Netgear MBRN3000 Manual

Netgear Router MBRN3000

Læs gratis den danske manual til Netgear MBRN3000 (72 sider) i kategorien Router. Denne vejledning er vurderet som hjælpsom af 9 personer og har en gennemsnitlig bedømmelse på 4.9 stjerner ud af 5 anmeldelser. Har du et spørgsmål om Netgear MBRN3000, eller vil du spørge andre brugere om produktet?

Side 1/72
June 2010
202-10578-01
v1.0
350 East Plumeria Drive
San Jose, CA 95134
USA
2 |
Mobile Broadband Wireless-N Router MBRN3000
© 2010 NETGEAR, Inc.© 2010 by NETGEAR, Inc. All rights reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated
into any language in any form or by any means without the written permission of NETGEAR, Inc.
Part Number 202-10578-01 v1.0
Technical Support
When you register your product at http://www.netgear.com/register, NETGEAR can provide you with faster expert
technical support and timely notices of product and software upgrades.
NETGEAR, Inc.
350 East Plumeria Drive
San Jose, CA 95134 USA
E-mail: support@netgear.com
Website: http://www.netgear.com
Phone: 1-888-NETGEAR, for US & Canada only. For other countries, see your Support information card.
Trademarks
NETGEAR, the NETGEAR logo, ProSafe, Smart Wizard, and Auto Uplink are trademarks or registered
trademarks of NETGEAR, Inc. Microsoft, Windows, Windows NT, and Vista are registered trademarks of Microsoft
Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders.
Statement of Conditions
To improve internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes
to the products described in this document without notice. NETGEAR does not assume any liability that may occur
due to the use or application of the product(s) or circuit layout(s) described herein.
Revision History
Publication Part Number Version Publish Date
202-10578-01 v1.0 June 2010
Table of Contents | 3
Chapter 1 Connecting to the Internet
Hardware Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Router Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Router Back Panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Router Label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Using the Router Stand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Logging In to Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Accessing the Setup Wizard After Installation. . . . . . . . . . . . . . . . . . . . . . 11
Manually Configuring Your Internet Settings . . . . . . . . . . . . . . . . . . . . . . . 11
Chapter 2 Wireless Network Configuration
Planning Your Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Wireless Placement and Range Guidelines . . . . . . . . . . . . . . . . . . . . . 14
Wireless Security Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Manually Configuring Your Wireless Settings . . . . . . . . . . . . . . . . . . . . . . 15
Wireless Guest Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Configuring WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Configuring WPA, WPA2, or WPA + WPA2 . . . . . . . . . . . . . . . . . . . . . 19
Using Push 'N' Connect (WPS) to Configure Your Wireless Network . . . . 19
WPS Button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
WPS PIN Entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Adding Wireless Computers that Do Not Support WPS . . . . . . . . . . . . 22
Chapter 3 Protecting Your Network
Protecting Access to Your Mobile Broadband Wireless-N Router. . . . . . . 23
Changing the Built-In Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Changing the Administrator Login Time-out . . . . . . . . . . . . . . . . . . . . . 24
Blocking Sites and Keywords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Blocking Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Setting Your Time Zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Scheduling Firewall Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Live Parental Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Chapter 4 Managing Your Network
Backing Up, Restoring, or Erasing Your Settings . . . . . . . . . . . . . . . . . . . 30
Backing Up the Configuration to a File . . . . . . . . . . . . . . . . . . . . . . . . . 30
Mobile Broadband Wireless-N Router MBRN3000
4 | Table of Contents
Restoring the Configuration from a File . . . . . . . . . . . . . . . . . . . . . . . . .31
Erasing the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Upgrading the Router Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Router Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Showing Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Connection Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Viewing Attached Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Viewing, Selecting, and Saving Logged Information . . . . . . . . . . . . . . .37
Examples of Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
Enabling Security Event E-mail Notification . . . . . . . . . . . . . . . . . . . . . . . .39
Running Diagnostic Utilities and Rebooting the Router . . . . . . . . . . . . . . .40
Enabling Remote Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Configuring Remote Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Chapter 5 Advanced
Advanced Wireless Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Wireless Station Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Restricting Access by MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Port Forwarding and Port Triggering . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Port Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Port Triggering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
WAN Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Setting Up a Default DMZ Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
LAN IP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
DHCP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Reserved IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Configuring Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Using Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Static Route Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Universal Plug and Play (UPnP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Traffic Meter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Chapter 6 Troubleshooting
Basic Functioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Troubleshooting Access to the Router Main Menu. . . . . . . . . . . . . . . . . . .58
Troubleshooting the ISP Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Connecting to the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Troubleshooting Internet Browsing . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Troubleshooting a TCP/IP Network Using the Ping Utility . . . . . . . . . . . . .60
Testing the LAN Path to Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Testing the Path from Your Computer to a Remote Device . . . . . . . . . .61
Restoring the Default Configuration and Password . . . . . . . . . . . . . . . . . .62
Problems with Date and Time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
10 | Chapter 1: Connecting to the Internet
Mobile Broadband Wireless-N Router MBRN3000
To log in to the router:
1. Type http://www.routerlogin.net in the address field of your browser, and then press
Enter. A login window displays:
2. Enter For admin for the user name and your password (or the default, password).
information about how to change the password, see Changing the Built-In Password on
page .23
Note: If you changed your password and do not remember what it is, you
can restore the router to its factory settings. See "Factory Default
Settings " in Appendix A.
