SMC Barricade SMCWBR14-3GN
Contents
1. By Time Specify the amount of time in hours that can be used per month By Data Specify how much Download Upload data in MBytes can be transmitted per month 4 10 Using the Setup Wizard 4 Budget Policy Enable or disable the action Drop Current Cellular connection or Disallow New Cellular connection if over budget Trigger by Limit Budget By Time Set the specified percentage of time limit By Data Set the specified percentage of data limit Action if Over Budget Send an e mail alert at the specified interval in minutes The wireless AP Router can use SMTP Simple Mail Transfer Protocol to send email messages when triggered by the specified budget policy limits SMTP Authentication Specifies the user name and password for authentication or login to the SMTP server Options Plain Login or disabled Mail Server URL of the SMTP mail server that will send the alert messages Mail Sender Specifies an e mail address on the SMTP server that can send alert messages Mail Recipient The e mail address of the recipient of the alert messages Budget Counter Select the date on which the AP Router resets the budget every month PPTP Enables the Point to Point Tunneling Protocol PPTP for implementing virtual private networks The service is provided in many European countries WAN Connection O Static IP ODHCP O PPPoE O3G PPTP OL2TP O Bigpond O WiFi Dual WAN AN None Static IP2. PPTP MRU Sets the maximum packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 1460 bytes Note Only change the default MTU and MRU values if specifically instructed by the PPTP service provider PPTP Network Mode Sets the PPTP network mode to Static IP or DHCP Default DHCP 5 14 WAN Setting B PPTP Username Sets the PPTP user name for the WAN port Default PPTP_USERNAME Range 1 32 characters PPTP Password Sets a PPTP password for the WAN port Default PPTP_PASSWORD Range 1 32 characters PPTP Server Configures the IP address of the PPTP server interface Default 0 0 0 0 L2TP Enable the Layer Two Tunneling Protocol L2TP for implementing virtual private networks The service is provided in many European countries O Static IP ODHCP OPPPoE O3G OPPTP L2TP O Bigpond WAN Connection O WiFi Dual WAN None _ StaticIP DHCP PPPoEOQ3G PPTP L2TP pacunya Bigpond WiFi L2TP L2TP MTU 1410 bytes L2TP MRU 1410 bytes bate Network Ostatic P DHCP L2TP Username L2TP_USERNAME L2TP Password voescrscrrr oan pS 0 seconds default 0 forever L2TP Retry Time 0 seconds default 0 disabled L2TP Server 0 0 0 0 Common Settings ba ol alin Auto Negotiated E default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc nee O Manual Setti
3. The name of the target Wi Fi network Security Settings The security settings determine the authentication mode and the encryption type used to connect to the target network Authentication Mode Selects the Authentication Mode Shared y authentication method used by the target Encryption Type Wi Fi network lei Select WLAN1 WLAN2 Defaults Open 5 35 5 System Configuration Open Enables the AP Router to connect joss meda 3 to a Wi Fi network that does not require Encryption type None y any authentication In this mode the default encryption type is None Shared The shared key approach uses Authentication Made Shared y Wired Equivalent Privacy WEP to verify on Bea client identity by distributing a shared key ike ASCI G or 13 chars Y to clients before attempting IET Key2 authentication ES ASCII 5 or 13 chars Key3 ASCII 5 or 13 chars Key4 LL WPA Personal or WPA2 Personal The ithenticstion made WPA2 Personal y WPA or WPA2 Personal mode usesa 5mm nes ER WPA WPA2 Pre Shared Key common password phrase called a o Pre Shared Key that must be manually wpas pares maserka oo a j if Cache Interval minutes default 10 distributed to all clients that want to ces DEAN Denable connect to the network Specify the required key for the target network as an easy to remember form of letters and numbers The WPA Preshared Key can be input as ASCII string 8 63 characters
4. on page 5 11 Power Socket The wireless AP Router does not have a power switch It is powered on when connected to the AC power adapter and the power adapter is connected to a power source The power adapter automatically adjusts to any voltage between 100 240 volts at 50 or 60 Hz No voltage range settings are required 4 Introduction Reset Button The Reset button can be used to restart the wireless AP Router or restore the factory default configuration If you press the button for less than 5 seconds the wireless AP Router will restart If you press and hold down the button for 5 seconds or more any configuration changes you may have made are removed and the wireless AP Router is restored to its factory default configuration WPS Button Use the WPS button on the wireless AP Router to automatically connect devices to the network Within two minutes press the physical or virtual button on a single wireless client device to enable it to join the WLAN The WPS configuration process may be initiated on any device Only one client device can connect with the wireless AP Router after the WPS button is pressed There is no restriction to the order in which buttons are pressed Note Any WPS compatible devices could unintentionally join the WLAN if they are within range during the two minute set up period after the WPS button is pressed Note that only one device at a time can join the network when using the WPS button Chapter 2
5. address from reaching Protocol Specifies the destination port type TCP or UDP Default TCP Block Specifies if traffic should be blocked Always or configured by Schedule Day Specifies the day or days of the week on which to block traffic Time Specifies the time of day during which to block traffic Action Specifies an action to take on the LAN packet filtering configuration Change By selecting a packet filtering configuration from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured packet filter that denies forwarding in to the local area network to the list Edit Click Edit to highlight a packet filtering rule in the list for changing its parameters Delete Deletes a packet filtering rule from the list MAC Packet Filter Globally enables MAC packet filtering Default Enabled maximum 32 entries are allowed Enable Enables the filtering rule on a specified MAC address Default Disabled MAC Address Specifies the MAC address to block traffic from Block Specifies if traffic should be blocked Always or configured by Schedule Day Specifies the day or days of the week on which to block traffic Time Specifies the time of day during which to block traffic Action Specifies an action to take on the MAC packet filtering configuration Change By selecting a packet filt
6. and configures the multicast filters accordingly Enable Enables IGMP snooping on the wireless AP Router IGMP Proxy Collects and sends multicast group membership information onto the upstream interface based on IGMP messages monitored on downstream interfaces and forwards multicast traffic based on that information IGMP Proxy Enables IGMP proxy on the wireless AP Router Quick Leave The wireless AP Router can immediately delete a member port of a multicast service if a leave packet is received at that port 5 43 5 System Configuration WAN Multicast Routing IP addresses of upstream multicast routers on the WAN interface You can add edit and delete IP addresses from the list IP Address Specifies an IP address to route to Net Mask Specifies a network mask Firewall The wireless AP Router provides extensive firewall protection by restricting connection parameters to limit the risk of intrusion and defending against a wide array of common hacker attacks NAT Network Address Translation NAT is a standard method of mapping multiple internal IP addresses to one external IP address on devices at the edge of a network For the wireless AP Router the internal local IP addresses are the IP addresses assigned to PCs and wireless clients by the DHCP server and the external IP address is the IP address assigned to the WAN port If you configure the wireless AP Router as a virtual
7. or Hexadecimal format length is 64 Encryption Type Selects the encryption type to use for the target network None Disables data encryption Encryption Type WEP Selects WEP keys for data encryption TKIP Uses Temporal Key Integrity Protocol TKIP keys for encryption WPA specifies TKIP as the data encryption method to replace WEP TKIP avoids the problems of WEP static keys by dynamically changing data encryption keys AES Uses Advanced Encryption Standard AES keys for encryption WPA2 uses AES Counter Mode encryption with Cipher Block Chaining Message Authentication Code CBC MAC for message integrity The AES Counter Mode CBCMAC Protocol AES CCMP provides extremely robust data confidentiality using a 128 bit key Use of AES CCMP encryption is specified as a standard requirement for WPA2 Default Key ID Sets the WEP key used pafauit ey 10 WPA WPA2 Pre Shared Key lt for authentication ar A A Key1 2 Default 1 Range 1 4 E 5 4 Key 1 Key 4 Sets WEP key values ASCII 5 or 13 chars The user must first choose between ASCII ea a or Hexadecimal keys At least one key Key2 ASC OFS cha must be specified Each WEP key has an index number Enter key values that match the key type and length settings 5 36 Wireless Settings 5 Standard keys are either 5 or 13 alphanumeric characters or 10 or 26 hexadecimal digits Default ASCII no preset value WPA WPA2 Pre S
8. port Both the LAN port and the WAN ports can be connected to a local Ethernet LAN Note AP Mode is not the factory default mode and must be manually set using the AP Router mode switch in the bottom of the unit If the unit is already powered on switching the mode causes it to reboot AP Mode 2 3 Set up wireless devices k Notebook PC 6 ie Mm 2 f ConnectAC power j adapter to power _4 LAN Switch gt g Connect LAN port toPC x Ganneot LAN and WAN ka Server ports to an Ethernet LAN switch or PCs Y m PCs Notebook PC Figure 2 2 AP Mode Connection To connect the wireless AP Router for use as an access point follow these steps 1 Using Ethernet cables connect the wireless AP Router s LAN and WAN ports to PCs or a LAN switch 2 Power on the wireless AP Router by connecting the AC power adapter and plugging it into a power source Caution Use ONLY the power adapter supplied with the wireless AP Router Otherwise the product may be damaged When you power on the wireless AP Router verify that the Power LED turns on and that the other LED indicators start functioning as described under LED Indicators on page 1 4 3 Setup wireless devices by pressing the WPS button on the wireless AP Router or by using the web interface See Initial Configuration on page 4 1 for more information on accessing the web interface 2 Installation 2 4 Chapter 3 Network Planning
9. z z Date Time Date Time Set By Manual Time Setting O NTP Time Server The Date Time page allows you to manually Time Zone GMT GMT Dublin London w configure time settings or enable the use of an NTP server Daylight Saving Enable y Time Zone Date Value Setting Year 2005 iy Month 01 y Day 01 iy nae the time zone in Greenwich Mean Time Time Value Setting Hour 22 w v v Minute 25 Second 38 NTP h NTP Network Time Protocol is a protocol that allows local computers to synchronize the clocks Cancel Figure 5 58 Date and Time Settings Manual Date Time Set By Allows you to manually configure time settings or select the use of an NTP server Time Zone Specifies the time zone in Greenwich Mean Time GMT e Daylight Saving Enables daylight savings for summertime Default Disabled e Date Value Setting Sets the date for the wireless AP Router in year month day format Time Value Setting Sets the time for the wireless AP Router in hour minute second format e Submit Applies the Date Time settings e Reset Restores the previous Date Time settings 5 58 Service Settings 5 Ping Test The wireless AP Router provides the function of pinging a specified IP address or URL to test for connectivity PING Destination 192 168 2 1 Ping Test The Wireless AP Router provides the function of pinging a specified IP address or URL t
10. 42 Routing 5 Multicast Routing Multicasting is used to support real time applications such as videoconferencing or streaming audio A multicast server does not have to establish a separate connection with each client It merely broadcasts its service to the network and any hosts that want to receive the multicast register with their local multicast router Although this approach reduces the network overhead required by a multicast server the broadcast traffic must be carefully pruned at every multicast network device it passes through to ensure that traffic is only passed on to the hosts that have subscribed to the service This device uses IGMP Internet Group Management Protocol Snooping to monitor IGMP service requests passing between multicast clients and servers and dynamically configure the ports that need to forward multicast traffic E IGMP Snooping IGMP Snooping Menable Enable igmp snooping function IGMP Proxy ey M Enable Enables multicast routing to activate Quick Leave C Enable the function of multipoint communications no Enable 192 168 1 1 255 255 255 252 Figure 5 48 Multicast Route Router mode IGMP Snooping The wireless AP Router can passively snoop on IGMP Query and Report packets transferred between IP multicast routers and IP multicast host groups to identify the IP multicast group members It simply monitors the IGMP packets passing through it picks out the group registration information
11. 76 3G Access History over time budget limit 5 70 Appendix A Troubleshooting Check the following items before you contact local Technical Support 1 If wireless clients cannot access the network check the following Be sure the access point and the wireless clients are configured with the same Service Set ID SSID Ifauthentication or encryption are enabled ensure that the wireless clients are properly configured with the appropriate authentication or encryption keys 2 Ifthe wireless AP Router cannot be configured using a web browser Be sure to have configured the access point with a valid IP address subnet mask and default gateway If you are connecting to the wireless AP Router through the wired Ethernet interface check the network cabling between the management station and the wireless AP Router If you are connecting to wireless AP Router from a wireless client ensure that you have a valid connection to the wireless AP Router 3 If you forgot or lost the password Set the wireless AP Router to its default configuration by pressing the reset button on the bottom panel for 5 seconds or more Connect to the web management interface using the default IP address 192 168 2 1 Then set up a new user name and password to access the management interface 4 Ifall other recovery measure fail and the wireless AP Router is still not functioning properly take any of these steps e Reset the wireless AP
12. A security option which broadcasts a beacon signal including the access point s configured SSID Wireless clients can read the SSID from the beacon and automatically reset their SSID to allow immediate connection to the nearest access point Orthogonal Frequency Division Multiplexing ODFM OFDM allows multiple users to transmit in an allocated band by dividing the bandwidth into many narrow bandwidth carriers Repeater and Bridge Repeater and bridge can provide an extended link to a remote access point from the wired LAN Access Point working in this mode could connect to another AP in Access Point mode or Repeater and Bridge mode Whenever there are two APs having wireless link together one in Access Point or Repeater and Bridge mode another using Repeater and Bridge mode and also have wired link separately these two APs are also working as bridging for the two wired links Service Set Identifier SSID An identifier that is attached to packets sent over the wireless LAN and functions as a password for joining a particular radio cell i e Basic Service Set BSS Session Key Session keys are unique to each client and are used to authenticate a client connection and correlate traffic passing between a specific client and the access point Shared Key A shared key can be used to authenticate each client attached to a wireless network Shared Key authentication must be used along with the 802 11 Wireless Equivalent Pr
13. Gateway The IP address of the router at the next hop to which matching frames are forwarded Action Specifies an action to take on a static route Change By selecting a configured route from the routing table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured route to the list 5 41 5 System Configuration Edit Click Edit to highlight an entry in the static MAC list for changing its parameters Delete Deletes a static route from the list Dynamic Route The wireless AP Router supports RIP 1 and RIP 2 dynamic routing protocol Routing Information Protocol RIP is the most widely used method for dynamically maintaining routing tables RIP uses a distance vector based approach to routing Routes are chosen to minimize the distance vector or hop count which serves as a rough estimate of transmission cost Each router broadcasts its advertisement every 30 seconds together with any updates to its routing table This allows all routers on the network to build consistent tables of next hop links which lead to relevant subnets WAN Interface RIP1 RIP2 v LAN Interface Disable v Figure 5 47 Dynamic Route Router mode WAN Interface Specifies RIP1 RIP2 RIP1 RIP2 or disables the function for the WAN interface LAN Interface Specifies RIP1 RIP2 RIP1 RIP2 or disables the function for the LAN interface 5
14. Router Default Disabled Save Saves the enabled UPnP configuration e Cancel Restores the previous UPnP configuration information UPnP Map Displays UPnP statistics Remote Host Displays the UPnP host device on the WAN External Port Displays the external WAN port from which UPnP discovery is broadcast to the wireless AP Router Internal Client Displays the LAN connected UPnP supporting device Internal Port Displays the LAN port to which the internal client is connected e Protocol Specifies the protocol used TCP UDP or HTTP Duration Displays the time the device will advertise its UPnP capabilities after which it must send a renewal message It is generally expected that a device will display an duration advertisement for 1800 seconds 30 minutes or more e Description Optional parameter that describes the device to a network administrator e Refresh Refreshes the UPnP Map statistics 5 54 Service Settings 5 DDNS Settings Dynamic DNS DDNS provides users on the Internet with a method to tie a specific domain name to the unit s dynamically assigned IP address DDNS allows your domain name to follow your IP address automatically by changing your DNS records when your IP address changes The wireless AP Router provides access to three DDNS service providers DynDns org Non IP com and ZoneEdit com To set up an DDNS account visit the websites of these service
15. Wea Group Key ReKey Method Disabled Rekeying is an extra security measure Wea Pairwise Master Key CE a whereby the broadcast WPA authentication Wenz Lex UBT CERTAIN by Packet key is automatically changed after a certain time period or after a certain number of packets have been sent Default Disabled WPA Group Key ReKey Interval The mercrusrey rerey met od by Time Y elapsed time after which the wireless AP WPA Sroupxey Rekey interval 0 0 67108864 defauit 0 i a E 10 Y minutes default 10 Router will change the unicast WPA authentication key Default 0 Range 0 67108864 WPA2 Pairwise Master Key Cache Wena Pakwise Master Key Cache Interval The elapsed time after which the weaz Pre authentication Support wireless AP Router will delete the WPA2 master keys from its security association cache WPA2 Pre Authentication Support Each time a client roams to another access point it has to be fully re authenticated This authentication process is time consuming and can disrupt applications running over the network WPA2 includes a mechanism known as pre authentication that allows clients to roam to a new access point and be quickly associated The first time a client is authenticated to a wireless network it has to be fully authenticated When the client is about to roam to another access point in the network the access point sends pre authentication messages to the new access point that include the clie
16. a DHCP client you can connect immediately to the web interface Otherwise you must set your PC IP address to be on the same subnet as the wireless AP Router that is the PC and wireless AP Router addresses must both start 192 168 2 x To access the configuration menu follow these steps 1 Use your web browser to connect to the management interface using the default IP address of 192 168 2 1 2 Log into the wireless AP Router management interface by entering the default username admin and password also smcadmin then click Login Note It is strongly recommended to change the default user name and password the first time you access the web interface For information on changing user names and passwords See Admin Accounts and Remote Administration on page 5 60 SMC 802 11n Wireless AP Router Networ Setup Wizard Network Settings Welcome LA AAA Routing Administrator Name default admin Firewall Administrator Password default smcadmin Services Management Information Figure 4 1 Login Page 4 Initial Configuration Using the Setup Wizard There are only a few basic steps you need to set up the wireless AP Router and provide a connection for network access for other wireless stations The Setup Wizard takes you through configuration procedures for the general network settings Follow these steps 1 Launch the Setup Wizard Click Setup Wizard on the left side of the screen
17. any logging messages 5 56 Service Settings 5 Total Log Size Indicates the LogLevel 4 Waming Y default 4 amount of RAM or Flash memory Total Log size 10 kbytes default 10 available for logging messages Remote Log Menable Default 10 Kbytes Range 10 0r Remote Log Server Address your syslog server 20 Kbytes Remote Log Server Port 514 1 65535 default 514 Log to Remote and Local Enable Remote Log Enables remote storage of system logs on a Syslog server Default Disabled Remote Log Server Address The address of the remote logging server Default your syslog server Remote Log Server Port The remote port to which messages are to be sent to Default 514 Range 1 65535 Log to Remote and Local Enables simultaneous logging to a remote Syslog server and local logging on the wireless AP Router s RAM or Flash memory Default Disabled Note Enabling Remote Logging disables local logging unless Log to Remote and Local is selected Submit Saves the current system log configuration Reset Restores the previous current system log configuration Date and Time Settings The Date Time page allows you to manually configure time settings or enable the use of an NTP server 5 5 Date Time Date Time Set By O manual Time Setting ONTP Time The Date Time page allows you to manually Server configure time settings or enable the use
