- DL manuals
- D-Link
- Wireless Router
- DSR-1000
- User Manual
D-Link DSR-1000 User Manual - 3.4.2 Load Balancing
Unified Services Router
User Manual
42
Auto-Rollover using WAN port-WAN1: WAN1 is the primary internet link.
Auto-Rollover using WAN port-WAN2: WAN2 is the primary internet link.
Failover Detection Settings: To check connectivity of the primary internet link, one
of the following failure detection methods can be selected:
DNS lookup using WAN DNS Servers: DNS Lookup of the DNS Servers of
the primary link are used to detect primary WAN connectivity.
DNS lookup using DNS Servers: DNS Lookup of the custom DNS Servers
can be specified to check the connectivity of the primary link.
Ping these IP addresses: These IP's will be pinged at regular intervals to
check the connectivity of the primary link.
Retr y Interval is: The number tells the router how often it should run the
above configured failure detection method.
Failover after: This sets the number of retries after which failover is
initiated.
3.4.2 Load Balancing
This feature allows you to use multiple WAN links (and presumably multiple ISP‘s)
simultaneously. After configuring more than one WAN por t, the load balancing
option is available to carry traffic over more than one link. Protocol bindings are
used to segregate and assign services over one WAN port in order to manage
internet flow. The configured failure detection method is used at regular i ntervals on
all configured WAN ports when in Load Balancing mode.
DSR currently support three algorithms for Load Balancing:
Round Robin: This algorithm is particularly useful when the connection speed of
one WAN port greatly differs from another. In this case you can define protocol
bindings to route low-latency services (such as VOIP) over the higher -speed link
and let low-volume background traffic (such as SMTP) go over the lower speed link.
Protocol binding is explained in next section.
Spill Over: If Spill Over method is selected, WAN1 acts as a dedicated link till a
threshold is reached. After this, WAN2 will be used for new connections. You can
configure spill-over mode by using folloing options:
Load Tolerance: It is the percentage of bandwidth afte r which the router
switches to seconday WAN.
Max Bandwidth: This sets the maximum bandwidth tolerable by the primary
WAN.
If the link bandwidth goes above the load tolerance value of max bandwidth, the
router will spill-over the next connections to secondary WAN.
For example, if the maximum bandwidth of primary WAN is 1 Kbps and the load
tolerance is set to 70. Now ever ytime a new connection is established the bandwidth
increases. After a certain number of connections say bandwidth reached 70% of
1Kbps, the new connections will be spilled-over to secondary WAN. The maximum
value of load tolerance is 80 and the least is 20.
Protocol Bindings: Refer Section 3.4.3 for details
Summary of DSR-1000
Page 1
Unified services router user manual dsr-250n / 500 / 500n / 1000 / 1000n ver. 1.03 http://security.Dlink.Com building networks for people small business gateway solution.
Page 2: User Manual
User manual unified services router d-link corporation copyright © 2011. Http://www.Dlink.Com.
Page 3
Unified services router user manual 1 user manual dsr-250n / dsr-500 / 500n / 1000 / 1000n unified services router version 1.03 copyright © 2011 copyright notice this publication, including all photographs, illustrations and software, is protected under international copyright laws, with all rights ...
Page 4: Table Of Contents
Unified services router user manual 2 table of contents chapter 1. Introduction ..................................................................................................................... 10 1.1 about this user manual ...........................................................................
Page 5
Unified services router user manual 3 4.4 tuning radio specific settings ......................................................................... 62 4.5 advanced wireless settings ............................................................................. 63 4.6 wi-fi protected setup (wps) .........
Page 6
Unified services router user manual 4 9.1 configuration access control ......................................................................... 118 9.1.1 remote management ...................................................................................... 118 9.1.2 cli access ......................
Page 7
Unified services router user manual 5 appendix f. Product statement ....................................................................................................... 214.
Page 8: List Of Figures
Unified services router user manual 6 list of figures figure 1: setup page for lan tcp/ip settings .................................................................................. 15 figure 2: ipv6 lan and dhcpv6 configuration ..........................................................................
Page 9
Unified services router user manual 7 figure 33: virtual ap configuration ..................................................................................................... 60 figure 34: list of configured access points (virtual aps) shows one enabled access point on the radio, broadcasting its s...
Page 10
Unified services router user manual 8 figure 64: list of ssl vpn polices (global filter) ............................................................................ 103 figure 65: ssl vpn policy configuration ......................................................................................... ...
Page 11
Unified services router user manual 9 figure 98: list of connected 802.11 clients per ap ......................................................................... 144 figure 99: list of lan hosts ...........................................................................................................
Page 12: Chapter 1. Introduction
Unified services router user manual 10 chapter 1. Introduction d-link unified services routers offer a secure, high performance networking solution to address the growing needs of small and medium businesses. Integrated high -speed ieee 802.11n and 3g wireless technologies offer comparable performan...
Page 13
Unified services router user manual 11 empowering your mobile users by providing remote access to a central corporate database. Site-to-site vpn tunnels use ip security (ipsec) protocol, point-to-point tunneling protocol (pptp), or layer 2 tunneling protocol (l2tp) to facilitate branch office connec...
Page 15: Lan Setup
Chapter 2. Configuring your network: lan setup it is assumed that the user has a machine for management connected to the lan to the router. The lan connection may be through the wired ethernet ports available on the router, or once the initial setup is complete, the dsr may also be managed through i...
Page 16
Unified services router user manual 14 to configure lan connectivity, please follow the steps below: 1. In the lan setup page, enter the following information for your router: ip address (factor y default: 192.168.10.1). If you change the ip address and click save settings, the gui will not respond....
Page 17
Unified services router user manual 15 lease time: enter the time, in hours, for which ip addresses are leased to clients. Enable dns proxy: to enable the router to act as a proxy for all dns requests and communicate with the isp‘s dns servers, click the checkbox. 3. Click save settings to apply all...
Page 18
Unified services router user manual 16 2.1.1 lan configuration in an ipv6 network advanced > ipv6 > ipv6 lan > ipv6 lan config in ipv6 mode, the lan dhcp server is enabled by default (similar to ipv4 mode). The dhcpv6 server will serve ipv6 addresses from configured address pools with the ipv6 prefi...
Page 19
Unified services router user manual 17 fig ur e 2: ip v6 lan a nd dhcpv6 co nfig uratio n if you change the ip address and click save settings, the gui will not respond. Open a new connection to the new ip address and log in again. Be sure the lan host (the machine used to manage the router) h as ob...
Page 20
Unified services router user manual 18 dhcp mode: the ipv6 dhcp server is either stateless or stateful. If stateless is selected an external ipv6 dhcp server is not required as the ipv6 lan hosts are auto-configured by this router. In this case the router advertisement daemon (radvd) must be configu...
Page 21
Unified services router user manual 19 radvd advanced > ipv6 > ipv6 lan > router advertisement to support stateless ipv6 auto configuration on the lan, set the radvd status to enable. The following settings are used to configure radvd: advertise mode: select unsolicited multicast to send router adve...
Page 22
Unified services router user manual 20 fig ur e 3: co nf iguri ng the ro ute r advert i sem ent daem on advertisement prefixes advanced > ipv6 > ipv6 lan > advertisement prefixes the router advertisements configured with advertisemen t prefixes allow this router to inform hosts how to perform statel...
Page 23: 2.2 Vlan Configuration
Unified services router user manual 21 ipv6 prefix length: this value indicates the number contiguous, higher order bits of the ipv6 address that define up the network portion of the address. Typically this is 64. Prefix lifetime: this defines the duration (in seconds) that the requesting node is al...
