Page 1 OX253P WiMAX MIMO Outdoor Simple CPE Default Login Details IP Address: http://192.168.1.1 Administrator’s admin/admin User Name and Password: General User’s user/user User Name and Password: Firmware Version 3.70 Edition 1, 11/2010...
Page 2: About This User's Guide
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the OX253P using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Page 3: Document Conventions
Syntax Conventions • The product(s) described in this book may be referred to as the “OX253P”, the “device”, the “system” or the “product” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
Page 4 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The OX253P icon is not an exact representation of your OX253P. Table 1 Common Icons WiMAX Access Point Computer Wireless Signal Notebook Server...
Page 5: Safety Warnings
• Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s). • If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged. OX253P User’s Guide...
Page 6 Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. OX253P User’s Guide...
Page 8: Table Of Contents
The Certificates Screens ......................97 The Firewall Screens ........................119 Content Filter ........................... 129 The Remote Management Screens ..................133 QoS ............................145 The Logs Screens ........................149 The Status Screen ........................163 Troubleshooting ........................173 Product Specifications ......................181 OX253P User’s Guide...
Page 9 Contents Overview OX253P User’s Guide...
Page 10: Table Of Contents
Table of Contents........................11 Part I: User’s Guide................17 Chapter 1 Getting Started ........................19 1.1 About Your OX253P ......................19 1.1.1 WiMAX Internet Access ..................... 19 1.2 OX253P Hardware ......................20 1.2.1 LEDs .......................... 20 1.3 Good Habits for Managing the Device ................. 21 Chapter 2 Introducing the Web Configurator ..................
Page 11 4.2.2 Changing Service Providers ..................37 4.2.3 Blocking Web Access During Specific Hours ............. 39 4.2.4 Blocking Web Sites by Keyword ................42 4.3 Remotely Managing Your OX253P ..................44 Part II: Technical Reference ..............45 Chapter 5 The Setup Screens........................47 5.1 Overview ..........................
Page 12 9.6.1 The Restart Process ....................95 9.7 Bridge ..........................95 Chapter 10 The Certificates Screens ......................97 10.1 Overview ..........................97 10.1.1 What You Can Do in This Chapter ................97 10.1.2 What You Need to Know ..................97 OX253P User’s Guide...
Page 13 13.1.1 What You Can Do in This Chapter ................. 133 13.1.2 What You Need to Know ..................134 13.2 WWW ..........................135 13.3 Telnet ..........................136 13.4 FTP ..........................136 13.5 SNMP ..........................137 13.5.1 SNMP Traps ......................138 OX253P User’s Guide...
Page 14 17.2 OX253P Access and Login ....................174 17.3 Internet Access ........................ 176 17.4 Export a Certificate File ....................178 17.5 Reset the OX253P to Its Factory Defaults ............... 179 17.5.1 Pop-up Windows, JavaScripts and Java Permissions ........... 179 Chapter 18 Product Specifications ......................
Page 15 Appendix B Setting Up Your Computer’s IP Address ............189 Appendix C Pop-up Windows, JavaScripts and Java Permissions ........217 Appendix D IP Addresses and Subnetting ................229 Appendix E Importing Certificates ..................241 Appendix F Common Services..................... 271 Index............................275 OX253P User’s Guide...
Page 16: User's Guide
User’s Guide...
Page 18: Getting Started
Getting Started 1.1 About Your OX253P The OX253P has a built-in switch and allows you to access the Internet by connecting to a WiMAX wireless network. You can configure firewall and content filtering as well as a host of other features.
Page 19: Ox253P Hardware
The following figure shows the LEDs (lights) on the OX253P. Figure 2 The OX253P’s LEDs STRENGTH INDICATORS ACTIVITY INDICATOR The following table describes your OX253P’s LEDs (from right to left). Table 2 The OX253P STATE DESCRIPTION Power The OX253P is not receiving power.
Page 20: Good Habits For Managing The Device
1.3 Good Habits for Managing the Device Do the following things regularly to make the OX253P more secure and to manage the OX253P more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 21 Chapter 1 Getting Started OX253P User’s Guide...
Page 22: Introducing The Web Configurator
Appendix C on page 217 for more information on configuring your web browser. 2.1.1 Accessing the Web Configurator Make sure your OX253P hardware is properly connected (refer to the Quick Start Guide for more information). Launch your web browser. Enter "192.168.1.1" as the URL.
Page 23 If you have changed the password, enter your password and click Login. The following screen displays. Click Apply to have the OX253P generate a new certificate. You can also click Ignore to have the OX253P use the default certificate.
Page 24: The Main Screen
Chapter 2 Introducing the Web Configurator Note: For security reasons, the OX253P automatically logs you out if you do not use the Web Configurator for five minutes. If this happens, log in again. 2.2 The Main Screen When you first log into the web configurator and by-pass the wizard, the Main screen appears.
Page 25 This field indicates the current status of your WiMAX connection. Status Status messages are as follows: • Connected - Indicates that the OX253P is connected to the WiMAX network. Use the Strength Indicator icon to determine the quality of your network connection. •...
Page 26 This field indicates the exact date and time the current firmware was compiled. System Uptime This field indicates how long the OX253P has been on. This resets every time you shut the device down or restart it. WiMAX Uptime This field indicates how long the OX253P has been connected to the WiMAX network.
Page 27 Chapter 2 Introducing the Web Configurator OX253P User’s Guide...
Page 28: Internet Connection Wizard
Internet settings. 3.1.1 Welcome to the Setup Wizard This is the welcome screen for the Setup Wizard. The Internet Connection Wizard screens are described in detail in the following sections. Figure 4 Select a Mode OX253P User’s Guide...
Page 29: System Information
LABEL DESCRIPTION System System Name is a unique name to identify the OX253P in an Ethernet Name network. Enter a descriptive name. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_"...
Page 30: Authentication Settings
Leave this field blank if your ISP did not give you an anonymous identity to use. This field displays the Privacy Key Management version number. PKM provides security between the OX253P and the base station. At the time of writing, the OX253P supports PKMv2 only. See the WiMAX security appendix for more information.
Page 31 • MSCHAPV2 (Microsoft CHAP version 2) • PAP (Password Authentication Protocol) Certificate This is the security certificate the OX253P uses to authenticate the AAA server. Use the TOOLS > Certificates > Trusted CA screen to import certificates to the OX253P.
Page 32: Ip Address
A static IP address is a fixed IP that your ISP gives you. Back Click to display the previous screen. Next Click to proceed to the next screen. Close Click to close the wizard screen without saving. OX253P User’s Guide...
Page 33: Setup Complete
Internet! Refer to the rest of this guide for more detailed information on the complete range of OX253P features available in the more advanced web configurator. Note: If you cannot access the Internet, open the web configurator again to confirm that the Internet settings you configured in the wizard setup are correct.
Page 34: Tutorials
H A P T E R Tutorials 4.1 Overview This chapter shows you how to configure some of the OX253P’s features. Note: Be sure to read Introducing the Web Configurator on page 23 before working through the tutorials presented here. For field descriptions of individual screens, see the related technical reference in this User's Guide.
Page 35 Starting Address and 32 for your Pool Size. In the DNS Server section, set the First, Second and Third DNS Server fields to From ISP in order to use the DNS servers linked to your ISP. Click Apply to save your DHCP settings. OX253P User’s Guide...
Page 36: Connecting Your Small Network To The Internet
Enable Network Address Translation option. Click Apply to save your settings. Connect your computers to the OX253P’s Ethernet ports and you’re all set! Note: You may need to configure the computers on your LAN to automatically obtain IP addresses. For information on how to do this, see Appendix B on page 189.
