Internet of Things User Manual EPG5000 version 1.
IMPORTANT To install this router, please refer to the Quick Start Guide included in the product packaging. To activate and use EnShare™ refer to the document “Using EnShare” also in the product packaging.
Table of Contents Chapter 1 Product Overview..............................................................5 Key Features....................................................................................................6 Technical Specifications/Software Features...................................8 Physical Interface..........................................................................................9 Chapter 4 Basic Network Settings.................................................
Chapter 5 Wireless Encryption.....................................................65 Wi-Fi Protect Access (WPA) Pre-Shared Key..................................66 Configuring Security.................................................................................67 Encryption Type.........................................................................................68 WPA Radius..................................................................................................
Chapter 1 Product Overview 5
Product Overview option to leverage Quantum Beam and the AC speed boost on the less congested 5 GHz frequency for bandwidth intensive Key Features • • • • • • • • • • Dual Band Wireless AC1750 Draft IEEE 802.11ac and IEEE 802.11 a/b/g/n Up to 450 Mbps in the 2.
Product Overview A Media Sharing Platform The EPG5000 is designed to access and share media for devices on the home network. In addition to connecting home entertainment components to any of its available Gigabit Ethernet ports, the EPG5000 also includes a USB port for attaching a USB storage device so wireless devices in the home or away from the home can access or upload media content wherever there is an available Internet connection through EnShare™ - Your Personal Cloud.
Technical Specifications Software Features Device Interface Gigabit WAN Port 4 Gigabit LAN Ports USB2.0 Port Push Button for WPS Reset Button Frequency Bands 2.400~2.484 GHz (11b/11g/11n) 5.18~5.24 GHz (11a/11n) Operating Mode AP Router/WDS Wireless Features Auto Channel Selection Output Power Control WMM (Wireless Multimedia) MSSID (Multiple SSID) IEEE Standards 802.11ac (draft) 802.11a/b/g/n Up to 450 Mbps wireless speed on 2.4 GHz frequency band and 1300 Mbps on 5 GHz frequency band 802.
Physical Interface Dimensions and Weights Weight: 0.5 lbs. Diameter: 6.36” Height: 1.64” When considering the placement of the router remember the following: • It must be close to an electrical outlet. • For optimal wireless connectivity, place the router near the center of the room if possible, at a high level Other electronic devices and some architectural construction materials or impediments may interfere with the wireless signal(s) of the router and reduce its range or coverage.
Chapter 2 Controlling the Router Through Its Web Configuration Interface 10
Logging In During the Quick Start Guide procedure, you should have successfully logged into the router’s Web Configuration user interface (essentially the router’s operating system that controls how it operates) and established some initial settings and controls for the router.
Viewing the Web Configuration Dash Board The Home Page screen of the Web Configuration interface, or dashboard, provides access to the router’s settings and controls.
Home Page Language The Language link displays the menu to set the OSD language. The Home Page displays the areas within the Web Configuration to which you can navigate: Setup Wizard, Network Settings, USB Storage Sharing, IP Cam Viewer, Language, and Logout Logout The Logout link closes the router’s Web Configuration interface from any screen. Home The Home link takes you back to the dashboard screen no matter where you are in the Web Configuration interface.
Web Menus Overview System View and edit settings that affect system functionality. Operation Mode Configure the device to be a router or WDS access point. Status Displays the summary of the current system status. Schedule Schedule services to start and stop at specific times or intervals. Event Log View recorded system operations and network activity events. Monitor View the current network traffic bandwidth usage. Language Configure the application menu and GUI language.
Internet View and edit settings that affect network connectivity. Status Displays a summary of the Internet status and type of connection. Dynamic IP Setup a dynamic IP connection to an ISP (Internet Service Provider). Static IP Setup a static IP connection to an ISP. PPPoE Setup a PPPoE connection to an ISP. PPTP Setup a PPTP connection to an ISP. L2TP Setup an L2TP connection to an ISP.
Wireless 2.4 GHz View and edit settings for 2.4 GHz wireless network connectivity. Status View the current wireless connection status and related information. Basic Configure the minimum settings required to setup a wireless network connection. Advanced Configure the advanced network settings. Security Configure the wireless network security settings. Filter Establish a list of client devices (computer, tablets, smartphones, printers, etc.
Wireless 5 GHz View and edit settings for 5 GHz wireless network connectivity. Status View the current wireless connection status and related information. Basic Configure the minimum settings required to setup a wireless network connection. Advanced Configure the advanced network settings. Security Configure the wireless network security settings. Filter Establish a list of client devices (computer, tablets, smartphones, printers, etc.
Parental Controls View and edit settings for parental controls. Wizard Enable or disable the Parental Controls function. The menu also provides information for configuring parental control policies. Web Monitor The menu provides a log of the events for defined parental control policies.
Guest Network View and edit settings for a guest network. Selection Enable or disable the Guest Network function. DHCP Server Setting Configure the Guest Network DHCP server settings. DHCP Client List Configure the Guest Network client list.
IPv6 View and edit settings for the IPv6 protocol. Basic Allows you to enable or disable the IPv6 and IPv6 Pass-through functions. Status Shows IPv6 LAN connection details. Static IPv6 Configure the IPv6 protocol. Auto Configuration Configure the IPv6 by obtaining the information through the ISP provider. PPPoE Configure the PPPoE network protocol, obtain information from your ISP (Internet Service Provider). 6to4 Allows IPv6 packets to be transmitted over an IPv4 network.
Firewall View and edit settings for the network firewall. Basic Enable or disable the network firewall. Advanced Configure virtual private network (VPN) packets. DMZ Redirect packets from the WAN port IP address to a particular IP address on the LAN. DoS Enable or disable blocking of DoS (Denial of Service) attacks. ACL Configure access control lists.
