DRAFT - 6/25/2010 User Guide Wireless-N Broadband Home Router Model: RMN302 FPO
DRAFT - 6/25/2010 Notice to Installers The servicing instructions in this notice are for use by qualified service personnel only. To reduce the risk of electric shock, do not perform any servicing other than that contained in the operating instructions, unless you are qualified to do so. Note to System Installer For this apparatus, the cable shield/screen shall be grounded as close as practical to the point of entry of the cable into the building.
DRAFT - 6/25/2010 Mitteilung für CATV-Techniker Die in dieser Mitteilung aufgeführten Wartungsanweisungen sind ausschließlich für qualifiziertes Fachpersonal bestimmt. Um die Gefahr eines elektrischen Schlags zu reduzieren, sollten Sie keine Wartungsarbeiten durchführen, die nicht ausdrücklich in der Bedienungsanleitung aufgeführt sind, außer Sie sind zur Durchführung solcher Arbeiten qualifiziert.
DRAFT - 6/25/2010 IMPORTANT SAFETY INSTRUCTIONS 1) Read these instructions. Provide Ventilation and Select a Location 2) Keep these instructions. • Remove all packaging material before applying power to the product. 3) Heed all warnings. • Do not place this apparatus on a bed, sofa, rug, or similar surface. 4) Follow all instructions. • Do not place this apparatus on an unstable surface. 5) Do not use this apparatus near water.
DRAFT - 6/25/2010 FCC Compliance If you experience trouble with this telephone equipment, please contact the service provider for information on obtaining service or repairs. The telephone company may ask that you disconnect this equipment from the network until the problem has been corrected or until you are sure that the equipment is not malfunctioning.
DRAFT - 6/25/2010 CE Compliance Note: The full declaration of conformity for this product can be found in the Declarations of Conformity and Regulatory Information section of the appropriate product hardware installation guide, which is available on Cisco.com.
DRAFT - 6/25/2010 Disclaimer U.S. Patents Cisco Systems, Inc. assumes no responsibility for errors or omissions that may appear in this guide. We reserve the right to change this guide at any time without notice. A patent notice is affixed to this product. In addition, the product may also be covered by one or more of the following patents: Documentation Copyright Notice Information in this document is subject to change without notice.
DRAFT - 6/25/2010 Table of Contents Product Overview ............................................................................................................3 Front Panel............................................................................................................................................................................................3 Top Panel ..........................................................................................................................................
DRAFT - 6/25/2010 2
DRAFT - 6/25/2010 Product Overview Thank you for choosing the Cisco® Wireless-N Broadband Home Router. The Router lets you access the Internet via a wireless connection or through one of its four (or five) switched ports. You can also use the Router to share resources such as computers and storage. Various security features help to protect your data and your privacy while you are online. Security features include WPA2 security, a Stateful Packet Inspection (SPI) firewall, and NAT technology.
DRAFT - 6/25/2010 Top Panel Wi-Fi Protected Setup If you have a client device, such as a wireless adapter, that supports Wi-Fi Protected Setup, then you can use Wi-Fi Protected Setup to automatically configure wireless security for your wireless network(s). Note: Wi-Fi Protected Setup can only be used for the default wireless network. (The Router supports up to four wireless networks. The other three can be configured using the Router’s web-based utility.
DRAFT - 6/25/2010 Back Panel Reset FPO There are two ways to reset the Router’s settings to factory defaults. Either press and hold the Reset button for approximately ten seconds, or restore the defaults from the Administration > Factory Defaults screen of the Router’s web-based utility. Note: The reset does not restore the voice settings to the factory defaults. WPS Text TBD USB The USB port connects to a USB storage device, such as a USB hard drive or flash disk.
DRAFT - 6/25/2010 Placement Positions There are two ways to physically install the Router. The first way is to place the Router horizontally on a surface. The second way is to mount the Router on a wall. Horizontal Placement The Router has four rubber feet on its bottom panel. Place the Router on a level surface near an electrical outlet. Wall-Mounting Placement The Router has four wall-mount slots on its bottom panel. The distance between two adjacent slots is 54 mm (2.13 inches).
