exceptional Rule is dedicated to giving or blocking NAT DMZ access to some specific IP or IPs range 4 i Configuration i 1r aj Exceptional Rule Parameters The Exceptional Rule is only applied to Virtual Server and DMZ Host Default Actio
18. 1 30 Method a a Encryption DES Prefer MODP 1024 group2 Security Plan Forward Security VPN Account PPTP and L2TP server share the same account database set in VPN Account page Jo wa aj VPN Account VPN Account applied to PPTP Server and L2TP Server Parameters Name Tunnel Enable Disable Username Password Connection Type Remote Access O LAN to LAN Peer Network IP Peer Netmask Add Name A user defined name for the connection Tunnel Select Enable to activate the account PPTP2TP server is waiting for the client to connect to this account Username Please input the username for this account Password Please input the password for this account Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Peer Network IP Please input the subnet IP for remote network Peer Netmask Please input the Netmask for remote network PPTP The Point to Point Tunneling Protocol PPTP is a Layer2 tunneling protocol for implementing virtual private networks through IP network PPTP uses an enhanced GRE Generic Routing Encapsulation mechanism to provide a flow and congestion controlled encapsulated datagram service for carrying PPP packets In the Microsoft implementation the tunneled PPP traffic can be authenticated with PAP CHAP Microsoft CHAP V1 V2 or EAP TLS The PPP payload is encrypted using Microsoft Point to Point Encryption MPPE when using MSCHAPv1 v2 or EAP TLS
19. Address Parent Controls Selected DNS Server Interfaces Available WAN Interfaces pppo 1 3G0 USB3G0 Primary DNS server Secondary DNS server Note that selecting a WAN interface for IPv6 DNS server will enable DHCPv6 Client on that interface DNS Server Interface Available WAN Interfaces Static DNS IPv6 Address WAN Interface selected pppoe_ethO ppp0 1 Primary IPv6 DNS server Secondary IPv6 DNS server 65 Default Gateway Select default gateway for you connection IPv4 and IPv6 DNS IPv4 Three ways to set an IPv4 DNS server i Available WAN interfaces Select a desirable WAN interface as the IPv4 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses i Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 Obtain IPv6 DNS info from a WAN interface WAN Interface selected Select one configured IPv6 WAN connection from the menu to be as an IPv6 DNS Static DNS IPv6 Address Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv6 DNS Server address If you don t need the service select the item you want to remove check the checkbox then press Remove it will be OK Press Edit button to re edit this servic
20. And the log policy can be configured in Configure Log section Jan 1 00 00 10 daemon warn kernel bcemPktDma_bind FAP Driver binding successfull Jan 1 00 00 10 daemon warn kernel FAP0 DSPRAM stack lt 0x80000000 gt lt 1536 gt global lt 0x80000600 gt lt 3960 gt free lt 2696 gt total lt 8192 gt Jan 1 00 00 10 daemon warn kernel FAP1 DSPRAM stack lt 0x80000000 gt lt 1536 gt global lt 0x80000600 gt lt 3960 gt free lt 2696 gt total lt 8192 gt Jan 1 00 00 10 daemon warn kernel FAP0 PSM addr lt 0x80002000 gt used lt 23436 gt free lt 1140 gt total lt 24576 gt Jan 1 00 00 10 daemon warn kernel FAP1 PSM addr lt 0x80002000 gt used lt 23436 gt free lt 1140 gt total lt 24576 gt Jan 1 00 00 10 daemon warn kernel FAP0 DQM availableMemory 14652 bytes nextByteAddress 0xE0004948 Jan 1 00 00 10 daemon warn kernel FAP1 DQM availableMemory 14652 bytes nextByteAddress 0xE0004948 Jan 1 00 00 10 daemon warn kernel FAPO GSO Buffer set to OxASEOO000 Jan 1 00 00 10 daemon warn kernel FAP1 GSO Buffer set to OxASFOO000 Jan 1 00 00 10 daemon warn kernel FAPO FAP BPM Initialized Refresh Click to update the system log Clear Click to clear the current log from the screen 32 security Log Security log displays the message logged about security like filter messages and some firewall message You can turn to IP Filtering Outgoing IP Filtering Incoming URL Filter to determine if y
21. Cancel Log Enable or disable this function Log level Select your log level The log level allows you to configure which types of events are logged There are eight log levels from high to low are displayed below Emergency system is unusable Alert action must be taken immediately i Critical critical conditions i Error error conditions i Warning warning conditions i Notice normal but significant conditions i Informational information events Debugging debug level messages The gateway records all log events at the chosen level and above For instance if you set the log level to Critical all critical alert and emergency events are logged but none of the others are recorded Display Level Display the log according to the level you set when you view system log Once you set the display level the logs of the same or higher priority will be displayed Mode Select the mode the system log adopted Three modes local Remote and Both Local Select this mode to store the logs in the router s local memory i Remote Select this mode to send the log information to a remote log server Then you must assign the remote log server and port 514 is often used Both Logs stored adopting above two ways 76 Click Apply to save your settings USB Storage here refers to network sharing in the network environment USB devices act as the storage carrier for DLNA common file sharing Storage Device Info This pa
22. Missing line filters or line filters installed the rong way around can cause problems with your ADSL connection including causing frequent disconnections If you have a back to base alarm system you should contact your security provider for a technician to make any necessary changes 167 Problem with LAN interface Suggested Action Cannot PING any PC on LAN Check the Ethernet LEDs on the front panel The LED should be on for the port that has a PC connected If it does not lit check to see if the cable between your router and the PC is properly connected Make sure you have first uninstalled your firewall program before troubleshooting Verify that the IP address and the subnet mask are consistent for both the router and the workstations www telewell fi MAC OS is a registered Trademark of Apple Computer Inc Windows 8 7 98 Windows NT Windows 2000 Windows Me Windows XP and Windows Vista are registered Trademarks of Microsoft Corporation 168 Declaration of Conformity in accordance with the Radio and Telecommunications Terminal Equipment Act FTEG and Directive 1999 5 EC R amp TTE Directive The Manufacturer TeleWell Oy Kinnarinkatu 1 04430 J rvenp FINLAND declares that the product TW EAV510v2 AC ADSL2 VDSL2 complies with the essential of 3 and the other relevant provisions of the FTEG Article 3 of the R amp TTE Directive when used for its intended purpose Harmonised standards Healt
23. NAT Enable IPv4 Address Static IP Address Dial on demand Enable Inactivity Timeout minutes 1 4320 IPv6 for this service Enable IPv6 Address Static IP Address MTU 1492 PPPoE with Pass through Enable IGMP Multicast Proxy Enable MLD Multicast Proxy Enable Next Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 owest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Username Enter the account obtained from the ISP Password Enter the password obtained from the ISP Service Name The item is for identification purpose user can define it yourselfe Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disa
24. Service Interface Remove Edit Add Remove Click Add to register a WAN interface with the exact DNS 4 i Advanced Setup AG qj Dynamic DNS Parameters Dynamic DNS Server www dyndns org custom Host Name Username Password Selected WAN Interface Available WAN Interfaces ppp oe 0 8 35 p ppd 1 Ms ar 3G0 USB3G0 Select DDNS Server Interface from available WAN interfaces DDNS Server interface can have multiple WAN interfaces served as system DDNS server but only one will be used according to the priority with the first being the higest and the last one the lowest priority if the WAN interface is connected You will first need to register and establish an account with the Dynamic DNS provider using their website for example http www dyndns org Dynamic DNS Server Select the DDNS service you have established an account with Host Name Username and Password Enter your registered domain name and your username and password for this service Selected WAN Interface Select the Interface that is bound to the registered Domain name User can register different DDNS to different interfaces Examples Note first users have to go to the Dynamic DNS registration service provider to register an account User test register two Dynamic Domain Names in DDNS provider http www dyndns ord 1 pppoe 0 8 35 with DDNS www hometest com using username password test test 147 P Advanced Setup g aj Dynamic DNS
25. Set DSCP Marking When select Set DSCP Marking the packets matching the rule will be forwarded according to the pre set DSCP marking Ratio The rate percent of each application policy compared to total traffic on the interface with limited rate type For example we want to only allow 20 of the total data for the LAN to WAN direction to be used for FTP server Then we can specify here with data ratio 20 If you have ADSL LINE with 256K bps rate the estimated data rate in kbps for this rule is 20 256 0 9 46kbps For 0 9 is an estimated factor for the effective data transfer rate for an ADSL LINE from LAN to WAN For WAN to LAN it is 0 85 to 0 8 Priority Set the priority given to each policy application Specify the priority for the use of bandwidth You can specify which application can have higher priority to acquire the bandwidth Its default setting is set to Normal You may adjust this setting to fit your policy application Internal IP Address The IP address values for Local LAN devices you want to give control Internal Port The Port number on the LAN side it is used to identify an application External IP Address The IP address on remote WAN side External Port The Port number on the remote WAN side Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you
26. Set up a dial up connection Connect to the Internet using a dial up connection 134 select Use my Internet connection VPN and press Next 3 Cor a act to Workplace How do you want to connect gt Use my Internet connection VPN Connect using a virtual private network VPN connection through the Internet xu gt Dial directly Connect directly to a phone number without going through the Internet w ie What is a VPN connection Type the Internet address to connect to Your network administrator can give you this address Internet address Example Contoso com or 157 54 0 1 or 3ffe 1234 1111 Destination name VPN Connection Use a smart card a Allow other people to use this connection This option allows anyone with access to this computer to use this connection Don t connect now just set it up so I can connect later 135 Type the Internet address to connect to Your network administrator can give you this address Internet address 172 16 1 185 Destination name L2TP_IPSec Use a smart card This option allows anyone with access to this computer to use this connection Don t connect now just set it up so I can connect later Input the account user name and password and press Create Pp Ff Type your user name and password User name Password Domain optional Type your user name and password User name testl Password Domain
27. Specify the remote IPv6 address The remote relay is used to unwrap capsulated IPv6 packets into IPv4 packets and do the NAT before sending them to the IPv4 network Security IP Filtering Outgoing IP filtering enables you to configure your router to block specified internal external users IP address from Internet access or you can disable specific service requests Port number to from Internet The relationship among all filters is or operation which means that the router checks these different filter rules one by one starting from the first rule As long as one of the rules is satisfied the specified action will be taken Outbound IP Filtering by default is set to forward all outgoing traffic from LAN to go through the router but user can set rules to block the specific outgoing traffic Note The maximum number of entries 32 88 i Configuration AS a IP Filtering Outgoing IP Filtering Setup maximum entries can be configured 32 Source IP address Source Port f Filter Name IP Version Protocol rra Log Disable Remove Edit Destination IP address Destination Port Click Add button to enter the exact rule setting page i Configuration N AS aj Outgoing IP Filtering Setup Parameters Filter Name lt lt type or selectfrom listbox IP Version IPv4 Protocol TCP UDP Protocol Number 0 254 Source IP address Source Port port or port port Destination IP address Destination Por
28. Type Randomly Generate Statically Configure Prefix Preferred Life Time 1 Valid Life Time 1 MLD Snooping Enable O Standard Mode Blocking Mode Group Name Here group refers to the group you set in Interface Grouping section you can set the parameters for the specific group Select the group by the drop down box For more information please refer to Interface Grouping of this manual Static LAN IPv6 Address Configuration Interface Address Prefix Length Enter the static LAN IPv6 address IPv6 LAN application DHCPv6 Server Check whether to enable DHCPv6 server DHCPv6 Server Type Select Stateless or Stateful When DHCPv6 is enabled this parameter is available Stateless If selected the PCs in LAN are configured through RA mode thus the PCs in LAN are configured through RA mode to obtain the prefix message and generate an address using a combination of locally available information MAC address and information prefix advertised by routers but they can obtain such information like DNS from DHCPv6 Server Stateful if selected the PCs in LAN will be configured like in IPv4 mode thus obtain addresses and DNS information from DHCPV 6 server Start interface ID Enter the start interface ID The IPv6 address composed of two parts thus the prefix and the interface ID Interface is like the Host ID compared to IPv4 End interface ID Enter the end interface ID Note Interface ID does NOT support ZERO COMPRESSION
29. all frames sent Virtual AP A Virtual Access Point is a logical entity that exists within a physical Access Point AP When a single physical AP supports multiple Virtual APs each Virtual AP appears to stations STAs to be an independent physical AP even though only a single physical AP is present For example multiple Virtual APs might exist within a single physical AP each advertising a distinct SSID and capability set Alternatively multiple Virtual APs might advertise the same SSID but a different capability set allowing access to be provided via Web Portal WEP and WPA simultaneously Where APs are shared by multiple providers Virtual APs provide each provider with separate authentication and accounting data for their users as well as diagnostic information without sharing sensitive management traffic or data between providers You can enable the virtual AP Web Based GUI It supports web based GUI for configuration and management It is user friendly and comes with online help It also supports remote management capability for remote users to configure and manage this product Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI Features ADSL Triple WAN ports for 3G 4G LTE ADSL2 VDSL2 10 100Mb 1000Mb Ethernet WAN EWAN for broadband connectivity 1000 100 10 Mb WAN and LAN Fibre FT TC FTTP FTTH ready with high WAN throughput IPv6 ready IPv4 IPv6 dual sta
30. and IPv 6 60 IP over Ethernet i Configuration YWAN Service Parameters Type IP over Ethernet VPI VCI 0 0 255 33 32 65535 Encapsulation Mode LLC SNAP BRIDGING Description ipoe 0 0 33 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Obtain an IP address automatically f Enable Option 60 Vendor ID Option 61 Client ID Option 125 Disable Enable WAN IP Address WAN Subnet Mask WAN gateway IP Address Obtain DNS Use WAN Interface Use Static DNS Parent Controls Primary DNS 195 197 54 100 Secondary DNS 195 74 0 47 IPv6 for this service Enable NAT TA Enable Fullcone NAT Enable Firewall Enable IGMP Multicast Enable MTU 1500 MAC Spoofing Apply VCI VPI Enter the VCI VPI combination from you ISP Encapsulation Mode Select the encapsulation mode LLC SNAP BRIDGING or VC MUX Description User defined description for the connection commonly for friendly use Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode 802 1P Priority The parameter indicates the frame priority level from 0 owest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Here two modes are supported
31. and the right way around Missing line filters or line filters installed the wrong way 9 around can cause problems with your ADSL connection including causing frequent disconnections If you have a back to base alarm system you should contact your security provider for a technician to make any necessary changes Chapter 2 Basic Installation The router can be configured through your web browser A web browser is included as a standard application in the following operating systems Linux Mac OS Windows 8 7 98 NT 2000 XP Me Vista etc The product provides an easy and user friendly interface for configuration Please check your PC network components The TCP IP protocol stack and Ethernet network adapter must be installed If not please refer to your Windows related or other operating system manuals There are ways to connect the router either through an external repeater hub or connect directly to your PCs However make sure that your PCs have an Ethernet interface installed properly prior to connecting the router device You ought to configure your PCs to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router The default IP address of the router is 192 168 0 254 and the subnet mask is 255 255 255 0 i e any attached PC must be in the same subnet and have an IP address in the range of 192 168 0 1 to 192 168 0 253 The best and easiest way is to configure the PC to get an I
32. can select for this connection Phone line pair This is for reserved only You can choose Inner Pair or Outer Pair Capability There are 2 options Bitswap Enable and SRA Enable that user can select for this connection Bitswap Enable Allows bitswaping function SRA Enable Allows seamless rate adaptation PhyR A new technology to control impulse and noise to improve the BER and DSL data quality Click Apply to confirm the settings Advanced Settings Click Advanced Settings to future configure DSL 4 Configuration y aw amp DSL Advanced Settings Parameters Test Mode Normal Reverb O Medley O No Retrain OL3 Select the Test Mode or leave it as default Tone Selection This should be left as default or be configured by an advanced user The frequency band of ADSL is split up into 256 separate tones each spaced 4 3125 kHz apart With each tone carrying separate data the technique operates as if 256 separate modems were running in parallel The tone range is from 0 to 31 for upstream and from 32 to 255 for downstream 71 SNR Signal to noise ratio often abbreviated SNR or S N is a measure used in science and engineering that compares the level of a desired signal to the level of background noise It is defined as the ratio of signal power to the noise power f A a SNR Parameters This field can be adjusted to affect the SNR value so as to achieve the highest possible sync speed Not
33. can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon indicating the rule is inactive See Time Schedule 99 Examples Common usage j F H o B ad gi a t j Sia wai 2i f VoIP D gt fs i fo kz T t mm ae po HTTP web Normal PCs browsing users Restricted PC Give outgoing VoIP traffic more priority The default queue priority is normal so if you have VoIP users in your local network you can set a higher priority to the outgoing VoIP traffic i Configuration a gt g Quality of Service Non Assigned Bandwidth Ratio gt Upstream LAN to WAN 100 Downstream WAN to LAN 100 IP Version IPv4 Application Voip is type or selectfrom listbox Direction LAN to WAN Protocol Any w DSCP Marking EF 101110 Rate Type Prio ritization i v Ratio f Priority High w Internal IP Address 5 Internal Port External IP Address External Port Time Schedule timeslot Osun Mon Mtue Mwea Mthu Merri Csat From o0 w 00 Tol 09 v 19 w Give regular web http access a limited rate 100 Configuration VAS aj Quality of Service Non Assigned Bandwidth Rat
34. connectivity Source Address Select or set the source address to test the connectivity from the source to the destination Ping Test Press this button to proceed ping test Trace route Test to trace the route to see how many hops also see the exact hops the packet of data has to take to get to the destination Destination Host Set the destination host IP domain name to be traced Source Address Select or set the source address to trace the route from the source to the destination Max TTL value Set the max Time to live TTL value Wait time Set waiting time for each response in seconds Example Ping www google com i Advanced Setup i XE ij Diagnostics Tools Ping Test Destination Host www google com Source Address Interface pppoe_0 8 35 ppp01 IP Address Ping Test Trace route Test Destination Host Source Address interface IP Address Max TTL value 16 2 30 Wait time 3 seconds 2 999 Trace route Test 163 http 192 168 1 254 ping htm hE ping Ping www google com Ping Result Successful Example trace www google com Advanced Setup N WAS aj Diagnostics Tools Ping Test Destination Host Source Address Interface v IP Address Ping Test Trace route Test Destination Host www google com Source Address Interface pppoe_0_8 35 ppp0 1 IP Address Max TTL value 16 2 30 Wait time 3 seconds 2 999 Trace route Test Push Service
35. description for the connection Username Enter the account obtained from the ISP Password Enter the password obtained from the ISP Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules VC MUX M Enable Enable minutes 1 4320 Enable NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used 59 Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Note In this connection NAT is enabled by default you can determine whether to enable Fullcone NAT or disable Fullcone NAT and only use NAT the default NAT type is Port Restricted cone NAT With Port Restricted cone NA
36. fails Once alter message is received Router will drop this tunnel connection Reestablish of this connection is required Default setting is 0 0 0 0 which disables the function Interval This sets the time interval between Pings to the IP function to monitor the connection status Default interval setting is 10 seconds Time interval can be set from 0 to 3600 second 0 second disables the function IPSec for L2TP u ven ia IPSec IPSec Settings L2TP over IPSec Enable Connection Name WAN Interface Default v IP Version IPy4 Remote Security Gateway C Anonymous Key Exchange Method IKE IPsec Protocol ESP Pre Shared Key Encryption Algorithm 3DES N eded MDS DH Group None w IPSec Lifetime 60 Minute s 60 1440 Apply Connection Name A given name for the connection but it should contain no spaces e g connection to office WAN Interface Select the set interface for the IPSec tunnel Remote Security Gateway Input the IP of remote security gateway Key Exchange Method Displays key exchange method Pre Shared Key This is for the Internet Key Exchange IKE protocol a string from 4 to 128 characters Both sides should use the same key IKE is used to establish a shared security policy and authenticated keys for services Such as IPSec that require a key Before any IPSec traffic can be passed each router must be able to verify the identity of its peer This can be done by manually entering the pre sha
37. for this service Enable to use IPv6 service IPv6 Address Select whether to set static IPv6 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface PPPoE with Pass through Enable or disable PPPoE pass through If it is enabled PCs behind the router can dial itself IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from Clients and set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication MLD Multicast Proxy check whether to enable this function MLD Multicast Listener Discovery Protocol Proxy intercepts the MLD request from Clients a set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication Support MLDv1 and MLDv2 Click Next to continue to set the default gateway and DNS for IPv4 and IPv6 f Configuration A a aj Default Gateway DNS Default Gateway Selected Default Gateway Interfaces Available Routed WAN Interfaces pppo 4 3G0 USB3G0 Selected WAN Interface As The System Default IPv6 Gateway pppoe_ethO ppp0 1 DNS DNS Server Interface Available WAN Interfaces Static DNS
38. for users to deal with the IP and DNS You can select obtain automatically or manually input the information according to your ISP Obtain an IP address automatically Check whether to enable this function Option 60 Vendor ID Enter the associated information by your ISP This option is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client The information is a string of n octets interpreted by servers Vendors may choose to define specific vendor class identifiers to convey particular configuration or other identification information about a client Option 61 Client ID Enter the associated information provided by your ISP Option 125 Option 125 is a complementary standard of DHCP protocol it is used to encapsulate option 125 message into DHCP offer packet before forward it to clients After the clients receive the packet it check the option 125 field in the packet with the prestored message if it is matched then the client accepts this offer otherwise it will be abandoned Check Enable or Disable this function Default setting is Disable WAN IP Address Enter your IPv4 address to the device provided by your ISP WAN Subnet Mask Enter your submask to the device provided by your ISP WAN gateway IP Address Enter your gateway IP address to the device provided by your ISP 61 Obtain DNS Use WAN interfaces Select a desirable WAN interface as the IPv6 DNS server Use Static DNS To specify DNS serv
39. gt Channe gt gt Authentication gt gt Encryption gt gt Network Type gt gt Transmit IP Address gt gt Link Speed gt gt Sub Mask gt gt Throughput gt gt Default Gateway gt gt Receive HT Link Speed gt gt BW gt gt n a SNRO gt gt n a Through gt gt GI gt gt n a MCS gt gt n a SNR1 gt gt n a oanp Signal Strength 1 gt gt 0 Signal Strength 2 gt gt 0 Noise Strength gt gt 0 The client s SSID and security settings will now be configured to match the SSID and security settings of the registrar wer P Ti Profile Network Advanced Statistics WMM WPS AP List ID 11 00 04 ED 01 00 01 ID vian ap 00 04 ED EC FF D0 4 m oni WPS Profile List le vian ap m PIN Get WPS profile successfully a WPS Associate IE a WPS Probe IE wilan ap lt gt 00 04 ED EC FF D0 Link is Up TxPower 100 1 lt gt 2412 MHz central channel 3 Open NONE Infrastructure 192 168 1 100 255 255 255 0 192 168 1 254 Status gt gt Extra Info gt gt Channel gt gt Authentication gt gt Encryption gt gt Network Type gt gt IP Address gt gt Sub Mask gt gt Default Gateway gt gt Transmit Receive HT WPS 4 vr A om Radio On Off About Rescan Information Pin Code 16837546 Renew Config Mode Enrolee j Rotate Disconnect Export Profile a Signal Strength 1 gt gt 64 Nois
40. i Single Address The IP address of the local host for establishing an IPSec connection between a security gateway and a host network to host Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network IP Address The local network address Netmask The local network netmask Remote Secure Gateway The IP address of the remote VPN device that is connected and establishes a VPN tunnel Anonymous Enable any IP to connect in Remote Network Set the IP address or subnet of the remote network Single Address The IP address of the local host for establishing an IPSec connection between a security gateway and a host network to host If the remote peer is a host select Single Address i Subnet The subnet of the local network for establishing an IPSec tunnel between a pair of security gateways network to network If the remote peer is a network select Subnet Key Exchange Method Displays key exchange method Pre Shared Key This is for the Internet Key Exchange IKE protocol a string from 4 to 128 characters Both sides should use the same key IKE is used to establish a shared security policy and authenticated keys for services such as IPSec that require a key Before any IPSec traffic can be passed each router must be able to verify the identity of its peer This can be done by manually 112 entering the pre shared key into both sides router or hosts
41. known as Mac Trace Route are Multicast frames that a MEP transmits to track the path hop by hop to a destination MEP which is similar in concept to User Datagram Protocol UDP Trace Route Each receiving MEP sends a Trace route Reply directly to the Originating MEP and regenerates the Trace Route Message Loop back Loop back messages otherwise known as Mac ping are Unicast frames that a MEP transmits they are similar in concept to an Internet Control Message Protocol ICMP Echo Ping messages sending Loopback to successive MIPs can determine the location of a fault Sending a high volume of Loopback Messages can test bandwidth reliability or jitter of a service which is similar to flood ping A MEP can send a Loopback to any MEP or MIP in the service Unlike CCMs Loop back messages are administratively initiated and stopped Restart J Restart This section lets you restart your router if necessary Click in the low right corner of each configuration page Configuration XE ij Restart After restarting Please wait for several seconds to let the system come up ue Factory Default Settings Restart device with Restart Current Settings lf you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings Or you just want to restart after the current
