RG300-1D-81WT Ug R01 11032011
RG300-1D-81WT Ug R01 11032011
RG300-1D-81WT Ug R01 11032011
USER GUIDE
RG300
WiMAX IEEE 802.16e Indoor Gateway with 2.5 GHz Frequency Band Support, One LAN (RJ-45) Port
COMPLIANCES
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment.
COMPLIANCES
EC CONFORMANCE DECLARATION
Marking by the above symbol indicates compliance with the Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards: IEC/UL 60950-1 - Product Safety EN 301 489-1, EN 301 489-17, EN 302 544-2 V1.1.1 (2009-01) - EMC requirements for radio equipment
PURPOSE This guide details the hardware features of the RG300 WiMAX 802.16e
Indoor Gateway, including its physical and performance-related characteristics, and how to install the device and use its configuration software.
AUDIENCE This guide is for PC users with a working knowledge of computers. You
should be familiar with Windows operating system concepts.
CONVENTIONS The following conventions are used throughout this guide to show
information:
NOTE: Emphasizes important information or calls your attention to related features or instructions.
CAUTION: Alerts you to a potential hazard that could cause loss of data, or damage the system or equipment.
WARNING: Alerts you to a potential hazard that could cause personal injury.
RELATED PUBLICATIONS The following publication gives basic information on how to install and use
the WiMAX 802.16e Indoor Gateway. Quick Installation Guide Also, as part of the WiMAX 802.16e Indoor Gateways configuration software, there is online help that describes all management features.
REVISION HISTORY This section summarizes the changes in each revision of this guide.
NOVEMBER 2011 REVISION
This is the first revision of this guide. This guide is valid for software version 1.2.0.2.
CONTENTS
3 5 6 9 11
SECTION I
GETTING STARTED
1 INTRODUCTION
RG300 Hardware Description Power Status LED WiMAX Signal LEDs LAN Ports Power Adapter Socket Reset Button
12
13
14 15 15 16 17 17
18
18 18 18 19
3 INITIAL CONFIGURATION
Accessing the Web Management Interface Home Page Using the Basic Setup Wizard The Advanced Setup Menu Common Web Page Buttons
21
21 22 23 25 26
CONTENTS
SECTION II
WEB CONFIGURATION
4 SYSTEM SETTINGS
System Status Administrator Settings Firmware Upgrade Configuration Tools System Time System Log Reset
27
28
29 30 31 32 33 34 35
5 WAN CONFIGURATION
WAN Settings Dynamic IP Address Static IP Settings L2TP Settings PPTP Settings DNS DDNS
36
37 38 38 39 39 40 41
6 LAN CONFIGURATION
LAN Settings DHCP Client List
42
43 44
7 NAT CONFIGURATION
NAT Settings Port Mapping DMZ ALG
45
46 46 47 48
8 FIREWALL CONFIGURATION
Firewall Settings Client Filtering Port Filtering MAC Filtering URL Filtering Host Filtering
49
50 51 52 53 53 54
9 ROUTING CONFIGURATION
7
55
CONTENTS
56 56 57
10 UPNP CONFIGURATION
UPnP
58
59
11 QOS CONFIGURATION
QoS Settings
60
61
12 TUNNEL SETTINGS
Tunnel Settings
62
63
SECTION III
APPENDICES
A TROUBLESHOOTING
Diagnosing LED Indicators Cannot Connect to the Internet Cannot Access Web Management Forgot or Lost the Password Resetting the Unit
64
65
65 65 66 66 66
B HARDWARE SPECIFICATIONS
Physical Specifications WiMAX Specifications Compliances
67
67 68 68
70
70 70 71 72
GLOSSARY INDEX
73 77
FIGURES
Figure 1: Front of the RG300 Figure 2: RG300 LED Indicators Figure 3: Back of the RG300 Figure 4: Base of the RG300 Figure 5: RG300 Connections Figure 6: Login Page Figure 7: Home Page Figure 8: WiMAX Account Login Figure 9: Confirm Settings Figure 10: Setup Wizard Finished Figure 11: Advanced Setup Figure 12: Common Web Page Buttons Figure 13: System Status Internet Figure 14: System Status Gateway Figure 15: System Status Information Figure 16: Setting a Password Figure 17: Firmware Upgrade Figure 18: Configuration Tools Figure 19: Restore Configuration Settings Figure 20: System Time Figure 21: System Log Figure 22: Reset Unit Figure 23: WAN Settings Figure 24: Dynamic IP Address Figure 25: Static IP Settings Figure 26: L2TP Settings Figure 27: PPTP Settings Figure 28: DNS Settings Figure 29: DDNS Settings Figure 30: LAN Settings Figure 31: DHCP Client List
9
14 15 16 17 19 21 22 23 24 24 25 26 29 29 30 30 31 32 32 33 34 35 37 38 38 39 39 40 41 43 44
FIGURES
Figure 32: NAT Settings Figure 33: Port Mapping Figure 34: DMZ Settings Figure 35: ALG Settings Figure 36: Firewall Settings Figure 37: Client Filtering Settings Figure 38: Port Filtering Figure 39: MAC Filtering Figure 40: URL Filtering Figure 41: Host Filtering Figure 42: Routing Table Figure 43: Static Route Figure 44: Dynamic Route Figure 45: UPnP Setting Figure 46: QoS Settings Figure 47: Tunnel Settings Figure 48: RJ-45 Connector Figure 49: Straight Through Wiring Figure 50: Crossover Wiring
46 46 47 48 50 51 52 53 53 54 56 56 57 59 61 63 70 71 72
10
TABLES
Table 1: Power Status LED Table 2: WiMAX Signal Status LEDs Table 3: LAN Port Status LED Table 4: Troubleshooting Chart Table 5: 10/100BASE-TX MDI and MDI-X Port Pinouts
15 15 16 65 71
11
SECTION I
GETTING STARTED
This section provides an overview of the RG300, and describes how to install and mount the unit. It also describes the basic settings required to access the management interface and run the setup Wizard. This section includes these chapters: Introduction on page 13 Installing the RG300 on page 18 Initial Configuration on page 21
12
INTRODUCTION
The RG300 WiMAX 802.16e Indoor Gateway is a WiMAX subscriber station designed to provide Internet access for a home or small office. The unit provides a gateway function between a WiMAX service provider and a local Ethernet LAN. The device enables a service provider to deliver last mile broadband wireless access as an alternative to wired DSL or cable modems. The RG300 offers a user-friendly web-based management interface for the configuration of all the units features. Any PC directly attached to the unit can access the management interface using a web browser, such as Internet Explorer (version 6.0 or above) or Firefox (version 1.5 or above).
