TeleWell TW-EAV510 AC User Manual
  1. Manuals
  2. Brands
  3. TeleWell Manuals
  4. Network Router
  5. TW-EAV510 AC v2
  6. User manual

TeleWell TW-EAV510 AC User Manual

Adsl2+/vdsl2 wlan 802.11ac
Hide thumbs Also See for TW-EAV510 AC:
Table of Contents

Advertisement

Quick Links

See also: Quick Manual
TW-EAV510 AC
ADSL2+/VDSL2 WLAN 802.11ac
Router
User Manual
V: 2.53.d16
1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the TW-EAV510 AC and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for TeleWell TW-EAV510 AC

Summary of Contents for TeleWell TW-EAV510 AC

  • Page 1 TW-EAV510 AC ADSL2+/VDSL2 WLAN 802.11ac Router User Manual V: 2.53.d16...

  • Page 2: Table Of Contents

    Directory Introduction ..............................1 Introduction to your Router ........................1 Features ..............................3 Physical Interface ............................7 Package Contents .............................8 Device Description ............................9 Basic Installation ............................13 Factory Default Settings ..........................18 Web Interface (Username and Password) ....................18 Device LAN IPv4 settings ........................18 DHCP server for IPv4 ..........................18 Configuration ..............................18 Configuration via Web Interface ......................18 Status ................................21...
  • Page 3 Firewall ..............................55 ALG ..............................55 IP/Port Filtering ..........................55 MAC Filtering ..........................56 Port Forwarding ..........................57 URL Blocking ...........................59 Domain Blocking ..........................60 DMZ ..............................60 DoS ..............................61 UPnP ..............................62 RIP ................................63 Samba ..............................64 VPN ................................65 PPTP ...............................65 How to for PPTP Server/Client ......................67 L2TP ...............................76 How to for L2TP Server/Client ......................78 IPSec ...............................78 How to for IPsec ..........................82...
  • Page 4 Statistics ............................... 117 Interface ............................... 117 DSL ............................... 118 Language ..............................119 Reboot ................................. 119 Logout ................................119...

  • Page 5: Introduction

    3G/4G LTE mobility With TW-EAV510 AC you can connect a 3G/4G LTE USB modem to its built-in USB port, allowing you to watch movies, download music or access e-mail no matter where you may be. You can even share your Internet connection with others, when away on business, at a show, or wherever there is mobile signal but no fixed line access.
  • Page 6 Web Based GUI It supports web based GUI for configuration and management. It is user-friendly and comes with online help. It also supports remote management capability for remote users to configure and manage this product. Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI.

  • Page 7: Features

    Features - Compliant with VDSL2/ADSL2+ standards - Triple-WAN ports for 3G/4G LTE, VDSL2/ADSL2+ fallback, Gigabit Ethernet WAN (EWAN) for broadband connectivity - Simultaneous dual-band Wireless 867Mbps (5GHz) and 300Mbps (2.4GHz) - Gigabit EWAN and LAN ports - IPv6 ready (IPv4/IPv6 dual stacks) - Fibre (FTTC/FTTP/FTTH) ready with high WAN throughput via EWAN port - USB 3.0 port for NAS, Printer Server and 3G/4G/5G LTE USB modem - QoS for traffic prioritization and bandwidth management...

  • Page 8: Network Protocols And Features

    - ITU-T G.992.2 (G.lite) Annex A, B - Supports VDSL2 band plan: 997 and 998 - ADSL/2/2+ fallback modes - Supports VDSL2 profiles: 8a, 8b, 8c, 8d, 12a, 12b, 17a, 30a and 35b. - Supports ATM and PTM modes Network Protocols and Features - IPv4 or IPv4/IPv6 dual stack - NAT, static (v4/v6) routing and RIP-1/2 - Pv6 stateless/stateful address auto-configuration...

  • Page 9: Quality Of Service Control

    - IPSec - GRE - PPTP / L2TP / IPSec pass-through Quality of Service Control - Supports the DiffServ approach - Traffic prioritization and bandwidth management based on IPv4/IPv6 protocol, port number and address ATM and PPP Protocols - Compliant with xDSL standard - ATM Adaptation Layer Type 5 (AAL5) - Multiple protocol over AAL5 (RFC 2684, formerly RFC 1483) - Bridged or routed Ethernet encapsulation...
  • Page 10 - Supports WPS v2 - Wireless Security with WPA-PSK / WPA2-PSK support - Multiple wireless SSIDs with wireless guest access USB Application Server - 3G/4G LTE USB modem - Storage/NAS: FTP server, Samba server, Printer Server Management - Web-based GUI for remote and local management (IPv4/IPv6) - Firmware upgrade and configuration data upload and download via web-based GUI - Embedded Telnet server for remote and local management - Supports SNMP...