42. management software running in the device accepts the message from the manager Reads or Writes the management variable in MIB accordingly and then generates Response message to send it to the manager Also agent will send Trap message to the manager when agent finds some exceptions 158 Trap message is the message automatically sent by the managed device without request to the manager about the emergency events f Advanced Setup n kj Y SNMP Agent Parameters SNMP Agent O Enable Disable Read Community Set Community System Name System Location System Contact Trap Manager IP Cancel SNMP Agent enable or disable SNMP Agent Read Community Type the Get Community which is the authentication for the incoming Get and GetNext requests from the management station Set Community Type the Set Community which is the authentication for incoming Set requests from the management station System Name here it refers to your router System Location user defined location System Contact user defined contact message Trap manager IP enter the IP address of the server receiving the trap sent by SNMP agent TR 069 Client TR 069 short for Technical Report 069 is a DSL Forum which was later renamed as Broadband Forum technical specification entitled CPE WAN Management Protocol CWMP It defines an application layer protocol for remote management of end user devices As a bidirectional SOAP HTTP based protocol
43. manufacturer and model of your printer If your printer came with an installation disk click Have Disk If your printer is not listed consult your printer documentation for a compatible printer Printers EPSON Stylus Photo R290 Series This driver is digitally signed Tell me driver signing is im Step 7 Click Next You ve successfully added OfficePrinter on http 192 168 1 254 631 Printer name OfficePrinter on http 192 168 1 254 631 This printer has been installed with the EPSON Stylus Photo R290 Series driver 84 Step 8 Click Next and you are done Ww Add Printer You ve successfully added OfficePrinter on http 192 168 1 254 631 To check if your printer is working properly or to see troubleshooting information for the printer print a test page PTT foccececccococccccoccccccccccecececececocececocosececesececeseceso Finish Cancel You will now be able to see your printer on the Devices and Printers Page r Je co gt Control Panel Hardware and Sound Devices and Printers gt v 4 Search Devices and Printers p O u Add a device Add a printer 4 Devices 3 7 Generic Non PnP WAREHOUSE PC Wheel Mouse Monitor Optical 4 Printers and Faxes 1 P OfficePrinter on http 192 168 1 2 54 631 7 Aitems SI ot DLNA The Digital Living Network Alliance DLNA is a non profit collabora
44. packets over the interface Out Packets Number of transmitted packets over the interface In OAM Cells Number of OAM cells received Out OAM Cells Number of OAM cells transmitted In ASM Cells Number of ASM cells received Out ASM Cells Number of ASM cells transmitted In Packet Errors Number of received packets with errors In Cell Errors Number of received cells with errors Reset Click to reset the statistics 29 i aaceaell B of bytes in Mux Data Frame 244 81 ppoe j l T Mux Data Frames over sync bytes 4 1 R of check bytes in FEC Data Frame 0 0 S ratio of FEC over PMD Data Frame length 0 2853 1 9939 L of bits in PMD Data Frame 6869 329 D interleaver depth 1 Delay msec Ci 0 49 INP DMT symbol 0 0 0 o o oo oo 2 5 M D Mode Modulation protocol including G dmt G lite T1 413 ADSL2 AnnexL ADSL2 and AnnexM Traffic Type Transfer mode here supports ATM and PTM Status Show the status of DSL link Link Power State Show link output power state Line Coding Trellis Trellis on off 34 SNR Margin dB Show the Signal to Noise Ratio SNR margin Attenuation dB This is estimate of average loop attenuation of signal Output Power dBm Show the output power Attainable Rate Kbps The sync rate you would obtain Rate Kbps Show the downstream and upstream rate in Kbps MSGc of bytes in overhead channel message
45. password New Password Enter the new password Confirm Password Enter again the new password to confirm Note By default the accounts of Remote and Local are disabled please click Valid check box to activate the accounts 74 i Configuration Xe Tj Access Control Parameters Level Remote v valid Username support Old Password maximum length is 15 New Password maximum length is 15 Confirm Password maximum length is 15 Apply Cancel Click Apply to apply your new settings Mail Alert Mail alert is designed to keep system administrator or other relevant personnel alerted of any unexpected events that might have occurred to the network computers or server for monitoring efficiency With this alert system appropriate solutions may be tackled to fix problems that may have arisen so that the server can be properly maintained i Configuration Ti ay Mail Alert Server Information WAN Port DSL M Apply all the settings to C Ethernet Ll 3G LTE SMTP Server Username Password Senders E mail Must be xx yyy zzz SSL C Enable Port Account Test WAN IP Change Alert Recipients E mail Must be xx yyy zzz WAN Port Mail Alert feature can be applicable to every WAN mode Ethernet DSL and 3G LTE Select the port you want to use Mail Alert For example DSL then when the WAN connection is in DSL mode and when there is anyunexpected event the alert message will be sent to your specifie
46. prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 68 C 3G LTE Select 3G 4G LTE to configure the route to enjoy the mobility By default the 3G 4G LTE interface is on user can edit the parameters to meet your own requirements Configuration WAN Service ATM Interface Interface Description Type VPI VCI Vilan8021p VianMuxid lamp NAT Firewall IPv6 Mid Remove Edit pppo 1 pppoe_0 8 35 PPPoE 8 35 N A N A Disabled Enabled Enabled Enabled Disabled d 3G LTE Interface Interface Description TEL No APN Username NAT Firewall Failover Edit USB3G0 99 1 internet Enabled Enabled Enabled Click Edit button to enter the 3G LTE configuration page Y WAN Service Parameters Failover Enable Mode Use 3G LTE dongle settings w TEL No 99F APN internet Username Password Authentication Method AUTO y PIN Dial on demand Enable Keep Alive v Enable 7 seconds 1 86400 IP Address 8 8 8 8 NAT Y Enable Firewall v Enable MTU 1500 Selected Default Gateway Interfaces Available Routed WAN Interfaces atm0 1 atm1 1 uso0 gt atm2 2 ptm0 1 a Obtain DNS Use WAN Interface Use Static DNS Parent Controls Selected DNS Server Interfaces Available WAN Interfaces atm0 1 atm1 1 usb0
47. the folder public Windows Security J eS Enter Network Password Enter your password to connect to 192 168 1 254 St C Domain WIN7 64 Remember my credentials x Access is denied Jeb gt Network 192 168 1 254 public Search public File Edit View Tools Help Organize v New folder w Favorites Name Date modified Type do usbl_1_share 1 4 2013 10 40 AM File folder iw Libraries E Documents d Music E Pictures E Videos jE Computer amp Local Disk C ca Local Disk D Local Disk E ca Local Disk F tu Network 1 item Offline status Online Offline availability Not available lt When successfully accessed the private folder of each user is established and user can see from the following picture The test fold in the picture is the private space for ach user File Edit View Tools Help v Organize v Network and Sharing Center View remote printers faaee A NE PENSE Name Type Comments S Recent Places public Share shared folders on each volume E Desktop J test Share Home Directory m Downloads ow Libraries E Documents d Music Pictures E Videos jE Computer amp Local Disk C Local Disk D ca Local Disk E cw Local Disk F ty Network 4 m r public 192 168 1 254 Offline availability Not available Share Offline status Online _ Print Server The Print Server feature allow
48. this product and all accessories outdoors Warning Do not use the router in high humidity or high temperatures Do not use the same power source for the router as other equipment Do not open or repair the case yourself If the router is too hot turn off the power immediately and have it repaired at a qualified service center Avoid using this product and all accessories outdoors Place the router on a stable surface Only use the power adapter that comes with the package Using a different voltage rating power adapter may damage the router Device Description The Front LEDs LED Status Red 1 Power Green Green Ethernet Port 1 4 Blinking 2 EWAN Green Wlan 2 4G 3 Wlan5G Green blinking Green blinking WPS 2 4G 4 WPS 5G Green Blinking 9 DSL Green Off _ Green 7 USB 2 USB 1 i Off Meaning Boot failure or in emergency mode system ready Transmission speed hitting Data being transmitted received Wireless connection established sending receiving data WPS configuration being in progress WPS process completed or WPS is off DSL synchronizing or waiting for DSL synchronizing Successfully connected to an ADSL VDSL DSLAM Sync DSL cable unplugged Obtaining IP failure Having obtained an IP address successfully Router in bridge mode or DSL connection not present USB activate on modem Flashing green Data is transmission Modem off or no device attached The Rear Ports E Sees so
49. value to negotiate and establish secure authentication Default is 60 minutes 3600 seconds A short time increases security by forcing the two parties to update the keys However every time when the VPN tunnel re negotiates access through the tunnel will be temporarily disconnected Ping for Keep Alive Select the operation methods None The default setting is None To this mode it will not detect the remote IPSec peer has been lost or not It only follows the policy of Disconnection time after no traffic which the remote IPSec will be disconnected after the time you set in this function DPD Dead peer detection DPD is a keeping alive mechanism that enables the router to be detected lively when the connection between the router and a remote IPSec peer has lost 113 Please be noted it must be enabled on the both sites 180 Second s 180 56400 Detection Interval The period cycle for dead peer detection The interval can be 180 86400 seconds Idle Timeout Auto disconnect the IPSec connection after trying several consecutive times Ping This mode will detect whether the remote IPSec peer has lost or not by pinging specify IP address Ping IP 0 0 0 0 NEVER 0 0 0 0 Interval 10 _ Second s 0 3600 0 NEVER Detection Interval Idle Timeout 5 Consecutive times 5 99 Ping IP Type the IP for ping operation It is able to IP Ping the remote PC with the specified IP address and alert when the connection
50. 1 254 Not NAP capable Wireless Network Connection 172 16 1 102 172 16 1 185 Example Configuring L2TP LAN to LAN VPN Connection The branch office establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Note Both office LAN networks must be in different subnets with the LAN LAN application 139 Head Office Branch Office Public IP Public IP 192 168 0 2544 69 121 3 69 121 1 33 192 168 1 254 Q a Router Router Encryption Data L2TP Server L2TP Client VPN Connection 192 168 1 0 24 192 168 0 0 24 L2TP VPN LAN to LAN Server side Head Office p a gt L2TP Server Parameters L2TP Enable ODisable WAN Interface IPSec Auth Type IP Addresses Assigned to Peer startfrom 192 168 110 Tunnel uthentication Secret Remote Host Name ll Local Host Name i VPN 7 IPSec IPSec Settings L2TP over IPSec Enable Connection Name WAN Interface Default v IP Version Remote Security Gateway 69 121 1 3 Cl Anonymous Key Exchange Method IKE IPsec Protocol ESP Pre Shared Key 123456 Integrity Encryption Algorithm 3DES v Algorithm MD5 DH Group MODP1024 DH2 IPSec Lifetime 60 Minutes 160 1440 Apply 140 Tunnel Mode Connections Active L2TP Connection Name Local Network Remote Network Remote Security Gateway Remove Edit
51. 23 1 1 2 to 123 1 1 4 assigned by ISP 123 1 1 2 is used as WAN IP address of the router 123 1 1 3 is used for WEB server and 123 1 1 4 is used for FTP server With One to One NAT the servers with private IP addresses can be accessed at the corresponding valid public IP addresses Port Triggering Port triggering is a way to automate port forwarding with outbound traffic on predetermined ports triggering ports incoming ports are dynamically forwarded to the initiating host while the outbound ports are in use Port triggering triggers can open an incoming port when a client on the local network makes an outgoing connection on a predetermined port or a range of ports f Configuration a ay Port Triggering Port Triggering Setup Trigger Open Application Port Range Port Range WAN Interface Remove Protocol Protocol Start End Start End Add Remove Click Add to add a port triggering rule 107 i Configuration N AS aj Port Triggering Parameters Interface pppoe_0_0_35 ppp0 1 w Application Custom Application v Custom Application Trigger Port Open Port Trigger Protocol Open Protocol Start End Start End 4 O a SRR Gue Gee C
52. 33 Client Side In Windows click Start gt Control Panel gt Network and Sharing Center Click Set up a new connection network Cie ye St All Control Panel Items Network and Sharing Center x Search Control Panel p Control Panel Home i View your basic network information and set up connections Change adapter settings u Jo bod See full map Change advanced sharing WIN7 64 Network 4 Internet settings This computer View your active networks Connect or disconnect Network 4 Access type Internet Work network Connections Local Area Connection Change your networking settings T Set up a new connection or network Set up a wireless broadband dial up ad hoc or VPN connection or set up a router or access point A Connect to a network Connect or reconnect to a wireless wired dial up or VPN network connection od Choose homegroup and sharing options Access files and printers located on other network computers or change sharing settings Troubleshoot problems Sap alco Diagnose and repair network problems or get troubleshooting information HomeGroup Internet Options Windows Firewall Click Connect to a workplace and press Next ie amp L Set Up eae a D or Netw as Choose a connection option Connect to the Internet Set up a wireless broadband or dial up connection to the Internet Du Set up a new network cag Configure a new router or access point fy
53. 5 255 255 0 While in IPv6 IPv6 address composes of two parts thus the prefix and the interface ID the prefix is like the net ID in IPv4 and the interface ID is like the host ID in IPv4 The prefix length is to identify the net ID in the address One IPv6 address 3FFE FFFF 0 CD30 0 0 0 0 64 the prefix is S3FFE FFFF 0 CD3 Interface Select an interface this route associated Gateway IP Address Enter the gateway IP address Metric Metric is a policy for router to commit router to determine the optimal route Enter one number greater than or equal to 0 Click Apply to apply this route and it will be listed in the route listing table In listing table you can remove the one you don t want by checking the checking box and press Remove button Policy Routing Here users can set a route for the host Source IP in a LAN interface to access outside through a specified Default Gateway or a WAN interface The following is the policy Routing listing table 144 scvancea Setup a gt g Policy Routing Parameters Policy Name Source IP LAN Port WAN Default Gateway Remove Remove Click Add to create a policy route Bf acvancea Setup Policy Routing Parameters Policy Name Physical LAN Port v Source IP Interface pppoe_0_0_35 ppp0 1 v Default Gateway Apply Cancel Policy Name User defined name Physical LAN Port Select the LAN port Source IP Enter the Host source IP Interface Select the WAN i
54. 55 A DTIM is countdown variable that informs clients of the next window for listening to broadcast and multicast messages When the AP has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM interval value AP clients hear the beacons and awaken to receive the broadcast and multicast messages The default is 1 Beacon Interval The amount of time between beacon transmissions in is milliseconds The default is 100ms and the acceptable is 1 65535 The beacon transmissions identify the presence of an access point Global Max Clients Here you have the option of setting the limit of the number of clients who can connect to your wireless network XPress Technology It has been designed to improve the wireless network efficiency Default is disabled Transmit Power select the transmitting power of your wireless signal WMM Wi Fi Multimedia you can choose to enable or disable this function which allows for priority of certain data over wireless network WMM No Acknowledgement Refers to the acknowledge policy at the MAC level Enabling WMM No Acknowledgement can result in more efficient throughput but higher error rates in noisy Radio Frequency RF environment WMM APSD Automatic Power Save Delivery Enable this to save power Station Info Here you can view information about the wireless clients f conticuration a Station Info Associated Stations MAC Address Associated Au
55. 6 tunnels are usually manually configured but they can be automated using protocols such as TSP to allow easy connection to a tunnel broker DS Lite DS Lite or Dual Stack Lite is designed to let an ISP omit the deployment of any IPv4 address to the customer s CPE Instead only global IPv6 addresses are provided Regular Dual Stack Lite deploys global addresses for both IPv4 and IPv6 The CPE distributes private IPv4 addresses for the LAN clients the same as a NAT device The subnet information is chosen by the customer identically to the NAT model However instead of performing the NAT itself the CPE encapsulates the IPv4 packet inside an IPv6 packet 87 i Configuration a 1e aj Pv4inIPv6 4in6 Tunnel Configuration Name WAN LAN Dynamic Remote IPv6 Address Remove Add Remove Click Add button to manually add the 4in6 rules Configuration Xe aj 4in6 Tunnel Configuration Parameters Tunnel Name Mechanism DS Lite v Associated WAN Interface v Associated LAN Interface LAN brO Remote IPv6 Address ropy cance Tunnel Name User defined tunnel name Mechanism It is the 4in6 tunnel operation technology Please select DS Lite Associated WAN Interface The applied WAN interface with the set tunnel and when there are packets from to the WAN interface the tunnel would be used to transport the packets Associated LAN Interface Specify the linked LAN interface with the tunnel Remote IPv6 Address
56. 73 192 168 1 103 pppo 1 o Age of Empires 2300 2400 TCP 2300 2400 192 168 1 103 ppp0 1 oO Age of Empires 2300 2400 UDP 2300 2400 192 168 1 103 pppd 1 o i Configuration Virt at Virtual Servers Setup Age of Empires 47624 47624 TCP 47624 47624 192 168 1 103 pppo 1 of go Age of Empires 6073 6073 TCP 6073 6073 192 168 1 103 ppp0 1 o Age of Empires 2300 2400 TCP 2300 2400 192 168 1103 pppo 1 g Age of Empires 2300 2400 UDP 2300 2400 192 168 1 103 pppo 1 gO 105 S Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove then press Remove it will be OK i Configuration ws amp Y Virtual Servers Virtual Servers Setup External Port Internal Port Server Name Protocol Server IP Address WAN Interface Disabled Remove Edit Stat End Stat End Age of Empires 47624 47624 TCP 47624 47624 192 168 1 103 pppo 1 o Age of Empires 6073 6073 TCP 6073 6073 192 168 1 103 ppp0 1 o Age of Empires 2300 2400 TCP 2300 2400 192 168 1 103 ppp0o 1 o Age of Empires 2300 2400 UDP 2300 2400 192 168 1 103 pppo 1 vi The DMZ Host is a local computer exposed to the Internet When setting a particular internal IP address as the DMZ Host all incoming packets will be checked by Firewall and NAT algorithms before being passed to the DMZ host when a packet received does not use a port number used by any other Virtual Server entries i Configuration
57. Configuration WAN Service ATM Interface Interface pppo 1 SG LTE Interface Interface USB3G0 Add Description pppoe_0 8 35 Description 9O 41F Type VPI VCI Vian8021p VianMuxid PPPoE 8 35 NWA NA TEL No APN Username internet lgmp NAT Disabled Enabled NAT Enabled Firewall Enabled Firewall Enabled T IPv6 Mid Remove Edit Enabled Disabled Edit Failover Edit Enabled Edit Here you can configure WAN Service if it is OK you can access the internet You can go to Status gt WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address PPPoA i Configuration YWAN Service Parameters Type VPI VCI Description Username Password Authentication Method NAT IPv4 Address Dial on demand Obtain DNS Primary DNS IPv6 for this service IPv6 Address Obtain IPv6 DNS Primary IPv6 DNS MTU IGMP Multicast Proxy Apply PPPoA 0 0 255 33 32 65535 AUTO Enable Static Enable Use WAN Interface Use Static DNS Enable Static Use WAN Interface Use Static DNS 1500 Enable Encapsulation Mode Firewall Fullcone NAT IP Address Inactivity Timeout Parent Controls Secondary DNS IP Address Secondary IPv6 DNS MLD Multicast Proxy VCI VPI Enter the VCI VPI combination from you ISP Encapsulation Mode Select the encapsulation mode LLC SNAP BRIDGING or VC MUX Description User defined
58. DM Gigabit Network Connection This connection uses the following items OM Client for Microsoft Networks E QoS Packet Scheduler B File and Printer Sharing for Microsoft Networks Intemet Protocol Version4 TCP IPv4 Internet Protocol Versiong TCP IPv6 Link Layer Topology Discovery Mapper 1 0 Driver Link Layer Topology Discovery Responder Description TCP IP version 6 The next genetion version of the internet protocol that provides communication across diverse interconnected networks In the TCP IPv6 properties window select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting Click OK again in the Local Area Connection Properties window to apply the new configuration Internet Protocol Version 6 TCP IPv6 Properties a Mie General You can get IPv6 settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IPv6 settings Obtain an IPv6 address automatically Use the following IPv6 address Obtain ONS server address automatically Use the following DNS server addresses Preferred DNS server Alternate DNS server Validate settings upon exit Factory Default Settings Before configuring your router you need to settings Web Interface Username and Password Three us
59. DSL USB1 USB2 LAN4 LAN3 LAN2 LAN1 POWER SWITCH Port Meaning 1 Power Switch Power ON OFF switch 2 Power Connect the supplied power adapter to this jack After the device is powered on press it 5 seconds or above to 3 RESET restore to factory default settings this is used when you cannot login to the router e g forgot the password USB 1 Connect the USB device Printer 3G 4G LTE USB modem to 4 USB 2 this port 5 WAN Connect Ethernet cable for WAN connections 6 Ethernet Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of the LAN1 4 four LAN ports when connecting to a PC or an office home network of 10Mbps 100Mbps T DSL Connect this port to the DSL network with the RJ 11 cable telephone provided Cabling One of the most common causes of problems is bad cabling or ADSL line s Make sure that all connected devices are turned on On the front panel of your router is a bank of LEDs Verify that the LAN Link and ADSL line LEDs are all lit If they are not verify if you are using the proper cables If the error persists you may have a hardware problem In this case you should contact technical support Make sure you have a line filter with all devices e g telephones fax machines analogue modems connected to the same telephone line and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed
60. Disabled i Station PIN f contcuration ti aj Security lf Hide Access Point enabled or Mac filter listis empty with allow chosen WPA2 will be disabled WPS Setup WPS Enable Current Disable Add Client Enter STAPIN Use AP PIN This feature is available only when WPA2 PSK or OPEN mode is configured PIN Help Authorized Station MAC E 8 A9 05 38 04 08 Help WPS AP Mode Configured v Setup AP 76229909 Help Manual Setup AP Select SSID wlan ap Network Authentication Open WEP Encryption Disa bled y Station MAC Note Users can alternatively input PIN from Enrollee Station or enter the authorized station MAC 48 Operate Station to start WPS Adding Enrollee Launch the wireless clients WPS utility Set the Config Mode as Enrollee press the WPS button on the top bar select the AP eg wlan ap from the WPS AP List column Then press the PIN button located on the middle left of the page to run the scan Ez Zz Z o 5 k lt B Profile Network Advanced Statistics WMM WPS Radio On Off About WPS AP List Rescan ID 0x0000 wian ap 00 04 ED EC FF D0 1 information ID oe ea 00 04 ED 00 00 01 1 X Pin Code 7 ttt 16837546 Renew WPS Profie List Config Mode Enrolee Y lt n p PIN WPS Associate IE Progress gt gt OX PBC fa WPS Probe IE WPS status is disconnected Disconnect a Status gt gt Disconnected Link Quality gt gt 0 Extra Info gt
61. H T gt gt gt gt gt gt gt gt gt gt F41 100010 ssured Forwarding Class1 F42 100100 Assured Forwarding Class1 M F43 100110 Assured Forwarding Class1 H S1 001000 Class Selector IP precedence 1 2 010000 Class Selector IP precedence 2 3 011000 Class Selector IP precedence 3 54 100000 lass Selector IP precedence 4 5 101000 lass Selector IP precedence 5 6 110000 lass Selector IP precedence 6 S 111000 lass Selector IP precedence 7 F33 011110 ssured Forwarding Class1 H O O OJO 98 DSCP offers three levels of service Class Selector CS Assured Forwarding AF and Expedited Forwarding EF AF1 AF2 AF3 and AF4 are four levels of assured forwarding services Each AF has three different packet loss priorities from high medium to low Also CS1 CS 7 indicates the IP precedence Rate Type You can choose Limited or Prioritization Limited Maximum Specify a limited data rate for this policy It also is the maximum rate for this policy When you choose Limited type the Ratio proportion As above FTP server example you may want to throttle the outgoing FTP speed to 20 of 256K and limit to it you may use this type i Prioritization Specify the rate type control for the rule to used If you choose Prioritization for the rule you parameter Priority would be available you can set the priority for this rule
62. HCP Server DHCP Server start IP Address End IP Address Leased Time hour Option 66 Use Routers setting as DNS Server Primary DNS server Secondary DNS server Static IP Lease List Host Label Add IP Alias IP Alias IP Address Subnet Mask Apply Cancel Parameters Group Name This refers to the group you set in Interface Default v 192 168 0 254 255 255 255 0 Enable Standard Mode Blocking Mode _ Enable Enable V 192 168 0 100 192 168 0 200 24 _ Enable MAC Address _ Enable IP address the IP address of the router Default is 192 168 0 254 Subnet Mask the default Subnet mask on the router IGMP Snooping Enable or disable the IGMP Snooping function Without IGMP snooping multicast traffic is treated in the same manner as broadcast traffic that is it is forwarded to all ports With IGMP snooping multicast traffic of a group is only forwarded to ports that have members of that group 34 When enabled you will see two modes Standard Mode In standard mode multicast traffic will flood to all bridge ports when no client subscribes to a multicast group Blocking Mode In blocking mode the multicast data will be blocked when there are no client subscribes to a multicast group it won t flood to the bridge ports LAN side firewall Enable to drop all traffic from the specified LAN group interface After activating it all incoming packets by default will be dropped and t
63. Interfaces Select from the box the WAN interface you want to applied in the group Grouped LAN Interfaces Select the LAN interfaces you want to group as a single group from Available LAN Interfaces Automatically Add Clients with following DHCP Vendor IDs Enter the DHCP Vendor IDs for which you want the Clients automatically added into the group DHCP vendor ID DHCP 60 is an Authentication for DHCP Messages Click Apply to confirm your settings and your added group will be listed in the Interface Grouping table below In group test P2 and PPPO 1 are grouped in one group they have their only network see LAN f configuration Interface Grouping Groups Isolation Enable L Apply Group Configuration Maximum number of entries can be configured 16 a gt g Group Name Remove WAN Interface LAN Interfaces DHCP Vendor IDs P4 EWAN P3 Default P1 wlan ap test O pppd 1 P2 Add Remove If you want to remove the group check the box as the following and press Remove f contiguration Interface Grouping Groups Isolation Enable a Apply Group Configuration Maximum number of entries can be configured 16 a gt g Group Name Remove WAN Interface LAN Interfaces DHCP Vendor IDs P4 EWAN P3 Default P1 wlan ap test pppo 1 P2 Add Remove Note If you like to automatically add LAN clients to a WAN Interface in the new group add the DHCP vendor ID string By configuring a DHCP vendor ID string
64. MAC Address Enter the remote bridge MAC addresses Here up to 4 bridge MAC addresses are supported Enabled Scan To enable wireless bridge restriction Only those scanned by the gateway can communicate Remote Bridge MAC Address select the remote bridge MAC addresses Disable Does not restrict the gateway communicating with bridges that have their MAC address listed but it is still open to communicate with all bridges that are in the same network Bridge Restrict Disable v Click Apply to apply your settings 52 Advanced Here users can set some advanced parameters about wireless i Configuration Advanced Parameters Band 2 4GHz Channel 1 w Current 1 interference severe scan Used Channel Auto Channel Timer 0 minutes 802 11n EWC Auto v Bandwidth 40MHz Current 20MHz Control Sideband Lower Current N A 802 11n Rate Auto v 802 11n Protection Auto w Support 802 11n Client Only Off v RIFS Advertisement Auto w OBSS Co Existance Enable w RX Chain Power Save Disable Power Save status Full Power ae RX Chain Power Save Quiet Time 10 RX Chain Power Save PPS 10 54q Rate 1 Mbps Multicast Rate Auto v Basic Rate Default v Fragmentation Threshold 2346 256 2346 RTS Threshold 2347 0 2347 DTIM Interval 1 1 255 Beacon Interval 100 1 65535 Global Max Clients 16 1 128 XPress Technology Disable v Transmit Power 100 iv WMM Wi Fi Multimedia Enable
65. N a eel ematical eee ce Aa eee eee 36 lneeriace Oe 0 amp 8 0 Oranien e te rrr fe rent ante Storer rv er fener ate ner PE rer ore frente a eee 39 Wireless Z2 4 GZ ait o GH Ziria aE EEA Abe aan tiie eater alanine tian E O 42 WAN WideArea Ni CW OE Ke sacacses setae asia ease ceca sae dagen sav cvsssescasisc vd gascscensscssesegacivss bs ac eshncsc esses stisesstet aaua aAa aN EEN PAA SS 56 NYAS I TERR re NAE eT mT EC E E EDEN eR RC Re eee ee T E E ea ee np r 72 HO TB sects cscs ces acerca once cre tee as cece couse ego nee ape ec ae es eee ceca ects ca cae ee peaaacsecs deca seesh staat cage gree e neces cee reteeee castes nace 77 al 80 Y Ge Pepe ony pS E PNT A rere ee eae 86 E SEE ate eee ceeds eaten ccm caesar ec csc wae ech ae ci A E E E E A eet aoe E ec eaten 88 GS SOUCY Ol SCV CO acca thaact oak cies ch sted a a cade eedee eel aved aad 97 DD occ tat ace etc detect ren cate ccc SE a hectare eee E entree regen 102 VEN iret assess ea E a A E E 111 Baty E T EENE T AE EE EEN E N AE E EE E E EE EE E E A E ee 111 VEAC OU aa E necareus ry caewc nea cuacaraersaranteoesnustaneae hareree genase 118 Advanced Senp sssaaa cae atte Nelle cette acces ety eg ES a AE aa Aaaa 143 ROUT a EENE EA EE E A E A A E EAE E A N 143 DN acces becca ceed Basen A a A pect eet oes ceeded peetaaeueae 146 TUE CA cashed at ce E rc a cee ac cee ene te 155 MOEN S522 cto aes face led heat ces ease ac cee seas ced een cence cds ace hee eo neue eta be ina bento teeeceeia ies 157 Manag