13
14
POWER STATUS LED The RG300 includes a Power LED indicator that simplifies installation and
WiMAX network troubleshooting. The LED, which is located on the front panel, is described in the following table.
Figure 2: RG300 LED Indicators
Blinking Amber On Red Off
After power on, indicates the unit is running its self test. Indicates that the network entry process is in progress or has restarted.
When blinking with three of the WiMAX signal LEDs turned on, indicates authentication has failed. A system failure has occured. No power is being supplied to the unit.
WIMAX SIGNAL LEDS The RG300 includes seven WiMAX signal strength LED indicators that
display the current WiMAX receive signal status. The LEDs, which are located on the front panel, are described in the following table.
Table 2: WiMAX Signal Status LEDs
LED 1 2 3 4 5 Status On Blue On Blue On Blue On Blue On Blue Description Indicates the receive signal is 5 dB or more. Indicates the receive signal is 8 dB or more. Indicates the receive signal is 12 dB or more. Indicates the receive signal is 15 dB or more. Indicates the receive signal is 18 dB or more.
15
LAN PORTS The RG300 provides one 10BASE-T/100BASE-TX RJ-45 port. The LAN port
is a standard RJ-45 Ethernet network port that connects directly to a PC. It can also be connected to an Ethernet switch or hub to support more users. The RJ-45 port supports automatic MDI/MDI-X operation, so you can use straight-through cables for all network connections to PCs or servers, or to other switches or hubs. The port supports auto-negotiation, so the optimum transmission mode (half or full duplex), and data rate (10 or 100 Mbps) is selected automatically.
Figure 3: Back of the RG300
Power Socket
The RJ-45 port includes a built-in LED status indicator. This LED indicator is described in the following table.
Table 3: LAN Port Status LED
LED Link/Activity Status On Green Flashing Green Off Description Ethernet port has a valid link with an attached device. The port is transmitting or receiving data. Ethernet port has no link with another device.
16
POWER ADAPTER The power socket is located on the rear panel of the RG300. The power SOCKET socket is for the AC power adapter connection.
The unit is powered on when connected to its AC power adapter, and the power adapter is connected to an AC power source between 100-240 volts at 50-60Hz.
RESET BUTTON The Reset button is located on the base of the RG300 and is used to reset
the unit or restore the factory default configuration. If you press the button for less than 1 second, the unit will perform a hardware reset. If you press and hold down the button for 5 seconds or more, any configuration changes you may have made are removed, and the factory default configuration is restored to the unit.
Figure 4: Base of the RG300
Reset Button
17
This section describes how to install and connect the RG300 WiMAX 802.16e Indoor Gateway.
PACKAGE CHECKLIST
The RG300 package includes: RG300 unit RJ-45 Category 5 network cable AC power adapter Quick Installation Guide User Guide CD
INSTALLATION OVERVIEW
Before installing the RG300, verify that you have all the items listed in the package checklist above. If any of the items are missing or damaged, contact your local dealer. Also, be sure you have all the necessary tools and cabling before installing the RG300.
SELECT A LOCATION
The RG300 can be installed indoors on any horizontal surface, such as a desktop or shelf. When selecting a suitable location for the device, consider these guidelines: Select a cool, dry place, which is out of direct sunlight. The device should have adequate space (approximately two inches) on all sides for proper air flow. The device must be near an AC power outlet that provides 100 to 240 V, 50 to 60 Hz.
18
The device should be accessible for network cabling and allow the status LED indicators to be clearly visible.
NOTE: If the RG300 displays a weak WiMAX receive signal, try moving it to another location.
CABLE CONNECTIONS
The RG300 is a plug-and-play device, so once it has been connected to your PC and powered up, it is fully operable. Functioning as a gateway, the unit routes traffic between a WiMAX service providers base station and PCs or notebooks in the local network.
Figure 5: RG300 Connections
Connection
2
Connect LAN port to PC
3 1
Connect AC power adapter to power source
2. Observe the Indicator LEDs. When you power on the RG300, verify that
the Power LED turns on and that the other LED indicators start functioning as described under RG300 Hardware Description on page 14.
19
4. Use your PCs web browser to access the units management interface
and run the Setup Wizard to make any configuration changes. For more information, see Chapter 3, Initial Configuration.
20
INITIAL CONFIGURATION
The RG300 initial configuration steps can be made through its web management interface using the Setup Wizard. It is recommended to make the initial changes by connecting a PC directly to the RG300s LAN port.
Logging In Type the default User Name user and Password witribe, then click Login. The home page displays. Language Selects English or Traditional Chinese as the web interface language.
21
NOTE: It is recommended that you configure a user password as the first step under Administrator Settings on page 30 to control management access to the unit.
HOME PAGE The home page displays the current status of the WiMAX connection.
To configure basic settings for the current operating mode, click Basic Setup. For more information, see Using the Basic Setup Wizard on page 23. Alternatively, to configure more detailed settings, click Advanced Setup. For more information, see The Advanced Setup Menu on page 25.
Figure 7: Home Page
The following parameters are displayed on the home page: Username Describes the WiMAX network login name. Operator Name The identity of the operator network. Sector ID The unique sector ID as decoded from the Frame Control Header. Base Station ID The identifier of the connected base station. Preamble Index A number that identifies the sector on the connected base station. Signal Strength The current signal strength value of the received WiMAX radio signal.
22
Signal Quality An indication of the carrier-to-interference-plusnoise-ratio (CINR), which measures the strength of the receive signal compared to other interference and noise. Connection Status The current status of the WiMAX connection. Central Frequency The center frequency of the WiMAX signal. Bandwidth The bandwidth of the WiMAX signal.