3. If the router has not been configured, the Smart Wizard screen displays. After the router has
been configured, the Firmware Upgrade assistant will appear.
Checking for Firmware Updates screen. After initial setup, this screen displays
unless you have cleared the checkbox.Check for Updated Firmware Upon Log-in
Router Status screen. The Router Status screen displays if the router’s Internet
connection has not been set up yet. See on page 33. “Router Status”
4. You can use different methods to configure your router.
Select Setup Wizard from the router menu to set up your Internet connection and
wireless network configuration. See “Accessing the Setup Wizard After Installation
on page .11
You can manually configure the router settings. See “Manually Configuring Your
Internet Settings” on page .11
Chapter 1: Connecting to the Internet | 11
Mobile Broadband Wireless-N Router MBRN3000
Accessing the Setup Wizard After Installation
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. Select Setup Wizard:
3. Click Next.
The Setup Wizard prompts you to set up your Internet connection and wireless network
as described in the .Mobile Broadband Wireless-N Router MBRN3000 Installation Guide
Manually Configuring Your Internet Settings
In order to connect to the network, and active broadband service account is required. Please
contact your ISP for user name, password and the network name.
To manually configure your Internet settings:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. Select Mobile Broadband Settings.
3. Adjust the settings as needed based on your
Internet connection. The fields in this screen are
described in Table 2. Depending on your
region and ISP, some fields might not be
available.
4. The following buttons are available:
Connect: Manually connect to the
network.
Disconnect: Disconnect from the current
network.
Apply: Apply the changes that you made.
Cancel: Discard changes.
Refresh: Update the connection status.
12 | Chapter 1: Connecting to the Internet
Mobile Broadband Wireless-N Router MBRN3000
Table 2. Broadband Settings fields
Fields and Checkboxes Description
Username Internet account login username
Password Internet account password for authentication
PIN code Pin code of the SIM card, where applicable
Network name/APN ISP network name
PDP type Type of packet data protocol
Connect automatically at startup If this checkbox is selected, the modem automatically connects to
the network when powered up. This should be selected after login
information is provided.
Reconnect automatically when
connection is lost
If this check box is selected, the modem will attempt to reconnect to
the network when the connection is lost. Under normal situation, this
setting should be selected.
Roaming automatically If this checkbox is selected, the unit can roam to any available
operator in range and may incur roaming charges. Check with your
operator before enabling this feature.
Connection status Current WAN port status
Chapter 2: Wireless Network Configuration | 13
2.
2
For a wireless connection, the SSID, also called the wireless network name, and the
wireless security setting must be the same for the router and wireless computers or wireless
adapters. NETGEAR strongly recommends that you use wireless security.
Note: Computers can connect wirelessly at a range of several hundred
feet. If you do not use wireless security, this can allow others outside
of your immediate area to access your network.
Planning Your Wireless Network
For compliance and compatibility between similar products in your area, the operating
channel and region must be set correctly.
To configure the wireless network, you can either specify the wireless settings, or you can
use Wi-Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/WPA2
security.
To manually configure the wireless settings, you must know the following:
-SSID. The default SSID for the router is NETGEAR-3G.
-The wireless mode (80.211n, 802.11g, or 802.11b) that each wireless adapter
supports.
-Wireless security option. To successfully implement wireless security, check each
wireless adapter to determine which wireless security option it supports.
See on page 15.“Manually Configuring Your Wireless Settings”
Push 'N' Connect (WPS) implements WPA/WPA2 wireless security on the router and your
wireless computer or device at the same time. The wireless computer or device must be
compatible with WPS.
See on page 19.“Using Push 'N' Connect (WPS) to Configure Your Wireless Network
14 | Chapter 2: Wireless Network Configuration
Mobile Broadband Wireless-N Router MBRN3000
Wireless Placement and Range Guidelines
The range of your wireless connection can vary significantly based on the physical placement
of the router. The latency, data throughput performance, and notebook power consumption of
wireless adapters also vary depending on your configuration choices.
For best results, place your router according to the following guidelines:
Near the center of the area in which your PCs will operate.
In an elevated location such as a high shelf where the wirelessly connected PCs have
line-of-sight access (even if through walls).
Away from sources of interference, such as PCs, microwave ovens, and 2.4 GHz
cordless phones.
Away from large metal surfaces.
Put the antenna in a vertical position to provide the best side-to-side coverage. Put the
antenna in a horizontal position to provide the best up-and-down coverage.
If using multiple access points, it is better if adjacent access points use different radio
frequency channels to reduce interference. The recommended channel spacing between
adjacent access points is 5 channels (for example, use Channels 1 and 6, or 6 and 11).
The time it takes to establish a wireless connection can vary depending on both your security
settings and placement. WEP connections can take slightly longer to establish. Also, WEP
encryption can consume more battery power on a notebook computer.
Wireless Security Options
Indoors, computers can connect over 802.11g wireless networks at a maximum range of up
to 300 feet. Such distances can allow for others outside your immediate area to access your
network.
Unlike wired network data, your wireless data transmissions can extend beyond your walls
and can be received by anyone with a compatible adapter. For this reason, use the security
features of your wireless equipment. The Mobile Broadband Wireless-N Router provides
highly effective security features which are covered in detail in this chapter. Deploy the
security features appropriate to your needs.