VPN View and edit settings for VPN tunnelling. Status View the status of current VPN tunnels. Profile Setting Manually configure VPN tunnels. User Setting Configure users, user ID and password combinations, and assign access to specific VPN tunnels. Wizard Automatically configure VPN tunnels with guidance from the software.
USB Port For viewing and editing settings for storage sharing. EnShare™ Enables or disables the EnShare remote access function. File Sharing Enables or disables the Samba sharing function. File Server Enables and configures the File Server function. DLNA Enables the discovery of DLNA devices (some HDTVs, game consoles, some set top boxes/media players, Blu-ray players, some smartphones, and network attached storage) on the home network.
Advanced View and configure advanced system and network settings. NAT Enable or disable Network Address Translation (NAT). Port Mapping Re-direct a range of service port numbers to a specified LAN IP address. Port Forwarding Configure server applications to send and receive data from specific ports on the network. Port Triggering Configure applications that require multiple connections and different inbound and outbound connections. ALG Configure the application layer gateway (ALG).
QoS Configures the network quality of service (QoS) setting by prioritizing the uplink and downlink bandwidth. Routing Configure static routing. WOL (Wake On LAN) Configure Wake on LAN to turn on a computer over the network.
Tools For viewing and configuring the router’s operating system and network tools settings. Admin For setting the administrator’s password used to log into the router. Time For configuring the system time on the router. DDNS Maps a static domain name to a dynamic IP address. Diagnosis To perform a Ping test to verify whether a specific device is connected to the LAN. Firmware For updating the router’s firmware.
Chapter 3 Installation Setup Wizard 27
Internet Setup Wizard Setup Wizard Home Use the Wizard to detect and set up the type of Internet connection you need, to set up a secure wireless connection, to create an administrator password to secure the device, or set the router’s date and time properties. To use the Internet Setup Wizard, follow these steps: 1. Click the Wizard button to show the Wizard start screen. 2. Click Next to continue with the setup procedure.
Setting Up Your Internet Connection 1. Decide how to set up the Internet connection. Note:It is recommended to let the device setup the Internet connection automatically. • Select Auto Detect to let the Wizard set up the Internet connection. • Select Manual Setup to set the properties yourself. Note: The connection types available are static IP, PPPoE, Dynamic IP, PPTP, and L2TP. 4. Click Next to continue, Prev to return to the previous screen, or Cancel to stop the procedure. 2.
Setting Your Wireless Security Setting wireless encryption for 2.4 GHz and 5 GHz networks. To encrypt the wireless signals for either or both of the frequency bands in the EPG5000 router, follow these steps: 1. Enter the router name in the wireless Name (SSID) text field. 2. Select the security level from the Encryption dropdown list. Important: To ensure the network is secure, it is recommended to select High for an encryption level. 3. Enter a password in the Encryption Key text field. 4.
Setting Your Router’s Administrator Password Set up a password to log into the ESR Series Router. 1. Enter a password in the New Password text field. 2. Enter the same password in the Repeat New Password text field. 3. Click Prev to return to the previous screen, Skip to skip this procedure, Next to continue, or Cancel to stop the procedure.
Setting Your Router’s Time Zone Setup date and time syncronization on the ESR Series Router with a computer or an Network Time Protocol (NTP) server. To synchronize date and time settings with a computer, follow these steps: 1. Select Synchronize with PC (computer) from the Time Setup dropdown list. The date and time values are shown in the PC Date and Time text field. 2. Click Prev to return to the previous screen, Apply to save the settings, or Cancel to stop the procedure.
6. Select the date and time values when daylights savings time ends in the End Time dropdown lists. 7. Click Prev to return to the previous screen, Apply to save the settings, or Cancel to stop the procedure.
Status and Save Settings This screen lets you review, change and save your Internet connection, save wireless security settings or setup up a userspecified name for the default EnGenius DDNS service. To review or modify the device settings, follow these steps: 1. Review the settings shown on the screen for the Internet connection, 2.4 GHz and 5 GHz networks, and the router administrator login. 2. You can change settings to the Internet connection and wireless network settings by clicking the Setup button.
Chapter 4 Basic Network Settings 35
Network Settings Network Settings Viewing System Status Home To see a more detailed view of the router’s status than the information displayed on the Home page of the Web Note: If a feature or function does not apply to all modes, a note indicates which modes are applicable. Otherwise, it is assumed the feature or function applies to all modes. Configuration interface, from the Home Page click on Network Settings button in the upper navigation bar.
Status Application Version The version of the router’s firmware. To view the Status settings, click System then click Status. On the Status page, you can view a summary of the current router system status including the router’s (hardware/software version, date/time), wired network (LAN) and wireless network (WLAN) information. Note: To update the router’s firmware, visit www.engeniustech.
WAN Settings Attain IP Protocol Displays the IP protocol in use for the router. It can be a dynamic or static IP address. IP Address The router’s IP address as designated by an ISP (Internet Service Provider). Subnet Mask The router’s WAN subnet mask as designated by an ISP provider. Default Gateway The router’s gateway address as designated by an ISP provider. MAC Address The router’s WAN MAC (Media Address Control) address.
LAN Settings IP Address The router’s local IP address. The default LAN IP address is http://192.168.0.1 To access the Web Configuration interface for the router, type this address into the address (URL) field of your web browser. This can only be done in the same physical location where the router resides (your home network). Subnet Mask The router’s local Subnet Mask. DHCP Server The DHCP setting status (Default: Enabled).
WLAN Settings Channel The communications channel used by all stations, or computing devices, on the network. ESSID The ID value of a set of one or more interconnected basic service sets (BSSs). Security The security setting status (Default: Disabled). BSSID The unique ID of the BSS using the above channel value on this router. The ID is the MAC address of the BSSs access point.
Guest Network Guest Network The guest network status. (Default: Disabled) IP Address The Guest Network’s LAN IP address. Subnet Mask The Guest Network’s local subnet mask. DHCP Server The Guest Network DHCP setting status (Default: Enabled). Guest Network Interface The SSID (Service Set Identifier) of the Guest Network.