Username The user name required for authentication as provided by the WiMAX operator. Preview Displays the current user account that will be used.
23
Password The user password required for authentication as provided by the WiMAX operator.
3. Basic Setup Finished When the Basic Setup steps are completed
the unit reboots and attempts to connect to the specified WiMAX network. Log in again to return to the Home page.
Figure 10: Setup Wizard Finished
24
Each primary menu item is sumarized below with links to the relevant section in this guide where configuration parameters are described in detail: System Configures general device settings. See page 28. WAN Configures WAN settings. See page 36. LAN Configures LAN settings. See page 42. NAT Configures Network Address Translation settings. See page 45. Firewall Configures firewall settings. See page 49. Route Configures static routing settings. See page 55. UPnP Enables UPnP. See page 58. QoS Configures QoS settings. See page 60. Tunnel- Configures Tunnel settings. See page 63.
25
The list below describes these common buttons: Reboot Some configuration changes require a reboot of the unit. The Reboot button will appear when this occurs. Apply Applies all new configuration changes on the current page and saves them to memory. Home Returns to the web management home page. Logout Immediately closes the current web management session.
26
SECTION II
WEB CONFIGURATION
This section provides details on configuring the RG300 using the web browser interface. This section includes these chapters: System Settings on page 28 WAN Configuration on page 36 LAN Configuration on page 42 NAT Configuration on page 45 Firewall Configuration on page 49 Routing Configuration on page 55 UPnP Configuration on page 58 QoS Configuration on page 60 Tunnel Settings on page 63
27
SYSTEM SETTINGS
The RG300s System menu allows you to perform general management functions for the unit, including setting the system time, configuring an access password, and upgrading the system software. The System configuration pages include the following options: System Status on page 29 Administrator Settings on page 30 Firmware Upgrade on page 31 Configuration Tools on page 32 System Time on page 33 System Log on page 34 Reset on page 35
28
SYSTEM STATUS
The system status page displays connectivity status information for the units WiMAX (WAN) and LAN interfaces, and the number of clients connected to the network.
Figure 13: System Status Internet
Internet Displays WAN (WiMAX) connection status: WAN IP Displays the IP address assigned by the service provider. Subnet Mask Displays the WAN subnet mask assigned by the service provider. Gateway Displays the WAN gateway address assigned by the service provider. Primary DNS Displays the WAN primary DNS address. Secondary DNS Displays the WAN secondary DNS address. Connection Type Displays the connection type for the WAN. Either fixed for a static IP setting, or dhcp for dynamic IP assignment.
Gateway Display system IP settings, DHCP server, and firewall status: IP Address Displays the units IP address. Subnet Mask Displays the subnet mask. DHCP Server Displays the DHCP server status. Firewall Displays the firewall status.
29
Information Displays the number of connected clients, as well as the units LAN and WAN MAC addresses: Connected Clients Displays the number of connected clients, if any. LAN MAC Address Displays the LAN MAC address. LAN MTU Size The maximum transmission unit size in bytes. WAN MAC Address Displays WAN MAC address. WAN MTU Size The maximum transmission unit size in bytes.
ADMINISTRATOR SETTINGS
The Administrator Settings page enables you to change the password for management access to the RG300.
Figure 16: Setting a Password
The following parameters are displayed on this page: Current Password You need to first enter your current administrator password to be able to configure a new one. (Default: witribe)
NOTE: If your RG300 unit is not configured with the standard default login Username/Password, use the default values on the label affixed to the unit. New Password Enter a new administrator password. (Range: 3~12 characters)
30
Confirm New Password Enter the new password again for verification. (Range: 3~12 characters) Language Selects English or Traditional Chinese as the web interface language.
FIRMWARE UPGRADE
The Firmware Upgrade page enables you to download new software to the unit.
Figure 17: Firmware Upgrade
The following parameters are displayed on this page: Upgrade Downloads an operation code file from the web management station to the RG300 using HTTP. Use the Browse button to locate the code file locally on the management station and check the Reset Configuration to restore factory defaults. Click Apply to proceed. Auto Upgrade Provides a method to automatically upgrade the Gateway when new code is available, as indicated by the contents of an information file provided by the WiMAX service operator. The Auto Upgrade information file and code file can be located on the same server or different servers.
Enable Enables the automatic upgrade feature. Start Time Sets the auto upgrade start time. End TIme Sets the auto upgrade end time. Update Interval A time interval (in seconds) for checking the Info URL for new software information. Limit Rate Places a limit on the firmware download rate from the server.
31
Info URL A text string that indicates the location of an Auto Upgrade information file on an FTP server. The file contains information on the version of software available, and the FTP server on which it is located. (For example: ftp://192.168.1.16/autoupgrade/RG300autoupgrade.info)
CONFIGURATION TOOLS
The Configurations Tools page allows you to restore factory default settings, or save and restore the units configuration settings to or from a file on the management station.
Figure 18: Configuration Tools
The following parameters are displayed on this page: Restore Factory Default Configuration Resets the unit to its factory default settings. When you select Restore Factory Default Configuration and click Apply, a confirmation page displays. Click OK to continue. Backup Settings Saves the current configuration settings to a file on the web management station. Restore Settings Restores a saved configuration file to the unit. Configuration files are plain-text files that can be edited directly to modify settings (not all parameters need be defined). You can use the Browse button to locate the file on the web management station.
Fully Restore Settings Restores all settings that are defined in the uploaded configuration file. Any undefined settings are returned to factory defaults. Merge Settings Restores defined settings in the uploaded configuration file. All other undefined settings are not changed.
32
SYSTEM TIME
The RG300 uses the Simple Network Time Protocol (SNTP) to set its internal clock based on periodic updates from a time server. Maintaining an accurate time on the device enables the system log to record meaningful dates and times for event entries. SNTP uses Coordinated Universal Time (or UTC, formerly Greenwich Mean Time, or GMT) based on the time at the Earths prime meridian, zero degrees longitude. To display a time corresponding to your local time, you must select your time zone.
