Easy, Reliable & Secure N300 WiFi ADSL2+ Modem Router (N300RM) User M anual 350 East Plumeria Drive San Jose, CA 95134 USA December 2012 202-11208-01 v1.
N300 WiFi ADSL2+ Modem Router (N300RM) Trademarks Brand and product names are trademarks or registered trademarks of their respective holders. Information is subject to change without notice. In the interest of improving internal design, operational function, and/or reliability, On Networks reserves the right to make changes to the products described in this document without notice.
Contents Chapter 1 Hardware Setup Unpack Your Modem Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Position Your Modem Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Hardware Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Back Panel . . . . . . . . . . . . . . . . . . . . . . . .
N300 WiFi ADSL2+ Modem Router (N300RM) Consider Every Device on Your Network . . . . . . . . . . . . . . . . . . . . . . . . 31 View or Change Wireless Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Wireless Settings Screen Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Change WPA Security Option and Passphrase . . . . . . . . . . . . . . . . . . . 32 Guest Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
N300 WiFi ADSL2+ Modem Router (N300RM) Wireless Settings and Guest Network (2.4GHz). . . . . . . . . . . . . . . . . . .66 View Attached Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Chapter 6 Advanced Settings Advanced Wireless Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
N300 WiFi ADSL2+ Modem Router (N300RM) Appendix A Supplemental Information Factory Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Technical Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1. Hardware Setup Get ting to know your mo dem router 1 The N300 WiFi ADSL2+ Modem Router (N300RM) provides you with an easy and secure way to set up a wireless home network with fast access to the Internet over a high-speed digital subscriber line (DSL). The modem router has a built-in DSL modem and is compatible with all major DSL Internet service providers.
N300 WiFi ADSL2+ Modem Router (N300RM) Unpack Your Modem Router Open the box and remove the modem router, cables, and installation guide. The filter or splitter provided depends on the region. Filter/splitter Power adapter N300 Modem Router Ethernet cable Phone cable Figure 1. Check the package contents If any parts are incorrect, missing, or damaged, contact your On Networks dealer. Keep the carton and original packing materials in case you need to return the product for repair.
N300 WiFi ADSL2+ Modem Router (N300RM) Hardware Features Before you cable your modem router, take a moment to become familiar with the front, side, and back panels and the label. Pay particular attention to the LEDs on the front panel. Front Panel The modem router front panel has two buttons and status LEDs. WPS Wireless Internet ADSL Ethernet Power Figure 2. Modem router front panel Table 1.
N300 WiFi ADSL2+ Modem Router (N300RM) Table 1. Button and LED descriptions (continued) Icon ADSL Description • • • Ethernet (1-4) Power/ Check Solid green. You have a DSL connection. In technical terms, the DSL port is synchronized with an ISP’s network-access device. Blinking green. The modem router is negotiating the best possible speed on the DSL line. Off. The unit is off or there is no DSL link established. • Solid green.
N300 WiFi ADSL2+ Modem Router (N300RM) Reset Button on the Side Panel You can use the Reset button to return the modem router to its factory settings. Reset button To reset the modem router: Use a pin or paper clip to press and hold the Reset button for at least 7 seconds. For information about the factory settings, see Factory Settings on page 103. Label The label on the bottom of the modem router shows the preset WiFi network name and password, login information, MAC address, and serial number.
N300 WiFi ADSL2+ Modem Router (N300RM) ADSL Microfilters The first time you cable a wireless modem between a DSL phone line and your computer or laptop, you might not be familiar with ADSL microfilters. If you are, you can skip this section and proceed to Cable Your Modem Router on page 13. An ADSL microfilter is a small inline device that filters DSL interference out of standard phone equipment that shares the same line with your DSL service.
N300 WiFi ADSL2+ Modem Router (N300RM) Two-Line ADSL Microfilter Use an ADSL microfilter with a built-in splitter when there is a single wall outlet that provides connectivity for both the modem router and your telephone equipment. To use a two-line ADSL microfilter: 1. Plug the ADSL microfilter into the DSL outlet on the wall. 2. Plug your phone equipment into the jack labeled Phone. 3. Plug the wireless modem modem into the jack labeled ADSL. Plugs into the DSL line Figure 6.
N300 WiFi ADSL2+ Modem Router (N300RM) 3. Connect the ADSL port of the modem router to the ADSL port of the filter/splitter. If your modem router and telephone connect to the same phone line, use an ADSL filter/splitter for every phone line in the house. 4. Add power to the modem router. a. Connect the power adapter to the router, and plug the power adapter into an outlet. b. Wait for the Wireless LED on the front panel to light.
N300 WiFi ADSL2+ Modem Router (N300RM) 5. Connect a computer. You can use an Ethernet cable or connect wirelessly. • Use the yellow Ethernet cable to connect your computer to an Ethernet port on your modem. • Or connect wirelessly by using the preset wireless security settings on the label on the bottom of the router. 6. Open a browser. The first time that you connect to your modem, the browser automatically displays a modem routerscreen to help you set up your Internet connection.
