Cradlepoint IBR1100 User Manual
  1. Manuals
  2. Brands
  3. Cradlepoint Manuals
  4. Network Router
  5. COR IBR1100 series
  6. User manual

Cradlepoint IBR1100 User Manual

Cor series
Hide thumbs Also See for IBR1100:
Table of Contents

Advertisement

Quick Links

See also: Installation Manual , Manual
User Manual
/
IBR1100/IBR1150
7/15/16
COR Series
Router
IBR1100 / IBR1150
User Manual
1
©2016 Cradlepoint. All Rights Reserved.
|
+1.855.813.3385
|
cradlepoint.com

Advertisement

Table of Contents
loading

Related Manuals for Cradlepoint IBR1100

Summary of Contents for Cradlepoint IBR1100

  • Page 1 User Manual IBR1100/IBR1150 7/15/16 COR Series Router IBR1100 / IBR1150 User Manual ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 2: Table Of Contents

    DUAL MODEM DOCK HARDWARE AND DIMENSIONS LEDS SUPPORT AND WARRANTY QUICK START BASIC SETUP ACCESSING THE ADMINISTRATION PAGES FIRST TIME SETUP WIZARD USING ENTERPRISE CLOUD MANAGER ADMINISTRATION PAGES QUICK LINKS DASHBOARD CONNECTION MANAGER WAN INTERFACE PROFILES & PRIORITY ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 3 ZONE FIREWALL CONTENT FILTERING CERTIFICATE MANAGEMENT SYSTEM ADMINISTRATION ENTERPRISE CLOUD MANAGER DEVICE ALERTS SERIAL REDIRECTOR GPIO CONFIGURATION SNMP CONFIGURATION SYSTEM CONTROL DIAGNOSTICS SETUP WIZARDS APPENDIX SAFETY, REGULATORY, AND WARRANTY GUIDE ROUTER COMMUNICATION/DATA USAGE ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 4: Introduction

    • Quick Start Guide with warranty information NOTE: Due to the diverse needs of customers, the COR IBR1100/IBR1150 package does not include a power adapter or antennas. See the Accessories section below for several power and antenna options. KEY FEATURES •...

  • Page 5: Vpn And Routing

    Zone-Based Object Firewall with host address (IP or FQDN), port, and mac address *-Native support for authentication. Authorization and accounting support through hotspot/captive portal services. CLOUD OPTIMIZED IP COMMUNICATIONS • Automated WAN Failover/Failback support • WAN Affinity and QoS allow prioritization of VoIP services ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 6: Specifications

    • Three LAN/WAN switchable 10/100 Ethernet ports – one default WAN (cable/DSL/T1/satellite/Metro Ethernet) • WiFi as WAN, Metro WiFi; 2x2 MIMO “N” 2.4 GHz or 5 GHz; 802.11 a/b/g/n/ac (IBR1100 only) LAN: • Dual-band dual-concurrent WiFi; 802.11 a/b/g/n/ac (IBR1100 only) •...

  • Page 7: Accessories

    Operational limits: altitude < 6000 m or velocity < 100 m/s (either limit may be exceeded, but not both) ACCESSORIES Because of the diversity of customer needs, the COR IBR1100/IBR1150 does NOT include a power adapter or antennas in the box (it does include a direct wire power/GPIO cable for vehicle installation). Cradlepoint offers several accessory options for dual-modem capability, power and antennas: ©2016 Cradlepoint.
  • Page 8 NOTE: Cradlepoint primarily recommends the extended temperature adapter because it covers the COR IBR1100/ IBR1150 full temperature range of −30 °C to 70 °C. Cost-sensitive customers that intend to use the IBR1100/IBR1150 in temperature-controlled office environments can order the 170584-002 adapter, but it limits the operating temperature range to 0 °C to 40 °C.