  • Page 11: Physical Interface

    Physical Interface - WLAN antennas: 2 external antennas - DSL: VDSL/ADSL port - Ethernet: 4-port 10/100/1000Mbps auto-crossover (MDI / MDI-X) Switch - EWAN: 1 Gigabit t Ethernet port as a WAN interface for broadband connectivity USB 2.0 and USB 3.0 for 3G/4G LTE USB modem USB 3.0 for storage service and 3G/4G LTE USB modem - WLAN on/off button - WPS push button...

  • Page 12: Package Contents

    Package Contents TeleWell TW-EAV510 AC ADSL2+/VDSL2 WLAN 802.11ac Router User Manual RJ-45 UTP Ethernet cable Power adapter Important note for using this router Do not use the router in high humidity or high temperatures Do not use the same power source for the router as other equipment.

  • Page 13: Device Description

    Device Description The Front LEDs Status Meaning Green System ready Power Green xDSL Showtime Phase Green Blinking xDSL Discovery/Training/Exchange Phase No xDSL line connected Green Ethernet Link Up Green Blinking Ethernet Link Up and traffic Ethernet Link Down Device has a public IP via either static/ DHCP/ or Green IPCP Internet...
  • Page 14 USB device not connected...

  • Page 15: The Rear Ports

    The RESET button is to designed to achieve two effects: 1. Press and hold it for 2-5 seconds to get FW/firmware upgrade from RESET TeleWell server when internet is working. 2. Press and hold it for 5 seconds or above to restore to factory default settings.
  • Page 16 Connect the USB device (Printer, USB storage, 3G/4G LTE USB modem) USB(2.0/3.0) to the port. Note: USB 2.0 for 3G/4G LTE USB modem only USB 3.0 port for Printer, USB storage, 3G/4G LTE USB modem.

  • Page 17: Basic Installation

    Basic Installation The router can be configured through your web browser. A web browser is included as a standard application in the following operating systems: Linux, Mac OS, Windows 8 / 7 / 98 / NT / 2000 / XP / Me / Vista, etc. The product provides an easy and user-friendly interface for configuration.

  • Page 18: Network Configuration

    Network Configuration Configuring a PC in Windows 7 Go to Start. Click on Control Panel. Then click on Network and Internet. When the Network and Sharing Center window pops up, select and click on Change adapter settings on the left window panel. Select the Local Area Connection, and right click the icon to select Properties.
  • Page 19 IPv4: Select Internet Protocol Version 4 (TCP/IPv4) then click Properties. In the TCP/IPv4 properties window, select the Obtain an IP address automatically and Obtain DNS Server address automatically radio buttons. Then click OK to exit the setting. Click OK again in the Local Area Connection Properties window to apply the new configuration.
  • Page 20 IPv6: Select Internet Protocol Version 6 (TCP/IPv6) then click Properties In the TCP/IPv6 properties window, select the Obtain an IPv6 address automatically and Obtain DNS Server address automatically radio buttons. Then click OK to exit the setting. Click OK again in the Local Area Connection Properties window to apply the new configuration.

  • Page 22: Factory Default Settings

    Factory Default Settings Before configuring your router, you need to settings. Web Interface (Username and Password) Administrator Username: hallinta Password: Please check the device label Attention If you have forgotten the username and/or password of the router, you can restore the device to its default setting by pressing the Reset Button more than 6 seconds.
  • Page 23 Congratulations! You are now successfully logged in to the Firewall Router! The TW-EAV510AC also supports the HTTPS connection, you can enter the URL: https://192.168.0.254 establish the secure connection between your PC and Router. With the HTTPS connection, you will get warning message as below (Google Chrome Browser). Just click the link “ADVANCED”, and then click link “Proceed to 192.168.0.254 (unsafe)”...
  • Page 24 Once you have logged on to your TW-EAV510 AC WLAN 802.11ac Router via your web browser, you can begin to set it up according to your requirements. On the configuration homepage, the left navigation pane links you directly to the setup pages, which include:...

  • Page 25: Status

    Status Device The page below shows the basic system and WAN connection information.

