Cradlepoint AER3100 User Manual
  1. Manuals
  2. Brands
  3. Cradlepoint Manuals
  4. Network Router
  5. AER3100 Series
  6. User manual

Cradlepoint AER3100 User Manual

Aer series router
Hide thumbs Also See for AER3100:
Table of Contents

Advertisement

Quick Links

User Manual
/
AER3100/AER3150
AER Series
Router
AER3100 / AER3150
User Manual
1
©2015 Cradlepoint. All Rights Reserved.
|
+1.855.813.3385
|
cradlepoint.com

Advertisement

Table of Contents
loading

Related Manuals for Cradlepoint AER3100

Summary of Contents for Cradlepoint AER3100

  • Page 1 User Manual AER3100/AER3150 AER Series Router AER3100 / AER3150 User Manual ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 2: Table Of Contents

    User Manual AER3100/AER3150 TABLE OF CONTENTS INTRODUCTION WHAT’S IN THE BOX KEY FEATURES WIFI (ONLY ON AER3100) MANAGEMENT VPN AND ROUTING SECURITY CLOUD OPTIMIZED IP COMMUNICATIONS SYSTEM REQUIREMENTS SPECIFICATIONS ACCESSORIES BUSINESS-GRADE MODEM SPECIFICATIONS HARDWARE LEDS SUPPORT AND WARRANTY QUICK START...
  • Page 3 NHRP SECURITY IDENTITIES ZONE FIREWALL CONTENT FILTERING THREAT MANAGEMENT CERTIFICATE MANAGEMENT SYSTEM ADMINISTRATION ENTERPRISE CLOUD MANAGER DEVICE ALERTS SERIAL REDIRECTOR SNMP CONFIGURATION SYSTEM CONTROL DIAGNOSTICS SETUP WIZARDS APPENDIX SAFETY, REGULATORY, AND WARRANTY GUIDE ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 4: Introduction

    • Dual SIM slots in each modem • Most models include support for active GPS • 13 10/100/1000 Ethernet ports (WAN/LAN switchable) • WiFi as WAN (only on AER3100) • Failover/Failback • Load Balancing • Advance Modem Failure Check •...

  • Page 5: Wifi (Only On Aer3100)

    • Multicast/Multicast Proxy • QoS (DSCP and Priority Queuing) • MAC Address Filtering WIFI (ONLY ON AER3100) • Dual-Band Dual-Concurrent (3×3 MIMO) • 802.11 (a/b/g/n/ac) • Up to 256 connected devices (128 per channel – 2.4 GHz and 5 GHz) •...

  • Page 6: Cloud Optimized Ip Communications

    Support SYSTEM REQUIREMENTS • At least one Internet source: a Cradlepoint integrated 3G/4G modem with an active data plan, an Ethernet-based modem, or WiFi as WAN • Windows 7/8, Mac OS X, or Linux computer (with WiFi adapter – 802.11n recommended – for WiFi functionality) •...

  • Page 7: Accessories

    4” Mini mag-mount antenna (Part # 170606-000) BUSINESS-GRADE MODEM SPECIFICATIONS AER3100/AER3150 models include an internal 4G LTE modem (MC400); specific model names include a specific modem (e.g., the AER3100LPE-VZ includes an MC400LPE-VZ modem for Verizon). Please note that LPE models are flexible and support bands for multiple cellular providers; however, only the frequency bands in bold below are supported by the listed provider.
  • Page 8 Antennas: two SMA male (plug), 1 dBi (LTE), 2 dBi (Cellular/PCS) gain; finger tighten only (maximum torque spec is 7 kgf-cm) • GPS: active GPS support • Industry Standards & Certs: PTCRB, FCC, IC, AT&T • Modem Part Number: MC400LPE ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 9 Power: LTE 23 dBm +/− 1, HSPA+ 23 dBm +/− 1, EVDO 24 dBm +0.5/−1 (typical conducted) • Antennas: two SMA male (plug), 1 dBi (LTE), 2 dBi (Cellular/PCS) gain; finger tighten only (maximum torque spec is 7 kgf-cm) • GPS: active GPS support ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 10 Power: LTE 23 dBm +/− 1, HSPA+ 23 dBm +/− 1, EVDO 24 dBm +0.5/−1 (typical conducted) • Antennas: two SMA male (plug), 1 dBi (LTE), 2 dBi (Cellular/PCS) gain; finger tighten only (maximum torque spec is 7 kgf-cm) • GPS: active GPS support ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 11: Hardware