  • Page 9: Business-Grade Modem Specifications

    7/15/16 BUSINESS-GRADE MODEM SPECIFICATIONS COR IBR1100/IBR1150 LP6 models include an integrated LTE Advanced Category 6 4G LTE modem. The LP6 modems support SIM-Based Auto-Carrier selection so there is only one model for all of North America. Simply insert the SIM and wait for the router to automatically detect the SIM and establish a connection.
  • Page 10 LTE Band 2 (1900 MHz), Band 4 (AWS), Band 5 (850 MHz), Band 13 (700 MHz), Band 17 (700 MHz), Band 25 (1900 MHz) • HSPA+/UMTS (850/900/1900/2100 MHz, AWS) • GSM/GPRS/EDGE (850/900/1800/1900 MHz) • CDMA EVDO Rev A/1xRTT (800/1900 MHz) ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 11: Hardware

    Power Port LAN or WAN Default: WAN WiFi Antenna Connector* USB 2.0 10/100 Ethernet Ports WiFi Antenna Connector* (Reverse SMA) Port (Configurable: LAN or WAN (Reverse SMA) Default: LAN) * - only on IBR1100 ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 12: Power/Gpio Connector

    M-to-F straight through cable to a male DTE port, such as those commonly found on a computer or network device. The pins are numbered from the top right as shown here: Name Direction (relative to IBR1100/IBR1150) ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...

  • Page 13: Dual Modem Dock Installation Instructions

    5. Attach modem door (D) using M3 screws (E). 6. With USB port of the IBR1100 facing the USB connector of the IBR1100 dock, slide the mounting flange(s) of the router (F) into the guide rails(s) of the dock (A).
  • Page 14 Cradlepoint recommends using thread locker or nylon lock nut. 10. Attach included or accessory antennas. NOTE: Do not place IBR1100/IBR1150 antennas and MC400 antennas immediately adjacent. Cradlepoint recommends remotely attaching one or both sets of antennas. ©2016 Cradlepoint. All Rights Reserved.

  • Page 15: Dual Modem Dock Hardware And Dimensions

    User Manual IBR1100/IBR1150 7/15/16 DUAL MODEM DOCK HARDWARE AND DIMENSIONS Rear view Front view Top view Bottom view ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 16: Leds

    User Manual IBR1100/IBR1150 7/15/16 LEDS POWER The Cradlepoint IBR1100/IBR1150 must be powered using an approved 9-36 VDC power source. • Blue = Powered ON. • No Light = Not receiving power. Check the power switch and the power source connection.

  • Page 17: Quick Start

    BASIC SETUP 1. Insert an activated SIM A wireless broadband data plan must be added to your Cradlepoint IBR1100. Wireless broadband data plans are available from wireless carriers such as Verizon, AT&T, Sprint, EE, and Vodafone. The SIM must be provisioned with the carrier.

  • Page 18: Accessing The Administration Pages

    When you log in for the first time, you will be automatically directed to the FIRST TIME SETUP WIZARD, which will walk you through the steps to customize your Cradlepoint AER3100. You have the ability to configure any of the following: •...

  • Page 19: Using Enterprise Cloud Manager

    “Register”. Once you have registered your device, go to cradlepointecm.com and log in using your ECM credentials. For more information about how to use Cradlepoint Enterprise Cloud Manager, see the following: • Getting Started •...

  • Page 20: Quick Links

    You may return to the Dashboard at any time by clicking on DASHBOARD from the left menu or by clicking on the Cradlepoint logo at the top-left of the screen. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...

