TP Link Technologies WBS510 5GHz 300Mbps Outdoor Wireless Base Station User Manual WBS510 1

TP-Link Technologies Co., Ltd. 5GHz 300Mbps Outdoor Wireless Base Station WBS510 1

Contents

WBS510-User Manual-1

      For TP-LINK Pharos Series Products      REV1.0.0 1910011048  User Guide
 CONTENTS Chapter 1 Overview ........................................................................................................................ 1 Introduction ................................................................................................................................................................................ 1 System Requirements ............................................................................................................................................................. 1 Getting Started .......................................................................................................................................................................... 1 Navigation ................................................................................................................................................................................... 3 Chapter 2 Operation Modes ........................................................................................................... 4 Access Point ................................................................................................................................................................................ 4 Client.............................................................................................................................................................................................. 6 Repeater (Range Extender) ................................................................................................................................................... 7 Bridge ............................................................................................................................................................................................ 8 AP Router ..................................................................................................................................................................................... 8 AP Client Router (WISP Client) ............................................................................................................................................. 9 Chapter 3 Quick Setup Guide .......................................................................................................10 Access Point .............................................................................................................................................................................. 10 Client............................................................................................................................................................................................ 12 Repeater (Range Extender) ................................................................................................................................................. 14 Bridge .......................................................................................................................................................................................... 17 AP Router ................................................................................................................................................................................... 20 AP Client Router (WISP Client) ........................................................................................................................................... 22 Chapter 4 Status Tab .....................................................................................................................27 Status Information .................................................................................................................................................................. 28 Monitor ....................................................................................................................................................................................... 32 Chapter 5 Network Tab .................................................................................................................37 WAN ............................................................................................................................................................................................. 38 LAN ............................................................................................................................................................................................... 44 Forwarding ................................................................................................................................................................................ 46 Security ....................................................................................................................................................................................... 50 Access Control .......................................................................................................................................................................... 52 Static Routing ........................................................................................................................................................................... 53 Bandwidth Control ................................................................................................................................................................. 54 I
 IP&MAC Binding ...................................................................................................................................................................... 55 Chapter 6 Wireless Tab ..................................................................................................................57 Wireless Basic Settings .......................................................................................................................................................... 58 Wireless Client Settings ........................................................................................................................................................ 60 Wireless AP Settings ............................................................................................................................................................... 61 Multi-SSID .................................................................................................................................................................................. 64 Wireless MAC Filtering .......................................................................................................................................................... 65 Wireless Advanced Settings ................................................................................................................................................ 66 Chapter 7 Management Tab .........................................................................................................68 System Log ................................................................................................................................................................................ 69 Miscellaneous ........................................................................................................................................................................... 70 Ping Watch Dog ....................................................................................................................................................................... 71 Dynamic DNS ........................................................................................................................................................................... 72 Web Server ................................................................................................................................................................................ 73 SNMP Agent .............................................................................................................................................................................. 74 SSH Server ................................................................................................................................................................................. 75 RSSI LED Thresholds ............................................................................................................................................................... 76 Chapter 8 System Tab ....................................................................................................................77 Device .......................................................................................................................................................................................... 78 Location ...................................................................................................................................................................................... 78 User Account ............................................................................................................................................................................. 78 Time Setting .............................................................................................................................................................................. 79 Firmware Update .................................................................................................................................................................... 81 Configuration ........................................................................................................................................................................... 82 Chapter 9 Tools List .......................................................................................................................83 Ping .............................................................................................................................................................................................. 83 Traceroute .................................................................................................................................................................................. 84 Speed Test .................................................................................................................................................................................. 84 Survey .......................................................................................................................................................................................... 86 Spectrum Analysis .................................................................................................................................................................. 87 Appendix A: Pharos MAXtream TDMA .............................................................................................88 Appendix B: Glossary ........................................................................................................................89 II
 Chapter 1 Overview Chapter 1 Overview Introduction  is TP-LINK's next generation outdoor product series dedicated to long-distance outdoor wireless networking solutions.   is a powerful Web-based operating system, which is integrated into all Pharos series products. New features of Pharos series products are listed as follows:  Provides User-friendly UI design.  TP-LINK  Pharos  MAXtream (Time-Division-Multiple-Access) technology  improves product performance in throughput, capacity and latency, which are ideal for Point-to-multipoint applications.  Supports  multiple operation modes: Access Point, Client, Repeater (Range Extender), Bridge, AP Router and AP Client Router (WISP Client).  Provides system-level optimization for long-distance wireless transmission.  Supports adjustable transmit power by 1dBm from 0 to 27dBm/500mW.  Supports selectable bandwidth of 5/10/20/40MHz.  Supports easy antenna alignment with Wireless Signal Indicators on Web interface.  Provides Throughput Monitor, Spectrum Analyzer, Speed Test and Ping tools.  Supports discovery and management via Pharos Control application. System Requirements  Operating system:  Microsoft Windows XP, Windows Vista, Windows 7, Windows 8, Linux, or Mac OS X  Web Browser:  Google Chrome, Safari, Firefox, and Apple Safari. IE browsers are not recommended. Getting Started To access the PharOS Configuration Interface, perform the following steps: 1. Configure the Ethernet adapter on your computer with a static IP address on the 192.168.0.x subnet (for example, IP address: 192.168.0.100 and subnet mask: 255.255.255.0). 2. Launch your Web browser. Enter the default IP address of your device in the address field. Press Enter (PC) or Return (Mac). For Example, enter 192.168.0.254 to access the PharOS.  - 1 -
 Chapter 1 Overview 3. Upon initial login, please enter  admin in the Username and  Password fields. Check the box next to  I agree to these terms of use, and click Login.  4. We recommend you  change the device’s user name and password from its default settings for network security. Enter and confirm new user name and password, then click Finish.  5. For subsequent logins, you only need to enter the user name and password that you have set to log in.  - 2 -
 Chapter 1 Overview Navigation The PharOS Web Interface contains six main tabs, each of which provides a Web-based management page to configure the specific parameters of the Pharos series products.   Quick Setup  On  Quick Setup Guide, you can quickly configure your device through the step-by-step Quick Setup Wizard.  Status The Status Tab displays a summary of the link status information, current values of the basic configuration settings (depending on the operating mode), network settings and information, and traffic statistics.  Network The Network Tab configures the function of WAN, LAN, forwarding, security, access control, static routing, bandwidth control and IP&MAC binding.  Wireless On The Wireless Tab, you can configure the related wireless parameters in different modes.  Management The Management Tab configures system management services: System Log, Miscellaneous, Ping Watch Dog, and Dynamic Domain Name System (DDNS).  Web server, Simple Network Management Protocol (SNMP), SSH server, RSSI LED Thresholds are also available.  System The System Tab controls system maintenance routines, device customization, location management, user account management, firmware update, Time setting and configuration backup.   Tools The  Tools list provides some useful tools including Ping, Traceroute, Speed Test, Survey and Spectrum Analysis. - 3 -
