AR-5382u ADSL2+ WLAN Router User Manual Version A1.
Preface This manual provides information related to the installation and operation of this device. The individual reading this manual is presumed to have a basic understanding of telecommunications terminology and concepts. If you find the product to be inoperable or malfunctioning, please contact technical support for immediate service by email at INT-support@comtrend.com For product update, new product release, manual revision, or software upgrades, please visit our website at http://www.comtrend.
Copyright Copyright© 2010 Comtrend Corporation. All rights reserved. The information contained herein is proprietary to Comtrend Corporation. No part of this document may be translated, transcribed, reproduced, in any form, or by any means without the prior written consent of Comtrend Corporation.
Table of Contents CHAPTER 1 INTRODUCTION ........................................................................................................... 5 1.1 FEATURES ........................................................................................................................................ 5 1.2 APPLICATION ................................................................................................................................... 6 CHAPTER 2 INSTALLATION.....................................
.16.2 Trusted CA ...................................................................................................................... 64 5.17 MULTICAST.................................................................................................................................. 66 CHAPTER 6 WIRELESS .................................................................................................................... 67 6.1 BASIC ...........................................................................
Chapter 1 Introduction The AR-5382u is an 802.11n (300Mbps) Wireless ADSL2+ router. AR-5382u has four 10/100 Base-T Ethernet ports, a Wi-Fi Protected Setup (WPS) button and a Wi-Fi switch button, one USB Host, which can support 3G USB dongle, and is backward compatible with existing 802.11b (11Mbps) and 11g (54Mbps) equipment. The AR-5382u ADSL2+ router also provides state of the art security features such as 64/128 bit WEP encryption and WPA/WPA2 encryption, Firewall, and VPN pass through.
1.2 Application The following diagrams depict typical applications of the AR-5382u.
Chapter 2 Installation 2.
BACK PANEL The figure below shows the back panel of the device. ADSL Connect to the ADSL port with the ADSL RJ11 cable. LAN (Ethernet) Ports You can connect the router to up to four LAN devices using RJ45 cables. The ports are auto-sensing MDI/X and either straight-through or crossover cable can be used. Power ON Press the power button to the OFF position (OUT). Connect the power adapter to the power port. Attach the power adapter to a wall outlet or other AC source.
USB Host Port (Type A) This port can be used to connect the router to the print server. Reset Button Restore the default parameters of the device by pressing the Reset button for 5 to 10 seconds. After the device has rebooted successfully, the front panel should display as expected (see section 2.2 LED Indicators for details). NOTE: If pressed down for more than 20 seconds, the AR-5382u will go into a firmware update state (CFE boot mode).
2.2 LED Indicators The front panel LED indicators are shown below and explained in the following table. This information can be used to check the status of the device and its connections.
WiFi Button Press to start the wireless function. Press again to terminate the wireless function. WPS Button Press to start the WPS function. (See LED description above). Press again to terminate the WPS function.
Chapter 3 Web User Interface This section describes how to access the device via the web user interface (WUI) using an Internet browser such as Internet Explorer (version 5.0 and later). 3.1 Default Settings The factory default settings of this device are summarized below. • • • • • • LAN IP address: 192.168.1.1 LAN subnet mask: 255.255.255.
STEP 4: Click OK to submit these settings. If you experience difficulty with DHCP mode, you can try static IP mode instead.
STATIC IP MODE In static IP mode, you assign IP settings to your PC manually. Follow these steps to configure your PC IP address to use subnet 192.168.1.x. NOTE: The following procedure assumes you are running Windows XP. However, the general steps involved are similar for most operating systems (OS). Check your OS support documentation for further details.
3.3 Login Procedure Perform the following steps to login to the web user interface. NOTE: The default settings can be found in 3.1 Default Settings. STEP 1: Start the Internet browser and enter the default IP address for the device in the Web address field. For example, if the default IP address is 192.168.1.1, type http://192.168.1.1. NOTE: For local administration (i.e. LAN access), the PC running the browser must be attached to the Ethernet, and not necessarily to the device. For remote access (i.e.
STEP 3: After successfully logging in for the first time, you will reach this screen.
Chapter 4 Device Information The web user interface window is divided into two frames, the main menu (at left) and the display screen (on the right). The main menu has several options and selecting each of these options opens a submenu with more selections. NOTE: The menu items shown are based upon the configured connection(s) and user account privileges. For example, if NAT and Firewall are enabled, the main menu will display the NAT and Security submenus.
4.1 WAN Select WAN from the Device Info submenu to display the configured PVC(s). Heading Description Interface Name of the interface for WAN Description Name of the WAN connection Type Shows the connection type VlanMuxId Shows 802.
4.2 Statistics This selection provides LAN, WAN, ATM/PTM and xDSL statistics. NOTE: 4.2.1 These screens are updated automatically every 15 seconds. Click Reset Statistics to perform a manual update. LAN Statistics This screen shows data traffic statistics for each LAN interface.
4.2.2 WAN Statistics This screen shows data traffic statistics for each WAN interface.
4.2.3 xTM Statistics The following figure shows Asynchronous Transfer Mode (xTM) statistics.
4.2.4 xDSL Statistics The xDSL Statistics screen displays information corresponding to the xDSL type.
