Cradlepoint IBR600 Product Manual

Cradlepoint IBR600 Product Manual

Cor integrated broadband router with vpn support
Hide thumbs Also See for IBR600:

Advertisement

Advertisement

Table of Contents
loading

Summary of Contents for Cradlepoint IBR600

  • Page 2: Manual Revisions

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT Preface CradlePoint reserves the right to revise this publication and to make changes in the content thereof without obligation to notify any person or organization of any revisions or changes. Manual Revisions...
  • Page 3 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT Trademarks CradlePoint and the CradlePoint logo are registered trademarks of CradlePoint, Inc. in the United States and other countries. All other company or product names mentioned herein are trademarks or registered trademarks of their respective companies.
  • Page 4: Table Of Contents

    UNNELS 1.1   P   .............   3   ACKAGE   ONTENTS 5.6   H ( IBR600)   ..........   4 3   OTSPOT   LIENTS   1.2   S  ............   3   YSTEM   EQUIREMENTS 5.7  ...
  • Page 5 ANAGER 8.5   F   ............   2 15   EATURE   ICENSES 8.6   H ( IBR600)   ..........   2 16   OTSPOT   ERVICES   8.7   S  ............   2 20   ERIAL  ...
  • Page 6: Introduction

    • Internet Explorer v6.0 or higher, Firefox v2.0 or higher, Safari v1.0 or higher 1.3 IBR600/IBR650 Overview The CradlePoint COR is a highly featured, compact, and robust router designed for deployment in critical business and enterprise applications that require 24x7 connectivity via Ethernet and/or WiFi. The router features a built-in high-speed modem (4G LTE, 3G EVDO, WiMAX, HSPA+, LTE/HSPA+) modem as well as support for wired networks such as DSL or Cable.
  • Page 7 • Supports both wireless and wired Internet connections (two Ethernet ports for either LAN/LAN or WAN/LAN) • Secure IPsec VPN (5 concurrent sessions maximum) • Centralize the administration and monitoring of distributed routers using CradlePoint Enterprise Cloud Manager ENHANCED WIFI (IBR600) • 500+ feet of WiFi Range •...
  • Page 8 WiFi antenna for operation in 1x1 WiFi mode. 1.3.2 CradlePoint Enterprise Cloud Manager Rapidly deploy and dynamically manage networks at geographically distributed stores and branch locations with Enterprise Cloud Manager, CradlePoint’s next generation management and application platform. Enterprise Cloud © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 9 1.3.4 Captive Portal (IBR600) The captive portal solution provided by CradlePoint routers enables businesses to provide their customers with a public WiFi hotspot with access controls. The controls can be as simple as requiring acceptance of a terms of service agreement, while advanced features allow administrators to control and monitor usage, require login, direct users to specific web pages, provide revenue through service fees or paid advertising, and more.
  • Page 10 2 Requires minimum order quantity (MOQ) CradlePoint products with the -EU and -INTL SKUs enable and disable WiFi channels to comply with EU law. The -EU and -INTL SKUs are not legal for use in North America. The -EU and -INTL versions also come with an adapter kit for non-USA/Canada power outlets (includes US, EU, and UK options).
  • Page 11: Hardware Overview

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 2 HARDWARE OVERVIEW © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 8...
  • Page 12: Switches

    Reset: You can return your router to factory default settings by pressing and holding the Reset button. This button is recessed, so it requires a pointed object such as a paper clip to press. Press and hold for 10 seconds to initiate reset. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 13 (Hardware version 1.3 changed from a micro USB port to a full-size Standard-A USB port.) WiFi Antennas (IBR600 only): The IBR600 comes with two 2.4 GHz WiFi antennas (Reverse SMA). These antennas are simple to attach and adjust for maximum WiFi broadcast.
  • Page 14 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT Modem Antennas: The CradlePoint COR comes with two modem antennas to enhance reception for the embedded modem. These antennas are simple to attach and adjust. Power On/Off: • I = On • O = Off Power LED: •...
  • Page 15 • No light = Off Additional LED Indications: WiFi and modem LEDs blink amber Factory reset button detected twice Error during USB firmware WiFi and modem LEDs blink red upgrade © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 12...
  • Page 16: Mounting Bracket

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 2.2 Mounting Bracket © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 13...
  • Page 17 2) Place the router’s edge against the bottom of the bracket. 3) Press the router down firmly, then push it inside the bracket. It should latch. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 14...
  • Page 18 2.2.2 Removing the COR from the Mounting Bracket From the top of the bracket, press down firmly on the router using your thumb(s) and pull the device out. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 19: Quick Start

    Activate Your Modem A wireless broadband data plan must be added to your IBR600/IBR650. Wireless broadband data plans are available from wireless carriers such as AT&T, Sprint, Verizon, and Vodafone. A new line of service can be added or a data plan can be transferred from an existing account.
  • Page 20: Device

    (this password is the last eight digits of the router’s MAC address, which can be found on the product box or on the product label). NOTE: If more than one IBR600 wireless router is visible, you can find the correct unit by checking for its SSID (service set identifier; the unique name of the local network). The default SSID of the primary network has the form IBR600-xxx, where “xxx”...
  • Page 21 Accessing the Administration Pages For most users the IBR600/IBR650 can be used immediately without any special configuration changes. If you would like to change your network name or password or configure any of the advanced features of your router, you will need to log in to the administration pages: •...
  • Page 22 If you used the First Time Setup Wizard, you might have changed the “WiFi Network Name” or the “Security Mode” password. If so, you will need to reconnect your device(s) to the IBR600 network. • Find the network. Look for your new personalized network name (or the default SSID of the form “IBR600-xxx”).
  • Page 23: Common Problems

    A wireless broadband data plan must be added to your IBR600/IBR650. Wireless broadband data plans are available from wireless carriers such as AT&T, Sprint, and Verizon. A new line of service can be added or a data plan can be transferred from an existing account.
  • Page 24: Web Interface - Essentials

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 4 WEB INTERFACE – ESSENTIALS The CradlePoint COR has a Web interface for configuration and administration of all features. The interface is organized with 5 tabs at the top of the screen: • Getting Started •...
  • Page 25: Administrator Login

    The Administrator Login page will appear. Log in using your administrator password. Initially, this password can be found on the bottom of the IBR600/IBR650 unit as the Default Password. This password is also the last eight digits of the unit’s MAC address.
  • Page 26 • Name: The name of the primary network. If you have more than one wireless network enabled, the additional network names will also be listed here. Modem Details • Manufacturer: The name of the modem manufacturer (CradlePoint). • Model: The name of the modem model (Internal LTE, for example). • Signal: The strength of the signal (dBm).
  • Page 27: Getting Started - F