66. N to LAN 192 168 0 0 255 255 255 0 d Client Side Branch Office The client user can set up a tunnel connecting to the PPTP server and can also set the tunnel as the default route for all outgoing traffic ven ae T PPTP Client Parameters Name BO WAN Interface Default v Username test Password esos Auth Type MS CHAPv2 w PPTP Server Address 169 121 1 3 Connection Type O Remote Access LAN to LAN Time to Connect Always Manual Peer Network IP 192 168 1 0 Peer Netmask 255 255 255 0 Edit Enable pape Name ante PPTP ServerAddress Connection Type Peer Network IP Peer Netmask Delete P am BO Manual 69 121 1 3 LAN to LAN 192 168 1 0 255 255 255 0 C Note users can see the Default Gateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop L2TP The Layer 2 Tunneling Protocol 2TP is a Layer2 tunneling protocol for implementing virtual private networks L2TP does not provide confidentiality or strong authentication by itself IPsec is often used to secure L2TP packets by providing confidentiality authentication and integrity The combination of these two protocols is generally known as L2TP IPsec In L2TP section both pure L2TP and L2TP IPSec are supported Users can choose your preferable option for your own needs Note 4 sessions for Client and only one for
67. P Peer Netmask Tunnel Authentication C Secret Remote Host Name Local Host Name Edit Delete WAN Interface Select the exact WAN interface configured for the tunnel Select Default to use the now working WAN interface for the tunnel Under this circumstance client and server communicate through pure L2TP server Username Enter the username provided by your L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client L2TP Server Address Enter the IP address of the L2TP server Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Peer Network IP Please input the subnet IP for Server Peer Netmask Please input the Netmask for server Tunnel Authentication Select whether to enable L2TP tunnel authentication if the server side enables this feature please follow Secret Enter the set secret password in the server side Remote Host Name Enter the remote host name featuring the destination of the L2TP tunnel Local Ho
68. P Server Relay DHCP Server DHCP Server DHCP Server Relay 4 DHCP Serer IP Address DHCP Server IP Address Please enter the DHCP Server IP address 35 Static IP List The specified IP will be assigned to the corresponding MAC Address listed in the following table when DHCP Server assigns IP Addresses to Clients Static IP Lease List Host Label Add MAC Address IP Address Remove Edit Press Add to the Static IP List f contguration AS amp Static IP Parameters Host Label MAC Address IP Address Apply Cancel Enter the MAC Address IP Address and then click Apply to confirm your settings But the IP assigned should be outside the range of 192 168 0 100 192 168 0 199 IP Alias This function allows the creation of multiple virtual IP interfaces on this router It helps to connect two or more local networks to the ISP or remote node IP Alias IP Alias _ Enable IP Address Subnet Mask Cancel IP Alias Check whether to enable this function IP Address Specify an IP address on this virtual interface Subnet Mask Specify a subnet mask on this virtual interface Click Apply to apply your settings IPv6 Autoconfig The IPv6 address composes of two parts the prefix and the interface ID There are two ways to dynamically configure IPv6 address on hosts One is stateful configuration for example using DHCPv6 which resembles its counterpart DHCP in IPv4 In the stateful auto configu
69. P address automatically from the router using DHCP If you encounter any problem accessing the router web interface it is advisable to uninstall your firewall program on your PCs as they can cause problems accessing the IP address of the router Users should make their own decisions on what is best to protect their network Please follow the following steps to configure your PC network environment Any TCP IP capable workstation can be used to communicate with or through this router To configure other types of workstations please consult your manufacturer documentation Network Configuration Configuring a PC in Windows 7 Go to Start Click on Control Panel Then click on Network and Internet bodha OW EF gt Control Panel gt 4 Search Contro Pane p Adjust your computer s settings View by Category System and Security User Accounts a _ snes mi ne Safety 4 Review your computer s status By Add or remove user accour x Back up vour compute Gd Bp Se or any User Oct 3 YOU CO Pute Find and fix problems G Network and Internet View network status and tasks Choose homegroup and sharing options hes earance pen Personalization imien PERRA u a Clo cx Language and Region it methods j Adag a device Adjust commonly used mobility settings Ease of Acces Programs 7 gt Uninstall a program a 10 When the Network and Sharing Center window pops up select and click on Chang
70. Querier is Maximum Multicast Groups Enter the Maximum Multicast Groups Maximum Multicast Data Sources for IGMP v3 Enter the Maximum Multicast Data Sources 1 24 Maximum Multicast Group Members Enter the Maximum Multicast Group Members Fast leave Check to determine whether to support fast leave If this value is enabled IGMP proxy removes the membership of a group member immediately without sending an IGMP membership query on downstream This is very helpful if user wants fast channel group change changing in cases like IPTV environment LAN to LAN Intra LAN Multicast Check to determine whether to support LAN to LAN Intra LAN Multicast If user want to have a multicast data source on LAN side and he want to get IGMP snooping enabled then this LAN to LAN multicast feature should be enabled Membership Join Immediate IPTV When a host joins a multicast session it sends unsolicited join report to its upstream router immediately The Startup Query Interval has been set to 1 4 of the General Query value to enable the faster join at startup MLD Default Version Enter the supported MLD version 1 2 default is MLDv2 Query Interval Enter the periodic query interval time sec the multicast router sending the query message to hosts to understand the group membership information Query Response Interval Enter the response interval time sec Last Member Query Interval Enter the interval time sec the multicast router query the s
71. RD v Associated WAN Interface v Associated LAN Interface LAN brO Method Manual Automatic y4 Common Bit Length 6rd Prefix with Prefix Length Border Relay IPv4 Tunnel Name User defined name Mechanism Here only 6RD Associated WAN Interface The applied WAN interface with the set tunnel thus when there are packets from to the WAN interface the tunnel would be used to transport the packets Associated LAN Interface Set the linked LAN interface with the tunnel Method 6rd operation mechanism manually configured or automatically configured If manually please fill out the following 6rd parameters V4 Common Bit Length Specify the length of IPv4 address carried in IPv6 prefix for example O means to carry all the 32 bits of IPv4 address while 8 carries 24 bits of the IPv4 address 6rd Prefix with Prefix Length Enter the 6rd prefix and prefix length you uniquely designate to 6rd by the ISP The 6rd prefix and prefix length are to replace the standard 6to4 prefix 2002 16 by an IPv6 prefix that belongs to the ISP assigned Border Relay IPv4 Address The Pv4 address of the border relay The relay is used to unwrap capsulated IPv4 packets into IPv6 packets and send them to the IPv6 network IPv4inIPv6 4in6 refers to tunneling of IPv4 in IPv6 It is an inherent internet interoperation mechanism allowing IPv4 to be used in an IPv6 only network 4in6 uses tunneling to encapsulate IPv4 traffic over configured IPv6 tunnels 4in
72. Server respectively 129 L2TP Server In L2TP session users can set the bassic parameters authentication encyption peer address etc for L2TP Server and accounts in the page of VPN Account They both constitutes the complete L2TP Server settings I uw a L2TP Server Parameters L2TP Enable O Disable WAN Interface Default or IPSec Tunnel iPSec Auth Type Pap or Chap IP Addresses Assigned to Peer start from 192 168 1 0 Tunnel Authentication EE Secret Remote Host Name Local Host Name L2TP Select Enable to activate L2TP Server Disable to deactivate L2TP Server WAN Interface Select the exact WAN interface configured as source for the tunnel Select different interfaces you will decide whether to use L2TP over IPSec or the pure L2TP i L2TP over IPSec Select Default or IPSec Tunnel only when there is IPSec for L2TP rule in place i Pure L2TP Select Default there is no IPSec for L2TP in place or other interface to activate the pure L2TP Auth Type The authentication type Pap or Chap PaP Chap When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client IP Addresses Assigned to Peer 192 168 1 x please input the IP assigned range from 1 254 Tunnel Authentication Select whether to enable L2TP tunnel authentication Enable it if needed and set the same
73. T the restriction includes port numbers Specifically an external host can send a packet with source IP address X and source port P to the internal host only if the internal host had previously sent a packet to IP address X and port P IPv4 Address Select whether to set static IPv4 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address get from the ISP Dial on demand It is a parameter to let users to dial for connection to internet themselves It is useful when saving internet fees Inactivity Timeout The set Inactivity timeout period unit minutes It is combined use with Dial on Demand users should specify the concrete time interval for dial on demand Obtain DNS Available WAN interfaces Select a desirable WAN interface as the IPv4 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary IPv4 DNS Secondary IPv4 DNS Type the specific primary and secondary IPv4 DNS Server address IPv6 for this service Enable to use IPv6 service IPv6 Address Select whether to set static IPv6 address or obtain automatically IP Address If Static is ena
74. TW EAV510 AC v2 3G 4G LTE ADSL2 Fibre Broadband Router Wireless 802 11 b g n ac 2 4 GHz 5 GHz VPN User Manual Copyright TeleWell Oy Table of Contents Chapter Ets Introduction Reese eee ens ene oan a E some see a a nee nee ra aaae cS sar EOE 3 lntrod ction to VOUT Route soane aaa ad ated erates ose eae i 3 Features au A save siencas passatuacsuduavmanauwasuaccardadeucuauadusuddstacuus wanes a 5 Physical TI COT TCS isosceles each a a a ee ceva oasis ans eeb we edentedeaccnusaneee 7 Package Content Sienno a a a a 7 Device Descrip UON 8 Chapter 2 Basic Installaatio m siiis an a aaa eaaa aaa A 10 Network Conni ratio ienesis aaa a a aaa aa aaa a aaa 10 Factory Default Settin Sonni e a a Eaa aaa AE 16 Chapter 32 COMMOUE ACI ON aN Ea e S 19 SCAU Saioa a E E e eN E a e a cavdadducesiuds 20 SUMA eg Wr ceed cece E a AS 20 WAN Ssa R NA 21 BACT SCL CS ea a ee aye aaa al ir eiean ene a odie ain 22 BAU LVN AU ea E a a S 26 MEPE SEa WU i E EE AE a aS a E a a N eA 28 ROUTO gsc a E S an Nea 29 ARP arien O a a a A A 29 DHCP aane E E EE E E E nae AE ANE ara 30 MP Noonan E a ope Sosa gees cesses hee hceace erst casarur efeccactastase tacarctecnecueaeessosscees 30 Mi esa eee al atc sire E E ca A E ean eek Nae dott eerie teeta 32 OTP OETA U LO MMos teasers sets sever quesutstetainc E civiavanenaanaiaaeiiieatiertaial 33 LAN Bocal Arer NetWork srcwiiieic bahia eee a eterna nannies cantina viene erin a ieee 34 FEV Gv UOC O NING tte est ace ie T
75. Thu Fri Sat From 00 00 To 00 00 wl0_Guest2 Disable 1 Always On Sun _ Mon Tue Wed Thu Fri Sat Fromloo 00 To 00 00 Time Schedule i 2 check or select from listbox Sun Mon Tue Wed Thu Fri Sat From 00 00 gt Toj 00 00 wl0_Guest3 Disable 1 Always On sun Mon Tue ed Thu Fri Sat From 00 00 To 00 00 Time Schedule eo m te S 2 check or select from listbox sun Mon Tue Wed Thu Fri Sat From 00 00 To 00 00 Appl Time Schedule Set when the SSID works If user wants the SSID works all the time please select Always On if not please set or select the exact time your want the SSID works Here user can set two separate intervals For example user wants the SSID wlan ap to work on weekdays except for Wednesday under this circumstance user can set as shown below offers a optimal way to set two separate timeslots when user needs to activate the SSID during separate intervals wian ap Enable 1 check or select from listbox L sun Mion Mitue wea thu CiFri sat From oo w 00 To 23 v 59 w 2 v check or select from listbox vi Ci sun Omon O Tue O wea Ml Thu Meri O Sat From 00 v 00 Tol 23 v 59 v a Time Schedule 55 WAN Wide Area Network A WAN Wide Area Network is a computer network that covers a broad geographical area eg Internet that is used to connect LAN and other types of network systems WAN Service Three WAN interfaces ar
76. Tol00 00 Log Tl iP Fiering Outgoing IP Filtering Setup A maximum entries can be configured 32 FTP 4 TCP Any Any ies i Enable v o J cororaton aw Rule Inactive 90 IP Filtering Incoming Incoming IP Filtering is set by default to block all incoming traffic but user can set rules to forward the specific incoming traffic Note The maximum number of entries 32 When LAN side firewall or firewall in WAN interface s is enabled user can move here to add allowing rules to pass through the firewall f Configuration Xe a YIP Filtering Incoming IP Filtering Setup A maximum entries can be configured 32 Source IP address Source Port P Filter Name Interfaces Protocol urai Lo Disable Remove Edit Version Destination IP address aa 9 Click Add button to enter the exact rule setting page i Configuration N Xe ai Incoming IP Filtering Setup Parameters Filter Name lt lt type or select from listbox IP Version IPv4 v Protocol TCP UDP w Protocol Number 0 254 Source IP address Source Port port or portport Destination IP address Destination Port port or port port Interfaces All Mlipoe_ethd etho 1 Y brO bro Time Schedule Always On v Sun _i Mon Tue _ Wed Thu Fri Sat From 00 00 To 00 00 Log E Filter Name A user defined rule name User can select simply from the list box for the application for quick setup IP Version Sel
77. Type PPP over Ethernet PPPoE VPI VCI 0 0 255 33 32 65535 Encapsulation Mode LLC SNAP BRIDGING Description 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Username Password Service Name Authentication Method AUTO Firewall T Enable NAT Ti Enable Fullcone NAT Enable IPv4 Address Static IP Address Dial on demand Enable Inactivity Timeout minutes 1 4320 Obtain DNS Use WAN Interface Use Static DNS Parent Controls Primary DNS Secondary DNS IPV6 for this service M Enable IPv6 Address Static IP Address Obtain IPv6 DNS Use WAN Interface Use Static DNS Primary IPv6 DNS Secondary IPv6 DNS MTU 1492 PPPoE with Pass through Enable IGMP Multicast Proxy Enable MLD Multicast Proxy Enable Apply VCI VPI Enter the VCI VPI combination from you ISP Encapsulation Mode Select the encapsulation mode LLC SNAP BRIDGING or VC MUX Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 owest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Username Enter the account obtained from the ISP Password Enter the password
78. WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication i Mixed WPA2 WPA Network Authentication WPA2 Preauthentication Network Re auth Interval WPA Group Rekey Interval RADIUS Server IP Address RADIUS Port RADIUS Key WPANYAPI Encryption WEP Encryption Mixed WPA2ANPA v Enable m 36000 0 2147483647 3600 0 2147483647 0 0 0 0 1812 AES vw Disabled WPA2 Preauthentication When a wireless client wants to handoff to another AP with preauthentication it can perform 802 1X authentications to the new AP and when handoff happens this mode will help reduce the association time used Network Re auth Interval the interval for network Re authentication The unit is second WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP This is in seconds RADIUS Server IP Address RADIUS Remote Authentication Dial In User Service Enter the IP address of RADIUS authentication server RADIUS Server Port Enter the port number of RADIUS authentication server here RADIUS Key Enter the password of RADIUS authentication server 46 WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication
79. an locate them If you wish to run a server on your network that can be accessed from the WAN i e from other machines on the Internet that are outside your local network or any application that can accept incoming connections e g Peer to peer P2P software such as instant messaging applications and P2P file sharing applications and are using NAT Network Address Translation then you will usually need to configure your router to forward these incoming connection attempts using specific ports to the PC on your network running the application You will also need to use port forwarding if you want to host an online game server The reason for this is that when using NAT your publicly accessible IP address will be used by and point to your router which then needs to deliver all traffic to the private IP addresses used by your PCs Please see the WAN configuration section of this manual for more information on NAT The device can be configured as a virtual server so that remote users accessing services such as Web or FTP services via the public WAN IP address can be automatically redirected to local servers in the LAN network Depending on the requested service TCP UDP port number the device redirects the external service request to the appropriate server within the LAN network This part is only available when NAT is enabled Note The maximum number of entries 64 f Configuration Xe j v Virtual Servers Virtual Servers Setup Ext
80. any DHCP client request with the specified vendor ID DHCP option 60 will be denied an IP address from the local DHCP server Ifa vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow it to obtain an appropriate IP address Each LAN interface can only be added into one group and one WAN interface can only be used in one group 4 Wireless 2 4GHz and 5GHz This section provides you ways to configure wireless access The TW EAV510 AC v2 supports wireless on the 2 4GHz and 5GHz for users This part has sub items as Basic Security MAC Filter Wireless Bridge Advanced and Station Info here Please select which one wireless you want to configure gt LAN Wireless 2 4G wi0 Basic Security MAC Filter Wireless Bridge Advanced Station Info Schedule Control gt Wireless 5G wil1 gt WAN System gt USB gt IP Tunnel gt Security gt Quality of Service gt NAT Wake On LAN gt Advanced Setup Basic It let you determine whether to enable Wireless function and set the basic parameters of an AP and the Virtual APs Configuration Basic Parameters Wireless Hide SSID Clients Isolation Disable WMM Advertise Wireless Multicast Forwarding WMF SSID BSSID Country Max Clients Wireless Guest Virtual Access Points SSID wl0_Guest1 wl0_Guest2 wl0_Guest3 Apply Cancel Enable L Enable C Ena
81. ate the keys However every time when the VPN tunnel re negotiates access through the tunnel will be temporarily disconnected Examples 1 LAN to LAN connection Two TeleWell s want to setup a secure IPSec VPN tunnel Note The IPSec Settings shall be consistent between the two routers Branch Office Head Office Public IP Public IP 192 168 0 254 69 121 1 30 69 121 1 3 192 168 1 254 D Router Router Ge Encryption Data a a PS VPN Connection 192 168 0 0 24 192 168 1 0 24 IPSec VPN LAN to LAN Head Office Side Setup details Local Network IP Address 192 168 1 0 Netmask 255 255 255 0 Head Office network Secure 69 121 1 30 IP address of the Branch office Gateway router on WAN side Address Hostaname 2 3 Remote Network Proposal Authentication MDB DES 9 Prefer MODP 1024 group2 Security Plan Forward Security Pre shared Key 123456 Branch Office Side Setup details the same operation as done in Head Office side toch Local Network 92 168 0 0 55 255 255 0 Branch Office network Remote IP address of the Head office 3 Secure Gateway 169 121 1 3 router on WAN side Address Hostanme Remote Network Select Subnet 255 255 255 0 Head office network 192 168 1 0 5 Prefer MODP 1024 group2 Security Plan Forward Security 116 I a gt g vy IPSec IPS
82. ateway item in the bar and user can check to select the tunnel as the default gateway default route for traffic If selected all outgoing traffic will be forwarded to this tunnel and routed to the next hop 141 GRE Generic Routing Encapsulation GRE is a tunneling protocol that can encapsulate a wide variety of network layer protocol packets inside virtual point to point links over an Internet Protocol IP network And the common use can be GRE over IPSec Note up to 8 tunnels can be added but only 4 can be activated VPN Xe A GRE Parameters Name WAN Interface Default v Local Tunnel Virtual IP Local Netmask Remote Tunnel Virtual IP Remote Gateway IP Remote Network Single Address v IP Address Netmask Enable Keepalive F Keepalive Retry Times 10 Keepalive Interval 3 Seconds Add Edit Delete Name User defined identification WAN Interface Select the exact WAN interface configured for the tunnel as the source tunnel IP Select Default to use the now working WAN interface for the tunnel Local Tunnel Virtual IP Please input the virtual IP for the local tunnel Local Netmask Input the netmask for the local tunnel Remote Tunnel Virtual IP Please input the virtual destination IP for tunnel Remote Gateway IP Set the destination IP for the tunnel Remote Network Select the peer topology Single address client or Subnet IP Address Set the IP address if the peer is a client If the peer is a subne
83. bit Error Rate Test The ADSL Bit Error Rate BER test determines the quality of the ADSL connection The test is done by transferring idle cells containing a known pattern and comparing the received data with this known pattern to check for any errors ADSL BER Test Start The ADSL Bit Error Rate BER test determines the quality ofthe ADSL connection The testis done by transferring idle cells containing a known pattern and comparing the received data with this known pattern to check for any errors Tested Time sec 20 Start Close Select the Tested Time sec press Start to start test ADSL BER Test Running The xDSL BER testis in progress Connection Speed 27447 Kbps The test will run for 20 seconds Stop Close 25 When it is OK the following test result window will appear You can view the quality of ADSL connection Here the connection is OK ADSL BER Test Result The ADSL BER test completed successfully Test Time 20 seconds Total Transferred Bits 0x000000001DA1F500 Error Ratio 0 00e 00 Close Reset Click this button to reset the statistics Bandwidth Usage Bandwidth Usage provides users direct view of bandwidth usage with simple diagram Bandwidth usage shows the use of the bandwidth from two angles Transmitted and Received giving users a clear idea of the usage LAN Note P4 can be configured as EWAN and when the device is in EWAN profile there is no P4 EWAN
84. ble C Enable Enable EAV510 001EAB52B531 00 1E AB 52 B5 32 FINLAND v 64 1 64 Hidden Clients Isolation Disable WMM Advertise WMF Max Clients O a O O 16 Gi O a O 16 O L O ial 16 BSSID Enable N A LJ NIA LJ N A LJ Wireless Default setting is set to Enable If you do not have any wireless devices check the checkbox again to unselect 42 Hide SSID It is function in which transmits its SSID to the air so that when wireless client searches for a network router can then be discovered and recognized Check the checkbox to determine whether you want to hide SSID Clients Isolation if you enabled this function then each of your wireless clients will not be able to communicate with each other Disable WMM Advertise Stop the router from advertising its Wireless Multimedia WMM functionality which provides basic quality of service for time sensitive applications e g VoIP Video Check to disable or enable this function Wireless multicast Forwarding WMF check to enable or disable wireless multicast forwarding SSID The SSID is the unique name of a wireless access point AP to be distinguished from another For security purpose change the default SSID to a unique ID name to the AP already built in to the router s wireless interface It is case sensitive and must not excess 32 characters Make sure your wireless clients have exactly the SSID as the device in order to get connected to your network Note SSID is ca
85. bled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Note In PPPoE connection NAT is enabled by default you can determine whether to enable Fullcone NAT and while you disable Fullcone NAT and only use NAT the default NAT type is Port Restricted or Port Restricted cone NAT the restriction includes port numbers Specifically an external host can 64 send a packet with source IP address X and source port P to the internal host only if the internal host had previously sent a packet to IP address X and port P IPv4 Address Select whether to set static IPv4 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address get from the ISP Dial on demand It is a parameter to let users to dial for connection to internet themselves It is useful when saving internet fees Inactivity Timeout The set Inactivity timeout period unit minutes It is combined use with Dial on Demand users should specify the concrete time interval for dial on demand IPv6
86. bled in the above field enter the static IPv6 address Obtain DNS Available WAN interfaces Select a desirable WAN interface as the IPv6 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv4 DNS Server address MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from Clients and set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication MLD Multicast Proxy check whether to enable this function MLD Multicast Listener Discovery Protocol Proxy intercepts the MLD request from Clients a set up the multicast forwarding table it takes over some of the router s job simplifying the routers job and multicast communication Support MLDv1 and MLDv2 Click Next to continue to set the default gateway and DNS for IPv4
87. box and then press Change Policy to change the settings to the interface For example from above the interface atm0 1 is of bridge mode and all the MAC layer frames will be forward but you can set some rules to let some item matched the rules to be blocked Click Add button to add the rules i Configuration AS gj MAC filtering rules Parameters Protocol K Destination MAC Source MAC Frame Direction LAN lt gt WAN v WAN Interface br_eth0 eth0 2 v 92 Protocol type Select from the drop down menu the protocol that applies to this rule Destination Source MAC Address Enter the destination source address Frame Direction Select the frame direction this rule applies both LAN and WAN LAN lt gt WAN only LAN to WAN LAN gt WAN only WAN to LAN WAN gt LAN WAN Interfaces Select the interfaces configured in Bridge mode Blocking WAN PING This feature is enabled to let your router not respond to any ping command when someone others Ping your WAN IP i Configuration Xe ay Block WAN PING Parameters Block WAN PING O Enable Disable Block WAN IPv6 PING O Enable Disable Time Restriction A MAC Media Access Control address is the unique network hardware identifier for each PC on your network s interface i e its Network Interface Card or Ethernet card Using your routers MAC Address Filter function you can configure the network to block specific machines from accessing your LAN durin
88. ces Select a desirable WAN interface as the IPv6 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv4 DNS Server address MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface PPPoE with Pass through Enable or disable PPPoE pass through If it is enabled PCs behind the router can dial itself IGMP Multicast Proxy Check whether to enable this feature IGMP Internet Group Management Protocol Proxy intercepts the IGMP request from Clients and set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication MLD Multicast Proxy check whether to enable this function MLD Multicast Listener Discovery Protocol Proxy intercepts the MLD request from Clients a set up the multicast forwarding table it takes over some of the router s job simplifying the router s job and multicast communication Support MLDv1 and MLDv2 Click Apply to continue 58 i
89. ck Add a Printer 4 Devices 3 Generic Non PnP WAREHOUSE PC Monitor What type of printer do you want to install Add a local printer Use this option only if you don t have a USB printer Windows automatically installs USB printers when you plug them in Add a network wireless or Bluetooth printer Make sure that your computer is connected to the network or that your Bluetooth or wireless printer is turned on 82 Step 4 Click The printer that want isn t listed Searching for available printers Printer Name rr gt The printer that I want isn t listed Step 5 Select Select a shared printer by name Enter http LAN IP 631 printers printer name or Make sure printer s name is the same as what you set in the earlier For Example http 192 168 0 254 631 printers OfficePrinter OfficePrinter is the Printer Name we setup earlier Find a printer by name or TCP IP address Browse for a printer Select a shared printer by name http 192 168 1 254 631 printers OfficePrinter Example computername printername or http computername printers printername printer gt Add a printer using a TCP IP address or hostname 83 Step 6 Click Next to add the printer driver If your printer is not listed and your printer came with an installation disk click Have Disk find it and install the driver _ ssstrmervicod me 8 ek Select the