The ADSL example is shown here. Click the Reset Statistics button to refresh this screen. Field Description Mode G.Dmt, G.lite, T1.413, ADSL2, ADSL2+,VDSL, VDSL2 Traffic Type Channel type Interleave or Fast Status Lists the status of the DSL link Link Power State Link output power state. Line Coding (Trellis) Trellis On/Off SNR Margin (0.1 dB) Signal to Noise Ratio (SNR) margin Attenuation (0.1 dB) Estimate of average loop attenuation in the downstream direction.
Output Power (0.1 dBm) Total upstream output power Attainable Rate (Kbps) The sync rate you would obtain. Rate (Kbps) Current sync rates downstream/upstream In VDSL mode, the following section is inserted.
RS Uncorrectable Errors Total Number of RS words with uncorrectable errors HEC Errors Total Number of Header Error Checksum errors OCD Errors Total Number of Out-of-Cell Delineation errors LCD Errors Total number of Loss of Cell Delineation Total Cells Total number of ATM cells (including idle + data cells) Data Cells Total number of ATM data cells Bit Errors Total number of bit errors Total ES Total Number of Errored Seconds Total SES Total Number of Severely Errored Seconds Total UAS To
4.3 Route Choose Route to display the routes that the AR-5382u has found. Field Description Destination Destination network or destination host Gateway Next hub IP address Subnet Mask Subnet Mask of Destination Flag U: route is up !: reject route G: use gateway H: target is a host R: reinstate route for dynamic routing D: dynamically installed by daemon or redirect M: modified from routing daemon or redirect Metric The 'distance' to the target (usually counted in hops).
4.4 ARP Click ARP to display the ARP information.
4.5 DHCP Click DHCP to display all DHCP Leases.
Chapter 5 Advanced Setup Click on the link to jump to a specific section: 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 Layer 2 Interface WAN Service LAN NAT Security Parental Control Quality of Service (QoS) Routing DNS 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.
5.1 Layer 2 Interface The ATM interface screen is described here. 5.1.1 ATM Interface Add or remove ATM interface connections here. Click Add to create a new ATM interface (see Appendix F - Connection Setup). NOTE: Up to 8 ATM interfaces can be created and saved in flash memory. To remove a connection, select its Remove column radio button and click Remove.
5.1.2 PTM Interface Add or remove PTM interface connections here. Click Add to create a new connection (see Appendix F - Connection Setup). To remove a connection, select its Remove column radio button and click Remove.
5.2 WAN Service This screen allows for the configuration of WAN interfaces. Click the Add button to create a new connection. For connections on ATM or PTM WAN interfaces see Appendix F - Connection Setup. NOTE: ATM and PTM service connections cannot coexist. In Default Mode, up to 8 WAN connections can be configured; while VLAN Mux and MSC Connection Modes support up to 16 WAN connections. To remove a connection, select its Remove column radio button and click Remove.
5.3 LAN Configure the LAN interface settings and then click Apply/Save. Consult the field descriptions below for more details. GroupName: Select an Interface Group. 1st LAN INTERFACE IP Address: Enter the IP address for the LAN port. Subnet Mask: Enter the subnet mask for the LAN port. Enable IGMP Snooping: Enable by ticking the checkbox . Standard Mode: In standard mode, multicast traffic will flood to all bridge ports when no client subscribes to a multicast group – even if IGMP snooping is enabled.
Static IP Lease List: A maximum of 32 entries can be configured. To add an entry, enter MAC address and Static IP and then click Save/Apply. To remove an entry, tick the corresponding checkbox in the Remove column and then click the Remove Entries button, as shown below. DHCP Server Relay: Enable with checkbox and enter DHCP Server IP address. This allows the Router to relay the DHCP packets to the remote DHCP server. The remote DHCP server will provide the IP address.
5.4 NAT To display this option, NAT must be enabled in at least one PVC shown on the Chapter 5 Advanced Setup - . NAT is not an available option in Bridge mode. 5.4.1 Virtual Servers Virtual Servers allow you to direct incoming traffic from the WAN side (identified by Protocol and External port) to the Internal server with private IP addresses on the LAN side. The Internal port is required only if the external port needs to be converted to a different port number used by the server on the LAN side.
Field/Header Description Select a Service Or Custom Service User should select the service from the list. Or User can enter the name of their choice. Server IP Address Enter the IP address for the server. External Port Start Enter the starting external port number (when you select Custom Server). When a service is selected, the port ranges are automatically configured. External Port End Enter the ending external port number (when you select Custom Server).
Consult the table below for field and header descriptions. Field/Header Description Use Interface Select a WAN interface from the drop-down box. Select an Application Or Custom Application User should select the application from the list. Or User can enter the name of their choice. Trigger Port Start Enter the starting trigger port number (when you select custom application). When an application is selected, the port ranges are automatically configured.
5.4.3 DMZ Host The DSL router will forward IP packets from the WAN that do not belong to any of the applications configured in the Virtual Servers table to the DMZ host computer. To Activate the DMZ host, enter the DMZ host IP address and click Save/Apply. To Deactivate the DMZ host, clear the IP address field and click Save/Apply.
5.5 Security To display this function, you must enable the firewall feature in WAN Setup. For detailed descriptions, with examples, please consult Appendix A - Firewall 5.5.1 IP Filtering This screen sets filter rules that limit IP traffic (Outgoing/Incoming). Multiple filter rules can be set and each applies at least one limiting condition. For individual IP packets to pass the filter all conditions must be fulfilled. NOTE: This function is not available when in bridge mode. Instead, 5.5.