Page 24
Unified services router user manual 22 will allow traffic from lan hosts belonging to this vlan id to pass through to other configured vlan ids that have inter vlan routing enabled. Fig ur e 5: addi ng vlan m em berships to t he lan 2.2.1 associating vlans to ports in order to tag all traffic throug...
Page 25
Unified services router user manual 23 fig ur e 6: port vlan list in access mode the port is a member of a single vlan (and only one). All data going into and out of the port is untagged. Traffic through a port in access mode looks like any other ethernet frame. In trunk mode the port is a member of...
Page 26
Unified services router user manual 24 fig ur e 7: co nf iguri ng vlan m em bership for a po rt 2.3 configurable port: dmz setup dsr-250n does not have a configurable port – there is no dmz support. This router supports one of the physical ports to be configured as a secondary wan ethernet port or a...
Page 27
Unified services router user manual 25 fig ur e 8: dm z co nf ig urat io n in order to configure a dmz port, the router‘s configurable port must be set to dmz in the setup > internet settings > configurable port page. 2.4 universal plug and play (upnp) advanced > advanced network > upnp universal pl...
Page 28
Unified services router user manual 26 once upnp is enabled, you can configure the router to detect upnp -supporting devices on the lan (or a configured vlan). If disabled, the router will not a llow for automatic device configuration. Configure the following settings to use upnp: advertisement peri...
Page 29: 2.5 Captive Portal
Unified services router user manual 27 ip address: the ip address of the upnp device detected by this router click refresh to refresh the portmap table and search for any new upnp devices. 2.5 captive portal dsr-250n does not have support for the captive portal feature. Lan users can gain internet a...
Page 30: Wan Setup
Unified services router user manual 28 chapter 3. Connecting to the internet: wan setup this router has two wan ports that can be used to esta blish a connection to the internet. The following isp connection types are supported: dhcp, static, pppoe, pptp, l2tp, 3g internet (via usb modem). It is ass...
Page 31: 3.2 Wan Configuration
Unified services router user manual 29 3g internet access with a usb modem is supported on the secondary wan port (wan2). The internet connection setup wizard assists with the pr imary wan port (wan1) configuration only. 3.2 wan configuration setup > internet settings > wan1 setup you must either al...
Page 32: 3.2.2 Wan Dns Servers
Unified services router user manual 30 my ip address: enter the ip address assigned to you by the isp. Server ip address: enter the ip address of the pptp or l2tp server. Dsr-250n doesn‘t have a dual wan support. 3.2.1 wan port ip address your isp assigns you an ip address that is either dynamic (ne...
Page 33: 3.2.4 Pppoe
Unified services router user manual 31 fig ur e 12: ma nual wan c onf ig ura tio n 3.2.4 pppoe setup > internet settings the pppoe isp settings are defined on the wan configuration page. There are two types of pppoe isp‘s supported by the dsr: the standard username/password pppoe and japan multiple ...
Page 34
Unified services router user manual 32 fig ur e 13: pp poe c onfig ura tio n fo r sta nd ard isps most pppoe isp‘s use a single control and data connection, and require username / password credentials to login and authenticate the dsr with the isp. The isp connection type for this case is ―pppoe (us...
Page 35
Unified services router user manual 33 fig ur e 14: wan config ur atio n fo r japa ne se m ult iple pp poe (pa rt 1) there are a few key elements of a multiple pppoe connection: primary and secondary connections are concurrent each session has a dns server source for domain name lookup, this can be ...
Page 36
Unified services router user manual 34 when japanese multiple pppoe is configured and secondary connection is up, some predefined routes are added on that interface. These routes are needed to access the internal domain of the isp where he hosts various services. These routes can even be configured ...
Page 37
Unified services router user manual 35 fig ur e 16: r ussia l 2tp isp co nfig urati o n 3.2.6 wan configuration in an ipv6 network setup > ipv6 > ipv6 wan1 config.
Page 38
Unified services router user manual 36 for ipv6 wan connections, this router can have a static ipv6 address or receive connection information when configured as a dhcpv6 client. In the case where the isp assigns you a fixed address to access the internet, the static conf iguration settings must be c...
Page 39
Unified services router user manual 37 fig ur e 17: i pv6 wan set up page 3.2.7 checking wan status setup > internet settings > wan status the status and summary of configured settings for both wan1 and wan2 are available on the wan status page. You can view the following key connection status infor...
Page 40
Unified services router user manual 38 fig ur e 18: co nne ctio n sta tus i nform atio n for bot h wan ports the wan status page allows you to enable or disable static wan links. For wan settings that are dynamically received from the isp, you can renew or release the link parameters if required..
Page 41: 3.3 Bandwidth Controls
Unified services router user manual 39 3.3 bandwidth controls advanced > advanced network > traffic management > bandwidth profiles bandwidth profiles allow you to regulate the traffic flow from the lan to wan 1 or wan 2. This is useful to ensure that low priority lan users (l ike guests or http ser...
Page 42
Unified services router user manual 40 for finer control, the rate profile type can be used. With this option the minimum and maximum bandwidth allowed by this profile can be limited. Choose the wan interface that the profile should be associated with . Fig ur e 20: b and widt h prof il e co nfig ur...
Page 43: 3.4.1 Auto Failover
Unified services router user manual 41 fig ur e 21: t raff ic s ele cto r config ura tio n 3.4 features with multiple wan links this router supports multiple wan links. This allows you to take advantage of failover and load balancing features to ensure certain internet dependent services are priorit...
Page 44: 3.4.2 Load Balancing
Unified services router user manual 42 auto-rollover using wan port-wan1: wan1 is the primary internet link. Auto-rollover using wan port-wan2: wan2 is the primary internet link. Failover detection settings: to check connectivity of the primary internet link, one of the following failure detection m...
Page 45: 3.4.3 Protocol Bindings
Unified services router user manual 43 load balancing is particularly useful when the connection speed of one wan port greatly differs from another. In this case you can define protocol bindings to route low-latency services (such as voip) over the higher -speed link and let low-volume background tr...
Page 46: 3.5.1 Routing Mode
Unified services router user manual 44 addresses can be assigned to the other wan link. Protocol bindings are only applicable when load balancing mode is enabled and more than one wan is configured. Fig ur e 23: prot oco l bi ndi ng se tup t o asso ciat e a se rvi ce a nd/ or lan sour ce to a wan a ...
Page 47
Unified services router user manual 45 nat is a technique which allows several computers on a lan to share an internet connection. The computers on the lan use a "private" ip add ress range while the wan port on the router is configured with a single "public" ip address. Along with connection sharin...
Page 48
Unified services router user manual 46 fig ur e 24: ro ut ing mode is used to co nfi gur e tr affi c ro ut i ng bet we e n wan and lan, as wel l as dy nam ic r out i ng (rip) 3.5.2 dynamic routing (rip) dsr-250n does not support rip..
Page 49: 3.5.3 Static Routing
Unified services router user manual 47 setup > internet settings > routing mode dynamic routing using the routing information protocol (rip) is an interior gateway protocol (igp) that is common in lans. With rip this router can exchange routing information with other supported routers in the lan and...
Page 50
Unified services router user manual 48 router and other devices to account for changes in the path; once configured the static route will be active and effective until the network changes. The list of static routes displays all routes that have been added manually by an administrator and allows seve...
Page 51
Unified services router user manual 49 fig ur e 25: sta tic ro ute co nf ig urat io n fi el ds 3.6 configurable port - wan option this router supports one of the physical ports to be configured as a secondary wan ethernet port or a dedicated dmz port. If the port is selected to be a secondary wan in...