    WAN or WAN WiFi Antenna Connector (Reverse SMA) Default: WAN Default: LAN (Reverse SMA) LEDs USB 2.0 Console WiFi Antenna Connector Power Switch Ground Lock Port Port (Reverse SMA) and Port Screw Slot ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 12: Leds

    VPN Indicates information about a VPN data source. • Green = Active VPN tunnel. 2.4GHz WiFi BROADCAST (only on AER3100) These two LEDs indicate activity on the WiFi broadcast 5GHz for both the 2.4 GHz and 5 GHz bands. •...

  • Page 13: Quick Start

    BASIC SETUP 1. Insert an activated SIM A wireless broadband data plan must be added to your Cradlepoint AER3100. Wireless broadband data plans are available from wireless carriers such as Verizon, AT&T, Sprint, EE, and Vodafone. The SIM must be provisioned with the carrier.
  • Page 14 Ethernet LAN ports (numbered 1–12). The default WiFi network names broadcast are “AER3100-xxx” and “AER3100-xxx-5g”, where “xxx” is the last three characters of your router’s MAC address (this is the SSID on the product label). To connect to the WiFi, you will need to input the DEFAULT PASSWORD when prompted.

  • Page 15: Accessing The Administration Pages

    User Manual AER3100/AER3150 ACCESSING THE ADMINISTRATION PAGES Once you are connected, open the Cradlepoint AER3100’s GUI-based administration pages to make configuration changes to your router. 1. Open a browser window and type “cp/” or “192.168.0.1” in the address bar. Press ENTER/RETURN.

  • Page 16: First Time Setup Wizard

    When you log in for the first time, you will be automatically directed to the FIRST TIME SETUP WIZARD, which will walk you through the steps to customize your Cradlepoint AER3100. You have the ability to configure any of the following: •...

  • Page 17: Quick Links

    You may return to the Dashboard at any time by clicking on DASHBOARD from the left menu or by clicking on the Cradlepoint logo at the top-left of the screen. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385...

  • Page 18: Connection Manager

    Selecting Load Balance will automatically start the WAN interface and add it to the pool of WAN interfaces to use for data transfer. Turning off Load Balance for an active WAN interface may require the user to restart any current browsing session. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 19 If this is not selected, the router will still failover to the next highest priority interface but only after the user has attempted to get out to the Internet and failed. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 20 Immediate failback returns you to the use of your preferred Internet source more quickly which may have advantages such as reducing the cost of a failover data plan, but it may cause more interruptions in your network than Usage or Time modes. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 21 Custom Alert Percentages: Example: “50,80,90,110” (values can exceed 100%) (Triggers alerts when 50, 80, 90, 110% of usage cap is used) NOTE: To enable data usage, check Data Usage Enabled from WAN Management. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 22: Status

    Ethernet LLDP System Logs INTERNET CONNECTIONS Select your device to reveal detailed information about the following device properties: • Summary • Modem • Cellular Network • General Information • IPv4 Information • Statistics ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 23 User Manual AER3100/AER3150 ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 24 User Manual AER3100/AER3150 ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 25 Last Traffic To reset information, click Reset Statistics. STATISTICS Statistics can be gathered at variable Sample Rate and Sample Size for the following areas: • Wireless Device • Data Usage • Failover/Failback/Load Balance ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 26 User Manual AER3100/AER3150 Displays packets and bytes transmitted and received by your Quality of Service (QoS) queues. To enable and configure QoS, go to NETWORKING > QoS. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 27: Client List

    CP Secure VPN Tunnels, go to NETWORKING > Tunnels > CP Secure VPN. IPSEC VPN Displays status of your IPSec VPN Tunnels. To add and configure IPSec VPN Tunnels, go to NETWORKING > Tunnels > IPSec VPN. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 28: Firewall

    Displays status of your GRE Tunnels. To add and configure GRE Tunnels, go to NETWORKING > Tunnels > GRE. FIREWALL Displays information about your Firewall Connection Tracking States. To configure your firewall, select SECURITY from the left navigation. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 29: Routing

