- DL manuals
- D-Link
- Wireless Router
- DSR-1000
- User Manual
D-Link DSR-1000 User Manual - 3.4.2 Load Balancing
Unified Services Router
User Manual
40
Auto-Rollover using WAN port-WAN1: WAN1 is the primary internet link.
Auto-Rollover using WAN port-WAN2: WAN2 is the primary internet link.
Failover Detection Settings: To check connectivity of the primary internet link, one
of the following failure detection methods can be selected:
DNS lookup using WAN DNS Servers: DNS Lookup of the DNS Servers of
the primary link are used to detect primary WAN connectivity.
DNS lookup using DNS Servers: DNS Lookup of the custom DNS Servers
can be specified to check the connectivity of the primary link.
Ping these IP addresses: These IP's will be pinged at regular intervals to
check the connectivity of the primary link.
Retry Interval is: The number tells the router how often it should run th e
above configured failure detection method.
Failover after: This sets the number of retries after which failover is
initiated.
3.4.2 Load Balancing
This feature allows you to use multiple WAN links (and presumably multiple ISP‘s)
simultaneously. After configuring more than one WAN port, the load balancing
option is available to carry traffic over more than one link. Protocol bindings are
used to segregate and assign services over one WAN port in order to manage
internet flow. The configured failure detection method is used at regular intervals on
all configured WAN ports when in Load Balancing mode.
DSR currently support three algorithms for Load Balancing:
Round Robin: This algorithm is particularly useful when the connection speed of
one WAN port greatly differs from another. In this case you can define protocol
bindings to route low-latency services (such as VOIP) over the higher -speed link
and let low-volume background traffic (such as SMTP) go over the lower speed link.
Protocol binding is explained in next section.
Spill Over: If Spill Over method is selected, WAN1 acts as a dedicated link till a
threshold is reached. After this, WAN2 will be used for new connections. You can
configure spill-over mode by using folloing options:
Load Tolerance: It is the percentage of bandwidth after which the router
switches to seconday WAN.
Max Bandwidth: This sets the maximum bandwidth tolerable by the primary
WAN.
If the link bandwidth goes above the load tolerance value of max bandwidth, the
router will spill-over the next connections to secondary WAN.
For example, if the maximum bandwidth of primary WAN is 1 Kbps and the load
tolerance is set to 70. Now everytime a new connection is established the bandwidth
increases. After a certain number of connections say bandwidth reached 70% of
1Kbps, the new connections will be spilled -over to secondary WAN. The maximum
value of load tolerance is 80 and the least is 20.
Protocol Bindings: Refer Section 3.4.3 for details
Summary of DSR-1000
Page 1
Unified services router user manual dsr-500 / 500n / 1000 / 1000n ver. 1.02 http://www.Dlink.Com building networks for people small business gateway solution.
Page 2: User Manual
User manual unified services router d-link corporation copyright © 2011. Http://www.Dlink.Com.
Page 3
Unified services router user manual 1 user manual dsr-500 / 500n / 1000 / 1000n unified services router version 1.02 copyright © 2011 copyright notice this publication, including all photographs, illustrations and software, is protected under international copyright laws, with all rights reserved. N...
Page 4: Table Of Contents
Unified services router user manual 2 table of contents chapter 1. Introduction ............................................................................................................................. 9 1.1 about this user manual ....................................................................
Page 5
Unified services router user manual 3 4.4 tuning radio specific settings ............................................................................. 60 4.5 advanced wireless settings .................................................................................. 61 4.6 wi-fi protected setup (wp...
Page 6
Unified services router user manual 4 9.1 configuration access control .............................................................................. 116 9.1.1 remote management ........................................................................................... 116 9.1.2 cli access ............
Page 7: List Of Figures
Unified services router user manual 5 list of figures figure 1: setup page for lan tcp/ip settings ...................................................................................... 13 figure 2: ipv6 lan and dhcpv6 configuration ......................................................................
Page 8
Unified services router user manual 6 figure 33: virtual ap configuration .......................................................................................................... 58 figure 34: list of configured access points (virtual aps) shows one enabled access point on the radio, broadcasting ...
Page 9
Unified services router user manual 7 figure 64: list of ssl vpn polices (global filter) ................................................................................ 101 figure 65: ssl vpn policy configuration .........................................................................................
Page 10
Unified services router user manual 8 figure 98: list of connected 802.11 clients per ap ............................................................................. 142 figure 99: list of lan hosts .......................................................................................................
Page 11: Chapter 1. Introduction
Unified services router user manual 9 chapter 1. Introduction d-link unified services routers offer a secure, high performance networking solution to address the growing needs of small and medium businesses. Integrated high -speed ieee 802.11n and 3g wireless technologies offer comparable performanc...
Page 12
Unified services router user manual 10 as a concerned member of the global c ommunity, d-link is devoted to providing eco-friendly products. D-link green wifi and d-link green ethernet save power and prevent waste. The d -link green wlan scheduler reduces wireless power automatically during off -pea...
Page 13: Lan Setup
Chapter 2. Configuring your network: lan setup it is assumed that the user has a machine for management connected to the lan to the router. The lan connection may be through the wired ethernet ports available on the router, or once the initial setup is complete, the dsr may also be managed through i...
Page 14
Unified services router user manual 12 to configure lan connectivity, please follow the steps below: 1. In the lan setup page, enter the following information for your router: ip address (factory default: 192.168.1 0.1). If you change the ip address and click save settings, the gui will not respond....
Page 15
Unified services router user manual 13 lease time: enter the time, in hours, for which ip addresses are leased to clients. Enable dns proxy: to enable the route r to act as a proxy for all dns requests and communicate with the isp‘s dns servers, click the checkbox. 3. Click save settings to apply al...
Page 16
Unified services router user manual 14 2.1.1 lan configuration in an ipv6 network advanced > ipv6 > ipv6 lan > ipv6 lan config in ipv6 mode, the lan dhcp server is enabled by default (similar to ipv4 mode). The dhcpv6 server will serve ipv6 addresses from configured address pools with the ipv6 prefi...
Page 17
Unified services router user manual 15 figure 2: ipv 6 l an and dh cpv6 c onf iguration if you change the ip address and click save settings, the gui will not respond. Open a new connection to the new ip address and log in again. Be sure the lan host (the machine used to manage the router) has obtai...
Page 18
Unified services router user manual 16 dhcp mode: the ipv6 dhcp server is either stateless or stateful. If stateless is selected an external ipv6 dhcp server is not required as the ipv6 lan hosts are auto-configured by this router. In this case the router advertisement daemon (radvd) must be configu...
Page 19
Unified services router user manual 17 radvd advanced > ipv6 > ipv6 lan > router advertisement to support stateless ipv6 auto configuration on the lan, set the radvd status to enable. The following settings are used to configure radvd: advertise mode: select unsolicited multicast to send router adve...
Page 20
Unified services router user manual 18 figure 3: co nf iguri ng the ro uter adverti se ment dae mon advertisement prefixes advanced > ipv6 > ipv6 lan > advertisement prefixes the router advertisements configured with advertisement prefixes allow this router to inform hosts how to perform stateless a...
Page 21: 2.2 Vlan Configuration
Unified services router user manual 19 ipv6 prefix length: this value indicates the number contiguous, higher order bits of the ipv6 address that define up the network portion of the address. Typically this is 64. Prefix lifetime: this defines the duration (in seconds) that the requesting node is al...
