CT-820C VoIP Gateway User’s Manual Version A2.
Preface This manual provides information to network administrators. It covers the installation, operation and application of this device. The individual reading this manual is presumed to have a basic understanding of telecommunications. Technical support If you find the product to be inoperable or malfunctioning, please contact technical support for immediate service by email at INT-support@comtrend.
Table of Contents CHAPTER 1 INTRODUCTION .....................................................................................................4 1.1 FEATURES ........................................................................................................................................4 1.2 APPLICATION ...................................................................................................................................5 1.3 LED INDICATORS .................................................
IP Addresses ...................................................................................................................74 9.5.2 9.5.3 Passwords .......................................................................................................................75 9.6 UPDATE SOFTWARE .......................................................................................................................76 9.7 SAVE AND REBOOT ...........................................................................
Chapter 1 Introduction The CT-820C is a powerful WLAN VoIP Gateway, providing predictable, real-time, toll-quality voice over the Internet. The CT-820C is designed for residential and business users with broadband DSL or cable access, who need to integrate Wi-Fi AP and VoIP technologies. The CT-820C offers users easy access to the Internet via WLAN or Ethernet and provides VoIP via standard analog phones. 1.1 Features • • • • • • • • • • • • • • • • • • VoIP and router integrated 802.
1.2 Application The following diagram depicts the application of the CT-820C.
1.3 LED Indicators The front panel LED indicators are shown in this illustration and followed by detailed explanations in the table below. LED POWER Color Mode Green Green LAN 4x~1x PHONE1 Function On The device is powered up. Off The device is powered down. On An Ethernet Link is established. Off An Ethernet Link is not established. Green Blink Green On The FXS phone 1 is off hook. Off The FXS phone 1 is on hook. On The FXS phone 2 is off hook. Off The FXS phone 2 is on hook.
Chapter 2 Hardware Setup Follow the instructions below to complete the hardware setup. The diagram below shows the back panel of the device. Wi-Fi antenna Connection to Power Connect the Power jack to the power cord. Attach the power adapter to the wall outlet or other AC source. At startup, the device will perform a self-test. Wait for a few seconds until the test is finished, then the device will be ready to operate.
Chapter 3 Web User Interface This section describes how to access the device via the web user interface using an Internet browser such as Microsoft Internet Explorer (version 5.0 and later). 3.1 Default Settings The following are the default settings for the device. • • • • • • • Local (LAN access) Username: root , Password: 12345 Remote (WAN access) Username: support, Password: support LAN port IP address: 192.168.1.
3.2 TCP/IP Settings DHCP Mode When the device powers up, the DHCP server (on the device) will start automatically. To set your PC for DHCP mode, check the Internet Protocol properties of your Local Area Connection. You can set your PC to DHCP mode by selecting Obtain an IP address automatically in the dialog box shown below. STATIC IP Mode To configure the device manually, your PC must have a static IP address within the 192.168.1.x subnet.
STEP 2: Select Internet Protocol (TCP/IP) and click the Properties button. The screen should now display as below. Change the IP address to the domain of 192.168.1.x/24 (i.e. subnet mask=255.255.255.0). STEP 3: Click OK to submit the settings. 3.3 Login Procedure Perform the following steps to login to the web user interface. NOTE: The default settings for this device can be found in 3.1 Default Settings.
11
STEP 2: A dialog box will appear, such as the one below. Enter the default username and password, as defined in section 3.1 Default Settings. Click OK to continue. NOTE: The login password can be changed later (see 9.5.3 Passwords) STEP 3: After successfully logging in, you will reach this screen.
Chapter 4 Device Information The web user interface is divided into two window panes, the main menu (at left) and the display screen (on the right). The main menu has the following options: Device Info, Advanced Setup, Wireless, Voice, Diagnostics, Management. Selecting one of these options will open a submenu with more options. NOTE: The menu options available within the web user interface are based upon the device configuration and user privileges (i.e. local or remote).
4.1 WAN Select WAN from the Device Info submenu to display the configured PVC(s). The display screen table headings (above) are described in the table below. Con. ID Shows the connection ID Category Service Interface Protocol Igmp State Status IP Address Shows the ATM service classes Shows the name for WAN connection Shows connection interfaces Shows the connection type, such as PPPoE, PPPoA, etc.