N300 WiFi ADSL2+ Modem Router (N300RM) Tips for Connecting to the Modem Router If the browser cannot display the web page: • Make sure that the computer is connected to one of the four LAN Ethernet ports or wirelessly to the modem router. • Make sure that the modem has full power, and that its Wireless LED is lit. • Close and reopen the browser to make sure that the browser does not cache the previous page. • Browse to http://www.mywifirouter.com (or http://192.168.0.1/index.htm).
2. Getting Started 2 Accessing your modem This chapter explains how to access and set up your modem router after you complete cabling as described in the installation guide and in the previous chapter.
N300 WiFi ADSL2+ Modem Router (N300RM) Modem Router Setup Preparation Before you start the setup process, get your ISP information and make sure the computers and devices in the network have the settings described here. Use Standard TCP/IP Properties for DHCP If you set up your computer to use a static IP address, change the settings so that it uses Dynamic Host Configuration Protocol (DHCP).
N300 WiFi ADSL2+ Modem Router (N300RM) Log In to the Modem Router The first time that you connect to the modem router, the installation screen displays. After initial setup, you can log in to the modem router to view or change its settings. To log in: 1. With an Internet browser, browse to http://www.mywifirouter.com (or http://192.168.0.1/index.htm). 2. Enter admin for the user name and admin for the password, both in lowercase letters.
N300 WiFi ADSL2+ Modem Router (N300RM) Unsuccessful Login Do the following if you do not see the login prompt: 1. Check the LEDs on the front of the modem router to make sure that the modem router is plugged in, its power is on, and the Ethernet cable between your computer and the modem router is connected to a LAN port. 2. If you connected the Ethernet cable and quickly launched your browser and typed in the modem router URL, your computer might need a minute or two to recognize the LAN connection.
N300 WiFi ADSL2+ Modem Router (N300RM) Home Screen (Dashboard) The modem router interface lets you view or change the modem router settings. The left column has menus. The main screen is the currently selected menu option. Language Figure 7. Dashboard (Home screen) • EZ Setup Wizard. Specify the language and location, and automatically detect the Internet connection. See EZ Setup Wizard on page 22. • WPS Setup. Join the secure WiFi network without typing the password.
N300 WiFi ADSL2+ Modem Router (N300RM) EZ Setup Wizard You can log in to the modem router and use EZ Setup to set up your Internet connection. To use the EZ Setup wizard: 1. From the top of the modem router menu, select EZ Setup to display the following screen: 2. Select either Yes or No, I want to configure the router myself. If you select No, proceed to Internet Setup (Basic Settings) on page 26. 3. If you selected Yes, click Next.
N300 WiFi ADSL2+ Modem Router (N300RM) Join Your Wireless Network Choose either the WPS method or the manual method to join your wireless network. WPS Method Wi-Fi Protected Setup (WPS) lets you connect to a secure WiFi network without typing its password. Instead, you press a button or enter a PIN. Some older WiFi equipment is not compatible with WPS. WPS works only with WPA2 or WPA wireless security. To use the WPS button on the modem router: 1. Press the WPS button on the front of the modem router.
N300 WiFi ADSL2+ Modem Router (N300RM) Manual Method With the manual method, select the network that you want, and type its password to connect. To connect manually: 1. On your computer or wireless device, open the software that manages your wireless connections. This software scans for all wireless networks in your area. 2. Look for your network and select it. The unique WiFi network name (SSID) and password are on the router label.
3.
N300 WiFi ADSL2+ Modem Router (N300RM) Internet Setup (Basic Settings) The Basic Settings screen displays when you select No. I want to configure the Router myself in the EZ Setup wizard and is also available from the modem router menu. It is where you view or change ISP information. The fields that display vary depending on whether your Internet connection requires a login. Note: Check that the country is set before proceeding with the manual setup. To manually set up the Internet connection: 1.
N300 WiFi ADSL2+ Modem Router (N300RM) 5. Click Apply to save your settings. 6. Click Test to test your Internet connection. If you are not able to connect within 1 minute, see Chapter 8, Troubleshooting. The following descriptions explain all of the possible fields in the Basic Settings screen. The fields that display in this screen depend on whether an ISP login is required. Does Your ISP Require a Login? Answer either yes or no.
N300 WiFi ADSL2+ Modem Router (N300RM) NAT (Network Address Translation). You can enable or disable NAT. If you disable NAT, you can also disable the firewall. The firewall cannot be disabled when NAT is enabled. Secured NAT provides a secured firewall to protect the computers on the LAN from attacks from the Internet, but might prevent some Internet games, point-to-point applications, or multimedia applications from working.
N300 WiFi ADSL2+ Modem Router (N300RM) Preset Security The modem router comes with preset security. This means that the Wi-Fi network name (SSID), passphrase, and security option (encryption protocol) are preset in the factory. You can find the preset SSID and passphrase on the bottom of the unit. • WiFi Network Name (SSID) identifies your network so devices can find it. • WiFi Network Password (Network Key) controls access to your network.