  • Page 26: 3G/4G/Lte Info

    Total Received (RX) /Transmitted (TX) Bytes: The total Rx/TX (receive/transmit) packets in Byte Total Connection Time: The total of 3G/4G LTE dongle connection time since the 3G/4G LTE is up and running AP Neighbor This page shows all WLAN AP’s information around your TW-EAV510 AC.

  • Page 27: Ipv6

    IPv6 This page shows the current system status of IPv6. VPN status viewing section provides users IPSec, PPTP, L2TP VPN status.

  • Page 28: Pptp

    PPTP PPTP Server Name: The PPTP connection name. Connection Type: Remote Access or LAN to LAN. Peer Network IP/Netmask: Display the remote (client side) network and subnet mask in LAN to LAN PPTP connection. Status: The connection status, connected or not. Uptime: The uptime.

  • Page 29: L2Tp

    L2TP L2TP Server Name: The L2TP connection name. Connection Type: Remote Access or LAN to LAN. Peer Network IP/Netmask: Display the remote (client side) network and subnet mask in LAN to LAN L2TP connection. Status: The connection status, connected or not. Uptime: The uptime.

  • Page 30: Ipsec

    IPSec Name: The IPSec connection name. Active: Display the connection status. Local Subnet: Display the local network. Remote Subnet: Display the remote network. Remote Gateway: The remote gateway address. Connection State: Connection Status. Uptime: The uptime for the tunnel. Action: Act to the connection. Click Disconnect button to disconnect the tunnel connection.

  • Page 31: Lan Port

    LAN Port This page shows if the LAN port is connected and the working status, rate, and duplex mode. This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Security –...

  • Page 32: Dhcp

    DHCP The DHCP Table lists the DHCP lease information for all IP addresses assigned by the DHCP server in the device. Host Name: The Host Name of DHCP client IP Address: The IP address which is assigned to the host with this MAC address MAC Address: The MAC Address of internal DHCP client host Expires in: Show the remaining time after registration Mark: Show clearly the SSID (WLAN) the device is in...

  • Page 33: System Log

    System Log Display system logs accumulated up to the present time. You can trace historical information with this function. Log Configuring System Log: Enable or disable this function. System Log Reserve: Choose if to reverse the order of log item display, with the latest at the top. Log level: Select your log level.
  • Page 34 Save Log to File: Download the log to your local PC. Clear Log: Click to clear the current log from the screen. Refresh: Click to update the system log. (System Log Reserve Enabled)

  • Page 35: Lan

    A Local Area Network (LAN) is a shared communication system network where many computers are connected. This type of network is area defined and is usually limited to a confined region within a building. IP address: the IP address of the router. Default is 192.168.0.254. Subnet Mask: the default Subnet mask on the router.

  • Page 36: Wlan

    WLAN TW-EAV510 AC is a simultaneous dual-band (2.4G and 5G) wireless router supporting 11b/g/n/a/ac wireless standards. It allows multiple wireless users on 2.4G and 5G radio bands to surf the Internet, checking e-mail, watching video, listening to music over the Internet concurrently.

  • Page 37: Wlan 2.4Ghz / 5Ghz

    WLAN 2.4GHz / 5GHz Basic Settings This page is used to configure the parameters for WLAN clients which may connect to your Access Point. Here you may change wireless encryption settings as well as wireless network parameters. Disable WLAN Interface: The WLAN 2.4G/5G function will be disabled when it is checked. Band: Specify the mode for Wireless standard support.

  • Page 38: Advanced Settings

    Advanced Settings Here user can set some advanced parameters about wireless. Fragment Threshold: A threshold (in bytes) whether the packets will be fragmented and at what size. Packets succeeding the fragmentation threshold of 802.11n WLAN will be split into smaller units suitable for circuit size.
  • Page 39 SSID choice: Apply the security settings to selected SSID. Encryption: User can select one of the following authentications to secure your wireless network: None, WPA, WPA2 or WPA2 Mixed. None 802.1x Authentication: If to enable 802.1x authentication. RADIUS Server IP Address: RADIUS( Remote Authentication Dial In User Service), Enter the IP address of RADIUS authentication server.
  • Page 40 802.1x Authentication: If to enable 802.1x authentication. Key Length: 64 Bits or 128 bits. RADIUS Server IP Address: RADIUS( Remote Authentication Dial In User Service), Enter the IP address of RADIUS authentication server. RADIUS Server Port: Enter the port number of RADIUS authentication server here. RADIUS Password: Enter the password of RADIUS authentication server.

