Page 21 / 52 Scroll up to view Page 16 - 20
38
Advanced Setup Method
Advanced Setup Method
39
section
2
1
3
4
5
6
7
Security
It is important to be aware of security issues, especially when using
wireless. You can configure your security settings on this page. Do
not change settings if are not sure what they are for, default settings
are normally fine.
If you are transmitting sensitive data across radio channels, you
should enable wireless security.
For a more secure network, the VoIP Router can implement one or a
combination of the following security mechanisms:
Disabled
WEP Only
WPA and/or WPA2
WPA and 802.1x *
* Using 802.1x security requires support to do so from your OS or
other third party radius server software, and is not recommended
unless you are familiar with setting up such systems.
Channels 1, 6, and 11, as the three non-overlapping channels in
the 2.4GHz range, are preferred. The available channel settings are
limited by local regulations. (Default Range: 1-13)
Access Control
Using the Access Control functionality, you can specify which PCs
can wirelessly connect to the access point. Each PC has a unique
identifier known as a Medium Access Control (MAC) address. With
MAC filtering enabled, only the computers whose MAC address you
have listed in the filtering table may connect to the VoIP Router.
See the description of the Access Control features below.
Parameter Description
Enable MAC Filtering:
Enable or disable the MAC filtering function.
Access Rule for registered MAC address:
When MAC filtering is
enabled, all registered MAC addresses are controlled by this Access
Rule.
MAC Filtering Table:
Enter the MAC addresses of the network card
you wish to allow or deny connection. (Up to 32 stations)
Page 22 / 52
40
Advanced Setup Method
Advanced Setup Method
41
section
2
1
3
4
5
6
7
Key Provisioning:
Select static key or dynamic key. (Default/
Recommended: Static)
Static WEP Key:
You may manually enter the keys or automatically
generate
Settings:
Encryption keys. To manually configure the keys, enter 10
digits for each 64-bit key, or enter 26 digits for the single 128-bit key.
(A hexadecimal digit is a number or letter in the range 0-9 or A-F.)
Default Key ID:
Select the default key. (Default/Recommended: 1)
Passphrase:
For automatic key generation, check the Passphrase
box, enter a Passphrase and click “SAVE SETTINGS”. When you
return to this screen the Passphrase will be gone and the single
128Bit or the 4 64Bit keys will be generated.
Key 1-4:
If you do not choose to use the Passphrase for automatic
key generation, you must manually enter four keys. For 64-bit
encryption, enter exactly 10 hex digits. For 128-bit encryption, enter
exactly 26 hex digits. (A hex digit is a number or letter in the range 0-
9 or A-F.)
Click “SAVE SETTINGS” to apply your settings.
WPA / WPA2
Wi-Fi Protected Access (WPA) combines Temporal Key Integrity
Protocol (TKIP) and 802.1x mechanisms. It provides dynamic key
encryption and 802.1x authentication service. With TKIP, WPA
uses 48-bit initialization vectors, calculates an 8-byte message
integrity code, and generates an encryption key periodically. For
authentication, it allows you to use 802.1x authentication for an
environment with a RADIUS server installed on your network.
Selecting the Pre-shared Key enables WPA to use the pre-shared key
in a SOHO network.
Security client support implementation considerations
WEP:
Built-in support on all 802.11b and 802.11g devices
WPA:
Requires WPA enabled system and network card driver (New
security which might not be supported by most wireless network cards)
WPA2:
Requires WPA2 enabled system and network card driver (New
security which might not be supported by most wireless network cards)
WEP
Wired Equivalent Privacy (WEP) encryption requires you to use the
same set of encryption/decryption keys for the router and all of your
wireless clients.
See the description of the Security features below.
Parameter Description
WEP Mode:
You can choose 64-bit or 128-bit encryption. (Default:
64Bit)
Key Entry Method:
You can choose HEX or ASCII (Default/
Recommended: HEX)
Page 23 / 52
42
Advanced Setup Method
Advanced Setup Method
43
section
2
1
3
4
5
6
7
NAT
From this section you can configure the Virtual Server, and Special
Application features that provide control over the TCP/ UDP port
openings in the router’s firewall. This section can be used to support
several Internet based applications such as web, email, FTP, and
Telnet.
NAT Settings
NAT allows one or more public IP addresses to be shared by multiple
internal users. Enter the Public IP address you wish to share into the
Global IP field. Enter a range of internal IPs that will share the global IP.
Enable or disable NAT module function:
Enable or disable the
function and then click “SAVE SETTINGS” to apply the change.
See the description of the WPA settings below.
Field Default Parameter Description
Cipher suite TKIP One of the security mechanisms used by WPA for
frame body and CRC frame encryption.
Authentication:
802.1x: It is for an enterprise network with a RADIUS server
installed.
Pre-shared Key: It is for a SOHO network without any
authentication server installed.
Pre-shared key type:
Passphrase:
Input 8~63 characters.
Hex:
Input 64 hexadecimal digits. (A hexadecimal digit is a
number or letter in the range 0-9 or A-F.)
Pre-shared Key:
Specify in Passphrase style or in 64-Hex characters.
Group Key Re-Keying:
The period of renewing broadcast/multicast
keys.
Page 24 / 52
44
Advanced Setup Method
Advanced Setup Method
45
section
2
1
3
4
5
6
7
Port Forwarding
Using this feature, you can put PCs with public IPs and PCs with
private IPs in the same LAN area.
If you configure the Port Forwarding settings, remote users accessing
services such as web or FTP at your local site via public IP addresses
can be automatically redirected to local servers configured with
private IP addresses. In other words, depending on the requested
service (TCP/UDP port number), the VoIP Router redirects the external
service request to the appropriate server (located at another internal
IP address).
For example, if you set Type/Public Port to TCP/80 (HTTP or web)
and the LAN IP Address/LAN Port to 10.1.1.2/80, then all HTTP
requests from outside users will be transferred to 10.1.1.2 on port
80. Therefore, by just entering the IP address provided by the ISP,
Internet users can access the service they need at the local address
to which you redirect them.
The more common TCP service ports include:
HTTP: 80, FTP: 21, Telnet: 23, and POP3: 110.
Address Mapping
Use Address Mapping to allow a limited number of public IP
addresses to be translated into multiple private IP addresses for use
on the internal LAN network. This also hides the internal network for
increased privacy and security.
Page 25 / 52
46
Advanced Setup Method
Advanced Setup Method
47
section
2
1
3
4
5
6
7
Note:
Choosing a row that already contains data will overwrite the
current settings.
Example:
ID
Trigger
Trigger
Public
Public
Comment
Port
Type
Port
Type
1
6112
UDP
6112
UDP
Battle.net
2
28800
TCP
2300-2400
TCP
MSN Game Zone
For a full list of ports and the services that run on them, see www.
iana.org/assignments/port-numbers.
NAT Mapping Table
Special Applications
Some applications, such as Internet gaming, video conferencing,
Internet telephony and others, require multiple connections. These
applications cannot work with Network Address Translation (NAT)
enabled. If you need to run applications that require multiple
connections, use the following screen to specify the additional public
ports to be opened for each application.
Specify the public port number normally associated with an
application in the Trigger Port field. Set the protocol type to TCP
or UDP, and then enter the ports that the application requires. The
ports may be in the format 7, 11, 57, or in a range, e.g., 72-96, or a
combination of both, e.g. 7, 11, 57, 72-96.
Popular applications requiring multiple ports are listed in the Popular
Applications field. From the drop-down list, choose the application
and then choose a row number to copy this data into.

Rate

4 / 5 based on 1 vote.

Popular iiNet Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top