1. Manuals
  2. Brands
  3. Value Point Manuals
  4. Controller
  5. Gateway controller Series
  6. User manual

Value Point Gateway controller Series User Manual

Gateway controller
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
G
C
ATEWAY
ONTROLLER
G
G
A
T
E
A
T
E
U
2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED
S
ERIES
C
C
W
A
Y
W
A
Y
3
5
3
5
M
S E R
O
N
T
R
O
O
N
T
R
O
6
0
6
0
A N U A L
U
M
SER
ANUAL
L
L
E
R
L
L
E
R
P
1
124
AGE
OF

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Gateway controller Series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Value Point Gateway controller Series

Summary of Contents for Value Point Gateway controller Series

  • Page 1 ATEWAY ONTROLLER ERIES ANUAL S E R A N U A L 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...
  • Page 2 ATEWAY ONTROLLER ERIES ANUAL © 2003 - 2011, ValuePoint Networks, Inc. All written material and information in this manual is a copyright of ValuePoint Networks, Inc. No part of this work may be reproduced, stored in a retrieval system, adapted or transmitted in any form, by any means-electronic, mechanical, photographic, optical recording or otherwise, for any purpose, without prior permission from ValuePoint Networks, Inc.
  • Page 3 ATEWAY ONTROLLER ERIES ANUAL Please read this manual before working with the Gateway Controller 3560. This manual is intended to provide a basic understanding of the Gateway Controller. Although utmost care has been taken to provide all the information in this manual that is required to understand the functionality of the Controller, any additional inquiries can be mailed to: support@valuepointnet.com.

  • Page 4: Table Of Contents

    ATEWAY ONTROLLER ERIES ANUAL             3 . 1 ..........1 2 A S I C U N C T I O N S  ...
  • Page 5 ATEWAY ONTROLLER ERIES ANUAL N T R O D U C T I O N Overview Valuepoint Networks developed the Gateway Controller to provide reliable and secure high-speed access to the Internet for Public Networks. When deployed in a broadband service network the Gateway Controller can recognize new users on the network and redirect them to the appropriate connections.
  • Page 6 ATEWAY ONTROLLER ERIES ANUAL Some subscribers will have a HTTP Proxy configured in their web browser, generally as part of their corporate configuration. The Controller can detect and re-route these proxy HTTP requests to provide seamless connectivity to the subscriber. ...
  • Page 7 ATEWAY ONTROLLER ERIES ANUAL  “Captured Portal” Home Page Redirection The Gateway Controller allows the venue owner to redirect subscribers to a corporate web site or custom portal with custom branding, login methodology, billing, terms of service, and more.  Authenticated User Pass-through After their initial login to validate their account, give subscribers access to the network without needing to Login each time to their account.
  • Page 8 ATEWAY ONTROLLER ERIES ANUAL  Sophisticated SysLog Monitoring A detailed System Log (Sysco) server is built-in to log events and enable automated monitoring. The System logs can be stored internally or events broadcast to a local or remote SysLog client. ...
  • Page 9 ATEWAY ONTROLLER ERIES ANUAL  Bandwidth limiting to insure Quality of Service for all subscribers Throttle bandwidth usage by any single subscriber back to the configured bits- per-second (bps). This prevents any one subscriber from monopolizing the network.  Custom Packet Filter The packet filter checks every incoming and outgoing packet against a set of custom rules.
  • Page 10 ATEWAY ONTROLLER ERIES ANUAL  LAN Port Isolation LAN port traffic can be isolated from other LAN ports. You can designate public and private ports that cannot communicate to protect sensitive segments of the LAN network.  DMCA Safe Harbor and CALEA Connection Logging Log every subscriber connection to track all activity on the site for legal, security, or auditing purposes.
  • Page 11 ATEWAY ONTROLLER ERIES ANUAL N S T A L L A T I O N This section of the Manual gives information regarding the requirements and installation procedures for a successful installation of the Gateway Controller. Requirements Check the following requirements for installing the Gateway Controller. Y S T E M E Q U I R E M E N T S Management System:...

  • Page 12: C O N F I G U R A T I O N

    ATEWAY ONTROLLER ERIES ANUAL O N F I G U R A T I O N This section of the Manual will give you information regarding access, login and usage of all the features of the Gateway Controller. 3 . 1 . B A S I C U N C T I O N S The screen below shows the type of options the user will come across frequently while...
  • Page 13 ATEWAY ONTROLLER ERIES ANUAL To select a value from a list, first click on the arrow that is found on the right side of this list box and then select a value desired from the displayed list. A D I O U T T O N S To select a radio button simply click on the desired radio button.
  • Page 14 ATEWAY ONTROLLER ERIES ANUAL 3 . 2 . U S I N G T H E A N A G E M E N T N T E R F A C E To access the Gateway Controller and utilize its menus enter the WAN or LAN IP address in the browser and press ‘Enter’.