    Displays information about your Ethernet ports. To configure Ethernet ports, go to NETWORKING > Local Networks > Ethernet Ports. Displays GPS location and status. To enable and configure GPS, go to SYSTEM > Administration > GPS. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 30: Lldp

    AER3100/AER3150 LLDP Displays LLDP information. To enable LLDP, go to SYSTEM > Administration > LLDP. SYSTEM LOGS Displays System Log information. To configure System Logging, go to SYSTEM > Administration > System Logging. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 31: Networking

    This name is referred to as the SSID (service set identifier). For security purposes, Cradlepoint highly recommends that you change this from the pre-configured name. Hidden: This shows whether the router broadcasts its SSID. It is...
  • Page 32 NOTE: If you don’t know whether you should choose Personal or Enterprise, assume Personal since you need to know RADIUS authentication for Enterprise. In order to protect your network from hackers and unauthorized users, Cradlepoint highly recommends WPA2/AES for security if your attached devices can support it. WEP and WPA/TKIP are obsolete and have been replaced by WPA/AES.
  • Page 33 DTIM with a DTIM Interval value. Wireless clients detect the beacons and awaken to receive the broadcast and multicast messages. The default value is 1. Valid settings are between 1 and 255. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 34 WAN port and 12 numbered LAN ports. While default settings will be sufficient in most circumstances, you have the ability to control: Mode (WAN or LAN) and Link Speed. Additional controls for WAN ports are available in CONNECTION MANAGER. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 35 Redirect HTTPS Requests: This allows initial requests to HTTPS websites to be redirected appropriately. Hotspot/UAM Authentication Port: Default: 8000. Type in a different port number, or use the slider to change the port. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 36 Add the MAC addresses of trusted machines. This gives them automatic access through the hotspot portal. Click Add to enter new MAC Addresses you wish to allow. Click Update to save your additions. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 37 Click Add to configure a new network, Remove to delete a network, or select an existing network and click Edit to view configuration options. General Settings Enabled: The network can be manually disabled or in some specific situations may be automatically disabled to work with certain types of modems. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 38 UPnP Gateway: Select the UPnP (Universal Plug and Play) option if you want to enable the UPnP Gateway service for computers on this network. Admin Access: When enabled users may access these admin pages from this network. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 39 IPv6 DHCP Lease Time: Specifies how long DHCP enabled computers will wait before requesting a new DHCP lease. Schedule Enable Schedule Service: Enable the interface scheduler. A schedule allows an interface to be enabled or disabled during specific hours of a day. VRRP Enable VRRP: Enable or disable VRRP. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 40 RADIUS server’s interface. NOTE: If you don’t know the MAC address for the RADIUS server, enter 00:00:00:00:00:00, and the service will try to find the MAC address from the given IP address. Port Password ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 41 User Manual AER3100/AER3150 The AER3100 is compatible with the IEEE802.3af/ at standard(s) and supports a 62W total power budget that can be used across up to four Ethernet ports to support various compliant Class I, II, III and IV devices (PD).

  • Page 42: Vlan Interfaces

    Click Add to create a new VLAN interface. To edit an interface, select the check box next to the desired interface. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 43: Tunnels