Consult the table below for field descriptions. Field Description Filter Name The filter rule label. IP Version IPv4 selected by default. Protocol TCP, TCP/UDP, UDP, or ICMP. Source IP address Enter source IP address. Source Port (port or port:port) Enter source port number or range. Destination IP address Enter destination IP address. Destination Port (port or port:port) Enter destination port number or range.
Consult the table below for field descriptions. Field Description Filter Name The filter rule label IP Version IPv4 selected by default. Protocol TCP, TCP/UDP, UDP, or ICMP. Source IP address Enter source IP address. Source Port (port or port:port) Enter source port number or range. Destination IP address Enter destination IP address. Destination Port (port or port:port) Enter destination port number or range.
Choose Add or Remove to configure MAC filtering rules. The following screen will appear when you click Add. Create a filter to identify the MAC layer frames by specifying at least one condition below. If multiple conditions are specified, all of them must be met. Click Save/Apply to save and activate the filter rule. Consult the table below for detailed field descriptions.
5.6 Parental Control This selection provides WAN access control functionality. 5.6.1 Time Restriction This feature restricts access from a LAN device to an outside network through the device on selected days at certain times. Make sure to activate the Internet Time server synchronization as described in 8.4 Internet Time, so that the scheduled times match your local time. Click Add to display the following screen. See below for field descriptions. Click Apply/Save to add a time restriction.
5.6.2 URL Filter This screen allows for the creation of a filter rule for access rights to websites based on their URL address and port number. Click Add to display the following screen. Enter the URL address and port number then click Save/Apply to add the entry to the URL filter. URL Addresses begin with “www”, as shown in this example. A maximum of 100 entries can be added to the URL Filter list. Tick the Exclude radio button to deny access to the websites listed.
5.7 Quality of Service (QoS) NOTE: QoS must be enabled in at least one PVC to display this option. (see Appendix F - Connection Setup for detailed PVC setup instructions). 5.7.1 Queue Management Configuration To Enable QoS tick the checkbox and select a Default DSCP Mark. Click Apply/Save to activate QoS.
5.7.2 Queue Configuration This function follows the Differentiated Services rule of IP QoS. You can create a new Queue entry by clicking the Add button. Enable and assign an interface and precedence on the next screen. Click Save/Reboot on this screen to activate it. Click Enable to activate the QoS Queue. Click Add to display the following screen. Name: Identifier for this Queue entry. Enable: Enable/Disable the Queue entry. Interface: Assign the entry to a specific network interface (QoS enabled).
5.7.3 QoS Classification The network traffic classes are listed in the following table. Click Add to configure a network traffic class rule and Enable to activate it. To delete an entry from the list, click Remove. This screen creates a traffic class rule to classify the upstream traffic, assign queuing priority and optionally overwrite the IP header DSCP byte. A rule consists of a class name and at least one logical condition.
Field Description Ether Type Set the Ethernet type (e.g. IP, ARP, IPv6). Source MAC Address A packet belongs to SET-1, if a binary-AND of its source MAC address with the Source MAC Mask is equal to the binary-AND of the Source MAC Mask and this field. Source MAC Mask This is the mask used to decide how many bits are checked in Source MAC Address.
5.8 Routing This following routing functions are accessed from this menu: Default Gateway, Static Route, Policy Routing, RIP and IPv6 Static Route. NOTE: 5.8.1 In bridge mode, the RIP menu option is hidden while the other menu options are shown but ineffective.
After clicking Add the following screen will display. Input the Destination IP Address, select the interface type, Input the Gateway IP, (and the Metric number if required). Then, click Apply/Save to add an entry to the routing table. 5.8.3 RIP To activate RIP, select the Enabled radio button for Global RIP Mode. To configure an individual interface (PVC), select the desired RIP Version and Operation, and then select the Enabled checkbox for that interface (PVC).
5.9 DNS 5.9.1 DNS Server Select DNS Server Interface from available WAN interfaces OR enter static DNS server IP addresses for the system. In ATM mode, if only a single PVC with IPoA or static IPoE protocol is configured, Static DNS server IP addresses must be entered. Click Apply/Save to save the new configuration.
5.9.2 Dynamic DNS The Dynamic DNS service allows you to map a dynamic IP address to a static hostname in any of many domains, allowing the AR-5382u to be more easily accessed from various locations on the Internet. To add a dynamic DNS service, click Add. The following screen will display. Consult the table below for field descriptions.
5.10 DSL The DSL Settings screen allows for the selection of DSL modulation modes. For optimum performance, the modes selected should match those of your ISP. DSL Mode Data Transmission Rate - Mbps (Megabits per second) G.Dmt Downstream: 12 Mbps Upstream: 1.3 Mbps G.lite Downstream: 4 Mbps Upstream: 0.5 Mbps T1.413 Downstream: 8 Mbps Upstream: 1.0 Mbps ADSL2 Downstream: 12 Mbps AnnexL Supports longer loops but with reduced transmission rates ADSL2+ Downstream: 24 Mbps Upstream: 1.