Chapter 2: Wireless Network Configuration | 15
Mobile Broadband Wireless-N Router MBRN3000
There are several ways you can enhance the security of your wireless network:
Figure 4 Wireless Security
Restrict Access Based on MAC Address. You can allow only trusted PCs to connect so
that unknown PCs cannot wirelessly connect to the router. Restricting access by MAC
address adds an obstacle against unwanted access to your network, but the data
broadcast over the wireless link is fully exposed.
Turn Off the Broadcast of the Wireless Network Name SSID. If you disable broadcast
of the SSID, only devices that have the correct SSID can connect. This nullifies wireless
network ‘discovery’ feature of some products, such as Windows XP, but the data is still
exposed.
WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
Shared Key authentication and WEP data encryption block all but the most determined
eavesdropper. This data encryption mode has been superseded by WPA-PSK and
WPA2-PSK.
WPA-802.1x, WPA2-802.1x. Wi-Fi Protected Access (WPA) with user authentication
implemented using IEE 802.1x and RADIUS servers.
WPA-PSK (TKIP), WPA2-PSK (AES). Wi-Fi Protected Access (WPA) using a pre-shared
key to perform authentication and generate the initial data encryption keys. The very
strong authentication along with dynamic per frame re-keying of WPA makes it virtually
impossible to compromise.
For more information about wireless technology, see the link to the online document in
"Wireless Communications: " in Appendix B.
Manually Configuring Your Wireless Settings
Note: If you use a wireless computer to change the wireless network
name (SSID) or wireless security, you will be disconnected when
you click Apply. To avoid this problem, connect your computer to the
router with an Ethernet cable while you are making changes.
16 | Chapter 2: Wireless Network Configuration
Mobile Broadband Wireless-N Router MBRN3000
To view or manually configure the wireless settings:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. Select Wireless Settings from the main
menu.
The settings for this screen are explained
in .Table 3
3. Select the region in which the router will
operate.
4. For initial configuration and test, leave the
other settings unchanged.
5. To save your changes, click Apply.
6. Configure and test your computers for
wireless connectivity.
Set up your wireless computers with the
same SSID and wireless security settings
as your router. Check that they have a
wireless link and are able to obtain an IP
address by DHCP from the router. If
there is interference, adjust the channel.
Table 3. Wireless Settings
Settings Description
Wireless
Network
The green radio button shows which network you have selected, the Primary network, or
one of three guest networks that you can set up. For help with guest networks, see “The
settings that you configured in Step 2 are broadcast to the WPS devices so that they can
connect to the router.” on page 22.
Name (SSID) The SSID is also known as the wireless network name. Enter a
32-character (maximum) name in this field. This field is
case-sensitive.
When there is more than one wireless network, SSIDs provide a
means for separating the traffic. To join a network, a wireless
computer or device must use the SSID.
Region The location where the Router is used.
Channel The wireless channel used by the gateway. The default is Auto.
Do not change the channel unless you experience interference
(shown by lost connections or slow data transfers). If this happens,
you might need to try different channels to see which works best.
Mode The default is up to 145 Mbps.
Chapter 2: Wireless Network Configuration | 17
Mobile Broadband Wireless-N Router MBRN3000
Wireless Guest Networks
A wireless guest network allows you to provide guests access to your wireless network
without prior authorization of each individual guest. You can configure wireless guest
networks and specify the security options for each wireless guest network.
To configure a wireless guest network:
1. In the main menu, under Setup, select Wireless Settings:
2. Select the radio button for the network profile that you want to set up.
3. You can specify the SSID, Security, and whether the SSID broadcast is enabled.
NETGEAR recommends that you change the SSID to a different name. Note that the
SSID is case-sensitive. For example, GuestNetwork is not the same as
Guestnetwork.
Wireless security is disabled by default. NETGEAR strongly recommends that you
implement wireless security for the guest network.
4. To configure wireless security for the guest network, enter the security options.
5. When you have finished making changes, click Apply.
Security Options None You can use this setting to establish wireless connectivity before
implementing wireless security. NETGEAR strongly recommends
that you implement wireless security.
WEP Use encryption keys and data encryption for data security. You can
select 64-bit or 128-bit encryption. See .Configuring WEP
WPA-PSK (TKIP) Allow only computers configured with WPA to connect to the
router. See .Configuring WPA, WPA2, or WPA + WPA2
Security Options
(continued)
WPA2-PSK (AES) Allow only computers configured with WPA2 to connect to the
router. See . Configuring WPA, WPA2, or WPA + WPA2
WPA-PSK (TKIP) +
WPA2-PSK (AES)
Allow computers configured with either WPA-PSK or WPA2-PSK
security to connect to the router. See Configuring WPA, WPA2, or
WPA + WPA2.
Table 3. Wireless Settings (Continued)
Settings Description
18 | Chapter 2: Wireless Network Configuration
Mobile Broadband Wireless-N Router MBRN3000
Configuring WEP
Note: If you use a wireless computer to configure wireless security
settings, you will be disconnected when you click Apply. Reconfigure
your wireless computer to match the new settings, or access the
router from a wired computer to make further changes.
To configure WEP data encryption:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. From the main menu, select Wireless Settings to display the Wireless Settings screen.