Page 22
Unified services router user manual 20 will allow traffic from lan hosts belonging to this vlan id to pass through to other configured vlan ids that have inter vlan routing enabled. Figure 5: addi ng vlan me mber shi ps to the l an 2.2.1 associating vlans to ports in order to tag all traffic through...
Page 23
Unified services router user manual 21 figure 6: port vlan list in access mode the port is a member of a single vlan (and only one). All data going into and out of the port is untagged. Traffic through a port in access mode looks like any other ethernet frame. In trunk mode the port is a member of a...
Page 24
Unified services router user manual 22 figure 7: co nf iguri ng vlan me mbership f or a por t 2.3 configurable port: dmz setup this router supports one of the physical ports to be configured as a secondary wan ethernet port or a dedicated dmz port. A dmz is a subnetwork that is open to the public bu...
Page 25
Unified services router user manual 23 figure 8: dm z c onf iguratio n in order to configure a dmz port, the rout er‘s configurable port must be set to dmz in the setup > internet settings > configurable port page. 2.4 universal plug and play (upnp) advanced > advanced network > upnp universal plug ...
Page 26
Unified services router user manual 24 configure the following settings to use upnp: advertisement period: this is the frequency that the router broadcasts upnp information over the network. A large value will minimize network traffic but cause delays in identifying new upnp devices to the network. ...
Page 27: 2.5 Captive Portal
Unified services router user manual 25 2.5 captive portal lan users can gain internet access via web portal authentication with the dsr. Also referred to as run-time authentication, a captive portal is ideal for a web café scenario where users initiate http connection requests for web access but are...
Page 28: Wan Setup
Unified services router user manual 26 chapter 3. Connecting to the internet: wan setup this router has two wan ports that can be used to establish a connection to the internet. The following isp connection types are supported: dhcp, static, pppoe, pptp, l2tp, 3g internet (via usb modem). It is assu...
Page 29: 3.2 Wan Configuration
Unified services router user manual 27 3g internet access with a usb modem is supported on the secondary wan p ort (wan2). The internet connection setup wizard assists with the primary wan port (wan1) configuration only. 3.2 wan configuration setup > internet settings > wan1 setup you must either al...
Page 30: 3.2.2 Wan Dns Servers
Unified services router user manual 28 my ip address: enter the ip address assigned to you by the isp. Server ip address: enter the ip address of the pptp or l2tp server. 3.2.1 wan port ip address your isp assigns you an ip address that is either d ynamic (newly generated each time you log in) or st...
Page 31: 3.2.4 Pppoe
Unified services router user manual 29 figure 12 : ma nual wan conf igur atio n 3.2.4 pppoe setup > internet settings the pppoe isp settings are defined on the wan configuration page. There are two types of pppoe isp‘s supported by the dsr: the standard username/password pppoe and japan multiple ppp...
Page 32
Unified services router user manual 30 figure 13 : pppoe co nf iguratio n f or sta ndard isps most pppoe isp‘s use a single control and data connection, and require username / password credentials to login and authenticate the dsr with the isp. The isp connection type for this case is ―pppoe (userna...
Page 33
Unified services router user manual 31 figure 14 : w an c onf iguration f or japanese multi ple pppoe (part 1) there are a few key elements of a multiple pppoe connection: primary and secondary connections are concurrent each session has a dns server source for domain n ame lookup, this can be assig...
Page 34
Unified services router user manual 32 when japanese multiple pppoe is configured and secondary connection is up, some predefined routes are added on that interface. These routes are needed to access the internal domain of the isp where he hosts various services. These routes can even be configured ...
Page 35
Unified services router user manual 33 figure 16 : russia l2 tp isp co nf iguratio n 3.2.6 wan configuration in an ipv6 network setup > ipv6 > ipv6 wan1 config.
Page 36
Unified services router user manual 34 for ipv6 wan connections, this router can have a static ipv6 address or receive connection information when configured as a dhcpv6 client. In the case where the isp assigns you a fixed address to access the internet, the static configuration settings must be co...
Page 37
Unified services router user manual 35 figure 17 : ip v6 w an se tup page 3.2.7 checking wan status setup > internet settings > wan status the status and summary of configured settings for both wan1 and wan2 are available on the wan status page. You can view the following key connection status infor...
Page 38
Unified services router user manual 36 figure 18 : connecti on sta tus i nf ormatio n f or bo th wan por ts the wan status page allows you to enable or disable static wan links. For wan settings that are dynamically received from the isp, you can renew or release the link parameters if required..
Page 39: 3.3 Bandwidth Controls
Unified services router user manual 37 3.3 bandwidth controls advanced > advanced network > traffic management > bandwidth profiles bandwidth profiles allow you to regulate the traffic flow from the lan to wan 1 or wan 2. This is useful to ensure that low priority lan users (l ike guests or http ser...
Page 40
Unified services router user manual 38 for finer control, the rate profile type can be used. With this option the minimum and maximum bandwidth allowed by this profile can be limited. Choose the wan interface that the profile should be associated with . Figure 20 : ba ndwidt h prof ile co nf igurat ...
Page 41: 3.4.1 Auto Failover
Unified services router user manual 39 figure 21 : traf f ic selector co nf iguratio n 3.4 features with multiple wan links this router supports multiple wan links. This allows you to take advantage of failover and load balancing features to ensure certain intern et dependent services are prioritize...
Page 42: 3.4.2 Load Balancing
Unified services router user manual 40 auto-rollover using wan port-wan1: wan1 is the primary internet link. Auto-rollover using wan port-wan2: wan2 is the primary internet link. Failover detection settings: to check connectivity of the primary internet link, one of the following failure detection m...
Page 43: 3.4.3 Protocol Bindings
Unified services router user manual 41 load balancing is particularly useful when the connection sp eed of one wan port greatly differs from another. In this case you can define protocol bindings to route low-latency services (such as voip) over the higher -speed link and let low-volume background t...
Page 44: 3.5.1 Routing Mode
Unified services router user manual 42 addresses can be assigned to the other wan link. Protocol bindings are only applicable when load balancing mode is enabled and more than one wan is configured. Figure 23 : protocol binding setup to a ssociate a service a nd/ or lan so urce to a w an and/or dest...
Page 45
Unified services router user manual 43 nat is a technique which allows several computers on a lan to share an internet connection. The computers on the lan use a "private" ip address range while the wan port on the router is configured with a single "public" ip address. Along with connection sharing...
Page 46
Unified services router user manual 44 figure 24 : routing mode is use d to conf igure traf f ic routi ng between wan and lan, as well as dy na mic ro uti ng ( rip) 3.5.2 dynamic routing (rip) setup > internet settings > routing mode.
Page 47: 3.5.3 Static Routing
Unified services router user manual 45 dynamic routing using the routing information protocol (rip) is an interior gateway protocol (igp) that is common in lans. With rip this router can exchange routing information with other supported routers in the lan and allow for dy namic adjustment of routing...
Page 48
Unified services router user manual 46 the list of static routes displays all routes that have been added manually by an administrator and allows several operations on the static routes. The list of ipv4 static routes and list of ipv6 static routes share the same fields (with one exception): name: n...
Page 49
Unified services router user manual 47 figure 25 : static ro ute co nf igurati on f ie lds 3.6 configurable port - wan option this router supports one of the physical ports to be configured as a secondary wan ethernet port or a dedicated dmz port. If the port is selected to be a secondary wan interf...