Advanced DSL Settings Click Advanced Settings to reveal additional options. On the following screen you can select a test mode or modify tones by clicking Tone Selection. Click Apply to implement these settings and return to the previous screen. On this screen you select the tones you want activated, then click Apply and Close.
5.11 UPnP Select the checkbox provided and click Apply/Save to enable UPnP protocol.
5.
5.13 Print Server The AR-5382u can provide printer support through an optional USB2.0 host port. If your device has this port, refer to Appendix E - Printer Server for detailed setup instructions. 5.14 Interface Grouping Interface Grouping supports multiple ports to PVC and bridging groups. Each group performs as an independent network. To use this feature, you must create mapping groups with appropriate LAN and WAN interfaces using the Add button.
To add an Interface Group, click the Add button. The following screen will appear. It lists the available and grouped interfaces. Follow the instructions shown onscreen. Automatically Add Clients With Following DHCP Vendor IDs: Add support to automatically map LAN interfaces to PVC's using DHCP vendor ID (option 60). The local DHCP server will decline and send the requests to a remote DHCP server by mapping the appropriate LAN interface. This will be turned on when Interface Grouping is enabled.
5.15 IPSec You can add, edit or remove IPSec tunnel mode connections from this page. Click Add New Connection to add a new IPSec termination rule. The following screen will display.
IPSec Connection Name User-defined label Remote IPSec Gateway Address The location of the Remote IPSec Gateway. IP address or domain name can be used. Specify the acceptable host IP on the local side. Choose Single or Subnet. If you chose Single, please enter the host IP address for VPN. If you chose Subnet, please enter the subnet information for VPN. Specify the acceptable host IP on the remote side. Choose Single or Subnet. If you chose Single, please enter the host IP address for VPN.
The Manual key exchange method options are summarized in the table below.
5.16 Certificate A certificate is a public key, attached with its owner’s information (company name, server name, personal real name, contact e-mail, postal address, etc) and digital signatures. There will be one or more digital signatures attached to the certificate, indicating that these entities have verified that this certificate is valid. 5.16.1 Local CREATE CERTIFICATE REQUEST Click Create Certificate Request to generate a certificate-signing request.
The following table is provided for your reference. Field Description Certificate Name A user-defined name for the certificate. Common Name Usually, the fully qualified domain name for the machine. Organization Name The exact legal name of your organization. Do not abbreviate. State/Province Name The state or province where your organization is located. It cannot be abbreviated. Country/Region Name The two-letter ISO abbreviation for your country.
IMPORT CERTIFICATE Click Import Certificate to paste the certificate content and the private key provided by your vendor/ISP/ITSP into the corresponding boxes shown below. Enter a certificate name and click Apply to import the local certificate. 5.16.2 Trusted CA CA is an abbreviation for Certificate Authority, which is a part of the X.509 system. It is itself a certificate, attached with the owner information of this certificate authority; but its purpose is not encryption/decryption.
Click Import Certificate to paste the certificate content of your trusted CA. The CA certificate content will be provided by your vendor/ISP/ITSP and is used to authenticate the Auto-Configuration Server (ACS) that the CPE will connect to. Enter a certificate name and click Apply to import the CA certificate.
5.17 Multicast Input new IGMP protocol configuration fields if you want modify default values shown. Then click Apply/Save.
Chapter 6 Wireless The Wireless menu provides access to the wireless options discussed below. 6.1 Basic The Basic option allows you to configure basic features of the wireless LAN interface. Among other things, you can enable or disable the wireless LAN interface, hide the network from active scans, set the wireless network name (also known as SSID) and restrict the channel set based on country requirements. Click Save/Apply to apply the selected wireless options.
Option Description Disable WMM Advertise Stops the router from ‘advertising’ its Wireless Multimedia (WMM) functionality, which provides basic quality of service for time-sensitive applications (e.g. VoIP, Video). Enable Wireless Multicast Forwarding Select the checkbox to enable this function. SSID Sets the wireless network name. SSID stands for Service Set Identifier. All stations must be configured with the correct SSID to access the WLAN.
6.2 Security The following screen appears when Wireless Security is selected. The options shown here allow you to configure security features of the wireless LAN interface. Click Save/Apply to implement new configuration settings. WIRELESS SECURITY Wireless security settings can be configured according to Wi-Fi Protected Setup (WPS) or Manual Setup. The WPS method configures security settings automatically (see 6.2.
The settings for WPA authentication are shown below. The settings for WPA-PSK authentication are shown next. WEP Encryption This option specifies whether data sent over the network is encrypted. The same network key is used for data encryption and network authentication. Four network keys can be defined although only one can be used at any one time. Use the Current Network Key list box to select the appropriate network key.
Security options include authentication and encryption services based on the wired equivalent privacy (WEP) algorithm. WEP is a set of security services used to protect 802.11 networks from unauthorized access, such as eavesdropping; in this case, the capture of wireless network traffic. When data encryption is enabled, secret shared encryption keys are generated and used by the source station and the destination station to alter frame bits, thus avoiding disclosure to eavesdroppers.
Step 2: Set the WPS AP Mode. Configured is used when the AR-5382u will assign security settings to clients. Unconfigured is used when an external client assigns security settings to the AR-5382u. NOTES: Your client may or may not have the ability to provide security settings to the AR-5382u. If it does not, then you must set the WPS AP mode to Configured. Consult the device documentation to check its capabilities.