 Chapter 2 Operation Modes Chapter 2 Operation Modes The Pharos series products support six modes to satisfy user’s diversified network requirements including Access Point mode, Client mode, Repeater (Range Extender) mode, Bridge mode, AP Router mode and AP Client Router (WISP Client) mode. This chapter introduces typical usage scenarios of each mode. You can choose the desired scenario according to your needs, and refer to the Installation Guide for hardware connection instruction and Chapter 3 Quick Setup Guide for software configuration. Access Point In AP mode, the device acts as a central hub and provides wireless access point for wireless clients, thus the AP mode is very applicable to the following three scenarios. Meanwhile, Multi-SSID function can be enabled in this mode, providing four wireless networks with different SSIDs and passwords.  Scenario 1 Network requirements: Establish wireless network coverage in the campus, community, industrial park or public places to provide wireless access points for wireless users.  The device in the network: With the access to campus network or  local area network, the device in AP mode provides the wireless access point based on the existing wired local area network for wireless clients, such as smart phones, laptops and tablets. Advantages: Increase wireless access points and enrich the access ways of local area network. Network diagram:   Scenario 2 Network requirements: Establish the network coverage in the remote areas without long-distance cabling. The device in the network: In the adjacent town covered by wired network, ISP (Internet Service Provider) can put up a device in AP mode with the access to ISP network by connecting to ISP’s router to transform wired signal into wireless one. The remote users can put up a device in AP Client Router mode to access the Internet the AP device provides wirelessly. - 4 -
 Chapter 2 Operation Modes Advantages: Transmit data wirelessly across a long distance and reduce the cabling cost. Network diagram:   Scenario 3 Network requirements: Establish a point-to-point link for video monitor or combine two separate  office networks as one. The device in the network: For video monitor, the device in AP mode connects to the monitoring computer and the device in Client mode connects to IP Camera. For combining two  separate  office networks as one, two devices in AP and Client mode respectively connect to the switches in two office networks so as to connect two office networks.  Advantages: Establish a point-to-point WLAN across a long distance to achieve the connectivity between two networks and avoid the cabling trouble. Network diagram:  Video monitor  - 5 -
 Chapter 2 Operation Modes  Internet sharing  Client Network requirements: The most common usage scenario of Client is point-to-point networking with AP for video monitor or combining two separate office networks. Please refer to Scenario 3 of Access Point for detailed information. The device in the network: In this mode, the device actually serves as a wireless adapter to receive the wireless signal from root AP or Station. In the case, wired devices can access the network provided by root AP or Station through connecting to Client. Network diagram:  Video monitor   Internet sharing  - 6 -
 Chapter 2 Operation Modes Repeater (Range Extender) The device in Repeater mode can extend wireless coverage of an existing wireless network to cover “dead” spots, especially to eliminate signal-blind corners in a larger space. The SSID and encryption type of the device should be the same as those of root AP. Network requirements: Eliminate the wireless signal-blind areas and repeat wireless signal. The device in the network: In a large campus or industrial park, the device in Repeater mode can reinforce the wireless signal strength of the existing network and extend the network coverage to eliminate the signal-blind areas. Remote data can be transmitted across a long distance beyond the transmission range. Meanwhile, the wireless users can experience a wireless network roaming when moving around. Network diagram:  Eliminate the wireless signal-blind areas   Repeat wireless signal  - 7 -
 Chapter 2 Operation Modes Bridge Network requirements: Reinforce the wireless signal strength of the root AP device to eliminate the wireless signal-blind areas. Meanwhile, the wireless users can use the SSID and encryption type different from those of the root AP device to access the network. The device in the network: Similar to the Repeater mode, the Bridge mode is used to reinforce the exiting wireless signal. However, the very difference is that the Bridge has its own SSID and encryption type different from those of root AP. Network diagram:  Eliminate the wireless signal-blind areas   Bridge for wireless signal  AP Router Network requirements: Establish the wireless network coverage in the campus, community, industrial park or other public places and so on. The device in the network: Similar to the home wireless router, the device in AP Router mode connects to root  ADSL/Cable Modem. The difference lies in that the coverage area of this device is wider. Smart - 8 -
 Chapter 2 Operation Modes phones, laptops, and other wireless clients can share wide area network via the access to wireless network this device provides. Network diagram:  AP Client Router (WISP Client) In  AP Client Router mode,  after accessing the wireless network provided by WISP, the device provides wireless network service for downstream wireless clients. Meanwhile, the device allows wired devices, such as desktop computer, to access it via LAN1 port or PoE adapter’s LAN port. In this way, all members of a home user can share the Internet using one account applied from WISP.   - 9 -
 Chapter 3 Quick Setup Guide Chapter 3 Quick Setup Guide Quick Setup wizard allows you  to quickly configure your device step by step. Choose the suitable operation mode according to your network environment and follow the step-by-step instructions.  Access Point If Access Point is selected, click Next and take the following steps: 1. The LAN Settings page will appear as shown below. The default IP Address is 192.168.0.254 and the default Subnet  Mask is 255.255.255.0. You can change the IP Address and Subnet Mask on this page when there is an IP conflict with other devices. We recommend you keep it by default. Click Next.  - 10 -
 Chapter 3 Quick Setup Guide 2. The Wireless AP Settings page will appear as shown below. Create an easy-to-remember name for your wireless network. Select WPA-PSK/WPA2-PSK in the Security box and enter the PSK Password below to prevent unauthorized access to your AP. Enter the distance between this device and the furthest client in Distance Setting. Then click Next.  3. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.  - 11 -
 Chapter 3 Quick Setup Guide Client If Client is selected, click Next and take the following steps: 1. The LAN Settings page will appear as shown below. The default IP Address is 192.168.0.254 and the default Subnet  Mask is 255.255.255.0. You can change the IP Address and Subnet Mask on this page when there is an IP conflict with other devices. We recommend you keep it by default. Click Next.  2. The Wireless Client Settings page will appear as shown below.  Click Survey to search for wireless networks.  - 12 -
 Chapter 3 Quick Setup Guide 3. The AP list will appear as shown below. Select the desired wireless network and click  Connect.  It’s possible that two or more networks use the same SSID in the AP list. Lock to AP can make the device connect to the specified AP you had connected before the next time.  4. If the root AP needs password to be connected, you should select the same Mode, Channel Width and Security type and enter the same PSK Password as entered on the  root AP/router.  Enter the distance between this device and the root AP in Distance setting.  Then click Next.  - 13 -
 Chapter 3 Quick Setup Guide 5. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.  Repeater (Range Extender) If Repeater (Range Extender) is selected, click Next and take the following steps: 1. The LAN Settings page will appear as shown below. The default IP Address is 192.168.0.254 and the default Subnet  Mask is 255.255.255.0. You can change the IP Address and Subnet Mask on this page when there is an IP conflict with other devices. We recommend you keep it by default. Click Next.  - 14 -
 Chapter 3 Quick Setup Guide 2. The Wireless Client Settings page will appear as shown below.  Click  Survey to search for wireless networks.  3. The AP list will appear as shown below. Select the desired wireless network and click  Connect. It’s possible that two or more networks use the same SSID in the AP list. Lock to AP can make the device connect to the specified AP you had connected before the next time.   - 15 -
 Chapter 3 Quick Setup Guide 4. If the root AP needs password to be connected, you should select the same Mode, Channel Width and Security type and enter the same PSK Password as entered on the root  AP/router.  Enter the distance between this device and the root AP/router in Distance setting. Then click Next.  5. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.  - 16 -
 Chapter 3 Quick Setup Guide Bridge If Bridge is selected, click Next and take the following steps: 1. The LAN Settings page will appear as shown below. The default IP Address is 192.168.0.254 and the default Subnet  Mask is 255.255.255.0. You can change the IP Address and Subnet Mask on this page when there is an IP conflict with other devices. We recommend you keep it by default. Click Next.  2. The Wireless Client Settings page will appear as shown below. Click Survey to search for wireless networks.  - 17 -
 Chapter 3 Quick Setup Guide 3. The AP list will appear as shown below. Select the desired wireless network and click  Connect. It’s possible that two or more networks use the same SSID in the AP list. Lock to AP can make the device connect to the specified AP you had connected before the next time.   4. If the root AP needs password to be connected, you should select the same Mode, Channel Width and Security type and enter the same PSK Password as entered on the root AP. Enter the distance between this device and the root AP/router in Distance setting. Then click Next.  - 18 -
 Chapter 3 Quick Setup Guide 5. Create a new SSID and PSK password for the local wireless network. The wireless AP settings for the local network will be set the same as your root AP by default. Click Next.  6. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.  - 19 -
 Chapter 3 Quick Setup Guide AP Router If AP Router is selected, click Next and take the following steps: 1. The WAN  Connection Type page will appear as shown below. Choose the suitable WAN connection type, and then click Next.  2. The router supports three popular ways PPPoE, Dynamic IP and Static IP to connect to the Internet. To make sure the connection type your ISP provides, please refer to the ISP.  PPPoE  - If your ISP delivers  Internet through phone line and provides  you with username and password, you should choose this type. Under this condition, you should fill in both User Name and Password that the ISP supplied, and then click Next to proceed. Please note that these fields are case-sensitive.    Dynamic IP - For this connection, Your ISP uses a DHCP server to assign your router an IP address for connecting to the Internet. You don’t need to configure any parameters, Click Next to proceed. - 20 -
 Chapter 3 Quick Setup Guide  Static IP - This type of connection uses a permanent, fixed (static) IP address that your ISP assigned. In this type, you should fill in the IP address, Subnet Mask, Default Gateway, and DNS IP address manually, which are specified by your ISP. Then click Next to proceed.  3. After configuring WAN connection type, the Wireless AP Settings page will appear as shown below. Create an easy-to-remember name for your wireless network. Select WPA-PSK/WPA2-PSK in the Security box and enter the PSK Password below to prevent unauthorized access to your AP. Enter the distance between this device and the furthest client in Distance Setting. Then click Next.   - 21 -
 Chapter 3 Quick Setup Guide 4. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.  AP Client Router (WISP Client) If AP Client Router (WISP Client) is selected, click Next and take the following steps: 1. The WAN  Connection Type page will appear as shown below. Choose the suitable WAN connection type, and then click Next.  2. The router supports three popular ways PPPoE, Dynamic IP and Static IP to connect to the Internet. To make sure the connection type your ISP provides, please refer to the ISP. - 22 -
 Chapter 3 Quick Setup Guide  PPPoE  - If your ISP delivers  Internet through phone line and provides  you with username and password, you should choose this type. Under this condition, you should fill in both User Name and Password that the ISP supplied, and then click Next to proceed. Please note that these fields are case-sensitive.    Dynamic IP - For this connection, Your ISP uses a DHCP server to assign your router an IP address for connecting to the Internet. You don’t need to configure any parameters, Click Next to proceed.  Static IP - This type of connection uses a permanent, fixed (static) IP address that your ISP assigned. In this type, you should fill in the IP address, Subnet Mask, Default Gateway, and DNS IP address manually, which are specified by your ISP. Then click Next to proceed.  - 23 -
 Chapter 3 Quick Setup Guide 3. After configuring WAN connection type,  The Wireless Client Settings page will appear as shown below. Click Survey to search for wireless networks.   4. The AP list will appear as shown below. Select the desired wireless network and click  Connect.  It’s possible that two or more networks use the same SSID in the AP list. Lock to AP can make the device connect to the specified AP you had connected before the next time.   - 24 -
 Chapter 3 Quick Setup Guide 5. If the root AP needs password to be connected, you should select the same Mode, Channel Width and Security type and enter the same PSK Password as entered on the root AP/router.  Enter the distance between this device and the root AP/router in Distance setting. Then click Next.  6. Create a new SSID and PSK password for the local wireless network. The wireless AP settings for the local network will be set the same as your root AP by default. Click Next.  - 25 -
 Chapter 3 Quick Setup Guide 7. The Finish page will appear and display what you’ve configured previously. If you want to modify any parameter, click Back to reconfigure it. If all are confirmed, click Finish to complete the configuration.   - 26 -
 Chapter 4 Status Tab Chapter 4 Status Tab The Status tab displays a summary of the link status information, current values of the basic configuration settings (depending on the operating mode), network settings and information, and traffic statistics.  - 27 -