18. as that used by the wireless AP Router to which it is linked Selecting Auto Select enables the wireless AP Router to automatically select an unoccupied radio channel The supported channels are dependent on the country code setting SSID Number Supported The number of wireless network interfaces SSIDs supported on the device Default 1 Ranage 1 or 2 WLAN1 SSID WLAN2 SSID The name of the wireless network service provided by the VAP Clients that want to connect to the network must set their SSID to the same as that of the VAP interface Default SMC for WLAN1 SMC for WLAN2 Range 1 32 characters Submit Saves and enables the Basic Wireless Setting configuration Reset Restores the previous Basic Wireless Setting configuration information 5 24 Wireless Settings 5 Advanced Settings The Advanced Setting page allows you to configure the more advanced radio settings many of which are enabled by default Click Wireless Settings followed by Advanced Setting Tx Power 100 default 100 b g Protection Auto iv Tx Burst Enable default enabled Packet Aggregation C Enable default disabled HT Operation Mode Mixed iv default Mixed HT Channel Bandwidth 20 40Mhz x default 20 40Mhz HT TX Aggregate MSDU Cl Enable default disabled Hide SSID C Enable default disabled WMM Support C Enable default disabled Figure 5 38 Advanced Radio Settings b
19. characters PPPoE Password Sets a PPPoE password for the WAN port Default PPPOE_PASSWORD Range 1 32 characters 4 Initial Configuration 3G Enables a 3G 3 5G wide area wireless cellular link on the WAN port using an optional USB modem Note To use this option you need to first connect a 3G 3 5G USB modem to the USB port on the back of the unit and have registered an account with a cellular operator The following example shows the WAN function enabled with 3G An authenticated 3G connection displays the message Authenticated successfully beneath the PIN code if the 3G Modem PIN code have been authenticated successfully WAN OStatic IP CO DHCP O PPPoE 3G OPPTP OL2TP OBigpond Connection O WiFi Dual WAN Backup WAN None O Static IP ODHCP OPPPoE 3G OpPTP OL2TP OBigpond O WiFi 3G Pn cona MeEnable 0000 Authenticated successfully Dial Code 99 APN Service internet 3G Username 3G_USERNAME 3G Password eecccccccce Connect Type Auto Connect x zora rE 300 seconds default 300 Budget Control Enable default disabled Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc e O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server O Manually Automatically Figure 4 9 Setup Wizard WAN 3G Authenticated Using the Setup Wizard 4 The following cautionary message will appear each time you save your settings Windows Internet Explorer 2 J If PIN code is not correct th
20. conditions for copying distributing or modifying the Program or works based on it Each time you redistribute the Program or any work based on the Program the recipient automatically receives a license from the original licensor to copy distribute or modify the Program subject to these terms and conditions You may not impose any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties to this License If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues conditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a 10 11 The GNU General Public License Cc consequence you may not distribute the Program at all For example if a patent license would not permit royalty free redistribution of the Program by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portion of this section is held invalid or unenforceable under any particular circumstance the balance of the se
21. defines a transitional mode of operation for networks moving from WPA security to WPA2 WPA2 Mixed Mode allows both WPA and WPA2 clients to associate to a common SSID interface In mixed mode the unicast encryption cipher TKIP or AES CCMP is negotiated for each client WDS WPA WPA2 Pre Shared Key This option is available only when Authentication Mode is set to WPA Personal WPA2 Personal or WPA WPA2 Personal Enter a key as an easy to remember form of letters and numbers The WDS WPA WPA2 Preshared Key can be input as ASCII string 8 63 characters or Hexadecimal format length is 64 Other bridge units must be configured with the same key to communicate with this unit WDS MAC List The physical layer 00 08 12 57 96 55 address of other bridge units for which this os mac List 00 08 12 57 96 56 unit communicates as a network node 00 08 12 57 96 57 12 hexadecimal digits in the form Ain Pao ste HE XXIXXIXXIXX IXXIXX Note In WDS Lazy mode any entries in the WDS MAC List are redundant because the MAC is pre configured to 00 00 00 00 00 00 AP Client Settings Wireless Access Point Client feature is a wireless client connection that connects the AP Router to a remote Wi Fi network AP Client Support Enable SSID of AP to connect default Authentication Mode Open 4 Encryption Type None Figure 5 43 AP Client Settings AP Client Support Enable or disable this function Default Disable SSID of AP to connect
22. is expressed in bytes Default 1460 bytes e Wireless MRU Sets the maximum packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 14602 bytes Note Only change the default MTU and MRU values if specifically instructed by the wireless service provider Wireless Network Mode Sets the wireless network mode to Static IP or DHCP Default DHCP Note For detailed AP Client Setting information see AP Client Settings on page 5 35 4 14 Using the Setup Wizard 4 4 WLAN Setting Enables the wireless interface selects the operating channel and configures SSIDs for both VAPs Click Next after completing the setup WLAN Mode WLAN Enable 802 11b g n Mixed allow all 802 11b g n clients WLAN Mode 802 11b g n Mixed connection 802 11b g Mixed allow both 802 11b and WLAN Frequency 2 412GHz channel 1 802 11g clients connection _ 802 11b only allow 802 11b clients connection SSID Number Supported 1 x 802 11g only allow 802 11g clients connection 802 11n only allow 802 11n clients connection WLAN1 SSID SMC Frequency The radio channel used to communicate with wireless clients SSID The Service Set Identifier SSID name of the wireless network service providediby the VAP Figure 4 17 Setup Wizard WLAN Configuration The displayed items on this page can b
23. of an NTP Time Zone GMT GMT Dublin London aj Server Daylight Savin Enable Time Zone vaghe 2 Specifies the time zone in Greenwich Mean Time NTP Update Interval 24 hours 1 1000 GMT default 24 NTP NTP Server 1 pool ntp org NTP Network Time Protocol is a protocol that allows local computers to synchronize the clocks NTP Server 2 Figure 5 57 Date and Time Settings NTP Date Time Set By Allows you to manually configure time settings or select the use of an NTP server Time Zone Specifies the time zone in Greenwich Mean Time GMT 5 57 5 System Configuration Daylight Saving Enables daylight savings for summertime Daylight Saving Time begins for most of the United States at 2 00 a m on the first Sunday of April Time reverts to standard time at 2 00 a m on the last Sunday of October In the U S each time zone switches at a different time In the European Union Summer Time begins and ends at 1 00 a m GMT It begins the last Sunday in March and ends the last Sunday in October In the EU all time zones change at the same moment Default Disabled NTP Update Interval Specifies the number of hours before which the wireless AP Router will send for a time update from NTP servers Default 24 hours Range 1 1000 hours NTP Server 1 2 The IP address or URL of the NTP server to be used e Submit Applies the Date Time settings e Reset Restores the previous Date Time settings
24. of the WAN port Ethernet MAC Address The physical layer address for the Ethernet WAN port IP Assignment Indicates if the IP address has been manually configured or assigned by DHCP DHCP Client Displays if the wireless AP Router is acting as a DHCP client DHCP Connection Established Time If connected as a DHCP client it displays the duration the other device has been connected DHCP Connection Expire Time If connected as a DHCP client it displays the length of time before which the connection will expire DHCP Server Address If connected to a DHCP server it displays the address of the server IP Address IP address of the WAN port for this device Subnet Mask The mask that identifies the host address bits used for routing to the WAN port e MTU Indicates the Maximum Transmission Unit MTU the largest packet size allowed to be transmitted over the WAN port 5 64 Status Information 5 e Gateway Address The default gateway is the IP address of the router for the wireless AP Router which is used if the requested destination address is not on the local subnet DNS 1 Primary DNS 2 Secondary The IP address of Domain Name Servers on the network A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses MAC Address 00 12 CF 9B 57 BD IP Address 192 168 2 1 Subnet Mask 255 255 255 0 F
25. on what the Program does 2 You may copy and distribute verbatim copies of the Program s source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and give any other recipients of the Program a copy of this License along with the Program You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 3 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions The GNU General Public License Cc a You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change b You must cause any work that you distribute or publish that in whole or in part contains or is derived from the Program or any part thereof to be licensed as a whole at no charge to all third parties under the terms of this License c If the modified program normally reads commands interactively when run you must cause it when started running for such interactive use in the most ordinary way to print or display an announcement including
26. or number string with no spaces or a website address Action Specifies an action to take on the URL packet filtering configuration Change By selecting a URL filtering configuration from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured URL filter that denies forwarding in to the local area network to the list Edit Click Edit to highlight a URL filtering rule in the list for changing its parameters Delete Deletes a URL filtering rule from the list 5 50 Firewall 5 Security Setting The Security Setting page enables intrusion detection ID a type of security management system for computers and networks An ID system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches which include both intrusions attacks from outside the organization and misuse attacks from within the organization ID uses vulnerability assessment sometimes referred to as scanning which is a technology developed to assess the security of a computer system or network Click on Network Settings followed by security Setting ecti Intrusion Detection POE SEE M Enable Enables the Intrusion Detection ID Drop Malicious Packet C Enable system that can reduce false positives and eliminate impact of attacks Drop Malicious Packet Enables the ID system to work inl
27. packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 1492 bytes Note Only change the default MTU and MRU values if specifically instructed by the PPPoE service provider PPPoE Network Mode Sets the PPPoE network mode to Static IP or DHCP Default DHCP IP Address Sets the static IP address as given by the PPPoE service provider Default 0 0 0 0 available when PPPoE Network Mode is set to static IP PPPoE Service Name Optional The service name assigned for the PPPoE connection The service name is normally optional but may be required by some service providers Range 1 32 alphanumeric characters PPPoE User Name Sets the PPPoE username for the WAN port Default PPRPOE_USERNAME Range 1 32 characters PPPoE Password Sets a PPPoE password for the WAN port Default PPROE_PASSWORD Range 1 32 characters e Connect Type Selects the connection type as Keep Alive or Auto Connect Default Keep Alive PPPoE Max Idle Time The maximum length of inactive time the unit will stay connected to the DSL service provider before disconnecting This feature only works when Connect Type is set to Auto Connect Default 600 seconds 5 10 3G WAN Setting B 3G technologies enable cellular network operators to offer users a wider range of more advanced services while achieving gre
28. table Change By selecting an already configured DHCP static map its parameters display in an editable form Click Change to save parameters once you have modified them Add Adds a newly configured DHCP static map to the list Edit Click Edit to highlight an entry in the static DHCP client list for changing its parameters Delete Deletes a DHCP static map from the list DHCP Client List Lists information about associated DHCP clients Type Describes the type of DHCP client Hostname The hostname of the DHCP client MAC The MAC address of the DHCP client IP The IP address of the DHCP client Description Optional description of the DHCP client Expire Time The time after which the connection will expire and the DHCP client must request a new IP address 5 53 5 System Configuration UPnP Setting UPnP Universal Plug and Play provides inter connectivity between devices supported by the same standard UPnP is based on standard Internet protocols such as TCP IP UDP and HTTP Click on Network Settings followed by UPnP UPnP Internet Gate E Upnp Device C Enable default disabled UPnP Universal Plug and Play provides inter connectivity between devices supported by the same standard Figure 5 54 UPnP Setting Router mode UPnP Setting Allows the device to advertise its UPnP capabilities UPnP Internet Gate Device Enables UPnP on the wireless AP
29. the initial warranty whichever is longer SMC is not responsible for any custom software or firmware configuration information or memory data of Customer contained in stored on or integrated with any products returned to SMC pursuant to any warranty Products returned to SMC should have any customer installed accessory or add on components such as expansion modules removed prior to returning the product for replacement SMC is not responsible for these items if they are returned with the product Customers must contact SMC for a Return Material Authorization number prior to returning any product to SMC Proof of purchase may be required Any product returned to SMC without a valid Return Material Authorization RMA number clearly marked on the outside of the package will be returned to customer at customer s expense For warranty claims within North America please call our toll free customer support number at 800 762 4968 Customers are responsible for all shipping charges from their facility to SMC SMC is responsible for return shipping charges from SMC to customer WARRANTIES EXCLUSIVE IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE CUSTOMER S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION AT SMC S OPTION THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS EXPRESS OR IMPLIED EITHER IN FACT OR BY OPERATION OF LAW STATUTORY OR OTHERWISE INCLUDIN
30. the relevant section Device Mode Router Firmware Version smcmr3306a 1 0 0 5 ba Host Name smciin smc com System Date 1970 01 01 10 34 25 Up Time 2 05 Figure 5 65 System Information Basic Information System Displays the basic system information in both AP and Router modes e Device Mode Displays the hardware setting determined by the switch on the base of the unit 5 63 5 System Configuration Model Name The device name and model number Firmware Version The version number of the current wireless AP Router software Host Name The web address assigned as an alias for the wireless AP Router enabling the device to be uniquely identified on the network System Date The current date and time set for the wireless AP Router in the form year month day hours minutes seconds Up Time Length of time the management agent has been up specified in hours and minutes i Ln ne Ethernet Speed N A Ethernet MAC Address 00 12 CF 9B 57 BC WAN Backup Status None Internet Connection Type DHCP DHCP Client Inactive DHCP Connection Established Time N A DHCP Connection Expire Time N A DHCP Server Address N A IP Address N A Subnet Mask N A MTU 1500 Gateway Address N A DNS 1 Primary N A DNS 2 Secondary N A l Release IP Renew IP Figure 5 66 System Information WAN Statistics Router mode WAN Displays the basic WAN information Ethernet Speed The connection speed
31. to enter the setup wizard page Click Next to begin the setup Setup Wizard Setup Wizard allows users to quickly do basic configurations Only a few basic steps need to complete to connect Wireless AP Router to Internet and provide network access to wireless clients Configurations will not be saved until Setup Wizard is finished and system reboot Wizard Steps Date Time WAN Setting WLAN Setting e WLAN Security Figure 4 2 Setup Wizard 2 Date Time Configuration Select a time zone according to where the device is operated Click Next after completing the setup Setup Wizard ee i Time Zone Time Zone GMT 08 00 Beijing Singapore Taipei lx Specifies the time zone in Greenwich Mean Time GMT Figure 4 3 Setup Wizard Date Time Using the Setup Wizard 4 3 WAN Configuration Specifies the Internet connection parameters for the wireless AP Router s WAN port Click Next after completing the setup The interface provides the facility for Dual WAN connections for purposes of backing up the main internet connection WAN OStatic IP DHCP OPPPoE O3G OPPTP OL2TP OBigpond Connection O WiFi Dual WAN Backup WAN None ae E DHCP PPPoE 3G PPTP L27P Bigpond WiFi Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server O Manually Automatically Figure 4 4 Setup Wizard WAN Configuration The displayed items on t
32. translation for certain application layer protocols Window Messenger File Transfer ALG Enables Window Messenger File Transfer ALG to transmit packets through proxy servers DMZ Enables a specified host PC on the local network to access the Internet without any firewall protection Some Internet applications such as interactive games or videoconferencing may not function properly behind the wireless AP Router s firewall By specifying a Demilitarized Zone DMZ host the PC s TCP ports are completely exposed to the Internet allowing open two way communication The host PC should be assigned a static IP address which is mapped to its MAC address and this must be configured as the DMZ LAN IP 5 45 5 System Configuration DMZ LAN IP Specifies the IP address of the DMZ Non standard FTP port Enables routing of traffic through a non standard FTP port Submit Saves the current NAT configuration Reset Restores the previous NAT configuration information Virtual Server Mapping Using the NAT Virtual Server Mapping feature remote users can access different servers on your local network using your single public IP address Maximum 32 entries are allowed Enable Enables port mapping for the specified IP address Default Disabled WAN IP Alias Selects an alias IP address to route traffic to and from the WAN port Using IP aliasing increases the traffic the WAN port can handle WAN Port Specifies t
33. version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Program specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation If the Program does not specify a version number of this License you may choose any version ever published by the Free Software Foundation If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally Cc License Information NO WARRANTY BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE THE ENTIRE RISK AS T
34. xl Enable poral AP Router supports a logging process Log Level 4 Waming default 4 m par aiaa saved to memory or Total Log Size 10 M Kbytes default 10 Remote Log Enable Remote Log Server Address your syslog server Remote Log Server Port 514 1 65535 default 514 Log to Remote and Local Enable Figure 5 56 System Log Settings e System Log Enables local storage of system logs concerned with the wireless AP Router only Default Disabled e Log Level Configures the minimum severity level system Log Y Enable for event logging The system allows you to limit the Log Level messages that are logged by specifying the minimum Total Log Size Remote Log severity level q Default 4 Warning Address 1 Alert An error condition requiring immediate Remote Log Server Port user intervention to prevent a problem Log to Remote and Local 2 Critical An error condition that may require user intervention 3 Error An error condition that does not cause significant problems with normal operation 4 Warning An error condition that does not cause system problems but may require attention 5 Notice A system condition that does not cause system problems but should be noted 6 Info Informational message only 7 Debug Sends the lowest level of system log messages only Debug messages carry information for debugging software Disabled Disables sending of
35. 0 0 0 0 Update Updates the remote administration information Reboot Click the button to reboot the wireless AP Router 5 61 5 System Configuration Config Settings The Config Setting page allows you to save the wireless AP Router s current configuration or restore a previously saved configuration back to the device Save current device configuration to a local file Config Saves the Wireless AP Router s current configuration Save the device Upload a local file to restore as device configuration Restore Set device configuration to Factory default Factory Default panna Figure 5 62 Config Settings e Save Saves the current configuration locally or restores a previously saved configuration back to View Current Config Y e Restore Restores a previously saved configuration from a specified file e Factory Default Restores the factory defaults View Current Config Opens a display window that details parameters about the current configuration 202 11n Router configuration admin admin_remote_enable 0 admin_remote_port 8888 admin_remote_ssl_port 8443 admin_remote_from_ip 0 0 0 0 admin1 _ac admin _username root _password root admin2 _ac user _username user _password user admin3 _ac quest _username quest _password quest wan wan_bridge_enable 0 wan_manual_mac_enable 0 wan_manual_mac 00 00 00 00 00 00 wan_speed 0 wan_hostname mr3305a wan_domainname acct
36. 14 3GN wireless AP Router is an IEEE 802 11n wireless gateway router that connects your Internet access device cable or ADSL modem to your PC or local area network or to its own secure wireless network The wireless AP Router can be automatically configured with other Wi Fi Protected Setup WPS devices by simply pressing its WPS button For more detailed configuration the unit can also be set up through its easy to use web interface The wireless AP Router supports a wireless 3G Modem for primary and secondary backup WAN connectivity through its 3G Modem USB Port Package Checklist The wireless AP Router package includes 802 11b g n wireless AP Router SMCWBR14 3GN e RJ 45 Category 5 network cable AC power adapter Quick Installation Guide User Guide CD Inform your dealer if there are any incorrect missing or damaged parts If possible retain the carton including the original packing materials Use them again to repack the product in case there is a need to return it 4 Introduction Hardware Description Power Socket Security Slot Reset Button Ethernet WAN RJ 45 Port 3G Modem Ethernet LAN USB Port RJ 45 Ports Figure 1 1 Rear Panel Hardware Description 4 Antennas 3G Button WPS Button WLAN Button Figure 1 2 Front Panel ijt AP Router Mode Switch gt ES a Figure 1 3 Bottom Panel 1 3 4 Int