Page 37 In the Web Configurator, open the TOOLS > Certificates > My Certificates screen and click the Import button. In the Import Certificate screen, click Browse and locate the security certificate that was provided by your new ISP. OX253P User’s Guide...
Page 38: Blocking Web Access During Specific Hours
Internet through your new service provider! 4.2.3 Blocking Web Access During Specific Hours If your OX253P is in a home or office environment you may decide that you want to block web access and video chat during a specific block of hours, such as during your daughter’s designated study hours.
Page 39 Chapter 4 Tutorials Open the TOOLS > Firewall > Services to screen. Select Enable Services Blocking. OX253P User’s Guide...
Page 40 In this example, the five weekly work days are selected as well as the standard work hours of 3:30 PM to 8:30 PM (or 20:30 in 24-hour format). Finally, click Apply to save your settings. OX253P User’s Guide...
Page 41: Blocking Web Sites By Keyword
This allows you to control the content you do allow to pass through the OX253P. For example, once your daughter’s designated study hours end, you allow web access and video chat but want to restrict certain sites.
Page 42 Next, open the TOOLS > Content Filter > Schedule screen. To keep things simple, set the Days to Block to Everyday and the Time of Day to Block to All Day. Click Apply to save these settings. OX253P User’s Guide...
Page 43: Remotely Managing Your Ox253P
Finally, in the Secured Client IP Address field enter 2.2.2.2 as the IP address from which you will be connecting to the OX253P. Any other attempts by computer on the Internet to connect will be rejected because their IP addresses won’t match the one specified here.
Page 44: Technical Reference
Technical Reference...
Page 46: The Setup Screens
OX253P’s IP address and subnet mask. • The DHCP Client screen (Section 5.3 on page 49) to view connection information for clients configured by the OX253P’s internal DHCP server. • The Time Setting screen (Section 5.4 on page 50) lets you configure your OX253P’s time and date keeping settings.
Page 47: Before You Begin
Quick Start Guide. 5.2 Set IP Address Click the SETUP icon in the navigation bar to set up the OX253P’s IP address and subnet mask. This screen displays this screen by default. If you are in any other sub-screen you can simply choose Set IP Address from the navigation menu on the left to open it again.
Page 48: Dhcp Client
LABEL DESCRIPTION IP Address Enter the IP address of the OX253P on the LAN. Note: This field is the IP address you use to access the OX253P on the LAN. If the web configurator is running on a computer on the LAN, you lose access to it as soon as you change this field and click Apply.
Page 49: Time Setting
Figure 11 SETUP > Time Setting The following table describes the labels in this screen. Table 10 SETUP > Time Setting LABEL DESCRIPTION Current Time and Date Current Time Displays the current time according to the OX253P. OX253P User’s Guide...
Page 50: Pre-Defined Ntp Time Servers List
Click to restore your previously saved settings. 5.4.1 Pre-Defined NTP Time Servers List The OX253P uses a pre-defined list of NTP time servers if you do not specify a time server or it cannot synchronize with the time server you specified. It can use this list regardless of the time protocol you select.
Page 51: Resetting The Time
5.4.2 Resetting the Time The OX253P automatically resets the time in the following circumstances: • When the device starts up, such as when you press the Power button. • When you click Apply in the SETUP > Time Setting screen.
Page 52: The Lan Configuration Screens
The LAN Configuration Screens 6.1 Overview Use the ADVANCED > LAN Configuration screens to set up the OX253P on the LAN. You can configure its IP address and subnet mask, DHCP services, and other subnets. You can also control how the OX253P sends routing information using RIP.
Page 53: Dhcp Setup
DESCRIPTION DHCP Setup Enable DHCP Select this if you want the OX253P to be the DHCP server on the LAN. Server As a DHCP server, the OX253P assigns IP addresses to DHCP clients on the LAN and provides the subnet mask and DNS server information.
Page 54 Enter the number of IP addresses to allocate. This number must be at least one and is limited by a subnet mask of 255.255.255.0 (regardless of the subnet the OX253P is in). For example, if the IP Pool Start Address is 10.10.10.10, the OX253P can allocate up to 10.10.10.254, or 245 IP addresses.
Page 55: Static Dhcp
DESCRIPTION The number of the item in this list. MAC Address Enter the MAC address of the computer to which you want the OX253P to assign the same IP address. IP Address Enter the IP address you want the OX253P to assign to the computer.
Page 56: Ip Static Route
6.4 IP Static Route Click ADVANCED > LAN Configuration > IP Static Route to look at the static routes configured in the OX253P. Note: The first static route is the default route and cannot be modified or deleted. Figure 14 Advanced> LAN Configuration > IP Static Route The following table describes the icons in this screen.
Page 57: Ip Static Route Setup
Private Select this if you do not want the OX253P to tell other routers about this static route. For example, you might select this if the static route is in your LAN. Clear this if you want the OX253P to tell other routers about this static route.
Page 58: Other Settings
If this static route affects only one IP address, enter 255.255.255.255. Gateway IP Enter the IP address of the gateway to which the OX253P should send Address packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port.
Page 59: Technical Reference
Out Only - The OX253P only sends routing information on the subnet. RIP Version Select which version of RIP the OX253P uses when it sends or receives information on the subnet. • RIP-1 - The OX253P uses RIPv1 to exchange routing information.
Page 60: Ip Address And Subnet Mask
TCP/IP configuration at start-up from a server. You can configure the OX253P as a DHCP server or disable it. When configured as a server, the OX253P provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else each computer must be manually configured.
Page 61: Lan Tcp/Ip
0.0.0.0, the OX253P tells the DHCP clients that it itself is the DNS server. When a computer sends a DNS query to the OX253P, the OX253P forwards the query to the real DNS server learned through IPCP and relays the response back to the computer.
Page 62: Rip Setup
• Both - the OX253P will broadcast its routing table periodically and incorporate the RIP information that it receives. • In Only - the OX253P will not send any RIP packets but will accept all RIP packets received. • Out Only - the OX253P will send out RIP packets but will not accept any RIP packets received.
Page 63 Chapter 6 The LAN Configuration Screens information. IP multicasting can be enabled/disabled on the OX253P LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces. OX253P User’s Guide...
Page 64: The Wan Configuration Screens
H A P T E R The WAN Configuration Screens 7.1 Overview Use the ADVANCED > WAN Configuration screens to set up your OX253P’s Wide Area Network (WAN) or Internet features. A Wide Area Network (or WAN) links geographically dispersed locations to other networks or the Internet.
Page 65 A base station provides network access to subscriber stations and mobile stations, and communicates with other base stations. The radio frequency and bandwidth of the link between the OX253P and the base station are controlled by the base station. The OX253P follows the base station’s configuration.
Page 66 EAP secured connection between the mobile station, the base station and the AAA server. See the WiMAX security appendix for more details. OX253P User’s Guide...
Page 67: Internet Connection
Chapter 7 The WAN Configuration Screens 7.2 Internet Connection Click ADVANCED > WAN Configuration to set up your OX253P’s Internet settings. Note: Not all OX253P models have all the fields shown here. Figure 20 ADVANCED > WAN Configuration > Internet Connection The following table describes the labels in this screen.
Page 68 This field displays the Privacy Key Management version number. PKM provides security between the OX253P and the base station. At the time of writing, the OX253P supports PKMv2 only. See the WiMAX security appendix for more information.
Page 69: Wimax Configuration
OX253P. In a WiMAX network, a mobile or subscriber station must use a radio frequency supported by the base station to communicate. When the OX253P looks for a connection to a base station, it can search a range of frequencies.
Page 70 DL Frequency / These fields show the downlink frequency settings in kilohertz (kHz). Bandwidth Enter values in these fields to have the OX253P scan these frequencies for available channels in ascending numerical order. Note: The Bandwidth field is not user-configurable; when the OX253P finds a WiMAX connection, its frequency is displayed in this field.
Page 71: Frequency Ranges