  • Page 15: Express Setup

    ATEWAY ONTROLLER ERIES ANUAL After entering the user name and password, click on the OK button. The Controller will validate the user name and password. If a correct user name and password has been supplied you will gain access to the Controller; otherwise an error message will be displayed.
  • Page 16 ATEWAY ONTROLLER ERIES ANUAL 3. Security 4. Customization 5. Management 6. Advanced 7. System Status 8. System Tools 9. Help 10. Index These menus allow the user to configure the settings. To access the menu, click on the respective menu button. The ninth menu is Help.
  • Page 17 ATEWAY ONTROLLER ERIES ANUAL Clicking this button causes the settings configured by the user saved. settings take effect immediately or on the next reboot. The Controller prompts you to reboot if necessary. 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...
  • Page 18 ATEWAY ONTROLLER ERIES ANUAL 3.2.2. X P R E S S E T U P This menu allows the user to configure the basic settings for accessing the Internet. Screen 4 Express Setup WAN Port Mode In this section, select DHCP Client, Static IP or PPPoE setting options. 1.
  • Page 19 ATEWAY ONTROLLER ERIES ANUAL 3. To use PPPoE protocol to connect to your ISP, select PPPoE and perform the following steps: 1. Type the User Name for PPPoE protocol to connect the ISP. 2. Type the correct Password for the above User Name. 3.
  • Page 20 ATEWAY ONTROLLER ERIES ANUAL 3.2.3. E T W O R K S The Networks menu tabs control basic configuration of the gateway along with IP addressing, DHCP, and other features that affect customer network access. Y S T E M This section of the Controller allows you to configure the System Settings.
  • Page 21 ATEWAY ONTROLLER ERIES ANUAL Management IP address Filter You can limit access to the management interface by selecting Specify and entering the access IP addresses. By default, Any IP Address is allowed. When Specify is selected, only addresses within that range will be able to manage the Controller. Do a hard reset to factory defaults if you forget what addresses are allowed and cannot get in.
  • Page 22 ATEWAY ONTROLLER ERIES ANUAL 1. LAN Broadcast traffic blocked, some subscribers may see other computers listed under “Computers Near Me” in Windows. These subscribers will not be able to share files, ping, or access each other’s computers, however. 2. The first “PING” attempt between subscribers may succeed if the Controller has not previously seen traffic from that subscriber.
  • Page 23 ATEWAY ONTROLLER ERIES ANUAL any traffic to LAN port 2-4. For example, this could be used to isolate a private or office network on Port 1 from a public network for Hotel Guests on Port 2. Hours of Service Login/Terms of Service/Café Account Authentication can be disabled based on time of day and day of week.
  • Page 24 ATEWAY ONTROLLER ERIES ANUAL Packets/Minute. The default “0” means a subscriber sending no packets in one minute is idle. Increasing this number allows minimal activity to be marked as idle, if this is your requirement. Note: Setting Idle Timeout to ‘0’ is not recommended for public networks. Unless these subscribers manually log out, their sessions will never be terminated.
  • Page 25 ATEWAY ONTROLLER ERIES ANUAL . WAN /LAN This Menu allows you to configure the WAN/LAN settings of the Gateway Controller. Screen 6 WAN/LAN Setting Gateway IP (LAN IP) Setting Primary LAN Network Type the IP Address and Subnet Mask of your Gateway Controller here.
  • Page 26 ATEWAY ONTROLLER ERIES ANUAL need to be discovered by ARP. Finding a device among 256 VLANs requires multiple ARP requests, and some simple network devices may not correctly process the ARP traffic. When using VLAN trunking, the Controller will only look for those devices on a single VLAN, so the ARP discovery process will be reduced.
  • Page 27 ATEWAY ONTROLLER ERIES ANUAL combine Alias Subnet with Port Isolation to create totally separate networks. Note: Many of the advanced subscriber features are only available on the primary LAN subnet. For this reason, the Alias Subnets are best suited for known devices or PCs, rather than additional guest networks where subscribers come and go.
  • Page 28 ATEWAY ONTROLLER ERIES ANUAL When Auto Connection is enabled, the Controller will establish a PPPoE session automatically, regardless of subscriber activity. By default, the Controller sets Enabled as the value for Auto Connection. 5. Select the Auto Disconnection duration in minutes from the drop down list here.
  • Page 29 ATEWAY ONTROLLER ERIES ANUAL the default values. Click on Define Custom Bandwidth Profiles to see the table of custom profiles. For each profile, 1 through 14, you can define the precise upload and download limit you want. Once the limits are defined, local accounts can be configured to use that profile on the add/edit user page.
  • Page 30 ATEWAY ONTROLLER ERIES ANUAL addresses, such with file sharing application like BitTorrent. A “normal” web page request can generate up to 10 legitimate sessions, so we do not recommend settings these limits below 20. VLAN Trunk The VLAN ID of each subscriber can be tracked using 802.1q VLAN Trunk. This allows the Controller to processing incoming VLAN tags for monitoring and authentication purposes and correctly tag outgoing traffic so those subscribers receive traffic for their VLAN only.
  • Page 31 ATEWAY ONTROLLER ERIES ANUAL WAN MAC Address Select either Default WAN MAC Address or Change to option and type the respective WAN MAC Address of the network interface card here. By default, the Controller selects Default as the value. This feature can be used if your ISP requires a particular MAC Address to provide service.
  • Page 32 ATEWAY ONTROLLER ERIES ANUAL E R V E R This menu allows you to configure the various Server Settings of the Gateway Controller. Screen 7 Server Configuration DHCP Server 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...
  • Page 33 ATEWAY ONTROLLER ERIES ANUAL Select the DHCP Server type you want by selecting the respective radio button here. The available options are DHCP Disable, DHCP Relay and DHCP Server. The default selection is DHCP Server. 1. To disable DHCP server, select DHCP Disable option. 2.
  • Page 34 ATEWAY ONTROLLER ERIES ANUAL detect a loss of service, in which case the remaining Controller supports all subscribers. Otherwise, the subscribers are shared between the two Controllers and the two WAN ports General Functionality: The Primary and Secondary Controller both respond to DHCP requests in the same pool.
  • Page 35 ATEWAY ONTROLLER ERIES ANUAL Primary's share of the subscribers. Be sure to configure both peers with the same value Optional Configuration: In most cases, the default options are sufficient, but review the other configuration options to modify the Dual WAN behavior. Dual WAN Peer/Local Port: Select a different incoming and outgoing port for load balancing peer communication if necessary.
  • Page 36 ATEWAY ONTROLLER ERIES ANUAL Concurrent subscribers: Two load balancing Controllers support up to 400 concurrent (logged in) subscribers. This is based on 200 subscribers per gateway. Auto-IP: Only the Primary Controller runs Auto-IP and responds to misconfigured clients. In the case of a failover, the Secondary Controller will start providing this service.
  • Page 37 ATEWAY ONTROLLER ERIES ANUAL connection. Subscribers may find their connection to be slower using Auto-Proxy, so disabling an invalid proxy setting is the best subscriber configuration. HTTP Auto-Proxy Ports Type the HTTP Proxy Server Ports here. The HTTP Proxy will redirect outgoing connections on these ports.
  • Page 38 ATEWAY ONTROLLER ERIES ANUAL O U T I N G This menu allows you to configure the Routing Table in the Gateway Controller. Routing Screen Current Routing Table You can see the current routing table and add/delete static routes. This may be required for more complex network topologies.
  • Page 39 ATEWAY ONTROLLER ERIES ANUAL . AR P This menu allows you to manage the ARP table of the Gateway Controller. ARP Screen Current ARP Table You can see the current ARP table and add/delete ARP bindings. This may be required for more complex network topologies, or sometimes in troubleshooting individual connections.