37. 55 255 2550 v Default Gateway 0 0 0 0 L2TP Username L2TP_USERNAME L2TP Password eeeccccccccce Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Primary DNS Set 168 95 1 1 Secondary DNS Sao 168 95 192 1 Figure 4 14 Setup Wizard WAN L2TP 4 12 Using the Setup Wizard 4 L2TP Network Mode Sets a L2TP network mode Default DHCP IP Address Sets the static IP address Default 0 0 0 0 available when L2TP Network Mode is set to static IP Subnet Mask Sets the static IP subnet mask Default 255 255 255 0 available when L2TP Network Mode is set to static IP Default Gateway The IP address of the gateway router for the wireless AP Router which is used if the requested destination address is not on the local subnet L2TP Username Sets the L2TP user name for the WAN port Default L2ATP_USERNAME Range 1 32 characters L2TP Password Sets a L2TP password for the WAN port Default L2TP_PASSWORD Range 1 32 characters Bigpond Enables the settings of Telstra Bigpond network service in Australia OStatic IP ODHCP O PPPoE 3G OPPTP OL2TP O Bigpond WAN Connection a O WiFi Dual WAN Backup WAN HETE saii gt DHCP PPPoEO3G PPTP L2TP Bigpond WiFi Bigpond Bigpond Username BIGPOND_USERNAME Bigpond Password eecccesesccceces Bigpond Authentication sm server Server C
38. CE Latvian Ar 30 SMC deklar ka Radio LAN device atbilst Direktivas 1999 5 EK Latviski b tiskaj m pras b m un citiem ar to saist tajiem noteikumiem Lithuanian Siuo SMC deklaruoja kad Sis Radio LAN device atitinka esminius Lietuviy reikalavimus ir kitas 1999 5 EB Direktyvos nuostatas Maltese Hawnhekk SMC jiddikjara li dan Radio LAN devvice jikkonforma Malti mal ti ijiet essenzjali u ma prowedimenti ohrajn relevanti li hemm fid Dirrettiva 1999 5 EC Spanish Por medio de la presente SMC declara que el Radio LAN device Espa ol cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE Polish Niniejszym SMC o wiadcza e Radio LAN device jest zgodny z Polski zasadniczymi wymogami oraz pozosta ymi stosownymi postanowien iami Dyrektywy 1999 5 EC Portuguese SMC declara que este Radio LAN device est conforme com os Portugu s requisitos essenciais e outras disposi es da Directiva 1999 5 CE Slovak SMC t mto vyhlasuje e Radio LAN device spl a z kladn Slovensky po iadavky a v etky prislusn ustanovenia Smernice 1999 5 ES Slovenian SMC izjavlja da je ta Radio LAN device v skladu z bistvenimi Slovensko zahtevami in ostalimi relevantnimi dolo ili direktive 1999 5 ES About This Guide Purpose This guide details the hardware features of the wireless AP Router including its physical and performance related characteris
39. CP Settings Router mode DHCP Server Enables the DHCP server Default Enabled Assigned DHCP IP Address Specify the start and end IP addresses of a range that the DHCP server can allocate to DHCP clients Note that the address pool range is always in the same subnet as the unit s IP setting The maximum clients that the unit can support is 253 DHCP IP Lease Time Select a time limit for the use of an IP address from the IP pool When the time limit expires the client has to request a new IP address The lease time is expressed in seconds Default 86400 seconds Range 60 864000 seconds Save Saves the current DHCP configuration Cancel Restores the previous DHCP configuration information Service Settings 5 DHCP Static Map Maps client MAC addresses to static IP addresses This allows specified clients to always be assigned the same IP when they request settings Maximum 32 entries are allowed MAC The physical layer address used to uniquely identify the static IP address to be assigned to the specified client MAC address The IP address must be in the same subnet as the wireless AP Router IP The static IP address to be assigned to the specified client MAC address The IP address must be in the same subnet as the wireless AP Router Description An optional brief description that can be used to help identify the client device Action Specifies changes or additions to the DHCP static map
40. DHCP PPPoE O3G PPTP L2TP Bigpond WiFi PPTP de O Static IP DHCP PPTP Username PPTP_USERNAME PPTP Password voerccrcnn Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically ear 168 95 1 1 A 168 95 192 1 Figure 4 13 Setup Wizard WAN PPTP 4 Initial Configuration PPTP Network Mode Sets a PPTP network mode Default DHCP IP Address Sets the static IP address Default 0 0 0 0 available when PPTP Network Mode is set to static IP Subnet Mask Sets the static IP subnet mask Default 255 255 255 0 available when PPTP Network Mode is set to static IP Default Gateway The IP address of the gateway router for the wireless AP Router which is used if the requested destination address is not on the local subnet PPTP Username Sets the PPTP user name for the WAN port Default PPTP_USERNAME Range 1 32 characters PPTP Password Sets a PPTP password for the WAN port Default PPTP_PASSWORD Range 1 32 characters L2TP Enables the Layer Two Tunneling Protocol L2TP for implementing virtual private networks The service is provided in many European countries WAN Connection Static IP ODHCP OPPPoE O 36 OPPTP L2TP O Bigpond O WiFi Dual WAN Backup WAN None Static 1P DHCP PPPoEO3G PPTP L2TP Bigpond WiFi L2TP ri aaa Static IP O DHCP IP Address 0 0 0 0 Subnet Mask 2
41. Desktop PC IP 192 168 2 x Figure 3 1 Operating as an Internet Gateway Router 3 Network Planning The private local network connected to the LAN port or wireless interface provides a Dynamic Host Configuration Protocol DHCP server for allocating IP addresses to local PCs and wireless clients and Network Address Translation NAT for mapping the multiple internal IP addresses to one external IP address The public external network connected to the WAN port supports DHCP client Point to Point Protocol over Ethernet PPPoE and static IP for connection to an Internet service provider ISP through a cable or DSL modem The 3G Modem link can provide a backup Internet connection with automatic failover and fallback to the primary WAN connection LAN Access Point The wireless AP Router can provide an access point service for an existing wired LAN creating a wireless extension to the local network The wireless AP Router functions as purely an access point when set to AP Mode When used in this mode there are no gateway functions between the WAN port and the LAN and wireless interface A Wi Fi wireless network is defined by its Service Set Identifier SSID or network name Wireless clients that want to connect to a network must set their SSID to the same SSID of the network service The wireless AP Router supports two separate wireless interfaces that is two SSIDs or Virtual Access Points VAPs The two VAP interfaces can be
42. G WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE OR USE OF ITS PRODUCTS SMC SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY CUSTOMER S OR ANY THIRD PERSON S MISUSE NEGLECT IMPROPER INSTALLATION OR TESTING UNAUTHORIZED ATTEMPTS TO REPAIR OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OR OTHER HAZARD LIMITATION OF LIABILITY IN NO EVENT WHETHER BASED IN CONTRACT OR TORT INCLUDING NEGLIGENCE SHALL SMC BE LIABLE FOR INCIDENTAL CONSEQUENTIAL INDIRECT SPECIAL OR PUNITIVE DAMAGES OF ANY KIND OR FOR LOSS OF REVENUE LOSS OF BUSINESS OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE USE PERFORMANCE FAILURE OR INTERRUPTION OF ITS PRODUCTS EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CONSUMER PRODUCTS SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS WHICH MAY VARY FROM STATE TO STATE NOTHING IN THIS WARRANTY SHALL BE TAKEN TO AFFECT YOUR STATUTORY R
43. General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software or use pieces of it in new free programs and that you know you can do these things To protect your rights we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the software or if you modify it For example if you distribute copies of such a program whether gratis or for a fee you must give the recipients all the rights that you have You must make sure that they too receive or can get the source code And you must show them these terms so they know their rights License Information We protect your rights with two steps 1 copyright the software and 2 offer you this license which gives you legal permission to copy distribute and or modify the software Also for each author s protection and ours we want to make certain that everyone understands that there is no warranty for this free software If the software is modified by someone else and passed on we want its recipients to know that what they have is not the original so that any problems introduced by others will not reflect on the original authors reputations Finally any free p
44. IGHTS SMC will provide warranty service for one year following discontinuance from the active SMC price list Under the limited lifetime warranty internal and external power supplies fans and cables are covered by a standard one year warranty from date of purchase SMC Networks Inc 20 Mason Irvine CA 92618 vi Compliances Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help T
45. IP Destination Port Protocol TCP y DSCP 0 63 Priority low Y Min Bandwidth Kbps Max Bandwidth Kbps Comment Change Source Source Destination Destination DSCP Min Bandwidth Max Bandwidth Figure 5 34 QoS Settings Router mode Bandwidth QoS Setting The maximum upload and download speeds of the Internet connection on the WAN port It is recommended that you set these values at between 85 90 of your true speeds Most broadband services are rated in Megabits per second Mbps To convert Mbps to Kilobits per second Kbps multiply the value by 1024 The following table lists the most common broadband service speeds Mbps Kilobits 1 1024 2 2048 3 3072 4 4069 6 6144 8 8192 12 12288 QoS Bandwidth Enables the QoS bandwidth management and traffic control LAN Setting 5 WAN Upload Bandwidth Sets the maximum WAN upload bandwidth Default 102400 kbps LAN Download Bandwidth Sets the maximum LAN download bandwidth Default 102400 kbps Traffic Control QoS The feature is applied when the applications use static ports to provide services The wireless AP Router can map traffic using specific TCP UDP ports to one of the QoS priorities low medium high and highest Maximum 32 entries are allowed e Enable Activates an application port based QoS entry Default Disabled Interface Specifies the LAN ports download or WAN port upload
46. Installation The wireless AP Router has two basic operating modes that can be set through the switch on the bottom panel of the device e Router Mode Normal gateway mode that connects a wired LAN and wireless clients to an Internet access device such as a cable or DSL modem This is the factory set default mode AP Mode An access point mode that extends a wired LAN to wireless clients In addition to these basic operating modes each wireless interface supports a Wireless Distribution System WDS link to another wireless AP Router These advanced configurations are not described in this section See Network Planning on page 3 1 for more information In a basic configuration how the wireless AP Router is connected depends on the operating mode The following sections describe connections for basic Router Mode and AP Mode operation Router Mode In its default Router Mode the wireless AP Router forwards traffic between an Internet connected cable or ADSL modem and wired or wireless PCs or notebooks The basic connections are illustrated in the figure below 4 Setup wireless devices gt h T Co Notebook PC t w i a f d Connect WAN port to Connect AC power cable DSL modem adapter to power Internet y EN g gt Connect LAN port lt lt pe oe Cable DSL Modem a Figure 2 1 Router Mode Connection 2 Installation To connect the wireless AP Router in Router
47. Manually If the 3G start mode is set to Manually then you can only connect to the 3G Internet service by pressing the 3G button on the wireless AP Router or by using the web interface Ethernet Speed N A Ethernet MAC Address 00 12 CF 9B 57 BC WAN Backup Status None Internet Connection Type 3G Connect Status 3G Disconnected IP Address N A Subnet Mask N A MTU N A Gateway Address N A DNS 1 Primary N A DNS 2 Secondary N A 3G modem identification N A Signal Strength N A Remaining Budget Bytes OMBytes Remaining Budget Time OMinutes manual mode only Figure 5 28 Manually Start 3G Pin Code Protect Enables the use of a PIN code personal identification number to encrypt access to the wireless 3G connection Some service providers do not require PIN code authentication If a PIN code is not required for your 3G 3 5G modem disable this function Default Enabled Specifies a PIN code number that corresponds with that set on your 3G 3 5G USB modem and displays the status of the 3G connection Not dial yet Indicates that the 3G is not dialed and PIN is not authenticated yet Authenticated successfully Indicates that the 3G connection has authenticated successfully Dial Code A dialled access code that connects the USB device to the service provider APN Service The name that uniquely identifies the cellular operator access point name APN 3G Username The username of the account registered with the servic
48. Mode for use as an Internet gateway follow these steps 1 Connect an Ethernet cable from the wireless AP Router s WAN port to your Internet connected cable or ADSL modem 2 Connect an Ethernet cable from the wireless AP Router s LAN port to your PC Alternatively you can connect to a workgroup switch to support multiple users The wireless AP Router can support up to 253 wired and wireless users 3 Power on the wireless AP Router by connecting the AC power adapter and plugging it into a power source Caution Use ONLY the power adapter supplied with the wireless AP Router Otherwise the product may be damaged When you power on the wireless AP Router verify that the Power LED turns on and that the other LED indicators start functioning as described under LED Indicators on page 1 4 4 Setup wireless devices by pressing the WPS button on the wireless AP Router or by using the web interface See Initial Configuration on page 4 1 for more information on accessing the web interface AP Mode In AP Mode the wireless AP Router operates as a wireless access point extending a local wired network to associated wireless clients PCs or notebooks with wireless capability From any nearby location you can then make a wireless connection to the wireless AP Router and access the wired network resources including local servers and the Internet In AP Mode the wireless AP Router does not support gateway functions on its WAN
49. Netmask Displays the subnetwork associated with the destination 5 66 Status Information 5 e Flags Possible flags include U route is up H target is a host G use gateway C cache entry Reject route Metric A number used to indicate the cost of the route so that the best route among potentially multiple routes to the same destination can be selected Ref Number of references to this route Use Count of lookups for the route e Iface Interface to which packets for this route will be sent Packet Statistics The device keeps statistics of the data traffic that it handles You are able to view the amount of Received and Sent packets that passes through the device on both the WAN port and the LAN ports The traffic counter will reset when the device is rebooted Send Bytes Send Pkts bro 1598961 9808757 15880 14844 eth1 1200974 10019871 10620 14658 x lo 3146 3146 29 29 o 0 wlan 79681936 1415848 865138 45681 0 0 Figure 5 72 Packet statistics Interface Displays the name of the interface the packet statistics relate to Recv Bytes The total number of bytes received on the interface Send Bytes The total number of bytes sent from the interface e Recv Pkts The total number of packets received on the interface e Send Pkts The total number of packets sent from the interface e Recv Errs The total number of inbound packets that could not be delivered throug
50. O THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS Glossary 10BASE T IEEE 802 3 2005 specification for 10 Mbps Ethernet over two pairs of Category 3 or better UTP cable 100BASE TX IEEE 802 3 2005 specification for 100 Mbps Fast Ethernet over two pairs of Category 5 or better UTP cable Access Point An internetworking device that seamlessly connects wired and wireless networks Access points attached to a wired network support the creation of multiple radio cells that enable roaming throughout a facility Advanced Encryption Standard AES An encryption algorithm that implements symmetric key cryptography AES provides very strong encryption using a completely different ciphering algor
51. P WAN LAN WLAN and WDS settings Information Router ssmcmr3306a 1 0 0 4 ba smcl11n smc com 1970 01 01 09 34 52 1 24 N A 00 12 CF 9B 57 BC a 5 00 12 CF 9B 57 BD 192 168 2 1 255 255 255 0 802 11b g n Mixed 1 SMC 00 12 CF 9B 57 BE Figure 5 21 System Information Router mode a 2 The information in this chapter is organized to reflect the structure of the web management screens for easy reference The Configuration pages include the options in the table below For details on configuration for each feature see the corresponding page number 5 Note The displayed pages and settings may differ depending on whether the unit is in Router or AP Mode Table 5 1 Configuration Options Menu Description Mode Page Network Settings 5 4 Management IP Specifies an IP and subnet mask for management access AP 5 4 WAN Configures settings for the wide area network Router 5 5 LAN Sets the unit s IP address and enables DNS Router 5 19 QoS Configures Quality of Service QoS for wireless traffic Router 5 20 Wireless Settings 5 22 Basic Setting Configures wireless transmission method frequency and SSID Both 5 23 Advanced Setting Configures advanced wireless transmission values Both 5 25 WLAN Security Configures radio security parameters for the VAP interface Both 5 27 WDS ApClient WLAN MAC ACL Configures MAC ACLs for th
52. P address each time it connects WAN Connection O Static IP ODHCP OPPPoE O3G OPPTP OL2TP O Bigpond O WiFi Dual WAN None StaticIP DHCP PPPo0EO3G PPTP L2TP Backup WAN Bigpond WiFi Static IP Static IP MTU 1500 bytes Static IP MRU 1500 bytes IP Address 0 0 0 0 Subnet Mask 255 255 255 0 M Default Gateway 0 0 0 0 Common Settings OS Auto Negotiated default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc O Manual Setting 00 01 80 36 94 21 MAC Clone Ping from WAN Dallowed ral DNS 168 95 1 1 O 168 95 192 1 Figure 5 25 WAN Settings for Static IP Router mode Static IP Configures a static IP for the WAN port Static IP MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU is expressed in bytes Default 1500 bytes Static IP MRU Sets the maximum packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 1500 bytes IP Address Sets the static IP address as given by the PPTP service provider Default 0 0 0 0 available when PPTP Network Mode is set to static IP Subnet Mask Sets the static IP subnet mask Default 255 255 255 0 available when PPTP Network Mode is set to static IP Default Gateway The IP address of the gateway router for the wireless AP Router which is used if the r
53. PIN code is entered for the 3G adapter s network service provider Appendix B Specifications Operating Frequency 802 11g n 2 4 2 4835 GHz US Canada 2 4 2 4835 GHz ETSI Japan 2 412 2 462 GHz Taiwan 802 11b 2 4 2 4835 GHz US Canada 2 4 2 4835 GHz ETSI 2 4 2 497 GHz Japan 2 412 2 462 GHz Taiwan Data Rate 802 11b 1 2 5 5 11 Mbps per channel 802 11g 6 9 12 18 24 36 48 54 Mbps per channel 802 11n 27 54 81 108 162 216 243 270 300 Mbps per channel 40MHz Operating Channels 802 11b g and 802 11n 20MHz 11 channels 802 11n 40MHz 7 channels Modulation Type 802 11b g n DSSS OFDM OFDM MIMO AC Power Adapter Input 100 or 240 VAC 50 60 Hz Output 12V 1 5A LED Indicators POWER LAN Ethernet Link Activity WAN Ethernet Link Activity WLAN Wireless Link Activity WPS WPS in progress USB 3G Wireless Link Activity Network Management Web browser Temperature Operating 0 to 40 C 32 to 104 F Storage 20 to 70 C 4 to 158 F Humidity 15 to 95 non condensing Compliances FCC Part 15B Class B B 1 B Specifications EN 55022B EN 55024 EN61000 3 2 EN61000 3 3 Radio Signal Certification FCC Part 15C 15 247 15 207 2 4 GHz EN 300 328 EN 301 489 1 EN 301 489 17 Standards IEEE 802 11b g IEEE 802 11n draft v2 0 Physical Size 21 0 x 16 5 x 4 0 cm 8 27 x 6 50 x 1 57 in Weight 350 g 12 3 oz B 2 App
54. Protocol HTTP HTTP is a standard used to transmit and receive all data over the World Wide Web IEEE 802 11b A wireless standard that supports wireless communications in the 2 4 GHz band using Direct Sequence Spread Spectrum DSSS The standard provides for data rates of 1 2 5 5 and 11 Mbps IEEE 802 119 A wireless standard that supports wireless communications in the 2 4 GHz band using Orthogonal Frequency Division Multiplexing OFDM The standard provides for data rates of 6 9 11 12 18 24 36 48 54 Mbps IEEE 802 11g is also backward compatible with IEEE 802 11b IEEE 802 11n A wireless standard that supports wireless communications in the 2 4 GHz band using Orthogonal Frequency Division Multiplexing OFDM The standard provides for data rates of 27 54 81 108 162 216 243 270 300 Mbps IEEE 802 11n is also backward compatible with IEEE 802 11b g Infrastructure An integrated wireless and wired LAN is called an infrastructure configuration Local Area Network LAN A group of interconnected computer and support devices MAC Address The physical layer address used to uniquely identify network nodes Network Time Protocol NTP NTP provides the mechanisms to synchronize time across the network The time servers operate in a hierarchical master slave configuration in order to synchronize local clocks within the subnet and to national time standards via wire or radio Glossary 2 Glossary Open System
55. Router s hardware using the web interface or through a power reset Reset the wireless AP Router to its default configuration by pressing the reset button on the back panel for 5 seconds or more Connect to the web management interface using the default IP address 192 168 2 1 then setup a user name and password A Troubleshooting Diagnosing LED Indicators Troubleshooting Chart Symptom POWER LED is Off Action The AC power adapter may be disconnected Check connections between the wireless AP Router the power adapter and the wall outlet WLAN LED is Off The wireless AP Router s radio has been disabled through it s web management interface Access the management interface using a web browser to enable the radio LAN WAN LED is Off when port connected Verify that the wireless AP Router and attached device are powered on Be sure the cable is plugged into both the wireless AP Router and corresponding device Verify that the proper cable type is used and its length does not exceed specified limits Check the cable connections for possible defects Replace the defective cable if necessary 3G USB LED is Off Be sure that your mobile 3G adapter is connected to the USB port 3G USB LED is continuously flashing You may have entered an incorrect PIN code for the device or your 3G adapter might be locked Be sure to unlock the 3G adapter e Verify that the correct
