- DL manuals
- D-Link
- Wireless Router
- DSR-1000
- User Manual
D-Link DSR-1000 User Manual - 3.8 Wan Port Settings
Unified Services Router
User Manual
51
Figure 26 : W AN3 co nf iguratio n f or 3G i nternet
3G WAN support is available on these dual WAN products: DSR-1000 and DSR-
1000N.
Cellular 3G internet access is available on WAN 3 via a 3G USB modem for DSR-
1000 and DSR-1000N. The cellular ISP that provides the 3G data plan will provide
the authentication requirements to establish a connection. The dial Number and APN
are specific to the cellular carriers. Once the connection type settings are configured
and saved, navigate to the WAN status page (
Setup > Internet Settings > WAN3
Status
) and Enable the WAN3 link to establish the 3G connection.
3.8 WAN Port Settings
Advanced > Advanced Network > WAN Port Setup
The physical port settings for each WAN link can be defined here. If your ISP account
defines the WAN port speed or is associated with a MAC address, this information is
required by the router to ensure a smooth connection with the network.
Summary of DSR-1000
Page 1
Unified services router user manual dsr-250 / 250n / 500 / 500n / 1000 / 1000n ver. 1.04 http://security.Dlink.Com building networks for people small business gateway solution.
Page 2: User Manual
User manual unified services router d-link corporation copyright © 2011. Http://www.Dlink.Com.
Page 3
Unified services router user manual 1 user manual dsr-250 / 250n / dsr-500 / 500n / 1000 / 1000n unified services router version 1.04 copyright © 2011 copyright notice this publication, including all photographs, illustrations and software, is protected under international copyright laws, with all r...
Page 4: Table Of Contents
Unified services router user manual 2 table of contents chapter 1. Introduction ........................................................................................................................... 10 1.1 about this user manual .....................................................................
Page 5
Unified services router user manual 3 4.3.1 primary benefits of virtual aps: ............................................................................ 61 4.4 tuning radio specific settings ............................................................................. 62 4.5 advanced wireless setti...
Page 6
Unified services router user manual 4 8.3 authentication certificates ................................................................................... 124 8.4 advanced switch configuration .......................................................................... 126 chapter 9. Administration & m...
Page 7
Unified services router user manual 5 appendix d. Log output reference ....................................................................................................... 167 appendix e. Rj-45 pin-outs .................................................................................................
Page 8: List Of Figures
Unified services router user manual 6 list of figures figure 1: setup page for lan tcp/ip settings ...................................................................................... 15 figure 2: ipv6 lan and dhcpv6 configuration ......................................................................
Page 9
Unified services router user manual 7 figure 33: list of configured access points (virtual aps) shows one enabled access point on the radio, broadcasting its ssid ................................................................................................... 61 figure 34: radio card configuratio...
Page 10
Unified services router user manual 8 figure 64: example of clientless ssl vpn connections to the dsr ................................................ 102 figure 65: list of groups ..........................................................................................................................
Page 11
Unified services router user manual 9 figure 98: dynamic dns configuration ................................................................................................. 141 figure 99: router diagnostics tools available in the gui .....................................................................
Page 12: Chapter 1. Introduction
Unified services router user manual 10 chapter 1. Introduction d-link unified services routers offer a secure, high performance networking solution to address the growing needs of small and medium businesses. Integrated high -speed ieee 802.11n and 3g wireless technologies offer comparable performan...
Page 13
Unified services router user manual 11 site-to-site vpn tunnels use ip security (ipsec) protocol, point-to-point tunneling protocol (pptp), or layer 2 t unneling protocol (l2tp) to facilitate branch office connectivity through encrypted virtual links. The dsr-250/250n, dsr-500/500n and dsr-1000/1000...
Page 15: Lan Setup
Chapter 2. Configuring your network: lan setup it is assumed that the user has a machine for man agement connected to the lan to the router. The lan connection may be through the wired ethernet ports available on the router, or once the initial setup is complete, the dsr may also be managed through ...
Page 16
Unified services router user manual 14 to configure lan connectivity, please follow the steps below: 1. In the lan setup page, enter the following information for your router: ip address (factory default: 192.168.1 0.1). If you change the ip address and click save settings, the gui will not respond....
Page 17
Unified services router user manual 15 lease time: enter the time, in hours, for which ip addresses are leased to clients. Relay gateway: enter the gateway address. This is the only configuration parameter required in this section when dhcp relay is selected as its dhcp mode 3. In the dns host name ...
Page 18
Unified services router user manual 16 2.1.1 lan configuration in an ipv6 network advanced > ipv6 > ipv6 lan > ipv6 lan config in ipv6 mode, the lan dhcp server is enabled by default (s imilar to ipv4 mode). The dhcpv6 server will serve ipv6 addresses from configured address pools with the ipv6 pref...
Page 19
Unified services router user manual 17 figure 2: ipv 6 l an and dh cpv6 c onf iguration if you change the ip address and click save settings, the gui will not respond. Open a new connection to the new ip address and log in again. Be sure the lan host (the machine used to manage the router) has obtai...
Page 20
Unified services router user manual 18 as with an ipv4 lan network, the router has a dhcpv6 server. If enabled, the router assigns an ip address within the specified range plus additional specified information to any lan pc that requests dhcp served addresses. The following settings are used to conf...
Page 21
Unified services router user manual 19 prefix address: ipv6 prefix address in the dhcpv6 server prefix pool prefix length: length prefix address 2.1.2 configuring ipv6 router advertisements router advertisements are analogous to ipv4 dhcp assignments for lan clients, in that the router will assign a...
Page 22
Unified services router user manual 20 seconds. Upon expiration of this value, a new radvd exchange must take place between the host and this router. Figure 3: co nf iguri ng the ro uter adverti se ment dae mon advertisement prefixes advanced > ipv6 > ipv6 lan > advertisement prefixes the router adv...
Page 23: 2.2 Vlan Configuration
Unified services router user manual 21 ipv6 prefix: when using global/local/isatap prefixes, this field is used to define the ipv6 network advertised by this router. Ipv6 prefix length: this value indicates the number contiguous, higher order bits of the ipv6 address that define up the network porti...
Page 24
Unified services router user manual 22 number from 2 to 4091. Vlan id 1 is reserved for the default vlan, which is used for untagged frames received on the interface. By enabling inter vlan routing, you will allow traffic from la n hosts belonging to this vlan id to pass through to other configured ...
Page 25
Unified services router user manual 23 figure 6: port vlan list in access mode the port is a member of a single vlan (and only one). All data going into and out of the port is untagged. Traffic through a port in access mode looks like any other ethernet frame. In trunk mode the port is a member of a...
Page 26
Unified services router user manual 24 figure 7: co nf iguri ng vlan me mbership f or a por t 2.3 configurable port: dmz setup dsr-250/250n does not have a configurable port – there is no dmz support. This router supports one of the physical ports to be configured as a secondary wan ethernet port or...
Page 27
Unified services router user manual 25 figure 8: dm z c onf iguratio n in order to configure a dmz port, the router‘s configurable port must be set to dmz in the setup > internet settings > configurable port page. 2.4 universal plug and play (upnp) advanced > advanced network > upnp universal plug a...
Page 28
Unified services router user manual 26 advertisement period: this is the frequency that the router broadcasts upnp information over the network. A large value will minimize network traffic but cause delays in identifying new upnp devices to the network. Advertisement time to live: this is expressed ...
Page 29: 2.5 Captive Portal
Unified services router user manual 27 2.5 captive portal dsr-250/250n does not have support for the captive portal feature. Lan users can gain internet access via web portal authentication with the dsr. Also referred to as run-time authentication, a captive portal is ideal for a web café scenario w...
Page 30: Wan Setup
Unified services router user manual 28 chapter 3. Connecting to the internet: wan setup this router has two wan ports that can be used to establish a connection to the internet. The following isp connection types are supported: dhcp, static, pppoe, pptp, l2tp, 3g internet (via usb modem). It is assu...