Page 52
Unified services router user manual 50 fig ur e 26: wan2 co nfig uratio n f or 3 g i nter net (part 1) cellular 3g internet access is available on wan2 via a 3g usb modem for dsr- 1000 and dsr-1000n. The cellular isp that provides the 3g data plan will provide the authentication requirements to esta...
Page 53: 3.7 Wan Port Settings
Unified services router user manual 51 fig ur e 27: wan2 co nfig uratio n f or 3 g i nter net ( part 2) 3.7 wan port settings advanced > advanced network > wan port setup the physical port settings for each wan link can be defined here. If your isp account defines the wan port speed or is associated...
Page 54
Unified services router user manual 52 the default mac address is defined during the manufacturing process for the interfaces, and can uniquely identify this router. You can customize each wan port‘s mac address as needed, either by letting the wan port assume the current lan host‘s mac address or b...
Page 55: Setup
Unified services router user manual 53 chapter 4. Wireless access point setup this router has an integrated 802.11n radio that allows you to create an access point for wireless lan clients. The security/encryption/authentication options are grouped in a wireless profile, and each configured profile ...
Page 56
Unified services router user manual 54 fig ur e 29: w ir el ess net work set up w iza r ds 4.1.1 wireless network setup wizard this wizard provides a step-by-step guide to create and secure a new access point on the router. The network name (ssid) is the ap identifier that will be detected by suppor...
Page 57: 4.2 Wireless Profiles
Unified services router user manual 55 personal identification number (pin): the wireless device that supports wps may have an alphanumeric pin, and if entered in this field the ap will establish a link to the client. Click connect to complete setup and connect to the client. Push b utton configurat...
Page 58: 4.2.1 Wep Security
Unified services router user manual 56 server, or both. Note that wpa does not support 802.11n data rates; is it appropriate for legacy 802.11 connections. Wpa2: this security type uses ccmp encryption (and the option to add tkip encryption) on either psk (pre-shared key) or enterprise (radius serve...
Page 59
Unified services router user manual 57 size. Next choose one of the keys to be used for authentication. The selected key must be shared with wireless clients to connect to this device. Fig ur e 31: prof il e c onf ig ura tio n to s et ne twork s ec ur ity 4.2.2 wpa or wpa2 with psk a pre-shared key ...
Page 60
Unified services router user manual 58 4.2.3 radius authentication setup > wireless settings > radius settings enterprise mode uses a radius server for wpa and/or wpa2 security. A radius server must be configured and accessible by the router to authenticate wireless client connections to an ap enabl...
Page 61
Unified services router user manual 59 fig ur e 32: radius serve r (ext er na l aut he nt icat io n) c onf ig ura tio n 4.3 creating and using access points setup > wireless settings > access points once a profile (a group of security settings) is created, it can be assigned to an ap on the router. ...
Page 62
Unified services router user manual 60 fig ur e 33: v irt ua l ap c onfig ura tio n a valuable power saving feature is the start and stop time control for this ap. You can conserve on the radio power by disabling the ap when it is not in use. For example on evenings and weekends if you know there ar...
Page 63
Unified services router user manual 61 fig ur e 34: l ist of co nfig ured a cc ess poi nt s (virt ual a ps) sho ws o ne enab led a ccess po int o n t he radio, broadc asting its ssid the clients connected to a particular ap can be viewed by using the status button on the list of available access poi...
Page 64
Unified services router user manual 62 broadcast the ssid for the vap with wep since it is meant to be used for a few legacy devices in this scenario. 4.4 tuning radio specific settings setup > wireless settings > radio settings the radio settings page lets you configure t he channels and power leve...
Page 65
Unified services router user manual 63 4.5 advanced wireless settings advanced > wireless settings > advanced wireless sophisticated wireless administrators can modify the 802.11 communication parameters in this page. Generally, the default settings are appropriate for most networks. Please refer to...
Page 66
Unified services router user manual 64 connect within 60 seconds of clicking the ―configure via pin‖ button immediately below the pin field. There is no led indication that a client has connected. Push button configuration (pbc): for wireless devices that support pbc, press and hold down on this but...
Page 67: Network
Chapter 5. Securing the private network you can secure your network by creating and applying rules that your router uses to selectively block and allow inbound and outbound internet traffic. You then specify how and to whom the rules apply. To do so, you must define the following: services or traffi...
Page 68
Unified services router user manual 66 may use the ip address if a static address is assigned to the wan port, or if your wan address is dynamic a ddns (dynamic dns) name can be used. Outbound (lan/dmz to wan) rules restrict access to traffic leaving your network, selectively allowing only specific ...
Page 69
Unified services router user manual 67 fig ur e 39: l ist of ava ilab le s chedules t o bind to a fi re wa ll rule 5.3 configuring firewall rules advanced > firewall settings > firewall rules all configured firewall rules on the router are displayed in the firewall rules list. This list also indicat...
Page 70
Unified services router user manual 68 service: any means all traffic is affected by this rule. For a specific service the drop down list has common services, or you can select a custom defined service. Action & schedule: sel ect one of the 4 actions that this rule defines: block always, allow alway...
Page 71
Unified services router user manual 69 external ip address: the rule can be bound to a specific wan interface by selecting either the primary wan or configurable port wan as the source ip address for incoming traffic. This router supports multi-nat and so the external ip address does not necessari...
Page 72
Unified services router user manual 70 fig ur e 40: e xam ple wher e a n o utbo und s nat rule is us ed to m ap an exte rna l ip address (209. 156.200. 225) to a privat e dm z i p address (10.30.30 .30).
Page 73
Unified services router user manual 71 fig ur e 41: t he fi re wa ll r ule co nf igurat io n page al lo ws yo u to def i ne t he to/f rom zone, se rvi ce, act ion, sc hed ul es, and spec ify sour ce /desti nat io n ip addr esses as need ed ..
Page 74
Unified services router user manual 72 5.3.1 firewall rule configuration examples example 1: allow inbound http traffic to the dmz situation: you host a public web server on your local dmz network. You want to allow inbound http requests from any outside ip address to the ip address of your web serv...
Page 75
Unified services router user manual 73 example 3: multi-nat configuration situation: you want to configure multi-nat to support multiple public ip addresses on one wan port interface. Solution: create an inbound rule that configures the firewall to host an additional public ip address. Associate thi...
Page 76
Unified services router user manual 74 in the scheduled days box, check that you want the schedule to be active for ―specific days‖. Select ―saturday‖ and ―sunday‖ in the scheduled time of day, select ―all day‖ – this will apply the schedule between 12 am to 11:59 pm of the selected day. Click apply...
Page 77
Unified services router user manual 75 fig ur e 42: s chedule co nfi gu rat ion for the above ex am ple. 2. Since we are trying to block http requests, it is a service with to zone: insecure (wan1/wan2) that is to be blocked according to schedule ―weekend‖..
Page 78
Unified services router user manual 76 3. Select the action to ―block by schedule, otherwise allow‖. This will take a predefined schedule and make sure the rule is a blocking rule during the defined dates/times. All other times outside the schedule will not be affected by this firewall blocking rule...
Page 79: 5.5 Alg Support
Unified services router user manual 77 fig ur e 43: l ist of use r def i ned se rvi ce s . 5.5 alg support advanced > firewall settings > algs application level gateways (algs) are security component that enhance the firewall and nat support of this router to seamlessly support application layer pro...
Page 80
Unified services router user manual 78 fig ur e 44: ava ilab le al g suppo rt o n t he rout er . 5.6 vpn passthrough for firewall advanced > firewall settings > vpn passthrough this router‘s firewall settings can be configured to allow encrypted vpn traffic for ipsec, pptp, and l2tp vpn tunnel conne...