    The First Time Setup Wizard will help you customize the name of your wireless network, change passwords to something you choose, and establish an optimal WiFi security mode. The CradlePoint COR comes out of the box with a unique password at WPA1/WPA2 WiFi security level.
  • Page 28 The router cannot use 802.11n modes if WEP is enabled; WiFi performance and range will be limited. • NONE (OPEN): Select this option if you do not want to activate any security features. CradlePoint recommends BEST (WPA2) WiFi security. Try this option first and switch only if you have a device that is incompatible with WPA2.
  • Page 29 Click NEXT. 7) Configuring Your Access Point Name (APN): If you are using a SIM-based modem (LTE/GSM/HSPA) with your CradlePoint router you may need to configure the APN before it will properly connect to your carrier. Wireless carriers offer several APNs, so check with your carrier to confirm the appropriate one to use.
  • Page 30 ISPs/Carriers block certain addresses, so choose an address that all of your WAN connections can use. For best results, select an established public IP address. For example, you might ping Google Public DNS at 8.8.8.8 or Level 3 Communications at 4.2.2.2. Click NEXT. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 27...
  • Page 31 NOTE: If you are currently using this network, reconnect your devices to the network using the new wireless network name and security password. Click APPLY to save the settings and update them to your router. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 28...
  • Page 32: Uick Links

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 4.3 Quick Links The CradlePoint logo in the upper left-hand corner of all the administration pages is a link to the Dashboard (Status → Dashboard), which displays fundamental information about the router.
  • Page 33: Configuration

    Network Settings – Provides configuration options for the networks, or LAN, created by your router. For example, you can enable a guest WiFi network (WiFi / Local Networks), set up rules to filter websites (Content Filtering), or create a traffic-shaping rule to set bandwidth priorities (WiPipe QoS). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 34 LAN (Local Area Network) Examples: • If you want to change the content filtering settings for the network created by the IBR600/IBR650, go to the Network Settings tab. • If you have multiple Internet sources (such as the embedded modem and an Ethernet connection) for which you would like to set priority levels, go to the Internet tab.
  • Page 35: Registration

    CRADLEPOINT 4.5 Enterprise Cloud Manager Registration To register your device with CradlePoint Enterprise Cloud, navigate to Getting Started → Enterprise Cloud Manager Registration. Input your ECM Username and ECM Password and click Register. You have now registered the device with Enterprise Cloud Manager.
  • Page 36: Ip Passthrough Setup

    • The Routing Mode will be set to IP Passthrough. • The Subnet Selection Mode will be set to "Automatically Create Subnet" Any Ethernet WAN connections should be disconnected before IP Passthrough is enabled. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 37: Status

    • Dashboard • GPS • GRE Tunnels • Hotspot Clients • Internet Connections • Routing • Statistics • System Logs • VPN Tunnels • WiPipe QoS © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 34...
  • Page 38: Lient List

    Wireless and Wired clients. Wireless Clients. For each device using a wireless connection to your IBR600, the following information is displayed: Hostname, IP, MAC, Connection, and Time Online. Wired Clients. For each device using a wired connection to your router, the following information is displayed: Hostname, IP, and MAC.
  • Page 39 Time Online: Simply the amount of time the device has been connected to the router. Kick: Click on this button to disconnect a client. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 40: Cp Connect

    To set up or edit a CP Connect tunnel, go to Internet → CP Connect. NOTE: CP Connect requires a feature license. Go to System Settings → Feature Licenses to enable this feature. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 41: Dashboard

    After the initial setup of the router, every time you log in you will automatically be directed to this Dashboard. Also, you can click on the CradlePoint logo in the upper left-hand corner to return to the Dashboard from any page.
  • Page 42 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT Router Information: “Detailed Info” links to System Settings → Administration. • Product: IBR600/IBR650 • Serial: The product serial number. • Firmware: Gives the number of the current firmware version. • Build Date: Year-month-day-hours-minutes-seconds for the most recent firmware upgrade.
  • Page 43 This will inform you about the availability of new firmware, for example. Router Alerts includes links to the System Software page (for new firmware) and the Connection Manager. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 44: Gps

    GPS. If GPS is supported, make sure the modem is in an area where it can receive a signal from the GPS satellites.     © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 41...
  • Page 45: Gre Tunnels

    View the status of configured GRE Tunnels. To set up or edit a GRE tunnel, go to Internet → GRE Tunnels. Included information: • Name • Status • Transmit (packets/bytes) • Receive (packets/bytes)     © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 42...
  • Page 46: Hotspot Clients (Ibr600)

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 5.6 Hotspot Clients (IBR600) View the status of the clients that have logged in through the Hotspot/Captive Portal. View: • Hostname • IP address • MAC address • Data Usage (both IN and OUT) •...
  • Page 47: Internet Connections

    The Internet Connections submenu option provides a list of attached WAN devices used as the Internet source for the IBR600/IBR650. Select one of these devices to see detailed information about that particular device. For each type of device, different information will be included in the Device Information section. Possible devices...
  • Page 48 • Type ethernet • Port IP Information • DNS Servers • IP Address • Gateway Statistics • Incoming Bytes • Outgoing Bytes • Connection Uptime (secs) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 45...
  • Page 49 • GSN • Home Address • Product Internal LTE/EVDO • Signal Strength (dBm) • DEFPDP • Model Internal LTE/EVDO • Manufacturer CradlePoint Inc. • Rev Tun • Battery Level • Secondary Home Agent • Primary Home Agent © 2013 CRADLEPOINT, INC.
  • Page 50 • Type lte IP Information • DNS Servers • IP Address • Gateway Statistics • Incoming Bytes • Outgoing Bytes • Load Balance score • Connection Uptime (secs) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 47...
  • Page 51 • PIN Status • ESN/IMEI • Product Internal LTE/HSPA+ • Signal Strength(dBm) • Default Profile • Model Internal LTE/GSM • Manufacturer CradlePoint Inc. • Battery Level General Information • Model Internal LTE/GSM • Unique Identifier • Port int1 • Profile 1: Broadband •...
  • Page 52 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT • Gateway Statistics • Incoming Bytes • Outgoing Bytes • Connection Uptime (secs) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 49...
  • Page 53 Internal HSPA+ Diagnostics • Product Internal HSPA+ • Modem Firmware Version • DEFPDP • Model Internal LTE/EVDO • Manufacturer CradlePoint Inc. • Carrier ID • Service Display HSPA • Signal Strength (dBm) • GSN • PIN Status • Connection Type General Information •...
  • Page 54 CRADLEPOINT IP Information • DNS Servers • IP Address • Gateway Statistics • Incoming Bytes • Outgoing Bytes • Load Balance score • Connection Uptime (secs) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 51...
  • Page 55 • Product EVDO Modem • Protocol PPP • Unique Identifier • ESN/IMEI • Model MC100E-VZ • Type modem • Port 1 • Manufacturer CradlePoint Inc. IP Information • Netmask • IP Address • Gateway Statistics • Outgoing Bits/Second • Incoming Bits/Second •...
  • Page 56 • Connection State (connected, idle, etc.) General Information • Product Wireless As WAN • Unique Identifier • Type wwan IP Information • Netmask • IP Address • Gateway © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 53...
  • Page 57: Routing