DRAFT - 6/25/2010 Wireless Security Checklist Wireless networks are convenient and easy to install, so homes with high-speed Internet access are adopting them at a rapid pace. Because wireless networking operates by sending information over radio waves, it can be more vulnerable to intruders than a traditional wired network. Like signals from your cellular or cordless phones, signals from your wireless network can also be intercepted.
DRAFT - 6/25/2010 General Network Security Guidelines Wireless network security is useless if the underlying network is not secure. • Password protect all computers on the network and individually password protect sensitive files. • Change passwords on a regular basis. • Install anti-virus software and personal firewall software. • Disable file sharing (peer-to-peer). Some applications may open file sharing without your consent and/or knowledge.
DRAFT - 6/25/2010 Setup > Interface WAN Interface Setup WAN Connection Settings Network Type: Choose your WAN interface type from the dropdown list. Options include Auto-Detection, MoCA, and Ethernet. • Auto Detection: The router detects physical interface automatically and determine the connection type. The detect result is displayed in “Current Network” field; • MoCA: You can manually configure MoCA connection as physical interface.
DRAFT - 6/25/2010 Setup > Internet WAN Connection Settings Network Type: Choose your network type. Connection Type Auto Detection Settings Auto Detect Connection: Allows you to enable or disable internet connection type auto detection. Protocol Detection: Select this checkbox if you want the router to detect the internet connection continuously, as defined by the Auto Detection Interval.
DRAFT - 6/25/2010 PPPoE Settings for PPPoE (RFC2516) Primary (Required) and Secondary (Optional) DNS Enter the DNS (Domain Name System) server IP address(es) provided by your service provider. At least one is required. Username and Password Enter the Username and Password provided by your service provider.
DRAFT - 6/25/2010 Setup > Local Network Configure the Router’s Local Area Network (LAN) settings on this screen. There are two views available, Basic and Advanced. The default view is Basic. To display the Advanced View, click Advanced View. To return to the Basic View, click Basic View. Local Network The Local Network section changes the settings on the network connected to the Router’s Ethernet ports. Wireless setup is performed through the Wireless tab.
DRAFT - 6/25/2010 Conditional Serving Conditional Serving Pool Enable DHCP Conditional Serving To enable this option, select the check box. Otherwise, leave the check box blank. For each entry, the table lists the following: MAC Address, Vendor Class ID, User Class ID, Client ID, Host Name, Domain Name, IP Address, Precedence, and Action. To delete an entry, click Delete. To configure the DHCP options for an entry, click DHCP Option. Conditional Serving Entry Precedence Enter the Precedence value.
DRAFT - 6/25/2010 Advanced DHCP Settings (Advanced View) DHCP Address This option defines the DHCP address allocation method. To assign local IP addresses from the DHCP pool you have defined, keep the default, Use DHCP Pool. To have the local network devices share the WAN subnet address, select Use WAN Subnet. In this pass-through mode, the local computers get WAN-side IP addresses. They bypass NAT and are visible on the service provider’s network.
DRAFT - 6/25/2010 Connect To manually trigger an update, click this button. Click Save Settings to apply your changes, or click Cancel Changes to cancel your changes. Setup > Advanced Routing This screen is used to set up the Router’s advanced routing functions. Static Routing sets up a fixed route to another network destination. Advanced Routing Routing Table For each route, the Destination LAN IP address, Subnet Mask, Router, and Metric are displayed.
DRAFT - 6/25/2010 Setup > PVC/VLAN Mapping This advanced screen is used to map the PVCs to the Virtual Local Area Networks (VLANs). When you create a mapping, a layer 2 bridge is formed between the Router’s LAN port (including WLAN SSID) and WAN port (PVC or Ethernet WAN). You should configure this screen according to your service provider’s instructions. For example, when Ethernet port 1 is connected to a set-top box, a PVC mapping is created for Ethernet port 1 and PVC 1 with VLAN 1002.
