Building Networks for People Unified Services Router User Manual DSR-150 / 150N / 250 / 250N / 500 / 500N / 1000 / 1000N Ver. 1.
User Manual Unified Services Router D-Link Corporation Copyright © 2012. http://www.dlink.
Unified Services Router User Manual User Manual DSR-150 / 150N /250 / 250N / DSR-500 / 500N / 1000 / 1000N Unified Services Router Version 1.05 Co p y rig h t © 2012 Copyright Notice Th is p u b licat io n , in clu d in g all p h o t o g rap h s , illu s t rat io n s an d s o ft ware, is p ro t ect ed u n d er in t ern at io n al co p y rig h t laws , wit h all rig h t s res erv ed .
Unified Services Router User Manual Table of Contents Chapter 1. Introduction.......................................................................................................................................... 11 1.1 About this User Manual .................................................................................................... 12 1.2 Typographical Conventions ............................................................................................. 12 Chapter 2.
Unified Services Router User Manual Chapter 4. Wireless Access Point Setup ........................................................................................................ 68 4.1 Wireless Settings Wizard ................................................................................................. 68 4.1.1 Wireless Network Setup Wizard .................................................................................... 69 4.1.2 Add Wireless Device with WPS ......................................
Unified Services Router User Manual Chapter 7. SSL VPN ............................................................................................................................................ 129 7.1 Groups and Users............................................................................................................. 131 7.1.1 Users and Passwords ..................................................................................................... 137 7.2 Using SSL VPN Policies .................
Unified Services Router User Manual 10.3.2 Wireless Clients ................................................................................................................. 187 10.3.3 LAN Clients ......................................................................................................................... 187 10.3.4 Active VPN Tunnels ......................................................................................................... 188 Chapter 11. Trouble Shooting ......................
Unified Services Router User Manual List of Figures Figure 1: Setup page for LA N TCP/IP settings ................................................................................................. 15 Figure 2: LAN DHCP Reserved IPs ..................................................................................................................... 17 Figure 3: LAN DHCP Leased Clients ...................................................................................................................
Unified Services Router User Manual Figure 33: OSPFv2 configured parameters ....................................................................................................... 59 Figure 34: OSPFv2 configuration .......................................................................................................................... 60 Figure 35: OSPFv3 configured parameters .......................................................................................................
Unified Services Router User Manual Figure 65: Two trusted domains added to the Approved URLs List ....................................................... 104 Figure 66: One keyword added to the block list ............................................................................................. 105 Figure 67: Export Approved URL list .................................................................................................................
Unified Services Router User Manual Figure 98: Configured client routes only apply in split tunnel mode........................................................ 146 Figure 99: List of configured SSL VPN portals. The configured portal can then be associated with an aut hentication domain .................................................................................................................. 147 Figure 100: SSL VPN Portal configuration ...............................................................
Unified Services Router User Manual Figure 132: AP specific statistics......................................................................................................................... 185 Figure 133: List of current Active Firewall Sessions ..................................................................................... 186 Figure 134: List of connected 802.11 clients per AP ....................................................................................
Unified Services Router User Manual Chapter 1. Introduction D-Lin k Un ified Serv ices Ro u t ers o ffer a s ecu re, h ig h p erforman ce n et wo rkin g s o lu t io n t o ad d ress t h e g rowin g n eed s o f s mall an d med iu m b u s in es s es . In t eg rat ed h ig h -s p eed IEEE 802.11n an d 3G wireles s t ech n o lo g ies o ffer co mp arab le p erfo rman ce t o t rad it io n al wired n et wo rks , b u t wit h fewer limit at io n s .
Unified Services Router User Manual cen t ral co rp o rat e d at ab as e. Sit e -t o -s it e VPN t u n n els u s e IP Secu rit y ( IPs ec ) Pro t o co l, Po in t -t o -Po in t Tu n n elin g Pro t o co l (PPTP), o r Lay er 2 Tu n n elin g Pro t o co l (L2TP) t o facilit at e b ran ch o ffice co n n ect iv it y t h ro u g h en cry p t ed v irt u al lin ks .
Chapter 2. Configuring Your Network: LAN Setup It is as s umed t h at t h e u ser h as a mach in e fo r man ag emen t co nnected t o t h e LA N t o t h e ro u t er. Th e LA N co n n ectio n may b e t h ro u gh t h e wired Et h ern et p o rt s av ailab le o n t h e ro u t er, o r o n ce t h e in it ial s et up is co mp let e, t h e DSR may als o b e ma n ag ed t h ro u g h it s wireles s in t erface as it is b rid g ed wit h t h e LA N.
Unified Services Router User Manual To co n fig u re LA N Co n n ect iv it y , p leas e fo llo w t h e s t ep s b elo w: 1. In the LAN Setup page, enter the following information for your router: IP ad d res s (fact o ry d efau lt : 192.168.10.1). If y o u ch an g e t h e IP ad d res s an d click Sav e Set t in g s , t h e GUI will n o t res p o n d . Op en a n ew co n n ect io n t o t h e n ew IP ad d res s an d lo g in ag ain .
Unified Services Router User Manual Leas e Time: En t er t h e t ime, in h o u rs , fo r wh ich IP ad d res s es are leas ed t o clien t s . Relay Gat eway : En t er t h e g at eway add res s . Th is is t h e o n ly co n fig u rat io n p aramet er req u ired in t h is s ect io n wh en DHCP Relay is s elect ed as it s DHCP mo d e 3. In the DNS Host Name Mapping section: Ho s t Name: Pro v id e a v alid h o s t n ame IP ad d res s : Pro v id e t h e IP ad d res s o f t h e h o s t n ame, 4.
Unified Services Router User Manual 2.1.1 LAN DHCP Reserv ed IPs Setup > Network Settings > LAN DHCP Reserved IPs Th is ro u t er DHCP s erv er can as sig n TCP/ IP co n fig urat io n s t o co mp u t ers in t h e LA N exp licit ly b y ad d in g clien t 's n etwo rk in t erface h ardware ad dress an d t he IP ad d ress t o b e as s ig ned t o t h at clien t in DHCP s erv er's d atabase.
Unified Services Router User Manual Figure 2 : LAN DHCP Re s e rve d IPs 2.1.2 LAN DHCP Leased Clients Setup > Network Settings > LAN DHCP Leased Clients Th is p ag e p ro v id es t h e lis t o f clien t s co n n ect t o LA N DHCP s erv er.
Unified Services Router User Manual Figure 3 : LAN DHCP Le as e d Clie nts IP Addres s es : Th e LA N IP ad d res s o f a h o s t t h at mat ch es t h e res erv ed IP lis t . MAC Addres s es : Th e M A C ad d ress o f a LA N h o s t t h at h as a co n figu red IP ad d res s res erv at io n . 2.1.3 LAN Configuration in an IPv 6 Network Advanced > IPv6 > IPv6 LAN > IPv6 LAN Config (1) In IPv 6 mo d e, t h e LA N DHCP s erv er is en ab led b y d efau lt (s imilar t o IPv 4 mo d e).
Unified Services Router User Manual Figure 4 : IPv6 LAN and DHCPv6 configurat io n If y o u ch an g e t h e IP ad d res s an d click Sav e Set t in g s , t h e GUI will n o t res p o n d . Op en a n ew co n n ect io n t o t h e n ew IP ad d res s an d lo g in ag ain .
Unified Services Router User Manual A s wit h an IPv 4 LA N n et wo rk, t h e ro u t er h as a DHCPv 6 s erv er. If en ab led , t h e ro u t er as s ig n s an IP ad d res s wit h in t h e s p ecified ran g e p lu s ad d it io n al s p ecified in fo rmat io n t o an y LA N PC t h at req u es t s DHCP s erv ed ad d res s es . Th e fo llo win g s et t in g s are u s ed t o co n fig u re t h e DHCPv 6 s erv er: DHCP M o d e: Th e IPv 6 DHCP s erv er is eit h er s t at eless o r s t at efu l.
Unified Services Router User Manual Prefix A d d res s : IPv 6 p refix ad d res s in t h e DHCPv 6 s erv er p refix p o o l Prefix Len g t h : Len g t h p refix ad d res s 2.1.4 Configuring IPv 6 Router Adv ertisements Ro u t er A d v ertis emen ts are an alo go us t o IPv 4 DHCP as s ig nmen ts fo r LA N clien t s , in t h at t h e ro u t er will as s ig n an IP ad d res s an d s u p p o rt in g n et wo rk in fo rmat io n t o d ev ices t hat are co n fig ured t o accept s uch d etails.
Unified Services Router User Manual s eco n ds. Up o n exp irat io n o f t h is v alu e, a n ew RA DVD exch an g e mu s t t ake p lace b et ween t h e h o s t an d t h is ro u t er.
Unified Services Router User Manual IPv 6 Prefix: W h en u s ing Glo b al/ Lo cal/ISA TAP p refixes , t h is field is u s ed to d efin e t h e IPv 6 n et wo rk ad v ert is ed b y t h is ro u t er. IPv 6 Prefix Len g t h : Th is v alu e in d icat e s t h e n u mb er co n t ig u o u s , h ig h er o rd er b it s o f t h e IPv 6 ad d res s t h at d efin e u p t h e n et wo rk p o rt io n o f t h e ad d res s . Ty p ically t h is is 64.
Unified Services Router User Manual n u mb er fro m 2 t o 4091. VLA N ID 1 is res erv ed fo r t h e d efau lt VLA N, wh ich is u s e d fo r u n t ag ged frames receiv ed o n t h e in t erface. By en ab lin g In t er VLA N Ro u t in g , y o u will allo w t raffic fro m LA N h o s ts b elo ng ing t o t his VLA N ID t o p as s t h roug h t o o ther co n fig u red VLA N IDs t h at h av e In t er VLA N Ro u t in g en ab led . Figure 7 : Adding VLAN me mbe rs hips to the LAN 2.2.
Unified Services Router User Manual Figure 8 : Port VLAN lis t In A cces s mo d e t h e p o rt is a memb er o f a s in g le VLA N (an d o n ly o n e). A ll d at a g o in g in t o an d o u t o f t h e p o rt is u n t ag g ed . Traffic t h ro u g h a p o rt in acces s mo d e lo o ks like an y o t h er Et h ern et frame. In Tru n k mo d e t h e p o rt is a memb er o f a u s er s elect ab le s et o f VLA Ns . A ll d at a g o in g in t o an d o u t o f t h e p o rt is t ag ged.
Unified Services Router User Manual Figure 9 : Configu ri ng VLAN me mbe rs hip for a port 2.2.2 Multiple VLAN Subnets Setup > VLAN Settings > Multi VLAN Settings Th is p ag e s ho ws a lis t o f av ailab le mu lt i-VLA N s u b n ets. Each co n fig u red VLA N ID can map d irect ly t o a s u b n et wit h in t h e LA N.
Unified Services Router User Manual Figure 10 : M ultiple VLAN Subne ts 2.2.3 VLAN configuration Setup > VLAN Settings > VLANconfiguration Th is p ag e allo ws en ab lin g o r d is ab lin g t h e VLA N fu n ct io n o n t h e ro u t er. Virt u al LA Ns can b e creat ed in t h is ro ut er t o p ro vid e seg men t at io n cap ab ilit ies fo r firewall ru les an d VPN p o licies . Th e LA N n et wo rk is co n s id ered t h e d efau lt VLA N.
Unified Services Router User Manual Figure 11 : VLAN Configu rat ion 2.3 Configurable Port: DMZ Setup DSR-150/ 150N/ 250/ 250N d o es n o t h av e a co n fig u rab le p o rt – t h ere is n o DM Z s u p p o rt . Th is ro u t er s up port s o ne o f t h e p hy sical p o rt s t o b e co n fig u red as a s eco n d ary W A N Et h ern et p o rt o r a d ed icated DM Z p o rt . A DM Z is a s u b n et wo rk t h at is o p en t o t h e p u b lic b u t b eh ind t h e firewall.
Unified Services Router User Manual Figure 12 : DM Z configuratio n In o rd er t o co n fig u re a DM Z p o rt , t h e ro u t er’s co n fig u rab le p o rt mu s t b e s et t o DM Z in t h e Setup > Internet Settings > Configurable Port p ag e. 2.
Unified Services Router User Manual A d v ert is emen t Perio d : Th is is t h e freq u en cy t h at t h e ro u t er b ro ad cas t s UPn P in fo rmat io n o v er t h e n et wo rk. A larg e v alu e will min imize n et wo rk t raffic b u t cau s e d elay s in id en t ify in g n ew UPn P d ev ices t o t h e n et wo rk. A d v ert isemen t Time t o Liv e: Th is is exp res s ed in h o p s fo r each UPn P p acket .
Unified Services Router User Manual 2.5 Captive Portal DSR-150/ 150N/ 250/ 250N d o es n o t h av e s u p p o rt fo r t h e Cap t iv e Po rt al feat u re. LA N u s ers can g ain in t ern et acces s v ia web p o rt al au t h en t icat io n wit h t h e DSR.
Unified Services Router User Manual Figure 14 : Active Runtime s e s s ions 2.6 Captive portal setup Advanced > Captive Portal >Captive Portal Setup Cap t iv e Po rt al is a s ecu rit y mech an is m t o s elect iv ely p ro v id e au t h en t icat io n o n cert ain in t erfaces . Th is p ag e allo ws t o man ag e t h e Po licie s an d Pro files o f Cap t iv ePo rt al.
Unified Services Router User Manual Figure 15 : Captive Portal Se tup Cap t iv e Po rt al Po licie s : Th e Lis t o f A v ailab le Cap t iv ePo rt al Po licies are s h o wn in t h is t ab le. A u t h en t icat io n Ty p e : Th is allo ws in ch o o s in g t h e au t h en t icat io n mo d e, t y p e an d red irect io n t y p e . Lis t o f A v ailab le Pro files : A n y o n e o f t h ese p ro files can b e u s ed fo r Cap t iv e Po rt al Lo g in p ag e wh ile en ab lin g Cap t iv e Po rt al.
Unified Services Router User Manual Figure 16 : Cus tomize d Captive Portal Se tup Click “A d d ” in t h e Cap t iv e Po rtal s etu p p ag e t o allo w d efin in g cu s t o mized cap t iv e p o rt al lo g in p ag e in fo rmat io n ( Pag e Backg ro u n d Co lo r, Head er Det ails , Head er Cap t io n , Lo g in Sect io n Det ails, A d vertis emen t Det ails , Fo o t er Det ails an d Cap t iv e Po rt al Head er Imag e ).