N300 WiFi ADSL2+ Modem Router (N300RM) Note: Turning off SSID broadcast nullifies the wireless network discovery feature of some products such as Windows XP, but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers. If you allow the broadcast, be sure to keep wireless security enabled.
N300 WiFi ADSL2+ Modem Router (N300RM) Consider Every Device on Your Network Before you begin, check the following: • Every wireless computer has to be able to obtain an IP address by DHCP from the modem router as described in Use Standard TCP/IP Properties for DHCP on page 18. • Each computer or wireless adapter in your network must have the same SSID and wireless mode (bandwidth and data rate) as the modem router.
N300 WiFi ADSL2+ Modem Router (N300RM) a. Use your wireless computer or device to join your network. When prompted, enter the network password. b. From the wirelessly connected computer, make sure that you can access the Internet. Wireless Settings Screen Fields • Enable SSID Broadcast. This setting allows the modem router to broadcast its SSID so that a wireless station can display this wireless name (SSID) in its scanned network list. This check box is selected by default.
N300 WiFi ADSL2+ Modem Router (N300RM) Guest Network You can set up a guest network to allow others to use your Internet connection. To set up a guest network: 1. Select Basic > Guest. 2. Select the check boxes and radio buttons to specify the settings for your guest network. The settings are similar to those in the Wireless Settings screen. See Wireless Setup on page 30. 3. Click Apply.
N300 WiFi ADSL2+ Modem Router (N300RM) • Disable Port Scan and DoS Protection. DoS protection protects your LAN against denial of service attacks such as Syn flood, Smurf Attack, Ping of Death, Teardrop Attack, UDP Flood, ARP Attack, Spoofing ICMP, Null Scan, and many others. This should be disabled only in special circumstances. • Default DMZ Server. This feature is sometimes helpful when you are playing online games or videoconferencing.
N300 WiFi ADSL2+ Modem Router (N300RM) The router usually detects and discards incoming traffic from the Internet that is not a response to one of your local computers or a service that you have configured in the Port Forwarding/Port Triggering screen. Instead of discarding this traffic, you can have the router forward the traffic to one computer on your network. This computer is called the default DMZ server. To set up a default DMZ server: 1.
N300 WiFi ADSL2+ Modem Router (N300RM) until the problem goes away. The following table describes common MTU sizes and applications. Table 2. Common MTU sizes MTU Application 1500 The largest Ethernet packet size and the default value. This setting is typical for connections that do not use PPPoE or VPN, and is the default value for On Networks modem routers, adapters, and switches. 1492 Used in PPPoE environments. 1472 Maximum size to use for pinging. (Larger packets are fragmented.
N300 WiFi ADSL2+ Modem Router (N300RM) To change the LAN settings: 1. Select Setup > LAN Setup to display the following screen: 2. Enter the settings that you want to customize. These settings are described in the following section, LAN TCP/IP Setup. 3. Click Apply to save your changes. LAN TCP/IP Setup • IP Address. The LAN IP address of the modem router. • IP Subnet Mask. The LAN subnet mask of the modem router.
N300 WiFi ADSL2+ Modem Router (N300RM) Use Router as a DHCP Server This check box is selected by default so that the modem router functions as a Dynamic Host Configuration Protocol (DHCP) server. • Starting IP Address. Specify the start of the range for the pool of IP addresses in the same subnet as the modem router. • Ending IP Address. Specify the end of the range for the pool of IP addresses in the same subnet as the modem router.
N300 WiFi ADSL2+ Modem Router (N300RM) Address Reservation When you specify a reserved IP address for a computer on the LAN, that computer always receives the same IP address each time it accesses the modem router’s DHCP server. Assign reserved IP addresses to computers or servers that require permanent IP settings. To reserve an IP address: 1. In the Address Reservation section of the screen, click the Add button. 2. In the IP Address field, type the IP address to assign to the computer or server.
N300 WiFi ADSL2+ Modem Router (N300RM) video, best effort, and background. For an application to receive the benefits of WMM QoS, both it and the client running that application have to have WMM enabled. Legacy applications that do not support WMM and applications that do not require QoS, are assigned to the best effort category, which receives a lower priority than voice and video. WMM QoS is enabled by default.
N300 WiFi ADSL2+ Modem Router (N300RM) You can edit or delete a rule by selecting its radio button and clicking either the Edit or Delete button. You can also delete all of the rules by simply clicking the Delete All button. 3. To add a priority rule, scroll down to the bottom of the QoS Setup screen and click Add Priority Rule to display the following screen: 4. In the QoS Policy for field, type the name of the application or game. 5.
N300 WiFi ADSL2+ Modem Router (N300RM) QoS for a MAC Address To create a QoS policy for traffic from a specific MAC address: 1. Select QoS Setup and click the Setup QoS Rule button. The QoS Setup screen displays. 2. Click Add Priority Rule. 3. From the Priority Category list, select MAC Address: 4. If the device is the MAC Device List, select its radio button. The information from the MAC Device List populates the policy name, MAC Address, and Device Name fields.