DRAFT - 6/25/2010 Wireless > Basic Settings The basic settings for wireless networking are set on this screen. There are two ways to configure the Router’s wireless settings, manual and Wi-Fi Protected Setup. For manual configuration, use this screen to change the settings. Wi-Fi Protected Setup is a feature that makes it easy to set up your wireless network.
DRAFT - 6/25/2010 Wireless Security Wireless Network Select the wireless network you want to configure. Security Mode Select the security method for your wireless network. Proceed to the appropriate instructions. If you do not want to use wireless security, keep the default, Off. Note: If you are using wireless security, remember that each device in your wireless network MUST use the same security method and settings, or else the wireless devices cannot communicate.
DRAFT - 6/25/2010 WPA2 Enterprise This option features WPA2 used in coordination with a RADIUS server. (It should only be used when a RADIUS server is connected to the Router.) Mixed Mode Select Enabled to support both WPA and WPA2 clients. Otherwise, keep the default, Disabled. Encryption Select the appropriate method, AES or TKIP or AES. RADIUS Server Enter the IP address of the RADIUS server. RADIUS Port Enter the port number of the RADIUS server. The default value is 1812.
DRAFT - 6/25/2010 Wi-Fi Protected Setup If you have client devices, such as a wireless adapter, that support Wi-Fi Protected Setup, then you can use Wi-Fi Protected Setup to automatically configure wireless security for your wireless network(s). There are three methods available. Use the method that applies to the client device you are configuring. Note: Wi-Fi Protected Setup configures one client device at a time. Repeat the instructions for each client device that supports Wi-Fi Protected Setup.
DRAFT - 6/25/2010 Wireless > Advanced Settings Use this screen to set up the Router’s advanced wireless settings, which apply to all of the Router’s wireless networks. These settings should only be adjusted by an expert administrator as incorrect settings can reduce wireless performance. Advanced Wireless Wireless > Advanced Settings Basic Rate The Basic Rate setting is not actually one rate of transmission but a series of rates at which the Router can transmit.
DRAFT - 6/25/2010 Auto Power Save Delivery Unscheduled Automatic Power Save Delivery (UAPSD) is a special power-saving mode to achieve end-to-end QoS. This option is available if you enabled WMM Support. To use the power save feature, select Auto Power save Delivery. Click Save Settings to apply your changes, or click Cancel Changes to cancel your changes. Storage > Media Server General Server Name: Type your Media server name.
DRAFT - 6/25/2010 Security > Firewall The Firewall screen is used to configure a firewall that can filter out various types of unwanted traffic on the Router’s local network. Firewall Intrusion Detection Protection To use Intrusion Detection System (IDS) and Denial of Service (DoS) protection, select Enabled. Otherwise, keep the default, Disabled. Security > Firewall Web Content Filtering To filter web content, keep the default, Enabled. Otherwise, select Disabled.
DRAFT - 6/25/2010 Applications & Gaming > Single Port Forwarding The Single Port Forwarding screen allows you to customize port services for common applications on this screen. When users send these types of requests to your network via the Internet, the Router will forward those requests to the appropriate servers (computers). Before using forwarding, you should assign static IP addresses to the designated servers.
DRAFT - 6/25/2010 Applications & Gaming > DMZ The DMZ feature allows one network computer to be exposed to the Internet for use of a special-purpose service such as Internet gaming or videoconferencing. DMZ hosting forwards all the ports at the same time to one PC. The Port Range Forwarding feature is more secure because it only opens the ports you want to have opened, while DMZ hosting opens all the ports of one computer, exposing the computer to the Internet.
