Page 2: Table Of Contents
QUICK START BASIC SETUP ACCESSING THE ADMINISTRATION PAGES FIRST TIME SETUP WIZARD USING ENTERPRISE CLOUD MANAGER ADMINISTRATION PAGES QUICK LINKS DASHBOARD CONNECTION MANAGER WAN INTERFACE PROFILES & PRIORITY STATUS INTERNET CLIENT LIST TUNNELS FIREWALL ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 3 ZONE FIREWALL CONTENT FILTERING THREAT MANAGEMENT CERTIFICATE MANAGEMENT SYSTEM ADMINISTRATION ENTERPRISE CLOUD MANAGER DEVICE ALERTS SERIAL REDIRECTOR SNMP CONFIGURATION SYSTEM CONTROL DIAGNOSTICS SETUP WIZARDS APPENDIX SAFETY, REGULATORY, AND WARRANTY GUIDE ROUTER COMMUNICATION/DATA USAGE ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 4: Introduction
MAC Address Filtering WIFI • Dual-Band Dual-Concurrent (3×3 MIMO) • 802.11x (a, b, g, n, ac) • Up to 256 connected devices (128 per channel – 2.4 GHz and 5 GHz) • WPA2 Enterprise (WiFi) ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 5: Management
Advanced Security Mode (local user management only) • Per-Client Web Filtering • IP Filtering • Content Filtering (basic) • Website Filtering * - Native support for authentication. Authorization and accounting support through hotspot/captive portal services. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 6: Cloud Optimized Ip Communications
LAN TO WAN: 940 Mbps WAN TO LAN: 940 Mbps STATEFUL THROUGHPUT: 940 Mbps WIFI POWER (FCC): • 2.4 GHz band: 24.47 dBm • Lower 5 GHz band: 16.9 dBm • Upper 5 GHz band: 27.77 dBm ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 7: Accessories
BUSINESS-GRADE MODEM SPECIFICATIONS AER2100 LP6 models include an integrated LTE Advanced Category 6 4G LTE modem. The LP6 modems support SIM- Based Auto-Carrier selection so there is only one model for all of North America. Simply insert the SIM and wait for the router to automatically detect the SIM and establish a connection.
Page 8 Industry Standards & Certs: CE, FCC, GCF-CC, IC, PTCRB, AT&T, Sprint (pending certification), Verizon AER2100 LPE/LP3 models include an integrated 4G LTE modem (MC400); specific model names include a specific modem (e.g., the AER 2100LPE-VZ includes an MC400LPE-VZ modem for Verizon).
Page 9 Antennas: two SMA male (plug), 1 dBi (LTE), 2 dBi (Cellular/PCS) gain; finger tighten only (maximum torque spec is 7 kgf-cm) • GPS: active GPS support • Industry Standards & Certs: PTCRB, FCC, IC • Modem Part Number: MC400LPE ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 10: Hardware
One-year limited hardware warranty available in the US and Canada; two-year limited hardware warranty for integrated EU products when purchased from an authorized EU distributor – extend warranty to 2, 3, or 5 years. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
Page 11: Leds
ETHERNET WAN Indicates information about a data source connected to the Ethernet WAN port. • Blue = Connected to an active Ethernet WAN interface. WiFi BROADCAST (only on AER2100) These two LEDs indicate activity on the WiFi broadcast 2.4GHz 5GHz for both the 2.4 GHz and 5 GHz bands.
Page 12: Quick Start
BASIC SETUP 1. Insert an activated SIM A wireless broadband data plan must be added to your Cradlepoint AER2100. Wireless broadband data plans are available from wireless carriers such as Verizon, AT&T, Sprint, EE, and Vodafone. The SIM must be provisioned with the carrier.
Page 13 WiFi, you will need to input the DEFAULT PASSWORD when prompted. The DEFAULT PASSWORD is provided on the product label found on the bottom of your router. NOTE: The product label below is an example only: your DEFAULT PASSWORD and SSID will be unique. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 14: Accessing The Administration Pages
When you log in for the first time, you will be automatically directed to the FIRST TIME SETUP WIZARD, which will walk you through the steps to customize your Cradlepoint AER2100. You have the ability to configure any of the following: •...