 Chapter 4 Status Tab Status Information  Device Information Device information displays the customizable name, model, firmware version, system time, uptime, CPU and memory of the device.   Wireless Settings Wireless settings display the relative wireless parameters of  the  current  device.  You can change the parameters in Wireless tab.  MAXtream Displays whether the MAXtream function is ON. Channel/Frequency Displays the channel number and corresponding operating frequency. The device uses the channel and radio frequency specified to transmit and receive data. Valid channel and frequency ranges will vary depending on local regulations.  Channel Width Displays the spectral width of the radio channel used by the device. IEEE802.11 Mode Displays the radio standard used for operation of your device.  - 28 -
 Chapter 4 Status Tab Max TX Rate Displays the data rate at which the device should transmit wireless packets.  Distance Displays the  wireless coverage distance where the client devices can be placed from the AP to get good wireless performance.  You can change the value  in Wireless Advanced Settings.  Wireless Signal Quality Status of wireless signal quality displays the parameters of the received wireless signal in the modes of Client, Repeater (Range Extender), Bridge and AP Client Router. The parameters here is not applicable for other two modes.  Signal Strength Displays the received wireless signal strength of the root AP.  Noise Strength Displays the  received environmental noise from wireless  interference on the operating frequency.  SNR Signal to Noise Ratio, the power ratio between the received wireless signal strength and the environmental noise strength.  Generally, in order to achieve the best performance, users need to adjust the antenna to get the best SNR. Transmit CCQ Displays the wireless Client Connection Quality (CCQ). CCQ refers to the ratio of current effective transmission bandwidth and the theoretically maximum available bandwidth. CCQ reflects the actual link condition.  Radio Status Radio status shows the MAC address, SSID, security mode and connected station number of the enabled AP. If the Client mode is enabled, the information of MAC address, security mode, WDS, root AP BSSID, root AP SSID, TX rate, RX rate and connection time of the client will also be displayed. - 29 -
 Chapter 4 Status Tab  AP Displays whether the AP function is Enabled or Disabled. It is enabled in Access Point, Repeater, Bridge, AP Router and AP Client Router modes and disabled in Client mode by default. MAC Address Displays the MAC address of AP interface or client interface. SSID Displays the wireless network name (SSID). Security Mode Displays the  security  mode you’ve chosen for your wireless network.  There are three security modes: WPA-PSK, WPA and WEP. None means that no security mode is selected and all the hosts are allowed to access the wireless network. Connected Station Displays the number of the connected stations. Client Displays whether the Client function is Enabled or Disabled. It is enabled in Client, Repeater, Bridge and AP Client Router modes and disabled in Access Point and AP Router modes by default. WDS Displays whether the Wireless Distribution System (WDS) is enabled or not.  Root AP BSSID Displays the basic service set identification (MAC address) of root AP. Root AP SSID Displays the wireless network name of root AP. TX Rate Displays the data rate at which the device transmits wireless packets. - 30 -
 Chapter 4 Status Tab RX Rate Displays the data rate at which the device receives wireless packets. Connection Time Displays the amount of time the device has been connected to the root AP.  LAN It displays the relative LAN parameters of the current device. You can change the parameters in Network Tab.  MAC Address Displays the MAC address of the device. IP Address Displays the IP address of the device. Subnet Mask Displays the Subnet Mask of the LAN.  Port Displays the current status of the LAN Ethernet port connections and the Maximum transmission rate of the plugged port.  WAN It displays the relative WAN parameters of the current device. You can change the parameters in Network Tab.  Connection Type Displays the WAN connection type of the device. MAC Address Displays the MAC address of the device’s WAN port. IP Address Displays the IP address of the device’s WAN port. - 31 -
 Chapter 4 Status Tab Subnet Mask Displays the Subnet Mask of the WAN.  Default Gateway Displays the default gateway. DNS Server Displays the current DNS IP address.  Monitor The monitor displays the data changes of throughput, Stations, Interfaces, ARP table, Routes, DHCP Clients and Dynamic WAN of the device.   Throughput Throughput displays the current data traffic on the interfaces of LAN, WLAN and BRIDGE in both graphical and numerical form. You can choose the specific interface to monitor from the drop-down list above the chart.    Stations In the modes with the AP function enabled, you can monitor the information of all the stations that are connected to the device.  MAC Displays the MAC address of the station. Device Name Displays the station’s host name. Associated SSID The SSID that the station connected to. - 32 -
 Chapter 4 Status Tab SNR (dB) Signal to Noise Ratio,  the power ratio between the received wireless signal strength and the environmental noise strength.  Generally, in order to achieve the best performance, users need to adjust the antenna to get the best SNR.  CCQ (%) Displays the wireless Client Connection Quality (CCQ) of the station. Rate (Mbps) Displays the station’s data rates of the last transmitted packets. RX (kbps)  Displays  the station’s  average  data rates  of the received packet over the connection time. TX (kbps)  Displays  the station’s average data rates  of the transmitted packets over the connection time. Auto Refresh If Auto Refresh is checked, parameters in the table will refresh automatically.  Interfaces The table displays the relevant information of each interface including MAC, IP address, etc.  MAC Displays the MAC address of the interface. IP Address Displays the IP address of the interface. MTU Displays the Maximum Transmission Unit (MTU), which is the maximum packet size (in bytes) that a network interface can transmit. RX packets Displays the total amount of packets received by the interface after the device is powered on. RX Bytes Displays the total amount of data (in bytes) received by the interface after the device is powered on. TX packets Displays the total amount of packets transmitted by the interface after the device is powered on. TX Byte Displays the total amount of data (in bytes) transmitted by the interface after the device is powered on. Auto Refresh If Auto Refresh is checked, parameters in the table will refresh automatically. - 33 -
 Chapter 4 Status Tab  ARP table Lists all the entries of the Address Resolution Protocol (ARP) table currently recorded on the device. ARP is used to associate each IP address to the unique hardware MAC address of each device on the network.   IP Address Displays the IP address assigned to a network device. MAC Displays the MAC address of the device. Interface Displays the interface that connects to the device. Auto Refresh If Auto Refresh is checked, parameters in the table will refresh automatically.  Routes List all the entries in the system routing table. PharOS examines the destination IP address of each data packet traveling through the system and chooses the appropriate interface to forward the packet to. Routing depends on static routing rules, which are registered in the system routing table. Static routes to specific hosts, networks, or the default gateway are set up automatically according to the IP configuration of all the Interfaces.  Destination Displays the IP address of the destination device or destination network. Gateway Displays the IP address of the appropriate gateway. Subnet Mask Displays the Subnet Mask of the destination device. Interface Displays the interface that the destination device is on. Auto Refresh If Auto Refresh is checked, parameters in the table will refresh automatically.  DHCP Clients DHCP Clients display the  current  information of the clients including client names, MAC addresses, IP addresses assigned by the device’s DHCP server and their lease time. - 34 -
 Chapter 4 Status Tab  Client Name Displays the device name of the client. MAC Address Displays the client’s MAC Address. IP Address Displays the IP address assigned to the client. Lease Time Displays the time of the DHCP client leased. Before the time is up, DHCP client will request to renew the lease automatically. Auto Refresh If Auto Refresh is checked, parameters in the table will refresh automatically.  Dynamic WAN NOTE: This submenu is only available in AP router mode and AP client router (WISP Client) mode when the WAN connection type is PPPoE, PPTP, L2TP or Dynamic. Dynamic WAN displays the WAN connection status of your device.  Status Displays the WAN status is disconnected or connected. IP Address Displays the IP address of the WAN. Subnet Mask Displays the Subnet Mask of the WAN.  Gateway IP Displays the address of the gateway. Primary DNS/Secondary DNS Displays the DNS IP address provided by your ISP.  Connection Uptime Displays the time that the latest WAN connection lasts. - 35 -
 Chapter 4 Status Tab Auto Refresh If  Auto Refresh is checked, parameters in the table will refresh automatically. Click  Obtain to gain the WAN IP address from DHCP server, and click Release to release the WAN IP address.  - 36 -
 Chapter 5 Network Tab Chapter 5 Network Tab On Network  Tab, you can configure the parameters of WAN, LAN, Forwarding, Security, Access Control, Static Routing, Bandwidth control and IP&MAC Binding.  If you’ve made any change of the parameters, please click Apply to  make the configuration take effect. There will be a blue bar at the top of the page to remind you to save the configuration. Click Save Changes when you finish all settings, otherwise all the settings will be recovered to last saved settings at reboot or power off.  - 37 -
 Chapter 5 Network Tab WAN NOTE: WAN submenu is only available on AP router mode and AP client router (WISP Client) mode.  There are five WAN connection types: Static, Dynamic, PPPoE, L2TP, and PPTP. Select the suitable one to configure the IP parameters of the WAN on the screen below. If you are not sure of the connection type to use, please consult your ISP.  Static This connection type uses a permanent, fixed (static) IP address that your ISP assigned. In this type, you should fill in the IP address, Netmask, Gateway IP, and DNS IP address manually, which are specified by your ISP.   IP Address Enter the IP address provided by your ISP. Netmask Enter the Netmask provided by your ISP. Normally use 255.255.255.0 as the netmask. Gateway IP Enter the gateway IP address provided by your ISP. Primary DNS Enter the DNS IP address provided by your ISP. - 38 -
 Chapter 5 Network Tab Secondary DNS Enter alternative DNS IP address if your ISP provides. MTU Size The normal MTU (Maximum Transmission Unit) value for most Ethernet networks is 1500 Bytes. For some ISPs you need to modify the MTU. But this is rarely required, and should not be done unless you are sure it is necessary for your ISP connection. WAN MAC Address This field displays the current MAC address of the WAN port. If your ISP requires that you register the MAC address, please enter the correct MAC address into this field. The format for the MAC Address is XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Click Restore Factory MAC to restore the MAC address of WAN port to the factory default value.  Your PC’s MAC Address This field displays the MAC address of the PC that is managing the router. Some ISPs require that you should register the MAC address of your PC.  If the MAC address is required, you can click Clone PC’s MAC to set the WAN MAC address the same as your management PC’s MAC.  Dynamic For this connection, Your ISP uses a DHCP server to assign your router an IP address for connecting to the Internet. You don’t need to configure any parameters.  MTU Size The normal MTU (Maximum Transmission Unit) value for most Ethernet networks is 1500 Bytes. For some ISPs you need to modify the MTU. But this is rarely required, and should not be done unless you are sure it is necessary for your ISP connection. Use These DNS Servers If your ISP gives you one or two DNS IP addresses, select Use These DNS Servers and enter the Primary DNS and Secondary DNS into the correct fields. Otherwise, the DNS servers will be assigned from ISP dynamically. Primary DNS Enter the DNS IP address provided by your ISP. Secondary DNS Enter another DNS IP address provided by your ISP. - 39 -
 Chapter 5 Network Tab WAN MAC Address This field displays the current MAC address of the WAN port. If your ISP binds the MAC address of your previous computer/router, please enter the correct MAC address into this field. The format for the MAC Address is XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Click Restore Factory MAC to restore the MAC address of WAN port to the factory default value. Your PC’s MAC Address This field displays the MAC address of the PC that is managing the router. Some ISPs require that you should register the MAC address of your PC.  If the MAC address is required, you can click Clone PC’s MAC to set the WAN MAC address the same as your management PC’s MAC.  PPPoE If your ISP delivers  Internet through phone line and provides  you with username and password, you should choose this type. Under this condition, you should fill in both User Name and Password that the ISP supplied, please note that these fields are case-sensitive.  User Name/Password Enter the User Name and Password provided by your ISP. These fields are case-sensitive. Connection Mode Please choose the Connection mode.  On Demand - You can configure the device to disconnect your Internet connection after a specified period of inactivity  (Idle Time). If your Internet connection has been terminated due to inactivity, Connection on Demand enables the device to automatically re-establish your connection when you attempt to access the Internet again. The default Idle Time is 15 minutes. If your Internet connection is expected to remain active all the time, enter 0 in - 40 -