DRAFT - 6/25/2010 QoS (Quality of Service) Application-based QoS manages information as it is transmitted and received. QoS To use QoS, select Enabled. Otherwise, keep the default, Disabled. Default Queue Index Select the default queue (and priority) for applications not specified below: 1-8. (A lower value has higher priority.) Queue Management A new window appears. Queue Management • Queue Index There are eight queues for each interface. You can configure the parameters but cannot add or delete queues.
DRAFT - 6/25/2010 QoS (Quality of Service) • Enable To enable this QoS rule, select the check box. Otherwise, leave the check box blank. • Classification Sources Select All Sources, Local Router, All LAN Ports that traffic will come from, or a specific LAN port: Ethernet Ports 1-5 or WLAN SSID networks. The default is All Sources. • Ethernet Type Select None, IP (0x0800), ARP (0x0806), PPPoE Discovery Stage (0x8863), PPPoE Session State (0x8864), or EAPOL (0x888e).
DRAFT - 6/25/2010 • Queue Index Traffic priority applies to LAN-to-WAN traffic only. Higher priority traffic is guaranteed available bandwidth. This is useful for simultaneous activities that put a heavy load on the network (for example, a VoIP phone call during large file downloads). Select the appropriate Queue Index (and priority): 1 High-8 (a lower value means higher priority). Note: Traffic from the Router’s voice lines are automatically assigned highest priority.
DRAFT - 6/25/2010 Administration > Management The Administration > Management screen allows the network’s administrator to manage specific Router functions for access and security. Gateway Access Local Gateway Access To ensure the Router’s security, you will be asked for your username and password when you access the Router’s web-based utility. The default username and password are admin. Router Username Enter the default Router Username, admin.
DRAFT - 6/25/2010 UPnP Universal Plug and Play (UPnP) allows Windows XP and Vista to automatically configure the Router for various Internet applications, such as gaming and videoconferencing. UPnP If you want to use UPnP, keep the default, Enabled. Otherwise, select Disabled. Note: IGMPv2 is enabled by default, and v3 is supported. IGMP Snooping is enabled by default for all bridges. Administration > Log The Router can keep logs of traffic and events for your Internet connection.
DRAFT - 6/25/2010 Search Log Category: Choose the category of logs that you want to view (firewall, security, system control, network, QoS, user authorization, VPN, routing, certification). Log Severity: Choose the severity of messages that you want to include in the logs here.. Policy: TBD. Message: If you want to see only messages that contain a certain keyword, type that keyword here. IP Address: Use these fields to restrict the logs so that you only see messages to or from certain IP addresses.
DRAFT - 6/25/2010 Administration > Self Diagnostics Diagnostics Trigger: Choose whether you want to enable the diagnostics trigger. VoD Monitor Trigger: Choose whether you want the MoCA network performance to be recorded in the router persistence log along with a TR-069 parameter for troubleshooting analysis when necessary.
DRAFT - 6/25/2010 TLANIP: This test ensures that all LAN devices which are currently attached and active have an IP assigned correctly. One method to determine if the LAN device is active or inactive is by sending an ARP request from the router. TWANTYPE: This test ensures that only one WAN interface is be enabled and active at any time it is in a Connected state. Both WAN interfaces can be enabled, if they are in a Disconnected state. TWANIPCON: This test ensures that the router has WAN IP connectivity.
DRAFT - 6/25/2010 CLANDEV: One or more LAN devices are attached and active. CLANBW: Both the delta number of bytes sent and the number of bytes received are greater than the LAN bandwidth threshold. CBHR_CPU: The CPU utilization is less than the CPU threshold. CWANMOCA_PORT: The physical MoCA port is operational with no hardware failure. CWANETH_PORT: The Ethernet port is operational, with no hardware failure. CWANIPCON_PNGDF: The default gateway responds to to the ICMP PING.
DRAFT - 6/25/2010 Factory Defaults Restore Factory Defaults To reset settings to the default values, click this button and follow the on-screen instructions. Any custom Router settings you have saved (except for the voice settings) will be lost when the default settings are restored. Administration > Upgrade The Upgrade screen allows you to upgrade the Router’s firmware. Do not upgrade the firmware unless you are experiencing problems with the Router or the new firmware has a feature you want to use.
