HiPER 518W Wireless Router Advanced Configuration Guide V1.3 UTT Technologies Co., Ltd. http://www.uttglobal.
Copyright Notice Copyright © 2000-2013. UTT Technologies Co., Ltd. All rights reserved. Information in this document, including URL and other Internet Web site references, is subject to change without further notice. Unless otherwise noted, the companies, organizations, people and events described in the examples of this document are fictitious, which have no relationship with any real company, organization, people and event. Complying with all applicable copyright laws is the responsibility of the user.
UTT Technologies Table of Contents Table of Contents COPYRIGHT NOTICE..................................................................................................................... 2 TABLE OF CONTENTS ................................................................................................................... I ABOUT THIS MANUAL .................................................................................................................. 1 0.1 SCOPE .......................................
UTT Technologies Table of Contents 4.1 SETUP WIZARD ....................................................................................................................... 35 4.2 SYSTEM STATUS...................................................................................................................... 35 4.2.1 Wired Status .................................................................................................................. 35 4.2.2 Wireless Status ..............................
UTT Technologies Table of Contents 6.2.1 Disabling Wireless Security........................................................................................... 91 6.2.2 Wireless Security Settings – WEP ................................................................................. 91 6.2.3 Wireless Security Settings - WPA/WPA2 ...................................................................... 93 6.2.4 Wireless Security Settings - WPA-PSK/WPA2-PSK ..............................................
UTT Technologies Table of Contents 8.2.4 IP/MAC Binding Settings ............................................................................................ 133 8.2.5 How to Add IP/MAC Bindings ................................................................................... 134 8.2.6 Internet Whitelist and Blacklist ................................................................................... 135 8.3 PPPOE SERVER ............................................................................
UTT Technologies Table of Contents 10.2 FLEXIBLE BANDWIDTH MANAGEMENT ................................................................................ 173 10.3 P2P RATE LIMIT.................................................................................................................... 173 10.4 SESSION LIMITING ................................................................................................................ 175 CHAPTER 11 11.1 FIREWALL ............................................
UTT Technologies 13.3.3 Table of Contents Reset to Factory Defaults ............................................................................................ 253 13.4 FIRMWARE UPGRADE............................................................................................................ 254 13.5 REMOTE MANAGEMENT ....................................................................................................... 255 13.6 SCHEDULED TASK......................................................
UTT Technologies About This Manual About This Manual 0.1 Scope This guide mainly describes how to install and configure the HiPER 518W Wireless Router offered by UTT Technologies Co., Ltd. For more information, please visit our website at www.uttglobal.com. 0.2 Web UI Style The Web UI style complies with the browser standard, which is as follows: Radio Button: It allows you to choose only one of a predefined set of options. Check Box: It allows you to choose one or more options.
UTT Technologies About This Manual 0.3 Documents Conventions 0.3.1 Symbol Conventions : It represents a configuration parameter. Parameters may be optional or required. Required parameters are indicated by a red asterisk (*). : It represents a button. : It represents one or more notes. 0.3.2 Other Conventions 0.3.2.1 Convention for a Page Path First Level Menu Item > Second Level Menu Item (bold font) means the menu path to open a page.
UTT Technologies About This Manual Click to revert to the last saved settings. Click to delete the selected entry(s). Click to display the latest information on the page. Click to clear all the statistics on the page. Click to go back to the previous page. Table 0-1 Common Button Descriptions 0.3.4 Detailed Description of List 0.3.4.1 Basic Elements and Features The Web UI contains two kinds of lists: editable list and read-only list.
UTT Technologies About This Manual Element Description Current page number/ total pages, the example means that the current page is the first page, and total one page. Click to jump to the first page. Click to jump to the previous page. Click to jump to the next page. Click to jump to the last page. Enter page number in text field, then click Go to or press key to jump to that page.
UTT Technologies About This Manual 0.3.4.2 Sorting Function All the lists in the Web UI support sorting function. The operation is as follows: You can click any column header to sort the entries in a list by that column. Click once to sort the entries in descending order, click again to sort them in ascending order. Click a third time to sort them in descending order, and so forth. After sorted, the list will be displayed from the first page. 0.
UTT Technologies About This Manual Chapter 1 Product Overview This chapter describes functions and features of the Wireless Router. Chapter 2 Hardware Installation This chapter describes how to install the Wireless Router. Chapter 3 Quick Setup This chapter describes the following contents: How to install and configure TCP/IP properties on your PC. How to login to the Wireless Router; and introduction to the WEB UI layout.
UTT Technologies About This Manual This chapter describes how to configure the wireless features of the Wireless Router, including: Basic Wireless Settings: How to configure basic wireless settings. Wireless Security Settings: How to configure wireless security settings. Wireless MAC Address Filtering: How to filter the wireless clients based on their MAC addresses. Advanced Wireless Settings: How to configure advanced wireless settings.
UTT Technologies QQ Whitelist: How to configure and view QQ whitelist. MSN Whitelist: How to configure and view MSN whitelist. Notification: How to configure notification. Application Audit: How to view application audic. Policy Database: How to configure policy database. About This Manual Chapter 10 QoS Fixed Rate Limiting: How to configure fixed rate limiting. Flexible Bandwidth: How to configure flexible bandwidth. P2P Rate Limit: How to configure P2P rate limiting.
UTT Technologies About This Manual supports one scheduled task: Restart. Chapter 14 Status This chapter describes how to view the system status information and statistics, including: Interface Status: It displays traffic statistics of the Router. System Information: It displays the current system time, system up time, system resources usage information, SN, firmware version, and system log messages. System Log: How to configure and view system log.
UTT Technologies Chapter 1 Product Overview Chapter 1 Product Overview Thanks for choosing the HiPER 518W Wireless Router from UTT Technologies Co., Ltd. This chapter describes the functions and features of the HiPER 518W Wireless Router in brief. 1.1 Product Brief The HiPER 518W Wireless Router is designed for small-sized businesses and branch offices, integrating wired networks with 3G and 802.11 wireless networks.
UTT Technologies 1.2 Chapter 1 Product Overview Key Features Supports multiple Internet connection types: 3G, PPPoE, Static IP, DHCP and Wi-Fi AP Provides two wired WAN interfaces (WAN1 and WAN2), two wireless WAN interfaces (3G and APClient), and three 10M/100M LAN ports Supports multiple Internet connections that provide intelligent load balancing and automatic failover Supports 6kV lightning protection Conforms to IEEE 802.11n (802.11g and 802.11b Compatible).
UTT Technologies Chapter 1 Product Overview Supports configuration backup and restore Provides wireless client list and system status 1.3 Physical Specification ● Conforms to IEEE 802.11n, IEEE 802.11b and IEEE 802.11g standards ● Conforms to IEEE 802.3 Ethernet and IEEE 802.3u Fast Ethernet standards ● Supports TCP/IP, PPPoE, DHCP, ICMP, NAT, Static Route, etc.
UTT Technologies Chapter 1 Product Overview 2.4GHz Y Y Y 5GHz -- -- -- PPTP VPN 5/5 5/5 5/5 IPSecVPN 5/5 5/5 -- Load Balance Y Y Y NAT Y Y Y DDNS(No-IP; Dyndns) Y Y Y Block/ Y Y Y Web Authenticatoin/Billin g Y Y Y PPPoE Server/Billing Y Y Y DHCP Server Y Y Y Wireless Standard IEEE 802.11 b/g/n IEEE 802.11 b/g/n IEEE 802.
UTT Technologies Chapter 2 Hardware Installation Chapter 2 Hardware Installation 2.1 Physical Characteristics 2.1.1 Front Panel As shown in Figure 2-1, the LEDs are located on the front panel of the Wireless Router. The LEDs indicate the status of the system and each port. Table 2-1 describes these LEDs. Figure 2-1 Front Panel of the Wireless Router LED Full Name State Description The Wireless Router is powered on.
UTT Technologies Chapter 2 Hardware Installation WAN1/ WAN1/WAN2 WAN2 Port Status LED 1, 2, 3 LAN Port Status LED Off The wireless function is disabled. On A valid link is established on the corresponding port. Blinking The corresponding port is sending or receiving data. Off No link is established on the corresponding port. On A valid link is established on the corresponding port. Blinking The corresponding port is sending or receiving data.
UTT Technologies Chapter 2 Hardware Installation restart with factory default settings. Note This operation will clear all the custom settings on the Wireless Router. If you remember the administrator account, it is strongly recommended that you go to Administration > Configuration page to backup the current configuration firstly, and then reset the Wireless Router to factory default settings. 2. Ports The Wireless Router provides three LAN ports, two WAN ports, and a USB port.
UTT Technologies Chapter 2 Hardware Installation Note Please ensure that the desktop or shelf is stable and the power outlet is grounded properly, and do not place heavy objects on the Wireless Router. 2. Attach the Antennas When shipped, the two antennas are not connected to the Wireless Router. To attach the antennas to the Wireless Router, follow these steps: 1) Remove one antenna from the box. 2) Locate one antenna port (threaded knob) on the back panel of the Wireless Router, see Figure 2-2.
UTT Technologies Chapter 2 Hardware Installation To prevent the Wireless Router from working abnormally or being damaged, please make sure that the power supply and connectivity are normal, and the power outlet is grounded properly before powering on the Wireless Router. 6. Checking the LEDs Verify that the Wireless Router starts up properly and the network connections are operational by checking the LED states, as described in Table 2-1. http://www.uttglobal.
UTT Technologies Chapter 3 Quick Setup Chapter 3 Quick Setup This chapter describes how to properly configure TCP/IP settings on your computer, how to login to the Wireless Router, and how to configure the basic parameters to quickly connect the Wireless Router to the Internet via the Start > Setup Wizard. In addition, it also briefly describes the layout and style of the Wireless Router’s Web UI. 3.
UTT Technologies Chapter 3 Quick Setup If the displayed page is similar to the screenshot below, the connection between your computer and the Wireless Router hasn't been established yet. If the connection hasn't been established, please take the following steps to resolve the problem: 1. Is the physical link between your computer and the Wireless Router connected properly? Verify that the LED corresponding to the Wireless Router’s LAN port and the LED on your computer’s adapter are lit. 2.
UTT Technologies 3.2 Chapter 3 Quick Setup Logging in to the Wireless Router This section describes how to login to the Wireless Router. No matter what operating system is installed on your computer, such as, MS Windows, Macintosh, UNIX, or Linux, and so on, you can login to and configure the Wireless Router through the Web browser (for example, Internet Explorer).
UTT Technologies Chapter 3 Quick Setup Top Pane Side Pane Main Pane Bottom Pane Figure 3-3 Homepage Each page of the Wireless Router’s Web UI consists of four panes: 1. Top Pane: It displays UTT logo, model and version, and three shortcut icons. 1) UTT Logo: Click to link to the homepage of the UTT website. 2) Model and Version: The product model and firmware version of the Wireless Router.
UTT Technologies 3.3 Chapter 3 Quick Setup Setup Wizard This section describes the Start > Setup Wizard page. 3.3.1 Running the Setup Wizard As mentioned earlier, the first page of the Setup Wizard appears immediately after your first login, see the following figure.
UTT Technologies Chapter 3 Quick Setup Figure 3-5 Welcome Page 3.3.2 Setup Wizard - Internet Access Mode In this page, you can choose one or more Internet connections that you want to configure via the Setup Wizard, see Figure 3-6. Figure 3-6 Setup Wizard - Internet Access Mode WAN1: If you want to configure a wired Internet connection on the WAN1 interface via the Setup Wizard, select this check box. WAN2: If you want to configure a wired Internet connection on the WAN2 interface http://www.
UTT Technologies Chapter 3 Quick Setup via the Setup Wizard, select this check box. 3G Client: If you want to configure a 3G Internet connection via the Setup Wizard, select this check box. Here the Wireless Router acts as a 3G client. AP Client: If you want to configure a wireless Internet connection via the Setup Wizard, select this check box. Here the Wireless Router acts as an AP client. Back: Click to go back to the previous page of the Setup Wizard.
UTT Technologies Chapter 3 Quick Setup Figure 3-7 Setup Wizard - WAN1/WAN2 Internet Connection Settings (Static IP) Connection Type: It specifies the type of the Internet connection. Here please select Static IP. You need to manually configure IP address, subnet mask, default gateway and DNS server addresses, which are provided by your ISP. IP Address: It specifies the IP address of the WAN interface, which is provided by your ISP.
UTT Technologies Chapter 3 Quick Setup Figure 3-8 Setup Wizard - WAN1/WAN2 Settings (DHCP) Connection Type: It specifies the type of the Internet connection. Here please select DHCP. The Wireless Router will automatically obtain the WAN IP address, subnet mask and gateway and DNS server addresses from your ISP’s DHCP server. Back: Click to go back to the previous page of the Setup Wizard. Cancel: Click to revert to the last saved settings.
UTT Technologies Chapter 3 Quick Setup Cancel: Click to revert to the last saved settings. Exit: Click to exit the Setup Wizard and go to the Welcome page (see Figure 3-5). The changes made in the Setup Wizard will be discarded. Skip: Click to go directly to the next page of the Setup Wizard. The changes made on the current page will be discarded. Next: Click to go to the next page of the Setup Wizard. 3.3.3.
UTT Technologies Chapter 3 Quick Setup User Name: It specifies the user name used for PPP authentication. Password: It specifies the password used for PPP authentication. Back: Click to go back to the previous page of the Setup Wizard. Cancel: Click to revert to the last saved settings. Exit: Click to exit the Setup Wizard and go to the Welcome page (see Figure 3-5). The changes made in the Setup Wizard will be discarded. Skip: Click to go directly to the next page of the Setup Wizard.
UTT Technologies Chapter 3 Quick Setup Here please select None. Back: Click to go back to the previous page of the Setup Wizard. Cancel: Click to revert to the last saved settings. Exit: Click to exit the Setup Wizard and go to the Welcome page (see Figure 3-5). The changes made in the Setup Wizard will be discarded. Skip: Click to go directly to the next page of the Setup Wizard. The changes made on the current page will be discarded. Next: Click to go to the next page of the Setup Wizard. 3.3.3.3.
