1. Manuals
  2. Brands
  3. Atlantis Land Manuals
  4. Wireless Router
  5. Web Share 3G 244WN
  6. User manual

Atlantis Land Web Share 3G 244WN User Manual

802.11n wireless adsl2+/3g router
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Web Share 3G 244WN and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Atlantis Land Web Share 3G 244WN

Summary of Contents for Atlantis Land Web Share 3G 244WN

  • Page 2: Table Of Contents

    INDEX 1. Introduction ....................... 9 1.1 An Overview of WebShare 3G 244WN ..........9 1.2 Package Contents ................9 1.3 Features..................10 2. Using WebShare 3G 244WN ................13 2.1 Cautions for using the WebShare 3G 244WN ........13 2.2 The Front LEDs................13 2.3 The Rear Ports ................
  • Page 3 7.1 LAN – Local Area Network ............... 42 7.2 WAN – Wide Area Network .............. 59 7.3 System ..................76 7.4 Firewall and Access Control ............. 82 7.5 Qos (Quality of Service) ..............97 7.6 Virtual Server ................101 7.7 Time Schedule ................109 7.8 Advanced ..................
  • Page 4 Windows™ 98SE/2000/ME/XP/VISTA are trademarks of Microsoft® Corp. Pentium is trademark of Intel. All copyright reserved. The Atlantis Land logo is a registered trademark of Atlantis Land. All other names mentioned mat be trademarks or registered trademarks of their respective owners.
  • Page 5 Windows™ 98SE/2000/ME/XP/VISTA are trademarks of Microsoft® Corp. Pentium is trademark of Intel. All copyright reserved. The Atlantis Land logo is a registered trademark of Atlantis Land. All other names mentioned mat be trademarks or registered trademarks of their respective owners.
  • Page 6 CE Mark Warning In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures. CE in which Countries where the product may be used freely: Germany, UK, Italy, Spain, Belgium, Netherlands, Portugal, Greece, Ireland, Denmark, Luxembourg, Austria, Finland, Sweden, Norway and Iceland.
  • Page 7 Outdoor 2400-2454 100mW(20dBm) 2454-2483,5 10mW(10dBm) Italy(IT): www.comunicazioni.it For more info, consult the website Luxembourg: General authorization requie for network and service supply. Norway (NO): This subsection does not apply for geographical area within a radius of 20 km from the center of Ny Alesund. Russia (CCP): only for indoor application.
  • Page 8 Important information for the correct recycle/treatment procedures of this equipment The mentioned information are reported herewith in compliance with directive 2002/95/CE, 2002/96/CE and 2003/108/CE which requires a separate collection system and specific treatment and disposal procedures for the waste of electric and electronic equipments.

  • Page 9: Introduction

    1. Introduction 1.1 An Overview of WebShare 3G 244WN Welcome to the WebShare 802.11n 3G/ ADSL2+ (VPN) Firewall Router. The router is an “all-in-one” ADSL router, combining an ADSL modem, ADSL router and Ethernet network switch functionalities, providing everything you need to get the machines on your network connected to the Internet over your ADSL broadband connection.

  • Page 10: Features

    1.3 Features Technical charateristics of WebShare 3G 244WN: Express Internet Access: • This router complies with worldwide ADSL standards. It supports downstream rates of up to 12/24 Mbps with ADSL2/2+, 8 Mbps with ADSL, and upstream rates of up to 1 Mbps. With this technology, users enjoy not only high-speed ADSL service but also broadband multimedia applications such as interactive gaming, video streaming and real-time audio much more quickly and easily than ever.
  • Page 11 Universal Plug and Play (UPnP) and UPnP NAT Traversal: • This protocol is used to enable simple and robust connectivity among stand- alone devices and PCs from many different vendors. It makes network simple and affordable for users. UPnP architecture leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices.
  • Page 12 client web serving to a halt. In addition, or alternatively, you can simply change the priority of different types of upload data and let the router sort out the actual speeds. Virtual Server (Port Forwarding): • Users can specify some services to be visible from outside users.

  • Page 13: Using Webshare 3G 244Wn

    2. Using WebShare 3G 244WN 2.1 Cautions for using the WebShare 3G 244WN • Do not place the Router under high humidity and high temperature. • Do not use the same power source for Router with other equipment. • Do not open or repair the case yourself. •...

  • Page 14: The Rear Ports

    • Blinking when data is Transmitted / Received. • Lit green when the device is connected to a USB device and ready. • Flashing when the device is sending/receiving data. • Lit green when the wireless connection is established. • Flashing when the device is sending/receiving Wireless data.
  • Page 15 Connect the supplied RJ-11 (“telephone”) cable on this port when connecting to the ADSL/telephone network. Connect a UTP Ethernet cable (Cat-5 or Cat-5e) to one of the LAN ports when connecting to a PC or an office/home Ethernet (1-4) network of 10Mbps, 100Mbps or 1000Mbps. Connect the USB cable on this port 3G/ HSDPA USB modem backup for Internet access.