DRAFT - 6/25/2010 Administration > IGMP IGMP Access Policy Control IGMP Access Policy Table: Needs text. IGMP Access Policy Rule IGMP Access control: Choose whether to allow multicast traffic of a specific multicast group. Administration > IGMP Group Address: Type the IP address of multicast traffic which is affected the rule. Address Mask: Type the network mask of the IP address specified in the Group Address. Allow Traffic: Choose whether to allow multicast traffic.
DRAFT - 6/25/2010 Status > MoCA MoCA WAN Info This section p rovides information about the MoCA WAN connection. MoCA LAN Info This section provides information about the MoCA LAN connection. Status > Local Network The Local Network screen displays information about the local network. Local Network IP Address The Router’s IP address, as it appears on your local network, is displayed. Subnet Mask The Subnet Mask of the Router is displayed.
DRAFT - 6/25/2010 Status > Wireless The Wireless screen displays information about your wireless network(s). Wireless Network For each wireless network, the following is displayed: SSID The name of the wireless network is displayed. MAC Address The MAC address of the Router’s local, wireless interface is displayed. Security The wireless security method is displayed (if used). Status > Wireless SSID Broadcast The SSID broadcast setting is displayed. Click Refresh to update the on-screen information.
DRAFT - 6/25/2010 Troubleshooting Your computer cannot connect to the Internet. Follow the instructions until your computer can connect to the Internet: • Make sure that the Router is powered on. The Power LED should be green and not flashing. • If the Power LED is flashing, then power off all of your network devices, including the Router and computers. Then power on each device in the following order: 1. Router 2. Computer • Check the LEDs on the front panel of the Router.
DRAFT - 6/25/2010 Specifications Model RMN302 Interfaces COAX MoCA LAN; MoCA WAN WAN Ethernet WAN Interface RJ-45 Port LAN Ports (RJ-45); Ethernet 10/100/1000 BASE-T with Auto-Crossover USB 2 USB 2.0 (host) Ports Wi-Fi IEEE 802.11b/g/n 802.
DRAFT - 6/25/2010 Software License Agreement Software in Cisco Products This product from Cisco-Cisco LLC or from one of its affiliates Cisco Systems-Cisco (Asia) Pte Ltd. or Cisco-Cisco K.K. (“Cisco”) contains software (including firmware) originating from Cisco and its suppliers and may also contain software from the open source community. Any software originating from Cisco and its suppliers is licensed under the Cisco Software License Agreement contained at Schedule 1 below.
DRAFT - 6/25/2010 Disclaimer of Liabilities. IN NO EVENT WILL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY LOST DATA, REVENUE OR PROFIT, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, REGARDLESS OF CAUSE (INCLUDING NEGLIGENCE), ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF CISCO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL CISCO’ LIABILITY EXCEED THE AMOUNT PAID BY YOU FOR THE PRODUCT.
DRAFT - 6/25/2010 c. If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License.
DRAFT - 6/25/2010 10. whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11.
DRAFT - 6/25/2010 to all third parties under the terms of this License. enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system.
DRAFT - 6/25/2010 an executable that is a derivative of the Library (because it contains portions of the Library), rather than a “work that uses the library”. The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a “work that uses the Library” uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not.
DRAFT - 6/25/2010 This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded.
DRAFT - 6/25/2010 3. Original SSL License Copyright © 1995-1998 Eric Young (eay@cryptsoft.com)All rights reserved. This package is an SSL implementation written by Eric Young (eay@ cryptsoft.com). The word ‘cryptographic’ can be left out if the routines from the library being used are not cryptographic related. The implementation was written so as to conform with Netscape’s SSL. This library is free for commercial and non-commercial use as long as the following conditions are adhered to.