Unified Services Router User Manual Chapter 3. Connecting to the Internet: WAN Setup Th is ro u t er h as t wo W A N p o rt s t h at can b e u s ed t o es t ab lis h a co n n ect io n t o t h e in t ern et . Th e fo llo win g ISP co n n ect io n t y p es are s u p p o rt ed : DHCP, St at ic, PPPo E, PPTP, L2TP, 3G In t ern et (v ia USB mo d em). It is as s u med t h at y o u h av e arran g ed fo r in t ern et s erv ice wit h y o u r In t ern et Serv ice Pro v id er (ISP).
Unified Services Router User Manual 3G In t ern et acces s wit h a USB mo d em is s u p p o rt ed o n W A N 3. Th e In t ern et Co n n ect io n Set u p W izard as s is t s wit h t h e p rimary W A N p o rt (W A N1) co n fig u ratio n o n ly . 3.
Unified Services Router User Manual M y IP A d d res s : En t er t h e IP ad d res s as s ig n ed t o y o u b y t h e ISP. Serv er IP A d d res s : En t er t h e IP ad d res s o f t h e PPTP o r L2TP s erv er. DSR-150/ 150N/ 250/ 250N d o es n ’t h av e a d u al W A N s u p p o rt . 3.2.1 W AN Port IP address Yo u r ISP as s ig n s y o u an IP ad d res s t h at is eit h er d y n amic (n ewly g en erat ed each t ime y o u lo g in ) o r s t at ic (p erman ent).
Unified Services Router User Manual Figure 18 : M anual WAN configuratio n 3.2.4 PPPoE Setup > Internet Settings Th e PPPo E ISP s et t in g s are d efin ed o n t h e W A N Co n fig u rat io n p age. Th ere are t wo t y p es o f PPPo E ISP’s s u p p o rt ed b y t h e DSR: t h e s t an d ard u s ern ame/ p as s wo rd PPPo E an d Jap an M u lt ip le PPPo E.
Unified Services Router User Manual Figure 19 : PPPoE configuratio n for s tandard ISPs M o s t PPPo E ISP’s u s e a s in g le co nt rol an d d ata co nnect ion , an d req u ire u s ern ame / p as s wo rd cred en t ials t o lo g in an d au t h en t icat e t h e DSR wit h t h e ISP. Th e ISP co n n ect io n t y p e fo r t h is cas e is “PPPo E (Us ern ame/ Pas s wo rd )”.
Unified Services Router User Manual Figure 20 : WAN configurat io n for Japane s e M ultiple PPPoE (part 1) Th ere are a few key elemen t s o f a mu lt ip le PPPo E co n n ect io n : Primary an d s eco n d ary co n n ect io n s are co n cu rren t Each s es sio n h as a DNS s erv er s ou rce fo r d o main n ame lo o ku p , t h is can b e assig ned b y t h e ISP o r co n fig u red t h ro u g h t h e GUI Th e DSR act s as a DNS p ro xy fo r LA N u s ers On ly HTTP req u es ts t h at s pecific
Unified Services Router User Manual W h en Jap anese mu lt ip le PPPo E is co n fig u red an d s eco ndary con nect ion is u p , so me p red efin ed ro u t es are ad ded o n t hat in t erface. Th ese ro u tes are n eeded t o access t he in t ern al d o main o f t h e ISP wh ere h e h o s t s v ario us s erv ices . Th es e ro u t es can ev en b e co n fig u red t h ro u g h t h e s t at ic ro u t in g p ag e as well. Figure 21 : WAN configurat io n for M ultiple PPPoE (part 2) 3.2.
Unified Services Router User Manual Figure 22 : Rus s ia L2TP ISP configurat io n 3.2.6 Russia Dual Access PPPoE Fo r Ru s s ia d u al access PPPo E co n n ectio ns, y o u can ch oose t h e ad dres s mo d e o f t h e co n n ect io n t o g et an IP ad d res s fro m t h e ISP o r co n fig u re a s t at ic IP ad d res s p ro v id ed b y t h e ISP.
Unified Services Router User Manual Figure 23 : Rus s ia Dual acce s s PPPoE configuratio n 3.2.7 W AN Configuration in an IPv 6 Network Advanced > IPv6 > IPv6 WAN1 Config Fo r IPv 6 W A N co n n ect io n s , t h is ro u t er can h av e a s t at ic IPv 6 ad d res s o r receiv e co n n ectio n in fo rmat io n wh en co nfig ured as a DHCPv 6 clien t .
Unified Services Router User Manual t h ere n eed n o t b e a DHCPv 6 s erv er av ailab le at t h e ISP, rat h er ICM Pv 6 d is co v er mes s ag es will o rig in at e fro m t h is g at eway an d will b e u s ed fo r au t o co nfig u rat ion. A t h ird o p t io n t o s p ecify t h e IP ad d res s an d p refix len g t h o f a p referred DHCPv 6 s erv er is av ailab le as well.
Unified Services Router User Manual Pas s wo rd : En t er t h e p as s wo rd req u ired t o lo g in t o t h e ISP. A u t h ent icat ion Ty pe: Th e t y pe o f A u t hent icatio n in u se b y t he p ro file: A u to Neg o t iat e/ PA P/ CHA P/ M S-CHA P/ M S-CHA Pv 2. Dh cp v 6 Op t io n s : Th e mo d e o f Dh cp v 6 clien t t h at will s t art in t h is mo d e: d is ab le d h cpv6/ stateless d hcpv6/ stateful d h cpv 6/st at eless d h cp v6 wit h p refix d eleg at io n .
Unified Services Router User Manual Figure 25 : Conne ction Status inform at io n for both WAN ports Th e W A N s t at us p age allo ws y ou t o En ab le o r Dis ab le s t at ic W A N lin ks . Fo r W A N s et t in gs t h at are d y namically receiv ed fro m t h e ISP, y o u can Ren ew o r Releas e t h e lin k p aramet ers if req u ired .
Unified Services Router User Manual 3.3 Bandwidth Controls Advanced > Advanced Network > Traffic Management > Bandwidth Profiles Ban d wid t h p ro files allo w y o u t o reg u late t h e t raffic flo w fro m t h e LA N t o W A N 1 o r W A N 2. Th is is u s efu l t o en s u re t h at lo w p rio rit y LA N u s ers (l ike g u es t s o r HTTP s erv ice) d o n o t mo n o p o lize t h e av ailab le W A N’s b an d wid t h fo r co s t -s av in g s o r b an d wid t h -p rio rit y -allo cat io n p u rp o s es .
Unified Services Router User Manual Fo r fin er co n t ro l, t h e Rat e p ro file t y pe can b e u s ed . W it h t h is o p t io n t h e min imu m an d maximu m b an d wid t h allo wed b y t h is p ro file can b e limit ed . Ch o o s e t h e W A N in t erface t h at t h e p ro file s h o u ld b e as s o ciat ed wit h .
Unified Services Router User Manual Figure 28 : Traffi c Se le ctor Configu rat io n 3.4 Features with Multiple WAN Links Th is ro u t er s u p p o rt s mu lt ip le W A N lin ks . Th is allo ws y o u t o t ake ad v an t ag e o f failo v er an d lo ad b alan cing featu res t o en sure certain in t ern et d epend en t s erv ices are p rio rit ized in t h e ev en t o f u n s t ab le W A N co n n ect iv it y o n o n e o f t h e p o rt s .
Unified Services Router User Manual No t e t h at b o th W AN1, W A N2 an d W A N3 can b e co nfig ured as t h e p rimary in t ern et lin k. A u t o -Ro llo v er u s in g W A N p o rt Primary W A N: Select ed W A N is t h e p rimary lin k ( W A N1/ W A N2/ W A N3) Seco n d ary W A N: Select ed W A N is t h e s eco n d ary lin k.
Unified Services Router User Manual 70% o f 1Kb p s , t h e n ew co n n ect io n s will b e s p illed -o v er t o s eco n d ary W A N. Th e maximu m v alu e o f lo ad t o leran ce is 80 an d t h e leas t is 20. Protocol B i ndi ng s : Refer Sect io n 3.4.3 fo r d et ails Lo ad b alan cin g is p art icularly u sefu l wh en t h e co n n ect io n s p eed o f o n e W A N p o rt g reat ly d iffers fro m an o t h er.
Unified Services Router User Manual Figure 29 : Load B alancing is available whe n multiple WAN ports are configure d and Protocol B indings have be e n de fine d 3.4.3 Protocol Bindings Advanced > Routing > Protocol Bindings Pro t o co l b in d in gs are req uired wh en t h e Lo ad Balan cin g feat ure is in u s e.
Unified Services Router User Manual ad d res s es can b e as s ig n ed t o t h e o t h er W A N lin k. Pro t o co l b in d in g s are o n ly ap p licab le wh en lo ad b alan cin g mo d e is en ab led an d mo r e t h an o n e W A N is co n fig u red . Figure 30 : Protocol binding s e tup to as s ociate a s e rvice and/or LAN s ource to a WAN and/or de s tination ne twork 3.
Unified Services Router User Manual NA T is a t ech n iq u e wh ich allo ws s ev eral co mp u t ers o n a LA N t o s h are an In t ern et co n n ect io n . Th e co mp u t ers o n t h e LA N u s e a " p riv at e" IP ad d res s ran g e wh ile t h e W A N p o rt o n t h e ro u ter is co n figu red wit h a s in g le " p u b lic" IP ad d res s. A lo ng wit h co n nectio n s harin g, NA T als o h id es in t ern al IP ad d res s es fro m t h e co mp u t ers o n t h e In t ern et .
Unified Services Router User Manual Figure 31 : Routing M ode is us e d to configure traffic routing be twe e n WAN and LAN, as we ll as Dynamic routing (RIP) 55
Unified Services Router User Manual 3.5.2 Dynamic Routing (RIP) DSR- 150/ 150N/ 250/ 250N d o es n o t s u p p o rt RIP. Setup > Internet Settings > Routing Mode Dy n amic ro u t in g u s in g t h e Ro u t in g In fo rmat io n Pro t o co l (RIP) is an In t erio r Gat eway Pro t o co l (IGP) t h at is co mmo n in LA Ns .
Unified Services Router User Manual 3.5.3 Static Routing Advanced > Routing > Static Routing Advanced > IPv6 > IPv6 Static Routing M an u ally ad d ing s tatic ro u tes t o t h is d evice allo ws y o u t o d efin e t h e p at h s elect io n o f t raffic fro m o n e in t erface t o an o t h er.
Unified Services Router User Manual Figure 32 : Static route configurat io n fie lds 3.5.4 OSPFv 2 Advanced > Routing > OSPF OSPF is an in t erio r g at eway p ro t ocol t h at ro u tes In ternet Pro t o col (IP) p acket s s o lely wit h in a s in g le ro u t ing d omain . It g at h ers lin k s t at e in fo rmat io n fro m av ailab le ro uters an d co n s t ru ct s a t o p o lo g y map o f t h e n et wo rk. OSPF v ers io n 2 is a ro u t in g p ro to co l wh ich d es crib ed in RFC2328 - OSPF Vers io n 2.
Unified Services Router User Manual Figure 33 : OSPFv2 configure d parame te rs In t erface : Th e p h y s ical n et wo rk in t erface o n wh ich OSPFv 2 is En ab led / Dis ab led . St at u s : Th is co lu mn d is p lay s t h e En ab le/ Dis ab le s t at e o f OSPFv 2 fo r a p art icu lar in t erface. A rea: Th e area t o wh ich t h e in t erface b elo n g s . Two ro u t ers h av in g a co mmo n s eg men t ; t h eir in t erfaces h av e t o b elo n g t o t h e s ame area o n t h at s eg men t .
Unified Services Router User Manual Figure 34 : OSPFv2 configurat io n 3.5.5 OSPFv 3 Advanced > IPv6 > OSPF Op en Sh o rt es t Pat h Firs t v ers io n 3 (OSPFv 3) s u p p o rt s IPv 6 .
Unified Services Router User Manual Figure 35 : OSPFv3 configure d parame te rs In t erface: Th e p h y s ical n et wo rk in t erface o n wh ich OSPFv 3 is En ab led / Dis ab led . St at u s : Th is co lu mn d is p lay s t h e En ab le/ Dis ab le s t at e o f OSPFv 3 fo r a p art icu lar in t erface. Prio rit y : Help s t o d et ermin e t h e OSPFv 3 d es ig nated ro u t er fo r a n et wo rk.
Unified Services Router User Manual Figure 36 : OSPFv3 configurat io n 3.5.6 6to4 Tunneling Advanced > IPv6 > 6to4 Tunneling 6t o 4 is an In t ern et t ran sitio n mech an ism fo r mig rat in g fro m IPv 4 t o IPv 6, a s y s t em t h at allo ws IPv 6 p acket s t o b e t ran s mit t ed o v er an IPv 4 n et wo rk. Select t h e ch eck b o x t o Enabl e Automati c Tunnel i ng an d allo w t raffic fro m an IPv 6 LA N t o b e s en t o v er a IP v 4 Op t io n t o reach a remo t e IPv 6 n et wo rk.
Unified Services Router User Manual Figure 37 : 6 to 4 tunne ling 3.5.7 ISATAP Tunnels Advanced > IPv6 > 6to4 Tunneling ISA TA P (In t ra -Sit e A u t o mat ic Tu n n el A d d res s in g Pro t o co l) is an IPv 6 t ran s it io n mech an ism mean t t o t ran smit IPv 6 p acket s b etween d u al-s t ack n o d es o n t o p o f an IPv 4 n et wo rk. ISA TA P s p ecifies an IPv 6-IPv 4 co mp at ib ilit y ad d res s fo rmat as well as a mean s fo r s it e b o rd er ro u t er d is co v ery .
Unified Services Router User Manual Figure 38 : IS ATAP Tunnel s Confi g ura ti o n ISA TA P Su b n et Prefix: Th is is t h e 64-b it s u b n et p refix t h at is as s ig n ed t o t h e lo g ical ISA TA P s u bn et fo r t h is in t ranet. Th is can b e o b tained fro m y o u r ISP o r in t ern et reg is t ry , o r d eriv ed fro m RFC 4193. En d Po in t A d d ress: Th is is t h e en dpo int ad dress fo r t h e t u nn el t h at s t art s wit h t h is ro u t er.