Page 81: 5.7 Application Rules
Unified services router user manual 79 fig ur e 45: passthro ug h opti ons f or vpn t unnel s 5.7 application rules advanced > application rules > application rules application rules are also referred to as p ort triggering. This feature allows devices on the lan or dmz to request one or more ports ...
Page 82: 5.8.1 Content Filtering
Unified services router user manual 80 fig ur e 46: l ist of ava ilab le appl icat io n rules s ho wi ng 4 unique r ules the application rule status page will list any active rules, i.E. Incoming ports that are being triggered based on outbound requests from a defined outgoing port. 5.8 web content ...
Page 83: 5.8.2 Approved Urls
Unified services router user manual 81 fig ur e 47: co nt ent f ilt er ing us ed to blo c k access to proxy s erve rs a nd preve nt ac tiv ex co ntr ols f rom being downlo aded 5.8.2 approved urls advanced > website filter > approved urls the approved urls is an acceptance list for all url domain na...
Page 84: 5.8.3 Blocked Keywords
Unified services router user manual 82 fig ur e 48: t wo tr usted dom ai ns added to the approved urls list 5.8.3 blocked keywords advanced > website filter > blocked keywords keyword blocking allows you to block all website url‘s or site content that contains the keywords in the configured list. Th...
Page 85: 5.9 Ip/mac Binding
Unified services router user manual 83 fig ur e 49: t wo k ey words added to the bl ock list 5.9 ip/mac binding advanced > ip/mac binding another available security measure is to only allow outbound traffic (from the lan to wan) when the lan node has an ip address matching the mac address bound to i...
Page 86
Unified services router user manual 84 fig ur e 50: t he fo llo wi ng exam ple bi nds a lan host’s mac address to a n ip address ser ved by dsr . If t her e is an ip/mac b ind ing violat io n, t he vio lat ing packet wil l be dr o pped and lo gs wil l be captured 5.10 intrusion prevention (ips) adva...
Page 87
Unified services router user manual 85 fig ur e 51: i nt rus io n p rev ent io n f eat ures on t he ro ute r 5.11 protecting from internet attacks advanced > advanced network > attack checks attacks can be malicious security breaches or unintentional network issues that render the router unusable. A...
Page 88
Unified services router user manual 86 fig ur e 52: prot ect i ng t he ro ute r a nd la n from int er net attacks.
Page 89
Unified services router user manual 87 chapter 6. Ipsec / pptp / l2tp vpn a vpn provides a secure communication channel (―tunnel‖) between two gateway routers or a remote pc client. The fol lowing types of tunnels can be created: gateway-to-gateway vpn: to connect two or more routers to secure traff...
Page 90: 6.1 Vpn Wizard
Unified services router user manual 88 fig ur e 54: e xam ple of t hr ee i psec cl ie nt connect io ns to t he i nte rnal net wo rk t hro ug h t he dsr ipsec gat e way 6.1 vpn wizard setup > wizard > vpn wizard you can use the vpn wizard to quickly create both ike and vpn policies. Once the ike or v...
Page 91
Unified services router user manual 89 fig ur e 55: v pn wiz ard l aunch scr ee n to easily establish a vpn tunnel using vpn wizard, follow the steps below: 1. Select the vpn tunnel type to create the tunnel can either be a gateway to gateway connection (site -to-site) or a tunnel to a host on the i...
Page 92
Unified services router user manual 90 local wan ip address / fqdn: this field can be left blank if you are not using a different fqdn or ip address than the one specified in the wan port‘s configuration. 3. Configure the secure connection remote accessibility fields to identify the remote network: ...
Page 93
Unified services router user manual 91 6.2 configuring ipsec policies setup > vpn settings > ipsec > ipsec policies an ipsec policy is between this router and another gateway or this router and a ipsec client on a remote host. The ipsec mode can be either tunnel or transport depending on the network...
Page 94
Unified services router user manual 92 fig ur e 56: i psec po li cy c onf ig ura tio n once the tunnel type and endpoints of the tunnel are defined you can determine the phase 1 / phase 2 negotiation to use for the tunnel. This is covered in the ipsec mode setting, as the policy can be manual or aut...
Page 95
Unified services router user manual 93 fig ur e 57: i psec po li cy c onf ig ura tio n continued (aut o pol icy v ia ik e) a manual policy does not use ike and instead relies on ma nual keying to exchange authentication parameters between the two ipsec hosts. The incoming and outgoing security param...
Page 96
Unified services router user manual 94 fig ur e 58: i psec po li cy c onf ig ura tio n continued (aut o / ma nual phase 2) 6.2.1 extended authentication (xauth) you can also configure extended authentication (xauth). Rather than configure a unique vpn policy for each user, you can configure the vpn ...
Page 97
Unified services router user manual 95 6.3 configuring vpn clients remote vpn clients must be configured with the same vpn policy parameters used in the vpn tunnel that the client wishes to use: encr yption, authentication, life time, and pfs key-group. Upon establishing these authentication paramet...
Page 98
Unified services router user manual 96 fig ur e 59: ppt p t unnel co nfi gurat ion – p ptp se rve r 6.4.2 l2tp tunnel support setup > vpn settings > l2tp > l2tp server a l2tp vpn can be established through this router. Once enabled a l2tp server is available on the router for lan and wan l2tp client...
Page 99: Chapter 7. Ssl Vpn
Chapter 7. Ssl vpn the router provides an intrinsic ssl vpn feature as an alternate to the standard ipsec vpn. Ssl vpn differs from ipsec vpn mainly by removing the requirement of a pre- installed vpn client on the remote host. Instead, users can securely login through the ssl user portal using a st...
Page 100
Unified services router user manual 98 fig ur e 61: e xam ple of c li e ntl ess ssl vp n connect ions to t he d s r 7.1 users, groups, and domains advanced > users > users authentication of the users (ipsec, ssl vpn, or gui) is done by the router using either a local database on the router or extern...
Page 101
Unified services router user manual 99 idle timeout: the session timeout for the user. Once the user is configured, the dsr will display a list of all configured users. Fig ur e 62: ava ilab le use rs wit h l ogi n stat us a nd associ ated gro up/dom ain advanced > users > domains the domain determi...
Page 102
Unified services router user manual 100 timeout: the timeout period for reaching the authentication server. Retries: the number of retries to authenticate with the authentication server after which the dsr stops trying to reach the server. Workgroup: this is required is for nt domain authentication....
Page 103
Unified services router user manual 101 guest (read only): the guest user gains read only access to the gui to observe and review configuration settings. The guest does not have ssl vpn access. Ssl vpn user: this user has access to the ssl vpn services as determined by the group policies and authent...
Page 104
Unified services router user manual 102 fig ur e 63: use r co nf ig urat io n opt ions 7.2 using ssl vpn policies setup > vpn settings > ssl vpn server > ssl vpn policies ssl vpn policies can be created on a global, group, or user level. User level policies take precedence over group level policies ...
Page 105
Unified services router user manual 103 fig ur e 64: l ist of ssl vpn po li ces ( glob al fi lte r) to add a ssl vpn policy, you must first assign it to a user, group, or make it global (i.E. Applicable to all ssl vpn users). If the policy is for a group, the available configured groups are shown in...
Page 106
Unified services router user manual 104 fig ur e 65: ssl vpn po li cy co nf ig urat io n to configure a policy for a single user or group of users, enter the following information: policy for: the policy can be assigned to a group of users, a single user, or all users (making it a global policy). To...
Page 107
Unified services router user manual 105 port range: if the policy governs a type of traffic, this field is used for defining tcp or udp port number(s) corresponding to the governed traffic. Leaving the starting and ending port range blank corresponds to all udp and tcp traffic. Service: this is the ...