3. In the Security Options section, select the WEP
(Wired Equivalent Privacy) radio button:
4. Select the Authentication Type: , Automatic
Open System Shared Key, or . The default is
Open System.
Note: The authentication is separate from the
data encryption. You can select
authentication that requires a shared key, but
still leaves data transmissions unencrypted.
Security is stronger if you use both the Shared
Key and WEP encryption settings.
5. Select the Encryption Strength setting:
WEP (Wired Equivalent Privacy) 64-bit
encryption. Enter 10 hexadecimal digits (any combination of 0–9, a–f, or A–F).
WEP (Wired Equivalent Privacy) 128-bit encryption. Enter 26 hexadecimal digits
(any combination of 0–9, a–f, or A–F).
6. Enter the encryption keys. You can manually or automatically program the four data
encryption keys. These values must be identical on all computers and Access Points in your
network:
Passphrase. To use a passphrase to generate the keys, enter a passphrase, and
click . This automatically creates the keys. Wireless stations must use the Generate
passphrase or keys to access the router.
Note: Not all wireless adapters support passphrase key generation.
Key 1-Key4. These values are not case-sensitive. You can manually enter the four
data encryption keys. These values must be identical on all computers and access
Chapter 2: Wireless Network Configuration | 19
Mobile Broadband Wireless-N Router MBRN3000
points in your network. Enter 10 hexadecimal digits (any combination of 0 9, a f, or – –
AF).
7. Select which of the four keys will be the default.
Data transmissions are always encrypted using the default key. The other keys can be
used only to decrypt received data. The four entries are disabled if WPA-PSK or WPA
authentication is selected.
8. Click Apply to save your settings.
Configuring WPA, WPA2, or WPA + WPA2
Both WPA and WPA2 provide strong data security. WPA with TKIP is a software
implementation that can be used on Windows systems with Service Pack 2 or later; WPA2
with AES is a hardware implementation; see your device documentation before implementing
it. Consult the product documentation for your wireless adapter for instructions for configuring
WPA settings.
Note: If you use a wireless computer to configure wireless security
settings, you will be disconnected when you click Apply. If this
happens, reconfigure your wireless computer to match the new
settings, or access the router from a wired computer to make further
changes.
To configure WPA or WPA2 in the router:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. Select Wireless Settings from the main menu.
3. On the Wireless Setting screen, select the radio button for the WPA or WPA2 option of your
choice.
4. For WPA-PSK or WPA2-PSK, enter the passphrase.
5. To save your settings, click Apply.
Using Push 'N' Connect (WPS) to Configure Your
Wireless Network
To use Push 'N' Connect, your wireless computers or devices must support Wi-Fi Protected
Setup (WPS). Compatible equipment usually has the WPS symbol on it. WPS can
configure the network name (SSID) and set up WPA/WPA2 wireless security for the router
and the wireless computer or device at the same time.
Some considerations regarding WPS are:
20 | Chapter 2: Wireless Network Configuration
Mobile Broadband Wireless-N Router MBRN3000
NETGEAR’s Push 'N' Connect feature is based on the WPS standard. All other
Wi-Fi-certified and WPS-capable products should be compatible with NETGEAR products
that implement Push 'N' Connect.
If your wireless network will include a combination of WPS capable devices and non-WPS
capable devices, NETGEAR suggests that you set up your wireless network and security
settings manually first, and use WPS only for adding WPS capable devices.
WPS Button
Any wireless computer or wireless adapter that will connect to the router wirelessly is a client.
The client must support a WPS button, and must have a WPS configuration utility, such as
the NETGEAR Smart Wizard or Atheros Jumpstart.
To use the router WPS button to add a WPS client:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. On the router main menu, select Add
a WPS Client, and then click Next.
WPS
button
By default, the Push Button
(recommended) radio button is
selected.
3. Either click the onscreen button or
press the WPS button on the front of
the router.
The router tries to communicate with the client (the computer that wants to join the
network) for 2 minutes.
4. Go to the client wireless computer, and run a WPS configuration utility. Follow the utilitys
instructions to click a WPS button.
5. Go back to the router screen to check for a message.
The router WPS screen displays a message confirming that the client was added to the
wireless network. The router generates an SSID, and implements WPA/WPA2 wireless
security. The router will keep these wireless settings unless you change them, or you
clear the check box in the WPS Settings screen.Keep Existing Wireless Settings
6. Note the new SSID and WPA/WPA2 password for the wireless network. You can view these
settings in the Wireless Settings screen. See “Manually Configuring Your Wireless Settings”
on page .15
22 | Chapter 2: Wireless Network Configuration
Mobile Broadband Wireless-N Router MBRN3000
Adding Wireless Computers that Do Not Support WPS
If you set up your network with WPS, and now you want to add a computer that does not
support WPS, you must manually configure that computer. To view the wireless settings for
the router, see “Manually Configuring Your Wireless Settings” on page 15.
Because WPA randomly creates the SSID and WPA/WPA2 keys, they might be difficult to
type or remember (that is one reason why the network is so secure). You can change the
wireless settings so that they are easier for you to remember. If you do that, then you will
need to set up the WPS-compatible computers again.
Changing Wireless Settings for the Network:
Note: Making these changes will cause all wireless computers to be
disconnected from network. You will then have to set them up with
the new wireless settings.