    Static Routes displays user-specified routes configured in Network Settings → Routing. There are also tables displaying information for GRE Routes, VPN Routes, and NEMO Routes. Configure the settings for these routes under the Internet tab. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 58: Statistics

    Wireless Statistics: View the signal strength and other wireless modem information. The wireless device’s signal strength will only be displayed as long as it supports “Live Diagnostics.” Sample rate and size can be adjusted from the dropdown boxes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 59 CRADLEPOINT Data Usage: A measure of the amount of information that is currently being sent or received through the network. Sample rate and size can be adjusted from the dropdown boxes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 60 Failover/Failback/Load Balance: An easy way to view current connective states of the devices plugged into the router as compared to the past. Sample rate and size can be adjusted from the dropdown boxes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 61: System Logs

    Level: Select/Deselect from the following levels to filter messages by priority. • Critical • Error • Warning • Info NOTE: The logs are erased whenever the router is rebooted or loses power. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 58...
  • Page 62: Vpn Tunnels

    View the status of configured VPN tunnels. To set up or edit a VPN tunnel, go to Internet → VPN Tunnels. Included information: • Name • Connections • Status • Protocols • Transferred • Direction • Time Online • Control © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 59...
  • Page 63 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 5.12 WiPipe QoS View the breakdown of packets and bytes sent and received associated with each WiPipe QoS rule. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 60...
  • Page 64: Network Settings

    • Content Filtering • DHCP Server • DNS • Firewall • MAC Filter / Logging • Routing • Routing Protocols • WiFi / Local Networks • WiPipe QoS © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 61...
  • Page 65: Content Filtering

    When creating rules keep in mind that some sites use multiple domains, so each domain may need a rule added to produce the desired behavior. NOTE: Websites that use HTTPS will not be blocked by these rules. You will need to use OpenDNS to block HTTPS websites. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 66 • Rule Priority: Higher number rules overrule lower number rules. • Enabled: A rule can be enabled or disabled by selecting or deselecting the checkbox. Click Submit to save your rule changes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 63...
  • Page 67 This can have the side effect of being very strict; sites that are hosted across many domains may need every domain added to the list for full functionality. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 68 Network WebFilter Rules, except that you must assign a MAC address instead of a network to each rule. See the Network WebFilter Rules section for more configuration details. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 65...
  • Page 69 WebFilter Rules. When a network is set to Block Access, it will block access to sites not specifically allowed in the WebFilter Rules. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 70 53, which will prevent OpenDNS filtering. If OpenDNS does not appear to be working correctly, enabling this will attempt to bypass those ports when using an OpenDNS content filtering level. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 71: Dhcp Server

    While you have the option to manually input the information to reserve an IP address (Hostname, Hardware Addr, IP Addr), it is much simpler to select a device under the Active Leases section and click “Reserve.” The selected device’s information will automatically be added under Reservations. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 72: Dns

    DNS, or Domain Name System, is a naming system that translates between domain names (www.cradlepoint.com, for example) and Internet IP addresses (206.207.82.197). A DNS server acts as an Internet phone book, translating between names that make sense to people and the more complex numerical identifiers. The DNS page for the IBR600/IBR650 has these distinct functions: •...
  • Page 73 Use HTTPS: Use the more secure HTTPS protocol. This is recommended, but could be disabled if not compatible with the server. Host name: Enter your host name, fully qualified. For example: myhost.mydomain.net. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 74 IP address, go to Network Settings → DHCP Server and reserve the IP address for the device by selecting the device in the Active Leases list and clicking “Reserve”. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 75: Firewall

    These numbers will be mapped to the local port numbers. • Local Computer: Select the IP address of an attached device from the dropdown menu, or manually input the IP address of a device. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 76 • Protocol: Select from the following options in the dropdown menu: o TCP o UDP o TCP & UDP • Click Submit to save your completed port forwarding rule. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 73...
  • Page 77 IPv6 providers, but it cannot be used effectively in all situations. The primary purpose for CradlePoint’s NPT implementation is for failover/failback and load balancing setups. LAN clients can potentially retain the original IPv6 lease information and may experience a more seamless transition when WAN connectivity changes than if not utilizing NPT.
  • Page 78 • Netmask: Use this to define a subnet size this rule will match against. • Port Negation: Match on any port that © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 75...
  • Page 79 Protocol: Any • IP Source Network IP: 172.22.24.160 (Johnny’s IP address) • Netmask: 255.255.255.255 (This netmask restricts the rule to one single address). • Port(s): 80 • © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 76...
  • Page 80 Point to Point Tunneling Protocol. This is enabled by default. • SIP: For Voice over IP using Session Initiation Protocol. • TFTP: Enables file transfer using Trivial File Transfer Protocol. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 81 HTTPS, SNMP, and SSH configuration tools. This does not restrict access to LAN-based administration, i.e. devices within your network still have administration access. The individual remote administration services can be enabled under System Settings → Administration --> Remote Management. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 82 IP address sets will be allowed access. If this field is left empty a netmask of 255.255.255.255 will be used, which means that only the single specified IP address would have remote administration access. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 83: Mac

    MAC Filter List (Whitelist or Blacklist): Add devices to either your whitelist or blacklist simply by inputting each device’s MAC address. NOTE: Use caution when using the MAC Filter to avoid accidentally blocking yourself from accessing the router. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 84 The page may need to be refreshed to show the most recent log entries. Double-clicking on entries from this list will add them to the Ignored MAC Addresses list. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 85: Routing

    Rule. If the IP/Network Address falls outside the LAN IP range, you probably need to select this option. Distribute: Allow this static route to be distributed via a routing protocol (Network Settings → Routing Protocols). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 86: Routing Protocols