Step 5: IIIa. Click the Save/Apply button at the bottom of the screen. PUSH-BUTTON CONFIGURATION The WPS push-button configuration provides a semi-automated configuration method. The WPS button on the rear panel of the router can be used for this purpose or the Web User Interface (WUI) can be used exclusively. The WPS push-button configuration is described in the procedure below.
Using this method, security settings are configured with a personal identification number (PIN). The PIN can be found on the device itself or within the software. The PIN may be generated randomly in the latter case. To obtain a PIN number for your client, check the device documentation for specific instructions. The WPS PIN configuration is described in the procedure below.
IV. CHECK CONNECTION Step 8: If the WPS setup method was successful, you will be able access the wireless AP from the client. The client software should show the status. The example below shows that the connection established successfully. You can also double-click the Wireless Network Connection icon from the Network Connections window (or the system tray) to confirm the status of the new connection.
6.3 MAC Filter This option allows access to the router to be restricted based upon MAC addresses. To add a MAC Address filter, click the Add button shown below. To delete a filter, select it from the MAC Address table below and click the Remove button. Option Select SSID Description Select the wireless network name from the drop-down box. SSID stands for Service Set Identifier. All stations must be configured with the correct SSID to access the WLAN.
Enter the MAC address in the box provided and click Save/Apply. 6.4 Wireless Bridge This screen allows for the configuration of wireless bridge features of the WLAN interface. See the table beneath for detailed explanations of the various options. Click Save/Apply to implement new configuration settings. Feature Description AP Mode Selecting Wireless Bridge (aka Wireless Distribution System) disables Access Point (AP) functionality, while selecting Access Point enables AP functionality.
6.5 Advanced The Advanced screen allows you to configure advanced features of the wireless LAN interface. You can select a particular channel on which to operate, force the transmission rate to a particular speed, set the fragmentation threshold, set the RTS threshold, set the wakeup interval for clients in power-save mode, set the beacon interval for the access point, set XPress mode and set whether short or long preambles are used. Click Save/Apply to set new advanced wireless options.
Field Description Channel Drop-down menu that allows selection of a specific channel. Auto Channel Timer (min) Auto channel scan timer in minutes (0 to disable) 802.11n/EWC An equipment interoperability standard setting based on IEEE 802.11n Draft 2.0 and Enhanced Wireless Consortium (EWC) Bandwidth Select 20GHz or 40GHz bandwidth. 40GHz bandwidth uses two adjacent 20GHz bands for increased data throughput. Control Sideband Select Upper or Lower sideband when in 40GHz mode. 802.
Field Description RTS Threshold Request to Send, when set in bytes, specifies the packet size beyond which the WLAN Card invokes its RTS/CTS mechanism. Packets that exceed the specified RTS threshold trigger the RTS/CTS mechanism. The NIC transmits smaller packet without using RTS/CTS. The default setting of 2347 (maximum length) disables RTS Threshold. DTIM Interval Delivery Traffic Indication Message (DTIM) is also known as Beacon Rate. The entry range is a value between 1 and 65535.
6.6 Station Info This page shows authenticated wireless stations and their status. Click the Refresh button to update the list of stations in the WLAN. Consult the table below for descriptions of each column heading. Heading Description MAC Lists the MAC address of all the stations. Associated Lists all the stations that are associated with the Access Point, along with the amount of time since packets were transferred to and from each station.
Chapter 7 Diagnostics The first Diagnostics screen is a dashboard that shows overall connection status. If a test displays a fail status, click the button to retest and confirm the error. If a test continues to fail, click Help and follow the troubleshooting procedures.
Chapter 8 Management Click on the link to jump to a specific section: 8.1 8.2 8.3 8.4 Settings System Log TR-069 Client Internet Time 8.5 Access Control 8.6 Update Software 8.7 Reboot 8.1 Settings This includes 8.1.1 Backup Settings, 8.1.2 Update Settings, and 8.1.3 Restore Default screens. 8.1.1 Backup Settings To save the current configuration to a file on your PC, click Backup Settings. You will be prompted for backup file location.
8.1.3 Restore Default Click Restore Default Settings to restore factory default settings. After Restore Default Settings is clicked, the following screen appears. Close the browser and wait for 2 minutes before reopening it. It may also be necessary, to reconfigure your PC IP configuration to match any new settings. NOTE: This entry has the same effect as the Reset button. The AR-5382u board hardware and the boot loader support the reset to default.
8.2 System Log This function allows a system log to be kept and viewed upon request. Follow the steps below to configure, enable, and view the system log. STEP 1: Click Configure System Log, as shown below (circled in Red). STEP 2: Select desired options and click Apply/Save. Consult the table below for detailed descriptions of each system log option. Option Description Log Indicates whether the system is currently recording events. The user can enable or disable event logging.
Option Description Log Level Allows you to configure the event level and filter out unwanted events below this level. The events ranging from the highest critical level “Emergency” down to this configured level will be recorded to the log buffer on the AR-5382u SDRAM. When the log buffer is full, the newer event will wrap up to the top of the log buffer and overwrite the old event. By default, the log level is “Debugging”, which is the lowest critical level.