  • Page 16: Cabling And Operationa Modes

    2.4 Cabling and operationa modes WebShare 3G 244WN can be set in 3 difference mode: ADSL only, 3G only or ADSL main with 3G backup. 2.4.1 Single WAN ADSL In this mode, WebShare 3G 244WN works as a standard ADSL2+ Router. Follow the followings steps to cabling the device: •...
  • Page 17 2.4.2 Single WAN 3G In this mode, WebShare 3G 244WN works using an external 3G/HDSPA USB modem to connect the LAN to Internet. Follow the followings steps to cabling the device: • Connect the 3G USB modem on the USB 2.0 port on the rear panel of the product.
  • Page 18 2.4.3 Dual WAN ADSL/3G with backup mode In this mode, WebShare 3G 244WN works using ADSL as main connection. In case of failover of the main connection, WEbShare 3G 244WN automatically backup it to an external 3G/HDSPA USB modem, in order to provide an always-on connection for the LAN devices.
  • Page 19 2.4.4 Cabling the LAN connection In this mode, WebShare 3G 244WN can be connected to an existing LAN or can be use to create a new local area network. Is possible to connect the WebShare 3G 244WN through its embedded Gigabit Ethernet switch or by its embedded Access Point (based on 802.11n specifications), using a wireless client like NetFly 300 series.

  • Page 20: Basic Installation

    3. Basic Installation Before configuring this device, you have to check with your ISP (Internet Service Provider) what kind of service is provided such as PPPoE, PPPoA, RFC1483, or IPoA. Gather the information as illustrated in the following table and keep it for reference. VPI and VCI VC-based / LLC-based multiplexing PPPoE...

  • Page 21: Tcp/Ip Configuration

    If you ever forget the password to log in, you may press the RESET button up to 6 seconds to restore the factory default settings. The parameters of LAN and WAN ports are pre-set in the factory. The default values are shown below.
  • Page 22 address of the router. Users should make their own decisions on how to best protect their network. Please follow the steps below for your PC’s network environment installation. First of all, please check your PC’s network components. The TCP/IP protocol stack and Ethernet network adapter must be installed.

  • Page 23: Verification Of Tcp/Ip Configuration

    Configuring PC (Windows Vista) Go to Start -> Control Panel (in Classic View). In the Control Panel, double-click on Network and Sharing Center icon. Click Manage Network connections then double-click Local Area Connection. Click Properties. Click Continue (Windows needs your permission to continue). Select Internet Protocol Version 4 (TCP/IP) and click Properties.

  • Page 24: Browser Configuration

    If It show you this message: Pinging 192.168.1.254 with 32 bytes of data: Reply from 192.168.1.254: bytes=32 times<10ms TTL=64 Reply from 192.168.1.254: bytes=32 times<10ms TTL=64 Reply from 192.168.1.254: bytes=32 times<10ms TTL=64 It i s possibile to continue to follow step. If it show you follow message: Pinging 192.168.1.254 with 32 bytes of data: Request timed out.

  • Page 25: Management Interface

    4. Management Interface When you login into the management interface, WebShare 3G 244WN will show a simplified interface for configuring standards parameters needed to access on Internet. It is also possible to access to an advanced management interface for deep configurations.

  • Page 26: Status

    5. Status In this section there are shown all parameters about LAN, WLAN, USB and ADSL interfaces. Device Information Field Description Model Name Show the model code for WebShare 3G 244WN. Host Name Show the name of the device that will be find from others LAN clients.
  • Page 27 Field Description Ethernet Show Ethernet interface status. ADSL Show ADSL line status. Wireless Show Wireless interface status. Show 3G/HDSPA connection status. Field Description Port Show the interface using for this connection. Protocol Show the encapsulation method. VPI/VCI Show VPI/VCI value for each connection profile. Connection Show the up-time for each connection.

  • Page 28: Adsl Status

    5.1 ADSL Status This section displays the ADSL overall status, which shows a number of helpful information such as DSP firmware version. 5.2 3G Status This section displays the 3G Card’s overall status, which shows you a number of helpful information such as the current signal strength and statistics on current and total bytes transferred and received.
  • Page 29 land.com or with the compatibility list provided with the WebShare 244WN. Field Description Show the status for 3G interface: • 3G Card ready: Modem recognized, connection unactive. Status • Connect: Modem recognized, connection active. • Closed: Modem recognized and disconnected after ADSL connection failback.

  • Page 30: Iburst Status

    5.3 iBurst Status This section show specific parameters for iBurst Wireless client. 5.4 ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of your PCs to use with the router’s Firewall –...