4.2 Statistics The Statistics screens show detailed information for LAN or WAN Interfaces. NOTE: 4.2.1 These statistics are updated every 15 seconds. LAN Statistics This screen shows statistics for Ethernet and Wireless interfaces on the LAN. Interface Received/Transmitted - Bytes - Pkts - Errs - Drops Shows connection interfaces in the following format: nas_(VPI number_VCI number). These interfaces are devised by the system and not the user.
4.2.2 WAN Statistics This screen shows statistics for interfaces on the WAN. Service Protocol Interface Received/Transmitted - Bytes - Pkts - Errs - Drops Shows the service type, as configured by the administrator Shows the connection type, such as PPPoE, PPPoA, etc. Shows connection interfaces in the following format: nas_(VPI number_VCI number). These interfaces are devised by the system and not the user.
4.3 Route Choose Route to display the routes that the route information has learned. Field Destination Gateway Subnet Mask Flag Metric Service Interface Description Destination network or destination host Next hub IP address Subnet Mask of Destination U: route is up !: reject route G: use gateway H: target is a host R: reinstate route for dynamic routing D: dynamically installed by daemon or redirect M: modified from routing daemon or redirect The 'distance' to the target (usually counted in hops).
4.4 ARP Click ARP to display the ARP information.
4.5 DHCP Click DHCP to display the DHCP Leases information.
Chapter 5 Advanced Setup This chapter explains the setup screens for the following services: • • • WAN – Wide Area Network LAN – Local Area Network NAT – Network Address Translation • • • SECURITY QUALITY OF SERVICE ROUTING 5.1 WAN Follow the steps on the following pages to configure WAN interfaces. The screen below shows all configured WAN connections. The table below gives more details. STEP 1: Click the Edit button next to the WAN connection you wish to configure. Con.
STEP 2: The WAN Configuration screen will display as below. Quality of Service (QoS) is enabled when the box at bottom is checked (;). Click Next. STEP 3: On this screen, you can choose either PPPoE or IPoE connection types. Once you have chosen, click Next to proceed.
Important Note: For PPPoE connections follow Steps 4-6 For IPoE connections follow Steps 7-9 PPPoE –PPP over Ethernet Step 4: Enter the Username and Password and select the connection options. Review the descriptions below for more details. Click Next to continue. PPP Username/PPP Password The PPP Username and the PPP password requirement are dependent on the particular requirements of the service provider.
PPP IP Extension The PPP IP Extension is a special feature deployed by some service providers. Unless your service provider specially requires this setup, do not select it. The PPP IP Extension supports the following conditions: • • • • • • Allows only one PC on the LAN The public IP address assigned by the remote side using the PPP/IPCP protocol is actually not used on the WAN PPP interface. Instead, it is forwarded to the PC’s LAN interface through DHCP.
Enable IGMP Multicast checkbox Tick the checkbox to enable IGMP multicast (proxy). IGMP (Internet Group Membership Protocol) is a protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast device’s. STEP 6: Click Next to display the WAN Setup-Summary screen that presents the entire configuration summary review. Click Back to modify the settings. Click Save/Reboot and skip to Step 10.
IPoE – Internet Protocol over Ethernet STEP 7: The WAN IP Settings screen below allows for configuration of the connection in DHCP (automatic) or Static IP (manual) modes. Enter information provided to you by your ISP to configure the WAN IP settings. DHCP mode must be enabled when Obtain an IP address automatically is chosen. Changing the default gateway or the DNS affects the whole system.
Enable NAT If the LAN is configured with a private IP address, the user should select this checkbox. The user can then configure NAT-related features. If a private IP address is not used on the LAN side, this checkbox should not be selected, so as to free up system resources for improved performance. Enable Firewall If the firewall checkbox is selected, the user can configure the device firewall. Enable IGMP Multicast checkbox Tick the checkbox to enable IGMP multicast (proxy).