    (Internet Protocol security) to authenticate and encrypt packets exchanged across the tunnels. To set up a VPN tunnel with a Cradlepoint router on one end, there must be another device (usually a router) that also supports IPsec on the other end.
  • Page 44 Make a selection for “When,” “Condition,” and “Value” to create a WAN Binding. The condition will be in the form of these examples: When Condition Value Port USB Port 1 Type Is not WiMax ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 45 Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). • Model – Set your rule according to the specific model of modem.
  • Page 46 The strength of the key generated is partially determined by the strength of the DH Group. Group 5, for instance, has greater strength than Group 2. • Group 1: 768-bit key ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 47 DH Group. Phase 2 and phase 1 selections do not have to match. For the Hash selection an added value of SHA 256_128 (128-bit truncation) is avaliable. The original specification and the Cradlepoint default is 96-bit truncation, but RFC4868 requires 128-bit. A VPN to newer Cisco or Juniper devices will typically require 128-bit.
  • Page 48 Client • Server • Device Type - Select between Routed (TUN) or Bridged (TAP) virtual device. • Routed creates an interface that can be used in the Zone Firewall and is fully routable. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 49 TLS-Authentication – In client/server mode: adds an additional layer of HMAC authentication on top of the tls control channel to protect against DoS attacks. In point-to-point mode: encrypts the communication using a static key. These keys must match on each endpoint. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 50 Generic Routing Encapsulation (GRE) tunnels can be used to create a connection between two private networks. Most Cradlepoint routers are enabled for both GRE and VPN tunnels. GRE tunnels are simpler to configure and more flexible for different kinds of packet exchanges, but VPN tunnels are much more secure.
  • Page 51 Port – Select by the physical port on the router into which you are plugging the modem (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”) • Model – Set your rule according to the specific model of modem •...
  • Page 52 Then go to the Keep Alive page. Under Failover Tunnel select the other tunnel you have created. 3. Open the editor for the failover tunnel. Make sure Tunnel Enabled is not selected. On the Keep Alive page, set the Failback Tunnel to your primary tunnel. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 53 Specify the number of seconds between each check-in. MTU – Override the maximum transmission unit (MTU) of the NEMO tunnel. The TCP (maximum segment size) is automatically derived from the MTU. Leave blank to rely on Path MTU Discovery. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 54 Leave blank to match any. • Secret – Shared secret (or password) used to authenticate the associated Local and Remote names. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 55: Routing

    Allow Network Access: (Default: Deselected.) Some static routes will need an IP Filter Rule via the Firewall to allow packets through the route without being blocked. Selecting this option automatically creates this IP ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 56 BGP protocol uses the AS number for detecting whether the BGP connection is internal one or external one. Use the IPv4 address and netmask or IPv6 address with a CIDR notation prefix length to define the address range. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 57 (if specified). Redistributed routes may also be filtered with distribute lists. • Type: The type is the source of the route. Select from: Main, Connected, Static, RIP, OSPF. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 58 (if specified), filtering the routes using the given route map (if specified). Redistributed routes may also be filtered with distribute lists. • Type: The type is the source of the route. Select from: Main, Connected, Static, OSPF, BGP. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 59: Qos

    Enable QoS: Click on this box to open options for controlling Internet traffic. You can assign maximum Upload Speed and Download Speed values and define your own Traffic Shaping rules. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 60 DSCP Tagging is sometimes used so that other networking equipment, upstream or post-NAT, can do traffic shaping based on the DSCP Tags as opposed to IP addresses or ports. This setting is optional. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 61 Move the slider to select from the following options (Default: Normal): • Lowest • Lower • Below Normal • Normal • Above Normal • High • Higher • Highest Click Finish to save this queue. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 62 • Source IP Address: 192.168.10.0 • Source Netmask: 255.255.255.0 Application Set: Application sets can be defined in the Application Sets tab of the Firewall Configuration page. The application identification might not take place ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 63: Dns Servers

    Click Finish to save this rule. DNS SERVERS DNS, or Domain Name System, is a naming system that translates between domain names (www.cradlepoint. com, for example) and Internet IP addresses (206.207.82.197). A DNS server acts as an Internet phone book, translating between names that make sense to people and the more complex numerical identifiers.
  • Page 64 IP address will have to be manually configured in this field. You may find out what your external IP address is by going to http://myip.dnsomatic.com in a web browser. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 65: Wifi As Wan

    WiFi Radio #1 (2.4 GHz) • WiFi Radio #2 (5 GHz) All Cradlepoint routers and some other routers use the same default IP address for the primary network: 192.168.0.1. If you attempt to set up WiFi as WAN and there is an “IP conflict,”...
  • Page 66 Scan While Connected: Continue to scan for WiFi as WAN profile updates when connected. Each time a scan occurs the wireless communication of the router will be temporarily interrupted. Normally this should be disabled. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 67: Wan Affinity

    Failover: (Default: Selected.) When this is selected and traffic from the chosen WAN device for this rule is interrupted, the router will fail over to another available WAN device. Deselect this option to restrict this traffic to only the selected WAN interface. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 68: Client Data Usage

    Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). • Model – Set your rule according to the specific model of modem.