UTT Technologies Chapter 3 Quick Setup authenticate and attempt to associate with the remote AP. However, even if the Wireless Router can complete authentication and associate with the remote AP, the Wireless Router cannot send or receive data from the remote AP unless it has the correct WEP key. ● Shared Key: It requires that the Wireless Router and remote AP have the same WEP key to authenticate.
UTT Technologies Chapter 3 Quick Setup 3.3.3.3.3 APClient Connection Settings - WPA-PSK/WAP2-PSK Figure 3-13 Setup Wizard - APClient Connection Settings (WPA-PSK/WAP2-PSK) AP SSID: It specifies the SSID of the remote AP. It must be between 1 and 32 characters long, and it is case sensitive. AP MAC Address: It specifies the MAC address of the remote AP. Security Mode: It specifies the security mode to be used by the Wireless Router.
UTT Technologies Chapter 3 Quick Setup Skip: Click to go directly to the next page of the Setup Wizard. The changes made on the current page will be discarded. Next: Click to go to the next page of the Setup Wizard. 3.3.4 Setup Wizard - Wireless Settings In this page, you can configure basic wireless settings of the Wireless Router.
UTT Technologies Chapter 3 Quick Setup Channel Width: It specifies the range of frequecies used by your wireless network. The options are 20/40M and 20M. Note that this parameter can only act on 802.11n wireless clients. 802.11b and 802.11g wireless clients can only use 20MHz channel. ● 20M/40M: If you select this option, 802.11n wireless clients will negotiate the channel width with the Wireless Router. ● 20M: It you select this option, 802.11n wireless clients will use 20MHz channel.
UTT Technologies Chapter 4 Start Menu Chapter 4 Start Menu The Start menu item is the first one under the top-level menu. It provides links to several commonly used pages including Setup Wizard, System Status, Interface Traffic and Restart, where you can quickly configure the basic parameters for the Wireless Router to operate properly, view system status, view interface traffic statistics, and restart the Wireless Router. 4.
UTT Technologies Chapter 4 Start Menu Figure 4-1 System Status - Wired Status WAN1: It displays the current status and basic configuration of the WAN1 Internet connection, which include connection type, status, IP address, subnet mask, MAC address, default gateway and DNS server addresses, and up time. WAN2: It displays the current status and basic configuration of the WAN2 Internet connection, which are the same as those of the WAN1 Internet connection.
UTT Technologies Chapter 4 Start Menu 3G, APClient and Wireless LAN. Figure 4-2 System Status - Wireless Status 3G: It displays the current status and basic configuration of the 3G Internet connection, which include connection type, status, IP address, subnet mask, MAC address, default gateway and DNS server addresses, and up time. APClient: It displays the current status and basic configuration of the APClient Internet connection, which are the same as those of the 3G Internection connection.
UTT Technologies Chapter 4 Start Menu The Wired Status page and Wireless Status page only display the status information of the interfaces that have been configured. 4.3 Interface Traffic This section describes the Start > Interface Traffic page. This page provides the real-time traffic chart for each interface that has been configured, which displays the real-time Rx/Tx rate, average Rx/Tx rate, maximum Rx/Tx rate and total Rx/Tx traffic of each interface.
UTT Technologies Chapter 4 Start Menu Display: It allows you to change the type of chart displayed. The options are Line and Solid. ● Line: Select this option to display a line chart. The chart includes two lines with different colors, which represent the real-time Rx rate and Tx rate resectively. ● Solid: Select this option to display an area chart. The area chart is like the line chart except that the area between the axis the plot line is solid.
UTT Technologies Chapter 4 Start Menu Clear: Click to clear all traffic statistics. Refresh: Click to view the latest traffic statistics. Back: Click to go back to the Start > Interface Traffic page. Note This page only displays the traffic statistics for the interfaces that have been configured. 4.4 Restart Figure 4-5 Restart the Wireless Router Restart: Click to restart the Wireless Router. If you click the Restart button, the system will pop up a prompt dialog box (see Figure 4-6).
UTT Technologies Chapter 5 Network Chapter 5 Network This chapter describes how to configure the basic network parameters of the Wireless Router, which include WAN settings, load balancing, LAN settings, DHCP server, DDNS, and UPnP. 5.1 WAN Settings This section describes the Network > WAN page. If you have configured one or more Internet connections in the Start > Quick Wizard, you can view their configuration and status in this page, and modify or delete them if needed.
UTT Technologies Chapter 5 Network Figure 5-2 Internet Connection List (Continue) 5.1.1.1 Parameter Definitions Interface: It displays the name of the WAN interface. The Wireless Router has four WAN interfaces: WAN1, WAN2, 3G, and APClient. Therein, WAN1 and WAN2 are wired interfaces, and 3G and APClient are wireless interfaces. Connection Type: It displays the type of the Internet connection. There are four connection types: Static IP, PPPoE, DHCP and 3G.
UTT Technologies Chapter 5 Network The connection is disconnected due to that the interface is disabled or Disconnected not connected, etc. The connection is established between the Wireless Router and peer Connected device. Table 5-2 Description of Static IP Connection Status 3. DHCP Connection Status For the DHCP connection, there are two kinds of status, see Table 5-3. When it is connected, it will also display the elapsed time (days: hours: minutes: seconds) since connected.
UTT Technologies Chapter 5 Network Rx Rate: It displays the average download speed (in kilobytes per second) of the Internet connection during the time interval between two refresh operations. Tx Rate: It displays the average upload speed (in kilobytes per second) of the Internet connection during the time interval between two refresh operations. 5.1.1.
UTT Technologies Chapter 5 Network Figure 5-3 Internet Connection List - PPPoE/3G Connection 5.1.1.4 How to Renew and Release a DHCP Connection If you click the Interface hyperlink or icon of a DHCP connection, the Renew button and Release button will appear below the list, see Figure 5-4. Figure 5-4 Internet Connection List - DHCP Connection Renew: Click to re-obtain an IP address from the ISP’s DHCP server.
UTT Technologies Chapter 5 Network Figure 5-5 Network - WAN Settings Note 1. It allows you to choose the ISP Policy (i.e., route policy database) for each Internet connection. The system will automatically create the associated static routes according to your selection. Thus all traffic destined for one ISP’s servers will be forwarded through this ISP’s connection. 2.
UTT Technologies Chapter 5 Network 5.1.2.1.1 Static IP Internet Connection Settings Figure 5-6 Static IP Internet Connection Interface: It specifies the name of the WAN interface. Here please select WAN1, WAN2 or APClient. Connection Type: It specifies the type of the Internet connection. Here please select Static IP. You need to manually configure IP address, subnet mask, default gateway and DNS server addresses, which are provided by your ISP.
UTT Technologies Chapter 5 Network Advanced Options: Click it to view and configure advanced parameters. In most cases, you need not configure them. Mode: It specifies the mode of the device, including Pure Route Mode and NAT Mode. It is NAT Mode by default. ● Pure Route Mode: The device just has the routing function. It doesn’t translate the interal IP address to the external IP address. ● NAT Mode: The device enables NAT function. MAC Address: It specifies the MAC address of the WAN interface.
UTT Technologies Chapter 5 Network ISP Policy and Update Policy: Refer to Section 5.1.2.1.1 Static IP Internet Connection Settings for detailed information. Advanced Options: Click it to view and configure advanced parameters. In most cases, you need not configure them. Mode: It specifies the mode of the device, including Pure Route Mode and NAT Mode. It is NAT Mode by default. ● Pure Route Mode: The device just has the routing function.
UTT Technologies Chapter 5 Network Figure 5-8 PPPoE Internet Connection Settings Interface: It specifies the name of the WAN interface. Here please select WAN1, WAN2 or APClient. Connection Type: It specifies the type of the Internet connection. Here please select PPPoE. The Wireless Router will automatically obtain the WAN IP address, subnet mask and gateway IP address from your ISP’s PPPoE server. ISP Policy and Update Policy: Refer to Section 5.1.2.1.
UTT Technologies Chapter 5 Network Mode. It is NAT Mode by default. ● Pure Route Mode: The device just has the routing function. It doesn’t translate the interal IP address to the external IP address. ● NAT Mode: The device enables NAT function. MAC Address: It specifies the MAC address of the WAN interface. In most cases, please leave the default value. Interface Mode: It specifies the speed and duplex mode of the WAN interface.
UTT Technologies Chapter 5 Network Interface: It specifies the name of the WAN interface. Here please select 3G. ISP Policy and Update Policy: Refer to Section 5.1.2.1.1 Static IP Internet Connection for detailed information. 3G USB Modem, ISP, Authentication Method, PIN Code, APN, Dial Number, User Name, and Password: Refer to Section 3.3.3.2 3G Internet Connection Settings for detailed information. Save: Click to save your changes. Cancel: Click to revert to the last saved settings.
UTT Technologies 5.2 Chapter 5 Network Load Balancing This section describes the Network > Load Balancing page. In this page, you can configure load balancing global parameters, the connection detection parameters (including detection target IP, detection interval, retry times, etc.) for each Internet connection, and view the status and configuration of them. 5.2.1 Introduction to Load Balancing and Failover 5.2.1.
UTT Technologies Chapter 5 Network detection packets but not received any response packet during a detection period, it will consider that the connection is faulty. For a faulty Internet connection, the detection mechanism is as follows: Similarly, the Wireless Router also periodically sends a detection packet at the specified time interval to the target IP address.
UTT Technologies Chapter 5 Network primary connections, and others are used as backup connections. The working principle is as follows: 1. As long as one or more primary connections are normal, the LAN users will use the primary connection(s) to access the Internet. 2. If all the primary connections are faulty, it will automatically switch to the backup connection(s) to let the LAN users use them to access the Internet. 3.
UTT Technologies Chapter 5 Network 5.2.2.2 Global Settings - Partial Load Balancing Figure 5-11 Global Settings - Partial Load Balancing Mode: It specifies the mode of load balancing. Here please select Partial Load Balancing. Primary: It specifies the primary connection group. An Internet connection in the Primary list box is a primary connection. Backup: It specifies the backup connection group. An Internet connection in the Backup list box is a backup connection.
UTT Technologies Chapter 5 Network Figure 5-12 Load Balancing List Figure 5-13 Load Balancing List (Continue) Edit an Internet Connection: To configure or modify the detection related parameters of an Internet connection, click its Interface hyperlink or icon, the related information will be displayed in the Connection Detection Settings page. Then configure or modify it, and click the Save button.
UTT Technologies Chapter 5 Network Interface: It indicates the name of the WAN interface. It is non-editable. Detection Interval: It specifies the time interval at which the Wireless Router periodically sends detection packets, one packet at a time. It must be between 1 and 60 seconds, or 0. The default value is 0, which means that connection detection is disabled on the Internet connection. Retry Times: It specifies the number of retries per detection period. The default value is 3.
UTT Technologies Chapter 5 Network Figure 5-15 Enable Identity binding Enable Identity Binding: It allows you to enable or disable Identity binding. If you want to enable Identity binding feature for some applications such as online banking, QQ, etc., please select this check box. Save: Click it to save your settings. 5.2.
UTT Technologies 5.3 Chapter 5 Network LAN Settings This section describes the Network > LAN page, where you can configure the IP address, subnet mask and MAC address of the Wireless Router’s LAN interface. Figure 5-16 LAN Interface Settings IP Address: It specifies the IP address of the LAN interface. Subnet Mask: It specifies the subnet mask that defines the range of the LAN. MAC Address: It specifies the MAC address of the LAN interface. In most cases, please leave the default value.
UTT Technologies Chapter 5 Network IP Address 3: It specifies the third IP address of the LAN interface. Subnet Mask 3: It specifies the third subnet mask that defines the range of the secondary subnet. IP Address 4: It specifies the fourth IP address of the LAN interface. Subnet Mask 4: It specifies the fourth subnet mask that defines the range of the secondary subnet. Save: Click to save your changes. Cancel: Click to revert to the last saved settings. Note 1.
UTT Technologies 5.4 Chapter 5 Network DHCP Server This section describes the Network > DHCP Server page, which includes DHCP server settings, static DHCP and DHCP client list. 5.4.1 DHCP Server Settings Figure 5-17 DHCP Server Settings Enable DHCP Server: It allows you to enable or disable DHCP server. If you want to enable DHCP server on the Wireless Router, please select this check box. Start IP Address: It specifies the first IP address assigned by the DHCP server.
UTT Technologies Chapter 5 Network most cases, this address must be on the same subnet as the Wireless Router’s LAN IP address. Subnet Mask: It specifies the subnet mask of the IP addresses assigned by the DHCP server. In most cases, this subnet mask must be identical to the Wireless Router’s LAN subnet mask. Default Gateway: It specifies the IP address of the default gateway for a DHCP client.
UTT Technologies Chapter 5 Network DNS proxy server on which a DNS proxy software is installed (e.g., Wingate), and the local computers use this server as the primary DNS server. Now, the Wireless Router will be used as a new gateway for the local computers.
UTT Technologies Chapter 5 Network Note 1. The reserved IP address must be a valid IP address within the range of IP addresses assigned by the DHCP server. 2. After you have added the static DHCP entry successfully, the Wireless Router will always assign the reserved IP address to the specified computer. 5.4.2.
UTT Technologies Chapter 5 Network 5.4.2.3 How to Add Static DHCP Entries To add one or more static DHCP entries, follow these steps: Step 1 Go to the Network > DHCP Server > Static DHCP page. Step 2 Click the Add button to go to the Static DHCP Settings page, and then specify the User Name, IP Address and MAC Address, lastly click the Save button. Step 3 Now you can view the static DHCP entry in the Static DHCP List. Step 4 To add another static DHCP entry, please repeat the above steps.
UTT Technologies Chapter 5 Network binding operation. Enable DHCP Auto Deleting: It allows you to enable or disable DHCP auto deleting. If you select this check box to enable DHCP auto deleting, the Device will automatically delete a DHCP auto binding entry if the corresponding host releases the IP address initiatively or its lease expires. Else, the Device will not perform auto deleting operation. Save: Click it to save your settings. 5.4.
UTT Technologies 5.4.5 Chapter 5 Network Configuration Example for DHCP 1. Requirements In this example, the Wireless Router acts as a DHCP server to dynamically assign the IP addresses to the clients that reside on the same subnet. The Wireless Router’s LAN IP address is 192.168.1.1/24. The start IP address of the DHCP address pool is 192.168.1.11, and the number of addresses is 100.
