Robotics Wireless MAXg ADSL Gateway User Guide Security settings These are the options available in the Security menu:. Wireless security The wireless security page allows you to configure the security features of your wireless network.

There are several security methods to choose from, depending on your needs and the capabilities of your wireless machines. WEP open and WEP shared —WEP is an encryption scheme that is used to protect your wireless data communications. WEP uses a combination of 64-bit keys or 128-bit keys to provide access control to your network and encryption security for every data transmission.

To decode a data transmission, each wireless client on the network must use an identical 64-bit or 128-bit key. WEP is an older wireless encryption method that is not as hard to break as the more-recent WPA.

802.1x — In 802.1x (also known as RADIUS), a separate machine called an authentication server receives a user ID and password. It grants or denies access based on whether the ID and password match any entries in its account list.

You can optionally enable WEP encryption with this option. Because it requires a separate machine acting as the authentication server, 802.1x is most often used in business enviroments. WPA with 802.1x (RADIUS) — WPA is a more recent encryption method that addresses many of the weaknesses in WEP. Any client capable of WPA encryption should use it instead of WEP.

This option uses WPA and an authentication server. WPA (PSK) — This is WPA encryption combined with a pre-shared key (PSK), which is a text string known only to the gateway and authorised wireless clients. The gateway rejects the login if the client's PSK does not match. WPA2 with 802.1x (RADIUS) — WPA2 is a more advanced encryption method than WPA.

Gg Radio For Machine

Because it is a more recent standard, some of your wireless devices might not be able to use it. This option specifies WPA2 encryption and an authentication server. WPA2 (PSK) — This option uses WPA2 with a pre-shared key. WPA2 and WPA with 802.1x (RADIUS) — This option supports an authentication server and WPA2/WPA encryption for devices capable of one or the other standard. The gateway automatically detects whether a particular device can use WPA2 or WPA.

WPA2 AND WPA (PSK) — This has WPA2 or WPA encryption based on client abilities, as well as a pre-shared key. After making changes, click Apply to save. MAC Filter All network interface cards are built with a unique 48-bit MAC address. When MAC address filtering is enabled, you can restrict the wireless devices that are allowed to connect to your gateway by their respective MAC addresses.

You could also grant access to any wireless device whose MAC address is on its 'allow' list. These are the values for the MAC restrict mode:. Allow all — Allow any wireless device to access your local network, which amounts to turning off MAC filtering. Allow these — Let only the devices with the MAC addresses in the MAC filter list have access to your wireless network.

Deny these — Exclude only the devices with the MAC addresses in the MAC filter list from accessing your wireless network. Allow access to any other MAC addresses. Below the MAC restrict mode is a table showing all MAC addresses that the restrict mode applies to. You can add up to 60 addresses to the list. For an example of adding MAC addresses to the list and otherwise configuring MAC filtering, please see the section of this User Guide.

If you wish to delete an entry from the list, select the appropriate MAC restrict mode, select the Remove checkbox for the entry you want to delete, and click the Remove button. Device Login You can use this page to change the password for the admin, support and user accounts. (Their default passwords are admin, support, and user respectively.) Simply select an account in the User name drop-down list, then enter the current and new passwords for the account. Enter the new password a second time to confirm it.

Mac

Then click Apply to save the new password. Internet Access Control You can use the Internet Access Control page to create a parental control rule that keeps certain network devices off the Internet for specific time periods. The rules can block access for a defined time period on certain days of the week. Note: If you want to use this feature, you must configure the gateway to synchronise its time with at least one Internet time-of-day server. See for more information. This is the Internet Access Control page when there are no filters defined: Click Add to define an Internet access filter, and enter its settings in the following page. In addition to the rule name, each rule you define has the MAC address of the machine to block, the time period to block it for, and a list of days that the time-period block is enforced.