Page 15: Using Enterprise Cloud Manager
“Register”. Once you have registered your device, go to cradlepointecm.com and log in using your ECM credentials. For more information about how to use Cradlepoint Enterprise Cloud Manager, see the following: • Getting Started •...
Page 16: Quick Links
( ) in the top-right of the desired dialog box. You may return to the Dashboard at any time by clicking on DASHBOARD from the left menu or by clicking on the Cradlepoint logo at the top-left of the screen. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 17: Connection Manager
WAN Affinity. If WAN Affinity is enabled for a particular profile or interface, do not enable Standby for that profile or interface as the failover results may vary and be unexpected. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
Page 18 Idle Check Interval: The amount of time between each check. (Default: 30 seconds. Range: 10-3600 seconds.) Monitor while connected: (Default: Off) Select from the following dropdown options: • Passive DNS (modem only): The router will take no action until data is detected that is destined for the WAN. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 19 WAN connection and only use a modem for failover when your wired connection goes down. This ensures that the higher priority interface has remained online for a set period of time before it becomes active (in case the connection is dropping in and out, for example). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 20 Custom Alert Percentages: Example: “50,80,90,110” (values can exceed 100%) (Triggers alerts when 50, 80, 90, 110% of usage cap is used) NOTE: To enable data usage, check Data Usage Enabled from WAN Management. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 21: Status
Ethernet LLDP System Logs INTERNET CONNECTIONS Select your device to reveal detailed information about the following device properties: • Summary • Modem • Cellular Network • General Information • IPv4 Information • Statistics ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 24 Last Traffic To reset information, click Reset Statistics. STATISTICS Statistics can be gathered at variable Sample Rate and Sample Size for the following areas: • Wireless Device • Data Usage • Failover/Failback/Load Balance ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 25 User Manual AER2100 4/19/16 Displays packets and bytes transmitted and received by your Quality of Service (QoS) queues. To enable and configure QoS, go to NETWORKING > QoS. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 26: Client List
CP Secure VPN Tunnels, go to NETWORKING > Tunnels > CP Secure VPN. IPSEC VPN Displays status of your IPSec VPN Tunnels. To add and configure IPSec VPN Tunnels, go to NETWORKING > Tunnels > IPSec VPN. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 27: Firewall
Displays status of your GRE Tunnels. To add and configure GRE Tunnels, go to NETWORKING > Tunnels > GRE. FIREWALL Displays information about your Firewall Connection Tracking States. To configure your firewall, select SECURITY from the left navigation. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 28: Routing
Ethernet ports, go to NETWORKING > Local Networks > Ethernet Ports. Displays GPS location and status. To enable and configure GPS, go to SYSTEM > Administration > GPS. LLDP Displays LLDP information. To enable LLDP, go to SYSTEM > Administration > LLDP. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 29: System Logs
User Manual AER2100 4/19/16 SYSTEM LOGS Displays System Log information. To configure System Logging, go to SYSTEM > Administration > System Logging. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 30: Networking
This name is referred to as the SSID (service set identifier). For security purposes, Cradlepoint highly recommends that you change this from the pre-configured name. Hidden: This shows whether the router broadcasts its SSID.
Page 31 Personal or Enterprise, assume Personal since you need to know RADIUS authentication for Enterprise. In order to protect your network from hackers and unauthorized users, Cradlepoint highly recommends WPA2/AES for security if your attached devices can support it. WEP and WPA/TKIP are obsolete and have been replaced by WPA/AES.