UTT Technologies Chapter 5 Network Figure 5-22 DHCP Server Settings - Example Step 3 Go to the Network > DHCP Server > Static DHCP page. Step 4 Add the static DHCP entry 1: Click the Add button to go to the Static DHCP Settings page (see Figure 5-23), enter Server1 in the User Name text box, 192.168.1.15 in the IP Address text box, and 0021859B4546 in the MAC Address text box, and then click the Save button.
UTT Technologies Chapter 5 Network 192.168.1.16 in the IP Address text box, and 001f3c0f07f4 in the MAC Address text box, and then click the Save button. Figure 5-24 Adding the Static DHCP Entry 2 - Example Now you have configured the two static DHCP entries. You can view them in the Static DHCP List (see Figure 5-25), and you can directly click the them if desired. icon to modify either of Figure 5-25 Static DHCP List - Example http://www.uttglobal.
UTT Technologies 5.5 Chapter 5 Network DDNS This section describes the Network > DDNS page. In this page, you can not only configure DDNS parameters, but also view and update DDNS status. 5.5.1 Introduction to DDNS Dynamic Domain Name Service (DDNS) is a service used to map a domain name which never changes to a dynamic IP address which can change quite often.
UTT Technologies Chapter 5 Network Figure 5-26 Apply for a DDNS Account from no-ip.com User Name: It specifies the user name of No-IP DDNS account. Email Address: It is used to confirm the No-IP DDNS account. Password: It specifies the password of No-IP DDNS account. Confirm Password: To confirm the password just put in. Host Name: It specifies a unique host name of the Router. The suffix of no-ip.biz will be appended to the host name to create a fully qualified domain name (FQDN) for the Router.
UTT Technologies Chapter 5 Network Figure 5-27 Disabling DDNS Service Service Provider: It specifies the DDNS service provider who offers services to the Router. Here please select None to disable DDNS service. Save: Click to save your changes. Cancel: Click to revert to the last saved settings. 5.5.3.2 DDNS Service Offered by no-ip.com Figure 5-28 DDNS Settings Related to 3322.org Service Provider: It specifies the DDNS service provider who offers services to the Router.
UTT Technologies Chapter 5 Network Save: Click to save your changes. Cancel: Click to revert to the last saved settings. 5.5.3.3 DDNS Service Offered by dyndns.com Figure 5-29 DDNS Settings Related to dyndns.com Service Provider: It specifies the DDNS service provider who offers services to the Router. Now the Router supports two DDNS service providers: no-ip.com and dyndns.com. Here please select no-ip.com. Registry Website: It allows you to click http://www.dyndns.
UTT Technologies 5.5.4 Chapter 5 Network DDNS Status Figure 5-30 DDNS Status Update Status: Click to update DDNS status. 5.5.5 DDNS Verification To verify whether DDNS is updated successfully, you can use the ping command at the command prompt on the PC, for example: ping uttglobal.no-ip.biz If the displayed page is similar to the screenshot below: the domain name is resolved to an IP address successfully (116.236.120.162 in this example), DDNS is updated successfully. Note 1.
UTT Technologies 5.6 Chapter 5 Network UPnP This section describes the Network > UPnP page. The Universal Plug and Play (UPnP) is architecture that implements zero configuration networking, that is, it provides automatic IP configuration and dynamic discovery of the UPnP compatible devices from various vendors. A UPnP compatible device can dynamically join a network and work properly.
UTT Technologies Chapter 5 Network Figure 5-32 UPnP Port Forwarding List ID: It is used to identify each UPnP port forwarding entry in the list. Internal IP: It displays the IP address of the local computer. Internal Port: It displays the service port provided by the local computer. Protocol: It displays the transport protocol used by the service. Remote IP: It displays the IP address of the remote computer.
UTT Technologies Chapter 6 Wireless Chapter 6 Wireless This chapter describes how to configure and use the wireless features of the Wireless Router, which include: basic wireless settings, wireless security settings, wireless MAC address filtering, and advanced wireless settings; and how to view the status of the wireless clients. 6.1 Basic Wireless Settings This section describes the Wireless > Basic page.
UTT Technologies Chapter 6 Wireless Figure 6-1 Basic Wireless Settings - AP Mode Enable Wireless: It allows you to enable or disable wireless function. If you select the check box to enable wireless function, wireless clients can connect to the Wireless Router to access the Internet, commnuicate with each other via the Wireless Router, and access the wired network connected to the Wireless Router. Else, the Wireless Router accepts only wired computers and other wired network devices.
UTT Technologies Chapter 6 Wireless Wireless Router automatically select the best channel. If there are multiple wireless routers in your area, please make sure that their channels don’t interfere with each other. Channel Width: It specifies the range of frequecies used by your wireless network. The options are 20/40M and 20M. Note that this parameter can only act on 802.11n wireless clients. 802.11b and 802.11g wireless clients can only use 20MHz channel. ● 20M/40M: If you select this option, 802.
UTT Technologies Chapter 6 Wireless Figure 6-2 Basic Wireless Settings - APClient Mode Operation Mode: Here please select APClient Mode. Enable Wireless, SSID, Wireless Mode, Channel, Channel Width, and Enable SSID Broadcast: Refer to Section 6.1.1 AP Mode for detailed information. AP SSID, AP MAC Address and Security Mode: Refer to Section 3.3.3.3 APClient Internet Connection Settings for detailed information. Save: Click to save your changes. Cancel: Click to revert to the last saved settings.
UTT Technologies 6.1.3 Chapter 6 Wireless WDS A Wireless Distribution System (WDS) is a method of interconnecting access points (AP) in a wireless local area network (WLAN) without requiring that they connect through a wired backbone. This feature is usually used to extend the range of the wireless network to reach remote clients.
UTT Technologies Chapter 6 Wireless Figure 6-3 Basic Wireless Settings - Repeater Mode Operation Mode: Here please select Repeater Mode. Enable Wireless, SSID, Wireless Mode, Channel, Channel Width, and Enable SSID Broadcast: Refer to Section 6.1.1 AP Mode for detailed information. AP MAC Address: It specifies the MAC address of the remote AP. Security Mode: It specifies the security mode to be used by the Wireless Router. There are four options: None, WEP, TKIP and AES.
UTT Technologies Chapter 6 Wireless Save: Click to save your changes. Cancel: Click to revert to the last saved settings. Figure 6-4 Security Settings - WEP Mode Security Mode: It specifies the security mode to be used by the Wireless Router. Here please select WEP. Key Format: It specifies the format for entering the WEP keys. The options are Hex and ASCII. ● Hex: Select this option if you want to enter the WEP keys in hexadecimal format.
UTT Technologies Chapter 6 Wireless match in a similar fashion. However, the two devices can have different Default Tx Keys as long as the keys are in the same order. For example, the Wireless Router can use WEP Key 1 as its Default Tx Key, while the remote wireless device can use WEP Key 3 as its Default Tx Key.
UTT Technologies Chapter 6 Wireless Pre-shared Key: This key serves as seed for generating encryption keys. It must be identical to the remote wireless network device’s. It must be between 8 and 63 characters long. 6.1.3.2 Bridge Mode If you want the Wireless Router to operate in bridge mode, please select Bridge Mode from the Opeartion Mode drop-down list, see Figure 6-8. In this mode, the Wireless Router can connect to other wireless network devices in repeater mode or lazy mode.
UTT Technologies Chapter 6 Wireless 6.1.3.3 Lazy Mode If you want the Wireless Router to operate in lazy mode, please select Lazy Mode from the Opeartion Mode drop-down list, see Figure 6-9. In this mode, the Wireless Router can connect to other wireless network devices in bridge mode or repearter mode; and at the same time it can provide connectivity for wilreless clients. Figure 6-9 Basic Wireless Settings - Lazy Mode Operation Mode: Here please select Laze Mode.
UTT Technologies Chapter 6 Wireless each other wirelessly. Figure 6-10 Configuration Example for WDS - Network Topology 2. Configuration and Verification To connect the Wireless Router A to the Wireless Router B properly, the Wireless Router B’s operation mode may be Lazy Mode or Repeater Mode (here we take Lazy Mode for example), its SSID, security mode and pre-shared key must be the same as those of the Wireless Router A. Besides, we leave the other parameters at their default values on both Routers.
UTT Technologies Chapter 6 Wireless Figure 6-11 Configuration Example for WDS - Configuring the Wireless Router A 2) Configuring the Wireless Router B The following figure shows the detailed settings on the Wireless Router B. http://www.uttglobal.
UTT Technologies Chapter 6 Wireless Figure 6-12 Configuration Example for WDS - Configuring the Wireless Router B 3) Verifying Connectivity between the Two Routers To verify connectivity between the two Routers, you can use the ping command at the command prompt on the Wireless Router B: Ping 192.168.1.1 If the displayed page is similar to the screenshot below, the connection between the two Routers has been established. Figure 6-13 Configuration Example for WDS - Verifying Connectivity http://www.
UTT Technologies 6.2 Chapter 6 Wireless Wireless Security Settings This section describes the Wireless > Security page. The Wireless Router provides four security mode options including None, WEP, WPA/WPA2, and WPA-PSK/WPA2-PSK. If you want an open network without wireless security, keep the default value of None. 6.2.1 Disabling Wireless Security Figure 6-14 Disabling Wireless Security Security Mode: It specifies the security mode that you want to use on your wireless network.
UTT Technologies Chapter 6 Wireless Figure 6-15 Wireless Security Settings - WEP Security Mode: It specifies the security mode that you want to use on your wireless network. Here please select WEP. WEP is the basic encryption mode which is not as secure as WPA. Authentication Type: It allows you to select the authentication type under WEP security mode. The Wireless Router must authenticate a wireless client before the client can join the wireless network.
UTT Technologies 6.2.3 Chapter 6 Wireless Wireless Security Settings - WPA/WPA2 Figure 6-16 Wireless Security Settings - WPA/WPA2 Security Mode: It specifies the security mode that you want to use on your wireless network. Here please select WPA/WPA2 to use WPA mode, WPA2 mode or both. In WPA or WPA2 mode, the Wireless Router uses an external RADIUS server to authenticate wireless clients. WPA Mode: It specifies the WPA mode that you want to use on your wireless network.
UTT Technologies Chapter 6 Wireless Key Renewal Interval: It specifies how often the WPA group key changes. The valid range is 60-86400 or 0, and the default value is 3600 seconds. Enter 0 to disable automatic renewal. Save: Click to save your changes. Cancel: Click to revert to the last saved settings. 6.2.
UTT Technologies Chapter 6 Wireless wireless clients also need to be configurd with the same pre-shared key. It must be between 8 and 63 characters long. Key Renewal Interval: It specifies how often the WPA group key changes. The valid range is 60-86400 or 0, and the default value is 3600 seconds. Enter 0 to disable automatic renewal. Save: Click to save your changes. Cancel: Click to revert to the last saved settings. http://www.uttglobal.
UTT Technologies 6.3 Chapter 6 Wireless Wireless MAC Address Filtering This section describes the Wireless > MAC Filtering page. The MAC address filtering is used to filter the wireless clients based on their MAC addresses. With this feature, you can either allow or block specific wireless clients to connect to the Wireless Router. 6.3.
UTT Technologies 6.3.2 Chapter 6 Wireless MAC Address Filtering List Figure 6-19 MAC Address Filtering List Add a MAC Address Filtering Entry: To add a new MAC address filtering entry, first click the Add button to go to the MAC Address Filtering Settings page, next configure it, lastly click the Save button. View MAC Address Filtering Entry(s): When you have configured one or more MAC address filtering entries, you can view them in the MAC Address Filtering List.
UTT Technologies Chapter 6 Wireless MAC Address: It specifies the MAC address of the wireless client that you want to allow or block. Save: Click to save your changes. Back: Click to go back to the Wireless > MAC Filtering page. 6.3.4 How to Configure MAC Address Filtering To configure MAC address filtering, follow these steps: Step 1 Go to the Wireless > MAC Filtering page.
UTT Technologies Chapter 6 Wireless 2. Configuration Steps Step 1 Go to the Wireless > MAC Filtering page. Step 2 Click the Add button to go to MAC Address Filtering Settings page (see Figure 6-21), enter 00b08c0517ed in the MAC Address text box, and then click the Save button. Figure 6-21 Adding a MAC Address Filtering Entry - Example Step 3 Continue to add the other two MAC addresses (001f3c47f481 and 001f3c0f07f4) to the MAC Address Filtering List.
UTT Technologies 6.4 Chapter 6 Wireless Advanced Wireless Settings This section describes the Wireless > Advanced Wireless Settings page. In this page, you can configure advanced wireless settings for your wireless connection. We suggest that you don’t adjust these settings unless you are an expert user. Incorrect settings will reduce the performance of your wireless network.
UTT Technologies Chapter 6 Wireless Indication Message (DTIM). The DTIM notifies wireless clients in power-save mode that a packet is waiting for them. The DTIM interval is a multiple of the Beacon Interval. For example, if it is set to 4, a DTIM message will be sent with every fourth beacon. It must be between 1 and 255, and the default value is 1. Enable Short Preamble: It allows you to enable short preamble or long preamble. ● Select the check box to enable short preamble.
UTT Technologies 6.5 Chapter 6 Wireless Wireless Client List This section describes the Wireless > Client List page. In the Wireless Client List, you can view the status of all wireless clients which are connected to the Wireless Router. In addition, you can also easily configure MAC address filtering entries via the list. Figure 6-25 Wireless Client List ID: It is used to identify each wireless client entry in the list. MAC Address: It displays the MAC address of the wireless client.
UTT Technologies Chapter 7 Advanced Chapter 7 Advanced This chapter describes how to configure and use the advanced features of the Router, which include NAT and DMZ, static route, policy routing, anti-netsniper, plug and play, syslog and SNMP. 7.1 NAT and DMZ This section describes the Advanced > NAT&DMZ page. 7.1.1 Introduction to NAT Features 7.1.1.1 NAT Overview The NAT (Network Address Translation) is an Internet standard that is used to map one IP address space (i.e.
UTT Technologies Chapter 7 Advanced internal IP addresses to the outside world. 7.1.1.3 NAT Types The Router provides two types of NAT: One2One and EasyIP. ● One2One (One to One): It indicates static network address translation. It is always referred to as Basic NAT, which provides a one to one mapping between an internal and an external IP address. In this type of NAT, IP address needs to be changed, but port needn’t.