Unified Services Router o User Manual On Deman d : Th e co n n ect io n is au t o mat ically en d ed if it is id le fo r a s p ecified n u mb er o f min u t es . En t er t h e n u mb er o f min u t es in t h e M aximu m Id le Time field . Th is feat u re is u s efu l if y o u r ISP ch arg es y o u b as ed o n t h e amo u n t o f t ime t h at y o u are co n n ect ed . Pas s wo rd : En t er t h e p as s wo rd req u ired t o lo g in t o t h e ISP.
Unified Services Router User Manual Figure 39 : WAN3 configurat io n for 3G inte rne t 3G W A N s u p p o rt is av ailab le o n t h e s e d u al W A N p ro d u ct s : DSR-1000 an d DSR1000N. Cellu lar 3G in t ern et acces s is av ailab le o n W A N 3 v ia a 3G USB mo d em fo r DSR1000 an d DSR-1000N. Th e cellu lar ISP t h at p ro v id es t h e 3G d at a p lan will p ro v id e t h e au t h enticatio n req u iremen ts t o establis h a co n n ect io n .
Unified Services Router User Manual Th e d efau lt M TU s ize s u p p o rt ed b y all p o rt s is 1500. Th is is t h e larg es t p acket s ize t h at can p ass t h roug h t h e in t erface wit h o ut frag men t at io n. Th is s ize can b e in creas ed , h o wev er larg e p ackets can in t rod uce n etwo rk lag an d b rin g d own t h e in t erface s p eed . No t e t h at a 1500 b y t e s ize p acket is t h e larg est allo w ed b y t h e Et h ernet p ro to co l at the n et wo rk lay er.
Unified Services Router User Manual Chapter 4. Wireless Access Point Setup Th is ro u t er h as an in t egrated 802.11n rad io t h at allo ws y o u t o create an access p oin t for wireles s LA N clien t s . Th e s ecurit y/ en cry ptio n/ au thent icat io n o p t io n s are g ro u p ed in a wireles s Pro file, an d each co n fig u red p ro file will b e av ailab le fo r s elect io n in t h e A P co n fig u ratio n men u .
Unified Services Router User Manual Figure 41 : Wire le s s Ne twork Se tup Wizards 4.1.1 W ireless Network Setup W izard Th is wizard p ro v id es a s t ep -by-st ep g uid e t o creat e an d secure a n ew access p oint on t h e ro u t er. Th e n et wo rk n ame (SSID) is t h e A P id en t ifier t h at will b e d et ect ed b y s u p p ort ed clien ts.
Unified Services Router User Manual wireles s d ev ice is ch o s e, y o u will b e p res en t ed wit h t wo co mmo n W PS s et u p o p t io n s : Pers onal Identi fi cati on Number (PIN): Th e wireles s d ev ice t h at s u p p o rt s W PS may h av e an alp h an umeric PIN, an d if en t ered in t h is field t h e A P will es t ab lish a lin k t o t h e clien t . Click Co n n ect t o co mp let e s etu p an d co n nect to t h e clien t .
Unified Services Router User Manual W PA (W i-Fi Pro t ect ed A ccess): Fo r s t ro n g er wireles s s ecu rit y t h an W EP, ch o o s e t h is o p t io n. Th e en cry ptio n fo r W PA will u s e TKIP an d als o CCM P if req u ired . The au t h en t icat io n can b e a p re-s h ared key (PSK), En t erp ris e mo d e wit h RA DIUS s erv er, o r b o t h . No t e t h at W PA d o es n o t s u p p o rt 802.11n d at a rat es ; is it ap p ro p riat e fo r leg acy 802.11 co n n ect io n s .
Unified Services Router User Manual En cry p t io n : s ele ct t h e en cry p t io n key s ize -- 64 b it W EP o r 128 b it W EP. Th e larg er s ize key s p ro v id e s tron ger en cry pt ion , t h u s makin g t h e key mo re d ifficu lt t o crack W EP Pas s p hras e: en t er an alp h an u meric p h ras e an d click Gen erat e Key t o g en erat e 4 u n iq u e W EP ke y s wit h len g t h d et ermin ed b y t h e en cry p t io n key s ize.
Unified Services Router User Manual Figure 43 : Profile configuratio n to s e t ne twork s e curity 4.2.2 W PA or W PA2 with PSK A p re -s h ared key (PSK) is a kn o wn p as sp hrase co nfig u red o n t h e A P an d clien t b o th an d is u s ed t o au t henticate t he wireles s clien t . A n acceptable p assph ras e is b et ween 8 t o 63 ch aract ers in len g t h . 4.2.
Unified Services Router User Manual wireles s clien t co n n ect io n s t o an A P en ab led wit h a p ro file t h at u s es RA DIUS au t h en t icat io n . Th e A u t h en t icat io n IP A d d res s is req u ired t o id en t ify t h e s erv er. A s eco n dary RA DIUS s erv er p ro vid es red und an cy in t h e event t hat t h e p rimary s erv er can n o t b e reach ed b y t h e ro u t er wh en n eed ed .
Unified Services Router User Manual Figure 44 : RADIUS s e rve r (Exte rnal Authe nticatio n ) configurat io n 4.3 Creating and Using Access Points Setup > Wireless Settings > Access Points On ce a p ro file (a g ro u p o f s ecu rity s et tin gs) is created, it can b e as sig ned t o an A P o n t h e ro u t er. Th e A P SSID can b e co n fig u red t o b ro adcas t it s av ailab ilit y t o t h e 802.11 en v iro n men t can b e u s ed t o es t ab lis h a W LA N n et wo rk.
Unified Services Router User Manual Th e A P Name is a u n iq u e id en t ifier u s ed t o man ag e t h e A P fro m t h e GUI, an d is n o t t h e SSID t h at is d et ect ed b y clien t s wh en t h e A P h as b ro ad cas t en ab led . Figure 45 : Virtu al AP configurat io n A v alu ab le p o wer s av in g feat u re is t h e s t art an d s t o p t ime co n t ro l fo r t h is A P. Yo u can co n s erv e o n t h e rad io p o wer b y d is ab lin g t h e A P wh en it is n o t in u s e.
Unified Services Router User Manual Figure 46 : Lis t of configure d acce s s points (Virtu al APs ) s hows one e nable d acce s s point on the radio, broadcas t i ng its SSID Th e clien t s co nn ected t o a p art icular A P can b e v iewed b y u s ing t he St atu s Bu t t o n o n t h e Lis t o f A v ailab le A cces s Po in t s . Traffic s t at is t ics are s h o wn fo r t h at in d iv id u al A P, as co mp ared t o t h e s ummary s t ats fo r each A P o n t h e St at ist ics t ab le.
Unified Services Router User Manual b ro ad cast t h e SSID fo r t h e VA P wit h W EP s in ce it is mean t t o b e u s ed fo r a few leg acy d ev ices in t h is s cen ario . 4.4 Tuning Radio Specific Settings Setup > Wireless Settings > Radio Settings Th e Rad io Set t in g s p ag e let s y o u co n fig u re t h e ch an n els an d p o wer lev els av ailab le fo r t h e A P’s en abled o n t h e DSR. Th e ro u t er h as a d u al b an d 802.11n rad io , mean in g eit h er 2.
Unified Services Router User Manual 4.5 WMM Setup > Wireless Settings > WMM W i-Fi M u lt imed ia (W M M ) p ro v id es b as ic Qu alit y o f s erv ice ( Qo S) feat u res t o IEEE 802.11 n et wo rks . W M M p rio rit izes t raffic accordin g t o fo u r A ccess Cat ego ries (A C) v o ice, v id eo , b es t effo rt , an d b ackg ro u n d . Figure 48 : Wi-Fi M ultime dia Profi l e Name : Th is field allo ws y o u t o s elect t h e a v ailab le p ro files in wireles s s et t in g s .
Unified Services Router User Manual 4.6 Wireless distribution system (WDS) Setup > Wireless Settings > WDS W ireles s d is t rib u t io n s y s t em is a s y s t em en ab lin g t h e wireles s in t erco n n ect io n o f acces s p o in t s in a n et wo rk. Th is feat u re is o n ly g u aran t eed t o wo rk o n ly b et ween d ev ices o f t h e s ame t y p e .
Unified Services Router User Manual Fo r a W DS lin k t o fu n ct io n p rop erly t h e Rad io s et tin g s o n t h e W DS p eers h av e t o b e t h e s ame. Th e W DS p ag e wo u ld co n sist o f t wo s ect ions. Th e firs t s ectio n p ro v ides g eneral W DS s et t in g s s h ared b y all it s W DS p eers . WDS Enabl e - Th is wo u ld b e a ch eck b o x W DS En cry p t io n - Dis p lay s t he t y pe o f en crypt ion u s ed .
Unified Services Router User Manual Figure 50 : Advance d Wire le s s communic at io n s e ttings 4.8 Wi-Fi Protected Setup (WPS) Advanced > Wireless Settings > WPS W PS is a s imp lified met h o d t o ad d s up port ing wireles s clien ts t o t h e n et work. W PS is o n ly ap p licab le fo r A Ps t hat emp lo y W PA o r W PA 2 s ecu rit y.
Unified Services Router User Manual M o re t h an o n e A P can u s e W PS, b u t o n ly o n e A P can b e u s ed t o es t ab lis h W PS lin ks t o clien t at an y g iv en t ime.
Chapter 5. Securing the Private Network Yo u can s ecu re y ou r n etwo rk b y creat in g an d ap p ly in g ru les t h at y o u r ro u t er u s es t o s elect iv ely b lo ck an d allo w in b o u n d an d o u t b o u n d In t ern et t raffic. Yo u t h en s p ecify h o w an d t o wh o m t h e ru les ap p ly .
Unified Services Router User Manual may u s e t h e IP ad d res s if a s t at ic ad d res s is as s ig n ed t o t h e W A N p o rt , o r if y o u r W A N ad d res s is d y n amic a DDNS (Dy n a mic DNS) n ame can b e u s ed . Ou t b o u nd (LA N/ DM Z t o W A N) ru les res trict access t o t raffic leav in g y o u r n et wo rk, s elect iv ely allo win g o n ly s pecific lo cal u s ers t o access s p ecific o u tsid e res ou rces .
Unified Services Router User Manual Figure 53 : Lis t of Available Sche dule s to bind to a fire wal l rule 5.3 Configuring Firewall Rules Advanced > Firewall Settings > Firewall Rules A ll co n fig u red firewall ru les o n t h e ro u t er are d is p lay ed in t h e Firewall Ru les lis t . Th is lis t als o in d icat es wh et h er t h e ru le is en ab led (act iv e) o r n o t , an d g iv es a s u mmary o f t h e Fro m/ To zo n e as well as t h e s erv ices o r u s ers t h at t h e ru le affect s .
Unified Services Router User Manual Serv ice : A NY mean s all t raffic is affect ed b y t h is ru le. Fo r a s p ecific s erv ice t h e d ro p d o wn lis t h as co mmo n s erv ices , o r y o u can s elect a cu s t o m d efin ed s erv ice. A ct io n & Sch ed u le: Select o n e o f t h e 4 act io n s t h at t h is ru le d efin es : BLOCK alway s , A LLOW alway s , BLOCK b y s ch ed u le o t h erwis e A LLOW , o r A LLOW b y s ch ed u le o t h erwis e BLOCK .
Unified Services Router User Manual Ext ern a l IP ad d ress: Th e ru le can b e b o un d t o a s p ecific W A N in t erface b y s elect in g eit h er t h e p rimary W A N o r co n fig urab le p o rt W A N as t h e s o u rce IP ad d res s fo r in co min g t raffic. Th is ro u t er s up port s mu lt i-NA T an d s o t h e Ext ern al IP ad d res s d o es n o t n ecessarily h av e t o b e t h e W A N ad d res s . On a s in g le W A N in t erface, mu lt ip le p u b lic IP ad d res ses are s u ppo rted.
Unified Services Router User Manual Figure 54 : Example whe re an outbound SNAT rule is us e d to map an e xte rnal IP addre s s (209.156.200.225) to a private DM Z IP addre s s (10.30.30.
Unified Services Router User Manual Figure 55 : The fire wal l rule configuratio n page allows you to de fine the To/From zone , s e rvice , action, s che dule s , and s pe cify s ource /de s tination IP addre s s e s as ne e de d.
Unified Services Router User Manual 5.4 Configuring IPv6 Firewall Rules Advanced > Firewall Settings > IPv6 Firewall Rules A ll co n fig u red IPv 6 firewall ru les o n t h e ro u t er are d is p lay ed in t h e Firewall Ru les lis t . Th is lis t als o in d icat es wh et h er t h e ru le is en ab led (act iv e) o r n o t , an d g iv es a s u mmary o f t h e Fro m/ To zo n e as well as t h e s erv ices o r u s ers t h at t h e ru le affect s .
Unified Services Router User Manual Figure 57 : Lis t of Available IPv6 Fire wall Rule s 5.4.1 Firewall Rule Configuration Examples Exampl e 1 : A llo w in b o u n d HTTP t raffic t o t h e DM Z S i tuati on: Yo u h o s t a p u b lic web s erv er o n y o u r lo cal DM Z n et wo rk . Yo u wan t t o allo w in b o u n d HTTP req u ests fro m an y o u t sid e IP ad d ress t o t h e IP ad d res s o f y o u r web s erv er at an y t ime o f d ay . S ol uti on: Creat e an in b o u n d ru le as fo llo ws .
Unified Services Router User Manual S ol uti on: Creat e an in b o u n d ru le as fo llo ws . In t h e examp le, CUSeeM e (t h e v id eo co n feren ce s erv ice u s ed ) co n n ect io n s are allo wed o n ly fro m a s p ecified ran g e o f ext ern al IP ad d res s es . Par am eter V alu e From Zone Insecure (WAN1/WAN2/WAN3) To Zone Secure (LAN) Service CU-SEEME:UDP Action ALLOW alw ays Send to Local Server (DNAT IP) 192.168.10.11 Destination Users Address Range From 132.177.88.2 To 134.
Unified Services Router E From User Manual 10.1.0.52 x WAN a Users m Log p l e 4 : Blo c Any Never Exampl e 4 : Blo ck t raffic b y s ch edu le if g en erated fro m s p ecific ran g e o f mach in es Us e Cas e: Blo ck all HTTP t raffic o n t h e weeken d s if t h e req u es t o rig in at es fro m a s p ecific g ro u p o f mach in es in t h e LA N h av in g a kn o wn ran g e o f IP ad d res s es , an d an y o n e co min g in t h ro u g h t h e Net wo rk fro m t h e W A N (i.e. all remo t e u s ers ).