Figure 20: System Time
The following parameters are displayed on this page: Enable Enables the unit to set its internal clock based on periodic updates from a time server. The unit acts as an SNTP client, periodically sending time synchronization requests to a specified time server. Alternatively, you can select None and set the time and date manually. Time Server Address The IP address of a time server that the unit attempts to poll for a time update. Current Time (hh:mm:ss) The current time of the system clock. New Time (hh:mm:ss) Sets the system clock to the time specified. Sync with host Sets the units time from the web management PCs system time. Current Date (yyyy:mm:dd) The current date of the system clock. New Date (yyyy:mm:dd) Sets the system clock date.
Set Time Zone SNTP uses Coordinated Universal Time (or UTC, formerly Greenwich Mean Time, or GMT) based on the time at the Earths prime meridian, zero degrees longitude. To display a time corresponding to your local time, you must select your time zone from the pull-down list.
33
SYSTEM LOG
The RG300 supports a logging process that controls error messages saved to memory. The logged messages serve as a valuable tool for isolating device and network problems. The System Log page displays the latest messages logged in chronological order, from the oldest to the newest. Log messages saved in the units memory are erased when the device is rebooted.
Figure 21: System Log
The following items are displayed on this page: Refresh Sends a request to add the latest entries to the System Log Table. Download Downloads the current system log messages to a file on the web management station. Clean Removes all the current system log messages from the System Log Table. System Log Level Sets the minimum severity level for event logging. The system allows you to limit the messages that are logged by specifying a minimum severity level. Error message levels range from the most severe (Emergency) to least severe (Debug). The message levels that are logged include the specified minimum level up to the Emergency level. Max Size The maximum memory size to be used for log messages on the gateway. (Range: 1-512 KB) Set Click to set the Max Size and System Log Level values.
34
RESET
The Reset page allows you to restart the devices software. If the unit stops responding correctly or in some way stops functioning, performing a reset can clear the condition.
Figure 22: Reset Unit
35
WAN CONFIGURATION
The information in this chapter covers the configuration options for the RG300s WAN connection. The WAN configuration pages include the following options: WAN Settings on page 37 DNS on page 40 DDNS on page 41
36
WAN SETTINGS
Select the WAN connection type used by your service provider and specify DNS (Domain Name System) servers.
Figure 23: WAN Settings
The unit can be connected to your ISP in one of the following ways: NONE No IP Address assigned. DHCP IP Address Selects configuration for an Internet connection using DHCP for IP address assignment. Static IP Address Selects configuration for an Internet connection using a fixed IP assignment. Retries The maximum number of times the Gateway sends a DHCP request to a DHCP server. (Range: 1-10000) Timeout The maximum time period (in seconds) the Gateway waits for a response from a DHCP server before it resends a request. (Range: 1-3600 seconds) Vendor Class ID Used to identify the vendor class and configuration of the device to the DHCP server, which then uses this information to decide on how to service the client or the type of information to return. Configured DSCP (Differentiated Services Code Point) Sets the DSCP value for all egress packets classified by DSCP priority rules. L2TP Selects configuration for an Internet connection using the Layer 2 Tunneling Protocol, an access protocol often used for virtual private networks.
37
PPTP Selects configuration for an Internet connection using the Point-to-Point Tunneling Protocol, an access protocol often used for virtual private networks.
NOTE: For the Dynamic IP Address (DHCP) option, the unit requires no further configuration. Selecting other WAN types displays the parameters that are required for configuring the connection.
DYNAMIC IP ADDRESS For dynamic IP assignment from the service provider, the unit functions as
a Dynamic Host Configuration Protocol (DHCP) client. When enabled, no other settings are required.
Figure 24: Dynamic IP Address
STATIC IP SETTINGS Selecting Static IP Address for the WAN type enables you to enter static IP
settings as assigned by the service provider.
Figure 25: Static IP Settings
38
The following parameters are displayed in this section on this page: IP Address The IP address provided by your service provider. Valid IP addresses consist of four decimal numbers, 0 to 255, separated by periods. Netmask Indicates the subnet mask, such as 255.255.255.0. Gateway The gateway IP address provided by your service provider. Configured DSCP (Differentiated Services Code Point) Sets the default DSCP priority for all egress packets not classified by other rules.
L2TP SETTINGS If your service provider supports Layer 2 Tunneling Protocol (L2TP) for your
Internet connection, configure the settings described below.
Figure 26: L2TP Settings
The following parameters are displayed in this section on this page: Enable Enables the L2TP settings. Server IP The IP address of the L2TP server, as specified by the service provider. Username Enter your user name for connecting to the L2TP service, as supplied by the service provider. (Range: 1-20 characters) Password Specify the password for your connection, as supplied by the service provider. (Range: 1-20 characters)
PPTP SETTINGS If your service provider supports Point-to-Point Tunneling Protocol (PPTP)
for your Internet connection, configure the settings described below.
Figure 27: PPTP Settings
The following parameters are displayed in this section on this page: Enable Enables the PPTP settings.
39
DNS
Server IP The IP address of the PPTP server, as specified by the service provider. Username Enter your user name for connecting to the PPTP service, as supplied by the service provider. (Range: 1-20 characters) Password Specify the password for your PPTP connection, as supplied by the service provider. (Range: 1-20 characters)
DNS
DNS (Domain Name System) server addresses are usually provided by service providers, however if you want to specify certain servers, the DNS page enables you to enter primary and secodary DNS addresses.
Figure 28: DNS Settings
The following parameters are displayed on this page: Primary DNS Address Address of the primary DNS server, specified in the form of 0.0.0.0. (The address 0.0.0.0 disables the manual DNS setting.) Secondary DNS Address (optional) Optional address of a secondary DNS server, specified in the form of 0.0.0.0.
40
DDNS
DDNS
Dynamic DNS (DDNS) provides users on the Internet with a method to tie a specific domain name to the units dynamically assigned IP address. DDNS allows your domain name to follow your IP address automatically by changing your DNS records when your IP address changes. The RG300 provides access to a number DDNS service providers, such as DynDns.org, Easydns.com, and ZoneEdit.com. To set up an DDNS account, visit the website of one of the supported service providers.