Page 31: 3.2 Wan Configuration
Unified services router user manual 29 3g internet access with a usb modem is supported on wan 3. The internet connection setup wizard assists with the primary wan port (wan1) configuration only. 3.2 wan configuration setup > internet settings > wan1 setup you must either allow the router to detect ...
Page 32: 3.2.2 Wan Dns Servers
Unified services router user manual 30 my ip address: enter the ip address assigned to you by the isp. Server ip address: enter the ip address of the pptp or l2tp server. Dsr-250/250n doesn‘t have a dual wan support. 3.2.1 wan port ip address your isp assigns you an ip address that is either dynamic...
Page 33: 3.2.4 Pppoe
Unified services router user manual 31 figure 12 : ma nual wan conf igur atio n 3.2.4 pppoe setup > internet settings the pppoe isp settings are defined on the wan configuration page. There are two types of pppoe isp‘s supported by the dsr: the standard username/password pppoe and japan multiple ppp...
Page 34
Unified services router user manual 32 figure 13 : pppoe co nf iguratio n f or sta ndard isps most pppoe isp‘s use a single control and data connection, and require usern ame / password credentials to login and authenticate the dsr with the isp. The isp connection type for this case is ―pppoe (usern...
Page 35
Unified services router user manual 33 figure 14 : w an c onf iguration f or japanese multi ple pppoe (part 1) there are a few key elements of a multiple pppoe connection: primary and secondary connections are concurrent each session has a dns server source for domain name lookup, this can be assign...
Page 36
Unified services router user manual 34 when japanese multiple pppoe is configured and secondary connection is up, some predefined routes are added on that interface. These routes are needed to access the internal domain of the isp where he hosts various services. These routes can even be configured ...
Page 37
Unified services router user manual 35 figure 16 : russia l2 tp isp co nf iguratio n 3.2.6 wan configuration in an ipv6 network advanced > ipv6 > ipv6 wan1 config for ipv6 wan connections, this router can have a static ipv6 address or receive connection information when configured as a dhcpv6 client...
Page 38
Unified services router user manual 36 gateway can be either stateless or stateful. If a stateful client is selected the gateway will connect to the isp‘s dhcpv6 server for a leased address. For stateless dhcp there need not be a dhcpv6 server available at the isp, rather icmpv6 discover messages wi...
Page 39
Unified services router user manual 37 when ipv6 is pppoe type, the following pppoe fields are enabled. Username: enter the username required to log in to the isp. Password: enter the password required to login to the isp. Authentication type: the type of authentication in use by the profile: auto -...
Page 40: 3.3 Bandwidth Controls
Unified services router user manual 38 figure 18 : connecti on sta tus i nf ormatio n f or bo th wan por ts the wan status page allows you to enable or disable static wan links. For wan settings that are dynamically received from the isp, you can renew or release the link parameters if required. 3.3...
Page 41
Unified services router user manual 39 can then be associated with a traffic selector, so that bandwidth profile can be applied to the traffic matching the selectors. Selectors are elements like ip addresses or services that would trigger the configured bandwidth regulation. Figure 19 : li st of con...
Page 42
Unified services router user manual 40 figure 20 : ba n dwidt h prof ile co nf igurat ion page advanced > advanced network > traffic management > traffic selectors once a profile has been created it can then be associated with a traffic flow from the lan to wan. To create a traffic selector, click a...
Page 43: 3.4.1 Auto Failover
Unified services router user manual 41 figure 21 : traf f ic selector co nf iguratio n 3.4 features with multiple wan links this router supports multiple wan links. This allows you to take advantage of failover and load balancing features to ensure certain internet dependent services are prioritized...
Page 44: 3.4.2 Load Balancing
Unified services router user manual 42 auto-rollover using wan port primary wan: selected wan is the primary link ( wan1/wan2/wan3) secondary wan: selected wan is the secondary link. Failover detection settings: to check connectivity of the primary internet link, one of the following failure detecti...
Page 45: 3.4.3 Protocol Bindings
Unified services router user manual 43 load balancing is particularly useful when the connection speed of one wan port greatly differs from another. In this case you can define protocol bindings to route low-latency services (such as voip) over the higher -speed link and let low-volume background tr...
Page 46: 3.5.1 Routing Mode
Unified services router user manual 44 traffic can be assigned to go over only one of the available wan ports. For increased flexibility the source network or machines can be specified as well as the destination network or machines. For example the voip traffic for a set of lan ip addresses can be a...
Page 47
Unified services router user manual 45 your isp has assigned an ip address for each of the computers that you use, select classic routing. Nat is a technique which allows several co mputers on a lan to share an internet connection. The computers on the lan use a "private" ip address range while the ...
Page 48
Unified services router user manual 46 figure 24 : routing mode is use d to conf igure traf f ic routi ng between wan and lan, as we ll as dy na mic ro uti ng ( rip).
Page 49
Unified services router user manual 47 3.5.2 dynamic routing (rip) dsr- 250/250n does not support rip. Setup > internet settings > routing mode dynamic routing using the routing information protocol (rip) is an interior gateway protocol (igp) that is common in lans. With rip this router can exchange...
Page 50: 3.5.3 Static Routing
Unified services router user manual 48 3.5.3 static routing advanced > routing > static routing advanced > ipv6 > ipv6 static routing manually adding static routes to this device allows you to define the path selection of traffic from one interface to another. There is no communication between this ...
Page 51
Unified services router user manual 49 figure 25 : static ro ute co nf igurati on f ie lds 3.6 configurable port - wan option this router supports one of the physical ports to be configured as a secondary wan ethernet port or a dedicated dmz port. If the port is selected to be a secondary wan interf...
Page 52
Unified services router user manual 50 maximum idle time field. This feature is useful if your isp charges you based on the amount of time that you are connected. Password: enter the password required to login to the isp. Dial number: enter the number to dial to the isp. Authentication protocol: sel...
Page 53: 3.8 Wan Port Settings
Unified services router user manual 51 figure 26 : w an3 co nf iguratio n f or 3g i nternet 3g wan support is available on these dual wan products: dsr-1000 and dsr- 1000n. Cellular 3g internet access is available on wan 3 via a 3g usb modem for dsr- 1000 and dsr-1000n. The cellular isp that provide...
Page 54
Unified services router user manual 52 the default mtu size supported by all ports is 1500. This is the largest packet size that can pass through the interface without fragmentation. This size can be increased, however large packets can introduce network lag and bring down the interface speed. Note ...
Page 55: Setup
Unified services router user manual 53 chapter 4. Wireless access point setup this router has an integrated 802.11n radio that allows you to create an access point for wireless lan clients. The security/encryption/authentication options are grouped in a wireless profile, and each configured profile ...
Page 56
Unified services router user manual 54 figure 28 : wireless networ k set up wi za rds 4.1.1 wireless network setup wizard this wizard provides a step-by-step guide to create and secure a new access point on the router. The network name (ssid) is the ap identifier that will be detected by supported c...
Page 57: 4.2 Wireless Profiles
Unified services router user manual 55 personal identification number (pin): the wireless device that supports wps may have an alphanumeric pin, and if entered in this field the ap will establish a link to the client. Click connect to complete setup and connect to the client. Push button configurati...
Page 58: 4.2.1 Wep Security
Unified services router user manual 56 server, or both. Note that wpa does not support 802.11n data rates; is it appropriate for legacy 802.11 connections. Wpa2: this security type uses ccmp encryption (and the option to add tkip encryption) on either psk (pre-shared key) or enterprise (radius serve...
Page 59
Unified services router user manual 57 size. Next choose one of the keys to be used for authentication. The selected key must be shared with wireless clients to connect to this device. Figure 30 : prof ile conf iguratio n to set ne twor k sec urity 4.2.2 wpa or wpa2 with psk a pre-shared key (psk) i...