UTT Technologies Chapter 7 Advanced For example, if you want to allow the local SMTP server (IP address: 192.168.1.88) to be available to the outside users, you can create a port forwarding entry: external IP address is WAN1 IP address (200.200.201.88 in this example), external port is 2100, internal IP address is 192.168.1.88, and internal port is 25. Then all the requests to SMTP service from outside users to 200.200.201.88:2100 will be forwarded to 192.168.1.88:25. 2.
UTT Technologies Chapter 7 Advanced Add a Port Forwarding Entry: To add a new port forwarding entry, first click the Add button to go to the Port Forwarding Settings page, next configure it, lastly click the Save button. View Port Forwarding Entry(s): When you have configured one or more port forwarding entries, you can view them in the Port Forwarding List.
UTT Technologies Chapter 7 Advanced Name: It specifies a unique name of the port forwarding entry. Enable: It allows you to enable or disable the port forwarding entry. The default value is checked, which means the port forwarding entry is in effect. If you want to disable the entry temporarily instead of deleting it, please clear the check box. Protocol: It specifies the transport protocol used by the service. The available options are TCP, UDP and TCP/UDP. If you are not sure, select TCP/UDP.
UTT Technologies Chapter 7 Advanced Step 6 Select an interface from the Bind to drop-down list as required. The port forwarding entry will use the selected interface’s IP address as its external IP address. Step 7 Click the Save button to save the settings. You can view the port forwarding entry in the Port Forwarding List. Step 8 If you want to add another new port forwarding entry, please repeat the above steps. 7.1.2.
UTT Technologies 7.1.3 Chapter 7 Advanced NAT Rule 7.1.3.1 NAT Rule List Figure 7-4 NAT Rule List Add a NAT Rule: To add a new NAT rule, first click the Add button to go to the NAT Rule Settings page, next configure it, lastly click the Save button. View NAT Rule(s): When you have configured one or more NAT rules, you can view them in the NAT Rule List. Modify a NAT Rule: To modify a configured NAT rule, click its Name hyperlink or icon, the related information will be displayed in the setup page.
UTT Technologies Chapter 7 Advanced 7.1.3.2.1 NAT Rule Settings - EasyIP Figure 7-5 NAT Rule Settings - EasyIP Name: It specifies a unique name of the NAT rule. NAT Type: It specifies the type of the NAT rule. The available options are EasyIP and One2One. Here please select EasyIP. External IP: It specifies the external IP address to which the local computers’ IP addresses are mapped. Start Internal IP and End Internal IP: They specify a range of internal IP addresses.
UTT Technologies Chapter 7 Advanced 7.1.3.2.2 NAT Rule Settings - One2One Figure 7-6 NAT Rule Settings - One2One Name: It specifies a unique name of the NAT rule. NAT Type: It specifies the type of the NAT rule. The available options are EasyIP and One2One. Here please select One2One. Start External IP: It specifies the start external IP address to which the start internal IP address is mapped. Start Internal IP and End Internal IP: They specify the internal IP address range of the NAT rule.
UTT Technologies Chapter 7 Advanced 7.1.3.3 How to Add NAT Rules To add one or more NAT rules, follow these steps: Step 1 Please identify the type of the NAT rule that you want to add. Step 2 Go to the Advanced > NAT > NAT Rule page, and click the Add button to go to the NAT Rule Settings page. Step 3 Specify the Name for the NAT rule, and select a type from the NAT Type drop-down list as required.
UTT Technologies Chapter 7 Advanced achieve this purpose, he should create an EasyIP NAT rule for them. The rule’s External IP is 218.1.21.3, Start Internal IP is 192.168.1.10, End Internal IP is 192.168.1.100, and Bind to be WAN1. 2. Configuration Steps The configuration steps are the following: Step 1 Go to the Advanced > NAT > NAT Rule page, and click the Add button to go to the NAT Rule Settings page, see the following figure.
UTT Technologies Chapter 7 Advanced 7.1.3.4.2 An Example for Configuring a One2One NAT Rule 1. Requirements In this example, a business has a single static IP Internet connection, and obtains eight public IP addresses (202.1.1.128/29 - 202.1.1.1.135/29) from the ISP. Therein, 202.1.1.129/29 is used as the Internet connection’s gateway IP address, 202.1.1.130/2 is used as the Router’s WAN1 IP address. Note that 202.1.1.128/29 and 202.1.1.1.
UTT Technologies Chapter 7 Advanced Figure 7-8 One2One NAT Rule Settings - Example Step 3 Select One2One from the NAT Type drop-down list. Step 4 Enter 202.1.1.131 in the Start External IP text box; enter 192.168.1.200 and 192.168.1.203 in the Start Internal IP and End Internal IP text boxes respectively. Step 5 Select WAN1 from the Bind to drop-down list. Step 6 Click the Save button to save the settings.
UTT Technologies Chapter 7 Advanced Note When a local computer is designated as the DMZ host, it loses firewall protection provided by the Router. The DMZ host can be accessed through all the WAN interfaces. 7.2 Static Route This section describes the Advanced > Static Route page, where you can configure and view static routes. 7.2.1 Introduction to Static Route A static route is manually configured by the network administrator, which is stored in a routing table.
UTT Technologies Chapter 7 Advanced Add a Static Route: To add a new static route, first click the Add button to go to the setup page, next configure it, lastly click the Save button. View Static Route(s): When you have configured one or more static routes, you can view them in the Static Route List. Modify a Static Route: To modify a configured static route, click its Name hyperlink or icon, the related information will be displayed in the setup page. Then modify it, and click the Save button.
UTT Technologies Chapter 7 Advanced Gateway IP Address: It specifies the IP address of the next hop gateway or router to which to forward the packets. Priority: It specifies the priority of the static route. If there are multiple routes to the same destination with different priorities, the Router will choose the route with the highest priority to forward the packets. The smaller the number, the higher the priority.
UTT Technologies Chapter 7 Advanced Figure 7-12 Static Route Settings - Example Step 6 Click the Save button to save the settings. You can view the static route in the Static Route List. Step 7 To add another new static route, please repeat the above steps. Note If you want to delete static route(s), please follow the ways described in Section 7.3.2 Static Route List. 7.3 Policy Routing This section describes the Advanced > Policy Routing page.
UTT Technologies 7.3.1 Chapter 7 Advanced Policy Routing Settings Figure 7-13 Policy Routing Settings Interface: It specifies an outbound interface through which the packets matching the Policy Routing entry are forwarded. Source IP: It specifies the source IP addresses of the packets to which the Policy Routing entry applies. There are two options: ● IP Range: Select it to enter the start and end addresses in the associated text boxes.
UTT Technologies Chapter 7 Advanced ● IP Range: Select it to enter the start and end IP addresses in the associated text boxes. ● User Group: Select it to choose an User Group from the associated drop-down list. By default, the User Group radio button is selected, and its value is All Users. Protocol: Select it to enter the start and end port numbers in the associated text boxes, and select a protocol type from Protocol drop-down list.
UTT Technologies 7.3.2 Chapter 7 Advanced Enable Policy Routing Figure 7-14 Enable Policy Routing Enable Policy Routing: It allows you to enable or disable Policy Routing. If you select the check box to enable Policy Routing, the configured Policy Routing entries will take effect. Else the Policy Routing entries will be of no effect. Save: Click it to save your settings. 7.3.
UTT Technologies Chapter 7 Advanced temporarily instead of deleting it, please click it to remove the check mark. View Policy Routing Entry(s): When you have configured some Policy Routing entries, you can view them in the Policy Routing List. Edit a Policy Routing Entry: If you want to modify a configured Policy Routing entry, click its Edit hyperlink, the related information will be displayed in the setup page. Then modify it, and click the Save button.
UTT Technologies Chapter 7 Advanced feature on the Device, the LAN users can access the Internet through the Device without changing any network parameters, no matter what IP address, subnet mask, default gateway and DNS server they might have. Obviously, this feature can greatly facilitate the users. As this feature is suitable for hotel network, we also call it hotel special version. 7.5.
UTT Technologies 7.6 Chapter 7 Advanced Syslog This section describes the Advanced > Syslog page. Syslog is a standard protocol used to capture a lot of running information about network activity. The Device supports this protocol and can send its activity logs to an external syslog server. It helps the network administrator monitor, analyze and troubleshoot the Device and network. Figure 7-18 SYSLOG Settings Enable Syslog: It allows you to enable or disable syslog feature.
UTT Technologies Chapter 7 Advanced SNMP manager automatically. The Device supports SNMP v1/v2c and Management Information Base II (MIBII) groups. The SNMP manager can read and change the information about the Device . Figure 7-19 SNMP Settings Enable SNMP: It allows you to enable or disable the SNMP agent. If you want to enable the SNMP agent on the Device, please select this check box. SNMP Trap Host: The IP address of host that receives SNMP Trap information.
UTT Technologies Chapter 8 User Management Chapter 8 User Management This chapter describes how to configure and use the user management of the Router, which include User status, IP/MAC binding, PPPoE server, Web authentication and user group. 8.
UTT Technologies Chapter 8 User Management statistics for the current day. To reset the current statistics, click Clear Statistics. Disable Recognition: Click this button to disable Application recognition. If disabled, the Applications Control feature (set in Application Control > Application Control page) will not take effect. 8.1.2 User Status List In User Status List, you can view current status of each user, including online time, Rx/Tx rate, Rx/Tx total traffic, Internet Application, etc.
UTT Technologies Chapter 8 User Management For a user, if the percentage of network traffic made up by accessing shopping sites, social networking sites, using stock software, and playing online/web games is equal to or above 70%, his/her online activities seriously affect work. If the percentage is between 50% and 70% (below 70%), his/her online activities slightly affect work. Else, his/her online activities don't affect work. User Name: Shows the user name of the user.
UTT Technologies 8.2.1 Chapter 8 User Management Introduction to IP/MAC Binding 8.2.1.1 IP/MAC Binding Overview To achieve network security management, you should perform user identification before performing user authorization. In this section, we describe how to implement user identification. In Section 9.1 Firewall > Access Control, we will describe how to control the Applications of the LAN users in detail. The Router provides IP/MAC binding feature to implement user identification.
UTT Technologies Chapter 8 User Management 1. If the sender is a legal user, the packet will be allowed to pass, and then be further processed by other function modules. 2. If the sender is an illegal user, the packet will be dropped immediately to prevent IP spoofing. 3. If the sender is an undefined user, there are two cases: 1) If the Allow Undefined LAN PCs check box is checked, the packet will be allowed to pass, and then be further processed by other function modules.
UTT Technologies 8.2.3 Chapter 8 User Management IP/MAC Binding List Figure 8-5 IP/MAC Binding List Add One or More IP/MAC Bindings: To add one or more IP/MAC bindings, first click the Add button to go to the IP/MAC Binding Settings page shown in Figure 8-5 IP/MAC Binding List, next configure them, lastly click the Save button. View IP/MAC Binding(s): When you have configured one or more IP/MAC bindings, you can view them in the IP/MAC Binding List.
UTT Technologies Chapter 8 User Management Note When you add the IP/MAC address pair of the computer that you use to administer the Router into the IP/MAC Binding List, please leave the Allow check box checked. Otherwise you cannot access the Router from that computer. If you attempt to clear the check box, you will be prompted that the operation is not permitted, see the following figure. Figure 8-7 IP/MAC Binding Error Message 8.2.
UTT Technologies Chapter 8 User Management that if a computer’s IP/MAC address pair has been added in the IP/MAC Binding List, this IP/MAC address pair will not be displayed here. Bind: Click to bind all the valid IP and MAC address pairs in the text box. Add IP/MAC Binding(s) Manually: To manually add one or more IP/MAC bindings, follow these steps: Enter one or more IP/MAC address pair entries in the text box, and then click the Bind button.
UTT Technologies Chapter 8 User Management Step 3 After you have added some IP/MAC bindings, you can view them in the IP/MAC Binding List. Step 4 If you want to block the undefined local computers from accessing the Router and Internet, please clear the Allow Undefined LAN PCs check box; else, the undefined local computers are allowed to access the Router and Internet.
UTT Technologies Chapter 8 User Management Step 1 Go to the User Management > IP/MAC Binding page, and click the Add button to go to the IP/MAC Binding Settings page. Step 2 Specify the legal users by creating the IP/MAC bindings: Add these users’ IP and MAC address pairs into the IP/MAC Binding List. By default, an IP/MAC binding’s Allow check box is checked, which means that the user matching the IP/MAC binding can access the Router and Internet, so please leave the default value. Refer to Section 7.
UTT Technologies 2) Step 3 Chapter 8 User Management Method Two: Add these users’ IP and MAC address pairs into the IP/MAC Binding List, and clear each IP/MAC binding’s Allow check box respectively. Thus the matched users cannot access the Router and Internet. Select the Allow Undefined LAN PCs check box to allow all the undefined users to access the Router and Internet. For example, if you want to block a local computer with IP address 192.168.1.
UTT Technologies 8.3.1 Chapter 8 User Management PPPoE Overview The PPPoE stands for Point-to-Point Protocol over Ethernet, which uses client/server model. The PPPoE provides the ability to connect the Ethernet hosts to a Remote Management Concentrator (AC) over a simple bridging access device. And it provides extensive access control management and accounting benefits to ISPs and network administrators.
UTT Technologies Chapter 8 User Management and any number of other service names which indicate other services that the PPPoE server can offer. If a PPPoE server receives a PADI packet beyond its service range, it cannot respond with a PADO packet. 3. PADR (PPPoE Active Discovery Request): The client may receive more than one PADO packet as the PADI was broadcast. The client chooses one server according to the server’s name or the services offered.
UTT Technologies 8.3.2 Chapter 8 User Management PPPoE Server Global Settings Figure 8-13 PPPoE Server Global Settings Enable PPPoE Server: It allows you to enable or disable PPPoE server. If you want to enable PPPoE server on the Router, please select this check box. Mandatory PPPoE Authentication: It allows you to enable or disable Mandatory PPPoE Authentication, that is, only the PPPoE dial-in users can access the Internet through the Device.