  • Page 31: Dhcp Table

    5.5 DHCP Table Type Parametro Descrizione Leased The DHCP assigned IP addresses information. Expired The expired IP addresses information. Permanent The fixed host mapping information. Leased Table, Expired Table, Permanent Table Parametro Descrizione IP Address The IP address that assigned to client. MAC Address The MAC address of client.

  • Page 32: Nat Sessions

    Netmask The destination Netmask address. Gateway/Interface The IP address of the gateway or existing interface that this route will use. Cost The number of hops counted as the cost of the route. RIP Routing Table Parametro Descrizione Destination The IP address of the destination network. Netmask The destination Netmask address.

  • Page 33: Upnp Portmap

    5.8 UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play. See Advanced section of this manual for more details on UPnP and the router’s UPnP configuration options. 5.9 Event Log This page displays the router’s Event Log entries. Major events are logged to this window, such as when the router’s ADSL connection is disconnected, as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration –...

  • Page 34: Error Log

    5.10 Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window. 5.11 Diagnostic It tests the connection to computer(s) which is connected to LAN ports and also the WAN Internet connection. If PING ww.google.com is shown FAIL and the rest is PASS, you...

  • Page 35: Quick Start

    6. Quick Start ADSL WAN Backup cannot be configured using Quick Start procedure. Please refer to Advanced – WAN Interface to set this function. 6.1 Single WAN ADSL Configuration Select ADSL from Connect Mode drop-down menu and click Continue. If your ADSL line is not ready, you need to check your ADSL line has been set or not.
  • Page 36 PPPoE/PPPoA PPPoE (PPP over Ethernet) is an ADSL connection known as dial-up DSL. As the PPPoA it has been created to integrate large band services paying a particular attention to an easy configuration. The user can obtain an high access speed and he can also share the same account with the ISP.
  • Page 37 You have to pay particular attention to the WAN-ADSL connection. If you have any doubt turn to qualified personnel or contact Atlantis-Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration. MPOA (Static IP Address) This configuration is valid in case of a subscription with a static IP with NAT (please check the Manual in order to check different configuration).
  • Page 38 Make sure that the parameters are, the ones in the picture, if not specifically shown by the ISP. Click Apply in order to start Wireless configuration. IPOA (Classical IP over ATM) This configuration is valid in case of a subscription with a static IP with NAT (please check the Manual in order to check different configuration).

  • Page 39: Single Wan 3G Configuration

    Click on Apply in order to start Wireless configuration. You have to pay particular attention to the WAN-ADSL connection. If you have any doubt turn to qualified personnel or contact Atlantis-Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration.

  • Page 40: Wireless Configuration

    6.3 Wireless Configuration In this section, is possible to set all wireless connection parameters (transmission mode, channel ID, security, etc). Wireless Field Description WLAN Service Default setting is set to Enable. If you want to use wireless, 802.11n, 802.11g and 802.11b device in your network, you can select Enable.

  • Page 41: Save Settings

    discovered and recognized. Default setting is Enable. Channel ID Select the ID channel that you would like to use. Security Parameters Field Description Security Mode You can disable or enable with WPA or WEP for protecting wireless network. The default mode of wireless security is Disable.

  • Page 42: Configuration

    7. Configuration When you click this item, you get following sub-items to configure the ADSL router. 7.1 LAN – Local Area Network 7.1.1 Bridge Interface You can setup member ports for each VLAN group under Bridge Interface section. From the example, two VLAN groups need to be created. Ethernet: P1 and P2 (Port 1, 2).
  • Page 43 ethernet1 P2 / P3 / P4 / Wireless ethernet2 P3 / P4 / Wireless ethernet3 P4 / Wireless ethernet4 Wireless 7.1.2 Ethernet Field Description IP Address The default IP on this router. Subnet Mask The default subnet mask on this router. RIP v1, RIP v2, and RIP v2 Multicast.
  • Page 44 Field Description IP Address Specify an IP address on this virtual interface Subnet Mask Specify a subnet mask on this virtual interface Choose the interface type between: • Internal: The network is behind NAT. All traffic will do network address translation when sending out to Internet if NAT is enabled.

  • Page 45: Ethernet Client Filter

    7.1.4 Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine(s) to access your LAN. There are no pre-define Ethernet MAC address filter rules; you can add the filter rules to meet your requirements.
  • Page 46 acceptable. Insert MAC Address to filter. The MAC addresses are 6 bytes Mac Address List long; they are presented only in hexadecimal characters. The number 0 - 9 and letters a - f are acceptable. Follow the MAC Address Format xx:xx:xx:xx:xx:xx; Semicolon ( : ) must be included.
  • Page 47 7.1.5 Wireless Parameters Field Description WLAN Service Default setting is set to Enable. If you do not have any wireless, 802.11n, 802.11g and 802.11b, device in your network, select Disable. Mode The default setting is 802.11b+g+n (Mixed mode). If you do not know or have both 11g and 11n devices in your network, then keep the default in mixed mode.
  • Page 48 ESSID The ESSID is the unique name of a wireless access point (AP) to be distinguished from another. For security purpose, change the default WebShare244WN to a unique ID name to the AP which is already built-in to the router’s wireless interface. It is case sensitive and must not excess 32 characters.
  • Page 49 It is a wireless access point mode that enables wireless link and communication with other access point. It is easy to be installed simply to define peer’s MAC address of the connected AP. WDS takes advantages of cost saving and flexibility which no extra wireless client device is required to bridge between two access points and extending an existing wired or wireless infrastructure network to create a larger network.