90. ck Auto fail over High speed Internet Access via ADSL2 2 Backward Compatible with ADSL Jumbo frames IEEE 802 11 b g n ac compliant Wireless Access Point with Wi Fi Protected Setup WPS Wi Fi Protected Access WPA PSK WPA2 PSK and Wired Equivalent Privacy WEP support Secured IPSec VPN with powerful DES 3DES AES PPTP VPN with Pap Chap MS CHAPv2 authentication Pure L2TP and L2TP over IPSec GRE tunnel SOHO Firewall Security with DoS Preventing and Packet Filtering Quality of Service Control for traffic prioritization and Bandwidth management Universal Plug and Play UPnP Compliance Supports IPTV Application USB port for print server NAS Samba DLNA media server and 3G 4G LTE USB Compliance Compliant with ADSL VDSL 2 Standard Full rate ANSI 11 413 Issue 2 G dmt ITU G 992 1 G hs ITU G 994 1 Compliant with ADSL2 Standard G dmt bis ITU G 992 3 ADSL2 Annex M ITU G 992 3 Annex M G dmt bis plus ITU G 992 5 ADSL2 Annex M ITU G 992 5 Annex M VDSL 2 Network Protocols and Features IPv4 or IPv4 IPv6 Dual Stack NAT static v4 v6 routing and RIP 1 2 IPv6 Stateless Stateful Address Auto configuration IPv6 Router Advertisement IPv6 over PPP DHCPv6 IP Tunnel IPv6 in IPv4 6RD IP Tunnel IPv4 in IPv6 DS Lite Universal Plug and Play UPnP Compliant Dynamic Domain Name System DDNS Virtual Server DMZ and one to one NAT SNTP DNS relay IGMP snooping and IGMP proxy for video se
91. created a Internet Connection Properties Connect to the Internet using Internet Connection This connection allows you to connect to the Internet through a shared connection on another computer Settings C Show icon in notification area when connected Step 4 You may edit or delete the port mappings or click Add to manually add port mappings Advanced Settings Services Select the services running on your network that Internet users can access Services Services Edit Delete 153 Service Settings Description of service Test Name or IP address for example 192 168 0 12 of the computer hosting this service on your network 192 168 1 11 External Port number for this service 143 TCP C UDP Internal Port number for this service 143 Cancel Step 5 Select Show icon in notification area when connected option and click OK An icon displays in the system tray Step 6 Double click on the icon to display your current Internet connection status i Internet Connection ts now connected Click here for more information General mS intemet Gateway Status Connected 05 50 45 Speed 576 0 Kbps Activity intemet Intemet Gateway My Computer Packets Sent 68 353 3 056 450 Received 64 342 4 081 813 Web Configurator Easy Access With UPnP you can access web based configuration for the TeleWell TW EAv510 AC v2 without firs
92. d Here it will generate automatically according to the End port number of External port and can t be modified Protocol select the protocol this service used TCP UDP TCP UDP Time Schedule Select or set exactly when the Virtual Server works When set to Always On the Virtual Server will work all time and also you can set the precise time when Virtual Server works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the Virtual Server works And when set to Disable the rule is disabled and there will be an icon Y in the list table indicating the rule is disabled See Time Schedule S Set up Select a Server Name from the drop down menu then the port will automatically appear modify some as you like or you can just leave it as default Remember to enter your server IP Address 104 l Interface pppoe_0_8 35 ppp0 1 Server Name Custom Senice e Tane Shedd Sun _ Mon Tue Wed Thu Fri Sat From 00 00 Internal Port Start End Protocol l CP c E EIEEEI of O a i i P Il Il TCP UUs L l g O 5 oO Press Apply to conform and the items will be list in the Virtual Servers Setup table woe mer Virtual Servers Setup i a Age of Empires 47624 47624 47624 47624 192 168 1 103 pppo 1 o Age of Empires 6073 6073 TCP 6073 60
93. d Controller This connection uses the following items 0 Client for Microsoft Networks E QoS Packet Scheduler J File and Printer Sharing for Microsoft Networks h intemet Protocol Versiong amp TCP IPv6 Intemet Protocol Version4 TCP IPv4 Link Layer Topology Discovery Mapper 1 0 Driver Link Layer Topology Discovery Responder ital Uninet Description TCP IP version 6 The next genetion version of the internet protocol that provides communication across diverse interconnected networks In the TCP IPv6 properties window select the Obtain an IPv6address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting Click OK again in the Local Area Connection Properties window to apply the new configuration Internet Protocol Version 6 TCP IPv6 Properties J You can get IPv6 settings assigned automatically if your network supports this capabiity Otherwise you need to ask your network administrator for the appropriate IPv6 settings Obtain an IPv6 address automatically Use the following IPv6 address A Obtain DNS server address automatically Use the following DNS server addresses Preferred DNS server Alternate DNS server Validate settings upon exit Configuring a PC in Windows Vista Go to Start Click on Network Then click on Network and Sharing Center at the top bar This computer is not connected t
94. d E mail Apply all settings to check whether you want to have a copy of the settings to apply to other WAN port suppose the above Main port is DSL then if you enable this function then Ethernet port will have the same configuration SMTP Server Enter the SMTP server that you would like to use for sending emails Username Enter the username of your email account to be used by the SMTP server Password Enter the password of your email account Sender s Email Enter your email address SSL check to whether to enable SSL encryption feature 75 Port the port default is 25 Account Test Press this button to test the connectivity and feasibility to your sender s e mail Recipient s Email WAN IP Change Alert Enter the email address that will receive the alert message once a WAN IP change has been detected SMS Alert SMS Short Message Service is to inform clients the information clients subscribe The TeleWell TW EAV510 AC v2 offers SMS alert sending clients alert messages when a WAN IP change is detected Configuration We fej SMS Alert WAN IP Change Alert Recipients Number Apply Recipient s Number WAN IP Change Alert Enter the Recipient s number that will receive the alert message once a WAN IP change has been detected Configure Log i Configuration as aj Configure Log Parameters Log Enable Disable Log Level Informational w Display Level Informational w Mode Local v Apply
95. dresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary DNS Secondary DNS Type the specific primary and secondary IPv4 DNS Server address NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast IGMP Internet Group Membership Protocol is a protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast
96. e Password Cancel OK Congratulations You are now successfully logged in to the Firewall Router Once you have logged on to your TeleWell TW EAV510 AC v2 Router via your web browser you can begin to set it up according to your requirements On the configuration homepage the left navigation pane links you directly to the setup pages which include Status Summary WAN Statistics Bandwidth Usage 3G LTE Status Route ARP DHCP VPN and Log Quick Start Quick Start Configuration LAN Wireless 2 4 GHz and 5 GHz WAN System USB IP Tunnel Security Quality of Service NAT Wake On LAN VPN IPSec VPN Account PPTP L2TP GRE Advanced Setup Routing DNS Static ARP UPnP Certificate Multicast Management Diagnostics 19 Status This Section gives users an easy access to the information about the working router and access to view the current status of the router Here Summary WAN Statistics Bandwidth Usage 3G LTE Status Route ARP DHCP VPN and Log subsections are included Summary WAN gt Statistics gt Bandwidth Usage SG LTE Status Route ARP DHCP gt VPN gt Log Summary The basic information about the device is provided here the following is a configured screenshots to let users understand clearly Device Information Model Name Host Name System Up Time Date Time Software Version LAN IPv4 Address LAN IPv6 Address MAC Address DSL PHY and Driver Versi
97. e Delete O timeslot1 SMTWTFs 09 00 19 00 A Auto Reboot Auto reboot offers flexible rebooting service reboot with the current configuration of router for users in line with scheduled timetable settings Advanced Setup N Te Tj Auto Reboot Parameters 1 Cl Enable Sun Mon Tue Wed Thu Fri Sat Time 00 00 Schedule ee adh e Ld 2 l Enable Sun Mon Tue Wed Thu Fri Sat Time 00 100 Y Enable to set the time schedule for rebooting For example the router is scheduled to reboot at 22 00 every single weekday and to reboot at 9 00 on Saturday and Sunday You can set as follows Advanced Setup WAS aj Auto Reboot Parameters 1 MlEnabie Sun Mimon Mitue Mi wed Mi Thu Mrri Li sat Time 22 cial 00 v Schedule LE i 2 MEnabie Mlsun Cmon OTue Owed thu Ceri Msat Time 09 00 w 162 Diagnostics Diagnostics Tools TeleWell TW EAV510 AC v2 offers diagnostics tools including Ping and Trace route test tools to check for problems associated with network connections Advanced Setup 1 aj Diagnostics Tools Ping Test Destination Host Source Address Interface OIP Address Trace route Test Destination Hest Source Address Interface v O IP Address Max TTL value 16 2 30 Wait time 3 seconds 2 999 Trace route Test Ping Test to verify the connectivity between source and destination Destination Host Enter the destination host IP domain name to be checked for
98. e Name Select Volume name as to create access to the volume of the specified partition of the storage For example a user test is setup behind the usb1 1 i Configuration 1 amp User Accounts User Accounts A maximum accounts can be configured 16 Usermame Home Directory Remove admin test usb1_1test Accessing mechanism of Storage In your computer Click Start gt Run enter 192 168 0 254 j 192 168 1 254 j3 See more results W192 168 1 254 x Shut down gt 78 When accessing the network storage you can see a folder named public users should have the account to enter and the account can be set at the User Accounts section When first logged on to the network folder you will see the public folder Public The public sharing space for each user in the USB Storage When user register a USB account and log successfully a private folder the same name as the user account registered exclusive for each user is established Go on to see the details ier S808me s jE gt Network 192 1681 254 File Edit View Tools Help Organize v Network and Sharing Center View remote printers Jr Favorites we public Share shared folders on each volume T Libraries B Documents a Music Pictures Videos jE Computer amp Local Disk C ca Local Disk D cw Local Disk E cq Local Disk F th Network A 1 item s l Access
99. e Strength gt gt 26 Link Speed gt gt 270 0 Mbps Throughput gt gt 5 600 Kbps Link Speed gt gt 54 0 Mbps BW gt gt 40 SNRO gt gt 19 Throughput gt gt 81 608 Kbps GI gt gt long MCS gt gt 15 SNR1 gt gt n a You can check the message in the red ellipse with the security parameters you set here we all use the default 49 Configure AP as Enrollee Add Registrar with PIN Method set AP to Unconfigured Mode i Configuration i VAS Security lf Hide Access Point enabled or Mac filter listis empty with allow chosen WPA2 will be disabled WPS Setup WPS Enable Current Disable Add Client O Enter STAPIN Use APPIN AddEnrollee This feature is available only when VWPA2 PSK or OPEN mode is configured WPS AP Mode Unconfigured w Setup AP 76229909 Help Manual Setup AP Select SSID wlan ap v Network Authentication Open i WEP Encryption Disabled v Launch the wireless client s WPS utility Set the Config Mode as Registrar Enter the PIN number 76229909 device for example in the PIN Code column then choose the The router s AP s SSID and security setting will now be configured to match the SSID and security setting of the registrar Do Web Page refresh after ER complete AP Configuration to check the new parameters setting MAC Filter f conticuration 1 aj MAC Filter Parameters Select SSID wian ap v MAC Restrict Mode Disable Oallow ODeny If all
100. e adapter settings on the left window panel Select the Local Area Connection and right click the icon to select Properties IPv4 9 SS Network and Internet Network and Sharing Center v Search Contro Pane Control Panel Home z i e View your basic network information and set up connections Manage wireless networks LY F wi See full map Change adapter settings e TEST PC BGSLON CNC Internet Change advanced sharing This computer settings View your active networks Connect or disconnect BGS10N CNC Accesstype Intenet Connections ww Wireless Network Connection Public network BGSLON CNC Change your networking settings Set up a new connection or network Set up a wireless broadband dial up ad hoc or VPN connection or set up a router or access point Connect to a network Connect or reconnect to a wireless wired dial up or VPN network connection Organize v Disable this network device Diagnose this connection Rename this connection Network Extender Standalone Network Extender Disable Disconnected Disconnected gq Network Extender SSLVPN Adapter gq Standalone Network Extender SSL Status ene J Wireless Network Connection 3 vil g PH Not connected Athe G Bridge Connections Microsoft Virtual WiFi Miniport A Create Shortcut Delete Rename Properties Networking Connect using EP Broadcom 570x Gigabit Integrated Controller This connection uses
101. e provided for WAN connection ADSL VDSL and 3G 4G LTE YWAN Service ATM Interface Interface Description Type VPI VCI Vlan8021p VianMuxid lamp NAT Firewall IPv6 Mid Remove Edit atm0 1 ipoe_0_0 33 IPoE 0 33 N A N A Enabled Enabled Enabled Disabled Disabled Edit atm0 2 br_0_0 33 Bridge 0 33 N A N A Disabled Disabled Disabled amp Edit atm1 1 ipoe_0_0 100 IPoE 0 100 NIA N A Enabled Enabled Enabled Disabled Disabled Edit atm1 2 br_0_0_100 Bridge 0 100 NIA NIA Disabled Disabled Disabled Edit atm2 1 br_0_0_ 35 Bridge 0 35 N A N A Disabled Disabled Disabled E Edit atm2 2 ipoe_0_0_35 IPoE 0 35 NIA N A Enabled Enabled Enabled Disabled Disabled amp Edit PTM Interface Interface Description Type Vlan8021p VianMuxid lamp NAT Firewall IPv6 Mid Remove Edit ptm0 1 ipoe_0_1_0 IPoE NIA N A Enabled Enabled Enabled Enabled Enabled Edit 3G LTE Interface Interface Description TEL No APN Username NAT Firewall Failover Edit usb0 USB3G0 3G0 99 internet Enabled Enabled Enabled Edit Add Remove Click Add to add new WAN connections There are three transfer modes for you to configure for WAN connection namely ATM ADSL PTM VDSL and 3G LTE Configuration of PTM mode is similar as ATM mode here take ATM mode WAN configuration for example A DSL PPPoE PPPoE PPP over Ethernet provides access control in a manner which is similar to dial up services using PPP Configuration YWAN Service Parameters
102. e router 4 t Advanced Setup A Xe Power Management Parameters Wait instruction when Idle Enable Status Enabled DRAM Self Refresh Enable Status Enabled Eneray Efficient Ethernet Enable Status Enabled Number of ethernet interfaces in Ethernet Auto Power Down and Sleep Enable Status Enabled Powered up 3 Powered down 2 Adaptive Voltage Scaling Enable Status Enabled Apply Refresh Time Schedule The Time Schedule supports up to 32 timeslots which helps you to manage your Internet connection In each time profile you may schedule specific day s i e Monday through Sunday to restrict or allowing the usage of the Internet by users or applications This Time Schedule correlates closely with router s time since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Refer to Internet Times for details 161 Management y AS aj Time Schedule Parameters Name i Day in a week Clsun Cmon Citue Owed CTh Ceri Csat Start Time 00 x4 00 a End Time 00 8 00 ix Edit Delete For example user can add a timeslot named timeslot1 features a period of 9 00 19 00 every weekday Management N VAS aj Time Schedule Parameters Name Day in a week Clsun Omon COTue Owed Cth Ceri Csat Start Time 00 00 End Time 00 00 w Add Edit Delete Edit Name Day in a week Start Time End Tim
103. e settings f Configuration YWAN Service ETH Interface Interface Description Type Vlan8021p VianMuxid lamp NAT Firewall IPv6 Mid Remove Edit pppo t pppoe_etho PPPoE N A N A Disabled Enabled Enabled Enabled Disabled 0 3G LTE Interface Interface Description TEL No APN Username NAT Firewall Failover Edit USB3G0 99 4 internet Enabled Enabled Enabled Here the corresponding WAN Service have been configured if it is OK you can access the internet You can go to Status gt WAN or Summary to view the WAN connection information if your ISP provides IPv6 service then you will obtain an IPv6 address IPv4 or IPv6 66 IP over Ethernet Configuration YWAN Service Parameters WAN Port Ethernet Type IP over Ethernet Description 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Obtain an IP address automatically Ti Enable Option 60 Vendor ID Option 61 Client ID Option 125 Disable Enable WAN IP Address WAN Subnet Mask WAN gateway IP Address IPv6 for this service WM Enable Obtain an IPv6 address automatically M Enable WAN IPv6 Address Prefix Length WAN Next Hop IPv6 Address NAT Enable Fullcone NAT Enable Firewall Enable IGMP Multicast Enable MLD Multicast Proxy Enable MTU 1500 MAC Spoofing Next Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 owe
104. e that a value set too low may affect stability a balance needs to be achieved between speed and stability There are no set values recommended as each ADSL line will be different value of 6 is a good starting point this is the target SNR from here you can gradually reduce values to achieve the highest possible sync speed whilst still maintaining stability e g 54 1 is the lowest possible value SNR 1 dB Auto 1 SNR Change the value to adjust the DSL link rate more suitable for an advanced user System Internet Time The router does not have a real time clock on board instead it uses the Network Time Protocol NTP to get the most current time from an NTP server NTP is a protocol for synchronization of computers It can enable computers synchronize to the NTP server or clock source with a high accuracy f contiguration internet Time Parameters Synchronize with Internet time servers Enable First NTP time server time nist gov y Second NTP time server ntp1 tummy com y Third NTP time server None v Fourth NTP time server None y Fifth NTP time server None y Time zone offset GMT 02 00 Helsinki Kyiv Riga Sofia Tallinn Vilnius y Apply Cancel Choose the NTP time server from the drop down menu if you prefer to specify an NTP server other than those in the drop down list simply enter its IP address in their appropriate blanks provided as shown above Your ISP may also provide an SNTP server for you
105. ec Settings L2TP over IPSec Cl Enable Connection Name B to H WAN Interface Default v IP Version IPv4 iv Local Network Subnet v IP Address 192 168 0 0 Netmask 255 255 255 0 Remote Security Gateway 69 12143 0s C Anonymous Remote Network Subnet v IP Address 192 168 1 0 Netmask 255 255 255 0 Key Exchange Method IKE IPsec Protocol ESP Pre Shared Key 123456 Local ID Type Default v ID Content l Remote ID Type Default ID Content Phase 1 Mode Main v Encryption Algorithm 3DES vi aiddi MDS DH Group MODP1024 DH2 W SA Lifetime 480 Minute s 60 1440 Phase 2 Encryption Algorithm 3DES W hae MDS DH Group MODP1024 DH2 IPSecLifetime 60 __ Minute s 60 1440 Ping for Keep Alive DPD 480 Second s Detection Interval 180 865400 Idle Timeout j5 Consecutive times 5 99 2 Host to LAN Router servers as VPN server and host should install the IPSec client to connect to head office through IPSec VPN Head Office Public IP Public IP 69 121 1 30 69 121 1 3 192 168 1 254 1 gt Windows XP Router IPSec Encryption Data a VPN Connection 192 168 1 0 24 IPSec VPN Host to LAN 1 Connection Name Headoffice to Host Give a name for IPSec connection Local Network 117 IP IP Address 192 168 1 0 255 255 255 0 Head Office network IP address of the Branch office Secure Gateway router on WAN side Hostaname Remote Network a Address 69 121
106. ect the IP Version IPv4 or IPv6 Protocol Set the traffic type TCP UDP TCP UDP ICMP that the rule applies to Source IP address This is the Address Filter used to allow or block traffic to from particular IP address es featured in the IP range If you leave empty it means any IP address Source Port port or port port The port or port range defines traffic from the port specific application or port in the set port range blocked to go through the router Default is set port from range 1 65535 Destination IP address Traffic from LAN with the particular traffic destination address specified in the IP range is to be blocked from going through the router similarly set as the Source IP address above Destination Port port or port port Traffic with the particular set destination port or port in the set port range is to be blocked from going through the router Default is set port from port range 1 65535 Interfaces Check if the filter rule applies to all interfaces User can base on need select interfaces to make the rule take effect with those interfaces 91 Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled or inact
107. ection select Use my Internet connection VPN and press Next bbk E ge B o 7 iin Connect to a Workplace How do you want to connect Use my Internet connection VPN Connect using a virtual private network VPN connection through the Internet xs T Dial directly Connect directly to a phone number without going through the Internet i i What is a VPN connection 122 Input Internet address and Destination name for this connection and press Next a Connec nect to a Wor place ry 7 Type the Internet address to connect to Your network administrator can give you this address Internet address Example Contoso com or 157 54 0 1 or 3ffe 1234 1111 Destination name VPN Connection Use a smart card E Allow other people to use this connection This option allows anyone with access to this computer to use this connection Don t connect now just set it up so I can connect later Type the Internet address to connect to Your network administrator can give you this address Internet address 172 16 1 208 Destination name test Use a smart card my V Allow other people to use this connection This option allows anyone with access to this computer to use this connection Don t connect now just set it up so I can connect later 123 Input the account user name and password and press Create o nect to Workplace Type your user name and password Username fo
108. elp Ping primary Domain Name Server FAIL Help Test Test With OAM F4 Fault Management IEEE 802 1ag Connectivity Fault Management CFM is a standard defined by IEEE It defines protocols and practices for OAM Operations Administration and Maintenance for paths through 802 1 bridges and local area networks ANs Fault Management is to uniquely test the VDSL PTM connection Push service Advanced Setup ng aj 802 1ag Connectivity Fault Management Parameters This diagnostic is only used for xDSL PTM mode Maintenance Domain MD Level 2 Destination MAC Address i 802 1Q VLAN ID jo i0 4095 xDSL Traffic Type Inactive Test the connection to another Maintenance End Point MEP Loopback Message LBM Find Maintenance End Points MEPS Linktrace Message LTM Set MD Level Send Loopback Send Linktrace 165 Maintenance Domain MD Level Maintenance Domains MDs are management spaces on a network typically owned and operated by a single entity MDs are configured with Names and Levels where the eight levels range from 0 to 7 A hierarchal relationship exists between domains based on levels The larger the domain the higher the level value Maintenance End Point Points at the edge of the domain define the boundary for the domain A MEP sends and receives CFM frames through the relay function drops all CFM frames of its level or lower that come from the wire side Link Trace Link Trace messages otherwise
109. ement amosase anni ndidnlanmanaaeaiihann aie a dante Ine 158 PTO CS exces saescr acetic cetctsa esp Scaererentnesteaenarucseeeamcuccantceteaerseactantsteuteaaraoe A aun 163 FR EA be waits castes enacts E E E acinar aes elon amanaa ais 166 Chapters TOU SS IO OUI shies esses ss caer eg etic eee Pose acest ccna escectd cate eesenatectectesers aes xteservene eet 167 Chapter 1 Introduction Introduction to your Router The TeleWell TW EAV510 AC v2 is a fibre ready ADSL2 VDSL modem an all in one advanced device integrating Wireless AC 1300Mbps 1000 Mb Ethernet 3G 4G LTE and NAS Network Attached Storage in one unit As well as being IPv6 capable the TeleWell TW EAV510 AC v2 ADSL2 router supports super fast fibre connections via dual WAN connectivity through a Gigabit Ethernet WAN port Also it also has a USB port allowing the device to act as a print server as well as a NAS Network Attached Storage device with DLNA Digital Living Network Alliance Moreover the USB port can host a 3G 4G LTE modem connecting to the 3G 4G LTE network for Internet access With an array of advanced features the TeleWell TW EAV510 AC v2 delivers a future proof solution for ADSL2 connections super fast FT TC and ultra speed FTTH Fibre To The Home network deployment and services Maximum wireless performance With an integrated 802 11n Wireless Access Point the router delivers up to 6 times the speed of an 802 11b g n ac network device It supports a data ra
110. ending on which you selected previously For specific process please refer to keywords filtering Exception IP Address In the section users can set the exception IP respectively for IPv4 and IPv6 Click to add the IP Addresses Configuration XE j Except IP Address Parameters IP Version IPy4 v Internal IP Address Add Edit Delete Return Enter the except IP address Click Add to save your changes The IP address will be entered into the Exception List and excluded from the URL filtering rules in effect For specific process please refer to Keywords Filtering For example users can set IPv4 client 192 168 1 103 in your network as a exception address that is not limited to the rules set in URL filter or IPv4 clients a range And also an IPv6 client 2000 1211 1002 6ba4 d160 5adb 9009 87ae or IPv6 clients a range can be the exceptions from the URL rules At the URL Filter page press Apply to confirm your settings 96 Parental Control Provider Parental Control Provider provides Web content filtering offering safer and more reliable web surfing for users Please get an account and configure at the selected Provider www opendns com in advance To use parental control DNS user needs to configure to use parental control DNS provided by parental control provider to access internet at WAN configuration or DNS page See DNS f Configuration AS E Parental Control Provider Parame
111. ents from LAN or WAN For example the Clients in LAN here displays brO Mark Show clearly the SSID WLAN the device is in 29 DHCP The DHCP Table lists the DHCP lease information for all IP addresses assigned by the DHCP server in the device Status DHCP Leased Table Host Name MAC Address IP Address Expires In Mark passeli 00 1b 63 9c 77 96 192 168 0 100 23 hours 53 minutes 38 seconds testi 80 1f 02 53 81 32 192 168 0 101 23 hours 56 minutes 30 seconds EAV510 001EAB52B531 Host Name The Host Name of DHCP client MAC Address The MAC Address of internal DHCP client host IP Address The IP address which is assigned to the host with this MAC address Expires in Show the remaining time after registration Mark Show clearly the SSID WLAN the device is in Note The devices are free to access each other through device name on condition that they all obtain their IPs from the DHCP If the device IP is obtained from the DHCP other devices can access the device through the device name VPN VPN status viewing section provides users IPSec PPTP L2TP and GRE VPN status IPSec l Status TE hd IPSec Status VPN Tunnels Name Active Local Subnet Remote Subnet Remote Gateway SA 192 168 1 0 192 168 0 0 aaa 1 x 255 255 255 0 255 255 255 0 172 16 1 235 Name The IPSec connection name Active Display the connection status Local Subnet Display the local network Remote Subnet Display the
112. ents unauthorized access or damage to computers using wireless network i Configuration ys aj Security lf Hide Access Point enabled or Mac filter listis empty with allow chosen VYPA2 will be disabled WPS Setup WPS Disable Current Disable Manual Setup AP Select SSID wlan ap v Network Authentication Open v WEP Encryption Disabled Apply Cancel Note The WPS feature will also be unavailable when the security setting is not WPA2 or OPEN So if you manually set the wireless security setting you should give notice to it but you can find prompt indicating configuration 43 Manual Setup AP Select SSID Select the SSID you want these settings apply to Network Authentication i Open Network Authentication Open v WEP Encryption Enable w Encryption Strenath 128 bit v Current Network Key aw Network Key 1 1234567890123 Network Key 2 1234567890123 Network Key 3 1234567890123 Network Key 4 1234567890123 Enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys WEP Encryption Select to enable or disable WEP Encryption Here select Enable Encryption Strength Select the strength 128 bit or 64 bit Current Network Key Select the one to be the current network key Please refer to key 1 4 below Network Key 1 4 Enter 13 ASCII characters or 26 h
113. er PC with an address that does not fall into the range of IP addresses that are to be issued by the DHCP server You can configure the virtual server IP address manually but it must still be in the same subnet as the router 106 One to One NAT One to One NAT maps a specific private local address to a global public IP address If user has multiple global public IP addresses from your ISP you are free to use one to one NAT to assign some specific public IP for an internal IP like a public web server mapped with a global public IP for outside access i Configuration Xe aj One to One NAT Parameters Valid O WAN Interface p ppoe_0_8_35 ppp0 1 w Global IP Address Internal IP Address Add Edit Delete Valid Check whether to valid the one to one NAT mapping rule WAN Interface Select one based WAN interface to configure the one to one NAT Global IP address The Global IP mapped to an internal device It can be left empty and under this circumstance it can be reached through the WAN IP of interface set in the field above Internal Address The IP address of an internal device in the LAN For example you have an ADSL connection of pppoe 0 8 35 ppp0 1 interface with three fixed global IP and you then can assign the other two global IPs to two internal devices respectively If you have a WEB server IP address 192 168 1 3 and a FTP server IP address 192 168 1 4 in local network owning a public IP address range of 1