4. Security Settings S e cu rit y tab (firewall) details 4 You can customize many of the firewall settings based on your needs.
N300 WiFi ADSL2+ Modem Router (N300RM) Firewall Rules to Control Network Access Your modem router has a firewall that blocks unauthorized access to your wireless network and permits authorized inbound and outbound communications. Authorized communications are established according to inbound and outbound rules. The firewall has the following two default rules. You can create custom rules to further restrict the outbound communications or more widely open the inbound communications: • Inbound.
N300 WiFi ADSL2+ Modem Router (N300RM) Block Internet Sites Use keyword blocking to prevent certain types of HTTP traffic from accessing your network. The blocking can be always or according to a schedule. To block traffic: 1. Select Security > Block Sites. 2. Select one of the keyword blocking options: • Per Schedule. Turn on keyword blocking according to the Schedule screen settings. • Always. Turn on keyword blocking all the time, independent of the Schedule screen. 3.
N300 WiFi ADSL2+ Modem Router (N300RM) Firewall Rules to Control Network Access The firewall has these default rules. • Inbound. Block all access from outside except responses to requests from the LAN side. • Outbound. Allow all access from the LAN side to the outside. Set Up Firewall Rules You can create custom rules to further restrict the outbound communications or more widely open the inbound communications.
N300 WiFi ADSL2+ Modem Router (N300RM) Set the Time Zone The modem router uses the Network Time Protocol (NTP) to obtain the current time and date from one of several network time servers on the Internet. To set the time zone: 1. Select Security > Schedule. 2. Select your time zone. This setting determines the blocking schedule and time-stamping of log entries. 3. If your time zone uses daylight savings time, select the Automatically adjust for daylight savings time check box. 4.
N300 WiFi ADSL2+ Modem Router (N300RM) Schedule Blocking and Services If you enabled service blocking in the Block Services screen or port forwarding in the Ports screen, you can set up a schedule for when blocking occurs or when access is not restricted. To schedule services: 1. Select Security > Schedule. 2. To block Internet services based on a schedule, select Every Day or select one or more days. 3. If you want to limit access completely for the selected days, select All Day.
N300 WiFi ADSL2+ Modem Router (N300RM) Set Up Email Alerts To receive logs and alerts by email, provide your email information in the E-mail screen and specify which alerts you want to receive and how often. Select Security > Email to display the following screen: Figure 8. E-Mail screen • Turn E-mail Notification On. Select this check box if you want to receive email logs and alerts from the modem router. • Send to This E-mail Address. Enter the email address where you want logs and alerts sent.
N300 WiFi ADSL2+ Modem Router (N300RM) - Time. Specify the time of day to send the log. This is relevant when the log is sent daily or weekly. Note: If the Weekly, Daily, or Hourly option is selected and the log fills up before the specified period, the log is automatically emailed to the specified email address. After the log is sent, it is cleared from the modem router’s memory. If the modem router cannot email the log file, the log buffer might fill up.
N300 WiFi ADSL2+ Modem Router (N300RM) Destination port number. 80, which is the standard port number for a web server process. 3. Your modem router creates an entry in its internal session table describing this communication session between your computer and the web server at www.example.com. Before sending the web page request message to www.example.
N300 WiFi ADSL2+ Modem Router (N300RM) Port Triggering to Open Incoming Ports In the preceding example, requests are sent to a remote computer by your modem router from a service port with a particular number. Replies from the remote computer to your modem router are directed to that port. If the remote server sends a reply to a different port, your modem router does not recognize it and discards it. However, some application servers (such as FTP and IRC servers) send replies to multiple ports.
N300 WiFi ADSL2+ Modem Router (N300RM) inbound ports. You can usually determine this information by contacting the publisher of the application or user groups or newsgroups. Note: Only one computer at a time can use the triggered application. Port Forwarding to Permit External Host Communications In both of the preceding examples, your computer initiates an application session with a server computer on the Internet.
N300 WiFi ADSL2+ Modem Router (N300RM) To configure port forwarding, you need to know which inbound ports the application needs. You usually can determine this information by contacting the publisher of the application or the relevant user groups and newsgroups.
N300 WiFi ADSL2+ Modem Router (N300RM) 1. Select Advanced > Port Forwarding/Port Triggering to display the following screen: Port Forwarding is selected as the service type. 2. From the Service Name list, select the service or game that you will host on your network. If the service does not appear in the list, see Add a Custom Service on page 55. 3. Click Add. The service appears in the list in the screen.
N300 WiFi ADSL2+ Modem Router (N300RM) Edit or Delete a Port Forwarding Entry To edit or delete a port forwarding entry: 1. In the table, select the radio button next to the service name. 2. Click Edit Service or Delete Service. Application Example: Making a Local Web Server Public If you host a web server on your local network, you can use port forwarding to allow web requests from anyone on the Internet to reach your web server. To make a local web server public: 1.
