1. Manuals
  2. Brands
  3. MicroNet Manuals
  4. Wireless Router
  5. SP3366
  6. User manual

MicroNet SP3366 User Manual

Adsl2+ vpn modem router
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
User's Manual
ADSL2+ VPN Modem Router
Model No.: SP3366
World Wide Web: www.micronet.com.tw ; www.micronet.info

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SP3366 and is the answer not in the manual?

Questions and answers

Related Manuals for MicroNet SP3366

Summary of Contents for MicroNet SP3366

  • Page 1 User’s Manual ADSL2+ VPN Modem Router Model No.: SP3366 World Wide Web: www.micronet.com.tw ; www.micronet.info...

  • Page 2: Table Of Contents

    Table of Contents Chapter 1 Introduction................. 2 1.1 Package Contents ..................2 1.2 Key Features ....................2 1.3 Specifications....................3 Chapter 2 Tour of Product................5 2.1 Front Panel ....................5 2.2 Back Panel..................... 5 Chapter 3 Hardware and Network Setup............ 7 3.1 Build Network Connection ................
  • Page 3 4.3.4 Firewall & Access Control.................38 4.3.5 QOS – Quality of Service ..................45 4.3.6 VPN........................49 4.3.7 Virtual Server/ Port Forwarding ................60 4.3.8 DMZ Host ......................61 4.3.9 One-to-One NAT ....................62 4.3.10 Time Schedule....................64 4.3.11 Advanced ......................65 4.4 Logout ......................72...
  • Page 4 Certifications This equipment has been tested and found to comply with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference (2) This device must accept any interference received. Include interference that may cause undesired operation.

  • Page 5: Chapter 1 Introduction

    Chapter 1 Introduction Micronet SP3366, ADSL2+ VPN Modem Router, delivers highly reliable and scalable network environment. The model has incorporated both modem and router functions into a single unit with VPN support. The modem router allows multiple network devices to share the single Internet connection via ADSL.

  • Page 6: Specifications

    Support IGMP Snooping for reducing Multicast traffic to enhance video service. In-built Firewall Security with DoS Prevention and SPI for secure networks. Support advanced router functions: Static Route, Virtual Sever, DDNS and UPnP. Monitoring network traffics through Event, Error and Firewall logs. Specifications ANSI T1.413 ,Issue 2 Standards...
  • Page 7 IGMP UPnP Firewall (DoS & SPI) Security Features IP Filtering Packet Filter URL Filter IM/ P2P Blocking Event Log Status Log Error Log Packet Filter Firewall Log Web-based Interface Management SNMP Telnet 12V DC, 1A Power 20 ~ 95% (Non-Condensing) Humidity Operating: 0 ~ 40°C Temperature...

  • Page 8: Chapter 2 Tour Of Product

    Chapter 2 Tour of Product Front Panel Status Description Green Device is switched on. Power System failure. Restart device. No power. LAN port is connected and Green operating at 100Mbps. LAN port is connected and (1-4) Amber operating at 10Mbps. Flashing Data is being sent or received.
  • Page 9 Parameter Description Power connector for connecting to power source. Power For powering device on and off. On/Off Press and hold this button for more than 6 seconds Reset to reset settings back to factory default. Local Area Network (LAN) ports for 1 to 4. LAN 1~4 Connection to RJ-11 telephone line for Internet.

  • Page 10: Chapter 3 Hardware And Network Setup

    Chapter 3 Hardware and Network Setup Build Network Connection To install the SP3366 Modem Router, please perform the following steps: Step 1. Connect the ADSL port of modem router by telephone cable (RJ-11) to an outlet or splitter. Step 2. Connect the LAN port to an active PC, switch, or hub using an Ethernet cable (RJ-45).

  • Page 11: Connecting To Web-Based Management

    Warning: Using an alternate power supply, other than the one supplied, may cause the router to malfunction. Connecting to Web-Based Management After the network connection is established, the next step is to setup the modem router with proper network parameters for the user’s network environment. Before connecting to the modem router and start configuration procedures, user’s computer must be able to get an IP address automatically (use dynamic IP address).
  • Page 12 WINS Configuration: Select Disable WINS Resolution. IP Address: Select Obtain IP address automatically. 8. Reboot the PC. PC will now obtain an IP address automatically from the Broadband Router’s DHCP server. 9. Please make sure that the Broadband router’s DHCP server is the only DHCP server available on the LAN network.
  • Page 13 6. Click <OK> to confirm the setting. The PC will now obtain an IP address automatically from the Broadband Router’s DHCP server. 7. Please make sure that the Broadband router’s DHCP server is the only DHCP server available on the LAN network. 8.