    BGP. • Router-ID: This sets the router-ID of the BGP process. The router- ID may be an IP address of the router, but need not be - it can be © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 87 • Metric: Numerical priority of the route. • Route Map: Route maps provide a means to filter and/or apply actions to routes, allowing policies to be applied to routes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 88 • Enabled: Click to enable/disable the policy. (Default: enabled.) Network Areas: Areas are identified by an ID number. As of 4.1.1, CradlePoint only supports area 0. Use the IP address and netmask fields to associate a network with this policy. Also, choose whether to select Passive (active by default).
  • Page 89 • Protocol Version: RIP can be configured to send either Version 1 or Version 2 packets. The default is to send RIPv2 while accepting both RIPv1 and RIPv2 (and replying with packets of the appropriate © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 90 • Metric: Numerical priority of the route. • Route Map: Route maps provide a means to filter and/or apply actions to routes, allowing policies to be applied to routes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 91 Networks: Set the RIPng-enabled interfaces by network using IPv6 addresses. RIPng is enabled on the interfaces that have addresses within the network range. Routes: Set RIPng static routing announcement of specified network address. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 88...
  • Page 92 • Metric: Numerical priority of the route. • Route Map: Route maps provide a means to filter and/or apply actions to routes, allowing policies to be applied to routes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 93 Click Add to create a new route map. • Name: Choose a unique name. • Allow: Select “Permit” or “Deny”. • Order: Input a number to set the order of this policy. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 94 2. Deny: If the entry matches, then finish processing the route-map and deny the route (return `deny'). Set: A route-map entry may, optionally, specify one or more `Set Actions' to set or modify attributes of the route. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 95: Ocal Networks

    They will have to reconnect to the network. The user can set up multiple networks on the IBR600/IBR650, each with its own unique configuration and its own selection of interfaces. Each local network can be...
  • Page 96 Otherwise guests will need to know the password to connect to the WiFi network even before viewing a Terms of Service page (or other hotspot options). Finally, make sure your WiFi interface is “Enabled”. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 97 Name: This primarily helps to identify this network during other administration tasks. Hostname: [Default: cp (for CradlePoint)] The hostname is the DNS name associated with the router's local area network IP address. NOTE: You can access the router’s administration pages by typing the hostname into your browser, so if you change “cp”...
  • Page 98 WAN access will occur on both wireless and wired LAN connections. To enable a Hotspot you must also configure your Hotspot settings under System Settings → Hotspot Services. • Disabled: Disable this network. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 99 LAN is passed through from the WAN side. Change this to Static to input your own IPv6 address range here, or select None to explicitly disable IPv6 LAN connectivity. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 100 WiFi, Ethernet ports, and VLAN interfaces separately. See the Local Network Interfaces section below (on this same administration page: Network Settings → WiFi / Local Networks). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 97...
  • Page 101 Plug and Play) option if you want to enable the UPnP Gateway service for computers on this network. • Admin Access: When enabled, users may access these administration pages on this network. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 98...
  • Page 102 192.168.0.5 or higher. Lease Time: [Default: 720 minutes (12 hours)] The lease time specifies how long DHCP-enabled computers will wait before requesting a new DHCP lease. Smaller values are better suited to busy environments. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 103 DHCP Server Address: An optional DHCP server address if more than one DHCP server is located on the network. This field is only available when DHCP Relay is enabled. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 104 • IPv6 DHCP Lease Time: This specifies how long DHCP-enabled computers will wait before requesting a new DHCP lease. Disable SLAAC and DHCP – Disable both IPv6 address configuration modes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 105 LAN. In rare cases, additional IP address ranges need access to the multicast streams. Click Add and input the IP Address and Netmask for an additional IP address range. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 106 Click on the squares to toggle between black and gray. In the example shown, the network is enabled from 8-5 on Monday through Friday, but disabled at all other times. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 103...
  • Page 107 IP and let a new master take over when no WAN connection is available. Advertisement Interval: Sets the amount of time (in seconds) between VRRP advertisements, which communicate the router status. The default of 1 second is standard. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 108 If you want this router to be the root bridge, then set it to a value less than the default of 32768. A valid priority value is between 0 and 65535. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 109 RADIUS server is the same for both authentication and accounting. • Acct Server IP Address • Acct Server MAC Address • Port: 1813 is common for the accounting port. • Password © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 106...
  • Page 110 • Wireless (WiFi) Network Settings • Ethernet Port Configuration • VLAN Interfaces Wireless (WiFi) Network Settings The IBR600 can broadcast two SSIDs (service set identifiers — the names for WiFi networks). One primary WiFi network is enabled by default, while you may have enabled a second guest network when using the First Time Setup Wizard.
  • Page 111 This name is referred to as the SSID (service set identifier). For security purposes, CradlePoint highly recommends that you change this from the pre-configured name. Hidden: This shows whether the router broadcasts its SSID.
  • Page 112 NOTE: If you don’t know whether you should choose Personal or Enterprise, assume Personal since you need to know RADIUS authentication for Enterprise. In order to protect your network from hackers and unauthorized users, CradlePoint highly recommends WPA2/AES for security if your attached devices can support it. WEP and WPA/TKIP are obsolete and have been replaced by WPA/AES.
  • Page 113 • Auto • 10Mbps - Half Duplex • 10Mbps - Full Duplex • 100Mbps - Half Duplex • 100Mbps - Full Duplex • 1000Mbps - Full Duplex © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 110...
  • Page 114 Since the IBR600/IBR650 has only 2 Ethernet ports, this feature will rarely be necessary. It is possible, however, to set both ports as LAN ports (or both ports as WAN ports) and then either separate them or group them together.
  • Page 115 Ethernet Group: Select the LAN ports with which you want to associate the VLAN ID from a dropdown list. Your Ethernet group must be created separately under Ethernet Port Configuration. Click Submit to save your configured VLAN. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 116 • 5 (2432 MHz) • 6 (2437 MHz) • 7 (2442 MHz) • 8 (2447 MHz) • 9 (2452 MHz) • 10 (2457 MHz) • 11 (2462 MHz) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 113...
  • Page 117 Disabling this option forces all clients to use a longer backoff check and thus may reduce network throughput while reducing the number of transmission collisions. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 118 (in seconds) before attempting another query. This helps protect the network from floods of authentication requests if the RADIUS server is temporarily unreachable. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 119 For example, you might restrict the upload speed to prioritize available bandwidth for download or to reduce overall bandwidth use in order to lower costs. It is recommended that you experiment with different values for your particular Internet connection for best results. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 120 Upload Bandwidth: This is the percentage of the connected WAN upload bandwidth that will be reserved for the specified traffic. The maximum value is adjusted to the remaining percentage after other rules receive their share. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 121 Download Bandwidth: This is the percentage of the connected WAN upload bandwidth that will be reserved for the specified traffic. The maximum value is adjusted to the remaining percentage after other queues receive their share. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 122 DSCP Tags as opposed to IP addresses or ports. This setting is optional. For more information see the Differentiated services Wikipedia page. Click Finish to save this queue. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 119...
  • Page 123 Rules A traffic shaping rule identifies a specific message flow and assigns that flow to one of the queues created above. Click Add to create a new Traffic Shaping rule. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 124 Queue Name: Select a queue to associate this rule with. Click Next to continue to the next page. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 125 Differentiated services Wikipedia page. DSCP Negate: When checked this rule will match on any packet that does not match the DSCP field. Click Finish to save this rule. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 126: Internet