  • Page 40: S E C U R I T Y

    ATEWAY ONTROLLER ERIES ANUAL 3.2.4. E C U R I T Y U T H E N T I C A T I O N This menu allows you to configure the Authentication Settings of the Gateway Controller. Screen 8 Authentication Configuration The Authentication Configuration has six radio button options: RADIUS Server, Local Authentication, Hampton Inn HSIA Authentication, Terms of Service, Authentication...
  • Page 41 ATEWAY ONTROLLER ERIES ANUAL If the RADIUS Server option is selected the RADIUS specific settings are displayed: Screen 9 Radius Server Authentication The configurable options on this menu are: Authentication Type Primary RADIUS Server The Primary RADIUS Server provides the authentication and accounting for subscribers.
  • Page 42 ATEWAY ONTROLLER ERIES ANUAL 1. Primary RADIUS Server IP Address. 2. Primary RADIUS Server Authentication Port Number. By default, the value is This is the typical Authentication 1812. port, but your server may be different. 3. Primary RADIUS Server Accounting Port Number. By default, the value is .
  • Page 43 ATEWAY ONTROLLER ERIES ANUAL Interim Update Period If you want to receive accounting records for subscribers that are still logged in, you can set the period here. Otherwise RADIUS provides an accounting record when the subscriber session ends. Authentication Method Select the Authentication Method for RADIUS from the drop down list box here.
  • Page 44 ATEWAY ONTROLLER ERIES ANUAL Acct-Multi-Session-Id for client VLAN ID When VLAN Trunk is enabled, you can receive subscriber VLAN IDs in the Acct-Multi-Session-Id attribute. can use subscriber VLAN ID for additional tracking, location based services, or many other purposes. Local Authentication If Local Authentication is selected, the menu displays three command buttons.
  • Page 45 ATEWAY ONTROLLER ERIES ANUAL Screen 11 Popup window of Auto Create User command Set Auto Default Click Set Auto Default to set default values to this section. Clicking this command will display a pop-up window with various authentication settings. Use these settings to define the kind of users and time limits to be automatically created.
  • Page 46 ATEWAY ONTROLLER ERIES ANUAL Screen 12 Popup window of Set Auto Default User command Expiration Date/Time Set the amount of time the account should remain valid. Week, Day, and Hour set the duration of the account from today, shown under Date / Time. Accumulation Limit Usage limit in minutes of the account.
  • Page 47 ATEWAY ONTROLLER ERIES ANUAL this in mind if you have many users on a single username/password. You can use the global limit to allow each subscriber to utilize the full bandwidth limit when they are sharing a single unlimited account. A laptop typically has two different MAC addresses for the Ethernet port and the WiFi card.
  • Page 48 ATEWAY ONTROLLER ERIES ANUAL Edit (click username) Clicking on a username opens an edit window. The options are the same as for adding users. Hampton Inn HSIA Authentication To use the Hampton Inn HSIA Central Authentication Server (CAS), select Hampton Inn HSIA Authentication.
  • Page 49 ATEWAY ONTROLLER ERIES ANUAL Gateway IP In most cases, this field is blank. Normally the Public IP of the Controller will be provided to the CAS automatically. If the Controller is behind another NAT firewall, you can use this field to override this and provide the IP Address of the Firewall here.
  • Page 50 ATEWAY ONTROLLER ERIES ANUAL No Authentication wish control subscriber access Internet, select Authentication. In this configuration, subscribers will still need to initiate a HTTP request by opening their web browser in order to be passed through the firewall. This process is transparent to the subscriber. If subscribers ping or send email before requesting a web page these requests will not go through.
  • Page 51 ATEWAY ONTROLLER ERIES ANUAL continues to expire whether the guest is actively using the internet or not, so plan for this when determining account times. Total access time and cost can be configured here. PMS in ter na l a nd ex te rna l l og in page s You can create an internal PMS login page using the standard login page Internal_Portal.htm or redirect to an external portal using a HTTP POST form.
  • Page 52 ATEWAY ONTROLLER ERIES ANUAL PMS Server Type Select PMS Server Type from the drop down menu. Only Micros Fidelio is supported currently. PMS Server IP The IP Address of PMS Server. PMS Server Port The Port number for communication with PMS Server PMS Access Time Enter subscriber...
  • Page 53 ATEWAY ONTROLLER ERIES ANUAL AS S T H R O U G H These settings allow you to define the pass-through subscribers and destinations when using Authentication. Screen 16 Pass-through Menu There are two options for configuring Pass-through settings in the Controller. you only need a limited number of entries, up to 48 per option, you can configure these from the GUI directly.
  • Page 54 ATEWAY ONTROLLER ERIES ANUAL Pass-through Source IP Type Subscriber’s pass-through Address here. Subscribers devices with these addresses will permanently connected. These IP Addresses are not affected by the black list, redirection, or any other connection limitation. You can use this table for equipment like security cameras, which must be permanently connected to the internet.
  • Page 55 ATEWAY ONTROLLER ERIES ANUAL 3.2.5. U S T O M I Z AT I O N O G I N A G E This menu allows you to customize the Login Page settings of the Gateway Controller. Screen 17 Login Page 2011, VALUEPOINT NETWORKS, INC.