5.2 LAN Configure the device IP Address and Subnet Mask for LAN interface. Save button only saves the LAN configuration data. Save/Reboot button saves the LAN configuration data and reboots the device to apply the new configuration. IP Address: Enter the IP address for the LAN port. Subnet Mask: Enter the subnet mask for the LAN port. Enable UPnP: Tick the box to enable. Enable IGMP Snooping: Enable by ticking the box.
To configure a secondary IP address tick the checkbox shown below. IP Address: Enter the secondary IP address for the LAN port. Subnet Mask: Enter the secondary subnet mask for the LAN port. 5.3 NAT NOTE: 5.3.1 To display the NAT function, you must enable NAT in WAN Setup. Virtual Servers Virtual Servers allow you to direct incoming traffic from the WAN side (identified by Protocol and External port) to the Internal server with private IP addresses on the LAN side.
Select a Service Or Custom Server Server IP Address User should select the service from the list. Or User can enter the name of their choice. Enter the IP address for the server. External Port Start Enter the starting external port number (when you select Custom Server). When a service is selected the port ranges are automatically configured. Enter the ending external port number (when you select Custom Server). When a service is selected the port ranges are automatically configured.
5.3.2 Port Triggering Some applications require that specific ports in the device's firewall be opened for access by the remote parties. Port Trigger dynamically opens up the 'Open Ports' in the firewall when an application on the LAN initiates a TCP/UDP connection to a remote party using the 'Triggering Ports'. The device allows the remote party from the WAN side to establish new connections back to the application on the LAN side using the 'Open Ports'. A maximum of 32 entries can be configured.
Select an Application Or Custom Application Trigger Port Start Trigger Port End Trigger Protocol Open Port Start Open Port End Open Protocol User should select the application from the list. Or User can enter the name of their choice. Enter the starting trigger port number (when you select custom application). When an application is selected the port ranges are automatically configured. Enter the ending trigger port number (when you select custom application).
5.3.3 DMZ Host The device will forward IP packets from the WAN that do not belong to any of the applications configured in the Virtual Servers table to the DMZ host computer. Enter the computer's IP address and click Apply to activate the DMZ host. Clear the IP address field and click Apply to deactivate the DMZ host.
5.4 Security NOTE: 5.4.1 The Firewall must be enabled to access this option IP Filtering IP filtering allows you to create a filter rule to identify outgoing/incoming IP traffic by specifying a new filter name and at least one condition below. All of the specified conditions in this filter rule must be satisfied for the rule to take effect. Click Save/Apply to save and activate the filter. Outgoing IP Filter NOTE: The default setting for all Outgoing traffic is ACCEPTED.
Filter Name Protocol Source IP address Source Subnet Mask Source Port (port or port:port) Destination IP address Destination Subnet Mask Destination port (port or port:port) Type a name for the filter rule. TCP, TCP/UDP, UDP or ICMP. Enter source IP address. Enter source subnet mask. Enter source port number or port range. Enter destination IP address. Enter destination subnet mask. Enter destination port number or port range.
Incoming NOTE: The default setting for all Incoming traffic is BLOCKED. To add a filtering rule, click the Add button. The following screen will display. To configure the parameters, please reference the Outgoing IP Filter table.
5.4.2 Parental Control Daytime Parental Control This feature restricts access of a selected LAN device to an outside network through the router, as per chosen days of the week and the chosen times. Click Add to display the following screen. See below for instructions. Click Save/Apply to apply the settings.
User Name: Name of the Filter. Browser's MAC Address: Displays MAC address of the LAN device on which the browser is running. Other MAC Address: If restrictions are to be applied to a device other than the one on which the browser is running, the MAC address of that LAN device is entered. Days of the Week: Days of the week, when the restrictions are applied. Start Blocking Time: The time when restrictions on the LAN device are put into effect.
5.6 Routing This option allows for Default Gateway and Static Route configuration. 5.6.1 Default Gateway If Enable Automatic Assigned Default Gateway checkbox is selected, this device will accept the first received default gateway assignment from one of the enabled PVC(s). If the checkbox is not selected, enter the static default gateway and/or WAN interface. Click Save/Apply button to save it.