Page 50
Unified services router user manual 48 figure 26 : w an2 co nf iguratio n f or 3g i nternet ( part 1 ) cellular 3g internet access is available on wan2 via a 3g usb modem for dsr- 1000 and dsr-1000n. The cellular isp that provides the 3g data plan will provide the authentication requirements to esta...
Page 51: 3.7 Wan Port Settings
Unified services router user manual 49 figure 27 : w an2 co nf iguratio n f or 3g i nternet ( part 2 ) 3.7 wan port settings advanced > advanced network > wan port setup the physical port settings for each wan link can be defined here. If your isp account defines the wan port speed or is associated ...
Page 52
Unified services router user manual 50 the default mac address is defined during the manufacturing process for the interfaces, and can uniquely identify this router. You can customize each wan port‘s mac address as needed, either by letting the wan port assume the current lan host‘s mac address or b...
Page 53: Setup
Unified services router user manual 51 chapter 4. Wireless access point setup this router has an integrated 802.11n radio that allows you to create an access point for wireless lan clients. The security/encryption/authentication options are grouped in a wireless profile, and each configured profile ...
Page 54
Unified services router user manual 52 figure 29 : wireless networ k set up wi za rds 4.1.1 wireless network setup wizard this wizard provides a step-by-step guide to create and secure a new access point on the router. The network name (ssid) is the ap identifier that will be detected by supported c...
Page 55: 4.2 Wireless Profiles
Unified services router user manual 53 personal identification number (pin): the wireless device that supports wps may have an alphanumeric pin, and if entered in this field the ap will establish a link to the client. Click connect to complete setup and connect to the client. Push button configurati...
Page 56: 4.2.1 Wep Security
Unified services router user manual 54 server, or both. Note that wpa does not support 802.11n data rates; is it appropriate for legacy 802.11 connections. Wpa2: this security type uses ccmp encryption (and the option to add tkip encryption) on either psk (pre-shared key) or enterprise (radius serve...
Page 57
Unified services router user manual 55 size. Next choose one of the keys to be used for a uthentication. The selected key must be shared with wireless clients to connect to this device. Figure 31 : prof ile conf iguratio n to set ne twor k sec urity 4.2.2 wpa or wpa2 with psk a pre-shared key (psk) ...
Page 58
Unified services router user manual 56 4.2.3 radius authentication setup > wireless settings > radius settings enterprise mode uses a radius server for wpa and/or wpa2 security. A radius server must be configured and accessible by the router to authenticate wireless client connections to an ap enabl...
Page 59
Unified services router user manual 57 figure 32 : radius server (ex ternal aut hentica tio n) co nf iguration 4.3 creating and using access points setup > wireless settings > access points once a profile (a group of security settings) is created, it can be assigned to an ap on the router. The ap ss...
Page 60
Unified services router user manual 58 figure 33 : virtual ap conf igurati on a valuable power saving feature is the start and stop time control for this ap. You can conserve on the radio power by disabling the ap when it is not in use. For example on evenings and weekends if you know there are no w...
Page 61
Unified services router user manual 59 figure 34 : li st of c o nf igured access points (virt ual aps) sho ws one enable d acce ss poi nt on the radi o, broa dcasti ng it s ssid the clients connected to a particular ap can be viewed by using the status button on the list of available access points. ...
Page 62
Unified services router user manual 60 broadcast the ssid for the vap with wep since it is meant to be used for a few legacy devices in this scenario. 4.4 tuning radio specific settings setup > wireless settings > radio settings the radio settings page lets you configure t he channels and power leve...
Page 63
Unified services router user manual 61 4.5 advanced wireless settings advanced > wireless settings > advanced wireless sophisticated wireless administrators can modify the 802.11 communication parameters in this page. Generally, the default settings are appropriate for most networks. Please refer to...
Page 64
Unified services router user manual 62 connect within 60 seconds of clicking the ―configure via pin‖ button immediately below the pin field. There is no led indication that a client has connected. Push button configuration (pbc): for wireless devices that support pbc, press and hold down on this but...
Page 65: Network
Chapter 5. Securing the private network you can secure your network by creating and applying rules that your router uses to selectively block and allow inbound and outbound internet traffic. You then specify how and to whom the rules apply. To do so, you must define the following: services or traffi...
Page 66
Unified services router user manual 64 may use the ip address if a static address is assigned to the wan port, or if your wan address is dynamic a ddns (dynamic dns) name can be used. Outbound (lan/dmz to wan) rules restrict access to traffic leaving your network, selectively allowing only specific ...
Page 67
Unified services router user manual 65 figure 39 : li st of available sc hedules t o bi nd to a f irewall rule 5.3 configuring firewall rules advanced > firewall settings > firewall rules all configured firewall rules on the router are displayed in the firewall rules list. This list also indicate s ...
Page 68
Unified services router user manual 66 service: any means all traffic is affected by this rule. For a specific service the drop down list has common services, or you can select a custom defined service. Action & schedule: select one of the 4 actions that this rule defines: block always, allow always...
Page 69
Unified services router user manual 67 external ip address: the rule can be bound to a specific wan interface by selecting either the primary wan or configurable port wan as the source ip address for incoming traffic. This router supports multi-nat and so the external ip address does not necessari...
Page 70
Unified services router user manual 68 figure 40 : ex a mple where an out bo und snat r ule i s use d to map a n ex ternal ip a ddress (209. 156. 200. 225) to a priv ate dm z ip address (1 0.30 .30. 30 ).
Page 71
Unified services router user manual 69 figure 41 : t he f irewall rule co nf igurati o n page all ows y ou to def ine t he to/fro m zo ne, servi ce, actio n, sche dule s, and specif y so urce/desti na tion ip addresses as nee de d..
Page 72
Unified services router user manual 70 5.3.1 firewall rule configuration examples example 1: allow inbound http traffic to the dmz situation: you host a public web server on your local dmz network. You want to allow inbound http requests from any outside ip address to the ip address of your web serv...
Page 73
Unified services router user manual 71 example 3: multi-nat configuration situation: you want to configure multi -nat to support multiple public ip addresses on one wan port interface. Solution: create an inbound rule that configures the firewall to host an additional public ip address. Associate th...
Page 74
Unified services router user manual 72 in the scheduled days box, check that you want the schedule to be active for ―specific days‖. Select ―saturday‖ and ―sunday‖ in the scheduled time of day, select ―all day‖ – this will apply the schedule between 12 am to 11:59 pm of the selected day. Click apply...
Page 75
Unified services router user manual 73 figure 42 : sc hedule conf iguratio n f or t he abo ve ex ample. 2. Since we are trying to block http requests, it is a service with to zone: insecure (wan1/wan2) that is to be blocked according to schedule ―weekend‖..
Page 76
Unified services router user manual 74 3. Select the action to ―block by schedule, otherwise allow‖. This will take a predefined schedule and make sure the rule is a blocking rule during the defined dates/times. All other times outside the schedule will not be affected by this firewall blocking rule...
Page 77: 5.5 Alg Support
Unified services router user manual 75 figure 43 : li st of user def ined services . 5.5 alg support advanced > firewall settings > algs application level gateways (algs) are security component that enhance the firewall and nat support of this router to seamlessly support application layer protocols...