  • Page 56: Customization

    ATEWAY ONTROLLER ERIES ANUAL Default Select this option to keep the standard default login page. To view the standard Login Page that subscribers will see, click on the “Preview Default Login Page” button. Selecting this option will pop-up a dialog box prompting the user to enter the user id and password to be authenticated.
  • Page 57 ATEWAY ONTROLLER ERIES ANUAL Selecting Subscriber Attributes produces this in the browser: http://www.gateway.com/3000/login.html?NASID=NotellMotel&MAC=000BDBDF1DFB&URL= www.google.com Your portal page can parse these values from the URL: NASID=[NASID configured under Networks - System] MAC=[Subscriber MAC Address] URL=[Subscriber’s original request URL] You can use these values in your CGI to provide special handling for subscribers or locations on your portal page.
  • Page 58 ATEWAY ONTROLLER ERIES ANUAL 1. If None is selected, then the Page Background will be white. 2. If Background Color option is selected then the user can further select the desired background color by clicking on the icon given right after the Background Color text box. Message Type the desired Message, which will appear on the Login Page.
  • Page 59 ATEWAY ONTROLLER ERIES ANUAL Specify URL Select this option to redirect the subscriber to specified URL after authentication. This setting will override any URLs specified 3000terms.xml file Portal Page authentication code. This feature can be used to redirect all authenticated customers to a hotel website, for example. Internal Portal Select this option to redirect the subscriber to the Internal Portal Redirect Page.
  • Page 60 ATEWAY ONTROLLER ERIES ANUAL Portal Page To allow free access from a redirected or external web page, click on the External Portal HTML Code button and cut/paste the HTML code into your page. Example Usage If you set free access to 30 minutes every 24 hours, this would allow any user to access the internet for 30 minutes once per day.
  • Page 61 ATEWAY ONTROLLER ERIES ANUAL E S S A G E U S T O M I Z A T I O N This menu allows the user to customize the message text of the Gateway Controller. The message customization screen appears as shown below, Screen 18 Message Customization 2011, VALUEPOINT NETWORKS, INC.
  • Page 62 ATEWAY ONTROLLER ERIES ANUAL Welcome Page Subscribers who are configured with pass-through access will not be redirected to a login page. An optional welcome page for these subscribers can be configured for these users. Title The title of the welcome page, which is displayed at the top of the welcome page.
  • Page 63 ATEWAY ONTROLLER ERIES ANUAL Rejection Message If the response type is enabled then type the rejection message here. When a blacklisted MAC address attempts to connect, they will receive this message. Logout Window Pop-up Logout Window Select either Enable to enable the Pop-up Logout Window or Disable to disable the same.
  • Page 64 ATEWAY ONTROLLER ERIES ANUAL View External Portal HTML When clicked, a pop-up window shows the HTMP code for logout link. To have the logout link in an external page, use the html code provided in this window as reference. Preview When clicked a pop-up window shows a preview screen with the current settings.
  • Page 65 ATEWAY ONTROLLER ERIES ANUAL P L O A D A G E S This page allows you to upload up to 50 files totaling up to 2MB of file space. You can use this page to customize the default pages used internally by the Controller. The standard login / message pages are listed by default.
  • Page 66 ATEWAY ONTROLLER ERIES ANUAL Post_Auth.html Subscribers are redirected to this page after logging in when you select Customization – Login Page – Post Authentication Redirect – Internal Portal. Blacklist.html Users with blacklisted MAC Addresses are redirected to this page when they access system...
  • Page 67 ATEWAY ONTROLLER ERIES ANUAL Reset defaults Selecting this option erases all files and resets default pages. The Controller configuration is not affected by this. However, resetting the Controller to defaults under Maintenance – System Tools – Factory Settings will reset the file system as well.