    • GRE Tunnels • L2TP Tunnels • Network Mobility (NEMO) • NHRP Interfaces • VPN Tunnels • WiFi as WAN / Bridge • WAN Affinity / Load Balancing © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 123...
  • Page 127: Onnection Anager

    Click on the small box at the top of the list to select/deselect all devices for either Load Balance or Enabled. Click on a device in the list to reveal additional information about that device and to enable configuration options. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 128 • Uptime (in seconds) Click “Edit” to view configuration options for the selected device. For 3G/4G modems, select the modem and click “Control” to view options to activate or update. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 129 • MTU: Maximum transmission unit. This is the size of the largest protocol data unit that the device can pass. (Range: 46 to 1500 Bytes.) • Hostname (This only shows for certain devices.) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 130 WAN connections can use. For best results, select an established public IP address. For example, you might ping Google Public DNS at 8.8.8.8 or Level 3 Communications at 4.2.2.2. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 131 Immediate failback returns you to the use of your preferred Internet source more quickly which may have advantages such as reducing the cost of a failover data plan, but it may cause more interruptions in your network than Usage or Time modes. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 132 Override any of the following fields: • IP Address • Subnet Mask • Gateway IP • Primary DNS Server • Secondary DNS Server © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 129...
  • Page 133 IPv4 packet and routed back over an IPv4 route. Some tunnel modes do not require upstream ISPs to route or even be aware of IPv6 traffic at all. Some modes are utilized by upstream ISPs to simplify the configuration and rollout of IPv6. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 134 IP connectivity without relying on any translation mechanism. In order to achieve this, each client device on the LAN network needs to have a publicly routable IPv6 address. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 135 Prefixes specified here only take effect if those supplied by the connection are insufficient to configure your LANs. • Delegated IPv6 Network – Additional network available for delegation to LANs. Example Configuration: © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 136 Prefixes specified here only take effect if those supplied by the connection are insufficient to configure your LANs. • Delegated IPv6 Network – Additional network available for delegation to LANs. Example Configuration: © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 137 Prefixes specified here only take effect if those supplied by the connection are insufficient to configure your LANs. • Delegated IPv6 Network – Additional network available for delegation to LANs. Example Configuration: © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 138 Prefixes specified here only take effect if those supplied by the connection are insufficient to configure your LANs. • Delegated IPv6 Network – Additional network available for delegation to LANs. Example Configuration: © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 139 Prefixes specified here only take effect if those supplied by the connection are insufficient to configure your LANs. • Delegated IPv6 Network – Additional network available for delegation to LANs. Example Configuration: © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 140 • PPPoE should be configured with the username, password and other settings provided by your ISP. If you want to use a Static (Manual) or PPPoE connection, you will need to fill out additional information. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 141 • Gateway IP • Primary DNS Server • Secondary DNS Server PPPoE: • Username • Password • Password Confirm • Service • Auth Type: None, PAP, CHAP © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 138...
  • Page 142 Network-Initiated Schedule: When you select “On Schedule” for Network-Initiated Alerts, you also select a time from this dropdown list. Modem updates will take place at this scheduled time. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 143 • Force 3G (EVDO, UMTS, HSPA): Connect to 3G network only. • Force 2G (1xRTT, EDGE, GPRS): Connect to 2G network only. See the following tables for a breakdown of the technologies used with various CradlePoint COR models when any Modem Connection Mode is selected.
  • Page 144 ✔ (Sierra Wireless MC7700) IBR6x0LP2 ✔ ✔ ✔ ✔ ✔ ✔ ✔ (Sierra Wireless MC7710) IBR6x0P ---- ---- ---- ---- ---- ---- ✔ (Sierra Wireless MC8705) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 141...
  • Page 145 Each command must be entered on a separate line. All command responses must include “OK” except the final command response, which must include “CONNECT”. Example: ATDT*99***2# © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 142...
  • Page 146 TTLS Username: Username for TTLS authentication. TTLS Password: Password for TTLS authentication. WiMAX Authentication Identity: User ID on the network. Leave this blank unless your provider tells you otherwise. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 147 • AAA SPI: An Authentication, Authorization, and Accounting "Security Parameters Index". Usually a short numeric string. • HA SPI: A Home Agent "Security Parameters Index". Usually a short numeric string. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 148 For Verizon modems, only the third slot is editable. Changes made here are written to the modem, so a factory reset of the router will not impact these settings. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 149 However if you try to start a different operation or use a different modem, this second request will fail without interfering with the pending operation. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 150 Use Manual Firmware Upgrade to instead manually upload firmware from a local computer or device. NOTE: Only CradlePoint integrated modems have this firmware upgrade option. Reset the Modem Click on the Reset button to power cycle the modem. This will have the same effect as unplugging the modem.
  • Page 151 Select any of these rules and click “Edit” to change the settings for a rule. To create a new rule, click “Add.” © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 152 Select WiMAX modem by MAC Address. • Unique ID: Select by ID. This is generated by the router and displayed when the device is connected to the router. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 153 Settings, WiMAX Settings, CDMA Settings, and SIM/APN/Auth Settings – have the same configuration options shown above in the WAN Configuration section (the options for Configuration Rules are the same as they are for individual devices). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 154: Cp Connect (Beta)

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 7.2 CP Connect (Beta) CP Connect is a licensable feature used to create a connection to a private network. CP Connect is currently in beta. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 155: Client Data Usage

    The names that are shown are received during a DHCP exchange. If a client disconnects and reconnects with a new IP address there will be an additional entry in this list. Pressing Reset Statistics will restart all counters at 0. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 156: Ata Usage