5.6.2 Static Route The Static Route screen lists the configured static routes. Choose Add or Remove to configure the static routes. Click the Add button and the following screen will display. Enter the destination network address, subnet mask, gateway AND/OR available WAN interface then click Save/Apply to add the entry to the routing table.
Chapter 6 Wireless The Wireless menu allow you to enable the wireless capability, hide the access point, set the wireless network name and restrict the channel set. 6.1 Basic This screen allows you to enable or disable the wireless LAN interface, hide the network from active scans, set the wireless network name (also known as SSID) and restrict the channel set based on country requirements.
Option Enable Wireless Hide Access Point SSID BSSID Country Description A checkbox that enables or disables the wireless LAN interface. When selected, the Web UI displays Hide Access point, SSID, and County settings. The default is Enable Wireless. Select Hide Access Point to protect device access point from detection by wireless active scans. If you do not want the access point to be automatically detected by a wireless station, this checkbox should be de-selected.
6.2 Security Security options include authentication and encryption services based on the wired equivalent privacy (WEP) algorithm. WEP is a set of security services used to protect 802.11 networks from unauthorized access, such as eavesdropping; in this case, the capture of wireless network traffic. When data encryption is enabled, secret shared encryption keys are generated and used by the source station and the destination station to alter frame bits, thus avoiding disclosure to eavesdroppers. 802.
Option Description Network It specifies the network authentication. When this checkbox is Authentication selected, it specifies that a network key be used for authentication to the wireless network. If the Network Authentication (Shared mode) checkbox is not shared (that is, if open system authentication is used), no authentication is provided. Open system authentication only performs identity verifications. Different authentication type pops up different settings requests. Choosing 802.
Choosing WPA-PSK, you must enter WPA Pre-Shared Key and Group Rekey Interval. WEP Encryption Encryption strength It specifies that a network key is used to encrypt the data is sent over the network. When this checkbox is selected, it enables data encryption and prompts the Encryption Strength drop-down menu. Data Encryption (WEP Enabled) and Network Authentication use the same key. A session’s key strength is proportional to the number of binary bits comprising the session key file.
6.3 MAC Filter This MAC Filter page allows access to be restricted/allowed based on a MAC address. All NICs have a unique 48-bit MAC address burned into the ROM chip on the card. When MAC address filtering is enabled, you are restricting the NICs that are allowed to connect to your access point. Therefore, an access point will grant access to any computer that is using a NIC whose MAC address is on its “allows” list.
Option MAC Restrict Mode MAC Address Description Radio buttons that allow settings of; Off: MAC filtering function is disabled. Allow: Permits PCs with listed MAC addresses to connect to the access point. Deny: Prevents PCs with listed MAC from connecting to the access point. Lists the MAC addresses subject to the Off, Allow, or Deny instruction.
6.4 Wireless Bridge This page allows you to configure wireless bridge features of the wireless LAN interface. You can select Wireless Bridge (also known as Wireless Distribution System) to disable access point functionality. Selecting Access Point enables access point functionality. Wireless bridge functionality will still be available and wireless stations will be able to associate to the AP. Select Disabled in Bridge Restrict to disable wireless bridge restriction.
6.5 Advanced The Advanced page allows you to configure advanced features of the wireless LAN interface. You can select a particular channel on which to operate, force the transmission rate to a particular speed, set the fragmentation threshold, set the RTS threshold, set the wakeup interval for clients in power-save mode, set the beacon interval for the access point and set whether short or long preambles are used. Click Apply to configure the advanced wireless options.
54g™ Rate Drop-down menu that specifies the following fixed rates: Auto: Default. Uses the 11 Mbps data rate when possible but drops to lower rates when necessary. 1 Mbps, 2Mbps, 5Mbps, or 11Mbps fixed rates. The appropriate setting is dependent on signal strength. Multicast Rate Setting multicast packet transmit rate Basic Rate Setting basic transmit rate Fragmentation Threshold A threshold, specified in bytes, that determines whether packets will be fragmented and at what size. On an 802.