  • Page 68 ATEWAY ONTROLLER ERIES ANUAL Set Customization – Login Page – Login Page = Internal Portal Download the Internal_Portal.htm template from Customization – Upload Pages. Customize this HTML file with the text and graphics that you want. You can replace the default ValuePoint Banner.jpg file, or just upload whatever graphics you want and reference them in your HTML.
  • Page 69 ATEWAY ONTROLLER ERIES ANUAL Login.htm: This page has the Login POST FORM on it along with a username and password text field, with whatever graphics and style you want. When the user clicks “login” their account is validated however you have authentication configured (Local Database, RADIUS, etc.).
  • Page 70 ATEWAY ONTROLLER ERIES ANUAL D V E R T I S E M E N T This menu allows the user to link the Advertisement URL’s to the Gateway Controller. These will be displayed to the subscriber when they connect and every few minutes as configured.
  • Page 71 ATEWAY ONTROLLER ERIES ANUAL Ad[X] Type the URL Links to the advertisements which are to be displayed. Note: The Logout pop-up window generates the automatic advertisements. You must enable the logout pop-up if you want to generate advertisement windows. 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...

  • Page 72: Man Ag E M E N T

    ATEWAY ONTROLLER ERIES ANUAL 3.2.6. AN AG E M E N T . S NM P The Simple Network Management Protocol (SNMP) can be used to monitor and control many kinds of network devices. The Controller supports the SNMP variables contained in the MIB-II specification.
  • Page 73 ATEWAY ONTROLLER ERIES ANUAL System Location The MIB-II System Location text. IP Address Enter the IP Address for sending SNMP Trap Messages. Community Enter the Community name string used while sending SNMP Trap messages. Trap Select From the drop down menu, select the Version of SNMP Trap to use.
  • Page 74 ATEWAY ONTROLLER ERIES ANUAL provide a robust response to their threatening takedown letters, it may be less likely that they will throttle or cancel your connection, disrupting your business. Subscriber Connection Logging Connection Logging Functionality Select Enable to record every session opened by subscribers.
  • Page 75 ATEWAY ONTROLLER ERIES ANUAL Reply DstIP – Reply Destination IP Reply DstPort – Reply Destination Port Subscriber MACADDR – Subscriber MAC Address Subscriber Username – Subscriber User Name VLAN ID – VLAN ID if VLAN Trunk enabled Using the Connection Logs The log files are named by the NAS ID plus timestamp, so it is easy to find the site and date you want.
  • Page 76 ATEWAY ONTROLLER ERIES ANUAL holder demanded the identity of the subscriber, you would have it from the room number or MAC address. CALEA Compliance A law enforcement CALEA request will generally be specific to a particular subscriber. In this case you could provide them with all the logs for the dates they require, or just the portion of the logs that pertain to the room, individual, IP, or MAC address they request.
  • Page 77 ATEWAY ONTROLLER ERIES ANUAL Management Port Type the Management Port Number of the Device here. HTTP manageable devices, this will most likely be port 80. You can map SNMP to port 161, or another application to its port. Controller Port Type the Controller Virtual Port Number here.
  • Page 78 ATEWAY ONTROLLER ERIES ANUAL Port Range Forwarding In some cases, you may need to forward a range or ports to an internal device. In this case, the Controller and Device Port are the same port. Be careful not to forward ports you need on the Controller, such as the HTTP GUI on port 80.
  • Page 79 ATEWAY ONTROLLER ERIES ANUAL Y S T E M O G G I N G O N F I G U R A T I O N This menu allows the user to configure the SysLog settings of the Gateway Controller.
  • Page 80 ATEWAY ONTROLLER ERIES ANUAL Server Location If SysLog on LAN Server is checked then type the LAN IP Address of the server. If SysLog on WAN Server is checked then type the WAN IP Address of the SysLog Server. View SysLog is a button which when clicked will show the details of log messages in a pop-up window if Local SysLog is selected.
  • Page 81 ATEWAY ONTROLLER ERIES ANUAL SysLog Level Choose the volume and importance of SysLog reports recorded. 1. Checking the Error option will report only Errors in SysLog. 2. Checking the Warning option will report Warnings and Errors. 3. Checking the Information option will report all SysLog messages.