  • Page 21: Connection Manager

    WAN Affinity. If WAN Affinity is enabled for a particular profile or interface, do not enable Standby for that profile or interface as the failover results may vary and be unexpected. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 22 Internet and failed. Idle Check Interval: The amount of time between each check. (Default: 30 seconds. Range: 10-3600 seconds.) Monitor while connected: (Default: Off) Select from the ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 23 Immediate failback returns you to the use of your preferred Internet source more quickly which may have advantages such as reducing the cost of a failover data plan, but it may cause more interruptions in your network than Usage or Time modes. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 24 Custom Alert Percentages: Example: “50,80,90,110” (values can exceed 100%) (Triggers alerts when 50, 80, 90, 110% of usage cap is used) NOTE: To enable data usage, check Data Usage Enabled from WAN Management. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 25: Internet

    Routing Ethernet System Logs INTERNET CONNECTIONS Select your device to reveal detailed information about the following device properties: • Summary • Modem • Cellular Network • General Information • IPv4 Information • Statistics ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 26 User Manual IBR1100/IBR1150 7/15/16 ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 27 User Manual IBR1100/IBR1150 7/15/16 ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 28 Last Traffic To reset information, click Reset Statistics. STATISTICS Statistics can be gathered at variable Sample Rate and Sample Size for the following areas: • Wireless Device • Data Usage • Failover/Failback/Load Balance ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 29 User Manual IBR1100/IBR1150 7/15/16 Displays packets and bytes transmitted and received by your Quality of Service (QoS) queues. To enable and configure QoS, go to NETWORKING > QoS. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 30: Client List

    CP Secure VPN Tunnels, go to NETWORKING > Tunnels > CP Secure VPN. IPSEC VPN Displays status of your IPSec VPN Tunnels. To add and configure IPSec VPN Tunnels, go to NETWORKING > Tunnels > IPSec VPN. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 31: Firewall

    Displays status of your GRE Tunnels. To add and configure GRE Tunnels, go to NETWORKING > Tunnels > GRE. FIREWALL Displays information about your Firewall Connection Tracking States. To configure your firewall, select SECURITY from the left navigation. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 32: Routing

    Displays GPS location and status. To enable and configure GPS, go to SYSTEM > Administration > GPS. SYSTEM LOGS Displays System Log information. To configure System Logging, go to SYSTEM > Administration > System Logging. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 33: Networking

    This name is referred to as the SSID (service set identifier). For security purposes, Cradlepoint highly recommends that you change this from the pre-configured name. Hidden: This shows whether the router broadcasts its SSID.
  • Page 34 NOTE: If you don’t know whether you should choose Personal or Enterprise, assume Personal since you need to know RADIUS authentication for Enterprise. In order to protect your network from hackers and unauthorized users, Cradlepoint highly recommends WPA2/ AES for security if your attached devices can support it. WEP and WPA/TKIP are obsolete and have been replaced by WPA/AES.
  • Page 35 Enabling this value allows clients that can utilize a shorter time to do so. Disabling this option forces all clients to use a longer backoff check and thus may reduce network throughput while reducing the number of transmission collisions. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 36 Internet (WAN) is used as a possible source of Internet for the router • Local Network (LAN) is for connecting a computer or similar device directly to the router with an Ethernet cable. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 37 Display: This section allows you to choose if a “Terms of Use” page will be given to the user connecting to the hotspot. • Internal Terms of Use. Fill in your own terms of use. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 38 Add the MAC addresses of trusted machines. This gives them automatic access through the hotspot portal. Click Add to enter new MAC Addresses you wish to allow. Click Update to save your additions. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 39 Click Add to configure a new network, Remove to delete a network, or select an existing network and click Edit to view configuration options. General Settings Enabled: The network can be manually disabled or in some specific situations may be automatically disabled to work with certain types of modems. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 40 UPnP Gateway: Select the UPnP (Universal Plug and Play) option if you want to enable the UPnP Gateway service for computers on this network. Admin Access: When enabled users may access these admin pages from this network. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 41 IPv6 DHCP Lease Time: Specifies how long DHCP enabled computers will wait before requesting a new DHCP lease. Schedule Enable Schedule Service: Enable the interface scheduler. A schedule allows an interface to be enabled or disabled during specific hours of a day. VRRP Enable VRRP: Enable or disable VRRP. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 42 RADIUS server’s interface. NOTE: If you don’t know the MAC address for the RADIUS server, enter 00:00:00:00:00:00, and the service will try to find the MAC address from the given IP address. Port Password ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 43 The time/date that is logged is the time of the first connection. The page may need to be refreshed to show the most recent log entries. Double-clicking on entries from this list will add them to the Ignored MAC Addresses list. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 44: Vlan Interfaces