  • Page 69: Nhrp

    NHRP resolution reply packets. • Shortcut: Enable creation of shortcut routes. • Redirect: Enable sending of proprietary enterprise-style NHRP traffic indication packets. • Multicast: Determines how multicast packets should be forwarded through NHRP interfaces. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 70 (displays flag R in the static mapping table if selected) • Proprietary OS: This should be enabled if the statically mapped peer is running proprietary OS (displays flag C in the static mapping table if selected). ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 71: Security

    IP addresses are entered using CIDR notation, e.g. 1.2.3.4/32 and 0123:4567::CDEF/128. FQDN addresses are entered with at least one dot separating a top-level domain from a root zone, e.g. cradlepoint.com. To add a Host Address Identity, click Add. PORTS A port identity member can be entered as a single Start port number or as a port range by entering both a Start and End port number.

  • Page 72: Zone Firewall

    Log: When checked, each packet matching this filter rule will be logged in the System Log. • IP Version: Select the IP version to match. • Enter match criteria under Source, Destination, Protocols and Application Sets. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 73 IP address of the server and the client. Note that this may create a lot of log entries, especially on a busy network. Sending the system log to a syslog server is recommended. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 74 The primary purpose for Cradlepoint’s NPT implementation is for failover/failback and load balancing setups. LAN clients can potentially retain the original IPv6 lease information and may experience a more seamless transition when WAN connectivity changes than if not utilizing NPT.
  • Page 75 LAN to be redirected to a specific computer/IP address on the Internet. Click Add to create a new port proxying rule, or select an existing rule and click Edit. Add/Edit Port Proxying Rule ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 76 One-to-One NAT can be accomplished by specifying a host address or a /32 cidr address. Click Add to create a Dynamic 1:1 NAT. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 77: Content Filtering

    HTTPS Port (Optional): The port for the proxy to forward HTTPS traffic to. HTTPS is not transparently intercepted and must have the LAN clients configured to use the Cradlepoint router as a proxy for HTTPS to work properly. MAC WEB FILTER RULES...
  • Page 78 IP addresses will be appended to the appropriate block/allow list. This can have side effect of being very strict and sites that are hosted across many domains may need every domain added the list for full functionality. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 79 Licenses to enable this feature. Enter your Zscaler account information to enable these settings. Input local network information (Network Address and Netmask) to assign your Zscaler implementation to one or more local network(s). ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 80: Threat Management

    User Manual AER3100/AER3150 THREAT MANAGEMENT NOTE: Threat Management is only available for the AER family or Cradlepoint products, and requires a feature license. Enable this feature through Enterprise Cloud Manager. Cradlepoint Secure Threat Management leverages Trend Micro’s security experience and expertise in this...
  • Page 81 Application ID Logging: (Disabled by default.) The DPI engine can identify network traffic applications and send this information to the system logs. Depending on your network traffic uses, application ID logging may send huge amounts of data to the system logs. Cradlepoint recommends enabling a syslog server to manage this information.

  • Page 82: Certificate Management

    • Organization Information: The organization to which the certificate issuer belongs • Common Name: Name used to match authentication credentials To add a local certificate, click Add. Remove a local certificate by selecting the certificate and clicking the Remove button. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 83 To import, choose a certificate file in PKCS #12 format from your computer or local device and upload it to the router. Give the certificate a name that is meaningful to you. PKCS #12 files are protected by a passphrase – you must know this key to import the file. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 84 PKCS #12 format. When you export this file, you must create a passphrase to protect it. This key is required for future use of the file. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 85: System

    Require HTTPS Connection – Requiring a secure (https) connection is recommended • HTTP Port: Default – 8080. This option is disabled if you select “Require Secure Connection” • Secure HTTPS Port – Default: 8443. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 86 If a ping to the router’s WAN port does not work, it is unlikely that remote SSH access will work. FEATURE LICENSES Some Cradlepoint features may require a license. These features are disabled by default. To obtain a feature license, contact your Cradlepoint sales representative.
  • Page 87 Aa-Zz, numerals, and ‘_’. • Enable GPS server on LAN - Enables a server on the LAN side of the firewall which will periodically send GPS sentences to TCP connected clients. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 88 • SMS messages are not encrypted; they are sent in full readable text over the network. Enable SMS support – SMS support is enabled by default on the router. Deselect this to disable. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 89 If this occurs, disable this option. Log to attached USB stick: Only enable this option if instructed by a Cradlepoint support agent. This will write a very verbose log file to the root level of an attached USB stick. Please disable the feature before removing the USB stick, or you may lose some logging data.
  • Page 90 To configure minimum and maximum temperature alerts, use one of the following methods: 1. Enable these alerts in Enterprise Cloud Manager. 2. Set up an SMTP email server in SYSTEM > Device Alerts. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 91: Enterprise Cloud Manager