Configuring the LAN (Local Area Network) The settings on this page allow you to configure the wired network settings. Devices connected to the router’s Ethernet ports comprise its LAN. The router’s IP is defined in the IP Address field. The default setting of the DHCP server is set to Enabled so that networked clients (computers, home entertainment components, printers, etc.) will automatically be assigned IP addresses by the router.
DHCP Server The DHCP server assigns IP addresses to the devices on the LAN. DHCP Server Enable or disable the DHCP server (Default: Enabled). Lease Time Configure the amount of time each allocated IP address can be used by a client. Start IP The first IP address in the range of addresses assigned by the router. End IP The last IP address in the range of addresses assigned by the router. Domain Name The domain name of the router.
Configuring Dynamic Host Configuration Protocol This window allows you to view and configure Dynamic Host Configuration Protocol (DHCP) addresses. WARNING! Do not modify the settings in this section without a thorough understanding of the parameters. To view the DHCP settings, click System then click DHCP. DHCP Client Table Displays the connected DHCP clients whose IP addresses are assigned by the DHCP server of the router. IP Address Displays the IP address of the static DHCP client device in the table.
Enable Static DHCP IP There are reasons why you may want to enable a static IP address on a client device on your ESR router’s network. On occasion, if there are power outages or if you’ve reconfigured the settings on your ESR router and reboot (restart) it to apply the new settings, the previous IP address that the router’s DHCP server assigned to one or more devices on the network may have changed.
Current Static DHCP Table Allows you to view the active static DHCP IP addresses that have been manually assigned to client devices with their corresponding MAC addresses. No. (Number) Displays the ID of the static DHCP client device in the table. IP Address Displays the IP address of the static DHCP client device in the table. MAC Address Displays the MAC address of the static DHCP client device in the table. Select Click to select static DHCP client devices to be deleted.
Configuring Event Logging The logging service records and displays important system information and activity on the network. The events are stored in a memory buffer with older data overwritten by newer when the buffer is full. To view the Log settings, click System then click Log. Log Message List Select Enable Logging to Syslog Server Click Save to start logging information to the system. Log Message window Shows the current system operations and network activity.
Monitoring Bandwidth Usage This tool allows you to view real-time bandwidth usage for WAN (Wide Area Network - or Internet), LAN (Local Area Network) and WLAN (Wireless Local Area Network) traffic. For the EPG5000, it shows both the bandwidth traffic in both the 2.4 and 5 GHz frequency bands. To view the Bandwidth Monitor settings, click System, then click Monitor. The screens display the active bandwidth usage for both the LAN and WLAN networks as well as the bandwidth being used on the WAN connection.
Configuring the System Language The ESR router’s Web Configuration interface supports multiple languages. To view the Language settings, click System, then click Language. Select the system language you wish to use from the drop-down menu.
Configuring IP Cameras This ESR router supports up to four (4) EnGenius IP Cameras simultaneously. If no IP Camera is detected, please check that the IP Camera’s IP address and UPnP client are configured correctly. To view the IP Camera settings, click System, then click IP Camera. Before starting this procedure, you must connect your EnGenius IP camera to the network. Make sure the camera is powered on. Click the Refresh button to view a listing of available devices.
Configuring Internet Settings View Internet Status IP Address The router’s WAN IP address. The WAN Settings, or Internet Status, page shows a summary of the current Internet connection information. This section is also shown on the System Status page. Subnet Mask The router’s WAN subnet mask. To view the Status settings, click Internet, then click Status. Default Gateway The ISP’s gateway IP address. WAN Settings To view the WAN Settings, click Internet then select Status.
Configuring Dynamic IP Dynamic IP addressing assigns a different IP address each time a device connects to an ISP (Internet Service Provider) and most commonly used by cable ISPs. To view the Dynamic IP, click Internet then select Dynamic IP. Dynamic IP Hostname Assign a name for the Internet connection type. This field can be blank. MTU (Maximum Transmission Unit) Allows you to configure the MTU. The MTU specifies the largest packet size permitted for an internet transmission.
DNS Servers The DNS server translates a domain or website name into a URL (Uniform Resource Locator), or Internet address. There are two options to choose from: From ISP or User-Defined. Select From ISP to retrieve the DNS address value from the ISP; select User-Defined to assign a custom DNS server address. DNS Server Configure the type of DNS server. (Default = From ISP) First DNS Server Configure the first, or primary, DNS server. Second DNS Server Configure the second, or secondary, DNS server.
Configuring Static IP Setting a static IP address allows an administrator to set a specific IP address for the router and guarantees that it can not be assigned a different address. To view the Static IP settings, click Internet, then click Static IP. Static IP IP Address The router’s WAN IP address. MTU (Maximum Transmission Unit) The MTU specifies the largest packet size permitted for an internet transmission. The factory default MTU size for static IP is 1500.
Configuring PPPoE Point-to-Point Protocol over Ethernet (PPPoE) is used mainly by ISPs that provide DSL modems to connect to the Internet. To view the PPPoE settings, click Internet, then click PPPoE. Username Enter the username assigned by an ISP. Password Enter the password assigned by an ISP. Idle Timeout Configure the maximum idle time (1 to 1,000 minutes) allowed for an inactive connection. Service Name Enter the service name of an ISP (optional). MTU (Maximum Transmission Unit) Enter the (MTU).
Configuring PPTP PPTP (Point-to-Point Tunnelling Protocol) is used in association with virtual private networks (VPNs). There are two parts to a PPTP connection: the WAN interface settings and the PPTP settings. To view the PPTP settings, click Internet, then click PPTP. WAN Interface Settings Dynamic IP Address WAN Interface Type Select Dynamic IP Address to assign an IP address provided by an ISP. Hostname Enter a host name of an ISP. (optional).