    CP Secure VPN allows IT managers to secure their expanding Edge Networks using architectures that scale quickly and are easy to maintain. For more information, visit cradlepoint.com. Click Add to configure a new CP Secure VPN tunnel; click Edit to make changes to an existing tunnel.
  • Page 45 (Internet Protocol security) to authenticate and encrypt packets exchanged across the tunnels. To set up a VPN tunnel with a Cradlepoint router on one end, there must be another device (usually a router) that also supports IPsec on the other end.
  • Page 46 • Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 47 To set up a tunnel with a remote site, you need to match your tunnel’s IKE negotiation parameters with the remote site. By selecting several encryption, hash, and DH group options, you improve your chances ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 48 • Group 1: 768-bit key • Group 2: 1024-bit key • Group 5: 1536-bit key In IKE Phase 1 you can only select one DH group if you are using Aggressive exchange mode. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 49 DH Group. Phase 2 and phase 1 selections do not have to match. For the Hash selection an added value of SHA 256_128 (128-bit truncation) is avaliable. The original specification and the Cradlepoint default is 96-bit truncation, but RFC4868 requires 128-bit. A VPN to newer Cisco or Juniper devices will typically require 128-bit.
  • Page 50 Client • Server • Device Type - Select between Routed (TUN) or Bridged (TAP) virtual device. • Routed creates an interface that can be used in the Zone Firewall and is fully routable. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 51 Port – Specify the port if desired • Protocol – Select UDP or TCP Add/Edit Tunnel – Routes Add or remove the routes that will be used to direct packets through the tunnel. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 52 Generic Routing Encapsulation (GRE) tunnels can be used to create a connection between two private networks. Most Cradlepoint routers are enabled for both GRE and VPN tunnels. GRE tunnels are simpler to configure and more flexible for different kinds of packet exchanges, but VPN tunnels are much more secure.
  • Page 53 Port – Select by the physical port on the router into which you are plugging the modem (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”) • Model – Set your rule according to the specific model of modem •...
  • Page 54 Netmask - This is the corresponding subnet mask of the network being defined (Default: 255.255.255.0). The Network Address and Netmask, or subnet mask, together define a range of IP addresses that comprise the local network you want associated with the NEMO settings. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 55 The MRU is very similar to the MTU: MTU is for packets sent and MRU is for packets received • Tunnel Enabled – Click to enable/disable this tunnel. Default: Enabled. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 56 Network Address – This is the network address that is the destination of the route. This should be set to the network address at the remote side of the tunnel. • Netmask – This is the corresponding subnet mask of the network being defined. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 57: Routing

    If no policy or no route is matched, the lookup will use the primary route table instead. To add a route policy, click Add. • IP Version: Select the IP protocol version. • Source IP/Network Address ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 58 Clearing Permit will deny the route if the Match Conditions are met. • Match Conditions: A set of conditions that define a match. • Set Actions: A set of actions that are triggered by a match. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 59 Community List: Allows filtering by community. In essence a community is a label which is attached to routes learned from that community. Then that community or label can be used to select which policy(s) should be applied to those routes. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 60 The first field sets a limit for both EBGP and IBGP. If desired, a different limit can be applied just to IBGP using the second field. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 61 Mutually exclusive with TTL Security. Optionally specify Time To Live from 1 to 255 hops. • TTL Security: Specify the number of hops to reach eBGP neighbors. Mutually exclusive with eBGP Multihop. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 62 OSPF is widely used in large networks such as ISP (Internet Service Provider) backbone and enterprise networks. Click Add to add an OSPF router. General • Enable: Enable and disable the routing protocol policy. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 63 The Key ID identifies the secret key used to create the message digest. This ID is part of the protocol and must be consistent across routers on a link. • Cost: OSPF metric for this interface. • Transmit Delay: Link state transmit delay. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 64 (default Type-2). Route Map specifies an optional route map to filter routes. • Default Metric: Specify the default metric for routes redistributed to OSPF. This can be overridden under the Redistribute configuration. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 65 Device: Select network interface device. • Send version: Select the RIP version that will be sent on this interface, overriding the global setting. Version can be 1 or 2, or 0 to select both. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 66 Metric: RIPng metric is a value for distance for the network. Usually the RIP service increments the metric when the network information is received. The metric for redistributed routes is set to 1. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 67: Qos