Figure 29: DDNS Settings
The following items are displayed in this section on this page: Enable Enables the DDNS service. Max Time Interval The maximum time period before the Gateway sends an update to the DDNS provider. (Options: 1hr, 3hr, 6hr, 8hr, 12hr, 1 day, 3 days, 1 week) DDNS Server Specifies the DDNS service provider, DynDns.org, Freedns.afraid.org, ZoneEdit.com or Non-IP.com. Host Name Specifies the URL of the DDNS service. User Name Specifies your user name for the DDNS service. Password Specifies your password for the DDNS service.
41
LAN CONFIGURATION
The information in this chapter covers the configuration options for the RG300s LAN functions. The LAN configuration pages include the following options: LAN Settings on page 43 DHCP Client List on page 44
42
LAN Settings
LAN SETTINGS
The RG300 must have a valid IP address for management using a web browser and to support other features. The unit has a standard default IP address of 192.168.15.1. You can use this IP address or assign another address that is compatible with your existing local network. The unit can also be enabled as a Dynamic Host Configuration Protocol (DHCP) server to allocate IP addresses to local PCs. NOTE: If your RG300 unit is not configured with the standard default IP address, use the default value on the label affixed to the unit. The RG300 includes a DHCP server that can assign temporary IP addresses to any attached host requesting the service. Addresses are assigned to clients from a common address pool configured on the unit. Configure an address pool by specifying start and end IP addresses. Be sure not to include the unit's IP address in the address pool range.
Figure 30: LAN Settings
The following parameters are displayed on this page: IP Address The IP address of the unit. Valid IP addresses consist of four decimal numbers, 0 to 255, separated by periods. The standard default setting is 192.168.15.1. Subnet Mask Indicates the local IP subnet mask. The default setting is 255.255.255.0. The Gateway acts as DHCP Server Check this box to enable the DHCP server. IP Pool Starting/Ending Address Specifies the start and end IP address of a range that the DHCP server can allocate to DHCP clients. You can specify a single address or an address range. Note that the address pool range must be in the same subnet as the units IP setting.
43
Lease Time Selects a time limit for the use of an IP address form the IP pool. When the time limit expires, the client has to request a new IP address. (Options: 1hr, 3hr, 6hr, 8hr, 12hr, 1 day, 3 days, 1 week) Static Leases Maps IP addresses to PC MAC addresses so that the gateway always assigns the same IP to specific computers on the LAN.
MAC Address The unique MAC address of a computer in the LAN. IP Address Specifies the static IP to assign to the computer.
NOTE: Each static IP address must be unique. Therefore, you cannot specify the same IP address for both the wired and wireless interfaces, even when only one interface may be active at any given time.
44
NAT CONFIGURATION
The information in this chapter covers the configuration options for the RG300s Network Address Translation (NAT) functions. The NAT configuration pages include the following options: NAT Settings on page 46 Port Mapping on page 46 DMZ on page 47 ALG on page 48
45
NAT SETTINGS
Network Address Translation (NAT) is a standard method of mapping multiple internal IP addresses to one external IP address on devices at the edge of a network. For the RG300, the internal (local) IP addresses are the IP addresses assigned to local PCs by the DHCP server, and the external IP address is the IP address assigned to the WiMAX interface.
Figure 32: NAT Settings
The following item is displayed on this page: Enable Enables NAT on the device.
PORT MAPPING
Using the NAT Port Mapping feature, remote users can access different servers on your local network using your single public IP address. Remote users accessing services such as web or FTP at your local site thorugh your public IP address, are redirected (mapped) to other local server IP addresses and TCP/UDP port numbers. For example, if you set Type/Public Port to TCP/80 (HTTP or web) and the Private IP/Port to 192.168.7.9/80, then all HTTP requests from outside users forwarded to 192.168.7.9 on port 80. Therefore, by just using your external IP address provided by your ISP, Internet users can access the services they need at the local addresses to which you redirect them. The more common TCP service port numbers include: HTTP: 80, FTP: 21, Telnet: 23, and SSH: 22.
Figure 33: Port Mapping
46
DMZ
The following parameters are displayed on this page: Private IP The IP address of the server on the local Ethernet network. The specified address must be in the same subnet as the RG300 and its DHCP server address pool. Alternatively, the IP address can be set by selecting a PC from the DHCP client list. Use Client List Allows the Private IP to be selected from the DHCP client list. Private Port Specifies the TCP/UDP port number used on the local server for the service. (Range: 1-65535) Public Port Specifies the public TCP/UDP port used for the service on the WAN interface. (Range: 1-65535) Services Specifies port numbers for some of the more common services. (Options: FTP, SSH, Telnet, SMTP, HTTP, HTTPS) Comment A text comment for the forwarding rule. Add Rules Adds the defined rule to the port forwarding table. Use the Delete button next to a rule to remove it from the table.
DMZ
If you have a client PC that cannot run an Internet application properly from behind the NAT firewall, you can open the client up to unrestricted two-way internet access by defining a virtual-DMZ (virtual-demilitarizedzone) host.
Figure 34: DMZ Settings
The following parameters are displayed on this page: Enable Enables the feature. DMZ Host Specifies the IP address of the virtual DMZ host. Alternatively, the host IP can be set by selecting a PC from the DHCP client list. Use Client List Allows the host IP to be selected from the DHCP client list.
47
NOTE: Adding a host to the DMZ may expose your local network to a variety of security risks, so only use this option as a last resort.
ALG
The RG300 supports the passthrough of three of the most commonly used VPN protocols; PPTP, L2TP, and IPsec, as well as VoIP SIP traffic. The VPN protocols allow remote users to establish a secure connection to their corporate network. If your service provider supports VPNs, then these protocols can be used to create an authenticated and encrypted tunnel for passing secure data over the Internet (that is, a traditionally shared data network).