1. Use an Ethernet cable to connect a computer to the router. That way you will not get
disconnected when you change the wireless settings.
2. Log in to the router and select Wireless Settings (see “Manually Configuring Your Wireless
Settings on page 15).
3. Make the following changes:
Change the Wireless Network Name (SSID) to a meaningful name.
On the WPA/PSK + WPA2/PSK screen, select a passphrase.
Make sure that the Keep Wireless Settings checkbox is selected in the WPS Settings
screen so that your new settings will not be erased if you use WPS.
4. Click Apply so that your changes take effect. Write down your settings.
All existing wireless clients are disassociated and disconnected from the router.
5. For the non-WPS devices that you want to connect, open the networking utility and follow
the utilitys instructions to enter the security settings that you selected in Step 2 (the SSID,
WPA/PSK + WPA2/PSK security method, and passphrase).
6. For the WPS devices that you want to connect, follow the procedure WPS Button on
page 20 or “WPS PIN Entry on page .21
The settings that you configured in Step 2 are broadcast to the WPS devices so that they
can connect to the router.
Chapter 3: Protecting Your Network | 23
3. Protecting Your Network
3
This chapter describes how to use the basic firewall features of the router to protect your
network.
Note: For information about the advanced content filtering features port
forwarding and port triggering, see “Port Forwarding and Port
Triggeringon page 46.
Protecting Access to Your Mobile Broadband
Wireless-N Router
For security reasons, the router has its own user name and password. Also, after a period of
inactivity, the login automatically disconnects. The user name and password are not the
same as a user name or password you might use to log in to your Internet connection.
NETGEAR recommends that you change this password to a more secure password. The
ideal password should contain no dictionary words from any language, and should be a
mixture of both upper and lower case letters, numbers, and symbols. Your password can be
up to 30 characters.
Changing the Built-In Password
1. To log in to the router, type http://www.routerlogin.net in the address field of your
Internet browser. Enter admin for the user name and your password (or the default,
password ).
Note: If you changed the password and do not remember what it is, you
can reset the router to its factory default settings. See “Restoring the
24 | Chapter 3: Protecting Your Network
Mobile Broadband Wireless-N Router MBRN3000
Default Configuration and Password” on page 62.
2. From the main menu, under the Maintenance heading, select Set Password:
3. To change the password, first enter the old password, and then enter the new password
twice.
4. Click Apply to save your changes.
Note: After changing the password, you must log in again to continue the
configuration. If you have backed up the router settings previously,
you should do a new backup so that the saved settings file includes
the new password.
Changing the Administrator Login Time-out
For security, the administrator login to the router configuration times out after a period of
inactivity. To change the login time-out period:
1. In the Set Password screen, type a number in the Administrator login times out field.
The suggested default value is 5 minutes.
2. Click Apply to save your changes, or click Cancel to keep the current period.
Blocking Sites and Keywords
The router provides a variety of options for blocking Internet-based content and
communications services. With its content filtering feature, the router prevents objectionable
content from reaching your PCs. You can control access to Internet content by screening for
keywords within Web addresses. Content filtering options include:
Keyword blocking of HTTP traffic.
Outbound service blocking. Limits access from your LAN to Internet locations or services
that you specify as off-limits.
Denial of service (DoS) protection. Detects and thwarts denial of service (DoS) attacks
such as Ping of Death, SYN flood, LAND attack, and IP spoofing.
Chapter 3: Protecting Your Network | 25
Mobile Broadband Wireless-N Router MBRN3000
Blocking unwanted traffic from the Internet to your LAN.
The router allows you to restrict access to Internet content based on Web addresses and
Web address keywords.
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. On the main menu, select Block Sites to display the Block Sites screen:
3. To enable keyword blocking, select one of the following:
Per Schedule. Turn on keyword blocking according to the settings on the Schedule
screen.
Always. Turn on keyword blocking all the time, independent of the setting in the
Schedule screen.
4. Enter a keyword or domain in the Keyword field, click Add Keyword, and then click Apply.
Some examples of keyword applications are shown in the following chart.
Up to 32 entries are supported in the Keyword list.
Note: If you block sites, you can set up the router to log attempts to access
them. See on “Viewing, Selecting, and Saving Logged Information”
page 37.
Keyword Result
XXX Block the URL http://www.badstuf.com/xxx.html.
.com Only websites with other domain suffixes (such as .edu or .gov) can be viewed.
. ( a period) Block all Internet browsing access.
26 | Chapter 3: Protecting Your Network
Mobile Broadband Wireless-N Router MBRN3000
5. To delete a keyword or domain, select it from the list, click Delete Keyword, and then click
Apply.
6. To specify a trusted user, enter that computers IP address in the Trusted IP Address field,
and then click Apply.
You can specify one trusted user, which is a computer that will be exempt from blocking
and logging. Since the trusted user will be identified by an IP address, you should
configure that computer with a fixed IP address.
7. Click Apply to save your settings.
Blocking Services
1. Log in to the router as described in “Logging In to Your Router” on page 9.
2. In the main menu, under Content Filtering, select Block Services to display this screen:
Figure 3-1
.
3. Select one of the following:
Per Schedule. Turn on keyword blocking according to the settings in the Schedule
screen.
Always. Turn on keyword blocking all the time, independent of the Schedule screen.