 Chapter 5 Network Tab the  Idle Time field. Users those pay by time for their Internet access can choose this mode to save their Internet-access fee.  NOTE: Sometimes the connection cannot be disconnected although you specify a time to Idle Time (0~99 minutes) because some applications visit the Internet continually in the background.  Automatic - Connect automatically after the device is disconnected. Users those are charged a flat monthly fee can choose this mode.   Time-based - You can configure the device to make it connect or disconnect based on time. Enter the start time in From (HH:MM) for connecting and end time in To (HH:MM) for disconnecting.  Users those need to control the time period of Internet access can choose this mode.   Manual - You can configure the device to make it connect or disconnect manually. After a specified period of inactivity (Idle Time), the device will disconnect your Internet connection, and you must click Connect manually to access the Internet again. If your Internet connection is expected to remain active all the times, enter 0 in the Idle Time field. Otherwise, enter the desired Idle Time in minutes you wish to use.  Users those pay by time for their Internet access can choose this mode to save their Internet-access fee.  Secondary Connection If your ISP provides an extra Connection type such as Dynamic/Static IP to connect to a local area network, you can activate this secondary connection.   Disable - The Secondary Connection is disabled by default, so there is PPPoE connection only. This is recommended.  Dynamic IP - Use dynamic IP address to connect to the local area network provided by ISP.  Static IP - Use static IP address to connect to the local area network provided by ISP. MTU Size The default MTU (Maximum Transmission Unit) size is 1480 bytes, which is usually appropriate. For some ISPs, you need modify the MTU. This should not be done unless your ISP told you to. Service Name/AC Name Do not change it unless your ISP told you to. Detect Interval The default value is 0. You can input the value between 0 and 120. The device will detect Access Concentrator online every interval seconds. If the value is 0, it means not detecting. - 41 -
 Chapter 5 Network Tab Use ISP-Specified IP If your service provider give you an IP address along with the user name and password,  Enable "Use ISP-specified IP" and enter the IP address, which is provided by your ISP. Use These DNS Servers If the ISP specifies a DNS server IP address for you, Enable Use These DNS Server, and fill the Primary DNS  and  Secondary DNS fields below. Otherwise, the DNS servers will obtain automatically from ISP. WAN MAC Address This field displays the current MAC address of the WAN port. If your ISP binds the MAC address of your previous computer/router,  please enter the correct MAC address into this field. The format for the MAC Address is XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Click Restore Factory MAC to restore the MAC address of WAN port to the factory default value. Your PC’s MAC Address This field displays the MAC address of the PC that is managing the router. You can click  Clone PC’s MAC to set the WAN MAC address the same as  your management PC’s MAC. Click Connect to connect immediately. Click Disconnect to disconnect immediately. You can check and control the status of WAN connection on Monitor > Dynamic WAN page.  L2TP/PPTP The configuration steps of  these two WAN connections are the same.  Take L2TP as an example to introduce.  Server IP/Name Enter the server IP address or the domain name given by your ISP. User Name/Password Enter the User Name and Password provided by your ISP. These fields are case-sensitive. Connection Mode   On Demand - You can configure the device to disconnect your Internet connection after a specified period of inactivity  (Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the device to automatically re-establish your connection when you attempt to access the Internet again. The default Idle Time is 15 minutes. If - 42 -
 Chapter 5 Network Tab your Internet connection is expected to remain active all the time, enter 0 in the  Idle Time field. Users those pay by time for their Internet access can choose this mode to save their Internet-access fee.  NOTE: Sometimes the connection cannot be disconnected although you specify a time to Idle Time (0~99 minutes) because some applications visit the Internet continually in the background.  Automatic - Connect automatically after the device is disconnected. Users those are charged a flat monthly fee can choose this mode.  Manual - You can configure the device to make it connect or disconnect manually. After a specified period of inactivity (Idle Time), the device will disconnect your Internet connection, and you must click Connect  manually to access the Internet again. If you want your Internet connection to remain active all the times, enter 0 in the Idle Time field. Otherwise, enter the desired Idle Time in minutes you wish to use.  Users those pay by time for their Internet access can choose this mode to save their Internet-access fee.  Secondary Connection If your ISP provides a Connection type such as Dynamic/Static IP to connect to a local area network, you can activate this secondary connection.  Dynamic IP - Use dynamic IP address to connect to the local area network provided by ISP.  Static IP - Use static IP address to connect to the local area network provided by ISP. MTU Size The default MTU (Maximum Transmission Unit) size is 1460 bytes in L2TP and 1420 bytes in PPTP, which is usually fine. For some ISPs, you need modify the MTU. This should not be done unless you are sure it is necessary for your ISP. WAN MAC Address This field displays the current MAC address of the WAN port, which is used for the WAN port. If your ISP requires that you register the MAC address, please enter the correct MAC address into this field. The format for the MAC Address is XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Click Restore Factory MAC to restore the MAC address of WAN port to the factory default value. Your PC’s MAC Address This field displays the MAC address of the PC that is managing the router. If the MAC address is required, you can click  Clone PC’s MAC to set the WAN MAC address the same as your management PC’s MAC. Click Connect to connect immediately. Click Disconnect to disconnect immediately. You can check and control the status of WAN connection on Monitor > Dynamic WAN page. - 43 -
 Chapter 5 Network Tab LAN The display of this  submenu is different in modes.  The page of AP router mode and AP client router (WISP Client) mode is shown as below. In these two modes, static is the only one connection type.  While the page of Access Point mode, Client mode, Repeater (Range extender) mode and Bridge mode is shown as below. There are two connection types including dynamic and static.   - 44 -
 Chapter 5 Network Tab Connection type There is only one LAN Connection type Static in  AP  Router mode and AP  Client Router (WISP Client) mode.  While there are Static and  Dynamic  of Connection types in Access  Point mode, Client mode, Repeater (Range  Extender) mode and Bridge mode. IP Address Enter the IP address of your AP/router (factory default: 192.168.0.254). Netmask Enter the Netmask provided by your ISP. Normally use 255.255.255.0 as the netmask. IGMP Proxy IGMP (Internet Group Management Protocol) works for IPTV multicast stream. If you want to watch IPTV, please Enable it. DHCP Server If the built-in DHCP server is expected to assign IP addresses to clients connected to the wireless interface and LAN interface, please Enable it. Fallback IP When Dynamic IP is selected as the connection type, you can enable this function. The fallback IP will be used as the LAN IP when a DHCP server is not found. DHCP Fallback IP Specify the IP address for the device to use if a DHCP server is not found. DHCP Fallback Mask Specify the mask for the device to use if a DHCP server is not found. Start IP Address This field specifies the first address in the IP Address pool. 192.168.0.100 is the default start IP address. End IP Address This field specifies the last address in the IP Address pool. 192.168.0.199 is the default end IP address.   Default Gateway Enter the IP address of the gateway for your LAN. The factory default setting is 192.168.0.254. Default Domain Enter the domain name of your DHCP server. You can leave the field blank. Primary DNS Enter the DNS IP address provided by your ISP. Please consult your ISP if you don’t know the DNS value. The factory default setting is 0.0.0.0. Secondary DNS Enter the IP address of alternative DNS server if your ISP provides two DNS servers. The factory default setting is 0.0.0.0. Lease Time Enter the amount time of the leased IP address assigned by the DHCP server. Before the time is up, DHCP client will request to renew the lease automatically and DHCP server would not assign this IP address to other clients. - 45 -
 Chapter 5 Network Tab Address Reservation  Address Reservation will enable you to specify a reserved IP address for a PC on the local area network, so the PC will always obtain the same IP address each time when it starts up. Reserved IP addresses could be assigned to servers that require permanent IP settings.  To Reserve IP addresses:  1. Click Add in the table of Address Reservation.  2. Enter the MAC address in the format of XX-XX-XX-XX-XX-XX and the IP address in dotted-decimal notation of the station you want to add.  3. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. Forwarding The Forwarding feature is available only in AP Router mode and AP Client Router (WISP Client) mode. The IP address used on the Internet is public IP address, while IP address used on local area network is private IP address. The hosts using private IP addresses cannot access the Internet directly and vice versa. The hosts using private IP addresses visit Internet through NAT (Network Address Translation) technology. NAT can transfer private IP addresses into public IP addresses to realize the communication from internal hosts to external hosts.  If the hosts on the Internet want to visit the hosts on local area network, the forwarding function should be used, including DMZ, Virtual server, Port triggering and UPnP. - 46 -
 Chapter 5 Network Tab  DMZ Check the Enable  box to use the DMZ function.  DMZ (Demilitarized Zone) specifically allows one computer/device behind NAT to become “demilitarized”, so all packets from the external network are forwarded to this computer/device. The demilitarized host is exposed to the wide area network, which can realize the unlimited bidirectional communication between internal hosts and external hosts. DMZ IP Specify the IP address of the local host network device. The DMZ host device will be completely exposed to the external network. Any PC that was used for a DMZ must have a static or reserved IP Address because its IP Address may change when using the DHCP function. ALG Common NAT only translates the address of packets at network layer and the port number at transport layer but cannot deal with the packets with embedded source/destination information in the application layer. Application layer gateway (ALG) can deal with protocols with embedded source/destination information in the application payload. Some protocols such as FTP, TFTP, H323 and RTSP require ALG (Application Layer Gateway) support to pass through NAT.  FTP ALG - Allows FTP clients and servers to transfer data across NAT.   TFTP ALG - Allows TFTP clients and servers to transfer data across NAT.   H323 ALG -  Allows  Microsoft NetMeeting clients to communicate across NAT.  RTSP ALG - Allows some media player clients to communicate with some streaming media servers across NAT. Virtual Server Check the Enable box to use the virtual server function. Virtual servers can be used for setting up public services on your local area network, such as DNS, Email and FTP. A virtual server is defined as a service port, and all requests from - 47 -
 Chapter 5 Network Tab the Internet to this service port will be redirected to the LAN server.  Virtual Server  function not only makes the users from Internet visit the local area network, but also keeps network security within the intranet as other services are still invisible from Internet. The LAN server must have a static or reserved IP Address because its IP Address may change when using the DHCP function.  To use the virtual server:  1. Click Add in the table of Virtual Server.  2. Enter the IP Address of the PC providing the service application. 3. Enter the Internal Port number of the PC running the service application. You can leave it blank if the Internal Port is the same as the Service Port, or enter a specific port number. 4. Enter the numbers of external Service Port. You can type a service port or a range of service ports (the format is XXX – YYY, XXX is the start port, YYY is the end port). Internet users send request to the port for services. 5. Choose the one of the protocols used for this application:  TCP, UDP, or TCP/UDP.  6. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. Port Trigger Check the Enable box to use the port trigger function. Due to the existence of the firewall, some applications such as online games, video conferences, VoIPs and P2P downloads  need the device to configure the forwarding to work properly, and these applications require multiple ports connection, for single-port virtual server cannot meet the demand. Port trigger function comes at this time. When an application initiates a connection to the trigger port, all the incoming ports will open for subsequent connections. Once configured, operation is as follows:  1. A local host makes an outgoing connection to an external host using a destination port number defined in the Trigger Port field.  2. The router records this connection, opens the incoming port or ports associated with this entry in the Port Triggering table, and associates them with the local host.  3. When necessary the external host will be able to connect to the local host using one of the ports defined in the Incoming Port field.  - 48 -
 Chapter 5 Network Tab To use the port trigger:  1. Click Add in the table of Port Trigger.  2. Enter the Incoming Port for incoming traffic. The port or port range is used by the remote system when it responds to the outgoing request. A response to one of these ports will be forwarded to the PC that triggered this rule. You can input at most 5 groups of ports (or port section). Every group of ports must be set apart with ",". For example, 2000-2038, 2050-2051, 2085, 3010-3030. 3. Enter the trigger  port for outgoing traffic. An outgoing connection using this port will "Trigger" this rule. 4. Choose the  one of the protocols  used for this application:  TCP, UDP, or TCP/UDP. 5. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. UPnP Check the Enable box to use the UPnP function. If you use applications such as multiplayer gaming, peer-to-peer connections, or real-time communications such as instant messaging or remote assistance (a feature in Windows XP), you should enable the UPnP function. The Universal Plug and Play (UPnP) function allows the devices, such as Internet computers, to access the local host resources or devices as needed. Host in the local area network can automatically open the corresponding ports on a router, and make the application of external host access the resources of the internal host through the opened ports. Therefore, the functions limited to the NAT can work properly. Compared to virtual server and port triggering, the application of UPnP doesn't need manual settings. It is more convenient for some applications required unfixed ports.    App Description – Displays the description provided by the application in the UPnP request.  External Port – Displays the external port number that the router opened for the service application.  Protocol - Displays which type of protocol is opened.  Internal Port – Displays the internal service port number of the local host running the service application.  IP Address - Displays the IP address of the local host which initiates the UPnP request.  Status  -  Enabled means that port is still active. Otherwise, the port is inactive. - 49 -