Page 32 DTIM with a DTIM Interval value. Wireless clients detect the beacons and awaken to receive the broadcast and multicast messages. The default value is 1. Valid settings are between 1 and 255. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
Page 33 WAN port and 12 numbered LAN ports. While default settings will be sufficient in most circumstances, you have the ability to control: Mode (WAN or LAN) and Link Speed. Additional controls for WAN ports are available in CONNECTION MANAGER. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 34 Redirect HTTPS Requests: This allows initial requests to HTTPS websites to be redirected appropriately. Hotspot/UAM Authentication Port: Default: 8000. Type in a different port number, or use the slider to change the port. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 35 Add the MAC addresses of trusted machines. This gives them automatic access through the hotspot portal. Click Add to enter new MAC Addresses you wish to allow. Click Update to save your additions. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 36 Click Add to configure a new network, Remove to delete a network, or select an existing network and click Edit to view configuration options. General Settings Enabled: The network can be manually disabled or in some specific situations may be automatically disabled to work with certain types of modems. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 37 UPnP Gateway: Select the UPnP (Universal Plug and Play) option if you want to enable the UPnP Gateway service for computers on this network. Admin Access: When enabled users may access these admin pages from this network. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 38 IPv6 DHCP Lease Time: Specifies how long DHCP enabled computers will wait before requesting a new DHCP lease. Schedule Enable Schedule Service: Enable the interface scheduler. A schedule allows an interface to be enabled or disabled during specific hours of a day. VRRP Enable VRRP: Enable or disable VRRP. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 39 RADIUS server’s interface. NOTE: If you don’t know the MAC address for the RADIUS server, enter 00:00:00:00:00:00, and the service will try to find the MAC address from the given IP address. Port Password ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 40 The time/date that is logged is the time of the first connection. The page may need to be refreshed to show the most recent log entries. Double-clicking on entries from this list will add them to the Ignored MAC Addresses list. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 41: Vlan Interfaces
CP Secure VPN allows IT managers to secure their expanding Edge Networks using architectures that scale quickly and are easy to maintain. For more information, visit cradlepoint.com. NOTE: CP Secure VPN requires an ECM Prime subscription. For more information, visit cradlepoint.com.
Page 42 (Internet Protocol security) to authenticate and encrypt packets exchanged across the tunnels. To set up a VPN tunnel with a Cradlepoint router on one end, there must be another device (usually a router) that also supports IPsec on the other end.
Page 43 Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). • Model – Set your rule according to the specific model of modem.
Page 44 1 – Main (also called Identity Protection) and Aggressive. • In Main mode, IKE separates the key information from the identities, allowing for the identities of peers to be secure at the expense of extra packet exchanges. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 45 Key Lifetime: The lifetime of the generated keys of phase 2 of the IPsec negotiation from IKE. After the time has expired, IKE will renegotiate a new set of phase 2 keys. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 46 DH Group. Phase 2 and phase 1 selections do not have to match. For the Hash selection an added value of SHA 256_128 (128-bit truncation) is avaliable. The original specification and the Cradlepoint default is 96-bit truncation, but RFC4868 requires 128-bit. A VPN to newer Cisco or Juniper devices will typically require 128-bit.
Page 47 Ping Restart – (Displays if the Configuration Mode is Advanced) If no pings have been received in the amount of time entered, OpenVPN restarts the tunnel • Tunnel Enabled – Click to enable/disable this tunnel ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 48 Generic Routing Encapsulation (GRE) tunnels can be used to create a connection between two private networks. Most Cradlepoint routers are enabled for both GRE and VPN tunnels. GRE tunnels are simpler to configure and more flexible for different kinds of packet exchanges, but VPN tunnels are much more secure.
Page 49 WAN device(s) are available and connected. An example use case is when there is a router with both a primary and failover WAN device and the tunnel should only be used when the system has failed over to the backup connection. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 50 Port – Select by the physical port on the router into which you are plugging the modem (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”) • Model – Set your rule according to the specific model of modem •...