Chapter 3: Protecting Your Network | 27
Mobile Broadband Wireless-N Router MBRN3000
4. Click Add and the following screen displays:
5. Either select a service from the Service Type drop-down list, or use the Service/Type User
Defined field to create a custom service.
6. Click Add to create the service, and it will be listed in the Service Table on the Block
Services screen.
7. Click Apply to save your settings.
Scheduling
The router uses network time protocol (NTP) to obtain the current time and date from one of
several network time servers on the Internet.
Setting Your Time Zone
To localize the time for your log entries, you must specify your time zone:
1. Log in to the router as described in “Logging In to Your Router” on page 9.
Chapter 3: Protecting Your Network | 29
Mobile Broadband Wireless-N Router MBRN3000
protect you from identity theft and scams, Live Parental Control blocks up to 50 categories of
Internet content.
Live Parental Controls is an excellent solution for keeping your family safe online, but like all
Web filtering tools, it isn't perfect. NETGEAR reminds you there’s no substitute for keeping
the family computer in a common area and in plain sight where you can monitor the websites
your kids are visiting, and taking caution when visiting Web sites requesting personal or
financial information.
To download Live Parental Controls, click the Live Parental Controls link on the router menu
to go to the website: http://www.netgear.com/lpc.
Web-based GUI
Live Parental Controls is the first to allow parents or network administrators to manage
settings while away from home or office. This is particularly convenient when access
“exceptions” need to be made. And since settings are stored on the web, using a browser
interface to manage them is not difficult at all.
Total home protection
Live Parental Controls protects all Internet-connected devices thru the router. It not only
protects computers, but also set-top boxes, iPhones, iPods, and gaming consoles that are
attached to your network. You no longer need to worry about phones and gaming consoles
not being protected when kids use them in their own rooms. Even guest computers
accessing the Internet through your network are protected.
Flexible settings
You may have your own computer or you may be sharing a computer with other members in
the family. Default and per-user settings allow customizable configurations for different
computing arrangement and personalize the settings for each person. Per-time setting allows
Internet access during scheduled time slots, to help manage work/play balance.
Minimal software installation
Installation requires a one-time installation of the Management Utility. Once Live Parental
Controls is set up, the software runs in the background and does not interfere with normal
Internet usage.
Chapter 4: Managing Your Network | 30
4.
4
This chapter describes how to perform network management tasks with your Mobile Broadband
Wireless-N Router.
Backing Up, Restoring, or Erasing Your Settings
The configuration settings of the router are stored in a configuration file in the router. This file
can be backed up to your computer, restored, or reverted to factory default settings. The
procedures below explain how to do these tasks.
Backing Up the Configuration to a File
1. Log in to the router. Type http://www.routerlogin.net in the address field of your
Internet browser. Enter admin for the user name and your password (or the default,
password).
2. Under the Maintenance heading on the main menu, select Backup Settings to display the
Backup Settings screen:
3. Click Save to save a copy of the current settings.
4. Store the .cfg file on a computer on your network.
Chapter 4: Managing Your Network | 31
Mobile Broadband Wireless-N Router MBRN3000
Restoring the Configuration from a File
To restore the configuration:
1. Log in to the router. Type http://www.routerlogin.net in the address field of your
Internet browser. Enter admin for the user name and your password (or the default,
password).
2. Under the Maintenance heading on the main menu, select Backup Settings.
3. Enter the full path to the file on your network, or click Browse to locate the file.
4. When you have located the .cfg file, click Restore to upload the file to the router.
5. The router reboots.
Erasing the Configuration
You can use the Erase feature to erase its configuration settings and restore the router to the
factory default settings.
To erase the configuration:
1. Under the Maintenance heading on the main menu select, Backup Settings.
2. Click Erase.
3. The router reboots.
After an erase, the router password is , the LAN IP address is password 192.168.0.1, and
the router DHCP client is enabled.
Note: To restore the factory default configuration settings when you do not
know the login password or IP address, press the Restore Factory
Settings button on the bottom of the router for 6 seconds.
Upgrading the Router Firmware
The router firmware is stored in flash memory, and can be upgraded as new firmware is
released by NETGEAR. Upgrade files can be downloaded from the NETGEAR website. If the
upgrade file is compressed (a .zip file), you must first extract the binary (.bin or .img) file
before uploading it to the router.
NETGEAR recommends that you back up your configuration before doing a firmware
upgrade. After the upgrade is complete, you might need to restore your configuration
settings.
1. Download and unzip the new firmware file from NETGEAR.
32 | Chapter 4: Managing Your Network
Mobile Broadband Wireless-N Router MBRN3000
The Web browser used to upload new firmware into the router must support HTTP
uploads. NETGEAR recommends using Microsoft Internet Explorer 5.0 or newer, or
Mozilla Firefox 2.0 or newer.
2. Log in to the router. Type in the address field of your Internet http://www.routerlogin.net
browser. Enter admin for the user name and your password (or the default, password ).
3. From the main menu, under the Maintenance heading, select Router Upgrade to display this
screen:
4. Click Browse to locate the binary (.bin or .img) upgrade file.
5. Click Upload.
WARNING!
When uploading firmware to the router, do not interrupt the Web
browser by closing the window, clicking a link, or loading a new
page. If the browser is interrupted, it might corrupt the firmware,
causing router to be unworkable and inaccessible. When the
upload is complete, your router will automatically restart. The
upgrade process typically takes about 1 minute. In some cases,
you might need to clear the configuration and reconfigure the
router after upgrading.