N300 WiFi ADSL2+ Modem Router (N300RM) Note: If you use applications such as multiplayer gaming, peer-to-peer connections, real-time communications such as instant messaging, or remote assistance (a feature in Windows XP), you should also enable Universal Plug and Play (UPnP) according to the instructions in Universal Plug and Play on page 79.
N300 WiFi ADSL2+ Modem Router (N300RM) 5. Click Add Service to display the following screen: 6. In the Service Name field, type a descriptive service name. 7. In the Service User list, select Any (the default) to allow this service to be used by any computer on the Internet. Otherwise, select Single address and enter the IP address of one computer to restrict the service to a particular computer. 8. Select the service type, either TCP or UDP or both (TCP/UDP). If you are not sure, select TCP/UDP. 9.
5.
N300 WiFi ADSL2+ Modem Router (N300RM) Upgrade the Modem Router Firmware The modem router firmware (routing software) is stored in flash memory. By default, when you log in to your modem router, it checks the On Networks website for new firmware and alerts you if there is a newer version. WARNING: When uploading firmware to the modem router, do not interrupt the web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it could corrupt the firmware.
N300 WiFi ADSL2+ Modem Router (N300RM) Check for Firmware Upgrades You can use the Firmware Upgrade screen to manually check the On Networks website for newer versions of firmware for your product. WARNING: When uploading firmware to the modem router, do not interrupt the web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it could corrupt the firmware. 1. Select Management > Firmware Update. 2.
N300 WiFi ADSL2+ Modem Router (N300RM) Back Up To back up the configuration file: 1. Select Management > Backup Settings to display the following screen: 2. Click Save to save a copy of the current settings. 3. Choose a location to store the .cfg file that is on a computer on your network. Restore To restore the configuration file: 1. Enter the full path to the file on your network or click the Browse button to find the file. 2. When you have located the .
N300 WiFi ADSL2+ Modem Router (N300RM) To change the password: 1. Select Management > Set Password to display the following screen. 2. Enter the old password. 3. Enter the new password twice. 4. Click Apply to save your changes. After changing the password, you are required to log in again to continue the configuration. If you have backed up the modem router settings previously, you should do a new backup so that the saved settings file includes the new password.
N300 WiFi ADSL2+ Modem Router (N300RM) View Router Status The Router Status screen provides status and usage information. To view the router status: Select Management > Router Status to display this screen. The following information is displayed: Router Information Hardware and Firmware Version. The model of the hardware and the currently running firmware version. GUI Language Version. The currently selected language. LAN Port (Local Ports) MAC Address. The modem router LAN port Ethernet MAC address.
N300 WiFi ADSL2+ Modem Router (N300RM) Active Connection. The value depends on your ISP. IP Subnet Mask. The Internet port IP subnet mask. Domain Name Server. The modem router DNS server IP addresses. These addresses are usually obtained dynamically from the ISP. Show Statistics Click the Show Statistics button on the Router Status screen to display a screen similar to the following: Port The statistics for the WAN (Internet), LAN (local), and wireless LAN (WLAN) ports.
N300 WiFi ADSL2+ Modem Router (N300RM) • Poll Interval. The interval at which the statistics are updated in this window. Click the Stop button to freeze the display. Connection Status In the Router Status screen, click the Connection Status button: • Connection Time. The time elapsed since the last connection to the Internet through the Internet port. • Connection Status. The connection status. • Negotiation. On or Off. • Authentication. On or Off. • IP Address.
N300 WiFi ADSL2+ Modem Router (N300RM) View Attached Devices The Attached Devices screen shows all IP devices that the modem router has discovered on the local network. To view attached devices: Select Management > Attached Devices. For each device, the table shows the IP address, the device name if available, and the Ethernet MAC address. If the modem router is rebooted, the table data is lost until the modem router rediscovers the devices.
N300 WiFi ADSL2+ Modem Router (N300RM) The Include in Log check boxes allow you to select which events are logged. You can write the logs to a computer running a syslog program. To activate this feature, select Broadcast on LAN, or enter the IP address of the server where the syslog file will be written. The security log entries include the following information: • Date and time. The date and time the log entry was recorded. • Description or action. The type of event and what action was taken, if any.
6. Advanced Settings Advanced tab set tings for un ique s it uat ion s 6 This chapter describes the advanced features of your modem router. The information is for readers with advanced networking knowledge who want to set the modem router up for unique situations such as when remote access from the Internet by IP or domain name is needed. Note: For information about port forwarding and port triggering, see Chapter 4, Security Settings.
N300 WiFi ADSL2+ Modem Router (N300RM) Advanced Wireless Settings By default, the modem router is set up with wireless settings that work in most situations. You can use this screen to control the wireless router radio and select advanced settings that specifically fit your environment. To view or change the advanced wireless settings: Select Advanced > Wireless Settings to display the following screen: The following settings are available in this screen: Enable Wireless Router Radio.