Figure 35: ALG Settings
The following items are displayed on this page: SIP ALG Enable Enables the passthrough of VoIP SIP traffic on the configured server port numbers. SIP Server Ports Lists the SIP server ports used for VoIP traffic. Port Number Adds a new SIP Server port number. PPTP Passthrough PPTP (Point-to-Point Tunneling Protocol) provides a secure tunnel for remote client access to a PPTP security gateway. PPTP includes provisions for call origination and flow control required by ISPs. L2TP IPsec Passthrough L2TP (Layer 2 Tunneling Protocol) merges the best features of PPTP and the Layer 2 Forwarding (L2F) protocol. Like PPTP, L2TP requires that the ISPs routers support the protocol. IPsec (Internet Protocol Security) encrypts and authenticates entire IP packets and encapsulates them into new IP packets for secure communications between networks.
48
FIREWALL CONFIGURATION
The information in this chapter covers the configuration options for the RG300s firewall functions. The Firewall configuration pages include the following options: Firewall Settings on page 50 Client Filtering on page 51 Port Filtering on page 52 MAC Filtering on page 53 URL Filtering on page 53 Host Filtering on page 54
49
FIREWALL SETTINGS
The RG300 provides extensive firewall protection by restricting connection parameters to limit the risk of intrusion and defending against a wide array of common hacker attacks. You can also block access to the Internet from clients on the local network based on IP addresses and TCP/UDP port numbers, or specific MAC addresses.
Figure 36: Firewall Settings
The following parameters are displayed on this page: Enable Enables all firewall features. Disallow PING from WAN Prevents pings on the units WiMAX interface from being routed to the network. Allow Access WebUI from WAN Allows a user to be able to log into the Gateway web interface from a remote location. Allow Access Telnet from WAN Allows a user to be able to telnet into CPE from a remote location. HTTP Log Enables LAN-to-WAN and WAN-to-LAN HTTP traffic to be logged. The logged information can be viewed on the system log page.
50
CLIENT FILTERING
You can block access to the Internet from clients on the local network by specifying IP addresses and TCP/UDP port numbers. You can configure up to five IP filters on the unit.
Figure 37: Client Filtering Settings
The following parameters are displayed on this page: Target IP Specifies an IP address or range on the local network to filter. Destination Port Range Specifies a TCP/UDP port number range to filter. (Range: 1-65535 or Any) Protocol Specifies the the port type. (Options: TCP, UDP, Any) Add Adds a new IP address to the filter table. Remove Removes an IP address from the filter table.
51
Port Filtering
PORT FILTERING
Port filtering restricts connections to limit the risk of intrusion and can defend against a wide array of common hacker attacks. The port filtering feature allows the Gateway to block traffic for a specified schedule based on TCP/UDP ports.
Figure 38: Port Filtering
The following items are displayed on this page: Available Services The TCP/UDP services allowed access to the Gateway. All TCP/UDP ports are open unless specified as blocked. Some common protocols are pre-defined and can be selected to Add to the Blocked Services. Select Custom Port to define other TCP/UDP port ranges to block. Operation Adds, removes, or clears all blocked services. Blocked Services Lists the TCP/UDP ports that are blocked Type Specifies the port type, TCP, UDP, or TCP/UDP. Port Number Specifies a custom-defined range of TCP/UDP ports to block. Schedule to Block Configures the days of the week and times to block the defined traffic.
52
MAC Filtering
MAC FILTERING
You can block access to the Internet from clients on the local network based on MAC addresses. You can configure up to 20 MAC address filters on the unit.
Figure 39: MAC Filtering
The following parameters are displayed on this page: MAC Address Specifies a local PC MAC address. Use Client List Selects a local PC MAC address from the Gateways DHCP client list table. Add Adds a new MAC address to the filter table. Remove Removes a MAC address from the filter table.
URL FILTERING
The RG300 provides a method for blocking Internet access based on Uniform Resource Locator (URL) keywords. By filtering URLs accessed from the network, users can be prevented from reaching prohibited online content.
Figure 40: URL Filtering
53
The following items are displayed on this page: String Specifies text keyword contained in URLs that will be filtered. (Maximum 256 characters; invalid characters [ & ' # \].) Add Adds a keyword string to the URL filter. Remove Removes an entry from the filter table.
HOST FILTERING
The RG300 provides a method for blocking Internet access based on web domains. A domain name is the name of a particular web site. For example, www.fungames.com.
Figure 41: Host Filtering
The following items are displayed on this page: Host String Displays current Host filter. (Maximum 256 characters; invalid characters [ & ' # \].) Add Enters a domain name keyword for a host filtering. For example, myhost.example.com. Remove Removes an entry from the filter table.
54
ROUTING CONFIGURATION
The information in this chapter covers the configuration options for the RG300s Routing functions. The Routing configuration pages include the following options: Routing Table on page 56 Static Route on page 56 Dynamic Route on page 57
55
ROUTING TABLE
The Routing Table displays the list of static routes on the unit.
Figure 42: Routing Table
The following parameters are displayed in this section on this page: Route The IP address that identifies the IP subnet of the remote network. Gateway The IP address of the router within the local IP subnet that forwards traffic to the remote IP subnet. Netmask The mask that identifies the IP subnet of the remote network. Interface Indicates the local network interface on the unit.
STATIC ROUTE
Static routes allow a manual method to set up routing between specific destination networks, subnetworks, or hosts. Static routes may be required to force the use of a specific route to a subnet. Static routes do not automatically change in response to changes in network topology, so only configure a small number of stable routes to ensure network accessibility.
Figure 43: Static Route
The following items are displayed on this page: Enable Enables the configured routes in the Static Route table.
56
Dynamic Route
Destination A destination network or specific host to which packets can be routed. Netmask Network mask for the associated IP subnet. This mask identifies the host address bits used for routing to specific subnets. Gateway The IP address of the router at the next hop to which matching frames are forwarded. Add Adds a new route to the table.
DYNAMIC ROUTE
The RG300 supports RIP dynamic routing protocol. Routing Information Protocol (RIP) is the most widely used method for dynamically maintaining routing tables. RIP uses a distance vector-based approach to routing.
Figure 44: Dynamic Route
The following items are displayed on this page: RIP Enable Enables the RIP protocol for the WAN interface.