Chapter 4: Managing Your Network | 33
Mobile Broadband Wireless-N Router MBRN3000
Router Status
From the main menu, below the Maintenance
heading, select Router Status to view this
screen.
You can use this screen to view the status of the
router, to show statistics, or to view the
connection status.
For information about the fields on this
screen, see Table 4.
See “Showing Statistics” on page 35 for
information about statistics.
For information about the Internet
connection, see “Connection Status” on
page 36
Table 4. Router Status Fields
Field Description
Firmware Version This field displays the router firmware version.
HSDPA
(High-Speed
Downlink Packet
Access)
Modem Identity Shows the modem in use.
Modem sw version The software version of the modem.
Modem driver
version
The driver version of the modem.
IMSI International Mobile Subscriber Identity. SIM card identity.
IMEI International Mobile Equipment Identity.
Unique identity of the modem.
Operator The ISP for the broadband wireless network.
Network mode The mode of the current network the modem is connected to.
This is dependent on coverage and distance from the cell site.
34 | Chapter 4: Managing Your Network
Mobile Broadband Wireless-N Router MBRN3000
WAN Port Connection Status The status of the Internet connection.
IP Address The IP address used by the modem. If no address is shown,
the router cannot connect to the Internet.
Protocol The protocol for the Internet connection, which is PPP
(Point-to-Point).
IP Subnet Mask The IP subnet mask used by the router’s USB port.
Gateway IP Address The IP address used by the router.
Domain Name
Server
The DNS server IP addresses used by the router. These
addresses are usually obtained dynamically from the ISP.
LAN Port MAC Address The Ethernet MAC address used by the router’s LAN port.
IP Address The LAN port IP address. The default is 192.168.0.1.
DHCP The router will not assign IP addresses to PCs on the Off:
LAN.
The router assigns IP addresses to PCs on the LAN.On:
IP Subnet Mask The LAN port IP subnet mask. The default is 255.255.255.0.
Wireless Port
(See “Manually
Configuring Your
Wireless Settings”
on page 15.
Name (SSID) The service set ID, also known as the wireless network name.
Region The country where the unit is set up for use.
Channel The current channel, which determines the operating
frequency.
Wireless AP Indicates if the access point feature is disabled or not. If not
enabled, the Wireless LED on the front panel will be off.
Broadcast Name Indicates if the router is configured to broadcast its SSID.
Table 4. Router Status Fields (Continued)
Field Description
Chapter 4: Managing Your Network | 35
Mobile Broadband Wireless-N Router MBRN3000
Showing Statistics
Click the button on the Router Status screen to display router usage Show Statistics
statistics:
This following table explains the statistic fields.
Table 5. Router Statistics Fields
Field Description
Status The link status. Note that LAN2, LAN3, and LAN4 are guest
networks.
TxPkts The number of packets transmitted on this port since reset or manual
clear.
RxPkts The number of packets received on this port since reset or manual
clear.
Collisions The number of collisions on this port since reset or manual clear.
Tx B/s The average egress line utilization for this port.
Rx B/s The average ingress line utilization for this port.
Up Time The time elapsed since the last power cycle or reset.
36 | Chapter 4: Managing Your Network
Mobile Broadband Wireless-N Router MBRN3000
Connection Status
Click the button on the Router Status screen:Connection Status
This screen shows the following statistics:
Table 6. Connection Status Fields for HSDPA Status
Field Description
Connection Status The status of the Internet connection.
. The modem is scanning for broadband wireless Scanning
networks in your area.
. The router is connected to the Internet.Connected
. The router does not detect a USB No USB Device Attached
modem connected to its USB port. Either the modem is
disconnected, or it is not correctly seated. To correct the problem
remove the modem and reinsert it into the port.
Received Signal Quality (in dbm) Modem radio reception. A small, negative number indicates good
signal quality.
Bytes Transmitted The number of bytes transmitted in the most recent connection
session.
Bytes Received The number of bytes received in the most recent connection session.
Tx B/s The transmission rate.
Rx B/s The receiving rate.
System Uptime Time elapsed since the last reboot.
Connection Duration The time elapsed since the most recent connection to the Internet.
Available Networks The broadband wireless networks available in your area.
Chapter 4: Managing Your Network | 37
Mobile Broadband Wireless-N Router MBRN3000
Viewing Attached Devices
The Attached Devices screen shows all IP devices that the router discovered on the local
network. From the main menu, under the Maintenance heading, select Attached Devices:
For each device, the table shows the IP address, device name if available, and the Ethernet
MAC address. If the router is rebooted, this data is lost until the router rediscovers the
devices. To force the router to look for attached devices, click the button.Refresh
Viewing, Selecting, and Saving Logged Information
The router logs security-related events such as denied incoming service requests, hacker
probes, and administrator logins. If you enabled content filtering in the Block Sites screen,
the Logs screen can show you when someone on your network tries to access a blocked site.
On the router menu, below the Content Filtering heading, select Logs to display this screen:
Note: You can enable e-mail notification to receive these logs in an e-mail
message. See “Enabling Security Event E-mail Notification” on
page 39.
38 | Chapter 4: Managing Your Network
Mobile Broadband Wireless-N Router MBRN3000
Log entries and action buttons are described in the following table.