8.3 TR-069 Client WAN Management Protocol (TR-069) allows an Auto-Configuration Server (ACS) to perform auto-configuration, provision, collection, and diagnostics to this device. Select desired values and click Apply/Save to configure TR-069 client options. The table below is provided for ease of reference. Option Description Inform Disable/Enable TR-069 client on the CPE.
Option Description Connection Request Authorization Tick the checkbox to enable. User Name Username used to authenticate an ACS making a Connection Request to the CPE. Password Password used to authenticate an ACS making a Connection Request to the CPE. URL IP address and port the ACS uses to connect to AR-5382u. The Get RPC Methods button forces the CPE to establish an immediate connection to the ACS. This may be used to discover the set of methods supported by the ACS or CPE.
8.5 Access Control 8.5.1 Passwords This screen is used to configure the user account access passwords for the device. Access to the AR-5382u is controlled through the following three user accounts: • root - unrestricted access to change and view the configuration. • support - used for remote maintenance and diagnostics of the router • user - can view configuration settings & statistics and update firmware. Use the fields below to change password settings. Click Save/Apply to continue.
8.6 Update Software This option allows for firmware upgrades from a locally stored file. STEP 1: Obtain an updated software image file from your ISP. STEP 2: Enter the path and filename of the firmware image file in the Software File Name field or click the Browse button to locate the image file. STEP 3: Click the Update Software button once to upload and install the file. NOTE: The update process will take about 2 minutes to complete.
8.7 Reboot To save the current configuration and reboot the router, click Save/Reboot. NOTE: You may need to close the browser window and wait for 2 minutes before reopening it. It may also be necessary, to reset your PC IP configuration.
Appendix A - Firewall STATEFUL PACKET INSPECTION Refers to an architecture, where the firewall keeps track of packets on each connection traversing all its interfaces and makes sure they are valid. This is in contrast to static packet filtering which only examines a packet based on the information in the packet header. DENIAL OF SERVICE ATTACK Is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have.
Example 1: Filter Name Protocol Policy Source IP Address Source Subnet Mask Source Port Dest. IP Address Dest. Subnet Mask Dest. Port Selected WAN interface : : : : : : : : : : In_Filter1 TCP Allow 210.168.219.45 255.255.0.0 80 NA NA NA br0 This filter will ACCEPT all TCP packets coming from WAN interface “br0” with IP Address/Subnet Mask 210.168.219.45/16 with a source port of 80, irrespective of the destination. All other incoming packets on this interface are DROPPED.
DAYTIME PARENTAL CONTROL This feature restricts access of a selected LAN device to an outside Network through the AR-5382u, as per chosen days of the week and the chosen times. Example: User Name Browser's MAC Address Days of the Week Start Blocking Time End Blocking Time : : : : : FilterJohn 00:25:46:78:63:21 Mon, Wed, Fri 14:00 18:00 With this rule, a LAN device with MAC Address of 00:25:46:78:63:21 will have no access to the WAN on Mondays, Wednesdays, and Fridays, from 2pm to 6pm.
Appendix B - Pin Assignments ETHERNET Ports (RJ45) ETHERNET LAN Ports (10/100Base-T) Pin Signal name Signal definition 1 TXP Transmit data (positive lead) 2 TXN Transmit data (negative lead) 3 RXP Receive data (positive lead) 4 NC Not used 5 NC Not used 6 RXN Receive data (negative lead) 7 NC Not used 8 NC Not used Table 1 Signals for ETHERNET WAN port (10/1001000Base-T) Pin Signal name Signal definition 1 TRD+(0) Transmit/Receive data 0 (positive lead) 2 TRD-(0) Transmit/
Appendix C - Specifications Hardware Interface RJ-11 X 1 for ADSL RJ-45 X 4 for LAN (10/100 Base-T auto-sense) Reset Button X 1 WPS Button X 1 Wi-Fi On/Off Button X 1 Power Switch X 1 USB Host X 1 Wi-Fi internal Antenna X2 WAN Interface ADSL2+ Downstream : 24 Mbps Upstream : 1.3 Mbps ITU-T G.992.5, ITU-T G.992.3, ITU-T G.992.1, ANSI T1.413 Issue 2, AnnexM ADSL2 Downstream : 12 Mbps Upstream : 1.3 Mbps LAN Interface Standard IEEE 802.3, IEEE 802.
Management Compliant with TR-069/TR-098/TR-111 remote management protocols, SNMP, Telnet, Web-based management, Configuration backup and restoration, Software upgrade via HTTP / TFTP / FTP server Bridge Functions • • • • Transparent bridging and learning VLAN support Spanning Tree Algorithm IGMP Proxy Routing Functions Static route, RIP, and RIPv2, NAT/PAT, DHCP Server/DHCP Relay/DHCP Client, DNS Proxy, ARP Security Functions PAP, CHAP, TCP/IP/Port filtering rules Port triggering/Forwarding,
Appendix D - WPS External Registrar Follow these steps to add an external registrar using the web user interface (WUI) on a personal computer running the Windows Vista operating system: Step 1: Enable Upnp on the Advanced Setup. Step 2: Open the Network folder and look for the BroadcomAP icon.
Step 3: On the Wireless Security screen, enable WPS by selecting Enabled from the drop down list box and set the WPS AP Mode to Unconfigured. Step 3 Step 4 Step 4: Click the Save/Apply button at the bottom of the screen. The screen will go blank while the router applies the new Wireless settings. When the screen returns, press the Config AP button, as shown above.