N300 WiFi ADSL2+ Modem Router (N300RM) Restrict Wireless Access by MAC Address You can set up a list of computers and wireless devices that are allowed to join the wireless network. This list is based on the unique MAC address of each computer and device. Each network device has a MAC address, which is a unique 12-character physical address, containing the hexadecimal characters 0–9, a–f, or A–F only, and separated by colons (for example, 00:09:AB:CD:EF:01).
N300 WiFi ADSL2+ Modem Router (N300RM) 4. Click Add to add this wireless device to the Wireless Card Access List. The screen changes back to the list screen. 5. Add each computer or device you want to allow to connect wirelessly. 6. Select the Turn Access Control On check box. 7. Click Apply. Wireless Repeating (WDS) You can set the modem router up to be used as a wireless access point (AP). Doing this enables the modem router to act as a wireless repeater.
N300 WiFi ADSL2+ Modem Router (N300RM) Wireless repeater. The modem router sends all traffic from its local wireless or wired computers to a remote access point. To configure this mode, you have to know the MAC address of the remote parent access point. The modem router is always in dual-band concurrent mode, unless you turn off one radio. If you enable the wireless repeater in either radio band, the wireless base station or wireless repeater cannot be enabled in the other radio band.
N300 WiFi ADSL2+ Modem Router (N300RM) • Wireless MAC of this router. This field displays the MAC address for your modem router for your reference. You will need to enter this MAC address in the corresponding Wireless Repeating Function screen of the other access point you are using. • Wireless Repeater. If your modem router is the repeater, select this radio button. Repeater IP Address. If your modem router is the repeater, enter the IP address of the other access point. Base Station MAC Address.
N300 WiFi ADSL2+ Modem Router (N300RM) Set Up a Repeater Unit Use a wired Ethernet connection to set up the repeater unit to avoid conflicts with the wireless connection to the base station. Note: If you are using the N300RM base station with a different router product as the repeater, you might need to change additional configuration settings. In particular, you should disable the DHCP server function on the wireless repeater AP. To configure the modem router as a repeater unit: 1.
N300 WiFi ADSL2+ Modem Router (N300RM) name is hostname, for example, you can reach your modem router at http://hostname.dyndns.org. To set up Dynamic DNS: 1. Register for an account with one of the Dynamic DNS service providers whose URLs appear in the Service Provider list. 2. Select Advanced > Dynamic DNS. 3. Select the Use a Dynamic DNS Service check box. 4. Select the URL of your Dynamic DNS service provider. For example, for DynDNS.org, select www.dyndns.org. 5.
N300 WiFi ADSL2+ Modem Router (N300RM) In this case you have to define a static route, telling your modem router to access 134.177.0.0 through the ISDN modem router at 192.168.0.100. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. • The Gateway IP Address field specifies that all traffic for these addresses should be forwarded to the ISDN modem router at 192.168.0.100.
N300 WiFi ADSL2+ Modem Router (N300RM) Remote Management The remote management feature lets you upgrade or check the status of your N300RM Modem Router over the Internet. To set up remote management: 1. Select Advanced > Remote Management. Note: Be sure to change the modem router’s default login password to a secure password. The ideal password contains no dictionary words from any language and contains upper-case and lower-case letters, numbers, and symbols. It can be up to 30 characters. 2.
N300 WiFi ADSL2+ Modem Router (N300RM) 4. Specify the port number for accessing the web management interface. Normal web browser access uses the standard HTTP service port 80. For greater security, enter a custom port number for the remote web management interface. Choose a number from 1024 to 65535, but do not use the number of any common service port. The default is 8080, which is a common alternate for HTTP. 5. Click Apply to have your changes take effect. 6.
N300 WiFi ADSL2+ Modem Router (N300RM) Advertisement Time to Live. The time to live for the advertisement is measured in hops (steps) for each UPnP packet sent. The time to live hop count is the number of steps a broadcast packet is allowed to propagate for each UPnP advertisement before it disappears. The number of hops can range from 1 to 255. The default value for the advertisement time to live is 4 hops, which is fine for most home networks.
7.
N300 WiFi ADSL2+ Modem Router (N300RM) Set Up a Gateway-to-Gateway VPN Configuration Two common scenarios for VPN tunnels are between a remote computer and a network gateway, and between two or more network gateways. Gateway-to-gateway VPN tunnels provide secure access between networks, such as a branch or home office and a main office. A VPN between two or more VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet.
N300 WiFi ADSL2+ Modem Router (N300RM) VPN Wizard The VPN Wizard automates many of the steps in setting up a VPN tunnel. If you do not want to use the VPN Wizard or its default settings are not appropriate for your circumstances, use one of these alternatives: • Auto Policy. Auto Policy uses the IKE protocol to define the authentication scheme and automatically generate the encryption keys. See Use Auto Policy to Configure VPN Tunnels on page 88. • Manual Policy.