  • Page 50: Wireless Security

    • ESSID field is case sensitive and it cannot excess 32 characters. • Wireless performance may degrade if select ID channel is already being occupied by other AP(s). • The Power Level maybe different in each access network user premises environment and choose the most suitable level for your network •...
  • Page 51 Security Parameters Field Description Security Mode Select WEP encryption. To prevent unauthorized wireless stations from accessing data Authentication transmitted over the network, the router offers secure data encryption, known as WEP. If you require high security for transmissions, there are two options to select from: Open System or Shared key.
  • Page 52 WPA-PSK or WPA2-PSK (Wi-Fi Protected Access) Security Parameters Field Description Security Mode Select WPA-PSK or WPA2-PSK security mode. WPA Shared Key The key for network authentication. The input format is in character style and key size should be in the range between 8 and 63 characters.
  • Page 53 7.1.7 Wireless Client/MAC Address Filter The MAC Address supports up to 16 wireless network machines and helps you manage your network control to accept traffic from specific authorized machines or to restrict unwanted machine(s) to access your LAN. There are no pre-define MAC Address filter rules; you can add the filter rules to meet your requirements.
  • Page 54 acceptable. Insert MAC Address to filter. The MAC addresses are 6 bytes Mac Address List long; they are presented only in hexadecimal characters. The number 0 - 9 and letters a - f are acceptable. Follow the MAC Address Format xx:xx:xx:xx:xx:xx; Semicolon ( : ) must be included.
  • Page 55 7.1.8 WPS WPS feature is follow Wi-Fi Alliance WPS standard and it easily set up security-enabled Wi-Fi networks in the home and small office environment. It reduces half the user steps to configure a network and supports two methods that are familiar to most consumers to configure a network and enable security.

  • Page 56: Port Setting

    7.1.9 Port Setting This section allows you to configure the settings for the router’s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet, as well allowing users to tweak the performance of their network. Field Description There are Six options to choose from: Auto, 10M half-duplex,...

  • Page 57: Dhcp Server

    If the packet is high priority, it will flow first and will not be constrained by the Rate Limit. Therefore, when this feature is enabled, the router’s Ethernet switch will check the 2nd octet of each IP packet. If the value in the TOS field matches the checked values in the table (0 to 63), this packet will be treated as high priority.
  • Page 58 If you check DHCP Relay Agent and click Next, then you will have to enter the IP address of the DHCP server which will assign an IP address back to the DHCP client in the LAN. Use this function only if advised to do so by your network administrator or ISP.