Step 5: Now return to the Network folder and click the BroadcomAP icon. A dialog box will appear asking for the Device PIN number. Enter the Device PIN as shown on the Wireless Security screen. Click Next. Step 6: Windows Vista will attempt to configure the wireless security settings. Step 7: If successful, the security settings will match those in Windows Vista.
Appendix E - Printer Server These steps explain the procedure for enabling the Printer Server. NOTE: This function only applies to models with an USB host port. STEP 1: Enable Print Server from Web User Interface. Select Enable on-board print server checkbox and enter Printer name and Make and model NOTE: The Printer name can be any text string up to 40 characters. The Make and model can be any text string up to 128 characters.
STEP 2: Go to the Printers and Faxes application in the Control Panel and select the Add a printer function (as located on the side menu below). STEP 3: Click Next to continue when you see the dialog box below.
STEP 4: Select Network Printer and click Next. STEP 5: Select Connect to a printer on the Internet and enter your printer link. (e.g. http://192.168.1.1:631/printers/hp3845) and click Next. NOTE: The printer name must be the same name entered in the ADSL modem WEB UI “printer server setting” as in step 1.
STEP 6: Click Have Disk and insert the printer driver CD. STEP 7: Select driver file directory on CD-ROM and click OK. STEP 8: Once the printer name appears, click OK.
STEP 9: Choose Yes or No for default printer setting and click Next. STEP 10: Click Finish.
STEP 11: Check the status of printer from Windows Control Panel, printer window. Status should show as Ready.
Appendix F - Connection Setup Creating a WAN connection is a two-stage process. 1 - Setup a Layer 2 Interface (ATM or PTM). 2 - Add a WAN connection to the Layer 2 Interface. The following sections describe each stage in turn. F1 ~ Layer 2 Interfaces Every layer2 interface operates in one of three modes: Default or VLAN Mux. A short introduction to each of these three modes is included below for reference.
F1.1 ATM Interfaces Follow these procedures to configure an ATM interface. NOTE: The AR-5382u supports up to 16 ATM interfaces. STEP 1: Go to Advanced Setup Layer2 Interface ATM Interface. This table is provided here for ease of reference. Heading Description Interface WAN interface name.
There are many settings here including: VPI/VCI, DSL Latency, DSL Link Type, Encapsulation Mode, Service Category, Connection Mode and Quality of Service. The table below shows xDSL Link Type availability with each Connection Mode. xDSL Link Type Connection Mode EoA* PPPoA IPoA Default Mode OK OK OK VLAN Mux Mode OK X X * EoA includes PPPoE, IPoE, and Bridge link types.
On the next screen, check that the ATM interface is added to the list. For example, an ATM interface on PVC 0/35 in Default Mode with an EoA Link type is shown below. To add a WAN connection, go to section G2 ~ WAN Connections. This table is provided here for ease of reference. Heading Description Interface WAN interface name.
F1.2 PTM Interfaces Follow these procedures to configure a PTM interface. NOTE: The AR-5382u supports up to four PTM interfaces. STEP 4: Go to Advanced Setup Layer2 Interface PTM Interface. This table is provided here for ease of reference. Heading Description Interface WAN interface name. DSL Latency {Path0} portID = 0 {Path1} port ID = 1 {Path0&1} port ID = 4 PTM Priority Normal or High Priority (Preemption). Connection Mode Default Mode – Single service over one interface.
There are many settings that can be configured here including: DSL Latency, PTM Priority, Connection Mode and Quality of Service. STEP 6: Click Apply/Save to confirm your choices. On the next screen, check that the PTM interface is added to the list. For example, an PTM interface in Default Mode is shown below. To add a WAN connection, go to section G2 ~ WAN Connections.
F2 ~ WAN Connections In Default Mode, the AR-5382u supports one WAN connection for each interface, up to a maximum of 8 connections. VLAN Mux and MSC support up to 16 connections. To setup a WAN connection follow these instructions. STEP 1: Go to the Advanced Setup WAN Service screen. STEP 2: Click Add to create a WAN connection. The following screen will display.
STEP 3: Choose a layer 2 interface from the drop-down box and click Next. The WAN Service Configuration screen will display as shown below. NOTE: The WAN services shown here are those supported by the layer 2 interface you selected in the previous step. If you wish to change your selection click the Back button and select a different layer 2 interface. STEP 4: For VLAN Mux Connections only, you must enter Priority & VLAN ID tags.
F2.1 PPP over ETHERNET (PPPoE) STEP 1: Select the PPP over Ethernet radio button and click Next. You can also enable IPv6 by ticking the checkbox at the bottom of this screen. STEP 2: On the next screen, enter the PPP settings as provided by your ISP. Click Next to continue or click Back to return to the previous step.
The settings shown above are described below. PPP SETTINGS The PPP Username, PPP password and the PPPoE Service Name entries are dependent on the particular requirements of the ISP. The user name can be a maximum of 256 characters and the password a maximum of 32 characters in length. For Authentication Method, choose from AUTO, PAP, CHAP, and MSCHAP.