Reset Click to restore your previously saved settings. 7.3.1 Frequency Ranges The following figure shows the OX253P searching a range of frequencies to find a connection to a base station. Figure 22 Frequency Ranges In this figure, A is the WiMAX frequency range. “WiMAX frequency range” refers to the entire range of frequencies the OX253P is capable of using to transmit and receive (see the Product Specifications appendix for details).
Page 72: Configuring Frequency Settings
Note: The Bandwidth field is not user-configurable; when the OX253P finds a WiMAX connection, its frequency is displayed in this field. • If you enter a 0 in a DL Frequency field, the OX253P immediately moves on to the next DL Frequency field.
Page 73: Buzzer
7.4 Buzzer Click ADVANCED > WAN Configuration > Buzzer to enable or disable buzzer in the ODU. The buzzer sounds beeps when the OX253P receives signal from the connected base station. Figure 24 ADVANCED > WAN Configuration > Buzzer...
Page 74: Advanced
Click to save your changes. Reset Click to restore your previously saved settings. 7.5 Advanced Click ADVANCED > WAN Configuration > Advanced to configure your DNS server, RIP, Multicast and Windows Networking settings. Figure 25 ADVANCED > WAN Configuration > Advanced OX253P User’s Guide...
Page 75 Select Obtained from ISP if your ISP dynamically assigns DNS Third DNS Server server information (and the OX253P's WAN IP address). Use the drop-down list box to select a DNS server IP address that the ISP assigns in the field to the right.
Page 76: The Nat Configuration Screens
The NAT Configuration Screens 8.1 Overview Use these screens to configure port forwarding and trigger ports for the OX253P. You can also enable and disable SIP, FTP, and H.323 ALG. Network Address Translation (NAT) maps a host’s IP address within one network to a different IP address in another network.
Page 77: Port Forwarding
Each NAT session establishes a corresponding firewall session. Use this field to limit the number of NAT/firewall sessions each client computer can establish through the OX253P. If your network has a small number of clients using peer to peer applications, you can raise this number to ensure that their performance is not degraded by the number of NAT sessions they can establish.
Page 78: Port Forwarding Options
8.3.1 Port Forwarding Options Click ADVANCED > NAT Configuration > Port Forwarding to look at the current port-forwarding rules in the OX253P, and to enable, disable, activate, and deactivate each one. You can also set up a default server to handle ports not covered by rules.
Page 79 Default Server Setup Default Server Enter the IP address of the server to which the OX253P should forward packets for ports that are not specified in the Port Forwarding section below or in the TOOLS > Remote MGMT screens. Enter 0.0.0.0 if you want the OX253P to discard these packets instead.
Page 80: Port Forwarding Rule Setup
Enter the IP address of the server to which to forward packets for the Address selected port number(s). This server is usually on the LAN. Apply Click to save your changes. Cancel Click to return to the previous screen without saving your changes. OX253P User’s Guide...
Page 81: Trigger Port
(a "trigger" port). When the OX253P's WAN port receives a response with a specific port number and protocol ("incoming" port), the OX253P forwards the traffic to the LAN IP address of the computer that sent the request. After that computer’s connection for that service closes, another computer on the LAN can use the service in the same manner.
Page 82 Enter the outgoing port number or range of port numbers that makes End Port the OX253P record the source IP address and assign it to the selected incoming port number(s). To select one port number, enter the port number in the Start Port and End Port fields.
Page 83: Trigger Port Forwarding Example
Figure 31 Trigger Port Forwarding Example Jane requests a file from the Real Audio server (port 7070). Port 7070 is a “trigger” port and causes the OX253P to record Jane’s computer IP address. The OX253P associates Jane's computer IP address with the "incoming"...
Page 84: Alg
Click ADVANCED > NAT Configuration > ALG to enable and disable SIP (VoIP), FTP (file transfer), and H.323 (audio-visual) ALG in the OX253P. Figure 32 ADVANCED > NAT Configuration > ALG The following table describes the labels in this screen.
Page 85 Chapter 8 The NAT Configuration Screens OX253P User’s Guide...
Page 86: The System Configuration Screens
• The Dynamic DNS screen (Section 9.3 on page 90) lets you set up the OX253P as a dynamic DNS client. • The Firmware screen (Section 9.4 on page 92) lets you upload new firmware to the OX253P.
Page 87 IP address of a computer before you can access it. The OX253P can get the DNS server addresses in the following ways: The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up.
Page 88: General
Enter the current password you use to access the OX253P. New Password Enter the new password for the OX253P. You can use up to 30 characters. As you type the password, the screen displays an asterisk (*) for each character you type.
Page 89: Dynamic Dns
IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. Note: If you have a private WAN IP address, then you cannot use Dynamic DNS. OX253P User’s Guide...
Page 90 Chapter 9 The System Configuration Screens Click ADVANCED > System Configuration > Dynamic DNS to set up the OX253P as a dynamic DNS client. Figure 34 ADVANCED > System Configuration > Dynamic DNS The following table describes the labels in this screen.
Page 91: Firmware
LABEL DESCRIPTION IP Address Update Policy Use WAN IP Select this if you want the OX253P to update the domain name with the Address WAN port's IP address. Dynamic DNS Select this if you want the DDNS server to update the IP address of the server auto host name(s) automatically.
Page 92: The Firmware Upload Process
9.5 Configuration Click ADVANCED > System Configuration > Configuration to back up or restore the configuration of the OX253P. You can also use this screen to reset the OX253P to the factory default settings. Figure 36 ADVANCED > System Configuration > Configuration...
Page 93: The Restore Configuration Process
Note: Do not turn off the device while configuration file upload is in progress. If the OX253P’s IP address is different in the configuration file you selected, you may need to change the IP address of your computer to be in the same subnet as that of the default management IP address (192.168.5.1).
Page 94: Restart
Click this button to have the device perform a software restart. The Power LED blinks as it restarts and the shines steadily if the restart is successful. Note: Wait one minute before logging back into the OX253P after a restart. 9.6.1 The Restart Process When you click Restart, the the process usually takes about two minutes.
Page 95 Table 35 ADVANCED > System Configuration > Bridge LABEL DESCRIPTION Bridge Mode Select this to switch to the bridge mode for the OX253P. Router Mode Select this to switch to the router mode for the OX253P. Apply Click to save your change.
Page 96: The Certificates Screens
Use the TOOLS > Certificates screens to manage public key certificates on the OX253P. The OX253P can use public key certificates (also sometimes called “digital IDs”) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication.
Page 97: My Certificates
LABEL DESCRIPTION PKI Storage This bar displays the percentage of the OX253P’s PKI storage space that Space in Use is currently in use. When the storage space is almost full, you should consider deleting expired or unnecessary certificates before adding more certificates.
Page 98 Import Click to a certificate into the OX253P. Create Click to go to the screen where you can have the OX253P generate a certificate or a certification request. Refresh Click to display the current validity status of the certificates.
Page 99: My Certificates Create
10.2.1 My Certificates Create Click TOOLS > Certificates > My Certificates and then the Create icon to open the My Certificates Create screen. Use this screen to have the OX253P create a self-signed certificate, enroll a certificate with a certification authority or generate a certification request.
Page 100 Create a Select Create a certification request and save it locally for certification later manual enrollment to have the OX253P generate and store request and save it a request for a certificate. Use the My Certificate Details screen to locally for later...
Page 101 DESCRIPTION Create a Select Create a certification request and enroll for a certification certificate immediately online to have the OX253P generate a request and enroll request for a certificate and apply to a certification authority for a for a certificate certificate.
Page 102 Cancel Click to return to the previous screen without saving your changes. If you configured the My Certificate Create screen to have the OX253P enroll a certificate and the certificate enrollment is not successful, you see a screen with a Return button that takes you back to the My Certificate Create screen.