Page 78
Unified services router user manual 76 figure 44 : availa ble alg s upport on t he router . 5.6 vpn passthrough for firewall advanced > firewall settings > vpn passthrough this router‘s firewall settings can be configured to allow encrypted vpn traffic for ipsec, pptp, and l2tp vpn tunnel connection...
Page 79: 5.7 Application Rules
Unified services router user manual 77 figure 45 : pa sst hro ug h o ptio ns f or vpn tunnel s 5.7 application rules advanced > application rules > application rules application rules are also referred to as p ort triggering. This feature allows devices on the lan or dmz to request one or more ports...
Page 80: 5.8.1 Content Filtering
Unified services router user manual 78 figure 46 : li st of available applica tion rule s showi ng 4 uni que r ules the application rule status page will list any active rules, i.E. Incoming ports that are being triggered based on outbound requests from a defined outgoing port. 5.8 web content filte...
Page 81: 5.8.2 Approved Urls
Unified services router user manual 79 figure 47 : content filtering use d t o bl o c k access t o prox y se rvers a nd prevent acti ve x co ntrols f ro m being downloa ded 5.8.2 approved urls advanced > website filter > approved urls the approved urls is an acceptance list for all url domain names....
Page 82: 5.8.3 Blocked Keywords
Unified services router user manual 80 figure 48 : two tr ust ed do mai ns a dde d to the appro ved urls list 5.8.3 blocked keywords advanced > website filter > blocked keywords keyword blocking allows you to block all website url‘s or site c ontent that contains the keywords in the configured list....
Page 83: 5.9 Ip/mac Binding
Unified services router user manual 81 figure 49 : two keywords a dde d t o t he bloc k li st 5.9 ip/mac binding advanced > ip/mac binding another available security measure is to only allow outbound traffic (from the lan to wan) when the lan node has an ip address matching the mac address bound to ...
Page 84
Unified services router user manual 82 figure 50 : t he f ollo wing ex ample binds a lan ho st’ s mac address t o a n ip a ddre ss serve d by dsr . If t here is an ip/mac bi ndi ng violatio n, the violati ng pac ke t will be dr opped and lo gs will be capt ured 5.10 intrusion prevention (ips) advanc...
Page 85
Unified services router user manual 83 figure 51 : intr usi on preventio n f eature s on the router 5.11 protecting from internet attacks advanced > advanced network > attack checks attacks can be malicious security breaches or unintentional network issues that render the router unusable. Attack che...
Page 86
Unified services router user manual 84 figure 52 : protecti ng the router a nd lan f rom internet atta c ks.
Page 87
Unified services router user manual 85 chapter 6. Ipsec / pptp / l2tp vpn a vpn provides a secure communication channel (―tunnel‖) between two gateway routers or a remote pc client. The followin g types of tunnels can be created: gateway-to-gateway vpn: to connect two or more routers to secure traff...
Page 88: 6.1 Vpn Wizard
Unified services router user manual 86 figure 54 : ex a mple of three ip sec client connecti ons t o t he i nternal networ k thro ug h t he dsr ipsec gateway 6.1 vpn wizard setup > wizard > vpn wizard you can use the vpn wizard to quickly create both ike and vpn policies. Once the ike or vpn policy ...
Page 89
Unified services router user manual 87 figure 55 : vpn wi zard la unch screen to easily establish a vpn tunnel using vpn wizard, follow the steps below: 1. Select the vpn tunnel type to create the tunnel can either be a gateway to gateway connection (site -to-site) or a tunnel to a host on the inter...
Page 90
Unified services router user manual 88 local wan ip address / fqdn: this field can be left blank if you are not using a different fqdn or ip address than the one specified in the wan port‘s configuration. 3. Configure the secure connection remote accessibility fields to identify the remote network: ...
Page 91
Unified services router user manual 89 6.2 configuring ipsec policies setup > vpn settings > ipsec > ipsec policies an ipsec policy is between this router and another gateway or this router and a ipsec client on a remote host. The ipsec mode can be either tunnel or transport depending on the network...
Page 92
Unified services router user manual 90 figure 56 : ip sec poli cy conf igura tio n once the tunnel type and endpoints of the tunnel are defined you can determine the phase 1 / phase 2 negotiation to use for the tunnel. This is covered in the ipsec mode setting, as the policy can be manual or auto. F...
Page 93
Unified services router user manual 91 figure 57 : ip sec poli cy conf igura tio n co ntinue d (auto policy via ik e) a manual policy does not use ike and instead relies on manual keying to exchange authentication parameters between the two ipsec hosts. The incoming and outgoing security parameter i...
Page 94
Unified services router user manual 92 figure 58 : ip sec poli cy conf igura tio n co ntinue d (auto / manual pha se 2 ) 6.2.1 extended authentication (xauth) you can also configure extended authentication (xauth). Rather than configure a unique vpn policy for each user, you can configure the vpn g ...
Page 95
Unified services router user manual 93 6.3 configuring vpn clients remote vpn clients must be configured with the same vpn policy parameters used in the vpn tunnel that the client wishes to use: encryption, authentication, life time, and pfs key-group. Upon establishing these authentication paramete...
Page 96
Unified services router user manual 94 figure 59 : pptp t unnel co nf iguratio n – pptp server 6.4.2 l2tp tunnel support setup > vpn settings > l2tp > l2tp server a l2tp vpn can be established through this router. Once enabled a l2tp server is available on the router for lan and wan l2tp client user...
Page 97: Chapter 7. Ssl Vpn
Chapter 7. Ssl vpn the router provides an intrinsic ssl vpn feature as an alternate to the standard ipsec vpn. Ssl vpn differs from ipsec vpn mainly by removing the requirement of a pre - installed vpn client on the remote host. Instead, users can securely login through the ssl user portal using a s...
Page 98
Unified services router user manual 96 figure 61 : ex a mple of clientless ssl vpn co nnectio ns t o t he dsr 7.1 users, groups, and domains advanced > users > users authentication of the users (ipsec, ssl vpn, or gui) is done by the router using either a local database on the router or external aut...
Page 99
Unified services router user manual 97 idle timeout: the session timeout for the user. Once the user is configured, the dsr will display a list of all configured users. Figure 62 : availa ble user s wit h logi n sta tus a nd a ssocia ted group/ do mai n advanced > users > domains the domain determin...
Page 100
Unified services router user manual 98 timeout: the timeout period for reaching the authentication server. Retries: the number of retries to authenticate with the authentication server after which the dsr stops trying to reach the server. Workgroup: this is required is for nt domain authentication. ...
Page 101
Unified services router user manual 99 guest (read only): the guest user gains read only access to the gui to observe and review configuration settings. The guest does not have ssl vpn access. Ssl vpn user: this user has access to the ssl vpn services as determined by the group policies and authenti...
Page 102
Unified services router user manual 100 figure 63 : user co nf iguratio n options 7.2 using ssl vpn policies setup > vpn settings > ssl vpn server > ssl vpn policies ssl vpn policies can be created on a global, group, or user level. User level policies take precedence over group level policies and g...
Page 103
Unified services router user manual 101 figure 64 : li st of ssl vpn polices (global f ilter) to add a ssl vpn policy, you must first assign it to a user, group, or make it global (i.E. Applicable to all ssl vpn users). If the policy is for a group, the available configured groups are shown in a dro...
Page 104
Unified services router user manual 102 figure 65 : ssl vpn policy co nf igurati on to configure a policy for a single user or group of users, enter the following information: policy for: the policy can be assigned to a group of users, a single user, or all users (making it a global policy). To cust...