114. er levels are provided by this router namely Administrator Remote and Local respectively See Access Control Administrator Username admin Password admin Attention If you have forgotten the username and or password of the router you can restore the device to its default setting by pressing the Reset Button more than 5 seconds Device LAN IPv4 settings IPv4 Address 192 168 0 254 Subnet Mask 255 255 255 0 Device LAN IPv6 settings Pv6 Address prefix Default is a link local address and is different from each other as MAC address is different from one to one 16 DHCP server for IPv4 DHCP server is enabled Start IP Address 192 168 0 100 IP pool counts 100 LAN and WAN Port Addresses The parameters of LAN and WAN ports are pre set in the factory The default values are shown in the table IPv4 DHCP server function Enabled ports 13 The RFC 1483 Bridged IP LLC IP addresses for 100 IP addresses continuing from function is enabled to distribution to PCs 192 168 0 100 through automatically get the WAN IP 192 168 0 199 address from the ISP LAN Port WAN Port Default is a link local address and is The RFC1483 Bridged IP LLC IPv6 address prefix different from each other as MAC __ function is enabled to address is different from one to one jautomatically get the WAN IP address from the ISP DHCP server function Enabled 17 Information from your ISP Before configuring this device you have
115. er manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary DNS Secondary DNS Type the specific primary and secondary IPv4 DNS Server address IPv6 for this service Enable to use IPv6 service NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast IGMP Internet Group Membership Pro
116. erfaces the default gateway here commonly we select ppp3g0 Obtain DNS Use WAN interfaces Select a desirable WAN interface as the IPv6 DNS server Use Static DNS To specify DNS server manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Click Apply to confirm the settings Here you can configure WAN Service if it is OK you can access the internet You can go to Status gt WAN or Summary to view the WAN connection information Here user can see the 3G LTE failover ptmu 1 ipoe_u_1_U IPFOE Uncontigured usbo 3G0 DirectIP Failover Connected 00 10 32 10 180 127 183 70 DSL This screen allows you to set DSL parameters DSL knowledge is required to configure these settings Contact your ISP to make sure that these parameters are correct i Configuration AS j DSL Parameters Modulation G Dmt MGlite M T1 413 Mapst2 MaAnnex MADSL2 C Annexm Phone line pair Inner pair Outer pair Capability Bitswap ISRA PhyR Upstream Downstream If DSL line is not ready related conffiguration cannot successfully set Modulation There are 7 modes G Dmt G lite T1 413 ADSL2 AnnexL ADSL2 Annex that user
117. ering Note Maximum number of entries 32 Click to add the keywords fi Configuration AG amp Keywords Filtering Parameters Keyword Edit Delete Return Enter the Keyword for example image and then click Add i Configuration Xe aj Keywords Filtering Parameters Keyword Edit Delete Return gt Edit Keyword Delete en j m a g 3 CJ 95 You can add other keywords like this The keywords you add will be listed as above If you want to reedit the keyword press the Edit radio button left beside the item and the word will listed in the Keyword field edit and then press Edit Delete to confirm If you want to delete certain keyword check Delete checkbox right beside the item and press Edit Delete Click Return to be back to the previous page Domain Filtering Note Maximum number of entries 32 Click to add Domains Configuration XE A Domains Filtering Parameters Domains Filtering Type Forbidden Domain Edit Delete Return Domain Filtering enter the domain you want this filter to apply Type select the action this filter deals with the Domain Forbidden Domain The domain is forbidden access Trusted Domain The domain ts trusted and allowed access Enter a domain and select whether this domain is trusted or forbidden with the pull down menu Next click Add Your new domain will be added to either the Trusted Domain or Forbidden Domain listing dep
118. ernal Port Internal Port Server Name Protocol Server IP Address WAN Interface Disabled Remove Edit Start End Start End Remove It is virtual server listing table as you see Click Add to move on The following configuration page will appear to let you configure 103 Y Virtual Servers Parameters Interface pppoe_0 6 35 ipppd 1 v Server Name Custom Service v Custom Service server IP Address lt type or select from listbox w Always On v sun Mon Tue Wed Thu Fri Sat From 00 00 To 00 00 v External Port Internal Port Protocol Protocol Number Start End Start End Time Schedule Ho i T i S E E E S E E e Ss SI Interface select from the drop down menu the interface you want the virtual server s to apply Server Name select the server name from the drop down menu Custom Service It is a kind of service to let users customize the service they want Enter the user defined service name here It is a parameter only available when users select Custom Service in the above parameter Server IP Address Enter your server IP Address here User can select from the list box for quick setup External Port Start Enter a port number as the external starting number for the range you want to give access to internal network i End Enter a port number as the external ending number for the range you want to give access to internal network Internal Port i Start Enter a port number as the internal staring number i En
119. ess 192 168 1 10 Drop L2TP Client gt Name Enable Status Connection Type Peer Network IP Client IP Action Retest L2TP Server Name The L2TP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN L2TP connection Connected By Display the IP of remote connected client Action Act to the connection Click Drop button to disconnect the tunnel connection 3 L2TP Client Name The L2TP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN L2TP connection Client Assigned IP by L2TP server Action Act to the connection Click Drop button to disconnect the tunnel connection Refresh Click this button to refresh the connection status GRE Status GRE Status Name Enable Status Remote Gateway IP test3 y Connected 69 121 1 22 Name The GRE connection name Enable Display the connection status with icons Status The connection status connected or disable Remote Gateway The IP of remote gateway Refresh Click this button to refresh the connection status Log System Log Display system logs accumulated up to the present time You can trace historical information with this function
120. ets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules IGMP Multicast IGMP Internet Group Membership Protocol is a protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast routers Check this item to enable IGMP multicast on that WAN interface for multicast forwarding MLD Multicast Proxy check whether to enable this function MLD Multicast Listener Discovery Protocol Proxy intercepts the MLD request from Clients a set up the multicast forwarding table it takes over some of the router s job simplifying the routers job and multicast communication Support MLDv1 and MLDv2 MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface MAC Spoofing This option is required by some service providers specifying some specific MAC allowed to join in network You must fill in the MAC address specified by your service provider when this information is required Bridging i Configuration YWAN Service Parameters WAN Port Ethernet Type Bridging Description 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Next Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 owest to 7 highest which can be used to
121. exadecimal digits for 128 bit encryption keys Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys i Shared This is similar to network authentication Open But here the WEP Encryption must be enabled Network Authentication Shared v WEP Encryption Enable v Encryption Strength 128 bit w Current Network Key 20 Network Key 1 1234567890123 Network Key 2 1234567890123 Network Key 3 1234567890123 Network Key 4 1234567890123 Enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys 44 i 802 1x Network Authentication 802 1X v RADIUS Server IP Address 0 0 0 0 RADIUS Port 1812 RADIUS Key oe WEP Encryption Enable Encryption Strenath 428 bit v Current Network Key 2 Network Key 1 Network Key 2 1234567890123 Network Key 3 1234567890123 Network Key 4 Enter 13 ASCII characters or 26 hexadecimal digits for 428 bit encryption keys Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys RADIUS Server IP Address RADIUS Remote Authentication Dial In User Service Enter the IP address of RADIUS authentication server RADIUS Server Port Enter the port number of RADIUS authentication server here RADIUS Key Enter the password of RADIUS authentication server WEP Encryption Select to e
122. fic is treated in the same manner as broadcast traffic that is it is forwarded to all ports With MLD snooping multicast traffic of a group is only forwarded to ports that have members of that group i Standard Mode In standard mode multicast traffic will flood to all bridge ports when no client subscribes to a multicast group i Blocking Mode In blocking mode the multicast data will be blocked when there is no client subscribes to a multicast group it won t flood to the bridge ports Stateless and Stateful IPv6 address Configuration Stateless Two methods can be carried With DHCPv6 disabled but Issue Router Advertisement Enabled seeeeeeee DHCPv6 Server o Enable Issue Router Advertisements vV Enable With this method the PCs in LAN are configured through RA mode thus the PCs in LAN are configured through RA mode to obtain the prefix message and generate an address using a combination of locally available information MAC address and information prefix advertised by routers With both DHCPv6 and Issue Router Advertisement Enabled DHCPv6 Server Enable DHCPv6 Server Type Stateless O Stateful Start interface ID 0 0 0 2 End interface ID 0 0 0 254 Leased Time hour 24 Issue Router Advertisements Enable With this method the PCs addresses in LAN are configured like above method but they can obtain such information like DNS from DHCPv6 Server 38 Stateful two methods can be adopted With o
123. g the specified time This page adds time of day restriction to a special LAN device connected to the router To Restrict LAN device s please click Add button to add the device s from accessing internet under some set time To find out the MAC address of a window based PC go to command window and type ipconfig all Note The maximum entries configured 32 f Configuration Xe aj Time Restriction Access Time Restriction A maximum entries can be configured 32 Host Label MAC Mon Tue Wed Thu Fri Sat Sun Start Stop Remove Click Add to add the rules 93 f Configuration we amp Time Restriction Parameters Host Label WAC Address lt lt type or select from listbox Days of the week Cimon OTue Owes Oth Ofri Osat Sun Start Time hh mm End Time hh mm Host Label User defined name MAC Address Enter the MAC address es you want to allow or block to access the router and LAN The format of MAC address could be XX XX XX XX XX XX Or XX XX XX XX XX XX For convenience user can select from the list box Days of the week Select the days of a week the rule takes efforts Start Time Enter the start time of each day in hh mm format Leaving it empty means 00 00 End Time Enter the end time of each day in hh mm format Leaving it empty means 23 59 Click Apply to confirm your settings The following prompt window will appear to remind you of the attention An example f contiguration
124. h and Safety requirements contained in 3 1 1 Article 3 1 a EN60950 1 2001 A11 2006 IEC60950 1 2001 2005 Harmonised standards Protection requirements with respect to EMC 3 1 2 Article 3 1 b EN 55022 2006 A1 2007 Class B EN 61000 3 2 2006 EN 61000 3 3 1995 A1 2001 A2 2005 EN 55024 1998 A1 2001 A2 2003 IEC 61000 4 2 1995 A1 1998 A2 2000 IEC 61000 4 3 2006 IEC 61000 4 4 2004 IEC 61000 4 5 2005 IEC 61000 4 6 2006 IEC 61000 4 8 1993 A1 2000 IEC 61000 4 11 2004 Harmonised standards Measures for the efficient use of the radio frequency spectrum ETS EN 301 489 1 V1 8 1 2008 04 EN 301 489 17 V1 3 2 2008 04 EN 300 328 V1 7 1 2006 10 interface specification Air interface of the radio systems pursuant to 3 2 Article 3 2 2 412 2 472 GHz This declaration is issued by Jarvenpaa 5 12 2013 Place Date 169
125. h source IP address X and source port P to the internal host only if the internal host had previously sent a packet to IP address X and port P IPv4 Address Select whether to set static IPv4 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv4 address get from the ISP Dial on demand It is a parameter to let users to dial for connection to internet themselves It is useful when saving internet fees Inactivity Timeout The set Inactivity timeout period unit minutes It is combined use with Dial on Demand users should specify the concrete time interval for dial on demand Obtain DNS Available WAN interfaces Select a desirable WAN interface as the IPv4 DNS server Static DNS Address To specify DNS server manually by entering your primary and secondary DNS server addresses Parental Controls If user registers and gets a DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider Primary IPv4 DNS Secondary IPv4 DNS Type the specific primary and secondary IPv4 DNS Server address IPv6 for this service Enable to use IPv6 service IPv6 Address Select whether to set static IPv6 address or obtain automatically IP Address If Static is enabled in the above field enter the static IPv6 address Obtain DNS Available WAN interfa
126. he route is reinstated from dynamic routing D Show that the route is dynamically installed by daemon or redirecting M Show the route is modified from routing daemon or redirect Metric Display the number of hops counted as the Metric of the route Service Display the service that this route uses Interface Display the existing interface this route uses ARP This section displays the router s ARP Address Resolution Protocol Table which shows the mapping of Internet IP addresses to Ethernet MAC addresses This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router s Security MAC Filtering function Here IPv6 Neighbor Table listed with IPv6 address MAC mapping is supported f Status Y ARP ARP Table IP Address Flag MAC Address Device Mark 192 168 0 101 Complete 80 1f 02 03 81 32 brO EAV510 001EAB52B531 192 168 0 100 Complete 00 10 63 9 77 96 brO 10 191 75 13 Complete 02 50 f3 00 00 00 usb0 ARP table IP Address Shows the IP Address of the device that the MAC address maps to Flag Shows the current status of the ARP entries Complete the route resolving is processing well M Marked as permanent entry the route is permanent P publish entry publish this route item MAC Address Shows the MAC address that is corresponded to the IP address of the device it is mapped to Device here refers to the physical interface it is a concept to identify Cli
127. he user on the specified LAN group interface can t access CPE anymore But you can still access the internet service If user wants to manage the CPE please turn to IP Filtering Incoming to add the allowing rules Note that all incoming packets by default will be dropped if the LAN side firewall is enabled and user cannot manage this CPE from the specified LAN group DHCP Server You can disable or enable the DHCP Dynamic Host Configuration Protocol server or enable the router s DHCP relay functions The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automatically Disable DHCP Server DHCP Server Disable v Disable the DHCP Server function Enable Enable the DHCP function enter the information wanted Here as default DHCP Server DHCP Server Enable V Start IP Address 192 168 0 100 End IP Address 192 168 0 200 Leased Time hour 24 Option 66 _ Enable Start IP Address The start IP address of the range the DHCP Server used to assign to the Clients End IP Address The end IP address f the range the DHCP Server used to assign to the Clients Leased Time hour The leased time for each DHCP Client Option 66 Click Enable to activate DHCP option 66 for some special devices like IPTV Set Box The devices can get firmware or some special service from the TFTP server User needs to set the IP or hostname of the TFTP server i DHC
128. hrase you can click here to display to view it WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP This is in seconds WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication i WPA2 Network Authentication WPA2 Preauthentication Network Re auth Interval WPA Group Rekey Interval RADIUS Server IP Address RADIUS Port RADIUS Key WPAAVAPI Encryption WEP Encryption WPA2 v Enable 36000 0 2147483647 3600 0 2147483647 1812 AES v Disabled WPA2 Preauthentication When a wireless client wants to handoff to another AP with preauthentication it can perform 802 1X authentication to the new AP and when handoff happens this mode will help reduce the association time Network Re auth Interval the interval for network Re authentication This is in seconds WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP This is in seconds RADIUS Server IP Address RADIUS Remote Authentication Dial In User Service Enter the IP address of RADIUS authentication server This is in seconds RADIUS Server Port Enter the port number of RADIUS authentication server here RADIUS Key Enter the password of RADIUS authentication server
129. ic DNS Static DNS is a concept relative to Dynamic DNS in static DNS system the IP mapped is static without change You can map the specific IP to a user friendly domain name In LAN you can map a PC to a domain name for convenient access Or you can set some well known Internet IP mapping item so your router will response quickly for your DNS query instead of querying from the ISP s DNS server 148 Advanced Setup Ae Tj Static DNS Parameters Host Name IP Address Host Name Type the domain name host name for the specific IP IP Address Type the IP address bound to the set host name above Click Add to save your settings Static ARP ARP Address Resolution Protocol is a TCP IP protocol that allows the resolution of network layer addresses into the link layer addresses And Static ARP here allows user to map manually the layer 3 MAC Media Access Control address to the layer 2 IP address of the device 4 Advanced Setup AS ej v Static ARP Parameters IP Address MAC Address Edit Delete IP Address Enter the IP of the device that the corresponding MAC address will be mapped to MAC Address Enter the MAC address that corresponds to the IP address of the device Click Add to confirm the settings UPnP UPnP offers peer to peer network connectivity for PCs and other network devices along with control and data transfer between devices UPnP offers many advantages for users running NAT routers thr
130. in the client side Secret Enter the secretly pre shared password for tunnel authentication Remote Host Name Enter the remote host name of peer featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Click Apply to submit your L2TP Server basic settings L2TP Client L2TP client can help you dial in the L2TP server to establish L2TP tunnel over Internet 130 ven we hel L2TP Client Parameters Name L2TP over IPSec LJEnable WAN Interface Default v Username Password Auth Type Pap or Chap L2TP Server Address Connection Type Remote Access O LAN to LAN Peer Network IP Peer Netmask Tunnel Authentication d Secret Remote Host Name Local Host Name Add Edit Delete Name user defined name for identification L2TP over IPSec If your L2TP server has used L2TP over IPSec feature please enable this item Under this circumstance client and server communicate using L2TP over IPSec i Enable Jo 4 a L2TP Client Parameters Name L2TP over IPSec Enable IPSec Tunnel test2 M IPSec Username Password Auth Type Pap or Chap L2TP Server Address Connection Type Remote Access O LAN to LAN Peer Network IP Peer Netmask Tunnel Authentication F Secret Remote Host Name Local Host Name Add Edit Delete IPSec Tunnel Select the appropriate IPSec for L2TP rule configured for the L2TP Client Username Enter the username provided by y
131. interface as P4 is working as a WAN port Jo Vo LAN Bandwidth Usage Received O lt O S S _ 9 S ov tt ti tt ht FR HH ee e e e e 9 G MG AG aG I IH H t ee o A y a y y y a y a e y a y Sat Putte HO Sot tt HoH e ee e ee e e e 9 G A a y y H lt _ _ _ __ S O A S S S D st tt tt tH tH H PA4AEWAN P3 P2 P1 wid View LAN Transmitted View WAN Traffic concurrently DSL 26 Press View LAN Transmitted button to change the diagram to the statistics from a Received Bytes of view Note P means Ethernet port 3 and the traffic information of the port 3 is identified with green the same color with P3 in the diagram other ports all take the same mechanism When you press View WAN Traffic concurrently button the WAN Bandwidth Usage pops up so that users can view the WAN traffic concurrently WAN Service f Status 1 aj Y WAN Bandwidth Usage Received EE A CT A En Pe a Pe Pe S S A a A A a S E S a A a A a a eR Ee mae cee meme weet lt e _ OO Ot Ot ot ht ttt A He tH ae lt lt O __ tt _ rt tO tt tt tt tE_ Ht ppp 0 1 View LAN Traffic concurrently View WAN Transmitted Press View WAN Transmitted button to change the diagram to the statistics from a Received Bytes of view Press View LAN Traffic concurrently button to directly switch to the LAN Bandwidth Usage page to view the LAN traffic concurrent
132. io gt Upstream LAN to WAN 100 Downstream WAN to LAN 100 IP Version IPv4 Application HTTP lt lt HTTP TCP 80 v Direction LAN to WAN x Protocol TCP DSCP Marking Disable Rate Type Limited Maximum Ratio 20 f Priority Normal Internal IP Address 4 Internal Port External IP Address Zz q External Port gos ig0 e Time Schedule timeslot Osun Mitton Mtue Mwea Mthu Mri Csat From o0 00 To 09 v 19 If you are actively engaged in P2P and are afraid of slowing down internet access for other users within your network you can then use QoS to set a rule that has low priority In this way P2P application will not congest the data transmission with other applications i Configuration g Quality of Service Non Assigned Bandwidth Ratio gt Upstream LAN to WAN 80 Downstream WAN to LAN 100 IP Version IPv4 Application P2P lt lt type or select from listbox v Direction LAN to WAN Protocol Any DSCP Marking Disable Rate Type Prioritization Ratio f Priority Low M Internal IP Address i j gt Internal Port External IP Address I SF l External Port fo i Time Schedule timeslott o Clsun Mmon MTue Mwea Mi thu MlFri C Sat From 00 00 To 09 w 19 Other applications like FTP Mail access
133. ireless local area networks RX Chain Power Save Enabling this feature turns off one of the Receive chains going from 2x2 to 2x1 to save power RX Chain Power Save Quiet Time The number of seconds the traffic must be below the PPS value before the Rx Chain Power Save feature activates itself RX Chain Power Save PPS The maximum number of packets per seconds that can be processed by the WLAN interface for a duration of Quiet Time described above before the Rx Chain Power Save feature activates itself 54g Rate Multicast Rate Setting for multicast packets transmission rate Basic Rate Setting for basic transmission rate It is not a specific kind of rate it is a series of rates supported When set to Default the router can transmit with all kinds of standardized rates Fragmentation Threshold A threshold in bytes whether the packets will be fragmented and at what size Packets succeeding the fragmentation threshold of 802 11n WLAN will be split into smaller units suitable for circuit size While the packets smaller than fragmentation threshold will not be fragmented Default is 2346 setting the fragmentation too low may result in poor performance RTS Threshold Request to Send RTS threshold specifies the packet size when exceeds the size the RTS CTS will be triggered The default setting of 2347 max length will disable the RTS DTIM Interval Delivery Traffic Indication Message DTIM The entry range is a value between 1 and 2
134. it can provides the communication between customer premises equipment CPE and Auto Configuration Server ACS It includes both a safe configuration and the control of other CPE management functions within an integrated framework In the course of the booming broadband market the number of different internet access possibilities grew as well e g modems routers gateways set top box VolP phones At the same time the configuration of this equipment became more complicated too complicated for end users For this reason TR 069 was developed It provides the possibility of auto configuration of the access types Using TR 069 the terminals can get in contact with the Auto Configuration Servers ACS and establish the configuration automatically and let ACS configure CPE automatically 159 Advanced Setup a ay TR 069 Client Parameters Inform O Enable Disable Inform Interval 300 1 2147483647 ACS URL ACS User Name admin ACS Password 0 WAN Interface used by TR 069 client Any_WAN 4 Display SOAP messages on serial console O Enable Disable Connection Request Authentication Connection Request User Name admin Connection Request Password eeee Connection Request URL http 10 0 10 114 30005 Apply GetRPCMethods Inform select enable to let CPE be authorized to send Inform message to automatically connect to ACS Inform Interval Specify the inform interval time sec which CPE used to periodically send i
135. ive and there will be an icon in the list table indicating the rule is inactive See Time Schedule Log check the check box to record the security log To check the log users can turn to Security Log MAC Filtering MAC Filtering is only effective on ATM PVCs configured in Bridged mode FORWARDED means that all MAC layer frames will be forwarded except those matching with any of the specified rules in the following table BLOCKED means that all MAC layer frames will be blocked except those matching with any of the specified rules in the following table Configuration Xe aj MAC Filtering MAC Filtering Setup MAC Filtering is only effective on ATM PVCs configured in Bridge mode FORWARDED means that all MAC layer frames will be FORWARDED except those matching with any of the specified rules in the following table BLOCKED means that all MAC layer frames will be BLOCKED except those matching with any of the specified rules in the following table MAC Filtering Policy For Each Interface Interface Policy Change atm0 1 FORWARD a WARNING Changing from one policy to another of an interface will cause all defined rules for that interface to be REMOVED AUTOMATICALLY You will need to create new rules for the new policy Change Policy MAC filtering rules Interface Protocol Destination MAC Source MAC Frame Direction Remove Remove By default all MAC frames of the interface in Bridge Mode will be forwarded you can check Change check
136. lient IPv4 address Server IPv4 address NAP State Origin address Destination address 127 Example Configuring a LAN to LAN PPTP VPN Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch offices accordingly Branch Office Head Office Public IP 192 168 0 254 69 121 1 3 192 168 1 254 Router Router PPTP Client ee PPTP Server VPN Connection 192 168 0 0 24 192 168 1 0 24 PPTP VPN LAN to LAN Server side Head Office ven PPTP Server Parameters PPTP Function Enable O Disable WAN Interface Default vi Auth Type MS CHAPv2 v Encryption Key Length Auto Peer Encryption Mode Only Stateless m IP Addresses Assigned to Peer start from 192 168 14 100 Idle Timeout 10 0 120 Minute s The above is the common setting for PPTP Server set as you like for authentication and encryption The settings in Client side should be in accordance with settings in Server side 128 Then the PPTP Account ven ae fa VPN Account VPN Account applied to PPTP Server and L2TP Server Parameters Name HO Tunnel Enable Disable Username HO Password seee Connection Type O Remote Access LAN to LAN Peer Network IP 192 168 0 0 Peer Netmask 255 255 255 0 Edit Delete Edit Name Tunnel Connection Type Peer Network IP Peer Netmask Delete Ho Enable LA
137. ly 27 i Status LAN Bandwidth Usage Received P4EWAN P3 P2 P1 wild View LAN Transmitted 3G LTE Status 3G LTE Status Parameters Status signal Strength Network Name Network Mode Card Name Card Firmware Status The current status of the 3G LTE card ww g Up HEBREBRERE elisa LTE TW 3G 4G LTE BD_TELEWELL_MF821V1 0 0B02 Signal Strength The signal strength bar indicates current 3G signal strength Network Name The network name that the device is connected to Network Mode The current operation mode for 3G LTE card it depends on service provider and card s limitation GSM or UMTS Card Name The name of the 3G LTE card Card Firmware The current firmware for the 3G LTE card 28 Route f status Route Flags U up reject G gateway H host R reinstate D dynamic redirect M modified redirect Destination Gateway Subnet Mask Flag Metric Service Interface 10 191 75 72 0 0 0 0 255 255 255 252 U 0 3G0 usb0 192 168 0 0 0 0 0 0 255 255 255 0 U 0 bro 0 0 0 0 10 191 75 73 0 0 0 0 UG 0 3G0 usb0 Destination The IP address of destination network Gateway The IP address of the gateway this route uses Subnet Mask The destination subnet mask Flag Show the status of the route i U Show the route is activated or enabled H host destination is host not the subnet G Show that the outside gateway is needed to forward packets in this route R Show that t