Unified Services Router User Manual Figure 58 : Sche dule configurat io n for the above e xample . 2. Since we are trying to block HTTP requests, it is a service with To Zone: Insecure (WAN1/WAN2/WAN3) that is to be blocked according to schedule “Weekend”.
Unified Services Router User Manual 3. Select the Action to “Block by Schedule, otherwise allow”. This will take a predefined schedule and make sure the rule is a blocking rule during the defined dates/times. All other times outside the schedule will not be affected by this firewall blocking rule 4. As we defined our schedule in schedule “Weekend”, this is available in the dropdown menu 5. We want to block the IP range assigned to the marketing group. Let’s say they have IP 192.168.10.20 to 192.168.10.
Unified Services Router User Manual Figure 59 : Lis t of us e r de fine d s e rvice s . Figure 60 : Cus tom Se rvice s configuratio n Creat ed s erv ices are av ailab le as o p t io n s fo r firewall ru le co n fig u rat io n . Name: Name o f t h e s erv ice fo r id en t ificat io n an d man ag emen t p u rp o s es . Ty p e: Th e lay er 3 Pro t o co l t h at t h e s erv ice u s es .
Unified Services Router ICM P t y p es , v is it p aramet ers . User Manual the fo llo win g URL:h t t p :/ / www.ian a.o rg / as s ig n men t s / icmp - St art Po rt : Th e firs t TCP, UDP o r BOTH p o rt o f a ran g e t h at t h e s erv ice u s es . If t h e s erv ice u s es o n ly o n e p o rt , t h en t h e St art Po rt will b e t h e s ame as t h e Fin is h Po rt . Fin is h Po rt : Th e las t p o rt in t h e ran ge t hat t h e s erv ice u s es .
Unified Services Router User Manual Figure 61 : Available ALG s upport on the route r. 5.7 VPN Passthrough for Firewall Advanced > Firewall Settings > VPN Passthrough Th is ro u t er’s firewall s et t in g s can b e co n fig u red t o allo w en cry p t ed VPN t raffic fo r IPs ec , PPTP, an d L2TP VPN t u n n el co n n ect io n s b et ween t h e LA N an d in t ern et .
Unified Services Router User Manual Figure 62 : Pas s through options for VPN tunne ls 5.8 Application Rules Advanced > Application Rules > Application Rules A p p licat io n ru les are als o referred t o as p o rt t rig g erin g . Th is feat u re allo ws d ev ices o n t h e LA N o r DM Z t o req u es t o n e o r mo re p o rt s t o b e fo rward ed t o t h em.
Unified Services Router User Manual Figure 63 : Lis t of Available Applicat io n Rule s s howing 4 unique rule s Th e ap p licat io n ru le s t atus p age will lis t an y act iv e ru les , i.e. in co min g p o rt s t h at are b ein g t rig g ered b a s ed o n o u t b o u n d req u es t s fro m a d efin ed o u t g o in g p o rt . 5.
Unified Services Router User Manual Figure 64 : Conte nt Filte ring us e d to block acce s s to proxy s e rve rs and pre ve nt Active X controls from be ing downloade d 5.9.2 Approv ed URLs Advanced > Website Filter > Approved URLs Th e A p p ro ved URLs is an accep t ance lis t fo r all URL d o main n ames . Do main s ad d ed t o t h is lis t are allo wed in an y fo rm.
Unified Services Router User Manual Figure 65 : Two trus te d domains adde d to the Approve d URLs Lis t 5.9.3 Blocked Keywords Advanced > Website Filter > Blocked Keywords Key wo rd b lo ckin g allo ws y o u t o b lo ck all web s it e URL’s o r s it e co n t ent t h at con tains t h e key wo rd s in t h e co n fig u red lis t . Th is is lo wer p rio rit y t h an t h e A p p ro v ed URL Lis t ; i.e.
Unified Services Router User Manual Figure 66 : One k e yword adde d to the block lis t 5.9.4 Export W eb Filter Advanced > Website Filte r > Export Exp o rt A p p ro v ed URLs : Feat u re en ables t h e u ser t o exp o rt t h e URLs t o b e allo wed t o a cs v file wh ich can t h en b e d o wnlo ad ed t o t h e lo cal h o s t . Th e u s er h as t o click t h e exp o rt b u t t o n t o g et t h e cs v file.
Unified Services Router User Manual Figure 67 : Export Approve d URL lis t 5.10 IP/MAC Binding Advanced > IP/MAC Binding A n o t h er av ailab le securit y meas u re is t o o n ly allo w o u t bou nd t raffic (fro m t h e LA N to W A N) wh en t h e LA N n o d e h as an IP ad d ress mat ch in g t h e M A C ad dress b o u n d t o it .
Unified Services Router User Manual Figure 68 : The followi ng e xample binds a LAN hos t’s M AC Addre s s to an IP addre s s s e rve d by DSR. If the re is an IP/M AC B inding violation, the violating pack e t will be droppe d and logs will be capture d 5.11 Intrusion Prevention (IPS) Advanced > Advanced Network > IPS Th e g at eway ’s In t rusio n Prev entio n Sy s tem (IPS) p rev en t s malicio u s at tacks fro m t h e in t ern et fro m acces s in g t h e p riv at e n et wo rk.
Unified Services Router User Manual Figure 69 : Intrus ion Pre ve ntion fe ature s on the route r 5.12 Protecting from Internet Attacks Advanced > Advanced Network > Attack Checks A t t acks can b e malicio u s s ecu rit y b reach es o r u n in t en t io n al n et wo rk is s u es t h at ren d er t h e ro u t er u n u s ab le. A t t ack ch ecks allo w y o u t o man ag e W A N s ecu rit y t h reat s s uch a s co ntin ual p in g req uests an d d is co very v ia A RP s can s .
Unified Services Router User Manual Figure 70 : Prote cting the route r and LAN from inte rne t attack s WAN S ecuri ty Check s : En ab le St ealt h M o d e: If St ealt h M o de is en ab led, t h e ro u ter will n o t res p ond t o p o rt s can s fro m t h e W A N. Th is makes it les s s u s cep t ib le t o d is co v ery an d at t acks . Blo ck TCP Flo o d : If t h is o p t io n is en ab led , t h e ro u t er will d ro p all in v alid TCP p acket s an d b e p ro t ect ed fro m a SYN flo o d at t ack.
Unified Services Router User Manual Blo ck Frag men t ed Packet s : s elect in g t h is o p t io n d ro p s an y frag men t ed p acket s t h ro u g h o r t o t h e g at eway Blo ck M u lt icas t Packets: s elect ing t h is o pt io n d ro ps mu lt icast p acket s , wh ich co u ld in d icat e a s p o o f at t ack, t h ro u g h o r t o t h e g at eway . DoS Attack s : SYN Flo o d Det ect Rat e (max/ s ec): Th e rat e at wh ich t h e SYN Flo o d can b e d et ect ed .
Unified Services Router User Manual Chapter 6. IPsec / PPTP / L2TP VPN A VPN p ro v id es a s ecu re co mmu n icat io n ch an n el (“t u n n el”) b et ween t wo g at eway ro u t ers o r a remo t e PC clien t . Th e fo llo win g t y p es o f t u n n els can b e creat ed : Gat eway -t o -g ateway VPN: t o co n n ect t wo o r mo re ro u t ers t o s ecure t raffi c b et ween remo t e s it es .
Unified Services Router User Manual Figure 72 : Example of thre e IPs e c clie nt conne ctions to the inte rnal ne twork through the DSR IPs e c gate way 112
Unified Services Router User Manual 6.1 VPN Wizard Setup > Wizard > VPN Wizard Yo u can u s e t h e VPN wizard t o q u ickly creat e b o t h IKE an d VPN p o licies . On ce t h e IKE o r VPN p o licy is creat ed , y o u can mo d ify it as req u ired . Figure 73 : VPN Wizard launch s cre e n To eas ily es t ab lis h a VPN t u n n el u s in g VPN W izard , fo llo w t h e s t ep s b elo w: 1.
Unified Services Router User Manual 2. Configure Remote and Local WAN address for the tunnel endpoints Remo t e Gat eway Ty p e: id en t ify t h e remo t e en d p o in t o f t h e t u n n el b y FQDN o r s t at ic IP ad d res s Remo t e W A N IP ad d res s / FQDN: Th is field is en ab led o n ly if t h e p eer y o u are t ry in g t o co n n ect t o is a Gat eway .
Unified Services Router User Manual Par am eter De f au lt value f rom Wizard Exchange Mode Aggressive (Client policy ) or Main (Gatew ay policy) ID Type FQDN Local WAN ID w an_local.com (only applies to Client policies) Remote WAN ID w an_remote.
Unified Services Router User Manual Figure 74 : IPs e c policy configurat ion On ce t h e t u n nel t y p e an d en d poin t s o f t h e t u n n el are d efin ed y o u can d et ermin e t h e Ph as e 1 / Ph as e 2 n eg o t iatio n t o u se fo r t h e t un nel. Th is is co v ered in t h e IPs ec mode s et t in g , as t h e p o licy can b e M an u al o r A u t o .
Unified Services Router User Manual Th e VPN p o licy is o n e h alf o f t h e IKE/ VPN p o licy p air req u ired t o est ab lis h an A u t o IPs ec VPN t u n n el.
Unified Services Router User Manual en d p o in t. A s well t h e en cry pt io n an d in t egrit y alg o rit hms an d key s mu s t mat ch on the remo t e IPs ec h o s t exact ly in o rd er fo r t h e t u nn el t o es t ab lis h s u cces s fu lly . No t e t h at u s in g A u to p olicies wit h IKE are p referred as in s o me IPs ec imp lemen t at io n s t h e SPI (s ecu rit y p aramet er in d ex) v alu e s req u ire co n v ers io n at each en d p o in t . DSR s u p p orts VPN ro ll-o v er feat u re.
Unified Services Router User Manual Figure 76 : IPs e c policy configurat ion continue d (Auto / M anual Phas e 2) 6.2.1 Extended Authentication (XAUTH) Yo u can als o co n fig ure ext en ded au t hen ticatio n (XA UTH).
Unified Services Router User Manual W it h a co n fig u red RA DIUS s erv er, t h e ro u t er co n n ect s t o a RA DIUS s erv er an d p as s es t o it t h e credent ials t h at it receiv es fro m t h e VPN clien t . Yo u can s ecu re t h e co n n ect io n b et ween t h e ro u t er an d t h e RA DIUS s erv er wit h t h e au t h en t icat io n p ro t o co l s u p p o rt ed b y t h e s erv er (PA P o r CHA P).
Unified Services Router User Manual Figure 77 : PPTP tunne l configuratio n – PPTP Clie nt Figure 78 : PPTP VPN conne ction s tatus Setup > VPN Settings > PPTP > PPTP Server A PPTP VPN can b e es t ablis hed t h rou gh t h is ro u ter. On ce en ab led a PPTP s erv er is av ailab le o n t h e ro u t er fo r LA N an d W A N PPTP clien t u s ers t o acces s .
Unified Services Router User Manual Figure 79 : PPTP tunne l configuratio n – PPTP Se rve r 6.4.2 L2TP Tunnel Support Setup > VPN Settings > L2TP > L2TP Server A L2TP VPN can b e es t ablis hed t h rou gh t h is ro u ter. On ce en ab led a L2TP s erv er is av ailab le o n t h e ro u t er fo r LA N an d W A N L2TP clien t u s ers t o acces s .
Unified Services Router User Manual Figure 80 : L2TP tunne l configuratio n – L2TP Se rve r 6.4.3 OpenVPN Support Setup > VPN Settings > OpenVPN > OpenVPN Configuration Op en VPN allo ws p eers t o au t h en t icat e each o t h er u s in g a p re -s h ared s ecret key , cert ificat es , o r u sername/ passwo rd .
Unified Services Router User Manual s ig n at ure an d Cert ificat e au th o rit y . A n Op en VPN can b e es t ab lis h ed t h ro u g h t h is ro u t er. Ch eck/ Un ch eck t h is an d click s av e s et t in g s t o s t art / s t o p o p en v p n s erv er. M o d e: Op en VPN d aemo n mo d e. It can ru n in s erv er mo d e, clien t mo d e o r acces s s erv er clien t mo d e.
Unified Services Router User Manual Figure 81 : Ope nVPN configuratio n 6.4.4 OpenVPN Remote Network Setup > VPN Settings > OpenVPN > OpenVPN Remote Network (Site-toSite) Th is p ag e allo ws t h e u s er t o ad d / ed it a remo t e n et wo rk an d n et mas k wh ich allo ws t h e o t h er Op en VPN clien t s t o reach t h is n et wo rk.
Unified Services Router User Manual Figure 82 : Ope nVPN Re mote Ne twork Common Name : Co mmo n Name o f t h e Op en VPN clien t cert ificat e. Remote Network : Net wo rk ad d res s o f t h e remo t e res o u rce. S ubnet Mas k : Net mas k o f t h e remo t e res o u rce. 6.4.5 OpenVPN Authentication Setup > VPN Settings > OpenVPN > OpenVPN Authentication Th is p ag e allo ws t h e u s er t o u p lo ad req u ired cert ificat es an d key s .
Unified Services Router User Manual Figure 83 : Ope nVPN Authe nticat io n Trus ted Certi fi cate (CA Certi fi cate) : Bro ws e an d u p lo ad t h e p em fo rmat t ed CA Cert ificat e. S erver/ Cl i ent Certi fi cate : Bro ws e an d u p lo ad t h e p em fo rmat t ed Serv er/ Clien t Cert ificat e. S erver/ Cl i ent Key: Bro ws e an d u p lo ad t h e p em fo rmat t ed Serv er/ Clien t Key . DH Key: Bro ws e an d u p lo ad t h e p em fo rmat t ed Diffie Hellman Key .
Chapter 7. SSL VPN Th e ro u t er p ro v ides a n in t rin sic SSL VPN feat u re as an alt ern at e t o t h e s t an d ard IPs ec VPN. SSL VPN d iffers fro m IPs ec VPN main ly b y remo v in g t h e req u iremen t o f a p re in s t alled VPN clien t o n t h e remo t e h o st. In s tead , u sers can s ecu rely lo g in t h ro u g h t h e SSL Us er Po rt al u s in g a s t an d ard web b ro ws er an d receiv e acces s t o co n fig u red n et wo rk res o u rces wit h in t h e co rp orate LA N.