Page 108
Unified services router user manual 106 fig ur e 66: l ist of co nf ig ured reso ur ces, whic h are avai labl e to assi gn to ssl vpn polic ies 7.3 application port forwarding setup > vpn settings > ssl vpn server > port forwarding port forwarding allows remote ssl users to access specified network ...
Page 109
Unified services router user manual 107 as a convenience for remote users, t he hostname (fqdn) of the network server can be configured to allow for ip address resolution. This host name resolution provides users with easy-to-remember fqdn‘s to access tcp applications instead of error - prone ip add...
Page 110
Unified services router user manual 108 fig ur e 67: l ist of ava ilab le appl icat io ns for ssl po rt fo r ward ing 7.4 ssl vpn client configuration setup > vpn settings > ssl vpn client > ssl vpn client an ssl vpn tunnel client provides a point -to-point connection between the browser - side mach...
Page 111
Unified services router user manual 109 fig ur e 68: ssl vpn cl i e nt adapt er a nd a ccess c onfig ura tio n the router allows full tunnel and split tunnel support. Full tunnel mode just sends all traffic from the client across the vpn tunnel to the router. Split tunnel mode only sends traffic to ...
Page 112: 7.5 User Portal
Unified services router user manual 110 setup > vpn settings > ssl vpn client > configured client routes if the ssl vpn client is assigned an ip address in a different subnet than the corporate network, a client route must be added to allow access to the private lan through the vpn tunnel. As well a...
Page 113
Unified services router user manual 111 fig ur e 70: l ist of co nfig ured ssl vpn p ortal s . T he co nf ig ur ed porta l can the n be assoc iat ed wit h a n a ut he nt ica tio n dom ain 7.5.1 creating portal layouts setup > vpn settings > ssl vpn server > portal layouts the router allows you to cr...
Page 114
Unified services router user manual 112 banner message: the banner message that is displayed to ssl vpn clients prior to login. This field is optional. Display banner message on the login page: the user has the option to either display or hide the banner message in the login page. Http meta tags for...
Page 115: Tools
Unified services router user manual 113 chapter 8. Advanced configuration tools 8.1 usb device setup setup > usb settings the dsr unified services router has a usb interface for printer access, file sharing and on the dsr-1000 / dsr-1000n models 3g modem support. There is no configuration on the gui...
Page 116
Unified services router user manual 114 fig ur e 72: usb devic e det ect io n 8.2 authentication certificates advanced > certificates this gateway uses digital certificates for ipsec vpn authentication as well as ssl validation (for https and ssl vpn authentication). You can obtain a digital certifi...
Page 117
Unified services router user manual 115 a self certificate is a certificate issued by a ca identifying your device (or self - signed if you don‘t want the identity protection of a ca). The active self certificate table lists the self certificates currently loaded on the gateway. The following inform...
Page 118
Unified services router user manual 116 fig ur e 73: c ert ifi cate s um m ary for ipse c and h ttps m anag em ent 8.3 advanced switch configuration the dsr allows you to adjust the power consumption of the hardware based on your actual usage. The two ―green‖ options available for your lan switch ar...
Page 119
Unified services router user manual 117 fig ur e 74: adva nc ed switc h s etti ngs.
Page 120: Management
Unified services router user manual 118 chapter 9. Administration & management 9.1 configuration access control the primary means to configure this gateway via the browser -independent gui. The gui can be accessed from lan node by using the gateway‘s lan ip address and http, or from the wan by using...
Page 121: 9.1.2 Cli Access
Unified services router user manual 119 fig ur e 76: r em ote ma nagem e nt f rom the wan 9.1.2 cli access in addition to the web-based gui, the gateway supports ssh and telnet management for command-line interaction. The cli login credentials are shared with the gui for administrator users. To acce...
Page 122
Unified services router user manual 120 fig ur e 77: snm p users, traps, a nd ac ce ss contro l tools > admin > snmp system info the router is identified by an snmp manager via the system information. The identifier settings the sysname set here is also used to identify the router for syslog logging...
Page 123
Unified services router user manual 121 fig ur e 78: snm p system i nform atio n fo r this ro ute r 9.3 configuring time zone and ntp tools > date and time you can configure your time zone, whether or not to adjust for daylight savings time, and with which network time protocol ( ntp) server to syn ...
Page 124: 9.4 Log Configuration
Unified services router user manual 122 fig ur e 79: dat e, t im e, and nt p ser ver se tup 9.4 log configuration this router allows you to capture log messages for traffic through the firewall, vpn, and over the wireless ap. As an administrator you can monitor th e type of traffic that goes through...
Page 125
Unified services router user manual 123 system: this refers to application and management level features available on this router, including ssl vpn and administrator changes for man aging the unit. Wireless: this facility corresponds to the 802.11 driver used for providing ap functionality to your ...
Page 126
Unified services router user manual 124 fig ur e 80: fac il ity se tti ngs fo r logg i ng the display for logging can be customized based on where the logs are sent, either the event log viewer in the gui (the event log viewer is in the status > logs page) or a remote syslog server for later review....
Page 127
Unified services router user manual 125 example: if accept packets from lan to wan is enabled and there is a firewall rule to allow ssh traffic from lan, then whenever a lan machine tries to make an ssh connection, those packets will be accepted and a message will be logged. (assuming the log option...
Page 128
Unified services router user manual 126 fig ur e 81: l og co nf ig urat io n opti ons f or traffi c t hro ug h ro ute r 9.4.2 sending logs to e-mail or syslog tools > log settings > remote logging once you have configured the type of logs that you want the router to collect, they can be sent to eith...
Page 129
Unified services router user manual 127 this requirement. In some cases the smtp server may send out ident requests, and this router can have this response option enabled as needed. Once the e-mail server and recipient details are defined you can determine when the router should send out logs. E-mai...
Page 130
Unified services router user manual 128 the local event viewer on the router‘s gui, and thus can collect a considerable number of logs over a sustained period. This is typically ver y useful for debugging network issues or to monitor router traffic over a long duration. This router supports up to 8 ...
Page 131: Settings
Unified services router user manual 129 fig ur e 84: v pn logs disp layed in gui ev e nt v ie we r 9.5 backing up and restoring configuration settings tools > system you can back up the router‘s custom configuration settings to restore them to a different device or the same router after some other c...
Page 132
Unified services router user manual 130 2. To restore your saved settings from a backup file, click browse then locate the file on the host. After clicking restore, the router begins importing the file‘s saved configuration settings. After the restore, the router reboots automatically with the resto...
Page 133: 9.7 Dynamic Dns Setup
Unified services router user manual 131 fig ur e 86: fi rm war e ve rsio n i nf orm atio n and upgrad e optio n this router also supports an automated notification to determine if a newer firmware version is available for this router. By clicking the check now button in the notification section, the...
Page 134
Unified services router user manual 132 fig ur e 87: dy nam ic dns co nf ig urat io n 9.8 using diagnostic tools tools > system check the router has built in tools to allow an administrator to evaluate the communication status and overall network health..
Page 135: 9.8.1 Ping
Unified services router user manual 133 fig ur e 88: ro ut er d i ag nostics tools av ai la ble i n t he gui 9.8.1 ping this utility can be used to test connectivity between this router and another device on the network connected to this router. Enter an ip address and click ping . The command outpu...
Page 136: 9.8.3 Dns Lookup
Unified services router user manual 134 fig ur e 89: sam ple t rac e ro ut e o utput 9.8.3 dns lookup to retrieve the ip address of a web, ftp, mail or any other server on the internet, type the internet name in the text box and click lookup. If the host or domain entry exists, you will see a respon...