Selecting Which Information to Log
Besides the standard information listed previously, you can choose to log additional
information. Those optional selections are as follows:
Attempted access to blocked site
Connections to the router menu
Router operation (start up, get time, and so on)
Known DoS attacks and port scans
Saving Log Files on a Server
You can choose to write the logs to a computer running a syslog program. To activate this
feature, select to the radio button or enter the IP address of the server Broadcast on LAN
where the syslog file will be written.
Examples of Log Messages
Following are examples of log messages. In all cases, the log entry shows the timestamp as:
Day, Year-Month-Date Hour:Minute:Second.
Table 7. Security Log Entry and Button Descriptions
Field or button Description
Current time The date and time the log entry was recorded.
Description or action The type of event and what action was taken if any.
Source IP The IP address of the initiating device for this log entry.
Source port and interface The service port number of the initiating device, and whether it
originated from the LAN or WAN.
Destination The name or IP address of the destination device or website.
Destination port and interface The service port number of the destination device, and whether it is
on the LAN or WAN.
Refresh button Refresh the log screen.
Clear Log button Clear the log entries.
Send Log button Email the log immediately.
Apply button Apply the current settings.
Cancel button Clear the current settings.
Chapter 4: Managing Your Network | 39
Mobile Broadband Wireless-N Router MBRN3000
Activation and Administration
Tue, 2002-05-21 18:48:39 - NETGEAR activated
[This entry indicates a power-up or reboot with initial time entry.]
Tue, 2002-05-21 18:55:00 - Administrator login successful - IP:192.168.0.2
Thu, 2002-05-21 18:56:58 - Administrator logout - IP:192.168.0.2
[This entry shows an administrator logging in and out from IP address 192.168.0.2.]
Tue, 2002-05-21 19:00:06 - Login screen timed out - IP:192.168.0.2
[This entry shows a time-out of the administrator login.]
Wed, 2002-05-22 22:00:19 - Log emailed
[This entry shows when the log was e-mailed.]
Dropped Packets
Wed, 2002-05-22 07:15:15 - TCP packet dropped - Source:64.12.47.28,4787,WAN -
Destination:134.177.0.11,21,LAN - [Inbound Default rule match]
Sun, 2002-05-22 12:50:33 - UDP packet dropped - Source:64.12.47.28,10714,WAN -
Destination:134.177.0.11,6970,LAN - [Inbound Default rule match]
Sun, 2002-05-22 21:02:53 - ICMP packet dropped - Source:64.12.47.28,0,WAN -
Destination:134.177.0.11,0,LAN - [Inbound Default rule match]
These entries show an inbound FTP (port 21) packet, User Datagram Protocol (UDP) packet
(port 6970), and Internet Control Message Protocol (ICMP) packet (port 0) being dropped as
a result of the default inbound rule, which states that all inbound packets are denied.
Enabling Security Event E-mail Notification
To set up the router so that you can receive logs and alerts by e-mail, select Email from the
router menu to display the following screen:
40 | Chapter 4: Managing Your Network
Mobile Broadband Wireless-N Router MBRN3000
To receive alerts and logs by e-mail:
1. Select the Turn E-mail Notification On check box.
2. Fill in the fields to send alerts and logs through email.
Your Outgoing Mail Server. Enter the name or IP address of the outgoing SMTP
mail server of your ISP (such as mail.myISP.com).
Send to This E-mail Address. Enter the e-mail address where you want to send the
alerts and logs. Use a full e-mail address, such as ChrisXY@myISP.com.
My mail server requires authentication. Select this check box if you need to log in
to your SMTP server to send E-mail. If you select this feature, you must enter the user
name and password for the mail server.
Tip: If you cannot remember this information, check the settings in your email
program.
3. Specify when you want the alerts and logs to be sent:
Send alert immediately. Select the corresponding check box if you would like
immediate notification of a significant security event, such as a known attack, port
scan, or attempted access to a blocked site.
Send logs according to this schedule. Specifies how often to send the logs: Hourly,
Daily, Weekly, or When Full.
-Day for sending log. Specifies which day of the week to send the log. Relevant when
the log is sent weekly.
-Time for sending log. Specifies the time of day to send the log. Relevant when the
log is sent daily or weekly.
If the Weekly Daily, , or Hourly option is selected and the log fills up before the specified
period, the log is automatically e-mailed to the specified e-mail address. After the log is
sent, it is cleared from the router’s memory. If the router cannot e-mail the log file, the log
buffer might fill up. In this case, the router overwrites the log and discards its contents.
4. Click Apply so that your changes take effect.
Running Diagnostic Utilities and Rebooting the
Router
The router has a diagnostics feature. You can use the Diagnostics screen to perform the
following functions from the router:
Ping an IP address to test connectivity to see if you can reach a remote host. If Ping VPN
is enabled, the ping packet always goes through the VPN if the VPN tunnel is enabled
and working.
Perform a DNS lookup to test if an Internet name resolves to an IP address to verify that
the DNS server configuration is working.


Produkt Specifikationer

Mærke: Netgear
Kategori: Router
Model: MBRN3000

Har du brug for hjælp?

Hvis du har brug for hjælp til Netgear MBRN3000 stil et spørgsmål nedenfor, og andre brugere vil svare dig