  • Page 82: A D V An C E D

    ATEWAY ONTROLLER ERIES ANUAL 3.2.7. D V AN C E D This menu allows you to configure the settings with more advanced features. These features are intended for expert network configuration. Enabling these incorrectly can easily make the network partially or totally unusable. The scope this manual does not include detailed explanations of these technologies.
  • Page 83 ATEWAY ONTROLLER ERIES ANUAL Confirm Password Type the password again here to compare and confirm password. For security purposes, the characters appear in asterisks (*). It accepts up to 20 characters. Update Interval This is the interval of updates to the DNS entry. The value typed is calculated in terms of minutes.
  • Page 84 ATEWAY ONTROLLER ERIES ANUAL . GRE/VPN T U N N E L The Controller is capable of initiating and terminating private IP tunnels using the VPN and GRE standards. Screen 26 GRE/VPN Tunnel Screen GRE Tunnel You can configure the Controller to route all authenticated traffic through a Generic Routing Encapsulation (GRE) tunnel.
  • Page 85 ATEWAY ONTROLLER ERIES ANUAL tunnel configuration. You must build the advanced functionality you want into your server at the other end of the tunnel. Walled garden, DNS, and IP pass-through traffic will not be routed through the tunnel, and all normal security, redirection, and authentication features will still be in effect as configured in the Controller.
  • Page 86 ATEWAY ONTROLLER ERIES ANUAL Erase Tunnel Reset tunnel name and values to default Tunnel Name By default, the tunnels are named VPN1 – VPN10. can change the name of the currently selected tunnel in the Tunnel Name field. Local VPN IP/Subnet IP address and subnet of the network on the Controller that you want to access the network on the remote gateway through VPN.
  • Page 87 ATEWAY ONTROLLER ERIES ANUAL Automatic Keying Using Automatic Keying, the encryption keys that secure the connection are constantly changed. This make the process much more complicated, but also very secure. It is critical that all the setting match between the two VPN gateways, or they will not connect.
  • Page 88 ATEWAY ONTROLLER ERIES ANUAL Additional Proposals other secure gateway rejects proposals configured above, the Controller can make additional proposals as selected here. Automatic Phase 2 Phase 2 of VPN is when the tunnel is constructed and traffic exchanged between the secure networks as configured for that tunnel.
  • Page 89 ATEWAY ONTROLLER ERIES ANUAL Manual Phase 2 Protocol The Controller uses the ESP protocol for VPN. Make sure that this setting matches on the other VPN gateway. Encryption You can choose a faster DES encryption or slower 3DES. 3DES is more secure but require more resources. Authentication You can choose MD5 or SHA1.
  • Page 90 ATEWAY ONTROLLER ERIES ANUAL VPN IPSec Troubleshooting The focus of the VPN IPSec standard is to ensure security, not compatibility or ease of use. The protocol is unforgiving of configuration errors. The VPN connection will generally be refused if something does not match. In trying to get two gateways to connect triple check all of the settings including VPN ID, Protocol, and Key Timeouts.
  • Page 91 ATEWAY ONTROLLER ERIES ANUAL A C K E T I L T E R The packet filter checks every incoming and outgoing packet against a set of custom rules. You can use this feature to block unwanted traffic or subscribers in very broad to very narrow groups.
  • Page 92 ATEWAY ONTROLLER ERIES ANUAL rules take precedent over Deny rules, so you can create broad blocking rules then just allow the specific traffic you want. Por t Fi lte r The Port Filter will block or allow all traffic to a particular port. This is typically used to block specific applications, like file sharing, IM chat, etc.
  • Page 93 ATEWAY ONTROLLER ERIES ANUAL . VPN S T A T I C For some VPN connections, subscribers may need access to a routable public IP address, rather than a NATed LAN address. Configuring VLAN Static IP allows subscribers to reserve a public IP from the ISP for a limited time. You will need one or more extra public IP addresses from the ISP to use this feature.
  • Page 94 ATEWAY ONTROLLER ERIES ANUAL Screen 26 Subscriber Static IP Subscriber Static IP Select one of the three available options for Subscriber Static 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...
  • Page 95 ATEWAY ONTROLLER ERIES ANUAL 1. Disable – Select this option to disable Subscriber Static IP feature. 2. Automatic – Select this option to enable Automatic Subscriber Static IP Assignment. Static Subscriber IP addresses along with subnet mask, Gateway address and DNS addresses are configured under Networks WAN/LAN if Subscriber Static IP Page is Automatic.
  • Page 96 ATEWAY ONTROLLER ERIES ANUAL Manual Page Title Type the Main Message or Title for the Manual subscriber static IP page in this text box. A maximum of 80 characters are allowed in the text box Manual Page Message Type additional comments to be displayed in the Manual subscriber static IP page.