UTT Technologies Chapter 8 User Management password. PPP Authentication: It specifies the PPP authentication mode by which the PPPoE server authenticates a PPPoE client. The available options are PAP, CHAP and AUTO. In most cases, please leave the default value of AUTO, which means that the Router will automatically choose PAP or CHAP to authenticate the PPPoE client. Maximum Sessions: It specifies the maximum number of PPPoE sessions that can be created on the Router. Save: Click to save your changes.
UTT Technologies Chapter 8 User Management 1. To delete a PPPoE account, directly click its 2. To delete more than one PPPoE account at a time, select the leftmost check boxes of the PPPoE accounts that you want to delete, and then click the Delete button. 3. To delete all the PPPoE accounts at a time, directly click the Delete All button. 8.3.4 icon.
UTT Technologies Chapter 8 User Management the current PPPoE account to dial up. ● Auto: If you want to create account/MAC binding for the current PPPoE account automatically, select this option. That is, the Device will automatically bind the PPPoE account to the MAC address of the user who uses this account to establish a PPPoE session firstly. After that only this user can use the account.
UTT Technologies 8.3.5 Chapter 8 User Management PPPoE User Status You can go to the User Management > PPPoE Server > PPPoE User Status page view the status information of online PPPoE dial-in users in the PPPoE User Status List, which include the user name, assigned IP address, MAC address, Rx rate and Tx rate, and online time. Figure 8-16 PPPoE User Status List User Name: It displays the user name of the PPPoE account.
UTT Technologies Chapter 8 User Management Refresh: Click to view the latest information in the list. 8.3.6 Export PPPoE Accounts The PPPoE > PPPoE Account > Export PPPoE Accounts page provides PPPoE accounts export function to simplify operation. Figure 8-17 PPPoE Accounts Export Export Accounts: Click Export Accounts to export all PPPoE accounts. 8.3.7 Import PPPoE Accounts The PPPoE > PPPoE Account > Import PPPoE Accounts page provides PPPoE accounts import function to simplify operation.
UTT Technologies Chapter 8 User Management them in the PPPoE Account List. 8.4 Web Authentication HiPER 518W provides Web authentication feature. This new feature will enhance network security. If you enable the Web authentication on the Device, those non-PPPoE dial-in users cannot access the Internet through the Device unless they are authenticated successfully through Web browser. 8.4.
UTT Technologies Chapter 8 User Management Allow Users to Change Password: Select the check box to allow users to change password. Execption IP Group: It specifies an address group that is exempt from the restriction of Web Authentication.
UTT Technologies Chapter 8 User Management Billing Mode: Select the check box to enable the billing mode. Start Date: It specifies the start date when the web authenticaton account takes effect. End Date: It Specified the end date when the web authentication account expires. Description: It specifies the description of the web authentication account. Total Time: It specifies the total time that the web authentication account takes effect. Save: Click it to save the web authentication account settings. 8.
UTT Technologies 8.4.4 Chapter 8 User Management How to Use Web Authentication If you want to use web authentication for a non-PPPoE dial-in user, do the following: Step 1 Go to the User Management > Web Authentication page, and then select the Web User Account Settings tab to go to setup page. Step 2 Configure a new web authentication user account (see figure 11-11), and then click the Save button to save the settings.
UTT Technologies Chapter 8 User Management Figure 8-23 Web Authentication Prompt Page Note Do not close the prompt page; else, the user cannot access the Internet. http://www.uttglobal.
UTT Technologies 8.5 Chapter 8 User Management User Group This section describes the User Management > User Group page. 8.5.1 Introduction to User Group An User Group can contain up to ten address members. A member may be an address range or User Group. And an User Group may contain address ranges only, or User Groups only, or both.
UTT Technologies 8.5.2 Chapter 8 User Management User Group Settings Figure 8-24 User Group Settings Group Name: It specifies a unique name of the User Group. It should be between 1 and 11 characters long. Group Type: It specifies the type of the group. It has Address Group and Account Group. New Address: Select it to add a new address range to the group. Existing Group: Select it to display the configured User Groups. Address Members List: It displays the members of the User Group.
UTT Technologies Chapter 8 User Management group B), then the User Group A cannot be added to any other User Group. 8.5.3 User Group List Figure 8-25 User Group List Add an User Group: If you want to add a new User Group, click the Add button to go to the setup page, and then configure it, lastly click the Save button. View User Group(s): When you have configured some User Groups, you can view them in the User Group List.
UTT Technologies 8.5.4 Chapter 8 User Management How to Add the User Groups If you want to add one or more User Groups, do the following: Step 1 Go to the User Management > User Group page, and then click the Add button to go to the setup page. Step 2 Specify the Group Name of the User Group. Step 3 Select the group type from the Group Type drop-down list. Step 4 Add IP addresses to the group. There are two methods to add them.
UTT Technologies Step 4 Chapter 8 User Management Click the Save button to save the changes to make them take effect. http://www.uttglobal.
UTT Technologies Chapter 9 Application Control Chapter 9 Application Control This section describes the Application Control page.This chapter describes how to configure Schedule, Application Control, QQ Whitelist, MSN Whitelist, Notification, Application Audit, and Policy Database. 9.1 Schedule This section describes Application Control > Schedule page, you can configure and view schedules. A schedule consists of a start date, an end date, and optional time periods. 1.
UTT Technologies Chapter 9 Application Control Figure 9-2 Schedule Settings Schedule Name: Specify a unique name for the schedule. Effective Date Range: Specify the effective date range for the schedule. Time Period 1 ~ Time Period 3: Specify further constraints of active time within the specified date range. 9.2 Application Control This section describes Application Control > Application Control page, which includes Internet Application management list and Internet Application management settings.
UTT Technologies 9.2.1 Chapter 9 Application Control Internet Application Management List In Application Control> Application Control page, you can enable or disable Internet Application management, and you can add, view, modify, and delete Internet Application management policies in Application Management List. Figure 9-3 Internet Application Management List Enable Internet Application Management: Select the check box to enable Internet Application management.
UTT Technologies Chapter 9 Application Control Figure 9-4 Internet Application Management Settings Group Name: Enter a unique name for the group to which the Internet Application management policy applies. Network Object: Select the members of the group. You can select the IP Range button to specify a range of IP addresses, or select the User Group button to select a user group. The members in the group are subject to the Internet Application management policy.
UTT Technologies Chapter 9 Application Control Note If a function option in Internet Application Management Settings page doesn’t have the desired effect, please go to Application Control > Policy Database page to check whether the corresponding policy is the latest. See Section 9.7 Policy Database for more information about how to update policy. 9.2.3 Internet Application Management Configuration Example 1. Requirements In this example, a company has four departments: Technology Department: 192.
UTT Technologies Chapter 9 Application Control to use IM applications, and block all other applications during working hours. Policy 2: It is used to block the Technology and Financial Departments’ employees from accessing all the Internet applications during working hours. 3. Configuration Procedure 1) Adding Policy 1 Step 1 Go to Application Control > Application Control page, and click Add to go to Internet Application Management Settings page. Step 2 Make the following settings.
UTT Technologies Chapter 9 Application Control Lastly, you need to enable Internet Application management to make the policies take effect, as shown in Figure 9-5. The configuration is now complete. You can veiw the two policies in Application Management List, as shown in Figure 9-5. Figure 9-5 Figure 9-6 http://www.uttglobal.
UTT Technologies 9.3 Chapter 9 Application Control QQ Whitelist This section describes Application Control > QQ Whitelist page. This feature allows you to add a list of QQ numbers that are exempt from the Internet Application management policies (set in Application Control > Application Control page). Figure 9-7 QQ Whitelist Allow 400/800 Enterprise QQ: Select the check box to allow 400/800 enterprise QQ.
UTT Technologies Chapter 9 Application Control one space between QQ Number and Description. Figure 9-8 Import QQ Numbers Note The maximum QQ number that can be entered is 4294967295. 9.4 MSN Whitelist This section describes Application Control > MSN Whitelist page. This feature allows you to add a list of MSN accounts that are exempt from the Internet Application management policies (set in Application Control > Application Control page). http://www.uttglobal.
UTT Technologies Chapter 9 Application Control Figure 9-9 MSN Whitelist Enable MSN Whitelist: Select the check box to enbale MSN whitelist. If enabled, the MSN accounts in MSN Whitelist are exempt from the Internet Application management policies. Add: To add a new MSN account, click Add to go to MSN Whitelist Settings page, and then configure it, lastly click Save. 9.
UTT Technologies Chapter 9 Application Control specified user attempts to access a web page, the user will receive a notification message in the Web browser, and if configured, be redirected to the specified web page (set by Redirect to URL) after the specified time interval (set by Redirection Time). Figure 9-10 Daily Routine Notification Enable: Select the check box to enable daily routine notification feature.
UTT Technologies Chapter 9 Application Control Preview: Click to preview the notification. Save: Click to save daily routine notification settings. 9.5.2 Account Expiration Notification With the account expiration notification feature, a PPPoE user or Web authentication user will receive the expiration notification in the Web browser before the account expires. Figure 9-11 Account Expiration Notification Enable: Select the check box to enable account expiration notification feature.
UTT Technologies Chapter 9 Application Control Note After a PPPoE or web authentication user account expires, the user the user can still dial in and connect to the Device, but cannot access the Internet through the Device; and when the user attempts to access a Web site, the expiration notification appears in the Web browser. 9.6 Application Audit This section describes Application Control > Application Audit page. On the Device, auditing is the process of tracking user online activities.
UTT Technologies Chapter 9 Application Control Note The Device can record the last 400 audit log messages. 9.6.2 Log Management You can go to Application Control > Application Audit > Log Management to specify the types of events to audit, as show in Figure 9-13. Figure 9-13 Log Management Enable Web Log: Select the check box to enable web log. If enabled, you can view the records of website visits in Application Audit page. E.g., "2012-07-09 09:36:41 srcip=200.200.202.127;url=www.paipai.
UTT Technologies 9.7 Chapter 9 Application Control Policy Database This section describes Application Control > Policy Database page. In this page, you can not only view the policies in Policy Database List, but also update them online. The Device currently provides eleven types of policies, including: Email, IM, P2P, Stock, Network Video, Online Game, Shopping Site, SNS, Web Game, Forum and Others.
UTT Technologies Chapter 10 QoS Chapter 10 QoS This chapter describes how to configure QoS features, including Fixed Rate Limiting, Flexible Bandwidth Management, P2P Rate Limiting and Session Limiting. 10.1 Fixed Rate Limiting This section describes QoS > Fixed Rate Limiting page. This feature allows you to limit the maximum upload and download speed for the LAN users. You can configure different rate limiting rules for different groups of users. 10.1.
UTT Technologies Chapter 10 QoS 10.1.2 Fixed Rate Limiting Rule Settings To add a new fixed rate limiting rule, go to QoS > Fixed Rate Limiting page (see Figure 10-1), next click Add go to QoS > Fixed Rate Limiting Settings page (see Figure 10-2), and then configure it, lastly click Save. Figure 10-2 Fixed Rate Limiting Rule Settings Group Name: Enter a unique name for the group to which the fixed rate limiting rule applies. Network Object: Select the members of the group.
UTT Technologies Chapter 10 QoS 10.2 Flexible Bandwidth Management This section describes QoS > Flexible Bandwidth page. Note We recommend that you do not use both Fixed Rate Limiting and Flexible Bandwidth Management at the same time. Figure 10-3 Flexible Bandwidth Management Settings Enable Flexible Bandwidth: Select the check box to enable flexible bandwidth management feature.
UTT Technologies Chapter 10 QoS bandwidth. Figure 10-4 P2P Rate Limit Settings Enable P2P Rate Limiting: It allows you to enable or disable P2P rate limit. If you want to enable P2P rate limit, please select this check box. P2P applications include Bit Spirit, Bit Comet, Thunder, Tuotu, and so on. Rate Limiting Policy: It specifies the mode by which the Device will limit the maximum Tx/Rx rate of the LAN hosts.
UTT Technologies Chapter 10 QoS Note 1. The P2P rate limit has higher priority than the rate limit rules configured in the QoS > FixedRate Limiting Rule page. 2. Only after you have enabled rate limit in the QoS > Global Settings page, the P2P rate limit settings can take effect. 10.4 Session Limiting This section describes QoS > Session Limiting page.
UTT Technologies Chapter 10 QoS Note 1. The value 0 means unlimited Sessions. 2. If some applications (such as online games) performance is degraded due to maximum Sessions limit, you can appropriately increase Max. Sessions and Max. TCP Sessions (or Max. UDP Sessions). Note that if they are too large, the Device may be unable to prevent DDoS attacks effectively. 3. In order for users to access the Internet normally, the maximum Sessions cannot be too small. It is suggested that Max. Sessions, Max.
UTT Technologies Chapter 11 Firewall Chapter 11 Firewall This chapter describes how to configure firewall features, including attack prevention, access control, domain filtering, and MAC address filtering. 11.1 Attack Prevention This section describes the Firewall > Attack Prevention page. 11.1.1 Internal Attack Prevention In this page, you can do basic internal Attack Prevention settings to enhance network security.
UTT Technologies Chapter 11 Firewall Figure 11-1 Internal Attack Prevention Settings Figure 11-2 External Attack Prevention Settings 1. Virus Prevention Enable DDoS Prevention: It is used to enable or disable DDoS prevention. If you select the check box to enable this feature, it will effectively protect the Router against popular DoS/DDoS attacks. Enable IP Spoofing Prevention: It allows you to enable or disable IP spoofing defense.
UTT Technologies Chapter 11 Firewall address 192.168.16.36 is performing SYN flood attack, and then randomly discard the further SYN packets from that source to that destination. In most cases, leave Threshold the default value. Enable ARP Spoofing Prevention: It allows you to enable or disable ARP spoofing defense.
UTT Technologies Chapter 11 Firewall Save: Click it to save the internal attack prevention settings. 11.1.2 External Attack Prevention In this page you can enable or disable WAN ping respond. As ping is often used by malicious Internet users to locate active networks or hosts, in most cases, it is recommended that you disable WAN ping respond for added security. Only in some special cases, such as network debugging, you need enable this feature. Block WAN Ping: It is used to block or allow WAN ping.