Page 60
Unified services router user manual 58 4.2.3 radius authentication advanced > radius settings enterprise mode uses a radius server for wpa and/or wpa2 security. A radius server must be configured and accessible by the router to authenticate wireless client connections to an ap enabled with a profile...
Page 61
Unified services router user manual 59 figure 31 : radius server (ex ternal aut hentica tio n) co nf iguration 4.3 creating and using access points setup > wireless settings > access points once a profile (a group of security settings) is created, it can be assigned to an ap on the router. The ap ss...
Page 62
Unified services router user manual 60 the ap name is a unique identifier used to manage the ap from the gui, and is not the ssid that is detected by clients when the ap has broadcast enabled. Figure 32 : virtual ap conf igurati on a valuable power saving feature is the start and stop time control f...
Page 63
Unified services router user manual 61 figure 33 : li st o f co nf igured access points (virt ual aps) sho ws one enable d acce ss poi nt on the radi o, broa dcasti ng it s ssid the clients connected to a particular ap can be viewed by using the status button on the list of available access points. ...
Page 64
Unified services router user manual 62 broadcast the ssid for the vap with wep since it is meant to be used for a few legacy devices in this scenario. 4.4 tuning radio specific settings setup > wireless settings > radio settings the radio settings page lets you configure t he channels and power leve...
Page 65
Unified services router user manual 63 4.5 advanced wireless settings advanced > wireless settings > advanced wireless sophisticated wireless administrators can modify the 802.11 communication parameters in this page. Generally, the default settings are appropriate for most networks. Please refer to...
Page 66
Unified services router user manual 64 connect within 60 seconds of clicking the ―configure via pin‖ button immediately below the pin field. There is no led indication that a client has connected. Push button configuration (pbc): for wireless devices that support pbc, press and hold down on this but...
Page 67: Network
Chapter 5. Securing the private network you can secure your network by creating and applying r ules that your router uses to selectively block and allow inbound and outbound internet traffic. You then specify how and to whom the rules apply. To do so, you must define the following: services or traff...
Page 68
Unified services router user manual 66 may use the ip address if a static address is assigned to the wan port, or if your wan address is dynamic a ddns (dynamic dns) name can be used. Outbound (lan/dmz to wan) rules restrict access to traffic leaving your network, selectively allowing only specific ...
Page 69
Unified services router user manual 67 figure 38 : li st of available sc hedules t o bi nd to a f irewall rule 5.3 configuring firewall rules advanced > firewall settings > firewall rules all configured firewall rules on the router are displayed in the firewall rules list. This list also indicates w...
Page 70
Unified services router user manual 68 service: any means all traffic is affected by this rule. For a specific service the drop down list has common services, or you can select a custom defined service. Action & schedule: select one of the 4 actions that this rule defines: block always, allow always...
Page 71
Unified services router user manual 69 external ip address: the rule can be bound to a specific wan interface by selecting either the primary wan or configurable port wan as the source ip address for incoming traffic. This router supports multi-nat and so the external ip address does not necessari...
Page 72
Unified services router user manual 70 figure 39 : ex a mple where an out bo und snat r ule i s use d to map a n ex ternal ip a ddress (209. 156. 200. 225) to a priv ate dm z i p address (1 0.30 .30. 30 ).
Page 73
Unified services router user manual 71 figure 40 : t he f irewall rule co nf igurati o n page all ows y ou to def ine t he to/fro m zo ne, servi ce, actio n, sche dule s, and specif y so urce/desti na tion ip addresses as nee de d..
Page 74
Unified services router user manual 72 5.3.1 firewall rule configuration examples example 1: allow inbound http traffic to the dmz situation: you host a public web server on your local dmz network. You want to allow inbound http requests from any outside ip address to the ip address of your web serv...
Page 75
Unified services router user manual 73 example 3: multi-nat configuration situation: you want to configure multi-nat to support multiple public ip addresses on one wan port interface. Solution: create an inbound rule that configures the firewall to host an additional public ip address. Associate thi...
Page 76
Unified services router user manual 74 in the scheduled days box, check that you want th e schedule to be active for ―specific days‖. Select ―saturday‖ and ―sunday‖ in the scheduled time of day, select ―all day‖ – this will apply the schedule between 12 am to 11:59 pm of the selected day. Click appl...
Page 77
Unified services router user manual 75 figure 41 : sc hedule conf iguratio n f or t he abo ve ex ample. 2. Since we are trying to block http requests, it is a service with to zone: insecure (wan1/wan2/wan3) that is to be blocked according to schedule ―weekend‖..
Page 78
Unified services router user manual 76 3. Select the action to ―block by schedule, otherwise allow‖. This will take a predefined schedule and make sure the rule is a blocking rule during the defined dates/times. All other times outside the schedule will not be affected by this firewall blocking rule...
Page 79: 5.5 Alg Support
Unified services router user manual 77 figure 42 : li st of user def ined services . 5.5 alg support advanced > firewall settings > algs application level gateways (algs) are security component that enhance the firewall and nat support of this router to seamlessly support application layer protocols...
Page 80
Unified services router user manual 78 figure 43 : availa ble alg support on t he router . 5.6 vpn passthrough for firewall advanced > firewall settings > vpn passthrough this router‘s firewall settings can be configured to allow encrypted vpn traffic for ipsec, pptp, and l2tp vpn tunnel connections...
Page 81: 5.7 Application Rules
Unified services router user manual 79 figure 44 : pa sst hro ug h o ptio ns f or vpn tunnel s 5.7 application rules advanced > application rules > application rules application rules are also referred to as p ort triggering. This feature allows devices on the lan or dmz to request one or more ports...
Page 82: 5.8.1 Content Filtering
Unified services router user manual 80 figure 45 : li st of available applica tion rule s showi ng 4 uni que r ules the application rule status page will list any active rules, i.E. Incoming ports that are being triggered based on outbound requests from a defined outgoing port. 5.8 web content filte...
Page 83: 5.8.2 Approved Urls
Unified services router user manual 81 figure 46 : content filtering use d t o bl o c k acces s t o prox y se rvers a nd prevent acti ve x co ntrols f ro m being downloa ded 5.8.2 approved urls advanced > website filter > approved urls the approved urls is an acceptance list for all url domain names...
Page 84: 5.8.3 Blocked Keywords
Unified services router user manual 82 figure 47 : two tr ust ed do mai ns a dde d to the appro ved urls list 5.8.3 blocked keywords advanced > website filter > blocked keywords keyword blocking allows you to block all website url‘s or site content that contains the keywords in the configured list. ...
Page 85: 5.8.4 Export Web Filter
Unified services router user manual 83 figure 48 : one keyw ord a dded to t he blo c k list 5.8.4 export web filter advanced > website filter > export export approved urls: feature enables the user to export the urls to be allowed to a csv file which can then be downloaded to the local host. The use...
Page 86: 5.9 Ip/mac Binding
Unified services router user manual 84 figure 49 : ex port appro ved url li st 5.9 ip/mac binding advanced > ip/mac binding another available security measure is to only allow outbound traffic (from the lan to wan) when the lan node has an ip address matching the mac address bound to it. This is ip/...
Page 87
Unified services router user manual 85 figure 50 : t he f ollo wing ex ample binds a lan ho st’ s mac address t o a n ip a ddre ss serve d by dsr . If t here is an ip/mac bi ndi ng violatio n, the violati ng pac ke t will be dr opped and lo gs will be capt ured 5.10 intrusion prevention (ips) advanc...
Page 88
Unified services router user manual 86 figure 51 : intr usi on preventio n f eature s on the router 5.11 protecting from internet attacks advanced > advanced network > attack checks attacks can be malicious security breaches or unintentional network issues that render the router unusable. Attack che...