Maximum Associated Clients Xpress TM Technology 54g TM Mode 54g Protection Preamble Type Transmit Power The maximum number of clients that may connect to the access point. The device supports up to 128. Xpress Technology is compliant with draft specifications of two planned wireless industry standards. Select the mode to 54g Auto for the widest compatibility. Select the mode to 54g Performance for the fastest performance among 54g certified equipment.
6.6 Station Info This page shows authenticated wireless stations and their status. BSSID Associated Authorized The BSSID is a 48bit identity used to identify a particular BSS (Basic Service Set) within an area. In Infrastructure BSS networks, the BSSID is the MAC (Medium Access Control) address of the AP (Access Point) and in Independent BSS or ad hoc networks, the BSSID is generated randomly.
Chapter 7 Voice This chapter first describes the SIP and Dial Plan configuration screens. The last section (7.3 Telephone Calls) describes how to use the VoIP (Voice over IP) and PSTN (Public Switched Telephone Network) voice services. 7.1 SIP Session Initiation Protocol (SIP) is a signaling protocol for Internet conferencing, telephony, presence, events notification and instant messaging. It is the Internet Engineering Task Force's (IETF's) standard for multimedia conferencing over IP.
To access the SIP configuration screen, click SIP from the Voice submenu. Once the settings are configured click Apply and Save All VoIP Parameters to reset the VoIP service to use the new settings.
This table describes the SIP configuration options shown on the previous page. Interface name Local Selection Preferred codec Preferred ptime Use SIP proxy Register Expire Time SIP domain name Use SIP outbound proxy Enable SIP tag matching (Uncheck for Vonage Interop). Remote server for SIP log messages DispName VoIP Phone Number Auth. ID Auth.
Enable Pass '*' Call Feature to Sip Proxy Enable Internal Call Enable Phone 1/2 Hotline FAX mode Differentiating PSTN & VoIP Ring Tone Differentiating PSTN & VoIP Dial Tone Enable Trusted IP for SIP servers Enable Phone 1/2 Call Waiting Phone 1/2 Call Forward Feature Payload for DTMF Digits, Telephony Tones and Telephony Signals. A payload type is a number from 96 to 127 that identifies the type of payload carried in the packet. The payload type should be identical on the GW and call agent.
Signaling QoS Enable Differentiated Service Configuration Assign Differentiated Services Code Point (DSCP) Mark Media Qos Enable Differentiated Service Configuration Assign Differentiated Services Code Point (DSCP) Mark you are on Phone 1. Please note that you may not be able to Call Forward from Line 1 to Line 2 and then if Line 2 is also busy to Call Forward to a 3rd party number even if you have correctly setup a rule for Call Forward on Line 2.
7.2 Dial Plan With this function you can modify the translation rules for phone numbers. This is can be done by establishing Incoming and Outgoing rules, while the Advance screen provides for even greater customization. All three screens are similar in design as can be seen in the figures below. Outgoing Incoming Advance Each screen has the same four buttons at top: Add Click this button to go to the add rule screen. Follow the detailed instructions given there.
Modify Select a dial plan rule and click this button to go to the modify rule screen. Follow the detailed instructions given there. After adjusting the values in the form, click Apply to change the dial plan rule. Apply/Save Use this button to save and apply a new Dial Plan configuration. CONFIGURATION PARAMETERS The following table of parameters is included for your reference. For more detailed instructions consult the Add/Modify rules configuration screens.
For this example, assume that the device needs to convert the following 11 digit dial sequence “123-xxx-xxxxx” into “002-xxx-xxxxx”, where “x” is any number. Here are the steps involved. Step 1: Enter any number between 0 and 32767 in the Priority field. Step 2: In the prefix field enter “123”. Step 3: Enter “3” in the Mindigit field to limit the prefix minimum to 3 digits. Step 4: Enter “11” or greater as the MaxDigit value to accept all 11 digits of the dial sequence.
7.3 Telephone Calls To make a call, simply dial the number. The dial plan (i.e. the dialed digits) is normally customized for each installation. The default dial plan delivered by Comtrend allows dialing of 4-digit extensions or direct IP addresses. Shorter extension numbers (e.g. 3-digits) can be dialed by completing the dial string with a final #.