  • Page 14: Starting Web-Based Management Ui

    5. Click <OK> to confirm the setting. PC will now obtain an IP address automatically from the Broadband Router’s DHCP server. 6. Please make sure that the Broadband router’s DHCP server is the only DHCP server available on the LAN network. 192.168.1.254 IP Address 255.255.255.0...
  • Page 15 Please input username and password in the field respectively. Default username is ‘admin’ and default password is ‘admin’, then press <OK> button. Once the login details are entered correctly, users can see the web management interface of this modem router. For all changes to the setting on the Web UI, please click on ‘Save Config’...

  • Page 17: Chapter 4 Web-Based Management Ui

    Chapter 4 Web-Based Management UI Quick Start The ‘Quick Start’ section is designed to get the modem router running as quickly as possible. In the ‘Quick Start’, users are required to fill in only the information necessary to access the Internet. Once user clicks on the <Quick Start> on the menu to the left, the following screen will appear.
  • Page 18 Step 4: Auto Scan The list below has different mode suitable for the connection. Step 5: Internet Account Please enter “Username” and “Password” supplied by ISP (Internet Service Provider) and click <Apply> to continue. Parameter Description Select the connection mode. Profile Port Select the encapsulation mode.

  • Page 19: Status

    Chose the protocol used by ISP (CHAP or PAP) Authentication Protocol Default: ‘Auto’. WAN IP address supplied by ISP. Leave this at 0.0.0.0 to IP Address automatically obtain an IP address from ISP. Step 6: Auto Scan The device will save configuration to Flash and initiate Internet access. Status 4.2.1 ADSL Status This section displays the ADSL overall status, which shows a number of helpful...

  • Page 20: Arp Table

    4.2.2 ARP Table This section displays the router’s ARP (Address Resolution Protocol) Table, which shows the mapping of Internet (IP) addresses to Ethernet (MAC) addresses. This is useful as a quick way of determining the MAC address of the network interface of PCs for router’s Firewall –...

  • Page 21: Dhcp Table

    Static status of the ARP table entry. ‘No’ for dynamically- generated ARP table entries. ‘Yes’ for static ARP table entries Static added by the user. 4.2.3 DHCP Table Parameter Description The DHCP assigned IP addresses information. Leased The expired IP addresses information. Expired Permanent The fixed host mapping information.

  • Page 22: Nat Session

    The number of hops counted as the cost of the route. Cost 4.2.5 NAT Session This section lists all current NAT sessions between interface of types external (WAN) and internal (LAN). 4.2.6 UPnP Portmap The section lists all port-mapping established using UPnP (Universal Plug and Play. See ‘Advanced’...

  • Page 23: Email Status

    4.2.7 Email Status Detail status for the Email Account users have configured for the router to check. Please see the ‘Advanced’ section of this manual for details on this function. 4.2.8 Event Log This page displays the router’s Event Log entries. Major events are logged to this window.

  • Page 24: Error Log

    4.2.9 Error Log Any errors encountered by the router (e.g. invalid names given to entries) are logged to this window. 4.2.10 Diagnostic The tool is for testing LAN PCs connections to WAN (Internet). If PING ww.google.com is shown as ‘FAIL’ and the rest of the tests are ‘PASS’, users ought to check the PC’s DNS settings is set correctly.
  • Page 25 Bridge Interface Users can setup member ports for each VLAN group under Bridge Interface section. Management interface is the VLAN that has access right to the Web UI for configuration. NAT/NAPT can only be applied to management interface only. Ethernet Parameter Description The default IP on this router.
  • Page 26 IP Alias This function creates multiple virtual IP interfaces on this router. It helps to connect two or more local networks to the ISP or remote node. In this case, an internal router is not required. Parameter Description Specify an IP address on this virtual interface. IP Address Netmask Specify a subnet mask on this virtual interface.
  • Page 27 Parameter Description Allowed: check to authorize specific device accessing the LAN. Insert the MAC Address in the space provided or click ‘Candidates’. Blocked: check to prevent unwanted device accessing Ethernet Client Filter the LAN by insert the MAC Address in the space provided or click ‘Candidates’.
  • Page 28 Parameter Description There are Six options to choose from: Auto, disable, 10M half- duplex, 10M full-duplex, 100M half-duplex, 100M full-duplex and Disable. Sometimes, there are Ethernet compatibility Port # Connection problems with legacy Ethernet devices, and users can Type configure different types to solve compatibility issues. The default is Auto, which users should keep unless there are specific problems with PCs not being able to access the LAN.
  • Page 29 To disable the router’s DHCP Server, check ‘Disabled’ and click <Next> and <Apply>. When the DHCP Server is disabled users will need to manually assign a fixed IP address to each PCs on the network, and set the default gateway for each PCs to the IP address of the router (default: 192.168.1.254).