Page 89
Unified services router user manual 87 figure 52 : protecti ng the router a nd lan f rom internet atta c ks.
Page 90
Unified services router user manual 88 chapter 6. Ipsec / pptp / l2tp vpn a vpn provides a secure communication channel (―tunnel‖) between two gateway routers or a remote pc client. The following types of tunnels can be created: gateway-to-gateway vpn: to connect two or more routers to secure traffi...
Page 91
Unified services router user manual 89 figure 54 : ex a mple of three ip sec client connecti ons t o t he i nternal networ k thro ug h t he dsr ipsec gateway.
Page 92: 6.1 Vpn Wizard
Unified services router user manual 90 6.1 vpn wizard setup > wizard > vpn wizard you can use the vpn wizard to quickly create both ike and vpn pol icies. Once the ike or vpn policy is created, you can modify it as required. Figure 55 : vpn wi zard la unch screen to easily establish a vpn tunnel usi...
Page 93
Unified services router user manual 91 2. Configure remote and local wan address for the tunnel endpoints remote gateway type: identify the remote endpoint of the tunnel by fqdn or static ip address remote wan ip address / fqdn: this field is enabled only if the peer you are trying to connect to is ...
Page 94
Unified services router user manual 92 parameter default value from wizard exchange mode aggressive (client policy ) or main (gateway policy) id type fqdn local wan id wan_local.Com (only applies to client policies) remote wan id wan_remote.Com (only applies to client policies) encryption algorithm ...
Page 95
Unified services router user manual 93 figure 56 : ip sec poli cy conf igura tio n once the tunnel type and endpoints of the tunn el are defined you can determine the phase 1 / phase 2 negotiation to use for the tunnel. This is covered in the ipsec mode setting, as the policy can be manual or auto. ...
Page 96
Unified services router user manual 94 figure 57 : ip sec poli cy conf igura tio n co ntinue d (auto policy via ik e) a manual policy does not use ike and instead relies on manual keying to exchange authentication parameters between the two ipsec hosts. The incoming and outgoing security parameter i...
Page 97
Unified services router user manual 95 figure 58 : ip sec poli cy conf igura tio n co ntinue d (auto / manual pha se 2 ) 6.2.1 extended authentication (xauth) you can also configure extended authentication (xauth). Rather than configure a unique vpn policy for each user, you can configure the vpn ga...
Page 98
Unified services router user manual 96 6.3 configuring vpn clients remote vpn clients must be configured with the same vpn policy parameters used in the vpn tunnel that the client wishes to use: encryption, authentication, life time, and pfs key-group. Upon establishing these authentication paramete...
Page 99
Unified services router user manual 97 figure 59 : pptp t unnel co nf iguratio n – pptp client figure 60 : pptp vpn co nnectio n st atus setup > vpn settings > pptp > pptp server a pptp vpn can be established through this router. Once enabled a pptp server is available on the router for lan and wan ...
Page 100
Unified services router user manual 98 figure 61 : pptp t unnel co nf iguratio n – pptp server 6.4.2 l2tp tunnel support setup > vpn settings > l2tp > l2tp server a l2tp vpn can be established through this router. Once enabled a l2tp server is available on the router for lan and wan l2tp client user...
Page 101: 6.4.3 Openvpn Support
Unified services router user manual 99 figure 62 : l2 tp t unnel co nf iguratio n – l2tp server 6.4.3 openvpn support setup > vpn settings > openvpn > openvpn configuration openvpn allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password. When used in...
Page 102
Unified services router user manual 100 (added from openvpnclient routes) through the tunnel. Full tunnel is the default. Enable client to client communication: enable this to allow openvpn clients to communicate with each other in split tunnel case. Disabled by default. Upload access server client ...
Page 103: Chapter 7. Ssl Vpn
Chapter 7. Ssl vpn the router provides an intrinsic ssl vpn feature as an alternate to the standard ipsec vpn. Ssl vpn differs from ipsec vpn mainly by removing the requirement of a pre - installed vpn client on the remote host. Instead, users can securely login through the ssl user portal using a s...
Page 104
Unified services router user manual 102 figure 64 : ex a mple of clientless ssl vpn co nnectio ns t o t he dsr.
Page 105: 7.1 Groups And Users
Unified services router user manual 103 7.1 groups and users advanced > users > groups the group page allows creating, editing and deleting groups. The groups are associated to set of user types. The lists of available groups are displayed in the ―list of group‖ page with group name and description ...
Page 106
Unified services router user manual 104 admin: this is the router‘s super-user, and can manage the router, use ssl vpn to access network resources, and login to l2tp/pptp servers on the wan. There will always be one default administrator user for the gui guest user (read-only): the guest user gains ...
Page 107
Unified services router user manual 105 active directory domain: if the domain uses the active directory authentication, the active directory domain name is required. Users configured in the active directory database are given access to the ssl vpn portal with their active directory username and pas...
Page 108
Unified services router user manual 106 disable login: enable to prevent the users of this group from logging into the devices management interface(s) deny login from wan interface: enable to prevent the users of this group from logging in from a wan (wide area network) interface. In this case only ...
Page 109
Unified services router user manual 107 figure 69 : browser policies options policy by ip to set policies bye ip for the group, select the corresponding group click ―policy by ip‖. The following parameters are configured: group name: this is the name of the group that can have its login policy edite...
Page 110
Unified services router user manual 108 figure 70 : ip policies o ptio ns . Login policies, policy by browsers, policy by ip are applicable ssl vpn user only. Advanced > users > users the users page allows adding, editing and deleting existing group s. The user are associated to configured groups. T...
Page 111
Unified services router user manual 109 figure 71 : availa ble user s wit h logi n sta tus a nd a ssocia ted group 7.1.1 users and passwords advanced > users > users the user configurations allow creating users associated to group. The user settings contain the following key components: user name: t...
Page 112
Unified services router user manual 110 figure 72 : user co nf iguratio n options 7.2 using ssl vpn policies setup > vpn settings > ssl vpn server > ssl vpn policie s ssl vpn policies can be created on a global, group, or user level. User level policies take precedence over group level policies and ...
Page 113
Unified services router user manual 111 figure 73 : li st of ssl vpn polices (global f ilter) to add a ssl vpn policy, you must first assign it to a user, group, or make it global (i.E. Applicable to all ssl vpn users). If the policy is for a group, the available configured groups are shown in a dro...
Page 114
Unified services router user manual 112 figure 74 : ssl vpn policy co nf igurati on to configure a policy for a single user o r group of users, enter the following information: policy for: the policy can be assigned to a group of users, a single user, or all users (making it a global policy). To cus...
Page 115
Unified services router user manual 113 port range: if the policy governs a type of traffic, this field is used for defining tcp or udp port number(s) corresponding to the governed traffic. Leaving the starting and ending port range blank corresponds to all udp and tcp traffic. Service: this is the ...
Page 116
Unified services router user manual 114 figure 75 : li st of co nf igured re so urces, which are a vaila ble to a ssi gn to ssl vpn policies 7.3 application port forwarding setup > vpn settings > ssl vpn server > port forwarding port forwarding allows remote ssl users to access specified network app...
Page 117
Unified services router user manual 115 as a convenience for remote users, the hostname (fqdn ) of the network server can be configured to allow for ip address resolution. This host name resolution provides users with easy-to-remember fqdn‘s to access tcp applications instead of error - prone ip add...
Page 118
Unified services router user manual 116 figure 76 : li st of available applica tions f or ssl p ort forw arding 7.4 ssl vpn client configuration setup > vpn settings > ssl vpn client > ssl vpn client an ssl vpn tunnel client provides a point -to-point connection between the browser - side machine an...
Page 119
Unified services router user manual 117 figure 77 : ssl vpn client a da pter a nd a ccess co nf igurati on the router allows full tunnel and split tunnel support. Full tunnel mode just sends all traffic from the client across the vpn tunnel to the router. Split tunnel mode only sends traffic to the ...