    CradlePoint cannot be held responsible. You must accept the agreement by clicking Yes in order to begin creating data usage rules.
  • Page 157 Balancing feature is allowed to use the thresholds and metrics of this rule when making balance decisions. This causes Load Balancing to spread the data usage between interfaces according to the assigned usage rather than © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 158 Percent of Usage (1-1000): If selected, a custom alert will be sent when your data usage reaches this percentage of your usage cap. For example, you could set this at 90 percent so that you know when your usage is nearing 100 percent of the cap. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 159 The rest of the rule settings options match those in the Data Usage Rules. See the section above for additional information about how to configure your template usage rules. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 160: Gre Tunnels

    Generic Routing Encapsulation (GRE) tunnels can be used to create a connection between two private networks. The IBR600/IBR650 is enabled for either GRE or VPN tunnels. GRE tunnels are simpler to configure and more flexible for different kinds of packet exchanges, but VPN tunnels are much more secure.
  • Page 161 Network. The Local and Remote Network addresses must fit with this mask. 255.255.255.0 is a logical choice for most users. Remote Gateway: This is the public facing, WAN-side IP address of the network that the local gateway is going to connect to. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 162 Netmask of 255.255.255.255. Click Save to record each new route. When you have finished adding routes, click Finish to save your GRE tunnel configuration. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 163: L2Tp Tunnels

    NOTE: L2TP requires a feature license. Go to System Settings → Feature Licenses to enable this feature. Layer 2 Tunneling Protocol (L2TP) tunnels can be used to create a connection between two private networks. Once you have a valid feature license, click Add to create a new L2TP tunnel. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 164 Username – Username for user-specific authorization. Leave blank to • disable. Password – Shared secret (or password) used to authenticate the • associated Local and Remote names. Redial Enabled – Reconnect if disconnected. • © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 161...
  • Page 165 This should be set to the network address at the remote side of the tunnel. • Netmask – This is the corresponding subnet mask of the network being defined. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 166 (1.2.3.4 is common). Home Agent IP Address, Home Agent Password, and Home Agent SPI – Your home agent will be defined by your NEMO service provider. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 167 (maximum transmission unit) of the NEMO tunnel. The TCP (maximum segment size) is automatically derived from the MTU. Leave blank to rely on Path MTU Discovery. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 164...
  • Page 168: Nhrp Configuration

    • NBMA Address: NBMA server address the protocol address/prefix is associated with. • Flags: o SD: Shortcut-Destination o N: Non-Caching o S: Shortcut o R: Redirect © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 165...
  • Page 169 • Non-Caching: Disables caching of peer information from forwarded NHRP resolution reply packets. • Shortcut: Enable creation of shortcut routes. • Redirect: Enable sending of proprietary enterprise-style NHRP traffic indication packets. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 170: Vpn Tunnels

    The IBR600/IBR650 uses IPsec (Internet Protocol security) to authenticate and encrypt packets exchanged across the tunnel. To set up a VPN tunnel with the IBR600/IBR650 on one end, there must be another device (usually a router) that also supports IPsec on the other end.
  • Page 171 Authentication Mode: Select from Pre-Shared Key and Certificate. Pre-Shared Key is used when there is a single key common to both ends of the VPN. Certificate requires the creation of a set of certificates and a private key that can be © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 172 Tunnel Enabled: Enabled or Disabled. MBR1200 Quick Connect: VPN tunnels in the IBR600/IBR650 have more choices than they do in the MBR1200, so it is more complex to configure. Check this box to simplify setup by streamlining your options.
  • Page 173 WAN Binding device(s) are NOT connected. This is typically useful when the VPN tunnel is being used as a hot- spare on a router with multiple active WAN connections and the VPN tunnel is only needed in the absence or unavailability of a particular WAN device (an MPLS-based WAN device for example). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 174 Enter the Network IP address with the Subnet Mask to define the remote network subnet that the local devices will have access to. NOTE: The remote network IP address must be different from the local network IP address. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 175 Phase 1 keys. Encryption, Hash, and DH Groups: Each IKE exchange uses one encryption algorithm, one hash function, and one DH group to make a secure exchange. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 176 In Phase 1, only one DH group can be selected while using Aggressive exchange mode. By default, all the algorithms (encryption, hash, and DH groups) supported by the IBR600/IBR650 are checked, which means they are allowed for any given exchange. Deselect these options to limit which algorithms will be accepted. Be sure to check that the router (or similar device) at the other end of the tunnel has matching algorithms.
  • Page 177 Phase 2 has the same selection of Encryption, Hash, and DH Groups as Phase 1, but you are restricted to only one DH Group. Phase 2 and Phase 1 selections do not have to match. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 178 Additionally, you can specify how many Maximum Requests to send at the selected time interval before the tunnel is considered dead. You must click Finish to save your VPN tunnel. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 179 DH Groups • DPD Click Yes at the bottom of the Tunnel Summary page to save your configuration changes. This will cause active tunnels to restart. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 176...
  • Page 180 IKE / ISAKMP NAT-T Port: Internet Key Exchange / Internet Security Association and Key Management Protocol network address translation traversal port. Default: 4500. This is a standard VPN NAT-T port that usually does not need to be changed. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 181 2. The Tunnel Name for the side of the tunnel that is not behind the NAT firewall must be “anonymous”. 3. The VPN tunnel must be initiated from the side that is behind the NAT firewall. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 182 WiFi as WAN uses another WiFi network as its Internet source and then rebroadcasts its own local network. For example, the IBR600 can create a private LAN using the public WiFi from a hotel as its WAN. WiFi Bridge functions similarly, but it rebroadcasts the original network.
  • Page 183 When in WiFi Bridge mode with a configured profile, a WiFi Bridge device will be added to the local network interfaces, providing a way to bridge two LANs over a WiFi connection. For example, two separate CradlePoint routers linked through WiFi Bridge mode allows you to have one WiFi-connected network in two separated sections of a large office building.
  • Page 184 If you click on a network in the Site Survey, you can import it as a saved profile. You can sort the list based on any of the fields by clicking on the field name. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 185 If you import a network from Site Survey, most of the information about the network will already be completed. You need to input the password (if there is one) and then click submit to save the WiFi as WAN profile. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 186 Scan While Connected: Continue to scan for WiFi as WAN profile updates when connected. Each time a scan occurs the wireless communication of the router will be temporarily interrupted. Normally this should be disabled. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 187: Wan Affinity

    LAN, saving you money. Click “Add” to open the WAN Affinity Policy Editor and create a new WAN Affinity rule. Name: Give a name for your rule that is meaningful to you. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 188 LAN here (leaving the last slot “0” to allow for any user attached to the guest network): Source IP Address: 192.168.10.0 • Source Netmask: 255.255.255.0 • © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 185...
  • Page 189 • Round-Robin: Evenly distribute each session to the available WAN connections. • Rate: Distribute load based on the current upload and download rates. A WAN device's upload and download bandwidth values can be set in Internet → Connection Manager. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 190 Data Usage rule for each interface, rather than distributing sessions based solely on bandwidth. For proper function you need to create data usage rules for each WAN device you will be load balancing. Make certain to select the "Use with Load Balancing" checkbox in the Data Usage rule editor. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 191: System Settings