  • Page 30: Wan

    4.3.2 WAN WAN Profile PPPoE Connection PPPoE (PPP over Ethernet) provides access control in a manner which is similar to dial-up services using PPP. Parameter Description Select the profile port ADSL. Profile Port Protocol The ATM protocol will be used in the device. A given name for the connection.
  • Page 31 The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP account and address. WAN IP address. Leave this at 0.0.0.0 to obtain automatically IP (0.0.0.0:Auto) an IP address from your ISP. Default is ‘Auto’. Your ISP should advise on whether to use Auth.
  • Page 32 PPoA Connection Parameter Description Profile Port Select the profile port ADSL. The ATM protocol will be used in the device. Protocol A given name for the connection. Description Enter the information provided by your ISP VPI/VCI The Quality of Service for ATM layer. ATM Class Enter the username provided by the ISP.
  • Page 33 Always on: If users want the router to establish a PPP session when starting up and to automatically re- establish the PPP session when disconnected by the ISP. Connection Connect on Demand: If users want to establish a PPP session only when there is a packet requesting access to the Internet (i.e.
  • Page 34 Parameter Description Select the profile port ADSL. Profile Port The ATM protocol will be used in the device. Protocol A given name for the connection. Description VPI/VCI Enter the information provided by your ISP The Quality of Service for ATM layer. ATM Class The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP...
  • Page 35 IPoA Routed Connection Parameter Description Select the profile port ADSL. Profile Port The ATM protocol will be used in the device. Protocol A given name for the connection. Description VPI/VCI Enter the information provided by your ISP The Quality of Service for ATM layer. ATM Class The NAT (Network Address Translation) feature allows multiple users to access the Internet through a single IP...
  • Page 36 Enter the secondary DNS to manually specify server. Secondary DNS Pure Bridge Parameter Description Select the profile port ADSL. Profile Port Protocol The ATM protocol will be used in the device. A given name for the connection. Description Enter the information provided by your ISP VPI/VCI ATM Class The Quality of Service for ATM layer.

  • Page 37: System

    ADSL Mode Parameter Description This mode will automatically detect the ADSL line code: ADSL2+, ADSL2, AnnexM2 and AnnexM2+, ADSL. Please Connect Mode keep the factory settings unless ADSL is detected as the symptom of synchronization problem. It will automatically detect capability of the ADSL line mode. Please keep the factory settings unless ADSL is detected as Modulation the symptom of synchronization problem.
  • Page 38 than those in the list, simply enter its IP address in the fields provided. Some ISP may provide an SNTP server for their customers. Parameter Description Many places in the world adapt it during summer period to move one hour of daylight from morning to the evening in Daylight Saving local standard time.
  • Page 39 Firmware Upgrade Router’s “firmware” is the software that allows it to operate and provides all its functionality. Over time this software may be improved and revised, and the router allows user to upgrade the software. Click on <Browse> will allow users to select the new firmware image file from the PC.
  • Page 40 Restart Router Click <Restart> with option ‘Current Settings’ to reboot your router (and restore your last saved configuration). If users wish to restart the router using the factory default settings, select ‘Factory Default Settings’ to reset to factory default settings. User Management In order to prevent unauthorized access to the router’s configuration interface, it requires all users to login with a password.

  • Page 41: Firewall & Access Control

    4.3.4 Firewall & Access Control General Settings Router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from the LAN, as well as helping to prevent attacks from hackers. Besides NAT, the router acts as a “natural” Internet firewall, as all PCs on the LAN will use private IP addresses that cannot be directly accessed from the Internet.
  • Page 42 Parameter Description All blocked/User-defined: no pre-defined port or address filter rules by default, meaning that all inbound (Internet to LAN) and outbound (LAN to Internet) packets will be blocked. Users have to add their own Firewall Security and filter rules for further access to the Internet. Policy High/Medium/Low security level: the predefined port filter rules for High, Medium and Low security are...
  • Page 43 Parameter Description Users-define description to identify this entry or click “Select” drop-down menu to select existing predefined rules. The Rule Name maximum name length is 32 characters. It is self-defined time period. Users may specify a time schedule for the prioritization policy. For setup and detail, Time Schedule refer to Time Schedule section.
  • Page 44 Intrusion Detection The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious.
  • Page 45 This is a threshold value to decide whether an ICMP Echo Storm is occurring or not. Max PING Count Default: 15 ICMP Echo Requests (PING) per second. This is a threshold to decide whether an ICMP flood is occurring or not. Max ICMP Count Default: 100 ICMP packets per seconds except ICMP Echo Requests (PING).
  • Page 46 URL Filter URL (Uniform Resource Locator – e.g. an address in the form of http://www.abcde.com or http://www.example.com) filter rules allow users to prevent clients on the network from accessing particular websites by their URL. There are no pre-defined URL filter rules and users can add filter rules to meet their requirements. Parameter Description To enable or disable URL Filter feature.
  • Page 47 Block Java Applet: This function can block Web content that includes the Java Applet. It is to prevent someone who wants to damage the system via standard HTTP protocol. Restrict URL Features Block surfing by IP address: Preventing someone who uses the IP address as URL for skipping Domains Filtering function.