Page 137: Statistics
Unified services router user manual 135 chapter 10. Router status and statistics 10.1 system overview the status page allows you to get a detailed overview of the system configuration. The settings for the wired and wireless interfaces are displayed in the dsr status page, and then the resulting har...
Page 138
Unified services router user manual 136 fig ur e 90: d evi ce stat us displ ay.
Page 139
Unified services router user manual 137 fig ur e 91: d evi ce stat us displ ay (c ont i nued) 10.1.2 resource utilization status > device info > dashboard the dashboard page presents hardware and usage statistics. The cpu and memor y utilization is a function of the available hardware and current co...
Page 140
Unified services router user manual 138 fig ur e 92: r esourc e uti liz atio n stat isti cs.
Page 141
Unified services router user manual 139 fig ur e 93: r esourc e uti liz atio n data (co ntinued).
Page 142: 10.2 Traffic Statistics
Unified services router user manual 140 fig ur e 94: r esourc e uti liz atio n data (co ntinued) 10.2 traffic statistics 10.2.1 wired port statistics status > traffic monitor > device statistics detailed transmit and receive statistics for each physical port are presented here. Each interface (wan1,...
Page 143
Unified services router user manual 141 fig ur e 95: p hys ic al po rt statist ics 10.2.2 wireless statistics status > traffic monitor > wireless statistics the wireless statistics tab displays the incrementing traffic statistics for each enabled access point. This page will give a snapshot of how m...
Page 144: 10.3 Active Connections
Unified services router user manual 142 fig ur e 96: a p spec ifi c statist ics 10.3 active connections 10.3.1 sessions through the router status > active sessions this table lists the active internet sessions through the router‘s firewall. The session‘s protocol, state, local and remote ip addresse...
Page 145
Unified services router user manual 143 fig ur e 97: l ist of c ur re nt act ive fi re wa ll sessions.
Page 146: 10.3.2 Wireless Clients
Unified services router user manual 144 10.3.2 wireless clients status > wireless clients the clients connected to a particular ap can be viewed on this page. Connected clients are sorted by the mac address and indicate the security parameters used by the wireless link, as well as the time connected...
Page 147
Unified services router user manual 145 fig ur e 99: l ist of lan hosts 10.3.4 active vpn tunnels status > active vpns you can view and change the status (connect or drop) of the router‘s ipsec security associations. Here, the active ipsec sas (security associations) are listed along with the traffi...
Page 148
Unified services router user manual 146 fig ur e 100: list of c ur re nt act ive vpn s essions all active ssl vpn connections, both for vpn tunnel and vpn port forwarding, a re displayed on this page as well. Table fields are as follows. Field description user name the ssl vpn user that has an activ...
Page 149: 11.1 Internet Connection
Unified services router user manual 147 chapter 11. Trouble shooting 11.1 internet connection symptom: you cannot access the router‘s web-configuration interface from a pc on your lan. Recommended action: 1. Check the ethernet connection between the pc and the router. 2. Ensure that your pc‘s ip add...
Page 150
Unified services router user manual 148 symptom: router cannot access the internet. Possible cause: if you use dynamic ip addresses, your router may not have requested an ip address from the isp. Recommended action: 1. Launch your browser and go to an external site such as www.Google.Com . 2. Access...
Page 151: 11.2 Date And Time
Unified services router user manual 149 symptom: router can obtain an ip address, but pc is unable to load internet pages. Recommended action: 1. Ask your isp for the addresses of its designated domain name system (dns) servers. Configure your pc to recognize those addresses. For details, see your o...
Page 152: Device
Unified services router user manual 150 4. Observe the display: if the path is working, you see this message sequence: pinging with 32 bytes of data reply from : bytes=32 time=nn ms ttl=xxx if the path is not working, you see this message sequence: pinging with 32 bytes of data request timed out 5. ...
Page 153: Settings
Unified services router user manual 151 verify that the network (subnet) address of your pc is different from the network address of the remote device. Verify that the cable or dsl modem is connected and functioning. Ask your isp if it assigned a hostname to your pc. If yes, select network configura...
Page 155: Chapter 12. Credits
Chapter 12. Credits microsoft, windows are registered trademarks of microsoft corp. Linux is a registered trademark of linus torvalds. Unix is a registered trademark of the open group..
Page 156: Appendix A. Glossary
Unified services router user manual 154 appendix a. Glossary arp address resolution protocol. Broadcast protocol for mapping ip addresses to mac addresses. Chap challenge-handshake authentication protocol. Protocol for authenticating users to an isp. Ddns dynamic dns. System for updating domain name...
Page 157
Unified services router user manual 155 pppoe point-to-point protocol over ethernet. Protocol for connecting a network of hosts to an isp without the isp having to manage the allocation of ip addresses. Pptp point-to-point tunneling protocol. Protocol for creation of vpns for the secure transfer of ...
Page 159
Appendix b. Factory default settings featur e description default setting device login user login url http://192.168.10.1 user name (case sensitive) admin login password (case sensitive) admin internet connection wan mac address use default address wan mtu size 1500 port speed autosense local area n...
Page 160: & Firewall Configuration
Unified services router user manual 158 appendix c. Standard services available for port forwarding & firewall configuration any aim bgp bootp_client bootp_server cu-seeme:udp cu-seeme:tcp dns:udp dns:tcp finger ftp http https icmp-type-3 icmp-type-4 icmp-type-5 icmp-type-6 icmp-type-7 icmp-type-8 i...
Page 161
Unified services router user manual 159 appendix d. Log output reference facility: system (networking) log message severity log message severity dbupdate event: table: %s opcode:%d rowid:%d debug bridgeconfig: too few arguments to command %s error networkintable.Txt not found debug bridgeconfig: too...
Page 162
Unified services router user manual 160 nimfadvoptsetwrap: user has changed mtu option debug ddns: sql error: %s error nimfadvoptsetwrap: mtu: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old mtu size: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old p...
Page 163
Unified services router user manual 161 %s:dbupdate event: table: %s opcode:%d rowid:%d debug failed to commit error %s:%d sip enable: %s debug ifstatusdbupdate: failed to begin " error siptblhandler:failed to update ifstatic debug %s: sql error: %s error siptblhandler:failed to update configport de...
Page 164
Unified services router user manual 162 pprivsep: %s debug nimfgetupdatemacflag: unable to get flag from mactable error %s:dbupdate event: table: %s opcode:%d rowid:%d debug nimfmacget: updating mac address failed error re-starting sshd daemon.... Debug sqlite3queryresget failed.Query:%s error sshd ...
Page 165
Unified services router user manual 163 getdnsfromisp: %s debug subnetaddress should be provided with accessoption 2 error idletimeoutflag: %s debug failed to restart sshd error idletimeoutvalue: %d debug unable to open the " error authmetho: %d debug sqlite3queryresget failed.Query:%s error executi...
Page 166
Unified services router user manual 164 %s: buffer overflow debug failed to clear vlan for %d error %s: value of %s in %s table is: %s debug failed to set vlan entry for vlan %d error %s: returning with status: %s debug failed to set vlan entries, while enabling \ error dnsresolverconfigure: address...
Page 167
Unified services router user manual 165 pppoemgmttblhandler: netmask: %s debug xl2tpdstop failed error pppoemgmttblhandler: authopt: %d debug writing xl2tpd.Conf failed error pppoemgmttblhandler: satus: %d debug writing options.Xl2tpd failed error pppoeenable: ppp dial string: %s debug xl2tpdstop fa...