    DSCP (DiffServ) Tag: Differentiated Services Code Point (DSCP) is the successor to TOS (Type of Service). Use this field to ‘tag’ the traffic by putting the value in the DSCP header of each IP packet that flows through this ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 68 Download Priority: The priority value has two different effects on traffic. Higher priority traffic is handled before lower priority traffic, which can lead to shorter response times. Also, when spare bandwidth is available ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 69 “source” or “destination” (or both). Source vs. destination is defined by traffic flow. Leave these blank to include all IP addresses (such as if your rule is defined by a particular port instead). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 70: Dns Servers

    Click Finish to save this rule. DNS SERVERS DNS, or Domain Name System, is a naming system that translates between domain names (www.cradlepoint. com, for example) and Internet IP addresses (206.207.82.197). A DNS server acts as an Internet phone book, translating between names that make sense to people and the more complex numerical identifiers.
  • Page 71 Update period (hours): (Default: 576) The time between periodic updates to the dynamic DNS, if your dynamic IP address has not changed. The timeout period is entered in hours so valid values are from 1 to 8760. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...

  • Page 72: Wifi As Wan

    WiFi Radio #1 (2.4 GHz) • WiFi Radio #2 (5 GHz) All Cradlepoint routers and some other routers use the same default IP address for the primary network: 192.168.0.1. If you attempt to set up WiFi as WAN and there is an “IP conflict,” you need to change the IP address.
  • Page 73 Scan While Connected: Continue to scan for WiFi as WAN profile updates when connected. Each time a scan occurs the wireless communication of the router will be temporarily interrupted. Normally this should be disabled. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 74: Wan Affinity

    WAN device. Deselect this option to restrict this traffic to only the selected WAN interface. When Condition Value Port USB Port 1 Type Is not WiMax ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 75: Client Data Usage

    Port – Select by the physical port on the router that you are plugging the modem into (e.g., “USB Port 2”). • Manufacturer – Select by the modem manufacturer (e.g., “Cradlepoint Inc.”). • Model – Set your rule according to the specific model of modem.

  • Page 76: Nhrp

    Dynamic: Multicast packets will be forwarded to each connected peer. This is typically used for an NHRP hub. You also have the option to create static mappings for this interface. Click Add in the table to open the static mapping editor. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 77 (displays flag R in the static mapping table if selected) • Proprietary OS: This should be enabled if the statically mapped peer is running proprietary OS (displays flag C in the static mapping table if selected). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 78: Security

    FQDN addresses in the same identity. IP addresses are entered using CIDR notation, e.g. 1.2.3.4/32 and 0123:4567::CDEF/128. FQDN addresses are entered with at least one dot separating a top-level domain from a root zone, e.g. cradlepoint.com. To add a Host Address Identity, click Add. PORTS A port identity member can be entered as a single Start port number or as a port range by entering both a Start and End port number.