  • Page 41: Access Control

    Authentication Mode: RADIUS and Pre-shared key. If RADIUS, please RADIUS( Remote Authentication Dial In User Service), Enter the IP address, port, password of RADIUS authentication server. WPA Cipher Suite: Specify what cipher suite can be used. WPA2 Cipher Suit: Specify what cipher suite can be used. Group Key Update: The period of renewal time for changing the security key automatically between wireless client and Access Point (AP).
  • Page 42 Mode: Select the mode for the action that will apply to the Current Access Control List. MAC Address: Enter the WiFi client’s MAC address. Enter the Add button to add MAC address to the list. Reset: User can click this button to clear MAC address that just entered. Delete Selected: Click the button to delete all selected MAC addresses in the field named Select.

  • Page 43: Site Survey

    Site Survey The page can help user to find what WiFi channel is used by other AP and find the best channel for you by yourself. Just click Refresh button to do WLAN side survey. WPS (Wi-Fi Protected Setup) feature is a standard protocol created by Wi-Fi Alliance. WPS is used to exchange the AP setting with Station and configure AP settings.

  • Page 45: Wan

    A WAN (Wide Area Network) is a computer network that covers a broad geographical area (eg. Internet) that is used to connect LAN and other types of network systems. WAN Mode The page is used to configure which WAN connection mode will be used or not. Default Routing This page is used to configure the priority of each WAN connection.
  • Page 46 WAN Interface: Select the profile for configuration or new link to create a new profile. Enable VLAN: User can check this box to enable the VLAN on specify profile. VLAN ID: Assign a VLAN ID tag between 0 and 4094 802.1p_Mark: Select an 802.1p priority level between 0 and 7.
  • Page 47 Local IP Address/Remote IP Address/Subnet Mask: Enter the IP address, subnet mask and gateway address that provided by your ISP. Request DNS: If this option is enabled, the device will use the DNS Server IP assigned from ISP. It is only work when Type is set to DHCP.

  • Page 48: Ptm(Vdsl) Wan

    PTM(VDSL) WAN The page is used to configure the parameters and protocol for the VDSL2 WAN port. WAN Interface: Select the profile for configuration or new link to create a new profile. Enable VLAN: User can check this box to enable the VLAN on specify profile. VLAN ID: Assign a VLAN ID tag between 0 and 4094 802.1p_Mark: Select an 802.1p priority level between 0 and 7.
  • Page 49 Enable IGMP-Proxy: Enable/Disable the IGMP Proxy. If disabled, the IPTV will not work with NAT enabled mode. IP Protocol: Setup profile’s IP protocol to be IPv4 only, IPv6 only or IPv4/IPv6 dual stack. When Channel Mode is set to IPoE, you will have the options below. Type: Setup the WAN interface is use static IP or activate as DHCP client and get WAN IP from ISP.

  • Page 50: Atm(Adsl) Wan

    ATM(ADSL) WAN The page is used to configure the parameters and protocol for the ADSL WAN port. There are three pre-set ADSL connections, users can edit or add your own ADSL rules. But note, edit when your channel mode (protocol) is in line with one of the pre-set rules, or please add new ones.
  • Page 51 Now, let’s add a PPPoE ADSL connection. VPI/VCI: if not sure, please Enable Auto-PVC Search. PPP Settings: Username/Password: Please input the PPP dial-up account. Type: To determine the duration of a dial-up connection. Continuous: Select this option when you want your connection up all the time. Connect on Demand: Select it when you don't want the connection up all the time and specify an idle time-out in the Max Idle Timeout field.
  • Page 52 Apply: When ADSL is up and you are not sure about your VPI/VCI. Press Apply to auto-search PVCs, which are to be shown in the current auto-PVC table. VPI/VCI: Enter the VPI/VCI needs to be added to the Current Auto-PVC Table by pressing Add button or deleted from the table by pressing Delete button.

  • Page 53: Atm Settings

    ATM Settings This page is used to configure the ATM parameters. Here you may change the setting for QoS, PCR,CDVT, SCR and MBS. The ATM QoS types include CBR (Constant Bit Rate), VBR (Variable Bit Rate) and UBR (Unspecified Bit Rate). These QoS types are all controlled by the parameters specified below, including PCR, SCR and MBS.

  • Page 54: Dsl Settings

    DSL Settings This screen allows you to set DSL parameters. DSL knowledge is required to configure these settings. Contact your ISP to make sure that these parameters are correct. Please keep these settings as default from ISP, it may make DSL connection broken if set to wrong parameters.