Page 168
Unified services router user manual 166 l2tpmgmttblhandler: username: %s debug pppoemgmttblhandler: unable to get current mtu option error l2tpmgmttblhandler: password: %s debug pppoemgmttblhandler: unable to get the mtu error l2tpmgmttblhandler: accountname: %s debug pppoemgmttblhandler: pppoe enab...
Page 169
Unified services router user manual 167 the enable command is %s error dhcpcmgmttblhandler: dhclient enable failed error l2tpenable:executing the command failed error dhcpcmgmttblhandler: dhcpc release failed error l2tpdisable: command string: %s error dhcpcmgmttblhandler: dhcpc disable failed error...
Page 170
Unified services router user manual 168 created eap/peap context: ok debug setting message in fragment buffer: error error deleted eap/peap context: ok debug allocating tls read buffer is null: error error upper eap sent us: decision = %d method state = %d debug setting last fragment: error error p2...
Page 171
Unified services router user manual 169 error rcvd. Opcode %d. Debug plugin context is null error pctx null. Debug deriving implicit challenge: error error tls message len changed in the fragment, ignoring. Debug generating nt response: error error no data to send while fragment ack received. Debug ...
Page 172
Unified services router user manual 170 pfb->msgbuff is null. Debug setting profile to glue layer: error. Error error calculating binary. Debug _eapctxcreate failed. Error error calculating binary. Debug %d authentication not enabled in the system. Error adpdigestinit for sha1 failed. Debug initiali...
Page 173
Unified services router user manual 171 password change is not allowed for this user debug eap-peap not enabled in system configuration. Error completed writing the policy debug eap-wsc not enabled in system configuration. Error completed writing the sa debug pap not enabled in system configuration....
Page 174
Unified services router user manual 172 peapctx == null or ppdu == null. Error could not initialize des-ecb error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error state machine ...
Page 175
Unified services router user manual 173 could not open database: %s debug sqlite3queryresget failed error cpu log file not found debug radsendtoserver: socket: %s error mem log file not found debug radsendtoserver: bind() failed: %s: %s error cpumemusagedbupdatehandler: update query: %s debug radrec...
Page 176
Unified services router user manual 174 adding dictionary attribute '%s' debug failed to set default retries value error adding dictionary value %s debug error: incomplete db update information. Error receiving attribute: %s debug old values result does not contain 2 rows error processing attribute:...
Page 177
Unified services router user manual 175 next synchronization after" debug unable to set debug for radauth. Error next synchronization after %d \ debug unable to set debug level for radauth. Error primary is not available, " debug error: option value not specified error secondary is not available, " ...
Page 178
Unified services router user manual 176 timeout after semtake debug mempartalloc for %d size failed error srcid=%d(%s) cmd=%d debug mempartalloc for %d size failed error un-registerting component with id %d debug no handler registered for this umi context error failed to send ioctl request: dst(%d) ...
Page 179
Unified services router user manual 177 cpumemusagedbupdatehandler: sql error: %s error invalid privacy algorithm error unable to open the db file %s error failed to get host address error umiinit failed error invalid version error unable to register to umi error snmp v3 trap configuration failed er...
Page 180
Unified services router user manual 178 wan traffic counters are restared debug deleting schedule based firewall rules. Debug traffic limit has been reached debug deleting schedule based firewall rules from db. Debug traffic meter monthly limit has been changed to %d. Debug update schedule based fir...
Page 181
Unified services router user manual 179 enabling attack check for l2tp. Debug updating blocksites keyword from \ debug enabling attack check for udp flood. Debug inserting blocksites keyword \ debug enabling attack check for ipsec. Debug deleting trusted domain \ debug enabling attack check for pptp...
Page 182
Unified services router user manual 180 internet on port %d %d:%d:%d:%d:%d enabling remote access management for ip address range" debug disabling port trigger rule for %d:%d:%d:%d:%d debug enabling remote access management to only this pc. Debug adding port trigger rule for %d:%d:%d:%d:%d debug dis...
Page 183
Unified services router user manual 181 update firewallrules6 where schedulename = '%s' to new " debug fwlbspilloverconfigure: could not set postrouting rules error dns proxy restart failed debug fwlbspilloverconfigure: something going wrong here error deleting interface to ifgroup failed debug fwl2...
Page 184
Unified services router user manual 182 facility: local0 (wireless) log message severity log message severity (node=%s) setting %s to val = %d debug sqlite3queryresget failed error custom wireless event: '%s' debug sqlite3queryresget failed error wireless event: cmd=0x%x len=%d debug vap(%s) set bea...
Page 185
Unified services router user manual 183 got pnac_event_preauth_success event for : %s debug udp failed, received length is %d error event for non-existent node %s debug umiioctl(umi_comp_kdot11, error pnac_event_eapol_start event received debug umiioctl(umi_comp_udot11,%d,%d ) \ error pnac_event_eap...
Page 186
Unified services router user manual 184 sending eapol pdu to pnac... Debug dot11_rx_eapol_keymsg: unknown ifname %s error creating pnac authenticator with values %d %d - %s debug cmd %d not supported.Sender=%d error profile %s does not exist debug inteface name passed is null error iapp initialized....
Page 187
Unified services router user manual 185 pnacrecvrtn: no corresponding pnac port pae found debug umiioctl(umi_comp_iapp,%d) failed error sending unicast key debug invalid ie. Error sending broadcast key debug umiioctl(umi_comp_kdot11_vap, %d ) failed error from pnacauthpaedisconnected: calling pnactx...
Page 188
Unified services router user manual 186 from pnacrecvmapi: pkt body len = %d, pkttype = %d debug eapolrecvkeymsg: invalid descriptor version error from pnacpduprocess: received pnac_eap_packet debug eapolrecvkeymsg: incorrect descriptor version error from pnacpduprocess: currentid = %d debug eapolre...
Page 189
Unified services router user manual 187 from pnacbackauthfail: calling pnactxcannedfail debug rc4 framework initialization failed error %s returned error debug pnac framework initialization failed error pnacumiioctlhandler: cmd: %s(%d) debug error: option value not specified error %s not configured ...
Page 190
Unified services router user manual 188 phyport:%s pnacradxlateradpktintegritychk: no corresponding " pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpktintegritychk: no message " error pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpk...
Page 191
Unified services router user manual 189 failed to initiate pbc based enrolle association error pnackeyinfoget:failed to allocate buffer error invalid association mode. (allowed modes : pin/pbc) error pnac user comp id not set. Dropping eapol key pkt error wpsenable: running wsccmd failed error pnacu...
Page 192
Unified services router user manual 190 invalid cipher type %d error error from pnacauthinit: pnacauthkeytxinit failed error profile supports wep stas,group cipher must be wep error error from pnacauthinit: pnacreauthtimerinit failed error profile %s does not exist error error from pnacauthinit: pna...
Page 193
Unified services router user manual 191 error in executing db update handler error pnaceapradauthsend: invalid arguments error sqlite3queryresget failed error pnaceapradauthsend: failed to allocate inbuffer error error: incomplete db update information. Error pnacxmit : umiioctl failed[%d] error old...
Page 194
Unified services router user manual 192 invalid config data error facility: kernel log message severity log message severity dnat: multiple ranges no longer supported debug %s: %s%s:%d -> %s:%d %s, debug dnat: target size %u wrong for %u ranges, debug %s: %s%s:%d %s, debug dnat: wrong table %s, tabl...
Page 195
Unified services router user manual 193 %s%d: bad sequence number: %d, expected: %d, debug ifmedia_ioctl: no media found for 0x%x, debug pppiocdetach file->f_count=%d, debug ifmedia_ioctl: switching %s to , dev- >name debug ppp: outbound frame not passed debug ifmedia_match: multiple match for debug...