UTT Technologies Chapter 11 Firewall 11.2 Access Control This section describes the Firewall > Access Control page, which includes the Access Rule List and Access Rule Settings. 11.2.1 Introduction to Access Control 11.2.1.1 The Purpose of Access Control Feature By flexibly utilizing access control, you can not only assign different Internet access privileges to different LAN users, but also assign different Internet access privileges to the same users based on schedules.
UTT Technologies Chapter 11 Firewall 11.2.1.3 Filtering Type of Access Rule The Router supports three filtering types of access rule, which include IP filtering, URL filtering and keyword filtering. All of them support access control based on schedule. 1. IP Filtering The IP filtering rules are used to filter IP packets based on the packet header information, such as source IP address, destination IP address, protocol type (TCP, UDP, ICMP, etc.), TCP/UDP source port and destination port.
UTT Technologies Chapter 11 Firewall 11.2.2 Access Rule List Figure 11-3 Access Rule List Figure 11-4 Access Rule List (Continue) Figure 11-5 Access Rule List (Continue) Add an Access Rule: To add a new access rule, first click the Add button to go to the Access Rule Settings page, next configure it, lastly click the Save button. View Access Rule(s): When you have configured one or more access rules, you can view them in the Access Rule List. http://www.uttglobal.
UTT Technologies Chapter 11 Firewall Modify an Access Rule: To modify a configured access rule, click its Name hyperlink or icon, the related information will be displayed in the setup page. Then modify it, and click the Save button. Delete Access Rule(s): There are three ways to delete access rule(s). 1. To delete a access rule, directly click its icon. 2.
UTT Technologies Chapter 11 Firewall 11.2.3.1 Access Rule Settings - IP Filtering Figure 11-6 Access Rule Settings - IP Filtering Name: It specifies a unique name of the access rule. Enable: It allows you to enable or disable the access rule. The default value is checked, which means the access rule is in effect. If you want to disable the rule temporarily instead of deleting it, please clear the check box. Source IP Range: It specifies a range of source IP addresses (i.e.
UTT Technologies Chapter 11 Firewall be repeated. Action: It specifies the action to be taken if a packet matches the access rule. The available options are Allow and Deny. ● Allow: It indicates that the Router will allow the packets matching the rule, that is, the Router will forward these packets. ● Deny: It indicates that the Router will deny the packets matching the rule, that is, the Router will drop these packets. Filtering Type: It specifies the filtering type of the access rule.
UTT Technologies Chapter 11 Firewall 11.2.3.2 Access Rule Settings - URL Filtering Figure 11-7 Access Rule Settings - URL Filtering The parameters Name, Source IP Range, Priority and Action, and Schedule related parameters are the same as those of the IP Filtering access rule, please refer to Section 9.1.3.1 Access Rule Settings - IP Filtering for detailed information. Filtering Type: It specifies the filtering type of the access rule. The options are IP Filtering, URL Filtering, and Keyword Filtering.
UTT Technologies Chapter 11 Firewall Save: Click to save your changes. Cancel: Click to revert to the last saved settings. Back: Click to go back to the Access Rule List. Note 1. The URL keyword that you enter in the Filtering Content text box is case insensitive, and it needn’t include http://. 2. The URL filtering rules cannot be used to control users’ access to other services through a web browser. For example, to control users’ access to ftp://ftp.utt.com.
UTT Technologies Chapter 11 Firewall 9.1.3.1 Access Rule Settings - IP Filtering for detailed information. Filtering Type: It specifies the filtering type of the access rule. The options are IP Filtering, URL Filtering, and Keyword Filtering. Here please select Keyword Filtering. Filtering Content: It specifies the keyword that you want to block. The access rule is used to block users from submitting any information that contains the specified keyword to any web page.
UTT Technologies Chapter 11 Firewall Figure 11-9 Access Rule List - Example 1 Figure 11-10 Access Rule List - Example 1 (Continue) Figure 11-11 Access Rule List - Example 1 (Continue) 11.2.4.2 Example 2 - Only Block a Group of Users from Accessing Certain Services In this example, we want to block a group of users (IP address range: 192.168.1.80 -192.168.1.100) from accessing www.bbc.com and www.cnn.com, and allow them to http://www.uttglobal.
UTT Technologies Chapter 11 Firewall access any other services. We need to create three access rules to meet the requirements: ● Access rule 1: It blocks those users from accessing www.bbc.com. ● Access rule 2: It blocks those users from accessing www.cnn.com. ● Access rule 3: It allows those users to access all Internet services. Therein, both rule 1 and rule 2 must have a higher priority than rule 3. Otherwise, rule 3 will be matched first. This will make those users unable to access www.bbc.
UTT Technologies Chapter 11 Firewall Figure 11-14 Access Rule List - Example 2 (Continue) 11.2.4.3 Example 3 - Control Internet Applications of a Group of Users based on Schedule In this example, we want to only allow a group of users (IP address range: 192.168.1.150 -192.168.1.200) to access web service during business hours (Monday to Friday, 9:00 to 17:00), and block them from accessing any Internet services during rest periods.
UTT Technologies Chapter 11 Firewall Figure 11-16 Access Rule List - Example 3 (Continue) Figure 11-17 Access Rule List - Example 3 (Continue) 11.2.4.4 Example 4 - Control Internet Applications of a Single User You can assign a range of contiguous IP addresses to the users that have the same Internet access privileges, and then create access rules for the user group.
UTT Technologies Chapter 11 Firewall Figure 11-18 Access Rule List - Example 4 Figure 11-19 Access Rule List - Example 4 (Continue) Figure 11-20 Access Rule List - Example 4 (Continue) http://www.uttglobal.
UTT Technologies Chapter 11 Firewall 11.3 Domain Filtering This section describes the Firewall > Domain Filtering page. The domain filtering feature allows you to block access to unwanted websites in your organization. 11.3.1 Domain Filtering Global Settings Figure 11-21 Domain Filtering Global Settings Enable Domain Filtering: It allows you to enable or disable domain filtering. If you select the check box to enable domain filtering, the domain names in the Domain Name List will take effect.
UTT Technologies Chapter 11 Firewall will block the LAN users from accessing these domain names. Add a Domain Name: To add a domain name to the Domain Name List, enter the domain name of the website that you want to block in the Domain Name text box, and then click the Add button. You can add up to 100 domain names in the list. Delete: To delete one or more domain names, select them in the Domain Name List, and then click the Delete button.
UTT Technologies Chapter 11 Firewall 11.4.1 MAC Address Filtering List Enable MAC Address Filtering: Enable MAC Address Filtering by checking this box. Filtering Mode: Users can select “Only allow MAC address in the list to access the internal “ or “ Only block MAC address in the list to access the internal “. User Name: It displays the user name of the MAC address filtering. MAC Address: It displays MAC addresses in MAC Address Filtering List. 11.4.
UTT Technologies Chapter 11 Firewall Text Box: Text Box is where MAC address needs to be input. When you add the MAC addresses, the format is" MAC [space] user name". For example: 0022aaafcdb3 David. After finishing all MAC addresses and user name, click on Add. Note 1. The text box can be edited by paste, copy, delete and so on. 2. Please notice that there are one or more spaces between MAC and user name. http://www.uttglobal.
UTT Technologies Chapter 12 VPN Chapter 12 VPN 12.1 PPTP VPN The Router supports PPTP feature. PPTP is a VPN tunneling protocol which encapsulates PPP frames in IP packets for transmission over a public IP network such as the Internet. PPTP is based on client/server model. The PPTP initiates a PPTP connection to the server, while the PPTP server accepts the incoming PPTP connection from the client.
UTT Technologies Chapter 12 VPN 12.1.1.1Protocol Overview There are two parallel components of PPTP: 1. A PPTP Control Connection It is a logical connection representing the PPTP tunnel that must be created, maintained, and terminated through a series of PPTP messages. The PPTP control connection traffic uses a dynamically allocated TCP port on the PPTP and the registered TCP port 1723 on the PPTP server. 2.
UTT Technologies Chapter 12 VPN 12.1.1.2Packet Flow - PPTP Figure 12-2 PPTP Packet Flow As shown in Figure 12-2, during the PPTP tunnel establishment and data transmission processes, the packet flow through the PPTP can be summarized as follows: 1. After the PPTP tunnel parameters are configured properly, the PPTP automatically creates a virtual interface for the new tunnel to listen for user data ((1) in Figure 12-2). 2.
UTT Technologies Chapter 12 VPN 8. The PPTP receives the PPTP packets from the PPTP server, and performs decapsulation ((15) in Figure 12-2). 9. The PPTP forwards the user data (i.e., original packets) to their intend destinations ((16) in Figure 12-2). 10. The PPTP tunnel is terminated manually by the user or automatically due to no activity for some time ((17) in Figure 12-2). 11. After the PPTP tunnel is terminated, the PPTP’s virtual interface returns to the listening state ((18) in Figure 12-2).
UTT Technologies Chapter 12 VPN PPTP tunnel establishment. In addition, on the Router, you can adjust the global PPTP tunnel MTU (i.e., tunnelmtu) to minimize the fragmentation: if an IP packet exceeds the specified MTU, it will be fragmented by the original computer before transmission. The following two examples describe how to calculate PPTP tunnel MTU.
UTT Technologies Chapter 12 VPN 12.1.2 PPTP Client Settings Figure 12-5 PPTP Settings Enable: It allows you to enable or disable the PPTP entry. The default value is checked, which means the PPTP entry is in effect. If you want to disable the entry temporarily instead of deleting it, please clear the check box. Enable NAT : Check this box to enable NAT Traversal. You need to check this box if there is NAT device above the PPTP Client. Tunnel Name: It specifies a unique name of the PPTP tunnel.
UTT Technologies Chapter 12 VPN remote VPN appliance. Encryption: It has two options. They are None and MPPE. None: It doesn’t encrypt the PPTP tunnels. MPPE: Microsoft Point-to-Point Encryption. It adopts MPPE to encrypt the PPTP tunnels. Remote Subnet IP: It specifies the subnet IP address of the remote network. In most cases, you may enter the IP address of the remote VPN appliance’s LAN interface. Remote Subnet Mask: It specifies the subnet mask of the remote network.
UTT Technologies Chapter 12 VPN Figure 12-6 PPTP Server Global Settings Enable PPTP Server: Check this box to enable PPTP Server. PPP Authentication: It specifies the PPP authentication mode of the PPTP tunnel. The available options are PAP, CHAP,MS-CHAPV2 and ANY. PAP: Password Authentication Protocol. CHAP: Challenge Handshake Authentication Protocol.
UTT Technologies Chapter 12 VPN Save: Click it to save the VPN address pool settings. Note The VPN address pool range that you reserve should not overlap with any existing IP address range in your whole VPN solution. Figure 12-7 PPTP Server Settings Tunnel Name: It specifies a unique name of the PPTP tunnel. It is used to identify multiple tunnels. Tunnel Type: It specifies the type of the PPTP tunnel. LAN-to-LAN: It allows two LAN sites to securely connect over public networks like the Internet.
UTT Technologies Chapter 12 VPN Remote Subnet Mask: It specifies the subnet mask of the remote network. Save: Click it to save the PPTP server settings. 12.1.4 Notes on Configuring PPTP Client and Server 1. During PPTP tunnel establishment, both endpoints of the tunnel will use a virtual interface to communicate with each other. In most cases, the PPTP server will automatically assign an IP address from the VPN address pool to the virtual interfaces.
UTT Technologies Chapter 12 VPN Figure 12-8 PPTP List Figure 12-9 PPTP List (Continue) After the Router has successfully established a PPTP tunnel with the remote PPTP server, you will see that the tunnel’s Status changes from Disconnected to Connected, the Up Time timer starts, and the Out Bytes and In Bytes will go on increasing as long as there is some network traffic being passed through the PPTP tunnel. http://www.uttglobal.
UTT Technologies Chapter 12 VPN 12.1.6 How to Add, View, Edit and Delete PPTP Clients or Server Entries Add a PPTP Client or Server Entry: If you want to add a PPTP client or server entry, click on Add Client or Add Server button to go to setup page, and then configure it, lastly click the Save button. View PPTP Client and/or Server Entry(s): When you have configured some PPTP clients and/or server entries, you can view them in the PPTP List.
UTT Technologies Chapter 12 VPN 12.1.7 Configuration Example for PPTP Figure 12-10 Network Topology - The Router Acts as a PPTP In this example, a company’s head office is located in Washington, and its branch office is located in New York. Now the company wants the head office and branch office to securely communicate with each other over the Internet.
UTT Technologies Chapter 12 VPN Settings page. Step 2 Make the following settings. Enable Select Tunnel Name To_HQ User Name VPN_test Password vpntest PPP Authentication ANY Remote Subnet IP 192.168.123.1 Remote Subnet Mask 255.255.255.0 Server IP/Domain Name 200.200.202.123 Step 3 Click the Save button. 12.2 IPSec VPN With the development of network safety standards and protocols, various VPN technologies have emerged.
UTT Technologies Chapter 12 VPN 2 AutoKey (IKE) Bidirectional (Gateway-to-Gateway IPSec VPN) Main Mode 3 AutoKey (IKE) Originate-Only (Dynamic-to-Static IPSec VPN) Aggressive Mode 4 AutoKey (IKE) Answer-Only (Static-to-Dynamic IPSec VPN) Aggressive Mode Table 12-1 Four Types of IPSec VPN Configuration In the first and second types of IPSec VPN configuration, both IPSec endpoints have static IP addresses; in the third type, the local UTT VPN gateway has a dynamic IP address, while the remote e
UTT Technologies Chapter 12 VPN ESP is used to provide data encryption and/or data authentication service. To use an IPSec tunnel to protect your data, you can choose different security policies as required. You can choose AH or ESP to provide authentication service only, or choose ESP to provide encryption service only. Of course, you can choose ESP together with AH or only ESP to provide both authentication and encryption services for your data.
UTT Technologies Chapter 12 VPN mode, only the original IP packet’s payload is protected. In tunnel mode, the entire original IP packet is protected and then encapsulated into a new IP packet. When both endpoints of an IPSec tunnel are hosts, you can use transport mode or tunnel mode. When either end of the tunnel is a security gateway (such as a router or firewall), or both ends are security gateways, you must use tunnel mode. On the UTT VPN gateway, IPSec always operates in tunnel mode. 1.