 Chapter 5 Network Tab Security The Security function is available only in AP router mode and AP client router (WISP Client) mode. Stateful Packet Inspection (SPI) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known active connection will be allowed  to pass through by the firewall and others will be rejected. SPI Firewall is enabled by factory default.   SPI Firewall Check the Enable box to use the SPI Firewall function. If forwarding rules are enabled at the same time, the device will give priority to meet forwarding rules. Ping  WAN Ping Forbidden:  The default setting is disabled. If enabled, the device will not reply the ping request originates from Internet.  LAN Ping Forbidden: The default setting is disabled. If enabled, the device will not reply the ping request originates from local network. VPN A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryptions. Through VPN you can access your private network over Internet. A virtual private network connection across the Internet is similar to a wide area network (WAN) link between sites. From a user perspective, the extended network resources are accessed in the same way as resources available within the private network. When hosts in the local area network want to visit the remote virtual private network using virtual tunneling protocols, the corresponding VPN protocol should be enabled.  PPTP Passthrough  -  PPTP (Point-to-Point Tunneling Protocol) allows the Point-to-Point Protocol (PPP) to be tunneled through an IP (Internet Protocol) network. Check the box to allow PPTP tunnels to pass through the Device.   L2TP Passthrough  -  L2TP (Layer Two Tunneling Protocol) is the method used to enable Point-to-Point  connections via the Internet on the Layer Two level. Check the box to allow L2TP tunnels to pass through the Device.  - 50 -
 Chapter 5 Network Tab  IPSec Passthrough  -  IPSec (Internet Protocol security) is a suite of protocols for ensuring private, secure communications over IP (Internet Protocol) networks, through the use of cryptographic security services. Check the box to allow IPSec tunnels to pass through the Device. DoS Protection DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network attackers or the evil programs sending a lot of service requests to the Host, which incurs an abnormal service or even breakdown of the network.  With DoS Protection function enabled, the device can analyze the specific fields of the IP packets and distinguish the malicious DoS attack packets. Upon detecting the packets, the device will discard the illegal packets directly and limit the transmission rate of the legal packets if the over legal packets may incur a breakdown of the network. The hosts  sending these packets will be added into the Blocked DoS Host List. The device can defend a few types of DoS attack such as ICMP_FLOOD, UDP_FLOOD and TCP_SYN_FLOOD.   Packets Statistics Interval - Select a value between 5 and 60 seconds from the  drop-down list. The default value is 10. The value indicates the time interval of the packets statistics. The result of the statistic is  used for analysis by ICMP-Flood, UDP Flood and TCP-SYN Flood.  ICMP_FLOOD Attack Filter  -  Enter a value between 5 and 3600. The default value is 50. When the current ICMP-FLOOD Packets number is beyond the set value, the device will start up the blocking function immediately.  UDP_FLOOD Attack Filter - Enter a value between 5 and 3600. The default value is 500. When the current UPD-FLOOD Packets number is beyond the set value, the device will start up the blocking function immediately.  TCP-SYN-FLOOD Attack Filter - Enter a value between 5 and 3600. The default value is 50. When the current TCP-SYN-FLOOD Packets numbers is beyond the set value, the Device will start up the blocking function immediately. - 51 -
 Chapter 5 Network Tab Blocked DoS Host List Click Blocked DoS Host List to display the blocked DoS host table including host IP and host MAC. Click Refresh  to renewal the table list. Click Clear to release all the blocked hosts. If you want to release one or some of the blocked hosts, please select them and Click Unlock.  Access Control The function of Access  Control is available only in AP router mode and AP client router (WISP Client) mode. The function can be used to control the Internet activities of hosts in the local area network. For example, the online time limit and the specified web stations to visit can be controlled by the filtering policy.   Access Control Check the Enable box to use the access control function. Filtering Policy There are two filtering policies to control the Internet activities:   Allow the packets specified by any enabled access control policy to pass through the Device. The hosts listed below are allowed to access the Internet under the rules. While others are forbidden to access.  Deny  the packets specified by any enabled access control policy to pass through the Device. The hosts listed below are forbidden to access the Internet under the rules. While others are allowed to access. - 52 -
 Chapter 5 Network Tab  To use the access control:  1. Click Add in the table to create control rules.  2. Choose one of the protocols from the drop-down list used for the target, any of IP, TCP, UDP, or ICMP. 3. Enter the IP address or address range of the hosts that you need to control, for example 192.168.0.12-192.168.0.25. 4. Enter the IP  address or  address range of the targets that you need to control, for example 192.168.3.12-192.168.3.25. 5. Specify the port or port range for the target when protocol is TCP or UDP. 6. Select the certain day (days) for the rule. 7. Enter the time rule  in HH:MM-HH:MM format, the default value is 00:00-24:00. 8. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. Static Routing The function of Static Routing is available only in AP router mode and AP client router (WISP Client) mode. A static route is a pre-determined path that network information must travel to reach a specific host or network. If static route is used properly in the network, it can decrease the network overhead and improve the speed of forwarding packets.  Static routing is generally suitable for simple network environment, in which users clearly understand the topology of the network so as to set the routing information correctly.  When the network topology is complicated and users are not so familiar with the topology structure, this function should be used with caution or under the guidance of the experienced administrator.  - 53 -
 Chapter 5 Network Tab Static Routing Check the Enable box to use the static routing function.   To use the static routing:  1. Click Add to create a new static routing.  2. Enter the  Target Network IP,  the address of the network or host to be visited. The IP address cannot be on the same network segment with the device's WAN or LAN port. 3. Enter the Netmask. 4. Enter the Gateway IP, the address of the gateway that allows for contact between the Device and the network or host.  5. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. Bandwidth Control The  function of  Bandwidth Control is available only in AP router mode and AP client router (WISP Client) mode. Bandwidth control function is used to control the Internet bandwidth in the local area network. In the case of insufficient bandwidth resources, enable the function to make the device allocate reasonable bandwidth to the clients and achieve the purpose of efficient use of the existing  bandwidth. Via IP bandwidth control function, you can set the upper and lower limit in the bandwidth of the computer network and guarantee a smooth sharing network.   Total Ingress Bandwidth The total download speed limited through the WAN port. The maximum value of CPE510/CPE520/CPE210/CPE220 is 100,000kbps while  that of BS510/BS210/OAP210 is 1,000,000kbps. Total Egress Bandwidth The total upload speed limited through the WAN port. The maximum value of CPE510/CPE520/CPE210/CPE220  is 100,000kbps while  that of BS510/BS210/OAP210 is 1,000,000kbps. - 54 -
 Chapter 5 Network Tab Bandwidth Control Check the Enable box to use the bandwidth control function.   To use the bandwidth control: 1. Click Add in the table of bandwidth control.  2. Enter the  IP Range of the target hosts  which  need to be controlled of bandwidth, for example 192.168.0.12-192.168.0.25. 3. Enter the Port Range through which the target hosts visit external server, for example 1-63258.  4. Choose  one of the  protocols  used for this application:  TCP, UDP, or TCP/UDP. 5. Enter the minimum ingress,  maximum ingress,  minimum  egress and maximum egress of these IP addresses. 6. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. IP&MAC Binding We can effectively prevent ARP attack and IP embezzlement by enabling the IP&MAC binding. Within the local network, the device transmits IP packets to the certain target identified by the MAC address. Therefore, the IP and MAC address should be one-to-one  correspondence and their corresponding relations are maintained by the ARP table. ARP attack can use forged information to renewal the ARP table, and destroy the corresponding relations  between IP and MAC addresses, which would  prevent the communication between the device and the corresponding host. When the IP&MAC Binding function is enabled, the IP and MAC relations in the ARP table won’t be expired and renewed automatically, which effectively prevents the ARP attack. Some functions such as access control and bandwidth control, are based on the IP addresses to identify the access clients. The network administrator can allocate every client a static IP, according to which he makes the access and bandwidth rules to control the clients’ online behavior and the bandwidth they’ve used. Some illegal users may change the IP address in order to get higher Internet access. Enabling IP & MAC binding function can effectively prevent the IP embezzlement.  NOTE: After IP&MAC binding function is enabled, the IP bound to the MAC cannot be used by other MACs. However this MAC can use other IPs within the same segment, which are not bounded by other MACs, to access the network. - 55 -
 Chapter 5 Network Tab  IP&MAC Binding Check the Enable box to use the IP&MAC binding function.   To use the IP&MAC Binding: 1. Click Add in the table of IP&MAC binding.  2. Enter the IP address and MAC address that you want to bind, for example 192.168.0.12,  00-23-5A-15-99-42.  The new added entry is enabled by default. 3. Click OK after finishing the configuration. Select the added entries, you can edit or delete them. Click Import to import all the entries in Monitor > ARP Table. The imported entries are disabled by default. You can select the certain entry and click Edit to enable it. - 56 -
 Chapter 6 Wireless Tab Chapter 6 Wireless Tab On Wireless Tab, you can configure the related wireless parameters in different modes. Please selectively read the details according to the working mode of your device.  If you have made any change of the parameters, please click Apply to make the configuration take effect. There will be a blue bar at the top of the page to remind you to save the configuration. Click Save Changes when you finish all settings, otherwise all the settings will be recovered to last saved settings at reboot or power off. - 57 -
 Chapter 6 Wireless Tab  Wireless Basic Settings This section allows you to configure wireless basic settings, such as 802.11 mode and data rates.  Mode Select the protocol standard used in the wireless  network. With a frequency band of 2.4GHz, CPE210/CPE220/BS210/OAP210 supports five wireless modes: 802.11b,  802.11g, 802.11n, 802.11b/g and 802.11b/g/n. You are recommended to set the 11b/g/n mixed mode, and all of 802.11b, 802.11g and 802.11n wireless stations can connect to the device. CPE510/CPE520/BS510 has a frequency band of 5GHz, supporting 802.11a, 802.11n and 802.11a/n modes. We suggest to set in 11a/n mode, allowing both 802.11a and 802.11n wireless stations to access the device. Channel Width Select the channel width of this device. Options include 5MHz, 10MHz, 20MHz and 20/40MHz (this device automatically selects 20MHz or 40MHz, and 20MHz will be used if 40MHz is not available).  Users select corresponding channel width according to whether their devices support it. According to IEEE 802.11n standard, using  a channel width of 40MHz can increase wireless throughput. However, users may choose lower bandwidth due to the following reasons: 1. Increase the available number of channels within the limited total bandwidth. 2. To avoid interference from overlapping channels occupied by other devices in the environment. 3. Lower bandwidth can concentrate higher transmit power, increasing stability of wireless links over long distances. 4. Subject to the channel width of root AP in Client/ Bridge/ Repeater/ Client Router operation modes. - 58 -
 Chapter 6 Wireless Tab Max TX Rate Set the maximum transmit data rate. Channel/Frequency Select the channel used by this device to improve wireless performance. 1/2412MHz refers to Channel 1 and the frequency is 2412MHz.  This setting is only available in the modes of Access Point and AP Router. CPE210/CPE220/BS210/OAP210 is a device with a frequency of 2.4GHz and CPE510/CPE520/BS510 has a frequency of 5GHz.  We highly recommend you use the Spectrum Analysis tool to select a   proper channel. Antenna Gain Antenna Gain is only available in the page of BS210/BS510/OAP210. Enter the antenna gain value according to the antennas and the value ranges from 0 to 30dBi.  DFS DFS is only available in devices working in 5GHz including CPE510, CPE520 and BS510.   Dynamic Frequency Selection (DFS) is used for radar avoidance and is supported by the novel IEEE 802.11h wireless local area network standard. Incorrect settings may violate local regulations. It is recommended to enable the function and choose Auto in the Channel/Frequency.  If the selected channel is DFS channel, the device will start radar detection and avoid the channel used by radar. If other channel is selected, there is no need to detect. MAXtream This setting is only available in the modes of Access Point and AP Router. MAXtream is a proprietary technology of TP-LINK for Wi-Fi system. It is based on TDMA (Time Division Multiple Access) so that data streams are transmitted in strict order. MAXtream aims to maximize throughput and minimize latency especially in a multi-STAs circumstance. "Hidden nodes” problem can also be eliminated with MAXtream enabled. We highly recommend you turn on MAXtream in a large scale wireless deployment to achieve better performance.  - 59 -a