  • Page 59: Wan - Wide Area Network

    Atlantis-Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration. 3G USB Modem is not included with WebShare 244WN. WebShare 3G 244WN can works only with a compatible device.
  • Page 60 WAN CONNECTION – ADSL MODE WAN Interface Field Description Main Port User can select either ADSL or 3G mode. Failover Parameters Field Description Failover/Failback Set Enable to trigger ADSL / 3G failover / failback function ready. Backup Port It links to backup port configuration page. It is necessary to configure it when Failover/Failback be set.
  • Page 61 Failover Probe Set the time duration for the Failover Probe Cycle to Cycle determine when the router will switch to the backup connection (backup port) once the main connection (main port) fails. Failback Probe Set the time duration for the Failback Probe Cycle to Cycle determine when the router will switch back to the main connection (main port) from the backup connection (backup...
  • Page 62 Atlantis-Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration. 3G USB Modem is not included with WebShare 244WN. WebShare 3G 244WN can works only with a compatible device.
  • Page 63 Please check the modem compatibility on the website www.atlantis- land.com or with the compatibility list provided with the WebShare 244WN. ADSL - PPPoE Connection PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial- up services using PPP. Field Description Profile Port...
  • Page 64 128 alphanumeric characters (case sensitive). This item is for identification purposes. If it is required, your ISP Service Name provides information. Maximum input alphanumeric characters. The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account, sharing the single IP address.
  • Page 65 DNS automatically. You have to pay particular attention to the WAN-ADSL connection. If you have any doubt turn to qualified personnel or contact Atlantis- Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration.
  • Page 66 ADSL - PPPoA Connection Field Description Profile Port Select the profile port either ADSL or 3G Protocol The ATM protocol will be used in the device Description A given name for the connection VPI/VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer Enter the username provided by your ISP.
  • Page 67 DNS automatically. You have to pay particular attention to the WAN-ADSL connection. If you have any doubt turn to qualified personnel or contact Atlantis- Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration.
  • Page 68 ADSL - MPoA Connection (RFC 1483) Field Description Profile Port Select the profile port either ADSL or 3G Protocol The ATM protocol will be used in the device Description A given name for the connection VPI/VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer The NAT (Network Address Translation) feature allows multiple...
  • Page 69 automatically an IP address from your ISP. The default is 0.0.0.0. User can change it to other such as Netmask 255.255.255.128. Type the subnet mask assigned to you by your ISP (if given). Gateway Enter the IP address of the default gateway (if given). RIP v1, RIP v2, and RIP v2 Multicast.
  • Page 70 ADSL - IPoA Routed Connection (RFC 1577 Routed) Field Description Profile Port Select the profile port either ADSL or 3G Protocol The ATM protocol will be used in the device Description A given name for the connection VPI/VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer The NAT (Network Address Translation) feature allows multiple...
  • Page 71 Gateway Enter the IP address of the default gateway (if given). RIP v1, RIP v2, and RIP v2 Multicast. Check to enable RIP function This option helps discover optimal size TCP MSS Clamp automatically. Default is enabled. This option is required by some service providers. You must fill MAC Spoofing in the MAC address that specify by service provider when it is required.
  • Page 72 ADSL - Pure Bridge Field Description Profile Port Select the profile port either ADSL or 3G Protocol The ATM protocol will be used in the device Description A given name for the connection VPI/VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer Choose whether you want the packets in WAN interface as...
  • Page 73 3G CONNECTION Connection Field Description Profile Port Select the profile port either ADSL or 3G iBurst Enable a specific parameters set for iBurst client. Mode Permit to choose which connection method use as preferred. Tel No. Insert telephone number required for a 3G connection. Specify the APN for 3G connections.
  • Page 74 Atlantis-Land technical assistance. Atlantis Land will not be considered responsible in case of wrong or bad configuration. 3G USB Modem is not included with WebShare 244WN. WebShare 3G 244WN can works only with a compatible device.
  • Page 75 7.2.3 ADSL Mode Field Description This mode will automatically detect your ADSL line code, ADSL2+, ADSL2, AnnexM2 and AnnexM2+, ADSL, All. Please Connect Mode keep the factory setting unless ADSL is detected as the symptom of synchronization problem It will automatically detect capability of your ADSL line mode. Please keep the factory setting unless A: This mode will automatically detect your ADSL line code, ADSL2+, ADSL2,...

  • Page 76: System

    downstream performance. Higher the gain will increase the downstream rate but it sometimes causes unstable ADSL line. The configurable ADSL coding gain is from 0 dB to 7dB, or automatic 7.3 System 7.3.1 Time Zone The router does not have a real time clock on board; instead, it uses the Simple Network Time Protocol (SNTP) to get the current time from an SNTP server outside your network.

  • Page 77: Firmware Upgrade

    time from the SNTP server you have specified. If you prefer to specify an SNTP server other than those in the list, simply enter its IP address as shown above. Your ISP may provide an SNTP server for you to use. Daylight Saving is also known as Summer Time Period.
  • Page 78 PC. Once the correct file is selected, click Upgrade to update the firmware in your router. • Do NOT upgrade firmware on any Atlantis Land product over a wireless connection. • Failure of the device may result. Use only hard-wired network connections.
  • Page 79 7.3.4 Backup / Restore These functions allow you to save and backup your router’s current settings to a file on your PC, or to restore a previously saved backup. This is useful if you wish to experiment with different settings, knowing that you have a backup handy in the case of any mistakes.

  • Page 80: Restart Router

    7.3.5 Restart Router Click Restart with option Current Settings to reboot your router (and restore your last saved configuration). If you wish to restart the router using the factory default settings (for example, after a firmware upgrade or if you have saved an incorrect configuration), select Factory Default Settings to reset to factory default settings.
  • Page 81 You can change the user’s password, whether their account is active and valid, as well as add a comment to each user account. Click Edit/Delete button to save your revise. You cannot delete the default admin account, if you do you will be log out. However, you can delete any other created accounts by clicking Delete when editing the user.

  • Page 82: Firewall And Access Control

    7.4 Firewall and Access Control Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. Besides, when using NAT, the router acts as a “natural” Internet firewall, as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet.