  • Page 55: 3G/4G Lte Settings

    3G/4G LTE Settings 3G/4G LTE dongle related settings can be found in this page. 3G/4G LTE WAN: Enable/Disable the 3G/4G LTE dongle detection function. Mode: There are 6 options of phone service standards: GSM 2G only, UTMS 3G only, GSM 2G preferred, UMTS 3G preferred, Automatic, and Use 3G/LTE 3g dongle settings.
  • Page 56 Connect on Demand: If you want to make UMTS/GPRS call only when there is a packet requesting access to the Internet (i.e. when a program on your computer attempts to access the Internet). In this mode, you must set Idle Timeout value at same time. Click on Connect on Demand, the Idle Timeout field will display.

  • Page 57: Services

    Services Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via your ADSL/VDSL connection, so that anyone wishing to connect to you may use your domain name, rather than having to use your dynamic IP address, which changes from time to time.
  • Page 58 DynDns Settings Username: Your registered name. Password: Your registered password. TZO Settings: Email: Your registered email. Key: Your registered key. Click Add to confirm your DDNS rules.

  • Page 59: Firewall

    Firewall The ALG Controls enable or disable protocols over application layer. VPN pass-through (L2TP/PPTP) is a feature of routers which allows VPN client on a private network to establish outbound VPNs unhindered. FTP ALG enabled allows FTP clients behind an NAT to establish a connection on the port of FTP Server. Enable the H.323/SIP ALG when H.323/SIP SIP phone needs ALG to pass through the NAT.

  • Page 60: Mac Filtering

    Outgoing Default/Incoming Default Action: Specify the default action for the unmatched traffic in Current Filter Table. Direction: Specify the direction of traffic. Protocol: Specify the protocol of traffic. Rule Action: Specify what action will be applied to this rule. Source IP Address/Subnet Mask/Port: Enter the information of traffic that will be hooked by filter. Destination IP Address/Subnet Mask/Port: Enter the information of traffic that will be hooked by filter.

  • Page 61: Port Forwarding

    Port Forwarding In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”. Servers follow the well-known port assignments so clients can locate them.
  • Page 62 WAN Interface: Choose the WAN interface that will apply virtual server. Examples of well-known and registered port numbers are shown below. For further information, please see IANA’s website at http://www.iana.org/assignments/port-numbers Well-known and Registered Ports Port Number Protocol Description FTP Control TCP &...

  • Page 63: Url Blocking

    URL Blocking If website’s URL or keyword matches the pre-defined URL/keyword here, the connection to this URL/keyword will be blocked. FQDN Blocking: To block the URL request with a matched FQDN. If a URL request is matched with listed items, the request will be dropped.

  • Page 64: Domain Blocking

    Domain Blocking If any domain matches the pre-defined domain here, the connection to this domain will be blocked. Domains Blocking: Enter the domain to be blocked. The DMZ Host is a local computer exposed to the Internet. When setting a particular internal IP address as the DMZ Host, all incoming packets will be checked by Firewall and NAT algorithms before being passed to the DMZ host.

  • Page 65: Dos

    This page helps user to setup protection for DOS attack.

  • Page 66: Upnp

    UPnP UPnP offers peer-to-peer network connectivity for PCs and other network devices, along with control and data transfer between devices. UPnP offers many advantages for users running NAT routers through UPnP NAT Traversal, and on supported systems makes tasks such as port forwarding much easier by letting the application control the required settings, removing the need for the user to control advanced configuration of their device.

  • Page 67: Rip

    Enable this Routing Information protocol for the router to communicate with other rip-enable devices. RIP: Select Enable, the router communicates with other RIP-enabled devices. Interface: Choose the router interface that uses RIP. Receive Mode: Choose the interface RIP version that receives RIP messages. You can choose RIP1, RIP2, or Both.

  • Page 68: Samba

    Samba This page allows user to enable/disable the Samba server when USB storage is connected. Samba: Enable/Disable the Samba server. And security on/off User id is :hallinta Password: wifi key number Server String: Descriptive string for the Samba server How to access Samba On a connected PC, go directly to Start >...