Page 105
Unified services router user manual 103 port range: if the policy governs a type of traffic, this field is used for defining tcp or udp port number(s) corresponding to the governed traffic. Leaving the starting and ending port range blank corresponds to all udp and tcp traffic. Service: this is the ...
Page 106
Unified services router user manual 104 figure 66 : li st of co nf igured re so urces, which are a vaila ble to a ssi gn to ssl vpn policies 7.3 application port forwarding setup > vpn settings > ssl vpn server > port forwarding port forwarding allows remote ssl users to access specified network app...
Page 107
Unified services router user manual 105 as a convenience for remote users, the ho stname (fqdn) of the network server can be configured to allow for ip address resolution. This host name resolution provides users with easy-to-remember fqdn‘s to access tcp applications instead of error - prone ip add...
Page 108
Unified services router user manual 106 figure 67 : li st of available applica tions f or ssl p ort forw arding 7.4 ssl vpn client configuration setup > vpn settings > ssl vpn client > ssl vpn client an ssl vpn tunnel client provides a point -to-point connection between the browser - side machine an...
Page 109
Unified services router user manual 107 figure 68 : ssl vpn client a da pter a nd a ccess co nf igurati on the router allows full tunnel and split tunnel support. Full tunnel mode just sends all traffic from the client across the vpn tunnel to the router. Split tunnel mode only sends traffic to the ...
Page 110: 7.5 User Portal
Unified services router user manual 108 setup > vpn settings > ssl vpn client > configured client routes if the ssl vpn client is assigned an ip address in a different subnet than the corporate network, a client route must be added to allow access to the private lan through the vpn tunnel. As well a...
Page 111
Unified services router user manual 109 figure 70 : li st of co nf igured ssl vpn portal s . T he co nf igur ed portal can t hen be associa t ed with an a uthe ntic ation do mai n 7.5.1 creating portal layouts setup > vpn settings > ssl vpn server > portal layouts the router allows you to create a c...
Page 112
Unified services router user manual 110 banner message: the banner message that is displayed to s sl vpn clients prior to login. This field is optional. Display banner message on the login page: the user has the option to either display or hide the banner message in the login page. Http meta tags fo...
Page 113: Tools
Unified services router user manual 111 chapter 8. Advanced configuration tools 8.1 usb device setup setup > usb settings the dsr unified services router has a usb interface for printer access, file sharing and on the dsr-1000 / dsr-1000n models 3g modem support. There is no configuration on the gui...
Page 114
Unified services router user manual 112 figure 72 : usb devi ce detectio n 8.2 authentication certificates advanced > certificates this gateway uses digital certificates for ipsec vpn authentication as well as ssl validation (for https and ssl vpn authentication). You can obtain a digital certificat...
Page 115
Unified services router user manual 113 a self certificate is a certificate issued by a ca identifying your device (or self - signed if you don‘t want the identity protection of a ca). The active self certificate table lists the self certificates currently loaded on the gateway. The following inform...
Page 116
Unified services router user manual 114 figure 73 : certif icat e summary f or ipsec and ht tps manage me nt 8.3 advanced switch configuration the dsr allows you to adjust the power consumption of the hardware based on your actual usage. The two ―green‖ options available for your lan switch are powe...
Page 117
Unified services router user manual 115 figure 74 : a dv ance d switch set ting s.
Page 118: Management
Unified services router user manual 116 chapter 9. Administration & management 9.1 configuration access control the primary means to configure this gateway via the browser -independent gui. The gui can be accessed from lan node by using the gateway‘s lan ip address and http, or from the wan by using...
Page 119: 9.1.2 Cli Access
Unified services router user manual 117 figure 76 : re mote manage me nt f ro m t he wan 9.1.2 cli access in addition to the web -based gui, the gateway supports ssh and telnet management for command-line interaction. The cli login credentials are shared with the gui for administrator users. To acce...
Page 120
Unified services router user manual 118 figure 77 : snmp users, tra ps, a nd access co ntrol tools > admin > snmp system info the router is identified by an snmp manager via the system information. The identifier settings the sysname set here is also used to identify the router for syslog logging..
Page 121
Unified services router user manual 119 figure 78 : snmp system inf or matio n f or this ro uter 9.3 configuring time zone and ntp tools > date and time you can configure your time zone, whether or not to adjust for daylight savings time, and with which network time protocol (ntp) server to synchron...
Page 122: 9.4 Log Configuration
Unified services router user manual 120 figure 79 : date, ti me, a nd ntp server setup 9.4 log configuration this router allows you to capture log messages for traffic through the firewall, vpn, and over the wireless ap. As an administrator you can monitor the typ e of traffic that goes through the ...
Page 123
Unified services router user manual 121 system: this refers to application and management level features available on this router, including ssl vpn and administrator changes for managing the unit. Wireless: this facility corresponds to the 802.11 driver used for providing ap functionality to your n...
Page 124
Unified services router user manual 122 figure 80 : facility setting s f or lo gging the display for logging can be customized based on where the logs are sent, either the event log viewer in the gui (the event log viewer is in the status > logs page) or a remote syslog server for later review. E-ma...
Page 125
Unified services router user manual 123 example: if accept packets from lan to wan is enabled and there is a firewall rule to allow ssh traffic from lan, then whenever a lan machine tries to make an ssh connection, those packets will be accepted and a message will be logged. (assuming the log option...
Page 126
Unified services router user manual 124 figure 81 : lo g co nf iguratio n options f or traf f ic throug h ro ut er 9.4.2 sending logs to e-mail or syslog tools > log settings > remote logging once you have configured the type of logs that you want the router to collect, they can be sent to either a ...
Page 127
Unified services router user manual 125 this requirement. In some cases the smtp server may send out ident requests, and this router can have this response option enabled as needed. Once the e-mail server and recipient details are defined you can determine when the router should send out logs. E-mai...
Page 128
Unified services router user manual 126 the local event viewer on the router‘s gui, and thus can collect a considerable number of logs over a sustained period. This is typically very useful for debugging network issues or to monitor router traffic over a long duration. This router supports up to 8 c...
Page 129: Settings
Unified services router user manual 127 figure 84 : vpn lo gs displaye d i n gui e vent viewer 9.5 backing up and restoring configuration settings tools > system you can back up the router‘s custom configuration settings to restore them to a different device or the same router after some other chang...
Page 130
Unified services router user manual 128 2. To restore your saved settings from a backup file, click browse then locate the file on the host. After clicking restore, the router begins importing the file‘s saved configuration settings. After the restore, the router reboots automatically with the resto...
Page 131: 9.7 Dynamic Dns Setup
Unified services router user manual 129 figure 86 : fir mware versio n i nf orma tio n and upgrade optio n this router also supports an automated notification to determine if a newer firmware version is available for this router. By clicking the check now button in the notification section, the rout...
Page 132
Unified services router user manual 130 figure 87 : dyna mic dns co nf iguratio n 9.8 using diagnostic tools tools > system check the router has built in tools to allow an administrator to evaluate the communication status and overall network health..
Page 133: 9.8.1 Ping
Unified services router user manual 131 figur e 88 : router d i agno stic s t ools avail able i n t he gui 9.8.1 ping this utility can be used to test connectivity between this router and another device on the network connected to this router. Enter an ip address and click ping . The command output ...