Conference Calling To turn a two-party call into a three-party conference call, press flash and dial the third party. Wait for the party to answer, then press flash. To drop the third party and return to a two-party call, press flash again. To drop yourself out of the conference, hang up. The call will be transferred (so that the other two parties remain connected to each other).
Chapter 8 Diagnostics The Diagnostics menu provides feedback on the connection status of the device. The individual tests are listed below. If a test displays a fail status, click Rerun Diagnostic Tests at the bottom of this page to make sure the fail status is consistent. If the test continues to fail, click Help and follow the troubleshooting procedures. Test LAN Connection Description Pass: Indicates that the Ethernet interface from your computer is connected to the LAN port of this device.
Test Ping Primary Domain Name Server Description Pass: Indicates that the device can communicate with the primary Domain Name Server (DNS). Fail: Indicates that the device was unable to communicate with the primary Domain Name Server (DNS). It may not have an effect on your Internet connectivity. Therefore if this test fails but you are still able to access the Internet, there is no need to troubleshoot this issue.
Chapter 9 Management The Management section of the device supports the following maintenance functions and processes: • • • • • • • Settings System log SNMP Agent Internet Time Access Control Update software Save/Reboot 9.1 Settings The Settings screen allows for the backup, retrieval and restoration of settings. Each of these functions is accessed from the Settings submenu and described in more detail in the following discussion. 9.1.
9.1.2 Update Settings Select Update from the Settings submenu to access the screen shown below. Enter a previously saved configuration backup file in the Settings File Name field and click the Update Settings button to load it. If you forget the filename and path you can search your PC by clicking on the Browse button.
9.1.3 Restore Default Select Restore Default from the Settings submenu to access the screen shown below. Click the Restore Default Settings button to restore the device to the default firmware settings. Restoring system settings require a device reboot. The default settings can be found in section 3.1 Default Settings. After the Restore Default Configuration button is selected, the following screen appears. Close the device Configuration window and wait for 2 minutes before reopening your web browser.
9.2 System Log The System Log option under Management allows for the viewing of system events and configuration of related options. The default setting for the System Log is enabled. Follow the steps below to enable and view the System Log. STEP 1: Click Configure System Log to continue. Step 2: Select from the desired system log options (see table below) and then click Save/Apply.
Option Description Log Indicates whether the system is currently recording events. The user can enable or disable event logging. By default, it is disabled. To enable it, click Enable and then Apply button. Log Allows you to configure the event level and filter out unwanted events level below this level. The events ranging from the highest critical level “Emergency” down to this configured level will be recorded to the log buffer on the CT-820C SDRAM.
Option Description Mode Allows you to specify whether events should be stored in the local memory, or be sent to a remote syslog server, or both simultaneously. If remote mode is selected, view system log will not be able to display events saved in the remote syslog server. When either Remote mode or Both mode is configured, the WEB UI will prompt the user to enter the Server IP address and Server UDP port. 3. Click View System Log. The results are displayed in as follows.
9.3 SNMP Agent Simple Network Management Protocol (SNMP) allows a management application to retrieve statistics and status from the SNMP agent in this device. Select the desired values and click Save/Apply to configure the SNMP options.
9.4 Internet Time NOTE: Internet Time must be activated to use Parental Control (section 5.4.2) The Internet Time option under the Management submenu configures the time settings of the device. To automatically synchronize with Internet timeservers, tick the corresponding box displayed on this screen, then click Save/Apply. On the screen below, choose your Time Zone and click Save/Apply to continue. Field Descriptions First NTP time server: Select your required server.
9.5 Access Control The Access Control option under Management menu bar configures access related parameters in three areas: Services, IP Addresses, and Passwords. Use Access Control to control local and remote management settings for the device. 9.5.1 Services The Services option limits or opens the access services over the LAN or WAN. These access services are available: FTP, HTTP, ICMP, SSH, TELNET, and TFTP. Enable a service by ticking its checkbox. Click Save/Apply to continue.
9.5.2 IP Addresses The IP Addresses option limits local access by IP address. When the Access Control Mode is enabled, only the IP addresses listed here can access the device. Before enabling Access Control Mode, add IP addresses with the Add button. On this screen, enter the IP address of a local PC which you wish to give management permissions. Click Save/Apply to continue.