Unified Services Router User Manual Figure 84 : Example of clie ntle s s SSL VPN conne ctions to the DSR 130
Unified Services Router User Manual 7.1 Groups and Users Advanced > Users > Groups Th e g ro u p p ag e allo ws creat in g , ed it in g an d d elet in g g ro u p s . Th e g ro u p s are as s o ciat ed t o s et o f u s er t y pes. Th e lis ts o f av ailab le g ro ups are d is p layed in t h e “Lis t o f Gro u p ” p ag e wit h Gro u p n ame an d d es crip t io n o f g ro u p . Click A d d t o creat e a g ro u p . Click Ed it t o u p d at e an exis t in g g ro u p .
Unified Services Router User Manual A d min : Th is is t h e ro u t er’s s u p er-u s er, an d can man ag e t h e ro u t er, u s e SSL VPN t o acces s n et wo rk res o u rces , an d lo g in t o L2TP/ PPTP s erv ers o n t h e W A N. Th ere will alway s b e o n e d efau lt ad min is t rat o r u s er fo r t h e GUI Gu es t Us er (read -o n ly ): Th e g uest u s er g ain s read o n ly acces s t o t h e GUI t o o b s erv e an d rev iew co n fig uratio n s ettin gs.
Unified Services Router User Manual A ct iv e Direct o ry Do main : If t h e d o main u s es t h e A ct iv e Direct o ry au t h en t icat io n , t h e A ct iv e Direct o ry d o main n ame is req u ired . Us ers co n fig u red in t h e A ct ive Direct o ry d atabase are g iv en acces s t o t h e SSL VPN p o rt al wit h t h eir A ct iv e Direct o ry u s ern ame an d p as s wo rd .
Unified Services Router User Manual Dis ab le Lo g in : En ab le t o p rev en t t h e u sers o f t h is g ro up fro m lo g g in g in t o the d ev ices man ag emen t in t erface(s ) Den y Lo g in fro m W A N in t erface: En ab le t o p rev en t t h e u s ers o f t h is g ro u p fro m lo g g in g in fro m a W A N (wid e area n et wo rk) in t erface. In t h is cas e o n ly lo g in t h ro u g h LA N is allo wed .
Unified Services Router User Manual Figure 89 : B rows e r policie s options Pol i cy by IP To s et p o licies b ye IP fo r t h e g ro u p , select t h e co rres p o n d in g g ro u p click “Po licy b y IP”.
Unified Services Router User Manual Click Sav e Set t in g s t o s av e y o u r ch an g es . Figure 90 : IP policie s options . Lo g in Po licies , Po licy b y Bro ws ers , Po licy b y IP are ap p licab le SSL VPN u s er o n ly . Advanced > Users > Users Th e u s ers p ag e allo ws ad d in g , ed it in g an d d elet in g exis t in g g ro u p s . Th e u s er are as s o ciat ed t o co nfig u red g rou ps.
Unified Services Router User Manual Figure 91 : Available Us e rs with login s tatus and as s ociate d Group 7.1.1 Users and Passwords Advanced > Users > Users Th e u s er co n fig uratio ns allo w creat in g u sers asso ciat ed t o g ro u p . Th e u s er s et t in g s co n t ain t h e fo llo win g key co mp o n en t s : Us er Name: Th is is u n iq u e id en t ifier o f t h e u s er.
Unified Services Router User Manual Figure 92 : Us e r configurat ion options 7.2 Using SSL VPN Policies Setup > VPN Settings > SSL VPN Server > SSL VPN Policies SSL VPN Po licies can b e creat ed o n a Glo b a l, Gro u p , o r Us er lev el. Us er lev el p o licies t ake p reced en ce o v er Gro u p lev el p o licies an d Gro u p lev el p o licies t ake p reced ence o ver Glo b al p o licies .
Unified Services Router User Manual Figure 93 : Lis t of SSL VPN police s (Global filte r) To ad d a SSL VPN p o licy , y o u mu s t firs t as sig n it t o a u s er, g ro u p , o r make it g lo b al (i.e. ap p licab le t o all SSL VPN u s ers ). If t h e p o licy is fo r a g ro u p , t h e av ailab le co n fig u red g ro u p s are s h o wn in a d ro p d o wn men u an d o n e mu s t b e s elect ed .
Unified Services Router User Manual Figure 94 : SSL VPN policy configurat io n To co n fig u re a p o licy fo r a s in g le u s er o r g ro u p o f u s ers , en t er t h e fo llo win g in fo rmat io n : Po licy fo r: Th e p o licy can b e as sig ned t o a g ro up o f u sers, a s in gle u ser, o r all u s ers (makin g it a g lo b al p o licy ).
Unified Services Router User Manual ICM P: Select t h is o p t io n t o in clu d e ICM P t raffic Po rt ran g e: If t h e p o licy g o v ern s a t y p e o f t raffic, t h is field is u s ed fo r d efin in g TCP o r UDP p o rt n u mb er(s ) co rres p o n d in g t o t h e g o v ern ed t raffic. Leav in g t h e s t art in g an d en d ing p ort ran ge b lank co rres p o n d s t o all UDP an d TCP t raffic. Serv ice: Th is is t h e SSL VPN s erv ice mad e av ailab le b y t h is p o licy .
Unified Services Router User Manual Figure 95 : Lis t of configure d re s ource s , which are availab le to as s ign to SSL VPN policie s 7.3 Application Port Forwarding Setup > VPN Settings > SSL VPN Server > Port Forwarding Po rt fo rward in g allo ws remo t e SSL u s ers t o access s pecified n et wo rk ap p licat io n s o r s erv ices aft er t h ey lo g in t o t h e Us er Po rt al an d lau n ch t h e Po rt Fo rward in g s erv ice.
Unified Services Router User Manual A s a co n v enien ce fo r remo t e u s ers , t h e h o s t n ame (FQDN) o f t h e n et wo rk s erv er can b e co n fig u red t o allo w fo r IP ad d ress res olu tio n . Th is h o s t n ame res o lu t io n p ro v id es u s ers wit h eas y -t o -rememb er FQDN’s t o acces s TCP ap p licat io n s in s t ead o f erro r p ro n e IP ad d res s es wh en u s in g t h e Po rt Fo rward in g s erv ice t h ro u g h t h e SSL Us er Po rt al.
Unified Services Router User Manual Figure 96 : Lis t of Available Applicat io ns for SSL Port Forward i ng 7.4 SSL VPN Client Configuration Setup > VPN Settings > SSL VPN Client > SSL VPN Client A n SSL VPN t u n n el clien t p ro vid es a p o in t-to -po int co nnect ion b etween t h e b ro ws er s id e mach in e an d t h is ro u t er.
Unified Services Router User Manual Figure 97 : SSL VPN clie nt adapte r and acce s s configuratio n Th e ro u t er allo ws fu ll t u n n el an d s plit t u n nel s upp ort . Fu ll t u n nel mo d e ju s t s en d s all t raffic fro m t h e clien t acro s s t h e VPN t u n n el t o t h e ro u t er. Sp lit t u n n el mo d e o n ly s en d s t raffic t o t h e p riv a t e LA N b as ed o n p re -s p ecified clien t ro u t es .
Unified Services Router User Manual Setup > VPN Settings > SSL VPN Client > Configured Client Routes If t h e SSL VPN clien t is as s ig n ed an IP ad d res s in a d ifferen t s u b n et t h an t h e co rp o rat e n et work, a clien t ro u t e mu s t b e ad d ed t o allo w acces s t o t h e p riv at e LA N t h ro u g h t h e VPN t u n n el.
Unified Services Router User Manual 7.5 User Portal Setup > VPN Settings > SSL VPN Client > SSL VPN Client Portal W h en remo t e u s ers wan t t o access t he p riv ate n etwo rk t h ro u g h an SSL t u n n el (eit h er u s in g t h e Po rt Fo rward in g o r VPN t u n n el s erv ice), t h ey lo g in t h ro u g h a u s er p o rt al.
Unified Services Router User Manual t h e SSL VPN p o rt al URL. A s well, t h e u s ers as s ig n ed t o t h is p o rt al (t h ro u g h t h eir au t h en ticat io n d o main ) can b e p resent ed wit h o n e o r mo re o f t h e ro u t er’s s u p p o rt ed SSL s erv ices s u ch as t h e VPN Tu n n el p ag e o r Po rt Fo rwa rd in g p ag e.
Unified Services Router User Manual Figure 100 : SSL VPN Portal configu rat ion 149
Unified Services Router User Manual Chapter 8. Advanced Configuration Tools 8.1 USB Device Setup Setup > USB Settings > USB Status Th e DSR Un ified Serv ices Ro u t er h as a USB in t erface fo r p rin t er acces s , file s h arin g an d on the DSR-1000 / DSR-1000N mo d els 3G mo d em s u p p o rt . Th ere is n o co n fig u rat io n o n t he GUI t o en ab le USB d ev ice s u p p o rt .
Unified Services Router User Manual Figure 101 : USB De vice De te ction 8.2 USB share port Setup > USB Settings > USB SharePort Th is p ag e allo ws co n fig u re t h e Sh arePo rt feat u re av ailab le in t h is ro u t er.
Unified Services Router User Manual Figure 102 : USB Share Port US B -1 : En ab le USB Prin t er: Select t h is o p t io n t o allo w t h e USB p rin t er co n n ect ed t o t h e ro u t er t o b e s h ared acro s s t h e n et wo rk.
Unified Services Router User Manual En ab le Sh arin g : Selec t t h is o p tio n t o allo w t h e USB s t o rag e d ev ice co n n ect ed t o t h e ro u t er t o b e s h ared acro s s t h e n et wo rk. S hari ng Enabl ed i nterfaces : Th e LA N in t erfaces o n wh ich USB s h arin g is en ab led , at leas t o n e in t erface mu s t b e s elect ed t o b eg in s h arin g . En ab le Prin t er: En ab les p rin t er s h arin g o n t h e s elect ed in t erface.
Unified Services Router User Manual Figure 104 : SM S Se rvice – Re ce ive SM S Th e fo llo win g d et ails t o b e p ro v id ed in Creat e M es s ag e p ag e: Receiv er: En t er t h e p h o n e n u mb er o f t h e in t en d ed receiv er o f t h e mes s ag e. Text M es s ag e : En t er t h e b o d y o f t h e mes s ag e h ere Click Sen d M es s ag e t o s en d t h e mes s ag e. Click Do n 't Sav e Set t in g s t o res et Receiv er an d Text M es s ag e field s . 8.
Unified Services Router User Manual t ab le lis t s t h e s elf cert ificat es cu rren t ly lo ad ed o n t h e g at eway . Th e fo llo win g in fo rmat io n is d is p lay ed fo r each u p lo ad ed s elf cert ificat e: Name: Th e n ame y o u u s e t o id en t ify t h is cert ificat e, it is n o t d is p lay ed t o IPs ec VPN p eers o r SSL u s ers . Su b ject Name: Th is is t h e n ame t h at will b e d is p lay ed as t h e o wn er o f t h is cert ificat e.
Unified Services Router User Manual 8.5 Advanced Switch Configuration Th e DSR allo ws y o u t o ad ju st t h e p o wer co nsu mp tio n o f t h e h ard ware b as ed o n y o u r act u al u s ag e. Th e t wo “g reen ” o p t io n s av ailab le fo r y o u r LA N s wit ch are Po wer Sav in g b y Lin k St at u s an d Len g t h Det ect io n St at e.
Unified Services Router User Manual Chapter 9. Administration & Management 9.1 Configuration Access Control Th e p rimary mean s t o co n fig ure t h is g ateway v ia t h e b ro ws er -in d ep en d en t GUI. Th e GUI can b e acces s ed fro m LA N n o d e b y u s in g t h e g at eway ’s LA N IP ad d res s an d HTTP, o r fro m t h e W A N b y u s in g t h e g at eway ’s W AN IP ad d ress an d HTTPS (HTTP o v er SSL).
Unified Services Router User Manual Figure 108 : Admin Se ttings 9.1.2 Remote Management Tools > Admin > Remote Management Bo t h HTTPS an d t eln et acces s can b e res t rict ed t o a s u b s et o f IP ad d res s es . Th e ro u t er ad min is t rat o r can d efin e a kn o wn PC, s in g le IP ad d res s o r ran g e o f IP ad d res ses t h at are allo wed t o access t he GUI wit h HTTPS.
Unified Services Router User Manual Figure 109 : Re mote M anage me nt from the WAN 9.1.3 CLI Access In ad d it io n t o t h e web -b as ed GUI, t h e g at eway s u p p o rt s SSH an d Teln et man ag emen t fo r co mman d -lin e in t eract io n . Th e CLI lo g in cred en t ials are s h ared wit h t h e GUI fo r ad min is t rat o r u s ers . To acces s t h e CLI, t y p e “cli” in t h e SSH o r co n s o le p ro mp t an d lo g in wit h ad min is t rat o r u s er cred en t ials . 9.
Unified Services Router User Manual Figure 110 : SNM P Us e rs , Traps , and Acce s s Control Tools > Admin > SNMP System Info Th e ro u t er is id en t ified b y an SNM P man ag er v i a t h e Sy s t em In fo rmat io n . Th e id en t ifier s et t ing s Th e Sy s Name s et h ere is als o u sed t o id en tify t he ro u ter fo r Sy s Lo g lo g g in g .
Unified Services Router User Manual Figure 111 : SNM P s ys te m inform at io n for this route r 9.3 Configuring Time Zone and NTP Tools > Date and Time Yo u can co n fig u re y o u r t ime zo n e, wh et h er o r n o t t o ad ju s t fo r Day lig h t Sav in g s Time, an d wit h wh ich Net wo rk Time Pro t o co l (NTP) s erv er t o s y n ch ro n ize t h e d at e an d t ime.
Unified Services Router User Manual Figure 112 : Date , Time , and NTP s e rve r s e tup 9.4 Log Configuration Th is ro u t er allo ws y o u t o capt ure lo g mes sag es fo r t raffic t h ro u g h t h e firewall, VPN, an d o v er t h e wireles s A P. A s an ad min is t rat or y o u can mo n it o r t he t y pe o f t raffic t h at g o es t h rou gh t h e ro ut er an d als o b e n ot ified o f p o t en t ial at t acks o r erro rs wh en t h ey are d et ect ed b y t h e ro u t er.