  • Page 83: General Settings

    computers or applications accessing your local network from the Internet. Intrusion Detection: Enable Intrusion Detection to detect, prevent and log malicious attacks. Access Control: Prevents access from PCs on your local network: Firewall Security Policy (General Settings): Outbound direction Packet Filter rules prevent...
  • Page 84 The Block WAN Request is a stand-alone function and not relate to whether security enable or disable. Mostly it is for preventing any scan tools from WAN site by hacker. Table 1: Predefined Port Filter Port Low Level Medium Level High Level Number Application...
  • Page 85 DNS (53) TCP(6) FTP(21) TCP(6) Telnet(23) TCP(6) SMTP(25) TCP(6) POP3(110) TCP(6) NEWS(NNTP) (Network News TCP(6) Transfer Protocol) RealAudio/ RealVideo UDP(17) 7070 7070 (7070) PING ICMP(1) H.323(1720) TCP(6) 1720 1720 T.120(1503) TCP(6) 1503 1503...
  • Page 86 SSH(22) TCP(6) NTP /SNTP UDP(17) 123 HTTP/HTTP Proxy TCP(6) 8080 8080 (8080) HTTPS(443) TCP(6) ICQ (5190) TCP(6) 5190 5190 MSN (1863) TCP(6) 1863 1863 MSN (7001) UDP(17) 7001 7001 VEDIO TCP(6) 9000 9000 (9000) Inbound: Internet to LAN ; Outbound: LAN to Internet; YES: Allowed ; NO: Blocked ; N/A: Not Applicable Premere Apply per confermare le eventuali modifiche.

  • Page 87: Packet Filter

    7.4.2 Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low). The preset port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected.
  • Page 88 Add TCP/UDP Filter Field Description Users-define description to identify this entry or click “Select” Rule name drop-down menu to select existing predefined rules. The maximum name length is 32 characters. It is self-defined time period. You may specify a time schedule Time Schedule for your prioritization policy.
  • Page 89 from range 0 ~ 65535. It is recommended that this option be configured by an advanced user. Destination Port This is the Port or Port Ranges that defines the application Select Allow or Block the access to the Internet (“Outbound”) Inbound/Outbound or from the Internet (“Inbound”).

  • Page 90: Intrusion Detection

    It is self-defined time period. You may specify a time schedule Time Schedule for your prioritization policy. For setup and detail, refer to Time Schedule section Protocol Number Insert the port number, i.e. GRE 47 Select Allow or Block the access to the Internet (“Outbound”) Inbound/Outbound or from the Internet (“Inbound”).
  • Page 91 Victim Protection This is the duration for blocking Smurf attacks. Default value is Block Duration 600 seconds. This is the duration for blocking hosts that attempt a possible Scan Attach Block Scan attack. Scan attack types include X’mas scan, IMAP Duration SYN/FIN scan and similar attempts.
  • Page 92 ICMP type 8 Victim Smurf Dst IP Protection broadcast Land attack SrcIP = DstIP UDP Echo Port Echo/CharGen Scan CharGen Port UDP Dst Port = Echo Scan Src IP Scan Echo(7) UDP Dst Port = CharGen Scan Src IP Scan CharGen(19) X’mas Tree Scan TCP Flag: X’mas Src IP...
  • Page 93 Existing session Net Bus Scan DstPort = Net SrcIP Scan 12345,12346, 3456 UDP, DstPort = Back Orifice Scan Orifice Port SrcIP Scan (31337) Max TCP Open Handshaking SYN Flood Count (Default 100 c/sec) ICMP ICMP Flood Count (Default 100 c/sec) Max PING Count ICMP Echo (Default...
  • Page 94 7.4.4 URL Filter (Uniform Resource Locator – e.g. address form http://www.abcde.com or http://www.example.com) filter rules allow you to prevent users on your network from accessing particular websites by their URL. There are no pre-defined URL filter rules; you can add filter rules to meet your requirements. Field Description URL Filtering...
  • Page 95 are present in URLs accessed to determine if the connection attempt should be blocked. Please note that the URL filter blocks web browser (HTTP) connection attempts using port 80 only. This function checks the whole URL not the IP address, in URLs accessed against your list of domains to block or allow.
  • Page 96 7.4.5 IM/P2P Blocking IM, short for Instant Message, is required to use client program software that allows users to communicate, in exchanging text message, with other IM users in real time over the Internet. A P2P application, known as Peer-to-peer, is group of computer users who share file to specific groups of people across the Internet.

  • Page 97: Qos (Quality Of Service)

    Blocking first. The default is set to Disabled. Disabled: Instant Message blocking is not triggered. No action will be performed. Peer Peer Always On: Action is enabled. Blocking TimeSlot1 ~ TimeSlot16: This is the self-defined time period. You may specify the time period to trigger the blocking, i.e.
  • Page 98 7.5.1 Prioritization There are three priority settings to be provided in the Router: • High • Normal • • And the balances of utilization for each priority are High (60%), Normal (30%) and Low (10%). To delete the application, you can choose Delete option and then click Edit/Delete. Field Description Name...
  • Page 99 Source Port The source port of packets to be monitored Destination The destination IP address or range of packets to be monitored Address Range Destination Port The destination port of packets to be monitored. Differentiated Services Code Point (DSCP), it is the first 6 bits in the ToS byte.
  • Page 100 7.5.2 IP Throttling (Outbound e Inbound) IP Throttling allows you to limit the speed of IP traffic. The value entered will limit the speed of the application that you set to the specified value’s multiple of 32kbps. Field Description Name User-define description to identify this new policy/name Scheduling your prioritization policy.