Page 103: My Certificate Edit
31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- characters. Property Select Default self-signed certificate which signs the imported remote host certificates to use this certificate to sign the remote host certificates you upload in the TOOLS > Certificates > Trusted CAs screen. OX253P User’s Guide...
Page 104 (along with the certificate itself). If the certificate is a self-signed certificate, the certificate itself is the only one in the list. The OX253P does not trust the certificate and displays “Not trusted” in this field if any certificate on the path has expired or been revoked.
Page 105 This field does not display for a certification request. MD5 Fingerprint This is the certificate’s message digest that the OX253P calculated using the MD5 algorithm. SHA1 Fingerprint This is the certificate’s message digest that the OX253P calculated using the SHA1 algorithm.
Page 106: My Certificate Import
Click TOOLS > Certificates > My Certificates > Import to access this screen. Use this screen to import a certificate that matches a corresponding certification request that was generated by the OX253P. You must remove any spaces from the certificate’s filename before you can import it.
Page 107: Trusted Cas
Click TOOLS > Certificates > Trusted CAs access this screen. Use this screen to display a summary list of certificates of the certification authorities that you have set the OX253P to accept as trusted. The OX253P accepts any valid certificate signed by a certification authority on this list as being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities.
Page 108 Check incoming certificates issued by this CA against a CRL check box in the certificate’s details screen to have the OX253P check the CRL before trusting any certificates issued by the certification authority. Otherwise the field displays No.
Page 109: Trusted Ca Edit
31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- characters. Property Select Default self-signed certificate which signs the imported remote host certificates to use this certificate to sign the remote host certificates you upload in the TOOLS > Certificates > Trusted CAs screen. OX253P User’s Guide...
Page 110 (along with the certificate itself). If the certificate is a self-signed certificate, the certificate itself is the only one in the list. The OX253P does not trust the certificate and displays “Not trusted” in this field if any certificate on the path has expired or been revoked.
Page 111 This field does not display for a certification request. MD5 Fingerprint This is the certificate’s message digest that the OX253P calculated using the MD5 algorithm. SHA1 Fingerprint This is the certificate’s message digest that the OX253P calculated using the SHA1 algorithm.
Page 112: Trusted Ca Import
Trusted CA Import screen. Follow the instructions in this screen to save a trusted certification authority’s certificate from a computer to the OX253P. The OX253P trusts any valid certificate signed by any of the imported trusted CA certificates. Note: You must remove any spaces from the certificate’s filename before you can import the certificate.
Page 113: Certificate Authorities
A certification path is the hierarchy of certification authority certificates that validate a certificate. The OX253P does not trust a certificate if any certificate on its path has expired or been revoked.
Page 114 10.4.1.1 Advantages of Certificates Certificates offer the following benefits. • The OX253P only has to store the certificates of the certification authorities that you decide to trust, no matter how many devices you need to authenticate. • Key distribution is simple and very secure since you can freely distribute public keys and you never need to transmit private keys.
Page 115: Verifying A Certificate
Chapter 10 The Certificates Screens 10.4.2 Verifying a Certificate Before you import a certificate into the OX253P, you should verify that you have the correct certificate. This is especially true of trusted certificates since the OX253P also trusts any valid certificate signed by any of the imported trusted certificates.
Page 116 Use a secure method to verify that the certificate owner has the same information in the Thumbprint Algorithm and Thumbprint fields. The secure method may vary based on your situation. Possible examples would be over the telephone or through an HTTPS connection. OX253P User’s Guide...
Page 117 Chapter 10 The Certificates Screens OX253P User’s Guide...
Page 118: The Firewall Screens
The following terms and concepts may help as you read through this chapter. About the OX253P Firewall The OX253P firewall is a stateful inspection firewall and is designed to protect against Denial of Service attacks when activated. The OX253P's purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet.
Page 119: Firewall Setting
Chapter 11 The Firewall Screens The OX253P can be used to prevent theft, destruction and modification of data, as well as log events, which may be important to the security of your network. The OX253P is installed between the LAN and a WiMAX base station connecting to the Internet.
Page 120: Triangle Route
Forwarded WAN-to-LAN packets are not considered alerts. 11.2.2 Triangle Route When the firewall is on, your OX253P acts as a secure gateway between your LAN and the Internet. In an ideal network topology, all incoming and outgoing network traffic passes through the OX253P to protect your LAN against attacks.
Page 121: Firewall Setting Options
Select this if you want to let some traffic from the WAN go directly to a Route computer in the LAN without passing through the OX253P. Max NAT/ Select the maximum number of NAT rules and firewall rules the OX253P Firewall Session enforces at one time. The OX253P automatically allocates memory for Per User the maximum number of rules, regardless of whether or not there is a rule to enforce.
Page 122: Services
Table 46 TOOLS > Firewall > Services LABEL DESCRIPTION Service Setup Enable Services Select this to activate service blocking. The Schedule to Block section Blocking controls what days and what times service blocking is actually effective, however. OX253P User’s Guide...
Page 123: Technical Reference
Reset Click to restore your previously saved settings. 11.4 Technical Reference The following section contains additional technical information about the OX253P features described in this chapter. 11.4.1 Stateful Inspection Firewall. Stateful inspection firewalls restrict access by screening data packets against defined access rules.
Page 124: Guidelines For Enhancing Security With Your Firewall
A computer on the LAN initiates a connection by sending out a SYN packet to a receiving server on the WAN. The OX253P reroutes the SYN packet through Gateway A on the LAN to the WAN. The reply from the WAN goes directly to the computer on the LAN without going through the OX253P.
Page 125 Figure 52 “Triangle Route” Problem 11.4.3.1 Solving the “Triangle Route” Problem If you have the OX253P allow triangle route sessions, traffic from the WAN can go directly to a LAN computer without passing through the OX253P and its firewall protection.
Page 126 Chapter 11 The Firewall Screens The OX253P then sends it to the computer on the LAN in Subnet 1. Figure 53 IP Alias OX253P User’s Guide...
Page 127 Chapter 11 The Firewall Screens OX253P User’s Guide...
Page 128: Content Filter
Internet content filtering allows you to create and enforce Internet access policies tailored to their needs. Content filtering is the ability to block certain web features or specific URL keywords. The OX253P can block web features such as ActiveX controls, Java applets, cookies and disable web proxies. The OX253P also allows you to define time periods and days during which the OX253P performs content filtering.
Page 129: Filter
Click TOOLS > Content Filter > Filter to set up a trusted IP address, which web features are restricted, and which keywords are blocked when content filtering is effective. Figure 54 TOOLS > Content Filter > Filter OX253P User’s Guide...
Page 130 LAN users to avoid content filtering restrictions. Keyword Blocking Enable URL Select this if you want the OX253P to block Web sites based on words in Keyword the web site address. For example, if you block the keyword bad,...
Page 131: Schedule
Select what time each day you want content filtering to be effective. Block Enter times in 24-hour format; for example, 3:00pm should be entered as 15:00. Apply Click to save your changes. Reset Click to restore your previously saved settings. OX253P User’s Guide...
Page 132: The Remote Management Screens
13.1 Overview Use the TOOLS > Remote Management screens to control which computers can use which services to access the OX253P on each interface. Remote management allows you to determine which services/protocols can access which OX253P interface (if any) from which computers.