57
10
UPNP CONFIGURATION
The information in this chapter covers the configuration options for the RG300s Universal Plug and Play Forum (UPnP) feature. The UPnP configuration pages include the following options: UPnP on page 59
58
UPNP
UPnP (Universal Plug and Play Forum) provides inter-connectivity between devices supported by the same standard.
Figure 45: UPnP Setting
The following parameters are displayed in this section on this page: UPnP Enables UpnP support on the unit. NAT-PMP (NAT Port Mapping Protocol) Allows a computer in a private network (behind a NAT router) to automatically configure the router to allow parties outside the private network to contact it.
59
11
QOS CONFIGURATION
The RG300 supports Quality of Service (QoS) settings that enable traffic rate limits to be set for all or specific LAN clients. The QoS configuration pages include the following options: QoS Settings on page 61
60
QOS SETTINGS
From the QoS Settings page, you can set rate limits for outbound (WiMAX uplink) traffic from all or specified clients.
Figure 46: QoS Settings
The following parameters are displayed on this page: General Sets QoS parameters that apply to all LAN clients (except those listed in the QoS Rules table):
Enable Enables the QoS settings on the gateway. Default Outbound Rate/Limit Sets a rate limit for the outbound traffic from all clients not specified in the QoS Rules table. The rate is specified in kilobytes per second (0 means unlimited).
Rules Specifies the QoS rate limits for specified client source IPs:
Source IP Specifies a source IP address on the local network. The IP address can also be selected from the DHCP client list, as indicated by Use Client List. Use Client List Enables the Source IP to be selected from the DHCP client list. Outbound Rate/Limit Sets a rate limit for the outbound traffic from the specified source IP in kilobytes per second (0 means unlimited). Description A text srting that identifies the rule.
61
12
TUNNEL SETTINGS
The Tunnel configuration pages include the following options: Tunnel Settings on page 63
62
TUNNEL SETTINGS
The Tunnel Settings page allows to set up a Generic Routing Encapsulation (GRE) tunnel between the CPE and another network. The GRE tunnel enables routing protocols and other non-IP traffic to be routed between networks.
Figure 47: Tunnel Settings
Enable Enables the GRE tunnel on the CPE. Tunnel IP Address A private IP assigned to the CPE's GRE tunnel interface. Remote IP Address The assigned IP address for the GRE tunnel for the remote network. MTU The maximum transmission unit (MTU) for the GRE tunnel interface. PMTUD Enable Enables the Path MTU Discovery protocol for the GRE tunnel interface.
IP Address The IP subnet that will be routed to the GRE tunnel interface. Subnet Mask The IP subnet mask.
63
SECTION III
APPENDICES
This section provides additional information and includes these items: Troubleshooting on page 65 Hardware Specifications on page 67 Cables and Pinouts on page 70
64
TROUBLESHOOTING
AC power adapter may be disconnected. Check connections between the unit, the AC power adapter, and the wall outlet. The unit has detected a system error. Reboot the unit to try and clear the condition. If the condition does not clear, contact your local dealer for assistance. Move the location of the unit. Check with the WiMAX service provider for service coverage information. Verify that the unit and attached device are powered on. Be sure the cable is plugged into both the unit and corresponding device. Verify that the proper cable type is used and its length does not exceed specified limits. Check the cable connections for possible defects. Replace the defective cable if necessary.
65
66
HARDWARE SPECIFICATIONS
PHYSICAL SPECIFICATIONS
PORTS 1 LAN port, 10/100BASE-TX with auto-negotiation, RJ-45 connector
1 FXS port, RJ-11 connector
PHYSICAL SIZE 181.5 x 198.5 x 79 mm (7.15 x 7.81 x 3.11 in) WEIGHT 412 g (14.5 oz) TEMPERATURE Operating: -5 to 45 C (23 to 113 F)
Storage: -40 to 75 C (-40 to 167 F)
67
WiMAX Specifications
WIMAX SPECIFICATIONS
ANTENNAS Pattern: Omnidirectional
Transmit and Receive: One transmit and two receive with Maximal-Ratio Combining (MRC). Support for transmitter diversity. Gain: 6 dBi Impedance: 50 Ohm
CHANNEL BANDWIDTH 2.5 GHz model: 5 and 10 MHz MODULATION SCHEME Scaleable OFDMA employing Time-Division Duplex (TDD) mechanism
PRBS subcarrier randomization Contains pilot, preamble, and ranging modulation
MODULATION AND Down Link: QPSK, 16 QAM, 64 QAM CODING TYPES Up Link: QPSK, 16 QAM RECEIVE SENSITIVITY -94 dBm maximum
COMPLIANCES
EMISSIONS FCC CFR 47 Part 15 Class B
EN 55022 class B EN 301 489-1/-17
EMMUNITY EN 61000-4-2/3/4/5/6/8/11 WIMAX SIGNAL US: 2.5 GHz - FCC Part 27 Subpart M CERTIFICATION EU: 2.5 GHz-EN302 544-2 SAFETY IEC/UL 60950-1
68
ErP 2009/125/EU
69
8 1
10/100BASE-TX PIN Use unshielded twisted-pair (UTP) or shielded twisted-pair (STP) cable for ASSIGNMENTS RJ-45 connections: 100-ohm Category 3 or better cable for 10 Mbps
connections, or 100-ohm Category 5 or better cable for 100 Mbps connections. Also be sure that the length of any twisted-pair connection does not exceed 100 meters (328 feet).
The RJ-45 ports on the unit supports automatic MDI/MDI-X operation, so you can use straight-through or crossover cables for all network connections to PCs, switches, or hubs. In straight-through cable, pins 1, 2, 3, and 6, at one end of the cable, are connected straight through to pins 1, 2, 3, and 6 at the other end of the cable.
70
The + and - signs represent the polarity of the wires that make up each wire pair.
STRAIGHT-THROUGH If the twisted-pair cable is to join two ports and only one of the ports has WIRING an internal crossover (MDI-X), the two pairs of wires must be straightthrough.
Figure 49: Straight Through Wiring
End B
71
CROSSOVER WIRING If the twisted-pair cable is to join two ports and either both ports are
labeled with an X (MDI-X) or neither port is labeled with an X (MDI), a crossover must be implemented in the wiring.