56. Router without verifying Penes None y its identity In this mode the default encryption type is None Shared The shared key approach Uses MANS Wired Equivalent Privacy WEP to verify entiestion mode Shared 5 a i a 7 Encryption Type WEP vw client identity by distributing a shared key etait keyi i to clients before attempting key1 ASCH E or 19 chars Y authentication TA ASCII 5 or 13 chars Kae ASCII 6 or 13 chars on ASCII 5 or 13 chars WEP Auto Allows WLAN clients to Authentication Mode WEP Auto y i Encryption Type WEP v associate using Open WEP uses WEP roo E for encryption only or Shared WEP uses WEP for authentication and encryption If enabled you must configure at least one key for the VAP es interface and all its clients Wired Equivalent Privacy WEP provides a basic level of security preventing unauthorized access to the network and encrypting data transmitted between wireless clients and the wireless AP Router WEP uses static shared keys fixed length hexadecimal or alphanumeric strings that are manually distributed to all clients that want to use the network WPA Personal or WPA2 Personal The WANTS ys lll ASCII 5 or 13 chars Y Keyl ASCII 5 or 13 chars Key2 qI ae ASCII or 13 chars ASCII 5 or 13 chars Key4 gt WPA or WPA2 Personal mode uses a Athentication Mode WPA Personal i Encryption Type TKIP common passwo
57. S Wi Fi Protected Setup WPS is designed to ease installation and activation of security features in wireless networks WPS has two basic modes of operation Push button Configuration PBC and Personal Identification Number PIN The WPS PIN setup is optional to the PBC setup and provides more security The WPS button on the wireless AP Router can be pressed at any time to allow a single device to easily join the network Note WPS settings only apply to WLAN1 The WPS Settings page includes configuration options for setting WPS device PIN codes and activating the virtual WPS button WiFi Protected Setup Enable default enabled Lock Security Setting C Enable default disabled WPS Configured No WPS Status Unused SSID SMC Auth Mode Open Encryption Type None WPAPSK WPS Mode as Registrar add other enrollee to this device iy WPS Config Method PIN Personal Identification Number x PIN Code of this AP 01805420 Add Enrollee PIN Code Figure 5 45 WPS Settings WPS Settings Enables WPS locks security settings and refreshes WPS configuration information WiFi Protected Setup Enables WPS Default Enabled e Lock Security Setting Enabling this setting and clicking Submit or Reset allows the wireless AP Router to retain the previous WPS negotiated security setup after a reboot or power off Upon booting the unit will not re authenticate 5 39 5 System Configuration client
58. SMC Networks USER GUIDE Barricade Draft 11n Wireless 3G Broadband Router 802 11b g n Wireless AP Router SMCWBR14 3GN 802 11b g n Wireless AP Router User Guide SMC Networks 20 Mason February 2009 Irvine CA 92618 Pub 149100043400A Phone 949 679 8000 E022009 AP RO1 Information furnished by SMC Networks Inc SMC is believed to be accurate and reliable However no responsibility is assumed by SMC for its use nor for any infringements of patents or other rights of third parties which may result from its use No license is granted by implication or otherwise under any patent or patent rights of SMC SMC reserves the right to change specifications at any time without notice Copyright 2009 by SMC Networks Inc 20 Mason Irvine CA 92618 All rights reserved Trademarks SMC is a registered trademark and EZ Switch TigerStack and TigerSwitch are trademarks of SMC Networks Inc Other product and company names are trademarks or registered trademarks of their respective holders Limited Warranty Limited Warranty Statement SMC Networks Inc SMC warrants its products to be free from defects in workmanship and materials under normal use and service for the applicable warranty term All SMC products carry a standard 90 day limited warranty from the date of purchase from SMC or its Authorized Reseller SMC may at its own discretion repair or replace any product not operating as warranted
59. The wireless AP Router is designed to be very flexible in its deployment options It can be used as an Internet gateway for a small network or as an access point to extend an existing wired network to support wireless users It also supports use as a wireless bridge to connect two wired LANs This chapter explains some of the basic features of the wireless AP Router and shows some network topology examples in which the device is implemented Internet Gateway Router The wireless AP Router can connect directly to a cable or DSL modem to provide an Internet connection for multiple users through a single service provider account Users connect to the wireless AP Router either through a wired connection to a LAN port or though the device s own wireless network The wireless AP Router functions as an Internet gateway when set to Router Mode An Internet gateway employs several functions that essentially create two separate Internet Protocol IP subnetworks a private internal network with wired and wireless users and a public external network that connects to the Internet Network traffic is forwarded or routed between the two subnetworks Internet Service Provider r 3G Internet y SS Service e aua N LS Provider nN i A y Cable DSL JE y Modem 36 Modem 1 pP gres from 18 ireless AP Router eS ass pe E e 1921687 Notebook PC i IP 192 168 2 x UN a AZ LAN Switch Server gt Y pf IP 192 168 2 x
60. an appropriate copyright notice and a notice that there is no warranty or else saying that you provide a warranty and that users may redistribute the program under these conditions and telling the user how to view a copy of this License Exception if the Program itself is interactive but does not normally print such an announcement your work based on the Program is not required to print an announcement These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Program and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Program the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Program In addition mere aggregation of another work not based on the Program with the Program or with a work based on the Program on a volume of a storage or distribution medium does not bring the other work u
61. ared Key WPA PSk WPA PSK can be used for small office networks with a limited number of users that may not need a high level of security WPA PSK provides a simple security implementation that uses just a pre shared password for network access Glossary 4 Index A AC power adapter 1 5 ACL configuration 5 37 administrator accounts 5 61 administrator password 5 61 administrator username 5 61 Advanced Setting menu 5 25 AES 5 30 5 35 5 36 AP mode 2 1 2 2 authentication mode 4 16 5 29 5 34 5 35 B bridge 3 4 5 34 H host name 5 6 5 64 l IEEE 802 11n 1 1 IEEE 802 1X 5 27 5 32 IP address 4 5 5 5 5 19 5 64 L LAN packet filter 5 49 LAN setting 5 19 LED indicators 1 4 Cc channels maximum B 1 clients maximum B 1 contents package 1 1 M MAC packet filter 5 49 MDI MDI X automatic 1 5 D DDNS 5 55 DHCP client list 5 53 DHCP server 5 8 5 52 DHCP server address 5 64 DMZ 5 45 N NAT setting 5 45 NTP server 5 57 E Ethernet ports 1 5 F firmware version 5 64 P package checklist 1 1 packet statistics 5 67 port forwarding 5 47 port trigger 5 46 Power LED 1 4 A 2 power socket 1 5 PPPoE 4 11 4 12 5 9 5 11 5 14 5 15 primary DNS server 4 4 5 6 G gateway address 4 5 4 12 4 13 5 8 5 16 5 41 5 65 5 66 R RADIUS 5 32 reboot 5 61 repeater 5 34 Reset button 1 6 router mode 2 1 Index 1 Index S secondary DNS ser
62. ast Flashing Indicates that 3G usage is already over the ISP supplied limit Green Ultra Fast Flashing Indicates that 3G usage is already over the user defined pre warning Green and OFF limit cycle every 5 seconds Slow Flashing Green Indicates that the 3G 3 5G USB modem is in the process of connecting Off Indicates that there is no connection or no attached 3G 3 5G device Slow flashing is an on off cycle of once every 2 seconds The flashing lasts for 10 seconds then stops Fast flashing on off cycle of once of every 0 5 seconds Untra Fast flashing on off cycle of once of every 0 2 seconds Ethernet RJ 45 Ports The wireless AP Router has the following RJ 45 ports The four RJ 45 LAN ports are for connections to PCs or to a 10 100 Mbps The RJ 45 WAN port is for connection to a DSL or cable modem or to a LAN or other device that provides your Internet access All RJ 45 ports auto negotiate the operating speed to 10 100 Mbps the mode to half full duplex and the pin signals to MDI MDI X Automatic MDI MDI X support enables you to use straight through cables for all network connections to PCs switches or hubs 3G Modem USB Port The 3G Modem USB Port supports connection to a wireless cellular 3G or 3 5G modem for broadband internet access 3G Button The 3G button provides an easy way to connect to a 3 G or 3 5G Internet service For information on the 3G start mode See 3G
63. ater network capacity through improved spectral efficiency Services include wide area wireless voice telephony video calls and broadband wireless data all in a mobile environment To use the 3G option you need to first connect a 3G 3 5G USB modem to the USB port on the back of the unit and have registered an account with a cellular operator WAN Connection Dual WAN Backup WAN 3G Start Mode Pin Code Protect Dial Code APN Service 3G Username 3G Password OStatic IP ODHCP OPPPoE 3G OPPTP OL2TP O Bigpond O WiFi None O Static IP O DHCP O PPPoE 3G O PPTP O L2TP O Bigpond O WiFi Automatically Manually Enable Not dial yet 99 internet 3G_USERNAME Connect Type 3G Max Idle Time 300 seconds default 300 Budget Control C Enable default disabled Common Settings pl ETE Auto Negotiated x default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc Mac O Manual Setting _00 00 00 00 00 00 MAC Clone Ping from WAN C Allowed Set DNS Server OManually Automatically Figure 5 27 WAN Settings for 3G Router mode 3G Enables a 3G 3 5G wide area wireless cellular link on the USB port using an optional USB modem Start Mode Select the 3G start mode Automatically If 3G is selected as primary WAN when you connect to the 3G modem enter the PIN code then the wireless router will connect to 3G Internet service automatically 5 11 5 System Configuration
64. b browser and to support other features The unit has a default IP address of 192 168 2 1 You can use this IP address or assign another address that is compatible with your existing local network Click on Network Settings followed by LAN LAN IP Address 192 168 2 1 Subnet Mask 255 255 255 0 v DNS Proxy Enable default enabled Figure 5 33 LAN Settings Router mode LAN IP Address Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods The default setting is 192 168 2 1 Subnet Mask Indicate the local subnet mask Default 255 255 255 0 DNS Proxy Enables DNS proxy on the LAN port Default Enabled 5 19 5 System Configuration QoS Setting The QoS setting page is used to configure Quality of Service QoS for Traffic Prioritization and Bandwidth Management Quality of Service QoS provides users the control over which type of outgoing data traffic is given priority by the router The throughput rate of both the upload and download data passed through the wireless AP Router can be throttled Bandwidth Setting QoS Bandwidth vl Enable Bandwidth management and traffic control for QoS support WAN Upload Bandwidth 102400 Kbps LAN Download Bandwidth 102400 Kbps Save Cancel Traffic Control Enable Rule Setup bandwdith rules with ip address and port Interface WAN Upload Source IP Source Port Destination
65. before purchase vii Modulation Interface Brand Name Model Name FCC ID Technology GSM HSDPA USB HUAWEI E220 QISE220 Modem 3G Card GSM UMTS 3G Card Sony Ericsson MD300 PY7F3232021 GSM 3G Card Band Luxe C100S UZI C100 EC Conformance Declaration C Marking by the above symbol indicates compliance with the Essential Requirements of the R amp TTE Directive of the European Union 1999 5 EC This equipment meets the following conformance standards EN 60950 1 2001 Safety of Information Technology Equipment EN 50392 2004 Generic standard to demonstrate the compliance of electronic and electrical apparatus with the basic restrictions related to human exposure to electromagnetic fields 0 Hz 300 GHz EN 300 328 V1 6 1 2004 11 Electromagnetic compatibility and Radio spectrum Matters ERM Wideband transmission systems Data transmission equipment operating in the 2 4 GHz ISM band and using wide band modulation techniques Harmonized EN covering essential requirements under article 3 2 of the R amp TTE Directive EN 301 489 17 V1 2 1 2002 08 and EN 301 489 1 V1 5 1 2004 11 Electromagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 17 Specific conditions for 2 4 GHz wideband transmission systems and 5 GHz high performance RLAN equipment This device is a 2 4 GHz wideband transmission system tra
66. cal and are described in the section below Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Sere 168 95 1 1 A 168 95 192 1 Figure 4 5 Common Settings WAN Ethernet MAC Some ISPs limit Internet connections to a specified MAC address of one PC This setting allows you to manually change the MAC address of the wireless AP Router s WAN interface to match the PC s MAC address provided to your ISP for registration You can enter the registered MAC address manually by typing it in the boxes provided Otherwise connect only the PC with the registered MAC address to the wireless AP Router then click the MAC Clone Default Original MAC Note If you are unsure of the PC MAC address originally registered by your ISP call your ISP and request to register a new MAC address for your account Register the default MAC address of the wireless AP Router Original MAC Specifies a preset MAC address to uniquely identify the unit Manual Setting Configures a specific MAC address to use for the WAN connection Set DNS Server Allows manual or automatic selection of DNS severs Primary DNS Server The IP address of the Primary Domain Name Server on the network ADNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses If you have
67. cated successfully 4 Initial Configuration Dial Code A dialled access code that connects the USB device to the service provider APN Service The name that uniquely identifies the cellular operator access point name APN 3G Username The username of the account registered with the service provider 3G Password The password of the account registered with the service provider Connect Type Selects the connection type as Keep Alive or Auto Connect Default Auto Connect 3G Max Idle Time The maximum length of inactive time the unit will stay connected to the 3G service provider before disconnecting This feature only works when Connect Type is set to Auto Connect Default 300 seconds e Budget Control You can set a monthly limit on time or the total data For more details please refer to the following table Budget Control Enable default disabled DO Time 0 hours Budget Budget per month Criterion Obata 2 MBytes Download Y per Budget per month month Actions if Over Budget Drop Current Cellular Disallow New Cellular connection connection Budget Policy Trigger by Limit Budget 0 of the time budget 0 of the data budget E mail Alert will recur every 10 minutes Budget Counter Reset on E st day per month v SMTP Authentication LOGIN Username Password E mail Settings Mail Server Mail Sender Mail Recipient Figure 4 12 3G Budget Control Budget Criterion
68. characters L2TP Max Idle Time The maximum length of inactive time the unit will stay connected to the DSL service provider before disconnecting Default 15 seconds Range 5 600 seconds L2TP Retry Time After Disconnect Sets a L2TP retry time after the network is disconnected Default 0 seconds disabled L2TP Server Configures the IP address of the L2TP server interface Default 0 0 0 0 5 16 Bigpond WAN Setting S BigPond is an Australian Internet service provider is a subsidiary of Telstra and owns a majority share of Internet access in Australia WAN Connection Dual WAN Backup WAN Bigpond Bigpond Username Bigpond Password Bigpond Authentication Server Ping from WAN Set DNS Server OStatic IP O DHCP O PPPoE O3G OPPTP OL2TP O Bigpond O WiFi None StaticIP DHCP PPPoEO3G PPTP L2TP Bigpond O WiFi BIGPOND_USERNAME sm server Auto Negotiated iy default Auto Negotiated Original MAC 00 12 cf 9b 57 bc O Manual Setting 00 00 00 00 00 00 MAC Clone Dallowed O Manually Automatically Figure 5 31 WAN Settings for Bigpond Router mode Bigpond Enables the settings of Telstra Bigpond network service in Australia Bigpond Username Sets the Bigpond user name for the WAN port Default BIGPOND_USERNAME Range 1 32 characters Bigpond Password Sets a Bigpond password for the WAN port Default BIGPOND_USERNAME Range 1 32 characters Bigpond Authentication Serve
69. configured separately to support different security settings or other wireless functions MMM q Server Ry A IP 192 168 2 x SS Desktop PC a IP 192 168 2 x NS Notebook PC IP 192 168 2 x TARE o Da SSID 2 Notebook PC Wireless AP Rout r private IP 192 168 2 x e e a a SSID 1 public Figure 3 2 Operating as an Access Point Wireless Client 3 Wireless Client The wireless AP Router can operate as a wireless client on one VAP interface which enables a connection to another Wi Fi network When the wireless client option is enabled as a WAN connection the client VAP interface functions as an external gateway WAN port When the wireless client option is enabled as a LAN connection the other VAP interface and LAN ports all function as the local network within the same IP subnet Internet Service Provider i cl DA Modem 2 NQ PO AA c E ae yg cien WAN work Wireless AP Routel K sa wireless ena ne Notebook PC Los IP 192 168 2 x om qe a ports 1082 x a a LAN Switch an be Server gs IP 192 168 2 x Desktop PC IP 192 168 2 x Wii Figure 3 3 Operating with a Wireless Client WAN Connection 3 Network Planning Wireless Bridge The IEEE 802 11 standard defines a Wireless Distribution System WDS for bridge connections between access points The wireless AP Router can use WDS to forward traffic on links between units A single WDS bridge link can be sp
70. ction is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License If the distribution and or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License The Free Software Foundation may publish revised and or new versions of the General Public License from time to time Such new versions will be similar in spirit to the present
71. ddresses except those on the ACL list or Reject All but Allow those on MAC List to block access from all MAC addresses except those on the ACL list Default Disabled e Submit Implements the selected MAC Access Policy MAC Access Policy Disabled Reject All but Allow those on MAC List 5 37 5 System Configuration e Reset Restores the previous MAC Access Policy configuration information Enable Activates the MAC address into the ACL MAC Address MAC Address to filter specified in the form of 12 hexadecimal digits XX XX XX XX XX XX e Description An optional parameter to help identify the selected MAC address Range 1 16 characters Action Specifies an action to take on the MAC ACL filtering configuration Change By selecting a MAC ACL entry from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured MAC ACL entry to the list Edit Click Edit to highlight a configured MAC ACL filtering rule for changing its parameters Delete Deletes a MAC entry from the list Associated Client List Lists the MAC addresses of wireless clients currently associated to the wireless AP Router MAC A wireless client MAC address e Description An optional parameter that helps identify the MAC address of the associated client 5 38 Wireless Settings 5 Wi Fi Protected Setup WP
72. den ehtojen mukainen Dutch Hierbij verklaart SMC dat het toestel Radio LAN device in Nederlands overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG French Par la pr sente SMC d clare que l appareil Radio LAN device est Fran ais conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Swedish H rmed intygar SMC att denna Radio LAN device star Svenska verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG Danish Undertegnede SMC erkl rer herved at f lgende udstyr Radio LAN Dansk device overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF German Hiermit erkl rt SMC dass sich dieser diese dieses Radio LAN device Deutsch in bereinstimmung mit den grundlegenden Anforderungen und den anderen relevanten Vorschriften der Richtlinie 1999 5 EG befindet BMWi Greek ME THNIAPOYZA smc AHAQNG OT radio LAN device 2YMVCP ONETAI eAANVIKO MPO T OYZIQAKZ ANAITHZAZ KAI Tt AONE 2XEMKE AAAA TH OAH IA 1999 5 EK Hungarian Alulirott SMC nyilatkozom hogy a Radio LAN device megfelel a Magyar vonatkoz alapvet k vetelm nyeknek s az 1999 5 EC ir nyelv egy b eldir sainak Italian Con la presente SMC dichiara che questo Radio LAN device Italiano conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5
73. der ISP ee s O Static IP DHCP OPPPoE 3G OPPTP OL2TP O Bigpond O WiFi Dual WAN ONone StaticIP DHCP PPPOEO3G PPTP L2TP Backup WAN Bigpond O WiFi Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc se O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Primary DNS aaae e ee 168 95 1 1 Secondary DNS aera 1168 95 192 1 Figure 4 7 Setup Wizard WAN DHCP Using the Setup Wizard 4 PPPoE Enable the wireless AP Router IP address to be assigned automatically from an Internet service provider ISP through an ADSL modem using Point to Point Protocol over Ethernet PPPoE VANC O Static IP DHCP PPPoE O3G OPPTP OL2TP O Bigpond O WiFi Dual WAN ic IP P PPP PP P Backup WAN none SZI DHC PPoE 3G TP L2TI Bigpond WiFi PPPoE ising Network O static IP DHCP PPPoE Username PPPOE_USERNAME PPPoE Password eeeceeeeecccce Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting _00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Poma ONS 168 95 1 1 N 168 95 192 1 Figure 4 8 Setup Wizard WAN PPPoE PPPoE Network Mode Sets a PPPoE network mode Default DHCP PPPoE IP Address Sets the static IP address Default 0 0 0 0 available when PPPoE Network Mode is set to static IP PPPoE Username Sets the PPPoE user name for the WAN port Default PPPOE_USERNAME Range 1 32
74. e SIM card may be locked Please be sure PIN code is correct or not protected Figure 4 10 Setup Wizard WAN 3G PIN Code Warning An unauthenticated connection will display the message Not dial yet beneath the PIN code as shown in the following example WAN OStatic IP ODHCP O PPPoE 3G OPPTP OL2TP O Bigpond Connection O wiFi Dual WAN EA None O Static 1P O DHCP OPPPoE 3G O PPTP O L2TP O Bigpond O WiFi 3G Pn code Enable 1234 Not dial yet Dial Code 99 APN Service internet 3G Username 3G_USERNAME 3G Password eecccccccce Connect Type Auto Connect iy a Idle 300 seconds default 300 Budget Control Enable default disabled Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Figure 4 11 Setup Wizard WAN 3G Unauthenticated Pin Code Protect Enables the use of a PIN code personal identification number to encrypt access to the wireless 3G connection Some service providers do not require PIN code authentication If a PIN code is not required for your 3G 3 5G modem disable this function Default Enabled Specifies a PIN code number that corresponds with that set on your 3G 3 5G USB modem and displays the status of the 3G connection Not dial yet Indicates that the 3G is not dialed and PIN is not authenticated yet Authenticated successfully Indicates that the 3G connection has authenti