Caution: If you want to set up access control for a machine other than the one you're currently using, select Other network device and enter that device's MAC address. After configuring the Internet access filter, click Save to save it. Here's what it might look like if you wanted to keep children off the Internet during after-school study hours: IP Filtering - Outbound Filters The gateway's firewall can block internal users or applications from accessing the Internet. There are two ways to accomplish this:. Using the TCP/UDP port numbers to block internal users or applications (a technique called port filtering). Using a combination of the source or destination port, protocol or source/destination IP address to block a specific machine from accessing the Internet.

This is also known as address filtering. The outbound filter page allows you to block outgoing packet types using either TCP, UDP, or a combination of both from specific ports. For a tutorial on how to use the outbound filter page to keep a computer from accessing the Internet, please. This is the outbound filtering page before adding a filter: To remove an existing filter definition from the outbound filter table (the first screen shown above), check the Remove checkbox for the filter and click the Remove button. The following page appears after you click Add. When you are done entering values for your filter, click Apply to save the filter.

These are the fields on the second page above (the page labeled Add IP Filter and Outgoing), where you define a filter that specifies a set of conditions for which to block access for one or more local machines. Item Description Filter name Enter a name for the filter here. Protocol Select TCP, UDP, a combination of TPC & UDP, or ICMP. Source IP address Enter the IP address that you do not want to let access the Internet or the destination address. Source subnet mask Enter the subnet mask for the source IP address. Source port Enter the source port number, or range of ports, for which you want to block access.

Destination IP address Enter the IP address you do not want the source IP address to have access to. Destination subnet mask Enter the subnet mask for the destination IP address. Destination port Enter the destination port number, or range of port numbers, you want to block access.

Gg radio for machine

IP Filtering - Inbound Filters This page allows incoming packets to reach their intended destinations by specifying rules for unblocking certain incoming packets. You could use it any time you want to allow restricted access to a machine, or you could configure unlimited access to a particular system (for example if one of your local machines is a Web server). Click on Add to create a new inbound filter. This table describes the fields in this Add IP Filter page: Field Description Filter name Enter a name for your inbound filter here.

Protocol Selects TCP, UDP, or a combination of TCP/UDP. Source IP address Enter the external IP address you want to allow access to your internal address that appears in the Destination IP address field. Source subnet mask Enter a subnet mask for the source IP address. Source port Enter a source port number, or a range of port numbers. Destination IP address Enter the internal IP address you want to provide access to. Destination subnet mask Enter a subnet mask for the destination IP address.

Destination port Enter the destination port number, or range of port numbers, you want to allow access (for the destination IP). After setting up your filter, click Apply to save it. Virtual Servers A virtual server allows you to direct incoming traffic from the Internet (identified by protocol and external port) to an internal server with a private IP address on the LAN. If you need to convert an external port you need to enter an internal port. To go to a tutorial showing you how to set up a virtual server. If you want to delete a virtual server, check the Remove checkbox for the appropriate line in the table and click Remove.

Note: If you set up a, all packets for addresses other than those specified in this page go to a designated DMZ machine. Port Triggering Port triggering is similar to a, except that it creates a dynamic or temporary hole in the firewall. You can configure it so that when one of the local systems uses a specified outgoing port to create a TCP/UPD connection to an outside system, that system is granted access to your network through the specified incoming ports. Port triggering is more secure than a virtual server, but it does not support simultaneous use of the same ports by multiple systems. Click Add to set up port triggering for an Internet application. In the next page (shown below), select the application name, which fills in the settings in the table below.

If the application you want is not in the list, select Custom application and fill in the table parameters below. (See the application's documentation to find out what the settings should be.) Click Apply to save the port trigger. Note: A port trigger is available to a single active session. It cannot simultaneously support same-port triggers to multiple clients. DMZ Host The de-militarised zone (DMZ) option is for forwarding IP packets from the Internet that are not meant for any of the applications configured in the table. These packets are forwarded to a designated DMZ host computer.

While a virtual server can only forward (redirect) a limited number of services (ports), DMZ hosting allows all the services (ports) running on the DMZ host to be accessible externally. This is the DMZ Host page.

To configure the DMZ, simply enter the IP address of the computer that will function as the DMZ host. Click Apply to save the DMZ address. To deactivate the DMZ feature, clear DMZ host IP address and click Apply.