Figure 50: Crossover Wiring
End B
72
GLOSSARY
10BASE-T IEEE 802.3-2005 specification for 10 Mbps Ethernet over two pairs of
Category 3 or better UTP cable.
100BASE-TX IEEE 802.3-2005 specification for 100 Mbps Fast Ethernet over two pairs of
Category 5 or better UTP cable.
AUTHENTICATION The process to verify the identity of a client requesting network access. AUTO-NEGOTIATION Signalling method allowing each node to select its optimum operational
mode (speed and duplex mode) based on the capabilities of the node to which it is connected.
BASE STATION A WIMAX service providers equipment that is installed at a fixed location
to provide network connectivity for subscriber stations within a defined service area.
BEACON A signal periodically transmitted from a Wi-Fi access point that is used to
identify the network and maintain contact with wireless clients.
CENTER FREQUENCY The radio frequency at the center of a WiMAX channel. WiMAX channels
can be of different widths (the channel bandwidth) and the transmitted radio signal is spread across the full width of the channel.
CHANNEL BANDWIDTH The range of frequencies occupied by a WiMAX radio signal. The amount of
information that can be transmitted in a radio signal is related to the channel bandwidth, which is measured in Megahertz (MHz). WiMAX supports a range of channel bandwidths that can be defined by the service operator depending on performance requirements, operating preferences, and regulatory constraints.
73
GLOSSARY
DNS Domain Name System. A system used for translating host names for
network nodes into IP addresses.
configuration information to hosts on a TCP/IP network. DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options.
ENCRYPTION Data passing between a base station and subscribers uses encryption to
protect from interception and evesdropping.
authenticate subscribers. EAP is used with TLS or TTLS authentication to provide mutual authentication between a subscriber and a WiMAX network.
ICMP Internet Control Message Protocol. A network layer protocol that reports
errors in processing IP packets. ICMP is also used by routers to feed back information about better routing choices.
IEEE 802.16E The WiMAX standard that provides mobile broadband wireless access using
Scalable Orthogonal Frequency Division Multiple Access (SOFDMA).
ISP Internet Service Provider. A company that offers an access service that
connects customers to the Internet.
LED Light emitting diode. Used for indicating a device or network condition.
74
GLOSSARY
MAC ADDRESS The physical layer address used to uniquely identify network nodes. MS-CHAPV2 Microsofts version 2 of the Challenge-Handshake Authentication Protocol.
Introduced by Microsoft with Windows 2000, MS-CHAPV2 (defined in RFC 2759) provides mutual authentication between peers using user names and passwords.
RJ-45 CONNECTOR A connector for twisted-pair wiring. RSSI Receive Signal Strength Indicator. A measurement of the strength of a
received wireless signal. The higher the RSSI value, the stronger the received signal from the antenna.
ROAMING The process where a WiMAX subscriber can move onto another operators
network while maintaining a continuous connection.
SOFDMA Scalable Orthogonal Frequency Division Multiple Access. The air interface
defined for mobile WiMAX. SOFDMA is a multiple access method that allows simultaneous transmissions to and from several users, employing a subchannel structure that scales with bandwidth.
SERVICE PROVIDER See Internet Service Provider. SNTP Simple Network Time Protocol. SNTP allows a device to set its internal
clock based on periodic updates from a Network Time Protocol (NTP) server. Updates can be requested from a specific NTP server, or can be received via broadcasts sent by NTP servers.
SUBSCRIBER STATION A general term for a customers WIMAX terminal equipment that provides
connectivity with a base station.
includes TCP as the primary transport protocol, and IP as the network layer protocol.
75
GLOSSARY
EAP-TLS. The authentication server is authenticated to the client using its Certification Authority certificate, this establishes a secure tunnel through which the client is then authenticated.
UTP Unshielded twisted-pair cable. WIMAX The IEEE 802.16 standard for Worldwide Interoperability for Microwave
Access. The IEEE 802.16-2004 standard, known as fixed WiMAX, supports only point-to-point links and has no support for mobility. The IEEE 802.16e-2005 standard, known as mobile WiMAX, is an amendment to IEEE 802.16-2004 and supports mobility. Note that mobile WiMAX standard is not backward compatible with the fixed WiMAX standard.
76
INDEX
A
AC power adapter 17 administrator password, setting 30 administrator settings 30 Advanced Setup menu 25 auto-logout time 31, 32
hardware, description
14
I
initial configuration 21 installation, connecting cables installing the device 18 IP address 39, 43 IP filters 51 IPsec 48
19
B
button, Reset 17
C
cable assignments 70 cable connections 19 checklist 18 client filter, enable 51 configuration, basic 23 contents, package 18
L
L2TP 37, 48 LAN status information 29 language selection 21, 31 LEDs 15, 16 logging, system 34 login, web 21 lost password, recovery 66
D
default settings, restore 32 defaults, factory 32 DHCP server 43 discard ping 50 downloading software 31 dynamic DNS 41 dynamic IP, cable modem 37
M
MAC address filters 53 MDI/MDI-X, automatic 16 messages, logging 34
N
NAT setting 46
E
Ethernet ports
16
O
operating frequency 68
F
factory defaults, restoring 32 firewall protection 50 firmware update 31 fixed-IP xDSL 37
P
package checklist 18 panels, front and rear 14 password, setting 30 ping discard 50 port indicators 15, 16 power socket 17 power supply, specifications 67 PPTP 38, 48 private IP 47 private port 47
G
Gateway address 39, 56 gateway function 19
H
hacker attack, prevention 50
77
INDEX
R
rear panel sockets 17 reboot unit 35, 66 Reset button 17 resetting the unit 35, 66 RJ-45 ports 16
S
Setup Wizard launching 23 Simple Network Time Protocol 33 SNTP 33 enabling client 33 software update 31 static routing table 56 subnet mask 39, 43, 56 subscriber station 13 system clock, setting 33 system indicators 15 system information 30 system log 34 system time 33
T
time updates 33
U
upgrading software 31
W
WAN connection type 29 web management interface access 21 login 21 troubleshooting 66 Wizard, setup 23
78