 Chapter 6 Wireless Tab NOTE: MAXtream Technology is only compatible with Pharos series products. You cannot connect other Wi-Fi devices to an AP with MAXtream enabled. MAXtream Station Mode This setting is available in Client and Bridge mode and in the AP Client Router mode when the wireless AP settings is disabled.  For client devices connected to  a  root AP with MAXtream enabled, you can choose “Latency First” or “Throughput First” mode to better fit your application.  For example, VoIP  has a high demand for low latency. If you need a good experience for VoIP, you can select Latency First. Games and downloads ask for high throughput. You should select Throughput First to guarantee the high throughput for the games and downloads.  Please choose Auto Adjust if you are not sure or you have no special requirements. Wireless Client Settings When this device is configured in the modes of Client, Repeater, Bridge and AP Client Router, the function of wireless client settings is available.   SSID of AP You can enter the SSID of the specific AP  manually  to  connect to  it or directly survey all the APs around by clicking Survey. MAC of AP Displays the MAC address of the root AP. It’s possible that two or more networks use the same SSID in the AP list. Lock to AP can make the device connect to the specified AP you had connected before the next time. WDS WDS (Wireless Distribution System) is a communication system among multiple wireless  local area networks  established  between APs through wireless connection.  In this system, only  data frames with four address fields can be transparently forwarded at the link layer. In a WDS network, it is necessary that the  root AP supports forwarding of data frames four address fields. If not, only data frames with the ARP/IP/PPPOE protocol can be forwarded among APs.  Enable – Forward data frames to use four address fields.  Disable – Forward data frames to use three address fields. - 60 -
 Chapter 6 Wireless Tab  Auto – The system automatically detects whether root device supports data frames with the format of three/four address fields, giving priority to the format of four address fields. The selection of Auto is recommended. Security Mode Select the security mode of this device. To access the wireless network of root AP, the security mode should be set the same as that of root AP.  None - Select this option if the root AP has no encryption. At the moment, it’s no need to enter a password to access the wireless network of root AP.  WPA-PSK - Select this option if the security mode of the root AP is WPA-PSK. Enter the parameters including the version and encryption of WPA and PSK key, which must coincide with those of the root AP.  WEP - Select this option if the security mode of the root AP is WEP. Enter the parameters including authentication type, key format and WEP key, which must coincide with those of the root AP. Wireless AP Settings Wireless AP settings are only  available in the modes of Access Point, Bridge, AP Router, and AP Client Router.  Wireless Radio Check the wireless radio box to enable this device to  send and receive the wireless signal. SSID Enter a character string no more than 32 characters to name your wireless network.  The default SSID is TP-LINK_Outdoor_xxxxxx (xxxxxx is the last six characters of the MAC address of this device). We suggest you to set an easy-to-remember SSID to conveniently identify your wireless network. Enable SSID Broadcast Check this option, AP will broadcast its SSID to hosts in the surrounding environment, as thus hosts can find the wireless network identified by this SSID. If SSID Broadcast is not enabled, hosts must enter the AP’s SSID manually to connect to this AP. Security Mode Select the security mode of wireless network. If all the hosts are allowed to access the wireless network, please select None. For the safety of wireless network, you are suggested to encrypt your wireless network.  This device provides three security modes: WPA (Wi-Fi Protected Access), WPA-PSK (WPA Pre-Shared Key) and WEP (Wired Equivalent Privacy). WPA-PSK is recommended. Settings vary in different security modes as the details is in the following introduction. - 61 -
 Chapter 6 Wireless Tab Security Mode You can select one of the following security modes: 1. WPA-PSK:  Based  on pre-shared key.  It  is characterized by higher safety and simple settings, which suits for common households and small business. WPA-PSK has two versions: WPA-PSK and WPA2-PSK.  Version Select one of the following versions:   Auto  –Select WPA or WPA2 automatically based on the wireless station's capability and request.  WPA –Pre-shared key of WPA.  WPA2 –Pre-shared key of WPA2. Encryption Select the Encryption type, including Auto, TKIP, AES. The default setting is Auto, which can select TKIP (Temporal Key Integrity Protocol) or  AES (Advanced Encryption Standard) automatically based on the wireless station's capability and request. AES is more secure than TKIP and TKIP is not supported in 802.11n mode. We recommend you select AES as the encryption type. PSK Password Configure the WPA-PSK/WPA2-PSK password with ASCII or Hexadecimal characters. For ASCII, the length should be between 8 and 63 characters with combination of numbers, letters (case-sensitive) and common punctuations; for Hexadecimal, the length should be 64 characters (case-insensitive, 0-9, a-f, A-F). Group Key Update Period Specify the group key update period in seconds. The value can be either 0 or at least 30, 0 means no update.  2. WPA: Based on Radius Server, WPA can assign different password for different users and it is much safer than WPA-PSK. However, its maintenance costs much which is only suitable for enterprise users. At present, WPA has two versions: WPA and WPA2.  - 62 -
 Chapter 6 Wireless Tab Version Select one of the following versions:   Auto  –Select WPA or WPA2 automatically based on the wireless station's capability and request.  WPA –Pre-shared key of WPA.  WPA2 –Pre-shred key of WPA2. Encryption  Select the Encryption type, including Auto, TKIP, and AES. The default setting is Auto, which can select TKIP (Temporal Key Integrity Protocol) or  AES (Advanced Encryption Standard) automatically based on the wireless station's capability and request. AES is more secure than TKIP and TKIP is not supported in 802.11n mode. We recommend you select AES as the encryption type. Radius Server IP Enter the IP address of the Radius Server. Radius Port Enter the port that radius service uses. Radius Password Set a password for the Radius Server. The password characters will be shown if you check the box of show. Group Key Update Period Specify the group key update period in seconds. The value can be either 0 or at least 30, 0 means no update. 3. WEP: Based on the IEEE 802.11 standard, this encryption is less safe than the above two modes. The WEP are not supported in 802.11n mode.  Auth Type Select the Auth type of the WEP security on the drop-down list. The default setting is Auto, which can select Open System or Shared  Key  authentication type automatically based on the wireless station's capability and request. Key Format Select  Hex or ASCII.  Hexadecimal format stands for any combination of hexadecimal digits (0-9, a-f, A-F) in the specified length. ASCII format stands for any combination of keyboard characters in the specified length. Key Selected You can configure four keys in advance and select the present valid key. - 63 -
 Chapter 6 Wireless Tab WEP Key Enter the WEP keys. The length and valid characters of the key are affected by key type. Key Type Select the WEP key length (64-bit, or 128-bit, or 152-bit) for encryption. Disabled means this WEP key is not used.  64bit -You can enter 10 hexadecimal digits (any combination of 0-9, a-f, A-F, and null key is not permitted) or 5 ASCII characters.   128bit  -You can enter 26 hexadecimal digits (any combination of 0-9, a-f, A-F, and null key is not permitted) or 13 ASCII characters.   152bit -You can enter 32 hexadecimal digits (any combination of 0-9, a-f, A-F, and null key is not permitted) or 16 ASCII characters.  Multi-SSID Multi-SSID is only available in Access Point mode.  This device can build up to four virtual wireless networks for users to access. When the Multi-SSID function of the device is enabled, its VLAN function is enabled at the same time. It can work together with switches supporting 802.1 Q VLAN and supports maximum four VLANs. The device adds different VLAN tag to the clients which connect to the corresponding wireless network. The clients with different VLAN ID cannot directly communicate with each other. Clients connected to the device via cable don't belong to any VLAN. Thus wired client can communicate with all the wireless clients despite the VLAN settings.  Multi-SSID Check the Enable box to use the Multi-SSID function.  1. Click Add in the table of Multi-SSID. 2. Create a wireless network name (SSID), a string from 1 to 32 characters. - 64 -
 Chapter 6 Wireless Tab 3. Set the VLAN ID  of wireless network identified by this SSID, and the value ranges from 1 to 4094. 4. Select whether to broadcast this SSID or not.  5. Enable  AP Isolation,  the device would isolate the hosts  within the same wireless network. All the hosts cannot communicate with each other. The default setting is Disable. SSID Select the added SSID to configure its security mode. Security Mode If  all the hosts  are allowed to access the wireless network, please select None. For the safety of wireless network, you are suggested to encrypt your wireless network. This device provides three security modes: WPA-PSK (Pre-Shared Key), WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy). WPA-PSK is recommended. Please refer to Security Mode in the Wireless AP Settings section for further information. Wireless MAC Filtering Wireless MAC Filtering function uses MAC addresses to determine whether one host can access the wireless network or not. Thereby it can effectively control the user access in the wireless network.  This function is available in all modes except the client mode.  Wireless MAC Filtering Check the Enable box to use wireless MAC filtering function.   1. Click Add in the table of wireless MAC filtering. 2. Select the wireless network (SSID) that you need to filter. In AP mode, if Multi-SSID is enabled, you should  set different filtering rules for each SSID. 3. Enter the MAC address of the wireless host that you need to filter. 4. Enter the description information of this filtering rule in the Comment filed. - 65 -
 Chapter 6 Wireless Tab Filtering Rules There are two filtering policies to control the MAC filtering:   Allow the stations specified by any enabled entries in the list to access. The  stations listed below are allowed to access the wireless network under the rules. While others are forbidden to access.  Deny the stations specified by any enabled entries in the list to access. The stations listed below are forbidden to access the wireless network under the rules. While others are allowed to access. Wireless Advanced Settings  Distance Settings Enter the distance between AP and Station, which will influence the wireless performance to a great extent. If this device serves as a client, please enter the distance between this device and the root AP. If this device configured as an AP, please enter the distance between the farthest client and this AP. The value is limited to 0-24km.  Beacon Interval  Beacons are transmitted periodically by the device to announce the presence of a Wireless network for the clients.  Beacon Interval value determines the time interval of the beacons sent by the device. You can specify a value from  40  to 1,000. The default value is 100. RTS Threshold When the RTS threshold is activated, all the stations and APs follow the Request to Send (RTS) protocol. When the station is to send packets, it will send a RTS to AP to inform the AP that it will send data. After receiving the RTS, the AP notice other stations in the same wireless network to delay their transmitting of data. At the same time, the AP inform the requesting station to send data. The value range is from 0 to 2346 bytes. The default value is 2346, which means that RTS is disabled. Fragmentation Threshold Specify the fragmentation threshold for packets. If the size of the packet is larger than the fragmentation threshold, the packet will be fragmented into several packets. Too low fragmentation threshold may result in poor wireless performance  caused by the excessive packets.  The recommended and default value is 2346 bytes. - 66 -
 Chapter 6 Wireless Tab DTIM Interval This value  indicates  the number of beacon intervals between successive Delivery Traffic Indication Messages (DTIMs) and this number is included in each Beacon frame. A DTIM is contained in  Beacon frames to indicate whether the access point has buffered broadcast and/or multicast data for the client devices. Following a Beacon frame containing a DTIM, the access point will release the buffered broadcast and/or multicast data, if any exists. You can specify the value between 1-255 Beacon Intervals. The default value is 1, indicating the DTIM Interval is the same as Beacon Interval. An excessive DTIM interval may reduce the  performance of multicast applications.  We recommend you keep it by default. AP Isolation Enable AP Isolation to isolate all wireless stations connected to this device so that they cannot communicate with each other. This function will be disabled if WDS/Bridge is enabled. Short GI Short GI is used to increase the throughput by reducing the guard interval time. We recommend you enable this function. Wi-Fi MultiMedia (WMM) After  WMM is enabled, this device has the  QoS function to  guarantee the transmission of audio and video packets with high priority. Transmit Beamforming Transmit Beamforming is a signal processing technique used in sensor arrays for directional signal transmission. The beamformer controls precise adjustments of each signal phase and amplitude to  make the multi-path signals  superpose better to become one single strengthened signal at the recipient end so as to effectively improve the signal quality, especially on long distance transmission.  - 67 -
 Chapter 7 Management Tab Chapter 7 Management Tab On Management  Tab, you can configure system management services: System Log, Miscellaneous, Ping Watch  Dog, and Dynamic Domain Name System (DDNS).  Web server, Simple Network Management Protocol (SNMP), SSH server, RSSI LED Thresholds are also available.  - 68 -
 Chapter 7 Management Tab If you have made any change of the parameters, please click Apply to make the configuration take effect. There will be a blue bar at the top of the page to remind you to save the configuration. Click Save Changes when you finish all settings, otherwise all the settings will be recovered to last saved settings at reboot or power off.  System Log System logs record the events and activities while the router is running. If a failure happens on the router, System logs can help to diagnose the issue.  Open System Log Check system log by clicking Open and then appears the following popup page.  This page displays detailed system logs that  can be sorted on columns by ascending or descending order. Columns can be chosen from Time, Type, Level, and Message. Download to PC Enables users to download system logs to PC. - 69 -