138. mes 5 9 MB Space used by installed components 42 8 MB Space required 0 0 MB Space available on disk 2574 4 MB Description Includes accessories to help you connect to other computers and online services 5 of 9 components selected Have Disk OK Cancel Apply Step 3 In the Communications window select the Universal Plug and Play check box in the Components selection box Communications xj To install a component select the check box next to the component name of clear the check box you do not want to install it A shaded box means that only part of the component will be installed To see what s included in a component click Details Components v eg NetMeeting v By Phone Dialer 0 2 MB Universal Plug and Play 0 4 ME ay Virtual Private Networking 0 0 MB Space used by installed components 42 4 MB Space required 0 0 MB Space available on disk 866 3 MB Description lt Universal Plug and Play enables seamless connectivity and communication between Windows and mtelligent appliances Details _ Cancel Step 4 Click OK to go back to the Add Remove Programs Properties window Click Next Step 5 Restart the computer when prompted 150 Follow the steps below to install the UPnP in Windows XP Step 1 Click Start and Control Panel Step 2 Double click Network Connections Step 3 In the Network Connections window click Advanced in the main menu and select Optio
139. n Allow OBlock Apply Exceptional Rule IP Range Valid IP Address Range Add Edit Delete Default Action Select Allow to grant access to the listed IP or IPs to Virtual Server and DMZ Host While choose Block to ban the listed IP or IPs to access the Virtual Server and DMZ Host Apply Press Apply button to apply the change Exceptional Rule Range Valid Check the box to enable or disable the IP range IP Address Range Specify the IP address range IPv4 address range can be supported Click Add to add the IP Range For instance if user wants block IP range of 172 16 1 102 172 16 1 106 from accessing your set virtual server and DMZ host you can add this IP range and valid it i Configuration a aj Exceptional Rule Parameters The Exceptional Rule is only applied to Virtual Server and DMZ Host Default Action Allow Block Apply Exceptional Rule IP Range Valid IP Address Range Add Edit Delete Edit Valid Action IP Address Range Delete O True Block 172 16 1 102 172 16 1 106 102 Virtual Servers In TCP IP and UDP networks a port is a 16 bit number used to identify which application program usually a server incoming connections should be delivered to Some ports have numbers that are pre assigned to them by the IANA the Internet Assigned Numbers Authority and these are referred to as well known ports Servers follow the well known port assignments so clients c
140. nable or disable WEP Encryption Here select Enable Current Network Key Select the one to be the current network key Please refer to key 2 3 below Network Key 1 4 Enter 13 ASCII characters or 26 hexadecimal digits for 128 bit encryption keys Enter 5 ASCII characters or 10 hexadecimal digits for 64 bit encryption keys i WPA Network Authentication WPA vi WPA Group Rekey Interval 3600 0 2147483647 RADIUS Server IP Address 0 0 0 0 RADIUS Port 1812 RADIUS Key WPA WAPI Encryption TKIP AES vi WEP Encryption Disabled WPA Group ReKey Internal The period of renewal time for changing the security key automatically between wireless client and Access Point AP This is in seconds RADIUS Server IP Address RADIUS Remote Authentication Dial In User Service Enter the IP address of RADIUS authentication server RADIUS Server Port Enter the port number of RADIUS authentication server here RADIUS Key Enter the password of RADIUS authentication server WPA WAPI Encryption There are two Algorithms AES Advanced Encryption Standard and TKIP Temporal Key Integrity Protocol which help to protect the wireless communication i WPA PSK WPA2 PSK Network Authentication WPA PSK vi WPAAMNAPI passphrase Pere Click here to display WPA Group Rekey Interval 3600 0 2147483647 WPANWAPI Encryption TKIP 4ES v WEP Encryption Disabled 45 WPA WAPI passphrase Enter the WPA WAPI passp
141. nal Networking Components Network Connections File Edit View Favorites Tools Help Operator Assisted Dialing gt oe a S wg Dd x 5 Dial up Preferences Address Network Connections Network Identification Bridge Connections Network Tasks Advanced Settings Optional Networking Components i sa a nl The Windows Optional Networking Components Wizard window displays Step 4 Select Networking Service in the Components selection box and click Details Windows Optional Networking Components Wizard Windows Components You can add or remove components of Windows XP To add or remove a component click the checkbox A shaded box means that only part of the component will be installed To see what s included in a component click Details Components LI n Management and Monitoring Tools C4 Networking Services 0 3 MB C 35 Other Network File and Print Services Description Contains a variety of specialized network related services and protocols Total disk space required 0 0 MB Space available on disk 11457 8 MB 151 Step 5 In the Networking Services window select the Universal Plug and Play check box Step 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next Networking Services fx To add or remove a component click the check box A shaded box means that only part of the componen
142. nform message to automatically connect to ACS When the inform interval time arrives the CPE will send inform message to automatically connect to ACS ACS URL Enter the ACS server login name ACS User Name Specify the ACS User Name for ACS authentication to the connection from CPE ACS password Enter the ACS server login password WAN interface used by TR 069 select the interface used by TR 069 Display SOAP message on serial console select whether to display SOAP message on serial console Connection Request Authentication Check to enable connection request authentication feature Connection Request User Name Enter the username for ACS server to make connection request Connection Request User Password Enter the password for ACS server to make connection request Connection Request URL Automatically match the URL for ACS server to make connection request GetRPCMethods Supported by both CPE and ACS display the supported RFC listing methods Click Apply to apply your settings Remote Access It is to allow remote access to the router to view or configure f Advanced Setup AS amp Remote Access Parameters Remote Access Enable Enable Service HTTP LISSH L FtP TELNET C SNMP Apply Allowed Access IP Address Range Valid IP Version IPv4 w IP Address Range Add Edit Delete Remote Access Select Enable to allow management access from remote side mostly from internet If disabled no remote acces
143. ng which the rule works And when set to Disable the rule is disabled or inactive and there will be an icon in list table indicating the rule is inactive See Time Schedule Log check the check box to record the security log To check the log users can turn to Security Log Example For example if there is an outgoing rule set as follows then the 21 application between source IP and destination IP will be blocked Or exactly in the rule below all traffic trying to access FTP will be blocked 89 I coosorraton aw o Parameters Fiter Name A 1P verston Protocol TP Ow Protocol Number Jio 254 C TCS Source Pon prt er porto Destination Paceress SCS Destnatonpot 1 lipon orportport Time Schedule Isun Cimon _ Tue Wed Thu Fri lsat From o0 00 To00 00 Log M IP Filtering Outgoing IP Filtering Setup A maximum entries can be configured 32 FTP TCP L a gM Any Enable Oo Any Any 21 The rule is active disable field shows the status of the rule active or inactive J conenenn ke g Outgoing IP Filtering Setup Parameters Filter Name FTP type or Select from listbox w IP Version see Protocol TCP S Source IP address BO o Source Port iportorportpor Destination IP address Jlo Destination Port 21 __ iportor port por Time Schedule Sun Mon Tue Wed Thu Fri Sat From 00 00
144. nly DHCPv6 enabled DHCPv6 Server Enable DHCPv6 Server Type Stateless Stateful Start interface ID 0 0 0 2 End interface ID 0 0 0 254 Leased Time hour 24 Issue Router Advertisements Enable ETETETT With this method the PCs addresses are configured the same as in IPv4 that is addresses are assigned by DHCPV6 server i With both DHCPv6 and Issue Router Advertisement Enabled DHCPv6 Server Enable DHCPv6 Server Type Stateless Stateful Start interface ID 0 0 0 2 End interface ID 0 0 0 254 Leased Time hour 24 Issue Router Advertisements Menable ETTET With this method the PCs addresses are configured the same like above and the address information in RA packets will be neglected Interface Grouping Interface grouping is a function to group interfaces known as VLAN A Virtual LAN commonly known as a VLAN is a group of hosts with the common set of requirements that communicate as if they were attached to the same broadcast domain regardless of the physical location A VLAN has the same attributes as a physical LAN but it allows for end stations to be grouped together even if they are not located on the same network switch Each group will perform as an independent network To support this feature you must create mapping groups with appropriate LAN and WAN interfaces using the Add button Please Note P4 can be configured as EWAN and when the device is in EWAN
145. nterface which you want the Source IP to access outside through Default Gateway Enter the default gateway which you want the Source IP to access outside through Click Apply to apply your settings And the item will be listed in the policy Routing listing table Here if you want to remove the route check the remove checkbox and press Remove to delete it RIP RIP Router Information Protocol is a simple Interior Gateway Protocol IGP RIP has two versions RIP 1 and RIP 2 A f Advanced Setup XE aj RIP Parameters RIP CANNOT BE CONFIGURED on the WAN interface which has NAT enabled such as PPPoE Interface Version Operation Enable atm0 2 2 v 2 Passive d Interface the interface the rule applies to Version select the RIP version there are two versions RIP 1 and RIP 2 Operation RIP has two operation mode Passive only receive the routing information broadcasted by other routers and modifies its routing table according to the received information Active working in this mode the router sends and receives RIP routing information and modifies routing table according to the received information Enable check the checkbox to enable RIP rule for the interface 145 Note RIP can t be configured on the WAN interface which has NAT enabled such as PPPoE Click Apply to apply your settings DNS DNS Domain Names system is a distributed database of TCP IP application DNS provides translation of Domain name
146. o a network Click to connect Name Category Workgroup Network location Favorite Links IE Documents Pictures i Music yy Recently Changed BB Searches Public d ue Network and Internet gt Network and Sharing Center v 4 Search Network and Sharing Center View computers and devices Connect to a network Set up a connection or network L e Manage network connections TEST1 WHQL Internet Diagnose and repair This computer a Not connected You are currently not connected to any networks Connect to a network When the Network and Sharing Center window pops up select and click on Manage network connections on the left window panel Select the Local Area Connection and right click the icon to select Properties gt B lt Network and Internet Network Connectors e B Organize v views v Status Disable this network device E4 Diagnos Name Device Name Connectivity Network Cate Dial up 2 A LO Network Extender A Standalone Network Extende OP me Disconnected 7 Disconnected F Network Extender SSLVPN A KZ ISDN WAN Device LAN or High Speed Internet 1 Local Area Connection SAS eee 9 Z In Disable Status Diagnose Bridge Connections Create Shortcut Delete Rename Properties IPv4 Select Internet Protocol Version 4 TCP IPv4 then click Properties Local Area Connection Properties nny nessa Connect using amp In
147. obtained from the ISP Service Name The item is for identification purpose user can define it yourself Authentication Method Default is Auto Or else your ISP will advise you the appropriate mode Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port 57 Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Note In PPPoE connection NAT is enabled by default you can determine whether to enable Fullcone NAT or disable Fullcone NAT and only use NAT the default NAT type is Port Restricted cone NAT Of Port Restricted cone NAT the restriction includes port numbers Specifically an external host can send a packet wit
148. ocol by encapsulation of its packets IP Tunnels are often used to connect two disjoint IP networks that do not have a native routing path to each other via an underlying routable protocol across an intermediate transport network like VPN Another prominent use of IP Tunnel is to connect islands of IPv6 installations across the IPv4 internet IPv6inIPv4 6in4 is an Internet transition mechanism for migrating from IPv4 to IPv6 6in4 uses tunneling to encapsulate IPv6 traffic over explicitly configured IPv4 links The 6in4 traffic is sent over the IPv4 Internet inside IPv4 packets whose IP headers have the IP Protocol number set to 41 This protocol number is specifically designated for IPv6 capsulation 6RD 6RD is a mechanism to facilitate IPv6 rapid deployment across IP v4 infrastructures of internet service providers ISPs It is derived from 6to4 a preexisting mechanism to transporting IPv6 packets over IPv4 infrastructure network with the significant change that it operates entirely within the enduser s ISP network thus avoiding the major architectural problems inherent in the original design of 6to4 Configuration AS j v IPv6iniPy4 6in4 Tunnel Configuration Name WAN LAN Dynamic V4 Common Bit Length 6rd Prefix with Prefix Length Border Relay Address Remove Add Remove 86 Click Add button to manually add the 6in4 rules f Configuration ng j 6in4 Tunnel Configuration Parameters Tunnel Name Mechanism 6
149. on Wireless Driver Version WAN Line Rate Upstream Kops Line Rate Downstream Kops Default Gateway IPv4 Address Connection Time Primary DNS Server Secondary DNS Server Default IPv6 Gateway IPv6 Address TW EAV510 v2 TeleWell 0D OH 11M 448 Thu Oct 17 12 52 10 2013 Sync 2 32c dj1 192 168 0 254 fe80 21e abff fe52 0531 64 00 1e ab 52 55 31 A2pv6F038 j d24h 6 30 102 7 cpe4 12L08 4 0 0 usb0 3G LTE 10 180 127 183 00 09 32 195 197 54 100 195 74 0 47 ptm0 1 DSL 20 Device Information Model Name Displays the model name Host Name Displays the name of the router System Up Time Displays the elapsed time since the device is on Date Time Displays the current exact date and time Sync button is to synchronize the Date Time with your PC time without regard to connecting to internet or not Software Version Firmware version LAN IPv4 Address Displays the LAN IPv4 address LAN IPv6 Address Displays the LAN IPv6 address Default is a Link Local address but when connects to ISP it will display the Global Address like above figure MAC Address Displays the MAC address DSL PHY and Driver Version Display DSL PHY and Driver version Wireless Driver Version Displays wireless driver version WAN Line Rate Upstream Kbps Displays Upstream line Rate in Kbps Line Rate Downstream Kbps Displays Downstream line Rate in Kbps Default Gateway IP4 Address Display Default Gate
150. optional 136 Connection created Press Close The connection is ready to use gt Connect now Go to Network Connections shown below to check the detail of the connection Right click L2TP_IPSec icon and select Properties to change the security parameters Bluetooth Network Connection L2TP_IPSec Not connected L2TP IPSec xX Bluetooth Device Personal Area WAN Miniport L2TP Local Area Connection Network cable unplugged x Broadcom NetXtreme Gigabit Eth Wireless Network Connection afffl intei R PRO Wireless 3945ABG N 137 Chang the type of VPN to Layer 2 Tunneling Protocol with IPSec 2TP IPSec and Click Advanced Settings to set the pre shared set in IPSec key for authentication Use Extensible Authentication Protocol EAP 4 Properties Unencrypted password PAP Challenge Handshake Authentication Protocol CHAP g Microsoft CHAP Version 2 MS CHAP v2 Use preshared key for authentication Key 123456 Use certificate for authentication Verify the Name and Usage attributes of the server s certificate Go to Network connections enter username and password to connect L2TP_IPSec and check the connection status 138 E Comet psec 0 User name Password Domain Save this user name and password for the following users Me only E Anyone who uses this computer Off 192 168 1 10 192 168
151. or Allow Stateless and Stateful mode The key will be changed every packet when you select Stateless mode IP Addresses Assigned to Peer 192 168 1 x please input the IP assigned range from 1 254 Idle Timeout Specify the time for remote peer to be disconnected without any activities from 0 120 minutes Click Apply to submit your PPTP Server basic settings PPTP Client PPTP client can help you dial in the PPTP server to establish PPTP tunnel over Internet gt amp ven T PPTP Client Parameters Name WAN Interface Default v Username Password Auth Type Pap or Chap vi PPTP Server Address Connection Type Remote Access O LAN to LAN Time to Connect O always Manual Peer Network IP Peer Netmask Add Edit Delete 119 Name user defined name for identification WAN Interface Select the exact WAN interface configured for the tunnel Select Default to use the now working WAN interface for the tunnel Username Enter the username provided by your VPN Server Password Enter the password provided by your VPN Server Auth Type Default is Auto if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you Know which type the server is using when acting as a client or else the authentication type you want clients connecting to you to use when acting as a server When using PAP
152. ou want to log this information Also you can turn to Configure Log section below to determine the level to log the message You can use this to track potential threats to your system and network i Status 4 aj Security Log Jan 10 02 58 41 daemon alert kernel Intrusion gt TCP packet from ethO 1 192 168 1 100 10322 to 1192 168 1 254 80 Jan 10 02 58 44 daemon alert kernel Intrusion gt TCP packet from eth0 1 192 168 1 100 10322 to 1192 168 1 254 80 Refresh Refresh Click to update the system log Clear Click to clear the current log from the screen Configuration When you click this item the column will expand to display the sub items that will allow you to further configure your router LAN Wireless WAN System USB IP Tunnel Security Quality of Service NAT and Wake On LAN gt LAN gt Wireless gt WAN System gt USB gt IP Tunnel gt Security gt Quality of Service gt NAT Wake On LAN gt VPN gt Advanced Setup The function of each configuration sub item is described in the following sections 33 LAN Local Area Network A Local Area Network AN is a shared communication system network where many computers are connected This type of network is area defined and is usually limited to a confined region within a building Ethernet LAN Parameters Group Name IP Address Subnet Mask IGMP Snooping IGMP Snooping Mode LAN side firewall D
153. ough UPnP NAT Traversal and on supported systems makes tasks such as port forwarding much easier by letting the application control the required settings removing the need for the user to control advanced configuration of their device Both the user s Operating System and the relevant application must support UPnP in addition to the router Windows XP and Windows Me natively support UPnP when the component is installed and Windows 98 users may install the Internet Connection Sharing client from Windows XP in order to support UPnP Windows 2000 does not support UPnP Advanced Setup VAY amp UPnP Parameters UPnP Enable Disable Cancel UPnP Enable Check to enable the router s UPnP functionality Disable Check to disable the router s UPnP functionality 149 Installing UPnP in Windows Example Follow the steps below to install the UPnP in Windows Me Step 1 Click Start and Control Panel Double click Add Remove Programs Step 2 Click on the Windows Setup tab and select Communication in the Components selection box Click Details Install Uninstall Windows Setup Startup Disk To add of remove a component select or clear the check box If the check box is shaded only part of the component will be installed To see what s included in a component click Details Components O fe Accessibility US Accessories 13 8 MB GJ Address Book 1 5 MB a G Communications 7 0 MB RT Desktop The
154. our L2TP Server Password Enter the password provided by your L2TP Server Auth Type Default is Pap or CHap if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you Know which type the server is using When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client L2TP Server Address Enter the IP address of the L2TP server Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Peer Network IP Please input the subnet IP for Server Peer Netmask Please input the Netmask for Server Tunnel Authentication Select whether to enable L2TP tunnel authentication if the server side enables this feature please follow Secret Enter the set secret password in the server side Remote Host Name Enter the remote host name featuring the destination of the L2TP tunnel Local Host Name Enter the local host name featuring the source of the L2TP tunnel Click Add button to save your changes 13 Disable f ae a L2TP Client Parameters Name L2TP over IPSec C Enable WAN Interface Default v Username Password Auth Type Pap or Chap v L2TP Server Address Connection Type Remote Access O LAN to LAN Peer Network I
155. our primary and secondary DNS server addresses Use the IP address provided by Parental Control Provider If user registers and gets an DNS account in the parental control provider website expecting to enjoy a more reliable and safer internet surfing environment please select this option need to configure at Parental Control Provider IPv6 IPv6 DNS Server s operation is similar to IPv4 DNS server There are two modes to get DNS server address Auto and Static mode Obtain IPv6 DNS info from a WAN interface WAN Interface selected Select one configured IPv6 WAN connection from the drop down menu to be as an IPv6 DNS Use the following Static IPv6 DNS address Primary IPv6 DNS Server Secondary IPv6 DNS Server Type the specific primary and secondary IPv6 DNS Server address 146 Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname allowing users whose ISP does not assign them a static IP address to use a domain name This is especially useful for hosting servers via your ADSL connection so that anyone wishing to connect to you may use your domain name rather than having to use your dynamic IP address which changes from time to time This dynamic IP address is the WAN IP address of the router which is assigned to you by your ISP Here users can register different WAN interfaces with different DNS es i Advanced Setup Xe aj Dynamic DNS Parameters Host Name Username
156. ow is choosed and mac filter is empty WPS will be disabled MAC Address Remove Remove Select SSID select the SSID you want this filter applies to MAC Restrict Mode Disable disable the MAC Filter function Allow allow the hosts with the following listed MACs to access the wireless network Deny deny the hosts with the following listed MACs to access the wireless network Click Add to add the MACs 50 il Configuration ng a MAC Filter Parameters MAC Address MAC Address enter the MAC address es The format of MAC address could be XX XX XX XX XX XX Or XX XX XX XX XX XX Click Apply to apply your settings and the item will be listed below If you dont need a rule check the remove checkbox and press Remove to delete it Wireless Bridge WDS wireless distributed system is a wireless access point mode that enables wireless link and communication with other access points It s easy to install simply define the peer s MAC address of the connected AP WDS takes advantage of cost saving and flexibility with no extra wireless client device required to bridge between two access points and extending an existing wired or wireless infrastructure network to create a larger network Here you can select what role the AP server has AP or wireless bridge WDS i Configuration AS aj Wireless Bridge Parameters You can select Wireless Bridge also known as Wireless Distribution System to disable access
157. pecified group after it has received leave message Robustness Value Enter the router robustness parameter default is 2 the greater the robustness value the more robust the Querier is Maximum Multicast Groups Enter the Maximum Multicast Groups Maximum Multicast Data Sources for MLDv2 Enter the Maximum Multicast Data Sources 1 24 Maximum Multicast Group Members Enter the Maximum Multicast Group Members Fast leave Check to determine whether to support fast leave If this value is enabled MLD proxy removes the membership of a group member immediately without sending an MLD membership query on downstream This is very helpful if user wants fast channel group change changing in cases like IPTV environment LAN to LAN Intra LAN Multicast Check to determine whether to support LAN to LAN Intra LAN Multicast If user want to have a multicast data source on LAN side and he want to get MLD snooping enabled then this LAN to LAN multicast feature should be enabled Management SNMP Agent SNMP Simple Network Management Protocol is the most popular one in network It consists of SNMP Manager SNMP Agent and MIB Every network device supporting SNMP will have a SNMP Agent which is a management software running in the device SNMP Manager the management software running on the server it uses SNMP protocol to send GetRequest GetNextRequest SetRequest message to Agent to view and change the information of the device SNMP Agents the
158. point functionality Selecting Access Point enables access point functionality Wireless bridge functionality will still be available and wireless stations will be able to associate to the AP Select Disabled in Bridge Restrict which disables wireless bridge restriction Any wireless bridge will be granted access Selecting Enabled or Enabledi Scan enables wireless bridge restriction Only those bridges selected in Remote Bridges will be granted access AP Mode Access Point Bridge Restrict Enable v Remote Bridges MAC Address AP Mode determines whether the gateway will act as an Access point or as a Bridge Access Point The gateway communicates with both clients and bridges Wireless Bridge The gateway communicates with other WDS devices only In this mode the gateway doesn t communicate with client devices If your wireless network includes repeaters that use WDS the gateway in wireless bridge mode will also communicate with your repeaters The gateway in wireless bridge mode will not communicate with a repeater that uses a proprietary non WDS mode Bridge Restrict When AP Mode is set to Wireless Bridge this determines whether the gateway will communicate with all other bridges or only specific ones Enable to enable wireless bridge restriction Only those specified in the Remote MAC Address the gateway can communicate with 51 Bridge Restrict Enable w Remote Bridges MAC Address Remote Bridge
159. pp0 1 v Cor Caner WAN port Select the port this gateway applies to To set Default Gateway and Available Routed WAN Interface This interfaces are the ones you have set in WAN section here select the one you want to be the default gateway by moving the interface via or And select a Default IPv6 Gateway from the drop down menu Note Only one default gateway interface will be used according to the priority with the first being the highest and the last one the lowest priority if the WAN interface is connected 143 Static Route With static route feature you can control the routing of all the traffic across your network With each routing rule created you can specifically assign the destination where the traffic will be routed l Advanced Setup i Xe Ty Static Route Parameters IP Version Dst IP Prefix Length Gateway Interface Metric Remove Remove Above is the static route listing table click Add to create static routing Bf acvances Setup Static Route Parameters IP Version IPv4 v Destination IP Address Prefix Length Interface v Gateway IP Address Metric greater than or equal to zero IP Version Select the IP version IPv4 or IPv6 Destination IP Address Prefix Length Enter the destination IP address and the prefix length For IPv4 the prefix length means the number of 1 in the submask it is another mode of presenting submask One IPv4 address 192 168 1 0 24 submask is 25
160. profile there is no P4 EWAN interface as P4 is working as a WAN port 39 Configuration v Interface Grouping Groups Isolation Enable Apply Group Configuration Maximum number of entries can be configured 16 Group Name Remove WAN Interface LAN Interfaces DHCP Vendor IDs atm0 1 P1 atm1 1 P2 Default ptm0 1 P3 atm2 2 EAV510 001EAB52B531 ptm0 2 P4 EWAN atm0 2 Bridge atm1 2 atm2 1 Add Remove Group Isolation If enabled devices in one group are not able to access those in the other group Click Add to add groups eroro aw a interface grouping Configuration Parameters lf you like to automatically add LAN clients to a WAN Interface in the new group add the DHCP vendor ID string By configuring a DHCP vendor ID string any DHCP client request with the specified vendor ID DHCP option 60 will be denied an IP address from the local DHCP server IMPORTANT If a vendor ID is configured for a specific client device please REBOOT the client device attached to the modem to allow itto obtain an appropriate IP address Group Name Grouped WAN Interfaces Available WAN Interfaces pppoe_0_8_35 ppp0 1 Grouped LAN Interfaces Available LAN Interfaces P4 EWAN P3 P2 2 P4 wian ap Automatically Add Clients With the following DHCP Vendor IDs Group Name Type a group name Grouped WAN
161. r IPv4 address to the device provided by your ISP WAN Subnet Mask Enter your submask to the device provided by your ISP WAN gateway IP Address Enter your gateway IP address to the device provided by your ISP IPv6 for this service Enable to use IPv6 service 67 Obtain an IPv6 address automatically check whether to enable or disable this feature WAN IPv6 Address Prefix Length Enter the WAN IPv6 Address Prefix Length from your ISP WAN Next Hop IPv6 Address Enter the WAN Next Hop IPv6 Address from your ISP Note If you don t know well about the DHCP Option you can leave it empty or leave it as default NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account by sharing the single IP address If users on your LAN have their own public IP addresses to access the Internet NAT function can be disabled When enabled a Fullcone NAT parameter will appear you can determine whether to enable Fullcone NAT While only NAT enabled the default NAT type Port Restricted cone NAT will be used Fullcone NAT Enable or disable fullcone NAT Fullcone is a kind of NAT in this mode all requests from the same internal IP address and port are mapped to the same external IP address and port Furthermore any external host can send a packet to the internal host by sending a packet to the mapped external address Firewall Enable to drop all traffic from WAN side If enabled all incoming pack