Page 196
Unified services router user manual 194 %s: mac_del %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug %02x, ((u_int8_t *)p)[i] debug %s: mac_kick %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug fi...
Page 197
Unified services router user manual 195 %s: flow dst=%s, __function__, xfrmstraddr(fl->fl6_dst, family) debug encrypt data length mismatch debug %s: flow src=%s, __function__, xfrmstraddr(fl->fl6_src, family) debug encrypt data does not compare debug a guy asks for address mask. Who is it? Debug tki...
Page 198
Unified services router user manual 196 ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s, debug txmic debug udp: short packet: from %u.%u.%u.%u:%u %d/%d to %u.%u.%u.%u:%u, debug %02x, hk->kv_txmic[i] debug udp: bad checksum. From %d.%d.%d.%d:%d to %d.%d.%d.%d:%d ulen %d, debug %s: unable to update h/w beac...
Page 199
Unified services router user manual 197 ipt_time loading debug %s: failed to register sysctls!, sc- >sc_dev->name debug ipt_time unloaded debug %s: mac %d.%d phy %d.%d, dev- >name, debug ip_conntrack_irc: max_dcc_channels must be a positive integer debug 5 ghz radio %d.%d 2 ghz radio %d.%d, debug ip...
Page 200
Unified services router user manual 198 window=%u , ntohs(th->window) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug res=0x%02x , (u8)(ntohl(tcp_flag_word(th) & tcp_reserved_bits) >> 22) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug urgp=%u , ntohs(th->urg_ptr) deb...
Page 201
Unified services router user manual 199 physout=%s , physoutdev->name debug %s: error. Dst refcount value less than 1 (%d), debug mac= debug for %s device refcnt: %d ,pdst- >dev->name, debug %02x%c, *p, debug %s: got null m:%p *m:%p sa:%p *sa:%p,__func__,ppbufmgr, debug nat: no longer support implic...
Page 202
Unified services router user manual 200 >msg_iov[i].Iov_base)[j] %02x, skb->data[i] debug de initializing by \ info _lvl pppol2tp: _fmt, ##args debug kernel umi module loaded info %02x, ptr[length] debug kernel umi module unloaded info %02x, ((unsigned char *) m- >msg_iov[i].Iov_base)[j] debug loadi...
Page 203
Unified services router user manual 201 test key, key debug %s: %s (, dev_info, ath_hal_version info pre-hashed key, key debug %s: driver unloaded, dev_info info const char *descr, krb5_keyblock *k) { debug %s: driver unloaded, dev_info info aes 128-bit key, &key debug %s: version 2.0.0 info const c...
Page 204
Unified services router user manual 202 failed to set aes encrypt key debug icmp: %u.%u.%u.%u: info aes %s decrypt test duration: %d:%d, hard ? Hard : soft, debug icmp: %u.%u.%u.%u: source info failed to set aes encrypt key debug wrong address mask %u.%u.%u.%u from info failed to set aes encrypt key...
Page 205
Unified services router user manual 203 md5 software test %s, md5softtest(0) ? Failed : passed debug %s: options rejected: o[0]=%02x, o[1]=%02x, warnin g md5 hardware test: debug %s: don't know what to do: o[5]=%02x, warnin g md5 hardware test %s, md5hardtest(0) ? Failed : passed debug *** new port ...
Page 206
Unified services router user manual 204 value = %x ::: at page = %x : addr = %x debug cix %u (%u) bad ratekbps %u mode %u, warnin g reg size == 32 bit debug %s: no rates for %s?, warnin g value = %x ::: at page = %x : addr = %x debug no rates yet! Mode %u, sc- >sc_curmode warnin g reg size == 64 bit...
Page 207
Unified services router user manual 205 from g %s(): addba mode is auto, __func__ debug martian source %u.%u.%u.%u from warnin g %s(): invalid tid value, __func__ debug ll header: warnin g error in add- no node available debug unable to create ip_set_list error %s(): channel capabilities do not matc...
Page 208
Unified services router user manual 206 [%d]\tmacaddr\t%s, j, debug ppp: no memory (vj comp pkt) error [%d]\tdescp\t\t%s, j, ni- >node_trace[i].Descp debug ppp: no memory (comp pkt) error [%d]\tvalue\t\t%llu(0x%llx), j, ni- >node_trace[i].Value, debug ppp: compressor dropped pkt error ifmedia_add: n...
Page 209
Unified services router user manual 207 __function__ %s: failed to register sysctls!, proc_name debug ppp: vj uncompressed error error pktlog_tag %s: proc_mkdir failed, __function__ debug ppp_decompress_frame: no memory error pktlog_tag %s: pktlog_attach failed for %s, debug ppp_mp_reconstruct bad s...
Page 210
Unified services router user manual 208 %s: cancel dfs wait period on channel %d, __func__, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error non-dfs channel, cancelling previous dfs wait timer channel %d, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error %s: unable to re...
Page 211
Unified services router user manual 209 ,__func__ int)len %s: unable to start recv logic, debug %03d:, i error %s: invalid interface id = %u, __func__, if_id debug %02x, ((unsigned char *)p)[i] error %s: unable to allocate channel table, __func__ debug mic check failed error %s: tx antenna switch. D...
Page 212
Unified services router user manual 210 >ifname wakingup due to wow signal debug unable to register kifdev to umi error %s, wowstatus = 0x%x, __func__, wowstatus debug error: %s: timeout at page %#0x addr %#0x error pattern added already debug error: %s: timeout at page %#0x addr %#0x error error : ...
Page 213
Unified services router user manual 211 0x%08x 0x%08x, 0x%08x 0x%08x 0x%08x 0x%08x, debug ath_pci: 32-bit dma not available error sc_txq[%d] : , i debug ath_pci: cannot reserve pci memory region error tid %p pause %d : , tid, tid->paused debug ath_pci: cannot remap pci memory region) ; error %d: %p ...
Page 214
Unified services router user manual 212 index:%d, value:%d, code:%x, rate:%d, flag:%x, i, (int)validrateindex[i], debug dev is null %p %p ,dev,dst critical ratetable:%d, maxvalidrate:%d, ratemax:%d, prc->ratetablesize,k,prc- >ratemaxphy debug packet is fragmented %d,pbufmgr- >len critical can't allo...
Page 215
Unified services router user manual 213 appendix e. Rj-45 pin-outs signal rj-45 cable adapter signal rj-45 pin db-9 pin cts nc nc nc dtr nc nc nc txd 6 3 rxd gnd 5 5 gnd gnd 4 5 gnd rxd 3 2 txd dsr nc nc nc rts nc nc nc.
Page 216
Unified services router user manual 214 appendix f. Product statement 1. Dsr-1000n federal communications commission (fcc) compliance notice: radio frequency notice this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. ...
Page 217
Unified services router user manual 215 important note: radiation exposure statement this equipment complies with ic radiation exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying rf exposure compliance. To maintain compl...
Page 218
Unified services router user manual 216 2.Dsr-500n federal communications commission (fcc) compliance notice: radio frequency notice this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. These limits are designed to pro...
Page 219
Unified services router user manual 217 important note: radiation exposure statement this equipment complies with ic radiation exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying rf exposure compliance. To maintain compl...
Page 220
Unified services router user manual 218 3.Dsr-250n federal communication commission interference statement this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. These limits are designed to provide reasonable protection...
Page 221
Unified services router user manual 219 regulatory statement (r&tte) european standards dictate maximum radiated transmit power of 100mw eirp and frequency range 2.400- 2.4835ghz; in france, the equipment must be restricted to the 2.4465-2.4835ghz frequency range and must be restricted to indoor use...