 Chapter 7 Management Tab Auto Mail Setting Enables users to mail system logs automatically. Click Setting and the following page appears.  Set the receiving and sending mailbox address, server address, validation information as well as the timetable for Auto Mail Feature.  From – Enter sender’s mail box address.  To – Enter the recipient's address.   SMTP Server – Enter sender’s SMTP server.   Authentication - Most SMTP Server requires Authentication.   User Name – Sender’s mail account name.   Password – Sender’s mail account password.   Confirm Password –Re-enter your mail account password. Check Auto Mail Feature box, you can set the  device how and when to send the log to the specified mailbox.  Miscellaneous  Discovery  Enable the function to let TP-LINK Pharos Control software discover the device. With its main function to centralize monitoring and managing network devices in the network platform, Pharos Control is  network management software developed independently by TP-LINK and it currently supports Pharos series products. - 70 -
 Chapter 7 Management Tab PoE Passthrough When enabled, the device allows Power over Ethernet (PoE) power to pass from LAN0 port to LAN1 port. Enable it if you want to supply power to other passive PoE device by LAN1. Ping Watch Dog Ping Watch Dog sets the device to continuously ping a user-defined IP address (it can be the Internet gateway, for example) to check the network connectivity. If there is a connection failure then the device will automatically reboot. Ping Watch Dog is dedicated to continuously monitoring the connectivity to a specific host using the Ping tool. The Ping tool sends ICMP echo request packets to the target host and listens for ICMP echo response. If the defined number of replies is not received, the tool reboots the device.  Ping Watch Dog Check the Enable box to use the function of Ping Watch Dog. IP Address To Ping Specify the IP address of the target host to which the Ping Watch Dog Utility will send ping packets.  Ping Interval Enter the time interval (in seconds) between two successive  ping packets. The default value is 300 seconds. Startup Delay Enter the initial time delay (in seconds) from device startup to the first ICMP echo requests sent by Ping Watch Dog. The default value is 300 seconds. The Startup Delay value should be at least 60 seconds as the device’s initialization takes a considerable amount of time. Failure Count To Reboot Enter the fail count of ICMP echo request. If the device sends the specified count of ICMP echo requests to the host and none of the corresponding  ICMP echo response packets is received, Ping Watch Dog will reboot the device. The default value is 3. - 71 -
 Chapter 7 Management Tab Dynamic DNS The main function of Dynamic DNS (DDNS) is mapping the fixed domain name to dynamic IP address. When a device connects to the Internet through PPPoE or Dynamic IP, the WAN IP address it gets is not fixed, which is inconvenient for the Internet users to access the servers in the local area network through IP address. Dynamic DNS function allows users to access servers using a fixed domain name.  The DDNS server will establish a mapping table about the dynamic IP address and the fixed domain name. When the WAN IP address of the device changes, it will make an update request to the specified DDNS server, and then the DDNS  server will update the mapping relation between the IP address and the domain name. Therefore, whenever the WAN IP address changes, users on the Internet can still access the servers in the local area network using a fixed, easy-to-remember domain name.  The DDNS function that serves as the client of DDNS service must work with DDNS server. Please register an account to DDNS service provider (NO-IP, Dyndns or Comexe) before using this function.  Service Provider Select your DDNS service provider from the available DDNS service providers including NO-IP (www.no-ip.com), Dyndns (www.dyndns.com)  and Comexe (www.comexe.net). Dynamic DNS Check the Enable box to use the function.  User Name - Enter the user name of the DDNS account.  Password - Enter the password of the DDNS account.  Show - Check the box to display the password characters.  Domain Name  -Enter a customized  domain name. Even if your IP is dynamic, other users on the Internet can still access your server via this fixed domain name after enabling the DDNS function.  Connection Status  -Displays the connection  status  between this device and the DDNS server. - 72 -
 Chapter 7 Management Tab Web Server The Web Server  function  enables users  to log in to the  web management page to manage this device remotely over the Internet.  Secure Connection (HTTPS) The Secure Connection (HTTPS) mode is enabled by default.  Secure Server Port Specify the server port that the Web server uses  in the Secure Connection (HTTPS) mode, and the default is 443. Server Port Specify the server port that the Web server uses in the HTTP mode, and the default is 80. Remote Login IP Address Configure the IP address that can remotely visit the web management page of this device. Enter 0.0.0.0 to forbid any remote IP’s login. Enter 255.255.255.255 to allow all the remote IP to visit. Session Timeout Enter the maximum timeout before the session expires. Once a session expires, you must log in again using the username and password. MAC Authentication Enable this function to allow PCs with specific MAC addresses to access the web management page. And then enter each MAC address in  the MAC field. The format for the MAC addresses is XX-XX-XX-XX-XX-XX. Only the PCs with the MAC addresses listed can use the password to access the device's web management page and the others will be blocked. By default, the function is not enabled. All the PCs in the local area network are allowed to access the device's web management page. Click Add PC’s MAC, your PC’s MAC address will be added in the list above. Click Apply to save your settings. - 73 -
 Chapter 7 Management Tab SNMP Agent You can get the traffic information and transmit condition by using the SNMP Agent function. Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. Main functions of SNMP include monitoring network performance, detecting and analyzing network error, configuring network devices, and so on. Under the circumstance of network working normally, SNMP can play a part in statistics, configuration and testing. When networks have troubles, SNMP can detect and restore these troubles. Configuring this device as SNMP Agent, it can receive and process the management message from the network management system.   SNMP Agent Enable the SNMP Agent function and the SNMP Agent will gather the information of this device and respond to information requests from one or more management systems. SysContact Enter the information of the contact person for this managed node. SysName Enter an administratively-assigned name for this managed node. SysLocation Enter the physical location of this managed node. Get Community Community refers to a host group aiming at network management.  Get Community only has the read-only right of the device's SNMP information. The get  community name can be considered  as  a password used to restrict the access right of SMNP managers. The default name is public. Get Source Defines the IP address (for example, 10.10.10.1) or subnet  (for example, 10.10.10.0/24) for management systems that can serve as Get Community to read the SNMP information of this device. The default is 0.0.0.0, which means all hosts can read the SNMP information of this device. - 74 -
 Chapter 7 Management Tab Set Community Set Community has the read and write right of the device's SNMP information. Enter the community name that allows read/write access to the device's SNMP information. The community name can be considered as a password to restrict the access right of SNMP managers. The default name is private. Set Source Defines the IP address (for example, 10.10.10.1) or subnet  (for example, 10.10.10.0/24)  for management systems that can serve as Set Community to read and write the SNMP information of this  device.  The default is 0.0.0.0, which means all hosts can read and write the SNMP information of this device.  NOTE: Defining community can allow management systems in the same community to communicate with the SNMP Agent. The community name can be seen as the shared password of the network hosts group. Thus, for the safety, we suggest modifying the default community name before enabling the SNMP Agent service. If the field of community is blank, the SNMP Agent will not respond to any community name. SSH Server The SSH Server function allows users to log in and manage the device through SSH connection on the SSH client software. SSH (Secure Shell) is a security protocol established on application and transport layers. SSH-encrypted-connection is similar to a telnet connection, but essentially the old telnet remote management method is not safe, because the password and data transmitted with plain-text can be easily intercepted. SSH can provide information security and powerful authentication when you log in this device remotely through an insecure network environment. It can encrypt all the transmission data and prevent the information in remote management from being leaked.  Server Port Enter the TCP/IP port of the SSH Server. The default port is 22. SSH Login Enable the SSH Server function. Remote Management Enable the function to let TP-LINK Pharos Control software manage the device remotely. - 75 -
 Chapter 7 Management Tab RSSI LED Thresholds You can configure the LEDs on the device to light up when received signal levels reach the values defined in the following fields. This allows a technician to easily deploy a Pharos series product without logging into the device (for example, for antenna alignment operation).  Thresholds (dBm) The specified LED will light up if the signal strength reaches the values in the field. For example, if the signal strength fluctuates around -63 dBm, then the LED threshold values can be set to the following: -70,  -65,  -62, and -60. The default values are set according to the verified optimum values. We recommend you keep it by default. The default LED threshold values may vary among different product models in terms of radio features. The figure above shows the default values of CPE210.  - 76 -
 Chapter 8 System Tab Chapter 8 System Tab The System Tab controls system maintenance routines, device customization, location management, user account management, firmware update, time setting and configuration backup.  If you have made any change of the parameters, please click Apply to make the configuration take effect. There will be a blue bar at the top of the page to remind you to save the configuration. Click Save Changes when you finish all settings, otherwise all the settings will be recovered to last saved settings at reboot or power off.  - 77 -
 Chapter 8 System Tab Device The Device Name is the model of device  by default.  You can customize a new personal and easy-to-remember name.  Device Name Customize the name of the device. Language Displays the default language in the web management page is English. Location Longitude and latitude define the device’s coordinates.   Longitude Enter the longitude of the device's location in decimal  degree. The positive number indicates the east longitude while the negative number indicates the west longitude. Latitude Enter the  latitude of the device's location in decimal  degree.  The positive number indicates the north  latitude while the negative number indicates the south latitude. User Account You can change the user password to protect your device from unauthorized login. We recommend that you change the default user password on the very first system setup. - 78 -
 Chapter 8 System Tab  Current User Name Displays the current user name. Current Password Enter the current password for the user account. Check the Show box to display what you've entered. New User Name Enter the new user name for the user account. New Password Enter the new password for the user account. Check the Show box to display what you've entered. Confirm New Password Re-enter the new password for the user account.  NOTE: The password is a string from 1 to15 alphanumeric characters or symbols.  Time Setting  Time Zone Select your local time zone from the drop-down list. - 79 -
 Chapter 8 System Tab Date Specify the device’s date. Click the calendar icon or manually enter the date in the following format: YYYY/MM/DD. For example, for November 25, 2013, enter 2013/11/25 in the field. Time Specify the device’s date. Select the time from the drop-down list or manually enter the date in HH:MM:SS format. NTP Server 1 Enter the primary NTP Sever address. NTP Server 2 Enter an alternative NTP Server address. Get GMT Click Get GMT to get GMT from the NTP server. Synchronize PC’s Clock Date and time of the device can be synced with your PC’s system time. Daylight Saving Time Click Setting to set the daylight saving time on the following page. Daylight Saving Time  DST Status Check the Enable box to use the function.  Predefined Mode Select a predefined DST configuration.  USA: Second Sunday in March, 02:00 ~ First Sunday in November, 02:00.  European: Last Sunday in March, 01:00 ~ Last Sunday in October, 01:00.  Australia: First Sunday in October, 02:00 ~ First Sunday in April, 03:00.  New Zealand: Last Sunday in September, 02:00 ~ First Sunday in April, 03:00. - 80 -
 Chapter 8 System Tab Recurring Mode Specify the DST configuration in recurring mode. This configuration is recurring in use.  Time Offset: Specify the time offset in minutes when Daylight Saving Time comes.  Start/End Time: Select the start time and end time of Daylight Saving Time. The start time is the standard time, and the end time is the Daylight Saving Time. Date Mode Specify the DST configuration in Date mode. This configuration is one-off in use.  Time Offset: Specify the time adding in minutes when Daylight Saving Time comes.  Start/End Time: Select the start time and end time of Daylight Saving Time. The start time is the standard time, and the end time is the Daylight Saving Time.  NOTE: When the DST is enabled, the default daylight saving time is European in predefined mode. Firmware Update Firmware update can improve the function of the device.   Firmware version Displays the current firmware version. Upload Firmware Please visit TP-LINK website www.tp-link.com/en/support/download/ to download the latest firmware. The system configuration can be preserved while the device is updated with a new firmware version. However, we recommend that you back up current system configuration before updating the firmware. Firmware update takes three steps: 1. Click Browse to locate the new firmware file.  2. Select the file and click Open. The new firmware to be uploaded is displayed in the field.  3. Click Upload and there will be a pop-up page which gives you three options of keeping your configurations or restoring to factory default after the upgrade or just cancel the upgrade.  - 81 -