Page 133: What You Need To Know
The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the OX253P will disconnect the session immediately. There is already another remote management session with an equal or higher priority running.
Page 134: Www
Table 50 TOOLS > Remote Management > WWW LABEL DESCRIPTION Server Port Enter the port number this service can use to access the OX253P. The computer must use the same port number. Server Access Select the interface(s) through which a computer may access the OX253P using this service.
Page 135: Telnet
Table 51 TOOLS > Remote Management > Telnet LABEL DESCRIPTION Server Port Enter the port number this service can use to access the OX253P. The computer must use the same port number. Server Access Select the interface(s) through which a computer may access the OX253P using this service.
Page 136: Snmp
Table 52 TOOLS > Remote Management > FTP LABEL DESCRIPTION Server Port Enter the port number this service can use to access the OX253P. The computer must use the same port number. Server Access Select the interface(s) through which a computer may access the OX253P using this service.
Page 137: Snmp Traps
The OX253P supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance.
Page 138: Snmp Options
13.5.2 SNMP Options Click TOOLS > Remote Management > SNMP to access this screen. Use SNMP options to control SNMP access to your OX253P. Figure 60 TOOLS > Remote Management > SNMP The following table describes the labels in this screen.
Page 139: Dns
A secured client is a “trusted” computer that is allowed to communicate with the OX253P using this service. Select All to allow any computer to access the OX253P using this service. Choose Selected to just allow the computer with the IP address that you specify to access the OX253P using this service.
Page 140: Security
13.7 Security Click TOOLS > Remote Management > Security to access this screen. Use this screen to control how your OX253P responds to other types of requests. Figure 62 TOOLS > Remote Management > Security The following table describes the labels in this screen.
Page 141: Cwmp-Tr069
Example HTTP In this example, the OX253P receives data from at least 3 sources: A SIP server for handling voice calls, an HTTP server for handling web services, and an ACS, for configuring the OX253P remotely. All three servers are owned and operated by the client’s Internet Service Provider.
Page 142 Enter the URL or IP address of the auto-configuration server. User Name Enter the user name sent when the OX253P connects to the ACS and which is used for authentication. You can enter up to 31 alphanumeric characters (a-z, A-Z, 0-9) and underscores but spaces are not allowed.
Page 143 If the inform time is set for some point in the future, then the OX253P interpolates backwards to the current time and actually begins at the appropriate time based on this interpolation.
Page 144: Qos
Table 58 TOOLS > Remote Management > Security LABEL DESCRIPTION Active QoS Select this to enable QoS for the OX253P. Selecting this may improve network performance, especially if you are using VoIP applications or are playing online video games. Apply Click to save your changes.
Page 145: Class Setup
(such as Telnet) to form a flow. You can give different priorities to traffic that the OX253P forwards out through the WAN interface. Give high priority to voice and video to make them run more smoothly.
Page 146: Class Configuration
Enter the Differentiated Services Code Point (DSCP) value (0~63) for the traffic matching the class criteria. The higher the value, the higher the priority. Lower-priority packets may be dropped if the total traffic exceeds the capacity of the network. OX253P User’s Guide...
Page 147 Select TCP or UDP to specifiy the traffic type to which the class will apply. You can also select User Defined and enter the number of a protocol. Apply Click this button to save your changes back to the OX253P. Cancel Click this button to begin configuring this screen afresh. OX253P User’s Guide...
Page 148: The Logs Screens
• The Log Settings screen (Section 15.3 on page 153) lets you configure where the OX253P sends logs and alerts, the schedule for sending logs, and which logs and alerts are sent or recorded. 15.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter.
Page 149 Please refer to the RFC for detailed information on each type. Table 62 RFC-2408 ISAKMP Payload Types LOG DISPLAY PAYLOAD TYPE Security Association Proposal PROP Transform TRANS Key Exchange Identification Certificate Certificate Request CER_REQ Hash HASH Signature Nonce NONCE Notification NOTFY Delete Vendor ID OX253P User’s Guide...
Page 150: View Logs
Click this to send the log screen to the e-mail address specified in the Log Settings page. Refresh Click to renew the log screen. Clear Log Click to clear all the log entries, regardless of what is shown on the log screen. OX253P User’s Guide...
Page 151 This field lists the destination IP address and the port number of the incoming packet. In many cases, some or all of this information may not be available. Note This field displays additional information about the log entry. OX253P User’s Guide...
Page 152: Log Settings
Chapter 15 The Logs Screens 15.3 Log Settings Click TOOLS > Logs > Log Settings to configure where the OX253P sends logs and alerts, the schedule for sending logs, and which logs and alerts are sent or recorded. Figure 69 TOOLS > Logs > Log Settings...
Page 153 E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server the OX253P should use to e-mail logs and alerts. Leave this field blank if you do not want to send logs or alerts by e-mail.
Page 154: Log Message Descriptions
The maximum number of NAT session table entries NAT Session Table is Full! has been exceeded and the table is full. The device got the time and date from the Daytime Time initialized by Daytime server. Server OX253P User’s Guide...
Page 155 (%d). host. A packet from the WAN (TCP or UDP) matched a Firewall allowed a packet that cone NAT session and the device forwarded it to matched a NAT session: [ TCP | the LAN. UDP ] OX253P User’s Guide...
Page 156 Attempted access matched a configured filter rule [ TCP | UDP | ICMP | IGMP | (denoted by its set and rule number) and was blocked Generic ] packet filter or forwarded according to the rule. matched (set: %d, rule: %d) OX253P User’s Guide...
Page 157 The PPP connection’s Link Control Protocol stage is closing. ppp:LCP Closing The PPP connection’s Internet Protocol Control Protocol stage is ppp:IPCP Closing closing. Table 72 UPnP Logs LOG MESSAGE DESCRIPTION UPnP packets can pass through the firewall. UPnP pass through Firewall OX253P User’s Guide...
Page 158 The external content filtering server did not respond within Waiting content the timeout period. filter server timeout The OX253P cannot get the IP address of the external content DNS resolving filtering via DNS query. failed The OX253P cannot issue a query because TCP/UDP socket Creating socket creation failed, port:port number.
Page 159 Attempted use of TELNET service was blocked Remote Management: TELNET according to remote management settings. denied Attempted use of HTTP or UPnP service was blocked Remote Management: HTTP or according to remote management settings. UPnP denied OX253P User’s Guide...
Page 160 Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host Echo Echo message Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp OX253P User’s Guide...
Page 161 Chapter 15 The Logs Screens Table 76 ICMP Notes (continued) TYPE CODE DESCRIPTION Timestamp request message Timestamp Reply Timestamp reply message Information Request Information request message Information Reply Information reply message OX253P User’s Guide...
Page 162: The Status Screen
H A P T E R The Status Screen 16.1 Overview Use this screen to view a complete summary of your OX253P connection status. 16.2 Status Screen Click the STATUS icon in the navigation bar to go to this screen, where you can view the current status of the device, system resources, interfaces (LAN and WAN), and SIP accounts.
Page 163 This field displays what DHCP services the OX253P is using in the WAN. Choices are: Client - The OX253P is a DHCP client in the WAN. Its IP address comes from a DHCP server on the WAN. None - The OX253P is not using any DHCP services in the WAN. It has a static IP address.
Page 164 Traffic can now flow between the OX253P and the base station. • IDLE: the OX253P is in power saving mode, but can connect when a base station alerts it that there is traffic waiting. Bandwidth This field shows the size of the bandwidth step the OX253P uses to connect to a base station in megahertz (MHz).
Page 165 System Uptime This field displays how long the OX253P has been running since it last started up. The OX253P starts up when you plug it in, when you restart it (ADVANCED > System Configuration > Restart), or when you reset it.
Page 166: Packet Statistics