Unified Services Router User Manual Kern el: Th is refers t o t h e Lin u x kern el. Lo g mes s ag es t h at co rres p o n d t o t h is facilit y wo u ld co rres p o n d t o t raffic t h ro u g h t h e firewall o r n et wo rk s t ack. Sy s t em: Th is refers t o ap plicat ion an d man ag emen t lev el feat ures av ailab le o n this ro u t er, in clu d in g SSL VPN an d ad min is t rat o r ch an g es fo r man ag in g t h e u n it . W ireles s : Th is facilit y co rres p o n d s t o t h e 802.
Unified Services Router User Manual Figure 113 : Facility s e ttings for Logging Th e d is p lay fo r lo g g in g can b e cu st omized b as ed o n wh ere t h e lo g s are s en t , eit h er t h e Ev en t Lo g v iewer in t h e GUI (t h e Ev en t Lo g v iewer is in t h e Status > Logs p ag e ) o r a remo t e Sy s lo g s erv er fo r lat er rev iew. E-mail lo g s , d is cu s s ed in a s u b sequ en t s ectio n, fo llo w t h e s ame co n fig u rat io n as lo g s co n fig u red fo r a Sy s lo g s erv er.
Unified Services Router User Manual t ries t o make an SSH co n n ect io n , t h o s e p acket s will b e accep t ed an d a mes s ag e will b e lo g g ed . (A s s u min g t h e lo g o p t io n is s et t o A llo w fo r t h e SSH firewall ru le.) Dro p p ed Packet s are p acket s t hat were in t en tio nally b lo cked fro m b ein g t ran s ferred t h ro u g h t h e co rrespo ndin g n et work s eg men t. Th is o p tio n is u s efu l wh en t h e Defau lt Ou t b o u n d Po licy is “A llo w A lway s ”.
Unified Services Router User Manual Figure 114 : Log configuratio n options for traffic through route r Tools > Log Settings > IPv6 logging Th is p ag e allo ws y o u t o co n fig u re t h e IPv 6 lo g g in g 166
Unified Services Router User Manual Figure 115 : IPv6 Log configuratio n options for traffi c through route r 9.4.2 Sending Logs to E-mail or Syslog Tools > Log Settings > Remote Logging On ce y o u h av e co nfig ured t h e t y pe o f lo g s t h at y o u wan t t h e ro u t er t o co llect , t h ey can b e s en t t o eit h er a Sy s log server o r an E-M ail ad d res s. Fo r remo t e lo g g in g a key co n fig u ratio n field is t h e Remo t e Lo g Id en t ifier.
Unified Services Router User Manual Figure 116 : E-mail configurat io n as a Re mote Logging option A n ext ern al Sy s lo g s erver is o ft en u sed b y n etwo rk ad min is trato r t o collect an d s tore lo g s fro m t h e ro u t er. Th is remo t e d evice t y pically h as les s memo ry co n s t rain t s t h an t h e lo cal Ev en t Viewer o n t h e ro u t er’s GUI, an d t h u s can co llect a co n s id erab le n u mb er o f lo g s o v er a s u stain ed p eriod .
Unified Services Router User Manual s en t t o t h e co nfig u red (an d en abled) S y s log server o n ce y o u s av e t h is co n fig u rat io n p ag e’s s et t in g s . Figure 117 : Sys log s e rve r configuratio n for Re mote Logging (continue d) 9.4.3 Ev ent Log Viewer in GUI Status > Logs > View All Logs Th e ro u t er GUI let s y o u o b s erv e co n fig u red lo g mes s ag es fro m t h e St at u s men u .
Unified Services Router User Manual Figure 118 : VPN logs dis playe d in GUI e ve nt vie we r 9.5 Backing up and Restoring Configuration Settings Tools > System Yo u can b ack u p t h e ro u t er’s cu s t o m co n fig u rat io n s et t in g s t o res t o re t h em t o a d ifferen t d ev ice o r t h e s ame ro u t er aft er s o me o t h er ch an g es . Du rin g b acku p , y o u r s et t in gs are s aved as a file o n y o u r h o st.
Unified Services Router User Manual 2. To restore your saved settings from a backup file, click Browse then locate the file on the host. After clicking Restore, the router begins importing the file’s saved configuration settings. After the restore, the router reboots automatically with the restored settings. 3. To erase your current settings and revert to factory default settings, click the Default button.
Unified Services Router User Manual Figure 120 : Firmware ve rs ion inform atio n and upgrade option Th is ro u t er als o s u ppo rts an au to mat ed n o t ificat io n t o d et ermin e if a n ewer f irmware v ers io n is av ailab le fo r t h is ro u t er.
Unified Services Router User Manual Figure 121 : Firmware upgrade and configurat io n re s tore /back up via USB 9.8 Dynamic DNS Setup Tools > Dynamic DNS Dy n amic DNS (DDNS) is an In t ern et s ervice t h at allo ws ro u t ers wit h v ary in g p u b lic IP ad d res s es t o b e lo cat ed u s in g In t ern et d o main n ames . To u s e DDNS, y o u mu s t s et u p an acco u n t wit h a DDNS p ro v id er s u ch as Dy n DNS.o rg , D-Lin k DDNS, o r Oray .n et .
Unified Services Router User Manual Figure 122 : Dynamic DNS configurat ion 9.9 Using Diagnostic Tools Tools > System Check Th e ro u t er h as b u ilt in t o o ls t o allo w an ad min is t rator t o ev alu at e t h e co mmu n icat io n s t at u s an d o v erall n et wo rk h ealt h .
Unified Services Router User Manual Figure 123 : Route r diagnos tics tools availab le in the GUI 9.9.1 Ping Th is u t ilit y can b e u s ed t o t est co n nect ivit y b et ween t h is ro u t er an d an o t h er d ev ice o n t h e n et wo rk co n n ect ed t o t h is ro u t er. En t er an IP ad d res s an d click PING. Th e co mman d o u t p u t will a p p ear in d icat in g t h e ICM P ech o req u es t s t at u s . 9.9.
Unified Services Router User Manual Figure 124 : Sample trace route output 9.9.3 DNS Lookup To ret riev e t h e IP ad d ress o f a W eb , FTP, M ail o r an y o t h er s erv er o n t h e In t ern et , t y p e t h e In t ern et Name in t h e t ext b o x an d click Lo o ku p . If t h e h o s t o r d o main en t ry exis t s , y o u will s ee a res p o n s e wit h t h e IP ad d res s . A mes s ag e s t at in g “Un kn o wn Ho s t ” in d icat es t h at t h e s p ecified In t ern et Name d o es n o t exis t .
Unified Services Router User Manual 9.10 Localization Tools > Set Language Th e ro u t er h as b u ilt in t o o ls t o allo w ch an g e t h e d efau lt lan g u ag e (En g lis h ) t o fo u r d ifferen t lan g u ag es .
Unified Services Router User Manual Chapter 10. Router Status and Statistics 10.1 System Overview Th e St at u s p ag e allo ws y o u t o g et a d et ailed o v erv iew o f t h e s y s t em co n fig u rat io n . Th e s et t in g s fo r t h e wired an d wireles s in t erfaces are d is p lay ed in t h e DSR St at u s p ag e, an d t h en t h e res u lt in g h ard ware res o u rce an d ro u t er u s ag e d et ails are s u mmarized o n t h e ro u t er’s Das h b o ard . 10.1.
Unified Services Router User Manual Figure 126 : De vice Status dis play 179
Unified Services Router User Manual Figure 127 : De vice Status dis play (continue d) 10.1.2 Resource Utilization Status > Device Info > Dashboard Th e Das h b oard p ag e p resents h ard ware an d u sag e s t at is t ics . Th e CPU an d M emo ry u t ilizat io n is a fu n ct io n o f t h e av ailab le h ard ware an d cu rren t co n fig u rat io n an d t raffic t h ro u g h t h e ro u t er.
Unified Services Router User Manual Figure 128 : Re s ource Utilizatio n s tatis tics 181
Unified Services Router User Manual Figure 129 : Re s ource Utilizatio n data (continue d) 182
Unified Services Router User Manual Figure 130 : Re s ource Utilizatio n data (continue d) 10.2 Traffic Statistics 10.2.1 W ired Port Statistics Status > Traffic Monitor > Device Statistics Det ailed t ran s mit an d receiv e s t at is t ics fo r each p h y s ical p o rt are p res en t ed h ere. Each in t erface (W A N1, W A N2/ DM Z, LA N, an d VLA Ns ) h av e p o rt s p ecific p acket lev el in fo rmat io n p ro v id ed fo r rev iew.
Unified Services Router User Manual Figure 131 : Phys ical port s tatis tics 10.2.2 W ireless Statistics Status > Traffic Monitor > Wireless Statistics Th e W ireles s St at is t ics t ab d is p lay s t h e in cremen t in g t raffic s t at is t ics fo r each en ab led access p o in t . Th is p ag e will g iv e a s n ap s h o t o f h o w mu ch t raffic is b ein g t ran s mit t ed o v er each wireles s lin k.
Unified Services Router User Manual Figure 132 : AP s pe cific s tatis tics 10.3 Active Connections 10.3.1 Sessions through the Router Status > Active Sessions Th is t ab le lis t s t h e act iv e in t ern et s es s io n s t h ro u g h t h e ro u t er’s firewall. Th e s es s io n ’s p ro t o co l, s t at e , lo cal an d remo t e IP ad d res s es are s h o wn .
Unified Services Router User Manual Figure 133 : Lis t of curre nt Active Fire wall Se s s ions 186
Unified Services Router User Manual 10.3.2 W ireless Clients Status > Wireless Clients Th e clien t s co n n ect ed t o a p art icu lar A P can b e v iewed o n t h is p ag e. Co n n ect ed clien t s are s o rted b y t h e M A C ad d ress an d in d icat e t h e securit y p aramet ers u s ed b y t h e wireles s lin k, as well as t h e t ime co n n ect ed t o t h e co rres p o n d in g A P.
Unified Services Router User Manual Figure 135 : Lis t of LAN hos ts 10.3.4 Activ e VPN Tunnels Status > Active VPNs Yo u can v iew an d ch an g e t h e s t at us (co nn ect o r d ro p ) o f t h e ro ut er’s IPs ec s ecu rit y as s o ciat ions. Here , t h e act iv e IPs ec SA s (s ecurit y as sociatio ns) are lis t ed alo n g wit h t h e t raffic d et ails an d t u n n el s t at e.
Unified Services Router User Manual Figure 136 : Lis t of curre nt Active VPN Se s s ions A ll act iv e SSL VPN co n n ect ion s, b ot h fo r VPN t u n n el an d VPN Po rt fo rward in g , are d is p lay ed o n t h is p ag e as well. Tab le field s are as fo llo ws . Fie ld De s cription User Name The SSL VPN user that has an active tunnel or port forwarding session to this router. IP Address IP address of the remote VPN client.
Unified Services Router User Manual Chapter 11. Trouble Shooting 11.1 Internet connection S ymptom: Yo u can n o t access t h e ro ut er’s web -co n fig u rat io n in t erface fro m a PC o n y o u r LA N. Recommended acti on: 1. Check the Ethernet connection between the PC and the router. 2. Ensure that your PC’s IP address is on the same subnet as the router. If you are using the recommended addressing scheme, your PC’s address should be in the range 192.168.1 0.2 to 192.168.10.254. 3.
Unified Services Router User Manual S ymptom: Ro u t er can n o t acces s t h e In t ern et . Pos s i bl e caus e: If y o u u se d y namic IP ad d resses, y ou r ro u ter may n o t h ave req ues t ed an IP ad d res s fro m t h e ISP. Recommended acti on: 1. Launch your browser and go to an external site such as www.google.com. 2. Access the firewall’s configuration main menu at http://192.168.10.1. 3. Select Monitoring > Router Status . 4. Ensure that an IP address is shown for the WAN port. If 0.0.0.
Unified Services Router User Manual S ymptom: Ro u t er can o b tain an IP ad d ress, b ut PC is u n ab le t o lo ad In t ern et p ag es . Recommended acti on: 1. Ask your ISP for the addresses of its designated Domain Name System (DNS) servers. Configure your PC to recognize those addresses. For details, see your operating system documentation. 2. On your PC, configure the router to be its TCP/IP gateway. 11.2 Date and time S ymptom: Dat e s h o wn is Jan u ary 1, 1970.
Unified Services Router User Manual 4. Observe the display: If t h e p at h is wo rkin g , y o u s ee t h is mes s ag e s eq u en ce: Pin g in g wit h 32 b y t es o f d at a Rep ly fro m : b y t es =32 t ime=NN ms TTL=xxx If t h e p at h is n o t wo rkin g , y o u s ee t h is mes s ag e s eq u en ce: Pin g in g wit h 32 b y t es o f d at a Req u es t t imed o u t 5.
Unified Services Router User Manual Verify t h at t h e n etwo rk (s ub net) ad dress o f y o ur PC is d ifferen t fro m t he n et wo rk ad d res s o f t h e re mo t e d ev ice. Verify t h at t h e cab le o r DSL mo d em is co n n ect ed an d fu n ct io n in g . A s k y o u r ISP if it as s ig n ed a h o s t n ame t o y o u r PC. If y es , s elect Network Configuration > WAN Settings > Ethernet ISP Settings an d en t er t h at h o s t n ame as t h e ISP acco u n t n ame.
Chapter 12. Credits M icro s o ft , W in d o ws are reg is t ered t rad emarks o f M icro s o ft Co rp . Lin u x is a reg is t ered t rad emark o f Lin u s To rv ald s . UNIX is a reg is t ered t rad emark o f Th e Op en Gro u p .
Unified Services Router User Manual Appendix A. Glossary ARP Address Resolution Protocol. Broadcast protocol for mapping IP addresses to MAC address es. CHAP Challenge-Handshake Authentication Protocol. Protocol for authenticating users to an ISP. DDNS Dynamic DNS. System for updating domain names in real time. Allow s a domain name to be assigned to a device w ith a dynamic IP address. DHCP Dynamic Host Configuration Protocol.