  • Page 79: Zone Firewall

    Log: When checked, each packet matching this filter rule will be logged in the System Log. • IP Version: Select the IP version to match. • Enter match criteria under Source, Destination, Protocols and Application Sets. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 80 IP address of the server and the client. Note that this may create a lot of log entries, especially on a busy network. Sending the system log to a syslog server is recommended. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 81 The primary purpose for Cradlepoint’s NPT implementation is for failover/failback and load balancing setups. LAN clients can potentially retain the original IPv6 lease information and may experience a more seamless transition when WAN connectivity changes than if not utilizing NPT.
  • Page 82 LAN to be redirected to a specific computer/IP address on the Internet. Click Add to create a new port proxying rule, or select an existing rule and click Edit. Add/Edit Port Proxying Rule ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 83 One-to-One NAT can be accomplished by specifying a host address or a /32 cidr address. Click Add to create a Dynamic 1:1 NAT. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 84: Content Filtering

    HTTPS Port (Optional): The port for the proxy to forward HTTPS traffic to. HTTPS is not transparently intercepted and must have the LAN clients configured to use the Cradlepoint router as a proxy for HTTPS to work properly. MAC WEB FILTER RULES...
  • Page 85 The settings can be changed by selecting a network and clicking the Edit button. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 86 Licenses to enable this feature. Enter your Zscaler account information to enable these settings. Input local network information (Network Address and Netmask) to assign your Zscaler implementation to one or more local network(s). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 87: Certificate Management

    • Organization Information: The organization to which the certificate issuer belongs • Common Name: Name used to match authentication credentials To add a local certificate, click Add. Remove a local certificate by selecting the certificate and clicking the Remove button. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 88 To import, choose a certificate file in PKCS #12 format from your computer or local device and upload it to the router. Give the certificate a name that is meaningful to you. PKCS #12 files are protected by a passphrase – you must know this key to import the file. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 89 PKCS #12 format. When you export this file, you must create a passphrase to protect it. This key is required for future use of the file. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 90: System

    HTTP Port: Default – 8080. This option is disabled if you select “Require Secure Connection” • Secure HTTPS Port – Default: 8443. NOTE: You can restrict remote access to only specified IP addresses in SECURITY > Zone Firewall > Remote Access Restriction. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 91 If a ping to the router’s WAN port does not work, it is unlikely that remote SSH access will work. FEATURE LICENSES Some Cradlepoint features may require a license. These features are disabled by default. To obtain a feature license, contact your Cradlepoint sales representative.
  • Page 92 TAIP messages as being sent from some unique vehicle. GPS CLIENTS, SERVERS, AND SERIAL GPS reporting requires separate software to listen/query for NMEA (or TAIP) sentences. The router must either act as a GPS server (which ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 93 Include System ID, the report will include proprietary sentences of the following format (in addition to the standard sentences): $PCPTI,{System ID},{router timestamp},{GGA timestamp},{GGA checksum}*{checksum} NOTE: “PCPTI” stands for Proprietary, CradlePoinT, Identification (P-CPT-I). Language Settings (TAIP) ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385...
  • Page 94 Event Threshold, a GPS report will be triggered. An additional GPS report will be triggered when movement resumes (i.e. when the Stationary Distance Threshold is exceeded). While stationary, additional GPS Reports can be triggered by the Default Time ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 95 Client name - Your client’s name should include only Aa-Zz, numerals, and ‘_’. • Port - Remote server port. NOTE: Language Settings and Reporting Intervals options are identical to those for Send to Client(s). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 96 11612.329073,W Longitude 116 deg. 12.329073 min West Speed over ground, knots 329.2 Course made good, true 161015 Date of fix – 16 October 2015 0.0,E Magnetic variation: 0.0 degrees East A*16 Mode Indicator ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 97 SMS messages from any phone number. Leaving this blank is unsecure, so Cradlepoint recommends that you add phone numbers to this list. Once any numbers are listed, only those numbers have the ability to connect to the router via SMS.
  • Page 98 If this occurs, disable this option. Log to attached USB stick: Only enable this option if instructed by a Cradlepoint support agent. This will write a very verbose log file to the root level of an attached USB stick. Please disable the feature before removing the USB stick, or you may lose some logging data.