UTT Technologies Chapter 12 VPN original IP header cannot be authenticated. Figure 12-13 Transport Mode 12.2.1.3 Key Management The term key management refers to the creation, distribution, storage and deletion of keys. Key management is a critical part of IPSec. IPSec uses cryptographic keys for authentication and encryption. On the UTT VPN gateway, IPSec supports both manual and automatic key management. 1.
UTT Technologies Chapter 12 VPN 2. AutoKey (IKE) To improve security and lessen the burden on administrators, IPSec supports Internet Key Exchange (IKE) protocol. Using IKE protocol, the two IPSec endpoints can automatically generate and negotiate keys and security associations. This automatic key management method is called AutoKey (IKE) on the UTT VPN gateway. At present the UTT VPN gateway supports AutoKey (IKE) based on preshared keys.
UTT Technologies Chapter 12 VPN between the two endpoints. The two endpoints exchange proposals for acceptable security services such as: ● Encryption algorithm (DES, 3DES, or AES 128/192/256) ● Authentication algorithm (MD5 or SHA-1) ● Diffie-Hellman group (Refer to Diffie-Hellman Exchange described later in this section for more information.
UTT Technologies Chapter 12 VPN ● Second exchange (message 3 and 4): A Diffie-Hellman exchange is performed. Each endpoint exchanges a nonce (i.e., random number). ● Third exchange (message 5 and 6): Identities of both endpoints are exchanged and verified. In the third exchange, identities are not transmitted in clear text. The identities are protected by the encryption algorithm agreed upon in the first two exchanges.
UTT Technologies Chapter 12 VPN There are five basic DH groups (UTT VPN gateway supports DH groups 1, 2, and 5). Each DH group has a different size modulus. A larger modulus provides higher security, but requires more processing time to generate the key.
UTT Technologies Chapter 12 VPN negotiate a lifetime for each SA. If an SA is nearing the end of the lifetime, the endpoints must negotiate and create a new SA and use it instead. The SA lifetime specifies how often each SA should be renegotiated, either based on elapsed time or the amount of network traffic.
UTT Technologies Chapter 12 VPN an initiator or a responder. However, for a dynamic-to-static or static-to-dynamic IPSec tunnel with IKE aggressive mode, the IPSec endpoint with a static IP address cannot initiate IKE negotiation because it doesn’t know where to send request; therefore, it will only act as a responder, and the IPSec endpoint with a dynamic IP address will only act as an initiator.
UTT Technologies Chapter 12 VPN Figure 12-14 Viewing IPSec Security Policy 3. Trigger Way The PPTP virtual interface is triggered by the IP route. However, the IPSec virtual interface is triggered by the security policy in the Security Policy Database (SPD). The IPSec module starts outbound packet processing after the IP module has processed the packet, and completes inbound packet processing before the IP module receives the packet.
UTT Technologies Chapter 12 VPN 12.2.1.7 Packet Flow – IPSec Initiator Figure 12-16 IPSec Packet Flow As shown in Figure 12-16 IPSec Packet Flow, during the IPSec tunnel establishment and data transmission processes, the packet flow through the IPSec initiator can be summarized as follows: 1. After the IPSec tunnel parameters are configured properly, the new policy is added into the SPD (1) in. 2. The initiator receives a packet that matches an IPSec policy in the SPD (3) . 3.
UTT Technologies Chapter 12 VPN for more information. 12.2.1.8 Packet Flow – IPSec Responder As shown in Figure 12-16 IPSec Packet Flow, during the IPSec tunnel establishment and data transmission processes, the packet flow through the IPSec responder can be summarized as follows: 1. After the IPSec tunnel parameters are configured properly, the new policy is added into the SPD (2). 2. IKE phase 1 negotiation takes place (started by the initiator), and the IKE SA is established (4).
UTT Technologies Chapter 12 VPN and if one fragment is lost, the entire original encapsulated packet must be resent, and it will also be fragmented. Data fragmentation and reassembly can seriously degrade the system performance, so it is highly necessary to avoid fragmentation and reassembly in the IPSec switching path. To solve this problem, the UTT VPN gateway allows you to set the IPSec tunnel MTU to minimize the fragmentation.
UTT Technologies Chapter 12 VPN On the UTT VPN gateway, the IPSec tunnel MTU is 1400 bytes by default. In most cases, please leave the default value because it can meet most application needs. 12.2.1.10 IPSec NAT Traversal Network Address Translation (NAT) is a technology that allows multiple hosts on a private network to share a single or a small group of public IP addresses.
UTT Technologies Chapter 12 VPN 12.2.1.11 IPSec Sessions Limit The maximum number of concurrent IPSec sessions (i.e., tunnels) is depends on the specific product model. If the number of active VPN sessions has reached the maximum value, the system will reject any request for creating a new IPSec session and pop up a prompt dialog box shown in Figure 12-19 Prompt Dialog Box – VPN Sessions Limit.
UTT Technologies Chapter 12 VPN and then describe the advanced parameters for them. 1. Basic Parameters Settings 1) Bidirectional (Gateway-to-Gateway IPSec VPN) If both IPSec endpoints have static IP addresses, you can choose Bidirectional as the connection type (see Figure 12-22 IPSec Settings (AutoKey (IKE) – Bidirectional)). In this case, the local UTT VPN gateway can act as an initiator or responder; and neither local ID nor remote ID is required.
UTT Technologies Chapter 12 VPN subnet, please enter any IP address belonging to that subnet in the Subnet IP text box and its mask in the Subnet Mask text box; if you want to define a host, please enter the IP address of that host in the Subnet IP text box and 255.255.255.255 in the Subnet Mask text box. Bind to (Local): It specifies an interface to which the IPSec tunnel is bound. The interface may be a physical interface, or PPPoE, PPTP or L2TP virtual interface.
UTT Technologies Chapter 12 VPN Figure 12-23 IPSec Settings (AutoKey (IKE) – Originate-Only) The parameters Gateway IP/Domain Name (Remote), Subnet IP (Remote), Subnet Mask (Remote), Bind to (Local), Subnet IP (Local), Subnet Mask (Local), Preshared Key, and P2 Encrypt/Auth Algorithms 1 are the same as those in the Bidirectional connection type, please refer to the detailed descriptions of them. The difference is that this connection type requires identity authentication.
UTT Technologies Chapter 12 VPN ID Type (Local): It specifies the type of local ID. The available options are Domain Name, Email Address, IP Address and Other. In this connection type, it is a required parameter. You must select one type and then specify ID Value (Local) to allow the remote IPSec device to authenticate the local UTT VPN gateway. ID Value (Local): It specifies the identity of the local UTT VPN gateway. In this connection type, it is a required parameter.
UTT Technologies Chapter 12 VPN Mask (Remote), Bind to (Local), Subnet IP (Local), Subnet Mask (Local), Preshared Key, and P2 Encrypt/Auth Algorithms 1 are the same as those in the Bidirectional connection type, please refer to the detailed descriptions of them. The difference is that this connection type requires identity authentication.
UTT Technologies Chapter 12 VPN Figure 12-25 IPSec Settings (AutoKey (IKE) – Advanced Options (Main Mode) http://www.uttglobal.
UTT Technologies Chapter 12 VPN Figure 12-26 IPSec Settings (AutoKey (IKE) – Advanced Options (Aggressive Mode) Advanced Options: Click this hyperlink to view and configure advanced parameters. In most cases, you need not configure them. Exchange Mode: It specifies the exchange mode used for IKE phase 1 negotiation. The available options are Main and Aggressive. If the Connection Type is Bidirectional, you should choose Main mode; else, you should choose Aggressive mode.
UTT Technologies Chapter 12 VPN Encrypt/Auth Algorithms 1 ~ Encrypt/Auth Algorithms 4 (Phase 1): They refer to phase 1 proposal that specifies a set of security algorithms for phase 1 negotiation. A phase 1 proposal includes an encryption algorithm, an authentication algorithm, and a DH group. You can choose up to four phase 1 proposals.
UTT Technologies Chapter 12 VPN IKE phase 1 negotiation. A phase 1 proposal consists of an encryption algorithm, an authentication algorithm, and a DH group; and there are five encryption algorithms, two authentication algorithms and three DH groups to choose. Therefore, there are thirty (5 × 3 × 2 = 30) phase 1 proposals supported. For example, the phase 1 proposal “3des-md5-group2” means that the encryption algorithm is 3DES, the authentication algorithm is md5, and the DH group is DH group 2.
UTT Technologies Chapter 12 VPN AES256 algorithm, ESP authentication with SHA algorithm and AH authentication with MD5 algorithm. By default, the UTT VPN gateway provides one phase 2 proposal by the parameter P2 Encrypt/Auth Algorithms 1 (default value is esp-3des) in the Web UI. In addition, it allows you to choose up to four phase 2 proposals in the Web UI, and twelve phase 2 proposals in the CLI. 12.2.
UTT Technologies Chapter 12 VPN Unestablished The IKE SA and IPSec SAs are not established. IKE Negotiating IKE Phase 1 negotiation is in progress; the IKE SA is not established yet. IPSec Negotiating The IKE SA is established; IKE Phase 2 negotiation is in progress. Established The IPSec SAs are established. Table 12-2 Description of IPSec SA Status Remote Gateway: It displays the IP address of the remote IPSec device.
UTT Technologies Chapter 12 VPN click it to remove the check mark. Edit an IPSec Entry: If you want to modify a configured IPSec entry, click its Edit hyperlink, the related information will be displayed in the setup page. Then modify it, and click the Save button. Delete IPSec Entry(s): If you want to delete one or more IPSec entries, select the leftmost check boxes of them, and then click the Delete button. 12.2.
UTT Technologies Chapter 12 VPN Figure 12-28 Network Topology – UTT VPN Gateway and UTT VPN Gateway (Bidirectional) In this scenario (seeFigure 12-28 Network Topology – UTT VPN Gateway and UTT VPN Gateway (Bidirectional)), we deploy two UTT VPN gateways at a company: one is located at the head office, and the other is located at the branch office. Now we want to use AutoKey (IKE) mode to establish an IPSec tunnel between them, and use the following proposals (i.e.
UTT Technologies Chapter 12 VPN Bind to (Local) WAN1 Subnet IP (Local) 192.168.123.1 Subnet Mask (Local) 255.255.255.0 Preshared Key testing P2 Encrypt/Auth Algorithms 1 esp-aes256-md5-ah-sha 2. Configuring the UTT VPN gateway at the branch office Go to the VPN > IPSec > IPSec Settings page, make the following settings (leave the default values for the other parameters), and then click the Save button. Connection Type Bidirectional Gateway IP/Domain Name (Remote) 200.200.202.
UTT Technologies Chapter 12 VPN Figure 12-29 IPSec List – UTT VPN Gateway and UTT VPN Gateway (Bidirectional) 12.2.5.2Answer-Only (Static-to-Dynamic IPSec VPN) If the local UTT VPN gateway has a static IP address, and the remote endpoint (another UTT VPN gateway or compatible VPN appliance) has a dynamically assigned IP address (PPPoE or DHCP), you can choose Answer-Only as the connection type.
UTT Technologies Chapter 12 VPN Now we want to use AutoKey (IKE) mode to establish an IPSec tunnel between them, and use the following proposals (i.e., encryption and authentication algorithms): the phase 1 proposals are left at their default values, and the preferred phase 2 proposal is esp-aes192-sha; in addition, the preshared key is testing, the originator’s ID type is Email address and value is hiper@utt.com.
UTT Technologies Chapter 12 VPN Go to the VPN > IPSec > IPSec Settings page, make the following settings (leave the default values for the other parameters), and then click the Save button. Key Mode AutoKey (IKE) Connection Type Originate-Only Gateway IP/Domain Name (Remote) 200.200.202.123 Subnet IP (Remote) 192.168.123.1 Subnet Mask (Remote) 255.255.255.0 Bind to (Local) WAN1 Subnet IP (Local) 192.168.16.1 Subnet Mask (Local) 255.255.255.
UTT Technologies Chapter 12 VPN Figure 12-31 Responder’s IPSec List – UTT VPN Gateway to UTT VPN Gateway (Answer-Only) 2) Viewing the UTT VPN gateway at the branch office The following figure shows the configuration and status of the IPSec tunnel on the UTT VPN gateway with a dynamic IP address at the branch office. Figure 12-32 Initiator’s IPSec List – UTT VPN Gateway to UTT VPN Gateway (Answer-Only) http://www.uttglobal.
UTT Technologies Chapter 12 VPN 12.2.5.3Originate-Only (Dynamic-to-Static IPSec VPN) If the local UTT VPN gateway has a dynamically assigned IP address (PPPoE or DHCP), and the remote endpoint (another UTT VPN gateway or compatible VPN appliance) has a static IP address, you can choose Originate-Only as the connection type. In this case, the local UTT VPN gateway can only act as an initiator, and both IPSec endpoints should use aggressive mode for phase 1 IKE negotiation. Please refer to section 12.2.5.
UTT Technologies Chapter 13 System Chapter 13 System This chapter describes how to perform maintenance activities on the Router, including administrator settings, system time settings, configuration backup and restore, firmware upgrade, remote management, and scheduled task settings. 13.1 Administrator This section describes the Administration > Administrator page, where you can add, view, modify and delete the administrator accounts. 13.1.
UTT Technologies Chapter 13 System 1. To delete an administrator account, directly click its icon. 2. To delete more than one administrator account at a time, select the leftmost check boxes of the administrator accounts that you want to delete, and then click the Delete button. 3. To delete all the administrator accounts at a time, directly click the Delete All button. Note You can change the default administrator password, but you cannot change its user name or delete it. 13.1.
UTT Technologies Chapter 13 System 13.2 System Time This section describes the Administration > Time page, see Figure 13-3. To ensure that the time-related features (e.g., DDNS, Schedule, Access Control, etc.) work well, you should synchronize the system clock. You can manually configure the system time or enable SNTP (Synchronize with SNTP Server) to automatically synchronize the system time from a designated SNTP server on the Internet.
UTT Technologies Chapter 13 System SNTP Server 1 IP Address ~ SNTP Server 3 IP Address: It allows you to configure up to three SNTP servers on the Router. The Server 1 is the primary server (the default is 192.43.244.18), and the Server 2 is the first backup server (the default is 129.6.15.28), and the Server 3 is the second backup server (the default is 0.0.0.0). Save: Click to save your changes. Cancel: Click to revert to the last saved settings.