Unified Services Router User Manual PPPoE Point-to-Point Protocol over Ethernet. Protocol for connecting a netw ork of hosts to an ISP w ithout the ISP having to manage the allocation of IP addresses. PPTP Point-to-Point Tunneling Protocol. Protocol for creation of VPNs for the secure transfer of data from remote clients to private servers over the Internet. RADIUS Remote Authentication Dial-In User Service. Protocol for remote user authentication and accounting.
Appendix B. Factory Default Settings Fe at u re Device login Internet Connection Local area network (LAN) Firew all De s cription De f au lt Setting User login URL http://192.168.10.1 User name (case sensitive) admin Login password (case sensitive) admin WAN MAC address Use default address WAN MTU size 1500 Port speed Autosense IP address 192.168.10.1 IPv4 subnet mask 255.255.255.
Unified Services Router User Manual Appendix C.
Unified Services Router User Manual Appendix D. Log Output Reference Facility: System (Networking) Log Message DBUpdate event: Table: %s opCode:%d rowId:%d Severity Severity DEBUG DEBUG DEBUG Log Message BridgeConfig: too few arguments to command %s BridgeConfig: too few arguments to command %s sqlite3QueryResGet failed.Query:%s ddnsDisable failed networkIntable.txt not found sqlite3QueryResGet failed Interface is already deleted in bridge removing %s from bridge %s... %s adding %s to bridge %s...
Unified Services Router nimfAdvOptSetWrap: user has changed MTU option nimfAdvOptSetWrap: MTU: %d nimfAdvOptSetWrap: old MTU size: %d nimfAdvOptSetWrap: old Port Speed Option: %d nimfAdvOptSetWrap: old Mac Address Option: %d nimfAdvOptSetWrap: MacAddress: %s Setting LED [%d]:[%d] For %s User Manual DEBUG DEBUG DEBUG ddns: SQL error: %s sqlite3QueryResGet failed.Query:%s sqlite3QueryResGet failed.
Unified Services Router User Manual %s:DBUpdate event: Table: %s opCode:%d rowId:%d %s:%d SIP ENABLE: %s sipTblHandler:failed to update ifStatic DEBUG DEBUG DEBUG Failed to commit ifStatusDBUpdate: Failed to begin " %s: SQL error: %s ERROR ERROR ERROR sipTblHandler:failed to update Configport DEBUG ERROR %s:%d SIP DISABLE: %s DEBUG %s:%d SIP SET CONF: %s DEBUG Failed to open %s: %s Failed to start sipalg DEBUG DEBUG Failed to stop sipalg DEBUG Failed to get config info DEBUG Network Mask:
Unified Services Router User Manual pPrivSep: %s %s:DBUpdate event: Table: %s opCode:%d rowId:%d DEBUG DEBUG nimfGetUpdateMacFlag: unable to get Flag from MacTable nimfMacGet: Updating MAC address failed Re-Starting sshd daemon.... sshd re-started successfully. DEBUG DEBUG sqlite3QueryResGet failed.Query:%s error executing the command %s ERROR ERROR sshd stopped . failed query %s vlan disabled, not applying vlan configuration..
Unified Services Router User Manual GetDnsFromIsp: %s IdleTimeOutFlag: %s IdleTimeOutValue: %d DEBUG DEBUG DEBUG Subnetaddress should be provided with accessoption 2 Failed to restart sshd unable to open the " ERROR ERROR ERROR AuthMetho: %d executing %s ... %s DEBUG DEBUG sqlite3QueryResGet failed.Query:%s Error in executing DB update handler ERROR ERROR removing %s from bridge%d... %s adding %s to bridge%d... %s DEBUG DEBUG ERROR ERROR stopping bridge...
Unified Services Router User Manual %s: buffer overflow DEBUG Failed to clear vlan for %d ERROR %s: value of %s in %s table is: %s DEBUG ERROR %s: returning with status: %s dnsResolverConfigure: addressFamily: %d dnsResolverConfigure: LogicalIfName: %s chap-secrets File found PID File for xl2tpd found DEBUG pid: %d options.
Unified Services Router User Manual pppoeMgmtTblHandler: NetMask: %s DEBUG xl2tpdStop failed ERROR pppoeMgmtTblHandler: AuthOpt: %d pppoeMgmtTblHandler: Satus: %d pppoeEnable: ppp dial string: %s pppoeMgmtDBUpdateHandler: returning with status: %s DEBUG DEBUG DEBUG writing xl2tpd.conf failed writing options.
Unified Services Router User Manual l2tpMgmtTblHandler: UserName: %s DEBUG l2tpMgmtTblHandler: Password: %s DEBUG l2tpMgmtTblHandler: AccountName: %s DEBUG l2tpMgmtTblHandler: DomainName: %s l2tpMgmtTblHandler: Secret: not specified DEBUG l2tpMgmtTblHandler: Secret: %s l2tpMgmtTblHandler: dynamic MyIp configured DEBUG l2tpMgmtTblHandler: MyIp: %s l2tpMgmtTblHandler: ServerIp: %s l2tpMgmtTblHandler: StaticIp: %s DEBUG DEBUG DEBUG l2tpMgmtTblHandler: NetMask: %s DEBUG l2tpMgmtTblHandler: Split
Unified Services Router User Manual ERROR dhcpcMgmtTblHandler: dhclient enable failed dhcpcMgmtTblHandler: dhcpc release failed dhcpcMgmtTblHandler: dhcpc disable failed dhcpcMgmtDBUpdateHandler: failed query: %s dhcpcMgmtDBUpdateHandler: error in executing " ERROR DHCPv6 Client start failed. ERROR ERROR DHCPv6 Client stop failed.
Unified Services Router User Manual Created EAP/PEAP context: OK DEBUG Deleted EAP/PEAP context: OK Upper EAP sent us: decision = %d method state = %d DEBUG Setting message in fragment buffer: ERROR Allocating TLS read buffer is NULL: ERROR DEBUG Setting last fragment: ERROR ERROR P2 decision=(%d); methodState=(%d) Writing message to BIO: ERROR. Encrypted (%d) bytes for P2 P2: sending fragment.
Unified Services Router User Manual Error rcvd. opCode %d. pCtx NULL. TLS message len changed in the fragment, ignoring. no data to send while fragment ack received. TLS handshake successful. Created EAP/TTLS context: OK Deleted EAP/TTLS context: OK DEBUG DEBUG Plugin context is NULL Deriving implicit challenge: Error ERROR ERROR DEBUG Generating NT response: Error ERROR DEBUG DEBUG DEBUG DEBUG NULL in/out buffer: Error Incorrect vendor id.
Unified Services Router User Manual pFB->msgBuff is NULL. DEBUG Setting profile to glue layer: ERROR. ERROR Error calculating binary. DEBUG ERROR Error calculating binary. DEBUG adpDigestInit for SHA1 failed. DEBUG _eapCtxCreate failed. %d authentication not enabled in the system. Initializing inner non-EAP auth plugin: ERROR adpDigestInit for SHA1 failed. DEBUG ERROR E = %d DEBUG R = %d Could not initialize des -ecb DEBUG DEBUG adpDigestInit for MD4 failed.
Unified Services Router User Manual password change is not allowed for this user DEBUG completed writing the policy DEBUG completed writing the SA DEBUG completed writing the proposal block DEBUG cmdBuf: %s X509_DEBUG : Invalid Certificate for the generated" DEBUG X590_ERROR : Failed to create File '%s' DEBUG x509TblHandler DEBUG pCertType: %s DEBUG pRowQueryStr: %s DEBUG x509SelfCertTblHandler pRowQueryStr: %s %s:DBUpdate event: Table: %s opCode:%d rowId:%d DEBUG DEBUG umiRegister fai
Unified Services Router User Manual pEapCtx == NULL or pPDU == NULL. received EAP pdu bigger than EAP_MTU_SIZE. received EAP pdu bigger than EAP_MTU_SIZE. state machine is in invalid state. ERROR Could not initialize des -ecb ERROR ERROR Error cleaning cipher context. ERROR ERROR ERROR Error cleaning cipher context. Error cleaning digest context. ERROR ERROR unable to create method context. method ctxCreate failed. method profile set failed.
Unified Services Router User Manual Could not open database: %s DEBUG sqlite3QueryResGet failed ERROR CPU LOG File not found DEBUG ERROR MEM LOG File not found cpuMemUsageDBUpdateHandler: update query: %s DEBUG Printing the whole list after inserting %s at %d(minute) %d(hour) %d(dayOfMonth) %d(month)" DEBUG adpCmdExec exited with return code=%d DEBUG %s op=%d row=%d DEBUG sqlite3_mprintf failed DEBUG sqlite3QueryResGet failed: query=%s DEBUG radSendtoServer: socket: %s radSendtoServer:
Unified Services Router User Manual Adding Dictionary Attribute '%s' DEBUG ERROR DEBUG DEBUG Failed to set default retries value ERROR: incomplete DB update information. old values result does not contain 2 rows sqlite3QueryResGet failed Adding Dictionary Value %s DEBUG Receiving attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s radConfGet: " DEBUG DEBUG DEBUG DEBUG empty update.
Unified Services Router User Manual Next Synchronization after" DEBUG Unable to set debug for radAuth. ERROR Next Synchronization after %d \ Primary is not available, " Secondary is not available, " DEBUG DEBUG DEBUG ERROR ERROR ERROR Invalid value for use default servers, " DEBUG Unable to set debug level for radAuth.
Unified Services Router User Manual timeout after semTake srcId=%d(%s) <-- destId=%d(%s) cmd=%d DEBUG memPartAlloc for %d size failed ERROR DEBUG ERROR Un-registerting component with Id %d failed to send ioctl request: dst(%d) <--src(%d) processed a reply dst(%d) <-- src(%d) request with no result option dst(%d) <-src(%d) DEBUG cmd = %s cmdstring is %s %s:%d DEBUG DEBUG memPartAlloc for %d size failed No Handler registered for this UMI context Couldn't find component with ID (%d)," id=%d handler
Unified Services Router User Manual cpuMemUsageDBUpdateHandler: SQL error: %s unable to open the DB file %s umiInit failed ERROR ERROR ERROR Invalid Privacy Algorithm Failed to Get Host Address Invalid version ERROR ERROR ERROR unable to register to UMI Error Reading from the Database.
Unified Services Router User Manual wan traffic counters are restared DEBUG Deleting schedule based firewall rules. Deleting schedule based firewall rules from DB. Update schedule based firewall rules in DB. Restart schedule based firewall rules. DEBUG Traffic limit has been reached Traffic meter monthly limit has been changed to %d. Enabling traffic meter for only dowload. DEBUG Enabling traffic meter for both directions. Enabling traffic meter with no limit. Email alert in traffic meter disabled.
Unified Services Router User Manual Enabling attack check for L2TP. DEBUG Updating BlockSites Keyword from \ DEBUG Enabling attack check for UDP Flood. Enabling attack check for IPsec. Enabling attack check for PPTP. DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG Enabling attack check for L2TP. Enabling DoS attack check with %d SyncFlood detect rate, " Disabling DoS attack check having %d SyncFlood detect rate," Enabling ICSA Notification Item for ICMP notification.
Unified Services Router User Manual Internet on port %d Enabling remote access management for IP address range" Enabling remote access management to only this PC. Disabling Management Access from Internet on port %d Disabling remote access management for IP address range" Disabling remote access management only to this PC. MAC Filtering %sabled for BLOCK and PERMIT REST. MAC Filtering %sabled for PERMIT and BLOCK REST. Enabling Content Filtering. Disabling Content Filtering.
Unified Services Router User Manual Update FirewallRules6 where ScheduleName = '%s' to New " DEBUG Dns proxy Restart failed DEBUG deleting interface to ifgroup failed DEBUG adding interface to ifgroup failed deleting interface pVirtIface %s from ifgroup %d" adding interface pVirtIface %s to ifgroup %d failed DEBUG Deleting IP address %s. DEBUG Adding new IP address %s. Updating old IP address %s to new IP address %s.
Unified Services Router User Manual Facility: Local0 (Wireless) Log Message (node=%s) setting %s to val = %d Severity DEBUG Log Message sqlite3QueryResGet failed Severity ERROR Custom wireless event: '%s' Wireless event: cmd=0x%x len=%d New Rogue AP (%02x:%02x:%02x:%02x:%02x:%02x) detected WPS session in progress, ignoring enrolle assoc request DEBUG DEBUG sqlite3QueryResGet failed VAP(%s) set beacon interval failed ERROR ERROR DEBUG VAP(%s) set DTIM interval failed ERROR DEBUG ERROR ran quer
Unified Services Router Got PNAC_EVENT_PREAUTH_SUCCESS event for : %s event for non-existent node %s PNAC_EVENT_EAPOL_START event received PNAC_EVENT_EAPOL_LOGOFF event received PNAC_EVENT_REAUTH event received PNAC_EVENT_AUTH_SUCCESS event received PNAC_EVENT_PORT_STATUS_CHAN GED event received User Manual DEBUG DEBUG unsupported event %d from PNAC event for non-existent node %s. Create new node.
Unified Services Router User Manual sending EAPOL pdu to PNAC... creating pnac authenticator with values %d %d - %s DEBUG DOT11_RX_EAPOL_KEYMSG: unknown ifname %s ERROR DEBUG cmd %d not supported.sender=%d ERROR Profile %s does not exist IAPP initialized.
Unified Services Router pnacRecvRtn: no corresponding pnac port pae found sending unicast key User Manual DEBUG DEBUG umiIoctl(UMI_COMP_IAPP,%d) failed Invalid IE.
Unified Services Router from pnacRecvMapi: pkt body len = %d, pktType = %d from pnacPDUProcess: received PNAC_EAP_PACKET User Manual from pnacPDUProcess: currentId = %d from pnacPDUProcess: code = %d, identifier = %d, " from pnacPDUProcess: setting rxResp true from pnacPDUProcess: code = %d, identifier = %d, " DEBUG from pnacPDUProcess: received " DEBUG from pnacPDUProcess: received " from pnacPDUProcess: received PNAC_EAPOL_KEY_PACKET DEBUG doing pnacTxCannedFail DEBUG doing pnacTxCannedSuccess d
Unified Services Router from pnacBackAuthFail: calling pnacTxCannedFail %s returned ERROR pnacUmiIoctlHandler: cmd: %s(%d) User Manual DEBUG DEBUG DEBUG RC4 framework initialization failed PNAC framework initialization failed ERROR: option value not specified ERROR ERROR ERROR %s not configured for 802.