  • Page 48: Qos - Quality Of Service

    Check the box to block either or both Yahoo or/and MSN Yahoo/MSN Messenger. Make sure users enabled the Instant Message Messenger Blocking first. Disabled: Instant Message blocking is not triggered. No action will be performed. Always On: Action is enabled. Peer to Peer Blocking TimeSlot1 ~ TimeSlot16: This is the self-defined time period.
  • Page 49 Prioritization And the balances of utilization for each priority are High (60%), Normal (30%) and Low (10%). To delete the application, users can chose ‘Delete’ option and then click <Edit/Delete>. Parameter Description User-define description to identify this new policy/application. Name Scheduling the prioritization policy.
  • Page 50 Outbound IP Throttling (LAN to WAN) IP Throttling allows user to limit the speed of IP traffic. The value entered will limit the speed of the application that user set to the specified value which is multiple of 32kbps.
  • Page 51 Parameter Description User-define description to identify this new policy/name. Name Scheduling the prioritization policy. Refer to Time Schedule Time Schedule for more information. The name of supported protocol. Protocol To limit the speed of outbound traffic. Rate Limit: Source IP Address The source IP address or range of packets to be monitored.

  • Page 52: Vpn

    We call this is by creating a “tunnel”. A VPN tunnel connects the two PCs or networks. The SP3366 VPN Modem Router uses industry standard VPN protocol. However, due to variations in how manufactures interpret these standards, many VPN products are not interoperable.
  • Page 53 Remote Access Parameter Description A given name for the connection. Name Connection Type Remote Access or LAN to LAN. Check ‘Dial Out’ if users want the router to operate as a client (connecting to a remote VPN server, e.g. office server), check ‘Dial In’...
  • Page 54 Users may select ‘Stateful’ or ‘Stateless’ mode. The key will be changed every 256 packets when users select ‘Stateful’ Mode mode. If users select ‘Stateless’ mode, the key will be changed in each packet. Commonly used by the ‘Dial-out’ connection which all packets will route through the VPN tunnel to the Internet;...
  • Page 55 Users can either allow the router to determine the authentication type to use, or else manually specify CHAP (Challenge Handshake Authentication Protocol) or PAP (Password Authentication Protocol). When using PAP, the password is sent unencrypted, whilst CHAP encrypts the Authentication Type password before sending, and also allows for challenges at different periods to ensure that an intruder has not replaced the client.
  • Page 56 Parameter Description A given name for the connection. Name Set the IP address, subnet or address range of the local network. Single Address: The IP address of the local host. Subnet: The subnet of the local network. For example, IP: 192.168.1.0 with netmask 255.255.255.0 specifies Local Network one class C subnet starting from 192.168.1.1 (i.e.
  • Page 57 Select the encryption method from the pull-down menu. There are several options, DES, 3DES and AES (128, 192 and 256). 3DES and AES are more powerful but increase latency. DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method. Encryption 3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption method.
  • Page 58 Content: Input ID’s information, like domain name Local ID www.ipsectest.com. Identifier: Input remote ID’s information, like domain name Remote ID www.ipsectest.com. Specify the number of minutes that a Security Association (SA) will stay active before new encryption and authentication key will be exchanged. There are two kinds of SAs, IKE and IPSec.
  • Page 59 L2TP Parameter Description This function activates or deactivates the L2TP connection. Check Active checkbox if users want the protocol Active of tunnel to be activated and vice versa. Name This is a given name of the connection. It informs the user of L2TP tunnel connection condition. Connection Type This refers to the router to operate as a client or a server, Type...
  • Page 60 Parameter Description A given name for the connection Name This function activates or deactivates the L2TP connection. Check Active checkbox if you want the protocol Active of tunnel to be activated and vice versa. Check ‘Dial Out’ if users want the router to operate as a client (connecting to a remote VPN server, e.g.
  • Page 61 LAN to LAN...
  • Page 62 Parameter Description A given name for the connection Name This function activates or deactivates the L2TP connection. Check Active checkbox if you want the protocol Active of tunnel to be activated and vice versa. Check ‘Dial Out’ if users want the router to operate as a client (connecting to a remote VPN server, e.g.