Page 120: 7.5 User Portal
Unified services router user manual 118 setup > vpn settings > ssl vpn client > configured c lient routes if the ssl vpn client is assigned an ip address in a different subnet than the corporate network, a client route must be added to allow access to the private lan through the vpn tunnel. As well ...
Page 121
Unified services router user manual 119 figure 79 : li st of co nf igured ssl vpn portal s . T he co nf igur ed portal can t hen be associa t ed with an a uthe ntic ation do mai n 7.5.1 creating portal layouts setup > vpn settings > ssl vpn server > portal layouts the router allows you to create a c...
Page 122
Unified services router user manual 120 banner message: the banner message that is displayed to ssl vpn clients prior to login. This field is optional. Display banner message on the login page: the user has the option to either display or hide the banner message in the login page. Http meta tags for...
Page 123: Tools
Unified services router user manual 121 chapter 8. Advanced configuration tools 8.1 usb device setup setup > usb settings > usb status the dsr unified services router has a usb interface for printer access, file sharing and on the dsr-1000 / dsr-1000n models 3g modem support. There is no configurati...
Page 124: 8.2 Sms Service
Unified services router user manual 122 figure 81 : usb devi ce detectio n 8.2 sms service setup > usb settings > sms service the dsr unified services router has a usb interface to connect 3g modem support to send and receive short messaging service . The received messages can be seen in the inbox a...
Page 125
Unified services router user manual 123 figure 82 : sm s serv ice – se nd sm s the following details are displayed in sms inbox page: sno: displays the serial number of message in the inbox. Sender: displays the sender of the particular message. Timestamp: displays the time when the message was sent...
Page 126
Unified services router user manual 124 figure 83 : sm s serv ice – receive sms the following details to be provided in create message page: receiver: enter the phone number of the intended receiver of the message. Text message: enter the body of the message here click send message to send the messa...
Page 127
Unified services router user manual 125 table lists the self certificates currently loaded on the gateway. The following information is displayed for each uploaded self certificate: name: the name you use to identify this certificate, it is not displayed to ipsec vpn peers or ssl users. Subject name...
Page 128
Unified services router user manual 126 8.4 advanced switch configuration the dsr allows you to adjust the power consumption of the hardware based on your actual usage. The two ―green‖ options available for your lan switch are power saving by link status and length detection state. With ―power savin...
Page 129: Management
Unified services router user manual 127 chapter 9. Administration & management 9.1 configuration access control the primary means to configure this gateway via the browser -independent gui. The gui can be accessed from lan node by using the gateway‘s lan ip address and http, or from the wan by using...
Page 130: 9.1.2 Cli Access
Unified services router user manual 128 figure 87 : re mote manage me nt f ro m t he wan 9.1.2 cli access in addition to the web -based gui, the gateway supports ssh and telnet management for command-line interaction. The cli login credentials are shared with the gui for administrator users. To acce...
Page 131
Unified services router user manual 129 figure 88 : snmp users, tra ps, a nd access co ntrol tools > admin > snmp system info the router is identified by an snmp manager via the system information. The identifier settings the sysname set here is also used to identify the router for syslog logging..
Page 132
Unified services router user manual 130 figure 89 : snmp system inf or matio n f or this ro uter 9.3 configuring time zone and ntp tools > date and time you can configure your time zone, whether or n ot to adjust for daylight savings time, and with which network time protocol (ntp) server to synchro...
Page 133: 9.4 Log Configuration
Unified services router user manual 131 figure 90 : date, ti me, a nd ntp server setup 9.4 log configuration this router allows you to capture log messages for traffic through the f irewall, vpn, and over the wireless ap. As an administrator you can monitor the type of traffic that goes through the ...
Page 134
Unified services router user manual 132 system: this refers to application and management level features available on this router, including ssl vpn and administrator changes for managing the unit. Wireless: this facility corresponds to the 802.11 driver used for providing ap functionality to your n...
Page 135
Unified services router user manual 133 figure 91 : facility setting s f or lo gging the display for logging can be customized based on where the logs are sent, either the event log viewer in the gui (the event log viewer is in the status > logs page) or a remote syslog server for later review. E-ma...
Page 136
Unified services router user manual 134 example: if accept packets from lan to wan is enabled and there is a firewall rule to allow ssh traffic from lan, then whenever a lan machine tries to make an ssh connection, those packets will be accepted and a message will be logged. (assuming the log option...
Page 137
Unified services router user manual 135 figure 92 : lo g co nf i guratio n options f or traf f ic throug h ro ut er 9.4.2 sending logs to e-mail or syslog tools > log settings > remote logging once you have configured the type of logs that you want the router to collect, they can be sent to either a...
Page 138
Unified services router user manual 136 this requirement. In some cases the smtp server may send out ident requests, and this router can have this response option enabled as needed. Once the e-mail server and recipient details are defi ned you can determine when the router should send out logs. E-ma...
Page 139
Unified services router user manual 137 the local event viewer on the router‘s gui, and thus can collect a considerable number of logs over a sustained period. This is typically very useful for debugging network issues or to monitor router traffic over a l ong duration. This router supports up to 8 ...
Page 140: Settings
Unified services router user manual 138 figure 95 : vpn lo gs displaye d i n gui e vent viewer 9.5 backing up and restoring configuration settings tools > system you can back up the router‘s custom configuration settings to restore them to a different device or the same router after some other chang...
Page 141
Unified services router user manual 139 2. To restore your saved settings from a backup file, click browse then locate the file on the host. After clicking restore, the router begins importing the file‘s saved configuration settings. After the restore, the router reboots automatically with the resto...
Page 142: 9.7 Dynamic Dns Setup
Unified services router user manual 140 figure 97 : fir mware versio n i nf orma tio n and upgrade optio n this router also supports an automated notification to determine if a newer firmware version is available for this router. By clicking the check now button in the notification section, the rout...
Page 143
Unified services router user manual 141 directed to the correct ip address. When you set up an account with a ddns se rvice, the host and domain name, username, password and wildcard support will be provided by the account provider. Figure 98 : dyna mic dns co nf iguratio n 9.8 using diagnostic tool...
Page 144: 9.8.1 Ping
Unified services router user manual 142 figure 99 : router d i agno stic s t ools avail able i n t he gui 9.8.1 ping this utility can be used to test connectivity between this router and anoth er device on the network connected to this router. Enter an ip address and click ping . The command output ...
Page 145: 9.8.3 Dns Lookup
Unified services router user manual 143 figure 10 0: sa mple t race route out put 9.8.3 dns lookup to retrieve the ip address of a web, ftp, mail or any other server on the internet, type the internet name in the text box and click lookup. If the host or domain entry exists, you will see a response ...
Page 146: Statistics
Unified services router user manual 144 chapter 10. Router status and statistics 10.1 system overview the status page allows you to get a detailed overview of the system configuration. The settings for the wired and wireless interfaces are displayed in the dsr status page, and then the resulting har...
Page 147
Unified services router user manual 145 figure 10 1: device status di spla y.
Page 148
Unified services router user manual 146 figure 10 2: device status di spla y (co nti nued) 10.1.2 resource utilization status > device info > dashboard the dashboard page presents hardware and usage statistics. The cpu and memory utilization is a function of the available hardware and current config...
Page 149
Unified services router user manual 147 figure 10 3: reso urc e utili zatio n st atisti cs.
Page 150
Unified services router user manual 148 figure 10 4: reso urc e utili zatio n da ta (c onti nue d).
Page 151: 10.2 Traffic Statistics
Unified services router user manual 149 figure 10 5: reso urc e utili zatio n da ta (c onti nue d) 10.2 traffic statistics 10.2.1 wired port statistics status > traffic monitor > device statistics detailed transmit and receive statistics for each physical port are presented here. Each interface (wan...