75. e Source IP The source IP address e Source Port Specifies source TCP UDP port numbers used by an application Multiple ports can be specified for example you can enter 1000 2000 for a continuous port range Also specific ports or port ranges can be entered together in one expression for example 1000 2000 2100 3000 Up to eight elements can be supported in each expression Range 1 65535 Destination IP The destination IP address e Desination Port Specifies destination TCP UDP port numbers used by an application Multiple ports can be specified for example you can enter 1000 2000 for a continuous port range Also specific ports or port ranges can be entered together in one expression for example 1000 2000 2100 3000 Up to eight elements can be supported in each expression Range 1 65535 e Protocol Specifies TCP or UDP e DSCP Differentiated Services Code Point DSCP specifies a field in the header of IP packets for packet classification purposes e Priority Selects Low Medium High or Highest as the QoS priority specified for an application Minimum Bandwidth Specifies the smallest bandwidth allowed Maximum Bandwidth Specifies the largest bandwidth allowed Comment An optional field to make notation Action Specifies an action to take on the QoS table entry Change By selecting an entry from the table its parameters display in an editable form Click Change to
76. e VAP interface Both 5 37 WPS Configures WPS settings Both 5 39 Routing 5 41 Static Route Configures IP settings for routing of traffic through the AP Router 5 41 Router from another subnet Dynamic Route Enables RIP protocols for the LAN and WAN ports Router 5 42 Multicast Routing Enables multicast routing Router 5 43 Firewall 5 44 NAT Configures NAT settings Router 5 44 Packet Filter Configures WAN LAN and MAC packet filtering Router 5 48 URL Filter Configures web site address filtering Router 5 50 Security Enables intrusion detection Router 5 51 Services 5 52 DHCP Configures the DHCP server settings Router 5 52 UPnP Enables UPnP Router 5 54 DDNS Configures Dynamic DNS settings Router 5 55 System Log Setting Enables system logs Both 5 56 5 System Configuration Table 5 1 Configuration Options Menu Description Mode Page Date Time Configures NTP settings Both 5 57 Ping Test Performs a loopback test on a specified IP address Both 5 59 Management 5 60 Admin Enables remote administration and configures user accounts Both 5 60 for control of the unit Config Backups and restores the configuration data and restores the Both 5 62 factory defaults Firmware Upgrades system software from a local file and enables Both 5 63 provisioning updates Information 5 63 System Information Displays the current system status Both 5 63 Routing Table Display
77. e described as follows WLAN Enables the communication for the VAP wireless interface Default Enabled WLAN Mode Defines the radio mode for the VAP interface See WLAN Mode on page 5 23 for more information Default 802 11b g n Mixed WLAN Frequency The radio channel that the wireless AP Router uses to communicate with wireless clients When multiple access points are deployed in the same area set the channel on neighboring access points at least five channels apart to avoid interference with each other For example you can deploy up to three access points in the same area using channels 1 6 11 Note that wireless clients automatically set the channel to the same as that used by the wireless AP Router to which it is linked Selecting Auto Select enables the wireless AP Router to automatically select an unoccupied radio channel The supported channels are dependent on the country code setting SSID Number Supported The number of wireless network interfaces SSIDs supported on the device Default 1 Options 1 or 2 WLAN1 SSID WLAN2 SSID The name of the wireless network service provided by the VAP Clients that want to connect to the network must set their SSID to the same as that of the VAP interface Default SMC for WLAN1 SMC for WLAN2 Range 1 32 characters 4 15 4 Initial Configuration 5 WLAN1 WLAN2 Security Sets the wireless security encryption key for the wirel
78. e provider 3G Password The password of the account registered with the service provider e Connect Type Selects the connection type as Keep Alive or Auto Connect Default Keep Alive 3G Max Idle Time The maximum length of inactive time the unit will stay connected to the DSL service provider before disconnecting This feature only works when Connect Type is set to Auto Connect Default 300 seconds 5 12 WAN Setting B Budget Control You can set a monthly limit on time or the total data For more details please refer to the following table Budget Criterion By Time Specify the amount of time in hours that can be used per month By Data Specify how much Download Upload data in MBytes can be transmitted per month Budget Policy Enable or disable the action Drop Current Cellular connection or Disallow New Cellular connection if over budget Trigger by Limit Budget By Time Set the specified percentage of time limit By Data Set the specified percentage of data limit Action if Over Budget Send an e mail alert at the specified interval in minutes The wireless AP Router can use SMTP Simple Mail Transfer Protocol to send email messages when triggered by the specified budget policy limits SMTP Authentication Specifies the user name and password for authentication or login to the SMTP server Options Plain Login or disabled Mail Server URL of the SMTP mail server tha
79. ecified for the WLAN1 interface One end of a link must be configured as the WDS Parent and the other as the WDS Child Note The network domain of WDS child has to be the same as WDS parent WDS Child Internet Service Provider WDS Parent Bez fr Cable DSL ONS Modem Wireless AP Router AP Mode 5 WAN nSP Wireless AP Router QP fo Router Mode A EA Ry yp qe D kt PC esktop i SHED IP 192 168 2 x Server IP 192 168 2 x PC IP 192 168 2 x Figure 3 4 Operating as a Wireless Bridge Chapter 4 Initial Configuration The wireless AP Router offers a user friendly web based management interface for the configuration of all the unit s features Any PC directly attached to the unit can access the management interface using a web browser such as Internet Explorer version 6 0 or above This chapter describes the wireless AP Router s configurable features all of which may be accessed through the web interface Note Before accessing the web interface first set the device to Router or AP Mode using the switch on the bottom panel Note that the unit reboots when the operating mode is changed It is recommended to make initial configuration changes by connecting a PC directly to one of the wireless AP Router s LAN ports The wireless AP Router has a default IP address of 192 168 2 1 and a subnet mask of 255 255 255 0 If your PC is set to Obtain an IP address automatically that is set as
80. ed Frequency The channel frequency being used by the radio WLAN SSID The service set identifier for WLAN1 Default SMC WLAN MAC Address The physical layer address for WLAN1 WDS Mode Disabled WDS Encryption Type None WDS MAC List Figure 5 70 System Information WDS Statistics WDS Displays the basic WDS information Note WDS information only applies to WLAN1 WDS Mode The WDS mode in which WLAN1 is set to operate WDS Encryption Type The encryption type used by WLAN1 WDS MAC List Displays any entries in the WDS MAC list Maximum 4 Routing Table This page displays the information necessary to forward a packet along the best path toward its destination Each packet contains information about its origin and destination When a packet is received a network device examines the packet and matches it to the routing table entry providing the best match for its destination The table then provides the device with instructions for sending the packet to the next hop on its route across the network Note The Routing Table is only available when the wireless AP Router is set to Router Mode 0 192 168 2 0 0 0 0 0 255 255 255 0 Figure 5 71 Routing Table Router Mode e Destination Displays all destination networks or specific hosts to which packets can be routed e Gateway Displays the IP address of the router at the next hop to which matching frames are forwarded e
81. em log messages only Debug messages carry information for debugging software Category Select the category of syslog a A messages sent to the wireless AP Router aS Default All All Displays all categories of message 3 Kernel Displays system log messages concerned with Linux Kernel base code problems only Process Displays system log messages concerned with all other process other than the Linux Kernel including communication through the wireless AP Router s ports 5 68 Status Information 5 Refresh Refreshes the System Log display to display the most recent messages received Date Time The date and time of receival of the system log message Facility Priority The priority level of the system log message Category The category of system log message Info Additional informative content that may help isolate the cause of the problem that prompted the system log message 3G Access History Displays the budget control parameters and 3G access statistics When both time and data are under budget limit Budget Control Parameters Budget Control enable Yes Time Budget Control Yes Max Time Budget Percent of time pre limit 1hours 44 gt 26 4 Minutes Data Budget Control Yes Data Budget Traffic flow Download Max Data Budget Percent of data pre limit 3MB 33 gt 0 99 MB Drop Current Connection When Over Budget Yes Disallow New Connection When Ov
82. endix C License Information This product includes copyrighted third party software subject to the terms of the GNU General Public License GPL GNU Lesser General Public License LGPL or other related free software licenses The GPL code used in this product is distributed WITHOUT ANY WARRANTY and is subject to the copyrights of one or more authors For details refer to the section The GNU General Public License below or refer to the applicable license as included in the source code archive The GNU General Public License GNU GENERAL PUBLIC LICENSE Version 2 June 1991 Copyright C 1989 1991 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed Preamble The licenses for most software are designed to take away your freedom to share and change it By contrast the GNU General Public License is intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This General Public License applies to most of the Free Software Foundation s software and to any other program whose authors commit to using it Some other Free Software Foundation software is covered by the GNU Library General Public License instead You can apply it to your programs too When we speak of free software we are referring to freedom not price Our
83. equested destination address is not on the local subnet WAN Setting B WAN IP Alias Adds more than one IP address to the network interface for multiple connectivity Enable Enables the specified IP address Add Specifies a WAN IP alias Change Changes the already specified IP alias Delete Deletes the IP alias PPPoE Enable the wireless AP Router IP address to be assigned automatically from an Internet service provider ISP through an ADSL modem using Point to Point Protocol over Ethernet PPPoE an cee O Static IP ODHCP PPPoE 3G OPPTP OL2TP O Bigpond O WiFi Dual WAN None StaticIP DHCP PPPO0OEO3G PPTP L2TP Backup WAN Bigpond O WiFi PPPoE PPPoE MTU 1492 bytes PPPoE MRU 1492 bytes He Network O static IP O DHCP A sane Optional PPPoE Username PPPOE_USERNAME PPPoE Password eeeecceccccece Connect Type Keep Alive v EE 600 seconds default 600 Time Common Settings pg eas Auto Negotiated iy default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 01 80 36 94 21 MAC Clone Ping from WAN Allowed Set DNS Server O Manually Automatically Figure 5 26 WAN Settings for PPPoE Router mode PPPoE Configures PPPoE PPPoE MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU is expressed in bytes Default 1492 bytes 5 System Configuration PPPoE MRU Sets the maximum
84. er Budget Yes Billing Starting Date 1 th day per month Data Budget Status SAFE Time Budget Status SAFE Email Alert No 3G Access Statistics Forced Reset Budget Connection time minutes Summated Elapsed time minutes Total Transfer MB 0 0 0 0 0 0 Figure 5 74 3G Access History under budget limit When the time budget has reached its limit Budget Control Parameters Budget Control enable Yes Time Budget Control Yes Max Time Budget Percent of time pre limit 1hours 44 gt 26 4 Minutes Data Budget Control Yes Data Budget Traffic flow Download Max Data Budget Percent of data pre limit 3MB 33 gt 0 99 MB Drop Current Connection When Over Budget Yes Disallow New Connection When Over Budget Yes Billing Starting Date 1 th day per month Data Budget Status SAFE Time Budget Status REACH Pre Limit Email Alert No 3G Access Statistics Forced Reset Budget Connection time minutes Summated Elapsed time minutes Total Transfer MB Jan 12 13 22 43 0 400167 58 4687 0 039704 0 022597 0 017107 Figure 5 75 3G Access History time limit reached 5 69 5 System Configuration When the time limit is over the budget Yes Yes 1hours 44 gt 26 4 Minutes Yes Download 3MB 33 gt 0 99 MB Yes Yes 1 th day per month SAFE OVER No gir Connection time minutes Summated Elapsed time minutes Total Transfer MB Jan 12 13 25 33 1 5945 59 663 0 05975 0 032621 0 027129 Figure 5
85. er Network WAN Y RADIUS Server Network options to specify if the server is located on the local area network or wide area network Default WAN RADIUS Server Key RADIUS Server Address Specifies the IP address of the RADIUS server RADIUS Server Port The User Datagram Protocol UDP port number used by the RADIUS server for authentication messages Range 1024 65535 Default 1812 RADIUS Server Key A shared text string used to encrypt messages between the access point and the RADIUS server Be sure that the same text string is specified on the RADIUS server Do not use blank spaces in the string Maximum length 20 characters RADIUS Server Address RADIUS Server Port 5 32 Wireless Settings 5 WDS Settings The WLAN 1 radio interface can be configured to operate in a mode that allows it to forward traffic directly to other access point units To set up links between access point units you must configure the Wireless Distribution System WDS forwarding table by specifying the wireless MAC address of all units to which you want to forward traffic Traffic forwarded to WDS links is automatically converted to 802 11 four address format frame This uses the MAC addresses of the station and that of the AP connected to it on the transmitting LAN and the MAC addresses of the AP functioning as a wireless repeater bridge and that of the station connected to it ona neighboring LAN in the 802 11 frame heade
86. ering configuration from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured packet filter that denies forwarding in to the local area network to the list 5 49 5 System Configuration Edit Click Edit to highlight a preconfigured packet filtering rule for changing its parameters Delete Deletes a packet filtering rule from the list URL Filter By filtering inbound Uniform Resource Locators URLs the risk of compromising the network can be reduced URLs are commonly used to point to websites By specifying a URL or a keyword contained in a URL traffic from that site may be blocked Click Network Settings followed by URL Filter J URL Filter RERE Menable By filtering inbound Uniform Resource Locators URLs the risk of compromising the network can be reduced Client IP URL Filter String Enable 132 167 1 1 XXX Delete Disable 139 168 1 1 adult Delete Figure 5 51 URL Filtering Router mode URL Filter Globally enables URL filtering Default Enabled maximum 32 entries are allowed Enable Enables the filtering rule on a specified LAN IP address Default Disabled e Client IP Specifies the LAN IP address that traffic should be blocked from URL Filter String Specifies either a string or a specific website address that traffic is to be blocked from May be in the form of a text
87. es the filtering rule on a specified IP address and TCP UDP port Default Disabled Source IP Specifies the IP address to block WAN traffic from Destination Port Specifies the port to block traffic from the specified WAN IP address from reaching Protocol Specifies the destination port type TCP or UDP Default TCP Block Specifies if traffic should be blocked Always or configured by Schedule Day Specifies the day or days of the week on which to block traffic Time Specifies the time of day during which to block traffic Action Specifies an action to take on the WAN packet filtering configuration Firewall 5 Change By selecting a packet filtering configuration from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured packet filter that denies forwarding in to the local area network to the list Edit Click Edit to highlight a packet filtering rule in the list for changing its parameters Delete Deletes a packet filtering rule from the list LAN Packet Filter Globally enables LAN packet filtering Default Enabled maximum 32 entries are allowed Enable Enables the filtering rule on a specified IP address and TCP UDP port Default Enabled Source IP Specifies the IP address to block LAN traffic from Destination Port Specifies the port to block traffic from the specified LAN IP
88. ess network Authentication Mode WPAIWPA2 Enterprise m Encryption Type TKIP v RADIUS Server Network WAN RADIUS Server Address 0 0 0 0 RADIUS Server Port 11812 RADIUS Server Key o i WDS Disabled v default disabled AP Client Support C Enable Figure 4 18 Setup Wizard WLAN1 Security Authentication Mode Configures the authentication mode used by clients See Authentication Mode on page 5 29 for more information WLAN1 WLAN2 Defaults Open D Click Finish amp Reboot after completing the configuration changes Note that all configuration changes are not saved until the Setup Wizard is completed and the system has restarted When the system restarts a countdown window displays for 60 seconds Setup Wizard AR Please wait 53 seconds for reboot Figure 4 19 Implementing Wizard Settings 4 16 Chapter 5 System Configuration The wireless AP Router offers a user friendly web based management interface for the configuration of all the unit s features Any PC directly attached to the unit can access the management interface using a web browser such as Internet Explorer version 6 0 or above This chapter describes the wireless AP Router s configurable features all of which may be accessed through the web interface Note Before accessing the web interface first set the device to Router or AP Mode using the switch on the bottom panel Note that the unit reboots when the o
89. g Protection Enables a backward b g Protection Auto e compatible protection system for HT Operation Mode prom 802 11b clients There are three modes HT Channel Bandwidth pao Default Auto HT TX Aggregate MSDU Auto The wireless AP Router enables its protection mechanism for 802 11b clients when they are detected in the network When 802 11b clients are not detected the protection mechanism is disabled Always On Forces the unit to always use protection for 802 11b clients whether they are detected in the network or not Always Off Forces the unit to never use protection for 802 11b clients This prevents 802 11b clients from connecting to the network Note Enabling Always On b g Protection can slow throughput for 802 11g n clients by as much as 50 HT Operation Mode Packets from HT Operation Mode Mixed y 802 11n clients are referred to as High HT Channel Bandwidth Throughput HT Greenfield packets in other yr Guard interval Green Fiald words packets that can be transmitted at rates of up to 300 Mbps assuming that HT Channel Bandwidth is set to 20 40Mhz see HT Channel Bandwidth next page 5 25 5 System Configuration Note Some 802 11n wireless clients may be capable of transmission rates of up to 600 Mbps however the wireless AP Router will only be able to connect to them at a maximum transmission rate of 300 Mbps 802 11b g packets are referred to as non HT packets being t
90. ge to save parameters once you have updated them Add Adds a newly configured port that allows forwarding in to the local area network to the list Edit Click Edit to highlight a forwarding port rule in the list for changing its parameters Delete Deletes a port forwarding rule from the list 5 47 5 System Configuration Packet Filtering The wireless AP Router provides extensive firewall protection through packet filtering Packet filtering restricts connection parameters to limit the risk of intrusion and defends against a wide array of common hacker attacks Packet filtering allows the unit to permit deny or proxy traffic through its ports WAN Packet Filter ES Enable Uses IP Filters to deny particular WAN IP addresses from the Internet o Top m Aways w an m 00 00 m 00 00 m Change Ada LAN Packet Filter Uses IP Filters to deny particular LAN IP addresses from accessing the Internet LAN Packet Filter Enable o a a Ter y le CA e All se 00 00 00 00 Change MAC Packet Filter MAC Packet Filter Menable Uses MAC Filters to deny computers within the local area network from accessing the Internet I se o Always E ai sw 00 00 w 00 00 w Change Figure 5 50 Packet Filtering Router mode WAN Packet Filter Globally enables WAN packet filtering Default Enabled maximum 32 entries are allowed Enable Enabl
91. h the interface due to errors Send Errs The total number of outbound packets that could not be delivered through the interface due to errors 5 67 5 System Configuration System Logs The wireless AP Router supports a logging process that controls error messages saved to memory or sent to a Syslog server The logged messages serve as a valuable tool for isolating wireless AP Router and network problems The Events Log page displays the latest messages logged in chronological order from the newest to the oldest Log messages saved in the wireless AP Router s memory are erased when the device is rebooted OS Priority Category y Refresh Facility ae Figure 5 73 Syslog Settings Priority Select the priority level of syslog Priority AI messages to be sent to the wireless AP Router Default All All Displays all logging messages Category All v e Alert An error condition requiring immediate user intervention to prevent a problem e Critical An error condition that may require user intervention Error An error condition that does not cause significant problems with normal operation Warning An error condition that does not cause system problems but may require attention e Notice A system condition that does not cause system problems but should be noted Info Informational message only Debug Displays the lowest level of syst