ENABLE FULLCONE NAT This option becomes available when NAT is enabled. Known as one-to-one NAT, all requests from the same internal IP address and port are mapped to the same external IP address and port. An external host can send a packet to the internal host, by sending a packet to the mapped external address. DIAL ON DEMAND The AR-5382u can be configured to disconnect if there is no activity for a period of time by selecting the Dial on demand checkbox .
ENABLE PPP DEBUG MODE When this option is selected, the system will put more PPP connection information into the system log. This is for debugging errors and not for normal usage. BRIDGE PPPOE FRAMES BETWEEN WAN AND LOCAL PORTS (This option is hidden when PPP IP Extension is enabled) When Enabled, this creates local PPPoE connections to the WAN side. Enable this option only if all LAN-side devices are running PPPoE clients, otherwise disable it.
STEP 5: Set the IP address to which the CPE will use to relay DNS query. Click Next to continue or click Back to return to the previous step. STEP 6: The WAN Setup - Summary screen shows a preview of the WAN service you have configured. Check these settings and click Apply/Save if they are correct, or click Back to modify them. After clicking Apply/Save, the new service should appear on the main screen. To activate it you must reboot. Go to Management Reboot and click Reboot.
F2.2 IP over ETHERNET (IPoE) STEP 1: Select the IP over Ethernet radio button and click Next. You can also enable IPv6 by ticking the checkbox at the bottom of this screen. STEP 2: The WAN IP settings screen provides access to the DHCP server settings. You can select the Obtain an IP address automatically radio button to enable DHCP (use the DHCP Options only if necessary).
ENABLE NAT If the LAN is configured with a private IP address, the user should select this checkbox . The NAT submenu will appear in the Advanced Setup menu after reboot. On the other hand, if a private IP address is not used on the LAN side (i.e. the LAN side is using a public IP), this checkbox should not be selected, so as to free up system resources for improved performance. ENABLE FIREWALL If this checkbox is selected, the Security submenu will be displayed on the Advanced Setup menu after reboot.
STEP 6: Set the IP address to which the CPE will use to relay DNS query. Click Next to continue or click Back to return to the previous step. STEP 7: The WAN Setup - Summary screen shows a preview of the WAN service you have configured. Check these settings and click Apply/Save if they are correct, or click Back to modify them. After clicking Apply/Save, the new service should appear on the main screen. To activate it you must reboot. Go to Management Reboot and click Reboot.
F2.3 Bridging NOTE: This connection type is not available on the Ethernet WAN interface. STEP 1: Select the Bridging radio button and click Next. You can also enable IPv6 by ticking the checkbox at the bottom of this screen. STEP 2: The WAN Setup - Summary screen shows a preview of the WAN service you have configured. Check these settings and click Apply/Save if they are correct, or click Back to return to the previous screen.
F2.4 PPP over ATM (PPPoA) STEP 1: Click Next to continue. STEP 2: On the next screen, enter the PPP settings as provided by your ISP. Click Next to continue or click Back to return to the previous step. PPP SETTINGS The PPP username and password are dependent on the requirements of the ISP. The user name can be a maximum of 256 characters and the password a maximum of 32 characters in length. (Authentication Method: AUTO, PAP, CHAP, or MSCHAP.
ENABLE NAT If the LAN is configured with a private IP address, the user should select this checkbox . The NAT submenu will appear in the Advanced Setup menu after reboot. On the other hand, if a private IP address is not used on the LAN side (i.e. the LAN side is using a public IP), this checkbox should not be selected to free up system resources for better performance. ENABLE FIREWALL If this checkbox is selected, the Security submenu will be displayed on the Advanced Setup menu after reboot.
STEP 4: Select DNS Server Interface from available WAN interfaces OR enter static DNS server IP addresses for the system. Click Next to continue or click Back to return to the previous step. Note: In ATM mode, if only a single PVC with IPoA or static IPoE protocol is configured, Static DNS server IP addresses must be entered.
STEP 5: The WAN Setup - Summary screen shows a preview of the WAN service you have configured. Check these settings and click Apply/Save if they are correct, or click Back to modify them. After clicking Apply/Save, the new service should appear on the main screen. To activate it you must reboot. Go to Management Reboot and click Reboot.
F2.5 IP over ATM (IPoA) STEP 1: Click Next to continue. STEP 2: Enter the WAN IP settings provided by your ISP. Click Next to continue. STEP 3: This screen provides access to NAT, Firewall and IGMP Multicast settings. Enable each by selecting the appropriate checkbox . Click Next to continue or click Back to return to the previous step. ENABLE NAT If the LAN is configured with a private IP address, the user should select this checkbox .
ENABLE IGMP MULTICAST Tick the checkbox to enable Internet Group Membership Protocol (IGMP) multicast. IGMP is a protocol used by IPv4 hosts to report their multicast group memberships to any neighboring multicast routers. STEP4: Choose an interface to be the default gateway. Click Next to continue or click Back to return to the previous step. STEP 5: Select DNS Server Interface from available WAN interfaces OR enter static DNS server IP addresses for the system.
NOTE: If the DHCP server is not enabled on another WAN interface then the following notification will be shown before the next screen. STEP 7: The WAN Setup - Summary screen shows a preview of the WAN service you have configured. Check these settings and click Apply/Save if they are correct, or click Back to modify them. After clicking Apply/Save, the new service should appear on the main screen. To activate it you must reboot. Go to Management Reboot and click Reboot.