  • Page 99: Enterprise Cloud Manager

    (Default: Enabled) • Server Host:Port: The DNS hostname and port number for your ECM server. (Default: stream.cradlepoint.com) • Session Retry Timer: How long to wait, in seconds, before starting a new ECM session following a connection drop or connectivity failure.

  • Page 100: Device Alerts

    Each SMTP server will have different specifications for setup, so you have to look those up separately. The following is an example using Gmail: • Server Address: smtp.gmail.com • Server Port: 587 (for TLS, or Transport Layer Security port; the router does not support SSL). ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 101: Serial Redirector

    GPIO 2 - pins 2, 3 on serial cable GPIO 3 - pins 4, 6 on serial cable The GPIOs on serial cable will not work —even if individually enabled — until Enable Serial GPIO Cable checkbox is selected. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 102: Snmp Configuration

    SNMP, or Simple Network Management Protocol, is an Internet standard protocol for remote management. You might use this instead of Enterprise Cloud Manager if you want to remotely manage a set of routers that include both Cradlepoint and non-Cradlepoint products. SNMP Configuration •...
  • Page 103 • Enable SNMP traps: Enabling traps will allow you to configure a destination server, community, and port for trap notifications. Trap notifications are returned to the server with SNMPv1. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...

  • Page 104: System Control

    If you are happy with the operation of the router, you may not want to upgrade just because a new version is available. Check the firmware release notes (cradlepoint.com/firmware) for information to decide if you should upgrade.
  • Page 105 With other select modems (such as LP6), more than one modem firmware image may be locally stored within the device’s memory. You must first select the Cradlepoint modem you would like to update. Once selected, the appropriate modem firmware update options will display.

  • Page 106: Diagnostics

    File: Click this button to manually upload a modem firmware file. Type the path/file or click Select Firmware File to browse to the local file location. Once entered, click Begin Firmware Upgrade. Note: For modems which support manual carrier switching, find the appropriate modem firmware package file via ECM or the Cradlepoint portal.

  • Page 107: Setup Wizards

    Enter a password for the administrator who will have full access to the router’s management interface. You can use the default password on the back of your product, or you can create a custom Administrator Password. ©2016 Cradlepoint. All Rights Reserved. +1.855.813.3385 cradlepoint.com...
  • Page 108 Configuring Your APN and Modem Authentication If you are using a SIM-based modem (LTE/GSM/HSPA) with your Cradlepoint router you may need to configure the APN before it will properly connect to your carrier. Wireless carriers offer several APNs so check with your carrier to confirm the appropriate one to use.
  • Page 109 IP PASSTHROUGH SETUP IP passthrough takes a 3G/4G WAN data source (USB, ExpressCard, or Cradlepoint business-grade modem) and passes the IP address through to Ethernet LAN. Enabling IP passthrough will make many changes to your router configuration. Please review this list and ensure they are compatible with how the router will be used.

  • Page 110: Appendix

    To comply with FCC regulations limiting both maximum RF output power and human exposure to RF radiation, for the IBR1100 and IBR1150, the maximum antenna gain in the cellular bands must not exceed 3dBi. For the IBR1100, the maximum WiFi antenna gain in the 2.4 and 5 GHz bands must not exceed 5dBi.

  • Page 111: Safety And Hazards

    In addition, under no circumstances should the IBR1100 device be used in any aircraft, regardless of whether the aircraft is on the ground or in flight. In any aircraft, the IBR1100 device MUST BE POWERED OFF AT ALL TIMES (since the device otherwise could transmit signals that might interfere with various onboard systems on such aircraft).

  • Page 112: Router Communication/Data Usage

    OTHER BINDING DOCUMENTS; TRADEMARKS; COPYRIGHT By activating or using your IBR1100 or IBR1150 device, you agree to be bound by Cradlepoint’s Terms of Use, User License and other applicable Legal Policies. © 2015 Cradlepoint, Inc. All rights reserved. Cradlepoint is not responsible for omissions or errors in typography or photography.

This manual is also suitable for:

Ibr1150Ibr600bIbr650b

Table of Contents