  • Page 101: Virtual Server

    7.6 Virtual Server In TCP/IP and UDP networks a port is a 16-bit number used to identify which application program (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”.
  • Page 102 Field Description Users-define description to identify this entry or click Application drop-down menu to select existing predefined rules. It is the supported protocol for the virtual server. In addition to specifying the port number to be used, you will also need to Protocol specify the protocol used.
  • Page 103 Using port forwarding does have security implications, as outside users will be able to connect to PCs on your network. For this reason you are advised to use specific Virtual Server entries just for the ports your application requires, instead of using DMZ. As doing so will result in all connections from the WAN attempt to access to your public IP of the DMZ PC specified.
  • Page 104 Service Port Number / Protocol File Transfer Protocol (FTP) Data 20/tcp FTP Commands 21/tcp Telnet 23/tcp Simple Mail Transfer Protocol (SMTP) 25/tcp Email Domain Name Server (DNS) 53/tcp and 53/udp Trivial File Transfer Protocol (TFTP) 69/udp finger 79/tcp World Wide Web (HTTP) 80/tcp POP3 Email 110/tcp...
  • Page 105 Router with IP address of 192.168.1.254. Since port number 80 has already been predefined, next to the Application click Helper. A list of predefined rules window will pop and select HTTP_Sever. Application: HTTP_Sever Time Schedule: Always On Protocol: tcp External Port: 80-80 Redirect Port: 80-80 IP Address: 192.168.3.1 Click Add to apply your settings.
  • Page 106 Field Description • Enabled: It activates your DMZ function. Enabled/Disabled • Disabled: As set in default setting, it disables the DMZ function. Give a static IP address to the DMZ Host when Enabled radio Internal IP Address button is checked. Be aware that this IP will be exposed to the WAN/Internet.
  • Page 107 Field Description Select desired NAT type. As set in default setting, it disables NAT Type the One-to-One NAT function. • Subnet: The subnet of the public/WAN IP address given by your ISP. If your ISP has provided this information, you may insert it here. Otherwise, use Global IP Address IP Range method.
  • Page 108 specify the protocol used. The protocol used is determined by the particular application. Most applications will use TCP or UDP User-defined time period to enable your virtual server. You may specify a time schedule or Always on for the usage of this Time Schedule Virtual Server Entry.

  • Page 109: Time Schedule

    7.7 Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection. In each time profile, you may schedule specific day(s) i.e. Monday through Sunday to restrict or allowing the usage of the Internet by users or applications.
  • Page 110 To edit a Time Slot: Choose any Time Slot (ID 1 to ID 16) to edit, click Edit radio button. Watch it carefully, the days you have selected will present in capital letter. Lower case letter shows the day(s) is not selected, and no rule will apply on this day(s).
  • Page 111 Choose Edit radio button and click Edit/Delete button to apply your changes. To delete a Time Slot rule, choose Delete radio button, and click Delete button to delete the existing Time profile, i.e. erase the Day and back to default setting of Start Time / End Time.

  • Page 112: Advanced

    7.8 Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router. Users who do not understand the features should not attempt to reconfigure their router, unless advised to do so by support staff.
  • Page 113 You will first need to register and establish an account with the Dynamic DNS provider using their website, for example http://www.dyndns.org/ (there are more than 5 DDNS services supported). Field Description • Disable: Check to disable the Dynamic DNS function. Dynamic DNS •...