PPTP Settings User Name Enter the username assigned by your ISP. Password Enter the password assigned by your ISP. Service IP Address Enter the PPTP server IP address provided by your ISP. Idle Timeout Configure the maximum amount of time, in minutes, allowed for inactive Internet connection. The Internet connection will be dropped when the maximum idle time is reached. Valid values are between one and one thousand. Connection ID Enter the connection ID provided by your ISP (optional).
Configuring L2TP L2TP (Layer 2 Tunneling Protocol) is used in association with VPNs (Virtual Private Networks). There are two parts to a L2TP connection: 1. The WAN interface settings and 2. The L2TP settings. To view the L2TP settings, click Internet, then click L2TP. WAN Interface Settings Dynamic IP Address WAN Interface Type Select Dynamic IP Address to assign an IP address provided by an ISP. Hostname Enter a host name of an ISP (optional).
L2TP Settings Username Enter the username assigned by an ISP. Password Enter the password assigned by an ISP. Service IP Address Enter the L2TP server IP address provided by an ISP. Idle Timeout Configure the maximum amount of time, in minutes, allowed for inactive Internet connection. The Internet connection will be dropped when the maximum idle time is reached. Valid values are between one and one thousand. Connection ID Enter the connection ID provided by an ISP (optional).
Configuring DS-Lite Dual-Stack Lite, or DS-Lite, allows ISPs to stop IPv4 addresses from reaching a customer’s network devices and only use IPv6. To view the DS-Lite settings, click Internet, then click DS-Lite. DS-Lite Configuration Select DS-Lite DHCPv6 Option or Manual Configuration AFTR IPv6 Address Enter the AFTR IPv6 connection type B4 IPv4 Address Enter an Optional B4 IPv4 address. WAN IPv6 Address Enter the WAN IPv6 address. IPv6 WAN Default Gateway Enter the IPv6 WAN default gateway address.
Wireless LAN Setup To view the Wireless Basic settings, click Wireless then select Basic. Radio Enable or disable the wireless radio. If the wireless radio is disabled, wireless access points are not available. Mode Select the wireless operating mode for the router. Two modes are available: Access Point or Wireless Distribution System (WDS) mode. AP (Access Point) Provides a connection access point for wireless devices.
Access Point Mode These instructions apply to both the 2.4 GHz and 5 GHz frequency bands. The router by default is already configured in Access Point Mode. For optimum connectivity to a number of different wireless client devices, it’s recommended that you keep the router in its default wireless settings. You can choose to have the router associate only with certain iterations (IEEE standards) and by doing so this will either positively or negatively affect the router’s speed and throughput performance.
Wireless Distribution System Mode Configuring the router’s wireless settings for WDS (Wireless Distribution System) mode. Channel Select a channel to assign to the wireless network. Valid values are from one to eleven in the US and one to thirteen in the EU. MAC Address [#] Enter the MAC address(es) for the wireless access point(s) that are part of the WDS. WDS Data Rate Select the data rate for the WDS. Set Security Click Set Security to set up the WDS security settings screen.
WDS Security Settings Screen Selecting the type of WDS encryption (Disable, WEP or WPA PreShared Key) for the wireless network. Wired Equivalent Privacy (WEP) Key Length Select between 64-bit and 128-encryption. Key Format Select the type of characters used for the WEP Key: ASCII (5 characters) or Hexadecimal (10 characters). Default Key Select the default encryption key for wireless transactions. Encryption Key [#] Enter the encryption key(s) used to encrypt the data packets during data transmission.
Chapter 5 Wireless Encryption 65
Wi-Fi Protected Access (WPA) Pre-Shared Key WPA Type Select the type of WPA. • WPA Temporal Key Integrity Protocol (TKIP): Generates a 128-bit key for each packet. • WPA2 Advanced Encryption Standard (AES): Government standard packet encryption which is stronger than TKIP. Pre-Shared Key Type Select the type of pre-shared key as Passphrase (ASCII) or Hexadecimal. Pre-Shared Key Enter the pre-shared Key value.
Configuring Security Enabling security options on the wireless network to prevent intrusions to systems on the wireless network. To view the Security settings, click Wireless then select Security. SSID Selection Select the wireless network group in which you wish to change its wireless security settings. Broadcast SSID Enable or disable broadcast SSID. Choose whether or not the wireless group is visible to other members.
Encryption Type Enabling encryption is strongly encouraged because unauthorized parties within range of your router’s wireless signal may attempt to access your wireless network and then gain access to private information on devices on your network. It’s highly recommended that you encrypt your router with WPA2 (AES) for optimal security and throughput performance. Always select a strong passphrase greater than 8 characters long and comprised of letters, numbers, and symbols.
WPA RADIUS Using a RADIUS server to authenticate wireless stations and provide a session key to encrypt data during communications. WPA Type Select the type of Wireless Protected Access (WPA) from the following: • WPA2 Advanced Encryption Standard (AES): RECOMMENDED — Government standard packet encryption which is stronger than TKIP. • WPA Temporal Key Integrity Protocol (TKIP): Generates a 128-bit key for each packet.
Wired Equivalent Privacy (WEP) Key Length Select between 64-bit and 128-encryption. Authentication Type Select the type of authentication from the following: • Open System: Wireless stations can associate with the router Key Type Select the type of characters used for the WEP Key: ASCII (5 characters) or Hexadecimal (10 characters).
Configuring Filters WARNING! Incorrectly changing these settings may cause the device to stop functioning. Do not modify the settings in this section without a thorough understanding of the parameters. When Enable Wireless Access Control is selected, only wireless clients with MAC addresses listed in the table are allowed to connect to the wireless network. To view the Filter settings, click Wireless then select Filter.
MAC Address Filtering Table No. (Number) The sequence number of the device. Description The description of the device. MAC Address The MAC address of the device. Select Indicates the device(s) that can have actions performed on them. Click Delete Selected to remove selected devices from the list. Click Delete All to remove all devices from the list. Click Reset to discard changes. Click Apply to save the settings or Cancel to discard changes.