Page 134: 9.8.3 Dns Lookup
Unified services router user manual 132 figure 89 : sa mple tr ace route o ut put 9.8.3 dns lookup to retrieve the ip address of a web, ftp, mail or any other server on the internet, type the internet name in the text box and click lookup. If the host or domai n entry exists, you will see a response...
Page 135: Statistics
Unified services router user manual 133 chapter 10. Router status and statistics 10.1 system overview the status page allows you to get a detailed overview of the system configuration. The settings for the wired and wireless inter faces are displayed in the dsr status page, and then the resulting ha...
Page 136
Unified services router user manual 134 figure 90 : device st atus display.
Page 137
Unified services router user manual 135 figure 91 : devi ce st atus display (co nti nued) 10.1.2 resource utilization status > device info > dashboard the dashboard page presents hardware and usage statistics. The cpu and memory utilization is a function of the available hardware and current configu...
Page 138
Unified services router user manual 136 figure 92 : re so urce utili zatio n sta tistic s.
Page 139
Unified services router user manual 137 figure 93 : re so urce utili zatio n dat a (co ntinue d).
Page 140: 10.2 Traffic Statistics
Unified services router user manual 138 figure 94 : re so urce utili zatio n dat a (co ntinue d) 10.2 traffic statistics 10.2.1 wired port statistics status > traffic monitor > device statistics detailed transmit and receive statistics for each physical port are presented here. Each interface (wan1,...
Page 141: 10.2.2 Wireless Statistics
Unified services router user manual 139 figure 95 : physical port sta tistics 10.2.2 wireless statistics status > traffic monitor > wireless statistics the wireless statistics tab displays the incrementing traffic statistics for each enabled access point. This page will give a snapshot of how much t...
Page 142: 10.3 Active Connections
Unified services router user manual 140 figure 96 : ap specif ic sta tistic s 10.3 active connections 10.3.1 sessions through the router status > active sessions this table lists the active internet sessions through the rout er‘s firewall. The session‘s protocol, state, local and remote ip addresses...
Page 143
Unified services router user manual 141 figure 97 : li st of c urrent acti ve firewall sessio ns.
Page 144: 10.3.2 Wireless Clients
Unified services router user manual 142 10.3.2 wireless clients status > wireless clients the clients connected to a particular ap c an be viewed on this page. Connected clients are sorted by the mac address and indicate the security parameters used by the wireless link, as well as the time connecte...
Page 145: 10.3.4 Active Vpn Tunnels
Unified services router user manual 143 figure 99 : li st of l an ho st s 10.3.4 active vpn tunnels status > active vpns you can view and change the status (connect or drop) of the router‘s ipsec security associations. Here, the active ipsec sas (security associations) are listed along with the traf...
Page 146
Unified services router user manual 144 figure 10 0: li st of current active vpn sessio ns all active ssl vpn connections, both for vpn tunnel and vpn port forwarding, are displayed on this page as well. Table fields are as follows. Field description user name the ssl vpn user that has an active tun...
Page 147: 11.1 Internet Connection
Unified services router user manual 145 chapter 11. Trouble shooting 11.1 internet connection symptom: you cannot access the router‘s web-configuration interface from a pc on your lan. Recommended action: 1. Check the ethernet connection between the pc and the router. 2. Ensure that your pc‘s ip add...
Page 148
Unified services router user manual 146 symptom: router cannot access the internet. Possible cause: if you use dynamic ip addresses, your router may not have requested an ip address from the isp. Recommended action: 1. Launch your browser and go to an external site such as www.Google.Com . 2. Access...
Page 149: 11.2 Date And Time
Unified services router user manual 147 symptom: router can obtain an ip address, but pc is unable to load internet pages. Recommended action: 1. Ask your isp for the addresses of its designated domain name system (dns) servers. Configure your pc to recognize those addresses. For details, see your o...
Page 150: Device
Unified services router user manual 148 4. Observe the display: if the path is working, you see this message sequence: pinging with 32 bytes of data reply from : bytes=32 time=nn ms ttl=xxx if the path is not working, you see this message sequence: pinging with 32 bytes of data request timed out 5. ...
Page 151: Settings
Unified services router user manual 149 verify that the network (subnet) address of your pc is different from the network address of the remote device. Verify that the cable or dsl modem is connected and functioning. Ask your isp if it assigned a hostname to your pc. If yes, select network configura...
Page 153: Chapter 12. Credits
Chapter 12. Credits microsoft, windows are registered trademarks of microsoft corp. Linux is a registered trademark of linus torvalds. Unix is a registered trademark of the open group..
Page 154: Appendix A. Glossary
Unified services router user manual 152 appendix a. Glossary arp address resolution protocol. Broadcast protocol for mapping ip addresses to mac addresses. Chap challenge-handshake authentication protocol. Protocol for authenticating users to an isp. Ddns dynamic dns. System for updating domain name...
Page 155
Unified services router user manual 153 pppoe point-to-point protocol over ethernet. Protocol for connecting a network of hosts to an isp without the isp having to manage the allocation of ip addresses. Pptp point-to-point tunneling protocol. Protocol for creation of vpns for the secure transfer of ...
Page 157
Appendix b. Factory default settings feature description default setting device login user login url http://192.168.10.1 user name (case sensitive) admin login password (case sensitive) admin internet connection wan mac address use default address wan mtu size 1500 port speed autosense local area ne...
Page 158: & Firewall Configuration
Unified services router user manual 156 appendix c. Standard services available for port forwarding & firewall configuration any aim bgp bootp_client bootp_server cu-seeme:udp cu-seeme:tcp dns:udp dns:tcp finger ftp http https icmp-type-3 icmp-type-4 icmp-type-5 icmp-type-6 icmp-type-7 icmp-type-8 i...
Page 159
Unified services router user manual 157 appendix d. Log output reference facility: system (networking) log message severity log message severity dbupdate event: table: %s opcode:%d rowid:%d debug bridgeconfig: too few arguments to command %s error networkintable.Txt not found debug bridgeconfig: too...
Page 160
Unified services router user manual 158 nimfadvoptsetwrap: user has changed mtu option debug ddns: sql error: %s error nimfadvoptsetwrap: mtu: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old mtu size: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old p...
Page 161
Unified services router user manual 159 %s:dbupdate event: table: %s opcode:%d rowid:%d debug failed to commit error %s:%d sip enable: %s debug ifstatusdbupdate: failed to begin " error siptblhandler:failed to update ifstatic debug %s: sql error: %s error siptblhandler:failed to update configport de...
Page 162
Unified services router user manual 160 pprivsep: %s debug nimfgetupdatemacflag: unable to get flag from mactable error %s:dbupdate event: table: %s opcode:%d rowid:%d debug nimfmacget: updating mac address failed error re-starting sshd daemon.... Debug sqlite3queryresget failed.Query:%s error sshd ...
Page 163
Unified services router user manual 161 getdnsfromisp: %s debug subnetaddress should be provided with accessoption 2 error idletimeoutflag: %s debug failed to restart sshd error idletimeoutvalue: %d debug unable to open the " error authmetho: %d debug sqlite3queryresget failed.Query:%s error executi...
Page 164
Unified services router user manual 162 %s: buffer overflow debug failed to clear vlan for %d error %s: value of %s in %s table is: %s debug failed to set vlan entry for vlan %d error %s: returning with status: %s debug failed to set vlan entries, while enabling \ error dnsresolverconfigure: address...