Page 152: 10.2.2 Wireless Statistics
Unified services router user manual 150 figure 10 6: p hysic al port st ati stics 10.2.2 wireless statistics status > traffic monitor > wireless statistics the wireless statistics tab displays the incrementing traffic stat istics for each enabled access point. This page will give a snapshot of how m...
Page 153: 10.3 Active Connections
Unified services router user manual 151 figure 10 7: ap speci f ic statistics 10.3 active connections 10.3.1 sessions through the router status > active sessions this table lists the active internet sessions through the router‘s firewall. The session‘s protocol, state, local and remote ip addresses ...
Page 154
Unified services router user manual 152 figure 10 8: li st of current active fir ew all se ssio ns.
Page 155: 10.3.2 Wireless Clients
Unified services router user manual 153 10.3.2 wireless clients status > wireless clients the clients connected to a particular ap can be viewed on this page. Connected clients are sorted by the mac address and indicate the security parameters used by the wireless link, as well as the time connected...
Page 156: 10.3.4 Active Vpn Tunnels
Unified services router user manual 154 figure 11 0: li st of l an ho st s 10.3.4 active vpn tunnels status > active vpns you can view and change the status (connect or drop) of the router‘s ipsec security associations. Here, the active ipsec sas (security associations) are listed along with the tra...
Page 157
Unified services router user manual 155 figure 11 1: li st of curren t active vpn sessio ns all active ssl vpn connections, both for vpn tunnel and vpn port forwarding, are displayed on this page as well. Table fields are as follows. Field description user name the ssl vpn user that has an active tu...
Page 158: 11.1 Internet Connection
Unified services router user manual 156 chapter 11. Trouble shooting 11.1 internet connection symptom: you cannot access the router‘s web-configuration interface from a pc on your lan. Recommended action: 1. Check the ethernet connection between the pc and the router. 2. Ensure that your pc‘s ip add...
Page 159
Unified services router user manual 157 symptom: router cannot access the internet. Possible cause: if you use dynamic ip addresses, your router may not have requested an ip address from the isp. Recommended action: 1. Launch your browser and go to an external site such as www.Google.Com . 2. Access...
Page 160: 11.2 Date And Time
Unified services router user manual 158 symptom: router can obtain an ip address, but pc is unable to load internet pages. Recommended action: 1. Ask your isp for the addresses of its designated domain name system (dns) servers. Configure your pc to recognize those addresses. For details, see your o...
Page 161: Device
Unified services router user manual 159 4. Observe the display: if the path is working, you see this message sequence: pinging with 32 bytes of data reply from : bytes=32 time=nn ms ttl=xxx if the path is not working, you see this message sequence: pinging with 32 bytes of data request timed out 5. ...
Page 162: Settings
Unified services router user manual 160 verify that the network (subnet) address of your pc is different from the network address of the remote device. Verify that the cable or d sl modem is connected and functioning. Ask your isp if it assigned a hostname to your pc. If yes, select network configur...
Page 163: Chapter 12. Credits
Chapter 12. Credits microsoft, windows are registered trademarks of microsoft corp. Linux is a registered trademark of linus torvalds. Unix is a registered trademark of the open group..
Page 164: Appendix A. Glossary
Unified services router user manual 162 appendix a. Glossary arp address resolution protocol. Broadcast protocol for mapping ip addresses to mac addresses. Chap challenge-handshake authentication protocol. Protocol for authenticating users to an isp. Ddns dynamic dns. System for updating domain name...
Page 165
Unified services router user manual 163 pppoe point-to-point protocol over ethernet. Protocol for connecting a network of hosts to an isp without the isp having to manage the allocation of ip addresses. Pptp point-to-point tunneling protocol. Protocol for creation of vpns for the secure transfer of ...
Page 167
Appendix b. Factory default settings feature description default setting device login user login url http://192.168.10.1 user name (case sensitive) admin login password (case sensitive) admin internet connection wan mac address use default address wan mtu size 1500 port speed autosense local area ne...
Page 168: & Firewall Configuration
Unified services router user manual 166 appendix c. Standard services available for port forwarding & firewall configuration any aim bgp bootp_client bootp_server cu-seeme:udp cu-seeme:tcp dns:udp dns:tcp finger ftp http https icmp-type-3 icmp-type-4 icmp-type-5 icmp-type-6 icmp-type-7 icmp-type-8 i...
Page 169
Unified services router user manual 167 appendix d. Log output reference facility: system (networking) log message severity log message severity dbupdate event: table: %s opcode:%d rowid:%d debug bridgeconfig: too few arguments to command %s error networkintable.Txt not found debug bridgeconfig: too...
Page 170
Unified services router user manual 168 nimfadvoptsetwrap: user has changed mtu option debug ddns: sql error: %s error nimfadvoptsetwrap: mtu: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old mtu size: %d debug sqlite3queryresget failed.Query:%s error nimfadvoptsetwrap: old p...
Page 171
Unified services router user manual 169 %s:dbupdate event: table: %s opcode:%d rowid:%d debug failed to commit error %s:%d sip enable: %s debug ifstatusdbupdate: failed to begin " error siptblhandler:failed to update ifstatic debug %s: sql error: %s error siptblhandler:failed to update configport de...
Page 172
Unified services router user manual 170 pprivsep: %s debug nimfgetupdatemacflag: unable to get flag from mactable error %s:dbupdate event: table: %s opcode:%d rowid:%d debug nimfmacget: updating mac address failed error re-starting sshd daemon.... Debug sqlite3queryresget failed.Query:%s error sshd ...
Page 173
Unified services router user manual 171 getdnsfromisp: %s debug subnetaddress should be provided with accessoption 2 error idletimeoutflag: %s debug failed to restart sshd error idletimeoutvalue: %d debug unable to open the " error authmetho: %d debug sqlite3queryresget failed.Query:%s error executi...
Page 174
Unified services router user manual 172 %s: buffer overflow debug failed to clear vlan for %d error %s: value of %s in %s table is: %s debug failed to set vlan entry for vlan %d error %s: returning with status: %s debug failed to set vlan entries, while enabling \ error dnsresolverconfigure: address...
Page 175
Unified services router user manual 173 pppoemgmttblhandler: netmask: %s debug xl2tpdstop failed error pppoemgmttblhandler: authopt: %d debug writing xl2tpd.Conf failed error pppoemgmttblhandler: satus: %d debug writing options.Xl2tpd failed error pppoeenable: ppp dial string: %s debug xl2tpdstop fa...
Page 176
Unified services router user manual 174 l2tpmgmttblhandler: username: %s debug pppoemgmttblhandler: unable to get current mtu option error l2tpmgmttblhandler: password: %s debug pppoemgmttblhandler: unable to get the mtu error l2tpmgmttblhandler: accountname: %s debug pppoemgmttblhandler: pppoe enab...
Page 177
Unified services router user manual 175 the enable command is %s error dhcpcmgmttblhandler: dhclient enable failed error l2tpenable:executing the command failed error dhcpcmgmttblhandler: dhcpc release failed error l2tpdisable: command string: %s error dhcpcmgmttblhandler: dhcpc disable failed error...
Page 178
Unified services router user manual 176 created eap/peap context: ok debug setting message in fragment buffer: error error deleted eap/peap context: ok debug allocating tls read buffer is null: error error upper eap sent us: decision = %d method state = %d debug setting last fragment: error error p2...
Page 179
Unified services router user manual 177 error rcvd. Opcode %d. Debug plugin context is null error pctx null. Debug deriving implicit challenge: error error tls message len changed in the fragment, ignoring. Debug generating nt response: error error no data to send while fragment ack received. Debug ...
Page 180
Unified services router user manual 178 pfb->msgbuff is null. Debug setting profile to glue layer: error. Error error calculating binary. Debug _eapctxcreate failed. Error error calculating binary. Debug %d authentication not enabled in the system. Error adpdigestinit for sha1 failed. Debug initiali...