  • Page 69: Vpn

    A virtual private network (VPN) is a private network that interconnects remote (and often geographically separate) networks through primarily public communication infrastructures such as the Internet. VPNs provide security through tunneling protocols and security procedures such as encryption. For example, a VPN could be used to securely connect the branch offices of an organization to a head office network through the public Internet.
  • Page 70 PPTP VPN: Enable/Disable PPTP function. PPTP Server Auth. Type: Setup the authentication type for client - Chap/Pap, Pap, Chap or MS-CHAPv2 Encryption. When using PAP, the password is sent unencrypted, whilst CHAP encrypts the password before sending, and also allows for challenges at different periods to ensure that an intruder has not replaced the client. When passed the authentication with MS-CHAPv2, the MPPE encryption is supported.

  • Page 71: How To For Pptp Server/Client

    How to for PPTP Server/Client Example: PPTP Remote Access connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft's VPN Adapter. The TW-EAV510 AC router is installed in the head office, connected to a couple of PCs and Servers.
  • Page 72 Configuring PPTP server in the office 1. Set the PPTP Server Item Description Authentication Type MS-CHAPv2 MPPE Authentication type Starting from Peer Address IP pool for PPTP clients 192.168.100.2 Local Address(virtual address) 192.168.100.254 Virtual gateway address from PPTP clients Username test authenticate user name Passwrod...
  • Page 73 Client Side: Windows series Windows 10 (PPTP Client) 1. Make sure PC can access internet. 2. Go to Control Panel -> Network and Internet -> Network and Sharing Center click Setup a new connection or network to add a new PPTP connection. 3.
  • Page 74 4. Select No, create a new connection and click Next button for next step. 5. Select Use my Internet connection (VPN).
  • Page 75 IP address. Click Create button finish the PPTP client settings on Windows. 7. Enter the username and password that set on TW-EAV510 AC’s PPTP Server and click OK button to connect to PPTP Server.
  • Page 76 8. After connected, you can access remote network now. 9. If you have problem connect with PPTP VPN via PC, please check Control Panel -> Network and Internet - > Network and Sharing Center, click Change adapter settings on left side, would show VPN Connection then right click to select Properties ->...
  • Page 77 Example: PPTP LAN-to-LAN connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet. The routers are installed in the head office and branch offices accordingly. Note: Both office LAN networks must be in different subnets with the LAN-LAN application.
  • Page 78 Configuring PPTP server in the office Set the PPTP Server Item Description Name test Give a name of PPTP connection Authentication Type MS-CHAPv2 MPPE Authentication type Starting from Peer Address IP pool for PPTP clients 192.168.100.2 Local Address(virtual address) 192.168.100.254 Virtual gateway address from PPTP clients Username test...
  • Page 79 Configuring PPTP client in the branch office Item Description Name test Give a name of PPTP connection Authentication Type MS-CHAPv2 MPPE Authentication type Server Address 69.121.1.33 Remote server IP Username test authenticate user name Passwrod test authenticate user password Conneciton Type LAN-to-LAN Connection type Peer Network IP...

  • Page 80: L2Tp

    L2TP L2TP, Layer 2 Tunneling Protocol is a tunneling protocol used to support virtual private networks (VPNs). It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it passes within the tunnel to provide. This page is for setting L2TP Server, Client and Account.
  • Page 81 Secret Key: Enter the secret key for tunnel authentication. Assigned to Peer IP Address start from: Enter the IP address that will be assigned to remote L2TP client. The IP address cannot in DHCP IP Pool range. Local IP Address: Enter the IP address for L2TP tunnel virtual interface. Server Account Name: Enter the name for this account profile.

  • Page 82: How To For L2Tp Server/Client

    How to for L2TP Server/Client Please Refer to PPTP. IPSec Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
  • Page 83 Click Add New Connection to create IPSec connections. IPSec Connection Setting Connection Name: A given name for the connection (e.g. connection to office). Active: Select Yes to activate the tunnel. WAN Interface: Select the existing WAN interface for the IPSec connection, when you select 3G/4G-LTE interface, the IPSec tunnel would via this interface to connect to the remote peer.
  • Page 84 4 Subnet: The subnet of the local network, for establishing an IPSec tunnel between a pair of security gateways (network-to-network) Remote Network: Set the IP address or subnet of the remote network. 4 Single IP: The IP address of the local host, for establishing an IPSec connection between a security gateway and a host (network-to-host).
  • Page 85 security so that data will be encrypted and the data origin be authenticated but using AH data origin will only be authenticated but not encrypted. Encryption Algorithm: Select the encryption algorithm from the drop-down menu. There are several options: DES and AES (128, 192 and 256). 3DES and AES are more powerful but increase latency. 4 DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method.