92. hared Key This option is available only when Authentication Mode is set to WPA Personal WPA2 Personal or WPA WPA2 Personal Enter a key as an easy to remember form of letters and numbers The WDS WPA WPA2 Preshared Key can be input as ASCII string 8 63 characters or Hexadecimal format length is 64 MAC Access Control Lists Wireless clients can be authenticated for network access by checking their MAC address against a local database configured on the wireless AP Router You can configure a list of up to 32 wireless client MAC addresses in the filter list to either allow or deny network access MAC ACL configuration is the same for both WLAN1 and WLAN2 MAC Access Policy MAC Access Disabled xi The MAC address filter can be configure Policy default disabled to allow or deny network access to liste clients Selects Allow All but Reject those on MAC List to permit access from all MAC addresses except those on the ACL list or Reject All but Allow those on MAC List to block access from all MAC addresses except those on the ACL list o a E Disable 1a 22 33 44 2b 10 MAC Figure 5 44 MAC Filter WLAN1 WLAN2 MAC Access Control Setting Configures all MAC ACL parameters Maximum 64 entries are allowed MAC Access Policy The MAC address filter can be configured to allow or deny network access to listed clients Select Allow All but Reject those on MAC List to permit access from all MAC a
93. he WAN port number or a port range for example 4040 4080 Range 1 65535 Protocol Specifies the port type TCP or UDP Default TCP LAN IP The IP address of the server on the local Ethernet network The specified address must be in the same subnet as the wireless AP Router and its DHCP server address pool LAN Port Specifies the LAN port number or a port range for example 4040 4080 Range 1 65535 Action Specifies an action to take on the virtual server map Change By selecting a configured virtual server map from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured map to the list Edit Click Edit to highlight a mapping rule entry in the list for changing its parameters Delete Deletes a mapping rule from the list Port Trigger Port triggering is a way to automate port forwarding in which outbound traffic on predetermined ports triggering ports causes inbound traffic to specific incoming ports to be dynamically forwarded to the initiating host while the outbound ports are in use Maximum 32 entries are allowed Enable Enables port triggering on the specified ports Default Disabled Trigger Port Specifies the outbound port or port range for example 4040 4080 Range 1 65535 or number1 number2 Trigger Type Specifies the trigger port type TCP or UDP Defaul
94. his device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment IMPORTANT NOTE FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator and your body End users must follow the specific operating instructions for satisfying RF exposure compliance This transmitter must not be co located or operating in conjunction with any other antenna or transmitter IEEE 802 11b 802 11g or 802 11n operation of this product in the U S A is firmware limited to channels 1 through 11 The availability of some specific channels and or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination The firmware setting is not accessible by the end user Following three 3G cards have passed co located EMC RF exposure test with this device and can be used with this device Other 3G cards may or may not comply with FCC rules please consult the manufacturer
95. his page are described in the sections that follow WAN Connection By default the access point WAN port is configured with DHCP enabled After you have network access to the access point you can use the web browser interface to modify the initial IP configuration if needed The options are Static IP DHCP PPPoE 3G PPTP L2TP Bigpond and WiFi Each option changes the parameters displayed below it Default DHCP Backup WAN A backup failsafe connection for the WAN port Dual WAN Options are determined by the WAN Connection selected Backup WAN and WAN Connection parameters are identical for each of their eight equivilent modes Static IP DHCP PPPoE 3G PPTP L2TP Bigpond and WiFi Default None WAN detect IP address IP address used to detect if the primary WAN connection is on or off Backup WAN detect IP address IP address used to detect if the backup WAN connection is on or off ICMP detect timeout Set the ICMP Ping time out Main WAN Fallback When the Backup WAN is enabled Main WAN Fallback can be enabled to periodically search the primary WAN port for recovery of the lost connection If connection is re established the connection switches back to the primary WAN connection Default Disabled Note When 3G is selected as the primary WAN Connection the Backup WAN must be a DSL Cable connection 4 Initial Configuration Common Settings The common settings for each WAN Connection mode are identi
96. ial Configuration Using the Setup Wizard Common Settings Static IP DHCP PPPoE 3G PPTP L2TP Bigpond WiFi Chapter 5 System Configuration Network Settings DOnna Ana A 222222 1 N 1 _ NN N 3 1 3 2 3 3 4 1 4 2 4 4 4 6 4 7 4 8 4 11 4 12 4 13 4 14 5 1 Contents Management IP 5 4 WAN Setting 5 5 WAN Connection 5 5 Backup WAN 5 5 Common Settings 5 6 DHCP 5 7 Static IP 5 8 PPPoE 5 9 3G 5 11 PPTP 5 14 L2TP 5 15 Bigpond 5 17 Wi Fi 5 18 LAN Setting 5 19 QoS Setting 5 20 Wireless Settings 5 22 Basic Settings 5 23 Advanced Settings 5 25 WLAN Security 5 27 MAC Access Control Lists 5 37 Wi Fi Protected Setup WPS 5 39 Routing 5 41 Static Route 5 41 Dynamic Route 5 42 Multicast Routing 5 43 Firewall 5 44 NAT 5 44 Packet Filtering 5 48 URL Filter 5 50 Security Setting 5 51 Service Settings 5 52 DHCP 5 52 UPnP Setting 5 54 DDNS Settings 5 55 System Log Settings 5 56 Date and Time Settings 5 57 Ping Test 5 59 Management Settings 5 60 Admin Accounts and Remote Administration 5 60 Config Settings 5 62 Firmware Upgrade 5 63 Status Information 5 63 System Information 5 63 Routing Table 5 66 Packet Statistics 5 67 System Logs 3G Access History Appendix A Troubleshooting Appendix B Specifications Appendix C License Information The GNU General Public License Glossary Index 5 68 5 69 A 1 C 1 C 1 Contents Chapter 1 Introduction The SMCWBR
97. ice the enrollee device can join the network by entering the wireless AP Router s PIN code 61773981 as Enrollee When the wireless AP Router is set as the enrollee device the default PIN Code for the unit is displayed Click start WPS Config to join the network WPS Config Method Selects between Wes config Method PIN Personal Identification Number x methods of broadcasting the WPS Add Enrollee PIN Code PIN Personal Identification Number beacon to network clients wanting to join the network PIN The wireless AP Router along with other WPS devices such as notebook PCs cameras or phones all come with their own eight digit PIN code When one device the WPS enrollee sends a PIN code to the wireless AP Router it becomes the WPS registrar After configuring PIN Code information you must press start WPS Config to send the beacon after which you have up to two minutes to activate WPS on devices that need to join the network PBC This has the same effect as pressing the physical WPS button that is located on the front of the wireless AP Router After checking this option and clicking Start WPS Config you have up to two minutes to activate WPS on devices that need to join the network PBC Push Button Communication 5 40 Routing 5 Add Enrollee PIN Code In Registrar mode enter the PIN Code for the WDS device that wants to join the network PIN Code of this AP In Enrollee mode thi
98. igure 5 67 System Information LAN Statistics Router mode LAN Displays the basic LAN information MAC Address The shared physical layer address for the wireless AP Router s LAN ports IP Address The IP address configured on the wireless AP Router Subnet Mask The mask that identifies the host address bits used for routing to the LAN port DHCP Server Function Indicates the DHCP server status MAC Address 00 12 CF 9B 57 C4 IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Figure 5 68 System Information Management IP Statistics AP mode Management IP related information Displays basic management IP information settings MAC Address The shared physical layer address for the wireless AP Router s LAN and WAN ports IP Address The IP address configured on the wireless AP Router Subnet Mask The mask that identifies the host address bits used for routing to the LAN port DHCP Server Function Indicates the DHCP server status WLAN Status Enable WLAN Signal Mode 802 11b g n Mixed Frequency i WLAN1 SSID SMC WLAN1 MAC Address 00 12 CF 9B 57 BE Figure 5 69 System Information WLAN Statistics 5 65 5 System Configuration WLAN Displays the basic WLAN information WLAN Status Displays if the radio is enabled or disabled Country The country for which the wireless AP Router has been set for use WLAN Mode Displays the radio mode being us
99. ine with incoming traffic and drops malicious or unwanted packets Figure 5 52 Security Setting Router mode Intrusion Detection Enables the ID system Default Disabled Drop Malicious Packet Enables the ID system to work inline with incoming traffic and drops malicious or unwanted packets Default Disabled 5 51 5 System Configuration Service Settings DHCP The wireless AP Router includes a Dynamic Host Configuration Protocol DHCP server that can assign temporary IP addresses to any attached host requesting the service The unit can support up to 253 local clients Addresses are assigned to clients from a common address pool configured on the unit Configure an address pool by specifying start and end IP addresses Be sure not to include the unit s IP address in the address pool range Click on Network Settings followed by DHCP DHCP Server M Enable default enabled ee Sarwar The Wireless AP Router includes a Assigned DHCP IP Start IP 192 168 2 100 Dynamic Host Configuration Protocol Address DHCP server that can assign End IP 192 168 2 199 temporary IP addresses to any attached host requesting the service DHCP IP Lease Time mb seconds Assigned DHCP IP Address 60 864000 Specifies the start and end IP addresses of a range that the DHCP server can allocate to DHCP clients Reserved sherry_hsiao_nb 00 1c bf 10 df 6b 192 168 2 104 Fri Jan 2 16 50 21 1970 Figure 5 53 DH
100. ithm to TKIP and WEP Authentication The process to verify the identity of a client requesting network access IEEE 802 11 specifies two forms of authentication open system and shared key Backbone The core infrastructure of a network The portion of the network that transports information from one central location to another central location where it is unloaded onto a local system Beacon A signal periodically transmitted from the access point that is used to identify the service set and to maintain contact with wireless clients Broadcast Key Broadcast keys are sent to stations using dynamic keying Dynamic broadcast key rotation is often used to allow the access point to generate a random group key and periodically update all key management capable wireless clients Dynamic Host Configuration Protocol DHCP Provides a framework for passing configuration information to hosts on a TCP IP network DHCP is based on the Bootstrap Protocol BOOTP adding the capability of automatic allocation of reusable network addresses and additional configuration options Glossary 1 Glossary Encryption Data passing between the access point and clients can use encryption to protect from interception and evesdropping Ethernet A popular local area data communications network which accepts transmission from computers and terminals File Transfer Protocol FTP A TCP IP protocol used for file transfer Hypertext Transfer
101. ivacy algorithm Simple Network Time Protocol SNTP SNTP allows a device to set its internal clock based on periodic updates from a Network Time Protocol NTP server Updates can be requested from a specific NTP server or can be received via broadcasts sent by NTP servers Temporal Key Integrity Protocol TKIP A data encryption method designed as a replacement for WEP TKIP avoids the problems of WEP static keys by dynamically changing data encryption keys Trivial File Transfer Protocol TFTP A TCP IP protocol commonly used for software downloads Glossary 3 Glossary Virtual Access Point VAP Virtual AP technology multiplies the number of Access Points present within the RF footprint of a single physical access device With Virtual AP technology WLAN users within the device s footprint can associate with what appears to be different access points and their associated network services All the services are delivered using a single radio channel enabling Virtual AP technology to optimize the use of limited WLAN radio spectrum Wi Fi Protected Access WPA employs 802 1X as its basic framework for user authentication and dynamic key management to provide an enhanced security solution for 802 11 wireless networks Wired Equivalent Privacy WEP WEP is based on the use of security keys and the popular RC4 encryption algorithm Wireless devices without a valid WEP key will be excluded from network traffic WPA Pre sh
102. le See Specifications on page B 1 for additional information on the maximum number channels available The hardware switch feature to toggle between Router and AP Mode located on the base of the wireless AP Router affects some of the Wireless Interface parameters However most radio signal parameters apply in both modes so will be described together in the following sections Changing settings in the Wireless Settings configuration and clicking submit prompts you to either Reboot for your changes to immediately take effect or Continue to continue making configuration changes without them taking effect until you next reboot Wireless Settings Configuration saved but not take effect yet Please reboot device to apply settings or continue to change another settings Figure 5 35 Changing Settings 5 22 Wireless Settings 5 Choosing to reboot after making configuration changes triggers a countdown window that requires 60 seconds to complete Management Please wait 58 seconds for reboot Figure 5 36 Implementing Changed Settings Basic Settings The Basic Setting page allows you to enable the wireless interface select which radio mode to use choose the transmit frequency and configure SSIDs Click on Wireless Settings followed by Basic Setting Note There are several variables to consider when selecting a radio mode that make it fully functional Simply selecting the mode you want is no
103. lent Privacy WEP IEEE 802 1X e Wi Fi Protected Access WPA or WPA2 The security mechanisms that may be employed depend on the level of security required the network and management resources available and the software support provided on wireless clients WLAN1 and WLANZ2 Security The wireless AP Router supports two virtual access point VAP interfaces referred to as WLAN1 and WLAN2 Each VAP functions as a separate access point and can be configured with its own security settings Note WDS settings may only be configured for WLAN1 See WDS Settings on page 5 33 WLAN2 only operates as an access point service Note Configuring WLAN1 to operate in WDS Bridge mode automatically disables WLAN2 Click Wireless Settings followed by either WLAN1 Security or WLAN2 Security 5 27 5 System Configuration ii p xi Ez 4 ASCII 5 or 13 chars ASCII 5 or 13 chars ASCII 5 or 13 chars Figure 5 39 WLAN1 Settings a 1812 Figure 5 40 WLANZ2 Settings 5 28 Wireless Settings 5 Security Settings The security settings determine the authentication mode and enable WEP keys Authentication Mode Configures the Authentication Mode Open iv authentication mode used by clients Enoreouaine ed WLAN1 WLAN2 Defaults Open ee WPA2 Personal Open Open system authentication a accepts any client attempting to connect Authentication Mode Open if the wireless AP
104. meters Up to four MAC addresses can be specified for each unit in the WDS network WDS links may either be manually configured Bridge and Repeater modes or auto discovered Lazy mode WDS Selects the WDS mode of WLAN1 Default Disabled Disabled WDS is disabled Bridge Operates as a standard bridge that forwards traffic between WDS links links that connect to other AP wireless bridges or units in Repeater or Lazy mode and an Ethernet port Only data destined for stations which are known to be on the peer Ethernet link multicast data or data with unknown destinations need to be forwarded through the WDS link The Bridge mode does not transmit a beacon unlike the other three modes In this mode the wireless AP Router may also function as a repeater Note Enabling Bridge mode disables WLAN2 Repeater Operates as a wireless repeater extending the range for remote wireless clients and connecting them to an AP connected to the wired network WDS peers must be registered with the wireless AP Router Repeater mode also supports the dual capability of the VAP functioning as an AP In this mode traffic is not forwarded to the Ethernet port from the radio interface In Repeater mode the wireless AP Router transmits a beacon Lazy Operates in an automatic mode that detects and learns WDS peer addresses from received WDS four address format frame packets without the need to configure a WDS MAC list entry This feature allo
105. nal IP addresses to one external IP address on devices at the edge PPTP Pass Through Y Enable of a network L2TP Pass Through MEnable ALG ALG m Application Layer Gateway ALG traversal filters to gt Enable be used to support address and port translation for NetMeeting ALG Enable certain application layer protocols Window Messenger File Transfer Enable DMZ ALG Demilitarized Zone DMZ enables a specified host DMZ Enable PC on the local network to access the Internet without any firewall protection Non standard FTP Port Wy WAN IP Alias WAN Port LAN IP LAN Port O lx TCP y TCP ye Top Change Add Oo TCP Add Figure 5 49 NAT Router mode NAT Setting Enables NAT related settings Network Address Translation Enables the forwarding of TCP UDP packets through a NAT device IPSec Pass Through Enables tunnelling encrypted Internet Protocol Security IPSec packets through a NAT device PPTP Pass Through Enables tunnelling Point to Point Tunneling Protocol PPTP packets through a NAT device L2TP Pass Through Enables tunnelling Layer 2 Tunnelling Protocol L2TP packets through a NAT device SIP ALG Allows SIP Application Layer Gateway ALG traversal filters to be used to support address and port translation for certain application layer protocols NetMeeting ALG Allows NetMeeting ALG traversal filters to be used to support address and port
106. nder the scope of this License You may copy and distribute the Program or a work based on it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following a Accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or b Accompany it with a written offer valid for at least three years to give any third party for a charge no more than your cost of physically performing source distribution a complete machine readable copy of the corresponding source code to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or CC License Information c Accompany it with the information you received as to the offer to distribute corresponding source code This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer in accord with Subsection b above The source code for a work means the preferred form of the work for making modifications to it For an executable work complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the executable However a
107. ng 00 00 00 00 00 00 MAC Clone Ping from WAN C Allowed Set DNS Server Manually Automatically Figure 5 30 WAN Settings for L2TP Router mode L2TP Enable the Layer Two Tunneling Protocol L2TP L2TP MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU is expressed in bytes Default 1410 bytes L2TP MRU Sets the maximum packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 1410 bytes 5 15 5 System Configuration Only change the default MTU and MRU values if specifically instructed by the PPTP service provider L2TP Network Mode Sets the L2TP IP address assignment to Static IP or DHCP Default DHCP IP Address Sets the static IP address as given by the L2TP service provider Default 0 0 0 0 available when L2TP Network Mode is set to static IP Subnet Mask Sets the static IP subnet mask Default 255 255 255 0 available when L2TP Network Mode is set to static IP Default Gateway The IP address of the gateway router for the wireless AP Router which is used if the requested destination address is not on the local subnet L2TP Username Sets the L2TP user name for the WAN port Default L2TP_USERNAME Range 1 32 characters L2TP Password Sets a L2TP password for the WAN port Default L2TP_PASSWORD Range 1 32
108. nsceiver intended for use in all EU member states and EFTA countries except in France and Italy where restrictive use applies In Italy the end user should apply for a license at the national spectrum authorities in order to obtain authorization to use the device for setting up outdoor radio links and or for supplying public access to telecommunications and or network services This device may not be used for setting up outdoor radio links in France and in some areas the RF output power may be limited to 10 mW EIRP in the frequency range of 2454 2483 5 MHz For detailed information the end user should contact the national spectrum authority in France viii This device is intended for use in the following European Community and EFTA countries Czech SMC timto prohlaSuje Ze tento Radio LAN device je ve shod se Cesky z kladn mi po adavky a dal mi p slu n mi ustanoven mi sm rnice 1999 5 ES Estonian K esolevaga kinnitab SMC seadme Radio LAN device vastavust Eesti direktiivi 1999 5 EU p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele English Hereby SMC declares that this Radio LAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Finnish SMC vakuuttaa t ten ett Radio LAN device tyyppinen laite on Suomi direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin mui
109. nt s security association information Then when the client sends an association request to the new access point the client is known to be already authenticated so it proceeds directly to key 5 31 5 System Configuration exchange and association Pre authentication support attaches a security flag to the packet header Default Disabled RADIUS Remote Authentication Dial in User Service RADIUS is an authentication protocol that uses software running on a central server to control access to RADIUS aware devices on the network An authentication server contains a database of user credentials for each user that requires access to the network A RADIUS server must be specified for the access point to implement IEEE 802 1X network access control and Wi Fi Protected Access WPA wireless security Click WLAN1 WLAN2 Security and be sure that an Enterprise mode is selected Note This guide assumes that you have already configured RADIUS server s to support the access point Configuration of RADIUS server software is beyond the scope of this guide refer to the documentation provided with the RADIUS server software RADIUS Server Network wan y RADIUS Server Address 0 0 0 0 RADIUS Server Port 1812 RADIUS Server Key Figure 5 41 RADIUS Settings RADIUS Setting Configures RADIUS server settings Note RADIUS settings only apply to WPA WPA2 or WPA WPA2 Enterprise modes e RADIUS Server Network Use the RADIUS Serv