Configuring Wi-Fi Protected Setup Wi-Fi Protected Setup (WPS) is an quick and easy way to associate a new wireless client device to the encrypted router using a PIN or the WPS buttons on each device. To view the WPS settings, click Wireless then select WPS. WPS Enable or disable WPS. WPS Current Status Displays whether or not the wireless security is configured. Self Pin Code An 8-digit PIN which is required when configuring the router for the first time in Windows 7 or Vista.
Configuring Client List View the wireless devices currently connected to the router. To view the Client List settings, click Wireless then select Client List. Interface The type of network connected to the device. MAC Address The MAC address of device connected to network. Signal The signal strength of the device connected to the network. Idle Time The amount of time the connected device has not been active on the network. Click Refresh to refill the list with currently connected devices.
Chapter 6 Advanced Settings 75
Configuring Advanced Settings Allows you to define the Advanced Settings available on the router. WARNING! Incorrectly changing these settings may cause the device to stop functioning. Do not modify the settings in this section without a thorough understanding of the parameters. To view the Advanced settings, click Wireless then select Advanced. Fragment Threshold Enter the maximum size of a packet during data transmission. A value too low could lead to low performance.
Channel Bandwidth Select the channel bandwidth. The factory default is Auto 20/40MHz. The default setting provides the best performance by auto selecting channel bandwidth. Preamble Type Select the preamble type. Long Preamble provides better LAN compatibility and Short Preamble provides better wireless performance. CTS Protection Select the type of CTS protection. Using CTS Protection can lower the data collisions between Wireless B (802.11b) and Wireless G (802.11g) devices and lower data throughput.
Setting Up Parental Controls Offensive web content can be blocked when a parent specifies keywords. Parents can also limit Internet access within a specified time and day, with a Schedule. A Policy is a rule profile which describes the keyword filter and Internet access schedule. Parents can apply the policy to multiple users or Policy Members. The Parental Controls tool will screen policy members based on applied policies.
Adding a Control Policy 1. Enter a unique name for your policy in the Policy Name text field. The router provides a wizard to guide you through setting up a new Access Control Policy. To start the procedure, click the Add Policy button. 2. Click Prev to return to the previous screen, Next to continue the procedure, or Cancel to stop the procedure. 3. Add target devices to the access control policy. Click Next to continue the procedure or Cancel to stop the procedure.
To add a device to the Member List, follow these steps: a. Click MAC or IP from the Filter Type option. b. Click Add to show the add client dialog. c. Enter the name of the device in the Device Name text field. 5. Setting up a schedule for the router services. d. Enter either a MAC address or an IP address in the Address field depending upon which filter type you chose. e. Click the Add Device Button to close the screen and add the device to the Member List.
7. Setup a keyword and URL filter list. 10.Select Enable to save web access information to a log file or Disable to ignore the information. To set up a keyword/URL filter list, follow these steps: a. Select Allow from the Filtering option. b. Enter a keyword or URL in the URL/Keyword text field. c. Click the Add button to add the filter to the list. d. Repeat steps a through c for each filter. 11.Click Prev to return to the previous screen, Save to save the changes, or Cancel to stop the procedure. 8.
Viewing Parental Policies Available parental control policies are shown in a table and each policy can be enabled or disabled, edited, and deleted. To view the Web settings, click Parental Control then select Web Monitor. Enable Click to enable or disable the control policy. Policy Name Shows the control policy name. Target Device Shows the target device MAC address or IP address. Schedule Shows the control policy schedule. Logged Shows whether the control policy is storing log information.
Guest Network The Guest Network function enables you to offer Internet connectivity to visitors or guests while keeping other networked devices (computers and hard drives) and sensitive personal or company information private and secure. The Guest Network is controlled by the Wireless SSID function. When the Guest Network function is enabled, the Guest SSID can only get the internet connection from WAN, but can not reach the client from the LAN port.
Configuring the DHCP Server Setting The Guest Network SSID should be on a different subnet from the router’s DHCP server. To view the DHCP Server Settings, click Guest Network then select DHCP Server Setting. Router IP address Define the router IP address for the Guest network. Default Subnet Mask Define the Subnet Mask IP address for the Guest network. Start IP To define the Guest network DHCP server start IP. End IP To define the Guest network DHCP server end IP.
Viewing the DHCP Client List on the Guest Network Shows the list of guest clients registered on the network. To view the DHCP Client List settings, click Guest Network then select DHCP Client List. DHCP Client Table Shows the IP address, MAC address, and expiration time of each of the registered clients on the list. IP Address The IP address of the guest client. MAC Address The MAC address of the guest client. Expiration Time The time that the guest client’s DHCP address will expire and must be renewed.
IPv6 There are several connection types to choose from: Auto Detection, Static IPv6, Autoconfiguration (SLAAC/DHCPv6), PPPoE, IPv6 in IPv4 Tunnel, 6to4, and Link-local. If you are unsure of your connection method, please contact your IPv6 Internet Service Provider. Note: If you are using the PPPoE option, you will need to ensure that any PPPoE client software on your computers has been removed or disabled. Enabling IPv6 Settings To view the Basic settings, click IPv6 then select Basic.
Viewing the IPv6 Connection Status To view the Status information, click IPv6 then select Status. IPv6 Connection Information Shows the IPv6 connection type, the LAN IPv6 link-local address and the DHCP-PD. LAN IPv6 Computers List Shows a list of network computers and their IPv6 connection information.
Configuring Static IPv6 To view the Static IPv6 settings, click IPv6 then select Static IPv6. Use Link-Local Address Enable or disable LAN link-local address. IPv6 Address Enter the LAN (local) IPv6 address for the router. Subnet Prefix Length Enter the subnet prefix length. Default Gateway Enter the default gateway. Primary IPv6 DNS Address Enter the primary IPv6 DNS address. Secondary IPv6 DNS Address Enter the secondary IPv6 DNS address. LAN IPv6 Address Enter the LAN IPv6 address.