UTT Technologies Chapter 13 System 13.3 Configuration This section describes the Administration > Configuration page, where you can backup the current configuration file to the local PC, restore your previous configuration using the backup configuration file, and reset the Router to factory default settings. 13.3.1 Backup Configuration Figure 13-4 Backup Configuration Backup: Click to export and save the Router’s current configuration to a text file on your local computer. 13.3.
UTT Technologies Chapter 13 System 13.3.3 Reset to Factory Defaults Figure 13-6 Reset to Factory Defaults Reset: To reset the Router to factory default settings, click the Reset button, and then restart the Router. Note 1. After performing the reset operation, you must manually restart the Router in order for the default settings to take effect. 2. The reset operation will clear all of the Router’s custom settings. It is strongly recommended that you backup the current configuration before resetting.
UTT Technologies Chapter 13 System 13.4 Firmware Upgrade This section describes the Administration > Firmware Upgrade page, where you can view the current firmware version information, download the latest firmware from the website of UTT Technologies Co., Ltd., and upgrade the firmware. Figure 13-7 Firmware Upgrade Current Firmware Version: It displays the version of the current firmware installed on the Router.
UTT Technologies Step 3 Chapter 13 System Renewing the firmware Click the Upgrade button to renew the Router’s firmware. If you click the Upgrade button, you will be prompted to confirm the upgrade (see Figure 13-8). Then you can click OK to upgrade the firmware and restart the Router, or click Cancel to cancel the operation. Figure 13-8 Prompt Dialog Box - Firmware Upgrade Note 1. It is strongly recommended that you upgrade the firmware when the Router is under light load. 2.
UTT Technologies Chapter 13 System Figure 13-9 Remote Management Settings Enable HTTP: It allows you to enable or disable HTTP remote management. Select this check box to enable HTTP remote management. To access the Router’s Web UI over the Internet, you should enter http:// and the Router's WAN IP address, followed by a colon and the port number. For example, if the WAN IP address is 218.21.31.3 and port number is 8081, please enter http://218.21.31.3:8081 in your browser’s address bar.
UTT Technologies Chapter 13 System 13.6.1 Scheduled Task Settings Figure 13-10 Scheduled Task Settings Task Name: It specifies a unique name of the task. Repeat: It specifies how often the Router will perform the task. The available options are Weekly, Daily, Hourly, Minutely. Start Time: It specifies the time at which the Router will start the task. Its settings depend on the value of Repeat. Task Content: It specifies the content of the task.
UTT Technologies Chapter 13 System Figure 13-11 Scheduled Task List Figure 13-12 Scheduled Task List (Continue) Add a Scheduled Task: To add a new scheduled task, first click the Add button to go to the Scheduled Task Settings page, next configure it, lastly click the Save button. View Scheduled Task(s): When you have configured one or more scheduled tasks, you can view them in the Scheduled Task List.
UTT Technologies Chapter 14 Status Chapter 14 Status This chapter describes how to view the wired status and wireless status, the traffic statistics for each interface, and system information including the current system time, system up time, system resources usage information, firmware version, and system log. 14.1 Interface Status In Status > Interface Status page, you can view the configuration and status information of each interface. 14.
UTT Technologies Chapter 14 Status Current System Time: It displays the Router’s current date (YYYY-MM-DD) and time (HH:MM:SS). System Up Time: It displays the elapsed time (in days, hours, minutes and seconds) since the Router was last started. CPU: It displays the current CPU usage. Memory: It displays the current memory usage. SN: It displays the internal serial number of the Router, which may be different from the SN found on the label at the bottom of the Router.
UTT Technologies Chapter 14 Status 14.3.1 Log Management Settings Figure 14-2 System Log Settings Select All: It selects or unselects all the check boxes below. If you want to enable all the provided system log features at a time, please select this check box. If you want to disable all the provided system log features at a time, please clear the check box. Enable DHCP Log: It allows you to enable or disable DHCP log.
UTT Technologies Chapter 14 Status Figure 14-3 System Logs Clear: Click it to clear all the system logs. Refresh: Click it to view the latest system logs. The following table describes some common types of system logs. System Log Meaning Keyword Sample The specified physical interface is enabled. Ethernet Up ieX MAC New 00:22:aa:00:22:bb The new MAC address of the specified user. MAC Old 00:22:aa:00:22:aa The old MAC address of the specified user. ARP SPOOF 192.168.1.
UTT Technologies Chapter 14 Status Outgoing Call @61:1-1 The Device started dialing out. Session down Manually (PPPOE) Session up test The session whose name is PPPOE was hanged up. Manually means it was hanged up by manual. The Device has successfully established a session whose name is test. The Device has successfully negotiated with the remote Assigned to port @answerIncomingCall:8012 dial-in device, and has assigned a port to the remote device.
UTT Technologies Chapter 15 Support Chapter 15 Support The Support page provides links to the UTTCare, Forum, Knowledge and Reservation page of the UTT website, which can help you quickly learn the UTT Technologies service system and enjoy the most intimate and professional services. Figure 15-1 Support As shown in Figure 15-1, it allows you to click each Learn More hyperlink to directly open the corresponding page of the UTT website.
UTT Technologies Appendix A How to configure your PC Appendix A How to Configure Your PC This appendix describes how to configure TCP/IP settings on a Windows XP-based computer. There are two ways to configure TCP/IP settings: manually configuring TCP/IP settings, and automatically configuring TCP/IP settings with DHCP. The following describes the two ways respectively. ● Method One: Manually Configuring TCP/IP To configure the TCP/IP protocol manually, follow these steps: 1.
UTT Technologies Appendix A How to configure your PC Figure A-0-1 Local Area Connection Properties 3. In the Internet Protocol (TCP/IP) Properties dialog box (see Figure A-0-2), select the Use the following IP address option,enter 192.168.1.x (x is between 2 and 254, including 2 and 253) in the IP address text box, 255.255.255.0 in the Subnet mask text box, and 192.168.1.1 in the Default gateway text box. Figure A-0-2 Internet Protocol (TCP/IP) Properties 4.
UTT Technologies Appendix A How to configure your PC 2. On the Windows taskbar, click Start > Settings > Control Panel. 3. Double-click the Network Connections icon, right-click the Local Area Connection icon and select Properties. On the General tab (see Figure A-0-1), in the This connection uses the following items box, click the Internet Protocol (TCP/IP) item, and then click the Properties button. 4.
UTT Technologies Appendix A How to configure your PC c. Click Install. d. Click Protocol, and then click Add. e. Click Have Disk. f. In the Copy manufacturer's files from box, type System_Drive_Letter:\windows\inf, and then click OK. g. In the list of available protocols, click Internet Protocol (TCP/IP), and then click OK. h. Restart your computer. http://www.uttglobal.
UTT Technologies Appendix B FAQ Appendix B FAQ 1. How to connect the Wireless Router to the Internet using PPPoE? Step 1 Set your ADSL Modem to bridge mode (RFC 1483 bridged mode). Step 2 Please make sure that your PPPoE Internet connection use standard dial-type. You may use Windows XP built-in PPPoE dial-in client to test. Step 3 Connect a network cable from the ADSL modem to a WAN port of the Wireless Router, and connect your telephone line to the ADSL modem’s line port.
UTT Technologies Appendix B FAQ Figure B-0-2 Viewing PPPoE Connection Status in the Internet Connection List (Continue) Step 8 2. Configure the local computers according to the steps described in Appendix A How to Configure Your PC. How to connect the Wireless Router to the Internet using Static IP? Step 1 Please make sure the Internet connection is normal. You may use your PC to test. Step 2 Connect a network cable from the network device provided by your ISP to a WAN port of the Wireless Router.
UTT Technologies Step 3 Appendix B FAQ Configure the DHCP Internet connection related parameters in the Start > Setup Wizard or the Network > WAN page. Note Some ISPs register the MAC address of your network device (usually a computer) when your account is first opened, and they will only accept traffic from that MAC address. In this case, you need to change the new Router’s MAC address to the registered MAC address.
UTT Technologies 4. Appendix B FAQ How to connect a Windows XP PC to the Device wirelessly? Step 1: Configuring TCP/IP Settings 1. Right-click Network Neighborhood and select Properties. 2. Right-click Wireless Network Connection and select Properties. 3. Double-click Internet Protocol (TCP/IP) to open the Internet Protocol (TCP/IP) Properties window. 4.
UTT Technologies 5. Appendix B FAQ How to connect a Windows 7 PC to the Device wirelessly? Step 1: Configuring TCP/IP Settings 1. Click Start > Control Panel > Network and Internet > Network and Sharing Center > Change Adapter Settings. 2. Right-click Wireless Network Connection and select Properties. 3. Double-click Internet Protocol Version 4 (TCP/IPv4) to open the Internet Protocol Version 4(TCP/IPv4) Properties window. 4.
UTT Technologies Appendix B FAQ network name. 6. How to reset the Wireless Router to factory default settings? Note The reset operation will clear all the custom settings on the Wireless Router, so do it with caution. The following describes how to reset the Wireless Router to factory default settings. There are two cases depending on whether you remember the administrator password or not.
UTT Technologies Appendix C Common IP Protocols Appendix C Common IP Protocols Protocol Name Protocol Number Full Name IP 0 Internet Protocol ICMP 1 Internet Protocol Message Protocol IGMP 2 Internet Group Management GGP 3 Gateway-Gateway Protocol IPINIP 4 IP in IP Tunnel Driver TCP 6 Transmission Control Protocol EGP 8 Exterior Gateway Protocol IGP 9 Interior Gateway Protocol PUP 12 PARC Universal Packet Protocol UDP 17 User Datagram Protocol HMP 20 Host Monitoring Prot
UTT Technologies Appendix D Common Service Ports Appendix D Common Service Ports Service Name Port Protocol echo 7 tcp echo 7 udp discard 9 tcp discard 9 udp systat 11 tcp Active users systat 11 udp Active users daytime 13 tcp daytime 13 udp qotd 17 tcp Quote of the day qotd 17 udp Quote of the day chargen 19 tcp Character generator chargen 19 udp Character generator ftp-data 20 tcp FTP, data ftp 21 tcp FTP.
UTT Technologies Appendix D Common Service Ports domain 53 udp Domain Name Server bootps 67 udp Bootstrap Protocol Server bootpc 68 udp Bootstrap Protocol Client tftp 69 udp Trivial File Transfer gopher 70 tcp finger 79 tcp http 80 tcp World Wide Web kerberos 88 tcp Kerberos kerberos 88 udp Kerberos hostname 101 tcp NIC Host Name Server iso-tsap 102 tcp ISO-TSAP Class 0 rtelnet 107 tcp Remote Telnet Service pop2 109 tcp Post Office Protocol - Version 2 pop
UTT Technologies Appendix D Common Service Ports snmp 161 udp snmptrap 162 udp SNMP trap print-srv 170 tcp Network PostScript bgp 179 tcp Border Gateway Protocol irc 194 tcp Internet Relay Chat Protocol ipx 213 udp IPX over IP ldap 389 tcp Lightweight Directory Access Protocol https 443 tcp MCom https 443 udp MCom microsoft-ds 445 tcp microsoft-ds 445 udp kpasswd 464 tcp Kerberos (v5) kpasswd 464 udp Kerberos (v5) isakmp 500 udp Internet Key Exchange ex
UTT Technologies Appendix D Common Service Ports conference 531 tcp netnews 532 tcp netwall 533 udp uucp 540 tcp klogin 543 tcp Kerberos login kshell 544 tcp Kerberos remote shell new-rwho 550 udp remotefs 556 tcp rmonitor 560 udp monitor 561 udp ldaps 636 tcp LDAP over TLS/SSL doom 666 tcp Doom Id Software doom 666 udp Doom Id Software kerberos-adm 749 tcp Kerberos administration kerberos-adm 749 udp Kerberos administration kerberos-iv 750 udp Kerber
UTT Technologies Appendix D Common Service Ports radacct 1813 udp RADIUS accounting protocol nfsd 2049 udp NFS server knetd 2053 tcp Kerberos de-multiplexor man 9535 tcp Remote Man Server http://www.uttglobal.
UTT Technologies Appendix E Figure Index Appendix E Figure Index Figure 0-1 MAC Address Filtering List .................................................................................... 3 Figure 2-1 Front Panel of the Wireless Router ........................................................................ 14 Figure 2-2 Back Panel of the Wireless Router ........................................................................ 15 Figure 3-1 Entering IP address in the Address Bar ...........................
UTT Technologies Appendix E Figure Index Figure 5-16 LAN Interface Settings ........................................................................................ 60 Figure 5-17 DHCP Server Settings ......................................................................................... 62 Figure 5-18 Static DHCP Settings .......................................................................................... 64 Figure 5-19 Static DHCP List ............................................................
UTT Technologies Appendix E Figure Index Figure 7-2 Port Forwarding Settings ..................................................................................... 106 Figure 7-3 Port Forwarding Settings - Example ................................................................... 108 Figure 7-4 NAT Rule List ..................................................................................................... 109 Figure 7-5 NAT Rule Settings - EasyIP ........................................................
UTT Technologies Appendix E Figure Index Figure 9-2 Schedule Settings.............................................................................................. 157 Figure 9-3 Internet Application Management List ............................................................. 158 Figure 9-4 Internet Application Management Settings ...................................................... 159 Figure 9-5 Internet Application Management List – Example ...........................................
UTT Technologies Appendix E Figure Index Figure 12-5 PPTP Settings .................................................................................................... 204 Figure 12-6 PPTP Server Global Settings ............................................................................. 206 Figure 12-7 PPTP Server Settings ......................................................................................... 207 Figure 12-8 PPTP List ...................................................................
UTT Technologies Appendix E Figure Index Figure 14-1 System Information ........................................................................................... 259 Figure 14-2 System Log Settings .......................................................................................... 261 Figure 14-3 System Logs ...................................................................................................... 262 Figure 15-1 Support ................................................................
UTT Technologies Appendix F Table Index Appendix F Table Index Table 0-1 Common Button Descriptions ................................................................................... 3 Table 0-2 Basic Elements and Features of the List ................................................................... 4 Table 0-3 Factory Default Settings............................................................................................ 5 Table 2-1 Description of LEDs on the Front Panel ..........................