Click this link to view port status and packet specific statistics. Statistics DHCP Table Click this link to see details of computers to which the OX253P has given an IP address. 16.2.1 Packet Statistics Click Status > Packet Statistics to open this screen. This read-only screen displays information about the data transmission through the OX253P.
Page 167: Wimax Site Information
Click this button to halt the refreshing of the system statistics. 16.2.2 WiMAX Site Information Click Status > WiMAX Site Information to open this screen. This read-only screen shows WiMAX frequency information for the OX253P. These settings can be configured in the ADVANCED > WAN Configuration > WiMAX Configuration screen.
Page 168: Dhcp Table
Click Status > DHCP Table to open this screen. This read-only screen shows the IP addresses, Host Names and MAC addresses of the devices currently connected to the OX253P. These settings can be configured in the ADVANCED > LAN Configuration > DHCP Setup screen.
Page 169: Wimax Profile
To configure these settings, go to the ADVANCED > WAN Configuration > Internet Connection screen. Note: Not all OX253P models have all the fields shown here. Figure 74 WiMAX Profile The following table describes the labels in this screen.
Page 170: Technical Reference
MSCHAPV2 (Microsoft CHAP version 2) • PAP (Password Authentication Protocol) Certificate This is the security certificate the OX253P uses to authenticate the AAA server, if one is available. 16.3 Technical Reference The following section contains additional technical information about the OX253P features described in this chapter.
Page 171 Chapter 16 The Status Screen OX253P User’s Guide...
Page 172: Troubleshooting
Make sure you are using the power adapter or cord included with the OX253P. Make sure the power adapter or cord is connected to the OX253P and plugged in to an appropriate power source. Make sure the power source is turned on.
Page 173: Ox253P Access And Login
When the OX253P receives signals from a base station, it beeps to notify you. If you do not want to hear beeps from the OX253P, log into the Web Configurator and disable the buzzer in the ADVANCED > WAN Configuration > Buzzer screen.
Page 174 OX253P. See Appendix D on page 229. Reset the OX253P to its factory defaults, and try to access the OX253P with the default IP address. See Section 9.6 on page If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions.
Page 175: Internet Access
Chapter 17 Troubleshooting You cannot log in to the web configurator while someone is using Telnet to access the OX253P. Log out of the OX253P in the other session, or ask the person who is logged in to log out.
Page 176 If the problem continues, contact your ISP. The Internet connection is slow or intermittent. The quality of the OX253P’s wireless connection to the base station may be poor. Poor signal reception may be improved by moving the OX253P away from thick walls and other obstructions, or to a higher floor in your building.
Page 177: Export A Certificate File
Chapter 17 Troubleshooting 17.4 Export a Certificate File When I try to export a certificate file from the OX253P, the exporting process hangs. You may encounter this issue if you are using Internet Explorer 8. Make sure you have upgraded to Internet Explorer 8 standard version.
Page 178: Reset The Ox253P To Its Factory Defaults
Chapter 17 Troubleshooting 17.5 Reset the OX253P to Its Factory Defaults If you reset the OX253P, you lose all of the changes you have made. The OX253P re-loads its default settings, and the password resets to admin. You have to make all of your changes again.
Page 179 Chapter 17 Troubleshooting OX253P User’s Guide...
Page 180: Product Specifications
H A P T E R Product Specifications This chapter gives details about your OX253P’s hardware and firmware features. Table 82 Environmental and Hardware Specifications FEATURE DESCRIPTION Operating Temperature -15°C to 60°C (ODU), -10°C to 55°C (IDU) Storage Temperature -15°C to 65°C (ODU), -15°C to 60°C (IDU)
Page 181 (MS) compatible with the IEEE 802.16e standard. Firewall The OX253P is a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN.
Page 182 FEATURE DESCRIPTION Time and Date Get the current time and date from an external server when you turn on your OX253P. You can also set the time manually. Logging Use the OX253P’s logging feature to view connection history, surveillance logs, and error messages.
Page 183 Chapter 18 Product Specifications OX253P User’s Guide...
Page 184: Appendix A Wimax Security
(secret) key. The public key is used for encryption and the private key is used for decryption. You can decrypt a message only if you have the private key. Public key certificates (or ‘digital IDs’) allow users to verify each other’s identity. OX253P User’s Guide...
Page 185 Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password they both know. The key is not sent over OX253P User’s Guide...
Page 186 This series of ‘chained’ blocks creates a message authentication code (MAC or CMAC) that ensures the encrypted data has not been tampered with. OX253P User’s Guide...
Page 187 Appendix A WiMAX Security Authentication The OX253P supports EAP-TTLS authentication. EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection (with EAP- TLS digital certifications are needed by both the server and the wireless clients for mutual authentication).
Page 188: Appendix B Setting Up Your Computer's Ip Address
190 • Windows Vista page 193 • Mac OS X: 10.3 and 10.4 page 197 • Mac OS X: 10.5 page 201 • Linux: Ubuntu 8 (GNOME) page 204 • Linux: openSUSE 10.3 (KDE) page 210 OX253P User’s Guide...
Page 189 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT. Click Start > Control Panel. Figure 77 Windows XP: Start Menu In the Control Panel, click the Network Connections icon. Figure 78 Windows XP: Control Panel OX253P User’s Guide...
Page 190 Right-click Local Area Connection and then select Properties. Figure 79 Windows XP: Control Panel > Network Connections > Properties On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 80 Windows XP: Local Area Connection Properties OX253P User’s Guide...
Page 191 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. OX253P User’s Guide...
Page 192: Windows Vista
Click Start > Control Panel. Figure 82 Windows Vista: Start Menu In the Control Panel, click the Network and Internet icon. Figure 83 Windows Vista: Control Panel Click the Network and Sharing Center icon. Figure 84 Windows Vista: Network And Internet OX253P User’s Guide...
Page 193 Figure 85 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then select Properties. Figure 86 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. OX253P User’s Guide...
Page 194 Appendix B Setting Up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. Figure 87 Windows Vista: Local Area Connection Properties OX253P User’s Guide...
Page 195 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. OX253P User’s Guide...
Page 196 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. Click Apple > System Preferences. Figure 89 Mac OS X 10.4: Apple Menu In the System Preferences window, click the Network icon. Figure 90 Mac OS X 10.4: System Preferences OX253P User’s Guide...
Page 197 Configure. Figure 91 Mac OS X 10.4: Network Preferences For dynamically assigned settings, select Using DHCP from the Configure IPv4 list in the TCP/IP tab. Figure 92 Mac OS X 10.4: Network Preferences > TCP/IP Tab. OX253P User’s Guide...
Page 198 • In the IP Address field, type your IP address. • In the Subnet Mask field, type your subnet mask. • In the Router field, type the IP address of your device. Figure 93 Mac OS X 10.4: Network Preferences > Ethernet OX253P User’s Guide...
Page 199 Click Apply Now and close the window. Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network Interface from the Info tab. Figure 94 Mac OS X 10.4: Network Utility OX253P User’s Guide...
Page 200 The screens in this section are from Mac OS X 10.5. Click Apple > System Preferences. Figure 95 Mac OS X 10.5: Apple Menu In System Preferences, click the Network icon. Figure 96 Mac OS X 10.5: Systems Preferences OX253P User’s Guide...
Page 201 From the Configure list, select Using DHCP for dynamically assigned settings. For statically assigned settings, do the following: • From the Configure list, select Manually. • In the IP Address field, enter your IP address. • In the Subnet Mask field, enter your subnet mask. OX253P User’s Guide...
Page 202 Appendix B Setting Up Your Computer’s IP Address • In the Router field, enter the IP address of your OX253P. Figure 98 Mac OS X 10.5: Network Preferences > Ethernet Click Apply and close the window. OX253P User’s Guide...
Page 203 The following screens use the default Ubuntu 8 installation. Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in GNOME: OX253P User’s Guide...
Page 204 When the Network Settings window opens, click Unlock to open the Authenticate window. (By default, the Unlock button is greyed out until clicked.) You cannot make changes to your configuration unless you first enter your admin password. Figure 101 Ubuntu 8: Network Settings > Connections OX253P User’s Guide...