Setting Autoconfiguration To view the Auto Configuration settings, click IPv6 then select Auto Configuration. Obtain A DNS Server Address Automatically Enable or disable obtaining a DNS server automatically. Primary IPv6 DNS Address Enter the primary IPv6 DNS address. Secondary IPv6 DNS Address Enter the secondary IPv6 DNS address. Enable DHCP-PD Enable or disable DHCP-prefix delegation (PD). LAN IPv6 Address Enter the LAN IPv6 address. LAN IPv6 Link-Local Address Enter the LAN IPv6 link-local address.
Configuring PPPoE To view the PPPoE settings, click IPv6 then select PPPoE. Address Mode Select Static if your ISP assigned you the IP address, subnet MTU Maximum Transmission Unit - you may need to change the MTU for optimal performance with your specific ISP. 1492 is the default MTU. mask, gateway, and DNS server addresses. In most cases, select Dynamic. IP Address Enter the IP address (Static PPPoE only). User Name Enter your PPPoE user name. Password Enter your PPPoE password.
Obtain A DNS Server Address Automatically Enable or disable obtaining a DNS server automatically. Primary IPv6 DNS Address Enter the primary IPv6 DNS address. Secondary IPv6 DNS Address Enter the secondary IPv6 DNS address. Enable DHCP-PD Enable or disable DHCP-prefix delegation (PD). LAN IPv6 Address Enter the LAN IPv6 address. LAN IPv6 Link-Local Address Enter the LAN IPv6 link-local address. Enable Automatic IPv6 Address Assignment Enable or disable automatic IPv6 address assignment.
Configuring 6to4 To view the 6to4 settings, click IPv6 then select 6to4. 6to4 Address Enter the 6to4 IP address. Primary IPv6 DNS Address Enter the primary IPv6 DNS address. Secondary IPv6 DNS Address Enter the secondary IPv6 DNS address. LAN IPv6 Address Enter the LAN IPv6 address. LAN IPv6 Link-Local Address Enter the LAN IPv6 link-local address. Enable Automatic IPv6 Address Assignment Enable or disable automatic IPv6 address assignment. Autoconfiguration Type Enter the autoconfiguration type.
Viewing Local Connections To view the Link Local settings, click IPv6 then select Link Local. LAN IPv6 Link-Local Address Enter the LAN IPv6 link-local address. Click Apply to save the settings or Cancel to discard changes.
Firewall Setup Note: This section applies to Client Router mode. Configuring Basic Settings To view the Basic settings, click Firewall then select Basic. The ESR Series Router firewall automatically detects and blocks Denial of Service (DoS) attacks. URL blocking, packet filtering and stateful packet inspection (SPI) are also supported. The details of the attack and the timestamp are recorded in the security log. Firewall Enable or disable the firewall of the ESR Series Router.
Configuring Advanced Settings The router supports VPN pass-through which allows virtual private networking (VPN) packets to pass through the firewall. To view the Advanced settings, click Firewall then select Advanced. Note: VPN L2TP Pass-through, VPN PPTP Pass-through, and VPN IPSec Pass-through are enabled by factory default. VPN L2TP Pass-through Click Select to allow an L2TP connection method over a VPN. VPN PPTP Pass-through Click Select to allow a PPTP connection method over a VPN.
VPN L2TP Pass-through Click Select to allow an L2TP connection method over a VPN. VPN PPTP Pass-through Click Select to allow a PPTP connection method over a VPN. VPN IPSec Pass-through Click Select to allow an IPSec connection method over a VPN. IPv6 Pass-through Click Select to allow IPv6 packets to pass through the firewall. PPPoE Pass-through Click Select to allow PPPoE packets to pass through the firewall. Click Apply to save the settings or Cancel to discard changes.
Configuring Demilitarized Zone Configuring a device on the LAN as a Demilitarized Zone (DMZ) host allows unrestricted two-way Internet access for Internet applications, such as online video games, to run from behind the NAT firewall. The DMZ function allows the router to redirect all packets going to the WAN port IP address to a particular IP address on the LAN.
Configuring Denial of Service To enable blocking of denial of service (DoS) attacks, select the DoS option in the Firewall section. DoS attacks can flood the Internet connection with the continuous transmission of data. Blocking these attacks ensures that the Internet connection is always available. To view the DoS settings, click Firewall then select DoS. Block DoS Enable or disable blocking DoS attacks. Discard Ping on WAN ICMP (ping) packages are blocked while Block DoS is enabled.
Virtual Private Network Setup A Virtual Private Network (VPN) provides a secure connection between two remote locations or two users over the Internet. It provides authentication to securely encrypt data communicated between the two remote endpoints. The Short Model Name supports up to 5 VPN tunnels, making it ideal for small-office / home-office users or employees who work from home but need to communicate securely back to the main office.
Configuring a VPN Tunnel Profile To view the Status settings, click VPNthen select Status. Manually configure a VPN tunnel profile. Creating a Profile • • • • Click Add to create a new VPN tunnel profile. Click Edit to edit the settings of the selected profile. Click Delete Selected to delete the selected profile. Click Delete All to delete all current profiles.
General For manually configuring a VPN tunnel profile. Name: Enter the name for this profile. Connection Type: Click the drop-down menu to select the connection type (PPTP, L2TP, IPSec, L2TP over IPSec). Authentication Type: Click the drop-down menu to select the authentication type. Shared Key: Enter the shared key to be used for this profile. Confirm: Enter the shared key a second time to confirm the shared key.
SA (Security Association) IKE (Internet Key Exchange) is configured in two negotiations. Phase 1 authenticates the VPN Clients to each other by confirming the matching Pre-Shared Key with the two gateways. IPSec is the Phase 2 of the VPN process. Manually configuring a VPN tunnel profile. IKE (Phase 1) Proposal Exchange: Click the drop-down menu to select the type of exchange (Main Mode, Aggressive Mode). DH Group: Click the drop-down menu to select the DH group (group 1, group 2, group 5, group 14).