Unified Services Router User Manual phyPort:%s pnacBackAuthSuccess: failed to notify the destination " WARN could not initialize MGMT framework ERROR umiInit failed ERROR iappInit failed ERROR could not initialize IAPP MGMT.
Unified Services Router Failed to initiate PBC based enrolle association Invalid association mode. (Allowed modes : PIN/PBC) User Manual pnacKeyInfoGet:failed to allocate buffer PNAC user comp id not set.
Unified Services Router User Manual Invalid Cipher type %d Profile supports WEP stas,Group cipher must be WEP ERROR Profile %s does not exist ERROR Profile %s does not exist ERROR Profile %s does not exist invalid pairwise cipher type %d ERROR ERROR Cipher %s is already in the list. ERROR Profile %s does not exist ERROR Invalid Cipher type %d ERROR Cipher %s not found in the list.
Unified Services Router User Manual Error in executing DB update handler ERROR sqlite3QueryResGet failed ERROR: incomplete DB update information. ERROR pnacEapRadAuthSend: Invalid arguments pnacEapRadAuthSend: failed to allocate inbuffer ERROR pnacXmit : umiIoctl failed[%d] ERROR old values result does not contain 2 rows ERROR ERROR sqlite3QueryResGet failed ERROR Error in executing DB update handler ERROR sqlite3QueryResGet failed.Query:%s ERROR sqlite3QueryResGet failed.
Unified Services Router User Manual Invalid config data ERROR Facility: Kernel Log Message DNAT: multiple ranges no longer supported DNAT: Target size %u wrong for %u ranges, Severity Log Message Severity DEBUG %s: %s%s:%d -> %s:%d %s, DEBUG DEBUG DEBUG DNAT: wrong table %s, tablename DNAT: hook mask 0x%x bad, hook_mask %s%d: resetting MPPC/MPPE compressor, DEBUG %s%d: wrong offset value: %d, %s%d: wrong length of match value: %d, %s%d: too big offset value: %d, DEBUG DEBUG DEBUG %s: %s%s:%d
Unified Services Router User Manual %s%d: bad sequence number: %d, expected: %d, DEBUG PPPIOCDETACH file->f_count=%d, DEBUG DEBUG ifmedia_ioctl: no media found for 0x%x, ifmedia_ioctl: switching %s to , dev>name PPP: outbound frame not passed PPP: VJ decompression error DEBUG DEBUG ifmedia_match: multiple match for DEBUG DEBUG PPP: inbound frame not passed PPP: reconstructed packet PPP: no memory for missed pkts %u..
Unified Services Router %s: mac_del %02X:%02X:%02X:%02X:%02X:%02X, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] %s: mac_kick %02X:%02X:%02X:%02X:%02X:%02X, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] %s: mac_undefined %02X:%02X:%02X:%02X:%02X:%02X, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] %s: addr_add %02X:%02X:%02X:%02X:%02X:%02X, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] %s: addr_del %02X:%02X:%02X:%02X:%02X:%02X, dev->nam
Unified Services Router User Manual %s: flow dst=%s, __FUNCTION__, XFRMSTRADDR(fl->fl6_dst, family) DEBUG encrypt data length mismatch DEBUG %s: flow src=%s, __FUNCTION__, XFRMSTRADDR(fl->fl6_src, family) DEBUG encrypt data does not compare DEBUG a guy asks for address mask.
Unified Services Router ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s, UDP: short packet: From %u.%u.%u.%u:%u %d/%d to %u.%u.%u.%u:%u, UDP: bad checksum. From %d.%d.%d.%d:%d to %d.%d.%d.%d:%d ulen %d, REJECT: ECHOREPLY no longer supported. ipt_rpc: only valid for PRE_ROUTING, FORWARD, POST_ROUTING, LOCAL_IN and/or LOCAL_OUT targets.
Unified Services Router User Manual %s: failed to register sysctls!, sc>sc_dev->name %s: mac %d.%d phy %d.%d, dev>name, 5 GHz radio %d.%d 2 GHz radio %d.%d, radio %d.%d, ah->ah_analog5GhzRev >> 4, radio %d.
Unified Services Router User Manual WINDOW=%u , ntohs(th->window) RES=0x%02x , (u8)(ntohl(tcp_flag_word(th) & TCP_RESERVED_BITS) >> 22) URGP=%u , ntohs(th->urg_ptr) DEBUG TRUNCATED DEBUG %02X, op[i] DEBUG PROTO=UDP DEBUG INCOMPLETE [%u bytes] , DEBUG SPT=%u DPT=%u LEN=%u , DEBUG SPT=%u DPT=%u LEN=%u , PROTO=ICMP DEBUG DEBUG INCOMPLETE [%u bytes] , TYPE=%u CODE=%u , ich->type, ich>code DEBUG INCOMPLETE [%u bytes] , ID=%u SEQ=%u , PARAMETER=%u , GATEWAY=%u.%u.%u.%u , MTU=%u , ntohs(ich->un.
Unified Services Router User Manual PHYSOUT=%s , physoutdev->name DEBUG MAC= DEBUG %02x%c, *p, DEBUG NAT: no longer support implicit source local NAT NAT: packet src %u.%u.%u.%u -> dst %u.%u.%u.%u, SNAT: multiple ranges no longer supported format,##args) DEBUG DEBUG DEBUG DEBUG version offset_before=%d, offset_after=%d, correction_pos=%u, x->offset_before, x>offset_after, x->correction_pos DEBUG ip_ct_h323: DEBUG DEBUG %s: Error.
Unified Services Router User Manual >msg_iov[i].iov_base)[j] %02X, skb->data[i] _lvl PPPOL2TP: _fmt, ##args %02X, ptr[length] %02X, ((unsigned char *) m >msg_iov[i].iov_base)[j] DEBUG DEBUG DEBUG De initializing by \ kernel UMI module loaded kernel UMI module unloaded INFO INFO INFO DEBUG Loading bridge module INFO %02X, skb->data[i] _lvl PPPOL2TP: _fmt, ##args %02X, ptr[length] %02X, ((unsigned char *) m >msg_iov[i].
Unified Services Router User Manual test key, key DEBUG %s: %s (, dev_info, ath_hal_version INFO pre-hashed key, key const char *descr, krb5_keyblock *k) { AES 128-bit key, &key const char *descr, krb5_keyblock *k) { DEBUG DEBUG DEBUG DEBUG %s: driver unloaded, dev_info %s: driver unloaded, dev_info %s: Version 2.0.
Unified Services Router User Manual Failed to set AES encrypt key AES %s Decrypt Test Duration: %d:%d, hard ? Hard : Soft, DEBUG ICMP: %u.%u.%u.%u: INFO DEBUG INFO Failed to set AES encrypt key DEBUG Failed to set AES encrypt key DEBUG ICMP: %u.%u.%u.%u: Source Wrong address mask %u.%u.%u.%u from Redirect from %u.%u.%u.
Unified Services Router MD5 Software Test %s, md5SoftTest(0) ? Failed : Passed User Manual DEBUG %s: options rejected: o[0]=%02x, o[1]=%02x, MD5 Hardware Test: MD5 Hardware Test %s, md5HardTest(0) ? Failed : Passed DEBUG DEBUG %s: don't know what to do: o[5]=%02x, *** New port %d ***, ntohs(expinfo>natport) AES Software Test: %d iterations, iter DEBUG ** skb len %d, dlen %d,(*pskb)->len, AES Software Test Duration: %d:%d, DEBUG ********** Non linear skb AES Hardware Test: %d iterations, iter D
Unified Services Router Value = %x ::: At Page = %x : Addr = %x REG Size == 32 Bit Value = %x ::: At Page = %x : Addr = %x User Manual DEBUG WARNIN G WARNIN G WARNIN G WARNIN G WARNIN G WARNIN G WARNIN G DEBUG %s: no rates for %s?, no rates yet! mode %u, sc>sc_curmode DEBUG %u.%u.%u.%u sent an invalid ICMP REG Size is not in 8/16/32/64 Written Value = %x ::: At Page = %x : Addr = %x DEBUG dst cache overflow DEBUG Neighbour table overflow. bcm_ioctl :Unknown Ioctl Case : DEBUG host %u.%u.%u.
Unified Services Router User Manual from G WARNIN G WARNIN G ERROR %s(): ADDBA mode is AUTO, __func__ DEBUG martian source %u.%u.%u.
Unified Services Router User Manual [%d]\tMacAddr\t%s, j, [%d]\tDescp\t\t%s, j, ni>node_trace[i].descp [%d]\tValue\t\t%llu(0x%llx), j, ni>node_trace[i].
Unified Services Router User Manual __FUNCTION__ %s: failed to register sysctls!, proc_name PKTLOG_TAG %s: proc_mkdir failed, __FUNCTION__ PKTLOG_TAG %s: pktlog_attach failed for %s, PKTLOG_TAG %s:allocation failed for pl_info, __FUNCTION__ PKTLOG_TAG %s:allocation failed for pl_info, __FUNCTION__ PKTLOG_TAG %s: create_proc_entry failed for %s, PKTLOG_TAG %s: sysctl register failed for %s, PKTLOG_TAG %s: page fault out of range, __FUNCTION__ PKTLOG_TAG %s: page fault out of range, __FUNCTION__ PKTLOG_TAG
Unified Services Router %s: cancel DFS WAIT period on channel %d, __func__, sc>sc_curchan.channel Non-DFS channel, cancelling previous DFS wait timer channel %d, sc>sc_curchan.
Unified Services Router User Manual ,__func__ int)len %s: unable to start recv logic, %s: Invalid interface id = %u, __func__, if_id %s: unable to allocate channel table, __func__ %s: Tx Antenna Switch. Do internal reset.
Unified Services Router User Manual >ifName Wakingup due to wow signal %s, wowStatus = 0x%x, __func__, wowStatus DEBUG Pattern added already Error : All the %d pattern are in use.
Unified Services Router User Manual 0x%08x 0x%08x, 0x%08x 0x%08x 0x%08x 0x%08x, DEBUG sc_txq[%d] : , i DEBUG tid %p pause %d : , tid, tid->paused %d: %p , j, tid->tx_buf[j] DEBUG DEBUG %p , buf axq_q: %s: unable to reset hardware; hal status %u, __func__, status DEBUG DEBUG ****ASSERTION HIT**** MacAddr=%s, DEBUG DEBUG TxBufIdx=%d, i DEBUG Tid=%d, tidno AthBuf=%p, tid->tx_buf[i] %s: unable to reset hardware; hal status %u, %s: unable to reset hardware; hal status %u, DEBUG DEBUG %s: unable t
Unified Services Router Index:%d, value:%d, code:%x, rate:%d, flag:%x, i, (int)validRateIndex[i], RateTable:%d, maxvalidrate:%d, ratemax:%d, pRc->rateTableSize,k,pRc>rateMaxPhy User Manual DEBUG DEBUG Can't allocate memory for ath_vap. DEBUG Unable to add an interface for ath_dev.
Unified Services Router User Manual Appendix E.
Unified Services Router User Manual Appendix F. Product Statement 1. DSR-1000N Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Unified Services Router User Manual IMPORTANT NOTE: Radiation Exposure Statement This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying RF exposure compliance. To maintain compliance with IC RF exposure compliance requirements, please follow operation instruction as documented in this manual. This transmitter is restricted to indoor use in the 5150MHz to 5250MHz frequency range.
Unified Services Router User Manual Česky [Czech] [D-Link Corporation] tímto prohlašuje, že tento [DSR-1000N] je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/ES. Dansk [Danish] Undertegnede [D-Link Corporation] erklærer herved, at følgende udstyr [DSR -1000N] overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF.
Unified Services Router Português [Portuguese] Slovensko [Slovenian] Slovensky [Slovak] User Manual [D-Link Corporation] declara que este [DSR-1000N]está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. [D-Link Corporation] izjavlja, da je ta [DSR-1000N] v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/ES. [D-Link Corporation] týmto vyhlasuje, že [DSR-1000N] spĺňa základné požiadavky a všetky príslušné ustanovenia Smernice 1999/5/ES.
Unified Services Router User Manual 2.DSR-500N Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Unified Services Router User Manual Europe – EU Declaration of Conformity This device complies with the essential requirements of the R&TTE Directive 1999/5/EC. The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the R&TTE Directive 1999/5/EC: - EN 60950-1: 2006+A11:2009 Safety of information technology equipment - EN 300 328 V1.7.
Unified Services Router User Manual Česky [Czech] [D-Link Corporation] tímto prohlašuje, že tento [DSR-500N] je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/ES. Dansk [Danish] Undertegnede [D-Link Corporation] erklærer herved, at følgende udstyr [DSR-500N] overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF.
Unified Services Router Português [Portuguese] Slovensko [Slovenian] Slovensky [Slovak] User Manual [D-Link Corporation] declara que este [DSR-500N]está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. [D-Link Corporation] izjavlja, da je ta [DSR-500N] v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/ES. [D-Link Corporation] týmto vyhlasuje, že [DSR-500N] spĺňa základné požiadavky a všetky príslušné ustanovenia Smernice 1999/5/ES.
Unified Services Router User Manual 3.DSR-250N Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Unified Services Router User Manual Regulatory statement (R&TTE) European standards dictate maximum radiated transmit power of 100mW EIRP and frequency range 2.400 2.4835GHz; In France, the equipment must be restricted to the 2.4465 -2.4835GHz frequency range and must be restricted to indoor use. Operation of this device is subjected to the following National regulations and may be prohibited to use if certain restriction should be applied. D=0.
Unified Services Router User Manual 4. DSR-150N Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protecti on against harmful interference in a residential installation.
Unified Services Router User Manual Electromagnetic compatibility and Radio Spectrum Matters (ERM); ElectroMagnetic Compatibility (EMC) standard for radio equipment and services; Part 1: Common technical requirements EN 301 489-17 V2.1.1 (2009-05) Electromagnetic compatibility and Radio spectrum Matters (ERM); ElectroMagnetic Compatibility (EMC) standard for radio equipment; Part 17: Specific conditions for Broadband Data Transmission Systems This device is a 2.
Unified Services Router User Manual [Hungarian] követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak. Polski [Polish] Niniejszym [nazwa producenta] oświadcza, że [nazwa wyrobu] jest zgodny z zasadniczymi wymogami oraz pozostałym i stosownymi postanowieniami Dyrektywy 1999/5/EC. Português [Portuguese] [Nome do fabricante] declara que este [tipo de equipamento] está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE.