9.5.3 Passwords The Passwords option configures the user account access passwords for the device. Access to the device is limited to the following three user accounts: • • • NOTE: root is to be used for local unrestricted access control. support is to be used for remote maintenance of the device user is to be used to view information and update device firmware. Default account passwords can be found in section 3.
9.6 Update Software The Update Software screen allows for firmware updates. Manual device upgrades from a locally stored file can be performed using the following screen. Step 1: Obtain an updated software image file from your ISP. Step 2: Enter the path and filename of the firmware image file in the Software File Name field or click the Browse button to locate the image file. Step 3: Click the Update Software button once to upload and install the file.
9.7 Save and Reboot The Save/Reboot option saves the current configuration and reboots the device. Close your browser, wait about 2 minutes and then restart the web user interface. NOTE: It may be necessary to reconfigure your TCP/IP settings to adjust for the new configuration. For example, if you disable the DHCP server you will need to apply Static IP settings. In this case, see section 3.2 TCP/IP Settings for detailed instructions.
Appendix A: Firewall Stateful Packet Inspection Refers to an architecture, where the firewall keeps track of packets on each connection traversing all its interfaces and makes sure they are valid. This is in contrast to static packet filtering which only examines a packet based on the information in the packet header. Denial of Service attack Is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have.
This filter will Drop all TCP packets coming from LAN with IP Address/Sub. Mask 192.168.1.45/24 having a source port of 80 irrespective of the destination. All other packets will be Accepted. 2. Filter Name Protocol Source Address Source Subnet Mask Source Port Destination Address Destination Subnet Mask Destination Port : : : : : : : : Out_Filter2 UDP 192.168.1.45 255.255.255.0 5060:6060 172.16.13.4 255.255.255.
Selected WAN interface: mer_0_35/nas_0_35 This filter will ACCEPT all TCP packets coming from WAN interface mer_0_35/nas_0_35 with IP Address/Sub. Mask 210.168.219.45/16 having a source port of 80 irrespective of the destination. All other incoming packets on this interface are DROPPED. 2. Filter Name Protocol Source Address Source Subnet Mask Source Port Destination Address Destination Subnet Mask Destination Port : : : : : : : : In_Filter2 UDP 210.168.219.45 255.255.0.0 5060:6060 192.168.1.45 255.255.
Appendix B: Pin Assignments Pin Assignments of the RJ11 Port Line port (RJ11) Pin 1 2 3 Definition ADSL_RING Pin 4 5 6 Definition ADSL_TIP - Pin 5 6 7 8 Definition NC Receive dataNC NC Pin assignments of the LAN Port LAN Port (RJ45) Pin 1 2 3 4 Definition Transmit data+ Transmit dataReceive data+ NC 81
Appendix C: Specifications WAN Interface Ethernet x 1 LAN Interface Ethernet x 4 WLAN Standard IEEE802.11g, backward compatible with 802.11b Encryption 64, 128-bit Wired Equivalent Privacy (WEP) Channels 11 (US, Canada)/ 13 (Europe)/ 14 (Japan) Data Rate Up to 54Mbps MAC Address Filtering, WEP, WPA, IEEE 802.
Security Functions Authentication protocols......................... PAP, CHAP VPN..................................................... PPTP/L2TP/IpSec pass-through Stateful Packet Inspection, Packet filtering, Denial Of Service protection, Traffic Conditioning, WFQ-based Bandwidth Management, HTTP proxy QoS L3 policy-based QoS, IP QoS, ToS Voice Functions SIP ..................................................... RFC 3261 Codec.................................................. G.711a/u, G.729, ILBC RTP ...
Appendix D: SSH Client Linux OS comes with an ssh client. Microsoft Windows does not have ssh client but there is a public domain one called “putty” that you can download here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html To access the device using Linux ssh client: From LAN: Use the device WEB UI to enable SSH access from LAN. (default is enabled) type: ssh -l root 192.168.1.1 From WAN: In the device, use WEB UI to enable SSH access from WAN.