Network Manually configuring a VPN tunnel profile. Security Gateway Type: Click the drop-down menu to select the Security Gateway Type (IP Address, Domain Name) Security Gateway: Enter the gateway value as defined in Security Gateway Type. Local Network Local Address: Enter the IP address of the local PC. Local Netmask: Enter the netmaks of the local PC. Remote Network Remote Address: Enter the IP address of the remote PC. Remote Netmask: Enter the netmask of the remote PC.
Advanced Manually configuring a VPN tunnel profile. NAT Traversal: Select enable to enable the NAT Traversal function in order to hide the private IP address from public view. Note: Services such as VoIP require the use of a private IP address. Dead Peer Detection: Apply: Click Apply to save the changes. Cancel: Click Cancel to delete the changes.
Configuring a User Setting The User Setting function allows you to create user profiles inorder to setup login access to the VPN service. Name Enter the name of the new user profile. Password Enter the password for the user name. Confirm Enter the password a second time to confirm the setting. Add Click Add to accept the profile and add it to the Current VPN User Table. Reset Click Reset to clear the new settings. Current VPN User Table Displays the User ID, User Name and Selection status.
USB Port The EPG5000 router is equipped with a USB port for connecting a hard drive so media content can be accessed or transferred to other devices in the home or devices away from home. Viewing EnShare The EnShare feature allows you to access media content stored on a USB hard drive connected to the router’s USB port in the home and when you are away from home when you have access to the Internet. By default the EnShare feature is enabled.
Viewing File Server The File Server function allows you to provide network users FTP access to shared USB stored files. To view the File Server settings, click USB Port then select File Server. Enable FTP Service Select this to enable the FTP service to share files on the USB device Port Number Define the port number (default: 21) to open for the FTP service. Login Timeout Define the period of inactivity (default: 90) before a user is logged out.
Viewing DLNA The DLNA Media Server function allows you to transfer photos, music and video between networked devices through the ESR Series Router. To view the DLNA settings, click USB Port then select DLNA. 1. Select Enable to enable the DLNA Media Server function. 2. In the Share Folder Name, enter the name of the shared folder. 3. Click Apply to save the new settings, or Cancel to clear the changes.
Advanced Network Settings NAT Setup Network Address Translation (NAT) allows users on the LAN to access the Internet through a single Public IP Address or multiple Public IP Addresses. NAT provides firewall protection from hacker attacks and allows for mapping LAN IP addresses to WAN IP addresses with key services such as websites, FTP, and video game servers. To view the NAT settings, click Advanced then select NAT. NAT Enable or Disable the NAT. Network Turbine Enable or Disable the network turbine.
Port Mapping Setup Port Mapping allows you to redirect a particular range of service port numbers from the WAN to a particular LAN IP address. To view the Port Mapping settings, click Advanced then select Port Mapping. Enable Port Mapping Click Enable Port Mapping to activate port mapping. Description Enter notes or details about the mapped port range configuration. Local IP Enter the local IP address of the server behind the NAT firewall.
Current Port Mapping Table Displays a list of mapped port ranges in use on the network. No. (Number) The sequence number of the mapped port range. Description Notes or details about the mapped port range. Local IP IP address of the server for the mapped port range. Type The protocol used to communicate with the WAN ports and LAN server. Port Range The range of mapped ports. Select Indicates the device(s) that can have actions performed on them. Click Delete Selected to remove selected devices from the list.
Port Forwarding Setup Port forwarding enables multiple server applications on a LAN to serve clients on a WAN over a single WAN IP address. The router accepts incoming client packets, filters them based on the destination WAN, or public, port and protocol and forwards the packets to the appropriate LAN, or local, port. Unlike the DMZ feature, port forwarding protects LAN devices behind the firewall. To view the Port Forwardung settings, click Advanced then select Port Forwarding.
Current Port Forwarding Table The table of current port forwarding configurations. Click Delete Selected to remove selected devices from the list. Click Delete All to remove all devices form the list. Click Reset the discard changes. Click Apply to save the settings or Cancel to discard changes.
Port Triggering Setup Some applications, such as online games, videoconferencing and VoIP telephony, require multiple ports for inbound and outbound traffic. If an application requires simultaneous use of incoming and an outgoing ports, configure port triggering to map a local port or range of ports to a specific public port. Sending packets out over the local port triggers the router to open an incoming local port that is mapped to the same public port and application as the outgoing local port(s).
Public Type Select the protocol to use for the inbound port from the following: TCP, UDP or Both. Click Add to append a new configuration to the table or Reset to discard changes. Current Port Triggering Table The list of current port triggering configurations. Click Delete Selected to remove selected devices from the list. Click Delete All to remove all devices form the list. Click Reset the discard changes. Click Apply to save the settings or Cancel to discard changes.
Application Layer Gateway Setup The ALG (Application Layer Gateway) serves as a window between correspondent application processes so that they may exchange information on an open environment. To view the ALG settings, click Advanced then select ALG. Select the listed applications that need ALG support and then the router will authorize them to pass through the NAT gateway. Click Apply to save the settings or Cancel to discard changes.
Universal Plug and Play Setup UPnP helps internet devices, such as gaming and videoconferencing, to access the network and connect to other registered UPnP devices. To view the UPnP settings, click Advanced then select UPnP. Click Enable or Disable to activate or deactivate UPnP. Click Apply to save the settings or Cancel to discard changes.
Internet Group Multicast Protocol Setup Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a multicast group. To view the IGMP settings, click Advanced then select IGMP. Click Enable or Disable to activate or deactivate IGMP. Click Apply to save the settings or Cancel to discard changes. Note: Disabling the Multicast function may cause IP based multimedia devices, such as an IP-STB or OTT box, may lose connectivity with the media streaming server.