Page 51 An expression such as “Unique ID is (any)” will allow NEMO to operate on any WAN, whereas “Type is LTE” will limit NEMO operation to the WAN(s) provided by any connected LTE device(s). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 52 Leave blank to disable. • Password – Shared secret (or password) used to authenticate the associated Local and Remote names. Redial • Enabled – When this is selected, the tunnel will attempt to reconnect if disconnected. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 53 Network Address – This is the network address that is the destination of the route. This should be set to the network address at the remote side of the tunnel. • Netmask – This is the corresponding subnet mask of the network being defined. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 54: Routing
If no policy or no route is matched, the lookup will use the primary route table instead. To add a route policy, click Add. • IP Version: Select the IP protocol version. • Source IP/Network Address ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 55 Clearing Permit will deny the route if the Match Conditions are met. • Match Conditions: A set of conditions that define a match. • Set Actions: A set of actions that are triggered by a match. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 56 Community List: Allows filtering by community. In essence a community is a label which is attached to routes learned from that community. Then that community or label can be used to select which policy(s) should be applied to those routes. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 57 The first field sets a limit for both EBGP and IBGP. If desired, a different limit can be applied just to IBGP using the second field. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 58 Mutually exclusive with TTL Security. Optionally specify Time To Live from 1 to 255 hops. • TTL Security: Specify the number of hops to reach eBGP neighbors. Mutually exclusive with eBGP Multihop. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 59 OSPF is widely used in large networks such as ISP (Internet Service Provider) backbone and enterprise networks. Click Add to add an OSPF router. General • Enable: Enable and disable the routing protocol policy. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 60 The Key ID identifies the secret key used to create the message digest. This ID is part of the protocol and must be consistent across routers on a link. • Cost: OSPF metric for this interface. • Transmit Delay: Link state transmit delay. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 61 (default Type-2). Route Map specifies an optional route map to filter routes. • Default Metric: Specify the default metric for routes redistributed to OSPF. This can be overridden under the Redistribute configuration. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 62 Device: Select network interface device. • Send version: Select the RIP version that will be sent on this interface, overriding the global setting. Version can be 1 or 2, or 0 to select both. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 63 Metric: RIPng metric is a value for distance for the network. Usually the RIP service increments the metric when the network information is received. The metric for redistributed routes is set to 1. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 64: Qos
20% or less. Click Add to create a new Traffic Shaping/QoS queue. Queue Name: Choose a name that is meaningful to you. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 65 Download Bandwidth: This is the percentage of the connected WAN upload bandwidth that will be reserved for the specified traffic. The maximum value is adjusted to the remaining percentage after other queues receive their share. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 66 Source IP Address, Source Netmask, Destination IP Address, and Destination Netmask: Specify an IP address or range of IP addresses by combining an IP address with a netmask for either “source” or “destination” (or both). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
Page 67: Dns Servers
Click Finish to save this rule. DNS SERVERS DNS, or Domain Name System, is a naming system that translates between domain names (www.cradlepoint. com, for example) and Internet IP addresses (206.207.82.197). A DNS server acts as an Internet phone book, translating between names that make sense to people and the more complex numerical identifiers.
Page 68 • Custom Server (DynDNS clone) • Custom Server Address. Only available if you select Custom Server from the Server Address dropdown list. Enter your custom DynDNS clone server address here. For example: www.mydyndns.org. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 69: Wifi As Wan
WiFi Radio #2 (5 GHz) All Cradlepoint routers and some other routers use the same default IP address for the primary network: 192.168.0.1. If you attempt to set up WiFi as WAN and there is an “IP conflict,” you need to change the IP address.
Page 70 If you import a network from Site Survey, most of the information about the network will already be completed. You need to input the password (if there is one) and then click submit to save the WiFi as WAN profile. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 71: Wan Affinity
Source IP Address, Source Netmask, Destination IP Address, and Destination Netmask: Specify an IP address or range of IP addresses by combining an IP address with a netmask for either “source” or “destination” (or both). Source ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 72 Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). • Model – Set your rule according to the specific model of modem.
Page 73: Client Data Usage
GRE tunnels or input manually. • Peer Authentication: Embeds the secret plaintext password to outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless this password is present. Max length: eight characters. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 74 (displays flag R in the static mapping table if selected) • Proprietary OS: This should be enabled if the statically mapped peer is running proprietary OS (displays flag C in the static mapping table if selected). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 75: Security
IP addresses are entered using CIDR notation, e.g. 1.2.3.4/32 and 0123:4567::CDEF/128. FQDN addresses are entered with at least one dot separating a top-level domain from a root zone, e.g. cradlepoint.com. To add a Host Address Identity, click Add. PORTS A port identity member can be entered as a single Start port number or as a port range by entering both a Start and End port number.