  • Page 86: How To For Ipsec

    How to for IPsec 1. LAN-to-LAN connection Two TW-EAV510 AC routers want to setup a secure IPSec VPN tunnel. Both are with enabled IPsec function. Note: The IPSec Settings shall be consistent between the two routers.
  • Page 87 Head Office Side: Item Description Connection Name H-to-B Name for IPSec tunnel Remote Secure Gateway 69.121.1.30 IP address of the Branch office gateway Access Netork Local Access Range Subnet Head Office network Local Netwrok IP Address 192.168.1.0 Local Netwrok Netmask 255.255.255.0 Remote Access Range Subnet...
  • Page 89 Branch Office Side: Item Description Connection Name B-to-H Name for IPSec tunnel Remote Secure Gateway 69.121.1.3 IP address of the Branch office gateway Access Netork Local Access Range Subnet Branch Office network Local Netwrok IP Address 192.168.0.0 Local Netwrok Netmask 255.255.255.0 Remote Access Range Subnet...
  • Page 90 2. Host to LAN Router servers as VPN server, and host should install the IPSec client to connect to head office through IPSec VPN.
  • Page 91 Head Office Side: Item Description Connection Name H-to-H Name for IPSec tunnel Remote Secure Gateway 69.121.1.30 IP address of the Branch office gateway Access Netork Local Access Range Subnet Head Office network Local Netwrok IP Address 192.168.1.0 Local Netwrok Netmask 255.255.255.0 Remote Access Range Signal IP...

  • Page 93: Gre Settings

    GRE Settings In terms of how to use GRE here, it needs to be associated with Bridge Grouping. GRE: Choose to enable or disable the GRE feature. Press Apply Changes to submit your changes. Name: A given name for identification for GRE tunnel. Admin Status: Choose to enable or disable this tunnel.
  • Page 95 2. Create a GRE Tunnel...
  • Page 96 3. Map LAN interface(s) on the GRE tunnel with Bridge Grouping Disable DHCP assignment for the LAN interfaces.

  • Page 98: Advance

    Advance Bridging This page is used to configure the bridge parameters. You can change the settings or view some information on the bridge and its attached ports. Ageing Time: If the host is idle for 7200 seconds (default value), its entry is deleted from the bridge table.

  • Page 99: Routing

    Routing Enter the static routing information for an entry to the routing table. Click Add button when you are finished. Enable: Checked to enable static route function. Destination/Subnet Mask: Enter the destination IP address and the subnet mask. Next Hop: Specify the gateway IP address for routing to next network. Metric: Metric is a policy for router to commit router, to determine the optimal route.

  • Page 100: Snmp

    SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. The router serves as a SNMP agent that allows a manager station to manage and monitor the router through the network. Enable SNMP: Enable to activate SNMP function.

  • Page 101: Bridge Grouping

    Bridge Grouping Bridge/Interface grouping is a function to group interfaces, known as VLAN. A Virtual LAN, is a group of hosts with the common set of requirements that communicate as if they were attached to the same broadcast domain, regardless of the physical location. Each group will perform as an independent network. Grouped Interfaces: Group interfaces into one group.
  • Page 102 1. Create bridged WAN interfaces or GRE tunnels. 2. Classify interfaces into one group. Click Apply Changes to save.

  • Page 103: Ip Qos

    IP QoS QoS Policy IP QoS: Enable/Disable the IP QoS function. Policy: Specify the policy for queue. Policy: The Queue Scheduling Algorithm, here supporting WRR (Weighted Round Robin) and PRIO (Priority). Ø WRR: Weighted Round Robin, used to alternate each WRR queue to ensure that every queue can enjoy its due service time (resource) in accordance with its weight.

  • Page 104: Qos Classification

    QoS Classification Click the Add button to add QoS rule. Rule Name: Enter the rule name. Rule Order: Rule Index. Precedence: Specify which Queue the packets matching the QoS conditions are to be classified into. Please notice that only when the packet fulfill every detailed conditions set below, then this packet will be remarked as the priority queue of each rule.
  • Page 105 Ethernet Type: EtherType is a two-octet field in an Ethernet frame. It is used to indicate which protocol is encapsulated in the payload of the frame. Specify the Ethernet Type of packets to be monitored. IP/Protocol Source IP/Port: The source IP/Port of packets to be monitored. Destination IP/Port: The destination IP/Port of packets to be monitored.

  • Page 106: Printer Server

    The Print Server feature allows you to share a printer on your network by connecting a USB cable from your printer to the USB port on the TW-EAV510 AC. This allows you to print from any location on your network.
  • Page 107 3. Click Next button and follow the instruction by Windows 10.