  • Page 63: Virtual Server/ Port Forwarding

    4.3.7 Virtual Server/ Port Forwarding In TCP/IP and UDP networks, a port is a 16-bit number used to identify which application program, (usually a server) incoming connections should be delivered to. Some ports have numbers that are pre-assigned to them by the IANA (the Internet Assigned Numbers Authority), and these are referred to as “well-known ports”.

  • Page 64: Dmz Host

    Parameter Description Users-define description to identify this entry or click ‘Selection’ drop-down menu to select existing predefined rules. ‘Selection’ dropdown contains 20 predefined rules. Application Application, Protocol and External/Redirect Ports will be automatically entered after the selection. It is the supported protocol for the virtual server. In addition to specifying the port number to be used, users will also need to specify the protocol used.

  • Page 65: One-To-One Nat

    Parameter Description To activate the function, select ‘Enable’. Enable/Disable Give a static IP address to the DMZ Host when ‘Enabled’ is selected. Be aware that this IP will be exposed to the WAN/Internet. ‘Selection’ drop-down menu lists all existing Internal IP Address PCs connecting to the network.
  • Page 66 Subnet: The subnet of the public/WAN IP address given by the ISP. If the ISP has provided this information, users may insert it here. Otherwise, use IP Range method. IP Range: The IP address range of the public/WAN IP Global IP Address addresses.

  • Page 67: Time Schedule

    The private IP in the LAN network, which will be providing the virtual server application. ‘Selection’ drop-down menu lists all Internal IP Address existing PCs connecting to the network. Users may assign a PC with IP address and MAC from this list. Click on <Add>...

  • Page 68: Advanced

    The default is set at 8:00 AM. Users may specify the start Start Time time of the schedule. The default is set at 18:00 (6:00PM). Users may specify the End Time end time of the schedule. 4.3.11 Advanced Configuration options within the ‘Advanced’ section are for users who wish to take advantage of the more advanced features of the router.
  • Page 69 The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname, allowing users whose ISP does not assign them a static IP address to use a domain name. This is especially useful for hosting servers via the ADSL connection, so that anyone wishing to connect to the users may use the domain name, rather than having to use the dynamic IP address, which changes from time to time.
  • Page 70 Checking’ section of the web interface, which also provides details on the number of new messages waiting. See the ‘Status’ section of this manual for more information. Parameter Description Enter the name (login) of the POP3 account users wish to check.
  • Page 71 Parameter Description The Host Name cannot only contain one word. There should be two words connected with a full stop (.). Example: Host Name Host Name: homegateway ==> Incorrect Host Name: home.gateway or my.home.gateway ==> Correct) This is the port number for router’s embedded web server (for web-based configuration).
  • Page 72 UPnP offers peer-to-peer network connectivity for PCs and other network devices, along with control and data transfer between devices. UPnP offers many advantages for users running NAT routers through UPnP NAT Traversal, and on supported systems. It makes tasks such as port forwarding much easier by letting the application control the required settings and removing the need for the user to control Universal Plug and...
  • Page 73 Address Translation group IP group ICMP group TCP group UDP group EGP (not applicable) Transmission SNMP group From RFC1650 (EtherLike-MIB): dot3Stats From RFC 1493 (Bridge MIB): dot1dBase group dot1dTp group dot1dStp group (if configured as spanning tree) From RFC 1471 (PPP/LCP MIB): pppLink group pppLqr group (not applicable) From RFC 1472 (PPP/Security MIB):...
  • Page 74 only snmpSetSerialNo OID IGMP IGMP, known as Internet Group Management Protocol, is used to management hosts from multicast group. Parameter Description Accepting multicast packet. IGMP Forwarding Default: Enable. Allowing switched Ethernet to check and make correct forwarding decisions. IGMP Snooping Default: Disable.

  • Page 75: Logout

    Parameter Description Edit the member ports in selected VLAN group. Edit To create another VLAN group. Create VLAN Logout To exit the router’s web interface, choose ‘Logout’. Please ensure that user have saved the configuration settings before logout. Be aware that the router is restricted to only one PC accessing the configuration web pages at a time.

Table of Contents