  • Page 97: S Y S T E M S T At U S

    ATEWAY ONTROLLER ERIES ANUAL 3.2.8. Y S T E M T AT U S This menu tab opens up the submenus showing status of the Controller and subscribers. Y S T E M This menu displays current system information like Host Name, LAN MAC Address, WAN MAC Address, Primary DNS Server, DHCP Status, Lease Time etc.
  • Page 98 ATEWAY ONTROLLER ERIES ANUAL ISP Settings WAN Port Mode Here the menu displays the WAN MAC Port Mode. MAC Address Here the menu displays the WAN MAC Address of the Gateway Controller. IP Address Here the menu displays the IP Address of the Gateway Controller WAN Port.
  • Page 99 ATEWAY ONTROLLER ERIES ANUAL Here the menu displays the Reboot Cause. If the Controller is powered OFF or hard reset, the Reboot Cause is Unknown. Traffic Accumulation Here the menu displays the Traffic Accumulation. LAN and WAN Transmit/Receive statistics are displayed for the period of 24 hours, 1 day and from boot time.
  • Page 100 ATEWAY ONTROLLER ERIES ANUAL The menu displays the authentication type. In the screenshot above, it shows the type as Local Authentication Login Page Here the menu displays the login page type. In the screenshot above it shows it as Redirect E-mail Server IP Address The E-mail Server IP Addresses.
  • Page 101 ATEWAY ONTROLLER ERIES ANUAL U R R E N T S E R The current user list gives information on users currently authenticated by the Controller. Click on the field headers to sort the table by that field. Screen 31 Current User User Name The user name the subscriber provided when they logged in.
  • Page 102 ATEWAY ONTROLLER ERIES ANUAL Screen 28 Popup window of Current User Terminate/Detail command . DHC P C L I E N T This menu displays the DHCP user details on LAN. The details displayed are MAC Address and IP Address and usage. Screen 29 DHCP Clients MAC Address The MAC Address of DHCP user.
  • Page 103 ATEWAY ONTROLLER ERIES ANUAL O N N T R A C K The Connection Tracker allows you to monitor the real time usage status of the Gateway Controller by seeing open and ongoing connections to and from the Controller. This table allows you to monitor subscriber activity and look for unusual behavior caused by worms, viruses, or abusive subscribers.
  • Page 104 ATEWAY ONTROLLER ERIES ANUAL Protocol The protocol name in this column. The protocol type ID. Time Time in seconds until entry is cleared from table. State TCP State of the connection. Source Sent source IP address. Destination Sent destination IP Address. Source Port Sent source port number.
  • Page 105 ATEWAY ONTROLLER ERIES ANUAL . A P This menu displays the LAN Devices registered with the Gateway Controller. The screen appears as shown here, Screen 31 Access Points The field details are, Device Here the menu displays the LAN device name. Label Here the menu displays the user defined label.
  • Page 106 ATEWAY ONTROLLER ERIES ANUAL This part of the menu displays the system log details for viewing when Local SysLog is enabled. In this example, debug messages are enabled. Screen 32 SysLog The command buttons First, Prev, Next and Last will help the user to navigate when there are many pages of log details to be read.
  • Page 107 ATEWAY ONTROLLER ERIES ANUAL 3.2.9. Y S T E M O O L S A I N T E N A N C E This menu allows the user manage the device configuration and to upgrade the firmware in this device by using a file via HTTP or TFTP server. The following screen Screen 33 Maintenance 2011, VALUEPOINT NETWORKS, INC.
  • Page 108 ATEWAY ONTROLLER ERIES ANUAL Firmware Upgrade Firmware management Protocol Select the protocol name from the list box. Based on the selection the details on the screen will change. If the user selects the TFTP, then the screen will display following details, TFTP Firmware Upgrade TFTP Server IP Address Enter the IP address of the TFTP server where the Controller...
  • Page 109 ATEWAY ONTROLLER ERIES ANUAL Import Configuration Import Configuration This section offers the user an option of restoring the settings of the current device duplicating another devices’ configuration information. Type the file name along with the path name, or simply select the file from the system by clicking the command button labeled as Browse.
  • Page 110 ATEWAY ONTROLLER ERIES ANUAL Database Import Local User Database This section offers the user an option of restoring the settings from a saved the local user database. Type the file name along with the path name or simply select the file from the system by clicking the command button labeled Browse.
  • Page 111 ATEWAY ONTROLLER ERIES ANUAL Pass-through Up to 48 entries for each pass-through value can be entered directly into the GUI. If more entries are required, or entries are to be shared between sites, all of the pass-through entries can be loaded into an XML file and uploaded manually or according to a schedule.
  • Page 112 ATEWAY ONTROLLER ERIES ANUAL SSL Certificate SSL Certificate file Enter the SSL Certificate file name manually in the text box or select the file through the Browse button. You must upload a ‘self signed’ .pem certificate. A self signed certificate can be created by combining your .key and .cert into a single file.
  • Page 113 ATEWAY ONTROLLER ERIES ANUAL This section allows creating an administrator and providing the administrator with full control of the system and authority to modify the settings. Username Type the username here. Password This is a text box. Type the password here. For the sake of security the characters will appear as asterisks (*) in the box.
  • Page 114 ATEWAY ONTROLLER ERIES ANUAL manage the Controller remotely. Dynamic DNS settings will be preserved as well, in case the Controller is using DHCP. Click OK to restore to the default factory setting. 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...
  • Page 115 ATEWAY ONTROLLER ERIES ANUAL 3.2.10. E L P This menu contains helpful information about the Gateway Controller. Screen 36 HELP 2011, VALUEPOINT NETWORKS, INC. ALL RIGHTS RESERVED...