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 8 SYSTEM SETTINGS The System Settings tab has the following submenu options that provide access to tools for broad administrative control of the CradlePoint COR: • Administration • Device Alerts • GPIO Connector •...
  • Page 192: Administration

    Admin Password: Enter a password for the administrator who will have full access to the router's management interface. You can use the default password on the back of your product, or you can create a custom Administrator Password. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 193 Local Users mode to prevent users from being locked out. Authentication Service: Choose from: • ASCII / Login • PAP © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 190...
  • Page 194 "1.2.3.4", or a DNS name in form of "host.domain.com". Only lower case letters are allowed for a DNS name. Port: Port 1812 is common for RADIUS servers. Shared Secret © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 191...
  • Page 195 Time Zone: Select from a dropdown list. Setting your Time Zone is required to properly show time in your router log. Daylight Savings Time: Select this checkbox if your location observes daylight savings time. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 196 Enable SSH Server: When the router's SSH server is enabled you may access the router's command line interface (CLI) using the standards-based SSH protocol. Use the username "admin" and the standard system password to log in. SSH Server Port: Default: 22. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 197 SSH access is enabled in the Local Management tab. Some Carriers block the remote SSH Access ports. If a ping to the router's WAN port does not work, it is unlikely that remote SSH Access will work. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 198 • Enable GPS server on WAN: Enables a server on the WAN side of the firewall which will periodically send GPS NMEA sentences to TCP connected clients. It also responds to incoming UDP datagrams. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 199 Include System ID, the report will include proprietary sentences of the following format (in addition to the standard sentences): $PCPTI,{System ID},{router timestamp},{GGA timestamp},{GGA checksum}*{checksum} “PCPTI” stands for Proprietary, CradlePoinT, Identification (P-CPT-I). © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 200 Time in seconds since last update from differential reference stations 0138 Differential reference station ID number Checksum – used by program to check for transmission errors © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 197...
  • Page 201 $GPVTG – Vector track and speed over ground $GPVTG,054.7,T,034.4,M,005.5,N,010.2,K 054.7,T Track, degrees relative to true north 034.4,M Track, degrees relative to magnetic north 005.5,N Ground speed, knots 010.2,K Ground speed, kilometers per hour © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 198...
  • Page 202 • SMS is a slow protocol. It can take seconds or up to a few minutes for messages to be delivered. • SMS messages are not encrypted; they are sent in full readable text over the network. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 203 This list is blank by default, which means that the router will accept SMS messages from any phone number. Leaving this blank is unsecure, so CradlePoint recommends that you add phone numbers to this list. Once any numbers are listed, only those numbers have the ability to connect to the router via SMS.
  • Page 204 NOTE: The subject field may be limited to a certain number of characters, so if you get an error when sending the command on the subject line, switch to using the body instead.) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 205 • Example: 1234,reboot, restore: Restore the router to factory defaults • Syntax: <password>,restore, • Example: 1234,restore, rstatus: Get router status • Syntax: <password>,rstatus, • Example: 1234,rstatus, © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 202...
  • Page 206 Reboot the modem* • Syntax: <password>,mreboot,[port,] • Example: 1234,mreboot, //This will reboot the highest priority modem. • Example: 1234,mreboot,usb1, //This will reboot the modem on port usb1 © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 203...
  • Page 207 The “port” parameter is optional. It specifies which port to perform the action on. If not given, the action will happen on the highest priority modem. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 208 Set the modem’s APN to the correct setting: 1234,apn,broadband, Verify the APN was set properly: 1234,mstatus, Continue to verify the status periodically to ensure that the modem connects: 1234,rstatus, © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 205...
  • Page 209 If this occurs, disable this option. Log to attached USB stick: Only enable this option if instructed by a CradlePoint support agent. This will write a very verbose log file to the root level of an attached USB stick. Please disable the feature before removing the USB stick, or you may lose some logging data.
  • Page 210 DNS Server and Secondary DNS Server: The primary and secondary DNS server numbers match the static DNS values (set at Network Settings → DNS). You can leave the default values or set them manually here. (Changing these values also changes the static DNS values.) © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 211: Device

    • Recurring System Log: The system log is sent periodically. This alert contains all of the system events since the last recurring alert. It can be scheduled for daily, weekly and monthly reports (Frequency). You also choose the Time you want the Alert sent. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 212 8.2.1 SMTP Mail Server Since the IBR600/IBR650 does not have its own email server, to receive alerts you must enable an SMTP server. This is possible through most email services (Gmail, Yahoo, etc.). Each SMTP server will have different specifications for setup, so you have to look those up separately. The following is an example using Gmail: •...
  • Page 213 Retry Attempts: The number of attempts made to send an alert to the mail server. After the attempts are exhausted, the alert is discarded. Retry Delay: The delay between retry attempts. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 214: Gpio Connector

    Output: LVTTL Digital Output (capable of source/sink of 50mA) This section is used to configure these Input and Output General Purpose I/O pins. Current Value: Displays HIGH or LOW for both the Input Pin and Output Pin. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 215 • Modem Connected: In this mode the output pin is logic low until the modem has connected to a tower. If the connection drops, this output is set low until the connection is restored. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 216: Enterprise Cloud Manager

    COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT 8.4 Enterprise Cloud Manager CradlePoint ECM is a cloud-based management service for configuring, monitoring, and organizing your CradlePoint routers. Key features include: • Group based configuration management • Health monitoring of router connectivity and data usage •...
  • Page 217 • Ethernet Communication Only: Select this to ensure that the WiPipe Central client will not start unless the WAN is Ethernet. • Registration URL: Register your router using the code provided by CradlePoint when you purchase WiPipe Central. © 2013 CRADLEPOINT, INC.
  • Page 218: Feature Licenses

    CRADLEPOINT 8.5 Feature Licenses Some CradlePoint features may require a license. These features are disabled by default. To obtain a feature license, contact your CradlePoint sales representative. Once you have obtained the feature license file, upload the file to enable the feature. A reboot is required after uploading a feature license file.
  • Page 219: Hotspot Services