Page 165
Unified services router user manual 163 pppoemgmttblhandler: netmask: %s debug xl2tpdstop failed error pppoemgmttblhandler: authopt: %d debug writing xl2tpd.Conf failed error pppoemgmttblhandler: satus: %d debug writing options.Xl2tpd failed error pppoeenable: ppp dial string: %s debug xl2tpdstop fa...
Page 166
Unified services router user manual 164 l2tpmgmttblhandler: username: %s debug pppoemgmttblhandler: unable to get current mtu option error l2tpmgmttblhandler: password: %s debug pppoemgmttblhandler: unable to get the mtu error l2tpmgmttblhandler: accountname: %s debug pppoemgmttblhandler: pppoe enab...
Page 167
Unified services router user manual 165 the enable command is %s error dhcpcmgmttblhandler: dhclient enable failed error l2tpenable:executing the command failed error dhcpcmgmttblhandler: dhcpc release failed error l2tpdisable: command string: %s error dhcpcmgmttblhandler: dhcpc disable failed error...
Page 168
Unified services router user manual 166 created eap/peap context: ok debug setting message in fragment buffer: error error deleted eap/peap context: ok debug allocating tls read buffer is null: error error upper eap sent us: decision = %d method state = %d debug setting last fragment: error error p2...
Page 169
Unified services router user manual 167 error rcvd. Opcode %d. Debug plugin context is null error pctx null. Debug deriving implicit challenge: error error tls message len changed in the fragment, ignoring. Debug generating nt response: error error no data to send while fragment ack received. Debug ...
Page 170
Unified services router user manual 168 pfb->msgbuff is null. Debug setting profile to glue layer: error. Error error calculating binary. Debug _eapctxcreate failed. Error error calculating binary. Debug %d authentication not enabled in the system. Error adpdigestinit for sha1 failed. Debug initiali...
Page 171
Unified services router user manual 169 password change is not allowed for this user debug eap-peap not enabled in system configuration. Error completed writing the policy debug eap-wsc not enabled in system configuration. Error completed writing the sa debug pap not enabled in system configuration....
Page 172
Unified services router user manual 170 peapctx == null or ppdu == null. Error could not initialize des-ecb error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error state machine ...
Page 173
Unified services router user manual 171 could not open database: %s debug sqlite3queryresget failed error cpu log file not found debug radsendtoserver: socket: %s error mem log file not found debug radsendtoserver: bind() failed: %s: %s error cpumemusagedbupdatehandler: update query: %s debug radrec...
Page 174
Unified services router user manual 172 adding dictionary attribute '%s' debug failed to set default retries value error adding dictionary value %s debug error: incomplete db update information. Error receiving attribute: %s debug old values result does not contain 2 rows error processing attribute:...
Page 175
Unified services router user manual 173 next synchronization after" debug unable to set debug for radauth. Error next synchronization after %d \ debug unable to set debug level for radauth. Error primary is not available, " debug error: option value not specified error secondary is not available, " ...
Page 176
Unified services router user manual 174 timeout after semtake debug mempartalloc for %d size failed error srcid=%d(%s) cmd=%d debug mempartalloc for %d size failed error un-registerting component with id %d debug no handler registered for this umi context error failed to send ioctl request: dst(%d) ...
Page 177
Unified services router user manual 175 cpumemusagedbupdatehandler: sql error: %s error invalid privacy algorithm error unable to open the db file %s error failed to get host address error umiinit failed error invalid version error unable to register to umi error snmp v3 trap configuration failed er...
Page 178
Unified services router user manual 176 wan traffic counters are restared debug deleting schedule based firewall rules. Debug traffic limit has been reached debug deleting schedule based firewall rules from db. Debug traffic meter monthly limit has been changed to %d. Debug update schedule based fir...
Page 179
Unified services router user manual 177 enabling attack check for l2tp. Debug updating blocksites keyword from \ debug enabling attack check for udp flood. Debug inserting blocksites keyword \ debug enabling attack check for ipsec. Debug deleting trusted domain \ debug enabling attack check for pptp...
Page 180
Unified services router user manual 178 internet on port %d %d:%d:%d:%d:%d enabling remote access management for ip address range" debug disabling port trigger rule for %d:%d:%d:%d:%d debug enabling remote access management to only this pc. Debug adding port trigger rule for %d:%d:%d:%d:%d debug dis...
Page 181
Unified services router user manual 179 update firewallrules6 where schedulename = '%s' to new " debug fwlbspilloverconfigure: could not set postrouting rules error dns proxy restart failed debug fwlbspilloverconfigure: something going wrong here error deleting interface to ifgroup failed debug fwl2...
Page 182
Unified services router user manual 180 facility: local0 (wireless) log message severity log message severity (node=%s) setting %s to val = %d debug sqlite3queryresget failed error custom wireless event: '%s' debug sqlite3queryresget failed error wireless event: cmd=0x%x len=%d debug vap(%s) set bea...
Page 183
Unified services router user manual 181 got pnac_event_preauth_success event for : %s debug udp failed, received length is %d error event for non-existent node %s debug umiioctl(umi_comp_kdot11, error pnac_event_eapol_start event received debug umiioctl(umi_comp_udot11,%d,%d ) \ error pnac_event_eap...
Page 184
Unified services router user manual 182 sending eapol pdu to pnac... Debug dot11_rx_eapol_keymsg: unknown ifname %s error creating pnac authenticator with values %d %d - %s debug cmd %d not supported.Sender=%d error profile %s does not exist debug inteface name passed is null error iapp initialized....
Page 185
Unified services router user manual 183 pnacrecvrtn: no corresponding pnac port pae found debug umiioctl(umi_comp_iapp,%d) failed error sending unicast key debug invalid ie. Error sending broadcast key debug umiioctl(umi_comp_kdot11_vap, %d ) failed error from pnacauthpaedisconnected: calling pnactx...
Page 186
Unified services router user manual 184 from pnacrecvmapi: pkt body len = %d, pkttype = %d debug eapolrecvkeymsg: invalid descriptor version error from pnacpduprocess: received pnac_eap_packet debug eapolrecvkeymsg: incorrect descriptor version error from pnacpduprocess: currentid = %d debug eapolre...
Page 187
Unified services router user manual 185 from pnacbackauthfail: calling pnactxcannedfail debug rc4 framework initialization failed error %s returned error debug pnac framework initialization failed error pnacumiioctlhandler: cmd: %s(%d) debug error: option value not specified error %s not configured ...
Page 188
Unified services router user manual 186 phyport:%s pnacradxlateradpktintegritychk: no corresponding " pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpktintegritychk: no message " error pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpk...
Page 189
Unified services router user manual 187 failed to initiate pbc based enrolle association error pnackeyinfoget:failed to allocate buffer error invalid association mode. (allowed modes : pin/pbc) error pnac user comp id not set. Dropping eapol key pkt error wpsenable: running wsccmd failed error pnacu...
Page 190
Unified services router user manual 188 invalid cipher type %d error error from pnacauthinit: pnacauthkeytxinit failed error profile supports wep stas,group cipher must be wep error error from pnacauthinit: pnacreauthtimerinit failed error profile %s does not exist error error from pnacauthinit: pna...
Page 191
Unified services router user manual 189 error in executing db update handler error pnaceapradauthsend: invalid arguments error sqlite3queryresget failed error pnaceapradauthsend: failed to allocate inbuffer error error: incomplete db update information. Error pnacxmit : umiioctl failed[%d] error old...