110. o test for connectivity PING 192 168 2 1 192 168 2 1 56 data bytes 84 bytes from 192 168 2 1 icmp_seq 0 ttl 64 time 0 8 ms 84 bytes from 192 168 2 1 icmp_seq 1 ttl 64 time 0 5 ms 4 bytes from 192 168 2 1 icmp_seq 2 ttl 64 time 0 5 ms 192 168 2 1 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 0 5 0 6 0 8 ms Figure 5 59 Ping Test success A nn ama Ping Test PING Destination 200 100 1 2 The Wireless AP Router provides the function of pinging a specified IP address or URL to test for connectivity PING 200 100 1 2 200 100 1 2 56 data bytes ping sendto Network is unreachable Figure 5 60 Ping Test failure PING Destination The destination IP address to test PING Sends the request 5 59 5 System Configuration Management Settings The wireless AP Router s Management Settings menu provides the same configuration options in both Router and AP Mode These settings allow you to change the operating mode set the system time configure a management access password and upgrade the system software Admin Accounts and Remote Administration Management access to the wireless AP Router is controlled through different levels of user name and password You can also gain additional access security by using control filters such as ACLs and URL filters To protect access to the management interface you need to configure a new Administrato
111. ommon Settings Original MAC 00 12 cf 9b 57 bc WAN Ethernet MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Set DNS Server Manually Automatically Primary DNS Server 168 95 1 1 Secondary DNS caves 168 95 192 1 Figure 4 15 Setup Wizard WAN Bigpond Bigpond Username Sets the Bigpond user name for the WAN port Default BIGPOND_USERNAME Range 1 32 characters Bigpond Password Sets a Bigpond password for the WAN port Default BIGPOND_USERNAME Range 1 32 characters Bigpond Authentication Server Specifies a Bigpond authentication server Default sm server 4 13 4 Initial Configuration WiFi Enables a WAN connection to a normal remote AP over a wireless 802 11b g n connection For this WAN setting the wireless AP Router operates as a Wi Fi client to the remote AP WAN Connection Dual WAN Backup WAN Wireless Client Wireless MTU Wireless MRU Wireless Network Mode Common Settings WAN Ethernet MAC Ping from WAN Set DNS Server O Static IP ODHCP OPPPoE O 3G OPPTP OL2TP O Bigpond WiFi None O Static IP O DHCP PPPoE 3G PPTP OL2TP OBigpond WiFi 1460 bytes 1460 bytes O Static IP DHCP Original MAC 00 12 CF C8 DA 34 O Manual Setting 00 00 00 00 00 00 MAC Clone Dallowed O Manually Automatically Figure 4 16 Setup Wizard WAN WiFi e Wireless MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU
112. on com tw wan_ip_assignment 1 wan_ip 0 0 0 0 Figure 5 63 View Current Config Settings 5 62 Status Information 5 Firmware Upgrade You can update the wireless AP Router firmware by using the Firmware Update facility Firmware Browse Uploads new firmware manually by specifying Firmware File a file path Figure 5 64 Firmware Upgrade Firmware Update Allows you to upload new firmware manually by specifying a file path Make sure the firmware you want to use is on the local computer by clicking Browse to search for the firmware to be used for the update Browse Opens a directory on the local hard drive for specifying the path of the file to upload Upload Starts the upload procedure Status Information The Information pages display details on the current configuration and status of the wireless AP Router including associated wireless stations and event log messages Note The Status Information pages will display different statistics depending on the mode selected AP or Router Please refer to Installation on page 2 1 for details System Information The System Information page displays basic system information as well as Management IP WAN LAN WLAN and WDS settings The displayed settings are for status information only and are not configurable on this page This information is split into the four sections that follow Click Information followed by System Information and scroll to
113. one or more DNS servers located on the local network type the IP addresses in the text fields provided Otherwise leave the addresses as all zeros 0 0 0 0 Secondary DNS Server The IP address of the Secondary Domain Name Server on the network Using the Setup Wizard 4 Static IP Configures a static IP for the WAN port O Static IP ODHCP O PPPoE 3G OPPTP OL2TP O Bigpond WAN Connection my O WiFi Dual WAN None_ StaticIP DHCP PPPoEOQ3G PPTP L2TP Backup WAN Bigpond WiFi Static IP IP Address 0 0 0 0 Subnet Mask 255 255 255 0 v Default Gateway 0 0 0 0 Common Settings WAN Ethernet Original MAC 00 12 cf 9b 57 bc oot O Manual Setting 00 00 00 00 00 00 MAC Clone Primary DNS cava 168 95 1 1 Secondary DNS ada 168 95 192 1 Figure 4 6 Setup Wizard WAN Static IP IP Address The IP address of the wireless AP Router Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Subnet Mask The mask that identifies the host address bits used for routing to specific subnets Default Gateway The IP address of the gateway router for the wireless AP Router which is used if the requested destination address is not on the local subnet 4 Initial Configuration DHCP Enables Dynamic Host Configuration Protocol DHCP for the WAN port This setting allows the wireless AP Router to automatically obtain an IP address from a DHCP server normally operated by the Internet Service Provi
114. option changes the parameters below it Default DHCP Backup WAN A backup failsafe connection for the WAN port Dual WAN Options are determined by the WAN Connection selected Backup WAN and WAN Connection parameters are identical for each of their eight equivilent modes Static IP DHCP PPPoE 3G PPTP L2TP Bigpond and WiFi Default None Main WAN Fallback When the Backup WAN is enabled Main WAN Fallback can be enabled to periodically search the primary WAN port for recovery of the lost connection If connection is re established the connection switches back to the primary WAN connection Default Disabled Note When 3G is selected as the primary WAN Connection the Backup WAN cannot be set to 3G also 5 System Configuration Common Settings Common Settings are the same for each WAN settings This section describes the common parameters Common Settings Hoel eae Auto Negotiated default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Ping from WAN C Allowed Set DNS Server Manually Automatically Primary DNS 2 168 95 1 1 Secondary DNS son 168 95 192 1 Figure 5 23 WAN Common Settings Router Mode WAN Ethernet Speed Configures the WAN Ethernet connection speed Default Auto Negotiated Auto Negotiated Enables auto negotiation 100Mbps Full Duplex Forces 100 Mbps full duplex operation 100Mbps Half D
115. perating mode is changed It is recommended to make initial configuration changes by connecting a PC directly to one of the wireless AP Router s LAN ports The wireless AP Router has a default IP address of 192 168 2 1 and a subnet mask of 255 255 255 0 If your PC is set to Obtain an IP address automatically that is set as a DHCP client you can connect immediately to the web interface Otherwise you must set your PC IP address to be on the same subnet as the wireless AP Router that is the PC and wireless AP Router addresses must both start 192 168 2 x To access the configuration menu follow these steps 1 Use your web browser to connect to the management interface using the default IP address of 192 168 2 1 2 Log into the wireless AP Router management interface by entering the default username admin and password also smcadmin then click Login Note It is strongly recommended to change the default user name and password the first time you access the web interface For information on changing user names and passwords See Admin Accounts and Remote Administration on page 5 60 SMC 802 11n Wireless AP Router Setup Wizard Network Settings Welcome OO EQUUNg Administrator Name default admin Administrator Password default smcadmin Firewall Services Management Information Figure 5 20 Login Page 5 System Configuration The System Information page displays the System Management I
116. providers at www dyndns org www non ip com or www zoneedit com Click on Network Settings followed by DDNS DDN DDNS Menable Dynamic DNS DDNS provides users on DDNS Server Type DynDns org M the Internet with a method to tie a specific domain name to the unit s DDNS Username dynamically assigned IP address DDNS Password Confirmed Password Hostname to register Figure 5 55 DDNS Setting Router mode DDNS Enables DDNS Default Disabled DDNS Server Type Specifies the DDNS service provider DynDns org Non IP com or ZoneEdit com Default DynDns org DDNS Username Specifies your username for the DDNS service DDNS Password Specifies your password for the DDNS service Confirmed Password Prompts you to re enter your chosen password Hostname to register Specifies the prefix to identify your presence on the DDNS server Submit Saves and sends the enabled DDNS configuration to the DDNS server e Reset Restores the previous DDNS configuration information 5 55 5 System Configuration System Log Settings The wireless AP Router supports a logging process that controls error messages saved to memory or sent to a Syslog server The logged messages serve as a valuable tool for isolating wireless AP Router and network problems The System Log Settings page controls the type of logging message that the wireless AP Router can send System Log
117. r Ethernet traffic follows a three address format that is reconstructed for WDS transmission The wireless AP Router will reconstruct the frame format upon receival and transmission using the criteria of the receiving and forwarding port location and whether it is Ethernet or wireless in type Note The wireless AP Router does not support the spanning tree algorithm WDS links should be configured appropriately to avoid causing loops on the network Up to four WDS links can be specified for each unit in the WDS network The WDS link can be configured in the following combinations 1 Both two units are configured as Router Mode 2 One unit is Router Mode and one unit is AP Bridge Mode 3 Both two units are configured as AP Bridge Mode When both units are set to Router Mode be sure to check these settings Be sure each unit is configured with a different LAN IP address Be sure that only one unit has Internet access on its WAN port Be sure the DHCP server is enabled only on one unit If one unit is providing Internet access enable the DHCP server on that unit Note WDS Settings only apply to WLAN1 WLAN2Z is pre configured to AP mode unless WLAN71 is configured to act as a bridge in which case WLAN2 is disabled wDS Bridge default disabled WDS Encryption Type TKIP v WDS WPA WPA2 Pre Shared Key WDS MAC List Figure 5 42 WDS Settings 5 33 5 System Configuration WDS Setting Configures WDS related para
118. r Specifies a Bigpond authentication server Default sm server 5 17 5 System Configuration Wi Fi Enables a WAN connection to a normal remote AP over a wireless 802 11b g n connection For this WAN setting the wireless AP Router operates as a Wi Fi client to the remote AP O Static IP O DHCP O PPPoE 3G OPPTP OL2TP O Bigpond WAN Connection wis WiFi Dual WAN Backup WAN None O Static 1P O DHCP PPPoE 3G PPTP OL2TP OBigpond WiFi Common Settings alice aaa Auto Negotiated iy default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc ss O Manual Setting _00 00 00 00 00 00 MAC Clone Ping from WAN Dallowed Set DNS Server Manually Automatically Figure 5 32 WAN Settings for Wi Fi Router mode Wireless Client Enables the WLAN1 VAP to act as a wireless connection to the WAN e Wireless MTU Sets the maximum transmission units in bytes Default 1460 bytes e Wireless MRU Sets the maximum receive units in bytes Default 1460 bytes Wireless Network Mode Sets the wireless network mode Default DHCP Static IP Select this option for a static manually configured IP address DHCP Select this option to enable the client to obtain its IP address from a DHCP server Note For detailed AP Client Setting information see AP Client Settings 5 18 LAN Setting LAN Setting The wireless AP Router must have a valid IP address for management using a we
119. r s user name and password as soon as possible If a new user name and password are not configured then anyone having access to the wireless AP Router may be able to compromise the unit s security by entering the default values Once a new Administrator has been configured you can delete the default admin user name from the system Management access to the wireless AP Router through the WAN port is possible when remote administration is enabled and the connecting HTTP port or IP address is configured Access Level Password Confirm Password admin admin aa Delete user user eee Delete guest guest dd Delete emote Admini z Remote Administration BE ASEO Enable Configures remote management access for the Wireless AP Router Restart the system Reboot i Reboot Click to Reboot Reboots the Wireless AP Router Figure 5 61 Administration Settings 5 60 Management Settings 5 Admin Accounts Configures access levels usernames and passwords Maximum 32 entries are allowed Access Level Configures the access privileges that the user has admin A Admin Grants administrator level access no restrictions User Grants user level access some restrictions Guest Grants guest level access configuration settings may not be changed root user guest Note Pressing the Reset button on the back of the wireless AP Router for more than 5 seconds resets the user names and passwords to the factory defa
120. ransmitted at lower throughput rates HT mixed format frames contain a preamble compatible with the non HT receivers HT Greenfield frames do not contain a non HT compatible part Support for HT Greenfield format is optional An HT station that does not support the reception of an HT Greenfield format frame must be able to detect that an HT Greenfield format frame is an HT transmission as opposed to a non HT transmission In this case the receiver must decode the high throughput signal HT SIG in the packet header and determine if the HT SIG cyclic redundancy check CRC passes Default Mixed HT Channel Bandwidth The wireless AP Hr operation Made Mixed y Router provides a channel bandwidth of 40 HT Channel Bandwidth 20 40Mhz Y MHz by default giving an 802 11g connection Hr Guard Interval 20Mhz speed of 108 Mbps sometimes referred toas HT Tx Aggregate MSDU Turbo Mode and a 802 11n connection speed of up to 300 Mbps Setting the HT Channel Bandwidth to 20 MHz slows connection speed for 802 11g and 802 11n to 54 Mbps and 74 Mbps respectively and ensures backward compliance for slower 802 11b devices Default 20 40Mhz HT TX Aggregate MSDU This option enables Mac Service Data Unit MSDU aggregation Default Enabled WLAN1 WLAN2 Stipulates settings specific to each VAP interface Hide SSID Hiding the SSID of the VAP increases security of the network but does not allow clients to detect your presence on
121. rd phrase called a Pass Phrase 8 63 chars Y WPA WPA2 Pre Shared Key Pre Shared Key that must be manually A M S WPA Group Key Rekey Method Disabled v distributed to all clients that want to WPAZ Pairwise Master Key r Cache Interval 10_ minutes default 10 connect to the network Specify a key as ree fretuthentiation Denable an easy to remember form of letters and numbers The WPA Preshared Key can be input as ASCII string 8 63 characters or Hexadecimal format length is 64 All wireless clients must be configured with the same key to communicate with the VAP interface 5 29 5 System Configuration WPA Enterprise or WPA2 Enterprise WLEANZ Security Setting The WPA Enterprise mode uses IEEE Authentication Made WPAZ Enterprise y 802 1X as its basic framework for user Encruetion Type KP M WPA2 Pre Authentication Support Enable authentication and dynamic key management IEEE 802 1X access security uses Extensible Authentication Protocol EAP and requires a configured RADIUS authentication server to be accessible in the enterprise network If you select WPA or WPA2 Enterprise mode be sure to configure the RADIUS settings See RADIUS on page 5 32 for more information WPA WPA2 Personal The WPA WLAN2 Security Setting WPA2 Personal Mode allows both Ss EEES Personal Y WPA and WPA2 clients to join the weawens pre shereukey Pass Phrase 69 chars Y network The WPA Preshared Key can be input a
122. roduction LED Indicators The wireless AP Router includes nine status LED indicators as described in the following figure and table LAN Link Activity WAN Link Activity 802 11n Link Activity WPS Link Activity 3G USB Link Figure 1 4 LED Indicators LED Status Description POWER On Green Indicates that the system is working normally WAN On Flashing Green Indicates a valid link on the WAN Ethernet port Flashing indicates network activity Off The Ethernet port has no valid link LAN 4 LEDs On Flashing Green Indicates a valid link on the LAN Ethernet port Flashing indicates network activity Off The Ethernet port has no valid link WLAN On Flashing Green Indicates the 802 11n radio is enabled Flashing indicates wireless network activity Off ndicates the 802 11n radio is disabled WPS On for 10 seconds Indicates the WPS authentication of a device has been successfully completed Fast Flashing Green Indicates the WPS authentication of a client device is in progress Slow Flashing Green Indicates the WPS authentication of a device did not complete after 120 for 10 seconds seconds Off ndicates that WPS is not in progress Hardware Description 4 LED Status Description 3G USB Link On Indicates a connection through the attached 3G 3 5G USB modem Fast Flashing Indicates that the PIN code has failed Green Ultra F
123. rogram is threatened constantly by software patents We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses in effect making the program proprietary To prevent this we have made it clear that any patent must be licensed for everyone s free use or not licensed at all The precise terms and conditions for copying distribution and modification follow GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 1 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any such program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to say a work containing the Program or a portion of it either verbatim or with modifications and or translated into another language Hereinafter translation is included without limitation in the term modification Each licensee is addressed as you Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running the Program is not restricted and the output from the Program is covered only if its contents constitute a work based on the Program independent of having been made by running the Program Whether that is true depends
124. s ASCII string 8 63 characters or Hexadecimal format length is 64 All wireless clients must be configured with the same key to communicate with the VAP interface WPA WPAZ2 Enterprise Defines a WLAN2 Security Setting transitional mode of operation for Authentication Mode WPANWPAZ Enterprise networks moving from WPA security to Encryption Type KP m WPA2 WPA WPA2 Enterprise Mode P62 Pre Authentication Support Enable allows both WPA and WPA2 clients to associate to a common SSID interface In WPA WPA2 mixed mode the unicast encryption cipher TKIP or AES CCMP is negotiated for each client The access point advertises its supported encryption ciphers in beacon frames and probe responses WPA and WPA2 clients select the cipher they support and return the choice in the association request to the access point For mixed mode operation the cipher used for broadcast frames is always TKIP WEP encryption is not allowed ee EEES Denable Encryption Type Selects the data encryption type to use Default determined by the Authentication Mode selected None Disables data encryption Encryption Type WEP Selects WEP keys for data 2 WPA WPA2 Pre Shared Key encryption TKIP Uses Temporal Key Integrity WPA Group Key ReKey Method Disabled Protocol TKIP keys for encryption WPA specifies TKIP as the data encryption method to replace WEP TKIP avoids the problems of WEP static keys by dynamicall
125. s a special exception the source code distributed need not include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable If distribution of executable or object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place counts as distribution of the source code even though third parties are not compelled to copy the source along with the object code You may not copy modify sublicense or distribute the Program except as expressly provided under this License Any attempt otherwise to copy modify sublicense or distribute the Program is void and will automatically terminate your rights under this License However parties who have received copies or rights from you under this License will not have their licenses terminated so long as such parties remain in full compliance You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and
126. s displays the PIN Code for the wireless AP Router The default is exclusive for each unit Start WPS Config Sends a handshake beacon to devices wanting to join the network for a duration of two minutes Routing Routing setup allows a manual method that is used to set up routing between networks The network administrator configures static routes in a router by entering routes directly into the routing table of a router Static routing has the advantage of being predictable and easy to configure Static Route This screen is used to manually configure static routes to other IP networks subnetworks or hosts Click Network Settings followed by static Route Maximum 32 entries are allowed Routing 255 255 255 0 Change Add Disable 100 0 0 0 255 255 255 0 192 168 1 10 Exit Delete Disable 10 0 0 0 255 255 255 0 192 168 1 1 Delete Enable 100 10 0 0 255 255 255 0 192 168 10 1 Delete Figure 5 46 Static Route Router mode Enable Enables the configured route Default Disabled Target A destination network or specific host to which packets can be routed Netmask The subnetwork associated with the destination This is a template that identifies the address bits in the destination address used for routing to specific subnets Each bit that corresponds to a 1 is part of the network subnet number each bit that corresponds to 0 is part of the host number