  • Page 116: I N D E X

    ATEWAY ONTROLLER ERIES ANUAL 3.2.11. N D E X This menu displays all the menus and submenus of the Controller that configure the system. Along with the menu, it displays the submenus. These submenus come with hyperlinks so you can click the tab names and reach the submenu directly. The following screen shows the Index page, Screen 37 Index 2011, VALUEPOINT NETWORKS, INC.

  • Page 117: T R O U B L E S H O O T I N G

    ATEWAY ONTROLLER ERIES ANUAL R O U B L E H O O T I N G If you have a connectivity problem with the Controller, check the following first:  Make sure that the power of the Controller is on and the Ethernet cables are connected firmly to the RJ-45 jacks.

  • Page 118: T C P / I P S

    ATEWAY ONTROLLER ERIES ANUAL then the Controller relays this request to the default gateway. Finally, this request is forwarded by the default gateway to the DNS server on the Internet. The DNS reply issued by the DNS server is transmitted back to the client computer following a reverse path.

  • Page 119: T H E R R O B L E M

    ATEWAY ONTROLLER ERIES ANUAL Verify that the client is authenticated by the Controller, or that the client has opened a HTTP Session (using their web browser) if using No Authentication. 4 . 2 . O T H E R R O B L E M S ...
  • Page 120 ATEWAY ONTROLLER ERIES ANUAL Delete the contents of the web cache under Tools – Internet Options – Temporary Internet Files – Delete Files. “Repair” the network connection in Windows by right clicking on the connection under Network Neighborhood – Properties and selecting “repair”...

  • Page 121: A P P E N D I C E S

    ATEWAY ONTROLLER ERIES ANUAL P P E N D I C E S 5 . 1 . A A : S P P E N D I X E S S A G E S These are some of the more useful information and alarm SysLog messages that can be configured.
  • Page 122 ATEWAY ONTROLLER ERIES ANUAL 5 . 2 . A B : R A D I U S A P P E N D I X C C O U N T I N G T T R I B U T E S User-Name NAS-IP-Address NAS-Identifier...

  • Page 123: F C C R E G U L A T O R Y T A T E M E N

    ATEWAY ONTROLLER ERIES ANUAL 5 . 3 . F C C R E G U L A T O R Y T A T E M E N T Part 15-Class B compliant device This device complies with Part 15 of the FCC Rules. Operation is subject to the following conditions: 1.
  • Page 124 ATEWAY ONTROLLER ERIES ANUAL I M I T E D A R R A N T Y Controller 3560 What the warranty covers: We warrant its products to be free from defects in material and workmanship during the warranty period. If a product proves to be defective in material or workmanship during the warranty period, we will at its sole option repair or replace the product with a like product with a like product.

This manual is also suitable for:

3560

Table of Contents