Page 181
Unified services router user manual 179 password change is not allowed for this user debug eap-peap not enabled in system configuration. Error completed writing the policy debug eap-wsc not enabled in system configuration. Error completed writing the sa debug pap not enabled in system configuration....
Page 182
Unified services router user manual 180 peapctx == null or ppdu == null. Error could not initialize des-ecb error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error received eap pdu bigger than eap_mtu_size. Error error cleaning cipher context. Error state machine ...
Page 183
Unified services router user manual 181 could not open database: %s debug sqlite3queryresget failed error cpu log file not found debug radsendtoserver: socket: %s error mem log file not found debug radsendtoserver: bind() failed: %s: %s error cpumemusagedbupdatehandler: update query: %s debug radrec...
Page 184
Unified services router user manual 182 adding dictionary attribute '%s' debug failed to set default retries value error adding dictionary value %s debug error: incomplete db update information. Error receiving attribute: %s debug old values result does not contain 2 rows error processing attribute:...
Page 185
Unified services router user manual 183 next synchronization after" debug unable to set debug for radauth. Error next synchronization after %d \ debug unable to set debug level for radauth. Error primary is not available, " debug error: option value not specified error secondary is not available, " ...
Page 186
Unified services router user manual 184 timeout after semtake debug mempartalloc for %d size failed error srcid=%d(%s) cmd=%d debug mempartalloc for %d size failed error un-registerting component with id %d debug no handler registered for this umi context error failed to send ioctl request: dst(%d) ...
Page 187
Unified services router user manual 185 cpumemusagedbupdatehandler: sql error: %s error invalid privacy algorithm error unable to open the db file %s error failed to get host address error umiinit failed error invalid version error unable to register to umi error snmp v3 trap configuration failed er...
Page 188
Unified services router user manual 186 wan traffic counters are restared debug deleting schedule based firewall rules. Debug traffic limit has been reached debug deleting schedule based firewall rules from db. Debug traffic meter monthly limit has been changed to %d. Debug update schedule based fir...
Page 189
Unified services router user manual 187 enabling attack check for l2tp. Debug updating blocksites keyword from \ debug enabling attack check for udp flood. Debug inserting blocksites keyword \ debug enabling attack check for ipsec. Debug deleting trusted domain \ debug enabling attack check for pptp...
Page 190
Unified services router user manual 188 internet on port %d %d:%d:%d:%d:%d enabling remote access management for ip address range" debug disabling port trigger rule for %d:%d:%d:%d:%d debug enabling remote access management to only this pc. Debug adding port trigger rule for %d:%d:%d:%d:%d debug dis...
Page 191
Unified services router user manual 189 update firewallrules6 where schedulename = '%s' to new " debug fwlbspilloverconfigure: could not set postrouting rules error dns proxy restart failed debug fwlbspilloverconfigure: something going wrong here error deleting interface to ifgroup failed debug fwl2...
Page 192
Unified services router user manual 190 facility: local0 (wireless) log message severity log message severity (node=%s) setting %s to val = %d debug sqlite3queryresget failed error custom wireless event: '%s' debug sqlite3queryresget failed error wireless event: cmd=0x%x len=%d debug vap(%s) set bea...
Page 193
Unified services router user manual 191 got pnac_event_preauth_success event for : %s debug udp failed, received length is %d error event for non-existent node %s debug umiioctl(umi_comp_kdot11, error pnac_event_eapol_start event received debug umiioctl(umi_comp_udot11,%d,%d ) \ error pnac_event_eap...
Page 194
Unified services router user manual 192 sending eapol pdu to pnac... Debug dot11_rx_eapol_keymsg: unknown ifname %s error creating pnac authenticator with values %d %d - %s debug cmd %d not supported.Sender=%d error profile %s does not exist debug inteface name passed is null error iapp initialized....
Page 195
Unified services router user manual 193 pnacrecvrtn: no corresponding pnac port pae found debug umiioctl(umi_comp_iapp,%d) failed error sending unicast key debug invalid ie. Error sending broadcast key debug umiioctl(umi_comp_kdot11_vap, %d ) failed error from pnacauthpaedisconnected: calling pnactx...
Page 196
Unified services router user manual 194 from pnacrecvmapi: pkt body len = %d, pkttype = %d debug eapolrecvkeymsg: invalid descriptor version error from pnacpduprocess: received pnac_eap_packet debug eapolrecvkeymsg: incorrect descriptor version error from pnacpduprocess: currentid = %d debug eapolre...
Page 197
Unified services router user manual 195 from pnacbackauthfail: calling pnactxcannedfail debug rc4 framework initialization failed error %s returned error debug pnac framework initialization failed error pnacumiioctlhandler: cmd: %s(%d) debug error: option value not specified error %s not configured ...
Page 198
Unified services router user manual 196 phyport:%s pnacradxlateradpktintegritychk: no corresponding " pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpktintegritychk: no message " error pnacportpaedeconfig:kpnacportpaedec onfig failed warn error from pnacradxlateradpk...
Page 199
Unified services router user manual 197 failed to initiate pbc based enrolle association error pnackeyinfoget:failed to allocate buffer error invalid association mode. (allowed modes : pin/pbc) error pnac user comp id not set. Dropping eapol key pkt error wpsenable: running wsccmd failed error pnacu...
Page 200
Unified services router user manual 198 invalid cipher type %d error error from pnacauthinit: pnacauthkeytxinit failed error profile supports wep stas,group cipher must be wep error error from pnacauthinit: pnacreauthtimerinit failed error profile %s does not exist error error from pnacauthinit: pna...
Page 201
Unified services router user manual 199 error in executing db update handler error pnaceapradauthsend: invalid arguments error sqlite3queryresget failed error pnaceapradauthsend: failed to allocate inbuffer error error: incomplete db update information. Error pnacxmit : umiioctl failed[%d] error old...
Page 202
Unified services router user manual 200 invalid config data error facility: kernel log message severity log message severity dnat: multiple ranges no longer supported debug %s: %s%s:%d -> %s:%d %s, debug dnat: target size %u wrong for %u ranges, debug %s: %s%s:%d %s, debug dnat: wrong table %s, tabl...
Page 203
Unified services router user manual 201 %s%d: bad sequence number: %d, expected: %d, debug ifmedia_ioctl: no media found for 0x%x, debug pppiocdetach file->f_count=%d, debug ifmedia_ioctl: switching %s to , dev- >name debug ppp: outbound frame not passed debug ifmedia_match: multiple match for debug...
Page 204
Unified services router user manual 202 %s: mac_del %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug %02x, ((u_int8_t *)p)[i] debug %s: mac_kick %02x:%02x:%02x:%02x:%02x:%02x, dev->name, addr[0], addr[1], addr[2], addr[3], addr[4], addr[5] debug fi...
Page 205
Unified services router user manual 203 %s: flow dst=%s, __function__, xfrmstraddr(fl->fl6_dst, family) debug encrypt data length mismatch debug %s: flow src=%s, __function__, xfrmstraddr(fl->fl6_src, family) debug encrypt data does not compare debug a guy asks for address mask. Who is it? Debug tki...
Page 206
Unified services router user manual 204 ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s, debug txmic debug udp: short packet: from %u.%u.%u.%u:%u %d/%d to %u.%u.%u.%u:%u, debug %02x, hk->kv_txmic[i] debug udp: bad checksum. From %d.%d.%d.%d:%d to %d.%d.%d.%d:%d ulen %d, debug %s: unable to update h/w beac...
Page 207
Unified services router user manual 205 ipt_time loading debug %s: failed to register sysctls!, sc- >sc_dev->name debug ipt_time unloaded debug %s: mac %d.%d phy %d.%d, dev- >name, debug ip_conntrack_irc: max_dcc_channels must be a positive integer debug 5 ghz radio %d.%d 2 ghz radio %d.%d, debug ip...