Page 205 In the Authenticate window, enter your admin account name and password then click the Authenticate button. Figure 102 Ubuntu 8: Administrator Account Authentication In the Network Settings window, select the connection that you want to configure, then click Properties. Figure 103 Ubuntu 8: Network Settings > Connections OX253P User’s Guide...
Page 206 • In the Configuration list, select Static IP address if you have a static IP address. Fill in the IP address, Subnet mask, and Gateway address fields. Click OK to save the changes and close the Properties dialog box and return to the Network Settings screen. OX253P User’s Guide...
Page 207 Figure 105 Ubuntu 8: Network Settings > DNS Click the Close button to apply the changes. Verifying Settings Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices OX253P User’s Guide...
Page 208 Appendix B Setting Up Your Computer’s IP Address tab. The Interface Statistics column shows data if your connection is working properly. Figure 106 Ubuntu 8: Network Tools OX253P User’s Guide...
Page 209 Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in the KDE: Click K Menu > Computer > Administrator Settings (YaST). Figure 107 openSUSE 10.3: K Menu > Computer Menu OX253P User’s Guide...
Page 210 When the Run as Root - KDE su dialog opens, enter the admin password and click OK. Figure 108 openSUSE 10.3: K Menu > Computer Menu When the YaST Control Center window opens, select Network Devices and then click the Network Card icon. Figure 109 openSUSE 10.3: YaST Control Center OX253P User’s Guide...
Page 211 Appendix B Setting Up Your Computer’s IP Address When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. Figure 110 openSUSE 10.3: Network Settings OX253P User’s Guide...
Page 212 Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields. Click Next to save the changes and close the Network Card Setup window. OX253P User’s Guide...
Page 213 If you know your DNS server IP address(es), click the Hostname/DNS tab in Network Settings and then enter the DNS server information in the fields provided. Figure 112 openSUSE 10.3: Network Settings Click Finish to save your settings and close the window. OX253P User’s Guide...
Page 214 From the Options sub-menu, select Show Connection Information. Figure 113 openSUSE 10.3: KNetwork Manager When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly. Figure 114 openSUSE: Connection Status - KNetwork Manager OX253P User’s Guide...
Page 215 Appendix B Setting Up Your Computer’s IP Address OX253P User’s Guide...
Page 216: Appendix C Pop-Up Windows, Javascripts And Java Permissions
Disable Pop-up Blockers In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 115 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. OX253P User’s Guide...
Page 217 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab. OX253P User’s Guide...
Page 218 Select Settings…to open the Pop-up Blocker Settings screen. Figure 117 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. OX253P User’s Guide...
Page 219 Figure 118 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. OX253P User’s Guide...
Page 220 Figure 119 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default). OX253P User’s Guide...
Page 221 Figure 120 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. OX253P User’s Guide...
Page 222 Click OK to close the window. Figure 121 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. OX253P User’s Guide...
Page 223 The steps below apply to Mozilla Firefox 3.0 as well. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 123 Mozilla Firefox: TOOLS > Options OX253P User’s Guide...
Page 224 Click Content to show the screen below. Select the check boxes as shown in the following screen. Figure 124 Mozilla Firefox Content Security Opera Opera 10 screens are used here. Screens for other versions may vary slightly. OX253P User’s Guide...
Page 225 Appendix C Pop-up Windows, JavaScripts and Java Permissions Allowing Pop-Ups From Opera, click Tools, then Preferences. In the General tab, go to Choose how you prefer to handle pop-ups and select Open all pop-ups. Figure 125 Opera: Allowing Pop-Ups OX253P User’s Guide...
Page 226 Content from the left-side menu. Select the check boxes as shown in the following screen. Figure 126 Opera: Enabling Java To customize JavaScript behavior in the Opera browser, click JavaScript Options. Figure 127 Opera: JavaScript Options Select the items you want Opera’s JavaScript to apply. OX253P User’s Guide...
Page 227 Appendix C Pop-up Windows, JavaScripts and Java Permissions OX253P User’s Guide...
Page 228: Appendix D Ip Addresses And Subnetting
192.168.1.1). Each of these four parts is known as an octet. An octet is an eight-digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. OX253P User’s Guide...
Page 229 Table 86 IP Address Network Number and Host ID Example OCTET: OCTET: OCTET: OCTET (192) (168) IP Address (Binary) 11000000 10101000 00000001 00000010 Subnet Mask (Binary) 11111111 11111111 11111111 00000000 Network Number 11000000 10101000 00000001 Host ID 00000010 OX253P User’s Guide...
Page 230 MAXIMUM NUMBER OF SUBNET MASK HOST ID SIZE HOSTS 8 bits 255.0.0.0 24 bits – 2 16777214 16 bits 255.255.0.0 16 bits – 2 65534 24 bits 255.255.255.0 8 bits – 2 29 bits 255.255.255.2 3 bits – 2 OX253P User’s Guide...
Page 231 In this example, the company network address is 192.168.1.0. The first three octets of the address (192.168.1) are the network number, and the remaining octet is the host ID, allowing a maximum of 2 – 2 or 254 possible hosts. OX253P User’s Guide...
Page 232 You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. OX253P User’s Guide...
Page 233 Similarly, to divide a 24-bit address into four subnets, you need to “borrow” two host ID bits to give four possible combinations (00, 01, 10 and 11). The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192. OX253P User’s Guide...
Page 234 Lowest Host ID: 192.168.1.129 192.168.1.128 Broadcast Address: Highest Host ID: 192.168.1.190 192.168.1.191 Table 93 Subnet 4 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001 11000000 Subnet Mask (Binary) 11111111.11111111.11111111 11000000 OX253P User’s Guide...
Page 235 The following table is a summary for subnet planning on a network with a 24-bit network number. Table 95 24-bit Network Number Subnet Planning NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) OX253P User’s Guide...
Page 236 Network Address Translation (NAT) on the OX253P. Once you have decided on the network number, pick an IP address for your OX253P that is easy to remember (for instance, 192.168.1.1) but make sure that no other device on your network is using that IP address.
Page 237 Appendix D IP Addresses and Subnetting you entered. You don't need to change the subnet mask computed by the OX253P unless you are instructed to do otherwise. Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet (running only between two branch offices, for example) you can assign any IP addresses to the hosts without problems.
Page 238 Figure 132 Conflicting Computer IP Addresses Example Conflicting Computer and Router IP Addresses Example More than one device can not use the same IP address. In the following example, the computer and the router’s LAN port both use 192.168.1.1 as the IP address. OX253P User’s Guide...
Page 239 Appendix D IP Addresses and Subnetting The computer cannot access the Internet. This problem can be solved by assigning a different IP address to the computer or the router’s LAN port. Figure 133 Conflicting Computer and Router IP Addresses Example OX253P User’s Guide...
Page 240: Appendix E Importing Certificates
In this appendix, you can import a public key certificate for: • Internet Explorer on page 242 • Firefox on page 252 • Opera on page 258 • Konqueror on page 266 OX253P User’s Guide...
Page 241 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Figure 134 Internet Explorer 7: Certification Error Click Continue to this website (not recommended). Figure 135 Internet Explorer 7: Certification Error OX253P User’s Guide...
Page 242 Appendix E Importing Certificates In the Address Bar, click Certificate Error > View certificates. Figure 136 Internet Explorer 7: Certificate Error In the Certificate dialog box, click Install Certificate. Figure 137 Internet Explorer 7: Certificate OX253P User’s Guide...
Page 243 Figure 138 Internet Explorer 7: Certificate Import Wizard If you want Internet Explorer to Automatically select certificate store based on the type of certificate, click Next again and then go to step 9. Figure 139 Internet Explorer 7: Certificate Import Wizard OX253P User’s Guide...
Page 244 Browse. Figure 140 Internet Explorer 7: Certificate Import Wizard In the Select Certificate Store dialog box, choose a location in which to save the certificate and then click OK. Figure 141 Internet Explorer 7: Select Certificate Store OX253P User’s Guide...