Page 76: Zone Firewall
Log: When checked, each packet matching this filter rule will be logged in the System Log. • IP Version: Select the IP version to match. • Enter match criteria under Source, Destination, Protocols and Application Sets. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 77 Sending the system log to a syslog server is recommended. Application Gateways Enabling an application gateway makes pinholes thru the firewall. This may be required for some applications to function, or for an application to improve functionality or add features. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 78 The primary purpose for Cradlepoint’s NPT implementation is for failover/failback and load balancing setups. LAN clients can potentially retain the original IPv6 lease information and may experience a more seamless transition when WAN connectivity changes than if not utilizing NPT.
Page 79 • Local Port(s): Specify the IP port(s) on the LAN to proxy to a remote computer. • Remote Computer: Specify the remote computer to receive proxied traffic. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 80 One-to-One NAT can be accomplished by specifying a host address or a /32 cidr address. Click Add to create a Dynamic 1:1 NAT. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 81: Content Filtering
HTTPS Port (Optional): The port for the proxy to forward HTTPS traffic to. HTTPS is not transparently intercepted and must have the LAN clients configured to use the Cradlepoint router as a proxy for HTTPS to work properly. MAC WEB FILTER RULES...
Page 83 Licenses to enable this feature. Enter your Zscaler account information to enable these settings. Input local network information (Network Address and Netmask) to assign your Zscaler implementation to one or more local network(s). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 84: Threat Management
User Manual AER2100 4/19/16 THREAT MANAGEMENT NOTE: Threat Management is only available for the AER family or Cradlepoint products, and requires a feature license. Enable this feature through Enterprise Cloud Manager. Cradlepoint Secure Threat Management leverages Trend Micro’s security experience and expertise in this...
Page 85 Application ID Logging: (Disabled by default.) The DPI engine can identify network traffic applications and send this information to the system logs. Depending on your network traffic uses, application ID logging may send huge amounts of data to the system logs. Cradlepoint recommends enabling a syslog server to manage this information.
Page 86: Certificate Management
• Organization Information: The organization to which the certificate issuer belongs • Common Name: Name used to match authentication credentials To add a local certificate, click Add. Remove a local certificate by selecting the certificate and clicking the Remove button. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 87 Give the certificate a name that is meaningful to you. PKCS #12 files are protected by a passphrase – you must know this key to import the file. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 88 To export, select a local certificate from the dropdown list and download it to your computer or local device in PKCS #12 format. When you export this file, you must create a passphrase to protect it. This key is required for future use of the file. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 89: System
Require HTTPS Connection – Requiring a secure (https) connection is recommended • HTTP Port: Default – 8080. This option is disabled if you select “Require Secure Connection” • Secure HTTPS Port – Default: 8443. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 90 If a ping to the router’s WAN port does not work, it is unlikely that remote SSH access will work. FEATURE LICENSES Some Cradlepoint features may require a license. These features are disabled by default. To obtain a feature license, contact your Cradlepoint sales representative.
Page 91 Aa-Zz, numerals, and ‘_’. • Enable GPS server on LAN - Enables a server on the LAN side of the firewall which will periodically send GPS sentences to TCP connected clients. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 92 • SMS messages are not encrypted; they are sent in full readable text over the network. Enable SMS support – SMS support is enabled by default on the router. Deselect this to disable. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 93 If this occurs, disable this option. Log to attached USB stick: Only enable this option if instructed by a Cradlepoint support agent. This will write a very verbose log file to the root level of an attached USB stick. Please disable the feature before removing the USB stick, or you may lose some logging data.
Page 94: Enterprise Cloud Manager
(Default: Enabled) • Server Host:Port: The DNS hostname and port number for your ECM server. (Default: stream.cradlepoint.com) • Session Retry Timer: How long to wait, in seconds, before starting a new ECM session following a connection drop or connectivity failure.