Page 192
Unified services router user manual 190 invalid config data error facility: kernel log message severity log message severity dnat: multiple ranges no longer supported debug %s: %s%s:%d -> %s:%d %s, debug dnat: target size %u wrong for %u ranges, debug %s: %s%s:%d %s, debug dnat: wrong table %s, tabl...
Page 193
Unified services router user manual 191 %s%d: bad sequence number: %d, expected: %d, debug ifmedia_ioctl: no media found for 0x%x, debug pppiocdetach file->f_count=%d, debug ifmedia_ioctl: switching %s to , dev- >name debug ppp: outbound frame not passed debug ifmedia_match: multiple match for debug...
Page 194
Unified services router user manual 192 %s: mac_del %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug %02x, ((u_int8_t *)p)[i] debug %s: mac_kick %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug fi...
Page 195
Unified services router user manual 193 %s: flow dst=%s, __function__, xfrmstraddr(fl->fl6_dst, family) debug encrypt data length mismatch debug %s: flow src=%s, __function__, xfrmstraddr(fl->fl6_src, family) debug encrypt data does not compare debug a guy asks for address mask. Who is it? Debug tki...
Page 196
Unified services router user manual 194 ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s, debug txmic debug udp: short packet: from %u.%u.%u.%u:%u %d/%d to %u.%u.%u.%u:%u, debug %02x, hk->kv_txmic[i] debug udp: bad checksum. From %d.%d.%d.%d:%d to %d.%d.%d.%d:%d ulen %d, debug %s: unable to update h/w beac...
Page 197
Unified services router user manual 195 ipt_time loading debug %s: failed to register sysctls!, sc- >sc_dev->name debug ipt_time unloaded debug %s: mac %d.%d phy %d.%d, dev- >name, debug ip_conntrack_irc: max_dcc_channels must be a positive integer debug 5 ghz radio %d.%d 2 ghz radio %d.%d, debug ip...
Page 198
Unified services router user manual 196 window=%u , ntohs(th->window) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug res=0x%02x , (u8)(ntohl(tcp_flag_word(th) & tcp_reserved_bits) >> 22) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug urgp=%u , ntohs(th->urg_ptr) deb...
Page 199
Unified services router user manual 197 physout=%s , physoutdev->name debug %s: error. Dst refcount value less than 1 (%d), debug mac= debug for %s device refcnt: %d ,pdst- >dev->name, debug %02x%c, *p, debug %s: got null m:%p *m:%p sa:%p *sa:%p,__func__,ppbufmgr, debug nat: no longer support implic...
Page 200
Unified services router user manual 198 >msg_iov[i].Iov_base)[j] %02x, skb->data[i] debug de initializing by \ info _lvl pppol2tp: _fmt, ##args debug kernel umi module loaded info %02x, ptr[length] debug kernel umi module unloaded info %02x, ((unsigned char *) m- >msg_iov[i].Iov_base)[j] debug loadi...
Page 201
Unified services router user manual 199 test key, key debug %s: %s (, dev_info, ath_hal_version info pre-hashed key, key debug %s: driver unloaded, dev_info info const char *descr, krb5_keyblock *k) { debug %s: driver unloaded, dev_info info aes 128-bit key, &key debug %s: version 2.0.0 info const c...
Page 202
Unified services router user manual 200 failed to set aes encrypt key debug icmp: %u.%u.%u.%u: info aes %s decrypt test duration: %d:%d, hard ? Hard : soft, debug icmp: %u.%u.%u.%u: source info failed to set aes encrypt key debug wrong address mask %u.%u.%u.%u from info failed to set aes encrypt key...
Page 203
Unified services router user manual 201 md5 software test %s, md5softtest(0) ? Failed : passed debug %s: options rejected: o[0]=%02x, o[1]=%02x, warnin g md5 hardware test: debug %s: don't know what to do: o[5]=%02x, warnin g md5 hardware test %s, md5hardtest(0) ? Failed : passed debug *** new port ...
Page 204
Unified services router user manual 202 value = %x ::: at page = %x : addr = %x debug cix %u (%u) bad ratekbps %u mode %u, warnin g reg size == 32 bit debug %s: no rates for %s?, warnin g value = %x ::: at page = %x : addr = %x debug no rates yet! Mode %u, sc- >sc_curmode warnin g reg size == 64 bit...
Page 205
Unified services router user manual 203 from g %s(): addba mode is auto, __func__ debug martian source %u.%u.%u.%u from warnin g %s(): invalid tid value, __func__ debug ll header: warnin g error in add- no node available debug unable to create ip_set_list error %s(): channel capabilities do not matc...
Page 206
Unified services router user manual 204 [%d]\tmacaddr\t%s, j, debug ppp: no memory (vj comp pkt) error [%d]\tdescp\t\t%s, j, ni- >node_trace[i].Descp debug ppp: no memory (comp pkt) error [%d]\tvalue\t\t%llu(0x%llx), j, ni- >node_trace[i].Value, debug ppp: compressor dropped pkt error ifmedia_add: n...
Page 207
Unified services router user manual 205 __function__ %s: failed to register sysctls!, proc_name debug ppp: vj uncompressed error error pktlog_tag %s: proc_mkdir failed, __function__ debug ppp_decompress_frame: no memory error pktlog_tag %s: pktlog_attach failed for %s, debug ppp_mp_reconstruct bad s...
Page 208
Unified services router user manual 206 %s: cancel dfs wait period on channel %d, __func__, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error non-dfs channel, cancelling previous dfs wait timer channel %d, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error %s: unable to re...
Page 209
Unified services router user manual 207 ,__func__ int)len %s: unable to start recv logic, debug %03d:, i error %s: invalid interface id = %u, __func__, if_id debug %02x, ((unsigned char *)p)[i] error %s: unable to allocate channel table, __func__ debug mic check failed error %s: tx antenna switch. D...
Page 210
Unified services router user manual 208 >ifname wakingup due to wow signal debug unable to register kifdev to umi error %s, wowstatus = 0x%x, __func__, wowstatus debug error: %s: timeout at page %#0x addr %#0x error pattern added already debug error: %s: timeout at page %#0x addr %#0x error error : ...
Page 211
Unified services router user manual 209 0x%08x 0x%08x, 0x%08x 0x%08x 0x%08x 0x%08x, debug ath_pci: 32-bit dma not available error sc_txq[%d] : , i debug ath_pci: cannot reserve pci memory region error tid %p pause %d : , tid, tid->paused debug ath_pci: cannot remap pci memory region) ; error %d: %p ...
Page 212
Unified services router user manual 210 index:%d, value:%d, code:%x, rate:%d, flag:%x, i, (int)validrateindex[i], debug dev is null %p %p ,dev,dst critical ratetable:%d, maxvalidrate:%d, ratemax:%d, prc->ratetablesize,k,prc- >ratemaxphy debug packet is fragmented %d,pbufmgr- >len critical can't allo...
Page 213
Unified services router user manual 211 appendix e. Rj-45 pin-outs signal rj-45 cable adapter signal rj-45 pin db-9 pin cts nc nc nc dtr nc nc nc txd 6 3 rxd gnd 5 5 gnd gnd 4 5 gnd rxd 3 2 txd dsr nc nc nc rts nc nc nc.