Page 245 Appendix E Importing Certificates In the Completing the Certificate Import Wizard screen, click Finish. Figure 142 Internet Explorer 7: Certificate Import Wizard 10 If you are presented with another Security Warning, click Yes. Figure 143 Internet Explorer 7: Security Warning OX253P User’s Guide...
Page 246 12 The next time you start Internet Explorer and go to a web configurator page, a sealed padlock icon appears in the address bar. Click it to view the page’s Website Identification information. Figure 145 Internet Explorer 7: Website Identification OX253P User’s Guide...
Page 247 Figure 146 Internet Explorer 7: Public Key Certificate File In the security warning dialog box, click Open. Figure 147 Internet Explorer 7: Open File - Security Warning Refer to steps 4-12 in the Internet Explorer procedure beginning on page 242 complete the installation process. OX253P User’s Guide...
Page 248 This section shows you how to remove a public key certificate in Internet Explorer Open Internet Explorer and click TOOLS > Internet Options. Figure 148 Internet Explorer 7: Tools Menu In the Internet Options dialog box, click Content > Certificates. Figure 149 Internet Explorer 7: Internet Options OX253P User’s Guide...
Page 249 Remove. Figure 150 Internet Explorer 7: Certificates In the Certificates confirmation, click Yes. Figure 151 Internet Explorer 7: Certificates In the Root Certificate Store dialog box, click Yes. Figure 152 Internet Explorer 7: Root Certificate Store OX253P User’s Guide...
Page 250 Appendix E Importing Certificates The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. OX253P User’s Guide...
Page 251 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Select Accept this certificate permanently and click OK. Figure 153 Firefox 2: Website Certified by an Unknown Authority OX253P User’s Guide...
Page 252 The certificate is stored and you can now connect securely to the web configurator. A sealed padlock appears in the address bar, which you can click to open the Page Info > Security window to view the web page’s security information. Figure 154 Firefox 2: Page Info OX253P User’s Guide...
Page 253 Open Firefox and click TOOLS > Options. Figure 155 Firefox 2: Tools Menu In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 156 Firefox 2: Options OX253P User’s Guide...
Page 254 Use the Select File dialog box to locate the certificate and then click Open. Figure 158 Firefox 2: Select File The next time you visit the web site, click the padlock in the address bar to open the Page Info > Security window to see the web page’s security information. OX253P User’s Guide...
Page 255 This section shows you how to remove a public key certificate in Firefox 2. Open Firefox and click TOOLS > Options. Figure 159 Firefox 2: Tools Menu In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 160 Firefox 2: Options OX253P User’s Guide...
Page 256 In the Delete Web Site Certificates dialog box, click OK. Figure 162 Firefox 2: Delete Web Site Certificates The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. OX253P User’s Guide...
Page 257 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Click Install to accept the certificate. Figure 163 Opera 9: Certificate signer not found OX253P User’s Guide...
Page 258 Appendix E Importing Certificates The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web page’s security details. Figure 164 Opera 9: Security information OX253P User’s Guide...
Page 259 Rather than browsing to a web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. Open Opera and click TOOLS > Preferences. Figure 165 Opera 9: Tools Menu OX253P User’s Guide...
Page 260 Appendix E Importing Certificates In Preferences, click ADVANCED > Security > Manage certificates. Figure 166 Opera 9: Preferences OX253P User’s Guide...
Page 261 Appendix E Importing Certificates In the Certificates Manager, click Authorities > Import. Figure 167 Opera 9: Certificate manager Use the Import certificate dialog box to locate the certificate and then click Open. Figure 168 Opera 9: Import certificate OX253P User’s Guide...
Page 262 Next, click OK. Figure 170 Opera 9: Install authority certificate The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web page’s security details. OX253P User’s Guide...
Page 263 This section shows you how to remove a public key certificate in Opera 9. Open Opera and click TOOLS > Preferences. Figure 171 Opera 9: Tools Menu In Preferences, ADVANCED > Security > Manage certificates. Figure 172 Opera 9: Preferences OX253P User’s Guide...
Page 264 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Note: There is no confirmation when you delete a certificate authority, so be absolutely certain that you want to go through with it before clicking the button. OX253P User’s Guide...
Page 265 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Click Continue. Figure 174 Konqueror 3.5: Server Authentication Click Forever when prompted to accept the certificate. Figure 175 Konqueror 3.5: Server Authentication OX253P User’s Guide...
Page 266 Appendix E Importing Certificates Click the padlock in the address bar to open the KDE SSL Information window and view the web page’s security details. Figure 176 Konqueror 3.5: KDE SSL Information OX253P User’s Guide...
Page 267 Figure 177 Konqueror 3.5: Public Key Certificate File In the Certificate Import Result - Kleopatra dialog box, click OK. Figure 178 Konqueror 3.5: Certificate Import Result The public key certificate appears in the KDE certificate manager, Kleopatra. Figure 179 Konqueror 3.5: Kleopatra OX253P User’s Guide...
Page 268 Appendix E Importing Certificates The next time you visit the web site, click the padlock in the address bar to open the KDE SSL Information window to view the web page’s security details. OX253P User’s Guide...
Page 269 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Note: There is no confirmation when you remove a certificate authority, so be absolutely certain you want to go through with it before clicking the button. OX253P User’s Guide...
Page 270: Appendix F Common Services
CU-SEEME 7648 A popular videoconferencing solution from White Pines Software. 24032 TCP/UDP Domain Name Server, a service that matches web names to IP numbers. User-Defined The IPSEC ESP (Encapsulation (IPSEC_TUNNEL) Security Protocol) tunneling protocol uses this service. OX253P User’s Guide...
Page 271 ICMP echo requests to test whether or not a remote host is reachable. POP3 Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other). OX253P User’s Guide...
Page 272 Access Controller Access Control System). TELNET Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. OX253P User’s Guide...
Page 273 Table 97 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. OX253P User’s Guide...
Page 274: Index
Auto Configuration Server certification authority, see CA requests 97, 101, 102 chaining chaining message authentication base station see CCMP see BS CMAC – see MAC links counter mode buzzer see CCMP buzzer and ODU LEDs OX253P User’s Guide...
Page 275 EAP Metropolitan Area Network Extensible Markup Language, see XML see MAN microwave 65, 66 mobile station see MS modulation firewall 119, 124, 125 frequency My Certificates band see also certificates ranges 73, 74 scanning 90, 134 OX253P User’s Guide...
Page 276 SS syntax conventions QPSK system timeout Quality of Service, see QoS tampering radio frequency of WiMAX TCP/IP configuration RADIUS 67, 186 Message Types TFTP restrictions Messages 31, 69, 185 Shared Secret Key transport encryption key related documentation OX253P User’s Guide...
Page 277 TTLS unauthorized device user authentication user name verification WiMAX radio frequency security spectrum range WiMAX Forum Wireless Interoperability for Microwave Access see WiMAX Wireless Metropolitan Area Network see MAN wireless network access standard wireless security wizard setup OX253P User’s Guide...
Page 278 Index OX253P User’s Guide...
Page 279 Index OX253P User’s Guide...

Zte OX253P User Manual

Chapter 1 Getting Started

Chapter 2 Introducing the Web Configurator

Chapter 3 Internet Connection Wizard

Chapter 4 Tutorials

Chapter 5 The Setup Screens

Chapter 6 The LAN Configuration Screens

Chapter 7

Chapter 8 The NAT Configuration Screens

Chapter 9 The System Configuration Screens

Chapter 10 The Certificates Screens

Chapter 11 The Firewall Screens

Chapter 12 Content Filter

Chapter 13 The Remote Management Screens

Chapter 14 Qos

Chapter 15 The Logs Screens

Chapter 16 The Status Screen

Chapter 17 Troubleshooting

Chapter 18

Appendix A Wimax Security

Appendix B Setting up Your Computer's IP Address

Appendix C Pop-Up Windows, Javascripts and Java Permissions

Appendix D IP Addresses and Subnetting

Appendix E Importing Certificates

Appendix F Common Services

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Zte OX253P

Summary of Contents for Zte OX253P

Table of Contents