  • Page 108: Ipv6

    IPv6 IPv6 IPv6: Enable or Disable the IPv6 function. RADVD MaxRtrAdvInterval: The maximum time allowed between sending unsolicited multicast router advertisements from the interface, in seconds. It Must be no less than 4 seconds and no greater than 1800 seconds. MinRtrAdvInterval: The minimum time allowed between sending unsolicited multicast router advertisements from the interface, in seconds.

  • Page 109: Dhcpv6

    DHCPv6 DHCPv6 Mode: Set to DHCPServer(Auto) to assign the IPv6 address to all LAN clients or set to NONE to disable it. MLD Proxy The MLD Proxy feature provides a mechanism for a device to generate MLD membership reports for all entries or a user-defined subset of these entries on the device’s upstream interface.

  • Page 110: Ipv6 Routing

    packets sent in a multicast network, and it analyzes all MLD packets between hosts and the connected multicast routers in the network. Without MLD snooping, multicast traffic is treated in the same manner as broadcast traffic - that is, it is forwarded to all ports. With MLD snooping, multicast traffic of a group is only forwarded to ports that have members of that group.

  • Page 111: Ip/Port Filtering

    IP/Port Filtering Outgoing Default/Incoming Default Action: Specify the default action for the unmatched traffic in Current Filter Table. Direction: Specify the direction of traffic. Protocol: Specify the protocol of traffic. Rule Action: Specify what action will be applied to this rule. Source Interface ID/Destination Interface ID: Enter the information of traffic that will be hooked by filter.

  • Page 112: Diagnostics

    Diagnostics Ping This page will help you to diagnostic the status of your Network. You can use “Ping” methods in this page. After you input the IP address, click Go button. Host: Enter your host IP/domain name to ping to test the connectivity between the host and your router.

  • Page 113: Atm Loopback

    ATM Loopback The router is equipped to perform connectivity verification by the use of the ATM OAM loopback capability for both VP and VC connections. This page is used to perform the VCC loopback function to check the connectivity of the VCC.

  • Page 114: Dsl Tone

    DSL Tone The frequency band of ADSL is split up into 256 separate tones, each spaced 4.3125 kHz apart. With each tone carrying separate data, the technique operates as if 256 separate modems were running in parallel. The tone range is from 0 to 31 for upstream and from 32 to 255 for downstream.

  • Page 115: Adsl Connection

    ADSL Connection The router is capable of testing your WAN connection. Run Diagnostic Test to proceed.

  • Page 116: Management

    Management This page allows user to reboot your device. All services will be terminated during rebooting. Backup/Restore This page allows user to backup or restore the router settings to/from file. Click Backup, a window appears, click save, and then browse the location where you want to save the backup file Click Choose File.

  • Page 117: Password

    Password The administrator password can be changed by this page. Suggest to change default password for better security protection. Old Password: The old password for the user. New Password: Enter new password. Confirm Password: Enter new password again for confirmation. Firmware Upgrade The firmware keeps enhancement and improvement.

  • Page 118: Acl

    This page allows user to allow/block access to the router’s service with specified IP address or network on both LAN and WAN direction. ACL Capability: The router’s all service will be opened and can be accessed by any direction if set to disable. Default is enable.
  • Page 119 Example on how to configure ACL, Here we are going to establish two frequently used rules to illustrate. 1. Set up a rule to allow only clients from LAN to have access to all embedded applications (HTTP, HTTPS, Ping, etc). Under this situation, clients from WAN cannot access the router even from Ping. Click Add to add rule.

  • Page 120: Time Zone

    Setup the Time Zone and NTP server here to correct and sync the time on the router. SMS Alert Settings SMS, Short Message Service, is to inform clients the information clients subscribe. TW-EAV510 AC offers SMS alert sending clients alert messages when a default route change is detected.

  • Page 121: Statistics

    Statistics Interface This page shows the statistics (Receive/Transmit packets, Receive/Transmit errors, Receive/Transmit drops) of each interface. Click Reset Statistics button to reset counter.

  • Page 122: Dsl

    This page shows more DSL Synchronization details.

  • Page 123: Language

    Language This page allows user to configure the WEB GUI display language. Reboot Click the Commit and Reboot button to reboot the device immediately with the current settings. Logout This page will force the user logout immediately by clicking Logout button. Simultaneous access to the router is not allowed.

Table of Contents

Save PDF