N300 WiFi ADSL2+ Modem Router (N300RM) 6. Specify the local LAN address and subnet mask, and click Next. The VPN Wizard Summary screen displays: 7. Click Done. The VPN Policies screen displays, showing that the new tunnel is enabled. 8. Repeat these steps for the second gateway, and pay special attention to the following network settings: • WAN IP address of the remote VPN gateway (for example, 14.15.16.17) • LAN IP settings of the remote VPN gateway: - IP address (for example, 192.168.0.
N300 WiFi ADSL2+ Modem Router (N300RM) Activate the VPN Tunnel There are three ways to activate theVPN tunnel: • Use the VPN Status screen. • Ping the remote endpoint. • Start using the VPN tunnel. To activate the VPN tunnel from the VPN Status screen: 1. Select Advanced > VPN Status. 2. Click the VPN Status button to display the Current VPN Tunnels (SAs) screen: 3. Click Connect for the VPN tunnel that you want to activate. View the VPN Status/Log screen to verify that the tunnel is connected.
N300 WiFi ADSL2+ Modem Router (N300RM) Verify the Status of a VPN Tunnel The VPN Status screen includes a log that shows the details of recent VPN activity, including the building of the VPN tunnel. If there is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the problem. To check the VPN tunnel status: 1. Select Advanced > VPN Status. You can click Refresh to see the most recent entries, and you can click Clear Log to delete all log entries. 2.
N300 WiFi ADSL2+ Modem Router (N300RM) To use the Policy Table to deactivate a VPN tunnel: 1. Select Advanced > VPN Policies. 2. In the Policy Table, clear the Enable check box for the VPN tunnel that you want to deactivate. 3. Click Apply. To reactivate the tunnel, select the Enable check box, and then click Apply. To use the VPN Status screen to deactivate a VPN tunnel: 1. Advanced > VPN Status. 2. Click the VPN Status button. 3. Click Drop for the VPN tunnel that you want to deactivate.
N300 WiFi ADSL2+ Modem Router (N300RM) Use Auto Policy to Configure VPN Tunnels You need to configure matching VPN settings on both VPN endpoints. The outbound VPN settings on one end have to match to the inbound VPN settings on other end, and vice versa. All VPN tunnels on the modem router require that you configure several network parameters. This section describes those parameters and how to access them. The most common configuration scenarios use IKE to manage the authentication and encryption keys.
N300 WiFi ADSL2+ Modem Router (N300RM) • IKE Keep Alive. If you want to ensure that a connection is kept open, or, if that is not possible, that it is quickly re-established when a connection is lost select this check box. The ping IP address has to be associated with the remote endpoint. You have to use the remote LAN address. This IP address will be pinged periodically to generate traffic for the VPN tunnel.
N300 WiFi ADSL2+ Modem Router (N300RM) - Initiator and Responder. Both incoming and outgoing connections are allowed. • Exchange Mode. Ensure that the remote VPN endpoint is set to use Main mode. • Diffie-Hellman (DH) Group. The Diffie-Hellman algorithm is used when keys are exchanged. The DH Group setting determines the bit size used in the exchange. This value needs to match the value used on the remote VPN gateway. • Local Identity Type.
N300 WiFi ADSL2+ Modem Router (N300RM) • Enable IPSec PFS (Perfect Forward Secrecy). If this check box is selected, security is enhanced by ensuring that the key is changed at regular intervals. Also, even if one key is broken, subsequent keys are no easier to break. (Each key has no relationship to the previous key.) This setting applies to both IKE and IPSec SAs. When configuring the remote endpoint to match this setting, you might have to specify the key group used.
N300 WiFi ADSL2+ Modem Router (N300RM) If the remote endpoint has a dynamic IP address, select Dynamic IP Address. No address data input is required. You can set up multiple remote dynamic IP policies, but only one such policy can be enabled at a time. Otherwise, select an option (IP address or domain name) and enter the address of the remote VPN endpoint to which you want to connect.
N300 WiFi ADSL2+ Modem Router (N300RM) match the out setting on the remote VPN endpoint, and the out setting here has to match the in setting on the remote VPN endpoint. • • Encryption. Select an encryption algorithm, and enter the key in the field provided. For 3DES, the keys should be 24 ASCII characters, and for DES, the keys should be 8 ASCII characters. - DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56-bit key.
8. Troubleshooting Diag nose and solve problem s This chapter provides information about troubleshooting your N300 WiFi ADSL2+ Modem Router (N300RM). After each problem description, instructions are provided to help you diagnose and solve the problem. Tip: On Networks provides helpful articles, documentation, and the latest software updates at http://www.on-networks.com/support.
N300 WiFi ADSL2+ Modem Router (N300RM) Troubleshoot with the LEDs When you turn on the power, the Power, Ethernet, and ADSL LEDs light as described here. If they do not, refer to the sections that follow for help. To check the LEDs: 1. When power is first applied, the Power LED lights. 2. After approximately 10 seconds, the LAN and DSL LEDs light as follows: a. The Ethernet port LEDs light for any local ports that are connected. b.