127. s information on configured routes Router 5 66 Packet Statistics Displays received and sent packet statistics Both 5 67 System Log Displays the system message log Both 5 68 3G Access History Displays the 3G access history Both 5 69 Network Settings The Network Settings pages allow you to manage basic system configuration settings Note In AP mode the wireless AP Router s Network Settings options are significantly reduced Management IP Assigns an IP address for connecting to the wireless AP Router Click on Network Settings followed by Management IP Management IP Address 192 168 2 1 Subnet Mask 255 255 255 0 v Figure 5 22 IP Settings AP mode WAN Setting S Management IP Address Specifies an IP address for management of the wireless AP Router Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Default 192 168 2 1 Subnet Mask Indicates the local subnet mask Select the desired mask from the drop down menu Default 255 255 255 0 WAN Setting Specifies the Internet connection parameters Click on Network Settings followed by WAN WAN Connection By default the access point WAN port is configured with DHCP enabled After you have network access to the access point you can use the web browser interface to modify the initial IP configuration if needed The options are Static IP DHCP PPPoE 3G PPTP L2TP Bigpond and WiFi Each
128. s instead of the IP addresses If you have one or more DNS servers located on the local network type the IP addresses in the text fields provided Otherwise leave the addresses as all zeros 0 0 0 0 Secondary DNS Server The IP address of the Secondary Domain Name Server on the network DHCP DHCP Dynamic Host Control Protocol is set as default for the primary WAN connection To enable DHCP for the Backup WAN you must select 3G as the primary WAN connection z i PP PPTP i WANG OStatic IP DHCP OPPPoE O3G O OL2TP OBigpond O WiFi Dual WAN ONone StaticIP DHCP PPPoOEO3G PPTP L2TP Backup WAN Bigpond O WiFi DHCP DHCP MTU 1500 ee DHCP MRU 1500 on Common Settings ene aa Auto Negotiated i default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc oS O Manual Setting 00 00 00 00 00 00 MAC Clone Ping from WAN Dallowed Set DNS Server O Manually Automatically Figure 5 24 WAN Settings for DHCP Router mode DHCP Enables DHCP for the WAN port DHCP MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU is expressed in bytes Default 1500 bytes DHCP MRU Sets the maximum packet size that the unit may receive from other units on the network and sends a message to inform them of the set threshold Maximum Receive Unit MRU is expressed in bytes Default 1500 bytes 5 System Configuration Static IP Configures the unit to use the same I
129. s that were retained in memory Only new clients will require authentication Default Disabled Submit Enables the WPS configuration Reset Restores the previous WPS configuration information AP Security Information Provides detailed WPS statistical information WPS Configured States if WPS for wireless clients has been configured for this device Default no WPS Status Displays if there is currently any WPS traffic connecting to the wireless AP Router Options Start WSC Process Idle Default Idle SSID The service set identifier for WLAN1 Default SMC Auth Mode The method of authentication used Default Open Encryption Type The encryption type used for WLAN1 Default None WPAPSK Displays the pre shared key if WPA WPA2 has been enabled Refresh Refreshes the AP Security Information statistics WPS Config Configures WPS settings for the wireless AP Router WPS Mode The wireless AP Router wes mode as Registrar add other enrollee to this device as Registrar add other enrollee to this device can be set as a registrar master device as Enrollas add this device to other registrar or an enrollee client device AS as Registrar When the wireless AP Router is set as the registrar device enter the PIN code s of the enrollee device s and click start WPS Config to add the client s to the network Note When the wireless AP Router is the registrar dev
130. save parameters once you have updated them Add Adds a newly configured QoS entry to the table Edit Click Edit to highlight a configured QoS entry to modify its parameters Delete Deletes QoS entry from the table 5 21 5 System Configuration Wireless Settings The IEEE 802 11n interfaces include configuration options for radio signal characteristics and wireless security features The wireless AP Router can operate in five modes mixed 802 11b g n mixed 802 11b g 802 11b only 802 11g only or 802 11n only Also note that 802 11g is backward compatible with 802 11b and 802 11n is backward compatible with both 802 11b g at slower data transmit rates Each radio supports two virtual access point VAP interfaces referred to as WLAN1 and WLAN2 Each VAP functions as a separate access point and can be configured with its own Service Set Identification SSID and security settings However most radio signal parameters apply to both VAP interfaces The configuration options are nearly identical and are therefore both covered in this section of the manual Traffic to specific VAPs can be segregated based on user groups or application traffic Both VAPs can have up to 64 wireless clients whereby the clients associate with these VAPs the same as they would with a physical access point Note The radio channel settings for the access point are limited by local regulations which determine the number of channels that are availab
131. server remote users accessing services such as web or FTP at your local site through public IP addresses can be automatically redirected to local servers configured with private IP addresses In other words depending on the requested service TCP UDP port number the wireless AP Router redirects the external service request to the appropriate server located at another internal IP address For example if you set Type Public Port to TCP 80 HTTP or web and the Private IP Port to 192 168 2 2 80 then all HTTP requests from outside users will be transferred to 192 168 2 2 on port 80 Therefore by just entering the IP address provided by the ISP Internet users can access the service they need at the local address to which you redirect them The more common TCP service port numbers include HTTP 80 FTP 21 Telnet 23 and POP3 110 Some applications such as Internet gaming videoconferencing Internet telephony and others require multiple connections These applications cannot work with Network Address Translation NAT enabled If you need to run applications that require multiple connections use port mapping to specify the additional public ports to be opened for each application Click Network Settings followed by NAT 5 44 Firewall 5 NAT Network Address Translation Enable Network Address Translation NAT is a standard IPSec Pass Through Y Enable method of mapping multiple inter
132. stupna na www smc com Magyar M szaki tamogat informacio elerhet on www smc com ARALAR di www smc pre com2 is SETS ELA LIZ URI E www smcnetworks com tw ea minsamaisyanaiamuna a lan www smc asia com Sto eaea SSE www smc asia comS 2 DHA BFE LIC INTERNET E mail address techsupport smc com Driver updates http www smc com index cfm action tech_support_drivers_downloads World Wide Web http www smc com SMCWBR14 3GN 20 Mason Irvine CA 92618 Phn 949 679 8000 www smc com
133. t TCP Public Port Specifies the port to forward traffic to Public Type Specifies the forwarded port type TCP or UDP Default TCP Action Specifies an action to take on the port triggering configuration Change By selecting a configured port trigger from the table its parameters display in an editable form Click Change to save parameters once you have updated them 5 46 Firewall 5 Add Adds a newly configured port trigger to the list Edit Click Edit to highlight a port trigger rule in the list for changing its parameters Delete Deletes a port trigger rule from the list Port Forward Port forwarding sometimes referred to as tunneling is the act of forwarding a network port from one network node to another This technique can allow an external user to reach a port on a private IP address inside a LAN from the outside through a NAT enabled router Maximum 32 entries are allowed Enable Enables port forwarding on the specified port Default Disabled Forward Port Specifies the port through which traffic is forwarded Forward Type Specifies the forwarding port type TCP or UDP Default TCP Forward IP Specifies the IP address on the local network to allow external access to Action Specifies an action to take on the port forwarding configuration Change By selecting a port forwarding configuration from the table its parameters display in an editable form Click Chan
134. t enough to ensure full compatibility for that mode Information on these variables may be found in the Advanced Setting section WLAN Enable WLAN Mode 802 11b g n Mixed v WLAN Frequency 2 412GHz channel 1 SSID Number Supported 1 WLAN1 SSID SMC Figure 5 37 Basic Radio Settings WLAN Enables the communication for the VAP wireless interface Default Enabled WLAN Mode Defines the radio mode for the VAP interface Default 802 11b g n Mixed Note Enabling the wireless AP Router to communicate with 802 11b g clients in both 802 11b g n Mixed and 802 11n modes also requires that HT Operation in the Advanced Settings menu be set to Mixed Setting HT Operation to Green Field is exclusive for 802 11n client communication only and prevents 802 11 b g communication 802 11b g n Mixed All 802 11b g n clients WLAN mode aoa Y can communicate with the wireless AP 802 11 b g Mixed Router up to 300 Mbps but data WENT SSID 802 119 transmission rates may be slowed to Boa tin compensate for 802 11b g clients 5 23 5 System Configuration 802 11b g Mixed Both 802 11b and 802 11g clients can communicate with the wireless AP Router up to 108 Mbps but data transmission rates may be slowed to compensate for 802 11b clients Any 802 11n clients will also be able to communicate with the wireless AP Router but they will be limited to 802 11g protocols and data transmission ra
135. t will send the alert messages Mail Sender Specifies an e mail address on the SMTP server that can send alert messages Mail Recipient The e mail address of the recipient of the alert messages Budget Counter Select the date on which the AP Router resets the budget every month 5 13 5 System Configuration PPTP Enable the Point to Point Tunneling Protocol PPTP for implementing virtual private networks The service is provided in many European countries OStatic IP O DHCP O PPPoE 3G PPTP OL2TP OBigpond WAN Connection a O WiFi Dual WAN None StaticIP DHCP PPPoEOQ3G PPTP L2TP Backup WAN Bigpond O WiFi PPTP PPTP MTU 1460 bytes PPTP MRU 1460 bytes PPTP Network E Mode O Static IP DHCP PPTP Username PPTP_USERNAME PPTP Password eoecrcrrr saly Max ie 0 seconds default 0 forever PPTP Retry Time 0 seconds default 0 disabled PPTP Server 0 0 0 0 Common Settings et end zi Auto Negotiated default Auto Negotiated WAN Ethernet Original MAC 00 12 cf 9b 57 bc MAC O Manual Setting 00 00 00 00 00 00 MAC Clone Ping from WAN Dallowed Set DNS Server Manually Automatically Figure 5 29 WAN Settings for PPTP Router mode PPTP Enable the Point to Point Tunneling Protocol PPTP for implementing virtual private networks PPTP MTU Sets the maximum packet size that the WAN port may transmit The Maximum Transmission Unit MTU is expressed in bytes Default 1460 bytes
136. tes 802 11b All 802 11b 802 119 and 802 11n clients will be able to communicate with the wireless AP Router but the 802 11g and 802 11n clients will be limited to 802 11b protocols and data transmission rates up to 11 Mbps 802 11g Both 802 11g and 802 11n clients will be able to communicate with the wireless AP Router but the 802 11n clients will be limited to 802 11g protocols and data transmission rates up to 54 Mbps Any 802 11b clients will not be able to communicate with the wireless AP Router 802 11n Only 802 11n clients can communicate with the wireless AP Router up to 300 Mbps Any 802 11b or 802 11g clients will not be able to communicate with the wireless AP Router WLAN Frequency The radio channel WLAN Frequency 2 412GHz channel 1 that the wireless AP Router uses to SSID Number Supported Serpico ene m communicate with wireless clients When WLAN1 ssid 2 417GHz channel 2 A 7 A 2 422GHz channel 3 multiple access points are deployed in the 2 427GHz channel 4 2 432GHz channel 5 same area set the channel on 2 437GHz channel 6 neighboring access points at least five 2 442GHz channel 7 ae a A 2 447 GHz channel 8 channels apart to avoid interference with 2 452GHz channel 9 2 457 GHz channel 10 each other For example you can deploy 2 462GHz channel 11 up to three access points in the same area using channels 1 6 11 Note that wireless clients automatically set the channel to the same
137. the network and requires that clients already know your SSID Default Disabled WMM Support Wi Fi Multimedia WMM also known as Wireless Multimedia Extensions WME is a Wi Fi Alliance interoperability certification It provides basic Quality of Service QoS features for IEEE 802 11 wireless network Enabling WMM support provides prioritization of Wi Fi data packets on four categories voice video best effort and background Default Enabled Save Saves and enables the Advanced Wireless Setting configuration Cancel Restores the previous Advanced Wireless Setting configuration information 5 26 Wireless Settings 5 WLAN Security The wireless AP Router s wireless interface is configured by default as an open system which broadcasts a beacon signal including the configured SSID Wireless clients with a configured SSID of ANY can read the SSID from the beacon and automatically set their SSID to allow immediate connection to the wireless network To improve wireless network security you have to implement two main functions Authentication It must be verified that clients attempting to connect to the network are authorized users Traffic Encryption Data passing between the unit and clients must be protected from interception and eavesdropping For a more secure network the wireless AP Router can implement one or a combination of the following security mechanisms e Wired Equiva
138. tics and how to install the device and use its configuration software Audience This guide is for PC users with a working knowledge of computers You should be familiar with Windows operating system concepts Conventions The following conventions are used throughout this guide to show information Note Emphasizes important information or calls your attention to related features or instructions Caution Alerts you to a potential hazard that could cause loss of data or damage the system or equipment Warning Alerts you to a potential hazard that could cause personal injury Related Publications The following publication gives basic information on how to install and use the wireless AP Router Quick Installation Guide Also as part of the wireless AP Router s software there is online help that describes all configuration related features Revision History This section summarizes the changes in each revision of this guide February 2009 Revision This is the first revision of this guide This guide is valid for software release v1 0 0 6 xi xii Table of Contents Chapter 1 Introduction Package Checklist Hardware Description LED Indicators Ethernet RJ 45 Ports 3G Modem USB Port 3G Button Power Socket Reset Button WPS Button Chapter 2 Installation Router Mode AP Mode Chapter 3 Network Planning Internet Gateway Router LAN Access Point Wireless Client Wireless Bridge Chapter 4 Init
139. ults Username The name of the user The default names preset for access to the unit are root for admin level user for user level and guest for guest level Length 3 16 characters case sensitive Password The password for management access The default passwords preset for access to the unit are identical to their user names root for admin level user for user level and guest for guest level Length 3 16 characters case sensitive Confirm Password Prompts you to enter the password again for verification Action Specifies an action to take on the admin account Change By selecting a user from the table its parameters display in an editable form Click Change to save parameters once you have updated them Add Adds a newly configured user to the list Edit Click Edit to highlight a configured user for changing its parameters Delete Deletes a user entry from the list Remote Accounts Configures remote management access for the wireless AP Router Remote administration Enables remote administration Default Enabled HTTP port for remote Specifies the HTTP port for remote access Default 8888 Range 1 65535 Remote administration only from IP Configures an IP address from which to manage the unit Using an address of 0 0 0 0 enables remote management access from any IP address and is therefore recommended that the user change the default setting Default
140. uplex Forces 100 Mbps half duplex operation 10Mbps Full Duplex Forces 10 Mbps full duplex operation 10Mbps Half Duplex Forces 10 Mbps half duplex operation WAN Ethernet MAC Some ISPs limit Internet connections to a specified MAC address of one PC This setting allows you to manually change the MAC address of the wireless AP Router s WAN interface to match the PC s MAC address provided to your ISP for registration You can enter the registered MAC address manually by typing it in the boxes provided Otherwise connect only the PC with the registered MAC address to the wireless AP Router then click the MAC Clone Default Original MAC Note If you are unsure of the PC MAC address originally registered by your ISP call your ISP and request to register a new MAC address for your account Register the default MAC address of the wireless AP Router Original MAC Specifies a preset MAC address to uniquely identify the unit e Manual Setting Configures a specific MAC address to use for the WAN connection Ping from WAN Sends a ping from the wireless AP Router to the WAN connection to test for connectivity Set DNS Server Allows manual or automatic selection of DNS severs Primary DNS Server The IP address of the Primary Domain Name Server on the network A DNS maps numerical IP addresses to domain names and can be used 5 6 WAN Setting B to identify network hosts by familiar name
141. ver 4 4 5 7 software displaying version 5 56 static IP 4 5 5 7 subnet mask 4 5 5 5 5 19 5 64 system Information 5 63 system log 5 68 T time zone 5 57 TKIP 5 30 5 34 5 36 troubleshooting A 1 C 1 U UPnP 5 54 URL filter 5 50 Index 2 URLs 5 50 V virtual server mapping 5 46 WwW WAN packet filter 5 48 WAN setting 5 5 WDS MAC list 5 35 WDS settings 5 33 WEP 5 27 5 29 5 30 5 34 5 36 WLAN setting 4 15 5 23 WPA WPA2 5 27 5 29 WPS 5 39 WPS button 1 6 WPS PBC 5 40 WPS PIN 5 40 Networks TECHNICAL SUPPORT From U S A and Canada 24 hours a day 7 days a week Phn 800 SMC 4 YOU 949 679 8000 Fax 949 679 1481 English Technical Support information available at www smc com English For Asia Pacific Technical Support information available at www smc asia com Deutsch Technischer Support und weitere Information unter www smc com Espa ol En www smc com Ud podr encontrar la informaci n relativa a servicios de soporte t cnico Francais Informations Support Technique sur www smc com Portugu s Informac es sobre Suporte T cnico em www smc com Italiano Le informazioni di supporto tecnico sono disponibili su www smc com Svenska Information om Teknisk Support finns tillg ngligt p www smc com Nederlands Technische ondersteuningsinformatie beschikbaar op www smc com Polski Informacje o wsparciu technicznym sa dostepne na www smc com Cestina Technicka podpora je do
142. with a similar or functionally equivalent product during the applicable warranty term SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product The standard limited warranty can be upgraded to a Limited Lifetime warranty by registering new products within 30 days of purchase from SMC or its Authorized Reseller Registration can be accomplished via the enclosed product registration card or online via the SMC Web site Failure to register will not affect the standard limited warranty The Limited Lifetime warranty covers a product during the Life of that Product which is defined as the period of time during which the product is an Active SMC product A product is considered to be Active while it is listed on the current SMC price list As new technologies emerge older technologies become obsolete and SMC will at its discretion replace an older product in its product line with one that incorporates these newer technologies At that point the obsolete product is discontinued and is no longer an Active SMC product A list of discontinued products with their respective dates of discontinuance can be found at http www smc com index cfm action customer_service_warranty All products that are replaced become the property of SMC Replacement products may be either new or reconditioned Any replaced or repaired product carries either a 30 day limited warranty or the remainder of
143. ws the wireless AP Router to associate with other wireless AP Routers in the network and use their WDS MAC list In Lazy mode the wireless AP Router sends a beacon WDS Encryption Type Sets the WDS encryption type the options for which are determined by the Authentication Mode and the Encryption Type selected in the Security Settings Note When WDS is disabled or the WDS Encryption Type is set to none WDS 5 34 encryption is also disabled When Authentication Mode is set to Open Shared or WEP auto WEP is the only WDS encryption type When Authentication Mode is set to WPA Personal or WPA2 Personal the WDS encryption type may be TKIP or AES None Disables WDS encryption RuthenticauoniMode Open y WEP Uses WEP keys for data Encryption Type WEP y ion Default Key ID None encryption l efault Key TKIP Uses Temporal Key Integrity Authentication Mode WPA Personal Protocol TKIP keys for encryption aS a Encryption Type Ip Y replacement for WEP TKIP avoids the TKIP problems of WEP static keys by ee gt dynamically changing data encryption WPA Group Key ReKey Method Disabled v keys Wireless Settings 5 AES Uses Advanced Encryption Standard AES keys for encryption Use of AES CCMP encryption is specified as a standard requirement for WPA2 Before implementing WPA2 in the network be sure client devices are upgraded to WPA2 compliant hardware TKIP AES Use both TKIP and AES keys for encryption WPA2
144. y changing data encryption keys AES Uses Advanced Encryption Standard AES keys for encryption WPA2 uses AES Counter Mode encryption with Cipher Block Chaining Message Authentication Code CBC MAC for message integrity The AES Counter Mode CBCMAC Protocol AES CCMP provides extremely robust data confidentiality using a 128 bit key Use of AES CCMP encryption is specified as a standard requirement for WPA2 Before implementing WPAZ2 in the network be sure client devices are upgraded to WPA2 compliant hardware 5 30 Wireless Settings 5 TKIP AES Uses either TKIP or AES keys for encryption WPA WPA2 mixed modes allow both WPA and WPA2 clients to associate to a common SSID interface In mixed mode the unicast encryption cipher TKIP or AES CCMP is negotiated for each client Default Key ID Sets the WEP key used imperauit keyi for authentication 1w Default 1 Range 1 4 AG 5 4 Key 1 Key 4 Sets WEP key values T ASCII G or 13 chars Y e 3 3c The user must first choose between ASCII EAT or Hexadecimal keys At least one key Key2 ASU or 13 enar wj must be specified Each WEP key has an index number The selected key is used for authentication and encryption on the VAP interface Enter key values that match the key type and length settings Standard keys are either 5 or 13 alphanumeric characters or 10 or 26 hexadecimal digits Default ASCII no preset value WPA Group Key ReKey Method WPA
Download Pdf Manuals
Related Search