    (Default: Enabled) • Server Host:Port: The DNS hostname and port number for your ECM server. (Default: stream.cradlepoint.com) • Session Retry Timer: How long to wait, in seconds, before starting a new ECM session following a connection drop or connectivity failure.

  • Page 92: Device Alerts

    Feature License Expiration: Sends an alert when a feature license is about to expire. • Router SDK Application: A router SDK Application may send an alert. • Full System Log: The system log has filled. This alert contains the contents of the system log. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 93: Serial Redirector

    LAN connections. You must be logged into the router to use the redirector. • WAN: Enable serial redirector for WAN connections. • Server Port: Enter a port number for the redirector to use. (Default: 7218) ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 94: Snmp Configuration

    SNMP, or Simple Network Management Protocol, is an Internet standard protocol for remote management. You might use this instead of Enterprise Cloud Manager if you want to remotely manage a set of routers that include both Cradlepoint and non-Cradlepoint products. SNMP Configuration •...
  • Page 95 System Contact: Input the email address of the system administrator. • System Name: Input the router’s hostname. • System Location: Input the physical location of the router. This is simply a string for your own information. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 96: System Control

    If you are happy with the operation of the router, you may not want to upgrade just because a new version is available. Check the firmware release notes (cradlepoint.com/firmware) for information to decide if you should upgrade.

  • Page 97: Diagnostics

    Type the Hostname or IP address of the computer you want to ping and click the ‘Ping’ button. Speed Test • Tests Against Cradlepoint Server - Up to ten speed tests are permitted against a Cradlepoint server. • WAN Device - The WAN Device that is selected will have the test run on it.

  • Page 98: Setup Wizards

    WEP. This should only be used if a legacy device that only supports WEP will be connected to the router. WEP is insecure and obsolete and is only supported in the router for ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 99 Configuring Your APN and Modem Authentication If you are using a SIM-based modem (LTE/GSM/HSPA) with your Cradlepoint router you may need to configure the APN before it will properly connect to your carrier. Wireless carriers offer several APNs so check with your carrier to confirm the appropriate one to use.
  • Page 100 Passthrough • The Subnet Selection Mode will be set to “Automatically Create Subnet” unless overridden via the Subnet Selection Mode dropdown Any Ethernet WAN connections should be disconnected before IP passthrough is enabled. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 101: Appendix

    This device complies with Industry Canada license-exempt RSS standards. Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device. ©2015 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 102: Industry Canada Radiation Exposure Statement

    Model: S4A530A AER3100 AER3150 Cradlepoint, Inc. declares that this device is in compliance with the essential requirements of the R&TTE Directive 1999/5/EC, Energy Related Products Directive 2009/125/EC, Electromagnetic Compatibility Directive 2004/108/EC, Low Voltage Directive 2006/95/EC, and RoHS2 Directive 2011/65/EU. A copy of the original European DoC may be obtained from cradlepoint.com/product-certifications.

  • Page 103: Safety And Hazards

    (i.e., contain errors), or totally lost. The device is not intended for (and Cradlepoint recommends the device not be used in any) critical applications where failure to transmit or receive data could result in property damage or loss or personal injury of any kind (including death) to the user or to any other party.

  • Page 104: 2015 Cradlepoint. All Rights Reserved. | +1.855.813.3385 | Cradlepoint.com

    OTHER BINDING DOCUMENTS; TRADEMARKS; COPYRIGHT By activating or using your AER3100 or AER3150 device, you agree to be bound by Cradlepoint’s Terms of Use, User License and other applicable Legal Policies. © 2015 Cradlepoint, Inc. All rights reserved. Cradlepoint is not responsible for omissions or errors in typography or photography.

This manual is also suitable for:

Aer3150Ibr1100Ibr1150Aer1650 seriesAer1600 seriesAer3100 series ... Show all

Table of Contents