 Chapter 8 System Tab NOTE: 1. Please select the proper software version that matches your hardware to upgrade. 2. To avoid damage, please do not power off the device while upgrading. 3. After upgrading, the device will reboot automatically. Configuration The controls in this section manage the device configuration routines and the option to reset the device to factory default settings. The device configuration is stored in the plain text file. You can back up, restore, or update the system configuration file.  Backup Configuration Click Backup to back up the current system configuration file. Upload Configuration Click Browse to locate the new configuration file. Select the file and click Open, then the new configuration to be uploaded is displayed in the field. Click Upload to upload the new configuration to the device. We recommend that you back up your current system configuration before uploading the new configuration. Reset to Factory Default Resets the device to the default settings. This option will reboot the device, and all factory default settings will be restored. It’s recommended that you back up your current system configuration before resetting the device to its defaults. Reboot Device Initiates a full reboot cycle of the device. The system configuration stays the same after the reboot cycle completes. Any changes that have not been applied will be lost.  NOTE: 1. After backing up, the device will reboot automatically. 2. To avoid damage, please don't turn off the device while uploading. 3. You are suggested to back up the configuration before upgrading.  - 82 -
 Chapter 9 Tools Chapter 9 Tools List This device provides some useful tools including Ping, Traceroute, Speed Test, Survey and Spectrum Analysis.  Ping Ping test function is used to test the connectivity and reachability between the device and the target host so as to locate the network malfunctions.  Destination IP/Domain Enter  the  IP address of the destination  node for Ping test. Click Start, the device will send Ping packets to test the network connectivity and reachability of the host and the results will be displayed in the list below. Packet Count Enter the number of packets to be sent during the testing. It can be 1 to 50 and the default is 4. Ping Timeout Enter a time value to wait for a response. It can be 100-2000 milliseconds. The default value is 800 milliseconds. - 83 -
 Chapter 9 Tools Packet Size Enter the number of data bytes to be sent. It can be 4-472 bytes and the default is 64. Traceroute Tracertroute function is used to tracks the route packets taken from source on their way to a given target host. When malfunctions occur in the network, you can troubleshooting with traceroute utility.  Destination IP/Domain Enter  the  destination IP address or the Domain name. Click  Start, the device will send Tracert packets to the target host and the results will be displayed in the list below. Traceroute Max TTL Set the maximum number of hops (max TTL to be reached) in the path to reach the target (destination). The default is 5. Speed Test Speed Test tool is used for testing the throughput between two Pharos products in the same network. The test requires one of the two devices to be set as a server and the other as a client. The client launches the test request to the server and the server respond to it. The test result will display on the page of the client. - 84 -
 Chapter 9 Tools  Test Result Displays the data streams that  the device is transmitting (TX) and receiving (RX).  Client The side to initiatively launch the test request. The client side can configure parameters including server’s IP, parallel and direction. Server The side to passively accept the test request. Server IP The IP address of the server. Parallel The number of simultaneous connections to make to the server. It ranges from 1 to 20 and the default value is 10. Direction Select the direction of the speed test including unidirectional and bidirectional. Testing Testing progress bar. Click Start to displays the testing progress. - 85 -
 Chapter 9 Tools Survey  BSSID Displays the BSSID of other APs surveyed by this device. SSID Displays the SSID of other APs surveyed by this device. MAXtream Displays the MAXtream capability of other APs surveyed by this device. Device Name Displays the names of other APs surveyed by this device. SNR (dB) Displays the Signal Noise Ratio (Unit: dB) of other APs surveyed by this device. Signal/Noise (dBm) Displays the signal and noise value (Unit: dBm) of other APs surveyed by this device. Channel Displays the channels of other APs surveyed by this device. Security Displays the security mode of other APs surveyed by this device. AP Count Displays the number of other APs surveyed by this device. Refresh Refresh this page by clicking Refresh. - 86 -
 Chapter 9 Tools Spectrum Analysis Spectrum Analysis can help you to choose the proper channel/frequency. Through the spectrum analysis you can learn the distribution of the radio noise and intelligently select the channel/frequency in low noise.  1. Click Spectrum Analysis in the tools’ drop-down list, the following window will pop up to remind you that all wireless connections will be lost during spectrum analysis. Click Yes and you will then get into Spectrum Analysis page.  2. Click Start, the PharOS will begin to analyze the power of frequency. Observe the curves for a period of time, and then click stop.  Note that the relatively low and continuous part of the average curve indicates less radio noise. Here we take the figure below as an example.   NOTE: CPE510/CPE520/BS510 has a select box of Frequency Range at the top-left corner. Select the required range and then click Start.  3. When choosing channel/frequency, we should try to avoid the spectrum with large radio noise. In this example, the recommended channel/frequency is 1/2412MHz and 6/2437MHz.  - 87 -
 Appendix A Pharos MAXtream TDMA Appendix A: Pharos MAXtream TDMA With the fast expansion of network scale,  wireless competition and collisions among CPEs and base stations will be so enormous that the real throughout of the network will drop, resulting in a serious impact on end-user experience. To mitigate these effects, TP-LINK's  Pharos series  develops  MAXtream TDMA Technology.   Pharos MAXtream is a proprietary protocol developed on the basis of TDMA (Time Division Multiple Access) by TP-LINK. MAXtream cuts each wireless data frame transmission  into certain number of time slots according to the client connections priority, greatly boosting efficiency of the wireless channel. The MAXtream technology has the following advantages which make it ideal for point to multi-point links:  Eliminates hidden node collisions and improves channel efficiency  Lower latency, higher throughput, larger network capacity and more stability To enable the MAXtream function among the AP and stations, you only need to select MAXtream option on the Wireless tab of the Pharos web  management page of the AP, as shown in the following  figure. Stations will automatically adjust their connections according to AP's MAXtream capability.  NOTE: 1. Pharos  MAXtream is a non-standard Wi-Fi protocol that is only compatible with TP-LINK’s  Pharos series products. Please notice that you will not be able to connect other Wi-Fi devices to an AP with MAXtream enabled. - 88 -
  Appendix B Glossary Appendix B: Glossary  Glossary  Description A ALG (Application Layer Gateway) Application Level Gateway (ALG) is application specific translation agent that allows an application on a host in one address realm to connect to its counterpart running on a host in different realm transparently. ARP (Address Resolution Protocol)  Internet protocol used to map an IP address to a MAC address. C  CPE (Customer Premise Equipment) A  terminal located at a subscriber's premises and connected with a carrier's telecommunication channel at the demarcation point. The point is established in a building or complex to separate customer equipment from the equipment located in either the distribution infrastructure or central office of the Communications Service Provider. D DDNS (Dynamic Domain Name Server) The capability of assigning a fixed host and domain name to a dynamic Internet IP address.  DFS (Dynamic Frequency Selection) A  method applied in wireless networks, which is used for radar avoidance and is supported by the novel IEEE 802.11h wireless local area network standard. DHCP (Dynamic Host Configuration Protocol) A protocol that automatically configures the TCP/IP parameters for all the PCs that are connected to a DHCP server. DMZ (Demilitarized Zone) A Demilitarized Zone allows one local host to be exposed to the Internet for a special-purpose service such as Internet gaming or videoconferencing. DNS (Domain Name Server)  An Internet Server that translates the names of websites into IP addresses. DoS (Denial of Service)  A hacker attack designed to prevent your computer or network from operating or communicating.  F  FTP (File Transfer Protocol)  Application protocol, part of the TCP/IP protocol stack, used for transferring files between network nodes. H  HTTP (Hypertext Transfer Protocol) The protocol used by Web browsers and Web servers to transfer files, such as text and graphic files. - 89 -
  Appendix B Glossary  Glossary  Description I ICMP (Internet Control Messages Protocol) Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing. Internet Largest global Internetwork, connecting tens of thousands of networks worldwide and having a “culture” that focuses on research and standardization based on real-life use. IP (Internet Protocol) Network layer protocol in the TCP/IP stack offering a connectionless Internetwork service. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security. ISP (Internet Service Provider) Company that provides Internet access to other companies and individuals. IPsec (IP Security)  A framework of open standards that provides data confidentiality, data integrity, and data authentication between participating peers. L  LAN (Local Area Network) High-speed, low-error data network covering a relatively small geographic area (up to a few thousand meters). LANs connect workstations, peripherals, terminals, and other devices in a single building or other geographically limited area. M MAC address (Media Access Control address) Standardized data link layer address that is required for every port or device that connects to a LAN. Other devices in the network use these addresses to locate specific ports in the network and to create and update routing tables and data structures. MAC addresses are 6 bytes long and are controlled by the IEEE. MTU (Maximum Transmission Unit)  The size in bytes of the largest packet that can be transmitted. N NAT (Network Address Translator) Mechanism for reducing the need for globally unique IP addresses. NAT allows an organization with addresses that are not globally unique to connect to the Internet by translating those addresses into globally routable address space. NTP Server NTP Server is used for synchronizing the time across computer networks. P  PPPoE (Point-to-Point Protocol over Ethernet) PPPoE is a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. - 90 -
  Appendix B Glossary  Glossary  Description S SMTP (Simple Mail Transfer Protocol)  SMTP is an Internet standard for electronic mail (e-mail) transmission SSH (Secure Shell Protocol)  SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. SSID  A Service Set Identification is a thirty-two character (maximum) alphanumeric key identifying a wireless local area network. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID. This is typically the configuration parameter for a wireless PC card. It corresponds to the ESSID in the wireless Access Point and to the wireless network name.  SNMP (Simple Network Management Protocol) SNMP provides a management frame to monitor and maintain the network devices. With SNMP function enabled, network administrators can easily monitor the network performance, detect the malfunctions and configure the network devices. T TCP (Transfer Control Protocol) Connection-oriented transport layer protocol that provides reliable full-duplex data transmission. TCP/IP (Transmission Control Protocol/ Internet Protocol) Common name for the suite of protocols to support the construction of worldwide Internet works. TCP and IP are the two best-known protocols in the suite. TDMA (Time Division Multiple Access) TDMA (Time Division Multiple Access) cuts each wireless data frame into certain number of time slots according to the client connections priority, greatly boosting efficiency of the wireless channel. U UDP (User Datagram Protocol) UDP is a simple protocol that exchanges datagram without acknowledgments or guaranteed delivery, requiring that error processing and retransmission be handled by other protocols. UPnP (Universal Plug and Play) UPnP is a set of networking protocols for primarily residential networks without enterprise class devices that permits networked devices. V VLAN (Virtual Local Area Network) Group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. VPN (Virtual Private Network) Enables IP traffic to travel securely over a public TCP/IP network by encrypting all traffic from one network to another. - 91 -
  Appendix B Glossary  Glossary  Description W WAN (Wide Area Network)  Data communications network that serves users across a broad geographic area and often uses transmission devices provided by common carriers. WEP (Wired Equivalent Privacy)  A data privacy mechanism based on a 64-bit or 128-bit or 152-bit shared key algorithm, as described in the IEEE 802.11 standard.  Wi-Fi  A trademark of the Wi-Fi Alliance, founded in 1999 as Wireless Internet Compatibility Alliance (WICA), comprising more than 300 companies, whose products are certified by the Wi-Fi Alliance, based on the IEEE 802.11 standards (also called Wireless LAN (WLAN) and Wi-Fi). This certification warrants interoperability between different wireless devices.  WISP (Wireless Internet Service Provider)   WISPs are Internet service providers with networks built around wireless networking. The technology used ranges from commonplace Wi-Fi mesh networking or proprietary equipment designed to operate over open 900MHz, 2.4GHz, 4.9, 5.2, 5.4, and 5.8GHz bands or licensed frequencies in the UHF or MMDS bands.  WLAN (Wireless Local Area Network)   A group of computers and associated devices communicate with each other wirelessly, which network serving users are limited in a local area.   - 92 -

Navigation menu