162. r Personal Identification Number A PIN code is a numeric value used in certain systems as a password to gain access and authenticate In mobile phones a PIN code locks the SIM card until you enter the correct code If you enter the PIN code incorrectly into the phone 3 times in a row then the SIM card will be blocked and you will require a PUK code from your network service provider Dial on Demand If you want to make UMTS GPRS call only when there is a packet requesting access to the Internet i e when a program on your computer attempts to access the Internet In this mode you must set Idle Timeout value at same time Click on Connect on Demand the Idle Timeout field will display Keep Alive Check Enable to allow the router to send message out every 7 seconds can be changed base on need to prevent the connection being dropped by ISP IP Address The IP address is used to ping and router will ping the IP to find whether the connection is still on Dial on demand Enable Keep Alive Vi Enable 7 seconds 11 86400 IP Address 8 8 8 8 NAT Check to enable the NAT function Firewall Enable to drop all traffic from WAN side If enabled all incoming packets by default would be dropped and please turn to IP Filtering Incoming to add allowing rules MTU MTU Maximum Transmission Unit is the size of the largest datagram that IP will attempt to send through the interface Select default gateway interfaces Select from the int
163. r_0_0_35 Bridge 0 35 N A N A Disabled Disabled Disabled Edit atm2 2 ipoe_0_0_35 IPoE 0 35 N A N A Enabled Enabled Enabled Disabled Disabled _ Edit PTM Interface Interface Description Type Vlan8021p VianMuxid lamp NAT Firewall IPv6 Mid Remove Edit ptm0 1 ipoe_0_1_0 IPoE NIA NIA Enabled Enabled Enabled Enabled Enabled Edit 3G LTE Interface Interface Description TEL No APN Username NAT Firewall Failover Edit usb0 USB3G0 360 99F internet Enabled Enabled Enabled Edit Add Remove Interface Display the connection interface Description the description for the connection Bytes Display the WAN Received and Transmitted traffic statistics in Bytes Packets Display the WAN Received and Transmitted traffic statistics in Packests Errors Display the statistics of errors arising in Receiving or Transmitting data Drops Display the statistics of drops arising in Receiving or Transmitting data Reset Press this button to refresh the statistics xTM The Statistics xTM screen displays all the xTM statistics Status a gt g 7xIM Interface Statistics Port Number In Octets Out Octets In Packets Out Packets In OAM Cells Out OAM Cells In ASM Cells Out ASM Cells In Packet Errors In Cell Errors 1 14467180 1330512 11347 7340 2 4 0 0 0 0 Reset Port Number Shows number of the port for xTM In Octets Number of received octets over the interface Out Octets Number of transmitted octets over the interface In Packets Number of received
164. ration model hosts obtain interface addresses and or configuration information and parameters from a DHCPV6 server The Server maintains a database that keeps track of which addresses have been assigned to which hosts 36 The second way is stateless configuration Stateless auto configuration requires no manual configuration of hosts minimal if any configuration of routers and no additional servers The stateless mechanism allows a host to generate its own addresses using a combination of locally available information MAC address and information prefix advertised by routers Routers advertise prefixes that identify the subnet s associated with a link while hosts generate an interface identifier that uniquely identifies an interface on a subnet An address is formed by combining the two When using stateless configuration you needn t configure anything on the client Configuration Xe amp 7 IPv6 Autoconfig Parameters Note Interface ID does NOT support ZERO COMPRESSION Please enter the complete information For exampe Please enter 0 0 0 2 instead of 2 Group Name Default v Static LAN IPv6 Address Configuration Interface Address Prefix Length IPv6 LAN Applications DHCPv6 Server Enable DHCPv6 Server Type Stateless Stateful Start interface ID 0 0 0 2 End interface ID 0 0 0 254 Leased Time hour 24 Issue Router Advertisements Enable ULA Prefix Advertisement Enable RADVD
165. red as Enrollee the WPS AP Mode below should be changed to Unconfigured Follow the following steps i Configuration 1 Security lf Hide Access Point enabled or Mac filter listis empty with allow chosen WPA2 will be disabled WPS Setup WPS Enable Current Disable nearest Enter STAPIN Use AP PIN This feature is available only when WPA2 PSK or OPEN mode is configured PIN Help Authorized Station MAC Help WPS AP Mode Configured Setup AP 76229909 Help Manual Setup AP Select SSID wian ap v Network Authentication Open v WEP Encryption Disabled 47 Configure AP as Registrar Add Enrollee with PIN method Select radio button Enter STA PIN Input PIN from Enrollee Station 16837546 in this example Or else users can alternatively enter the authorized station MAC Help it is to help users to understand the concept and correct operation Click Add Enrolee Configuration N VAS Ej Security lf Hide Access Point enabled or Mac filter listis empty with allow chosen WPA2 will be disabled WPS Setup WPS Enable Current Disable come Enter STAPIN O Use AP PIN This feature is available only when WPA2 PSK or OPEN mode is configured PIN 16837546 Help Authorized Station MAC Help WPS AP Mode Configured Setup AP 76229909 Help Manual Setup AP Select SSID wlan ap Network Authentication Open v WEP Encryption
166. red key into both sides router or hosts Encryption Algorithm Select the encryption algorithm from the drop down menu There are several options 3DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency DES Stands for Triple Data Encryption Standard it uses 56 bits as an encryption method 3DES Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method i AES Stands for Advanced Encryption Standards you can use 128 192 or 256 bits as encryption method Integrity Algorithm Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 However it is slower 114 i MD5 A one way hashing algorithm that produces a 128 bit hash SHA1 A one way hashing algorithm that produces a 160 bit hash DH Group It is a public key cryptography protocol that allows two parties to establish a shared secret over an unsecured communication channel i e over the Internet MODP stands for Modular Exponentiation Groups IPSec Lifetime Specify the number of minutes that IPSec will stay active before new encryption and authentication key will be exchanged Enter a value to negotiate and establish secure authentication Default is 60 minutes 3600 seconds A short time increases security by forcing the two parties to upd
167. remote network Remote Gateway The remote gateway address SA The Security Association for this IPSec entry Refresh Click this button to refresh the tunnel status 30 PPTP i Status 1 aj PPTP Status PPTP Server Name Enable Status Connection Type Peer Network IP Connect By Action test V Connected Remote Access 172 16 1 207 Drop PPTP Client gt Name Enable Status Connection Type Peer Network IP Client IP Action PPTP Server Name The PPTP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN PPTP connection Connected By Display the IP of remote connected client Action Act to the connection Click Drop button to disconnect the tunnel connection PPTP Client Name The PPTP connection name Enable Display the connection status with icons Status The connection status Connection Type Remote Access or LAN to LAN Peer Network IP Display the remote network and subnet mask in LAN to LAN PPTP connection Client Assigned IP by PPTP server Action Act to the connection Click Drop button to disconnect the tunnel connection Refresh Click this button to refresh the connection status L2TP f Status XE A L2TP Status L2TP Server gt Name Enable Status Connection Type Peer Network IP Connect By Action test1 Vv Connected Remote Acc
168. routers Check this item to enable IGMP multicast on that WAN interface for multicast forwarding Bridging i Configuration Y WAN Service Parameters Type Bridging VPI VCI 0 0 255 33 32 65535 Encapsulation Mode LLC SNAP BRIDGING Description 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Apply VCP VPI Enter the VCI VPI combination from you ISP Encapsulation Mode Select the encapsulation mode LLC SNAP BRIDGING or VC MUX Description User defined description for the connection commonly for friendly use 802 1P Priority The parameter indicates the frame priority level from 0 owest to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 63 B Ethernet Ethernet WAN connection is well known as directly broadband WAN connection Click Add on WAN Service page to add new Ethernet WAN connection PPPoE i Configuration WAN Service Parameters WAN Port Ethernet Type PPP over Ethernet PPPoE Description 802 1P Priority 1 tagged 0 7 untagged 1 802 1Q VLAN ID 1 tagged 0 4094 untagged 1 Username Password Service Name Authentication Method AUTO Firewall Ti Enable NAT Enable Fullcone
169. rsion IPv4 Application lt lt type or select from listbox Direction LAN to WAN Protocol Any i DSCP Marking Disable v Rate Type Prioritization v Ratio Priority Normal Internal IP Address ie Internal Port External IP Address External Port Time Schedule Always On v Sun Mon Tue Wed Thu Fri Sat From 00 1 00 Tol 00 00 Apply IP Version Select either IPv4 or IPv6 base on need Application Assign a name that identifies the new QoS application rule Select from the list box for quick setup Direction Shows the direction mode of the QoS application LAN to WAN You want to control the traffic from local network to the outside Upstream You can assign the priority for the application or you can limit the rate of the application Eg you have a FIP server inside the local network and you want to have a limited control by the QoS policy and so you need to add a policy with LAN to WAN direction setting WAN to LAN Control traffic from WAN to LAN Downstream Protocol Select the supported protocol from the drop down list DSCP Marking Differentiated Services Code Point DSCP it is the first 6 bits in the ToS byte DSCP Marking allows users to classify the traffic of the application to be executed according to the DSCP value IP Precedence and DSCP Mapping Table efault 000000 F 101110 F11 001010 F12 001100 F13 001110 F21 010010 AF22 010100 F23 010110 F31 011010 F32 011100
170. rt provides users direct access to the storage information like the total volume the used and the remaining capacity of the device Configuration a Storage Device Info Storage Device Info Volume Name FileSystem Total Space Used Space Unmeunt usb1_1 fat 990 42 Volume Name Display the storage volume name FileSystem Display the storage device s file system format well known is FAT Total Space Display the total space of the storage with unit MB Used Space Display the remaining space of each partition unit MB Unmount Click Unmount button if you want to uninstall the USB device Please Note that first click Unmount before you uninstall your USB storage User Account Users here can add user accounts for access to the storage in this way users can access the network sharing storage with the specified account and again protect their own data Default user admin i Configuration AS User Accounts User Accounts A maximum accounts can be configured 16 Username Home Directory Remove admin Add Remove Click Add button enter the user account adding page TI i Configuration N AS j User Accounts Parameters Username Password Confirm Password Volume Name usb1_1 Username user defined name but simpler and more convenient to remember would be favorable Password Set the password Confirm Password Reset the password for confirmation Volum
171. rvice MLD snooping and MLD proxy for video service Management based on IP protocol port number and address Firewall Built in NAT Firewall Stateful Packet Inspection SPI DoS attack prevention Packet Filtering v4 v6 port source IP address destination IP address MAC address URL Content Filtering v4 v6 string or domain name detection in URL string MAC Filtering Quality of Service Control Supports the DiffServ approach Traffic prioritization and bandwidth management based on IPv4 IPv6 protocol port number and address ATM PTM and PPP Protocols ATM Adaptation Layer Type 5 AAL5 Multiple Protocol over ALL5 RFC 268 formerly RFC 1483 Bridged or routed Ethernet encapsulation VC and LLC based multiplexing PPP over Ethernet PPPoE PPP over ATM RFC 2364 Classical IP over ATM RFC 1577 MAC Encapsulated Routing RFC 1483 MER OAM F4 F5 IPTV Applications IGMP Snooping and IGMP Proxy MLD Snooping and MLD Proxy Virtual LAN VLAN Quality of Service QoS Wireless LAN Compliant with IEEE 802 11 b g n ac standards 2 4 GHz and 5GHz radio bands for wireless Upto 1300 Mbps wireless operation rate 64 128 bits WEP supported for encryption WPS Wi Fi Protected Setup for easy setup Supports WPS v2 Wireless Security with WPA PSK WPA2 PSK support WDS repeater function support USB Application Server 3G 4G LTE dongle support DLNA media server Printer Server Vir
172. s is allowed for any IPs even if you set allowed access IP address So please note that enabling remote access is an essential step before granting remote 160 access to IPs Enable Service Select to determine which service s is are allowed for remote access when remote access is enabled By default on condition that remote access is enabled the web service HTTP is allowed for remote access Click Apply button to submit your settings Allowed Access IP Address Range was used to restrict which IP address could login to access system web GUI Valid Enable Disable Allowed Access IP Address Range IP Address Range Specify the IP address Range IPv4 and IPv6 address range can be supported users can set IPv4 and IPv6 address range individually Click Add to add an IP Range to allow remote access Note 1 If user wants to grant remote access to IPs first enable Remote Access 2 Remote Access enabled Enable Valid for the specific IP s in the IP range to allow the specific IP s to remote access the router Disable Valid for all specific IP s in the IP range to allow any IP s to remote access the router No listing of IP range is to allow any IP s to remote access the router Power Management Power management is a feature of some electrical appliances especially computers that turn off the power or switch to a low power state when inactive Five main parameters are listed for users to check to manage the performance of th
173. s you to share a printer on your network by connecting a USB cable from your printer to the USB port on the TW EAV510 AC v2 This allows you to print from any location on your network 80 Note Only USB printers are supported Setup of the printer is a 3 step process for example Connect the printer to the s USB port Enable the print server on the Install the printer drivers on the PC you want to print from f Configuration Y a Print Server Parameters On board Print Server V Enable Printer Name OfficePrinter Make And Model Epson Stylus Photo R2 Apply On board Print Server Check Enable to activate the print server Printer Name Enter the Printer name for example OfficePrinter Make and Model Enter in the Make and Model information for the printer for example Epson Stylus Photo R290 Note The Printer name can be any text string up to 40 characters It cannot contain spaces The Make and Model can be any text string up to 128 characters Set up of Printer client Windows 7 Step 1 Click Start and select Devices and Printers E Snipping Tool warehouse g Control Panel tS Microsoft Excel 2010 E SyncMe Client for Windows Documents Pictures Music Computer Sen Calculator Control Panel WordPad Devices and Printers Tera Term Default Programs Microsoft Outlook 2010 Help and Support e Remote Desktop Connection P 3 3G0 HSPA Mobile Card All Programs Step 2 Cli
174. sRUpCcDAPXTWNpsEfv s QEnMOUGEHAOtLHDY73 sec H J BTWNSANZCTFSQOqZRLSoO2ZILXAGMBAAG J ccMwocAwSAYDVROEFBEEwPZASoDu cOaQs MDUxCZAJBcNVBAYTAKNOMRcwFQOYDVQQKEwWSDRKENBIFBvbC1LIESBDQOQTENMAS GAIUE AxMEQi1 JUMMTALBocNVHQS EBAMCAQYwHwYDVRO7j BBcowFoAULSJufeT7tBb wves FaAqx kiNCOtAwHQYDVROOBBYE FMMnxj ZoyCdlJievkadLJJMCSRrpMAwGAIUdEwQ Certificate Click Apply to confirm your settings 156 Multicast Multicast is one of the three network transmission modes Unicast Multicast Broadcast It is a transmission mode that supports point to multipoint connections between the sender and the recipient IGMP protocol is used to establish and maintain the relationship between IP host and the host directly connected multicast router IGMP stands for Internet Group Management Protocol it is a communications protocols used to manage the membership of Internet Protocol multicast groups IGMP is used by IP hosts and the adjacent multicast routers to establish multicast group members There are three versions for IGMP that is IGMPv1 IGMPv2 and IGMPvs MLD short for Multicast Listener Discovery protocol is a component if the Internet Protocol version 6 IPv6 suite MLD is used by IPv6 to discover multicast listeners on a directly attached link much as IGMP used in IPv4 The protocol is embedded in ICMPv 6 instead of using a separate protocol MLDv1 is similar to GMPv2 and MLDv2 is similar to IGMPvs3 f Advanced Setup Xe 7 IGMP Parameters
175. se sensitive and must not exceed 32 characters BSSID Basic Set Service Identifier it is a local managed IEEE MAC address and is 48 bits value Country Different countries have different wireless band resources so you can select the appropriate Country according to your location Max Clients enter the number of max clients the wireless network can supports 1 16 Guest virtual Access Points A Virtual Access Point is a logical entity that exists within a physical Access Point AP When a single physical AP supports multiple Virtual APs each Virtual AP appears to stations STAs to be an independent physical AP even though only a single physical AP is present For example multiple Virtual APs might exist within a single physical AP each advertising a distinct SSID and capability set Alternatively multiple Virtual APs might advertise the same SSID but a different capability set allowing access to be provided via Web Portal WEP and WPA simultaneously Where APs are shared by multiple providers Virtual APs provide each provider with separate authentication and accounting data for their users as well as diagnostic information without sharing sensitive management traffic or data between providers You can enable the virtual AP Here you can enable some Virtual APs according to the request And the other parameters of virtual APs are the same to the above Click Apply to apply your settings Security Wireless security prev
176. setting the select the Current Settings and Click Restart progress progress Do not switch off device during flash update or rebooting total i 8 166 Chapter 4 Troubleshooting If your router is not functioning properly please refer to the suggested solutions provided in this chapter If your problems persist or the suggested solutions do not meet your needs please kindly contact your service provider or TeleWell for support Problems with the router Suggested Action None of the LEDs is on when you turn on Check the connection between the router and the the router adapter If the problem persists most likely it is due to the malfunction of your hardware Please contact your service provider or TeleWell for technical support You have forgotten your login username or Try the default username admin and password password admin If this fails you can restore your router to its factory settings by pressing the reset button on the device rear side Problems with WAN interface Frequent loss of ADSL line sync Ensure that all other devices connected to the same disconnections telephone line as your router e g telephones fax machines analogue modems have a line filter connected between them and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed and the right way around
177. ss space than IPv4 This results from the use of a 128 bit address whereas IPv4 uses only 32 bits The new address space thus supports 2128 about 3 4x 1038 addresses This expansion provides flexibility in allocating addresses and routing traffic and eliminates the primary need for network address translation NAT which gained widespread deployment as an effort to alleviate IPv4 address exhaustion The TeleWell TW EAV510 AC v2 fully supports IPv6 Internet Protocol Version 6 launched as the current IPv4 range is filling up and IPv6 is gradually becoming the indispensable addressing system for savvy cloud computing users Dual stack means the router is capable of running IPv4 and IPv6 in parallel during the transition period With TeleWell IPv6 enabled devices three major transition mechanisms such as Dual Stack Dual Stack Lite and 6RD IPv6 rapid deployment are supported to be adapted easily into service provider s IPv4 IPv6 network 3 Jumbo frames supported Jumbo frames are Ethernet frames with more than 1500 bytes standard Ethernet frame of payload Conventionally jumbo frames can carry up to 9720 bytes of payload to enjoy a high efficiency communication in Gigabit Ethernet Jumbo frames increase the frame size so that a certain large amount of date can be transported with less effort reducing CPU utilization and increasing throughput by reducing the number of frames needing to be processed and reducing the total overhead byte count of
178. st to 7 highest which can be used to prioritize different classes of traffic voice video data etc Enter the priority identification tagged 0 1 untagged 1 802 1Q VLAN ID It is a parameter to specify the VLAN which the frame belongs Enter the VLAN ID identification tagged 0 4094 untagged 1 Here two modes are supported for users to deal with the IP and DNS You can select obtain automatically or manually input the information according to your ISP Obtain an IP address automatically Check whether to enable this function Option 60 Vendor ID Enter the associated information by your ISP This option is used by DHCP clients to optionally identify the vendor type and configuration of a DHCP client The information is a string of n octets interpreted by servers Vendors may choose to define specific vendor class identifiers to convey particular configuration or other identification information about a client Option 61 Client ID Enter the associated information provided by your ISP Option 125 Option 125 is a complementary standard of DHCP protocol it is used to encapsulate option 125 message into DHCP offer packet before forward it to clients After the clients receive the packet it check the option 125 field in the packet with the pre stored message if it is matched then the client accepts this offer otherwise it will be abandoned Check Enable or Disable this function Default setting is Disable WAN IP Address Enter you
179. st Name Enter the local host name featuring the source of the L2TP tunnel Click Add button to save your changes Example L2TP over IPSec Remote Access with Windows Note inside test with 172 16 1 185 just an example for illustration Pon Business Trij Jue adquartei 172 16 1 185 windows 7 with L2TP IP Sec Client Public IP L2TP Server 192 168 1 0 24 lt 172 16 1 102 132 Server Side Configuration gt VPN gt L2TP and Enable the L2TP function Click Apply I a g L2TP Server Parameters L2TP Enable Disable WAN Interface Default or IPSec Tunnel w iPSec Auth Type Chap IP Addresses Assigned to Peer start from 192 168 110 Tunnel Authentication F Remote Host Name z Local Host Name The IPSec for L2TP rule ta a IPSec IPSec Settings L2TP over IPSec Enable Connection Name WAN Interface Default v IP Version Remote Security Gateway Anonymous Key Exchange Method IKE IPsec Protocol ESP Pre Shared Key 123456 Create a L2TP Account test1 I a g VPN Account VPN Account applied to PPTP Server and L2TP Server Parameters Name testi Tunnel Enable Disable Username test1 Password eeeee Connection Type Remote Access O LAN to LAN Peer Network IP Peer Netmask l Edit Name Tunnel Connection Type Peer Network IP Peer Netmask Delete test1 Enable Remote Access O 1
180. t finding out the IP address of the router This helps if you do not know the router s IP address Follow the steps below to access web configuration Step 1 Click Start and then Control Panel Step 2 Double click Network Connections Step 3 Select My Network Places under Other Places 154 Network Connections a fx File Edit View Favorites Tools Advanced Help w E gt T pJ Search YW Folders ies Address e Network Connections ae Go LAN or High Speed Internet Local 4rea Connection Local Area Connection 4 Acq twork address Fir work cable unplugged Fire k DFE S30TX PCI Fast Et Acquiring networ dress Mety Ls NVIDIA nForce MCP Networkin fa D Lin Network Tasks Create a new connection Set up a home or small office network Change Windows Firewall settings See Also i Network Troubleshooter Other Places G Control Panel J My Network Places O My Documents ig My Computer Details Network Connections System Folder Step 4 An icon describing each UPnP enabled device shows under Local Network Step 5 Right click on the icon of your TeleWell TW EAV510 AC v2 and select Invoke The web configuration login screen displays Step 6 Right click on the icon of your TeleWell TW EAV510 v2 AC and select Properties A properties window displays basic information about the TeleWell TW EAV510 AC v2 Certificate This feature is used for TRO69 ACS Server authentication of
181. t please enter the IP and netmask Enable Keepalive Normally the tunnel interface is always up Enable keepalive to determine when the tunnel interface is to be closed The local router sends keepalive packets to the peer router if keepalive response is not received from peer router within the allowed time retry time multiply interval based on default settings the time interval can be 30 seconds the local router will shut up its tunnel interface Keepalive Retry Times Set the keepalive retry times default is 10 Keepalive Interval Set the keepalive Interval unit in seconds Default is 3 seconds 142 Advanced Setup There are sub items within the System section Routing DNS Static ARP UPnP Certificate Multicast Management and Diagnostics Status O O O OOOO O O Quick Start Configuration Advanced Setup Routing gt DNS Static ARP UPnP gt Certificate Multicast gt Management gt Diagnostics Routing Default Gateway i Advanced Setup i we ei Default Gateway Default Gateway Interface List Only one default gateway interface will be used according to the priority with the first being the highest and the last one the lowest priority if the WAN interface is connected Selected Default Gateway Interfaces Available Routed WAN Interfaces ppp 1 Preferred WAN Interface As The System Default IPv6 Gateway Selected WAN Interface pppoe 0 0 35 p
182. t port or port port Time Schedule Always On v sun Mon Tue Wed Thu Fri Sat From 00 100 To 00 00 Log a Filter Name A user defined rule name User can select simply from the list box for the application for quick setup IP Version Select the IP Version IPv4 or IPv6 Protocol Set the traffic type TCP UDP TCP UDP ICMP that the rule applies to Source IP address This is the Address Filter used to allow or block traffic to from particular IP address es featured in the IP range If you leave empty it means any IP address Source Port port or port port The port or port range defines traffic from the port specific application or port in the set port range blocked to go through the router Default is set port from range 1 65535 Destination IP address Traffic from LAN with the particular traffic destination address specified in the IP range is to be blocked from going through the router similarly set as the Source IP address above Destination Port port or port port Traffic with the particular set destination port or port in the set port range is to be blocked from going through the router Default is set port from port range 1 65535 Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule duri
183. t will be installed To see what s included in a component click Details Subcomponents of Networking Services B Internet Gateway Device Discovery and Control Client 0 0 MB C E Peer to Peer 0 0 MB C RIP Listener 0 0 MB O E Simple TCP IP Services 0 0 MB S amp UPnP User Interface 0 2 MB Description Displays icons in My Network Places for UPnP devices detected on the network Also opens the required Windows Firewall ports Total disk space required 0 0 MB Space available on disk 11455 3 MB wre pt Jetas T Auto discover Your UPnP enabled Network Device Step 1 Click start and Control Panel Double click Network Connections An icon displays under Internet Gateway Step 2 Right click the icon and select Properties Network Connections File Edit View Favorites Tools Advanced Help a Bes gt wi P Search gt Folders iii Address Network Connections Internet Gateway Network Tasks Internet Connection I Create a new connection oO Set up a home or small LEONE office network Status Change Windows __LAN or High Speed Ir Firewall settings Se F Start this connection Local afs a Create Shortck Connecte c Rename this connection Epia A SCOE t Delete j Ea NVIDIA nFor a Change settings of this connection Properties 152 Step 3 In the Internet Connection Properties window click Settings to see the port mappings that were automatically