Quality of Service Setup QoS can prioritize bandwidth use such as video streaming, online gaming, VoIP telephony and videoconferencing to ensure stable and efficient network performance. To view the QoS settings, click Advanced then select QoS. Total Bandwidth Settings Uplink Select the maximum bandwidth speed for outbound traffic. Downlink Select the maximum bandwidth speed for inbound traffic. Note: Click Disabled if you do not want to prioritize any data or protocol.
Priority Queue Set network resource usage based on specific protocols or port ranges. Incoming packets are processed based on the protocols’ position within the queue. Unlimited Priority Queue Local IP Address Enter the local IP address of a device on the network. This device’s activity is not restricted by the QoS feature. High/Low Priority Queue Specify the priority for different protocols. Additional protocols and port ranges can be added. Click Apply to save the settings or Cancel to discard changes.
Bandwidth Allocation Set network resource usage, for inbound and outbound traffic, based on local IP and port ranges. Type Select Download or Upload to specific the direction of packet traffic. Local IP Range Enter the local IP range of the current configuration. Protocol Select the protocol to manage for the current configuration. Port Range Enter the local port range of the current configuration. Policy Select Min or Max to specify the type of configuration policy.
Routing Setup Typically static routing does not need to be setup because the router has adequate routing information after it has been configured for Internet access. Static routing is only necessary if the router is connected to network under a different subnets. To view the Routing settings, click Advanced then select Routing. Note: To enable a static routing, NAT must be disabled.
Wake on LAN Setup Wake on LAN setup (WOL) allows the administrator to activate a computer over the network. To view the WOL settings, click Advanced then select WOL. Enabling WOL over WAN Click Enable WOL over WAN to activate the feature. Server Port Enter the server port of the device to activate. Wake MAC Address Enter the MAC address of the device to activate. Click Start to activate the device. Click Apply to save the settings or Cancel to discard changes.
Tools Setup Configuring the Administrator Account Change the router’s system password as well as setup a device to remotely configure the settings. To view the Admin settings, click Tools then select Admin.
System Time Setting Change the system time of the ESR Series Router and setup automatic updates through a network time (NTP) protocol server or through a computer. To view the Time settings, click Tools then select Time. Synchronizing with an NTP Server Time Setup Select how the ESR Series Router obtains the current time. Time Zone Select the time zone for the ESR Series Router. NTP Time Server Enter the domain name or IP address of an NTP server.
Synchronizing Time with a Computer Time Setup Select how the ESR Series Router obtains the current time. Computer Date and Time Displays system date and time from a computer. Enable Daylight Saving Click to enable or disable daylight savings time. Start Time Select the date and time when daylights savings time starts. End Time Select the date and time when daylights savings time ends. Click Apply to save the settings or Cancel to discard changes.
Dynamic Domain Name Service (DDNS) Setup The most common use for DDNS is in allowing an Internet domain name to be assigned to a computer with a varying (dynamic) IP address. This makes it possible for other sites on the Internet to establish connections to the machine without needing to track the IP address themselves. To view the DDNS settings, click Tools then select DDNS. Dynamic DNS Click to enable or disable DDNS. Server Address Select the server address. Host Name Enter the host name.
Diagnosis that Client Devices Are Connected to the Router The diagnosis feature allows the administrator to verify that a client device is available on the network and is accepting request packets. If the ping result returns alive, it means a device is connected. This feature does not work if the target device is behind a firewall or has security software installed. To view the Diagnosis settings, click Tools then select Diagnosis.
Upgrading The Router’s Firmware Firmware is the router’s system software that operates and allows the administrator to interact with it. To view the Firmware settings, click Tools then select Firmware. WARNING! Upgrading firmware through a wireless connection is not recommended. Firmware upgrading must be performed while connected to an Ethernet (LAN port) with all other clients disconnected. To update the firmware version, follow these steps: 1.
Backing Up The Router’s Settings Save them as a configuration file on your computer. To view the Back-up settings, click Tools then select Back-up. Restoring to the router’s Factory Default settings Click Reset to restore the ESR Series Router to factory defaults. Backup Settings Click Save to save the current configuration on the router to a *.dlf file. Restore Settings To restore saved settings, do the following: a. Click Choose File. b. Browse the file system for location of the settings file (*.dlf).
Rebooting the Router This feature allows you to reboot the router in the event of a system hang up or other disruption to the network. To view the Reset settings, click Tools then select Reset. Click Apply to reset the device.
Appendix 132
Wall Mounting The Router The following are instructions if you choose to mount the router on a wall. Note: Choose a location that is within reach of an electrical outlet for the AC adapter and the DSL or Cable modem. To mount the device on the wall do the following: 1. Measure the distance from the middle of each mounting screw hole. 2. Mark the locations of the screw holes on the wall. 3. Drill a hole for each marked location and insert a screw in each.
Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
Europe – EU Declaration of Conformity This device complies with the essential requirements of the R&TTE Directive 1999/5/EC.
In Italy the end-user should apply for a license at the national spectrum authorities in order to obtain authorization to use the device for setting up outdoor radio links and/or for supplying public access to telecommunications and/or network services. This device may not be used for setting up outdoor radio links in France and in some areas the RF output power may be limited to 10 mW EIRP in the frequency range of 2454 – 2483.5 MHz.
Malti [Maltese] Magyar [Hungarian] Polski [Polish] Português [Portuguese] Slovensko [Slovenian] Slovensky [Slovak] Suomi [Finnish] Svenska [Swedish] Hawnhekk, [isem tal-manifattur], jiddikjara li dan [il-mudel tal-prodott] jikkonforma mal-ħtiġijiet essenzjali u ma provvedimenti oħrajn relevanti li hemm fid-Dirrettiva 1999/5/EC. Alulírott, [gyártó neve] nyilatkozom, hogy a [... típus] megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak.
Industry Canada statement This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. Ce dispositif est conforme à la norme CNR-210 d’Industrie Canada applicable aux appareils radio exempts de licence.