Page 95: Device Alerts
Feature License Expiration: Sends an alert when a feature license is about to expire. • Router SDK Application: A router SDK Application may send an alert. • Full System Log: The system log has filled. This alert contains the contents of the system log. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 96: Serial Redirector
LAN connections. You must be logged into the router to use the redirector. • WAN: Enable serial redirector for WAN connections. • Server Port: Enter a port number for the redirector to use. (Default: 7218) ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 97: Snmp Configuration
SNMP, or Simple Network Management Protocol, is an Internet standard protocol for remote management. You might use this instead of Enterprise Cloud Manager if you want to remotely manage a set of routers that include both Cradlepoint and non-Cradlepoint products. SNMP Configuration •...
Page 98 System Contact: Input the email address of the system administrator. • System Name: Input the router’s hostname. • System Location: Input the physical location of the router. This is simply a string for your own information. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 99: System Control
With other select modems (such as LP6), more than one modem firmware image may be locally stored within the device’s memory. You must first select the Cradlepoint modem you would like to update. Once selected, the appropriate modem firmware update options will display.
Page 100 File: Click this button to manually upload a modem firmware file. Type the path/file or click Select Firmware File to browse to the local file location. Once entered, click Begin Firmware Upgrade. Note: For modems which support manual carrier switching, find the appropriate modem firmware package file via ECM or the Cradlepoint portal.
Page 101: Diagnostics
Hostname or IP address of the computer you want to ping and click the ‘Ping’ button. Speed Test • Tests Against Cradlepoint Server - Up to ten speed tests are permitted against a Cradlepoint server. • WAN Device - The WAN Device that is selected will have the test run on it.
Page 102: Setup Wizards
AER2100 4/19/16 SETUP WIZARDS ECM REGISTRATION To register the router with Cradlepoint ECM you must first have an account. If you need to create an account you can signup at cradlepoint.com. Once you’ve created an account, or if you already have one, you can enter your ECM username and password to register the router.
Page 103 Configuring Your APN and Modem Authentication If you are using a SIM-based modem (LTE/GSM/HSPA) with your Cradlepoint router you may need to configure the APN before it will properly connect to your carrier. Wireless carriers offer several APNs so check with your carrier to confirm the appropriate one to use.
Page 104 Passthrough • The Subnet Selection Mode will be set to “Automatically Create Subnet” unless overridden via the Subnet Selection Mode dropdown Any Ethernet WAN connections should be disconnected before IP passthrough is enabled. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 105: Appendix
This device complies with Industry Canada license-exempt RSS standards. Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
Page 106: Industry Canada Radiation Exposure Statement
INFORMATION FOR EUROPE, DECLARATION OF COMPLIANCE Model: S3A340A AER2100 Cradlepoint, Inc. declares that this device is in compliance with the essential requirements of the R&TTE Directive 1999/5/EC, Energy Related Products Directive 2009/125/EC, Electromagnetic Compatibility Directive 2004/108/EC, Low Voltage Directive 2006/95/EC, and RoHS2 Directive 2011/65/EU.
Page 107: Safety And Hazards
(i.e., contain errors), or totally lost. The device is not intended for (and Cradlepoint recommends the device not be used in any) critical applications where failure to transmit or receive data could result in property damage or loss or personal injury of any kind (including death) to the user or to any other party.
Page 108: Router Communication/Data Usage
4/19/16 OTHER BINDING DOCUMENTS; TRADEMARKS; COPYRIGHT By activating or using your AER2100 or AER2150 device, you agree to be bound by Cradlepoint’s Terms of Use, User License and other applicable Legal Policies. © 2015 Cradlepoint, Inc. All rights reserved. Cradlepoint is not responsible for omissions or errors in typography or photography.

Cradlepoint AER2100 User Manual

Introduction

Quick Start

Administration Pages

Appendix

Quick Links

Related Manuals for Cradlepoint AER2100

Summary of Contents for Cradlepoint AER2100

Table of Contents