184. te of up to 300Mbps and is also compatible with 802 11b g n ac equipment The Wireless Protected Access WPA PSK WPA2 PSK and Wireless Encryption Protocol WEP features enhance the level of transmission security and access control over wireless LAN The router also supports the Wi Fi Protected Setup WPS standard allowing users to establish a secure wireless network by simply pushing a button If your network requires wider coverage the built in Wireless Distribution System WDS repeater function allows you to expand your wireless network without the need for any external wires or cables 3G 4G LTE Mobility and Always on Connectivity With 3G 4G LTE based Internet connection requires an additional 3G 4G LTE USB modem plugged into the built in USB port user can access internet through 3G 4G LTE whether you are seated at your desk or taking a cross country trip The auto fail over feature ensures optimum connectivity and minimum interruption by quickly and smoothly connecting to a 3G 4G LTE network in the event that you ADSL Fibre Cable line fails The TeleWell TW EAV510 AC v2 will then automatically reconnect to the ADSL Fibre Cable connection when it is restored reducing connection costs These features are perfect for office situations when a constant and smooth WAN connection is critical IPv6 supported Internet Protocol version 6 IPv6 is a version of the Internet Protocol that is designed to succeed Pv4 IPv6 has a vastly larger addre
185. tel R 82566DM Gigabit Network Connection This connection uses the following items o Client for Microsoft Networks Z QoS Packet Scheduler d2 File and Printer Sharing for Microsoft Networks Intemet Protocol Version 6 TCP IPv6 P71 Link Layer Topology Discovery Mapper 1 0 Driver Link Layer Topology Discovery Responder nat Description Transmission Control Protocol Intemet Protocol The default wide area network protocol that provides communication across diverse interconnected networks In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting Click OK again in the Local Area Connection Properties window to apply the new configuration Internet Protocol Version 4 TCP IPv4 Properties You can get IP settings assigned automatically f your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address IP address Subnet mask Default gateway Obtain DNS server address automatically A Use the following DNS server addresses Preferred DNS server Alternate DNS server IPv6 Select Internet Protocol Version 6 TCP IPv6 then click Properties onnection Fr ert Networking Connect using iy Intel R 82566
186. ters Parental Control Provider provides Web content filtering while surfing the web safer and more reliable Please get an account and configure atthe selected Provider in advance Provider www opendns com Host Name Username Password Host Name Username and Password Enter your registered domain name and your username and password at the provider website www opendns com QoS Quality of Service QoS helps you to control the data upload traffic of each application from LAN Ethernet to WAN Internet This feature allows you to control the quality and speed of throughput for each application when the system is running with full upstream load Note ADSL line speed is based on the ADSL sync rate But there is no QoS on 3G LTE as the 3G LTE line speed is various and can not be known exactly f Configuration ye Ej QoS Classification Setup EVVAN Line Speed Upstream Downstream 0 1 0 kbps 0 Disable Maximum rules can be configured 32 Class Name IP Version Direction InternallP Address Internal Port Protocol External IP Address External Port DSCP Mark Rate Type Disabled Remove Edit Add EWAN Line Speed Upstream Downstream Specify the upstream and downstream rate of the EWAN interface Click Apply to save the EWAN rate settings Click Add to enter QoS rules 97 i Configuration ys aj Quality of Service Non Assigned Bandwidth Ratio gt Upstream LAN to WAN 100 Downstream WAN to LAN 100 IP Ve
187. the click Open Then in the above page click Update Settings the following process indicating screen will appear Let it update to 100 it will automatically turn to the Device Info page progress progress Do not switch off device during flash update or rebooting total i 6 Access Control Access Control is used to prevent unauthorized access to the router configuration page Here you can change the login user password Three user levels are provided here Each user level there s a default provided user You must access the router with the appropriate username and password Here the corresponding passwords are allowed to change Configuration 1r aj Access Control Parameters Level Administrator w Username admin Old Password maximum length is 15 New Password maximum length is 15 Confirm Password maximum length is 15 Level select which level you want to change password to There are three default levels Administrator the root user corresponding default username and password are admin and admin respectively Remote username for the remote user to login corresponding default username and password are support and support respectively i Local username for the general user when logon to the web page only lit items would be listed for common user corresponding default username password are user and user respectively Username the default username for each user level Old Password Enter the old
188. the device using certificate if necessary If the imported certificate doesn t match the authorized certificate of the ACS Server the device will have no access to the server Trusted CA Advanced Setup AS yy Trusted CA Trusted CA Certificate Authority Certificates Maximum certificates can be stored 4 Name Subject Type Action Import Certificate Certificate Name The certificate identification name Subject The certificate subject Type The certificate type information ca indicates that the certificate is a CA signed certificate self indicates that the certificate is a certificate owner signed one x 509 indicates the certificate is the one created and signed according to the definition of Public Key System suggested by x 509 Action Click Import Certificate button to import your certificate 155 Jesse aw a Trusted CA Import CA certificate Parameters Certificate Enter the certificate name and insert the certificate eso u w Trusted CA Import CA certificate Parameters Name acscert MIICj DCCATWcAWIBAGIEOUSLuTANBckqnkiG3wOBAQuFADAmMMOswlQYDVOe GEwJD TI EXMBUGAIVECHMOQOOUZDOSBQOb2xpYs kqQl0EwHncNMDAwN EyMDco0OTUyWhc NMS Aw Nj EyMDQZNZA2ZWIJApNQswCQYDVQQGEWJDT j EaMBcGAIVECHMRQOOZDOSBPcEeV yYXRp b2 sqQ0EwoZEwDQYJKRoZinvcNAQEBBQADcYOCAMIGJUACGBANeE sSUKGNisWtSpNn ZuTJD rSwxXGijaexPnBisSzNuc7TOSPQOYGvnnsOv3eviuv2jYF2ZFeqiDYPQBvTAFII Uusbe PpUUBenxvYRoTImUEJOPEy S
189. the following items OM Client for Microsoft Networks E QoS Packet Scheduler a File and Printer Sharing for Microsoft Networks Intemet Protocol Version 6 TCP IPv6 Intemet Protocol Version 4 TCP IPv4 Link Layer Topology Discovery Mapper 1 0 Driver Link Layer Topology Discovery Responder Description Transmission Control Protocol Intemet Protocol The default wide area network protocol that provides communication across diverse interconnected networks In the TCP IPv4 properties window select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons Then click OK to exit the setting Click OK again in the Local Area Connection Properties window to apply the new configuration General Alternate Configuration You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address IP address Subnet mask Default gateway Obtain DNS server address automatically Use the following DNS server addresses Preferred DNS server Alternate DNS server _ Validate settings upon exit IPv6 Select Internet Protocol Version 6 TCP IPv6 then click Properties onnection Fropert Networking Connect using K Broadcom 570x Gigabit Integrate
190. the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges at different periods to ensure that an intruder has not replaced the client PPTP Server Address Enter the IP address of the PPTP server Connection Type Select Remote Access for single user Select LAN to LAN for remote gateway Time to Connect Select Always to keep the connection always on or Manual to connect manually any time Peer Network IP Please input the subnet IP for Server peer Peer Netmask Please input the Netmask for server peer Click Add button to save your changes Example PPTP Remote Access with Windows Note inside test with 172 16 1 208 just an example for illustration Pond Business Trij Fu adquartei 172 16 1 208 Windows XP Q PPTP Client Public IP PPTP Servel 192 168 1 0 24 lt Server Side Configuration gt VPN gt PPTP and Enable the PPTP function Click Apply 120 I C PPTP Server Parameters PPTP Function eEnable ODisable WAN Interface Detant wi Auth Type MIS CHAPY2_ Encryption Key Length Auto w Peer Encryption Mode IP Addresses Assigned to Peer start from 192 168 1 joo Idle Timeout 10 0 120 Minutes Create a PPTP Account test gt VPN Account VPN Account applied to PPTP Server and L2TP Server Parameters Name a Tunnel Enable O Disable Connection Type Remote Access LAN to LAN Add Edit Delete
191. this case port triggering in the router is working when an outbound connection is attempted on port 4099 or any port in the range set it should allow inbound connections to that particular computer 108 Select a Server Name from the drop down menu then the port will automatically appear modify some as you like or you can just leave it as default Remember to enter your server IP Address Configuration ng T Y Port Triggering Parameters Interface Application Custom Application Trigger Port Open Port TA Trigger Protocol am T Open Protocol O D Fel fi ee i oY Top TP _ y p n TR M Press Apply to conform and the items will be list in the Virtual Servers Setup table i Configuration n aj Port Triggering Port Triggering Setup Trigger Open cation Port Range Port Range WAN Interface Remove Appl Protocol a Protocol di Start End Start End Aim Talk TCP 4099 4099 TCP 5191 5191 pppo 1 Remove If you don t need a specified Server you can remove it Check the check box beside the item you want to remove and then press Remove wy g acvancea Setup Port Triggering Port Triggering Setup Trigger Open Application Port Range Port Range WAN Interface Remove Protocol Protocol Start End Start End Aim Talk TCP 4099 4099 TCP 5191 5191 pppo 1 d 109 ALG The ALG Controls enable or disable protocols over application layer Configura
192. thorized SSID Interface 00 18 DE CE 8F 5B Yes wian ap wid Refresh 54 MAC Address The MAC address of the wireless clients Associated List all the stations that are associated with the Access Point If a station is idle for too long it is removed from this list Authorized List those devices with authorized access SSID Show the current SSID of the client Interface To show which interface the wireless client is connected to Refresh To get the latest information Schedule Control Schedule control is aimed to offer methods to flexibly control when the wireless network SSID is allowed for access The Wireless schedule only functions whilst Wireless is enabled The Guest Virtual AP schedule control only operates whilst the associated AP is enabled For detail setting the timeslot user can turn to Time Schedule i Configuration Schedule Control The Wireless schedule only functions whilst Wireless is enabled The Guest Virtual AP schedule control only operates whilst the associated AP is enabled a gt wlan ap Enable 1 Always On iv sun Mon Tue Wed Thu Fri _ Sat Fromloo 00 To 00 00 Time Schedule 2 check or select from listbox Sun Mon Tue Wed Thu Fri Sat From 00 000 To 00 00 Wireless Guest Virtual Access Points wl0_Guest1 Disable 1 Always On Sun _ Mon Tue _ Wed Thu Fri Sat From 00 00 Tolo0 00 Time Schedule al 2 check or select from listbox Sun Mon Tue Wed
193. ties to establish a shared secret over an unsecured communication channel i e over the Internet MODP stands for Modular Exponentiation Groups SA Lifetime Specify the number of minutes that a Security Association SA will stay active before new encryption and authentication key will be exchanged Enter a value to issue an initial connection request for a new VPN tunnel Default is 480 minutes 28800 seconds A short SA time increases security by forcing the two parties to update the keys However every time when the VPN tunnel re negotiates access through the tunnel will be temporarily disconnected Phase 2 Encryption Algorithm Select the encryption algorithm from the drop down menu There are several options 3DES and AES 128 192 and 256 3DES and AES are more powerful but increase latency Integrity Algorithm Authentication establishes the integrity of the datagram and ensures it is not tampered with in transmit There are 2 options Message Digest 5 MD5 and Secure Hash Algorithm SHA1 SHA1 is more resistant to brute force attacks than MD5 However it is slower DH Group It is a public key cryptography protocol that allows two parties to establish a shared secret over an unsecured communication channel i e over the Internet MODP stands for Modular Exponentiation Groups IPSec Lifetime Specify the number of minutes that IPSec will stay active before new encryption and authentication key will be exchanged Enter a
194. tion Xe a ALG Parameters SIP Enable O Disable Wake On LAN Wake on LAN WOL sometimes WoL is an Ethernet computer networking standard that allows a computer to be turned on or woken up remotely by a network message Configuration ng amp Wake On LAN Parameters Host Label MAC Address lt lt select Y type or select from listbox Wake by Schedule Jenable Schedule gt Add Host Label Enter identification for the host Select Select MAC address of the computer that you want to wake up or turn on remotely Wake by Schedule Enable to wake up your set device at some specific time For instance user can set to get some device woken up at 8 00 every weekday Click Schedule to enter time schedule configuring page to set the exact timeline l Configuration Xe amp Wake up Time Schedule Parameters Name Day in a week Clsun U mon C Tue Owed C thu Ceri O Sat Time 00 v 00 Edit Delete Edit Name Day in a week Time Delete Cc 11 SMTWTFs 08 00 Add After selecting click Add then you can submit the Wake up action Edit Delete Click to edit or delete the selected MAC address Ready Yes indicating the remote computer is ready for your waking up No indicating the machine is not ready for your waking up Delete Delete the selected MAC address 110 VPN A virtual private network VPN is a private network that interconnects remote and often geographicall
195. tive trade organization established by Sony in June 2003 which is responsible for defining interoperability guidelines to enable sharing of digital media between consumer devices such as computers printers cameras cell phones and other multiple devices DLNA uses Universal Plug and Play UPnP for media management discovery and control UPnP defines the types of devices server renderer controller that DLNA supports and the mechanism for accessing media over a network Overall DLNA allows more convenience more choices and enjoyment of your digital content through DLNA certified devices Any DLNA certified devices or software can access the DLNA server With USB storage TW EAV510 AC v2 can serve as a DLNA Server 85 i Configuration Digital Media Server settings Parameters On board digital media server Interface Default Media Library Path usb1_1 v On board digital media server Enable to share the device as a DLNA server Interface The VLAN group it is the bound interface for DLNA server accessing Media Library Path Default is usb1_1 total USB space pictures videos music etc all can be accessed with this path Take Windows media player in Windows 7 accessing the DLNA server for example for usage of DLNA IP Tunnel An IP Tunnel is an Internet Protocol IP network communication channels between two networks of different protocols It is used to transport another network prot
196. to IP DNS DNS Parameters Select DNS Server Interface from available WAN interfaces OR enter static DNS server IP addresses OR IP addresses provided by Parental Control Provider for the system In ATM mode if only a single PVC with IPoA or static IPoE protocol is configured Static DNS server IP addresses must be entered DNS Server Interfaces can have multiple WAN interfaces served as system dns servers but only one will be used according to the priority with the first being the higest and the last one the lowest priority if the WAN interface is connected Priority order can be changed by removing all and adding them back in again Select DNS Server Interface from available WAN interfaces Selected DNS Server Interfaces Available WAN Interfaces pppo 1 USB3G0 Use the following Static DNS IP address Primary DNS server Secondary DNS server Use the IP Addresses provided by Parental Control Provider Note that selecting a WAN interface for IPv6 DNS server will enable DHCPv6 Client on that interface Obtain IPv6 DNS info from a WAN interface WAN Interface selected pppoe_0 8 35 ppp0 1 Use the following Static IPv6 DNS address Primary IPv6 DNS server Secondary IPv6 DNS server IPv4 Three ways to set an IPv4 DNS server select DNS server from available WAN interfaces Select a desirable WAN interface as the IPv4 DNS server User the following Static DNS IP address To specify DNS server manually by entering y
197. to check with your ISP Internet Service Provider to find out what kind of service is provided Gather the information as illustrated in the following table and keep it for reference PPPoE RFC2516 PPPoA RFC2364 IPoA RFC1577 VPI VCI VC _LLC based multiplexing Username Password Service Name and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually VPI VCI VC LLC based multiplexing Username Password and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually VPI VCI VC LLC based multiplexing Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually VPI VCI VC LLC based multiplexing IP address Subnet mask Gateway address and Domain Name System DNS IP address it is a fixed IP address VPI VCI VC LLC based multiplexing to use Bridged Mode 18 Chapter 3 Configuration Configuration via Web Interface Open your web browser enter the IP address of your router which by default is 192 168 0 254 and click ok or press Enter key on the keyboard a login prompt window will appear The default root username and password are admin and admin respectively Authentication Required A username and password are being requested by http 192 168 0 254 The site says TW EAV510 v2 User Nam
198. to use Choose your local time zone from the drop down menu After a successful connection to the Internet the router will retrieve the correct local time from the NTP server you have specified If you prefer to specify an NTP server other than those in the drop down list simply enter its IP address in their appropriate blanks provided as shown above Your ISP may also provide an NTP server for you to use Click Apply to apply your settings 72 Firmware Upgrade Software upgrading lets you experience new and integral functions of your router f Configuration ng aj Firmware Upgrade You may upgrade the system software on your network device After upgrading let your device restart with factory default settings or current settings Factory Default Settings Restart device with Current Settings New Firmware Image Uparade Restart device with Factory Default Settings Restart the device with factory default settings automatically when finishing upgrading Current Settings Restart the device with the current settings automatically when finishing Upgrading Your router s firmware is the software that allows it to operate and provides all its functionality Think of your router as a dedicated computer and the firmware as the software it runs Over time this software may be improved and revised and your router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse
199. tocol is a protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast routers Check this item to enable IGMP multicast on that WAN interface for multicast forwarding MTU Maximum Transmission Unit the size of the largest datagram excluding media specific headers that IP will attempt to send through the interface MAC Spoofing This option is required by some service providers specifying some specific MAC allowed for connecting in network You must fill in the MAC address specified by your service provider when this information is required Click Next to continue to set the default gateway and DNS for IPv4 and IPv6 IPoA j Configuration YWAN Service Parameters Type IPoA VPI VCI 0 0 255 33 32 65535 Encapsulation Mode LLC SNAP ROUTING Description WAN IP Address WAN Subnet Mask Obtain DNS Use Static DNS Parent Controls Primary DNS Secondary DNS NAT al Enable Fullcone NAT Enable Firewall M Enable IGMP Multicast Enable Apply 62 VCI VPI Enter the VCI VPI combination from you ISP Encapsulation Mode Select the encapsulation mode LLC SNAP BRIDGING or VC MUX Description User defined description for the connection commonly for friendly use WAN IP Enter the WAN IP from the ISP WAN Subnet Mask Enter the WAN Subnet Mask from the ISP Obtain DNS Use Static DNS To specify DNS server manually by entering your primary and secondary DNS server ad
200. tual Private Network VPN IKE key management DES 3DES and AES encryption for IPSec L2TP over IPSec Pap Chap MS CHAPv2 authentication for PPTP IPSec pass through GRE tunnel Management Web based GUI for remote and local management IPv4 IPv6 Firmware upgrades and configuration data upload and download via web based GUI Embedded Telnet server for remote and local management Supports DHCP server client relay Supports SNMP v1 v2 MIB I and MIB II TR 069 supports remote management Available Syslog Mail alert for WAN IP changed Auto failover and fallback Push Service Physical Interface WLAN 5 x 3dbi internal antenna DSL ADSL VDSL port USB 2 0 port for DLAN printer server and 3G 4G LTE dongle Ethernet 4 port 10 100 1000 Mbps auto crossover MDI MDI X Switch Factory default reset button WPS push button Power jack Power switch Package Contents TW EAV510 AC v2 router Quick Start Guide CD containing English manual RJ 45 Cat 5e STP Ethernet cable RJ 11 ADSL telephone cable Power adapter Splitter Micro filter Optional Important note for using this router Do not use the router in high humidity or high temperatures Do not use the same power source for the router as other equipment Do not open or repair the case yourself If the router is too hot turn off the power immediately and have it repaired at a qualified service center Avoid using
201. ue Gur Gun Gur 4 fm fy O 0 lt iC Ki lt I lt I lt lt i i Interface Select from the drop down menu the interface you want the port triggering rules apply to Application Preinstalled applications or Custom Application user can customize the utility yourself Custom Application It is a kind of service to let users themselves customizes the service they want Enter the user defined service name here Trigger Port i Start Enter a port number as the triggering port starting number End Enter a port number as the triggering port ending number Any port in the range delimited by the Start and End would be the trigger port Open port Start Enter a port number as the open port staring number End Enter a port number as the open port ending number Any port in the range delimited by the Start and End would be the preset forwarding port or open port Protocol select the protocol this service used S Set up An example of how port triggering works when a client behind a NAT router connecting to Aim Talk it is a TCP connection with the default port 4099 When connecting to Aim Talk the client typically makes an outgoing connection on port 4099 to the Aim Talk server but when the computer is behind the NAT the NAT silently drops this connection because it does not know which computer behind the NAT to send the request to connect So in
202. val time sec for sending packets to keep the NAT Traversal alive Click Apply to save and apply your settings Click Add to create IPSec connections 111 I a YIPSec IPSec Settings L2TP over IPSec C Enable Connection Name WAN Interface Default v IP Version IPv4 Local Network Single Address IP Address Netmask Remote Security Gateway Lan onymous Remote Network Single Address w IP Address Netmask Key Exchange Method IKE IPsec Protocol ESP Pre Shared Key Local ID Type Default v ID Content Remote ID Type Default w ID Content Phase 1 Mode Main v RR AEA integrity m Encryption Algorithm 3DES v Algorithm WD5 DH Group MODP1024 DH2 v SA Lifetime 480 Minute s 60 1440 Phase 2 D Integrity ery Ala 3DES eats 5 Encryption Algorithm 3DES v Algorithm MDS DH Group None v IPSec Lifetime 60 Minute s 60 1440 Ping for Keep Alive None Appl IPSec Settings L2TP over IPSec Select Enable if user wants to use L2TP over IPSec See L2TPover IPSec Connection Name A given name for the connection but it should contain no spaces e g connection to office WAN Interface Select the set used interface for the IPSec connection when you select adsl pppoe 0 0 35 ppp0 1 interface the IPSec tunnel would transmit data via this interface to connect to the remote peer IP Version Select the IP version base on your network framework Local Network Set the IP address or subnet of the local network
203. vertisement gif When enabled your specified keywords list will be checked to see if any keywords are present in URLs accessed to determine if the connection attempt should be blocked Please note that the URL filter blocks web browser HTTP connection attempts using port 80 only Domains Filtering This function checks the whole URL address but not the IP address against your list of domains to block or allow If it is matched the URL request will either be sent Trusted or dropped Forbidden Restrict URL Features Click Block Java Applet to filter web access with Java Applet components Click Block ActiveX to filter web access with ActiveX components Click Block Cookie to filter web access with Cookie components Click Block Proxy to filter web proxy access Exception IP Address You can input a list of IP addresses as the exception list for URL filtering These IPs will not be covered by the URL rules Time Schedule Select or set exactly when the rule works When set to Always On the rule will work all time and also you can set the precise time when the rule works like 01 00 19 00 from Monday to Friday Or you can select the already set timeslot in Time Schedule during which the rule works And when set to Disable the rule is disabled See Time Schedule Log Select Enable for this option if you will like to capture the logs for this URL filter policy To check the log users can turn to Security Log Keywords Filt
204. way and the IPv4 address Connection Time Displays the elapsed time since ADSL connection is up Primary DNS Server Displays IPV4 address of Primary DNS Server Secondary DNS Server Displays IPV4 address of Secondary DNS Server Default IPv6 Gateway IPv6 Address Display the IPv6 Gateway and the obtained IPv6 address WAN This table displays the information of the WAN connections users can turn here for WAN connection information WAN Wan Info Interface Description Type Status Connection Time IPv4 Address IPv6 Address atm0 1 ipoe_0_ 0 33 IPoE Unconfigured atm0 2 br_0_0_ 33 Bridge Unconfigured atm1 1 ipoe_0 0 100 IPoE Unconfigured atm1 2 br_0_0_ 100 Bridge Unconfigured atm2 1 br_0_0 35 Bridge Unconfigured atm2 2 ipoe_0 0 35 IPoE Unconfigured ptm0 1 ipoe_0 1 0 IPoE Unconfigured usb0 360 DirectIP Failover Connected 00 10 32 110 180 127 183 Interface The WAN connection interface Description The description of this connection Type The protocol used by this connection Status To disconnect or connect the link Connection Time The WAN connection time since WAN is up IPv4 Address The WAN Pv4 Address the device obtained IPv6 Address The WAN IPv6 Address the device obtained 21 Statistics LAN The table shows the statistics of LAN Note P4 can be configured as EWAN and when the device is in EWAN profile there is no P4 EWAN interface as P4 is working as a WAN port i Status a au lt j LAN Statistics
205. will allow you to select the new firmware image file you have downloaded to your PC Once the correct file is selected click Upgrade to update the firmware in your router DO NOT power down the router or Interrupt the firmware upgarding while itis still in process Improper operation could damage the router Warning Backup Update These functions allow you to save and backup your router s current settings to a file on your PC or to restore from a previously saved backup This is useful if you wish to experiment with different settings knowing that you have a backup handy in the case of any mistakes It is advisable to backup your router s settings before making any significant changes to your router s configuration f conticuration 1 amp Backup Update Allows you to backup the configuration settings to your computer or restore configuration from your computer Backup Configuration Backup DSL router configurations You may save your router configurations to a file on your PC Backup Settings Restore Configuration Configuration File Browse Restore will overwrite the current configuration and restart the device If you want to keep the current configuration please use Backup first to save current configuration 73 Click Backup Settings a window appears click save then browse the location where you want to save the backup file Click Browse and browse to the location where your backup file is saved
206. y separate networks through primarily public communication infrastructures such as the Internet VPNs provide security through tunneling protocols and security procedures such as encryption For example a VPN could be used to securely connect the branch offices of an organization to a head office network through the public Internet IPSec Internet Protocol Security IPsec is a protocol suite for securing Internet Protocol IP communications by authenticating and encrypting each IP packet of a communication session IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session IPsec is an end to end security scheme operating in the Internet Layer of the Internet Protocol Suite It can be used in protecting data flows between a pair of security gateways network to network or between a security gateway and a host network to host Note A maximum of 16 sessions for IPSec gt E Jo 4 IPSec NAT Traversal NAT Traversal Cl Enable Keep Alive Second s 1 60 Feon Tunnel Mode Connections Active L2TP Connection Name Local Network Remote Network Remote Security Gateway Remove Edit Add NAT Traversal NAT Traversal This directive enables use of the NAT Traversal IPsec extension NAT T NAT T allows one or both peers to reside behind a NAT gateway i e doing address or port translation Keep Alive Type the inter
Download Pdf Manuals
Related Search