  • Page 114: Device Management

    7.8.3 Device Management The Device Management advanced configuration settings allow you to control your router’s security options and device monitoring features. Device Host Name Field Description Host Name Give a name for it Embedded Web Server Field Description HTTP Port This is the port number the router’s embedded web server (for web-based configuration) will use.
  • Page 115 example, they are running a web server on a PC within their LAN. Management IP You may specify an IP address allowed to logon and access the Address /Netmask router’s web server. Setting the IP address to 0.0.0.0 will disable IP address restrictions, allowing users to login from any IP address.
  • Page 116 SNMP Access Control Field Description SNMP Enable or disable SNMP control. SNMP V1 and V2 Field Description Read Community Specify a name to be identified as the Read Community, and an IP address. This community string will be checked against the string entered in the configuration file.
  • Page 117 string entered in the configuration file. Once the string name is matched, users from this IP address will be sent SNMP Traps. Specify a name and password for authentication. And define the access right from identified IP address. Once the authentication has succeeded, users from this IP address will be able to view and modify the data.
  • Page 118 RFC1650 (EtherLike-MIB): dot3Stats RFC 1493 (Bridge MIB): dot1dBase group dot1dTp group dot1dStp group (if configured as spanning tree) RFC 1471 (PPP/LCP MIB): pppLink group pppLqr group (not applicable) RFC 1472 (PPP/Security MIB): PPP Security Group) RFC 1473 (PPP/IP MIB): PPP IP Group RFC 1474 (PPP/Bridge MIB): PPP Bridge Group RFC1573 (IfMIB):...
  • Page 119 7.8.4 IGMP IGMP, known as Internet Group Management Protocol, is used to management hosts from multicast group. Field Description IGMP Forwarding Accepting multicast packet. Default is set to Enable. Allowing switched Ethernet to check and make correct IGMP Snooping forwarding decisions. Default is set to Disable. 7.8.5 VLAN Bridge This section allows you to create VLAN group and specify the member Field...

  • Page 120: Logout

    8. Logout To exit the router’s web interface, choose Logout. Please ensure that you have saved the configuration settings before you logout. Be aware that the router is restricted to only one PC accessing the configuration web pages at a time. Once a PC has logged into the web interface, other PCs cannot get access until the current PC has logged out of the web interface.

  • Page 121: Appendix A: Troubleshooting

    APPENDIX A: Troubleshooting This chapter covers potential problems and the corresponding remedies. A.1 Using LEDs to diagnose problems The LEDs are useful aides for finding possible problem causes. A.1.1 Power LED The PWR LED on the front panel does not light up. Steps Corrective Action Make sure that the ADSL Router’s power adaptor is connected to the...
  • Page 122 Steps Corrective Action Check the telephone wire and connections between the ADSL Router DSL port and the wall jack. Make sure that the telephone company has checked your phone line and set it up for DSL service. Reset your ADSL line to reinitialize your link to the DSLAM. For details, refer to the Maintenance chapter (web configurator) or the System Information and Diagnosis chapter.
  • Page 123 Make sure that there is not an console session running. Check that you have enabled web service access. If you have configured a secured client IP address, your computer’s IP address must match it. Refer to the chapter on remote management for details.
  • Page 124 section for uploading a configuration file via console port. The default username is “admin”. The default password is “atlantis”. The Password and Username fields are case-sensitive. Make sure that you enter the correct password and username using the proper casing. It is highly recommended to change the default username and password.
  • Page 125 Authentication may be through the user name and password, the MAC address or the host name. username password apply PPPoE PPoA encapsulation only. Make sure that you have entered the correct Service Type, User Name and Password (be sure to use the correct casing).
  • Page 126 connection. Refer to Section A.7 for instructions on checking your WAN connection. See also the Section A.4. A.9 Remote Node Connection I cannot connect to a remote node or ISP. Steps Corrective Action Check WAN screen to verify that the username and password are entered properly.
  • Page 127 is, in effect, louder and thus easier to detect, provided that the receiver knows the parameters of the spread-spectrum signal being broadcast. If a receiver is not tuned to the right frequency, a spread-spectrum signal looks like background noise. There are two main alternatives, Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS).
  • Page 128 Question What is infrastructure mode? Answer When a wireless network is set to infrastructure mode, the wireless network is configured to communicate with a wired network through a wireless access point. Question What is roaming? Answer Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point.

  • Page 129: Appendix B: Modem 3G Compatibility List

    APPENDIX B: Modem 3G Compatibility List Following a listo of compatible devices (HSDPA/GPRS/UMTS) tested and fully compliant with WebShare 3G 244WN: Brand Model Sierra Aircard 880U Sierra Aircard 875U Sierra Aircard 885U Huawei E180 Huawei E170 Huawei E160G Huawei E169G Huawei E169 Huawei...
  • Page 130 NOVATEL MC950D NOVATEL MC930D NOVATEL MC990D BandRich Bandluxe C100 Alcatel OT-X020 C-Motech Telstra USB3-8521 Option GlobeSurfer iCON 7.2 Option iCON 225 Option GlobeSurfer iCON HSUPA Option GlobeTrotter HSUPA Only models in this list can work with WebShare 3G 244WN. For updated compatibility list, refer to www.atlantis-land.com...

  • Page 131: Appendix C: Support

    If you continue to have problems you should contact the dealer where you bought this ADSL Router. If you have any other questions you can contact the Atlantis Land company directly at the following address: Atlantis Land Via Pelizza da Volpedo, 59 20092 Cinisello Balsamo (MI) - Italy Tel: +39.
  • Page 132 Via Pelizza da Volpedo, 59 Cinisello Balsamo – MI – Italy info@atlantis-land.com...

Table of Contents