N300 WiFi ADSL2+ Modem Router (N300RM) If the Power LED turns red to indicate a modem router fault, turn the power off and on to see if the modem router recovers. If the Power LED is still red 1 minute after power-up: • Turn the power off and on one more time to see if the modem router recovers. • Clear the modem router’s configuration to factory defaults as explained in Factory Settings on page 103. Clearing the configuration sets the modem router IP address to 192.168.0.1.
N300 WiFi ADSL2+ Modem Router (N300RM) Troubleshoot the Internet Connection If your modem router is unable to access the Internet, check the ADSL connection, then the WAN TCP/IP connection. ADSL Link If your modem router is unable to access the Internet, first determine whether you have an ADSL link with the service provider. The state of this connection is indicated with the ADSL LED. ADSL Link LED Is Green If your ADSL link LED is green, then you have a good ADSL connection.
N300 WiFi ADSL2+ Modem Router (N300RM) Internet LED Is Red If the Internet LED is red, the device was unable to connect to the Internet. Verify the following: • Check that your login credentials are correct, or that the information you entered on the Basic Settings screen is correct. • Check with your ISP to verify that the multiplexing method, VPI, and VCI settings on the ADSL Settings screen are correct.
N300 WiFi ADSL2+ Modem Router (N300RM) 3. If all of the steps indicate OK, then your PPPoE or PPPoA connection is up and working. 4. If any of the steps indicates Failed, you can attempt to reconnect by clicking Connect. The modem router continues to attempt to connect indefinitely. If you cannot connect after several minutes, you might be using an incorrect service name, user name, or password. Also, there might be a provisioning problem with your ISP.
N300 WiFi ADSL2+ Modem Router (N300RM) ping 192.168.0.1 3. Click OK. You see a message like this one: Pinging with 32 bytes of data If the path is working, you see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly, you could have one of the following problems: • • Wrong physical connections - Make sure that the Ethernet port LED is lit.
N300 WiFi ADSL2+ Modem Router (N300RM) • Your ISP could be rejecting the Ethernet MAC addresses of all but one of your computers. Many broadband ISPs restrict access by allowing traffic only from the MAC address of your modem, but some additionally restrict access to the MAC address of a single computer connected to that modem. In this case, configure your modem router to clone or spoof the MAC address from the authorized computer.
A.
N300 WiFi ADSL2+ Modem Router (N300RM) Factory Settings You can return the modem router to its factory settings. Use the end of a paper clip or some other similar object to press and hold the Reset button for at least 7 seconds. Reset button Figure 10. Reset button The modem router resets, and returns to the factory settings, as shown in the following table. Table 4. Factory default settings Feature Router login Internet connection Local network (LAN) Default Behavior User login URL http://www.
N300 WiFi ADSL2+ Modem Router (N300RM) Table 4. Factory default settings (continued) Feature Default Behavior Local network DHCP starting IP address (LAN) continued DHCP ending IP address 192.168.0.2 Firewall Wireless 192.168.0.
N300 WiFi ADSL2+ Modem Router (N300RM) Technical Specifications Table 5. Technical specifications Feature Description Data and routing protocols TCP/IP, RIP-1, RIP-2, DHCP, PPPoE or PPPoA, RFC 1483 Bridged or Routed Ethernet, and RFC 1577 Classical IP over ATM AC plug is localized 110V-220V, 50/60 Hz, input Dimensions 200 x 113.4 x 86.2 mm (7.9 x 4.5 x 3.4 in.) Weight 0.2.85 kg (0.
B. Notification of Compliance Wireless Routers, G ateways, APs B Regulatory Compliance Information Note: This section includes user requirements for operating this product in accordance with National laws for usage of radio spectrum and operation of radio devices. Failure of the end-user to comply with the applicable requirements may result in unlawful operation and adverse action against the end-user by the applicable National regulatory authority.
N300 WiFi ADSL2+ Modem Router (N300RM) Español [Spanish] Por medio de la presente On Networks declara que el Radiolan cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE. Ελληνική [Greek] ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ On Networks ΔΗΛΩΝΕΙ ΟΤΙ Radiolan ΣΥΜΜΟΡΦΩΝΕΤΑΙ ΠΡΟΣ ΤΙΣ ΟΥΣΙΩΔΕΙΣ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙΣ ΛΟΙΠΕΣ ΣΧΕΤΙΚΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔΗΓΙΑΣ 1999/5/ΕΚ.
N300 WiFi ADSL2+ Modem Router (N300RM) Íslenska [Icelandic] Hér með lýsir On Networks yfir því að Radiolan er í samræmi við grunnkröfur og aðrar kröfur, sem gerðar eru í tilskipun 1999/5/EC. Norsk [Norwegian] On Networks erklærer herved at utstyret Radiolan er i samsvar med de grunnleggende krav og øvrige relevante krav i direktiv 1999/5/EF. This device is a 2.
N300 WiFi ADSL2+ Modem Router (N300RM) • For product available in the USA market, only channel 1~11 can be operated. Selection of other channels is not possible. • This device and its antenna(s) must not be co-located or operation in conjunction with any other antenna or transmitter.