Page 208
Unified services router user manual 206 window=%u , ntohs(th->window) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug res=0x%02x , (u8)(ntohl(tcp_flag_word(th) & tcp_reserved_bits) >> 22) debug ipsec_err [%s:%d]: max (%d) no of sa limit reached, debug urgp=%u , ntohs(th->urg_ptr) deb...
Page 209
Unified services router user manual 207 physout=%s , physoutdev->name debug %s: error. Dst refcount value less than 1 (%d), debug mac= debug for %s device refcnt: %d ,pdst- >dev->name, debug %02x%c, *p, debug %s: got null m:%p *m:%p sa:%p *sa:%p,__func__,ppbufmgr, debug nat: no longer support implic...
Page 210
Unified services router user manual 208 >msg_iov[i].Iov_base)[j] %02x, skb->data[i] debug de initializing by \ info _lvl pppol2tp: _fmt, ##args debug kernel umi module loaded info %02x, ptr[length] debug kernel umi module unloaded info %02x, ((unsigned char *) m- >msg_iov[i].Iov_base)[j] debug loadi...
Page 211
Unified services router user manual 209 test key, key debug %s: %s (, dev_info, ath_hal_version info pre-hashed key, key debug %s: driver unloaded, dev_info info const char *descr, krb5_keyblock *k) { debug %s: driver unloaded, dev_info info aes 128-bit key, &key debug %s: version 2.0.0 info const c...
Page 212
Unified services router user manual 210 failed to set aes encrypt key debug icmp: %u.%u.%u.%u: info aes %s decrypt test duration: %d:%d, hard ? Hard : soft, debug icmp: %u.%u.%u.%u: source info failed to set aes encrypt key debug wrong address mask %u.%u.%u.%u from info failed to set aes encrypt key...
Page 213
Unified services router user manual 211 md5 software test %s, md5softtest(0) ? Failed : passed debug %s: options rejected: o[0]=%02x, o[1]=%02x, warnin g md5 hardware test: debug %s: don't know what to do: o[5]=%02x, warnin g md5 hardware test %s, md5hardtest(0) ? Failed : passed debug *** new port ...
Page 214
Unified services router user manual 212 value = %x ::: at page = %x : addr = %x debug cix %u (%u) bad ratekbps %u mode %u, warnin g reg size == 32 bit debug %s: no rates for %s?, warnin g value = %x ::: at page = %x : addr = %x debug no rates yet! Mode %u, sc- >sc_curmode warnin g reg size == 64 bit...
Page 215
Unified services router user manual 213 from g %s(): addba mode is auto, __func__ debug martian source %u.%u.%u.%u from warnin g %s(): invalid tid value, __func__ debug ll header: warnin g error in add- no node available debug unable to create ip_set_list error %s(): channel capabilities do not matc...
Page 216
Unified services router user manual 214 [%d]\tmacaddr\t%s, j, debug ppp: no memory (vj comp pkt) error [%d]\tdescp\t\t%s, j, ni- >node_trace[i].Descp debug ppp: no memory (comp pkt) error [%d]\tvalue\t\t%llu(0x%llx), j, ni- >node_trace[i].Value, debug ppp: compressor dropped pkt error ifmedia_add: n...
Page 217
Unified services router user manual 215 __function__ %s: failed to register sysctls!, proc_name debug ppp: vj uncompressed error error pktlog_tag %s: proc_mkdir failed, __function__ debug ppp_decompress_frame: no memory error pktlog_tag %s: pktlog_attach failed for %s, debug ppp_mp_reconstruct bad s...
Page 218
Unified services router user manual 216 %s: cancel dfs wait period on channel %d, __func__, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error non-dfs channel, cancelling previous dfs wait timer channel %d, sc- >sc_curchan.Channel debug %s: %s:%d: bad tunnel magic error %s: unable to re...
Page 219
Unified services router user manual 217 ,__func__ int)len %s: unable to start recv logic, debug %03d:, i error %s: invalid interface id = %u, __func__, if_id debug %02x, ((unsigned char *)p)[i] error %s: unable to allocate channel table, __func__ debug mic check failed error %s: tx antenna switch. D...
Page 220
Unified services router user manual 218 >ifname wakingup due to wow signal debug unable to register kifdev to umi error %s, wowstatus = 0x%x, __func__, wowstatus debug error: %s: timeout at page %#0x addr %#0x error pattern added already debug error: %s: timeout at page %#0x addr %#0x error error : ...
Page 221
Unified services router user manual 219 0x%08x 0x%08x, 0x%08x 0x%08x 0x%08x 0x%08x, debug ath_pci: 32-bit dma not available error sc_txq[%d] : , i debug ath_pci: cannot reserve pci memory region error tid %p pause %d : , tid, tid->paused debug ath_pci: cannot remap pci memory region) ; error %d: %p ...
Page 222
Unified services router user manual 220 index:%d, value:%d, code:%x, rate:%d, flag:%x, i, (int)validrateindex[i], debug dev is null %p %p ,dev,dst critical ratetable:%d, maxvalidrate:%d, ratemax:%d, prc->ratetablesize,k,prc- >ratemaxphy debug packet is fragmented %d,pbufmgr- >len critical can't allo...
Page 223
Unified services router user manual 221 appendix e. Rj-45 pin-outs signal rj-45 cable adapter signal rj-45 pin db-9 pin cts nc nc nc dtr nc nc nc txd 6 3 rxd gnd 5 5 gnd gnd 4 5 gnd rxd 3 2 txd dsr nc nc nc rts nc nc nc.
Page 224
Unified services router user manual 222 appendix f. Product statement 1. Dsr-1000n federal communications commission (fcc) compliance notice: radio frequency notice this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. ...
Page 225
Unified services router user manual 223 important note: radiation exposure statement this equipment complies with ic radiation exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying rf exposure compliance. To maintain compl...
Page 226
Unified services router user manual 224 Česky [czech] [d- link corporation] tímto prohlašuje, že tento [dsr-1000n] je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/es. Dansk [danish] undertegnede [d-link corporation] erklærer herved, at følgende udstyr [dsr-1000...
Page 227
Unified services router user manual 225 português [portuguese] [d-link corporation] declara que este [dsr-1000n]está conforme com os requisitos essenciais e outras disposições da directiva 1999/5/ce. Slovensko [slovenian] [d-link corporation] izjavlja, da je ta [dsr-1000n] v skladu z bistvenimi zaht...
Page 228
Unified services router user manual 226 2.Dsr-500n federal communications commission (fcc) compliance notice: radio frequency notice this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. These limits are designed to pro...
Page 229
Unified services router user manual 227 europe – eu declaration of conformity this device complies with the essential requirements of the r&tte directive 1999/5/ec. The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the r&tte d...
Page 230
Unified services router user manual 228 Česky [czech] [d-link corporation ] tímto prohlašuje, že tento [dsr-500n] je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/es. Dansk [danish] undertegnede [d-link corporation] erklærer herved, at følgende udstyr [dsr-500n]...
Page 231
Unified services router user manual 229 português [portuguese] [d-link corporation] declara que este [dsr-500n]está conforme com os requisitos essenciais e outras disposições da directiva 1999/5/ce. Slovensko [slovenian] [d-link corporation] izjavlja, da je ta [dsr-500n] v skladu z bistvenimi zahtev...
Page 232
Unified services router user manual 230 3.Dsr-250n federal communication commission interference statement this equipment has been tested and found to comply with the limits for a class b digital device, pursuant to part 15 of the fcc rules. These limits are designed to provide reasonable protection...
Page 233
Unified services router user manual 231 regulatory statement (r&tte) european standards dictate maximum radiated transmit power of 100mw eirp and frequency range 2.400- 2.4835ghz; in france, the equipment must be restricted to the 2.4465-2.4835ghz frequency range and must be restricted to indoor use...