    Network Settings → WiFi / Local Networks. NOTE: Although any network can be a hotspot, the IBR600 allows only one hotspot. Hotspot Mode: Choose from the following dropdown options: •...
  • Page 220 Idle Timeout: (Default: 15 minutes.) If the user is idle for this amount of time, make them re-authenticate. Bandwidth (upload): (Default: 512 Kbits/sec.) The data rate limit for users uploading data through the hotspot. Bandwidth (download): (Default: 1024 Kbits/sec.) The data rate limit for users downloading data through the hotspot. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 221 • Bandwidth (upload): (Default: 512 Kbits/sec.) The data rate limit for users uploading data through the hotspot. • Bandwidth (download): (Default: 1024 Kbits/sec.) The data rate limit for users downloading data through the hotspot. • © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 222 Click Submit to save your additions. Authorized MAC Addresses 8.6.4 Add the MAC addresses of trusted machines you want to give automatic access through the Hotspot portal. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 219...
  • Page 223: Redirector

    USB Serial Adapter Configuration Baud Rate: Select from the dropdown list. • 50 • 75 • 110 • 134 • 150 • 200 • 300 • 600 © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 220...
  • Page 224 Software (XON/XOFF): Use XON/XOFF to enable flow control. Linefeed: Select how you want linefeeds translated (CR = carriage return and LF = line feed). • Ignore • CR/LF • CR • LF © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 221...
  • Page 225: Snmp Configuration

    SNMP, or Simple Network Management Protocol, is an Internet standard protocol for remote management. You might use this instead of CradlePoint Enterprise Cloud Manager if you want to remotely manage a set of routers that include both CradlePoint and non-CradlePoint products.
  • Page 226 8 characters long. Enable SNMP traps: Enabling traps will allow you to configure a destination server, community, and port for trap notifications. Trap notifications are returned to the server with SNMPv1. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/...
  • Page 227 NOTE: System information via SNMP is by default Read-Writable. However, if the value is set here, that field will become Read-Only. System Contact: Enter in an email address. System Name: Enter in the router’s host name. System Location: Enter in the physical location of the router. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 224...
  • Page 228: System Control

    Ping Test: A simple test to check Internet connectivity. Type the Hostname or IP address of the computer you want to ping and press 'Enter' or click the 'Ping' button. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 229: System Software

    This allows the administrator to load new firmware onto the router to add new features or fix defects. If you are happy with the operation of the router, you may not want to upgrade just because a new version is available. Check the firmware release notes (www.cradlepoint.com/firmware) for information to decide if you should upgrade. Current Firmware Version: Shows the number of the current firmware and the date it was updated.
  • Page 230 Firmware Upgrade and System Config Restore 8.10.3 Load new firmware and restore your previous settings from a file on a computer without rebooting between steps.     © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 227...
  • Page 231 The loss in strength of digital and analog signals. The Advanced Encryption Standard loss is greater when the signal is being transmitted over AES. Government encryption standard. long distances. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 228...
  • Page 232 Internet access from your A data frame by which one of the stations in a WiFi Cable provider. network periodically broadcasts network control data to other wireless stations. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 229...
  • Page 233 Default A predetermined value or setting that is used by a program when no user input has been entered for this value or setting. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 230...
  • Page 234 Domain Name System: Translates Domain Names to IP Email addresses. Electronic Mail is a computer-stored message that is Domain name transmitted over the Internet. A name that is associated with an IP address. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 231...
  • Page 235 Programming that is inserted into a hardware device that H.323 tells it how to function. A standard that provides consistency of voice and video transmissions and compatibility for video conferencing devices. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 232...
  • Page 236 A networking device that connects multiple devices Internet Protocol together. The method of transferring data from one computer to ICMP another on the Internet. Internet Control Message Protocol. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 233...
  • Page 237 LAN. A group of computers in a building that usually developed by Novell to enable their Netware clients and access files from a server. servers to communicate. Internet Service Provider. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 234...
  • Page 238 Determines what portion of an IP address designates the computer. Network and which part designates the Host. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 235...
  • Page 239 A logical channel endpoint in a network. A computer changes to the routing table are sent to all the other might have only one physical channel (its Ethernet © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 240 To restart a computer and reload its operating software A computer on a network that provides services and or firmware from nonvolatile storage. resources to other computers on the network. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES...
  • Page 241 Simple Network Management Protocol. TCP Raw SOHO A TCP/IP protocol for transmitting streams of printer data. Small Office/Home Office. TCP/IP Transmission Control Protocol/Internet Protocol. Stateful Packet Inspection. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 238...
  • Page 242 Sending voice information over the Internet as opposed product. to the PSTN Upgrade VoIP To install a more recent version of a software or firmware Voice over IP. product. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 239...
  • Page 243 Wireless Fidelity. Used to describe any of the 802.11 A generic term for the family of digital subscriber line wireless networking specifications. (DSL) technologies, such as ADSL, HDSL, RADSL, and SDSL. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 240...
  • Page 244 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT Yagi antenna A directional antenna used to concentrate wireless signals on a specific location. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 241...
  • Page 245 ALL TIMES (since the device otherwise could transmit signals that might interfere with various onboard systems on such aircraft). Furthermore, under no circumstances should the IBR600/IBR650 device be used by the driver or operator of any vehicle. Such use of the device will detract from the driver or operator’s control of that vehicle. In some jurisdictions, use of the IBR600/IBR650 device while driving or operating a vehicle constitutes a civil and/or criminal offense.
  • Page 246 CradlePoint, Inc. warrants this product against defects in materials and workmanship to the original purchaser (or the first purchaser in the case of resale by an authorized distributor) for a period of one (1) year from the date of shipment. This warranty is limited to a repair or replacement of the product, at CradlePoint’s discretion. CradlePoint does not warrant that the operation of the device will meet your requirements or be error free.
  • Page 247 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT www.cradlepoint.com/legal. Please read these documents carefully. CradlePoint, the CradlePoint logo, and IBR600/IBR650 are trademarks of CradlePoint, Inc. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 244...
  • Page 248: Specifications

    Forwarding, Routing Rules, Route Management, Content ANTENNAS Filtering, Website Filtering, Local DHCP server, DHCP 2 external 2.4 GHz WiFi antennas – 500+ feet range (IBR600 only); Client, DNS, DNS Proxy. ALGs: PPTP, L2TP, PPPoE pass- 2 external modem antennas through, IPSec pass-through, FTP (passive), FTP (active),...
  • Page 249 COR | USER MANUAL Firmware ver. 5.0.0 CRADLEPOINT http://www.cradlepoint.com/ Copyright © 2013 by CradlePoint, Inc. All rights reserved. © 2013 CRADLEPOINT, INC. PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES PAGE 246...

This manual is also suitable for:

Ibr650Cor ibr650

Table of Contents